On Fri, May 2, 2008 at 6:29 PM, Andrey Jivsov <openpgp(_at_)brainhub(_dot_)org>
wrote:
David Crick wrote:
The submitted version doesn't (yet) have mention of the
...
StrictSuiteB flag / flags.
Given later comments by Derek and your subsequent replies, I think we may
need separate discussion on this.
An alternative that I've just thought of is to do some sort of
"layering":
rfc4880 (base)
-> OpenPGP ECC ("anything goes")
-> Suite-B, and other (e.g. national) "profiles"
So the current "OpenPGP ECC" doc could be completely
re-written, stripping out references to Suite-B (but still
retaining a "relative strengths" section). This would also
simplify the specification.
*Then* we could write a standalone Suite-B doc, which
would specify a constrained sub-set of OpenPGP ECC.
Note, we'd *still* have the "how to make Suite-B strict"
problem, so *still* might require some sort of kludge.
And/*or* we could even just "avoid" the Strict Suite B
issue altogether, and leave it for the implementers!
Since Suite-B users will (by definition) only want to
communicate with other Suite-B users, then they will be
a self-contained userbase, and so can simply not
implement 3DES [and other ciphers].
Meanwhile the rest of us just set AES-256 and AES-128
at the head of our cipher preferences and put up with the
fact that someone may send us 3DES messages (or using
any other cipher for that matter, if they over-ride using
[e.g., in gnupg] --cipher-algo and disregard the warning).