un-trusting MD5 in gpg
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Thu May 7 19:14:06 CEST 2009
On 05/07/2009 12:41 PM, Werner Koch wrote:
> On Thu, 7 May 2009 17:34, dshaw at jabberwocky.com said:
>> A blacklisted digest will cause signature verification to fail with an
>> appropriate error message along the lines of "digest algorithm is
>> blacklisted" (internally, GPG_ERR_BLACKLISTED_DIGEST or the like).
>
> The name of the erro code is too specific. GPG_ERR_DISABLED_DIGEST is
> better; if you like the error message may say "...disabled or blacklisted".
Can you explain what the problem is with having a more-specific error
code? We're talking about introducing new semantics in gpg already.
Why not have an error code that specifically refers to those semantics?
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20090507/ff61d541/attachment.pgp>
More information about the Gnupg-devel
mailing list