gpgsm 1.9.22 supports no RC2 Algorithm ?
Werner Koch
wk at gnupg.org
Tue May 8 09:59:26 CEST 2007
On Fri, 4 May 2007 18:16, nsushkin at sushkins.net said:
> I searched the internet for clarifications on how SMimeCapabilities should
> be used. I found that S/MIME Version 3.1 specifically says that NULLs
> should not be used to encode parameters.
That is what the RFC says but not what everone else is doing. The
capabilities are basically algorithm identifiers and thus we should
apply the same rules to them. To quote Peter Gutmann's X.509 guide:
| Another pitfall to be aware of is that algorithms which have no
| parameters have this specified as a NULL value rather than omitting
| the parameters field entirely. The reason for this is that when the
| 1988 syntax for AlgorithmIdentifier was translated into the 1997
| syntax, the OPTIONAL associated with the AlgorithmIdentifier
| parameters got lost. Later it was recovered via a defect report, but
| by then everyone thought that algorithm parameters were mandatory.
| Because of this the algorithm parameters should be specified as NULL,
| regardless of what you read elsewhere.
Thus we do it this way. Given that gpgsm passed a lot of compatibility
tests [1], I don't see a reason to change it. IIRC, the test lab once
also did some unoffcial tests with Mozilla and they had a few problems
with it.
Shalom-Salam,
Werner
[1] http://www.bsi.de/fachthem/verwpki/interoptests/testberichte.htm
(German)
More information about the Gnupg-devel
mailing list