[Top] [All Lists]

Re: [openpgp] How to re-launch the OpenPGP WG

2015-03-24 02:51:33
On Tue, 24 Mar 2015 02:48, iang(_at_)iang(_dot_)org said:

  - The use of SHA-1 needs to be replaced.


That was the original plan.  However it turned out that the still not
finalized SHA-3 is meanwhile considered a fallback option in case of new
developments.  SHA-2 has wide support and is already in wide use.  We
only need a new fingerprint style and use that for some designated
revokers etc.

  - A new encryption mode to replace our aging CFB+SHA1 method with a
    fast and standard mode.

Wait for CAESAR, 2017.  It'll take that long anyway.

I am more thinking of OCB; there is a free patent grant for all relevant
parties and the patent will anyway expire by the time a new encryption
format will get in widespread use.

4880 took a decade.  Too long, the OODA loop was bigger than the

Nope.  4880 is a minor update of 2440 which barely took a year to be
released with code ready 6 months earlier.  The major new features in
4880 have been enabled since fall 2000 (MDC packets)

How can we get the WG out of the concluded state?

As long as they don't turn off the list, do we care? ;-)

May I read this and your other remarks that you see no more value in the
IETF process?



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

openpgp mailing list