Ian Bell <ianbell(_at_)turnpike(_dot_)com> writes:
[micalg parameter doesn't contain all information to precompute the hash]
I feel that 3) is the most satisfactory fix to the problem, but that at
least 1) is incorporated into the draft before it is sent to last call.
Or 4): Drop the micalg parameter. This will make one-pass processing
impossible, but I doubt that it's worth the trouble (unless the
theoretical possibility of one-pass processing is required by some
MIME standard). Future revisions of the OpenPGP message standard
might specify additional hash algorithms (which might even require
some parameters); OpenPGP implementators might want to use proprietary
algorithms, and so on. Synchronizing OpenPGP-MIME with these
developments is not very complicated, but I think the benifit of
having a micalg parameter is even too small for that.
--
Florian Weimer
Florian(_dot_)Weimer(_at_)RUS(_dot_)Uni-Stuttgart(_dot_)DE
University of Stuttgart http://cert.uni-stuttgart.de/
RUS-CERT +49-711-685-5973/fax +49-711-685-5898
http://ca.uni-stuttgart.de:11371/pks/lookup?op=get&search=0xC06EC3B5