Kevin Hilton wrote:
Although I usually get a wide range of responses, is there any
practical advice an end-user should take away from the recent AES256
attacks as described here?
To repeat my usual advice: Unless you know what you're doing and why,
stick with the defaults.
The AES256
On 08/27/2009 06:03 PM, Joseph Oreste Bruni wrote:
Would it be considered a best practice to rotate encryption subkeys on
an annual basis, or would that be considered overkill for most uses?
There almost certainly exist people for whom this is a good idea. That
said, I've never met 'em. It
ved...@hush.com wrote:
to decrypt any old messages is easy, although somewhat tedious ;-)
before you destroy your encryption/decryption key,
decrypt all the messages/files encrypted to that key,
using the option of --show-session-key
then copy the session key as a 'comment' into the
I tried compiling 1.4.10rc1 on Mac OS X 10.6 without success.
I can recreate this bug on 1.4.9 and 1.4.10rc1 on a MacBook Pro running
Snow Leopard. I can also confirm that John's fix of passing
--disable-asm to the configure script works.
Can we get an #ifdef for Darwin to replace the ASM
Charly Avital wrote:
Thank you Robert.
I did builds for only a very brief period of time: once he got 1.4.7
packages built, I stopped. He does a great job with MacGPG, and I've
got no desire to duplicate work that's already being done well.
Thanks, Benjamin, for all your work. The Mac users
However, it doesn't seem to meet their requirements. Here's the reply of
our partner :
The file is first encrypted and then signed. Not encrypted and signed
in the same run.
It's possible that your partner has phrased things poorly. It may be
your partner meant to say, We want the file to
There are some Spanish-speakers on this list who might be able to give
you a Spanish answer. If you don't mind an English answer, I'll try to
answer it.
Can you help me with the next: why I have RSA only to sign¿?
You need to add an RSA encryption subkey. Go ahead and create a
sign-only RSA
Iván Cervantes wrote:
Changing a little my question, why I have only three options in my gpg
installation¿?
A GnuPG key isn't just one piece of data. It's a whole lot of pieces
of data.
All GnuPG keys -- what we should really call certificates -- have a
signing key. That's the most basic,
So waht I'd like to see is some step by step howto on securing older
keys (written by some expert probably ;-) ).
Add these lines to your gpg.conf file:
personal-digest-preferences SHA256 SHA224 SHA384 SHA512 RIPEMD160
personal-cipher-preferences AES128 3DES
... This will tell GnuPG that
- When creating a new key,.. it uses the entropy, right? So is there
some way to improve this entropy? Perhaps not using Linux but instead
OpenBSD which might have a better PRNG (don't know if this is actually
the case ;) ) or use a specific Linux kernel version where a newer and
better PRNG
On Thu, 2009-09-10 at 14:02 +0200, Philippe Cerfon wrote:
Uhm,.. what a pity. What would happen if SHA1 gets fully broken? Would
we have to create a new OpenPGP and new keys?
Probably. However, if SHA-1 gets totally broken we'll have a lot bigger
things to worry about than OpenPGP.
Well,
On Thu, 2009-09-10 at 16:51 +0200, Philippe Cerfon wrote:
Ah,.. right... it was the other way round it didn't work (GPL2 to BSD ;) )
Copyright protects the way an idea is expressed, not the idea itself.
If Linux had a better entropy collector than OpenBSD, the OpenBSD folks
would study the Linux
Daniel Kahn Gillmor wrote:
On 09/10/2009 10:54 AM, Robert J. Hansen wrote:
On Thu, 2009-09-10 at 14:02 +0200, Philippe Cerfon wrote:
I thought the key ID is only used for humans to short check the
keys,.. but not in the system itself?!
Nope, it's pretty pervasive in the system.
Unless i
Philippe Cerfon wrote:
What specifically do you mean? Crypto-stuff in banking etc.?
Specifically? I don't have the time to list everywhere that will
break. SHA-1 is used in a ton of places, and often not places you'd
immediately expect. For instance, computer fuel injection timings are
Philippe Cerfon wrote:
But now that you say it. Would it be better to not just check other
keys via their fingerprint, but to really copy them (e.g. per
USB-stick) from their owners and sign only such direct copies?
No.
Sharing media is a great way to spread malware. Don't do that to your
Faramir wrote:
I remember an example from one of the Bruce Schneier book, where 2
people (Alice and Bob, of course) wanted to get a random bit. They
thought about each one flipping a coin, and then mixing the results.
