This month the branches has been merged to the master. First in the libgcrypt, and the next day to gnupg, and the mail thread is long with some "congrats" words. Is a really good thing to have this implementation available for the general usage.
By now, this keys are only available for "--expert" usage, and it must be like that. This is one of the steps to have them accessible for all of us and have this type of keys and algorithms used in the day by day. A cryptographic development has to follow a process of audit before an official release, and even that I should be audit forever.
This is not a lack of confidence with the developer (perhaps a bit, no worries, it's only crypto-paranoia) but the trust in the algorithms and the implementations below the secrets we put in must require a level of revision. Is not the same problem, if a program fails and some system is not accessible for a couple of hours, than if your private mail communication (ciphered) becomes compromised and some who you don't like can read them.
No comments:
Post a Comment