Re: trust your corporation for keyowner identification?

"Paul R. Ramer" wrote: > On 11/05/2013 09:26 AM, Leo Gaspard wrote: > > However, I think in this case (assuming there are no more UID on key 2 than > > on > > key 1), assertions are sufficient, *because* there are two assertions, one > > in > > both ways. > > > > I mean : > > * Owner of Key 1

Re: trust your corporation for keyowner identification?

"Paul R. Ramer" wrote: > Stan Tobias wrote: > >Yes, but by remote communication. The reasoning goes like this: The > >signature is validated by my certificate (or, in case 2a, by my > >friends' > >whom I trust fully). The message is authenticated by X's valid > >signature, > >therefore the mess

Re: Threema.

On 09-11-2013 23:48, Charly Avital wrote: > > What do you think of it? As others have mentioned, it seems to be closed source (and since it's payware I doubt they'll release the code). Further the Android version strongly suggests to use it with a Google account for push

Re: Duplicating smartcard

On 10.11.2013, Alexander Truemper wrote: > But if I run 'gpg --export-secret-keys' for my keys, it actually seems > to export the private keys according to pgpdump. > How can this be? (I see no smartcard activity on the terminal and no > PIN is asked) It's not the real secret key, but the stub w

Re: Threema.

Charly Avital wrote: > > kendrick eastes wrote on 11/10/13, 3:17 AM: > > might be better received at a cryptography based mailing list, also, do > > you plan on releasing source? > > > > > > apologies if this double sends, I've been having network issues recently. > > The source belongs to the

Re: Duplicating smartcard

On Sun, Nov 10, 2013 at 11:50 AM, Alexander Truemper wrote: > Hello everyone, > > since I could not reveal anything useful on google, here my question. > > I want to have a safe backup of my smartcard which contains my primary > key and two subkeys. Did you generate the keys on the smartcard, or

Re: Threema. / don't trust closed source software

Hello, On 10.11.2013 12:02, Mark Schneider wrote: > (...) > It is commercial iOS and Androif application without source code and > evenn such important details like the used encryption. > (...) Actually such information are available here: https://threema.ch/en/faq.html. They are stating that th

Duplicating smartcard

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello everyone, since I could not reveal anything useful on google, here my question. I want to have a safe backup of my smartcard which contains my primary key and two subkeys. I guessed the private keys can not be exported as it would make no sens

Re: Threema. / don't trust closed source software

Am 10.11.2013 02:46, schrieb Robert J. Hansen: Looking over their site briefly I was unable to find a link for source code. As a result, I think very little of it. I don't think it's wise to trust unknown third-party binaries that don't provide source. It is commercial iOS and Androif applicati