[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SERPENT in OpenPGP?
-----BEGIN PGP SIGNED MESSAGE-----
I'll be just a bit softer than Werner. The obstacle to your suggestion is adoption. You can write a document, push it through the IETF, and then you have Serpent in OpenPGP. However, it's unlikely that many implementations would put it in, for all the reasons people have said here. It would be little more than your name on an RFC if no one codes it up.
On the other hand, so what? Your name on an RFC is a resume-builder. And you could code it up yourself. If a real break comes to AES, you could end up looking prescient.
OpenPGP is designed to be to be welcoming to new algorithms -- all you need is a new algorithm number, really. But it's also designed to have easy rejection of algorithms that individuals or the community don't like. The algorithm preferences and negotiation ensures that no sender can ram something down a receiver's throat.
The upshot of this is that if *you* want to use Serpent and some new compression algorithm and other things, you can. But if you want *us* to do it too, then you have to convince us. OpenPGP is both a welcoming community and a balkanized collection of cliques. One of the very clever things we did was to be able to be both at the same time.
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 2.10.0 (Build 554)
-----END PGP SIGNATURE-----