Hello,
On Wed, Aug 30 2017, Marc Haber wrote:
> People keep mentioning to store the private key on a LUKS-encrypted
> device. Why? Is the private key encryption that happens inside GnuPG
> itself when you protect your private key with a passphrase not
> sufficient?
You can pass the --iter-time
On Wed, 30 Aug 2017 10:09:38 +0100, Jonathan McDowell writes:
>I think NIIBE was selling them for about €30 at DebConf, so that's a
>reasonable mark up. He said Seeed are currently changing business model
>to move away from low volume devices, but despite what their website
>says they do still
shirish शिरीष writes ("Reasons for having DPL election terms 1 year"):
> My query how did the idea of having yearly elections for choosing DPL
> come in place.
This was my doing. And, TBH, I don't think I considered other options
very seriously, although I haven't searched my email archives. (I
at bottom :-
On 30/08/2017, shirish शिरीष wrote:
> Dear all,
>
> Please CC me if somebody puts a reply .
>
> I had put up the query on debian-devel but was informed that probably
> debian-project would be much better place to have discussions like
> thees.
>
> I did try
Dear all,
Please CC me if somebody puts a reply .
I had put up the query on debian-devel but was informed that probably
debian-project would be much better place to have discussions like
thees.
I did try various terms like 'why is Debian Project leader choosen
yearly' and similar queries on
On Wed, 2017-08-30 at 12:50 +0200, Marc Haber wrote:
> That's a point, but I cannot validate whether the free hardware
> design running the free software crypto app isn't backdoored anyway due
> to lack of knowledge and expertise.
Some large fraction of the world could/would make the same
Am 2017-08-30 14:45, schrieb Marc Haber:
On Wed, Aug 30, 2017 at 01:52:54PM +0200, Christian Seiler wrote:
Well, you could create a completely separate key pair (with a separate
master key) for Debian purposes only.
That would double the effort of obtaining signatures and also double
the
Ian,
thanks for your level-headed response and your solid reasoning.
On Wed, Aug 30, 2017 at 12:10:34PM +0100, Ian Jackson wrote:
> How far down the paranoia road you want to go is up to you, but buying
> an open hardware / libre firmware security device, rather than a
> proprietary one, has
On Wed, Aug 30, 2017 at 01:52:54PM +0200, Christian Seiler wrote:
> Am 2017-08-30 09:01, schrieb Marc Haber:
> > On Tue, Aug 29, 2017 at 04:07:45PM -0300, Henrique de Moraes Holschuh
> > wrote:
> > > The **public** portion of *every* key (master and all subkeys) go into
> > > the public keyrings
Marc Haber [2017-08-30 09:01:09+02] wrote:
> People keep mentioning to store the private key on a LUKS-encrypted
> device. Why? Is the private key encryption that happens inside GnuPG
> itself when you protect your private key with a passphrase not
> sufficient?
A strong passphrase for the key
Am 2017-08-30 09:01, schrieb Marc Haber:
On Tue, Aug 29, 2017 at 04:07:45PM -0300, Henrique de Moraes Holschuh
wrote:
The **public** portion of *every* key (master and all subkeys) go into
the public keyrings and also in the Debian keyring. gnupg will handle
this automatically if you use
I seem to have offended people by trying to make up my mind and
introducing arguments into the discussion that might not be wanted. I
can only lose by continuing this thread. No offense was ever intended,
and neither was an attack.
Greetings
Marc
--
On Wed, Aug 30, 2017 at 12:50:53PM +0200, Marc Haber wrote:
> On Wed, Aug 30, 2017 at 12:42:13PM +0200, Adam Borowski wrote:
> > * with Yubikey 4 (suspected): they send the secret handshake, get a
> > copy of the key, and you don't even know anything happened
>
> That's a point, but I cannot
Marc Haber writes ("Re: wanted: educate us please on key dongles"):
> That's a point, but I cannot validate whether the free hardware
> design running the free software crypto app isn't backdoored anyway due
> to lack of knowledge and expertise.
You don't need to be able to validate it
On Wed, Aug 30, 2017 at 12:42:13PM +0200, Adam Borowski wrote:
> On Wed, Aug 30, 2017 at 12:17:33PM +0200, Marc Haber wrote:
> > On Wed, Aug 30, 2017 at 10:09:38AM +0100, Jonathan McDowell wrote:
> > > The Start is based on the GnuK and I think should be upgradable to do 4K
> > > keys. The Pro
On Wed, Aug 30, 2017 at 12:17:33PM +0200, Marc Haber wrote:
> On Wed, Aug 30, 2017 at 10:09:38AM +0100, Jonathan McDowell wrote:
> > The Start is based on the GnuK and I think should be upgradable to do 4K
> > keys. The Pro uses a non-free smartcard internally for the RSA
> > operations. I believe
On Wed, Aug 30, 2017 at 10:09:38AM +0100, Jonathan McDowell wrote:
> On Tue, Aug 29, 2017 at 07:34:35PM +0200, Marc Haber wrote:
> > Their web page says that it will only suppor 2048 bit RSA keys, which is
> > the limitation of most USB crypto tokens on the market today. The
> > Nitrokey Pro will
On Tue, Aug 29, 2017 at 07:34:35PM +0200, Marc Haber wrote:
> On Fri, Aug 11, 2017 at 01:41:39PM +0100, Jonathan McDowell wrote:
> > * GnuK: My favourite choice. It's slow with RSA4096, but does
> > support it. The hardware is open. The software is open (you can
> > compile and
On Tue, Aug 29, 2017 at 04:07:45PM -0300, Henrique de Moraes Holschuh wrote:
> On Tue, 29 Aug 2017, Marc Haber wrote:
> > - Which key goes on the paper slab that everybody uses to collect
> > signatures? The certification only master key?
>
> The main key fingerprint. Which happens to be the
19 matches
Mail list logo