On Thursday 01 January 2015 19:19:58 Uwe Brauer wrote: > Hello > > I am sorry if this is a little off-topic but I am not sure where to ask. > I use both, gpg and smime (the later either with gpgsm or with > thunderbird) > > Recently the German news magazine «Der Spiegel» [1] published more of > the «Snowden files», which reveal that gpg is NSA safe[2]. > > Does anybody know whether smime has the same level of security? There > are at least two possible weak spots. > > - the generation and sign of the certificate, ideally the > generation of the keypair should be done by the crypto module of > the browser, but that could be hacked... > > - the length of the key for the symmetric encryption. > > Maybe there are others.
The PKI resp. the CAs are the weakest spot of S/MIME (if you rely on the S/MIME PKI for certificate verification). Regards, Ingo
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
