gpg vs smime, snowden etc
Ingo Klöcker
kloecker at kde.org
Thu Jan 1 23:26:09 CET 2015
On Thursday 01 January 2015 19:19:58 Uwe Brauer wrote:
> Hello
>
> I am sorry if this is a little off-topic but I am not sure where to ask.
> I use both, gpg and smime (the later either with gpgsm or with
> thunderbird)
>
> Recently the German news magazine «Der Spiegel» [1] published more of
> the «Snowden files», which reveal that gpg is NSA safe[2].
>
> Does anybody know whether smime has the same level of security? There
> are at least two possible weak spots.
>
> - the generation and sign of the certificate, ideally the
> generation of the keypair should be done by the crypto module of
> the browser, but that could be hacked...
>
> - the length of the key for the symmetric encryption.
>
> Maybe there are others.
The PKI resp. the CAs are the weakest spot of S/MIME (if you rely on the
S/MIME PKI for certificate verification).
Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20150101/73a87047/attachment.sig>
More information about the Gnupg-users
mailing list