DSA2

Robert J. Hansen rjh at sixdemonbag.org
Fri Sep 29 15:26:55 CEST 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

David Shaw wrote:
> It's interesting you mention PGP 2.6.  The main "problem", such as it
> is, with 2.6 is that there wasn't a problem with it.  It's a familiar
> (though somewhat tongue in cheek) refrain in the OpenPGP WG and among
> OpenPGP developers that it's too bad PGP 2.6 was never broken so
> people would just stop using it and upgrade already.

That's exactly what I was referring to.  :)

To the extent people have migrated from 2.6, they've mostly migrated for
reasons other than need.  That doesn't mean the effort put into making
GnuPG is for naught, or that there's no point in migrating from
ClassicPGP to OpenPGP.  It just means we're doing so for reasons other
than need.

People have emotional attachments to software.  Look at how much flamage
goes on over the One True Editor[*] and the hellfire and perdition
awaiting the infidel unbelievers.  Best we can hope for is that to the
extent we're going to be unreasonable, we'll at least _know_ we're being
unreasonable.

The lack of a hash function firewall in DSA keys gives me the
heebie-jeebies.  This is why I use an RSA key, and recommend new keys
use RSA.  Sure, the long-term risk to DSA keys from the lack of a hash
function firewall is probably minimal, but it still gives me the
heebie-jeebies.

It's easy for me to get rid of the heebie-jeebies: just don't use DSA.
So I don't.

Anyway, I get the idea I'm (a) waxing philosophical and (b) far
off-topic for GnuPG-devel.  So unless there's mad interest in what I've
said here, I'll just step out now.  :)





[*] TextMate, of course!  http://www.macromates.com.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEcBAEBCAAGBQJFHR8fAAoJELcA9IL+r4EJIGcH/2fbjYEPQTWBuc0shZ/vVyjc
N30NSUHnw1tOogkepA4coMJvAofzFufojxeoNG4ukVuJRjsLcWwYXaLqr2mz6v9f
hgxBMPYvcBgxeJME59l78S6mYBBcRchH5N6rLzAsayz6JOsy0bCDwEVfuNIml3O2
M2rOh7Neq8i2xsR+Dy0Fbg/DmLtqqKp9KrULqmlf+wdhGAtrRqS/nH95rhOgj3j3
8z2dqtTpdl1GY7ukMgpYnfQ7twXKu2PgFe+RB6PszS9ovweC0c3LMQYkw3XGejcz
45+Bs1ZmZYLGmafpzT8jepOeJyQgHZGw8qFCUH1cTEJ2fo4HTkfCUoc8x8a2neM=
=G9s6
-----END PGP SIGNATURE-----



More information about the Gnupg-devel mailing list