Faramir wrote:
> Well, in Windows, I am using GPGShell, and the GPGtray utility
> provides text encryption. I think it doesn't give zip encryption, but
> you can encrypt a zip file.
As I recall, ZIP encryption is just symmetric encryption with a
pass{word,phrase}.
> I don't know what applicati
David Picón Álvarez wrote:
> From the patterns of use of crypto most people don't have any secrets
> worth bothering with, and most people don't want their e-mail kept
> secret.
I'm not willing to go there. We can conclude crypto is not often used,
but if you want to talk about why crypto is not
On 15-May-08, at 15:48 , David Picón Álvarez wrote:
RSA is more flexible. Easier to protect several documents, easier to
have shared secrets, etc
You don't seem to understand the difference between public key an
secret key encryption.
RSA is not used to encrypt the document. RSA is used to
From: "Robert J. Hansen" <[EMAIL PROTECTED]>
Some of Mark Twain's writings are not to be released until 2010.
[shrugs] The presence of outliers proves nothing other than there are
outliers. The general point I'm making remains: I consider it an
unproven, unfounded, and overly broad assertion th
Faramir wrote:
> I remember some well known figure died, and left some information to
> be disclosed a lot of years latter... I am not sure, but I think she
> was Jacqueline Kennedy... and it was enough time to be sure her sons
> would be dead by that time.
Some of Mark Twain's writings are not t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
David Shaw escribió:
> On Thu, May 15, 2008 at 11:00:14AM -0400, Faramir wrote:
>> Hello!
>> If I make 1 subkey for signing, and another one for encryption,
>> and after a while I delete them and make a new subkey's pair, would I be
>> able to re
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Robert J. Hansen escribió:
>> Exactly what question am I begging?
>
> The reasonableness of the choice to protect a secret for the rest of
> one's life.
I remember some well known figure died, and left some information to
be disclosed a lot of year
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Robert J. Hansen wrote:
> You cannot keep data secret forever. Anyone who is storing secret data
> needs to have disclosure plans -- what to do when, not if, those secrets
> come to light.
>
> A good set of contingency plans will do you worlds mor
On Thu, May 15, 2008 at 11:00:14AM -0400, Faramir wrote:
> Hello!
> If I make 1 subkey for signing, and another one for encryption,
> and after a while I delete them and make a new subkey's pair, would I be
> able to read messages encrypted to me with the old pair?
No. If you delete the enc
Exactly what question am I begging?
The reasonableness of the choice to protect a secret for the rest of
one's life.
I think it is reasonable to assume that people often have secrets
that they want to take to their grave (at least).
I'd like to see some proof offered for this assertion, sinc
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello!
If I make 1 subkey for signing, and another one for encryption,
and after a while I delete them and make a new subkey's pair, would I be
able to read messages encrypted to me with the old pair? Does my public
key change when I add or delet
>Message: 9
>Date: Thu, 15 May 2008 15:26:26 +0200 (CEST)
>From: "Michel Messerschmidt" <[EMAIL PROTECTED]>
>Subject: Re: Linux crypto killer apllication
>Actually the legal requirements changed this year.
>1024 bit RSA and SHA-1 are not sufficient anymore. 2048 bit is
>recommended and at least 12
Robert J. Hansen wrote:
Brian Smith wrote:
It is reasonable to choose to protect a secret for the rest of one's life
(~100 years).
You're committing two logical fallacies here: the first is you're begging
the question, and the second is the assumption of facts not in evidence.
Exactly what
Robert J. Hansen wrote:
Brian Smith wrote:
It is reasonable to choose to protect a secret for the rest of one's life
(~100 years).
You're committing two logical fallacies here: the first is you're begging
the question, and the second is the assumption of facts not in evidence.
Exactly what
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John W. Moore III escribió:
> Faramir wrote:
>
>
>> provide a GUI for gpg are available for linux, but since it seems the
>> linux gpg branch is stronger than windows branch,
>
> Er... Upon what do You base this conclusion? GnuPG is equally "stron
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Sven Radde said:
> David Picón Álvarez schrieb:
>> Well, I'm pretty sure if GnuPG had the limit you suggest (2048) it
>> would be legally unusable for some purposes, due to legal guidelines,
>> "best practices", and all that tosh.
> FWIW, german digita
Hi,
Trying to compile gpgme 1.1.4 on: MacOS 10.5.2 - MacBook Intel C2Duo -
GnuPG 1.4.9 - GPG2 2.0.9
1. Configure:
env CFLAGS="-isysroot /Developer/SDKs/MacOSX10.5.sdk -arch i386 -arch ppc" \
./configure --enable-static --disable-shared
--disable-dependency-tracking --with-gpg-error-prefix
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Faramir wrote:
> provide a GUI for gpg are available for linux, but since it seems the
> linux gpg branch is stronger than windows branch,
Er... Upon what do You base this conclusion? GnuPG is equally "strong"
on either platform. There is No Li
Can you name some? I'd love to know them.
I'm speaking from memory, but I think I've seen something of the sort re the
Data Protection regulations in Spain, for personally identifiable
information. I might be mistaken though.
--David.
___
Gnupg-
On Thu, 2008-05-15 at 09:24 +0200, Sven Radde wrote:
> FWIW, german digital signature laws AFAIK mandate a key length of
> exactly 1024 bits even for the strongest class of signatures.
> Certificates for electronic banking (also a heavily regulated field) are
> of 1024 bits (or is even 768 still
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
>> And if it is an alias ?
>
> Then you can expect to continue to get helpful warnings like the ones
> you've already received.
But I figure it is a good bobytrap ;)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuP
On Thu, 2008-05-15 at 01:42 -0500, Robert J. Hansen wrote:
> If 2kbit RSA/DSA/ElG ever becomes attackable either via cryptanalysis,
> brute force or developments in large number theory, the solution will be
> to move to entirely new algorithm families, not to just tack on another
> few bits to the
Brian Smith wrote:
It is reasonable to choose to protect a secret for the rest of one's
life (~100 years).
You're committing two logical fallacies here: the first is you're
begging the question, and the second is the assumption of facts not in
evidence.
This discussion is about tradeoffs, a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
gabrix escribió:
> Mine is just a suggestion to improve our dear gnupg.
> What is missing in linux is a killer crypt application .
> I recently used two windows application pgp and bestcrypt . And they both
> have , disk encryption , mail encryption ,
David Picón Álvarez schrieb:
Well, I'm pretty sure if GnuPG had the limit you suggest (2048) it
would be legally unusable for some purposes, due to legal guidelines,
"best practices", and all that tosh.
FWIW, german digital signature laws AFAIK mandate a key length of
exactly 1024 bits even for
David Picón Álvarez wrote:
From: "Robert J. Hansen" <[EMAIL PROTECTED]>
I see no reason to add "features" to GnuPG that have no connection to
any real-world need. Changing the largest keysize, even in expert mode,
has no connection to any real-world need I've ever heard anyone
articulate, and s
26 matches
Mail list logo
