Mirrors
/
open-keychain
mirror of https://github.com/open-keychain/open-keychain.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated OpenPGP Security (markdown)

Dominik Schürmann 2015-08-03 00:51:34 +02:00
parent 08c6ce1f98
commit 227f099aa7
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
OpenPGP-Security.md

@ -3,7 +3,7 @@
* We do not import v3 keys (https://github.com/coruus/cooperpair/tree/master/keysteak) * We do not import v3 keys (https://github.com/coruus/cooperpair/tree/master/keysteak)
* If a v4 key is imported with a long key id that already exists in the database, the import is canceled. (see https://github.com/coruus/cooperpair/tree/master/pgpv4 for test keys) * If a v4 key is imported with a long key id that already exists in the database, the import is canceled. (see https://github.com/coruus/cooperpair/tree/master/pgpv4 for test keys)
* Whitelist of ciphers, whitelist of hash algorithms, minimum key requirements, and cipher/hash/key defaults can be found in [PgpConstants](https://github.com/open-keychain/open-keychain/blob/master/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpConstants.java). * Whitelist of ciphers, whitelist of hash algorithms, minimum key requirements, and cipher/hash/key defaults can be found in [PgpConstants](https://github.com/open-keychain/open-keychain/blob/master/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpConstants.java).
* We explicitly don't honor the preferred algorithms indicated by imported public keys to prevent fallback attacks (see coruus comments). * We explicitly don't honor the preferred algorithms indicated by imported public keys to prevent downgrade attacks (see coruus comments).
## Keyserver Security ## Keyserver Security
* All pre-configured keyservers use HKPS * All pre-configured keyservers use HKPS