ietf-openpgp
[Top] [All Lists]

Re: bis-16 comments

2006-05-09 07:40:11

On Mon, May 08, 2006 at 02:52:30PM -0700, Jon Callas wrote:

In section 9.3. Compression Algorithms, suggest adding:

   Algorithm 0, "uncompressed," may only be used to denote a
   preference for uncompressed data in the preferred compression
   algorithms subpacket (section 5.2.3.9). Implementations MUST NOT
   use uncompressed in Compressed Data Packets.

(We had the same problem with using cipher algorithm 0 in encrypted
data packets, and made that MUST NOT as well)


I want to quibble over this one.

The reason we don't allow 0 in encrypted packets is because we don't  
want to have "encrypted" data. It's a security reason. There's no  
security reason here. While it's perhaps stupid to make a compressed  
packet that has no compression (you could just have a literal  
packet), there is no *security* reason to object to it.

Also, there's no particular code reason to object to it, either; you  
have to handle the case, and rather than error out, why not just  
proceed?

You're right.  It's better left out.

David

<Prev in Thread] Current Thread [Next in Thread>