On Tue, 13 Apr 1999, Werner Koch wrote:
But I think this is still the most simple solution and we should do
it. A more sophisticated solution could be to put MDCs every n byte
into the data to help early detection of modification. However this
has not much to do with offline encryption but with online protocols
like SSH. So I suggest we keep the simple solution but use use a new
packet type for it.
This could be implemented with a new packet-stream type, so that the
partial packets could append X bytes. Putting an MDC at the packetization
level is better than at the crypto level. I.e
(1:4096)(4096:data)(MDC:20)...(1:17)(17:data)(MDC:20)
I think it is bad style to change a standard which already defines how
to handle different blocksizes (albeit with some conflicts).
Which is why I call it a different "method". The spec already has
something for the existing method (PGP/CFB) with larger block sizes, and
my implementation is set up to handle these correctly, at least as far as
I have been able to verify.