SHA-1 recommendations
David Shaw
dshaw at jabberwocky.com
Mon May 18 19:31:32 CEST 2009
On May 18, 2009, at 11:38 AM, Daniel Kahn Gillmor wrote:
> On 05/17/2009 10:20 PM, David Shaw wrote:
>> I see no conflict in the RFC: the list is ordered, and a random
>> selection is perfectly conformant.
>
> i just re-read that bit of the RFC, and while it's somewhat vague, i
> think a reasonable interpretation is that it is indeed intended to
> be an
> ordered, exhaustive list of algorithms supported, with most-preferred
> algorithms listed first. The relevant bits are:
I agree with you, except for the "exhaustive" part. I see no wording
that states or even suggests that all possible algorithms supported
need to be listed.
I list algorithms that I like, in the order in which I like them.
That's it. If I leave an algorithm off, that means either I don't
like it or it doesn't exist in my implementation. For example, I'm
running a recent GPG, so I could have any combination of 3DES, CAST5,
BLOWFISH, AES, AES192, AES256, and TWOFISH. If I was to make a brand
new key, I'd probably just list AES and 3DES (and maybe Camellia). I
don't "prefer" the others.
David
More information about the Gnupg-devel
mailing list