ietf-openpgp
[Top] [All Lists]

Re: Simplified OpenPGP

2007-11-07 12:51:36

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I also agree this is a great idea. It's one of those things I wanted  
to do a decade ago.

What we're talking about is creating a *profile* of the base  
standard. The idea is that in general, you stick to the profile, and  
the profile allows less work on implementers. If the profile is  
successful in the wild, you can start deprecating the other features.

Here are some things I might put in a profile:

* Use only new-style headers and 5-byte lengths.

* Use only AES-128 or AES-256. You have to implement 3DES, but don't  
use it.

* Use only RSA 4096 bit public keys

* Use SHA-256 and SHA-512 only.

* Never use anything but an iterated-and-salted S2K.

        Jon


-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 2.6.3
Charset: US-ASCII

wj8DBQFHMg/9sTedWZOD3gYRArAWAJ4sFUE3mxnPOwL9Fpc3EKOX8kqtuQCgp0Ft
MteJihOenFBwkDGTjlYTYlA=
=1LoA
-----END PGP SIGNATURE-----

<Prev in Thread] Current Thread [Next in Thread>