Tom writes, quoting Werner:
One suggestion: Add a note that the old PGP sync mode is not used with
the wew packet 18.
Did I miss something? The description of the new type 18 packet
indicates a prefix that looks like the PGP-sync prefix used elsewhere.
But I didn't see the resync operation that is done everywhere else (I
didn't read that carefully).
So if I understand correctly, we are going to use the prefix but NOT
going to do the resync?
That's correct. This is for two reasons: one is that the sync is nonstandard
and has caused problems. Perhaps someday we can deprecate the old symmetric
encryption packet and eliminate the sync altogether. The second reason is
to make the encrypted data in these packets more different from the data in
the old packets, making it less likely that an attacker could turn a new
packet into an old one.
Maybe as Werner said the spec should have an explicit note confirming that
the sync is not done in this packet.
Hal