[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Removing Elgamal signatures
* Florian Weimer wrote:
> Lutz Donnerhacke wrote:
>> I'd like to oppose. ElGamal signatures are still useful,
> Useful for what?
I prefer more than one algorithm for a given task. That's all.
My personal opinion is not relevant to the removal of this packet type.
> objections to its design process), but this is no longer a convincing
> justification since we now have RSA at our disposal.
Do we use RSA right? Requiring SSP?
> Are you confident that no additional implementation traps will
> discovered? With RSA, I have some confidence that the most important
> things are properly documented, but ElGamal signatures appear to be much
> more problematic. Please keep in mind that this is the second case of
> such an implementation trap for the ElGamal signature scheme.
There are a lot of listed RSA attacks, too.