Using Scute with a 4096-bit key and TLSv1.2?

Damien Goutte-Gattat dgouttegattat at
Tue Sep 27 15:57:01 CEST 2016

On 09/27/2016 12:23 PM, Nicolas Boullis wrote:
> Any idea how I can have this problem fixed?
> I am no crypto-guru and probably can’t solve this problem all by myself,
> but I’d be happy to test things…

Is there any chance you could try with GnuPG 2.1 instead of GnuPG 2.0?

If I remember correctly, even with the latest Scute (at the tip of the 
current master branch in Git), with GnuPG 2.0 you cannot use TLS 1.2, 
because the agent from GnuPG 2.0 does not expect the kind of hash that 
it receives from Scute.

At the time, I was able to make TLS 1.2 work with GnuPG 2.0.26 by 
backporting commit 1c09def22d97de3738a2bec4970504bfc155680b [1]. You 
could try that, but I think switching to GnuPG 2.1 would be a better 
solution if possible.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20160927/bcd2d9f4/attachment.sig>

More information about the Gnupg-devel mailing list