[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Agree with PRZs MDC suggestion
Tom Zerucha <firstname.lastname@example.org> writes:
> Blocksize+2? Are we doing PGP-cfbs still? Also, by mdc_packet, I take it
Sure ;-) But without the extra sync step.
> to mean you mean a real packet (i.e. there is a virtual EOF after the
> I think SHOULD use SHA1-MDC is best, but I am not sure about the warning
> part. I think it might be proper to give a warning on the creation (much
> like giving a warning against using MAY or private algorithms other places
You are right. It is not a security issue if one of the other hash
algorithms is used - but it may lead to a problem at the receivers
side to verify the MDC.
Werner Koch at guug.de www.gnupg.org keyid 621CC013