On Thu, Jan 14, 2021 at 1:50 AM Ángel wrote:
> PPS: Another benefit would be that we could have avoided this long
> thread. :-)
The greatest benefit would have been if the author of WKD, namly Werner Koch,
had been so kind to explain to us why WKD needs two methods and what
security
On 2021-01-13 at 10:12 +0100, Neal H. Walfield wrote:
> I'd like to clarify what Sequoia is doing (wrong).
> (...)
Hello Neal
Thanks for chiming in and explaining the steps taken by sequoia.
I'll try to re-focus this subthread back on the initial topic of your
email.
> The I-D says "Only if
On Wed, Jan 13, 2021 at 11:45 PM André Colomb wrote:
>
> Am 13. Januar 2021 21:44:07 MEZ schrieb Stefan Claas via Gnupg-users
> :
> >Hi Juergen,
> >
> >looks like you are a bit upset, like probably others as well.
>
> I hope others don't mind me speaking in their names. Stefan, we are upset by
Am 13. Januar 2021 21:44:07 MEZ schrieb Stefan Claas via Gnupg-users
:
>Hi Juergen,
>
>looks like you are a bit upset, like probably others as well.
I hope others don't mind me speaking in their names. Stefan, we are upset by
you making false accusations about which software does something
On Wed, Jan 13, 2021 at 10:00 PM Erich Eckner via Gnupg-users
wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> On Wed, 13 Jan 2021, Juergen Bruckner via Gnupg-users wrote:
>
> > Hello Stefan!
>
> Hi all,
>
> >
> >
> > [...]
> >> sequoia did the right step and I hope for people
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Wed, 13 Jan 2021, Juergen Bruckner via Gnupg-users wrote:
Hello Stefan!
Hi all,
[...]
sequoia did the right step and I hope for people relying on GnuPG that
it is possible for them in the future too.
So did Sequoia do that?
You
On Wed, Jan 13, 2021 at 9:24 PM Juergen Bruckner via Gnupg-users
wrote:
>
> Hello Stefan!
>
>
> [...]
> > sequoia did the right step and I hope for people relying on GnuPG that
> > it is possible for them in the future too.
>
> So did Sequoia do that?
> You consider not to follow policies "the
Hello Stefan!
[...]
sequoia did the right step and I hope for people relying on GnuPG that
it is possible for them in the future too.
So did Sequoia do that?
You consider not to follow policies "the right step"?
Sorry, but you dont have a clue about security!
The only right way is to follow
On Wed, Jan 13, 2021 at 7:26 PM André Colomb wrote:
>
> On 13/01/2021 17.56, Stefan Claas wrote:
> >> What are droplets? For which domain did you generate a wildcard
> >> certificate? What are the DNS settings on that domain? I could take a
> >> look at what responses are returned from the
On 13/01/2021 17.56, Stefan Claas wrote:
>> What are droplets? For which domain did you generate a wildcard
>> certificate? What are the DNS settings on that domain? I could take a
>> look at what responses are returned from the real domain, but need some
>> information at least which OpenPGP
On Wed, Jan 13, 2021 at 8:42 AM Daniele Nicolodi wrote:
>
> On 12/01/2021 23:30, Stefan Claas wrote:
> > The reason why I like also the option for, let's say github.io pages
> > is that, like I have shown in the whole thread that a very well known
> > site like GitHub, with it's millions of
On Wed, Jan 13, 2021 at 4:36 PM André Colomb wrote:
>
> Hi Stefan,
>
> On 13/01/2021 17.07, Stefan Claas wrote:
> > On Wed, Jan 13, 2021 at 10:22 AM André Colomb wrote:
> >
> >> So the core problem, as with Stefan's case, is the lack of control over
> >> the domain's DNS settings. Which the WKD
Hi Stefan,
On 13/01/2021 17.07, Stefan Claas wrote:
> On Wed, Jan 13, 2021 at 10:22 AM André Colomb wrote:
>
>> So the core problem, as with Stefan's case, is the lack of control over
>> the domain's DNS settings. Which the WKD mechanism relies upon to
>> delegate trust to the domain
On Wed, Jan 13, 2021 at 10:22 AM André Colomb wrote:
> So the core problem, as with Stefan's case, is the lack of control over
> the domain's DNS settings. Which the WKD mechanism relies upon to
> delegate trust to the domain operators.
Hi Andre, I wouldn't formulate it this way. I already
Hi Neal,
thanks for chiming in with details about your implementation. It's now
clear that the wrong certificate in fact triggers an alarm, which is
good. Only the fall-back behavior differs from GnuPG. Since Stefan set
up the direct method as well, that leads to his setup actually working
Hi Andre,
On Tue, 12 Jan 2021 20:13:42 +0100,
André Colomb wrote:
> It has also been pointed out repeatedly in this thread that Sequoia
> apparently does not properly check the TLS certificate, which you have
> proven with your example setup. That could be called "modern" or
> "insecure". It
On 12/01/2021 23:30, Stefan Claas wrote:
> The reason why I like also the option for, let's say github.io pages
> is that, like I have shown in the whole thread that a very well known
> site like GitHub, with it's millions of software developes allows one
> to host, via WKD, a mutli-purpose usage
On 12/01/2021 22:17, Stefan Claas wrote:
> On Tue, Jan 12, 2021 at 10:09 PM Daniele Nicolodi wrote:
>>
>> On 12/01/2021 20:40, Stefan Claas via Gnupg-users wrote:
>>> On Tue, Jan 12, 2021 at 8:17 PM André Colomb wrote:
Hi Stefan,
>>>
So there are two "bugs" involved here. 1.
18 matches
Mail list logo
