Well... IMHO you did all what you had to/could do, if you want to keep
confidentiality : claiming your public key in association with your name on
several websites. Now, just hope no covert agency will try to impersonate you
until a lot of people verify and sign your public key.
On Tue, Mar 26,
On Wed, Jun 12, 2013 at 11:49:39AM +0200, Nils Faerber wrote:
IANAL but from my understanding:
1. by invocation of the commandline commands: Yes
2. invocation of GnuPG exe: Yes
3. Linking, dynamically or statically, against a GnuPG DLL, presumed
that it is licensed under GPL: No
IANAL
On Mon, Aug 12, 2013 at 11:40:35AM +0300, Martin T wrote:
Hi,
one can sign the message with --clearsign option which adds ASCII
armored(Radix-64 encoding) PGP signature at the end of the text.
This PGP signature contains the UID of the signer, timestamp and key
ID. However, two questions:
On Sun, Sep 08, 2013 at 03:15:24PM -0400, Avi wrote:
As must I. Robert has one of the clearest modes of exposition from
which I have ever been fortunate to benefit.
I have to agree on this point.
The issue is that I disagree with him on his stance : in my opinion, having a
schedule stating
The reason why the cryptanalytic community looked into whether DES forms a
group is because the 56-bit keyspace was too short and we critically needed
a way to compose DES into a stronger algorithm. That's not the case with
AES.
Disclaimer : I am not a mathematician, only a student in
(Sorry, I once again sent the message only to you and not to the list -- I
really need to get used to mailing lists, sorry !)
On Sat, Nov 02, 2013 at 07:08:15PM -0700, Paul R. Ramer wrote:
On 11/02/2013 02:25 PM, Leo Gaspard wrote:
Isn't the presence of a UID sufficient for this matter
On Mon, Nov 04, 2013 at 01:44:51PM -0800, Paul R. Ramer wrote:
MFPA expires2...@ymail.com wrote:
Why do we need to establish they can also sign? Isn't it enough to
demonstrate they control the email address and can decrypt, by signing
one UID at a time and sending that signed copy of the key
On Tue, Nov 05, 2013 at 12:40:11AM -0800, Paul R. Ramer wrote:
I don't know how I can explain it any better than I have. I think you are
confusing assertion with verification. Unless you can differentiate between
the two in this case, I don't think you will see what I am talking about.
(Sorry, failed again to reply to the list, so you probably have this message
twice again.)
On Tue, Nov 05, 2013 at 05:32:38PM -0800, Paul R. Ramer wrote:
On Tuesday 5 November 2013 at 11:03:19 PM, in
mid:52797937.5090...@gmail.com, Paul R. Ramer wrote:
But if you sign it with an exportable
On Thu, Nov 07, 2013 at 11:48:07AM +0100, Peter Lebbing wrote:
On 06/11/13 23:28, Leo Gaspard wrote:
But mostly because signing is an attestion of your belief someone is who
(s)he is. Thus, if you believe someone is who the UID states (s)he is as
much as if you met him/her in person
On Thu, Nov 07, 2013 at 07:21:28PM +0100, Peter Lebbing wrote:
On 2013-11-07 17:09, Leo Gaspard wrote:
If I understood correctly, the depth parameter you are talking about
is useless, except in case there are trust signature. And you agreed with
me for
them to be taken out of the equation
On Thu, Nov 07, 2013 at 01:40:22PM -0500, Daniel Kahn Gillmor wrote:
On 11/07/2013 11:09 AM, Leo Gaspard wrote:
Except they do not have to know X, nor that he makes perfectly reasonable
decisions in signing keys.
And I believe it's not noise. Let's make an example in the real world :
* I
On Thu, Nov 07, 2013 at 08:10:11PM +0100, Leo Gaspard wrote:
I'm sorry, I think I gave too much importance to your earlier statement
(Signing is to be an attestation to the validity of the key.) [...]
Sorry again, just noticed it actually wasn't you statement, but Paul's !
So, double mistake
(Failed again to answer to list. I really ought to replace this shortcut...)
