On Sun, Apr 01, 2007 at 04:11:09PM +0800, Robert Roach wrote:
I was wondering about that too. Went to local book store and found a
good book on both PGP and GPG:
Seth Goodman [EMAIL PROTECTED] writes:
S/MIME was intended to work with a certification authority (CA) model
based on a small number of universally trusted root CA's, while PGP
assumed a distributed web of trust model based on personal
relationships between individual users. There's no
John L Fjellstad wrote on Thursday, April 05, 2007 10:43 AM -0500:
Seth Goodman [EMAIL PROTECTED] writes:
Instead, they built
native S/MIME support into their MUA's, built a certificate store
into their operating system and bought VeriSign.
Couple of points. There are lots of stuff MS
John L Fjellstad wrote on Tuesday, April 03, 2007 4:58 PM -0500:
The reason you and people who use OE see it as an attachment is
because MS is unable to implement an 11 years old standard.
This page (http://www.imc.org/smime-pgpmime.html) has a discussion
about the different standards
John Fleming [EMAIL PROTECTED] writes:
While we're still on this, why do most of your (Debian-users-who-sign)
emails show up in OE with the signature and the email text as
attachments? It seems whether I use GPG or a Thawte cert, they still
don't show up as attachments. Are you doing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael Pobega wrote:
On Sun, Apr 01, 2007 at 10:54:27AM -0500, Ron Johnson wrote:
On 04/01/07 10:29, Brad Rogers wrote:
On Sun, 01 Apr 2007 10:05:07 -0500
John Hasler [EMAIL PROTECTED] wrote:
Hello John,
ID is a slippery concept. What does
Michael Pobega wrote:
On Sun, Apr 01, 2007 at 06:24:02PM +0300, Andrei Popescu wrote:
On Sun, Apr 01, 2007 at 08:11:06AM -0400, Michael Pobega wrote:
P.S. I am testing the autosign option for mutt right now ;)
Also, is there some way to set it so I can still send mail unsigned?
I've heard
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael Pobega wrote:
Now I'm afraid.
http://en.wikipedia.org/wiki/Key_signing_party
Why are you afraid?
- --
Jim Hyslop
Dreampossible: Better software. Simply. http://www.dreampossible.ca
Consulting * Mentoring * Training
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, Apr 02, 2007 at 11:33:08AM -0400, Jim Hyslop wrote:
Michael Pobega wrote:
Now I'm afraid.
http://en.wikipedia.org/wiki/Key_signing_party
Why are you afraid?
That picture just frightened me[0], but I was only kidding. It was the
Ron Johnson writes:
An ATM machine's threshold of trust in identity is account number and
PIN.
That is authentication, not identification.
Meat sack tellers (who don't recognize you) want to verify your signature
with a Government Issued ID Card.
A mistake. The teller should authenticate
Jim Hyslop wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jose Luis Rivas Contreras wrote:
Michael Pobega escribió:
[...]
What are the advantages to having it?
You can be sure that the person is who says it is.
We that's a pretty big simplification.
Ron Johnson [EMAIL PROTECTED] wrote:
What are the advantages to having it?
Using a web of trust, you can validate whether the entity that
claims to have sent the email actually sent the email.
Which makes me wonder, how is anyone to establish such a web of trust
in this community?
On Sun, Apr 01, 2007 at 11:26:54AM +0300, Andrei Popescu wrote:
Ron Johnson [EMAIL PROTECTED] wrote:
What are the advantages to having it?
Using a web of trust, you can validate whether the entity that
claims to have sent the email actually sent the email.
Which makes me wonder,
On Sun, 1 Apr 2007 11:26:54 +0300
Andrei Popescu [EMAIL PROTECTED] wrote:
Hello Andrei,
P.S. I just setup Claws-Mail to use signing a few days ago. This
thread looks like a good opportunity to start using it here.
All set up nicely, then. Your public key imported, and everything
works.
What
On Sun, Apr 01, 2007 at 11:26:54AM +0300, Andrei Popescu wrote:
Ron Johnson [EMAIL PROTECTED] wrote:
What are the advantages to having it?
Using a web of trust, you can validate whether the entity that
claims to have sent the email actually sent the email.
Which makes me wonder,
On Sun, Apr 01, 2007 at 08:11:06 -0400, Michael Pobega wrote:
On Sun, Apr 01, 2007 at 11:26:54AM +0300, Andrei Popescu wrote:
Ron Johnson wrote:
What are the advantages to having it?
Using a web of trust, you can validate whether the entity that
claims to have sent the email
On Sun, Apr 01, 2007 at 02:24:39PM +0200, Florian Kulzer wrote:
On Sun, Apr 01, 2007 at 08:11:06 -0400, Michael Pobega wrote:
On Sun, Apr 01, 2007 at 11:26:54AM +0300, Andrei Popescu wrote:
Ron Johnson wrote:
What are the advantages to having it?
Using a web of trust, you
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andrei Popescu wrote:
Ron Johnson [EMAIL PROTECTED] wrote:
What are the advantages to having it?
Using a web of trust, you can validate whether the entity that
claims to have sent the email actually sent the email.
Which makes me wonder, how
Michael Pobega:
I got this for your mail:
[-- PGP output follows (current time: Sun 01 Apr 2007 08:09:36 AM EDT)
--]
gpg: Signature made Sun 01 Apr 2007 04:27:11 AM EDT using DSA key ID
70859BD9
gpg: Can't check signature: public key not found
[-- End of PGP output --]
This means that
On Sun, 1 Apr 2007 08:37:11 -0400
Michael Pobega [EMAIL PROTECTED] wrote:
Hello Michael,
Not all of the GPG keys are verifying, Andrei's still isn't but others
are.
Andrei's GPG sig verifies here.
Is there any way to verify individual keys?
Make sure you have got his key imported with;
Joe Hart wrote:
Now you can send me encrypted mail (if you have my public key)!
Whoopie! Like you really need to.
It's been suggested that you should use encryption whenever possible as
standard procedure; otherwise, when you need to send an encrypted
message and do so, it catches the
On Sun, Apr 01, 2007 at 01:42:47PM +0100, Brad Rogers wrote:
On Sun, 1 Apr 2007 08:37:11 -0400
Michael Pobega [EMAIL PROTECTED] wrote:
Hello Michael,
Not all of the GPG keys are verifying, Andrei's still isn't but others
are.
Andrei's GPG sig verifies here.
Is there any way to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Brad Rogers wrote:
On Sun, 1 Apr 2007 08:37:11 -0400
Michael Pobega [EMAIL PROTECTED] wrote:
Hello Michael,
Not all of the GPG keys are verifying, Andrei's still isn't but others
are.
Andrei's GPG sig verifies here.
Is there any way to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Kent West wrote:
Joe Hart wrote:
Now you can send me encrypted mail (if you have my public key)!
Whoopie! Like you really need to.
It's been suggested that you should use encryption whenever possible as
standard procedure; otherwise, when you
On Sun, 1 Apr 2007 09:35:19 -0400
Michael Pobega [EMAIL PROTECTED] wrote:
Hello Michael,
gpg: Good signature from Andrei Popescu [EMAIL PROTECTED]
gpg: WARNING: This key is not certified with a trusted signature!
[snip]
Looks like it should work to me; 70859BD9 is the same ID, no?
Yes,
On Sun, 01 Apr 2007 14:03:24 +
Joe Hart [EMAIL PROTECTED] wrote:
Hello Joe,
Hmm, that's an interesting observation. I didn't think of that. Of
course, most of the people I communicate with via e-mail don't use PGP
so I can't send them encrypted mail.
You can *send* it them. They're
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Brad Rogers wrote:
On Sun, 01 Apr 2007 14:03:24 +
Joe Hart [EMAIL PROTECTED] wrote:
Hello Joe,
Hmm, that's an interesting observation. I didn't think of that. Of
course, most of the people I communicate with via e-mail don't use PGP
so
Brad Rogers writes:
Yes, you've got the right key, and it *has* verified. However, since
Andrei's key is not included in your web-of-trust, GPG gives the warning.
A valid signature != a trusted signature.
Such signatures can serve a useful purpose, though. You may not have a
trust path to
On Sun, 01 Apr 2007 14:48:54 +
Joe Hart [EMAIL PROTECTED] wrote:
Hello Joe,
You can *send* it them. They're unlikely to be able to *read* it,
though. :-)
LOL. You've got that right.
It's the pedant in me.
Since various governments stopped trying to prosecute Phil
Zimmerman,
On Sun, Apr 01, 2007 at 08:11:06AM -0400, Michael Pobega wrote:
I can't figure out how to set it up. The articles mention only talk
about PGP, not GPG.
Here are the changes (actually additions) I made, everything else works
out of the box:
~/.muttrc
# auto sign outgoing
set
Brad Rogers [EMAIL PROTECTED] wrote:
On Sun, 01 Apr 2007 14:03:24 +
Joe Hart [EMAIL PROTECTED] wrote:
Hello Joe,
Hmm, that's an interesting observation. I didn't think of that. Of
course, most of the people I communicate with via e-mail don't use
PGP so I can't send them
On Sun, 01 Apr 2007 10:05:07 -0500
John Hasler [EMAIL PROTECTED] wrote:
Hello John,
ID is a slippery concept. What does it mean to know who someone
is?
Indeed. However, with some sort of photo ID, such as passport of
driving license, and knowledge of the relevant key fingerprint, it's
On Sun, 1 Apr 2007 18:30:38 +0300
Andrei Popescu [EMAIL PROTECTED] wrote:
Hello Andrei,
You can *send* it them. They're unlikely to be able to *read* it,
though. :-)
Well IIUC you can only encrypt to self (because they don't have a
public key) which is supposed to be unreadable.
You
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andrei Popescu escribió:
Ron Johnson [EMAIL PROTECTED] wrote:
What are the advantages to having it?
Using a web of trust, you can validate whether the entity that
claims to have sent the email actually sent the email.
Which makes me wonder,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/01/07 10:29, Brad Rogers wrote:
On Sun, 01 Apr 2007 10:05:07 -0500
John Hasler [EMAIL PROTECTED] wrote:
Hello John,
ID is a slippery concept. What does it mean to know who someone
is?
Indeed. However, with some sort of photo ID,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/01/07 10:23, Brad Rogers wrote:
On Sun, 01 Apr 2007 14:48:54 +
Joe Hart [EMAIL PROTECTED] wrote:
Hello Joe,
You can *send* it them. They're unlikely to be able to *read* it,
though. :-)
LOL. You've got that right.
It's the
Jose Luis Rivas Contreras [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andrei Popescu escribió:
Ron Johnson [EMAIL PROTECTED] wrote:
What are the advantages to having it?
Using a web of trust, you can validate whether the entity that
claims to have sent
P.S. I just setup Claws-Mail to use signing a few days ago. This thread
looks like a good opportunity to start using it here.
Yep, and I noticed that that message was the first one you signed. Now
your public key is in my keyring :).
Now you can send me encrypted mail (if you have my
On Sun, 1 Apr 2007 19:19:40 +0300
Andrei Popescu [EMAIL PROTECTED] wrote:
Jose Luis Rivas Contreras [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andrei Popescu escribió:
Ron Johnson [EMAIL PROTECTED] wrote:
What are the advantages to having it?
On Sun, 1 Apr 2007 19:19:40 +0300
Andrei Popescu [EMAIL PROTECTED] wrote:
Hello Andrei,
This is the theory ;) But how can I, in Romania, get my key signed by
at least one of the regular users of this list? I'll have a look to
It does become problematic, that's for sure. The best many of us
On Sun, 01 Apr 2007 11:06:57 -0500
Ron Johnson [EMAIL PROTECTED] wrote:
Hello Ron,
[SELinux]
Since the source code is open for all to see, every kernel hacker
with a bit of paranoia has pored over SELinux with a sub-micron
comb. They've found nothing.
I don't read source code. Primarily
On Sun, 01 Apr 2007 10:54:27 -0500
Ron Johnson [EMAIL PROTECTED] wrote:
Hello Ron,
A couple of years ago there was a very long thread on what it means
All before my time on the list. If I have time, I might read through
it via the archives.
to trust. The bottom line was that you can't
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andrei Popescu escribió:
Jose Luis Rivas Contreras [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andrei Popescu escribió:
Ron Johnson [EMAIL PROTECTED] wrote:
What are the advantages to having it?
