<p dir="ltr">I read it mostly as signing key access thus collect all and unlock later as needed.</p>
<p dir="ltr">So self-signed certs are much harder for spooks to read.</p>
<div class="gmail_quote">On Sep 6, 2013 10:08 AM, "Charles Shapiro" <<a href="mailto:hooterpincher@gmail.com">hooterpincher@gmail.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr"><div><div>But not gpg, according to the NYT ( <a href="http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?hp&_r=0" target="_blank">http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?hp&_r=0</a> ). My read of the article is that most of the compromises involve getting access to keys through vendors, rather than compromises of the actual algorithms, although there are some hints that the NSA has tried to subvert standards as well. <br>
<br></div>Moral of the story: Use FOSS, don't trust any service providers.<br><br><br></div>-- CHS<br></div>
<br>_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
<br></blockquote></div>