Nicholas Cole npcole at yahoo.co.uk
Thu Sep 21 16:41:32 CEST 2006

--- "Robert J. Hansen" <rjh at sixdemonbag.org> wrote:
> For whatever it's worth, some critics of OpenPGP
> point to the lack of a
> hash function firewall in DSA and DSA2 keys as a big
> unresolved security
> issue.  These critics are of the opinion the RSA
> signature specification
> is better-defined.  While I haven't looked at the
> spec enough to see if
> DSA2 still lacks a hash function firewall, the
> criticism should probably
> be brought up and considered, especially if you're
> thinking of migrating
> your key to a different signature algorithm.

Dear Robert,

Thanks for this.  What is a "hash function firewall",
for those of us who are mere mortals? :)



Inbox full of spam? Get leading spam protection and 1GB storage with All New Yahoo! Mail. http://uk.docs.yahoo.com/nowyoucan.html

More information about the Gnupg-users mailing list