howto secure older keys after the recent attacks

David Shaw dshaw at
Fri Sep 11 04:46:34 CEST 2009

On Sep 10, 2009, at 6:32 PM, Christoph Anton Mitterer wrote:

>> The people behind OpenPGP are working on a new OpenPGP proposal that
>> will use a stronger, better hash algorithm.
> Have workings on an 4880 successor already started?

No, at this point things are mainly being proposed as *additions* to  
4880.  The first of these to reach completion is RFC-5581, which added  
the Camellia cipher to OpenPGP (it's in 1.4.10, incidentally, but you  
need to opt-in by adding it to your key prefs before it will be  
used).  Another addition would be ECC support, or the SHA-1 free key  

> Perhaps some of you (David?) remember the discussion that took place
> here and on the WG list some time ago about things like:
> - how criticality and critical bit could be handled much stricter
> - potential problems that arise because conforming implementation are
> only recommended to ignore signatures of an older time (especially
> self-sigs).
> - some other places where OpenPGP could (and for security reasons
> perhaps should) be more strict and demanding to (conforming)
> implementations
> - Ideas for much broader use of attributes (different types of names,
> birth-dates, -places, sex, etc. etc.)
> So I wonder who's doing the (main) work for the writing this time? And
> is there perhaps a wiki or so, where one could collect such  
> suggestions?

The place for all such suggestions is the IETF OpenPGP working group:


More information about the Gnupg-users mailing list