[PATCH] MD2 for libgcrypt

Stephan Mueller smueller at chronox.de
Tue Jul 20 10:09:17 CEST 2010

Am Dienstag 20 Juli 2010, um 09:11:08 schrieb Werner Koch:
> On Mon, 19 Jul 2010 21:11, dkg at fifthhorseman.net said:
> > Are the patches rejected due to poor implementation?  due to licensing
> > reasons?  or due to a desire to not ship the MD2 functionality in
> The MD2 things comes up every few years and we have always rejected it.
> For one the legal state of the algorithm is not clear: It is likely that
> it has been taken from the RFC which has a non-commercial clause.  In
> this regard it is similar to arcfour.  The GNU project is very
> cautiousness on these issues and thus we would need to clear the legal
> state first (meaning long dicussions with RSA Inc).  I don't think this
> is justified.  And of course we need a copyright assignment and code
> which is clearly not based on rfc 1319.
> The other reasons is that I don't want to keep those old certificates
> alive.  They should have been abolished a long time ago.  IMHO there is
> no good reason to use them (Sorry, Stefan).  Getting certificates for
> S/MIME is not hard and actually pretty cheap these days.

I know, but tell that to my counterparts!
> A counterpoint would be that the whole X.509 PKI business is entirely
> broken and does not provide any security at all.  You only need to look
> at a few of the implementation problems identified in the last years.
> Thus why not add support for it - it won't make it worse.  But see the
> first point.
Ok, may I then ask that you add a pointer to my patches in your documentation 
(I will give you the URL of my web page which will also contain a polished 
version of the patches)? I just want people to give a chance using gpgsm when 
they need to rely on MD2.


| Cui bono? |

More information about the Gcrypt-devel mailing list