Lack of backwards compatability?
David Shaw
dshaw at jabberwocky.com
Fri Oct 14 00:14:01 CEST 2005
On Mon, Oct 10, 2005 at 09:09:59PM +0930, Alphax wrote:
> Some old versions of GPG (1.0.x?) had support for the TIGER192 hash, but
> this was later removed when it was dropped/rejected from the OpenPGP
> standard.
>
> However, these versions of GPG (and possibly some versions of PGP as
> well) are still able to produce signatures using the TIGER192 hash
> algorithm, with no way to verify them in the current version of GPG.
>
> Is it possible to add the capability to verify signatures made with this
> hash? The fact that prior versions were able to create such signatures
> but newer versions are not able to verify them really breaks backwards
> compatability standards.
TIGER192 is not part of OpenPGP. Sometimes it's less painful to rip
the bandage off all at once than it is to pull. it. off. really.
really. slowly.
GnuPG dropped TIGER192 in 2003. Re-adding it now would be a step
backwards in pulling that bandage off.
David
More information about the Gnupg-users
mailing list