Mailing List Archive: GnuPG: devel

DSA2 default status

Index | Next | Previous | View Threaded

dshaw at jabberwocky

Nov 18, 2009, 6:47 AM

Post #1 of 8 (868 views)
Permalink

DSA2 default status

The default for DSA2 in GPG is currently "off" - that is, by default, we fix the size of a DSA key at 1024 bits, and the q size (to specify the hash) at 160 bits. We've supported DSA2 since mid-2006 (v1.4.4 - a year later in GPG2: v2.0.7), but it has always been restricted behind a --enable-dsa2 option to prevent people from shooting themselves and others in the foot by making keys that could not be widely used. By passing --enable-dsa2, they "opt-in" to that risk, and can generate whatever key type they like.

Proposal: I think it's time to make --enable-dsa2 the default. It's been supported for 3 years in GPG and almost as long in PGP. Plus, the DSA key type is no longer the default in GPG anyway - it takes an explicit decision by a user to use DSA in the first place, which acts as the "opt-in".

Thoughts?

David

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

wk at gnupg

Nov 18, 2009, 8:28 AM

Post #2 of 8 (837 views)
Permalink

Re: DSA2 default status [In reply to]

On Wed, 18 Nov 2009 15:47, dshaw [at] jabberwocky said:

> Proposal: I think it's time to make --enable-dsa2 the default. It's been supported for 3 years in GPG and almost as long in PGP. Plus, the DSA key type is no longer the default in GPG anyway - it takes an explicit decision by a user to use DSA in the first place, which acts as the "opt-in".

I did quite some key signing last week for my DSA-2048 key. In the past
I regulary received complaints that people were not able to sign it.
Let's see whether this is still the case or if almost all folks will be
able to sign my key. I guess they are. After that make --enable-dsa2
the default.

Shalom-Salam,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

rjh at sixdemonbag

Nov 18, 2009, 10:50 AM

Post #3 of 8 (839 views)
Permalink

Re: DSA2 default status [In reply to]

David Shaw wrote:
> Thoughts?

Depending on how soon the V5 key spec is ready, we may want to fold
everything in all at once. Changing defaults isn't a big deal, but it
tends to get pushback from users who seem to think their old keys are
somehow broken or defective (since otherwise, "they wouldn't have
changed the defaults").

If V5 is going to be more than six months or so, though, then I think
enabling DSA2 by default should be done now.

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

dshaw at jabberwocky

Nov 18, 2009, 11:02 AM

Post #4 of 8 (832 views)
Permalink

Re: DSA2 default status [In reply to]

On Nov 18, 2009, at 1:50 PM, Robert J. Hansen wrote:

> David Shaw wrote:
>> Thoughts?
>
> Depending on how soon the V5 key spec is ready, we may want to fold
> everything in all at once. Changing defaults isn't a big deal, but it
> tends to get pushback from users who seem to think their old keys are
> somehow broken or defective (since otherwise, "they wouldn't have
> changed the defaults").

I think we've already paid the user-confusion bill when we made the switch from DSA to RSA.

> If V5 is going to be more than six months or so, though, then I think
> enabling DSA2 by default should be done now.

V5 is nowhere near 6 months away. I'd be shocked if it happened before 2011. There just isn't much to talk about for V5 until SHA-3, and even the preliminary results for that aren't due until 2010.

David

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

dshaw at jabberwocky

Nov 18, 2009, 11:07 AM

Post #5 of 8 (828 views)
Permalink

Re: DSA2 default status [In reply to]

On Nov 18, 2009, at 11:28 AM, Werner Koch wrote:

> On Wed, 18 Nov 2009 15:47, dshaw [at] jabberwocky said:
>
>> Proposal: I think it's time to make --enable-dsa2 the default. It's been supported for 3 years in GPG and almost as long in PGP. Plus, the DSA key type is no longer the default in GPG anyway - it takes an explicit decision by a user to use DSA in the first place, which acts as the "opt-in".
>
> I did quite some key signing last week for my DSA-2048 key. In the past
> I regulary received complaints that people were not able to sign it.
> Let's see whether this is still the case or if almost all folks will be
> able to sign my key. I guess they are. After that make --enable-dsa2
> the default.

Sounds good to me.

David
_______________________________________________
Gnupg-devel mailing list
Gnupg-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

dkg at fifthhorseman

Nov 18, 2009, 11:08 AM

Post #6 of 8 (841 views)
Permalink

Re: DSA2 default status [In reply to]

On 11/18/2009 01:50 PM, Robert J. Hansen wrote:
> If V5 is going to be more than six months or so, though, then I think
> enabling DSA2 by default should be done now.

I seriously doubt that v5 is going to be ready in 6 months. my sense of
the OpenPGP WG was that v5 would probably wait on the results of the
NIST hash competition for a successor to SHA-1, and that won't be ready
in 6 months, since the Second SHA-3 Candidate Conference is in August of
next year:

http://csrc.nist.gov/groups/ST/hash/sha-3/Round2/index.html

i could be mistaken about this, of course. Maybe the WG will want to
update the spec before SHA-3 is chosen.

--dkg

Attachments:

signature.asc (0.87 KB)

wk at gnupg

Nov 18, 2009, 11:57 PM

Post #7 of 8 (830 views)
Permalink

Re: DSA2 default status [In reply to]

On Wed, 18 Nov 2009 20:02, dshaw [at] jabberwocky said:

> V5 is nowhere near 6 months away. I'd be shocked if it happened before 2011. There just isn't much to talk about for V5 until SHA-3, and even the preliminary results for that aren't due until 2010.

It is much more likely that GnuPG will implement the ECC draft before
thinking about v5.

Salam-Shalom,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

dshaw at jabberwocky

Nov 19, 2009, 6:17 AM

Post #8 of 8 (840 views)
Permalink

Re: DSA2 default status [In reply to]

On Nov 19, 2009, at 2:57 AM, Werner Koch wrote:

> On Wed, 18 Nov 2009 20:02, dshaw [at] jabberwocky said:
>
>> V5 is nowhere near 6 months away. I'd be shocked if it happened before 2011. There just isn't much to talk about for V5 until SHA-3, and even the preliminary results for that aren't due until 2010.
>
> It is much more likely that GnuPG will implement the ECC draft before
> thinking about v5.

Indeed. ECC is fairly straightforward - we have a key format, we know how to do things with it, we know what a ECC fingerprint would be, etc. V5 (or at least a V5 worth doing) changes some fundamental things, so needs a lot more thought and planning.

David
_______________________________________________
Gnupg-devel mailing list
Gnupg-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads