riseup.net OpenPGP Best Practices article

Werner Koch wk at gnupg.org
Fri Jun 27 09:14:37 CEST 2014


On Thu, 26 Jun 2014 23:36, rjh at sixdemonbag.org said:

> on the key.  For any OpenPGP certificate, you can send it 3DES-encrypted
> traffic and be in complete accordance with the spec and the recipient's
> preferences.

Assuming the sender uses a decent implementation, the attacker must have
been able to modify the senders system by changing the code or the
config files.  This requires write access to the machine; with that an
attacker has thousands of ways to tap the communication.  Degrading to
the still good 3DES is an option which is even not very promising.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.




More information about the Gnupg-users mailing list