On Mon, 2 Oct 2000, Jon Callas wrote:
5.2.3.24. Features
(array of one-octet values)
We need a number for this signature sub packet.
1 - Modification Detection (packets 15 and 16)
If an implementation implements any of the defined features, it
SHOULD implement the features subpacket, too.
I have a problem with this. Currently PGP 7 and GnuPG 1.0.2
implement this feature and use packets 15 and 16 when Twofish is
used. A year back or so we had a long discussion about this MDC
packets and the use of Twofish. I suggested that we should wait
with using Twofish until we had figured out how to do this MDC and
the require implementations to use the MDC packet if they use a
cipher with a blocklength not equal to 64 bits.
Requiring to use the MDC only if the feature packet is present
makes the code more complicated because an implementation has to
check the cipher preferences and the MDC feature.
The feature packet is a good thing because it enables us to use the
MDC even with with CAST5 or 3DES. It should however say that this
feature is implictly assumed when a symmetrical cipher algorithm
with ablocklength different from 64 bits is used (or explitly
enumerate algorithms). I'd also appreciate if we can say that the
use of the MDC is a SHOULD for such algorithms.
Werner
--
Werner Koch GnuPG key: 621CC013
OpenIT GmbH http://www.OpenIT.de