Specification for Kyber in GnuPG
Jacob Bachmeyer
jcb62281 at gmail.com
Mon May 13 03:18:13 CEST 2024
Kai Engert via Gnupg-devel wrote:
> [...]
>
> I recently saw a political cartoon, which reminded me of the term
> "Divide and Conquer".
>
> I don't know if there is any actor who's actively playing that
> political game and is sowing discord, in order to weaking the OpenPGP
> protocol. But if someone is, we shouldn't let them win.
Observing the recent discussion on these mailing lists, and assuming
that all comments (especially those about the way OpenPGP has previously
handled parameterized algorithms) are accurate and truthful, it appears
to me that the culpable parties are probably *not* on this mailing
list. In other words, OpenPGP algorithm IDs should refer to algorithm
types (RSA, DSA, EC-RSA, McEliece, Kyber, etc.) with details (key
length, curve parameters, etc.) included in type-specific fields in the
key packets. The other side of this debate is attempting to treat
OpenPGP algorithm IDs like TLS ciphersuite IDs, which attach all of the
details to each codepoint.
If someone is sowing discord, I presently believe that it is not the GPG
maintainers. If someone is trying to weaken the OpenPGP protocol, I
believe it to be the parties pushing for less flexibility, where OpenPGP
has historically allowed wide flexibility.
-- Jacob
More information about the Gnupg-devel
mailing list