Using Scute with a 4096-bit key and TLSv1.2?
Damien Goutte-Gattat
dgouttegattat at incenp.org
Tue Sep 27 15:57:01 CEST 2016
On 09/27/2016 12:23 PM, Nicolas Boullis wrote:
> Any idea how I can have this problem fixed?
> I am no crypto-guru and probably can’t solve this problem all by myself,
> but I’d be happy to test things…
Is there any chance you could try with GnuPG 2.1 instead of GnuPG 2.0?
If I remember correctly, even with the latest Scute (at the tip of the
current master branch in Git), with GnuPG 2.0 you cannot use TLS 1.2,
because the agent from GnuPG 2.0 does not expect the kind of hash that
it receives from Scute.
At the time, I was able to make TLS 1.2 work with GnuPG 2.0.26 by
backporting commit 1c09def22d97de3738a2bec4970504bfc155680b [1]. You
could try that, but I think switching to GnuPG 2.1 would be a better
solution if possible.
Damien
[1] https://lists.gnupg.org/pipermail/gnupg-devel/2014-September/028759.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20160927/bcd2d9f4/attachment.sig>
More information about the Gnupg-devel
mailing list