[Top] [All Lists]

Re: [openpgp] Intent to deprecate: Insecure primitives

2015-03-16 12:18:47
On 3/15/2015 at 11:56 PM, "Daniel Kahn Gillmor" 
<dkg(_at_)fifthhorseman(_dot_)net> wrote:

Yahoo has deprecated, and intends to disable support for all 
uses, of
the following primitives and packet types specified for use with
OpenPGP v4:

- Symmetric cipher algorithms: IDEA, TDES, CAST5, Blowfish, 


All previous OpenPGP have had a MUST implement for 3DES.
Is there any advantage in using only block 64 symmetric encryption primitives, 
to do away with 3 DES, IDEA and CAST 5?

In general, won't removing these primitives make it difficult to decrypt past 
correspondences where people have used these primitives?
(The default for symmmetrically encrypted GnuPG messages has been CAST5 for a 
long time in the past, -i.e. many many encrypted messages ...)


openpgp mailing list