On 01/09/14 23:04, Ville Määttä wrote:
I bought my SCR3500 and SCR335 V2 from Identive / Chipdrive [1]. I had a
problem adding VAT number to the order myself but at least they ship (and
kindly handled fixing the bill afterwards). Though, they only seem to have an
SCT3511 there, not a 3512.
On 01/09/14 08:16, Werner Koch wrote:
On Sun, 31 Aug 2014 23:27, tristan.sant...@internexusconnect.net said:
Yes the card can have a 4096bit Auth, Sign and Encryption key. You have
Correct.
to generate them on a machine though, not on card.
The cards generate them just fine.
Note
On 01/09/14 15:18, Philip Jackson wrote:
On 01/09/14 08:16, Werner Koch wrote:
On Sun, 31 Aug 2014 23:27, tristan.sant...@internexusconnect.net said:
Yes the card can have a 4096bit Auth, Sign and Encryption key. You have
Correct.
to generate them on a machine though, not on card.
The
I bought my SCR3500 and SCR335 V2 from Identive / Chipdrive [1]. I had a
problem adding VAT number to the order myself but at least they ship (and
kindly handled fixing the bill afterwards). Though, they only seem to have an
SCT3511 there, not a 3512.
[1] http://www.chipdrive.de
--
Ville
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Sat, 13 Mar 2010 20:05:21 + MFPA wrote:
I can't speak for other people, but I can for me. Take
a look at the UIDs on my key, which is
0xC7C66ADF3DB6D884. And also, take a look at my master
key 0x2188A92DF05045C2 that I signed the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Friday 19 March 2010 at 6:54:06 AM, in
mid:4ba31f8e.1050...@gmail.com, Paul Richard Ramer wrote:
On Sat, 13 Mar 2010 20:05:21 + MFPA wrote:
It looks to me as if the answer is yes. Unless each
person who had one of your email
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 17 March 2010 at 12:58:37 AM, in
mid:pine.gso.4.61.1003161106110.25...@dionne.cs.albany.edu, reynt0
wrote:
On Mon, 15 Mar 2010 14:49:32 + MFPA wrote: . . .
When the reader is Big Brother, or a potential
employer or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Tuesday 16 March 2010 at 6:02:15 AM, in
mid:4b9f1ee7.9000...@gmail.com, Paul Richard Ramer wrote:
On Mon, 15 Mar 2010 14:49:32 + MFPA wrote:
I don't understand the comment that they were never
private information. They will have
On Mon, 15 Mar 2010 14:49:32 + MFPA wrote:
. . .
In fact, just by posting to this mailing list we have
given up some privacy or anonymity. The nature of the
way we write, what we think, the experiences that we
relate--all of these reveal something about ourselves.
When the reader is Big
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Monday 15 March 2010 at 7:54:03 AM, in
mid:4b9de79b.3050...@gmail.com, Paul Richard Ramer wrote:
If you knew more about how I shared those e-mail
addresses, you might conclude differently.
OK
I think that I disclosed less than you
Hello MFPA,
I couldn't respond to your post for a while. So here it is.
On Mon, 8 Mar 2010 21:38:18 + MFPA wrote:
I never asserted that you said the key's originator owned the
information stored in the key. I was quoting the context of what your
reply about the originator having some
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Saturday 13 March 2010 at 11:15:32 AM, in
mid:4b9b73d4.4090...@gmail.com, Paul Richard Ramer wrote:
The issue of law is not an integral part of the
answer to the question of what should be. It is an
integral part of the answer to what
Hi Paul
On Monday 8 March 2010 at 7:44:42 AM, you wrote:
I am assuming that a person inhabited with the desire to protect his
personal information would analyze the safety of using a UID with the
information that he wants to protect.
