Added a comment

author: http://phil.0x539.de/ <Philipp_Kern@web> 2013-03-04 07:36:56 +0000
committer: admin <admin@branchable.com> 2013-03-04 07:36:56 +0000
commit: 62ea45427ad9b037c40fc0a8213be85ed134bcf6 (patch)
tree: 1fde7f4cf69f59683798f995847fd24b3bb07d5a /doc
parent: 51c84ffec5c1ed83acfab2f097aa9ca0305dd5a5 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/doc/bugs/encryption_key_is_surprising/comment_2_5b7e6bb36c3333dfd71808e8b4544746._comment b/doc/bugs/encryption_key_is_surprising/comment_2_5b7e6bb36c3333dfd71808e8b4544746._comment
new file mode 100644
index 000000000..24f8452c3
--- /dev/null
+++ b/doc/bugs/encryption_key_is_surprising/comment_2_5b7e6bb36c3333dfd71808e8b4544746._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="http://phil.0x539.de/"
+ nickname="Philipp Kern"
+ subject="comment 2"
+ date="2013-03-04T07:36:55Z"
+ content="""
+GPG also reduces the key material to the size of a SHA1 hash (because we're using the default option for s2k-digest-algo) to generate the symmetric key used with CAST5. So I wonder a bit why we bother with 512 bytes in the first place. Also they come from urandom (even on Linux), despite being generated once per remote. So maybe the strongness of the weakest link should be written down somewhere.
+"""]]
author	http://phil.0x539.de/ <Philipp_Kern@web>	2013-03-04 07:36:56 +0000
committer	admin <admin@branchable.com>	2013-03-04 07:36:56 +0000
commit	62ea45427ad9b037c40fc0a8213be85ed134bcf6 (patch)
tree	1fde7f4cf69f59683798f995847fd24b3bb07d5a /doc
parent	51c84ffec5c1ed83acfab2f097aa9ca0305dd5a5 (diff)