Would it make sense to amend that to add SHA-3? --Avi
On 1/30/13, Michel Messerschmidt <[email protected]> wrote: > On Tue, Jan 29, 2013 at 06:36:25PM -0600, John Clizbe wrote: >> [email protected] wrote: >> > if so, would this fall under the open-pgp RFC, or would it have to go >> > through an >> > RSA standard first? >> >> RFC 4880 makes no mention of OAEP. RFC 4880 references RFC 3447 for >> details of >> RSA implementation. >> >> So, from what I can tell, RSA standard first, then OpenPGP by >> incorporating >> the new RSA standard. THEN, Gnupg. > > Although it is the default, RFC 3447 is not restricted to SHA-1. > Appendix B actually states: > "For the RSAES-OAEP encryption scheme and EMSA-PSS encoding method, > only SHA-1 and SHA-256/384/512 are recommended." > > > _______________________________________________ > Gnupg-users mailing list > [email protected] > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -- Sent from my mobile device ---- User:Avraham pub 3072D/F80E29F9 1/30/2009 Avi (Wikimedia-related key) <[email protected] > Primary key fingerprint: 167C 063F 7981 A1F6 71EC ABAA 0D62 B019 F80E 29F9 _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
