On 2023-05-31 16:55, Bernhard Reiter wrote:
> Governikus provides the online service for authenticating your OpenPGP key on
> behalf of the German Federal Office for Information Security (BSI). This
> online service compares the name read from your ID card, your electronic
> residence permit
On 2023-04-30 21:01, Ineiev via Gnupg-users wrote:
>> All I want is an option to ignore adk's - and it should not claim
>> anything else than that.
>
> Can't you remove ADK subkeys from your keyring?
On someone else's key?
--
ir. J.C.A. Wevers
PGP/GPG public keys at
On 2023-04-30 16:54, Andrew Gallagher via Gnupg-users wrote:
>> That might be, but it is nowhere certain that this escrow will happen,
>> especially if they roll out adk's.
>
> You’re inverting the burden of proof here. The important consideration is
> that E2E can’t prove that a key *wasn’t*
On 2023-04-30 14:58, Andrew Gallagher via Gnupg-users wrote:
> E2E encryption can’t protect you from your correspondent disclosing your
> communication at the other end.
That is obvious.
> Whether this is done voluntarily or under duress from their employer is an
> opsec issue, not a comsec
On 2023-04-30 14:10, Werner Koch via Gnupg-users wrote:
> It does not make any sense so have such an option. If a user wants to
> allow colleagues or an archive system to decrypt her mails that is her
> decision.
What I've had in practice in one company: you got a company key with a
personal
On 2023-04-30 13:22, Andrew Gallagher via Gnupg-users wrote:
> Just curious, what’s the threat scenario here?
The HR department of the receiver.
--
ir. J.C.A. Wevers
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html
___
Gnupg-users
On 2023-04-30 1:15, ckeader via Gnupg-users wrote:
> Can't call it that as long as it's under user control (every long option of
> the software has an equivalent config file option. You don't add such a key
> via config or command line, no adsk will happen as it's not configured).
On my key,
I get a 404 not found, the last version preesent on the server is 2.4.0.
--
ir. J.C.A. Wevers
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
On 2023-04-28 15:47, Werner Koch via Gnupg-users wrote:
> * gpg: New command --quick-add-adsk and other ADSK features.
> [T6395, https://gnupg.org/blog/20230321-adsk.html]
So you finally caved in to the backdoor demands.
What I'm missing (maybe I just didn't found it?) is an option in my
On 2022-05-28 20:29, Werner Koch via Gnupg-users wrote:
> Note the Brainpool curves. Seems that Redhat still patches them out of
> libgcrypt.
Why do they do that? BTW, when I search for brainpool I only find
definitions and RFC's, I seem unable to find why they are needed (or why
they would be
On 2022-05-25 22:22, Francesco Ariis wrote:
> Paper was first made in the Chinese Empire, around two millennia ago
I see that that was indeed considered what we call paper today, unlike
the ancient Egyptian papyrus.
> Sheets made with high quality pulp survived to this day.
Some sheets
On 2022-05-23 5:01, Stuart Longland via Gnupg-users wrote:
> On the other hand, there are paper recordings that have lasted millennia.
Since paper as we know it today doesn't even exist so long that can't be
true. Maybe you are pointing to the few surviving papyrus texts? Most
have not survived.
On 31-01-2022 18:11, Andrew Gallagher via Gnupg-users wrote:
> This is incorrect. All three of the commonly-used HKP servers can remove
> keys; this has been done for years to remove poison (i.e. oversized)
> keys that cause DoS. However doing so comes with costs.
Yes, that was the issue that I
On 29-01-2022 18:58, Robert J. Hansen via Gnupg-users wrote:
> But if you're an American without EU ties, the GDPR is yet another piece
> of foreign legislation we don't need to pay attention to. And when
> Europeans baldly say "the GDPR applies worldwide, you must follow it,"
> what we hear is
On 29-01-2022 4:43, jonkomer via Gnupg-users wrote:
>> When the keyserer operator operates outside
>> of the EU I don't think that is a legal problem.
> If an individual that requests his personal information is
> removed (i.e., the "right to be forgotten") is EU resident,
> GDPR applies
On 28-01-2022 21:02, jonkomer via Gnupg-users wrote:
> How do individual key-server owner/operators react to
> formal GDPR "forget me" requests; either by e-mail users, or
> by mail domain owners? Any known legal precedents?
There are known technical issues: the HKP keyserver does not allow keys
On 23-01-2022 21:23, Robert J. Hansen via Gnupg-users wrote:
> No, the whole CSPRNG is (probably) compromised. PGP 2.6.3 used keyboard
> interrupts harvested directly from the hardware to get a collection of
> random bits which it then fed into the CSPRNG to be expanded out into a
> large
On 18-01-2022 17:23, Robert J. Hansen via Gnupg-users wrote:
>> 1.4 should be able to decrypt all 2.6 generated data.
>
> Not from the Disastry builds, which extended 2.6 to support newer
> algorithms.
Lucky for me I never use that version, as I never respected the
copyright of the RSA and IDEA
On 18-01-2022 15:54, Robert J. Hansen via Gnupg-users wrote:
>> Well, a bit more respect for backwards compatibility would help a lot
>> by that. Now I'm forced to keep an 1.4 and pgp 2.6 version installed
>> just to be able to read all my old data. Some people just refuse to
>> update to
On 17-01-2022 0:09, Robert J. Hansen via Gnupg-users wrote:
> I was asked for help with something in the 1.2 series (!!). Without
> exception, our first response is usually "for the love of God, upgrade!"
>
> They rarely do. It's worked fine for them for a decade or more, and
> they're not
On 16-09-2021 12:27, Werner Koch wrote:
> https://gnupg.org/ftp/gcrypt/binary/gnupg-w32-2.2.31_202109.exe.sig
The signature file can't be found.
--
ir. J.C.A. Wevers
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html
___
Gnupg-users
21 matches
Mail list logo