-----BEGIN PGP SIGNED MESSAGE-----
At 06:14 3/21/98 , William H. Geiger III wrote:
User x generates keys using WimpyPGP(tm) that only supports the bare
minimum of algorithms. He now goes and updates to SuperPGP(tm) that has
every algorithm under the sun. Before anyone can send him any messages
encrypted with the one of the "new" algorithms he must update his keys and
re-distribute it.
I don't believe anyone has responded to the issues raised in this example.
Concretely: the list of algorithms on the key does not necessarily
represent the list of algorithms the user('s programs) can or will accept,
because users can change their applications and preferences faster than
they can update the cosmic keyring. This alone makes a hard-line send
limitation questionable. The real world is just a little more complex and
dynamic than the code or standard can touch; the users - at both ends, by
common agreement - need the ability to override.
I'm not willing to go quite as far as whgiii, in saying that the sender
alone has complete right to choose the algorithm: there's little value to
sending a message that the recipient actually can not decrypt - except,
maybe, to rub his nose in it? But there's a real question as to whether
the copy of the key that's on the sender's ring accurately reflects
reality. In such a case, the "conservative on send" policy is to allow the
user some kind of override.
I grant the legitimate need and right of the recipient to forcibly refuse
certain algorithms, in order to protect his own privacy. But this indirect
algorithm choice must always first of all be expressed by noncryptographic
means ("when you send stuff to me, be sure to encrypt it"); adding "... and
never use 3DES" doesn't seem too great an imposition.
Can this standard (which is, after all, about bits and bytes, not about UI)
say something like "the implementation MUST NOT encrypt with an unlisted
algorithm without dire warnings to the sender"?
///// Informix Software Inc. Jack Repenning
////\ / Config/Release Mgmt jackr(_at_)informix(_dot_)com
///// / 4100 Bohannon Drive M/S: 4100/2
///// / Menlo Park, CA 94025 FAX: 650/926-6571
///// / PAGE: 800/782-9089 VOICE: 650/926-1044
///// / PGP/RSA: D24B E2C2 9AFB 7C24 : 7E59 7885 525D 644E
///// PGP/DSS: 955C 44AD 8FCE 77D4 9494 : 4AB2 51F1 3EED 3B82 E870
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5.3
Comment: It's the Internet -- Do you know where your email is?
iQCVAwUBNRbtd/ZcZabmffV9AQGDbQP9Hd/4w8agWBvz+7SxwllbmthRRIBNkKjy
1o8jzXsywPDm2bCKQ5Jn7EcX2ZXdz8w9xH31AgrVV9QozyCSTPDvo4iX2q0bqyN5
LoergM/Uh3RhsWH6vf2eraLTDAv2DMbHFGe6fuT8zrai98HDP6HEQ3YoymOJJB2j
oHRlDmA9mds=
=oXq6
-----END PGP SIGNATURE-----