On Fri, 1 May 2009 05:58, a...@smasher.org said:
so... when is the open-pgp spec moving beyond SHA1 hashes to identify
public keys? what's next? will it have to be a bigger hash?
OpenPGP does not claim that the fingerprint is a unique way to identify
a key.
Also note that the results are
On Sat, 2 May 2009 09:06, webmas...@felipe1982.com said:
My web host has gnupg 1.2.6 on their machines. I often SSH into it when
I am not at home on my gnulinux box. Anything I should be concerned
about when using this version? the two key pairs I made (DSS signing,
ELG encryption) were
On Mon, May 4, 2009 at 9:24 AM, Werner Koch w...@gnupg.org wrote:
On Fri, 1 May 2009 05:58, a...@smasher.org said:
so... when is the open-pgp spec moving beyond SHA1 hashes to identify
public keys? what's next? will it have to be a bigger hash?
OpenPGP does not claim that the fingerprint is
On May 4, 2009, at 6:16 AM, Nicholas Cole wrote:
On Mon, May 4, 2009 at 9:24 AM, Werner Koch w...@gnupg.org wrote:
On Fri, 1 May 2009 05:58, a...@smasher.org said:
so... when is the open-pgp spec moving beyond SHA1 hashes to
identify
public keys? what's next? will it have to be a bigger
On Monday 04 May 2009 04:56:24 David Shaw wrote:
If you want a DSA2 key:
gpg --enable-dsa2 --gen-key
Select option 1, and enter 3072 for the DSA key size.
If you want an RSA key:
gpg --cert-digest-algo sha256 --gen-key
Select option 5. Enter a RSA key size. The default (2048)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Sun, May 03, 2009 at 10:56:24PM -0400, David Shaw wrote:
[snip]
The end result will be a key that does not use SHA-1 either in its
internal construction or in signatures it makes elsewhere. Keep in mind
that there are some clients out there
On Mon, 2009-05-04 at 13:39 +0200, Werner Koch wrote:
The only real crypto use in the protocol is with the revocation key
(designated revoker) which uses a 20 byte fingerprint to specify the
key. However I cannot see where there is a threat.
Ok,.. but most people do not exchange they key-data
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Raimar Sandner escribió:
On Monday 04 May 2009 04:56:24 David Shaw wrote:
If you want a DSA2 key:
gpg --enable-dsa2 --gen-key
Select option 1, and enter 3072 for the DSA key size.
If you want an RSA key:
gpg --cert-digest-algo
On Sun, 2009-05-03 at 22:56 -0400, David Shaw wrote:
It's important to remember that this isn't a completely SHA-1 free
key, as that is not currently possible in the OpenPGP protocol, but it
is possible to make a use as little SHA-1 as possible key.
Is there anything else than the
On Mon, 2009-05-04 at 13:39 +0200, Werner Koch wrote:
The forthcoming new keyring
format will cope with that by not allowing a second key with the same
fingerprint.
Ah,.. I've always thought this would be already the case ^^
When will we see this new format?
Chris.
smime.p7s
Description:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Nicholas Cole wrote:
How does GPG cope if two keys on the keyring have the same FP? AFAICS
that would make things very difficult for most of the front-ends,
especially if they had been relying on the uniqueness (in practice) of
the FP to
On Wed, Apr 29, 2009 at 04:40:47PM +0300, Peter Pentchev wrote:
The pinentry should only pop up when the application actually needs the key
do
do something. If pinentry pops up without you doing someting that requires
your secret key, you should be worried.
...like, for example, your
I have gpg encrypted data that I imported into the DB at my company, they
have provided the passphrase and salt. I am wondering how to provide the
salt in the decrypting expression. Any feedback on this will be
appreciated. Here is how I am using it without the salt:
gpg.exe --passphrase
On Mon, May 4, 2009 at 10:01 PM, John W. Moore III
jmoore...@bellsouth.net wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Nicholas Cole wrote:
How does GPG cope if two keys on the keyring have the same FP? AFAICS
that would make things very difficult for most of the front-ends,
On May 4, 2009, at 11:21 AM, Raimar Sandner wrote:
On Monday 04 May 2009 04:56:24 David Shaw wrote:
If you want a DSA2 key:
gpg --enable-dsa2 --gen-key
Select option 1, and enter 3072 for the DSA key size.
If you want an RSA key:
gpg --cert-digest-algo sha256 --gen-key
Select
On May 4, 2009, at 1:40 PM, Christoph Anton Mitterer wrote:
On Sun, 2009-05-03 at 22:56 -0400, David Shaw wrote:
It's important to remember that this isn't a completely SHA-1 free
key, as that is not currently possible in the OpenPGP protocol, but
it
is possible to make a use as little
16 matches
Mail list logo