RE: micalg semantics and use

So I gather from your approach, you'd be OK with simple micalg
parameters like SHA-1 and MD5.


Sure would. Frankly, I think we botched it when we assigned pgp-md5. While
it is true that PGP adds stuff to the signature calculation besides the
signed data, I think a better course of action would have been to simply
note that this is in fact the case, that the signature state should
be passed to the signature verifier without being finalized, and we should
have stuck with md5 (or sha-1 or whatever digests PGP is now using).

                                Ned

<Prev in Thread]	Current Thread	[Next in Thread>
micalg semantics and use, Blake Ramsdell Re: micalg semantics and use, Ned Freed RE: micalg semantics and use, Steve Dusse RE: micalg semantics and use, Ned Freed <= RE: micalg semantics and use, Blake Ramsdell RE: micalg semantics and use, Paul Hoffman / IMC RE: micalg semantics and use, Steve Dusse

Previous by Date:	RE: application/mime and binary data, Laurence Lundblade
Next by Date:	RE: micalg semantics and use, Blake Ramsdell
Previous by Thread:	RE: micalg semantics and use, Steve Dusse
Next by Thread:	RE: micalg semantics and use, Blake Ramsdell
Indexes:	[Date] [Thread] [Top] [All Lists]