Looking for Elgamal sign+encrypt key information
David Shaw
dshaw at jabberwocky.com
Mon Mar 15 19:51:46 CET 2004
On Sun, Mar 14, 2004 at 12:29:56PM -0700, Kurt Fitzner wrote:
> The statement that Elgamal is obsolete leaves the impression that
> the thought is that it is DSA which is making it obsolete, and this
> distinctly troubles me.
I wouldn't say that. I think it's more accurate to say that RSA
signatures obsoleted Elgamal signatures. At the time that Elgamal
signatures were added to the OpenPGP standard (and to GnuPG), RSA was
patented and could not be freely used. Now that the RSA patent has
expired, there is very little point to Elgamal signatures.
> As a user, I would urge that GnuPG's goal be to provide
> functionality for as much of OpenPGP as possible. GNU software in
> general has always, to me, represented choice. I liked the fact
> that, while Elgamal keys were not encouraged, that the functionality
> was included. Include the ability, and let the user make the
> choice.
I think that while lots of choice is a laudable goal, it has to be
balanced - especially in security related programs - with some
conservatism as to algorithms.
Note that the upcoming revision to the OpenPGP standard does not
include Elgamal signatures.
David
More information about the Gnupg-users
mailing list