riseup.net OpenPGP Best Practices article

Werner Koch wk at gnupg.org
Fri Jun 27 09:14:37 CEST 2014

On Thu, 26 Jun 2014 23:36, rjh at sixdemonbag.org said:

> on the key.  For any OpenPGP certificate, you can send it 3DES-encrypted
> traffic and be in complete accordance with the spec and the recipient's
> preferences.

Assuming the sender uses a decent implementation, the attacker must have
been able to modify the senders system by changing the code or the
config files.  This requires write access to the machine; with that an
attacker has thousands of ways to tap the communication.  Degrading to
the still good 3DES is an option which is even not very promising.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list