On Thu, 26 Jun 2014 23:36, r...@sixdemonbag.org said: > on the key. For any OpenPGP certificate, you can send it 3DES-encrypted > traffic and be in complete accordance with the spec and the recipient's > preferences.
Assuming the sender uses a decent implementation, the attacker must have been able to modify the senders system by changing the code or the config files. This requires write access to the machine; with that an attacker has thousands of ways to tap the communication. Degrading to the still good 3DES is an option which is even not very promising. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
