un-trusting MD5 in gpg

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed May 6 21:19:05 CEST 2009


On 05/06/2009 02:53 PM, Werner Koch wrote:
> The term "trust" is too much overloaded in OpenPGP.  IT is never clear
> what you mean by it.  The trust in the person of the user, in the way
> the user manages the key, how diligent he checks a key before signing
> it.  etc. 
>
> Due to these problems we try to use the terms "validity" and
> "ownertrust".  Adding another meaning (how strong an algorithm is) to
> the term "trust" is not a good idea I believe.  Thus my whole argument
> is only against the term and not against the concept that you - how
> shall I say - trust the algorithms.

ah yes, you are quite correct.

> So we only need a cool name for the new option.
> 
>>>         GPG_ERR_WEAK_DIGEST_ALGO
>>>         GPG_ERR_WEAK_CIPHER_ALGO
>>>
>>> may be useful for further processing; not necessary to be dispalyed to a
>>> user but may be displayed as well in cases you describe.
>> This seems reasonable to me.
> 
> Okay.

What about --weak-digest and --weak-cipher?  We also need to think about
how to adjust the default list in the other direction, which was what my
original --no-trust-digest and --trust-digest tried to cover (albeit
with a poorly-chosen name).  unfortunately --no-weak-digest doesn't make
as much sense.

What about --acceptable-digest and --no-acceptable-digest?
(--unacceptable-digest or --not-acceptable-digest would be better
english for the negation, but would break the parallelism with other gpg
options).

hmm, i don't like any of the suggestions for names so far now :(

	--dkg


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20090506/c6d34c0e/attachment.pgp>


More information about the Gnupg-devel mailing list