From 1c4452817b19311edf3f30b64ad83ae86473b743 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Th=C3=A9r=C3=A8se=20Godefroy?= <godef.th@free.fr>
Date: Fri, 22 Jun 2018 18:41:11 +0200
Subject: [PATCH] en: update kitchen.

---
 en/kitchen/index.t.html | 49 +++++++++++++++++++++++++++++------------
 1 file changed, 35 insertions(+), 14 deletions(-)

diff --git a/en/kitchen/index.t.html b/en/kitchen/index.t.html
index 6fd55f3d..9f6bedc8 100644
--- a/en/kitchen/index.t.html
+++ b/en/kitchen/index.t.html
@@ -204,6 +204,9 @@ href="https://gpgtools.org/#gpgsuite">Download</a> and install it, choosing
 default options whenever asked. After it's installed, you can close any
 windows that it creates.</p>
 
+<p>There are major security flaws in versions of GnuPG provided by GPGTools
+prior to 2018.3. Make sure you have GPGTools 2018.3 or later.</p>
+
 </div><!-- End .main -->
 </div><!-- End #step1-b .step -->
 <!-- END DELETION 06 -->
@@ -219,6 +222,9 @@ href="https://www.gpg4win.org/">Download</a> and install it, choosing default
 options whenever asked. After it's installed, you can close any windows that
 it creates.</p>
 
+<p>There are major security flaws in versions of GnuPG provided by GPG4Win
+prior to 3.1.2. Make sure you have GPG4Win 3.1.2 or later.</p>
+
 </div><!-- End .main -->
 </div><!-- End #step1-b .step -->
 <!-- END DELETION 07 -->
@@ -239,6 +245,21 @@ alt="Step 1.B: Install Add-ons" /></li>
 <div class="main">
 
 <h3><em>Step 1.b</em> Install the Enigmail plugin for your email program</h3>
+
+<p>In your email program's menu, select Add-ons (it may be in the Tools
+section). Make sure Extensions is selected on the left. Do you see Enigmail?
+Make sure it's the latest version. If so, skip this step.</p>
+
+<p>If not, search "Enigmail" with the search bar in the upper right. You
+can take it from here. Restart your email program when you're done.</p>
+
+<p>There are major security flaws in versions of GnuPG prior to 2.2.8, and
+Enigmail prior to 2.0.7. Make sure you have GnuPG 2.2.8 and Enigmail 2.0.7,
+or later versions.</p>
+
+<p>Note: As of June 18, 2018, GnuPG 2.2.8 is unavailable for Debian stable and
+testing.</p>
+
 <!-- END DELETION 08 -->
 <!-- START DELETION 09, KEEP IN mac windows --> 
 
@@ -258,18 +279,18 @@ alt="Step 1.C: Install Add-ons" /></li>
 <div class="main">
 
 <h3><em>Step 1.c</em> Install the Enigmail plugin for your email program</h3>
-<!-- END DELETION 09 -->
 
 <p>In your email program's menu, select Add-ons (it may be in the Tools
-section). Make sure Extensions is selected on the left. Do you see Enigmail? If
-so, skip this step.</p>
+section). Make sure Extensions is selected on the left. Do you see Enigmail?
+Make sure it's the latest version. If so, skip this step.</p>
 
 <p>If not, search "Enigmail" with the search bar in the upper right. You
 can take it from here. Restart your email program when you're done.</p>
 
-<p>Enigmail versions prior to 2.0.6 have serious security issues. Make sure
-to install version 2.0.6 or later. The current version is 2.0.6.1.</p>
+<p>There are major security flaws in Enigmail prior to version 2.0.7. Make
+sure you have Enigmail 2.0.7 or later.</p>
 
+<!-- END DELETION 09 -->
 <!-- ~~~~~~~~~ Troubleshooting ~~~~~~~~~ -->
 <div class="troubleshooting">
 
@@ -869,15 +890,15 @@ and choosing Key Properties. It's good practice to share your fingerprint
 wherever you share your email address, so that people can double-check that
 they have the correct public key when they download yours from a keyserver.</p>
 
-<p class="notes">You may also see public keys referred to by their key ID,
-which is simply the last eight digits of the fingerprint, like C09A61E8 for
-Edward. The key ID is visible directly from the Key Management window. This
-key ID is like a person's first name (it is a useful shorthand but may not be
-unique to a given key), whereas the fingerprint actually identifies the key
-uniquely without the possibility of confusion. If you only have the key ID,
-you can still look up the key (as well as its fingerprint), like you did in
-Step 3, but if multiple options appear, you'll need the fingerprint of the
-person to whom you are trying to communicate to verify which one to use.</p>
+<p class="notes">You may also see public keys referred to by a shorter
+key ID. This key ID is visible directly from the Key Management
+window. These eight character key IDs were previously used for
+identification, which used to be safe, but is no longer reliable. You
+need to check the full fingerprint as part of verifying you have the
+correct key for the person you are trying to contact. Spoofing, in
+which someone intentionally generates a key with a fingerprint whose
+final eight characters are the same as another, is unfortunately
+common.</p>
 
 </div><!-- End .main -->
 </div><!-- End #step-identify_keys .step-->
-- 
2.25.1