On Tue, 2013-12-17 at 13:01 -0600, Anthony Papillion wrote:
I know that gnupg is experimenting with ECC and I'm wondering which
curves the team has decided to use. I know there are some curves that
are now suspected of being tainted by the NSA through NIST. Has the
gnupg team ruled using those
On Tue, 17 Dec 2013 20:01, anth...@cajuntechie.org said:
I know that gnupg is experimenting with ECC and I'm wondering which
curves the team has decided to use. I know there are some curves that
are now suspected of being tainted by the NSA through NIST. Has the
gnupg team ruled using those
Hello
I am using Xemacs, gnus the epa pkg for encrypting s/mime using gpgsm.
I have several email accounts with different (comodo certificates).
Now one certificate for the address addre...@gmail.com has expired.
However I want to send an email from address2 (whose certificate is
*not*
On Wed, 18 Dec 2013 02:27, r...@sixdemonbag.org said:
because you just shifted to arguing that since GnuPG defaults to
AES-256, we need to use RSA-15000 by default otherwise the asymmetric
FWIW:
The rationale why we use the order AES256,192,128 is
for compatibility reasons with PGP.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/18/2013 12:05 AM, Robert J. Hansen wrote:
So in other words the message can not be read by some govt genius
with a rack of computers??
How would I know? Ask a government genius with a rack of
computers.
I don't know the extent of the
Am Di 17.12.2013, 10:40:21 schrieb Doug Barton:
On 12/17/2013 01:09 AM, Lev Serebryakov wrote:
| Is it possible to synchronize UID list without transferring new
version
| of private key from B to A by external means?
No.
I can reproduce the problem but it doesn't make any sense to
On 12/18/2013 2:18 AM, Daniel Kahn Gillmor wrote:
Sorry, but NIST does face a crisis of trust, particularly in the area of
cryptography, whether either of us wants that to happen or not.
Perhaps: but *not over the PRNG they published*. Please stay on point.
You are demonstrating a tendency
Hello!
Along with the publication of an interesting new side channel attack by
Daniel Genkin, Adi Shamir, and Eran Tromer we announce the availability
of a new stable GnuPG release to relieve this bug: Version 1.4.16.
This is a *security fix* release and all users of GnuPG versions 1.x are
On Tue, 17 Dec 2013 20:40, c...@rheloud.net said:
How about an RSS-Feed.
We used to have one for the News. It is currently disabled but will
come back with the new website.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
On Wednesday, December 18, 2013 at 9:25 AM, Werner Koch w...@gnupg.org
wrote:
The paper describes two attacks. The first attack allows to
distinguish
keys: An attacker is able to notice which key is currently used for
decryption.
...
While listening to the acoustic
emanations of
the
Am Montag, 16. Dezember 2013 20:42:54 schrieb Werner Koch:
May I suggest to read the archives of just a few weeks to collect the
reasons why suggestions of using SHA-512 are missing the point. Some
folks here must have bleeding fingertips from repeating the arguments
over and over.
What
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 18/12/13 00:01, Micah Lee wrote:
The problem is you're wanting to make GnuPG go mainstream but then you end
up with people seeing this: http://i.imgur.com/53nvUqm.png
Yup. That should be avoided. However there are only a few pages that
On Wed, 18 Dec 2013 16:09, bernh...@intevation.de said:
What about placing this as an FAQ in the wiki.gnupg.org?
We have a FAQ which answers a lot of questions around key sizes in
“Advanced Topics” section. If something is missing it can easily be
added.
Salam-Shalom,
Werner
--
Die
Werner Koch wrote on 12/18/13, 4:05 PM:
Hello!
Along with the publication of an interesting new side channel attack by
Daniel Genkin, Adi Shamir, and Eran Tromer we announce the availability
of a new stable GnuPG release to relieve this bug: Version 1.4.16.
This is a *security fix*
On 16/12/13 23:41, Doug Barton wrote:
but one argument against what you're suggesting is that it's only as secure
as the encryption used in step 1 of the hybrid approach.
If only everything in cryptoland was only as secure as 3DES...
