RFC 2015
Albrecht Dreß
albrecht.dress at arcor.de
Sat Oct 28 18:18:59 CEST 2006
Am 27.10.06 18:20 schrieb(en) Nicholas Cole:
> The RFC for PGP/MIME email specifies that the type of signature used
> must be specified as "pgp-md5" or "pgp-sha1" when creating signed-only
> messages.
>
> Is there an updated version now that the OpenPGP spec lets one use
> other alogorithms?
RFC 2015 has been updated by RFC 3156 <http://www.ietf.org/rfc/rfc3156> in
2001. Quoting from Sect. 5 "OpenPGP signed data":
The "micalg" parameter for the "application/pgp-signature" protocol
MUST contain exactly one hash-symbol of the format "pgp-<hash-
identifier>", where <hash-identifier> identifies the Message
Integrity Check (MIC) algorithm used to generate the signature.
Hash-symbols are constructed from the text names registered in [1] or
according to the mechanism defined in that document by converting the
text name to lower case and prefixing it with the four characters
"pgp-".
Currently defined values are "pgp-md5", "pgp-sha1", "pgp-ripemd160",
"pgp-md2", "pgp-tiger192", and "pgp-haval-5-160".
Cheers, Albrecht.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Albrecht Dreß - Johanna-Kirchner-Straße 13 - D-53123 Bonn (Germany)
Phone (+49) 228 6199571 - mailto:albrecht.dress at arcor.de
GnuPG public key: http://www.mynetcologne.de/~nc-dreszal/pubkey.asc
_________________________________________________________________________
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20061028/ea73b6c9/attachment.pgp
More information about the Gnupg-devel
mailing list