New thread for this topic...
Robert,
All good points, no argument. I particularly agree regarding the
frequency. By all means promote your own product if you believe in it.
However, I stand by my opinion that there should be a clear demarcation
between GnuPG and its official distribution opposed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Peter and All,
I completely agree. I think that this "project" is now outside the
scope of this group and should either split off into its own group or
the author should stop self-promoting. My reading of the group
consensus is that this set of
Hi All,
My company is merging with another and the new corporate e-mail will use Gmail.
Is there a group consensus as to which client uses GPG most
efficiently/securely? What about the UI?
Thanks,
Bob Cavanaugh
___
Gnupg-users mailing list
Hi,
Just a thought: Have a Star chamber meeting for the technical group,
invitation only. After that have a 1/2 to 1 hour session open to all where the
technical people can present their progress and invite comment. This way you
have a focused working session with the key people, but maintain
Hi Werner,
I use Cygwin all the time and would be very interested in this feature.
Thanks,
Bob Cavanaugh
-Original Message-
From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of
Marko Božikovic
Sent: Friday, June 26, 2015 3:45 AM
To: gnupg-users@gnupg.org
Subject:
Hi All,
This is an interesting thread and I want to share my experience. Part of what I
do is train people for a secure position. When I am explaining
compartmentalization, I use a two-key lock metaphor to help describe
classification levels and need-to-know. The metaphor only deals with
Doug,
Signature shows as an attachment signature.asc. No evidence that PGP actions
were envoked. Work forces use of Synaptic PGP, so I cannot tell if it is
verified or not.
Thanks,
Bob Cavanaugh
signature.asc
Description: OpenPGP digital signature.asc
Daniel,
Checking my e-mail service. Did my response clip OK?
Thanks,
Bob Cavanaugh
There are a lot of proposals in this thread, and you didn't trim the quoted
text to isolate just one of them; can you be specific about which one you're
talking about?
Hi,
One thought to add to the mix: Phishng attacks by having unknowledgable users
click on this link are pretty successful. Doesn't this proposal open a new
threat vector?
Thanks,
Bob Cavanaugh
-Original Message-
From: Gnupg-users [mailto:gnupg-users-
My vote is for the defaults Robert is proposing. Definitely in keeping with
what else I have been reading.
Thanks,
Bob Cavanaugh
-Original Message-
From: Gnupg-users [mailto:gnupg-users-
bounces+robertc=broadcom@gnupg.org] On Behalf Of Robert J.
Hansen
Sent: Tuesday, March
[mailto:h...@guardianproject.info]
Sent: Monday, March 09, 2015 12:08 PM
To: Bob (Robert) Cavanaugh; Peter Lebbing
Cc: gnupg
Subject: Re: Thoughts on GnuPG and automation
Why do I get so many responses like this on this list? I've spent a ton of
time
solving our own problems
If that is the goal, that is a fair one.
Thanks,
Bob Cavanaugh
-Original Message-
From: Hans-Christoph Steiner [mailto:h...@guardianproject.info]
Sent: Monday, March 09, 2015 2:22 PM
To: Bob (Robert) Cavanaugh; Peter Lebbing
Cc: gnupg
Subject: Re: Thoughts on GnuPG
Native to what? Processor, OS?
I think Peter and the group already adequately answered this: If GPGME is not
providing an interface that meets Android requirements, then look into how
GPGME interfaces to GPG and emulate that interface.
For you to request that the interface be changed can be
Jerry writes:
...Worse,
since most users have no concept of trimming a message before replying to
it, even more useless garbage is transmitted when replied to, thus killing
more innocent electrons and wasting bandwidth not to mention the consumption
of screen territory.
Does that make you an
Werner,
What set would you recommend for us Linux types (Fedora 20 in my case) ?
