[PGP-USERS] Re: ADK Bug: Statement from cert.org.

Werner Koch wk@gnupg.org
Fri, 25 Aug 2000 12:33:44 +0200


[Sam, feel free to forward this to the PGP list - I am not subscribed]

On Fri, 25 Aug 2000, Simpson, Sam wrote:

> GPG already won't encrypt to ADK keys so it's a good alternative and I have
> every confidence that Werner Koche is currently working on a version of GPG
> that is at anti-ADK as possible. This won't help existing NAI/PGP users
I can't do much more than to ignore ADK, which was easy because I didn't know the format of this packages (I did some investigations today and GnuPG should now be able to *list* them using the --list-packets command). I don't think that it makes sense to issue a warning "ADK key ighnored" when a recipient has an ADK key - this may just confuse users more.
> implement a clean, simple and non complex mail security standard rather than
> producing a v5 specification that forces implementers to jump through more
> hoops for the sake of backwards compatibility. Werner: what's your take on
> the best way forward?
The current OpenPGP specification together with the proposed MDC feature (which is a countermeasure against the Katz/Schneier attack on all email encryption protocols) is a reasonable and working standard. We should try to get this one to IETF draft status as soon as possible. We have already reserved identifiers for the AES and we can probably easy agree on a DSA using SHA-2 without running through the whole RFC process. Werner -- Werner Koch GnuPG key: 621CC013 OpenIT GmbH http://www.OpenIT.de -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org