Re: why is SHA1 used? How do I get SHA256 to be used?

; > If I use MD5, even for one message, that allows a moderately > > determined attacker to replay that signature on what is likely to > > become a fairly large set of messages. I'd rather avoid that, thank > > you. > > You've *already done this*. Reall

Re: why is SHA1 used? How do I get SHA256 to be used?

is, will GnuPG fall back to SHA-1 if it's not in my digest preferences? I'd much rather fail to generate a signature than generate one using an algorithm which is very weak. [0] http://eprint.iacr.org/2011/641 -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 27

Re: ideal.dll

ng it by any means. I still accept signatures on it and data encrypted to it, just like I do with my v4 key. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994

Re: fingerprint

the same key ID, which kinda defeats the purpose. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187 signature.asc Description: D

Re: [new-user] question

nds you an unsigned encrypted message, there is no way to verify that I came from who you think it did. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 2

Re: comments on uid

ally can't be done if the UID has been published) and adding a new UID. If you want to do those two steps, you have to do them manually. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v

Re: compilation information ?

On Wed, Mar 14, 2012 at 01:05:53AM -0400, Robert J. Hansen wrote: > On 3/14/2012 12:44 AM, brian m. carlson wrote: > > From looking at the source, I don't believe so. Note that the only case > > in which you have more than one option is Windows/DOS. > > GnuPG compiles j

Re: compilation information ?

only case in which you have more than one option is Windows/DOS. For other platforms, the binary is always compiled in the ordinary way. I expect exposing this information was not considered to be terribly important since most platforms don't have this issue. -- brian m. carlson / bria

Re: small security glitches

key.  Then they can decrypt > the original "C" contents from #1. This doesn't work, because all you get is the output of the block cipher. That doesn't tell you the key if the block cipher is secure. -- brian m. carlson / brian with sandals: Houston, Texas, US +

Re: Using the not-dash-escaped option

my sentbox, > where the header you cite above says > > Content-Transfer-Encoding: quoted-printable I think what Werner is saying is to use quoted-printable encoding; then, the space will be represented as =20 (when encoded) and it will be less likely to get eaten by hungry mail-handli

Re: [META] please start To: with gnupg-users@gnupg.org, i.e.:

On Tue, Jan 31, 2012 at 11:23:25PM +, MFPA wrote: > On Monday 30 January 2012 at 7:06:43 PM, in > , brian m. > carlson wrote: > > The problem is that unlike regular list messages, the > > dupes don't come with the list headers, which makes > > sorting them based

Re: [META] please start To: with gnupg-users@gnupg.org, i.e.:

st messages, the dupes don't come with the list headers, which makes sorting them based on the list headers problematic. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 919

Re: Why hashed User IDs is not the solution to User ID enumeration (was: Re: Creating a key bearing no user ID)

ing on an OpenPGP library which may sprout a keyserver daemon supporting this, but there's no guarantee that that will happen anytime soon, if ever. Don't hold your breath. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bm

Re: RSA padding scheme

MFPA wrote: > On Monday 23 January 2012 at 12:47:03 AM, in > , brian m. carlson > wrote: > > This is not a problem with OpenPGP because the attacker > > never gets to see the value encrypted with RSA because > > it's the symmetric key. > > Isn't that t

Re: Using root CAs as a trusted 3rd party

us other people, but I have not verified the connection between that person's identity and key myself, I use a local signature. That way I don't have other people rely on my assertion if I haven't done the amount of checking that I would like to before making a public statement. -

Re: 1024 key with 2048 subkey: how affected?

m with implementations that verify signatures only once and then cache the results, but most implementations do not do that. Also, there's nothing preventing people from actually signing data with the primary key, so someone who is unfamiliar with your strategy might accidentally use a single, v

Re: RSA padding scheme

#x27;t deal any > damage? Basically. The issue is that if the padding is incorrect, the message is rejected. So the attacker can't manipulate the message without risking corrupting the structure of the method. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | ht

Re: RSA padding scheme

d different padding schemes, then all implementations would have to support multiple padding schemes, which would be burdensome without providing significantly more security. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion

Re: maximum passphrase for symmetric encryption ?

phrase and use salt (8 bytes of random data stored with the passphrase to make the hash unique even if you reuse the passphrase). This makes brute-force attempts slower since more computation is required. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www

Re: Bad Signatures when using check-sigs

the signature was made is different than the original data. * Someone made an error in the OpenPGP implementation. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1

Re: kernel.org status: establishing a PGP web of trust

fairly confident that you have a good PRNG, such as /dev/urandom, then there's not really much concern about k. After all, you also need a good PRNG for CFB IVs as well, although the consequences aren't as disastrous. -- brian m. carlson / brian with sandals: Houston, T

Re: Manually compute key fingerprint

print would change every time you added a new ID or signature, which would not be hhelpful. If you need to be able to compute the fingerprint independently, you'll need to parse the public key packet and follow the formula specified in RFC 4880. It's not terribly difficult. -- brian m.

Re: Multiple Keyrings WAS Signing multiple keys

seems silly and wasteful, plus it prevents the storage of multiple, separate keyrings in one directory (like /usr/share/keyrings). If you would like to use the --homedir method, nothing is preventing you from doing that. But breaking existing infrastructure will go over like a lead balloon. --

Implementation question: validating left two of signatures

ation) actually give any credence to the left two whatsoever? If there's an OpenPGP implementers' list or another, more appropriate forum, please feel free to point me in that direction. I couldn't find one, so I posted here. -- brian m. carlson / brian with sandals: Houston, Texas