[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

processing of "speculative" key ids: MAY -> SHOULD|MUST

To: ietf-openpgp@xxxxxxx
Subject: processing of "speculative" key ids: MAY -> SHOULD|MUST
From: sen_ml@xxxxxxxxxxx
Date: Thu, 20 Jan 2000 00:56:26 +0900
List-archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-id: <ietf-openpgp.imc.org>
List-unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
Sender: owner-ietf-openpgp@xxxxxxx

in section 5.1 i see:

   An implementation MAY accept or use a Key ID of zero as a "wild card"
   or "speculative" Key ID. In this case, the receiving implementation
   would try all available private keys, checking for a valid decrypted
   session key. This format helps reduce traffic analysis of messages.

i think the use of MAY here seriously undermines the usefulness of the
"speculative" key id.  i think it would be better if implementations
SHOULD (or even better MUST) process "speculative" key ids.

gnupg supports generation and processing, but since pgp doesn't seem
to handle processing (please correct me if i'm wrong on this point),
speculative key ids are not very useful when conversing w/ folks using
pgp.

to any active developers of pgp: please add at least processing of
speculative ids to pgp!  it shouldn't be hard at all.  it could even
be made a user option.

generation shouldn't be hard either -- it's just a matter of zeroing
some bytes.

p.s. if there are any other implementations of rfc 2440 out there in
use, same comment goes for them too if they don't support the
processing of speculative key ids.

Prev by Date: Re: I-D ACTION:draft-ietf-openpgp-rfc2440bis-00.txt
Next by Date: Re: The OpenPGP mailing list has moved
Previous by thread: The OpenPGP mailing list has moved
Next by thread: Re: processing of "speculative" key ids: MAY -> SHOULD|MUST
Index(es):
- Date
- Thread