Blowfish160 and OpenPGP

Werner Koch wk at
Mon May 25 20:47:00 CEST 1998

"Juergen A. Erhard" <jae at> writes:

> Ain't killing Blowfish160 too much hassle?

No and already done.

> Mind you, I don't know much about all this... but I wonder whether we
> really have to be OpenPGP compliant in all respects.

It is good to have standards and the latest draft has most of the
stuff I wanted. 

> I seem to recall 'GNU is compatible, but also more powerful' or

Sure it will be :-)

> Can't we make up some format that is a superset of OpenPGP?

We have some extensions which are not defined by OpenPGP but possible
by the old RFC1991 - a part of OpenPGP is that is is open for
extensions; the problem is that there is not yet a way defined to add
new algorithm identifiers to the standard.  I'm sure that we find a
way to address such issues in a "open" way.

> I really don't like OpenPGP to make some (potential... beneficial?)
> features of GPG impossible (illegal?).

Goal is to be OpenPGP compliant as far we are not violating the GPL.
BTW: We need a 3DES implementation.


More information about the Gnupg-devel mailing list