gpg vs smime, snowden etc

Uwe Brauer oub at
Thu Jan 1 19:19:58 CET 2015


I am sorry if this is a little off-topic but I am not sure where to ask.
I use both, gpg and smime (the later either with gpgsm or with

Recently the German news magazine «Der Spiegel» [1] published more of
the «Snowden files», which reveal that gpg is NSA safe[2].

Does anybody know whether smime has the same level of security? There
are at least two possible weak spots. 

    -  the generation and sign of the certificate, ideally the
       generation of the keypair should be done by the crypto module of
       the browser, but that could be hacked...

    -  the length of the key for the symmetric encryption.

Maybe there are others. 

Any comments?


Uwe Brauer  

[1]  and I presume the Guardian and the New York Times as well.

[2]  although the documents do not provide any information concerning
     the key length and the gpg version

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6007 bytes
Desc: not available
URL: </pipermail/attachments/20150101/419f0977/attachment.bin>

More information about the Gnupg-users mailing list