Re: [openpgp] Hybrid proposal for algorithm identifiers

[ianG <iang@iang.org>]

On 24/03/2015 16:46 pm, Phillip Hallam-Baker wrote:
>
> * Maintaining algorithm registries takes time and effort
> * Modern best practice for algorithms rejects the idea that more algorithms is 'better'.
>    * The security of the system is determined by the weakest algorithm an attacker can persuade you to use,
>    * One Mandatory to implement plus a reserve is generally emerging as best


I would say One+One is emerging as a centrist compromise.  On the left, 
there are the pluralists, and on the right, there are OneTrueBelievers.

Personally, I think the numbers are balanced between the right and the 
center, with the left (many) now a clear minority party.  Or at least, 
that's what a straw poll showed about 6 months back.

> * Support for vanity crypto is an unfortunate necessity.

That ... is an argument I'd love to see fleshed out.

> * ASN.1 OIDs are kind of obnoxious
> * Suites don't work
> * Most OpenPGP folk would like to use short identifiers
>
> For many years I have wanted a way to move discussion of vanity crypto out of the IETF, etc. If we touch a spec, the vendor can pretend that we endorse it.
>
> So what I propose is a two level scheme:
>
> Mandatory and Recommended algorithms are registered in a short identifier registry.
>
> For everything else there is a reserved 'escape code' that states the algorithm is specified by OID.
>
>
> OIDs do get a little large sometimes. But they do have the advantage that nobody can claim that they have IETF endorsement. That is not true of any scheme we could devise ourselves.
>
> This approach means that there is a real difference between being one of the supported algorithms and the recommended algorithm.


Assuming your premises, this is a good proposal.

iang