[puts on his voting security hat]
This is part of some voting protocols.
Faramir wrote:
I remember an example from one of the Bruce Schneier book, where 2
people (Alice and Bob, of course) wanted to get a random bit. They
thought about each one flipping a coin, and then mixing the results.
[puts on his voting security hat]
This is part of some voting protocols.
M.B.Jr. wrote:
I've recently had access to this document, written by the United
States Patent and Trademark Office (USPTO) which basically tries to
ban software patents.
The memorandum in question is eight pages, twenty slides and two flowcharts.
As a ballpark estimate that would mean it
David Shaw wrote:
Whether this means IDEA is okay or not patent-wise, I have a slightly
different take on this: who cares about IDEA at this point? IDEA was
good back in the 90s and PGP 2.x. It's 2009 now, and we have better
ciphers than IDEA, a massive installed software base that doesn't
David Shaw wrote:
If the some people still want this, I haven't seen it in a good long
while. Possibly they gave up asking.
Gave up the asking, more likely. I still get one or two emails a year
inquiring about if/when GnuPG will support this. (No, I don't know why
they email me, and I wish
ved...@hush.com wrote:
if only there were a gnupg mini-version with a shorter source-code,
(or at least one that's readable by someone looking at it from
scratch, not just reading the updates and patches as they go along)
then i'd gladly switch
This is doable. I did this in '99 for GnuPG
FOAD FOAD wrote:
I want to know which version of gpg is install on my openbsd, could you
tell me how to do ?
gpg --version
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
M.B.Jr. wrote:
All in all, it looks like IDEA, even if totally freed, is sentenced to
gradual abandonment. Is this perception of mine correct?
It is more accurate to say it has already been abandoned. Very few
people today use IDEA as a symmetric cipher for OpenPGP messages.
Hauke Laging wrote:
Maybe. But I would not call it science that you imply that harvesting
from key servers will result in about the same amount of spam as pure
address guessing by the spammers would.
Estimating how many email addresses are released to spammers via the
keyservers is a black
Jim Dever wrote:
Are there any caveats I should be aware of if I generate an RSA
signing key with an Elgamal encryption subkey?
No.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
sari Al-alem wrote:
1- does GPG have to be installed on all users who will recieve my
mail?
No: only those users who want to be able to verify your signatures, or
who want you to be able to send them encrypted email.
2- does it have to be installed on the mail server?
No.
gerry_lowry (alliston ontario canada (705) 250-0112) wrote:
David . you are sending this over and over and over . I
have this message 21 times.
What's going on?
Please stop. One copy is enough ... if someone has time to answer
your question, they will.
It is likely not his
Kevin Kammer wrote:
If I attempt to create a data signature using a 2048-bit DSA signing
key, and the SHA224 hash algorithm, GnuPG complains as follows:
~ $ gpg -u A39CE7E5 --digest-algo H11 -b test.txt
Your key is not on the keyserver network, so that will impair our
ability to help you out
David Shaw wrote:
However, if you managed to generate a 2048-bit key with a 224-bit q
(as earlier versions of GPG did), all versions of GPG would
(correctly) allow the use of SHA-224 with this key.
When did this changeover take place, and is there any way to get the old
behavior back?
Kevin Kammer wrote:
Unless there is some inescapable constraint on the size of one's
signature, I am hard pressed to think of a reason for using SHA224 when
SHA256 is available.
Conformance with corporate IT policies. Many corporate IT policies are
drafted by people who don't really
Viet H. Phan wrote:
Might there be any bugs in GnuPG 2.0.12? As the key was generated by
GnuPG 2.0.12, but then couldn't be imported to GnuPG 2.0.12 ...
There certainly are bugs in GnuPG. If there weren't, they wouldn't need
to release a 2.0.13 or beyond. It seems unlikely that your problem
Also --
Keep in mind that I am not criticizing that weblog entry. I am only
saying, don't believe the hype. Much of what it says is accurate: it
is a good idea to migrate towards better digest algorithms. Just don't
believe anyone who tells you that DSA-1024 is insecure: it isn't.
That said,
T. Howell-Cintron wrote:
I'm in a position now where I'm using multiple e-mail addresses, for
different purposes, but want to share the same key for the sake of
simplicity in my applications (Enigmail for example). I know it's
possible to use one key for multiple e-mail addresses/identities
Михаил Голубцов (maill.ru) wrote:
Could you help me, please? I wonder if you show me a way how to solve
this problem.
This problem will go away if you sign the recipient's public key.
Alternatively, you can add trust-model always to your gpg.conf file.
The former is generally preferred, but
Melikamp The Medley wrote:
I mean, is there a reliable way to tell that something is _not_ an
encrypted file?
If you mean, a reliable way to tell that something is not an
OpenPGP-encrypted file, then yes: check the OpenPGP header at the
beginning of the message.
If you mean, a reliable way to
Mario Castelán Castro wrote:
I need GNU PG 2 because i want to get out of the 1024 bits limit and
SHA forced for DSA, i want my next key (2010-2012) to be more secure
and accept some SHA2.
GnuPG 1.4.7 or later (? on the precise version #) supports longer DSAs
and better hash algorithms. You
Melikamp T. Medley wrote:
OK so I looked it up and I think what I want is called deniable
encryption.
What you've described here isn't deniable encryption, not as I know it
to be. This shouldn't be too surprising, given there are tons of things
I don't know about. :)
(3) Can add salt (like
Mario Castelán Castro wrote:
Thanks by the --enable-dsa2 tip.
Someone can tellme wath line should i put on my gpg.cong?.
enable-dsa2
BTW I also want to remove sha1 from my key preferences.
Can't be done. The OpenPGP standard requires that it be present. Even
if you explicitly remove it,
John W. Moore III wrote:
Yes, there are! They are the Questions that _were_never_ asked!
Japanese: 聞くのは一時の恥、聞かぬのは一生の恥
English: If you ask, you'll feel stupid for a minute.
If you don't, you'll be stupid forever.
(The translation is pretty far from literal.)
ved...@hush.com wrote:
Unlike cryptography, where the standard is that the encryption is
secure, even when the algorithm is known and well studied, no such
progress has been achieved (afaik) in steganography.
Pierre Moulin's got a whole sheaf of really good steganography papers,
and yet most
Brian O'Kennedy wrote:
This is a complete n00b question, but I still need to get an opinion on
this.
We were all new once. :) Welcome to the list!
All of these make sense to me, but aren't compatible with my ability to
lose physical things. So, what would the risks be of me using
Brian O'Kennedy wrote:
So this implies that I could safely upload my ascii-armored private
key to an email server without fear (assuming of course that my
passphrase is secure and large).
Correct. You just have to make *absolutely certain* your passphrase is
unguessable. If someone is able
Matt wrote:
If I had a sufficiently good passphrase, would Google returning my
secret key as the first hit result for every search for a day still be
secure?
Secure is not a very good word to use. It means so many different
things to so many different people. Secure really means in
David Shaw wrote:
Difficult question to answer, since everyone is going to wave around
their opinion. :)
There are some empirical facts which may be useful, though -- like
observing the RC5-64 project was able to break a 64-bit key via a
massive distributed project that took 18 months of
On 12/8/09 7:03 PM, emma wrote:
Looking through the forums I think this means I need to copy over my
secret key, but I can't seem to find where this is located on a mac, nor
how to search for it.
It will be in a folder called .gnupg. By default, this folder will
not appear in Finder. Once
On 12/15/2009 06:05 PM, Robert J. Hansen wrote:
2048 bits, only 512 bytes.
256 bytes. Sorry.
[goes off to drink coffee directly from the pot: clearly, caffeine is
needed]
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org
Regardless of your personal beliefs or lack thereof, I think we can
broadly agree that this is a good time of the year to reflect on the
year, what's happened in it, what good fortune we've had and our hopes
for the future.
As with many previous years, I feel that it's been our good fortune to
Morten Gulbrandsen wrote:
Allen Schultz wrote:
Is there a way to force an expiration date when encrypting a message
for additional security.
[...]
sure
http://vanish.cs.washington.edu/
There are, as near as I can tell, only three options: either (a) you
trust the sender's clock, (b)
On 1/7/10 12:08 PM, Mario Castelán Castro wrote:
very few really care about their privacity.
The fact that free credit reporting services are making a ton of
money, as are services like LifeLock and whatnot, plus the huge media
impact of identity theft, etc., all points to people knowing their
On 01/10/2010 10:57 PM, Faramir wrote:
* How hashes are misused and shouldn't be used
Ehh... I've never thought about it. How they should not be used?
