ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: A question on Twofish / AES / PGP

1999-03-09 03:34:04
from [Simpson, Sam] [Permanent Link] 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Many thanks to all the people who replied (and set me straight on
several issues).

I won't reply individually to save list bandwidth, but I have a
few comments:


William H. Geiger III wrote:


Well IMHO we have enough good symetric cyphers in there right

now:

I agree totally!  There is no (IMHO) rush to add algorithms.  I
am not convinced that Twofish is special enough (sorry Bruce!) to
make an exception to add it to the OpenPGP standard at this
point.


Jon Callas wrote:

Two groups of developers, the NAI/PGP group and the GNU Privacy

Guard

group, have each said that they want to put Twofish into their
implementations.[...]


Is there a document somewhere detailing the selection criteria or
was it a "gut-feel"?  (Not that "gut-feels" are totally a bad
thing...)


If you disagree strongly, and believe that the consensus has 
gone the wrong way, keep arguing!


I do disagree with the special status that's being given to
Twofish (or rather, I'd like to know the rationale), but since
I'm new to this forum I'm not going to upset people on an issue
that this has been previously discussed and agreed upon.

I agree totally with your point that the "receiver chooses the
algorithms" - but will users have the sense not to switch Twofish
on (or switch it off if it's going to be on by default) -
especially in view of the "trendy" status of Twofish.


Werner Koch wrote:


According to Schneier, we should replace
Blowfish by Twofish right now because he (and others too)

trusts

Thwofish more.


This appears to be contra advice given by Schneier in sci.crypt,
but anyway.....



Again, many thanks for your thoughtful & polite replies.  It is
my intention to remain subscribed to this list, so I look forward
to speaking to you all more in future.


Fond regards,

Sam Simpson
Communications Analyst
- -- http://www.scramdisk.clara.net/ for ScramDisk hard-drive
encryption & Delphi Crypto Components.  PGP Keys available at the
same site. 


-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2

iQA/AwUBNuT6Wu0ty8FDP9tPEQJMsACfVbeP3heeppDm5neEvKfFPTe7hu4AnRa7
i3BN4E9XXGaf9ayDB53tXim8
=rDPo
-----END PGP SIGNATURE-----
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: key flags -- what do they mean?, William H. Geiger III
Next by Date:  RE: A question on Twofish / AES / PGP, Jon Callas
Previous by Thread:  Re: A question on Twofish / AES / PGP, Jon Callas
Next by Thread:  RE: A question on Twofish / AES / PGP, Jon Callas
Indexes:  [Date] [Thread] [Top] [All Lists]