-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
If folks could comment on this draft, I'd appreciate it.
There may well be nothing to say (the draft is not particularly
complex or controversial), in which case a "looks sane to me" comment
would be appreciated. It's hard to tell the difference between
silence because there are no objections and silence because there is
no interest.
It looks sane to me. However, while RFC3713 specifies clearly that
Camillia has a 128-bit block, I think you should too. Because of the
eccentricities of what we do with CFB, block size is very important.
I think it's wise to point out that has the same block size as AES
and Twofish. It's just another sentence.
One last question is why only 256-bit keys? Why not 128 and 256 (I
don't see the point of 192-bit keys, myself)? There are many good
answers to the question. For example, if Rijndael were not the AES
and we were adding it in, a good answer would be that Rijndael-256 is
only about 20% slower than Rijndael-128, and because of that, most
people will use the 256-bit keys anyway; most Rijndael applications
just go right to 256. Another answer, less good, is that we don't
want to consume two cipher numbers. If there is a good technical
reason, then it might also be good to put it in the draft, because
people will wonder and presume that it's just because we only want to
use one cipher number if you don't.
Your draft is nice and elegant and short, and so you can add in a few
more explanatory sentences. It will make the developer's life easier.
Jon
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 2.6.3
Charset: US-ASCII
wj8DBQFHS1X3sTedWZOD3gYRAhXFAJwOUBnM1bLUAIdJ7JaTBodUpidZ1wCgtDBp
6qmaQtBNRZM7/zrK4xwkEsU=
=84Bb
-----END PGP SIGNATURE-----