[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Umgang mit Dubletten
[Thread Prev] | [Thread Next]
[Date Prev] | [Date Next]
- Subject: Re: Umgang mit Dubletten
- From: Philipp Schafft <lion@xxxxxxxxx>
- Date: Fri, 21 Aug 2009 16:07:22 +0200
- To: uugrn@xxxxxxxxxxxxxxx
On Fri, 2009-08-21 at 15:58 +0200, Thomas Gross wrote: > On Fri, 2009-08-21 at 15:47 +0200, Philipp Schafft wrote: > > > SHA1 mit seinen 160 bits als beispiel schafft es im moment auf etwar 50 > > 'echte' bits. MD5 nur noch auf zwei pfoden voll oder so. > Es tut mir leid, das glaube ich nicht. Dazu moechte ich erst mal eine > richtige fundamentierte Referenz sehen. Wenn SHA1 nur 50 von seinen 160 > Bit tatsaechlich nutzen wuerde waere es schon laengst aus dem Verkehr > gezogen worden. Wir sind doch lange schon dabei dies zu tun. Aber die ungleubigen halten ja noch dran fest. Habe auf die schnelle mal eine mail von WK angehaengt, du kannst bitte selbst in den gesetzestext schauen um das zu bestaetigen. Ich werde dies jetzt nicht tun. -- Philipp. (Rah of PH2) Return-Path: <gnupg-devel-bounces+src=gnupg=lion.leolix.org@xxxxxxxxx> X-Original-To: lion@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Delivered-To: lion@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Received: from v0.fellig.org (uservice.fellig.org [84.200.228.103]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by priderock.keep-cool.org (Postfix) with ESMTP id 7F87C7ABC9 for <lion@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>; Tue, 19 May 2009 12:15:54 +0200 (CEST) Received: from lists.gnupg.com (lists.gnupg.org [217.69.76.57]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by v0.fellig.org (Postfix) with ESMTP id 1C607D02EB for <src=gnupg@xxxxxxxxxxxxxxx>; Tue, 19 May 2009 12:15:40 +0200 (CEST) Received: from localhost ([127.0.0.1] helo=trithemius.gnupg.org ident=mailman) by lists.gnupg.com with esmtp (Exim 4.63 #1 (Debian)) id 1M6MHU-0004Wt-H9 for <src=gnupg@xxxxxxxxxxxxxxx>; Tue, 19 May 2009 12:10:44 +0200 X-Spam-Checker-Version: SpamAssassin 3.1.7-deb (2006-10-05) on trithemius.gnupg.org X-Spam-Level: X-Spam-Status: No, score=-1.8 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.7-deb Received: from kerckhoffs.g10code.com ([217.69.77.222]) by lists.gnupg.com with esmtp (Exim 4.63 #1 (Debian)) id 1M6MHI-0004Wh-1h for <mm.gnupg-devel@xxxxxxxxxxxxxxx>; Tue, 19 May 2009 12:10:32 +0200 Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.63 #1 (Debian)) id 1M6MLe-0004nW-In for <gnupg-devel@xxxxxxxxx>; Tue, 19 May 2009 12:15:02 +0200 Received: from wk by localhost with local (Exim 4.62 #1 (Debian)) id 1M6MIg-0006os-OX for <gnupg-devel@xxxxxxxxx>; Tue, 19 May 2009 12:11:58 +0200 From: Werner Koch <wk@xxxxxxxxx> To: GnuPG Development List <gnupg-devel@xxxxxxxxx> Subject: Re: SHA-1 recommendations References: <4A0E366E.7030601@xxxxxxxxxxxxxxx> <4A108551.1070207@xxxxxxxxxxxxxxxxx> Organisation: g10 Code GmbH OpenPGP: id=5B0358A2; url=finger:wk@xxxxxxxxxxx Mail-Followup-To: GnuPG Development List <gnupg-devel@xxxxxxxxx> In-Reply-To: <4A108551.1070207@xxxxxxxxxxxxxxxxx> (Daniel Kahn Gillmor's message of "Sun, 17 May 2009 17:44:49 -0400") Date: Tue, 19 May 2009 12:11:58 +0200 Message-ID: <87hbzh2yhd.fsf@xxxxxxxxxxxxxxxxxxxxx> User-Agent: Gnus/5.110011 (No Gnus v0.11) MIME-Version: 1.0 X-BeenThere: gnupg-devel@xxxxxxxxx X-Mailman-Version: 2.1.10b1 Precedence: list List-Id: GnuPG development <gnupg-devel.gnupg.org> List-Unsubscribe: <http://lists.gnupg.org/mailman/listinfo/gnupg-devel>, <mailto:gnupg-devel-request@xxxxxxxxx?subject=unsubscribe> List-Archive: </pipermail> List-Post: <mailto:gnupg-devel@xxxxxxxxx> List-Help: <mailto:gnupg-devel-request@xxxxxxxxx?subject=help> List-Subscribe: <http://lists.gnupg.org/mailman/listinfo/gnupg-devel>, <mailto:gnupg-devel-request@xxxxxxxxx?subject=subscribe> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: gnupg-devel-bounces+src=gnupg=lion.leolix.org@xxxxxxxxx Errors-To: gnupg-devel-bounces+src=gnupg=lion.leolix.org@xxxxxxxxx On Sun, 17 May 2009 23:44, dkg@xxxxxxxxxxxxxxxxx said: > cannot handle more stronger digest algorithms. For example RFC 4055 > (from June 2005) appears to list SHA-2 algorithms for X.509: Well, this is an RFC but not the real world. You should consider RFCs in the X.509 world as an attempt to document what some systems in some special version may try to implement at some time. The German signature law for example requires the use of SHA-256 since this year. However there are a lot of problems, for example the need to implement the gpgsm option --extra-digest-algo to allow verification with gpgsm because some software used by the folks creating signatures mixes SHA-1 and SHA-256 in an incompatible way. I wish that X.509 would go away, too. However, no hunger and peace are an easier goal than getting rid of X.509. Shalom-Salam, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. _______________________________________________ Gnupg-devel mailing list Gnupg-devel@xxxxxxxxx http://lists.gnupg.org/mailman/listinfo/gnupg-devel -- http://mailman.uugrn.org/mailman/listinfo/uugrn Wiki: http://wiki.uugrn.org/wiki/UUGRN:Mailingliste Archiv: http://lists.uugrn.org/