[PATCH] MD2 for libgcrypt
smueller at chronox.de
Tue Jul 20 18:52:51 CEST 2010
Am Dienstag 20 Juli 2010, um 17:15:15 schrieb Daniel Kahn Gillmor:
> On 07/20/2010 03:11 AM, Werner Koch wrote:
> > For one the legal state of the algorithm is not clear: It is likely that
> > it has been taken from the RFC which has a non-commercial clause. In
> > this regard it is similar to arcfour. The GNU project is very
> > cautiousness on these issues and thus we would need to clear the legal
> > state first (meaning long dicussions with RSA Inc). I don't think this
> > is justified. And of course we need a copyright assignment and code
> > which is clearly not based on rfc 1319.
> Maybe the docs could indicate this somehow? currently the manual 
> only says:
> This is an reserved identifier for MD-2; there is no implementation
> yet. This algorithm has severe weaknesses and should not be used.
> an additional concise note about the specific legal encumbrances you're
> worried about might save other implementors time in the future (and
> might lead to a resolution of those legal concerns).
Well, I would have done the implementation/port of MD2 anyway as it is
relatively simple, because I need it for SMIME as I pointed out.
The only sad thing is that SMIME of gpgsm is not complete without MD2. I want
people to use libgcrypt and gpgsm simply because libgcrypt is one of the
cleanest and best written crypto libs I know of. And I know quite a number
indepth (Werner can tell).
> > A counterpoint would be that the whole X.509 PKI business is entirely
> > broken and does not provide any security at all.
> agreed, sadly.
Yes, agreed from my side as well. But what can you do if customers force you
to use it, even with MD2?
| Cui bono? |
More information about the Gcrypt-devel