[Top] [All Lists]

Re: [openpgp] Hybrid proposal for algorithm identifiers

2015-03-24 18:17:57
On 24/03/2015 16:46 pm, Phillip Hallam-Baker wrote:

* Maintaining algorithm registries takes time and effort
* Modern best practice for algorithms rejects the idea that more algorithms is 
   * The security of the system is determined by the weakest algorithm an 
attacker can persuade you to use,
   * One Mandatory to implement plus a reserve is generally emerging as best

I would say One+One is emerging as a centrist compromise. On the left, there are the pluralists, and on the right, there are OneTrueBelievers.

Personally, I think the numbers are balanced between the right and the center, with the left (many) now a clear minority party. Or at least, that's what a straw poll showed about 6 months back.

* Support for vanity crypto is an unfortunate necessity.

That ... is an argument I'd love to see fleshed out.

* ASN.1 OIDs are kind of obnoxious
* Suites don't work
* Most OpenPGP folk would like to use short identifiers

For many years I have wanted a way to move discussion of vanity crypto out of 
the IETF, etc. If we touch a spec, the vendor can pretend that we endorse it.

So what I propose is a two level scheme:

Mandatory and Recommended algorithms are registered in a short identifier 

For everything else there is a reserved 'escape code' that states the algorithm 
is specified by OID.

OIDs do get a little large sometimes. But they do have the advantage that 
nobody can claim that they have IETF endorsement. That is not true of any 
scheme we could devise ourselves.

This approach means that there is a real difference between being one of the 
supported algorithms and the recommended algorithm.

Assuming your premises, this is a good proposal.


openpgp mailing list