Re: [openpgp] Expiration impending: <draft-ietf-openpgp-rfc4880bis-01.tx

On 07/04/2017 10:33 AM, Werner Koch wrote:
> On Mon,  3 Jul 2017 21:51, rjh(_at_)sixdemonbag(_dot_)org said:
>
> > The latest draft minimizes (but does not eliminate) SHA-1.  3DES is
> > still a MUST-implement algorithm, and will likely be so for the ongoing
> The problem with TripleDES is that it is the only implicit symmetric
> algorithm preference.  This makes it hard to remove.  However there is a
> way to do that: We should define a new key flag requesting the use of
> the to-be-specified new Symmetrically Encrypted Data Packet.  That new
> data packet will require the use of a 128 bit block length algorithm and
> can also require that AESnnn is the new implicit symmetric algorithm
> preference.
Given that we're introducing a new keyblock version anyways, can't this
just be the default for v5 keys, which anyways requires updating on
implementations to support? iirc something similar is done in RFC6637
for ECC keys already

-- 
----------------------------
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
"History is a gallery of pictures in which there are few originals and
many copies."
(Alexis de Tocqueville)

signature.asc
Description: OpenPGP digital signature

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp