[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: algorithm IDs

To: Len Sassaman <rabbi@xxxxxxxxxxx>
Subject: Re: algorithm IDs
From: Werner Koch <wk@xxxxxxxxx>
Date: Fri, 20 Jun 2008 13:36:02 +0200
Cc: Andrey Jivsov <openpgp@xxxxxxxxxxxx>, OpenPGP <ietf-openpgp@xxxxxxx>
In-reply-to: <Pine.LNX.4.58.0806200346430.21687@xxxxxxxxxxxxxxx> (Len Sassaman's message of "Fri, 20 Jun 2008 03:48:58 -0700 (PDT)")
List-archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-id: <ietf-openpgp.imc.org>
List-unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
Openpgp: id=5B0358A2; url=finger:wk@xxxxxxxxxxx
Organisation: g10 Code GmbH
References: <481CD4EB.2020309@xxxxxxxxxxxx> <4855D4B9.1090701@xxxxxxxxxxxx> <87fxravlgy.fsf@xxxxxxxxxxxxxxxxxxxxx> <Pine.LNX.4.58.0806191512050.20187@xxxxxxxxxxxxxxx> <87od5wjzey.fsf@xxxxxxxxxxxxxxxxxxxxx> <Pine.LNX.4.58.0806200346430.21687@xxxxxxxxxxxxxxx>
Sender: owner-ietf-openpgp@xxxxxxxxxxxx
User-agent: Gnus/5.110007 (No Gnus v0.7)

On Fri, 20 Jun 2008 12:48, rabbi@xxxxxxxxxxx said:

> Actually, my concern has to do with the fact that OIDs are of arbitrary
> length. X.509 got it wrong; we might too.

How can you get this wrong?  You compare the length byte and the the
data.  That is trivial.  Some folks might be tempted to use a BER parser
but is overkill and a bad practise.

We have far more complicated encoding schemes in OpenPGP packets than a
length byte and some opaque data bytes as I suggest to use for the OID.

> I agree that's a problem, but isn't the solution "upgrade the client that
> can't handle the larger keys?"

Sure, it is just a practical problem.  The users need to ge a new
version of the software.  For GNU/Linux that may take half a year and
the willingness to update to something new.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.

Follow-Ups:
- Re: algorithm IDs
  - From: Peter Gutmann

References:
- OpenPGP keys and Suite-B
  - From: Andrey Jivsov
- Re: OpenPGP keys and Suite-B
  - From: Andrey Jivsov
- Re: OpenPGP keys and Suite-B
  - From: Werner Koch
- algorithm IDs (was: Re: OpenPGP keys and Suite-B)
  - From: Len Sassaman
- Re: algorithm IDs
  - From: Werner Koch
- Re: algorithm IDs
  - From: Len Sassaman

Prev by Date: Re: algorithm IDs
Next by Date: Re: algorithm IDs
Previous by thread: Re: algorithm IDs
Next by thread: Re: algorithm IDs
Index(es):
- Date
- Thread