[Top] [All Lists]

Re: algorithm IDs

2008-06-20 01:34:53

On Fri, 20 Jun 2008 00:15, rabbi(_at_)abditum(_dot_)com said:

I really don't like OIDs, given the potential for format-based attacks
that they introduce, but we're already using them anyway. I would like to
see them phased out by v5 though.

You assume arbitrary OIDs. I am talking about changing a one byte value
to a multi byte value.  They both get assigned by IANA for OpenPGP use
and thus it does not make a difference.

How was PGP 7.5 handling this? Just one specified curve, or?

I don't know about PGP 7.5.

The practical problem with DSA 2048 is that you create a key, ask people
to sign it and the majority of people are not able to sign it because
there software can't handle that.  We do not have a way to specify
preferences for algorithm lengths (that would in theory only be possible
for subkeys).



Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.