Thanks,
Bob Cavanaugh
-Original Message-
From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of Werner
Koch
Sent: Friday, January 23, 2015 12:32 PM
To: Felix E. Klee
Cc:
Hi,
Just to add clarification:
Locke-ian philosophy posits innocent until proven guilty. Napoleonic posits
guilty until proven innocent. Both systems of justice are currently in practice
in various parts of the world. The United States is founded on the Locke-ian
philosophy which is the one
Dhiraj,
You need to clarify your terminology: Key pairs are composed of public and
private keys. Each person generates a key pair. You freely distribute the
PUBLIC key to any and all, you keep your PRIVATE key secret. When you use
asymmetric encryption, you encrypt to each separate PUBLIC key
:858-361-2068
-Original Message-
From: Werner Koch [mailto:w...@gnupg.org]
Sent: Tuesday, September 23, 2014 12:23 AM
To: Bob (Robert) Cavanaugh
Cc: Murphy; gnupg-users@gnupg.org
Subject: Re: New beta
On Mon, 22 Sep 2014 21:12, robe...@broadcom.com said:
This might be off topic
Hi Werner,
This might be off topic, but the thread mentions Fedora. Can you please tell me
how easy it would be to produce a GPG2 stable RPM for Fedora? Currently they
only supply GPG1 as an option from Yum. I would really like to get them to
produce a GPG-2 version.
Thanks,
Bob Cavanaugh
Hi Robert,
You are both correct. The hash strength=512 curve is called P-521.
Thanks,
Bob Cavanaugh
-Original Message-
From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of Robert J.
Hansen
Sent: Wednesday, August 13, 2014 6:08 AM
To: gnupg-users@gnupg.org
Subject:
Hi Robert,
This looks great. One very minor point (possibly not germane, please comment):
Are you discussing the reliability of the NIST P curves for ECC? What is GPG
planning as the default curves? NIST, Brainpool or ?
Thanks,
Bob Cavanaugh
-Original Message-
From: Gnupg-users
My two cents (FWIW):
At work I cache my passphrase for two hours only. It is a pain to re-enter the
passphrase, but is required by our threat model. At home, each member of my
family has their own computers and I cache my passphrase per session. However I
always completely shut down my laptop,
Pedro,
Do not use a CRC as a security measure, it is very easy to spoof. CRC is only
used as an indication of data integrity, not of data security. That is why SHA
was developed, to provide a secure method of detecting attempted tampering of a
data set.
Thanks,
Bob Cavanaugh
From: Gnupg-users
My Vote is for the armadillo, pangolin, or hedgehog. All cutecuddly until you
try to look too close...
Thanks,
Bob Cavanaugh
-Original Message-
From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of James Moe
Sent: Tuesday, June 17, 2014 9:59 AM
To:
Hi HaukeGroup,
I have been following this thread with a lot of interest. I want to jump in
here to make sure that something implicit is made explicit: If a
unsophisticated user is allowed too much latitude (or provided too much
information and the way to dessiminate it), not only can they harm
Hi,
My vote is to adopt Gabe's convention. I think it makes a great deal of sense.
Thanks,
Bob Cavanaugh
-Original Message-
From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of Gabriel
Niebler
Sent: Thursday, April 24, 2014 4:10 PM
To: Doug Barton; Peter Lebbing;
If it is not violating any agreements or policies, can somebody on this thread
please point to a source in the US for these products?
Thanks,
Bob Cavanaugh
-Original Message-
From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of Werner
Koch
Sent: Friday, December 06,
I guess I lost track of the initial purpose of this thread. Why do you want
this if you can only achieve the same cryptographic strength as one of the
ciphers? What problem are you solving?
Thanks,
Bob Cavanaugh
Broadcom Corporation
16340 West Bernardo Drive
San Diego CA 92127
Work:
Peter,
I usually lurk on this group, but I have to give kudos for this. This is the
best introductory explanation I have seen in a long time. Well done.
Thanks,
Bob Cavanaugh
Broadcom Corporation
16340 West Bernardo Drive
San Diego CA 92127
Work:858-521-5562
Fax: 858-385-8810
Cell:
How about a lemur? They have masked varieties (and they are cute). Raccoon also
comes to mind...
Thanks,
Bob Cavanaugh
Broadcom Corporation
16340 West Bernardo Drive
San Diego CA 92127
Work:858-521-5562
Fax: 858-385-8810
Cell:858-361-2068
-Original Message-
From:
Hi All,
I am using Libgcrypt 1.5.2 with gcc v 4.5.3 on Cygwin to use the MPI functions.
Can you please provide some guidance on how to handle signed and negative MPIs?
I cannot seem to get a negative MPI, which is causing problems with other
computations (specifically gcry_mpi_invm never
31 matches
Mail list logo