On Wed, 22 Aug 2001 15:52:12 -0700, Jon Callas said:
Here's everything I have. If there's something you want me to do and I've
been obtuse, let me know again, and it'll get in. I'm planning on
Did someone else also checked that the OIDs for SHA-xxx are correct?
I am a little bit curious, can you give a rational why the feature
flags are not bit encoded?
What about the Klima/Rosa attack? If this draft is going to be the
next RFC we should do something about it. IIRC, we had not much
discussion about it. The obvious fix would be use a hash instead of
the simple checksum. The problem is how to indicate the use of this
new format.
The correct solution would be to introduce a version 5 of the secret
key packet - this is a major change as we may also want to also
introduce a v5 public key packet for symmetry reasons. I guess this
will break a lot of code.
The hackish solution is to define a new S2K type identical to type 3
(iterated and salted) which would then trigger the use of the new
SHA-1 checksum. It should be made clear that this S2K type is only to
be used for the protection of the secret key and not for conventional
encryption.
I don't like any of these solutions but the latter one is easier to
implement. Any other ideas?
Werner
--
Werner Koch Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions -- Augustinus