On Wed, 27 Feb 2019 22:34:09 +0100,
Bart Butler wrote:
So ideally we¢d prefer to keep the size byte, but to shrink its
range in both directions. For example, the RFC could state that the
chunk SHOULD be 16 kiB (or 256 kiB, hint hint), but decryption MUST
be available for `c` values between 8-12 inclusive. This would also
allow us to be backwards-compatible with messages that have already
been created following the current version of the draft, which do
exist given the benefit that AEAD provides and that OpenPGP.js has
supported the current draft in experimental mode for most of the
last year.
Could you please comment on the approximate number of messages that
have been sent with AEAD? Is protonmail doing AEAD exclusively these
days?
As a compromise, I'd be willing to leave the byte, but have it be a
magic value whose value must be X (where X is say, 8 or 12). Then you
can detect X=12 and not error out for your users. But, I'm not yet
convinced that a range is a good idea.
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp