On 10 April 2015 at 09:58, Derek Atkins <derek(_at_)ihtfp(_dot_)com> wrote:
Werner Koch <wk(_at_)gnupg(_dot_)org> writes:
On Fri, 10 Apr 2015 15:23, phill(_at_)hallambaker(_dot_)com said:
There is no need to have an algorithm field, a version field is
sufficient because we should only be using one algorithm at a given
Right. However an algorithm field is as good as a version field because
they have the same purpose in this context. An algorithm field saves us
a mapping to the actual algorithm. Recall that OpenPGP uses an
one-octet indentifier and not an OID.
I'm with Werner on this one. There's not a significant difference
between a version field and an algorithm field. Either option adds a
single byte to the data structure, but using a version field requires
additional lookup map (from fingerprint version # to hash algorithm).
Well, say we choose SHA-3, and say Algorithm 1 is SHA-3. In 5 years,
where we learned our lesson and want to hash a different set of data
for the fingerprint, but SHA-3 is still fine, wouldn't that be a
problem?
-tom
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp