On 2013-10-11 12:03:44 +0100 (+0100), Tony Naggs wrote:
> Do key signing parties even happen much anymore? The last time I saw
> one advertised was around PGP 2.6!
[...]
Within more active pockets of the global free software community
(where OpenPGP signatures are used to authenticate release
arti
On Wed, Nov 11, 2009 at 09:42:21PM -0500, Jerry Leichter wrote:
[...]
> If one organization distributes the dongles, they could accept
> only updates signed by that organization. We have pretty good
> methods for keeping private keys secret at the enterprise level,
> so the risks should be manageab
On Mon, Nov 16, 2009 at 11:20:27PM -0500, Jerry Leichter wrote:
> I'm not sure that's the right lesson to learn.
I might have, perhaps, phrased it a little better. Regardless of
initial planning, TI continued selling devices relying on this
particular code signing implementation well past what the
On 2013-08-25 16:29:42 -0400 (-0400), Perry E. Metzger wrote:
[...]
> If I meet someone at a reception at a security conference, they might
> scrawl their email address ("al...@example.org") for me on a cocktail
> napkin.
>
> I'd like to be able to then write to them, say to discuss their
> exciti
On 2013-09-01 13:02:26 +1000 (+1000), James A. Donald wrote:
> On 2013-09-01 11:16 AM, Jeremy Stanley wrote:
> [...]
> > bring business cards (or even just slips of paper) with our name,
> > E-mail address and 160-bit key fingerprint.
> [...]
>
> The average user is d
On 2013-09-06 00:04:07 +0200 (+0200), Ilja Schmelzer wrote:
[...]
> The point is another: a 512 bit hash as a personal id is
> something acceptable for average people and will not prevent them
> from using it. These average people do not have to care that much
> about such attacks. Those few who
On 2013-09-04 13:12:21 +0200 (+0200), Ilja Schmelzer wrote:
> There is already a large community of quite average users which use
> Torchat, which uses onion-Adresses as Ids, which are 512 bit hashs if
> I remember correctly.
>
> Typical ways of communication in this community are "look for my
> t
