gpg vs smime, snowden etc
kloecker at kde.org
Thu Jan 1 23:26:09 CET 2015
On Thursday 01 January 2015 19:19:58 Uwe Brauer wrote:
> I am sorry if this is a little off-topic but I am not sure where to ask.
> I use both, gpg and smime (the later either with gpgsm or with
> Recently the German news magazine «Der Spiegel»  published more of
> the «Snowden files», which reveal that gpg is NSA safe.
> Does anybody know whether smime has the same level of security? There
> are at least two possible weak spots.
> - the generation and sign of the certificate, ideally the
> generation of the keypair should be done by the crypto module of
> the browser, but that could be hacked...
> - the length of the key for the symmetric encryption.
> Maybe there are others.
The PKI resp. the CAs are the weakest spot of S/MIME (if you rely on the
S/MIME PKI for certificate verification).
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 198 bytes
Desc: This is a digitally signed message part.
More information about the Gnupg-users