ietf-openpgp
[Top] [All Lists]

Re: [openpgp] SHA3 algorithm ids.

2015-08-11 11:05:38
On Tue, 11 Aug 2015 14:30, paul(_at_)nohats(_dot_)ca said:

openpgp is unique in that there is a _very_ long validity time required
for some algorithms, so one could verify a 20 year old message, even if
that security 20 years later is questionable (eg breakable)

I think that it is not yet the time to discuss deprecation of algorithms
or new standard preferences; this can and should be delayed until we
have done the bulk of 4880bis work.

Yes, but I don't see why we need to have 6 versions of SHA3 on standbye.

Only 4 can be used as direct replacements.  SHAKE would only make sense
if we adjust the used signature algorithms.

openpgp validity / security is measured in years, and as such,
performance don't really come to play when considering algorithms.

Having the ids allocated allows to switch to them without much
discussion.  If you really want, we could also say these numbers are re
severed for SHA3 so that it is clear that they should not be used.  But
that is bascially what RFC-7120 does after a year.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp