[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PGP Keyserver Synchronization Protocol



Hi Tony,

/Any reason for MD5? I understand the SHA-1 is longer. However, it is
/thought to be a stronger hash the MD5 at this time. 

It doesn't know to be a cryptographically strong hash here.

/Does it really matter if you do not know the internal packet format as long
/as you know where the packet ends? Hashing is simply mixing together a
/stream of octets and so I do not believe the 'format' makes much of a difference.

depending on the order in which a server received signatures in the past, a 
key may look quite different on different servers, although with sorted
sigs it is the same.

cheers,

teun