| David Shaw on 28 Nov 2003 13:51:02 -0500 |
|
On Fri, Nov 28, 2003 at 12:53:29PM -0500, gabriel rosenkoetter wrote: > On Fri, Nov 28, 2003 at 10:57:21AM -0500, David Shaw wrote: > > Possibly. I'm not sure where the 20 came from, but it might have been > > because the faulty key type is 20 (RSA is 1, DSA is 17, the safe > > Elgamal is 16). > > Must be. Unfortunately, I've deleted the message I was reading from, > so... > > > Still, 848 keys is only around 0.04% of all keys on the keyservers. > > Wow. Didn't realize there were that many keys out there. I'd say > that's a good sign for PGP penetration, but there are probably way > fewer unique and active users of PGP than that. > > > This is a serious security failure, to be sure, but at the same time, > > there were a lot of roadblocks placed in front of people using these > > keys. > > And yet, people did anyway. Do you suppose this was a "I always push > the button that says don't push this button" reaction, or did people > really think they were getting something with ElGamal? Before the RSA patent expired, Elgamal did give you something: a non-encumbered signing algorithm that wasn't limited to 1024 bits and a 160-bit hash. Since 9/2000, there has been no reason to use it other than that you might have generated your key before 9/2000. To be sure, there is always the contingent of people who use Elgamal because "the government influenced the design of DSA", or "I read somewhere that RSA was broken", etc. David Attachment:
pgpLnSeNLpYM9.pgp
|
|