[ciphershed] Re: Still getting security warning on https://ciphershed.org

• From: Niklas Lemcke - 林樂寬 <compul@xxxxxxxxxxxxxx>
• To: ciphershed@xxxxxxxxxxxxx
• Date: Tue, 1 Jul 2014 13:05:56 +0800

On Mon, 30 Jun 2014 23:26:16 -0400
Kyle Marek <psppsn96@xxxxxxxxx> wrote:

> On 06/30/2014 11:16 PM, Stephen R Guglielmo wrote:
> > On Mon, Jun 30, 2014 at 5:06 PM, Bill Cox <waywardgeek@xxxxxxxxxxxxxx> 
> > wrote:
> >> I get a security warning about an untrusted certificate when I point
> >> FireFox to https://ciphershed.org.  I don't know if this is supposed
> >> to still happen or not...
> > I don't get an error either right now, using Firefox Beta 31.0. I do,
> > however, get this on certain computers at work that are using a very
> > outdated version of internet explorer.
> >
> The SHA1 fingerprint of the certificate i am recieving is
> 62:A2:09:4E:DD:A5:6C:E4:09:24:58:59:31:38:15:38:37:0A:4C:A4.
> 
> I also noticed, while checking the fingerprint, the encryption only has
> 128-bit keys.

Actually, my connection is encrypted with AES-256. Maybe 128bit is a
setting your browser likes. Both AES256 and AES128 (and even 3DES) are
allowed by the server (gotta think about disabling 3DES maybe).

Either way though, AES128 should be perfectly fine, considering that it
equals an RSA key length of 3072bit. While the server is sporting a
4096bit RSA key, there is no remotely equivalent AES bitlength (192bit ~
7680bit RSA, which is not available in gpg) to that. So even if we would
all encrypt with AES256, we would only get a tad more security because
of the limitations of RSA key lengths.

Also I have the same fingerprint as you do.

> 
> ------------------------------------------------------------------------
> 
>     At the time of sending this message, I have not been contacted by
> any government official or worker regarding my participation in
> CipherShed or any related project. I have not been asked to supply any
> information to them that may be used to impersonate me nor have I been
> asked to aid the government or it's officials or workers in modifying
> part of CipherShed or any related project. I am not aware of any of my
> property or anything regarding me being bugged, searched, or compromised
> in any way. Anything that accepts PGP encryption or signing should have
> been cryptographically secured with my PGP key.


-- 
Niklas - 林樂寬

Attachment: signature.asc
Description: PGP signature

• Follow-Ups:
  • [ciphershed] Re: Still getting security warning on https://ciphershed.org
    • From: Kyle Marek
  • [ciphershed] Re: Still getting security warning on https://ciphershed.org
    • From: Rocki Hack

Other related posts:

• » [ciphershed] Still getting security warning on https://ciphershed.org- Bill Cox
• » [ciphershed] Re: Still getting security warning on https://ciphershed.org- Alain Forget
• » [ciphershed] Re: Still getting security warning on https://ciphershed.org- Jason Pyeron
• » [ciphershed] Re: Still getting security warning on https://ciphershed.org- Stephen R Guglielmo
• » [ciphershed] Re: Still getting security warning on https://ciphershed.org- Niklas Lemcke - 林樂寬
• » [ciphershed] Re: Still getting security warning on https://ciphershed.org- Kyle Marek
• » [ciphershed] Re: Still getting security warning on https://ciphershed.org - Niklas Lemcke - 林樂寬
• » [ciphershed] Re: Still getting security warning on https://ciphershed.org- Kyle Marek
• » [ciphershed] Re: Still getting security warning on https://ciphershed.org- Rocki Hack
• » [ciphershed] Re: Still getting security warning on https://ciphershed.org- Niklas Lemcke - 林樂寬
• » [ciphershed] Re: Still getting security warning on https://ciphershed.org- Bill Cox

1. Home
2. ciphershed
3. Archive
4. 07-2014

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---