-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hello !
Is CAMELLIA actually part of OpenPGP?
Are S11, S12 S13 assigned definitively?
Is BZIP2 definitively excluded, or is it an option when compiling? In the
latter case, why don't compiling with it?
- --
Laurent Jumet
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hello !
I found information about CAMELLIA.
According to this info, I suppose I can assume that CAMELLIA is part of
OpenPGP *and* S11, S12 S13 are from now on, owned by CAMELLIA.
=== Begin Windows Clipboard ===
Network Working Group
On Sep 5, 2009, at 5:25 AM, Laurent Jumet wrote:
I found information about CAMELLIA.
According to this info, I suppose I can assume that CAMELLIA is
part of
OpenPGP *and* S11, S12 S13 are from now on, owned by CAMELLIA.
Yes, and GnuPG 1.4.10 and 2.0.12 (if libgcrypt is recent enough
whether an algorithm is present or not?
Camellia is a good example here. It does not really bring something
new to OpenPGP in terms of security. Sure, Camellia is believed to be
strong, and some studies have shown it to be strong. But we don't
really *need* that - we have other ciphers
Twofish, Blowfish, RIPEMD160, etc., etc. These are
well-designed algorithms that very few people use, and they're still
littering the standard. I don't think it's at all unreasonable to say
Camellia has users supporting it, sure, but before we go about adding
new algorithms, let's prune out old
before you make your
conclusions.
BTW, to get back to Camellia, I had to do some research on this in
another context and while I'm not prepared to judge the safety of
the cipher, I did come across this post from David which I thought was
important. Short version, don't use this for production stuff
Doug Barton wrote:
The AF's conclusion seems obvious, however it ignores a critical
factor of the Navy's use case.
The story is apocryphal, so it doesn't make much sense to talk about the
motives of the people involved -- it's fiction. But even were it true,
I'd be hard-pressed to agree that
Robert J. Hansen wrote:
Doug Barton wrote:
The AF's conclusion seems obvious, however it ignores a critical
factor of the Navy's use case.
The story is apocryphal, so it doesn't make much sense to talk
about the motives of the people involved -- it's fiction.
Has every example you've ever
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Sorry to ask what was already answered some time ago, but: why GnuPG
doesn't implement Camellia? IIRC (but probably I misunderstood it), it
is enabled for Japanese version, since they need it. But in that case,
why it is not enabled for occidental
Faramir wrote:
Sorry to ask what was already answered some time ago, but: why GnuPG
doesn't implement Camellia?
Camellia is not yet part of the OpenPGP standard. The standardization
process for it is still underway. Once it's standardized, GnuPG will
support Camellia the same as any other
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Robert J. Hansen escribió:
Camellia is not yet part of the OpenPGP standard. The standardization
process for it is still underway. Once it's standardized, GnuPG will
support Camellia the same as any other algorithm -- but please don't use
On Fri, Jan 23, 2009 at 05:13:32PM -0300, Faramir wrote:
Sorry to ask what was already answered some time ago, but: why GnuPG
doesn't implement Camellia? IIRC (but probably I misunderstood it), it
is enabled for Japanese version, since they need it. But in that case,
why it is not enabled
Faramir wrote:
Don't worry, while I like to change some settings, I also like to
play safe. Even if I could use Camellia, I would not use it to send
messages (maybe it would be interesting to be able to receive messages
encrypted with it).
There's no real reason to avoid Camellia, by the way
On Fri, Jan 23, 2009 at 03:55:20PM -0500, Robert J. Hansen wrote:
Faramir wrote:
Don't worry, while I like to change some settings, I also like to
play safe. Even if I could use Camellia, I would not use it to send
messages (maybe it would be interesting to be able to receive messages
David Shaw wrote:
You have the ability to do pretty much that, but:
I actually don't, but for policy reasons. My local policy is have
total control over what I send, but don't assert control over what I
receive. I guess you could call it my small-l libertarian philosophy
as applied to OpenPGP.
On Fri, Jan 23, 2009 at 05:14:15PM -0500, Robert J. Hansen wrote:
David Shaw wrote:
You have the ability to do pretty much that, but:
I actually don't, but for policy reasons. My local policy is have
total control over what I send, but don't assert control over what I
receive. I guess
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Robert J. Hansen escribió:
...
algorithm, cryppies have a lot of confidence in it -- I'm just part of
the (vocal) minority which screams that OpenPGP has way too many
algorithms and we need to start cutting algorithms out. I would like
...
David Shaw wrote:
This has nothing to do with your preference list. GPG will happily
decrypt messages to any cipher, whether it is in your preference list
or not, as per the spec:
Yes, which sort of demonstrates the point that the preference mechanism
is just needless complexity. It's a
Faramir wrote:
Well, I don't think you are crazy, but I am part of the group that
likes to be able to chose between several options, provided all the
options are secure.
That provided is the sticking point. Small is beautiful, IMO. YMMV.
There is an apocryphal story about the United
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Robert J. Hansen escribió:
Faramir wrote:
Well, I don't think you are crazy, but I am part of the group that
likes to be able to chose between several options, provided all the
options are secure.
That provided is the sticking point. Small
Faramir wrote:
Well, you have always said any algo in GPG is safe enough to use...
First, I've said the algorithms are safe enough to use. I've never said
GnuPG's implementation of them is correct and error-free. There's a
_big_ difference between saying 3DES is a trusted algorithm and
of the
protocol. The semantics are extremely clear, including the places
where the spec dictates that the implementor can follow his desires.
If I allow (say) 3DES, AES, and Camellia, you can't send me anything
that isn't 3DES, AES, or Camellia. If you really really really like
Camellia best, you can
David Shaw wrote:
OpenPGP benefits from the flexibility of being able to use multiple
algorithms.
The ability to use multiple algorithms is independent of how many
algorithms are in the spec and in each implementation. Algorithm
agility is a great idea and I think protocols ought be designed
23 matches
Mail list logo
