SHA-1 recommendations
David Shaw
dshaw at jabberwocky.com
Tue May 19 01:24:17 CEST 2009
On May 18, 2009, at 1:49 PM, Daniel Kahn Gillmor wrote:
> On 05/18/2009 01:21 PM, David Shaw wrote:
>> Understood, but I believe the quote from me that was used was from
>> that
>> context, so I wanted to make that context clear. I don't really
>> favor
>> this sort of "here's how to transition everyone" document.
>
> I think that Robert started the document in an attempt to address your
> earlier concern that there was a lot of bad advice floating around on
> the 'net:
>
> http://lists.gnupg.org/pipermail/gnupg-devel/2009-May/025054.html
>
> Are you saying that you think such a document is a bad idea in
> general,
> and you'd never consider endorsing such a thing?
"Never" is perhaps too strong, but in for this particular issue, yes,
I do think it's a less than good idea. It puts forth a confusing
message where GPG says one thing, but this additional document says
something else. If I felt that these sorts of actions were necessary,
I'd argue to change the defaults in GPG and not use a secondary
document at all.
> Is there a better way to address the legitimate concern you've raised?
The documents I've seen thus far all seem to read (with varying levels
of severity) "You're at risk. Do this to not be at risk any longer."
I'd prefer a document that says "We think you're fine if you do
nothing. If we thought you were at risk, we'd take action. We're
happy to teach you about the issues so you can determine for yourself
whether you agree with us or not." Which raises the question why a
document is needed, since that's the normal case for GPG.
I don't know how that concern can be addressed, really. I think there
is fairly substantial disagreement on how severe the problem is, which
is a fine thing as it makes people re-examine what they do believe,
but it also makes it hard to come up with a document that would make
everyone happy.
>> Not all users of OpenPGP use the keyservers or even participate in
>> the
>> web of trust. It's also used in various environments where keys are
>> traded manually.
>
> True. For those who do not participate in the WoT, the choice of
> cert-digest-algo is irrelevant, though (they don't interpret
> certificates at all), so we can ignore those people in this
> consideration.
That is unfortunately not true. Just because they don't make their
keys part of the public web of trust doesn't mean they don't certify
each other.
David
More information about the Gnupg-devel
mailing list