On Tue, 2013-12-17 at 13:01 -0600, Anthony Papillion wrote:
> I know that gnupg is experimenting with ECC and I'm wondering which
> curves the team has decided to use. I know there are some curves that
> are now suspected of being tainted by the NSA through NIST. Has the
> gnupg team ruled using th
On Tue, 17 Dec 2013 20:01, anth...@cajuntechie.org said:
> I know that gnupg is experimenting with ECC and I'm wondering which
> curves the team has decided to use. I know there are some curves that
> are now suspected of being tainted by the NSA through NIST. Has the
> gnupg team ruled using those
Hello
I am using Xemacs, gnus the epa pkg for encrypting s/mime using gpgsm.
I have several email accounts with different (comodo certificates).
Now one certificate for the address addre...@gmail.com has expired.
However I want to send an email from address2 (whose certificate is
*not* expired
On Wed, 18 Dec 2013 02:27, r...@sixdemonbag.org said:
> because you just shifted to arguing that "since GnuPG defaults to
> AES-256, we need to use RSA-15000 by default otherwise the asymmetric
FWIW:
The rationale why we use the order AES256,192,128 is
for compatibility reasons with PGP.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/18/2013 12:05 AM, Robert J. Hansen wrote:
>> So in other words the message can not be read by some govt genius
>> with a rack of computers??
>
> How would I know? Ask a government genius with a rack of
> computers.
>
> I don't know the extent
Am Di 17.12.2013, 10:40:21 schrieb Doug Barton:
> On 12/17/2013 01:09 AM, Lev Serebryakov wrote:
> | Is it possible to synchronize UID list without transferring "new"
>
> version
>
> | of private key from B to A by external means?
>
> No.
I can reproduce the problem but it doesn't make any se
On 12/18/2013 2:18 AM, Daniel Kahn Gillmor wrote:
> Sorry, but NIST does face a crisis of trust, particularly in the area of
> cryptography, whether either of us wants that to happen or not.
Perhaps: but *not over the PRNG they published*. Please stay on point.
You are demonstrating a tendency h
Hello!
Along with the publication of an interesting new side channel attack by
Daniel Genkin, Adi Shamir, and Eran Tromer we announce the availability
of a new stable GnuPG release to relieve this bug: Version 1.4.16.
This is a *security fix* release and all users of GnuPG versions 1.x are
advise
On Tue, 17 Dec 2013 20:40, c...@rheloud.net said:
> How about an RSS-Feed.
We used to have one for the News. It is currently disabled but will
come back with the new website.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
___
On Wednesday, December 18, 2013 at 9:25 AM, "Werner Koch"
wrote:
>The paper describes two attacks. The first attack allows to
>distinguish
>keys: An attacker is able to notice which key is currently used for
>decryption.
...
> While listening to the acoustic
>emanations of
>the targeted ma
Am Montag, 16. Dezember 2013 20:42:54 schrieb Werner Koch:
> May I suggest to read the archives of just a few weeks to collect the
> reasons why suggestions of using SHA-512 are missing the point. Some
> folks here must have bleeding fingertips from repeating the arguments
> over and over.
What a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 18/12/13 00:01, Micah Lee wrote:
> The problem is you're wanting to make GnuPG go mainstream but then you end
> up with people seeing this: http://i.imgur.com/53nvUqm.png
Yup. That should be avoided. However there are only a few pages that
critic
On Wed, 18 Dec 2013 16:09, bernh...@intevation.de said:
> What about placing this as an FAQ in the wiki.gnupg.org?
We have a FAQ which answers a lot of questions around key sizes in
“Advanced Topics” section. If something is missing it can easily be
added.
Salam-Shalom,
Werner
--
Die Ged
Werner Koch wrote on 12/18/13, 4:05 PM:
> Hello!
>
> Along with the publication of an interesting new side channel attack by
> Daniel Genkin, Adi Shamir, and Eran Tromer we announce the availability
> of a new stable GnuPG release to relieve this bug: Version 1.4.16.
>
> This is a *security fix*
On 16/12/13 23:41, Doug Barton wrote:
> but one argument against what you're suggesting is that it's only as secure
> as the encryption used in step 1 of the hybrid approach.
If only everything in cryptoland was "only as secure as 3DES"...
