Re: [Sam Hartman] Openpgp comments

Ian G <> Tue, 19 September 2006 19:37 UTC

Received: from [] ( by with esmtp (Exim 4.43) id 1GPlPH-0001dc-NR for; Tue, 19 Sep 2006 15:37:23 -0400
Received: from ([]) by with esmtp (Exim 4.43) id 1GPlPC-0007mF-AP for; Tue, 19 Sep 2006 15:37:23 -0400
Received: from (localhost []) by (8.13.5/8.13.5) with ESMTP id k8JIt52A095244; Tue, 19 Sep 2006 11:55:05 -0700 (MST) (envelope-from
Received: (from majordom@localhost) by (8.13.5/8.13.5/Submit) id k8JIt5Mj095243; Tue, 19 Sep 2006 11:55:05 -0700 (MST) (envelope-from
X-Authentication-Warning: majordom set sender to using -f
Received: from ([]) by (8.13.5/8.13.5) with ESMTP id k8JIt3t4095217 for <>; Tue, 19 Sep 2006 11:55:04 -0700 (MST) (envelope-from
Received: from [IPv6:::1] (localhost []) by (Postfix) with ESMTP id 368532F0D2 for <>; Tue, 19 Sep 2006 19:54:57 +0100 (BST)
Message-ID: <>
Date: Tue, 19 Sep 2006 20:55:08 +0200
From: Ian G <>
User-Agent: Thunderbird 1.5 (X11/20060317)
MIME-Version: 1.0
To: OpenPGP <>
Subject: Re: [Sam Hartman] Openpgp comments
References: <> <> <> <> <>
In-Reply-To: <>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Precedence: bulk
List-Archive: <>
List-Unsubscribe: <>
List-ID: <>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 082a9cbf4d599f360ac7f815372a6a15

David Shaw wrote:
> On Tue, Sep 19, 2006 at 03:33:30PM +0200, Werner Koch wrote:
>> The more interesting question is what we are going to do about the
>> SHA-1 requirement for a fingerprint and things like designated
>> revokers - this is a more troublesome use of SHA-1. Oh, sorry, I was
>> just thinking loudly.
> This is exactly my point.  If we reopen the SHA-1 issue for the MDC,
> what stops someone from wanting a change in fingerprints or the secret
> key protection format, or the "hash of last resort" or any of the
> other hardcoded uses of SHA-1 in the standard?

Yes.  But at the end of the day, regardless of
whether we leave the doc as it is, or fix the MDC,
or fix the above things, I'd suggest that the
difference is the same:  minimal.

That is, a far better result is getting the doc
finished and out the door ... partly because this
appears to be a "herding" change of no great
security impact, and partly so we can start on
an updated / rewired / rewritten / reviewed doc.

To my mind, then, it comes down to an optimisation
problem in determining how to get the doc out the
door.  Security, common sense, and all that are
out the window.

> The request to remove SHA-1 from the MDC seems to be just a
> misunderstanding.  It's worth an email to try and resolve the
> misunderstanding before we get into design, much less code, changes.

If you are confident of that, perhaps have a shot
at drafting that email?  As "plan B."

This might leave Jon free to concentrate on the
"plan A" approach of adding MDC-v2,3.

(Just a thought ... I'm not clear enough on the
minutia to be confident enough to draft the email,

> A simple email to resolve a misunderstanding seems like the easiest
> "fix" here.  If that doesn't work, or it turns out not to be a
> misunderstanding, then we can go on and do the design changes, no harm
> done.

Perhaps the phone conference as suggested?  I
can see how that might get a result more quickly,
as it allows misunderstandings to be cleared up
more easily than an email cycle.

Just throwing ideas around, here.  Feel free to