[PGP-USERS] Re: ADK Bug: Statement from cert.org.
Fri, 25 Aug 2000 12:33:44 +0200
[Sam, feel free to forward this to the PGP list - I am not subscribed]
On Fri, 25 Aug 2000, Simpson, Sam wrote:
> GPG already won't encrypt to ADK keys so it's a good alternative and I have
> every confidence that Werner Koche is currently working on a version of GPG
> that is at anti-ADK as possible. This won't help existing NAI/PGP users
I can't do much more than to ignore ADK, which was easy because I
didn't know the format of this packages (I did some investigations
today and GnuPG should now be able to *list* them using the
--list-packets command). I don't think that it makes sense to issue a
warning "ADK key ighnored" when a recipient has an ADK key - this may
just confuse users more.
> implement a clean, simple and non complex mail security standard rather than
> producing a v5 specification that forces implementers to jump through more
> hoops for the sake of backwards compatibility. Werner: what's your take on
> the best way forward?
The current OpenPGP specification together with the proposed MDC
feature (which is a countermeasure against the Katz/Schneier attack on
all email encryption protocols) is a reasonable and working standard.
We should try to get this one to IETF draft status as soon as
possible. We have already reserved identifiers for the AES and we can
probably easy agree on a DSA using SHA-2 without running through the
whole RFC process.
Werner Koch GnuPG key: 621CC013
OpenIT GmbH http://www.OpenIT.de
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to email@example.com