I've seen computerized votes authenticated by MD5 hash... sent over
email... in the same message as the official vote record. As in, the
On 1/19/10 11:46 PM, Matthew Krotzer wrote:
What is the best way to let people know you use gpg in an email
signature?
Some email clients (Thunderbird+Enigmail, for instance) let you put a
kind of note to other users hidden in the email headers. These things,
called kludges, are one of the
On 01/23/2010 03:57 PM, Ingo Klöcker wrote:
Yes, there is. The (obvious) explanation is: You didn't post anything to
this list before March 5, 2006. ;-)
This seems ... strange. It does not jibe with my memory at all, not one
bit. Then again, it wouldn't be impossible for my memory to be in
On 01/28/2010 10:44 PM, Richard Geddes wrote:
Generating a revocation certificate as soon as you generate your key
pair is a wise thing to do, in case you lose control of your passphrase
... I did that.
Good! :)
My question is, if I edit my key pair... let's say I add a new uid to my
key
On 2/24/10 11:18 AM, Jerry wrote:
Outlook Express is depreciated.
Outlook Express is deprecated, and many people here throw deprecations
against it -- but Outlook Express is still one of the most common MUAs
in existence, and for that reason alone the PGP/MIME interoperability
problem should be
On 2/25/10 9:24 AM, MFPA wrote:
Some people hate the idea and get *very* upset if their key does end
up on the servers.
What you're advocating here is DRM on the honor system. Don't copy
the key, don't distribute the key, don't upload the key, don't do
anything with the key, without the
On 2/25/10 8:29 PM, Yawar Amin wrote:
I interpret that word, public, differently. To me just because a key
_can_ be made public doesn't mean it automatically _should_.
What in life is automatic, besides death and taxes?
We are not talking about automatic here. We are talking instead about
On 2/26/10 9:49 AM, MFPA wrote:
I thought signing somebody's key was just stating to the world that
you believe the claimed identity of the person who controls that key
at the time you are signing it - not an indication that you are in any
way associated.
I'm scratching my head here trying to
On 2/26/10 10:53 AM, MFPA wrote:
There are privacy issues, especially if user-ids on the key contain
email addresses.
This isn't persuasive. It's been hammered out tons of times, and no one
has ever presented a strong argument for keeping email addresses secret.
Usually the same arguments
On 2/26/10 12:38 PM, MFPA wrote:
I am *not* advocating the implementation of any form of
Digital Restrictions Malware (DRM).
You can say you're not advocating DRM -- but if it looks like a duck,
swims like a duck, flies like a duck and quacks like a duck, then it's a
duck.
Digital: yes, the
On 2/26/10 3:14 PM, MFPA wrote:
But if it bears only a slight resemblance to a duck, it is probably
*not* a duck.
You are asserting that (a) the person who created the public key owns
the information, (b) the person owns the information has the right to
control how it is disseminated, and (c)
On 2/26/10 11:55 PM, MFPA wrote:
Maybe not but there is a perceived need, as evidenced by services
like spamgourmet and all the disposable email address outfits
There is a perceived need for $150 bowls of soup, as evidenced by dozens
of high-priced gourmet restaurants in major cities. The
On 2/27/10 9:58 AM, David Shaw wrote:
Do you really mean to suggest that a US authority getting email
headers - even without a warrant - is easier than typing a name into
a search box on a keyserver?
No. You're right, that's clearly easier. However, that only tells you
whether someone has
On Feb 27, 2010, at 2:21 PM, MFPA wrote:
I have always been taught to challenge the status quo. Because that's
the way we do it is *never* a good reason to continue doing something
in a particular way.
The status quo has something going for it: it works. 95% of all new ideas are
awful and
On Feb 27, 2010, at 3:02 PM, David Shaw wrote:
Much as the email headers do in your example. If the mail is not encrypted,
the headers just show that it might be. In practice, headers won't show much
as the majority of modern mail programs have the capability for encryption of
one sort
And whist you have stated that you check first, you have advocated
that it's OK not to. Somebody following your advice could land this
hypothetical Cuban in a whole lot of trouble.
The hypothetical Cuban had a lot bigger problems the instant he shared his
public key with people he shouldn't
On Feb 27, 2010, at 4:10 PM, Robert J. Hansen wrote:
Keep it on the list, please, and not in private mail.
