ietf-openpgp
[Top] [All Lists]

Re: Algorithms and specifiers

1998-03-21 01:06:05
I agree with Jon Callas here - the list of symmetric algorithm preferences
indicates which algorithms the recipient is prepared to accept.
Ignoring the order of them is fine (sender and receiver will often have
different sets of preferences, and especially different order,
so you need to support this in general anyway.)
But if you want to send somebody a message they can decrypt,
you need to send an algorithm they understand.
The usual Internet principle about being conservative about what you send
and liberal about what you accept certainly applies here.
I'd call it a MUST.  DES3 is a special case, since supporting it is a 
MUST, but putting it on your list of preferences probably shouldn't be.

Callas:
The most important is what the symmetric algorithm preference is. It's a
list of symmetric algorithms that the keyholder accepts. If an algorithm
is not in the list, then the keyholder doesn't speak it, and consequently
an implementation MUST NOT use an algorithm absent from that list. If
that packet is absent, then it is implicitly stating a preference for
3DES, and all keys implicitly accept 3DES even if unstated.

Geiger:
Well Jon and I are in disagrement on this issue.
It is my position that algorithm preference is just that, a preference,
and the final desision of what algorithms to use should be the sole
decision of the owner of the document (ie the sender).

                                Thanks! 
                                        Bill
Bill Stewart, bill(_dot_)stewart(_at_)pobox(_dot_)com
PGP Fingerprint D454 E202 CBC8 40BF  3C85 B884 0ABE 4639

<Prev in Thread] Current Thread [Next in Thread>