On Fri, Jun 05 2009, andrew mcelroy wrote:
> On Fri, Jun 5, 2009 at 7:46 PM, Manoj Srivastava <[email protected]>wrote:
>
>>
>> Hi,
>>
>> Earlier this year, there was announced a fairly serious attack
>> against the SHA1 digest algorithm (at eurocrypt), and the general
>> consensus is that we should be "moving in an orderly fashion toward the
>> theater exits," deprecating SHA-1 where possible with an eye toward
>> abandoning it soon (federal agencies have been directed to cease all
>> reliance on SHA-1 by the end of 2010).
>>
>
> What are they moving to? I thought that the NIST was still fielding out a
> good hash algorithm.
> Infact this : http://media.omediaweb.com/rsa2009/keynote_catalog.htm (click
> on panel the discussion )
> brushed over that topic.
Sure -- but sha256 is a lot better while that is sorted out.
>>
>> Given that, it is time to migrate off the old 1024-bit DSA keys,
>> and migrate to newer 2048 or even 4096 bit RSA key-pairs, and then of
>> course one has to regenerate the web of trust thing.
>>
>> Are there enough of us in the area to make a social key
>> signing/beer/pizza event? I can help organize the event, if there is
>> interest. And I'd love to get together with folks again; I have not
>> been coming over very frequently at all to the meetings.
>>
>
> Count me in.
> After reading the howto, would this be a NLUG ring?
Well, I am also sending the same info to the nashdl list (if
only I were subscribed with the same address to both lists, I
might be able to cross-post).
There is also some interesting reading about increasing GnuPG
key usage at:
http://www.debian-administration.org/users/dkg/weblog/48
An older article reads (but remember this is before sha1 became
deprecated):
http://ubuntuforums.org/showthread.php?t=687173
Another ancient text, but one I think should be read by anyone
who uses a laptop, is
http://fortytwo.ch/gpg/subkeys
So, is people who want to be part of the keysigning send me
their public keys via private email, I'll create the list, and a hash,
and publish both the list and the hash well in advance, so people have
time to do the hash verification before the actual key signing.
Depending on how the response is, we can figure out when to do
the party -- hopefully mid to late June, I think. Oh, anyone who does
not yet have a key, the key-signing HOWTO at:
http://cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html
has a decent intro -- and this will be a good time to get your shiny
new key signed.
manoj
--
The way to make a small fortune in the commodities market is to start
with a large fortune.
Manoj Srivastava <[email protected]> <http://www.debian.org/~srivasta/>
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"NLUG" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/nlug-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
