Language Selection

English French German Italian Portuguese Spanish

Evolution vs sha256, or why my new key is useless

Filed under
Software
Security

There’s again a bit of cryptographic related panicing going on at the moment. This time it’s not a bug in the Debian version of OpenSSL, but another attack on SHA-1 that appears to break it a bit worse than before. So now everybody is generating new gpg keys to move away from SHA-1 hashes.

There’s one problem though: even when you generate a new gpg key that supports better hashing, your applications will still need to support the better hashing for it to be effective.

Given that gnupg is pretty unusable as a library, making everyone create library-ish wrappers around its command-line interface, it is very easy to get this wrong.

rest here




More in Tux Machines

Linux @ About.com

During the past month I have been in discussions with a number of people at about.com. I have been provided with the opportunity of writing articles on the linux.about.com subsite and I am in full control of all the content that will appear on that site. It is early days and there is some old content on the site which is a bit out of date but I plan to make linux.about.com a great resource for everyone. Read more

Leftovers: Software

today's howtos

Leftovers: Gaming