Problem encrypting to a hushmail gpg key

Sean Rima sean at srima.ie
Thu Jan 28 06:51:33 CET 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

On 26/01/2010 18:52, vedaal at hush.com wrote:
> Sean Rima <sean () srima wrote on Date:  2010-01-17 17:23:31 :

[Cut]

> it is not a great idea to use hushmail keys for open pgp encryption 
> or authentication
> 
> (1) the keys are not updated, and can't be for the same email 
> address,
> so, for example, i've been with hushmail since it started, and my 
> key is a 1024 bit key and signs with SHA-1
> (to be fair, i imagine that whenever this becomes a 'real' threat, 
> hushmail will allow for modifications/new keys)
> 
> (2) the hushmail user probably will not be able to decrypt a gnupg 
> encrypted message in hushmail if the encryption algorithm chosen 
> isn't currently being used by hushmail, which, depending on how old 
> the key is, may not be the encryption algorithm listed on the key,
> 
> and if the hushmail user uses gnupg (preferable ;-) ), then he/she 
> would be better off generating a new key in gnupg, and just leave 
> the hushmail key for hushmail users
> 

I will pass this info on, though how far we get is debatable :) Thanks
for the info

Sean
- -- 
GSWoT and CaCert WOT Assurer

.tel  http://rima.tel/

I believe that every human has a finite number of
heartbeats. I don't intend to waste any of mine
running around doing exercises. - Neil Armstrong
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (MingW32)
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Contact Details http://rima.tel
Comment: My GPG Key http://sl.srima.eu/sfr
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEAREDAAYFAkthJeUACgkQydfi32iLfZj5AACfelzckOQnaIrvhnleZy6YCTeK
QnMAoMnSmaJKx+ByaaxXSUwdDyIybOME
=nDtd
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list