[PATCH] MD2 for libgcrypt

Werner Koch wk at gnupg.org
Tue Jul 20 09:11:08 CEST 2010

On Mon, 19 Jul 2010 21:11, dkg at fifthhorseman.net said:

> Are the patches rejected due to poor implementation?  due to licensing
> reasons?  or due to a desire to not ship the MD2 functionality in

The MD2 things comes up every few years and we have always rejected it.

For one the legal state of the algorithm is not clear: It is likely that
it has been taken from the RFC which has a non-commercial clause.  In
this regard it is similar to arcfour.  The GNU project is very
cautiousness on these issues and thus we would need to clear the legal
state first (meaning long dicussions with RSA Inc).  I don't think this
is justified.  And of course we need a copyright assignment and code
which is clearly not based on rfc 1319.

The other reasons is that I don't want to keep those old certificates
alive.  They should have been abolished a long time ago.  IMHO there is
no good reason to use them (Sorry, Stefan).  Getting certificates for
S/MIME is not hard and actually pretty cheap these days.

A counterpoint would be that the whole X.509 PKI business is entirely
broken and does not provide any security at all.  You only need to look
at a few of the implementation problems identified in the last years.
Thus why not add support for it - it won't make it worse.  But see the
first point.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gcrypt-devel mailing list