-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thu, Jun 26, 2003 at 08:18:30AM +0200, Werner Koch wrote:
On Wed, 25 Jun 2003 12:26:37 -0700, Hal Finney said:
can issue signatures just fine, even if they don't usually do so; and the
same with ElGamal encryption subkeys. We have loaded up the spec with
warnings about ElGamal signatures, but in fact those warnings mostly
relate to chosen plaintext attacks. In this case it is the key owner
A practical problem with ElGamal signatures is that verification is
really slow.
True. I rather like Hal's suggestion to do back-signatures for all
keys, but I wouldn't make it a requirement. We MUST do it for signing
subkeys to avoid the security problem, but why not make it a MAY for
any other key that someone cares to use it on.
David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3rc1 (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc
iD8DBQE++1va4mZch0nhy8kRAn9jAKCtNSxqdxZ61ggMBjQ69F+oDZSR2wCg0okU
RMRmR5m8aqMUsrAZpz9YyfU=
=JCN2
-----END PGP SIGNATURE-----