On Wed, 05 Mar 2014, peter green wrote:
Also ECDSA shares with DSA the serious disadvantage over RSA that
making signatures on a system with a broken RNG can reveal the key.
I believe that we should avoid ECDSA gnupg keys and subkeys like the plague
for the time being.
You'd most likely get
On Tue, Mar 04, 2014 at 02:33:23PM -0600, Gunnar Wolf wrote:
Umh, I feel I have to answer this message, but I clearly don't have
enough information to do so in an authoritative way¹. AIUI, ECDSA has
not been shown to be *stronger* than RSA ??? RSA works based on modulus
operations, ECDSA on
Helmut Grohne writes (Re: RSA vs ECDSA (Was: Bits from keyring-maint: Pushing
keyring updates. Let us bury your old 1024D key!)):
ECDSA is a DSA algorithm and therefore relies on the creation of secure
random numbers. It has this problem, that if you happen to choose the
same number for two
On Wed, Mar 05, 2014 at 08:29:37AM +0100, Ondrej Surý wrote:
On Tue, Mar 4, 2014, at 21:33, Gunnar Wolf wrote:
Ondrej Surý dijo [Tue, Mar 04, 2014 at 08:10:47PM +0100]:
On Mon, Mar 3, 2014, at 19:13, Gunnar Wolf wrote:
As keyring maintainers, we no longer consider 1024D keys to be
On Mon, Mar 3, 2014, at 19:13, Gunnar Wolf wrote:
As keyring maintainers, we no longer consider 1024D keys to be
trustable. We are not yet mass-removing them, because we don't want to
hamper the project's work, but we definitively will start being more
aggressively deprecating their use. 1024D
Ondřej Surý dijo [Tue, Mar 04, 2014 at 08:10:47PM +0100]:
On Mon, Mar 3, 2014, at 19:13, Gunnar Wolf wrote:
As keyring maintainers, we no longer consider 1024D keys to be
trustable. We are not yet mass-removing them, because we don't want to
hamper the project's work, but we definitively
On Tue, Mar 04, 2014 at 08:10:47PM +0100, Ondrej Surý wrote:
On Mon, Mar 3, 2014, at 19:13, Gunnar Wolf wrote:
As keyring maintainers, we no longer consider 1024D keys to be
trustable. We are not yet mass-removing them, because we don't want to
hamper the project's work, but we definitively
I am not sure what's the timeframe for GnuPG 2.1.0[1] release, but would
it be possible to skip the RSA and go directly for ECDSA, before we
start deprecating DSA? Or at least have an option to do so? (Well,
unless GnuPG 2.1 release is too much far in the future.)
IMO we need to phase out
On 5. 3. 2014, at 5:54, peter green plugw...@p10link.net wrote:
I am not sure what's the timeframe for GnuPG 2.1.0[1] release, but would
it be possible to skip the RSA and go directly for ECDSA, before we
start deprecating DSA? Or at least have an option to do so? (Well,
unless GnuPG 2.1
On Wed, Mar 05, 2014 at 06:54:53AM +, Ondřej Surý wrote:
Also ECDSA shares with DSA the serious disadvantage over RSA that making
signatures on a system with a broken RNG can reveal the key.
Care to share a source? I thought that RSA would be vulnerable to poor RNG as
well.
The
On Wed, Mar 5, 2014, at 7:58, Bastian Blank wrote:
On Wed, Mar 05, 2014 at 06:54:53AM +, Ondřej Surý wrote:
Also ECDSA shares with DSA the serious disadvantage over RSA that making
signatures on a system with a broken RNG can reveal the key.
Care to share a source? I thought that RSA
On Tue, Mar 4, 2014, at 21:33, Gunnar Wolf wrote:
Ondřej Surý dijo [Tue, Mar 04, 2014 at 08:10:47PM +0100]:
On Mon, Mar 3, 2014, at 19:13, Gunnar Wolf wrote:
As keyring maintainers, we no longer consider 1024D keys to be
trustable. We are not yet mass-removing them, because we don't want
12 matches
Mail list logo