Ian Grigg <iang(_at_)systemics(_dot_)com> writes:
In the spirit of improving the codability of
OpenPGP, I'd suggest it be replaced with a
standard textbook or FIPS mode.
<chair hat>
In the interest of finishing the OpenPGP work, I claim it is too late
in the process to make such a major change to the protocol in terms of
losing compatibility with all prior versions. Having implemented this
non-FIPS mode, it is NOT that complicated, and the text we have that
describes it (indeed, the text in RFC 1991 that described it!) has never
been a hinderance to implementation.
The only questions have been "why do you do it this way?" which is not
IMHO a reasonable reason to force a change at this late date. It may
be a reasonable reason to add text explaining why we do it this way,
or comparing it to the FIPS CFB mode, but that could go in an appendix
just as easily as it could go into the text.
</chair hat>
-derek
--
Derek Atkins
Computer and Internet Security Consultant
derek(_at_)ihtfp(_dot_)com www.ihtfp.com