On the advisability of stronger digests than SHA-1 in OpenPGP certifications [was: Re: riseup.net OpenPGP Best Practices article]
Robert J. Hansen
rjh at sixdemonbag.org
Fri Jun 27 00:07:18 CEST 2014
On 6/26/2014 5:57 PM, Daniel Kahn Gillmor wrote:
> PGP 8 was released over a decade ago, that's hardly a modern
And yet, it still conforms (largely) to RFC4880. Methinks you're
objecting because it's a largely-conforming implementation that doesn't
have good support for SHA256. ;)
> In what ways is its support for SHA-256 limited? I'm having a hard
> time finding documentation for it.
If I recall correctly, it can understand SHA-256 but not generate
SHA-256. SHA-256 generation support was added late in the 8.x series,
but earlier 8.x releases could understand it.
> How many people use it?
It's not as if there are Nielsen ratings for these things. All I can do
is say that I still regularly encounter it when I talk to people about
PGP. For instance, I know of one law firm that purchased a site license
for 8.x and refuses to upgrade, since the more recent editions cost a
fortune in per-seat licenses and have very little in the way of new
> Why should anyone cater to users of PGP 8.x in 2014 when we have an
> opportunity to provide a stronger cryptographic baseline for everyone
Because there are still people using it.
Remember, GnuPG also supports most of RFC1991 because we've got a large
base of PGP 2.6 users who are refusing to upgrade...
More information about the Gnupg-users