-----BEGIN PGP SIGNED MESSAGE-----
In
<3(_dot_)0(_dot_)3(_dot_)32(_dot_)19980320175814(_dot_)03e51ae0(_at_)mail(_dot_)pgp(_dot_)com>,
on 03/20/98
at 05:58 PM, Jon Callas <jon(_at_)pgp(_dot_)com> said:
The most important is what the symmetric algorithm preference is. It's a
list of symmetric algorithms that the keyholder accepts. If an algorithm
is not in the list, then the keyholder doesn't speak it, and consequently
an implementation MUST NOT use an algorithm absent from that list. If
that packet is absent, then it is implicitly stating a preference for
3DES, and all keys implicitly accept 3DES even if unstated.
Well Jon and I are in disagrement on this issue.
It is my position that algorithm preference is just that, a preference,
and the final desision of what algorithms to use should be the sole
decision of the owner of the document (ie the sender).
This covers the whole gauntlet of algorithms (symetric, hash, compression,
PKE). Now in most cases one would want to honor the recipiants preferences
other times one would not. IMHO this should be a SHOULD item not a MUST
item in the spec.
- --
- ---------------------------------------------------------------
William H. Geiger III http://users.invweb.net/~whgiii
Geiger Consulting Cooking With Warp 4.0
Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 2.6.3a at: http://users.invweb.net/~whgiii/esecure.html
- ---------------------------------------------------------------
Tag-O-Matic: I love running Windows! NOT!
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a-sha1
Charset: cp850
Comment: Registered_User_E-Secure_v1.1b1_ES000000
iQCVAwUBNRMkDo9Co1n+aLhhAQE6DwQAxX1GQ3oFmDsFHlU2rjX1wTln1yDyFOm9
8XhXq9UBHZ8z97GO+oiRcZUs/clxeZFO9h005lUVGJmZnPlSv2y+IKqxVo2P6pm5
2udboYlh4pGGDgu/+sc3wQlASrRoV26FrP4laqULkZw/0zQylsresoxKzkmZ6QV9
GM+u7dcx2sY=
=8ovL
-----END PGP SIGNATURE-----