On Wed, 7 Nov 2007 00:04, hal(_at_)finney(_dot_)org said:
The goal is to create a subset of OpenPGP which is backwards compatible in
that messages created in this subset can be read by old OpenPGP clients,
but not vice versa. The most widely used OpenPGP clients that participate
here can be updated to only create in the subset. Then new implementors
can ignore some fraction of the spec, making their job somewhat easier.
I agree to define a subset for a minimal implementation.
However I don't think we will ever be able to drop all of the old cruft
from the specs. Too many data has been encrypted and signed using
OpenPGP and thus there is a real need to be able to process such data.
BTW, the bit twiddling we use and the various ways of encoding packet
headers are still much simpler than the X.509 or CMS way of describing
and encoding things. Creating a fully compliant OpenPGP parser is not a
big task and actually very simple code. Compare that to a full BER/DER
parser as required by X.509/CMS.
I don't see creating a new specification based on these principles
as an enormous task. It is merely another way of encoding the same
information that is already described in the spec. Ideally we could
That would not be anymore OpenPGP but a new protocol. I doubt that
there is a community interest in doing so. CMS is getting used more and
more and OpenPGP already has a hard time to stand up against CMS.
Adding a new variant of OpenPGP would be the death for it.
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.