[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: pgp 2.6.3i vs pgp5i vs gnupgp

On Mon, Mar 17, 2003 at 02:57:26PM -0600, Drew Scott Daniels wrote:
> I would like to setup a key to eventually be used for Debian related
> activities (the kind nm's need). I would like to use an existing version
> of pgp on a set of solaris systems I have access to, the problem is they
> have PGP version 2.6.3i. I'm unsure as to whether this is a secure version
> of PGP and what kinds of bugs it has in it.

I think you'll want to consider using GnuPG.  PGP's future is pretty
uncertain, and it was pretty bleak until extremely recently.

About this Solaris machine, beware that you shouldn't be running anything
that you want to keep secure on a multi-user machine.  Most of us keep
our keys on machines that are unreachable from the internet.  A single
unpatched Solaris bug could expose your key to the world, and if you're
able to upload packages to Debian based on that key, then millions of
people could be affected by your single fsck-up.

						 - chad

Attachment: pgpcwLANCjZjC.pgp
Description: PGP signature

Reply to: