On Saturday, 25 November 2017 14:24:29 CET, Jerry
wrote:
On Fri, 24 Nov 2017 00:10:44 -0800, Brent Small stated:
What’s up
up
ADVERB
...
Maybe the OP wanted to sent this to What's Ape.
matthias
--
Sent from my Ubuntu phone
http://www.unixarea.de/
___
On Fri, 24 Nov 2017 00:10:44 -0800, Brent Small stated:
>What’s up
up
ADVERB
toward the sky or a higher position:
"he jumped up" · [more]
synonyms: up · higher · uphill · upslope · to the top · skyward ·
heavenward to the place where someone is:
"Dot didn't hear Mrs. Parvi
What’s up
Sent from my iPhone
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On Sat 2017-02-25 09:09:20 -0500, MFPA wrote:
> On Friday 24 February 2017 at 3:15:23 PM, in
> , ved...@nym.hush.com wrote:-
>
>> Even for v3 keys, which were not SHA1 hashed, the only way to
>> generate a new key with the same fingerprint, would be to allow the
>> key size to vary (usually to a b
Hi
On Friday 24 February 2017 at 3:15:23 PM, in
, ved...@nym.hush.com
wrote:-
> Even for v3 keys, which were not SHA1 hashed, the
> only way to
> generate a new key with the same fingerprint, would
> be to allow the
> key size to vary (usually to a bizarre key size that
> would be quite suspect,
If you read the announcement Google never uses the words "completely broken"
that you attribute to them. I believe that was someone else's characterization.
Mis-attribution and name calling can also be unhelpful.
Google's security team has been the driving force behind two major security
issues
On 23 February 2017 at 19:24, wrote:
> Today was announced that SHA1 is now completely broken
> https://security.googleblog.com/2017/02/announcing-first-
> sha1-collision.html
This is nonsense.
Google security team calling sha1 "completely broken" simply means google's
security team is complet
On 2/23/2017 at 4:52 PM, si...@web.de wrote:...
Not sure about you but I am not able to see the difference between a
valid pgp key and "gibberish" ;)
...
=
In the example of the 2 pdf's, they started with one pdf, made
another pdf, then multiple (more than billions) trials of adding a
stri
On Thursday 23 February 2017 23:38:36 Leo Gaspard wrote:
> On 02/23/2017 09:00 PM, Robert J. Hansen wrote:
> > [...]
> >
> > To which I said, "Create two keys with the same fingerprint. Sign a
> > contract with one, then renege on the deal. When you get called
> > into court, say "I never signed
> What I always kinda wonder is, why crypto or security experts, at least
> in some sense never seem to learn.
You kidding me? MD5 hashes are still the standard tool of computer
forensics. It's appalling. The reasons why are fascinating, though:
it's largely for judicial reasons, not technical
On 02/23/2017 09:00 PM, Robert J. Hansen wrote:
> [...]
>
> To which I said, "Create two keys with the same fingerprint. Sign a contract
> with one, then renege on the deal. When you get called into court, say "I
> never signed that, Your Honor!" and present the second key. This collision
> p
On Thu, 2017-02-23 at 13:58 -0500, Robert J. Hansen wrote:
> > "Migrating to SHA256"
> section in
> the FAQ?
What I always kinda wonder is, why crypto or security experts, at least
in some sense never seem to learn.
When MD5 got it's first scratches, some people started to demanded for
it's ASAP r
Am 23.02.2017 um 20:09 schrieb ved...@nym.hush.com:
> The Openpgp standards group is working on this.
Yes but who know how many years it will take until a new standard is accepted...
>
> The link you give for the collision used 2 PDF's.
> Using a PDF is sort-of 'cheating', and does not extrapolat
On 2/23/2017 at 1:27 PM, si...@web.de wrote:Today was announced that
SHA1 is now completely broken
https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html
A few weeks back it was mentioned that there is a new proposal for a
openpgp standart including a new algorithm for pgp
(I originally sent this off-list by mistake. Peter was kind enough to respond
off-list and to suggest we take it back on-list. This email is a distillation
of three different emails: my original, Peter's response, and a response to
Peter.)
=
> I already answered that here[1]. The use of
Am 23.02.2017 um 19:48 schrieb Peter Lebbing:
> On 23/02/17 19:24, si...@web.de wrote:
>> After researching how the fingerprint is generated, I think it would
>> be easy to include a new option in gnupg to print a fingerprint using
>> sha256. Would that be something that will/can be included in fut
> Today was announced that SHA1 is now completely broken
> https://security.googleblog.com/2017/02/announcing-first-sha1-
> collision.html
SHA-1 is broken *for some purposes*. That's scary enough, trust me. Let's
not overstate things.
For the last ten years I've been saying, "The smoke alarm ha
On 23/02/17 19:24, si...@web.de wrote:
> As this is currently not applicable in practice, I would like to know
> what this new development means for pgp-gnupg and the use of SHA1 for
> key identification.
I already answered that here[1]. The use of SHA-1 in fingerprints is not
susceptible to a col
Today was announced that SHA1 is now completely broken
https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html
A few weeks back it was mentioned that there is a new proposal for a openpgp
standart including a new algorithm for pgp fingerprints.
As this is currently not applic
19 matches
Mail list logo
