wk at gnupg.org
Mon Apr 9 18:25:06 CEST 2018
On Sun, 8 Apr 2018 17:02, john at skopis.com said:
>>From my uniformed vantage point, it seems that a better algorithm is
> available so we should be using it.
Simply that it is yet another algorithm We already had implemented to
variants of gzip and bzip does not gain much except for complicated the
test matrix a lot. OpenPGP is not an online protocol but we need to
make sure that OpenPGP encrypted data can be processed in the decades to
come. Each new algorithm makes that harder. In the OpenPGP WG we
really try to keep the number of algorithms low and add new ones only if
there is a real benefit or maybe a political reason (e.g. Camellia)
> I would like to understand why what we have now is "good enough". Is there
> some other reason we can't use a different library?
It is not about a library but about a standard. There are
cryptographers out there who think that a single algorithm is the best
thing to have. And they do have a point.
> I am not interested in fighting with an IETF WG but I would like to
The IETF as referenced here are the folks who work on a standard and
they all have different opinions. From my 20 years in the OpenPGP WG I
_assume_ that the majority of the folks won't like the idea. But feel
free to write to the WG mailing list (search tools.ietf.org for the
# Please read: Daniel Ellsberg - The Doomsday Machine #
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 227 bytes
Desc: not available
More information about the Gnupg-devel