Re: Defaults

On Thu, 19 Mar 2015 11:19, mue...@cryptobitch.de said: > Is there anything in this listing that would allow me to quickly copy and > paste > (e.g. double click and middle click) in order to further work with the key, > e.g. edit or encrypt to? Sorry, I do not understand you. This is a command l

Re: Defaults

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Wednesday 18 March 2015 at 12:34:42 AM, in , Robert J. Hansen wrote: > Yes. My list was comprehensive ("what the new set > should be"), not differential ("what needs changing"). > :) Whilst I realise you were specifically concentrating on d

Re: Defaults

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Thursday 19 March 2015 at 10:19:45 AM, in , Tobias Mueller wrote: > I thought short keyids are dangerous and should not be > used, cf. . If that's the case > then it might be a good idea to fade them out as much > as poss

Re: Defaults

On Wed, Mar 18, 2015 at 09:09:30AM +0100, Werner Koch wrote: > Create a new key: > > $ gpg --no-options --quick-gen-key 'test key ' > About to create a key for: > "test key " > > Continue? (Y/n) y > public and secret key created and signed. > > pub rsa2048/50C4476F 2015-03-

Re: Defaults

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Wednesday 18 March 2015 at 8:09:30 AM, in , Werner Koch wrote: > > created: 2015-03-18 expires: never Just wondering why we want keys to never expire by default. Why is that better than a default validity period of "X" years? - -- Best

Re: Defaults

On 03/18/2015 01:34 AM, Robert J. Hansen wrote: I think this shouldn't be supported; CAST5 should only be used if (a) it's in the recipient's key prefs and (b) it's explicitly listed in default-cipher-prefs. I don’t think that ignoring the recipient’s preferences should be the default behavio

Re: Defaults

On Tue, 17 Mar 2015 20:44, r...@sixdemonbag.org said: > Given that 2.1 introduces a lot of new capabilities (mostly with respect > to ECC), I think now, early on in the 2.1 series, would be a good time > to discuss changing the defaults for newly-generated certificates. Let's do a quick check of t

Re: Defaults

> Some of the defaults you propose are already there. Yes. My list was comprehensive ("what the new set should be"), not differential ("what needs changing"). :) > So, AES256 is already the default symmetric cipher (CAST5 and IDEA > are not even in the list and must both be explicitly requested

Re: Defaults

On 03/18/2015 12:28 AM, Daniel Kahn Gillmor wrote: On Tue 2015-03-17 18:53:42 -0400, Damien Goutte-Gattat wrote: Do you mean signatures in general, or key signatures (certifications)? For key signatures, SHA-1 is still the default for RSA keys Is this correct? I think we should be defaulting

Re: Defaults

On 3/17/2015 11:25 PM, Kristian Fiskerstrand wrote: > On 03/17/2015 10:58 PM, Pete Stephenson wrote: >> On 3/17/2015 8:44 PM, Robert J. Hansen wrote: > > ... > >> Is Deterministic DSA only available in 2.1, or do 1.x and 2.0.x >> also have that feature? > > > RFC6979 is used for gnupg 2.0 compi

Re: Defaults

On Tue 2015-03-17 18:53:42 -0400, Damien Goutte-Gattat wrote: > Do you mean signatures in general, or key signatures (certifications)? > For key signatures, SHA-1 is still the default for RSA keys Is this correct? I think we should be defaulting to SHA-256 for RSA certifications these days. If

Re: Defaults

On 03/17/2015 08:44 PM, Robert J. Hansen wrote: Given that 2.1 introduces a lot of new capabilities (mostly with respect to ECC), I think now, early on in the 2.1 series, would be a good time to discuss changing the defaults for newly-generated certificates. Some of the defaults you propose are

Re: Defaults

On Tuesday, March 17, 2015 06:53:48 PM Daniel Kahn Gillmor wrote: > Brainpool-512 is incompatible with some of the other work going on in > the OpenPGP ecosystem (e.g. yahoo and google's work on the e2e webmail > app, which supports P-256 and P-512). Well, the Yahoo! folks are not 100% committed t

Re: Defaults

>> Looking over it again, it turns out the Canadians are distrustful >> of 128-bit crypto *in general*. None of them are approved for >> periods longer than seven days. > > True, but that's not uncommon: OpenVPN in TLS mode renegotiates a > new session key ever hour by default. GnuPG generates ne

