On Tue, 27 Feb 2024 20:52, Jacob Bachmeyer said: > Therefore, pass(1) almost certainly has its own list of keys stored
pass stores the fingerprints of the keys in a .gpg-id file and allows to set different ones per directories. > logarithm problem and /vice versa/. Accordingly, RSA1024 is now > considered sufficiently dubious that some implementations no longer > support it, such as the go-crypto/openpgp library used by the newer Which is a Bad Idea because it is up to the user or their implementation to decide which keys are trustworthy. Being able to revoke rsa1024 keys is a useful feature. Although MD5 (PGP2) can be considered as fully broken, rsa1024 is not in general broken. But ist is pretty fashionable to use an easy to exploit OS (e.g. not using the latest Linux kernel) and musing about RSA key strength. Keep Shamir's law in mind. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein
openpgp-digital-signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users