[pkg-gnupg-maint] Bug#623539: GnuPG 2.0 and gnome-keyring
Werner Koch
wk at gnupg.org
Fri Apr 17 09:22:27 UTC 2015
On Tue, 14 Apr 2015 14:38, joss at debian.org said:
> Sorry, I was under the impression this was a discussion about actually
> improving the situation, not about Debian being used as a playground for
> petty complaints about other upstreams.
Sorry, this is serious brokenness which is going on for years. For the
records let me conclude:
Jessie will be released with a default GNOME and an optional XFCE
desktop featuring these bugs affecting GnuPG
- S/MIME (gpgsm) does not work at all.
- Smartcards for GPG won't work.
- GnuPG's included ssh-agent can't be used.
- The passphrase protection of GnuPG private keys has been reduced to
a security level we had before 2010.
- Brute forcing symmetric encrytion is as easy as before 2010.
(~300 times faster on an i5-2410M, 2.3Ghz)
This has been justified by a better looking passphrase entry dialog for
GPG keys in GNOME's keyring-manager.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 180 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20150417/1e55c1d9/attachment.sig>
More information about the pkg-gnupg-maint
mailing list