gpgsm 1.9.22 supports no RC2 Algorithm ?

Werner Koch wk at
Fri May 4 10:17:18 CEST 2007

On Thu,  3 May 2007 22:34, nsushkin at said:

> There has been a bug filed today in Mozilla bugzilla, 
> If any of you can 
> vote, track, or help troubleshoot the issue, the affected users (including 
> me) will greatly appreciate.

The issue is simply that Mozilla allows (and even worse, sometimes
forces) the use of RC2.  This should be fixed asap in Mozilla.

I consider any application using RC2 for encryption not only broken but
playing a false game with its users by telling them: Your mail has been
encrypted.  They are not telling them that it is the "NSA approved" 40
bit cipher used in the dark ages for US-exportable software.

Go and drop RC2!



I am aware that it is possible to use other key lengths with RC2
but due to trade secrets, FUD and a wealth of proven and free cipher
algorithms, RC2 has no reasons to exist (maybe except for its needless
use in pkcs#11).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : /pipermail/attachments/20070504/9e7112c3/attachment.pgp 

More information about the Gnupg-devel mailing list