Oh, ack. I completely misread the To- line, and didn't see the cc: to
gnupg-users. My error, and my apologies to MFPA. :)
___
Gnupg-users
Kind of let's agree to disagree?
More like, since you are reacting emotionally and refuse to even entertain the
possibility of being persuaded, there is no point in continuing this
conversation.
I wish you a pleasant day.
___
Gnupg-users mailing
The perfect is the enemy of the good.
It's a pretty common engineering maxim. It's not a statement about morality --
or, at least, it wasn't my intent for it to be taken as such.
For an excellent engineering example of the difference between perfect and
good, compare Project Xanadu to the
You can certainly tell a lot about someone by the signatures on their key.
Either directly from the signature or because those signatures point to other
keys that have their own signatures, etc. With your permission, may I see
what I can find from the signatures on your key D6B98E10?
Go
Understood, and I agree it makes no such statement. However, it does make a
reasonably good statement that you were physically located near that person
at a certain point in time, roughly what that time was, and roughly where
(geographically) it happened.
This is assuming the signature is
religious upbringing
* My religious affiliation
* That I use GnuPG rather than PGP [1]
* That I'm a fan of Bungie Software's Halo games
... This may sound impressive, but most of it could have been more easily
developed via Google.
Googling for Robert J. Hansen (with quotes) gives you my homepage
Both the religion (not sure why this was counted as two 'misses')
You phrased it in your email to me as two sentences, and I was cutting back and
forth between reading your email and composing the email to the list. Bullet
point: raised Methodist, no, Episcopal, cut over to the compose
What are the ramifications of just saying yes to the prompt - update
preferences? How potentially serious is the algorithm mismatch? I'd like to
better understand exactly what is happening.
Ever since the very early days, PGP has supported a cryptographic algorithm
called IDEA. Back in
My problem (which relates to this) I have an ODB (OpenOffice.Org) database
file which I would like encrypted. The process would be to get the
pass-phrase from the user, decrypt the file, run soffice -base, and then
re-encrypt the results with the same password.
This sounds like a use case
On 3/3/2010 1:25 PM, Daniel Kahn Gillmor wrote:
There are issues of tradecraft, then. Using OpenPGP as a tool for
committing crimes is kind of stupid.
Can we not go down this line of argument, please?
I agree that OpenPGP implementations can be useful tools for the
advancement of human
On 3/3/2010 1:44 PM, MFPA wrote:
I feel there is a strong assumption among OpenPGP users that our
community is, *ahem*, open.
Is it not also a reasonable assumption, that those who use and promote
privacy-enhancing software will value and respect privacy?
It is not reasonable that their
Sean: get a real operating system as GNU/Linux
Telling someone to change their entire operating system just to resolve a bit
of undesired behavior seems pretty extreme.
Linux, FreeBSD, etc., all have plenty to recommend themselves without us
needing to characterize Windows, Solaris, etc., as
On 3/5/10 9:51 AM, Nicolas Boullis wrote:
I will now have a look at how things are organised in GnuPG code.
Would you suggest that I look at the GnuPG 1 or GnuPG 2 code?
If memory serves, the codebases are identical with respect to this.
Shouldn't matter which one you use.
And if I succeed to
http://jessekornblum.livejournal.com/259124.html
For quite some time we've known that hibernation files present risks for
information security. However, there are always those who say until I
see an actual demonstration, I won't believe it.
The upshot: we now have an actual demonstration. The
On 3/5/10 5:04 PM, Grant Olson wrote:
That article was a little vague. And I don't know much about memory
forensics in practice. Do you know that it actually was a hibernation
file and not swap space?
Note Jesse's phrasing: volatile memory forensics. Swap space is
nonvolatile storage.
Thanks a million for all this. The company Volatile Systems was
really messing with my google-fu.
Err -- why?
Volatile Systems is behind the Volatility framework, which is probably the best
FOSS tool going right now for Windows memory analysis. (Admittedly, it only
works on Windows XP...
Alrighty. But doesn't this compromise the layer of security offered by
the passphrase? What's the point having a passphrase at all, if it's so
easy to compromise a private key?
You might as well ask, what's the point of OpenPGP at all, if it's so easy to
Van Eyck your monitor? Or, if it's so
Is there a way to be able to have off-the-record email conversations
with GPG technology? It would definitely be a terrific thing.