Re: Defaults

> by this argument, you should have pushed for RSA 3072 during the > last defaults change, since it would have lasted longer than 2048 ;) You're absolutely right, I should have. :) I took my eye off the ball and didn't notice we were changing defaults, otherwise I would've argued then for RSA-30

Re: Defaults

On Tue 2015-03-17 18:37:40 -0400, Robert J. Hansen wrote: >> I agree that defaulting to brainpool-512 right now would be a >> mistake. >> >> Defaulting to RSA 3072 seems reasonable to me, though. > > I think it's best to minimize the number of times we change the > defaults. If we change them too

Re: Defaults

On 3/17/2015 11:25 PM, Robert J. Hansen wrote: >> As long as we're considering "legacy" algorithms like RSA and DSA, >> is there any particular reason for preferring RSA over DSA at such >> key lengths? > > I have reasons to prefer RSA, yes, but whether they'll convince you is a > different matter

Re: Defaults

> I agree that defaulting to brainpool-512 right now would be a > mistake. > > Defaulting to RSA 3072 seems reasonable to me, though. I think it's best to minimize the number of times we change the defaults. If we change them too often it causes users to wonder if there's some weakness in OpenPG

Re: Defaults

> I have reasons to prefer RSA, yes, but whether they'll convince you > is a different matter. :) D'oh! Forgot to mention an important one -- RSA-3072 keys can be moved to smart cards, and/or generated on the same. Very few smart cards support DSA. :) signature.asc Description: OpenPGP di

Re: Defaults

On Tue 2015-03-17 17:58:47 -0400, Pete Stephenson wrote: > Alas, a lot of Linux distributions are quite slow-moving: it's unlikely > that distributions like Debian and Ubuntu will have GnuPG 2.1.x > available (let alone installed by default) for several years. For debian stable, this is likely to

Re: Defaults

> As long as we're considering "legacy" algorithms like RSA and DSA, > is there any particular reason for preferring RSA over DSA at such > key lengths? I have reasons to prefer RSA, yes, but whether they'll convince you is a different matter. :) Where signature size matters most is in email. A

Re: Defaults

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 03/17/2015 10:58 PM, Pete Stephenson wrote: > On 3/17/2015 8:44 PM, Robert J. Hansen wrote: ... > Is Deterministic DSA only available in 2.1, or do 1.x and 2.0.x > also have that feature? > RFC6979 is used for gnupg 2.0 compiled with libgcrypt

Re: Defaults

On 3/17/2015 8:44 PM, Robert J. Hansen wrote: > Given that 2.1 introduces a lot of new capabilities (mostly with respect > to ECC), I think now, early on in the 2.1 series, would be a good time > to discuss changing the defaults for newly-generated certificates. > > In a nutshell: > > * Off

Re: Defaults

> I remember reading about an attack that works better against AES-256 > than AES-128: That one's a related-key attack, which requires the attacker to have a significant number of keys that have some mathematical relationship to each other. OpenPGP uses random nonces for symmetric keys (or itera

Re: Defaults

On Tue, 17 Mar 2015 15:44:47 -0400 Robert J. Hansen wrote: > [*] As I read the tea leaves, I'm more convinced of AES256's long-term > strength than I am of AES128's. However, the idea that either one of > them is somehow 'weak' is just ludicrous. If you use AES128, don't > panic. :) I remember

RE: Defaults

My vote is for the defaults Robert is proposing. Definitely in keeping with what else I have been reading. Thanks, Bob Cavanaugh > -Original Message- > From: Gnupg-users [mailto:gnupg-users- > bounces+robertc=broadcom@gnupg.org] On Behalf Of Robert J. > Hansen > Sent: Tuesday, Mar

Re: defaults / homedir / loal variable / option file etc

On 01/03/2011 11:05 AM, Neil Phillips wrote: > it says i can place stuff in a file called gpg.conf that is located in my > C:\Profiles\xxx\Application Data\gnupg folder. > well there is no gpg.conf file there :( You've found the right location, i think. You should be able to just create the file

Re: defaults / homedir / loal variable / option file etc

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello Neil, gpg reads gpg.conf by default so you an stick any variables you like - they wil get read David Neil Phillips wrote: > Hi, > > gpg -version = 2.0.14 > > So i'm looking at changing some of the defaults used by gpg. > cipher, compression