Using a web of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Marko Randjelovic wrote:
P.S. I just setup Claws-Mail to use signing a few days ago. This thread
looks like a good opportunity to start using it here.
Yep, and I noticed that that message was the first one you signed. Now
your public key is in my
Andrei writes:
This is the theory ;) But how can I, in Romania, get my key signed by at
least one of the regular users of this list? I'll have a look to see if
there are any DDs from Romania or at least Vienna. I can imagine the web
is well established between the DDs.
There is a web of trust
On Sun, 2007-04-01 at 19:19 +0300, Andrei Popescu wrote:
Jose Luis Rivas Contreras [EMAIL PROTECTED] wrote:
There're KSP (Keysigning party) where ID's are checked and keys are
signed for another keys, that raises the web of trust.
This is the theory ;) But how can I, in Romania, get my key
Brad Rogers writes:
However, with some sort of photo ID, such as passport of driving license,
and knowledge of the relevant key fingerprint, it's possible to be fairly
sure you're dealing with the person that created the public key.
For many purposes (guaranteeing that bank account withdrawals
Ron Johnson writes:
A couple of years ago there was a very long thread on what it means to
trust. The bottom line was that you can't perfectly know, and that all
you can do is your best at verifying his identity, and then have faith.
Again I have to ask, what is identity? That is not a
Brad Rogers writes:
As said in interviews with ordinary people that knew the various
criminals that achieve notoriety; He was always such a *nice* polite
man. Well obviously, because to be otherwise might arouse suspicion.
In the phrase web of trust the word trust does not have quite the same
Joe Hart writes:
I also have serious doubts over the real security benefits of SELinux
specifically because it was developed by the NSA. It is not rational
that they would design a security system that they could not access, and
then release it to the public.
Only if you have a very naive
On Sun, Apr 01, 2007 at 06:24:02PM +0300, Andrei Popescu wrote:
On Sun, Apr 01, 2007 at 08:11:06AM -0400, Michael Pobega wrote:
I can't figure out how to set it up. The articles mention only talk
about PGP, not GPG.
Here are the changes (actually additions) I made, everything else works
On Sun, Apr 01, 2007 at 06:24:02PM +0300, Andrei Popescu wrote:
On Sun, Apr 01, 2007 at 08:11:06AM -0400, Michael Pobega wrote:
P.S. I am testing the autosign option for mutt right now ;)
Also, is there some way to set it so I can still send mail unsigned?
I've heard that GPG keys give
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John Hasler wrote:
Joe Hart writes:
I also have serious doubts over the real security benefits of SELinux
specifically because it was developed by the NSA. It is not rational
that they would design a security system that they could not access,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael Pobega wrote:
On Sun, Apr 01, 2007 at 06:24:02PM +0300, Andrei Popescu wrote:
On Sun, Apr 01, 2007 at 08:11:06AM -0400, Michael Pobega wrote:
I can't figure out how to set it up. The articles mention only talk
about PGP, not GPG.
Here
On Sun, 01 Apr 2007 12:53:11 -0500
John Hasler [EMAIL PROTECTED] wrote:
Hello John,
In the phrase web of trust the word trust does not have quite the
same meaning as it does in everyday conversation.
Very true. Outside PGP users though, the difference in meaning would be
lost though, I'm
On Sun, 01 Apr 2007 19:42:42 +0200
Sven Arvidsson [EMAIL PROTECTED] wrote:
Hello Sven,
There's actually a coordinated effort for this sort of thing, check
https://nm.debian.org/gpg.php and specifically the list of key
signing offers. You can also register for a signing request.
Here, at
On Sun, 01 Apr 2007 12:42:33 -0500
John Hasler [EMAIL PROTECTED] wrote:
Hello John,
What is a real ID?
Does it ever actually matter? One of the reasons I put the word real
in quotes was because it's difficult to quantify.
--
Regards _
/ ) The blindingly obvious is
On Sun, 1 Apr 2007 14:30:19 -0400
Michael Pobega [EMAIL PROTECTED] wrote:
Hello Michael,
Also, is there some way to set it so I can still send mail unsigned?
