un-trusting MD5 in gpg

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu May 7 16:40:36 CEST 2009


On 05/07/2009 04:53 AM, Werner Koch wrote:
> On Wed,  6 May 2009 21:31, dshaw at jabberwocky.com said:
> 
>> GPG_ERR_DISABLED_CIPHER_ALGO.  Calling it "weak" is a value judgement
>> (i.e. weaker than what?  too weak for what?)  The WEAK_KEY message is
> 
> Right.  I came to the same conclusion this morning.

Y'all have convinced me that "weak" is a bad term here now.  Maybe gpg
should use an error term that points to the option in question?

What about GPG_ERR_BLACKLISTED_DIGEST_ALGO ?

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20090507/158f9f01/attachment.pgp>


More information about the Gnupg-devel mailing list