the GnuPG code to create a fork, and add this kind
of behaviur?
2017-09-09 0:50 GMT+02:00 lesto fante :
> Hello,
>
> Maybe this is not the right place to discuss about this, please be
> kind with a noob.
>
> My user case is simple; maintain my identity even if my master key is
I understand what you say, but for now I'm still thinking if use a
certificate for lvl1 or a key.. For sure in the next days I want to produce
a basic schematic of the system, protocol, expected workflow..
I already attempted something but so far I always changed idea halfway
thought.
On Fri, Sep
>You've already heard a lot of good advice from people here
I got a couple of ideas, but so far the only real information is that
I cant do with actual system in place. And one nice idea from a guy to
use level of thrust already implemented, but i'm not sure if i
understand all of its possible dow
> Just because they don't expose the dials and switches to you doesn't mean
> they don't exist.
my goal instead is became as invisible as possible for the end user.he
should forget about my app running in the background, of course a
password sometimes when he add a new service, but that is all.
>Until and unless you present a usability study involving 100+ people composing
>a representative sample of an identifiable community, you don't know a thing.
* I think * is NOT * I know *. I may be wrong: I don't care. First of
all i want to implement this for myself, and if i'm right and is
som
>Such a thing already exists, at least here in Italy: CIE/CNS. X509-based certs.
exactly, this is what started the idea; we have no power over those
certificate for revoke, and i have no idea if a new certificate is
issued if you loose your document.
What I found out is that the CA seems to be re
as always.)
2017-09-12 18:01 GMT+02:00 Daniel Kahn Gillmor :
> On Sun 2017-09-10 21:17:33 +0200, lesto fante wrote:
>> here i want to AUTOMATE, make this thing MORE EASY to use than a
>> common password approach.
>
> I understand that you're trying to make *your* life easi
lly.. 10€? so
you can but the nice premium-feature, and even if it was scam,
charging back is still an option.
2017-09-10 20:27 GMT+02:00 Leo Gaspard :
> (you forgot to Cc: the list, I'm Cc-ing back as it doesn't seem
> voluntary to me)
>
> On 09/10/2017 07:50 PM, lesto fa
r something else in the list of the 100 most used
password. So she is not really loosing any privacy over this; actually
we are making the system safer even for her.
2017-09-11 0:01 GMT+02:00 Damien Goutte-Gattat :
> On 09/10/2017 11:32 PM, lesto fante wrote:
>>
>> just to be sure
ate and revoke other key in the behalf
of the master key, then seems to be exactly what I'm looking for. I
just can't find anything, and I guess i'll have to find it on the RFC
2017-09-10 20:27 GMT+02:00 Leo Gaspard :
> (you forgot to Cc: the list, I'm Cc-ing back as it doesn&
2017-09-10 21:50 GMT+02:00 Damien Goutte-Gattat :
> On 09/10/2017 09:17 PM, lesto fante wrote:
>>>
>>> If your level-3 key is compromised, you revoke it, generate a new one and
>>> sign it with the level-2 key. The new level-3 key will be automatically
>>> val
ey she had has been already replaced :)
2017-09-10 20:39 GMT+02:00 Damien Goutte-Gattat :
> On 09/10/2017 08:30 PM, lesto fante wrote:
>>>
>>> If your level-1 key is compromised, you revoke it, generate a new one and
>>> sign it with the level-2 key. The new lev
ssued a
new one, and uploaded them on the key server. Instead now i can't even
revoke them.
There are more, if i sit there and think about all frustration i had
to manage my keys, and for sure there is a lot to do in the wallet
side too.
2017-09-10 19:47 GMT+02:00 Damien Goutte-Gattat :
>
can you please explain what are C subkey?
unfortunately a search with those terms does not return nothing
relevant, a direct link to some docs would be nice.
Also i took a look at rfc4880bis but again i can't see how is related
to C key or this argument at all.
(sent again as sent only to andrew
r a password wallet!
On Sun, Sep 10, 2017, 17:03 Daniel Kahn Gillmor
wrote:
> On Sat 2017-09-09 00:50:56 +0200, lesto fante wrote:
>
> > Maybe this is not the right place to discuss about this, please be
> > kind with a noob.
>
> this is the right place, welcome!
>
>
I am a bit confused by your "C key" terminology, i assume you are referring
to what i call "master key", or level 2 key, that now I want to call SIGN
KEY.
Lets all agree on the terminology please. I propose this:
level 1: IDENTITY key - keep super safe. Paranoid level safe.
level 2: SIGN key -
Hello,
Maybe this is not the right place to discuss about this, please be
kind with a noob.
My user case is simple; maintain my identity even if my master key is
compromised. Tho achieve that, I think about a multilevel subkey
system.
Please i would love to hear any alternative.
For the discussio
17 matches
Mail list logo
