Hi,
Apparently my message came of the wrong way (and I'm to blame for that,
because of my wording):
Daniel Kahn Gillmor wrote:
On Thu 2015-11-05 04:14:08 +0900, Werner Koch <wk(_at_)gnupg(_dot_)org> wrote:
On Wed, 4 Nov 2015 18:34, azet(_at_)azet(_dot_)org said:
Hrm. I'm against this. CAMELLIA is going to be deprecated in e.g.
You may be against it but it is a matter of fact that CAMELLIA is an
officially assigned OpenPGP cipher algorithm for 6 years.
As discussed in the meeting tuesday, deprecation is a tricky subject for
formats with stored data (as distinguished from on-the-wire network
traffic). people have archives of encrypted data that may still use
this cipher.
Totally agree there. And PGP implementations will support these ciphers
for years because of stored data that might have been encrypted with one
of these ciphers.
We may latter decide to deprecate certain algorithms but that is not a
question right now.
The sense of the room in Yokohama was to deprecate as much as possible,
and encourage a limited, sensible set of algorithms for message creation
and signing. But sensible implementations will likely continue to allow
decryption of these ciphers for years to come.
Yes. But we should discourage further use. I'm not sure if the right
place is the updated RFC or another document entirely. My concern is
that we'll end up with a unmanageable 'cipher-zoo'. I'm happy to help
with such a document and am _not_ trying to get in the way of updating
the current OpenPGP spec.
Hope that clears things up a bit,
Aaron
signature.asc
Description: OpenPGP digital signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp