ietf-openpgp
[Top] [All Lists]

Re: [openpgp] Regulation of algo deprecation

2015-11-04 02:31:33
On Wed,  4 Nov 2015 01:00, azet(_at_)azet(_dot_)org said:

So my impression is that GnuPG / OpenPGP current support far to many
possible algorithm choices. We should really limit that. For novice

Right.  FWIW, I had a meeting in 2000 with PRZ and Jon Callas at the AES
conference in Rome where Phil begged us to limit the number of supported
algorithms.  Nevertheless we added Twofish (which was a high ranked AES
candidate then) anyway due to the need for 128 bit block cipher and
later we added Camellia for political reasons.

CFRG recently recommended Curve25519 (or whatever nomenclature is
currently en vouge), so why bother with Brainpool at all?

I took Brainpool merely as an example.  These curves are not defined by
an RFC but implementations may add them using an OID. Well, this OID
thing is somewhat questionable but then we also do not specify an upper
limit for RSA key sizes or require the support for certain key sizes.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp