Security doubts on 3DES default
Robert J. Hansen
rjh at sixdemonbag.org
Thu Mar 16 01:44:41 CET 2017
> --weak-digest SHA1 --disable-cipher-algo 3DES
Yeah, but that's ... *bad*. Breaks most of the Web of Trust, makes most
cert sigs meaningless, removes the fallback cipher ... I think this is a
great example of a cure worse than the disease. :)
Phil Pennock made a post a bit ago detailing his experiment with
disabling SHA1. It was informative, to say the least.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 659 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users