GNU bug report logs - #7490
Bug#594510: emacs23-common: OpenPGP-signed message composition uses micalg=pgp-rmd160 instead of micalg=pgp-ripemd160

Previous Next

Package: emacs;

Reported by: Rob Browning <rlb <at> defaultvalue.org>

Date: Fri, 26 Nov 2010 19:53:01 UTC

Severity: normal

Done: Daiki Ueno <ueno <at> unixuser.org>

Bug is archived. No further changes may be made.

Full log

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Rob Browning <rlb <at> defaultvalue.org>
To: bug-gnu-emacs <at> gnu.org
Cc: 594510 <at> bugs.debian.org, 594510-forwarded <at> bugs.debian.org,
	Daniel Kahn Gillmor <dkg <at> fifthhorseman.net>
Subject: Re: Bug#594510: emacs23-common: OpenPGP-signed message composition
	uses micalg=pgp-rmd160 instead of micalg=pgp-ripemd160
Date: Fri, 26 Nov 2010 13:58:18 -0600

[If possible, please preserve 594510-forwarded <at> bugs.debian.org in any replies.]

Daniel Kahn Gillmor <dkg <at> fifthhorseman.net> writes:

>
> /usr/share/emacs/23.1/lisp/epg.elc lists OpenPGP's digest algorithms
> as follows:
>
> (defconst epg-digest-algorithm-alist #3#)) ((1 . "MD5") (2 . "SHA1")
> (3 . "RMD160") (8 . "SHA256") (9 . "SHA384") (10 . "SHA512"))
>
> but the declaration for RIPEMD160 is wrong, according to the registry
> in RFC 4880.  It should be:
>
> (defconst epg-digest-algorithm-alist #3#)) ((1 . "MD5") (2 . "SHA1")
> (3 . "RIPEMD160") (8 . "SHA256") (9 . "SHA384") (10 . "SHA512"))
>
> This causes messages to be produced with a mismatched pgp-micalg entry
> in the Content-Type: line, which in turn causes some MUAs to fail to
> validate them.

Thanks
-- 
Rob Browning
rlb @defaultvalue.org and @debian.org
GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4
This bug report was last modified 14 years and 177 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.