Hi,
- Incorporated RFC 6637 (ECDSA and ECDH, using NIST curves)
# Security Considerations
A compliant application MUST only use iterated and salted S2K to
protect private keys, as defined in {{iterated-and-salted-s2k}},
"Iterated and Salted S2K".
This precludes the use of private S2K algorithms (algos 100 to 110).
https://tools.ietf.org/html/rfc4880#section-3.7
Would a MUST NOT use Simple S2K and MUST NOT use Salted S2K be better?
:) Neal
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp