Suggested updates for the Privacy Handbook?
Werner Koch
wk at gnupg.org
Fri Oct 18 09:18:08 CEST 2013
On Fri, 18 Oct 2013 06:50, mezzanine at Safe-mail.net said:
> * Phasing out SHA1 and MD5 hashing and moving from DSA to RSA keys (see https://www.debian-administration.org/users/dkg/weblog/48 for info.)
FWIW, GnuPG used MD5 only for PGP2 compatibility. From rfc-4880:
Implementations MUST implement SHA-1. Implementations MAY implement
other algorithms. MD5 is deprecated.
SHA-1 is is an important part of OpenPGP and used in ways which are
resistant against collision attacks. Thus it is not easy to fade it
out. A paragraph explaining why certain algorithms re used by default
does make sense; though.
> * Using frontends such as GPGTools for the MacOSX platform and GPG4win for the Windows platform.
> * The limitations of GPG with regard to protecting against attacks against an end user's system.
Yes, that is important for real world security.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-doc
mailing list