The ability to apply SSS to the entire secret would be
On Mi, Dez 18 2013, Uwe Brauer wrote:
I am using Xemacs, gnus the epa pkg for encrypting s/mime using gpgsm.
I have several email accounts with different (comodo certificates).
Now one certificate for the address addre...@gmail.com has expired.
However I want to send an email from address2
Here, we describe a new acoustic cryptanalysis key extraction attack,
applicable to GnuPG's current implementation of RSA. The attack can
extract full 4096-bit RSA decryption keys from laptop computers (of
various models), within an hour, using the sound generated by the
computer during the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 12/18/2013 07:32 AM, Sam Tuke wrote:
| On 18/12/13 00:01, Micah Lee wrote:
| The problem is you're wanting to make GnuPG go mainstream but then
you end
| up with people seeing this: http://i.imgur.com/53nvUqm.png
|
| Yup. That should be avoided.
On Wed, 18 Dec 2013 18:31, sys...@ioioioio.eu said:
Here, we describe a new acoustic cryptanalysis key extraction attack,
applicable to GnuPG's current implementation of RSA. The attack can
Well that is what I posted a few hours ago to this list ;-).
Salam-Shalom,
Werner
--
Die
Getting Goteo approval
==
Posted 18th December 2013 by Sam Tuke
http://blog.gnupg.org/20131218-getting-goteo-approval.html
The targets are set, the rewards are prepared, the press release has been edited
and translated, and now we’re waiting for approval from the crowdfunding
On 12/18/2013 08:53 AM, Peter Lebbing wrote:
On 16/12/13 23:41, Doug Barton wrote:
but one argument against what you're suggesting is that it's only as secure
as the encryption used in step 1 of the hybrid approach.
If only everything in cryptoland was only as secure as 3DES...
I understand
On 12/18/2013 1:25 PM, Doug Barton wrote:
(Robert, please ignore my tortuous use of secure in that sentence.) :)
Hey, I was being *nice*. I wasn't even pointing out that 3DES only has
112 bits of keyspace... ;)
___
Gnupg-users mailing list
On Dec 18, 2013, at 5:41 AM, Werner Koch w...@gnupg.org wrote:
On Wed, 18 Dec 2013 02:27, r...@sixdemonbag.org said:
because you just shifted to arguing that since GnuPG defaults to
AES-256, we need to use RSA-15000 by default otherwise the asymmetric
FWIW:
The rationale why we use
Jens == Jens Lechtenboerger
clou...@informationelle-selbstbestimmung-im-internet.de writes:
On Mi, Dez 18 2013, Uwe Brauer wrote:
I am using Xemacs, gnus the epa pkg for encrypting s/mime using gpgsm.
Hi Uwe,
if I understand you correctly, you fail to encrypt to your
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Well,
I'm really sorry to have set up such a conversation :o)
As I said earlier I'm not quite good at crypto-things, all I wanted to
do was to protect my private key easily in case of HDD error.
And all I wanted to do with this little tool was to
Hi,
I am planing to write a script, which will refresh the apt signing key
before updating using apt-get update. The script might get accepted in
Debian. [1] With my Whonix hat on, it's safe to say, that this script
will be added to Whonix (which is a derivative of Debian).
Writing that script
On Wed, Dec 18, 2013 at 10:20:26PM +, adrelanos wrote:
I am planing to write a script, which will refresh the apt signing key
before updating using apt-get update. The script might get accepted in
Debian. [1] With my Whonix hat on, it's safe to say, that this script
will be added to
I am planing to write a script, which will refresh the apt signing key
before updating using apt-get update.
The question I have is, What problem are you trying to solve? I am
certain that Debian Security already has a protocol in place for how to
handle compromised certificates. Is this
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Robert J. Hansen:
I am planing to write a script, which will refresh the apt
signing key before updating using apt-get update.
The question I have is, What problem are you trying to solve?
What in case the apt signing key gets compromised.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Jason Harris:
On Wed, Dec 18, 2013 at 10:20:26PM +, adrelanos wrote:
I am planing to write a script, which will refresh the apt
signing key before updating using apt-get update. The script
might get accepted in Debian. [1] With my Whonix
30 matches
Mail list logo