-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Ted Smith escribió:
> On Fri, 2010-07-23 at 02:07 -0400, Faramir wrote:
...
>> Well, I suppose in most countries nobody is going to torture you, but
>> there are other countries where you can't be so sure... Also, an
...
> Nobody in any country is
On 7/23/2010 6:08 PM, Ted Smith wrote:
> Nobody in any country is going to torture you for your key, because
> keyloggers are much less expensive than torturers + torturing equipment.
This is not true. There are documented instances where people have been
tortured to turn over crypto keys.
You a
On 23 July 2010 23:08, Ted Smith wrote:
> On Fri, 2010-07-23 at 02:07 -0400, Faramir wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA256
>>
>> Ted Smith escribió:
>> ...
>> >> Deniable encryption is a useful tool, but it is not a universally good
>> >> idea.
>> >
>> > An interrogator as
On Fri, 2010-07-23 at 02:07 -0400, Faramir wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Ted Smith escribió:
> ...
> >> Deniable encryption is a useful tool, but it is not a universally good
> >> idea.
> >
> > An interrogator as described in this thread is a movie plot threat. I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I have what I am sure is a frequently asked question, but I cannot find
a FAQ. I can find the archives, but I know no good way to search them.
It is the question about the order of signing and encrypting a message.
I am pretty sure that is the correct
Hi Guys.
I am currently running OpenSolaris 2010, I got GPG2 set up and my
(OpenPGP) Smartcard. I have no problems accesing the smartcard from GPG2
(e.g gpg2 --card-status) everything shows up fine, I am able to edit and
view my keys and so on.
The problem though is when I'm trying to get S
On 7/23/10 2:52 AM, Malte Gell wrote:
>
>
> Yes and the boot partition is not encrypted, only /home But I solved it.
>
> Regards
> Malte
>
Just keep in mind that if you're not encrypting the whole disk, your
sensitive data can leak to /tmp and swap. I'm only bringing this up
because it seems
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
David Shaw escribió:
> On Jul 23, 2010, at 11:51 AM, war_is_pe...@privatdemail.net wrote:
...
>> I'm planning on finally uploading my key to a keyserver. Now I had the
>> idea to add a primary user ID which contains only my name and no email
>> addre
On Fri, 23 Jul 2010, Faramir wrote:
Doug Barton escribió:
On Thu, 22 Jul 2010, Faramir wrote:
...
I don't see the signature, nor the claim about it being signed. I saw
an attachment, but Thunderbird didn't say it was a signature...
If you navigate to the message in Thunderbird and then typ
tux.tsn...@free.fr wrote
> > Yes and the boot partition is not encrypted, only /home But I solved it.
> > It was an init script issue. On openSUSE there is an init script
> > "earlyxdm" and it has overridden so to say the pinentry-ncurses program.
> > I have now edited earlyxdm and have added my
On Jul 23, 2010, at 11:51 AM, war_is_pe...@privatdemail.net wrote:
> Hi,
>
> I'm planning on finally uploading my key to a keyserver. Now I had the
> idea to add a primary user ID which contains only my name and no email
> address. The reason would be that i won't "lose" any signatures if I
> cha
On 7/23/10 11:51 AM, war_is_pe...@privatdemail.net wrote:
> Does that make sense? Are there known problems if a (primary) user ID
> doesn't contain any email address?
Nope! Check out 0xE6602099 for my key with a primary uid of "James
Patrick Howard, II".
James
--
James P. Howard, II, MPA MBCS
Hi,
I'm planning on finally uploading my key to a keyserver. Now I had the
idea to add a primary user ID which contains only my name and no email
address. The reason would be that i won't "lose" any signatures if I
change my email address and revoke the then obsolete user id.
Does that make sense
On 07/23/2010 07:35 AM, m...@proseconsulting.co.uk wrote:
>> On Fri 23/07/10 11:48 AM , David Smith dave.sm...@st.com sent:
>>> I need to be able to ultimately trust a public key
>>> in batch mode, that I have downloaded automatically with wget from an
>>> internal server over HTTPS.
>>
>> I think
Daniel Kahn Gillmor dkg at fifthhorseman.net wrote on
Fri Jul 23 16:32:17 CEST 2010 :
> There is no way to "prove that you did not encrypt" a message.
Agreed.
But it is very simple to either give up a session key to an
encrypted message, or show that that the message was not encrypted
to any k
On 07/23/2010 09:51 AM, ved...@nym.hush.com wrote:
>> From: Andre Amorim
>> Do we have a "plausibly deniable" option ?
>
> [1] hiding the identity of the encryption:
>
> The 'throw-keyids' option hides which keys the message is encrypted to
[...]
> The government can claim, that in order to pro
vedaal at nym.hush.com wrote on Fri Jul 23 15:51:38 CEST 2010
>and since you really didn't
>encrypt the message, you can't give up the session key, and now
the
>government wants *all* your keys and passwords to prove you didn't
>encrypt the message.
Sorry :-)
meant to say:
and since you r
>Message: 4
>Date: Thu, 22 Jul 2010 21:19:50 +0100
>From: Andre Amorim
>To: GnuPG Users
>Do we have a "plausibly deniable" option ?
GnuPG can be used for plausible deniability both for encrypting and
for signing:
[1] hiding the identity of the encryption:
The 'throw-keyids' option hides whic
Realloc Bug with X.509 certificates in GnuPG
==
2010-07-23
Summary
===
While trying to import a server certificate for a CDN service, a segv
bug was found in GnuPG's GPGSM tool. It is likely t
Hello,
How do I import a subkey into an existing secret key?
I use a DSA key with El-Gamal encryption keys that I regenerate every
year. At some point my keyrings got out of sync and I ended up carrying
on with an older key. There was a secret subkey in the middle there that
got lost and I only n
> On Fri 23/07/10 11:48 AM , David Smith dave.sm...@st.com sent:
> > I need to be able to ultimately trust a public key
> > in batch mode, that I have downloaded automatically with wget from an
> > internal server over HTTPS.
>
> I think that you might be confusing "trust" with "validity".
>
> If
m...@proseconsulting.co.uk wrote:
> I need to be able to ultimately trust a public key in batch mode, that I
> have downloaded automatically with wget from an internal server over HTTPS.
>
> I don't want to do --trust-model always, apart from the fact I want to
> use a trusted key anyway, gpg --tr
BODY { font-family:Arial, Helvetica, sans-serif;font-size:12px; }I
need to be able to ultimately trust a public key in batch mode, that
I have downloaded automatically with wget from an internal server
over HTTPS.
I don't want to do --trust-model always, apart from the fact I want
to use a trust
> Yes and the boot partition is not encrypted, only /home But I solved it. It
> was an init script issue. On openSUSE there is an init script "earlyxdm" and
> it has overridden so to say the pinentry-ncurses program. I have now edited
> earlyxdm and have added my own script to Requried-Start, th
On Thu, Jul 22, 2010 at 08:03:25PM -0700, Doug Barton wrote:
> Can anyone else verify messages sent by Andre? His message claims to
> have a PGP signature, but what's in what should be the signature
> block isn't.
Mutt isn’t verifying these either. The message Content-Type appears to
be multipart/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Robert J. Hansen escribió:
...
>> An interrogator as described in this thread is a movie plot threat. In
>> reality, nobody is going to torture you for your key...
>
> The point is not about torture. The point is about interrogation.
>
> Imagine t
26 matches
Mail list logo