un-trusting MD5 in gpg
Werner Koch
wk at gnupg.org
Mon May 4 10:09:33 CEST 2009
On Mon, 4 May 2009 04:44, dshaw at jabberwocky.com said:
> + if(sig->digest_algo==DIGEST_ALGO_MD5)
> + return G10ERR_BAD_SIGN;
I don't think that this is helpful. It catches one common case but does
not catch all the other cases where a signature is used for a malicious
purpose. There are many other ways of doing so, for example leaking
ones own key. A signature is a statement of the signer about something
he believes. We can't force him to believe the Right Thing.
Thus giving back an error code of "Bad signature" is wrong. It is a
good signature because the signer intended exactly that. The question
is how you evaluate such a signature. This is a matter of trust and
hard to put in code for a general purpose application, like gpg.
What can be done is to print a warning (already on our task list) and to
implement an option to ignore signatures done with digest algorithm foo
(similar to --disable-cipher-also)
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
More information about the Gnupg-devel
mailing list