ietf-openpgp
[Top] [All Lists]

Re: Algorithms and specifiers

1998-03-22 13:39:23
At 06:31 PM 3/21/98 -0600, William H. Geiger III wrote:
This may be part of our misunderstanding here:
I do not accept that the algorithm *preferences* should be a complete
listing of all algorithms that the user is capable of using. IMHO it
should just be what the name implies: a list of prefered algorithms,
nothing more.

I assumed that was your position.  The problem is that there _does_
need to be some mechanism for indicating which algorithms the user
is capable of accepting, so it either needs a separate syntax for 
indicating it, or else it needs to be combined with the preference list.

I'd guess that the people who came up with the current scheme decided
that there was very little practical need to keep them separate, 
so they combined the two functions, and I agree with them.

PGP will probably end up in two main forms
- Commercial PGP from NAI and fellow travellers,
        which will support a wide range of algorithms
        including licensed IDEA and RSA
- Freeware PGP and OpenPGP, which will probably
        not include IDEA for patent-license reasons,
        but will support a lot of other algorithms;
        some will support RSA and some won't.
- Specialized applications for firewalls, smartcards, etc.,
        which will support one or two symmetric algorithms,
        3DES for official standards compatibility and 
        something small and fast that they'll actually use, 
        and they may even skip the 3DES to save space.

Especially in the latter case, if you don't know what 
algorithms someone can accept, you can't successfully send them mail
unless you default to 3DES.
                                Thanks! 
                                        Bill
Bill Stewart, bill(_dot_)stewart(_at_)pobox(_dot_)com
PGP Fingerprint D454 E202 CBC8 40BF  3C85 B884 0ABE 4639

<Prev in Thread] Current Thread [Next in Thread>