ietf-openpgp
[Top] [All Lists]

Re: Removing Elgamal signatures

2003-12-01 07:45:15

* Werner Koch wrote:
In the light of the recent GnuPG bug, where I accidently used the same
small sized k for signature creation as it is used for encrypting, I'd
very much like to drop the ElGamal signing ability all together from
OpenPGP.  AFAIK, GnuPG is the only implementation with support for
these keys and by now the about 1100 known primary and subkeys should
have been revoked.  Thus there won't be any interoperability problem
anymore.

I'd like to oppose. ElGamal signatures are still useful, despite there is a
charge of signatures with some algorithmic errors. I'd prefer a paragraph
describing the problem and advicing to not use keys of this charge.

If we can't agree on that, I'd suggest to declare type 20 keys to be
Elgamal sign only - this way a new problem with this algorithm will
at least not affect the encryption use.

It's only the parameter k, right? Type 20 keys are not limited to the small
parameter.

<Prev in Thread] Current Thread [Next in Thread>