NV wrote the following on 3/4/11 7:19 PM: > It could be related with the passphrase, but I have changed the pass and the > 'warning' > persists there. I never saw this warning before, but only recently I > installed the 'new' > GPG Keychain Access ( 0.8.4). > > Thank you very much for your quick answer. >
I saw that warning only in GPG Keychain Access after I installed it. I am also running 0.8.4, but the red warning was already displayed in previous working releases of the utility. This is the answer I received from the GPG Keychain Access developer, sometime around December 16, 2010: >> "This key may be unsafe" means that the key is too short (<=1024 bit) or >> that in the Algorithm Preferences a weak hash algorithm is using. >> If the key is too short you can only create a new one. >> If the key use a weak hash algorithm you can change it under Key -> >> Algorithm Preferences. (SHA-1 is unsafe) >> My key is an "original" DSA key where the primary key is 1024 bit. I sign with a sign-only RSA 2048 bit subkey, that I created later on. The encryption subkey is 2048 bit. I also use SHA256, not SHA1. By the way, SHA1 is not "unsafe", conflicts have been detected and documented (you can Google it). Lots of people still use SHA1, but for better security, it's advisable to switch to SHA256. So I decided to keep the key as it was, red warning or not. Have a fine and safe week end. Charly _______________________________________________ gpgtools-users mailing list [email protected] FAQ: http://www.gpgtools.org/faq.html Changes: http://lists.gpgtools.org/mailman/listinfo/gpgtools-users Unsubscribe: http://lists.gpgtools.org/mailman/options/gpgtools-users/[email protected]?unsub=Unsubscribe&unsubconfirm=1 This email sent to: [email protected]
