;Hi,
>
>I'd like to thank the Debian community for the trust you've placed in me
>by re-electing me as DPL. The greatest moments in my last term were
>receiving so many signals of support from friends in the project once
>things became difficult - that encouragement was a hu
: LGPL 2.0 or later
Programming Lang: Rust
Description : Authenticate OpenPGP certificates using the "Web of Trust"
The "Web of Trust" describes a network of identity assertions
("OpenPGP certifications") and signing delegations ("OpenPGP trust
On Wed, Aug 18, 2021 at 10:36 AM Steffen Möller wrote:
> When CI fails, I get an email and can chase things up with a look at the
> output files. This is something I like a lot. As a user, though,
> especially for scientific packages I would want to see the files that
> have been created.
These a
Hello,
When CI fails, I get an email and can chase things up with a look at the
output files. This is something I like a lot. As a user, though,
especially for scientific packages I would want to see the files that
have been created. This way I could confirm that, e.g., the generated
PDFs have us
Package: wnpp
Severity: wishlist
Owner: Jonas Smedegaard
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
* Package name: node-trust-json-document
Version : 0.1.4
Upstream Author : Anvil Research, Inc.
* URL : https://github.com/anvilresearch/json-document
* License
Package: wnpp
Severity: wishlist
Owner: Jonas Smedegaard
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
* Package name: node-trust-jwa
Version : 0.4.6
Upstream Author : MIT Connection Science
* URL : https://github.com/anvilresearch/jwa
* License : Expat
Package: wnpp
Severity: wishlist
Owner: Jonas Smedegaard
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
* Package name: node-trust-webcrypto
Version : 0.9.2
Upstream Author : 2016, Anvil Research, Inc.
* URL : https://github.com/anvilresearch/webcrypto
* License
Package: wnpp
Severity: wishlist
Owner: Jonas Smedegaard
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
* Package name: node-trust-keyto
Version : 0.3.4
Upstream Author : Greg Linklater
* URL : https://eternaldeiwos.github.io/keyto
* License : Expat
, and resulted in making a small tool which can discover
and check trust paths within the PGP web of trust. It uses the "PGP
pathfinder" service to discover signature chains. It also warns about
collisions.
The thing is still somewhat experimental (probably not suited for
general us
On Fri, Jul 08, 2016 at 02:54:20PM +0200, Enrico Zini wrote:
> What if you received a message signed with key 9F6C6333?
>
> That is, what do you do (please list the practical steps) to validate a
> signature that is a few steps away from your key in the WoT?
trust in the real worl
Hi Enrico,
On Fri, 08 Jul 2016 at 11:21:27 +0200, Enrico Zini wrote:
> gpg --verify tells me of a short key ID:
In fact the issuer subpacket is 8-bytes long [0], hence contains the
long key ID of the signer, as seen using ‘--list-packets’:
~$ gpg --list-packets "
imported
gpg: no ultima
* Simon Richter , 2016-07-08, 14:33:
given that it is now possible to generate arbitrary short key ID
collisions[1], and that it's now computationally feasible to at least
generate a pair of keys with colliding long key IDs, I'd like to
rethink practices and tools.
With the web of
ike to rethink
> > practices and tools.
>
> With the web of trust, in principle there shouldn't be a problem.
>
> I have a valid trust path to Piotr's correct key. I don' have any to the
> fake key, because no one I trust has signed a key from the evil32 set.
W
tices and tools.
With the web of trust, in principle there shouldn't be a problem.
I have a valid trust path to Piotr's correct key. I don' have any to the
fake key, because no one I trust has signed a key from the evil32 set.
What could be improved would be detection of new signatur
* Enrico Zini , 2016-07-08, 11:21:
$ mkdir /tmp/keyring
$ chmod 0700 /tmp/keyring
This way of creating a directory inaccessible to other is racy. Between
mkdir and chmod calls, the directory could be opened by an attacker (and
then kept open forever). A non-racy way looks like this:
$ mkd
cument it, then automate
it", I'd like to begin with a simple use case:
So I received a gpg-signed email, can I trust it?
I'll write here my take on it and request your comments on it, to see if
there are any gaps.
Take for example this file, and an empty keyring:
$ mkdir /t
package: wnpp
severity: wishlist
owner: hartm...@debian.org
URL: git://git.project-moonshot.org/trust_router.git
http://www.project-moonshot.org/
license: bsd-3-clause
Description: The trust router establishes a DH key between two RADIUS
servers to protect a RADIUS over TLS session. GSS-API
gt; those principles are.)
Just highlight them as you come across it (don't have to do that
upstream, debian-devel is enough). If I agree and it is an issue I'll at
least talk to systemd maintainers. I do trust them, in my opinion they
cannot be aware of everything. Further, they might no
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 02/11/2014 10:15 AM, Olav Vitters wrote:
> On Tue, Feb 11, 2014 at 09:05:48AM -0500, The Wanderer wrote:
>> I do not trust the systemd project to not do things I consider bad
>> or even insane, because they've already done s
+
Programming Lang: Perl
Description : trust META.yml list of dependencies
CPAN doesn't trust "META.yml"'s list of dependencies for a module.
Instead it expects "Makefile.PL" run on the computer the package is
being installed upon to generate its own list of depende
ysphere.info
* License : GPLv3
Programming Lang: Bash, C
Description : use the OpenPGP web of trust to verify ssh connections
SSH key-based authentication is tried-and-true, but it lacks a true
Public Key Infrastructure for key certification, revocation and
expiration. Monke
I have a new email address!You can now email me at: [EMAIL PROTECTED]
I am Ahmed DIALLO, a staf of Bank Of Africa I want to transfer US$14 Million to
your account.
- Ahmed Diallo
Web of Trust analyzer and pathfinder
Wotsap is a tool that analyzes a OpenPGP Web of Trust description and
reports to the user stastistics about the single keys and the whole
network, or searches for paths from one key to another.
OpenPGP is the most widely used email encryption standard, used by
encr
Description : Secure, trust-based peer-to-peer framework
This is part of the gnunet package split into gnunet-daemon, gnunet-client,
gnunet-tools, gnunet-common, and gnunet-dev.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Ar
Description : Secure, trust-based peer-to-peer framework
This is part of the gnunet package split into gnunet-daemon, gnunet-client,
gnunet-tools, gnunet-common, and gnunet-dev.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Ar
Description : Secure, trust-based peer-to-peer framework
This is part of the gnunet package split into gnunet-daemon, gnunet-client,
gnunet-tools, gnunet-common, and gnunet-dev.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Ar
Description : Secure, trust-based peer-to-peer framework
This is part of the gnunet package split into gnunet-daemon, gnunet-client,
gnunet-tools, gnunet-common, and gnunet-dev.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Ar
We have been helping thousands of men with male enhancement
http://qudk.roukvs92oj9hda9.carucatedlf.info
Everybody winds up kissing the wrong person good night.
Practice, the master of all things.
University politics are vicious precisely because the stakes are so small.
--
To
I am Mr. Kolapo Omidire,company secretary/Manager, internal and
external services of COMMERCIAL BANK OF AFRICA.I was the accounts officer of
late Mr. Alan a national of your country, who used to work with The
Nigerian Mining Corporation(NMC) here in Nigeria who was banking with
our bank.
On
29 matches
Mail list logo
