[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I have a technical idea/change for the ECC draft

To: "David Crick" <dacrick@xxxxxxxxx>
Subject: Re: I have a technical idea/change for the ECC draft
From: Greg Troxel <gdt@xxxxxxxxxx>
Date: Wed, 07 May 2008 09:39:04 -0400
Cc: "Andrey Jivsov" <openpgp@xxxxxxxxxxxx>, "Jon Callas" <jon@xxxxxxxxxx>, OpenPGP <ietf-openpgp@xxxxxxx>
In-reply-to: <117bad160804141423r6dea71a7ye1f0ecb20eb4b29e@xxxxxxxxxxxxxx> (David Crick's message of "Mon, 14 Apr 2008 22:23:51 +0100")
List-archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-id: <ietf-openpgp.imc.org>
List-unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
References: <117bad160804121421t49a6ed13uc1b106e37c054c95@xxxxxxxxxxxxxx> <7230A39A-46DA-41AC-9967-10D0F461E998@xxxxxxxxxx> <4803C108.6000203@xxxxxxxxxxxx> <117bad160804141423r6dea71a7ye1f0ecb20eb4b29e@xxxxxxxxxxxxxx>
Sender: owner-ietf-openpgp@xxxxxxxxxxxx
User-agent: Gnus/5.110011 (No Gnus v0.11) Emacs/22.1 (berkeley-unix)

"David Crick" <dacrick@xxxxxxxxx> writes:

>> What do we loose if we
>> instead use "this key replaces TrippleDES implicit algorithm with AES-128"
>> notation? This would be beneficial for RSA keys too.
>
> what if we have:
>
> Alice: {AES256, AES128, AESover3DESflag [, 3DES implicitly]}
> Bob: {3DES [, AES128 implicitly]}
>
> Then Bob or his software could legitamately choose 3DES.
>
> whereas:
>
> Alice: ECC-384/521 key with {AES256, SuiteBOnly}  and
> Alice: ECC-256 key with { [AES128 implicit], SuiteBOnly}
>
> would refuse to encrypt with anything except AES256 and
> AES128 respectively.

I think there's a fundamental mismatch between OpenPGP-style key
preferences and Suite B thinking.  As a sender, with labeled
information, you can only use approved algorithms.  Thus, if a recipient
doesn't list the approved algorithm, you just can't send them mail.  The
OpenPGP-style key preferences are in my view primarily to ensure
interoperability and allow for algorithm transitions over long
timescales.

Are we proposing sender-side rules to match labels to approved
algorithms?  It seems inadequate to put 'SuiteBOnly' as a key preference
on recipients.

References:
- I have a technical idea/change for the ECC draft
  - From: David Crick
- Re: I have a technical idea/change for the ECC draft
  - From: Jon Callas
- Re: I have a technical idea/change for the ECC draft
  - From: Andrey Jivsov
- Re: I have a technical idea/change for the ECC draft
  - From: David Crick

Prev by Date: Re: OpenPGP keys and Suite-B
Previous by thread: Re: I have a technical idea/change for the ECC draft
Next by thread: Re: I have a technical idea/change for the ECC draft
Index(es):
- Date
- Thread