Given the release of v1.4.10, the SHA256 hashing algorithm is preferred
over SHA1. Yet, after updating my default preferences with 'setpref' and
signing some text, SHA1 is still used as the default hashing algorithm.
Is there something else I need to do to ensure that I'm using SHA256 by
default fo
On 02/23/2011 22:26, Aaron Toponce wrote:
Given the release of v1.4.10, the SHA256 hashing algorithm is preferred
over SHA1. Yet, after updating my default preferences with 'setpref' and
signing some text, SHA1 is still used as the default hashing algorithm.
Is there something else I need to do t
On 24/02/11 8:03 PM, Doug Barton wrote:
> On 02/23/2011 22:26, Aaron Toponce wrote:
>>
>> Given the release of v1.4.10, the SHA256 hashing algorithm is
>> preferred over SHA1. Yet, after updating my default preferences
>> with 'setpref' and signing some text, SHA1 is still used as the
>> default ha
> Given the release of v1.4.10, the SHA256 hashing algorithm is preferred
> over SHA1. Yet, after updating my default preferences with 'setpref' and
> signing some text, SHA1 is still used as the default hashing algorithm.
> Is there something else I need to do to ensure that I'm using SHA256 by
>
On Thu, Feb 24, 2011 at 08:37:50PM +1100, Ben McGinnes wrote:
> On 24/02/11 8:03 PM, Doug Barton wrote:
> > You're using a 1024 bit DSA key, which won't allow for 256 bit
> > hashes. RIPEMD-160 is the largest you can use, and works well for
> > that kind of key.
Okay. That's understandable. That
I generated my key back in 2004, and I've been a very vocal and active
supporter of GnuPG, encrypting communications, and digitally signing
mail. However, I was in a discussion with a friend, and the topic came
up that it is theoretically possible to rebuild your private key if
someone had access t
On 2/24/11 9:09 AM, Aaron Toponce wrote:
> However, I was in a discussion with a friend, and the topic came
> up that it is theoretically possible to rebuild your private key if
> someone had access to all your signed mail.
It is theoretically possible to rebuild your private key if someone has
ac
On 02/24/2011 04:03 AM, Doug Barton wrote:
> On 02/23/2011 22:26, Aaron Toponce wrote:
>> Given the release of v1.4.10, the SHA256 hashing algorithm is preferred
>> over SHA1. Yet, after updating my default preferences with 'setpref' and
>> signing some text, SHA1 is still used as the default hashi
On 02/24/2011 09:09 AM, Aaron Toponce wrote:
> What is the likelihood that an attacker could rebuild a private key from
> a collections of signed mail, and would it depend on the hash used in
> the algorithm?
It doesn't depend as much on the digest algorithm used as it does on the
type of public k
On Thu, 24 Feb 2011, Aaron Toponce wrote:
However, I was in a discussion with a friend, and the topic came up that
it is theoretically possible to rebuild your private key if someone had
access to all your signed mail. We debated the size of signatures and
mail that would need to be collected
On Thu, 24 Feb 2011 10:38:41 -0500
Daniel Kahn Gillmor articulated:
> Fortunately, i don't think that the PRNG used in GnuPG has any known
> vulnerabilities.
The key word there is "known"; although the feasibility of rebuilding a
private key by a normal end user is extremely slight. In any case,
On Thu, Feb 24, 2011 at 10:32:11AM -0500, Daniel Kahn Gillmor wrote:
> On 02/24/2011 04:03 AM, Doug Barton wrote:
> > You're using a 1024 bit DSA key, which won't allow for 256 bit hashes.
> > RIPEMD-160 is the largest you can use, and works well for that kind of key.
