Updated OpenPGP Security (markdown)
parent
705210111b
commit
95999bb955
|
@ -2,7 +2,7 @@
|
||||||
* We never generate v3 signatures, always v4
|
* We never generate v3 signatures, always v4
|
||||||
* We do not import v3 keys (https://github.com/coruus/cooperpair/tree/master/keysteak)
|
* We do not import v3 keys (https://github.com/coruus/cooperpair/tree/master/keysteak)
|
||||||
* If a v4 key is imported with a long key id that already exists in the database, the import is canceled. (see https://github.com/coruus/cooperpair/tree/master/pgpv4 for test keys)
|
* If a v4 key is imported with a long key id that already exists in the database, the import is canceled. (see https://github.com/coruus/cooperpair/tree/master/pgpv4 for test keys)
|
||||||
* Whitelist of ciphers, whitelist of hash algorithms, minimum key requirements, and cipher/hash/key defaults can be found in [PgpConstants](https://github.com/open-keychain/open-keychain/blob/master/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpConstants.java).
|
* Whitelist of ciphers, whitelist of hash algorithms, minimum key requirements, and cipher/hash/key defaults can be found in [PgpSecurityConstants](https://github.com/open-keychain/open-keychain/blob/master/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSecurityConstants.java).
|
||||||
* We explicitly don't honor the preferred algorithms indicated by imported public keys to prevent downgrade attacks (see coruus comments).
|
* We explicitly don't honor the preferred algorithms indicated by imported public keys to prevent downgrade attacks (see coruus comments).
|
||||||
|
|
||||||
## Keyserver Security
|
## Keyserver Security
|
||||||
|
|
Loading…
Reference in New Issue