[Top] [All Lists]

consensus was not against verification packets (Re: Message Integrity)

1999-04-22 01:26:28

Jon Callas writes:
The consensus that I've seen is against overloading message integrity on
signature packets. 

I disagree.  Perhaps you weren't reading.

Tom Zerucha and Werner Koch sounded like they were going to try out
verification packets.  I argued for the approach also.

Hal Finney presented the bundled MDC+encrypt approach, and did a
trial implementation.  

Uri Watson at first argued against verification packets based on ease
of implementing bundled MDC+enc, but revised that to neutral, viz:

Tom wrote:
Uri wrote:
If you want an MDC, and there is already a place for MDCs, then it should
go there if the format can be adapted.

OK, I don't object as strongly any more. I'm neutral now.

So I tally that as 3 verify packet, one bundled MDC+encrypt, and one
neutral.  You breeze in late and call that a concensus for

We also discussed it in Orlando, and there was great consensus
against it there. 

I wasn't at Orlando.  No minutes were ever posted that I discovered.
Decisions are supposed to be made on list.

I confess that personally, I also question the wisdom of separating
them. Especially if it requires a shared key.

What shared key?  PRZ proposed SHA1 not a keyed MAC.

print pack"C*",split/\D+/,`echo "16iII*o\U(_at_){$/=$z;[(pop,pop,unpack"H*",<>