Not really. OTR uses DHKEA for symmetric key negotiation. This is an
interactive protocol: you send some information, the other person sends some
information
I don't think OTR technology can claim to solve the gun-to-the-head
scenario. Although it claims to give users the benefit of
perfect-forward-secrecy and repudiation, I think such things matter
little in a court of law. People get convicted either wrongly or
rightly, based on spoofed emails
you live. If you belong to a minority people susceptible to persecution
by a state agency, then yea sure there are many records of wrongful
detention and arbitrary human rights abuses based on false pretenses.
Sure. But the problem here isn't spoofed emails. The problem here is living
in an
I guess what I'm trying to say here is that because regular people don't
understand what spoofing actually is, that by itself is a security hole.
Semantics. A security hole is a way by which the security policy may be
violated. Most people don't bother to think about policy in the first
You have an existing credential - a passport.
You then use that credential to verify another - a PGP key.
The passport isn't used to verify the OpenPGP key. The passport is used to
verify *identity*. The key fingerprint is used to verify the OpenPGP key.
A signature is a statement of I
Just a question, and I don't have any intention about doing it, but,
is there a way to disable the usage of 3DES in GnuPG, when encrypting?
Kind of, but it's not recommended.
--cipher-algo AES will do it, but please don't. This kind of brute force
approach is almost always the wrong thing
There is no way other than that. 3DES is a required part of OpenPGP, so if
you remove it, you're not going to play well with the other programs out
there.
--cipher-algo [something other than 3DES] won't do it? Faramir was asking only
about disabling it when encrypting: I was under the
I'm a little confused as to how does that make it any different from using
the Pidgin OTR method.
It's a question of degree, not kind.
I simply open up an OTR session, ask my friend a question the answer to which
is secret (only known to him)
How do you know the secret is known only to
The reason I think that it's still difficult is because even immigration
officials get duped all the time.
Cites, please. Show me studies showing how often immigration officials get
duped, and how often they correctly flag false passports.
When verifying an identity document, the null
On Mar 13, 2010, at 7:08 AM, erythrocyte wrote:
However, the combined probability that at least one of the encounters would
result in accepting a fake ID would be 1/4 + 1/4 + 1/4 + 1/4 = 1 .
99.6%; a little different. The binomial theorem gives us the correct numbers.
0 failures: 31.6%
1
But all that aside, I'm pretty sure news reports, etc. of human traffickers,
smugglers, spies, etc. all confirm the fact that national IDs such as
passports can be forged and do in fact slip by immigration authorities pretty
commonly.
Only because the news doesn't report on people who get
On 3/13/10 8:06 PM, erythrocyte wrote:
Umm.. if I understand the nature of the probability tests or
calculations just mentioned above
You don't.
If person A and person B disagree on whether something is fake, the
operating assumption is that it's fake. The burden is on the person
claiming
On 3/14/10 1:52 AM, erythrocyte wrote:
From my understanding, the probabilities calculated give you
random error. That is given a population of 4 people, there is a
68.4% chance that there would =1 failures purely by random effects
regardless of what actions they may or may not take to
A while ago we had a discussion here about the use of statistics ---
particularly, Type II error rates. It turns out that /Science News/ has
a pretty good article on statistics and its limitations
http://www.sciencenews.org/view/feature/id/57091/title/Odds_Are,_Its_Wrong.
It's accessible to the
On 3/19/2010 4:26 PM, egg...@gmail.com wrote:
Yes, well, changing the AES key on a database (Which may be several
hundred gigabytes) is time consuming.
Only if you design your database poorly. This is a solved problem in
both database design and filesystem design.
smime.p7s
Description:
On 3/19/2010 5:36 PM, FederalHill wrote:
Are there refernces where such procedures are detailed that I might look at?
http://scholar.google.com
Check for encrypted database rekeying.
smime.p7s
Description: S/MIME Cryptographic Signature
___
On 3/19/2010 7:39 PM, Jerry wrote:
It must be that time of year again; birds sing, flowers bloom and
broken 'vacation' message auto responders flourish. In any case, I am
calling the number he published. Maybe they can fix the 'vacation
message' apparatus.
More often than not, these sorts of
On 3/20/2010 7:17 AM, Brad Rogers wrote:
It'd serve him right. Unless his employer pays him to read the
list.
There are a fair number of jobs that would. Let's not make
presumptions, and let's let the list moderators handle this.
smime.p7s
Description: S/MIME Cryptographic Signature
1 - 100 of 2573 matches
Mail list logo