I think you may be assuming an awful lot, especially in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Paul
On Monday 8 March 2010 at 5:35:08 AM, you wrote:
MFPA wrote:
On Saturday 6 March 2010 at 8:55:48 AM, you wrote:
On Sat, 27 Feb 2010 03:52:02 + MFPA wrote:
(b) the person owns the information has the right to
control how it is
Hi Paul
On Saturday 6 March 2010 at 8:54:41 AM, you wrote:
Hello MFPA,
During this whole debate, you have assumed one thing in your argument
that I don't believe anyone has pointed out as being flawed. You have
assumed that the person (I will call him John Doe) would have decided
to
On Mar 7, 2010, at 11:46 AM, MFPA wrote:
The default configurations of PGP and gpg ask for a name, email
address, and comment when you create a key. Last time I looked (v8.x),
PGP would not even create a key without something that looked like an
email address - hence the a...@b.c in my UID.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi David
On Sunday 7 March 2010 at 5:53:51 PM, you wrote:
On Mar 7, 2010, at 11:46 AM, MFPA wrote:
(And yes, I know gpg now
allows you to omit the email address without having to use --expert,
but you are still asked for it.)
There is no
Hi Mark
On Thursday 4 March 2010 at 5:25:09 PM, you wrote:
Were I the individual, I would think long and hard about using a tool
which would require me to defeat its features that create identity
labels (however false or information-poor) and carry them along with
the message. I would be
MFPA wrote:
On Saturday 6 March 2010 at 8:55:48 AM, you wrote:
On Sat, 27 Feb 2010 03:52:02 + MFPA wrote:
(b) the person owns the information has the right to
control how it is disseminated, and
This was someone's re-interpretation of my point. Spot the extra ?
Hello MFPA,
I never
Hello MFPA,
I will summarize the rights and restrictions that I believe you say
that an OpenPGP user has with another's public key. I will call this
the rules of Key Rights Management or KRM for short.
Rights of the Key Originator
* Can restrict the uploading of the
MFPA wrote:
In each of these cases, John Doe made the mistake of thinking that
he could keep his personal information in his key, and that he could
keep his key off the keyservers. If John were to make the wisest
decision about keeping his personal informaton secret, wouldn't he
choose to not
On Sat, 27 Feb 2010 03:52:02 + MFPA wrote:
(b) the person owns the information has the right to
control how it is disseminated, and
The data subject does have various rights concerning the personal
information that is about him.
Hello MFPA,
How far do the rights of the key holder go?
Hello MFPA,
During this whole debate, you have assumed one thing in your argument
that I don't believe anyone has pointed out as being flawed. You have
assumed that the person (I will call him John Doe) would have decided
to create a UID that contained the personal information that he wants
to
On Wed, Mar 03, 2010 at 06:44:25PM +, MFPA wrote:
On Wednesday 3 March 2010 at 4:16:21 PM, you wrote:
On Fri, Feb 26, 2010 at 03:53:27PM +, MFPA wrote:
There are privacy issues, especially if user-ids on the key contain
email addresses. In some cases, the authorities knowing an
On Sat, Feb 27, 2010 at 12:30:21AM +, MFPA wrote:
No impact on the web of trust. But your online presence (and possibly
that of somebody else with the same name) can feed into decisions
about employing you or doing business with you, often/usually made by
people who don't actually
On Fri, Feb 26, 2010 at 03:53:27PM +, MFPA wrote:
There are privacy issues, especially if user-ids on the key contain
email addresses. In some cases, the authorities knowing an individual
used encryption could be a problem.
There are issues of tradecraft, then. Using OpenPGP as a tool for
On 03/03/2010 11:16 AM, Mark H. Wood wrote:
On Fri, Feb 26, 2010 at 03:53:27PM +, MFPA wrote:
There are privacy issues, especially if user-ids on the key contain
email addresses. In some cases, the authorities knowing an individual
used encryption could be a problem.
