On Sep 10, 2009, at 6:32 PM, Christoph Anton Mitterer wrote:

The people behind OpenPGP are working on a new OpenPGP proposal that
will use a stronger, better hash algorithm.
Have workings on an 4880 successor already started?

No, at this point things are mainly being proposed as *additions* to 4880. The first of these to reach completion is RFC-5581, which added the Camellia cipher to OpenPGP (it's in 1.4.10, incidentally, but you need to opt-in by adding it to your key prefs before it will be used). Another addition would be ECC support, or the SHA-1 free key format.

Perhaps some of you (David?) remember the discussion that took place
here and on the WG list some time ago about things like:
- how criticality and critical bit could be handled much stricter
- potential problems that arise because conforming implementation are
only recommended to ignore signatures of an older time (especially
self-sigs).
- some other places where OpenPGP could (and for security reasons
perhaps should) be more strict and demanding to (conforming)
implementations
- Ideas for much broader use of attributes (different types of names,
birth-dates, -places, sex, etc. etc.)

So I wonder who's doing the (main) work for the writing this time? And
is there perhaps a wiki or so, where one could collect such suggestions?

The place for all such suggestions is the IETF OpenPGP working group: 
http://www.imc.org/ietf-openpgp/

David


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to