On Thu, 18 Jan 2018 12:38, o(_dot_)nickolay(_at_)gmail(_dot_)com said:
Yep, some statement like ‘symmetric algorithm in previous v4 SKESK/v3 PKESK
packets should be ignored for AEAD packet’ will make things more clear.
However, should it be allowed to use v4 SKESK with AEAD encrypted data packet?
It won't harm but it is useless to allow this because implementations
supporting AEAD should not have any problem to support a v5 SKESK.
The only reason I can imagine that this is useful is to allow
re-encryption of existing data to an existing session key. For example
to move from CFB to AEAD. So a SHOULD use v5 SKESK would be
appropriate.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
pgp6Vqz6eS1cx.pgp
Description: PGP signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp