summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNicholas Johnson <nick@nicholasjohnson.ch>2023-03-17 00:00:00 +0000
committerNicholas Johnson <nick@nicholasjohnson.ch>2023-03-17 00:00:00 +0000
commita64fc5722b57b50ca686b7e9e8c1c1d2ba58f04b9c926bd11e5a2fcd74d21220 (patch)
tree329d3338cd7e646b616b495fc7f941bceca380c37737b8d78167fa47db485db9
parentab6d0c42d8da34f37b1c8e8a02218e6f824fd92deed385c57a2c277ebb49bf1c (diff)
downloadjournal-a64fc5722b57b50ca686b7e9e8c1c1d2ba58f04b9c926bd11e5a2fcd74d21220.tar.gz
journal-a64fc5722b57b50ca686b7e9e8c1c1d2ba58f04b9c926bd11e5a2fcd74d21220.zip
Correct information about NIST curves
-rw-r--r--content/entry/goodbye-pgp.md2
1 files changed, 1 insertions, 1 deletions
diff --git a/content/entry/goodbye-pgp.md b/content/entry/goodbye-pgp.md
index 3d76a9f..9d5d846 100644
--- a/content/entry/goodbye-pgp.md
+++ b/content/entry/goodbye-pgp.md
@@ -36,7 +36,7 @@ To protect your contact list from the keyserver, you have to install [Parcimonie
Hopefully all your contacts use Parcimonie too. Otherwise they leak their association with you every time they pull your key. Probably less than 1% of GPG users use it, so your whole keyring is still being leaked no matter what. Sorry.
## Broken Crypto
-[PGP also supports the NIST and Brainpool elliptic curves which many security experts believe are backdoored.](https://safecurves.cr.yp.to/) It shouldn't support those curves in the first place. At the very least, GPG should warn users, but it doesn't.
+[PGP also supports the NIST elliptic curves, which are potentially backdoored depending on which expert you ask.](https://safecurves.cr.yp.to/rigid.html)
OpenPGP sacrifices security in the name of backwards-compatibility and standards compliance. It supports broken/outdated algorithms like SHA-1, 3DES, CAST5, and Blowfish. It uses CFB mode and S2K password hashing, which no modern cryptosystem should use.