Ok - so what's the threat model here? Are we really expecting AES to be
broken anytime soon? Really?
As a police officer friend of mine is fond of saying, nobody wakes up in
the morning and says "today I think I'll need my body armor."
I doubt that anyone working on the RFC really expects AES to be broken
any time soon. The inclusion of Camellia as a hedge against unpleasant
surprises, though, seems wise.
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp