Re: "Please select what kind of key you want" ~~ suggestion to developers

While in general I agree with what you've said in this thread Robert, I do want to present one small ray of hope. At my last job we dealt with a great deal of "sensitive" information (usually time sensitive, i.e., it would be released eventually but needed to be "just right" first) and being the dr

encrypt and detached signature

opensuse 11.0 and 11.1 gpg2 -r -be Creates a detached signature file, but does not encrypt the . I could do it in two steps (gpg2 -e ; gpg2 -b ) but can it be done in one? Felipe ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg

Re: How to use the Apple Product Security PGP Key + Protecting Security Information ~~ F.Y.I.

gerry_lowry (alliston ontario canada) wrote: > The Internet took off when Microsoft, for better or worse, included > and promoted Internet Explorer in Windows 95, thus beginning the so > called browser wars. That's quite arguable. Why do you assume that MS introducing IE *cause* the internet to t

Re: How secure asymmetric encryption to yourself?

On Mon, Feb 23, 2009 at 01:15:58PM -0500, gerry_lowry (alliston ontario canada) wrote: > Sven Radde wrote, in part: > > "... there are more usable ways of managing one's passwords > than storing them in a GnuPG file". > > I'm curious what "more usable ways" there are that Sven and o

Re: How secure asymmetric encryption to yourself?

On Mon, Feb 23, 2009 at 01:42:32PM -0500, Robert J. Hansen wrote: > Open up my wallet, fish out the list, and there it is. Although I think this one of the most secure but usable places, what if a real life phisher gets your wallet? No problem to cancel credit cards. But are you able to reset all

Re: "Please select what kind of key you want" ~~ suggestion to developers

Robert J. Hansen wrote: > Required reading: And let's add to that: Gaw, S., Felten, E. W., and Fernandez-Kelly, P. 2006. Secrecy, flagging, and paranoia: adoption criteria in encrypted email. In Proceedings of the SIGCHI Conference on Human Factors in Compu

Re: Re: How secure asymmetric encryption to yourself?

Hi! gerry_lowry (alliston ontario canada) schrieb: > Sven Radde wrote, in part: > > "... there are more usable ways of managing one's passwords > than storing them in a GnuPG file". > > I'm curious what "more usable ways" there are that Sven and others > can recommend. /First of al

Re: "Please select what kind of key you want" ~~ suggestion to developers

On Mon, Feb 23, 2009 at 11:55:51AM -0500, gerry_lowry (alliston ontario canada) wrote: > The easier it is for beginners to understand PGP/GPG technology, > the faster its adoption into general use by the public will occur. > > Suggestion: add help as an option to > gpg --gen-key > an

Re: "Please select what kind of key you want" ~~ suggestion to developers

Required reading: Garfinkel, S. L., Margrave, D., Schiller, J. I., Nordlander, E., and Miller, R. C. 2005. How to make secure email easier to use. In _Proceedings of the SIGCHI Conference on Human Factors in Computing Systems_ (Portland, Oregon, USA, April

Re: "Please select what kind of key you want" ~~ suggestion to developers

Robert, excellent points. I shall return to my thinking board. Amazing that, in today's world, with events like the infamous 9/11, identity theft, debit and credit card fraud, a plethora of Bernhard Madoffs making Carlo Ponzi sit up in his grave and take notice, and jobs going down the toilet dai

Re: "Please select what kind of key you want" ~~ suggestion to developers

Robert, yes, literacy is important, too. Your counter proposition also has validity. You missed the point. Refer to my last three sentences. The world doesn't need another "easy to use GnuPG interface." You're essentially saying, "what the world needs is a really good book!" What I'm

Re: "Please select what kind of key you want" ~~ suggestion to developers

Robert J. Hansen wrote the following on 2/23/09 2:52 PM: [...] > What I'm saying is, "the world first needs to learn to read." As far as I am concerned, this sentence is a most gratifying conclusion to this thread. I am not suggesting to close the thread, on the contrary, keep them coming. Ch

Re: "Please select what kind of key you want" ~~ suggestion to developers

Robert, yes, literacy is important, too. Your counter proposition also has validity. I point out, however, that by the time one is looking at Please select what kind of key you want: (1) DSA and Elgamal (default) (2) DSA (sign only) (5) RSA (sign only) (h) help on the above choic

Re: How secure asymmetric encryption to yourself?

Robert J. Hansen wrote the following on 2/23/09 1:42 PM: [...] > Open up my wallet, fish out the list, and there it is. > > The moral of this story is simple -- don't make things more > complicated than you have to. Robert, from the bottom of my heart, thank you! Charly _

Re: "Please select what kind of key you want" ~~ suggestion to developers

The easier it is for beginners to understand PGP/GPG technology, the faster its adoption into general use by the public will occur. There's a discipline in computer science called human-computer interaction (HCI). I took two courses in this in grad school: not enough to make me an expert, b

Re: How secure asymmetric encryption to yourself?

I'm curious what "more usable ways" there are that Sven and others can recommend. I'm fond of writing down my passwords on the back of a business card and keeping it in my wallet. For the overwhelming majority of these passwords, the site's most confidential information of mine they posse

Re: How secure asymmetric encryption to yourself?

Sven Radde wrote, in part: "... there are more usable ways of managing one's passwords than storing them in a GnuPG file". I'm curious what "more usable ways" there are that Sven and others can recommend. I'm also unsure what Sven apparently means by "more usable"? (While they need

Re: How secure asymmetric encryption to yourself?

>Date: Mon, 23 Feb 2009 11:36:49 -0500 >From: "gerry_lowry \(alliston ontario canada\)" > >Subject: Re: How secure asymmetric encryption to yourself? >a paranoid's answer to your question: >More paranoia: when you're viewing your file as plain text which >you must do to read its contents

Re: How secure asymmetric encryption to yourself?

Hi! Chris Poole schrieb: > How secure is it to use my own public key as the encryption method > (rather than symmetric), given that the password file is stored on the > same drive as my public and private keys? The simple answer is: It doesn't matter, both methods are equally secure (with the sec

"Please select what kind of key you want" ~~ suggestion to developers

The easier it is for beginners to understand PGP/GPG technology, the faster its adoption into general use by the public will occur. Suggestion: add help as an option to gpg --gen-key and gpg --edit-key [ ID ] addkey Example: Please select what kind of key you want: (

Re: How secure asymmetric encryption to yourself?

a paranoid's answer to your question: your passphrase is also required ... so my best guess is that you are more or less safe; others on this list would know better than myself. Here's the paranoid part: if your system became compromised with a keylogger,

Re: "Please select what kind of key you want"

Robert and David, thank you for increasing my understanding and pointing out the errors I made. g. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: How to use the Apple Product Security PGP Key + Protecting Security Information ~~ F.Y.I.

On Feb 23, 2009, at 8:49 AM, gerry_lowry (alliston ontario canada) wrote: http://support.apple.com/kb/HT1620 How to use the Apple Product Security PGP Key http://www.apple.com/support/security/pgp/ Protecting Security Information F.Y.I.: I've not noticed anything similar from Microsoft an

How to use the Apple Product Security PGP Key + Protecting Security Information ~~ F.Y.I.

http://support.apple.com/kb/HT1620 How to use the Apple Product Security PGP Key http://www.apple.com/support/security/pgp/ Protecting Security Information F.Y.I.: I've not noticed anything similar from Microsoft and other software companies. Most seem to be happy with MD5 and SHA1 for files a

Re: GPG Decryption of a PGP encrypted zip file resulting in garbled zip file

Did you ever get a solution to your problem decompressing ZIP.PGP files? I think someone I am working with is having a similar problem. Robert Mundkowsky Employers Sr. Applications Developer 500 N. Brand Blvd Glendale, Ca 91203 rmundkow...@eig.com Tel: (818) 549-45

How secure asymmetric encryption to yourself?

Hi, I am using GnuPG to encrypt a plain text file of my passwords. How secure is it to use my own public key as the encryption method (rather than symmetric), given that the password file is stored on the same drive as my public and private keys? Thanks. ___

Re: JAVA Standard API for GnuPG v1.80?

Thanks a lot Steve. I've checked out - http://www.java2s.com/Open-Source/Java-Document/Security/Bouncy-Castle/org/bouncycastle/openpgp/examples/ByteArrayHandler.java.htm Would this Open PGP work for GnuPG? Sven Radde-3 wrote: > > Hi! > > Tanu schrieb: >> Is there any Standard JAVA API from