On the advisability of stronger digests than SHA-1 in OpenPGP certifications

Johannes Zarl johannes at zarl.at
Sat Jun 28 14:11:40 CEST 2014

On Saturday 28 June 2014 08:09:10 Johan Wevers wrote:
> On 28-06-2014 0:31, Johannes Zarl wrote:
> > The way I see it compatibility between those two groups is a non-issue -
> > they simply don't exchange messages.
> Why not?

My assumptions were as follows:
 - When exchanging messages with untrusted parties it's a Bad Idea(tm) to use 
unmaintained software that is vulnerable to attacks.
 - PGP 8 is unmaintained software and must be assumed to be vulnerable to 
attacks (we know how many security related bugs gpg saw in the last 12 years)
 - Corporate environments do often use legacy systems, but are usually risk-
aware and isolate vulnerable systems.

I therefore assumed that PGP 8 is only used in closed environments, where the 
risk is manageable.

I assumed it is just the same as with, say Internet Explorer 6: Since many 
intranet applications depend on it, is is still used - it is a sensible 
business decision for some companies to do so. Browsing the web using IE6 on 
the other hand is something no corporate environment would allow.

If the lawyer example is a fitting one, then I guess I have an error in my 

If I communicate with someone who must use PGP 8, anything stronger than 
1024bit RSA, SHA1 and 3DES is probably wasted effort, anyways.


More information about the Gnupg-users mailing list