>
> This isn't actually the c
On Thu, Feb 24, 2011 at 08:37:50PM +1100, Ben McGinnes wrote:
> Cipher: AES256, TWOFISH, CAMELLIA256, AES192, CAMELLIA192, AES,
> CAMELLIA128, 3DES, CAST5, BLOWFISH, IDEA
> Digest: SHA512, SHA384, SHA256, SHA224, RIPEMD160, SHA1, MD5
> Compression: BZIP2, ZLIB, ZIP, Uncompressed
> Features: MDC, Ke
On Fri, Feb 25, 2011 at 03:39:10AM +1300, Atom Smasher wrote:
> if an attacker has two messages signed with DSA, and they happen to
> use the same value of "k" then it's trivial to recover the private
> key.
>
> a random "k" is the achilles heel of DSA and elgamal (and their ECC
> derivatives). if
On 2/24/11 4:31 PM, Aaron Toponce wrote:
> If I run 'setpref S9 S10 S13 ...' when editing my key, then is adding
> all this to the gpg.conf file really necessary?
Yes.
"setpref" is, IMO, a badly misnamed command. The preferences you attach
to your certificate are more like a ranked set of capabi
Just as an FYI to the list --
On Android's mail application, PGP/MIME attachments are nigh-unusable.
It won't render even the plaintext portions: it has to be downloaded and
opened with a text reader. If you're concerned about your mail being
readable on a mobile device (which is increasingly imp
On 02/24/2011 08:22 PM, Robert J. Hansen wrote:
> On Android's mail application, PGP/MIME attachments are nigh-unusable.
> It won't render even the plaintext portions: it has to be downloaded and
> opened with a text reader. If you're concerned about your mail being
> readable on a mobile device (
On Thu, 24 Feb 2011 20:22:03 -0500, "Robert J. Hansen"
wrote:
> Just as an FYI to the list --
>
> On Android's mail application, PGP/MIME attachments are nigh-unusable.
> It won't render even the plaintext portions: it has to be downloaded and
> opened with a text reader. If you're concerned ab
On Thu, Feb 24, 2011 at 08:22:03PM -0500, Robert J. Hansen wrote:
> On Android's mail application, PGP/MIME attachments are nigh-unusable.
> It won't render even the plaintext portions: it has to be downloaded and
> opened with a text reader. If you're concerned about your mail being
> readable on
On 02/24/2011 08:22 PM, Robert J. Hansen wrote:
> On Android's mail application, PGP/MIME attachments are nigh-unusable.
> It won't render even the plaintext portions: it has to be downloaded and
> opened with a text reader. If you're concerned about your mail being
> readable on a mobile device (
On 02/25/2011 03:15 AM, Daniel Kahn Gillmor wrote:
I do *not* consider PGP/MIME harmful for mobile.
They might not be harmfull for ~your~ mobile...
Any mail with attachments is likely to be harmful for mobile.
You just don't know what device and what program will be used to
read your mail and
On 02/24/2011 11:15 PM, M.R. wrote:
> On 02/25/2011 03:15 AM, Daniel Kahn Gillmor wrote:
>> I do *not* consider PGP/MIME harmful for mobile.
>
> They might not be harmfull for ~your~ mobile...
heh. i don't have a "mobile", so i can guarantee that :)
> Any mail with attachments is likely to be h
On 2/24/11 8:33 PM, Daniel Kahn Gillmor wrote:
> thanks for the heads-up, Robert. I'm assuming you're talking about
> PGP/MIME signed mail, not encrypted mail.
Correct.
> Has this been reported to wherever this mailreader tracks their bugs?
> if so, could you provide a link to the bug report? I
On 2/24/11 10:15 PM, Daniel Kahn Gillmor wrote:
> my colleague is using the application named "email", version 2.2.2 on a
> stock 2.2.1 motorola droid.
My problem is reproducible on a stock Droid X running 2.2.something --
just got off a very long flight, funeral in the morning: I'll dig the
preci
On 2/25/11 12:37 AM, Daniel Kahn Gillmor wrote:
> There are good reasons to prefer a PGP/MIME and S/MIME signature
> standards over inline PGP.
And vice-versa. In inline's defense, it *works*, and PGP/MIME often
doesn't.
___
Gnupg-users mailing list
Gn
25 matches
Mail list logo
