Efail or OpenPGP is safer than S/MIME

Aleksandar Lazic al-gnupg_users at none.at
Sun May 20 13:03:07 CEST 2018 

On 19/05/2018 14:15, Werner Koch wrote:
> On Fri, 18 May 2018 12:18, patrick at enigmail.net said:
> 
> > How far back will that solution work? I.e. is this supported by all
> > 2.0.x and 2.2.x versions of gpg?
> 
> 2.0.19 (2012) was the first to introduce DECRYPTION_INFO  In any case
> 2.0 is end-of-life.  In theory we could backport that to 1.4 but I don't
> think that makes sense.

On windows is the situtiaon really bad.

###
aleks at aleks-PC MINGW64 ~
$ uname -a
MINGW64_NT-6.1 aleks-PC 2.10.0(0.325/5/3) 2018-02-09 15:25 x86_64 Msys

aleks at aleks-PC MINGW64 ~
$ pacman -Ss gpg
mingw32/mingw-w64-i686-gpgme 1.11.1-1
    A C wrapper library for GnuPG (mingw-w64)
mingw32/mingw-w64-i686-libgpg-error 1.29-1
    Support library for libgcrypt (mingw-w64)
mingw64/mingw-w64-x86_64-gpgme 1.11.1-1
    A C wrapper library for GnuPG (mingw-w64)
mingw64/mingw-w64-x86_64-libgpg-error 1.29-1 [Installiert]
    Support library for libgcrypt (mingw-w64)
msys/libgpg-error 1.27-1 (libraries) [Installiert]
    Support library for libgcrypt
msys/libgpg-error-devel 1.27-1 (development) [Installiert]
    Libgpg-error headers and libraries
msys/libgpgme 1.6.0-1 (libraries) [Installiert]
    A C wrapper library for GnuPG
msys/libgpgme-devel 1.6.0-1 (development)
    Libgpgme headers and libraries
###

I have installed the latest gpg4win 3.1.1 and then you are able to run a
more or less recent version of gpg

###
aleks at aleks-PC MINGW64 ~
$ LANG=C /c/Program\ Files\ \(x86\)/GnuPG/bin/gpg --version
gpg (GnuPG) 2.2.7
libgcrypt 1.8.2
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: C:/Users/aleks/AppData/Roaming/gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
###

The point is that as long as the distribution does not update there
packages they will be always complains from the users.


> Shalom-Salam,
> 
>    Werner
> 
> -- 
> #  Please read:  Daniel Ellsberg - The Doomsday Machine  #
> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

Best regards
Aleks

More information about the Gnupg-users mailing list