un-trusting MD5 in gpg
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon May 4 16:17:22 CEST 2009
I'll give David's patch a try shortly, just to see how much of my
OpenPGP-related workflow breaks. I'll report back here with anything
interesting that i find.
Wouldn't it make more sense to return G10ERR_DIGEST_ALGO instead of
G10ERR_BAD_SIGN, though? libgpg-error suggests that it means "Invalid
Digest Algorithm". Any reason i shouldn't do that instead?
On 05/04/2009 04:09 AM, Werner Koch wrote:
> What can be done is to print a warning (already on our task list) and to
> implement an option to ignore signatures done with digest algorithm foo
> (similar to --disable-cipher-also)
Yes, something like --disable-digest-algo is the direction i think gpg
should be heading.
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20090504/34ff214e/attachment.pgp>
More information about the Gnupg-devel
mailing list