gpgsm 1.9.22 supports no RC2 Algorithm ?

Nicholas Sushkin nsushkin at sushkins.net
Tue May 8 17:09:48 CEST 2007 

Werner,

Thanks for looking into this. Thunderbird will be generating RFC syntax, but 
accepting NULLs, so I guess it will work out for now. Hope all the clients 
will be trying to get into compliance with the RFC.

Also, I noticed that the last interop test was done in 2005 and Thunderbird 
was not included. Was that a German government requirement to do the test 
or industry initiative? Hopefully we will see more tests in the future.

On Tuesday 08 May 2007 03:59, Werner Koch wrote: 

> On Fri,  4 May 2007 18:16, nsushkin at sushkins.net said:
> > I searched the internet for clarifications on how SMimeCapabilities
> > should be used. I found that S/MIME Version 3.1 specifically says that
> > NULLs should not be used to encode parameters.
>
> That is what the RFC says but not what everone else is doing.  The
> capabilities are basically algorithm identifiers and thus we should
>
> apply the same rules to them.  To quote Peter Gutmann's X.509 guide:
> |   Another pitfall to be aware of is that algorithms which have no
> |   parameters have this specified as a NULL value rather than omitting
> |   the parameters field entirely.  The reason for this is that when the
> |   1988 syntax for AlgorithmIdentifier was translated into the 1997
> |   syntax, the OPTIONAL associated with the AlgorithmIdentifier
> |   parameters got lost.  Later it was recovered via a defect report, but
> |   by then everyone thought that algorithm parameters were mandatory.
> |   Because of this the algorithm parameters should be specified as NULL,
> |   regardless of what you read elsewhere.
>
> Thus we do it this way.  Given that gpgsm passed a lot of compatibility
> tests [1], I don't see a reason to change it.  IIRC, the test lab once
> also did some unoffcial tests with Mozilla and they had a few problems
> with it.
>
>
> Shalom-Salam,
>
>    Werner
>
>
> [1] http://www.bsi.de/fachthem/verwpki/interoptests/testberichte.htm
>    (German)

-- 
Nick
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1388 bytes
Desc: not available
Url : /pipermail/attachments/20070508/03e078b7/attachment.bin

More information about the Gnupg-devel mailing list