dontspam-tzeruch(_at_)ceddec(_dot_)com says:
I'm for adding a checksum. Would be more reliable too. [Possibly it's
too late for that... Oh well...]
And was rejected when I originally suggested it although I brought up this
specific problem, though not in the context of block ciphers. Right now
you have to stack each passphrase for a try (and may still get wrong 1/64k
of the time). Were there a checksum you could tell if any SKESK was
correct before going further in the header, just as you can tell if the
PKESK is correct.
At the time, it would have only broken PGP 5.0. Now it would break at
least two more implementations.
So maybe it should be reopened now? After all, what's right is right,
and what's wrong will turn around and bite your ***, eventually. And
it seems that the "biting-time" with no-checksum is approaching...
--
Regards,
Uri uri(_at_)watson(_dot_)ibm(_dot_)com
-=-=-=-=-=-=-
<Disclaimer>