> I think you're talking about personal-cipher-preferences here, which > Alice uses to govern the cipher she uses.
Correct. > Note that she could even put IDEA first here. Sure, but it wouldn't take unless Bob had IDEA in his preference list. If Bob's preference list is AES256 CAMELLIA256 3DES, then if Alice's choice of IDEA will be ignored. The choice of 3DES won't be, which is why 3DES is relevant here. > actually advertise all ciphers her openPGP implementation is capable of? I'm saying only that she puts 3DES ahead of Bob's preferred 256-bit ciphers in her personal-cipher-preferences. Bob is all about "I must have at least 256 bits of keyspace in all my email!" But Bob can't do that, because Alice can *always* degrade him to 112 bits by choosing 3DES. And since Bob is the target, and since we're assuming the enemy is well-financed and professional and capable of tricking people, Bob needs to stop thinking he can somehow guarantee 256 bits of keyspace in his emails. Bob can guarantee 256 bits of keyspace in *what he generates*. Bob cannot guarantee 256 bits of keyspace in *what he receives*. Telling people to use extremely large keys because "then your correspondents will be using RSA-ungodly, which has an effective something-ridiculous keyspace" sounds nice, but it's not true. Bob can only guarantee up to 112 bits of keyspace in the traffic that gets sent to him, because Bob can't prohibit his correspondents from using 3DES. Anyone who simply, glibly, says "use long certificates because they give a larger effective keyspace," is committing fraud, IMO. You're making promises that aren't true and which you can't back up. "Using long certificates *may* give a larger effective keyspace, but really, you can only ever be certain of 112 bits of keyspace, so you should design your security model such that it only relies on 112 bits of keyspace" is accurate. But I think if long certificates were to be marketed that way, a lot of people would blink a few times and ask, "well, what's the point, then?"
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
