[Top] [All Lists]

PGP PKI? (Was: The case against ElGamal signatures in PGP)

1998-06-02 17:12:44

In <98Jun2(_dot_)182029edt(_dot_)43010(_at_)brickwall(_dot_)ceddec(_dot_)com>, 
on 06/02/98 
   at 06:18 PM, dontspam-tzeruch(_at_)ceddec(_dot_)com said:

Maybe that would work, if we can keep ElGamal from entering the PGP PKI.
I would rather extend DSA as soon as we can find a suitable hash.  But
let's not hold up the spec to do it.  It will take a while to find a good 

How about "Algorithms that are not 'MUST' or 'SHOULD' SHOULD NOT be
entered into the PGP PKI".  This is perfectly reasonable - you wouldn't
want experimental algorithms widely published, nor keys that are rarely
implemented.  Since ElGamal is MAY, keyservers SHOULD NOT accept them.

I think this addresses your concerns with the least disruption.

Ok guys,

I was unable to make the LA meeting and this is the first I have heard
anything about a PGP PKI.

Who is working on this? What information is available on this, who is
working on this, how far along has design gone and why hasn't this been
brought up on this list before now? IMHO if a PKI is being desinged then
this MUST be disscused on the list (or a seperate list) now not 6mo. from
now after a draft has been presented.

Now as far as not allowing ElGamal signatures IMHO if they are valid under
the OpenPGP RFC I don't see how you can exclude them from the PKI.

- -- 
- ---------------------------------------------------------------
William H. Geiger III
Geiger Consulting    Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 5.0 at:
- ---------------------------------------------------------------
Tag-O-Matic: Speed Kills - Use Windows!

Version: 2.6.3a-sha1
Charset: cp850
Comment: Registered_User_E-Secure_v1.1b1_ES000000