On Mon, 21 Aug 2006 12:50:05 +0200, "Henk M. de Bruijn"
<[EMAIL PROTECTED]> wrote:
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA512
>
>On Sun, 20 Aug 2006 09:40:45 +0200GMT (20-8-2006, 9:40 +0200, where I
>live), Bo Berglund wrote:
>
>...
>
>> I wonder about the gpg.conf file:
>> Is it used at al
Why are the keys in pubring.gpg in the order in witch they were imported?
Is this not considered a security risk? Would it not be safer and more
convenient to have the keys sorted by user ID or key ID?
I deleted all files in my .gnupg directory, and then imported a public
key. Then I exported the
On Mon, 21 Aug 2006 10:38:35 +0200, Werner Koch <[EMAIL PROTECTED]> wrote:
>Hi!
>
>FWIW, there is a little script in the gpg-distribution:
>
># lspgpot - script to extract the ownertrust values
># from PGP keyrings and list them in GnuPG ownertrust format.
>
>I have not used it for a long time, bu
On Mon, 21 Aug 2006 20:11, [EMAIL PROTECTED] said:
> if the secret key was generated before the fix of the
> * quick-check * problem of PGP symmetric encryption,
> http://eprint.iacr.org/2005/033
It has always beed solid practise to avoid oracles thus this problem
is not very real.
Shalom-Sala
>Date: Sat, 19 Aug 2006 21:17:58 -0400
>From: David Shaw <[EMAIL PROTECTED]>
>Subject: Re: Don't store your key on a flash drive! [was Re: GnuPG
> (GPG) Problem]
[...]
>> there's nothing inherently dumb about putting a private key on a
>USB
>> dongle as long as the passphrase is suffici
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, 20 Aug 2006, Qed wrote:
-pgpenvelope processed message
On 08/20/2006 07:31 AM, Caitlin wrote:
1). My roommate and I share a WinXP box. If I install GnuPG 1.4.5 on
it, would this represent a potential security concern?
Your keyring woul
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
On 08/21/2006 02:59 PM, Mark H. Wood wrote:
>>> 1). My roommate and I share a WinXP box. If I install GnuPG 1.4.5 on
>>> it, would this represent a potential security concern?
>> Your keyring would be stored in your personal home dir, if you have
On Mon, 21 Aug 2006 14:27, Alphax said:
> - Smartcards are largely experimental and don't have the instant
> usability of a USB stick
About 800 million users of cell phones probably don't share your
opinion that GSM cards are only experimental.
Shalom-Salam,
Werner
___
Alphax wrote:
> I don't use a flash drive or a smartcard, for the following reasons:
... and in a follow-up to my own follow-up, apparently Rainbow got
bought out by SafeNet. The iKey is still available and the specs
haven't changed from the last I used them some years ago. They're handy
little
Alphax wrote
> - Flash drives are too prone to failures at bizzare moments
> - Smartcards are largely experimental and don't have the instant
> usability of a USB stick
A few years ago Rainbow Technologies came out with a device they called
the iKey. Smartcard with a USB connector, about the same
Robert J. Hansen wrote:
> Janusz A. Urbanowicz wrote:
>> You can't read a private key from the smartcard, but you can read it
>> from the flashdrive. SC is a crypto processor + storage, flashdrive
>> only storage.
>
> All of which is true. However, the bit to which I was replying was:
>
> "A sm
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Sun, 20 Aug 2006 09:40:45 +0200GMT (20-8-2006, 9:40 +0200, where I
live), Bo Berglund wrote:
...
> I wonder about the gpg.conf file:
> Is it used at all in Windows?
> I looked at my own one at "C:\Documents and
> Settings\\Application Data\gnupg
Janusz A. Urbanowicz wrote:
> You can't read a private key from the smartcard, but you can read it
> from the flashdrive. SC is a crypto processor + storage, flashdrive
> only storage.
All of which is true. However, the bit to which I was replying was:
"A smartcard is very convenient as far as
On Sun, Aug 20, 2006 at 09:18:13AM -0500, Robert J. Hansen wrote:
> Ismael Valladolid Torres wrote:
> > A smartcard is very convenient as far as it's a multi application
> > device, so you can store much other info apart from GnuPG keys,
> > i.e. Mozilla passwords or such.
>
> ... I'm sorry, I'm s
On Fri, Aug 18, 2006 at 03:09:43PM -0500, Brian Rosenvinge wrote:
> We have decided to decrypt using a "special" user and re-encrypt the
> file to multiple users. Our concern is that unless we want to do this
> manually it has to be scripted and that will require the "special"
> user's passphra
On 08/20/2006 10:08 PM, Johan Wevers wrote:
> Not directly related to GnuPG, but does anyone here know the book
> "Handbook of Applied Cryptography" fromn A.J. Menezes, P.C. van Oorschoot
> and S.A. Vanstone, printed in 1996? I found it on eDonkey and wanted to
> know if someone knows if it is advi
Hi!
FWIW, there is a little script in the gpg-distribution:
# lspgpot - script to extract the ownertrust values
# from PGP keyrings and list them in GnuPG ownertrust format.
I have not used it for a long time, but it might be helpful. Run it
with PGP's pubring as argument.
Salam-Shalom,
W
On Sun, 20 Aug 2006 07:21, Dylan Vaughn said:
> The issue is that after I start gpg-agent for one user, it does not work
> for any other user on my machine. For example, after I do an initial
Well, you need to start it for each user.
> subsequent decrypt calls, then when I switch to a different
18 matches
Mail list logo
