Re: [Sam Hartman] Openpgp comments

Werner Koch <wk@gnupg.org> Tue, 19 September 2006 09:17 UTC

Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GPbjC-000298-HD for openpgp-archive@lists.ietf.org; Tue, 19 Sep 2006 05:17:18 -0400
Received: from balder-227.proper.com ([192.245.12.227]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GPbjA-0003E1-5v for openpgp-archive@lists.ietf.org; Tue, 19 Sep 2006 05:17:18 -0400
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k8J8mSNJ035098; Tue, 19 Sep 2006 01:48:28 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id k8J8mSgC035097; Tue, 19 Sep 2006 01:48:28 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [217.69.77.222]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k8J8mQda035089 for <ietf-openpgp@imc.org>; Tue, 19 Sep 2006 01:48:27 -0700 (MST) (envelope-from wk@gnupg.org)
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.50 #1 (Debian)) id 1GPbPP-0001BC-2V for <ietf-openpgp@imc.org>; Tue, 19 Sep 2006 10:56:51 +0200
Received: from wk by localhost with local (Exim 4.62 #1 (Debian)) id 1GPbDS-0000Sq-Kb; Tue, 19 Sep 2006 10:44:30 +0200
From: Werner Koch <wk@gnupg.org>
To: Jon Callas <jon@callas.org>
Cc: OpenPGP <ietf-openpgp@imc.org>
Subject: Re: [Sam Hartman] Openpgp comments
References: <sjmd59txlnv.fsf@cliodev.pgp.com> <1CF1EBF5-1C5A-4ACE-A489-10ED8D9BD31C@callas.org>
Organisation: g10 Code GmbH
OpenPGP: id=5B0358A2; url=finger:wk@g10code.com
Date: Tue, 19 Sep 2006 10:44:30 +0200
In-Reply-To: <1CF1EBF5-1C5A-4ACE-A489-10ED8D9BD31C@callas.org> (Jon Callas's message of "Mon, 18 Sep 2006 17:39:14 -0700")
Message-ID: <8764fkb5zl.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.110006 (No Gnus v0.6)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: cf4fa59384e76e63313391b70cd0dd25

On Tue, 19 Sep 2006 02:39, Jon Callas said:

> So -- my question for the WG: Is this alright with you? I want to get
> 2440bis done. I think that answers the perception that SHA-1 isn't
> good enough, without causing us to do a lot of work. If y'all think

I concur with your reasoning to stay with SHA-1 and to allow (MAY) for
a v2 MDC packet using SHA-256.  If you have some text to explain for
what we use the MDC it would be good to see it in the security notes.


Shalom-Salam,

   Werner