John Gilmore writes:
Before considering standardization of DSA as an algorithm for signing
email in PEM, shouldn't we address the concerns about subliminal
channels in DSA-signed messages, brought out by Gus Simmons at
Eurocrypt and before?
I would not even allocate an algorithm identifier for it, since that
will just encourage people (who don't know better) to use it.
Seems to me this is a strange request from someone who recommends that
we not become embroiled in debates over such questions as "What is the
maximum number of angels that can dance on the head of a pin?" :-)
This question about the DSA is really just one about the source of the
random numbers. Same question comes up in generating DES keys for use
with RSA, or in generating RSA keys. Either they are being cooked up
with some ulterior motive or they're not. Either way, these are issues
that potential customers need to have addressed by their *suppliers*.
Not by the PEM standards folks.
Michael
----------
Michael J. Markowitz, VP R&D
markowitz(_at_)dockmaster(_dot_)ncsc(_dot_)mil
Information Security Corp. 708 405-0500, fax: 708 405-0506
1141 Lake Cook Rd., Suite D MCI: 363-1959
Deerfield, IL 60015 CIS: 76206,2617