I think we're ready for the final push on Camellia. All of the
suggested changes have been incorporated, and if folks could give it a
final read, I'd appreciate it:
http://www.ietf.org/internet-drafts/draft-ietf-openpgp-camellia-01.txt
I had a look over this (-01) when you first posted it, and couldn't
find fault.
I would particulary appreciate comments on the choice of 128 and
256-bit keys (that is, lacking 192). I tend to agree with Jon that
192 is neither here nor there, but I'm also a major fan of
consistency. If we're going to include 192 for the ECC work, then
it's odd to leave it out here.
I suggested in my comments on the most recent (-07) ECC draft
that we should explicitly deprecate AES-192 in ECC; I'd be tempted
to say the same about Camellia-192, but I equally see the point of
having an alternative to *each* of the three AES cipher lengths.
So I think I'm abstaining on Camellia-192 - I'm not going to speicifically
ask/vote for it to be included, but at the same time I won't protest if
others wanted it in.