gpg vs smime, snowden etc

Ingo Klöcker kloecker at kde.org
Thu Jan 1 23:26:09 CET 2015


On Thursday 01 January 2015 19:19:58 Uwe Brauer wrote:
> Hello
> 
> I am sorry if this is a little off-topic but I am not sure where to ask.
> I use both, gpg and smime (the later either with gpgsm or with
> thunderbird)
> 
> Recently the German news magazine «Der Spiegel» [1] published more of
> the «Snowden files», which reveal that gpg is NSA safe[2].
> 
> Does anybody know whether smime has the same level of security? There
> are at least two possible weak spots.
> 
>     -  the generation and sign of the certificate, ideally the
>        generation of the keypair should be done by the crypto module of
>        the browser, but that could be hacked...
> 
>     -  the length of the key for the symmetric encryption.
> 
> Maybe there are others.

The PKI resp. the CAs are the weakest spot of S/MIME (if you rely on the 
S/MIME PKI for certificate verification).


Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20150101/73a87047/attachment.sig>


More information about the Gnupg-users mailing list