Hi Peter,
We can of course raise the bar by excluding types 1 & 3 entirely.
1 and 3? I assume you mean 0 and 1, with 2 being unused anyway.
I meant 0, 1, 3 - thus only allowing to generate (the new Argon2i-based)
4. Sorry for the confusion.
There should
really only be a 3, a straight hash or salted hash is barely better than just
using the password directly.
That is certainly one of the safest options for actual passwords, but
gets in the way of symmetric keys (cheaply) being used as passphrases.
Are you content with rather limiting the permitted use case for type 1
(and not allowing type 0) as per my previous mail in response to Werner
(and pushed to
https://gitlab.com/ndurner/rfc4880bis-s2k/blob/master/misc/id/rfc4880bis/middle.mkd)?
Regards,
Nils
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp