John W. Moore III jmoore3rd at
Thu Jun 12 13:42:19 CEST 2008

Hash: SHA512

Laurent Jumet wrote:
> Hello !
>     Is CAMELLIA implemented in 1.4.9 or should we install a plug-in like IDEA.DLL ?

"Implemented" = Yes; in that it is present but Camellia is *not* Enabled
by default.  In order to Enable Camellia You will need to Build GnuPG
with the --enable-camellia Flag in place.  Before You rush to do this
however I think You should re-read the Cautionary Message from David
Shaw regarding the advisability of this:

Some people have noticed that I recently committed support for the
Camellia cipher in GnuPG.  Here's the story behind that.

Camellia is not currently part of OpenPGP, and will also not be part
of the upcoming "2440bis" updating of RFC-2440.  It has been proposed,
however, that right after 2440bis is published, the OpenPGP Working
Group take the necessary steps to add Camellia.  To simplify
interoperability testing between different OpenPGP implementations,
I've added Camellia to GnuPG.  Naturally, it is disabled by default
and the only people who should really enable it are those doing
interoperability work.

While it is impossible for me to stop people from enabling and using
it, be warned of a few things: first, Camellia isn't part of OpenPGP
yet, and if for whatever reason it doesn't become part of OpenPGP, you
won't be able to decrypt anything you've encrypted with Camellia.
Similarly, as Camellia has not been assigned an OpenPGP cipher number,
I've picked 11 (the next unassigned number).  If Camellia gets
approved with a different number, you won't be able to decrypt
anything you've encrypted with this version of Camellia.  Finally, if
there is some error in the current GnuPG usage of Camellia that we
later fix, you again won't be able to decrypt.

I'm not going to go into whether Camellia is considered strong or not,
as it's not really relevant to this discussion: even if Camellia was
the strongest cipher in the world, you should still not enable it for
the reasons given above.

Rest assured that if/when Camellia is approved (or even on a
reasonable track to approval), it will be enabled for general use.


I "re-printed" this here to refresh the memories of folks who may have
missed/forgotten David's original comments on Camellia.

Timestamp: Thursday 12 Jun 2008, 07:41  --400 (Eastern Daylight Time)
Version: GnuPG v1.5.0-svn4754: (MingW32)
Comment: Public Key at:
Comment: Gossamer Spider Web of Trust:
Comment: Homepage:


More information about the Gnupg-users mailing list