On Fri, 27 Oct 2017 10:12:51 +0000
Ronald Tse <tse(_at_)ribose(_dot_)com> wrote:
Again, OCB is proposed to be a MAY algorithm, not a MUST or even a
SHOULD — if someone doesn't like it, there is no need to prevent
others from using it.
I'd like to support what Paul Wouters was saying earlier in this thread.
Don't add multiple algorithms unless there isn't a very good reason for
it. Add one that is good for everything. Having a "may" algorithm only
adds unneeded complexity that is more likely to cause any security
issues than any potential disadvantage any modern AEAD has.
The GPG protocol is far more complex than it has to be.
One more note: Given that I don't see a particular rush in getting a
new RFC out you may simply wait for the CAESAR competition and choose
one of the resulting AEADs.
--
Hanno Böck
https://hboeck.de/
mail/jabber: hanno(_at_)hboeck(_dot_)de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp