Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. gcrypt
md2 support?
m.koster at greenhills
Dec 6, 2004, 4:09 AM
Post #1 of 4 (1495 views)
Permalink
Hi all,

I ran into various certificate chains that gnutls cannot verify because
they use a Verisign CA certificate with an md2 hash, which is not
supported in gnutls, because there is no md2 support in libgcrypt.

This was previously reported by Luca Centamore, archived in
http://lists.gnupg.org/pipermail/gpa-dev/2003-October.txt.
Werner Koch explained md2 support was removed because rfc1319 lists it
as licensed for PEM only, and because the algorithm is ancient and
useless.

I recalled hearing that RSA had later extended that license to "any
purpose", and after some searching I found this documented at
http://www.ietf.org/ietf/IPR/RSA-MD-all. Does this address Werner's
licensing concerns?

Now I know the use of MD2 is no longer recommended because of
weaknesses. But it seems wrong to restrict the ability to communicate
with SSL servers using those certificates solely because we know the
checksum algorithm is weak. For comparison, Mozilla's NSS does support
these certificates. Personally I would obtain certificates that wouldn't
have these issues, but obviously these certificates issued to third
parties are not something I can control.

I would therefore ask you to please reconsider adding md2-support back.

Regards,

-- Martijn
Re: md2 support? [ In reply to ]
wk at gnupg
Dec 16, 2004, 9:13 AM
Post #2 of 4 (1475 views)
Permalink
On Mon, 06 Dec 2004 11:09:31 +0000, Martijn Koster said:

> Werner Koch explained md2 support was removed because rfc1319 lists it
> as licensed for PEM only, and because the algorithm is ancient and
> useless.

I still believe in that.

> I recalled hearing that RSA had later extended that license to "any
> purpose", and after some searching I found this documented at
> http://www.ietf.org/ietf/IPR/RSA-MD-all. Does this address Werner's
> licensing concerns?

Okay, that is fine.

> I would therefore ask you to please reconsider adding md2-support back.

Well, we can do that but first of all we need an implementation.
There has never been MD2 support in Libgcrypt. An implementation most
be done from scratch or real public domain code. The author needs to
sign a disclaimer or assignment to the FSF.

Would you like to work on it. In general it is pretty straightforward
to do a simple implementation from the specs. Take rmd160.c or md5.c
as a template.

Werner
Re: md2 support? [ In reply to ]
nmav at gnutls
Dec 16, 2004, 9:41 AM
Post #3 of 4 (1465 views)
Permalink
On Thursday 16 December 2004 17:13, Werner Koch wrote:

> > I recalled hearing that RSA had later extended that license to "any
> > purpose", and after some searching I found this documented at
> > http://www.ietf.org/ietf/IPR/RSA-MD-all. Does this address Werner's
> > licensing concerns?
> Okay, that is fine.
> > I would therefore ask you to please reconsider adding md2-support back.

> Well, we can do that but first of all we need an implementation.
> There has never been MD2 support in Libgcrypt. An implementation most
> be done from scratch or real public domain code. The author needs to
> sign a disclaimer or assignment to the FSF.

Nettle already includes an implementation of md2 written by Niels.


> Werner

--
Nikos Mavrogiannopoulos
Re: md2 support? [ In reply to ]
wk at gnupg
Dec 16, 2004, 1:14 PM
Post #4 of 4 (1459 views)
Permalink
On Thu, 16 Dec 2004 17:41:12 +0100, Nikos Mavrogiannopoulos said:

> Nettle already includes an implementation of md2 written by Niels.

If he would only assign copyright to the FSF ...

Werner

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal