cert-digest-algo clarification

Robert J. Hansen rjh at sixdemonbag.org
Thu Jul 12 18:34:49 CEST 2012 

(Many people on this list have passionate feelings about HTML email.  I
understand these feelings and sympathize, but sometimes HTML is very
useful for drawing particular attention to text.)


> Thx for this explanation.

You're quite welcome.

> Is the "personal-digest-preferences" shown in the public key? Is this
> preference list something others can see (how do I make it appear in
> the public key)? If it is not displayed in the public key, I don't
> understand what good it is or how/where it would get used.

Things will become more clear if you actually do the gpg invocation I
mentioned earlier.  :)  For instance, this is what happens when I type
gpg --edit-key 0xD6B98E10 showpref.  There's a lot of spam in the
output, but the relevant stuff is relatively easy to find and is in
boldface.  (If you want to follow along yourself, just gpg --keyserver
pool.sks-keyservers.net --recv-key 0xD6B98E10, and then run the gpg
--edit-key command.)

------------------------------------------------------------------------

[rjh at isaiah ~]$ gpg --edit-key 0xD6B98E10 showpref
Secret key is available.

pub  2048D/D6B98E10  created: 2008-07-30  expires: never       usage: SC 
                     trust: ultimate      validity: ultimate
sub  2048g/001892C2  created: 2008-07-30  expires: never       usage: E  
[ultimate] (1). Robert J. Hansen <rob at enigmail.net>
[ultimate] (2)  Robert J. Hansen <rjh at sixdemonbag.org>
[ultimate] (3)  Robert J. Hansen <rob at mozilla-enigmail.org>
[ultimate] (4)  [jpeg image of size 14285]
[ultimate] (5)  Robert J. Hansen <rjh at secret-alchemy.com>
[ultimate] (6)  Robert J. Hansen <robert.hansen at redjack.com>

[ultimate] (1). Robert J. Hansen <rob at enigmail.net>
     *Cipher: TWOFISH, BLOWFISH, CAMELLIA256, CAMELLIA192, CAMELLIA128,
AES256, AES192, AES, 3DES, CAST5
     Digest: SHA256, SHA224, SHA384, SHA512, RIPEMD160, SHA1, MD5
     Compression: BZIP2, ZIP, ZLIB, Uncompressed
    * Features: MDC, Keyserver no-modify
[ultimate] (2)  Robert J. Hansen <rjh at sixdemonbag.org>
    *Cipher: TWOFISH, BLOWFISH, CAMELLIA256, CAMELLIA192, CAMELLIA128,
AES256, AES192, AES, 3DES, CAST5
     Digest: SHA256, SHA224, SHA384, SHA512, RIPEMD160, SHA1, MD5
     Compression: BZIP2, ZIP, ZLIB, Uncompressed*
     Features: MDC, Keyserver no-modify
[ultimate] (3)  Robert J. Hansen <rob at mozilla-enigmail.org>
     *Cipher: TWOFISH, BLOWFISH, CAMELLIA256, CAMELLIA192, CAMELLIA128,
AES256, AES192, AES, 3DES, CAST5
     Digest: SHA256, SHA224, SHA384, SHA512, RIPEMD160, SHA1, MD5
     Compression: BZIP2, ZIP, ZLIB, Uncompressed*
     Features: MDC, Keyserver no-modify
[ultimate] (4)  [jpeg image of size 14285]
     *Cipher: TWOFISH, BLOWFISH, CAMELLIA256, CAMELLIA192, CAMELLIA128,
AES256, AES192, AES, 3DES, CAST5
     Digest: SHA256, SHA224, SHA384, SHA512, RIPEMD160, SHA1, MD5
     Compression: BZIP2, ZIP, ZLIB, Uncompressed*
     Features: MDC, Keyserver no-modify
[ultimate] (5)  Robert J. Hansen <rjh at secret-alchemy.com>
     *Cipher: TWOFISH, BLOWFISH, CAMELLIA256, CAMELLIA192, CAMELLIA128,
AES256, AES192, AES, 3DES, CAST5
     Digest: SHA256, SHA224, SHA384, SHA512, RIPEMD160, SHA1, MD5
     Compression: BZIP2, ZIP, ZLIB, Uncompressed*
     Features: MDC, Keyserver no-modify
[ultimate] (6)  Robert J. Hansen <robert.hansen at redjack.com>
    *Cipher: TWOFISH, BLOWFISH, CAMELLIA256, CAMELLIA192, CAMELLIA128,
AES256, AES192, AES, 3DES, CAST5
     Digest: SHA256, SHA224, SHA384, SHA512, RIPEMD160, SHA1, MD5
     Compression: BZIP2, ZIP, ZLIB, Uncompressed*
     Features: MDC, Keyserver no-modify

------------------------------------------------------------------------

If you import my certificate and play along at home, you'll see that
embedded in my certificate is a list of what ciphers my implementation
is capable of supporting.  Since all the ciphers used in GnuPG are
believed to be safe and secure, I see no reason to omit any of them.  If
you were to send me encrypted data, your GnuPG implementation would know
that "I /may/ use any of my algorithms to encrypt traffic for Rob, but
he /most prefers/ TWOFISH traffic and /least prefers/ CAST5 traffic." 
(For ciphers, 3DES is a mandatory entry: if you do not explicitly put it
somewhere in the list, it appears at the end.) [1]

It's similar, but slightly different, with the digests.  I dislike
SHA-1, but I dislike MD5 even more.  I don't want to forbid people from
sending me MD5-signed messages, because there's really no point to it:
if I get a message that's signed using MD5, I'm just going to treat it
as if it's not signed at all.  Including MD5 doesn't hurt me.  Since I
really dislike MD5, I list it at the very end.  Since I dislike SHA-1
almost as much, it's right there by MD5.  (Just as there's a mandatory
cipher, SHA-1 is a mandatory digest entry: if you do not explicitly put
it somewhere in the list, it appears at the end.)

Compression algorithms, likewise.  BZIP2 gives better compression, ZIP
and ZLIB are comparable compression-wise, uncompressed gives no
compression, so I rank them in that order.  ('Uncompressed' is the
mandatory compression entry here.)

So, if you go back to GnuPG and type gpg --edit-key [your key ID]
showpref, you should be able to see what capabilities you're advertising
to the world.  And assuming your correspondents are using PGP or GnuPG,
your correspondents will be treating this capability set as a preference
list and will prefer to use higher-ranked algorithms.





[1] Before you ask, "Why do you prefer Blowfish over Camellia256?" or
anything like that, well --- I don't.  Remember, this is fundamentally a
/what ciphers will I permit someone to use?/ list, and secondarily a
/what ciphers do I prefer?/ list.  There is no real preference order
here.  All of these ciphers are so ludicrously strong that I think it's
kind of crazy to have passionate feelings about one being better than
another.  It's sort of like getting into a passionate argument about
whether King Kong, Godzilla, Mechagodzilla, Moth-Ra or the aliens from
/Independence Day/ are the best at urban demolition.  I mean, sure,
technically I'm sure there's some answer there, but the reality is (a)
people are handwaving what it means to be the "best at urban
demolition," (b) any of the five could take the title depending on how
one defines "best," and (c) I don't have time to waste on that nonsense.  :)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20120712/f23a03dc/attachment.htm>

More information about the Gnupg-users mailing list