* Florian Weimer wrote:
Lutz Donnerhacke wrote:
I'd like to oppose. ElGamal signatures are still useful,
Useful for what?
I prefer more than one algorithm for a given task. That's all.
My personal opinion is not relevant to the removal of this packet type.
objections to its design process), but this is no longer a convincing
justification since we now have RSA at our disposal.
Do we use RSA right? Requiring SSP?
Are you confident that no additional implementation traps will
discovered? With RSA, I have some confidence that the most important
things are properly documented, but ElGamal signatures appear to be much
more problematic. Please keep in mind that this is the second case of
such an implementation trap for the ElGamal signature scheme.
There are a lot of listed RSA attacks, too.