[Top] [All Lists]

Re: I-D ACTION:draft-ietf-openpgp-camellia-00.txt

2007-11-26 16:41:54

Hash: SHA1

If folks could comment on this draft, I'd appreciate it.

There may well be nothing to say (the draft is not particularly
complex or controversial), in which case a "looks sane to me" comment
would be appreciated.  It's hard to tell the difference between
silence because there are no objections and silence because there is
no interest.

It looks sane to me. However, while RFC3713 specifies clearly that  
Camillia has a 128-bit block, I think you should too. Because of the  
eccentricities of what we do with CFB, block size is very important.  
I think it's wise to point out that has the same block size as AES  
and Twofish. It's just another sentence.

One last question is why only 256-bit keys? Why not 128 and 256 (I  
don't see the point of 192-bit keys, myself)? There are many good  
answers to the question. For example, if Rijndael were not the AES  
and we were adding it in, a good answer would be that Rijndael-256 is  
only about 20% slower than Rijndael-128, and because of that, most  
people will use the 256-bit keys anyway; most Rijndael applications  
just go right to 256. Another answer, less good, is that we don't  
want to consume two cipher numbers. If there is a good technical  
reason, then it might also be good to put it in the draft, because  
people will wonder and presume that it's just because we only want to  
use one cipher number if you don't.

Your draft is nice and elegant and short, and so you can add in a few  
more explanatory sentences. It will make the developer's life easier.


Version: PGP Universal 2.6.3
Charset: US-ASCII