gpg vs smime, snowden etc
oub at mat.ucm.es
Thu Jan 1 19:19:58 CET 2015
I am sorry if this is a little off-topic but I am not sure where to ask.
I use both, gpg and smime (the later either with gpgsm or with
Recently the German news magazine «Der Spiegel»  published more of
the «Snowden files», which reveal that gpg is NSA safe.
Does anybody know whether smime has the same level of security? There
are at least two possible weak spots.
- the generation and sign of the certificate, ideally the
generation of the keypair should be done by the crypto module of
the browser, but that could be hacked...
- the length of the key for the symmetric encryption.
Maybe there are others.
 and I presume the Guardian and the New York Times as well.
 although the documents do not provide any information concerning
the key length and the gpg version
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 6007 bytes
Desc: not available
More information about the Gnupg-users