Am 25.07.2013 07:49, schrieb Christopher J. Walters: > On 7/24/2013 6:06 PM, Robert J. Hansen wrote: >> (My original reply went just to Philipp. My apologies.) > > No apology necessary. > > I also must apologize, as my original reply got sent to Robert J. > Hansen, when it was intended for the list. > >> On 7/24/2013 1:53 AM, Philipp Klaus Krause wrote: >> >> Unfortunately, this is not casting very much light on things. The use >> of phrases like CONFIDENTIAL, SECRET and TOP SECRET have very specific >> meanings in NATO countries, and you're using them here in ways that are >> at odds with their NATO meanings. > > This is true, and NATO countries have very specific and well defined > ways of dealing with data with those titles, depending on the country. > >> Let me try this rephrasing: > > [snip] > >> Further, each piece of traffic can receive any of three classifications: >> C, S or TS. You can send C traffic to Bender: the necessary keys to >> decrypt it are held there. However, although you can technically send >> TS traffic to Fry, Fry can't decrypt it: the keys aren't there. >> >> If I have this right, then you've walked straight into the Bell-LaPadula >> security model. You'll be well-served by reading up on it: a good >> academic reference will answer many of your questions. > > I'll have to look that up and read up on it, when I have the time. > >> The short answer is, "OpenPGP by itself will not be sufficient for your >> purposes. It might be able to provide a couple of tools, but what you >> want to achieve is far beyond the scope of OpenPGP." > > That was my conclusion, as well. That is why I suggested the bootable > GNU/Linux or *BSD Live CD (with some vital tools on it, of course) and > a USB thumb drive - with an encrypted filesystem for storing the keys > (I'm not familiar with the smart card's capabilities, and as every smart > card reader I have is non-functional, I cannot test it out). > > My suggestion went beyond OpenPGP and GnuPG to try to solve the problem > Philipp described.
Sorry, but I want to be able to read encrypted mail sent to my university email address on my university computer. Without any extra effort of booting from a live-cd or such. Philipp _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
