Would it make sense to amend that to add SHA-3? --Avi
On 1/30/13, Michel Messerschmidt <li...@michel-messerschmidt.de> wrote: > On Tue, Jan 29, 2013 at 06:36:25PM -0600, John Clizbe wrote: >> ved...@nym.hush.com wrote: >> > if so, would this fall under the open-pgp RFC, or would it have to go >> > through an >> > RSA standard first? >> >> RFC 4880 makes no mention of OAEP. RFC 4880 references RFC 3447 for >> details of >> RSA implementation. >> >> So, from what I can tell, RSA standard first, then OpenPGP by >> incorporating >> the new RSA standard. THEN, Gnupg. > > Although it is the default, RFC 3447 is not restricted to SHA-1. > Appendix B actually states: > "For the RSAES-OAEP encryption scheme and EMSA-PSS encoding method, > only SHA-1 and SHA-256/384/512 are recommended." > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -- Sent from my mobile device ---- User:Avraham pub 3072D/F80E29F9 1/30/2009 Avi (Wikimedia-related key) <avi.w...@gmail.com > Primary key fingerprint: 167C 063F 7981 A1F6 71EC ABAA 0D62 B019 F80E 29F9 _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
