ElGamal signature values?
Jon Callas
jon@callas.org
Sat Aug 18 00:14:02 2001
At 3:41 PM +0200 8/13/01, Werner Koch wrote:
>Please add a reference to section 12.5 [ElGamal] and make clear that
>the use of ElGamal signatures is not suggested.
>
I'm a little uncomfortable over proper wording here; if they're so bad,
should they be there at all? I thought the present 12.5 wording was stern
enough to give anyone pause. Nonetheless, I added another wording. Here's
the complete paragraph:
Details on safe use of Elgamal signatures may be found in [MENEZES], which
discusses all the weaknesses described above. Please note that Elgamal
signatures are controversial; because of the care that must be taken with
Elgamal keys, many implementations forego them.
How's that?
Jon