Standards and PGP wraper

Niklas Hernaeus nh at sleipner.df.lth.se
Mon Nov 9 03:35:44 CET 1998


On Sun, 8 Nov 1998, Werner Koch wrote:
> > "type 20 should be default, but provide a way for creating pgp compatible
> > packets and keys because pgp is really widly spread." 
> 
> There is no technical reason to use type 20 and ElGamal Signatures are
> much slower to verify than DSA sigs and they are not needed.
> The default is to use type 17 (DSA sign-only) and type 16 (Elgamal for
> encryption only).  

I see two reasons to use type 20.  One technical, and one political.

First, in DSA the key size can only be between 512 to 1024 bits.  Not
great, but usable today.  In 5 years, I don't know.

The reason to split the key to one encryption key and one signing key is
not that technical.  One reason that this was done to PGP was the side
effect to make key escrow possible, and that is a purely political issue.
I find key escrow to be a very bad solution to a problem, both technically
and politically, for several reasons, and I therefore see no reason at all
to use a split key solution.

Being from Sweden I am a bit wary of this since the swedish politicians
have no inhibitions at all when comes to regulate internet, in fact they
have lost control to the fullest!  Putting up a PGP keyserver could get a
poor soul in jail for two years!  Consider...

Please be aware that GnuPG, as well as PGP, is a highly political software!
Please don't promote the political solutions, promote the technical
solutions, and build GnuPG to last.

/Niklas.





More information about the Gnupg-devel mailing list