gpgsm 1.9.22 supports no RC2 Algorithm ?
Werner Koch
wk at gnupg.org
Fri May 4 10:17:18 CEST 2007
On Thu, 3 May 2007 22:34, nsushkin at sushkins.net said:
> There has been a bug filed today in Mozilla bugzilla,
> https://bugzilla.mozilla.org/show_bug.cgi?id=379625. If any of you can
> vote, track, or help troubleshoot the issue, the affected users (including
> me) will greatly appreciate.
The issue is simply that Mozilla allows (and even worse, sometimes
forces) the use of RC2. This should be fixed asap in Mozilla.
I consider any application using RC2 for encryption not only broken but
playing a false game with its users by telling them: Your mail has been
encrypted. They are not telling them that it is the "NSA approved" 40
bit cipher used in the dark ages for US-exportable software.
Go and drop RC2!
Salam-Shalom,
Werner
p.s.
I am aware that it is possible to use other key lengths with RC2
but due to trade secrets, FUD and a wealth of proven and free cipher
algorithms, RC2 has no reasons to exist (maybe except for its needless
use in pkcs#11).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : /pipermail/attachments/20070504/9e7112c3/attachment.pgp
More information about the Gnupg-devel
mailing list