On Tue, 16 Sep 1997, William H. Geiger III wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hi,
I forgot to add an important issue that can be addressed by the
e-mail<=>PGP Key lookup list.
With PGP 5.0's ability to uses multiple encryption/hash algortihms the
need has arose to be able to set the default algortihms to be used by an
application for a given e-mail address. This can be accomplished by adding
an extra field in the lookup list.
Things like:
-- Owner of address is using 2.6.x therfore RSA/MD5 signatures should
only be used.
This is the main thing necessary since it would be theoretically valid to
use RSA/MD5 with new PGP 5.0 specific formats (such as the Hash: in the
armored files and the new CTB and length format).
-- Owner of address is using 5.0 but would prefer that RSA/MD5 be used.
-- Owner of address has 5.0 but would prefer that RSA/SHA1 be used.
... and so on and so forth.
There is already a field in the new signature type packet that indicates
the preferred conventional cipher. My notes don't indicate that there is
any yet defined for preferred PK cipher, but I think I remember seeing a
preferred hash, though it might have been disabled since DSS requires
SHA1, and RSA needs MD5 for backward compatibility.
A final field would be the preferred signature algorithm, RSA, DSS, or
ElGamal if they can get that working securely.
--- reply to tzeruch - at - ceddec - dot - com ---