There are issues of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Mark
On Wednesday 3 March 2010 at 4:16:21 PM, you wrote:
On Fri, Feb 26, 2010 at 03:53:27PM +, MFPA wrote:
There are privacy issues, especially if user-ids on the key contain
email addresses. In some cases, the authorities knowing an
On 3/3/2010 1:25 PM, Daniel Kahn Gillmor wrote:
There are issues of tradecraft, then. Using OpenPGP as a tool for
committing crimes is kind of stupid.
Can we not go down this line of argument, please?
I agree that OpenPGP implementations can be useful tools for the
advancement of human
On 3/3/2010 1:44 PM, MFPA wrote:
I feel there is a strong assumption among OpenPGP users that our
community is, *ahem*, open.
Is it not also a reasonable assumption, that those who use and promote
privacy-enhancing software will value and respect privacy?
It is not reasonable that their
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Robert
On Wednesday 3 March 2010 at 6:52:17 PM, you wrote:
It is not reasonable that their definition of privacy will overlap with
yours, no. I don't get to define what privacy means for anyone other
than me. You don't get to define what
On Sun, 28 Feb 2010, David Shaw wrote:
On Feb 28, 2010, at 4:20 PM, reynt0 wrote:
On Sat, 27 Feb 2010, Robert J. Hansen wrote:
. . .
The perfect is the enemy of the good.
Just to note, did RJH actually intend to write
...the enemy of the good enough., which I believe is
the usual quote?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi John
On Saturday 27 February 2010 at 10:21:20 PM, you wrote:
MFPA wrote:
My contention is that the de
facto standard of revealing email addresses in key UIDs could actually be
mitigating *against* the use of encrypted mail, by
On Feb 28, 2010, at 12:54 AM, MFPA wrote:
On Saturday 27 February 2010 at 11:19:43 PM, you wrote:
GnuPG doesn't, at least as of 1.4.10, force you to include an e-mail
address in your user ID. It merely requests an e-mail address, and you
can just press enter and ignore the request.
On Feb 27, 2010, at 4:54 PM, Grant Olson wrote:
Doh! Originally sent off list... Maybe Robert got a psychic vibe...
On 2/27/2010 2:21 PM, MFPA wrote:
I don't want such a vote. Whether somebody chooses to include an email
address in their UID is up to the individual. I have not seen
On Sat, 27 Feb 2010, Paul Richard Ramer wrote:
. . .
Speculation isn't any more progress than an idea is action. Speculation
buttressed with facts leads, in time, to progress. But speculation,
. . .
And speculation often has the very useful effect of stimulating
search for new facts where
On Sun, 28 Feb 2010, MFPA wrote:
. . .
no way to prove you're MFPA. So I can't sign your key.
If you knew me personally, you could.
And as I already said, do you know MFPA's not my legal identity?
There used to be somebody in my town who had officially changed his
name to FREFF. (Never did
That isn't how the web of trust works. Well, it *can* work that way
for you, since you can choose who to trust and who not to, but that's
not the information encoded in there. I know dozens of people on the
net. I've exchanged encrypted mail with them, I've worked with them, in
some case
On Sat, 27 Feb 2010, Robert J. Hansen wrote:
. . .
The perfect is the enemy of the good.
Just to note, did RJH actually intend to write
...the enemy of the good enough., which I believe is
the usual quote? The two are rather different ideas,
even more so if morality has been included as an
The perfect is the enemy of the good.
It's a pretty common engineering maxim. It's not a statement about morality --
or, at least, it wasn't my intent for it to be taken as such.
For an excellent engineering example of the difference between perfect and
good, compare Project Xanadu to the
On Feb 27, 2010, at 3:23 PM, Robert J. Hansen wrote:
I agree that generally speaking, it's a good idea to put keys on the
keyservers. I don't know if that makes it conventional wisdom, or who the
arbiter of such wisdom might be, but clearly a very common use of OpenPGP is
for encrypted
On Feb 28, 2010, at 4:20 PM, reynt0 wrote:
On Sat, 27 Feb 2010, Robert J. Hansen wrote:
. . .
The perfect is the enemy of the good.
