Attached are the footnotes for this year's crypto news. (Sorry to be so
late, we had a 36 hour internet/phone outage. Not Verizon's fault the
excavation contractor cut a bundle.)

One update is the DCC DPRNG that I quoted knowledgeable folk as saying was
" so slow no one used it" so we didn't care it was deprecated was in fact
set as the Default in the RSA BSAFE commercial crypto suite. (Which is
quite expensive so if you aren't building FIPS-certified software you
likely can't afford it.) RSA is also deprecating this also.
http://www.wired.com/threatlevel/2013/09/rsa-advisory-nsa-algorithm/

Good blogs for non-sec techies to follow for sec stuff:
*Technology Review*,  http://www.technologyreview.com/computing/
*Ars Technica* http://arstechnica.com/security/
*Schneier.com* https://www.schneier.com/
*Wired* mag http://www.wired.com/threatlevel/

e.g., overview -
http://www.technologyreview.com/news/519171/nsa-leak-leaves-crypto-math-intact-but-highlights-known-workarounds/


On Wed, Sep 18, 2013 at 11:43 AM, Bill Ricker <[email protected]> wrote:

>
>
> ---------- Forwarded message ----------
> From: Bill Ricker <[email protected]>
> Date: Wed, Sep 18, 2013 at 11:23 AM
> Subject: Re: Boston Linux Meeting reminder today, September 18, 2013 -
> PGP/GnuPG Keysigning Party XIV
> To: Jerry Feldman <[email protected]>
> Cc: BLU <[email protected]>, Greater New Hampshire LUG <
> [email protected]>
>
>
> Based on latest news and comments, we should not be signing 1024 bit keys.
>
> 2048 or larger. Bruce Schneier's new key is 4096 bits, so that's become
> accepted.
>
> bill
>
>
>
> --
> Bill
> @n1vux [email protected]
>



-- 
Bill
@n1vux [email protected]
_______________________________________________
Discuss mailing list
[email protected]
http://lists.blu.org/mailman/listinfo/discuss

Reply via email to