Problem encrypting to a hushmail gpg key
Sean Rima
sean at srima.ie
Thu Jan 28 06:51:33 CET 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
On 26/01/2010 18:52, vedaal at hush.com wrote:
> Sean Rima <sean () srima wrote on Date: 2010-01-17 17:23:31 :
[Cut]
> it is not a great idea to use hushmail keys for open pgp encryption
> or authentication
>
> (1) the keys are not updated, and can't be for the same email
> address,
> so, for example, i've been with hushmail since it started, and my
> key is a 1024 bit key and signs with SHA-1
> (to be fair, i imagine that whenever this becomes a 'real' threat,
> hushmail will allow for modifications/new keys)
>
> (2) the hushmail user probably will not be able to decrypt a gnupg
> encrypted message in hushmail if the encryption algorithm chosen
> isn't currently being used by hushmail, which, depending on how old
> the key is, may not be the encryption algorithm listed on the key,
>
> and if the hushmail user uses gnupg (preferable ;-) ), then he/she
> would be better off generating a new key in gnupg, and just leave
> the hushmail key for hushmail users
>
I will pass this info on, though how far we get is debatable :) Thanks
for the info
Sean
- --
GSWoT and CaCert WOT Assurer
.tel http://rima.tel/
I believe that every human has a finite number of
heartbeats. I don't intend to waste any of mine
running around doing exercises. - Neil Armstrong
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (MingW32)
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Contact Details http://rima.tel
Comment: My GPG Key http://sl.srima.eu/sfr
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEAREDAAYFAkthJeUACgkQydfi32iLfZj5AACfelzckOQnaIrvhnleZy6YCTeK
QnMAoMnSmaJKx+ByaaxXSUwdDyIybOME
=nDtd
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list