On Fri, Nov 08, 2013 at 12:11:38AM +0100, Johannes Zarl wrote:
Hi,
I'm currently thinking about using a raspberry pi as a non-networked stand-
alone system for signing keys. Since I haven't heard anything to the
On Tue, Nov 19, 2013 at 09:06:18PM +0100, Johan Wevers wrote:
On 19-11-2013 7:07, Robert J. Hansen wrote:
Even then, scrubbing data is usually a sign you've misunderstood the
problem you're trying to solve. If you're concerned about sensitive
data lurking on your hard drive the solution
On Tue, Nov 19, 2013 at 02:50:20PM -0800, Robert J. Hansen wrote:
That depends on your threat model. If you fear juridical problems (say,
for example, some encrypted mails have been intercepted by the police
but they can't decrypt them), destroying the key will prevent you from
having to hand
On Tue, Dec 03, 2013 at 07:26:09PM -0500, Robert J. Hansen wrote:
On 12/3/2013 6:59 PM, Hauke Laging wrote:
It may be possible to prevent someone from seeing the revocation
certificate. Certificate distribution is a lot less secure than the
keys themselves. But you cannot trick someone into
On Fri, Dec 13, 2013 at 12:12:12PM +0100, Mindiell wrote:
Hello,
I'm using GPG regularly and did want to save my private key.
[...]
I found (http://point-at-infinity.org//) too, but it wasn't
really usable beacause it has too many limitations IMHO.
So I did it myself :
On Fri, Jan 03, 2014 at 06:21:05AM -0500, Robert J. Hansen wrote:
On 1/3/2014 4:57 AM, Hauke Laging wrote:
Would you explain how that shall be avoided?
I already did, in quite clear language.
You are trying to solve a social problem (people don't have the
background to think formally
On Fri, Jan 03, 2014 at 12:50:47PM -0500, Daniel Kahn Gillmor wrote:
On 01/03/2014 08:12 AM, Leo Gaspard wrote:
So changing the encryption could break an opsec.
If someone's opsec is based on the question of whether a message was
encrypted or not, then they've probably got their cart before
On Fri, Jan 03, 2014 at 07:31:29PM -0500, Daniel Kahn Gillmor wrote:
On 01/03/2014 06:56 PM, Leo Gaspard wrote:
On Fri, Jan 03, 2014 at 12:50:47PM -0500, Daniel Kahn Gillmor wrote:
On 01/03/2014 08:12 AM, Leo Gaspard wrote:
So changing the encryption could break an opsec.
If someone's
On Sat, Jan 04, 2014 at 10:28:26PM +0100, Johannes Zarl wrote:
On Saturday 04 January 2014 16:09:51 Leo Gaspard wrote:
On Fri, Jan 03, 2014 at 07:31:29PM -0500, Daniel Kahn Gillmor wrote:
In your example, the fact that a message was encrypted makes the
recipient treat it as though
On Thu, Jan 23, 2014 at 05:53:57PM +, nb.linux wrote:
Hi Uwe,
Johannes Zarl:
So in short:
- a delay won't help you
- protect your private key so this won't happen
- always use a strong passphrase
and in addition: if you fear (or know) that your secret key was copied
from your
On Thu, Jan 23, 2014 at 09:59:30PM +0100, Pete Stephenson wrote:
[...]
They would need to be trustworthy
enough to not abuse the revocation certificate by revoking your
certificate, but otherwise would not need to be given absolute trust
that comes with having a copy of the private key.
On Thu, Jan 23, 2014 at 10:26:33PM +0100, Werner Koch wrote:
On Thu, 23 Jan 2014 21:25, ekl...@gmail.com said:
PS: Please, do not tell me one might have forgotten his passphrase. In this
case
there is no harm in shredding the secret key and waiting for the expiration
Experience has
On Thu, Jan 23, 2014 at 01:27:58PM -0800, Robert J. Hansen wrote:
[...]
And yes, a strong passphrase is still the strongest bar against these
backups being misused -- but unless you've got an eye-poppingly strong
passphrase, your best bet is to rely on denying attackers access to the data
On Thu, Jan 23, 2014 at 03:08:40PM -0800, Robert J. Hansen wrote:
Yet, I agree I would not send my encrypted private key. But having your
divorced
spouse bruteforce 90 bit of passphrase just to annoy you... seems quite an
unreasonable threat to me.
It is. That's why that's not the threat
On Thu, Jan 23, 2014 at 04:38:19PM -0800, Robert J. Hansen wrote:
Well... I don't know how you type
With a nine-volt battery, a paperclip, and a USB cable that has only one end
-- the other is bare wires. You wouldn't believe how difficult it is to do
the initial handshake, but once you've
On Fri, Jan 24, 2014 at 07:47:15AM +0100, Werner Koch wrote:
[...]
the usefulness of revocation certificate, just the advice always popping
out to
generate a revocation certificate in any case, without thinking of whether
it
would be useful.
Okay, that is a different thing. I
On Fri, Jan 24, 2014 at 11:08:16PM +, Steve Jones wrote:
[...]
