"expert" mode and read-only features

Peter Gutmann pgut001 at cs.auckland.ac.nz
Fri Dec 12 23:40:41 CET 2003


David Shaw <dshaw at jabberwocky.com> writes:

>Given this, there is a decent argument for not including *any* new hashes
>until they have been proven in the field.  Then there is the counter argument
>that hashes can't be proved in the field unless someone actually uses them.
>Then there are number of arguments in between these two.

Another argument against including every oddball algorithm that comes along is
that it makes it very hard to support using any kind of standard crypto
toolkit, and any encryption hardware at all.  With SSL and S/MIME it's a bit
less of a problem because although there's a ton of algorithms out there,
pretty much everyone uses only RSA, SHA-1, and { RC4, 3DES, AES } depending on
code vintage and personal preference, and all hardware and software handles
this selection.  With PGP it's not so easy, some people seem to take the
availability of odd algorithms as a personal challenge to use the most obscure
ones present, leading to interop problems.  So I wouldn't complain about
seeing non-mainstream algorithms discouraged unless there's some pressing
reason to have them.

Peter.



More information about the Gnupg-devel mailing list