On 03/05/2012 04:36 PM, Ingo Klöcker wrote:
> 4. He has left his laptop unlocked and unattended for a very short
> period of time and he is using gpg-agent with a cache-ttl > 0.
>
> I have verified that one can generate a revocation certificate without
> entering a passphrase if one has previou
Am Montag, 5. März 2012, 22:36:42 schrieb Ingo Klöcker:
> I have verified that one can generate a revocation certificate without
> entering a passphrase if one has previously signed something (e.g. an
> email). So, it was probably just a very nasty prank.
I assume that ist possible only if the ma
On Sunday 04 March 2012, Robert J. Hansen wrote:
> On 3/4/2012 4:13 PM, auto15963...@hushmail.com wrote:
> > Hello. Supposing I create a key with an arbitrary user ID...
>
> This seems to me to be a simple question wrapped up in a lot of
> unnecessarily specific details: "How is it possible for a
Am Montag, 5. März 2012, 18:12:24 schrieb auto15963...@hushmail.com:
> I am 99.9% sure no one has gotten access to my machine or my keys.
IMHO that requires at least that
1) you have generated the key in a secure environment, i.e.
a) booted from a safe medium
b (really) validated
On Mar 5, 2012, at 12:12 PM, auto15963...@hushmail.com wrote:
> I am 99.9% sure no one has gotten access to my machine or my keys.
> If they had, I have to believe that there would have been more
> damage done than this, and that does not appear to have happened. I
> mention the details, which
On 03/05/2012 12:12 PM, auto15963...@hushmail.com wrote:
> I am 99.9% sure no one has gotten access to my machine or my keys.
> If they had, I have to believe that there would have been more
> damage done than this, and that does not appear to have happened. I
> mention the details, which may se
On 3/5/12 12:12 PM, auto15963...@hushmail.com wrote:
> I am 99.9% sure no one has gotten access to my machine or my keys.
Whenever anyone ascribes 99.9% certainty to a belief, my knee-jerk
reaction is to think the only 99.9% certainty is they've got the wrong
confidence interval. :)
There are re
I am 99.9% sure no one has gotten access to my machine or my keys.
If they had, I have to believe that there would have been more
damage done than this, and that does not appear to have happened. I
mention the details, which may seem irrelevant, only because
sometimes the devil is in the detail
On 3/5/2012 2:21 AM, Jon Molesa wrote:
> Does master signing key length have any effect on the length of
> sub-keys?
Yes, no and maybe.
Yes: if a 1024-bit master signing key can be compromised, there's
nothing to prevent the attacker from revoking your 4k subkeys and adding
new 4k subkeys the att
