At 05:43 PM 4/14/98 -0700, Jon Callas wrote:
Elgamal signatures are large [....] also slow [....]
...
allow a key to be used for both encryption and signatures.
....
Elgmal keys that are used for signing have to have more constraints placed
on them than encryption keys. The keys that PGP 5.x generates are not
suitable for signatures. Some facets of this are a serious consideration;
I think tzeruch's position should dominate, that if you make
ElGamal signatures a MAY, then all his ElGamal support code is
"just authentication" and therefore exportable.
Accepting ElGamal signatures may be more important than
creating them, and implementations that create ElGamal keys
MUST (or maybe SHOULD) generate strong keys (or the documentation
should read something analagous to the link(2) manpage,
which says that linking directories can only be done
by root, who is presumed to know what he is doing. :-)
Thanks!
Bill
Bill Stewart, bill(_dot_)stewart(_at_)pobox(_dot_)com
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639