-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
When we started the working group, there were many things that I
thought would be great to "fix." That included OpenPGP CFB. These
days, I care a lot less.
The reason is that while the OpenPGP CFB is eccentric, it's not
wrong. CFB itself has a parallelism with CBC. Just about every thing
you can say about CFB has a parallel thing you can say about CBC. If
you want real change, you'd want to do something else, which has a
different set of issues.
If we put in some new mode, the implementations will have to support
them both for years. If a major or quasi-major implementation balks,
then that time increases. That increases code size and complexity,
and that decreases security.
Unless a mode change is folded in with a compelling other reason, I
don't see it's worth the bother. Every system has warts. This is not
a large one.
Jon
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 2.6.3
Charset: US-ASCII
wj8DBQFHMLaRsTedWZOD3gYRAjQ5AKDyc0OSw22nAp94VNfckcKjWKe0IACfcWde
08obFK5CjIrI8nlo8pFTIGA=
=qbKq
-----END PGP SIGNATURE-----