On Monday 03 of December 2012 12:41:10 Hauke Laging wrote:
Hello,
are there arguments for preferring either
a) having one RSA subkey for decryption only and one for signing only
or
b) having only one RSA subkey for both decryption and signing?
Do any problems arise with the
Am Di 04.12.2012, 13:19:11 schrieb Hubert Kario:
Keys can become used up so it entirely depends on how often you use it.
What I mean by that, is that any signing operation leaks some information
about the key used for signing (generally far less than few tens of a bit).
If you have signed
There isn't enough entropy in a filename for an MD5 checksum to give
much in the way of secrecy.
It seems that MD5 checksum is computed from file contents, not name.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
On Tuesday 04 of December 2012 14:14:34 Hauke Laging wrote:
Am Di 04.12.2012, 13:19:11 schrieb Hubert Kario:
Keys can become used up so it entirely depends on how often you use it.
What I mean by that, is that any signing operation leaks some information
about the key used for signing
RFC 4880 says this in the Security Considerations part:
* Many security protocol designers think that it is a bad idea to use
a single key for both privacy (encryption) and integrity
(signatures). In fact, this was one of the motivating forces
behind the V4 key format with
On Tue, Dec 4, 2012 at 12:19 PM, Hubert Kario h...@qbs.com.pl wrote:
On Monday 03 of December 2012 12:41:10 Hauke Laging wrote:
Hello,
are there arguments for preferring either
a) having one RSA subkey for decryption only and one for signing only
or
b) having only one RSA subkey for both
On Tuesday 04 of December 2012 16:07:26 Nicholas Cole wrote:
On Tue, Dec 4, 2012 at 12:19 PM, Hubert Kario h...@qbs.com.pl wrote:
On Monday 03 of December 2012 12:41:10 Hauke Laging wrote:
Hello,
are there arguments for preferring either
a) having one RSA subkey for decryption only
On Tuesday 04 of December 2012 16:07:26 Nicholas Cole wrote:
On Tue, Dec 4, 2012 at 12:19 PM, Hubert Kario h...@qbs.com.pl wrote:
On Monday 03 of December 2012 12:41:10 Hauke Laging wrote:
Do any problems arise with the smartcard if the same key shall do
different
tasks?
Keys can
On Tue, Dec 4, 2012 at 5:32 PM, Hubert Kario h...@qbs.com.pl wrote:
On Tuesday 04 of December 2012 16:07:26 Nicholas Cole wrote:
On Tue, Dec 4, 2012 at 12:19 PM, Hubert Kario h...@qbs.com.pl wrote:
On Monday 03 of December 2012 12:41:10 Hauke Laging wrote:
Do any problems arise with the
Meant to post this to the list. Blame gmail.
-- Forwarded message --
From: Nicholas Cole nicholas.c...@gmail.com
Date: Tue, Dec 4, 2012 at 7:10 PM
Subject: Re: Seperate RSA subkeys for decryption and signing or one for both?
To: Hubert Kario h...@qbs.com.pl
How do you propose
On Tue, 4 Dec 2012 14:40:22 +0200, yyy y...@yyy.id.lv wrote:
There isn't enough entropy in a filename for an MD5 checksum to give
much in the way of secrecy.
It seems that MD5 checksum is computed from file contents, not name.
Yes, I meant to use the MD5 checksum of the original file, not
Hello
I trid it with gnupg 2.0.19-1 from debian testing - PIN is not requested from
the card reader.
here is the log file. I did use testing keys and non-productive PIN so I hope I
did not post anything sensitive
2012-12-04 22:05:10 scdaemon[16008] listening on socket
GnuPG-Users:
I was wondering where that article was about seperating the master key
from daily subkeys (both signing and encrypting). I can't seem to find
it. Are there other articles on the similar methodologies that are still
secure. And is it still recommended that I sign another's keys with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 04-12-2012 18:18, Allen Schultz escribió:
GnuPG-Users:
I was wondering where that article was about seperating the master
key from daily subkeys (both signing and encrypting). I can't seem
to find it. Are there other articles on the
On 12/4/2012 3:03 PM, sben1783 wrote:
Yes, I meant to use the MD5 checksum of the original file, not its
original name. I'm still interested whether this would be insecure?
Let's not even use the word insecure, since that word is wholly
subjective: there's no agreed-upon definition for what it
15 matches
Mail list logo