un-trusting MD5 in gpg

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed May 6 21:31:56 CEST 2009

On 05/06/2009 03:19 PM, Daniel Kahn Gillmor wrote:
> What about --weak-digest and --weak-cipher?  We also need to think about
> how to adjust the default list in the other direction, which was what my
> original --no-trust-digest and --trust-digest tried to cover (albeit
> with a poorly-chosen name).  unfortunately --no-weak-digest doesn't make
> as much sense.

Hang on, i think i've overthought this.  what about just a simple list
by analogy with --personal-digest-preferences:

   A list of names of digest algorithms considered to be weak enough
   that signatures over these algorithms should be considered invalid.
   By default, this list is (empty? MD5?).  Supply an empty string or
   the word "none" to accept valid signatures over all digests.

For example:

 --weak-digest-algos MD5
 --weak-digest-algos ''
 --weak-digest-algos 'MD5 SHA1'

Any thoughts?  Another approach would be to assume that the complement
of the digests listed in --personal-digest-preferences is actually this
set.  This reduces the gpg's already-hairy configuration space, but it
also modifies the semantics of --personal-digest-preferences in ways
that might cause problems on existing installations.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20090506/c79a593a/attachment.pgp>

More information about the Gnupg-devel mailing list