un-trusting MD5 in gpg
Werner Koch
wk at gnupg.org
Wed May 6 20:53:05 CEST 2009
On Wed, 6 May 2009 18:14, dkg at fifthhorseman.net said:
> This is why i framed it as "trust", because validating a signature does
> indeed imply that you trust the algorithms behind that signature. If i
The term "trust" is too much overloaded in OpenPGP. IT is never clear
what you mean by it. The trust in the person of the user, in the way
the user manages the key, how diligent he checks a key before signing
it. etc.
Due to these problems we try to use the terms "validity" and
"ownertrust". Adding another meaning (how strong an algorithm is) to
the term "trust" is not a good idea I believe. Thus my whole argument
is only against the term and not against the concept that you - how
shall I say - trust the algorithms.
> I think --ignore-signatures-with makes more sense than
> --disable-digest-algo simply because i can imagine wanting to add SHA1
> to this list in a year and a half (for any work with US federal agencies
> at least), but gnupg wouldn't even be able to calculate standard
> fingerprints if SHA1 is completely ripped out.
So we only need a cool name for the new option.
>> GPG_ERR_WEAK_DIGEST_ALGO
>> GPG_ERR_WEAK_CIPHER_ALGO
>>
>> may be useful for further processing; not necessary to be dispalyed to a
>> user but may be displayed as well in cases you describe.
>
> This seems reasonable to me.
Okay.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
More information about the Gnupg-devel
mailing list