-BEGIN PGP SIGNED MESSAGE-
On 2011-07-28 6:05 PM, Crypto Stick wrote:
>> At the moment, my secret key is stored on my hard drive and is
>> encrypted by a long passphrase. When I transfer my subkeys to the
>> smartcard, will they actually be encrypted whilst they're on
>> there?
>
> The ve
> The very purpose of smartcards is to keep secret keys confidential and
> secure. This is achieved by physical protection, different layers,
> puzzling structure etc. This makes it very, very difficult to extract
> the keys. For a state-of-the-art smart card like the OpenPGP Card 2, I
> guess the
> At the moment, my secret key is stored on my hard drive and is encrypted
> by a long passphrase. When I transfer my subkeys to the smartcard, will
> they actually be encrypted whilst they're on there?
The very purpose of smartcards is to keep secret keys confidential and
secure. This is achieved
On 7/28/11 3:46 PM, Peter Lebbing wrote:
> Please communicate in a way where I don't have to
> read every other sentence twice to get what you are trying to tell us.
I wunder if iu've red the "Plan for xe Impruvment of Ingliy Speling,"
popyularly atributed to Mark Twain?
http://everything2.com/ti
On Thu, Jul 28, 2011 at 5:04 PM, David Shaw wrote:
> On Jul 28, 2011, at 4:49 PM, Dan McGee wrote:
>
>> I wanted to test behavior of an application with an expired signature,
>> but using `--ask-sig-expire` don't seem to be granular enough. The
>> minimum I can specify is either 1 day, or an absol
On 7/28/11 4:49 PM, Dan McGee wrote:
> I wanted to test behavior of an application with an expired signature,
> but using `--ask-sig-expire` don't seem to be granular enough.
Set your system clock back a year, create a sig that expires in a year,
reset your system to the normal time. The simplest
On Jul 28, 2011, at 4:49 PM, Dan McGee wrote:
> I wanted to test behavior of an application with an expired signature,
> but using `--ask-sig-expire` don't seem to be granular enough. The
> minimum I can specify is either 1 day, or an absolute date (e.g.
> 2011-07-29), which is still 8+ hours away
I wanted to test behavior of an application with an expired signature,
but using `--ask-sig-expire` don't seem to be granular enough. The
minimum I can specify is either 1 day, or an absolute date (e.g.
2011-07-29), which is still 8+ hours away for me right now. Am I
missing something? Decimal valu
-BEGIN PGP SIGNED MESSAGE-
On 2011-07-28 10:08 AM, Melvin Carvalho wrote:
(...)
>> It's quite a new system, but supported by the W3C and on it's way
>> to becoming a standard. For more info see the video at:
>> http://webid.info/
(...)
paypal and your bank are unlikely subscribers to thi
On 28/07/11 20:15, Jay Litwyn wrote:
> In my case, that iz likely, because I yuuz only screen names on USENET.
yuuz? That's where I draw the line. This mailing list is for communication, not
showing your "1337 skillz". So please communicate in a way where I don't have to
read every other sentence
-BEGIN PGP SIGNED MESSAGE-
On 2011-07-28 10:08 AM, Melvin Carvalho wrote:
> On 28 July 2011 16:01, MFPA wrote: Hi
>
>
> On Thursday 28 July 2011 at 12:53:41 PM, in
> , Jay Litwyn wrote:
>
Attaching a photo to your public key might help. So might
putting a phone number on you
On 28 July 2011 16:01, MFPA wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Hi
>
>
> On Thursday 28 July 2011 at 12:53:41 PM, in
> , Jay Litwyn wrote:
>
>> Attaching a photo to your public key might
>> help. So might putting a phone number on your public
>> key.
>
> I'm not too conv
-BEGIN PGP SIGNED MESSAGE-
On 2011-07-28 8:01 AM, MFPA wrote:
> Hi
>
>
> On Thursday 28 July 2011 at 12:53:41 PM, in
> , Jay Litwyn wrote:
>
>> Attaching a photo to your public key might help. So might putting
>> a phone number on your public key.
>
> I'm not too convinced a photo wou
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Thursday 28 July 2011 at 12:53:41 PM, in
, Jay Litwyn wrote:
> Attaching a photo to your public key might
> help. So might putting a phone number on your public
> key.
I'm not too convinced a photo would help much. I could create
a key and
It's a small sample to be sure, but I've been carrying my smartcard in
my wallet for several months and it's held up just fine. It has a
tiny bit of curvature to it now, but that's only noticeable if you lay
it on something flat, and has no impact on its usage. (If it matters
any, I carry my wall
-BEGIN PGP SIGNED MESSAGE-
On 2011-07-27 8:25 PM, Len Cooley wrote:
> Well, let me ask you this. Is it useful/useless/ridiculous/orwhat to
> attach your public key as a sig at the end of an email, such as
> below?
>
It depends on the environment of your receiver.
Would they be subject t
-BEGIN PGP SIGNED MESSAGE-
In my entry on a related thread, I was thinking that one of the simpler
ways to foil attacks on bank cards would be to make a smart card play
dumb and accept any old pin (symmetric encryption key for a private
key). That would (almost) force attackers to communic
On Thu, 28 Jul 2011 05:56, r...@sixdemonbag.org said:
> Are there any particular problems the durability of a smartcard,
> particularly an OpenPGP card? Are there any damage concerns from wallet
It is not different than with any other chip card. If you immerse the
card into water only the contac
On Thu, 28 Jul 2011 08:29, k...@grant-olson.net said:
> attacker could have forged both. They could in other circumstances as
> well, but it's less likely for someone to forge both a public key on the
> keyservers (or your personal website, or your business card, etc), and a
> signature on a forg
19 matches
Mail list logo
