[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenPGP keys and Suite-B

To: "David Shaw" <dshaw@xxxxxxxxxxxxxxx>
Subject: Re: OpenPGP keys and Suite-B
From: "David Crick" <dacrick@xxxxxxxxx>
Date: Sun, 4 May 2008 17:25:06 +0100
Cc: OpenPGP <ietf-openpgp@xxxxxxx>, "Andrey Jivsov" <openpgp@xxxxxxxxxxxx>
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=mM1mqKl3h6DtR0GKu2fSWBXrObHIBqkWp8Pe32F1Hs0=; b=SOshjU6WDj0ebPHrfFxD5M4BsqRAZpSr/j3JSsTBZNQvXD0NjepS+mYtHEy2N0KofGmnmhqIcp56rQKFxJMVO83UOlGnSMEfTMEyE1kVmeWtgu4LcqHRQQZI2B7/0KzMsGRgXbX4USXFYNUPEx3OhrKnlbORny/+5ccoZNNz71I=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=lfkGurgdgWIFcxqwq6EAKX/b8S7iU23igdn4csTidvLd4nJEUCHvz0CbdW2SO6AwdOZ4fE9+j7aqExjRaJJ9iLLy9TlZHX3gHqfSpRLAeZ/PaE4EW+K0rOEtFfaemORVfw7zO93gyyFUVoVjGinGIOH2AsHlCKZZR3wJMTNDNCY=
In-reply-to: <E98FD4AD-DA74-4894-A5C7-7FD03DCD1678@xxxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-id: <ietf-openpgp.imc.org>
List-unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
References: <481CD4EB.2020309@xxxxxxxxxxxx> <E98FD4AD-DA74-4894-A5C7-7FD03DCD1678@xxxxxxxxxxxxxxx>
Sender: owner-ietf-openpgp@xxxxxxxxxxxx

>  So given that new programs will need to have 3DES anyway to cover the
> transition case, and given that messages sent to a mixture of old and new
> keys that are forced to use the cipher of last resort will end up as 3DES....

This is (mainly) about ECC keys,  and specifically about the
implementations' [ability to enforce] Suite-B compliance.

As old applications won't be able to understand ECC keys *at
all*, we've "almost" got a clean sheet with what we do with
ECC keys.  "Almost," because at present ECC keys inherit
3DES as the default cipher from 4880.

> how is (B) different than the current cipher preference system with
> AES listed before 3DES?

right - which is why my original proposal was for a stronger
suite B flag, which says implementations MUST NOT process
messages that fall outside of the Suite-B restrictions (that aside,
Andrey has written in "OpenPGP technical/documentation terms"
what I was originally trying to get across with my perhaps wrong
terminology of a Strict Suite-B "flag").

(And to directly answer your question, Andrey's B is slightly different,
in that while the preference system *is* ordered, implementations
currently have free rein at how they use the intersection of
recipient preferences; Andrey's B says that AES should be used
in place of 3DES - but as you've (now) pointed out, for non-ECC
keys this may mean some people receiving AES messages when
in fact they can e.g. only process 3DES ones).

Follow-Ups:
- Re: OpenPGP keys and Suite-B
  - From: David Shaw

References:
- OpenPGP keys and Suite-B
  - From: Andrey Jivsov
- Re: OpenPGP keys and Suite-B
  - From: David Shaw

Prev by Date: Re: OpenPGP keys and Suite-B
Next by Date: Re: OpenPGP keys and Suite-B
Previous by thread: Re: OpenPGP keys and Suite-B
Next by thread: Re: OpenPGP keys and Suite-B
Index(es):
- Date
- Thread