Proposal: config for weak, normal, strong algos

Bernhard Reiter bernhard at
Mon Mar 21 16:18:05 CET 2016

On Thursday 10 March 2016 at 17:17:04, Bernhard Reiter wrote:
> attached a proposal to help dealing with environments
> where a crypto policy strongly prefers or rejects some algos.
> It is an idea of generalisation of what we (Intevation and g10code)
> may need for the contract.
> What do you think?

No feedback so far, but Werner told me, that he
a) does not like wording "strong" because it somehow implies 
   the algorithms in the "normal" group are less strong.
   As a generalisation we could coin this "restricted" group
   or "policy" group.

b) prefers one option that defines a fixed set of algos for the
   "restricted" group, instead of too many configuration options
   that would allow to combine algos that do go well togethers.
   Maybe hardcoding is the way to go, so the "restricted" group
   could be defined by an option like "--vs-nfd" for what the German
   government things is in their "restricted" group.

In addition I think: 
c) if we go with more configuration options
and thus being more general, we could add an options to name the group
like {{{--algo-policy-name=VS-NfD}}} .

Best Regards,

-- (CEO) (Founding GA Member)
Intevation GmbH, Osnabrück, Germany; Amtsgericht Osnabrück, HRB 18998
Owned and run by Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20160321/246dbdb3/attachment.sig>

More information about the Gnupg-devel mailing list