1.07 RSA support questions

Larry Ellis Larry_C_Ellis@hotmail.com
Mon Jun 3 20:53:01 2002


----- Original Message -----
From: "Nick Andriash" <andriash@telus.net>
To: "GnuPG Users" <gnupg-users@gnupg.org>
Sent: Monday, June 03, 2002 1:12 PM
Subject: Re: 1.07 RSA support questions (Larry Ellis)


> Hello Larry Ellis,
>
> In Reference to your Posting on Monday, June 03 2002 at 09:15 AM PDT:
> Message ID: <LAW2-OE19yocfru4dl100004e61@hotmail.com>
>
> > It's clear that changes within GPG are not geared towards improving the
> > ease of choosing RSA/IDEA.  That's fine; it's not a great choice for
> > new users.
>
> Why is choosing IDEA not a good idea for new Users?
>
> > I know how to force the use of IDEA, if I foolishly choose to do so.
>
> Are you associating the foolishness with "forcing" the use of IDEA, or
> with using it period?
>

I see that David T-G has responded to this, and I basically agree with his
answers.  It's not that IDEA is a bad algorithm, it's just that it has
patent encumbrances which means it cannot be used freely (for commercial
use).

Forcing IDEA would be foolish (for me), simply because a lot of recipients
would not be able to decipher the message.  Of course, RSA legacy key
holders would, and that is about the only reason I can see that anyone would
force IDEA: when the recipient is an RSA key holder (who, might also be a
pgp2.6 user).  Of course, with 1.07, this is dealt with by simply
specifying --pgp2.

Personally, I want to use the algorithm which causes me the least
interoperability problems AND which is safe.  That probably means 3DES for
me.  It's quite a bit slower than other ciphers, but I really don't care
about that;  others may.  But I can't use 3DES for legacy PGP 2 recipients;
it doesn't support it.