Finally there's the possibility of explicit verification, if someone
sends me a challenge and I publish that challenge's signature on my
blog then that verifies that I am in control of that private key and
can publish to
On Thu, Jan 30, 2014 at 09:09:45PM +, MFPA wrote:
The advantage you have here though is the web of trust.
1 level 1 signature would probably be not enough, but
5, 10, 100..?
If the signatures are made automatically be email software without
verifying identity, where is the web of
On Wed, Apr 02, 2014 at 01:55:21PM -0400, ved...@nym.hush.com wrote:
Is it possible to generate an RSA key in GnuPG, and then use it (not in
GnuPG, but in other systems using RSA keys), to encrypt and decrypt RSA
messages?
If so, what portion of the GnuPG generated RSA key functions as a
On Thu, Apr 03, 2014 at 09:56:18AM -0400, ved...@nym.hush.com wrote:
On Wednesday, April 02, 2014 at 5:41 PM, Leo Gaspard ekl...@gmail.com
wrote:
If you are not to use the key in gnupg, why make gnupg generate it
in the first
place? Why not use the program with which you'll use the key
On Fri, Apr 04, 2014 at 01:32:47PM -0400, ved...@nym.hush.com wrote:
I trust them to encrypt to my public key, and was planning to work out
a system where I could decrypt on my own without it going through
them.
(they could have my public key, and verify my RSA signature).
[All this is in
On Wed, Apr 09, 2014 at 11:37:52PM +0100, One Jsim wrote:
PGP/GPG does not work easily with web-mail.
Most email, today, is read and write using the browser
POP ou IMAP mail is a rarity
That is the problem
Some text/link in this problem?
José Simões
Well... I started to write a
On Wed, May 14, 2014 at 12:21:36PM -0400, Robert J. Hansen wrote:
Since the well known agency from Baltimore uses its influence to have
crypto standards coast close to the limit of the brute-forceable, 128
bit AES will be insecure not too far in the future.
No.
First: I agree with everything skipped in the quotes.
On Wed, May 14, 2014 at 07:31:26PM -0400, Robert J. Hansen wrote:
On 5/14/2014 6:11 PM, Leo Gaspard wrote:
BTW: AFAICT, a nuclear warhead (depending on the warhead, ofc.) does
not release so much energy, it just releases it in a deadly
On Sat, May 17, 2014 at 10:51:40AM +0200, Peter Lebbing wrote:
You can't object to scientific theories on the basis that you did not
study them properly. It might have a bit of a Socratic feel to it, but
it quite falls short of the real thing.
Just for the record: I do not feel like I ever
On Sun, Jun 08, 2014 at 01:13:27PM -0400, t...@piratemail.se wrote:
And personally, I do not trust google. Enough said in that regard. ;-)
Sorry to hijack this topic, but... Why would you trust the OpenPGP.js
developers?
At least, you can hold google as accountable for their actions. You cannot
On Sun, Jul 06, 2014 at 12:21:13PM -0400, Robert J. Hansen wrote:
On 7/6/2014 3:36 AM, The Fuzzy Whirlpool Thunderstorm wrote:
Using GPG encryption is still good, although it's vulnerable to
quantum cryptodecryption.
In point of fact, we don't know this.
Theoretically, science-fiction
On 09/29/2015 06:04 PM, Robert J. Hansen wrote:
> But you never know when a George Dantzig will appear. And that means I
> think your long-term confidence in RSA is misplaced.
Does that mean long-term confidence in elliptic curves would be better
placed?
Does ECC rely on a stronger mathematical
On 08/18/2017 06:33 PM, Peter Lebbing wrote:>> In my own and other
people's keyrings and in key servers.
>
> The impact of you doing this on your own seems vanishingly small. And
> the ratio of disk space used by a public keyring versus everything else
> that is commonly on a computer isn't
On 10/10/2017 06:45 PM, Daniel Kahn Gillmor wrote:> (where is the FAQ
maintained, btw? how is one expected to submit
> patches?)
I based my quotes on https://dev.gnupg.org/source/gnupg-doc.git ,
directory web/faq, running `git grep Linux`.
> I suspect that many minimal Linux-based operating
On 10/10/2017 08:23 PM, Daniel Kahn Gillmor wrote:
> On Tue 2017-10-10 19:46:28 +0200, Leo Gaspard wrote:
>> That said, I wonder whether the sentence with “all GNU/Linux distros
>> feature a suitable GnuPG tool” would make sense at all, given GnuPG is,
>> as pointed out by
On 10/10/2017 05:55 PM, Mario Castelán Castro wrote:
> On 10/10/17 01:46, Robert J. Hansen wrote:
>> With respect to specific distros, we ought use the name the distro
>> prefers. The Fedora Project releases Fedora, not Fedora GNU/Linux. The
>> Debian guys release Debian GNU/Linux, not Debian
On 10/10/2017 03:13 PM, Mike Gerwitz wrote:
> On Mon, Oct 09, 2017 at 22:06:17 -0400, Robert J. Hansen wrote:
>> A request has been made that each instance of "Linux" in the FAQ be
>> replaced with "GNU/Linux".
