ietf-openpgp
[Top] [All Lists]

Re: V3 secret keys

2006-02-07 04:52:19

Hal Finney wrote:
Daniel Nagy writes:
I sincerely hope that this whole mess will be cleaned up with V5, where
there seems to be a consensus not to implement encrypted private key packets
at all, but put unencrypted private key packets into integrity protected
symmetrically encrypted packets instead.

I haven't participated in the recent discussion, partly because I think
it is a little premature until we get the current spec put to bed.

I am not sure I like this idea.  We'll need to retain the old mechanism
for many years at least, requiring us to support yet another set of
incompatible mechanisms.  And I don't know if the new proposal really
simplifies things much.

Surely you should already support this method?

Complications have been pointed out regarding sending multiple keys
encrypted with different passphrases, requiring us to explicitly support
multiply-concatenated symmetric-encryption & SKESK packets, which is
not necessary at present.

It isn't?

It might require us to bite the bullet and
clarify exactly what sequences of packets are legal, with possible
backwards-compatibility problems.

Hmm. My implementation will eat _any_ sequence of packets.

-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

<Prev in Thread] Current Thread [Next in Thread>