"public" key generation (was: default Cipher and Pubkey algo)
Huels, Ralf KSV
Fri Mar 9 08:44:02 2001
Georg Wilckens wrote:
> Hmm.. I find the following set for my key:
> S3 S1 S2
> So we have CAST5, IDEA and 3DES as cipher-algorithm. Strange enough,
> since gpg doesn't support IDEA, IIRC.
Obviously, it wasn't created with GnuPG.
> The key was generated by a german publisher last year at the CeBIT in
> Hanover; do you think I need to make some changes?
If you're paranoid, you might consider creating an entirely new key, anyway.
While I appreciate Heise's effort to promote use of cryptography and
obtained their certificate myself, I still find it odd that they introduce
new users to PGP with what must be considered a severe breach of
(Note to everyone unfamiliar with the "c't crypto-Kampagne":
the publishers of german computer magazine "c't" install a floppy-only
"glass" computer in their booth at the CeBIT fair and give visitors
opportunity to create key pairs on that machine. They also check ID
in order to certify these or other public keys. German readers will
find information on http://www.heise.de/ct/pgpCA/).
Now, while I have _no_ specific reason to suspect that the "glass" computer
is anything but what the Heise people claim, I still think it's not a
good idea to create your key pair in public.
The Heise people will gladly certify a public key that you created on your
Ralf Hüls Bismarckplatz
KSV Kreditschutz-Vereinigung GmbH 44866 Bochum
Score-Consult Tel. 02327/9114-28
http://www.schufa.de/ Fax. 02327/8 40 27