Jon Callas <jcallas(_at_)NAI(_dot_)com> writes:
Do we agree now that the right thing to do is to start with a 16-byte IV,
encrypt 16 bytes, sync with 2 and then continue? That's what I thought we
all agreed on. If we agree that, then we don't have a problem, we have an
elided description that needs to be expanded when we revise the RFC. I
believe, though, that that's the right thing to do, work with full blocksizes.
We use a 8 byte IV for encrypting the secret key material; see
section 5.5.3. Do we keep this 8 bytes or extend it to the blocksize?
Werner Koch at guug.de www.gnupg.org keyid 621CC013