RSA // OAEP // SHA-1
avi.wiki at gmail.com
Wed Jan 30 21:35:03 CET 2013
Would it make sense to amend that to add SHA-3?
On 1/30/13, Michel Messerschmidt <lists at michel-messerschmidt.de> wrote:
> On Tue, Jan 29, 2013 at 06:36:25PM -0600, John Clizbe wrote:
>> vedaal at nym.hush.com wrote:
>> > if so, would this fall under the open-pgp RFC, or would it have to go
>> > through an
>> > RSA standard first?
>> RFC 4880 makes no mention of OAEP. RFC 4880 references RFC 3447 for
>> details of
>> RSA implementation.
>> So, from what I can tell, RSA standard first, then OpenPGP by
>> the new RSA standard. THEN, Gnupg.
> Although it is the default, RFC 3447 is not restricted to SHA-1.
> Appendix B actually states:
> "For the RSAES-OAEP encryption scheme and EMSA-PSS encoding method,
> only SHA-1 and SHA-256/384/512 are recommended."
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
Sent from my mobile device
pub 3072D/F80E29F9 1/30/2009 Avi (Wikimedia-related key) <avi.wiki at gmail.com
Primary key fingerprint: 167C 063F 7981 A1F6 71EC ABAA 0D62 B019 F80E
More information about the Gnupg-users