May I kindly ask if part of the critcal an necessary changes is
sunsetting 3DES, SHA1.
The latest draft minimizes (but does not eliminate) SHA-1. 3DES is
still a MUST-implement algorithm, and will likely be so for the ongoing
future. 3DES has been a MUST algorithm since RFC2440, way back when;
there's a lot of data encrypted with it and the RFC will continue to
require 3DES be supported in order to help interoperate with old traffic.
I expierence in private an buisness live extra efforts to ensure pgp
communication is not using 3DES for example which
costs percious time in our projects.
Why? What problem is presented by using 3DES for your work, which is so
severe that you have to ensure 3DES isn't used?
Seriously: it's still believed to be a strong cipher, there are no
practical attacks on it, and no new attacks are looming on the horizon.
3DES is slow and it only has a 64-bit block size, but for the vast
majority of OpenPGP usage that's not a problem.
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp