u can use either 224-bit or 256-
bit hashes with DSA-2048.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
all versions of
GPG would (correctly) allow the use of SHA-224 with this key.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
nt. Amazon does all that for you (and charges you for it, of
course). Given Amazon's size, they can generally do the messy part of
managing hundreds of machines (especially since they are virtual
machines) cheaper than you can.
David
___
Gnupg
having to manage the racks and racks of running hardware.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Sorry, I have sent this message only one time. I have no idea why this
happend! :-(
Am Mittwoch, 4. November 2009 13:10:52 schrieb gerry_lowry (alliston ontario
canada (705) 250-0112):
> David . you are sending this over and over and over . I have
> this message 21
Hi Michel,
Thanks for the information, most useful.
Regards
David
-Original Message-
From: gnupg-users-boun...@gnupg.org [mailto:gnupg-users-boun...@gnupg.org] On
Behalf Of Michel Messerschmidt
Sent: 02 November 2009 11:10
To: gnupg-users@gnupg.org
Subject: Re: gpg.conf
On Mon
? Has anyone ever tried it in a
similar way or are there any alternatives? Finally, is there a HowTo?
I would be very happy for any kind of information.
Thanks,
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/lis
ount needs to see the keyrings owned by
Administrator.
Apart from that it's good to see what else can be changed and the skeleton you
sent me
is a good place to begin.
Regards
Dave
-Original Message-
From: John Clizbe [mailto:j...@mozilla-enigmail.org]
Sent: 02 November 20
Hi
Could anyone point me in the right direction for a manual/examples
on how to edit the gpg.conf file for GnuPG 2.0.12 (GPG 4 Win)?
The pdf manual which gets installed with this kit contains no references
and the readme only tells me that gpg.conf gets created during install.
I w
xample of the syntax for adding keyring
references to gpg.conf?
Thanks
Dave
-Original Message-
From: gnupg-users-boun...@gnupg.org [mailto:gnupg-users-boun...@gnupg.org] On
Behalf Of John Clizbe
Sent: 30 October 2009 21:27
To: GnuPG Users
Subject: Re: No secret key under different accou
? I read the manual, but got confused about
that...
gpg --cipher-algo 3des --symmetric
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
t: 30 October 2009 14:43
To: David Gray
Subject: RE: No secret key under different account
Logon to the server as the account you wish to use to encrypt the files.
Import public key as you did prior and sign the key as you did prior.
This worked for me. I am not in my office, but there are 2 command
On Oct 30, 2009, at 10:24 AM, David Gray wrote:
Hello all,
GPG 2.0.12
Windows Server 2003
I've written a C# application which scans for input files and
decrypts using
GPG.
This applications works fine when run under the account
(Administrator) that
GPG was installed
under but whe
Hello all,
GPG 2.0.12
Windows Server 2003
I've written a C# application which scans for input files and decrypts using
GPG.
This applications works fine when run under the account (Administrator) that
GPG was installed
under but when run from a different account (SQLService) I get this err
Hi,
Has anyone got any idea how to resolve the following error:
can't connect to `C:/Program Files/GNU/GnuPG//S.gpg-agent'
I get this error when issuing the following command
gpg --passphrase-fd 0 --batch --output out.dat --decrypt in.pgp
This worked fine until a few days ago but now it won
thing that does the decrypting/
verifying needs GPG. If that thing is your local machinse, then your
local machines need GPG. If that thing is the mail server, then your
mail server needs GPG.
David
___
Gnupg-users mailing list
Gnupg-users@gn
agine this is automated.
If you see results when you do a --search-keys, just enter the number
in parentheses, next to the key. GPG will use the same keyserver to
retrieve and import the key.
David
___
Gnupg-users mailing list
Gnupg-users@gnup
On Oct 20, 2009, at 10:55 PM, Dan Mahoney, System Admin wrote:
On Thu, 15 Oct 2009, David Shaw wrote:
On Oct 15, 2009, at 9:37 PM, Dan Mahoney, System Admin wrote:
I'm running:
echo foo | gpg -v -v --auto-key-locate cert --recipient gu...@gushi.org
--encrypt -a
And get gpg:
Firstly, thx for the quick replies.
I'm in the process of updating gpg using the urls Charly forwarded in
the previous email - I guess I could try to just update the gpg-agent
in use on my machine from that release then stick with the mac port
version of gpg? Just one less variable to tidy up?
So
Hi there,
I'm attempting to generate a 4096bit RSA key using gnupg 2.0.12 and
gpg-agent 2.0.11 but I'm getting an error message prior to entering
the passphrase:
"gpg: problem with the agent: Not supported"
Having done a little digging I decided to enable --debug-all to see if
this would shed an
not CERT. It's
ugly, but it was the least common denominator. It has been a few
years since then. Possibly it's time to upgrade.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
compatible with GPG v2.
Contacted the
auther who is looking at an upgrade.
Regards
David
-Original Message-
From: Werner Koch [mailto:w...@gnupg.org]
Sent: 12 October 2009 11:00
To: David Gray
Cc: gnupg-users@gnupg.org
Subject: Re: Testing the exit status
On Mon, 12 Oct 2009 11:2
agent without it backgrounding by leaving off the "--daemon" option.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On Oct 11, 2009, at 11:50 PM, Jim Dever wrote:
Just a quick question:
Are there any caveats I should be aware of if I generate an RSA
signing
key with an Elgamal encryption subkey?
No caveats. In fact, my own key is exactly that.
David
Hi all,
Been doing some searching this morning to see if gpgme is available for
Windows and can be used commercially. Is anyone using this product on
Windows
under .net 3.5 (C#) that can give advice?
Also does anyone know where the Windows download site is?
Thanks in advance
Dave
Regis
ctober 2009 15:14
To: David Gray
Cc: gnupg-users@gnupg.org
Subject: Re: Testing the exit status
On Fri, 9 Oct 2009 13:47, david.g...@turpin-distribution.com said:
> Does GPG return different status codes when it exits?
> I'm specifically looking for different types of error, such
>
Hi,
Does GPG return different status codes when it exits?
I'm specifically looking for different types of error, such
as file not found, key not found, invalid passphrase etc.
I'm using the Windows version if that makes any difference.
Rgds
Dave
Registered Office: Turpin Distribution Servic
sure: do a "gpg --list-keys username" to see
all keys that match that name.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
havior optional doesn't really resolve that, as to
be useful, you want this sort of key-picking behavior to be the
default (I might even argue that if we do it, it shouldn't be
something that could be switched off, as at least there would be only
1 confusing behavio
On Sep 24, 2009, at 3:13 PM, M.B.Jr. wrote:
On Thu, Sep 24, 2009 at 2:21 PM, David Shaw
wrote:
On Sep 24, 2009, at 12:30 PM, M.B.Jr. wrote:
Hi David,
about the first "tidbit":
On Tue, Sep 22, 2009 at 6:08 PM, David Shaw
wrote:
First of all, someone has factored a 512-b
On Sep 24, 2009, at 12:30 PM, M.B.Jr. wrote:
Hi David,
about the first "tidbit":
On Tue, Sep 22, 2009 at 6:08 PM, David Shaw
wrote:
First of all, someone has factored a 512-bit RSA key (the one used to
protect a TI programmable calculator, it seems). It took 73 days
on a
user asks gpg to encrypt something to a name or User ID. Is that
right?
or are there other circumstances in gpg where the "choose the first
matching User ID" heuristic is used?
It's used everywhere user IDs are referenced in the product. --
nfuse anyone.
Yes, it's wrong for some situations. But every behavior is wrong for
some situations. This particular "wrong" behavior has almost 20 years
of history behind it.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
re Guide to AES:
http://www.moserware.com/2009/09/stick-figure-guide-to-advanced.html
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
quot; since the
beginning, as did (old) PGP[1]. That behavior is baked deeply into
systems.
David
[1] PGP has a GUI nowadays, so this sort of thing doesn't apply in the
same way any longer. I don't have my copy of PGP command line online
at the moment, so I can't check
e a
year) is that PGP 2.x used it back in the 1990s.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On Sep 21, 2009, at 2:30 PM, Johan Wevers wrote:
David Shaw wrote:
If the "some people" still want this, I haven't seen it in a good
long
while. Possibly they gave up asking.
Probably. However, if someone wants IDEA support for whatever reason
there
is still the IDEA p
On Sep 18, 2009, at 6:46 AM, FOAD FOAD wrote:
Hi,
I want to know which version of gpg is install on my openbsd, could
you tell me how to do ?
Type "gpg --version"
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists
erences. The most highly ranked
cipher in
this list is also used for the --symmetric encryption
command.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On Sep 16, 2009, at 4:15 PM, Robert J. Hansen wrote:
David Shaw wrote:
Whether this means IDEA is okay or not patent-wise, I have a slightly
different take on this: who cares about IDEA at this point? IDEA was
good back in the 90s and PGP 2.x. It's 2009 now, and we have better
ciphers
his point? IDEA was
good back in the 90s and PGP 2.x. It's 2009 now, and we have better
ciphers than IDEA, a massive installed software base that doesn't use
IDEA, and nobody is suffering for the lack of IDEA. If IDEA was
suddenly not patented, none
On Sep 15, 2009, at 9:42 AM, Nicholas Cole wrote:
Hi all. This is a query mostly for my own interest, but I think it
might point to a change in the documentation being required.
I was slightly confused by this message
http://lists.gnupg.org/pipermail/gnupg-users/2009-May/036361.html
David
pg --card-
status" (this re-creates the stub for the card you use regularly)
If you ever want to use a different smartcard, you will need to delete
your secret key, insert the card, and do a "gpg --card-status" to
recreate the stub for that card.
David
___
On Sep 12, 2009, at 1:40 PM, Peter Lebbing wrote:
David Shaw wrote:
I can't speak to the MyKey device, but I have a SCR3320 and it works
just fine with GnuPG and the v2 card.
Great, thanks for the info. One more question, does your reader look
like
[1] or like [2]?
I must say I lik
t I have a SCR3320 and it works
just fine with GnuPG and the v2 card.
I like the smaller "USB stick" form factor a lot more than the larger
"credit card" sized cards. They're much easier to deal with when you
don't have smartcard readers wherever you go.
David
r of being hit by meteors several times
in a row as you walk to your friend's house with the USB stick, than
you are in danger from SHA-1.
:)
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
ormat.
Perhaps some of you (David?) remember the discussion that took place
here and on the WG list some time ago about things like:
- how criticality and critical bit could be handled much stricter
- potential problems that arise because conforming implementation are
only recommended to ignore signatur
"Could" is a very powerful word. At some point, people have to buy
and run the closed-source hardware they need to run their open-source
software on :)
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On Sep 10, 2009, at 6:32 PM, Christoph Anton Mitterer wrote:
Hi folks.
On Thu, 2009-09-10 at 11:08 -0400, David Shaw wrote:
The real headache here is (as always) the practical - what to do with
existing keys and such. I suspect that removing SHA1 would
effectively mean a new key type for
her things),
along with a pointer that says "the key is on smartcard XYZ".
So if they can get ahold of your computer, someone could steal this
stub, but there is nothing secret about it, and it won't do them any
good.
David
___
Gnupg
s RSA or DSA in this example though, and then
there is Mechani-Kong, and Lady Kong, and... ;)
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On Sep 10, 2009, at 8:02 AM, Philippe Cerfon wrote:
On Thu, Sep 10, 2009 at 3:45 AM, David Shaw
wrote:
Yes, but it won't actually go away completely. SHA1 is special in
OpenPGP.
Unlike the other hashes, SHA1 is required to be supported.
Removing SHA1
from an OpenPGP preference
t the wonderful defaults in GPG.
They're the default algorithms for a reason.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
y GPGShell? http://www.jumaros.de/
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
under, do:
gpg -o file-to-save-the-decrypted-data-in my-file-to-decrypt.asc
What is the correct procedure to decrypt a file thta has been
encrypted with my public key?
And is there no way to use some kind of GUI tool to do this so the
masses of option codes are automaticall
re can create a useless (for your purposes) key, they are available
only to experts (or to call them other way, to not-newbies).
Just right. As a general rule, people should never need --expert to
do regular OpenPGP-ish things (make keys, encrypt stuff
pcsc or the built-in card driver? What platform are you
using?
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On Sep 5, 2009, at 8:59 PM, M.B.Jr. wrote:
Hi David, thank you.
On Sat, Sep 5, 2009 at 1:11 PM, David Shaw
wrote:
On Sep 4, 2009, at 12:53 PM, M.B.Jr. wrote:
How do I know which compression algorithm was used?
Unless you've overridden the default, it is ZIP.
Ok but in this
uot;, "zip", "zlib", or "bzip2". Note
that bzip2 is only available if your GPG was built with the bzip2
library.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
cent enough)
supports it.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
SIGNED\040MESSAGE- signed message
>15 string PGP\040SIGNATURE- signature
0 beshort 0x8501 data
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
e you'd
have to type it multiple times as the shell loop ran), but no
passphrases is also a common setup for automated use.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
than that.
That said, adding algorithms to OpenPGP - especially compression
algorithms which have no security impact - is fairly easy to do. I
suggest taking your suggestion to the ietf-openpgp mailing list. The
folks there are very happy to discuss such things.
On Aug 28, 2009, at 2:37 AM, Faramir wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
David Shaw escribió:
...
Incidentally, there have been proposals to add forward security
extensions to OpenPGP. See http://www.apache-ssl.org/openpgp-pfs.txt
As a side note, I am not sure I like
d security
extensions to OpenPGP. See http://www.apache-ssl.org/openpgp-pfs.txt
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On Aug 27, 2009, at 10:36 AM, John Betz wrote:
I appreciate the offer David, but I don't have PowerArchiver so I
can't
create a sample input file. The file I am trying to decrypt is
coming from
another source so I would have to get them involved in order to
create a
sample ar
On Aug 26, 2009, at 9:38 AM, John Betz wrote:
David,
The file is a PowerArchiver file (containing multiple text files)
that was
encrypted using PGP.
I'm not sure if that file is legal according to the OpenPGP spec. It
depends on how it was packed together. If you can encrypt a s
the first record. If I rename the file (or create it)
with a .zip extension and try to open it with WinZip it does not
recognize the file as an archive file. When I do the same operation
with PGP there is no problem.
How was the file encrypted in the first place?
David
On Fri, Aug 21, 2009 at 10:28, Steven W. Orr wrote:
> I decided to try sending my email with a signature attached instead of using
> an inline signature. Now my friend with Outlook Express is telling me that the
> message body is blank and that in order for him to see the message, he now has
> to o
ow it relates to GnuPG, I wouldn't bother to do
anything about it, personally, but if it worries you, you can easily
rank AES128 higher than AES256 in your preferences (or even remove
AES256 altogether if you like). Either way you're probably fine.
David
make a new signature with
the details you want (the policy URL, etc). You can revoke the
earlier signature, but in practice it's usually simpler to just ignore
it since the new signature replaces the older one in trust calculations.
ke best don't matter. You're the
sender, and your wishes (via --personal-cipher-preferences and
friends) trump all.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
lieve Perry Metzger was referring to the US courts, this
post is still well worth reading. I doubt the situation is vastly
different outside of the US: http://www.mail-archive.com/cryptogra...@metzdowd.com/msg10391.html
David
___
Gnupg-users ma
ossibility of malicious intentions - trying to frame
someone by putting encrypted data onto someone's computer and tipping
off the authorities.
--
David Smith| Tel: +44 (0)1454 462380Home: +44 (0)1454 616963
STMicroelectronics | Fax: +44 (0)1454 462305 Mobile: +44 (0)7932 64
that the RIP bill was being
pushed through about the difficulty of proving that you don't have
access to a particular piece of information.
The RIPA is a particularly nasty piece of legislation in this respect.
--
David Smith| Tel: +44 (0)1454 462380Home: +44 (0)1454 616963
STMic
ou'd compile it anywhere else.
If it's OS/400, you might take a look at running it under PASE.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
This is cute:
http://www.entropykey.co.uk/
(Reasonably on-topic as the device would work with GnuPG (at least on
Linux), as it seems to feed /dev/random)
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman
latest official release. On sks-
devel there are usually a handful of patches and bug fixes being
discussed before they are rolled into the official release.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
s it do? There just isn't any information to go on here.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
lt-in PDF
encryption, and if so, the answer is no. GnuPG cannot decrypt PDF
files unless they are encrypted with OpenPGP (PGP, GnuPG, etc).
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
had
a smartcard reader where you were going. The new cards can be punched
for use in a SIM type reader, so the card plus the reader is the same
size as a USB "thumb drive" stick. The smaller form factor makes a
dramatic improvement in the user experience for me.
David
___
On Jul 30, 2009, at 9:23 PM, Robert J. Hansen wrote:
Hence, McAfee may be a much bigger player than people think.
Is that an example of a potential problem implementation? Note that
the McAfee product does support RSA (not surprising, given its
ancestry).
David
ince 2002 and have never had even a single instance of
someone not being able to use my key because their OpenPGP program
didn't implement RSA.
In short, I wouldn't worry about it. Use either DSA or RSA, and you
should be fine.
David
_
ple he plans on
communicating with use GnuPG anyway), that number is vanishingly
small. PGP in one form or another owns most of the OpenPGP market.
GnuPG owns most of the rest. I wouldn't worry all that much.
David
___
Gnupg-users mailing list
Gnupg-
On Jul 30, 2009, at 4:17 PM, ved...@hush.com wrote:
a new attack has been found against AES - 256
http://www.schneier.com/blog/archives/2009/07/another_new_aes.html
it only works against 10 round AES-256 (which normally has 16
rounds)
It breaks 11 rounds of 14.
David
cally secure with a one-time pad.
Of course, you then have the key exchange problem.
--
David Smith| Tel: +44 (0)1454 462380Home: +44 (0)1454 616963
STMicroelectronics | Fax: +44 (0)1454 462305 Mobile: +44 (0)7932 642724
1000 Aztec West| TINA: 065 2380 GPG Key: 0xF13
On Jul 27, 2009, at 11:15 AM, James P. Howard, II wrote:
On Sun Jul 26 2009 23:09:18 GMT-0400 (EST) , David Shaw
wrote:
Because it is difficult (or nearly impossible) to determine the
difference from the perspective of GnuPG. That is, I as a person
know what I'm encrypting and what I
ecipient. So encrypting to 10 recipients is a bit larger than
encrypting to 1 recipient, but it is nowhere near as large as
encrypting to 10 recipients individually. Any of the recipients can
decrypt the data.
David
___
Gnupg-users mailing l
nst
trouble. For example, if we're just talking about email, you could
tweak your mail server to check to see if the extra recipient was
present and if not, reject the message, etc. I believe the PGP folks
have some variant of this ability
to tell whether an attacker got just the passphrase,
just the key file, or both. It's often easier and more prudent to
assume that if the attacker got anything, they got both.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
rd even mentions it:
Note however, that it is a thorny issue to
determine what is "communications" and what is "storage". This
decision is left wholly up to the implementation; the authors of
this
document do not claim any special wisdom on the issue and realize
t
On Jul 9, 2009, at 5:39 AM, Roscoe wrote:
On Thu, Jul 9, 2009 at 3:36 AM, David Shaw
wrote:
...
If you're looking for a more immediate reason, though, note that if
you make
a RSA key larger than 2048 bits you can't use it with the spiffy
new OpenPGP
smartcard.
Oh, something
es on this list,
and instead jump right to the easy reason: RIPEMD160 is 160 bits
long. SHA-2 is (at minimum) 224 bits long, and can go up to 512 bits
long.
224 > 160.
512 is very > 160.
Unless you think SHA-2 is actually weaker than RIPEMD160 som
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
David Shaw wrote:
| On Jul 6, 2009, at 4:21 AM, martin f krafft wrote:
|
|> Hey folks,
|>
|> Two years ago, there was a thread on this list, in which RSA key
|> sizes >2048 were discussed [0]. In these two years, the crypto-world
|&g
st gnupg version ?
What version of GPG are we talking about here?
On Jul 8, 2009, at 1:46 PM, Senthilkumar .E wrote:
gnupg-1.4.7 version has this problem
Try the most recent 1.4.9. I believe this problem was fixed in 1.4.8.
David
___
Gnupg-users
with a smaller key, you need to ask yourself what the big key actually
buys you.
If you're looking for a more immediate reason, though, note that if
you make a RSA key larger than 2048 bits you can't use it with the
spiffy new OpenPGP smartcard.
David
__
). Is it fixed on the latest gnupg version ?
What version of GPG are we talking about here?
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On Jul 7, 2009, at 6:10 PM, Robert J. Hansen wrote:
On Jul 7, 2009, at 6:02 PM, David Shaw wrote:
Or are you asking if there is there a significant difference
between SHA-256 truncated to 224 bits and straight SHA-224 in terms
of hash strength? If so, no, there really isn't. SHA-2
sn't. SHA-224 in fact *is* a
truncated SHA-256 with a different initialization.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
801 - 900 of 2232 matches
Mail list logo