On Wed, 25 Jan 2017 01:05, si...@web.de said: > not sure this is the perfect place, but I wanted to point out that the > gnupg.org website still uses sha1 as a mac.
Despite that SHA-1 is not yet broken they now even claims that HMAC-SHA1 is broken? I do not even known a theoretical attack on HMAC-MD5. This whole banning of SHA-1 and 3DES for public https servers and in particular ssllabs' new grades is mostly security theater. Sure, this helps to raise awareness that we always need to be prepared to replace algorithms and for that it is a Good Thing. However, for the Web threat model these algorithms are still fine: To attack Web sites there are _much_ easier ways than to break SHA-1 or to inject JS to generate incredible large amounts of traffic to reach the limit of 64 bit block ciphers. Let alone the contradiction of sending Javascript to the client and claiming security of the user/client. This reminds me of the proverbial barbed wire equipped gate protected by a bunch of gunmen and 5 miles of a 2 feet high latticework fence. Guess where the thieves will enter the property. > Also, activating OCSP to increase privacy might be a good idea too. OCSP is used as an alternative to CRLs and not directly related to privacy. On a CA break the next update of your browser will put the A onto its internal blacklist anyway. When the server key is compromised OCSP does not help at all > Thanks for your work on open source encryption. :-) Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
pgpeNdHYUkBLQ.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users