[prev in list] [next in list] [prev in thread] [next in thread]
List: gcrypt-devel
Subject: Re: [PATCH] MD2 for libgcrypt
From: Werner Koch <wk () gnupg ! org>
Date: 2010-07-24 7:05:01
Message-ID: 87k4ol1hsy.fsf () wheatstone ! g10code ! de
[Download RAW message or body]
Stephan Mueller <smueller@chronox.de> writes:
> Yes, agreed from my side as well. But what can you do if customers force you
> to use it, even with MD2?
An option might be to add flag to trustlist.txt, similar to "relax",
which suppresses validation of the root certificate.
I agree that validation of the root certifciate is not necessary because
we check the fingerprint anyway. However that extra check revealed some
probelms in the past and thus I don't want to drop it completely. I
can't remeber but there might have been a specification which required
this validation.
This won't help Daniel's request for adding a MD2 to use libgcrypt as a
crypto bench.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic