Werner Koch wrote:
On Tue, 14 Nov 2023 20:52, Jacob Bachmeyer said:
succeed in either case. If this condition is not met, Mallory will
eventually be able to forge a signature. Therefore, smartcards do not
actually provide additional security in the typical PGP usage.
In all
On Tue, 14 Nov 2023 20:52, Jacob Bachmeyer said:
> succeed in either case. If this condition is not met, Mallory will
> eventually be able to forge a signature. Therefore, smartcards do not
> actually provide additional security in the typical PGP usage.
In all environments you have the
Henning Follmann wrote:
On Mon, Nov 13, 2023 at 10:23:16PM -0600, Jacob Bachmeyer via Gnupg-users wrote:
Daniel Cerqueira wrote:
Jacob Bachmeyer writes:
[...]
Yes it does. The key can't be copied and taken away from the device. This
is an advantage.
It is an
On Mon, Nov 13, 2023 at 10:23:16PM -0600, Jacob Bachmeyer via Gnupg-users wrote:
> Daniel Cerqueira wrote:
> > Jacob Bachmeyer writes:
> >
>
[...]
> My point is that smartcards do not magically increase security beyond the
> private key wrapping encryption built in to GPG, and provide little
Daniel Cerqueira wrote:
Jacob Bachmeyer writes:
The problem here is that, while the key never leaves the smartcard,
the /entire/ device that accesses the smartcard must be trusted, as a
backdoor on the device could steal plaintext or submit extra items for
signing. A PIN does not solve
Jacob Bachmeyer writes:
> The problem here is that, while the key never leaves the smartcard,
> the /entire/ device that accesses the smartcard must be trusted, as a
> backdoor on the device could steal plaintext or submit extra items for
> signing. A PIN does not solve the problem, since the
Hello Alexander,
Am 13.11.23 um 09:04 schrieb Alexander Leidinger via Gnupg-users:
I'm interested to hear about a Android App which supports yubikeys, but
this is curiosity, as it doesn't help with the above case of a webmail
interface.
As far I know 'Openkeychain' supports OpenPGP
His original post was about signing files, not reading encrypted mails.
Of course, everything gets complicated when you want to read the same
mails from many devices.
What would be the point of such a server? Having a server like that
appears dangerous to me. How is it protecting the key better
Am 2023-11-13 07:09, schrieb Stephan Verbücheln via Gnupg-users:
On Sun, 2023-11-12 at 19:46 -0600, Jacob Bachmeyer wrote:
A PIN does not solve the problem, since the PIN is entered on
the device, which could be backdoored to store the PIN
That's why card readers with pinpads were invented,
On Sun, 2023-11-12 at 19:46 -0600, Jacob Bachmeyer wrote:
> A PIN does not solve the problem, since the PIN is entered on
> the device, which could be backdoored to store the PIN
That's why card readers with pinpads were invented, and GnuPG also
supports that:
Daniel Cerqueira via Gnupg-users wrote:
Jeff Schmidt writes:
[...]
You may want to consider using an OpenPGP smartcard (for example, a
Yubikey). Seems that you are a good fit.
Using a OpenPGP smartcard, the private key never leaves the smartcard.
The smartcard can also be used on a smartphone
Jeff Schmidt writes:
> Hi,
>
> So, I want to start using Gnupg more to sign things. Right now, in
> addition to GnuPG having access to my private key, to use
> signing/encryption in my email client, requires allowing the openpgp
> implementation in the email client to access my private key.
Hi,
So, I want to start using Gnupg more to sign things. Right now, in
addition to GnuPG having access to my private key, to use
signing/encryption in my email client, requires allowing the openpgp
implementation in the email client to access my private key. Which, I
think I'm OK with as
13 matches
Mail list logo
