Bill,
I've got a question about GPG, or actually about PKI in general.
Since my browser now flags non-https sites as "Unsecure," I'd like to
know how to generate a key to put in my Apache setup which will swing
the padlocks shut. I know that it won't be "valid" unless I import the
key into my browser, but that's a one-time effort and will stop the
"unsecure" messages when I ask people to visit my websites.
Also, if possible, I'd like to be able to pass out keys for users to use
in lieu of passwords to access secured areas.
Please tell me how to go about that, and thanks in advance.
Bill
On 9/16/2018 11:41 PM, Bill Ricker wrote:
* We will NO LONGER sign RSA or DSA 1024b keys (or shorter). Obsolete.
* We will NOT sign RSA 2048b keys without expiration dates orwith
expiration dates beyond 2020.
* Use RSA 4096 or ed25519 for gpg2 --gen-key
Notes
* If concerned about well-capitalized massive factoring dictionaries,
subtract a small multiple of 8 bits to get a size that is not standard
and thus won't be dictionaried.
* Alas the one trustworthy ECC curve, ed25519, is supported only in
GPG 2.1.7+ (gpg2), but if you have recent Ubuntu you you can use it now.
See https://nickhu.co.uk/posts/2016-09-03-curvy-gpg/ for instructions
GPG2 gives a warning that it's not yet standardized so i'm considering
it still somewhat expriemental ... i'm going to try a 10y expiring on
this
_______________________________________________
Announce mailing list
annou...@blu.org <mailto:annou...@blu.org>
http://lists.blu.org/mailman/listinfo/announce
--
Bill Ricker
bill.n1...@gmail.com <mailto:bill.n1...@gmail.com>
https://www.linkedin.com/in/n1vux
_______________________________________________
Officers mailing list
offic...@blu.org
http://lists.blu.org/mailman/listinfo/officers
--
Bill Horne
828-678-1548 (Cell)
_______________________________________________
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss