With regards to reinstating TIGER, I agree that there is little need
to do anything in crisis mode. Let's give the various discussions
about MD5 and general hash health time to reach some sort of
conclusion. We already have quite a number of hashes other than MD5,
and in V4, SHA-1 is the standard hash anyway. Despite various rumors
to the contrary, SHA-1 was not broken.
That said, the security considerations section of the draft currently
has some language mildly discouraging the use of MD5 ("The MD5 hash
algorithm has been found to have weaknesses (pseudo-collisions in the
compress function) that make some people deprecate its use. They
consider the SHA-1 algorithm better.") Can we make this stronger, and
deprecate MD5 use for OpenPGP in general?
David