Preferences...
David Shaw
dshaw at jabberwocky.com
Tue Sep 23 15:19:36 CEST 2008
On Sep 23, 2008, at 8:44 AM, Werner Koch wrote:
> On Tue, 23 Sep 2008 14:00, jmoore3rd at bellsouth.net said:
>
>> proper code lines. <Hee Hee> While 'interoperability' testing has
>> not
>> occurred; I have been able to successfully utilize Camellia without
>
> Again: Please do not use this cipher for anything other than pure
> interop testing. The identifier assigned to Camellia may still be
> changed and it would render all your messages unreadable with future
> versions.
It's even worse than that - the identifier for Camellia has changed
twice already, just during the process of debating the draft. The
first draft had only Camellia256. The second draft had Camellia192
and Camellia256. Only now is there the full set of 128, 192, 256.
Any messages encrypted from either of those two earlier versions are
not decryptable now, and we haven't even left the draft stage yet.
Anyone using Camellia in OpenPGP at this stage is asking for it.
> I also wonder why so many people are interested in it. The sole
> purpose
> of including Camellia is for Japanese governmet requirements. This is
> much the same as we would have to disable Camellia for stuff to be
> sold
> to the US government. These are no technical or cryptograhical
> reasons,
> but plain political/organizational.
That's exactly it. Camellia is a very popular algorithm in Japan.
Including it doesn't buy us much new from the cryptographic
perspective as we already have strong 128-bit ciphers in OpenPGP, but
it does buy us something from the usage perspective. It is good for
the OpenPGP "ecosystem".
For those who are curious:
http://www.ietf.org/internet-drafts/draft-ietf-openpgp-camellia-03.txt
https://datatracker.ietf.org/idtracker/draft-ietf-openpgp-camellia/
David
More information about the Gnupg-users
mailing list