[OT] Fwd: PGP/GnuPG unsecure, should be replaced?

To: debian-user-spanish@lists.debian.org
Subject: [OT] Fwd: PGP/GnuPG unsecure, should be replaced?
From: Juan Lavieri <jlavieri@gmail.com>
Date: Fri, 19 Jul 2019 13:48:34 -0400
Message-id: <[🔎] 053f3906-fdd8-15e0-3989-3857dd2767a8@gmail.com>
In-reply-to: <20190719T132902.GA.b9b61.stse@fsing.rootsland.net>
References: <20190719T132902.GA.b9b61.stse@fsing.rootsland.net>


Para la información de quienes tengan interés.

-------- Mensaje reenviado --------
Asunto: PGP/GnuPG unsecure, should be replaced?
Resent-Date: Fri, 19 Jul 2019 11:42:34 +0000 (UTC)
Resent-From: debian-security@lists.debian.org
Fecha: Fri, 19 Jul 2019 13:34:47 +0200
De: Stephan Seitz <stse+debian@fsing.rootsland.net>
Organización: Minas Tirith, Gondor
Para: debian-security@lists.debian.org

Hi!

I found the following article about PGP/GnuPG:
https://latacora.singles/2019/07/16/the-pgp-problem.html

In short you should drop GnuPG because it doesn’t do anything really theright way. It should be replaced with different tools for differentsituations.


Debian is using GnuPG for signing files. From the article:

Signing Packages

Use Signify/Minisign. Ted Unangst will tell you all about it. It’s what

OpenBSD uses to sign packages. It’s extremely simple and uses modernsigning. Minisign, from Frank Denis, the libsodium guy, brings the samedesign to Windows and macOS; it has bindings for Go, Rust, Python,Javascript, and .NET; it’s even compatible with Signify.


What do you think?

Shade and sweet water!

	Stephan

--
| Public Keys: http://fsing.rootsland.net/~stse/keys.html |

--
Errar es de humanos, pero es mas humano culpar a los demás

Reply to:

Prev by Date: Re: baloo_file_extractor, exagerado consumo de recursos...
Next by Date: Problemas con particiones NTFS en debian 9.8
Previous by thread: Re: baloo_file_extractor, exagerado consumo de recursos...
Next by thread: Problemas con particiones NTFS en debian 9.8
Index(es):
- Date
- Thread