| David Shaw on 28 Nov 2003 10:58:02 -0500 |
|
On Fri, Nov 28, 2003 at 10:42:08AM -0500, gabriel rosenkoetter wrote: > On Fri, Nov 28, 2003 at 10:27:22AM -0500, David Shaw wrote: > > A few more than 20 - there were 848 Elgamal primaries out there. We > > wanted to give more time for the key owners to revoke their keys, but > > unfortunately, one of the key addresses was a mail-to-news gateway... > > Woah. Did I misread your post to gpg-users about that then? Possibly. I'm not sure where the 20 came from, but it might have been because the faulty key type is 20 (RSA is 1, DSA is 17, the safe Elgamal is 16). Still, 848 keys is only around 0.04% of all keys on the keyservers. This is a serious security failure, to be sure, but at the same time, there were a lot of roadblocks placed in front of people using these keys. The code practically begged people not to use Elgamal. First, you had to use the --expert flag (manual: "As the name implies, this option is for experts only. If you don't fully understand the implications of what it allows you to do, leave this off.") to even see that Elgamal was an option. After that hurdle, you got: The use of this algorithm is only supported by GnuPG. You will not be able to use this key to communicate with PGP users. This algorithm is also very slow, and may not be as secure as the other choices. Create anyway? I'm not sure how much more we could have pounded people over the head not to use it. David Attachment:
pgpExHJRWvFfk.pgp
|
|