>
> GnuPG is part of the GNU operating system. Anywhere "Linux" is used to
> describe
On 09/10/2017 06:36 PM, lesto fante wrote:
> I am a bit confused by your "C key" terminology, i assume you are
> referring to what i call "master key", or level 2 key, that now I want
> to call SIGN KEY.
Oh yes sorry, I forgot to explain my terminology.
> Lets all agree on the terminology
(you forgot to Cc: the list, I'm Cc-ing back as it doesn't seem
voluntary to me)
On 09/10/2017 07:50 PM, lesto fante wrote:
>> Besides, there is no
> need to give the same masterkey to your bank and your smart fridge, as
> they will (likely?) not participate in the Web of Trust anyway
>
> not
On 09/10/2017 04:36 PM, Daniel Kahn Gillmor wrote:>> My user case is
simple; maintain my identity even if my master key is
>> compromised. Tho achieve that, I think about a multilevel subkey
>> system.
>
> I'm not sure how the proposed multi-level system is an improvement over
> an offline
On 01/16/2018 10:56 PM, Kristian Fiskerstrand wrote:
> On 01/16/2018 07:40 PM, Daniel Kahn Gillmor wrote:
>
>> The keyserver network (or some future variant of it) can of course play
>> a role in parallel to any or all of these. for example, keyservers are
>> particularly well-situated to offer
On 01/16/2018 09:20 AM, Robert J. Hansen wrote:>> should not be viewed
as "discussing a [...] nightmare scenario",
>
> I am darkly amused at someone who has not done the research into what
> the nightmare scenario *is* telling me that it's not a nightmare scenario.
>
> The nightmare scenario is
On 01/16/2018 05:42 PM, Robert J. Hansen wrote:
>> The mechanism to prove you are the owner of a public key is pretty much
>> in place :-). A mechanism where you can have a signed statement saying
>> "on 2018-01-16, I allow my key to show up on keyservers"
>
> It is theoretically and practically
On 01/15/2018 08:13 AM, Robert J. Hansen wrote:>> Since you can never remove
>> anything from the public key server, You are
>> wondering if you can add something to it -- for
>> example, add another 100 of UIDs with other
>> people's real name and emails so people can not
>> find out which one is
On 05/14/2018 09:45 AM, Werner Koch wrote:> The topic of that paper is
that HTML is used as a back channel to create
> an oracle for modified encrypted mails. It is long known that HTML
> mails and in particular external links like
> are evil if the MUA actually honors them (which many meanwhile
On 05/22/2018 11:48 PM, Dennis Clarke wrote:
> On 05/22/2018 05:38 PM, Dan Kegel wrote:
>> Lessee...
>> https://en.wikipedia.org/wiki/GNU_Privacy_Guard
>> already give an end-of-life date for 2.0, but none for 1.4.
>> And since Ubuntu 16.04 includes 1.4, there are likely
>> to still be a few vocal
On 06/06/2018 06:56 PM, NdK wrote:
> Il 06/06/2018 17:49, Tom Li via Gnuk-users ha scritto:
>
>> BTW, BasicCard and JavaCard seemed even more obscure and I cannot find
>> any public service of cracking.
> Because those are (at least should be) based on secure chips.
>
>> But it does not solve
Alyssa Ross writes:
>> > For example, why isn't ask-cert-level a default?
>>
>> For an alternative view on ask-cert-level see also:
>>
>> https://debian-administration.org/users/dkg/weblog/98
>
> Oh, interesting. Thank you for showing this to me. I had it in my head
> that a "weak" signature
Mirimir via Gnupg-users writes:
>>- Embeds a hardcoded list of already-disrupted keys for which packets
>> should be filtered-out when serving them
>
> That's what I meant. Plus some mechanism for testing keys, so poisoned
> ones are blocked, as soon as possible.
>
> It'd also be useful
> 1. We would have to ensure that all keyservers block the same
> uploads. One permissive keyserver is a backdoor into the entire
> system. We can’t block bad keys at reconciliation time for the same
> reasons that have been hashed to death already.
One way to do that, though it would mean
59 matches
Mail list logo