Just to note, did RJH actually intend to write
...the enemy of the good enough., which I believe is
the usual quote? The two are rather different ideas,
You can certainly tell a lot about someone by the signatures on their key.
Either directly from the signature or because those signatures point to other
keys that have their own signatures, etc. With your permission, may I see
what I can find from the signatures on your key D6B98E10?
Go
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi reynt0
On Sunday 28 February 2010 at 9:18:55 PM, you wrote:
Now all the serious ones, or maybe the merely curious,
have to do is to search FREFF--or maybe buy from Google the
info Google has about FREFF if nothing can be found easily by
a
On Feb 28, 2010, at 8:09 PM, Robert J. Hansen wrote:
You can certainly tell a lot about someone by the signatures on their key.
Either directly from the signature or because those signatures point to
other keys that have their own signatures, etc. With your permission, may I
see what I
Understood, and I agree it makes no such statement. However, it does make a
reasonably good statement that you were physically located near that person
at a certain point in time, roughly what that time was, and roughly where
(geographically) it happened.
This is assuming the signature is
On Sun, 2010-02-28 at 16:06 -0500, reynt0 wrote:
On Sat, 27 Feb 2010, Paul Richard Ramer wrote:
. . .
Speculation isn't any more progress than an idea is action. Speculation
buttressed with facts leads, in time, to progress. But speculation,
. . .
And speculation often has the very
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Jerry wrote:
Maybe not totally apropos to this discussion; however, I worked in
traffic analysis for several years. If given enough leeway, you would
be amazed at the information you can gather about an individual, and at
its astonishing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sat, 27 Feb 2010 08:24:07 -0500
John W. Moore III jmoore...@bellsouth.net articulated:
UAV Missile Operators don't need to know what the message said; just
where You are at the time it is Sent. Radio transmissions are
targeted using Huff-Duff
On Feb 26, 2010, at 12:04 PM, Robert J. Hansen wrote:
In some cases, the authorities knowing an individual used encryption
could be a problem.
Why? Because they have a key on the keyservers? If this is what you're
worried about, rest easy: there are so many easier ways to learn whether
On 2/27/10 9:58 AM, David Shaw wrote:
Do you really mean to suggest that a US authority getting email
headers - even without a warrant - is easier than typing a name into
a search box on a keyserver?
No. You're right, that's clearly easier. However, that only tells you
whether someone has
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Saturday 27 February 2010 at 6:11:29 AM, in
mid:4b88b791.7000...@sixdemonbag.org, Robert J. Hansen wrote:
There is a perceived need for $150 bowls of soup, as
evidenced by dozens of high-priced gourmet restaurants
in major cities. The
On Feb 27, 2010, at 11:22 AM, Robert J. Hansen wrote:
On 2/27/10 9:58 AM, David Shaw wrote:
Do you really mean to suggest that a US authority getting email
headers - even without a warrant - is easier than typing a name into
a search box on a keyserver?
No. You're right, that's clearly
On Feb 27, 2010, at 2:21 PM, MFPA wrote:
I have always been taught to challenge the status quo. Because that's
the way we do it is *never* a good reason to continue doing something
in a particular way.
The status quo has something going for it: it works. 95% of all new ideas are
awful and
On Feb 27, 2010, at 3:02 PM, David Shaw wrote:
Much as the email headers do in your example. If the mail is not encrypted,
the headers just show that it might be. In practice, headers won't show much
as the majority of modern mail programs have the capability for encryption of
one sort
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Saturday 27 February 2010 at 4:22:27 PM, in
mid:4b8946c3.5050...@sixdemonbag.org, Robert J. Hansen wrote:
His position seems to have shifted.
As the thread has progressed, the posts I'm replying to have shifted
from It is a good idea to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Robert
On Saturday 27 February 2010 at 8:23:25 PM, you wrote:
On Feb 27, 2010, at 3:02 PM, David Shaw wrote:
With regards to the second statement, you give a great reason
yourself a few paragraphs up: If you live in Cuba and you're using
And whist you have stated that you check first, you have advocated
that it's OK not to. Somebody following your advice could land this
hypothetical Cuban in a whole lot of trouble.
The hypothetical Cuban had a lot bigger problems the instant he shared his
public key with people he shouldn't
On Feb 27, 2010, at 4:10 PM, Robert J. Hansen wrote:
Keep it on the list, please, and not in private mail.
Oh, ack. I completely misread the To- line, and didn't see the cc: to
gnupg-users. My error, and my apologies to MFPA. :)
___
Gnupg-users
Doh! Originally sent off list... Maybe Robert got a psychic vibe...
On 2/27/2010 2:21 PM, MFPA wrote:
I don't want such a vote. Whether somebody chooses to include an email
address in their UID is up to the individual. I have not seen anything
that convinces me it is better for me to
This may be a dup - I think the original went out with the wrong From addr
MFPA wrote:
Hi
On Saturday 27 February 2010 at 6:11:29 AM, in
mid:4b88b791.7000...@sixdemonbag.org, Robert J. Hansen wrote:
In any case, I've never seen a convincing argument *for* including email
addresses in the
On Sat, 2010-02-27 at 19:21 +, MFPA wrote:
There is a widespread perception (rightly or wrongly) that exposing
your email address publicly on the internet will lead to that email
address being spammed into oblivion. The new openPGP user is exhorted
to create a key pair using their name and
MFPA wrote:
Hi
On Saturday 27 February 2010 at 6:11:29 AM, in
mid:4b88b791.7000...@sixdemonbag.org, Robert J. Hansen wrote:
In any case, I've never seen a convincing argument *for* including email
addresses in the UID of a PGP key.
Nor have we seen compelling arguments for their omission
On 02/27/10 14:21, John Clizbe wrote:
Nor have we seen compelling arguments for their omission as a general rule
I think it would be more accurate to say that we haven't seen any
arguments that will sway those with strongly held beliefs on either
side. Since we're not likely to see them any time
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Robert
On Saturday 27 February 2010 at 8:03:15 PM, you wrote:
On Feb 27, 2010, at 2:21 PM, MFPA wrote:
I have always been taught to challenge the status quo. Because that's
the way we do it is *never* a good reason to continue doing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Grant
On Saturday 27 February 2010 at 9:54:56 PM, you wrote:
It sounds like you're using the software to do the opposite thing that
many people do. I think digital signatures are utilized much more than
encrypted communication.
I don't
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Paul
On Saturday 27 February 2010 at 11:19:43 PM, you wrote:
GnuPG doesn't, at least as of 1.4.10, force you to include an e-mail
address in your user ID. It merely requests an e-mail address, and you
can just press enter and ignore the
On Sun, 2010-02-28 at 04:33 +, MFPA wrote:
Speculation is great, but speculation isn't fact -- and we need to
change the way we do things based on facts, not on speculations. We
can agree on facts, but our speculations will likely not overlap very much
at all.
I'm sure anybody
I think that MFPA has succinctly summed up his point of view in these
two quotes.
On Sun, 2010-02-28 at 04:33 +, MFPA wrote:
What you're saying here is, even if the advice were sound for one
million users, and destructive to the privacy of just one, I still
would not change because any
Kind of let's agree to disagree?
More like, since you are reacting emotionally and refuse to even entertain the
possibility of being persuaded, there is no point in continuing this
conversation.
I wish you a pleasant day.
___
Gnupg-users mailing
Hi Robert
On Friday 26 February 2010 at 3:24:29 AM, you wrote:
Exportable signatures are meant for the case where the signer *wants* to
attest to the world their association.
I thought signing somebody's key was just stating to the world that
you believe the claimed identity of the person
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Thursday 25 February 2010 at 6:04:00 PM, in
mid:4b86bb90.70...@mozilla-enigmail.org, John Clizbe wrote:
Then you need not send your key to the keyserver
network. Pretty simple personal choice, huh? Don't want
to? Don't do it.
Fair
On 2/26/10 9:49 AM, MFPA wrote:
I thought signing somebody's key was just stating to the world that
you believe the claimed identity of the person who controls that key
at the time you are signing it - not an indication that you are in any
way associated.
I'm scratching my head here trying to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Paul
On Thursday 25 February 2010 at 10:30:00 PM, you wrote:
In my case, the reason that I uploaded my keys to public keyservers was
to make it possible for anyone who wanted to privately communicate with
me to do so. Even if I didn't
On Feb 26, 2010, at 11:24 AM, Robert J. Hansen wrote:
On 2/26/10 9:49 AM, MFPA wrote:
I thought signing somebody's key was just stating to the world that
you believe the claimed identity of the person who controls that key
at the time you are signing it - not an indication that you are in any
On 2/26/10 10:53 AM, MFPA wrote:
There are privacy issues, especially if user-ids on the key contain
email addresses.
This isn't persuasive. It's been hammered out tons of times, and no one
has ever presented a strong argument for keeping email addresses secret.
Usually the same arguments
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Robert
On Thursday 25 February 2010 at 8:23:30 PM, you wrote:
On 2/25/10 9:24 AM, MFPA wrote:
Some people hate the idea and get *very* upset if their key does end
up on the servers.
What you're advocating here is DRM on the honor system.
On 2/26/10 12:38 PM, MFPA wrote:
I am *not* advocating the implementation of any form of
Digital Restrictions Malware (DRM).
You can say you're not advocating DRM -- but if it looks like a duck,
swims like a duck, flies like a duck and quacks like a duck, then it's a
duck.
Digital: yes, the
On 2/26/2010 12:38 PM, MFPA wrote:
I am *not* advocating the implementation of any form of
Digital Restrictions Malware (DRM).
Uploading a somebody else's key without first checking it is OK by
them is a breach of their privacy and could well be illegal/unlawful
in jurisdictions with data
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
MFPA escribió:
...
Do many people check the keyservers for a possible key when they
contact somebody they have not emailed before?
Well, I have done that once or twice...
...
Use of encryption may put an individual under suspicion of illegal
On Feb 26, 2010, at 1:30 PM, Grant Olson wrote:
On 2/26/2010 12:38 PM, MFPA wrote:
I am *not* advocating the implementation of any form of
Digital Restrictions Malware (DRM).
Uploading a somebody else's key without first checking it is OK by
them is a breach of their privacy and could
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Robert
On Friday 26 February 2010 at 6:05:56 PM, you wrote:
On 2/26/10 12:38 PM, MFPA wrote:
I am *not* advocating the implementation of any form of
Digital Restrictions Malware (DRM).
You can say you're not advocating DRM -- but if it
Alas, while GnuPG supports the flag, no keyserver does.
David
Just curious... Does support just mean it sets the bit? Or will it turn
an attempt to --send-keys on that key into a no-op?
signature.asc
Description: OpenPGP digital signature
On Feb 26, 2010, at 3:37 PM, Grant Olson wrote:
Alas, while GnuPG supports the flag, no keyserver does.
David
Just curious... Does support just mean it sets the bit? Or will it turn
an attempt to --send-keys on that key into a no-op?
Support means it gives the user the ability to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Grant
On Friday 26 February 2010 at 6:30:16 PM, you wrote:
As a practical matter, even if your contacts agree to respect your
wishes, it's still pretty easy for them to accidentally send it to
the keyservers. Perhaps mis-typing a command
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Friday 26 February 2010 at 8:39:07 PM, in
mid:97334e1f-ba6f-403e-83eb-51daee32f...@jabberwocky.com, David Shaw
wrote:
On Feb 26, 2010, at 3:37 PM, Grant Olson wrote:
Alas, while GnuPG supports the flag, no keyserver
does.
David
On 2/26/10 3:14 PM, MFPA wrote:
But if it bears only a slight resemblance to a duck, it is probably
*not* a duck.
You are asserting that (a) the person who created the public key owns
the information, (b) the person owns the information has the right to
control how it is disseminated, and (c)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi David
On Friday 26 February 2010 at 4:33:03 PM, you wrote:
On Feb 26, 2010, at 11:24 AM, Robert J. Hansen wrote:
On 2/26/10 9:49 AM, MFPA wrote:
I thought signing somebody's key was just stating to the world that
you believe the claimed
On Feb 26, 2010, at 4:10 PM, MFPA wrote:
Just curious... Does support just mean it sets the
bit? Or will it turn an attempt to --send-keys on
that key into a no-op?
Support means it gives the user the ability to set and
clear the bit (it is set by default).
Would there not be some
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi David
On Friday 26 February 2010 at 10:12:29 PM, you wrote:
The nefarious UID signature is not uncommon. There are many
presid...@whitehouse.gov keys (and other famous figures) that have
signed well-known keys. It's just easily-ignored
As well as backing up your private key and password on other electronic
storage (CD/memory stick... encrypted of course), I recommend that you
print your private key, a revocation certificate, and your passphrase on
paper, and store that document in a safe place... a secure lock box, ...
a
Hi Robert
On Friday 26 February 2010 at 9:14:58 PM, you wrote:
You are asserting that (a) the person who created the public key owns
the information,
Actually, I am asserting that the public key is likely to contain
personal information appertaining to the person who created that key.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Friday 26 February 2010 at 5:04:36 PM, in
mid:4b87ff24.3000...@sixdemonbag.org, Robert J. Hansen wrote:
On 2/26/10 10:53 AM, MFPA wrote:
There are privacy issues, especially if user-ids on the key contain
email addresses.
This isn't
On 2/26/10 11:55 PM, MFPA wrote:
Maybe not but there is a perceived need, as evidenced by services
like spamgourmet and all the disposable email address outfits
There is a perceived need for $150 bowls of soup, as evidenced by dozens
of high-priced gourmet restaurants in major cities. The
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Thursday 25 February 2010 at 3:53:23 AM, in
mid:4b85f433.1040...@mozilla-enigmail.org, John Clizbe wrote:
MFPA wrote:
Hi John
On Thursday 25 February 2010 at 12:17:36 AM, you
wrote:
It is also a good idea to send your key to the
MFPA wrote:
On Thursday 25 February 2010 at 3:53:23 AM, in
mid:4b85f433.1040...@mozilla-enigmail.org, John Clizbe wrote:
MFPA wrote:
Hi John
On Thursday 25 February 2010 at 12:17:36 AM, you wrote:
It is also a good idea to send your key to the keyservers.
But is, of course, a matter
On 2/25/10 9:24 AM, MFPA wrote:
Some people hate the idea and get *very* upset if their key does end
up on the servers.
What you're advocating here is DRM on the honor system. Don't copy
the key, don't distribute the key, don't upload the key, don't do
anything with the key, without the
On Thu, 2010-02-25 at 14:24 +, MFPA wrote:
My point was that not everybody wishes/chooses to send their keys to
the keyservers.
Some people hate the idea and get *very* upset if their key does end
up on the servers.
In my case, the reason that I uploaded my keys to public keyservers was
On Thu, 2010-02-25 at 15:23 -0500, Robert J. Hansen wrote:
On 2/25/10 9:24 AM, MFPA wrote:
Some people hate the idea and get *very* upset if their key does end
up on the servers.
What you're advocating here is DRM on the honor system. Don't copy
the key, don't distribute the key, don't
On Thu, 2010-02-25 at 15:23 -0500, Robert J. Hansen wrote:
On 2/25/10 9:24 AM, MFPA wrote:
Some people hate the idea and get *very* upset if their key does end
up on the servers.
What you're advocating here is DRM on the honor system. Don't copy
the key, don't distribute the key, don't
1 - 100 of 107 matches
Mail list logo