[Top] [All Lists]

Re: Preparing a new draft...

2001-08-21 03:38:04

On Mon, 20 Aug 2001 14:15:13 -0700, Jon Callas said:

Oh, yes, yes, yes. They are optional. The mandatory algorithms will not
change from 2440. They are, however, needed to balance with the newer
ciphers, or public keys bigger than 1024 bits.

Can you check that we don't have 1024 bit limit for DSA keys in

Yeah, I know you did, and I still think it's a hack. A clever hack, but a
hack. But hey, that's the difference between a standard and an
implementation. You're perfectly free to do that.

Yeah.  And it is good that it is just a SHOULD rule ;-)

I don't know, though, that will ever make the use of MDC mandatory. That
would break backwards compatibility with anything that's gone before you.

Okay.  An implemenation can print a warning if a non MDC is used.

I'm still incredulous that there are people who steadfastly cling to 2.6!
At HAL2001, there were people who *still* adamantly insist that 2.6 is the
only trustworthy PGP version. I don't get it, but I respect it. And hey,

I know and can't count the mails I wrote on the interoperability
problems due to no IDEA in GnuPG and to explain the advantages of
OpenPGP :-(

would howl if we did. If we want to move to that as a goal, step one is to
deprecate 2.6.

And of equal importance is to use PGP/MIME.


Werner Koch        Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH      et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions                                        -- Augustinus

<Prev in Thread] Current Thread [Next in Thread>