howto secure older keys after the recent attacks

Daniel Kahn Gillmor dkg at
Fri Sep 11 04:55:09 CEST 2009

On 09/10/2009 10:23 PM, David Shaw wrote:
> "Could" is a very powerful word.  At some point, people have to buy and
> run the closed-source hardware they need to run their open-source
> software on :)

Agreed!  I was just pointing out that the lack of true entropy might not
be as obvious as the proposed card that always returned "0x00" when
asked for a random byte.

There is also open hardware for random number generation, for whatever
that's worth:

i've never used any of these devices myself.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 891 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20090910/beb39bc7/attachment.pgp>

More information about the Gnupg-users mailing list