[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: bis-16 comments

To: Jon Callas <jon@xxxxxxxxxx>
Subject: Re: bis-16 comments
From: David Shaw <dshaw@xxxxxxxxxxxxxxx>
Date: Tue, 9 May 2006 10:05:38 -0400
Cc: ietf-openpgp@xxxxxxx
In-reply-to: <5E8B7F7D-6CE1-4F5F-98DE-31E61B13D2D4@xxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-id: <ietf-openpgp.imc.org>
List-unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
Mail-followup-to: Jon Callas <jon@xxxxxxxxxx>, ietf-openpgp@xxxxxxx
Openpgp: id=99242560; url=http://www.jabberwocky.com/david/keys.asc
References: <20060426031250.GA11005@xxxxxxxxxxxxxxx> <5E8B7F7D-6CE1-4F5F-98DE-31E61B13D2D4@xxxxxxxxxx>
Sender: owner-ietf-openpgp@xxxxxxxxxxxx
User-agent: Mutt/1.5.11

On Mon, May 08, 2006 at 02:52:30PM -0700, Jon Callas wrote:

> >In section 9.3. Compression Algorithms, suggest adding:
> >
> >    Algorithm 0, "uncompressed," may only be used to denote a
> >    preference for uncompressed data in the preferred compression
> >    algorithms subpacket (section 5.2.3.9). Implementations MUST NOT
> >    use uncompressed in Compressed Data Packets.
> >
> >(We had the same problem with using cipher algorithm 0 in encrypted
> >data packets, and made that MUST NOT as well)
> >
> 
> I want to quibble over this one.
> 
> The reason we don't allow 0 in encrypted packets is because we don't  
> want to have "encrypted" data. It's a security reason. There's no  
> security reason here. While it's perhaps stupid to make a compressed  
> packet that has no compression (you could just have a literal  
> packet), there is no *security* reason to object to it.
> 
> Also, there's no particular code reason to object to it, either; you  
> have to handle the case, and rather than error out, why not just  
> proceed?

You're right.  It's better left out.

David

References:
- bis-16 comments
  - From: David Shaw
- Re: bis-16 comments
  - From: Jon Callas

Prev by Date: Re: bis17 is out
Previous by thread: Re: bis-16 comments
Next by thread: Last minute language nit on clear signing
Index(es):
- Date
- Thread