[Top] [All Lists]

Removing Elgamal Sigs

2004-03-16 09:35:37

Since sending in -10, I have removed Elgamal signatures (it was the next thing on my list to do).

Section 9.1 now says:

       20         - Reserved (formerly Elgamal Encrypt or Sign)

I put this in 12.6, on reserved identifiers:

   Previous versions of OpenPGP permitted Elgamal [ELGAMAL] signatures
   with a public key identifier of 20. These are no longer permitted.
   An implementation MUST NOT generate such keys. An implementation
   MUST NOT generate Elgamal signatures.

(I also removed the reference to DES/SK in 12.6, this should have been done long ago.)

I thought about adding more text into 12.6 about what to do with an existing key or signature, but didn't add anything. The reason is that I think it should be just fine for an implementation to treat 20 the same way as any other illegal or reserved identifier, and also just fine for an implementation to migrate keys, verify signatures but alert that they're possibly forged, or any other reasonable thing. Consequently, the less said the better. Simplify, simplify.


<Prev in Thread] Current Thread [Next in Thread>
  • Removing Elgamal Sigs, Jon Callas <=