On Sun, Oct 30, 2005 at 03:51:08PM +0100, Christoph Anton Mitterer wrote: > John Clizbe wrote: > > >Well, first it has to make it into the OpenPGP Standard. And usually to do > >that, it would likely need to be part of some governmental or business > >standard so that large numbers of end-users would want/need it. > > > > > I think that should be implemented despite of the way goverments are > going,.. > Goverments are often trying to restrict cryptography (see US) and also > here in Germany (using X.509 only which is in my opinion less secure > than OpenPGP as its using a hierarchical certificate system). > > So why not just implementing ECC for GnuPG and making the first step for > a (new) OpenPGP standard?
That would work if GnuPG stood alone, but it doesn't. New algorithms or message constructions need to be discussed and worked out as part of a standard so that all programs can interoperate. This isn't to say that nobody can add new algorithms: see http://alumnes.eps.udl.es/~d4372211/index.en.html for one. It does mean that without standardization, only their experimental modified GnuPG can read these messages. David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
