Wow. Thanks very much for such a detailed reply. GPG can be counter-intuitive
at times, but it seems there is always a way. Shalom!
Sent with ProtonMail Secure Email.
‐‐‐ Original Message ‐‐‐
On Tuesday, August 27, 2019 6:30 PM, Werner Koch wrote:
> On Tue, 27 Aug 2019 00:18, gnupg-us
Hi Tomasz--
On Sat 2019-08-17 18:45:24 +0200, Tomasz Buchert wrote:
> what would be the most "canonical" way to store arbitrary, signed data
> along the gpg key? And then: what is the programmatic way of extracting
> said data?
>
> My specific usecase is putting a signify [1] public key inside my
On 27/08/2019 20:50, Stefan Claas via Gnupg-users wrote:
> But what would be, when using computers at work or public places, then
> the best strategy for using OpenPGP, without carrying a Notebook or
> smartphone?
The strategy I advice would be to not use GnuPG and look for alternatives.
I wouldn'
On 27/08/2019 22:41, Peter Lebbing wrote:
> If a computer is compromised, this is game over for cryptography. Full
> stop.
This is not true. Many crypto systems are designed to perform damage
control and recovery in such cases.
If the compromise is game over for the user - it depends on threat pr
On 27/08/2019 21:50, Stefan Claas via Gnupg-users wrote:
> But what would be, when using computers at work or public places, then
> the best strategy for using OpenPGP, without carrying a Notebook or
> smartphone?
If a computer is compromised, this is game over for cryptography. Full
stop.
> Ther
Andrew Gallagher wrote:
> On 27/08/2019 17:01, Stefan Claas via Gnupg-users wrote:
> > Would you consider these both methods secure enough for entering
> > passphrases in Mailvelope, like outlined in article [1] while using Oxynger
> > KeyShield [2]?
>
> If you think there's a keylogger on your m
Hi Chris,
On 27.08.2019 17:52, Chris Narkiewicz via Gnupg-users wrote:
On 26/08/2019 19:47, Wiktor Kwapisiewicz via Gnupg-users wrote:
If one sets URL field on the
token then just plugging the token when OpenKeychain is opened is enough
to get the key ready-to-use.
Can you explain what kind o
On 27/08/2019 17:01, Stefan Claas via Gnupg-users wrote:
> Would you consider these both methods secure enough for entering passphrases
> in
> Mailvelope, like outlined in article [1] while using Oxynger KeyShield [2]?
If you think there's a keylogger on your machine, then don't type in a
passwor
Stefan Claas via Gnupg-users wrote:
> Due to some tests I found Mailvelope an OpenPGP extension for
> Firefox and Chrome and installed it on my Kanguru Defender 3000
> USB stick. Besides the new Mailvelope keyserver I added also Hagrid.
> Key management is quite comfortable and messages sending i
On 26/08/2019 19:47, Wiktor Kwapisiewicz via Gnupg-users wrote:
> If one sets URL field on the
> token then just plugging the token when OpenKeychain is opened is enough
> to get the key ready-to-use.
Can you explain what kind of workflow do you mean here?
signature.asc
Description: OpenPGP d
On Tue, 27 Aug 2019 00:18, gnupg-users@gnupg.org said:
> (1) If a file is signed but the signature is incorrect, 'gpg2 -d'
> returns a non-zero status code, so the remote script knows not to
Right but as stated somewhere in the docs, you should never ever rely on
the status code fomr the binary.
11 matches
Mail list logo