[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [openpgp] Intent to deprecate: Insecure primitives



On 8/04/2015 19:36 pm, Christoph Anton Mitterer wrote:
On Wed, 2015-04-08 at 15:32 +0000, David Leon Gil wrote:
Brief update on plans for deprecation: The tracking issue is at
https://github.com/yahoo/end-to-end/issues/31

Please feel free to open another issue if you have specific
objections. I will either be convinced by your arguments, and change
the plan, or explain why I don't.

Look, as I've pointed out previously, I personally think that crypto,
done as a web app is inherently untrustworthy.


Which is out of scope for this list, right?


If one says "hey, let's discuss whether we should deprecate twofish in
OpenPGP" that's totally fine,... but informing the standardisation body
"hey we drop now support for x, y and z" with an implicit "and since we
represent n users, you better follow our decision" is not appropriate.


I saw no such implication. I personally appreciate it when vendors actually do tell us what they are doing when that effects the way many users are going to be using the product. In our fishbowl, we sometimes lack the context of what happens out in the field, so news of that nature - hopefully concise and clear - is welcome. To me at least.



iang

_______________________________________________
openpgp mailing list
openpgp@xxxxxxxx
https://www.ietf.org/mailman/listinfo/openpgp