ietf-openpgp
[Top] [All Lists]

Re: I have a technical idea/change for the ECC draft

2008-05-07 06:56:29

"David Crick" <dacrick(_at_)gmail(_dot_)com> writes:

What do we loose if we
instead use "this key replaces TrippleDES implicit algorithm with AES-128"
notation? This would be beneficial for RSA keys too.

what if we have:

Alice: {AES256, AES128, AESover3DESflag [, 3DES implicitly]}
Bob: {3DES [, AES128 implicitly]}

Then Bob or his software could legitamately choose 3DES.

whereas:

Alice: ECC-384/521 key with {AES256, SuiteBOnly}  and
Alice: ECC-256 key with { [AES128 implicit], SuiteBOnly}

would refuse to encrypt with anything except AES256 and
AES128 respectively.

I think there's a fundamental mismatch between OpenPGP-style key
preferences and Suite B thinking.  As a sender, with labeled
information, you can only use approved algorithms.  Thus, if a recipient
doesn't list the approved algorithm, you just can't send them mail.  The
OpenPGP-style key preferences are in my view primarily to ensure
interoperability and allow for algorithm transitions over long
timescales.

Are we proposing sender-side rules to match labels to approved
algorithms?  It seems inadequate to put 'SuiteBOnly' as a key preference
on recipients.

<Prev in Thread] Current Thread [Next in Thread>