On 05/14/18 11:20, Jean-Philippe Ouellet wrote: > Shouldn't be terribly surprising to this crowd, but: https://efail.de/ > > Simply using split-pgp does *NOT* protect you against this, especially > if you have agent authorization with a non-zero timeout. > > The immediate impact on Qubes developers is that one should use > separate keys for email and code signing, have your secret keys in > separate split-gpg backend domains, and not allow any VM with an email > client to make requests to the VM holding your code-signing keys. In > other words, have disjoint sets of development and communication > domains.
Not that it's a wrong recommendation, but the efail stuff is not about exposing keys -- it's a way to leak cleartext via HTML messages. There is no way efail would allow leaking someone's signing keys. Regards, -- Konstantin Ryabitsev Director, IT Infrastructure Security The Linux Foundation -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To post to this group, send email to qubes-devel@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/cdfcf00c-709c-ffeb-efd5-968754268828%40linuxfoundation.org. For more options, visit https://groups.google.com/d/optout.
signature.asc
Description: OpenPGP digital signature