ietf-openpgp
[Top] [All Lists]

Re: [openpgp] I-D Action: draft-ietf-openpgp-crypto-refresh-02.txt (fwd)

2021-02-26 05:53:27
Hi,

- Incorporated RFC 6637 (ECDSA and ECDH, using NIST curves)

  # Security Considerations

  A compliant application MUST only use iterated and salted S2K to
  protect private keys, as defined in {{iterated-and-salted-s2k}},
  "Iterated and Salted S2K".

This precludes the use of private S2K algorithms (algos 100 to 110).

  https://tools.ietf.org/html/rfc4880#section-3.7

Would a MUST NOT use Simple S2K and MUST NOT use Salted S2K be better?

:) Neal

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp

<Prev in Thread] Current Thread [Next in Thread>