> The ability to apply SSS to the entire secret would be
On Mi, Dez 18 2013, Uwe Brauer wrote:
> I am using Xemacs, gnus the epa pkg for encrypting s/mime using gpgsm.
>
> I have several email accounts with different (comodo certificates).
> Now one certificate for the address addre...@gmail.com has expired.
>
> However I want to send an email from add
"Here, we describe a new acoustic cryptanalysis key extraction attack,
applicable to GnuPG's current implementation of RSA. The attack can
extract full 4096-bit RSA decryption keys from laptop computers (of
various models), within an hour, using the sound generated by the
computer during the de
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 12/18/2013 07:32 AM, Sam Tuke wrote:
| On 18/12/13 00:01, Micah Lee wrote:
|> The problem is you're wanting to make GnuPG go mainstream but then
you end
|> up with people seeing this: http://i.imgur.com/53nvUqm.png
|
| Yup. That should be avoided
On Wed, 18 Dec 2013 18:31, sys...@ioioioio.eu said:
> "Here, we describe a new acoustic cryptanalysis key extraction attack,
> applicable to GnuPG's current implementation of RSA. The attack can
Well that is what I posted a few hours ago to this list ;-).
Salam-Shalom,
Werner
--
Die Gedan
Getting Goteo approval
==
Posted 18th December 2013 by Sam Tuke
http://blog.gnupg.org/20131218-getting-goteo-approval.html
The targets are set, the rewards are prepared, the press release has been edited
and translated, and now we’re waiting for approval from the crowdfunding
On 12/18/2013 08:53 AM, Peter Lebbing wrote:
On 16/12/13 23:41, Doug Barton wrote:
but one argument against what you're suggesting is that it's only as secure
as the encryption used in step 1 of the hybrid approach.
If only everything in cryptoland was "only as secure as 3DES"...
I understan
On 12/18/2013 1:25 PM, Doug Barton wrote:
> (Robert, please ignore my tortuous use of "secure" in that sentence.) :)
Hey, I was being *nice*. I wasn't even pointing out that 3DES only has
112 bits of keyspace... ;)
___
Gnupg-users mailing list
Gnupg-u
On Dec 18, 2013, at 5:41 AM, Werner Koch wrote:
> On Wed, 18 Dec 2013 02:27, r...@sixdemonbag.org said:
>
>> because you just shifted to arguing that "since GnuPG defaults to
>> AES-256, we need to use RSA-15000 by default otherwise the asymmetric
>
> FWIW:
>
>The rationale why we use the
>> "Jens" == Jens Lechtenboerger
>> writes:
> On Mi, Dez 18 2013, Uwe Brauer wrote:
>> I am using Xemacs, gnus the epa pkg for encrypting s/mime using gpgsm.
>>
> Hi Uwe,
> if I understand you correctly, you fail to encrypt to your From
> address, right?
Not really, my fro
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Well,
I'm really sorry to have set up such a conversation :o)
As I said earlier I'm not quite good at crypto-things, all I wanted to
do was to protect my private key easily in case of HDD error.
And all I wanted to do with this little tool was to
Hi,
I am planing to write a script, which will refresh the apt signing key
before updating using "apt-get update". The script might get accepted in
Debian. [1] With my Whonix hat on, it's safe to say, that this script
will be added to Whonix (which is a derivative of Debian).
Writing that script
On Wed, Dec 18, 2013 at 10:20:26PM +, adrelanos wrote:
> I am planing to write a script, which will refresh the apt signing key
> before updating using "apt-get update". The script might get accepted in
> Debian. [1] With my Whonix hat on, it's safe to say, that this script
> will be added to
> I am planing to write a script, which will refresh the apt signing key
> before updating using "apt-get update".
The question I have is, "What problem are you trying to solve?" I am
certain that Debian Security already has a protocol in place for how to
handle compromised certificates. Is this
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Robert J. Hansen:
>> I am planing to write a script, which will refresh the apt
>> signing key before updating using "apt-get update".
>
> The question I have is, "What problem are you trying to solve?"
What in case the apt signing key gets comprom
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Jason Harris:
> On Wed, Dec 18, 2013 at 10:20:26PM +, adrelanos wrote:
>
>> I am planing to write a script, which will refresh the apt
>> signing key before updating using "apt-get update". The script
>> might get accepted in Debian. [1] With my
30 matches
Mail list logo
