-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Robert J. Hansen wrote:
> People add ciphers to the OpenPGP suite which are not explicitly > included in the spec. E.g., Camellia right now, or the people who are > experimenting around with ECDSA, or... etc. > > If it was just "add it to the end", then every experimental OpenPGP > platform out there would have problems. If S14 (to pick a random unused > cipher number) is an experimental implementation of RC6, then what > happens when AES-256.5 (a full 1.414 times stronger than AES256!) gets > assigned to S14? > > Fine, the experimental group moves up to S15. But all of the traffic > they've already generated is still marked as S14. That means when they > try to decrypt their traffic, they'll be decrypting it with AES-256.5 > instead of RC6. Which means decryptions will fail. Which means ugly > kluges will have to be written to handle this. And... etc., etc. > > It's easier on everyone if it's done OpenPGP's way. Most Excellent Answer! FWIW; the 'Working Group' is still mulling the inclusion of OID as part of ECC. Who knows what, if anything, will be assigned to these identifiers. If One follows the 'David Shaw' proposals for Camellia algorithm it will be found that the identify nomenclature changed several times. It still isn't 'final adopted' and may change again. I Love the "Hansen/Clizbe" Warning; if Ya follow the /Bleeding Edge/ and things get broken You 'own' all the pieces! JOHN ;) Timestamp: Tuesday 24 Jun 2008, 19:21 --400 (Eastern Daylight Time) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.5.0-svn4754: (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: https://www.gswot.org Comment: Homepage: http://tinyurl.com/yzhbhx iQEcBAEBCgAGBQJIYYHIAAoJEBCGy9eAtCsPVisIAIonv1JwEKeQVp6gtdP8HyoY WFLzTPvQCMdLbuAyen66xSbnLYsLKx70CjY/l6Ku9xpyIvXv5HNeUU80l8AbGAFM fhLjOldLQWrAgaBcC0HNa4DIJUTirKYRZy1iRYxF+Q45d7QICd1S7/hC1Zm+xMqs haJKrvh0KGg7x9braUKuItMzIs8Gv5FvF0g1CrYD217noRKj9b9ew9y0RuAweXNw XrbZAfQmxniXRME+TL7GGn75sxq1p8HqgvkSNM4X/8eH/F2UF5R4XoODhrhK44mR V5BMPc4qWTtRVlaRR6cvAcZC4rXoNivjfHKJ0RHNicZTU5ScO/TSO+Nip20ObN8= =Nadv -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
