On the advisability of stronger digests than SHA-1 in OpenPGP certifications [was: Re: riseup.net OpenPGP Best Practices article]

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Jun 26 23:57:57 CEST 2014


On 06/26/2014 05:45 PM, Robert J. Hansen wrote:
> On 6/26/2014 2:25 PM, Daniel Kahn Gillmor wrote:
>> If you know of a modern OpenPGP implementation that supports SHA-1 but
>> not SHA-256 or SHA-512, please point it out (and no, creating one just
>> to be able to point to it doesn't count :P)
> 
> PGP 8.x, which is still in use today by a surprising number of people,
> has limited support for SHA-256 and none at all for SHA-512.


PGP 8 was released over a decade ago, that's hardly a modern implementation:

 http://www.pgpi.org/news/

In what ways is its support for SHA-256 limited?  I'm having a hard time
finding documentation for it.

How many people use it?  Can you share where you got your "surprising
number" reference?   Are there software vulnerabilities in it or any
support or maintenance at all?

To paraphrase Werner elsewhere in this thread: The more important case
is to read security announcements and update your OpenPGP implementation.

Why should anyone cater to users of PGP 8.x in 2014 when we have an
opportunity to provide a stronger cryptographic baseline for everyone else?

	--dkg



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1010 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20140626/a1e82cbc/attachment.sig>


More information about the Gnupg-users mailing list