BSI withdraws approval of GnuPG (revisited after 3 month)
wk at gnupg.org
Mon Nov 4 18:16:27 CET 2019
On Mon, 4 Nov 2019 11:40, Robert J. Hansen said:
> requirements. This could be as simple as, "we prohibit the use of 3DES,
> but OpenPGP lists it as a MUST algorithm".
It is even less technical see my other mail.
FWIW, GnuPG knows all allowed algorithms for the VS-NfD use case and can
be switched into a mode where this is enforced (for creating message) or
indicated with a warning (for reading a message).
$ gpg --compliance=help
gpg: valid values for option '--compliance':
Thus when VS-NfD is required the admin will configure gpg and gpgsm with
--compliance=de-vs. Actually Kleopatra and GpgOL have GUI elements to
enable/show that mode. One thing which sets us apart from other VS-NfD
products is that the very same software can be used for regular mail and
VS-NfD processing without switching. The user experience is thus better
aligned to the real world use.
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 227 bytes
Desc: not available
More information about the Gnupg-users