removing SHA1 from digest preference list

Daniel Kahn Gillmor dkg at fifthhorseman.net
Sun May 3 01:43:41 CEST 2009


Hi folks--

In light of the recent SHA1 advances, i thought i'd look into what it
would take to remove SHA1 from my list of preferred ciphers for a given key.

it seems that  gpg2 automatically enables SHA1 (albeit at the end of the
list of preferred digests (hash functions).  (it also automatically
includes 3DES in the list of preferred ciphers, for some reason).  For
example:

> Command> setpref AES256 TWOFISH ZLIB BZIP2 ZIP Uncompressed SHA512 SHA384 SHA256 SHA224
> Set preference list to:
>      Cipher: AES256, TWOFISH, 3DES
>      Digest: SHA512, SHA384, SHA256, SHA224, SHA1
>      Compression: ZLIB, BZIP2, ZIP, Uncompressed
>      Features: MDC, Keyserver no-modify
> Really update the preferences? (y/N) 

I don't see anything in the RFC to indicate that SHA1 must be included
in the list of preferred hashes:

  http://tools.ietf.org/html/rfc4880#section-5.2.3.8

http://tools.ietf.org/html/rfc4880#section-9.4 suggests that compliant
implementations must *implement* SHA-1.  But the earlier section
suggests that the list of digest algorithms indicates "Message digest
algorithm numbers that indicate which algorithms the key holder prefers
to receive."  I no longer prefer to receive SHA-1 (well, i don't
understand the nuances of the latest report yet, so i'm not really at
this extreme position right now, but i might want to adopt it sooner
than i had expected to).  I'd like to be able to make that statement
explicit if possible, even though i use an RFC-compliant tool.

There's no reason to force-include MD5 in the list of digests, for
example, even though gnupg is capable of implementing it, right?  If the
recent results have any practical traction, it seems like we might want
to be able to exclude SHA1 in the same way that we currently exclude
MD5, no?

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20090502/7f130e8c/attachment-0001.pgp>


More information about the Gnupg-devel mailing list