[Top] [All Lists]

Re: Message Integrity

1999-04-22 16:28:01

Tom writes:
On Thu, 22 Apr 1999, Adam Back wrote:

I also like Tom's suggestion of using algorithm ID 0 for signature.
Adds conotations of "no signature algorithm".  Nice.  Why don't you
try implementing that in your PGP implementation Tom?  It should come
out as fewer lines, and simpler code than the other method.

The patch is now 83 lines affecting 3 files (sigchk sigmak elitmk).  I
think the DER version would be a few more, and it took less than 30


I am using a keyid of zero to trigger the MIC mode (internally I
derive the algorithm from the keyid, but I could a flag or something

Wasn't keyid of all 0s already reserved for another purpose.  I seem
to recall a discussion by Hal and others some time back about reducing
the number of keyid bits to reduce identity leakage.  Ultimately this
came down to having an empty keyid, where the recipient would have to
check on private keys on their key ring sequentialy to discover which
one to use.

I don't know the outcome of this old discussion.  Did the variable
length keyid go beyond discussions?

Don't you use the algorithm ID (1 = RSA, 2 etc) as the item in the
switch statement in your existing code?  Couldn't you then use alg ID
= 0 for no sig?