logo

blog

My little blog can’t be this cute! git clone https://hacktivis.me/git/blog.git
commit: 4a728d31139070d74d926be57c5592ec878019ca
parent 3caf6983b41061b0d003d6629c6fc581da2dc4d9
Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Date:   Thu,  7 Mar 2019 03:08:40 +0100

articles/Pretty Bad Privacy: <pre/> on RFC4880

Diffstat:

Marticles/Pretty Bad Privacy.xhtml5++---
Mfeed.atom2+-
2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/articles/Pretty Bad Privacy.xhtml b/articles/Pretty Bad Privacy.xhtml @@ -9,7 +9,7 @@ </dl> <h2>OpenPGP standard</h2> <p>The OpenPGP standard mandates that some ciphers must be present in the implementation, they are now broken and well known to be. (<abbr title="As Far As I Remember">AFAIR</abbr> it’s stuff like SHA1, 3DES, …).</p> -<blockquote> +<blockquote><pre> 9.1. Public-Key Algorithms ID Algorithm @@ -65,8 +65,7 @@ ID Algorithm Text Name 100 to 110 - Private/Experimental algorithm Implementations MUST implement SHA-1. Implementations MAY implement -other algorithms. MD5 is deprecated. -</blockquote><cite><a href="https://tools.ietf.org/html/rfc4880">RFC4880</a>, November 2007</cite> +other algorithms. MD5 is deprecated.</pre></blockquote><cite><a href="https://tools.ietf.org/html/rfc4880">RFC4880</a>, November 2007</cite> <p>It leaks a pile of metadata (time, implementation name+version, …)</p> <p>There is no deniability possible, there is quite a difference between no-authentication and deniability, to be elaborated on</p> <p>Your public key/identity <strong>will</strong> end up on the keyservers at some point, no exception.</p> diff --git a/feed.atom b/feed.atom @@ -14,7 +14,7 @@ <link rel="alternate" type="text/html" href="/articles/Pretty%20Bad%20Privacy"/> <id>https://hacktivis.me/articles/Pretty%20Bad%20Privacy</id> <published>2019-03-07T01:00:04Z</published> - <updated>2019-03-07T01:54:33Z</updated> + <updated>2019-03-07T02:08:40Z</updated> <content type="xhtml"><div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <!--#include file="/articles/Pretty Bad Privacy.xhtml"--> </div></content>