I don't know how to do it in Mutt, but for ease, I created a duplicate
account in Claws-Mail that doesn't sign emails. Each list I'm
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Joe Hart wrote:
John Hasler wrote:
Joe Hart writes:
I also have serious doubts over the real security benefits of SELinux
specifically because it was developed by the NSA. It is not rational
that they would design a security system that they
On Sun, 2007-04-01 at 14:30 -0400, Michael Pobega wrote:
Also, is there some way to set it so I can still send mail unsigned?
I've heard that GPG keys give trouble to M$ clients, and most of my
family uses Outlook.
You should be able to switch between encrypt, sign, and unsigned
somewhere. I
Michael Pobega [EMAIL PROTECTED] wrote:
On Sun, Apr 01, 2007 at 06:24:02PM +0300, Andrei Popescu wrote:
On Sun, Apr 01, 2007 at 08:11:06AM -0400, Michael Pobega wrote:
P.S. I am testing the autosign option for mutt right now ;)
Also, is there some way to set it so I can still send
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, 01 Apr 2007 13:42:47 +0100
Brad Rogers [EMAIL PROTECTED] wrote:
application/pgp-signature (No public key to verify the signature)]
Signature made at Sun 01 Apr 2007 08:42:47 AM EDT
No public key to verify the signature
Key fingerprint:
On Sun, Apr 01, 2007 at 10:09:58PM +0300, Andrei Popescu wrote:
Michael Pobega [EMAIL PROTECTED] wrote:
On Sun, Apr 01, 2007 at 06:24:02PM +0300, Andrei Popescu wrote:
On Sun, Apr 01, 2007 at 08:11:06AM -0400, Michael Pobega wrote:
P.S. I am testing the autosign option for mutt
Sven Arvidsson [EMAIL PROTECTED] wrote:
There's actually a coordinated effort for this sort of thing, check
https://nm.debian.org/gpg.php and specifically the list of key
signing offers. You can also register for a signing request.
I see one DD from Romania, and several from Vienna on the
On Sun, Apr 01, 2007 at 02:30:19PM -0400, Michael Pobega wrote:
On Sun, Apr 01, 2007 at 06:24:02PM +0300, Andrei Popescu wrote:
On Sun, Apr 01, 2007 at 08:11:06AM -0400, Michael Pobega wrote:
P.S. I am testing the autosign option for mutt right now ;)
Also, is there some way to set it
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael Pobega wrote:
On Sun, Apr 01, 2007 at 10:09:58PM +0300, Andrei Popescu wrote:
Michael Pobega [EMAIL PROTECTED] wrote:
On Sun, Apr 01, 2007 at 06:24:02PM +0300, Andrei Popescu wrote:
On Sun, Apr 01, 2007 at 08:11:06AM -0400, Michael Pobega
On Sun, Apr 01, 2007 at 06:58:33PM +, Joe Hart wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Joe Hart wrote:
John Hasler wrote:
Joe Hart writes:
I also have serious doubts over the real security benefits of SELinux
specifically because it was developed by the NSA. It is
On Sun, Apr 01, 2007 at 07:19:40PM +0300, Andrei Popescu wrote:
Jose Luis Rivas Contreras [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andrei Popescu escribió:
Ron Johnson [EMAIL PROTECTED] wrote:
What are the advantages to having it?
Using a web
Robert Roach wrote:
Jim Hyslop wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jose Luis Rivas Contreras wrote:
Michael Pobega escribió:
[...]
What are the advantages to having it?
You can be sure that the person is who says it is.
We that's a pretty
Joe Hart writes:
My doubts of the NSA mostly come from watching too many conspiracy
theory [movies]...
There may be worse sources if information, but I can think of few.
The phrase in the interest of National Security has been and can be
used to cover up just about anything, and the NSA is
Brad Rogers writes:
Here, at least, using that link with Firefox, I get a warning about the
certificate being unrecognised.
Yes, because Debian has not paid Verisign for one of their utterly
worthless certificates.
--
John Hasler
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hugo Vanwoerkom wrote:
[snip]
Michael, Wikipedia has a reasonably concise overview:
http://en.wikipedia.org/wiki/Pretty_Good_Privacy
I was wondering about that too. Went to local book store and found a
good book on both PGP and GPG:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/01/07 12:49, John Hasler wrote:
Ron Johnson writes:
A couple of years ago there was a very long thread on what it means to
trust. The bottom line was that you can't perfectly know, and that all
you can do is your best at verifying his
I wrote:
Again I have to ask, what is identity? That is not a flippant
question. Think about it.
Ron Johnson writes:
In the metaphysical sense or the practical sense?
Practical, but not commonsense.
Does your bank need to know who you really are in order to safely let you
withdraw money
On Sun, 01 Apr 2007 14:43:48 -0500
Hugo Vanwoerkom [EMAIL PROTECTED] wrote:
[snip]
No local bookstores here :-(
I'm still waiting for a *well written plain English* description of
PGP/GPG.
...
The message recipient uses the sender's public key and the digital
signature to recover the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/01/07 17:24, John Hasler wrote:
I wrote:
Again I have to ask, what is identity? That is not a flippant
question. Think about it.
Ron Johnson writes:
In the metaphysical sense or the practical sense?
Practical, but not commonsense.
On Sun, Apr 01, 2007 at 10:54:27AM -0500, Ron Johnson wrote:
On 04/01/07 10:29, Brad Rogers wrote:
On Sun, 01 Apr 2007 10:05:07 -0500
John Hasler [EMAIL PROTECTED] wrote:
Hello John,
ID is a slippery concept. What does it mean to know who someone
is?
Indeed. However, with
Michael Pobega writes:
Is it a bad practice to verify keyrings of people on the mailing list, or
is it better to wait until I meet up with some of them at say Debconf or
something similar?
Depends on what you mean by verify. There is nothing wrong with
downloading their public keys and using
On Sun, Apr 01, 2007 at 07:09:55PM -0500, John Hasler wrote:
Michael Pobega writes:
Is it a bad practice to verify keyrings of people on the mailing list, or
is it better to wait until I meet up with some of them at say Debconf or
something similar?
Depends on what you mean by verify.
On Sun, Apr 01, 2007 at 07:09:55PM -0500, John Hasler wrote:
Michael Pobega writes:
Is it a bad practice to verify keyrings of people on the mailing list,
or
is it better to wait until I meet up with some of them at say Debconf or
something similar?
Depends on what you mean by verify.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Apr 01, 2007 at 08:50:02PM -0400, John Fleming wrote:
On Sun, Apr 01, 2007 at 07:09:55PM -0500, John Hasler wrote:
Michael Pobega writes:
Is it a bad practice to verify keyrings of people on the mailing list,
or
is it better to wait
Michael Pobega wrote on Sunday, April 01, 2007 7:32 PM -0500:
On Sun, Apr 01, 2007 at 07:09:55PM -0500, John Hasler wrote:
Michael Pobega writes:
Is it a bad practice to verify keyrings of people on the mailing
list, or is it better to wait until I meet up with some of them
at say
On Sun, Apr 01, 2007 at 08:32:19PM EDT, Michael Pobega wrote:
On Sun, Apr 01, 2007 at 07:09:55PM -0500, John Hasler wrote:
Michael Pobega writes:
Is it a bad practice to verify keyrings of people on the mailing list, or
is it better to wait until I meet up with some of them at say Debconf
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Apr 01, 2007 at 10:16:10PM -0400, cga2000 wrote:
On Sun, Apr 01, 2007 at 08:32:19PM EDT, Michael Pobega wrote:
On Sun, Apr 01, 2007 at 07:09:55PM -0500, John Hasler wrote:
Michael Pobega writes:
Is it a bad practice to verify
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/01/07 20:59, Seth Goodman wrote:
[snip]
trust. The more signatures on your public key, the more likely it is
that a random third party knows either someone who signed your key, or
knows someone who knows someone who signed your key, etc. As
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael Pobega escribió:
I noticed a lot of people on this mailing list have GPG enabled in
their emails, and now that I've seen it enough I'm wondering a few
things;
What exactly does GPG/GnuPG do?
Sign and/or encrypt things
What are the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/31/07 21:30, Michael Pobega wrote:
I noticed a lot of people on this mailing list have GPG enabled in
their emails, and now that I've seen it enough I'm wondering a few
things;
What exactly does GPG/GnuPG do?
Digitally signs and or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jose Luis Rivas Contreras wrote:
Michael Pobega escribió:
[...]
What are the advantages to having it?
You can be sure that the person is who says it is.
We that's a pretty big simplification. It is possible to do
that, but you must
On Thu, Nov 07, 2002 at 02:22:40PM -0500, martin f krafft wrote:
also sprach Robert L. Harris [EMAIL PROTECTED] [2002.11.07.1327 -0500]:
If I don't though, gpg won't go look it up. Is this normal? Anyone
know the fix for this? I've poked around and prodded the options in
my muttrc and
On Fri, Nov 08, 2002 at 06:32:01PM +1100, Rob Weir wrote:
On Thu, Nov 07, 2002 at 02:22:40PM -0500, martin f krafft wrote:
also sprach Robert L. Harris [EMAIL PROTECTED] [2002.11.07.1327 -0500]:
If I don't though, gpg won't go look it up. Is this normal? Anyone
know the fix for this?
hey all,
so last night at the LISA 2002 conference in philly there was
quite a nice keysigning get-together, at which i exchanged
something like a dozen or two keys with other folks. now previously,
when i had signed keys with close friends, we'd just end up doing a
bunch of gpg
also sprach sean finney [EMAIL PROTECTED] [2002.11.07.1134 -0500]:
so last night at the LISA 2002 conference in philly there was quite
a nice keysigning get-together, at which i exchanged something like
a dozen or two keys with other folks. now previously, when i had
signed keys with close
.
Robert
Thus spake martin f krafft ([EMAIL PROTECTED]):
Date: Thu, 7 Nov 2002 12:01:06 -0500
From: martin f krafft [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: gpg key signing protocol question
Organization: Debian GNU/Linux
X-Mailing-List: [EMAIL PROTECTED] archive/latest
also sprach Robert L. Harris [EMAIL PROTECTED] [2002.11.07.1327 -0500]:
If I don't though, gpg won't go look it up. Is this normal? Anyone
know the fix for this? I've poked around and prodded the options in
my muttrc and no-luck. It's not just Martin, anyone who's ID I don't
have on my
Bingo, but had to move .gnupg/options to .gnupg/gpg.conf of course.
Thanks.
Thus spake martin f krafft ([EMAIL PROTECTED]):
Date: Thu, 7 Nov 2002 14:22:40 -0500
From: martin f krafft [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: gpg key signing protocol question
Organization
sean finney [EMAIL PROTECTED] writes:
hey all,
so last night at the LISA 2002 conference in philly there was
quite a nice keysigning get-together, at which i exchanged
something like a dozen or two keys with other folks. now previously,
when i had signed keys with close friends, we'd just
On Thu, Nov 07, 2002 at 01:27:46PM -0500, Robert L. Harris wrote:
If I don't though, gpg won't go look it up. Is this normal? Anyone
know the fix for this? I've poked around and prodded the options in
my muttrc and no-luck. It's not just Martin, anyone who's ID I don't
have on my ring
PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: GPG/PGP signing
Organization: Central Services - We do the work, you do the pleasure.
X-Mailing-List: [EMAIL PROTECTED] archive/latest/242794
Hi,
* Robert Waldner [EMAIL PROTECTED] [02-11-02 00:19]:
On Sat, 02 Nov 2002 00:08:08 +0100, Thorsten Haude
please don't sign your mails unless your keys are on the keyservers.
Which keyservers would that be, then? Which keep in sync with which?
keyserver the.earth.li
I've never ever heard of the.earth.li before, for example. Does it
sync with something sensible (like keyserver.net)? Or do
Hi,
* Robert Waldner [EMAIL PROTECTED] [02-11-01 19:49]:
please don't sign your mails unless your keys are on the keyservers.
Which keyservers would that be, then? Which keep in sync with which?
*.pgp.net
Thorsten
--
The privacy of correspondence, posts and telecommunications shall be
1 - 100 of 104 matches
Mail list logo