ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Finalizing OpenPGP/MIME?

2001-01-25 04:05:51
from [山本和彦] [Permanent Link] 
Werner, 

From: Werner Koch <wk(_at_)gnupg(_dot_)org>
Subject: Re: Finalizing OpenPGP/MIME?


However, it is pretty easy to set micalg to the correct value, given
that


This is incorrect.


a) it should nearly always be SHA1 today


Yes, but not 100%. It is difficult for PGP/MIME UAs, which don't know
PGP format, to set a CORRECT value to the micalg parameter in all
cases.

This is why I asked you to add the feature to GNUPG, that tells hash
function types to UAs so that the UAs can set them to the micalg
parameter. (Thank you for your implementation.)

Unfortunately, to my best knowledge, other PGP implementations don't
have such a feature. So, many PGP/MIME UAs tend to either
1) set a fix value (pgp-sha1 for example) to the micalg parameter
or
2) reply on PGP/MIME functionality of the PGP implementations.

I know this is not a PGP/MIME issue but a Multipart/Security issue.

And I would like to know how should Multipart/Security UAs treat a
received Multipart/Security message if the micalg parameter is
inconsistent with the hash function actually used.

--Kazu
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Finalizing OpenPGP/MIME?, Florian Weimer
Next by Date:  Re: Finalizing OpenPGP/MIME?, Werner Koch
Previous by Thread:  Re: Finalizing OpenPGP/MIME?, Werner Koch
Next by Thread:  Re: Finalizing OpenPGP/MIME?, Werner Koch
Indexes:  [Date] [Thread] [Top] [All Lists]