To the new editor to be (Cc: Jon):
I'd suggest several things:
- KISS
- move "political" statments to chapter 'Security Considerations'.
But leave illegalness statements in place -but move warning policy
on receiving- especially:
+ MessageID must not generated.
+ UserIDs without self-signature are invalid.
+ Keys without UserIDS are invalid.
+ Keys with different key usage are invalid.
+ Group keys other than communciation encryption are invalid.
+ Other than storage keys with Data Recovery Key extensions are invalid.
+ Everything I alzheimered ;-)
- Add Adam's anti-gak principles into chapter 'Security Considerations'.
- introduce a new section in chapter 'generic data types' called
'algorithm identifier octet' and subdivide it into:
+ 'symmetric algorithms'
EDE-DES(SHOULD), IDEA(MUST), Cast5(MAY), Blowfish(MAY),
SAFER128(MAY), ...
IDEA is must, because it is the default and backward compatible.
All algorithms use the mode described in Packet 'Symmetrically
Encrypted Data'. Other modes (OFB, CBC, ...) are not used.
+ 'asymmetric algorithms'
ElGamal(never mention D-H!, SHOULD), RSA(MUST), DSS(MAY), ...
RSA is must, because it is backward compatible.
+ 'message digest algorithms'
MD5(MUST), SHA1(SHOULD), MD2(MAY), ...
MD5 is must, because it is the default and backward compatible.
+ 'compression algorithms'
ZIP(MUST), ...
I'm waiting for a detailed description of a fast algorithm with a
significant better compression rate for text. This was outsourced to
the local university last Tu.
- key server communications describe a protocol of exchanging the hash of
a level seven octet stream containing the WHOLE public key with user IDs
and certificates. Define an order for this! I.e: User-IDs: primary
followed by creation time descending. Certificate order:
self-certificate followed by creation time ascending. Key revokation
certificate removes all userIDs and certificates. Self-certificate
revokation certificate removes all other certificates.
- LADP keyserver based on draft-ietf-asid-pgp-02.txt by Roland Hedberg.
- DNS keyserver based on a similar draft for distributed servers.
- eMail keyserver based on the old (sic!) pgp net keyservers.
- MIME is recommended as layer six. Ascii Armor MUST be readable and SHOULD
generatable.
- Detailed description of the two other trust models in PGP 5.x incl.
the new Keyring Trust Elements.
- Use 'Element' or 'Packet' depending on the ballot result published later
today.
- Detailed description of the missing algorithms:
+ Armor Checksum.
+ String to Key.
+ Everything I alzheimered.
- Everything I alzheimered.
Good luck.