Am Fr 15.11.2013, 15:40:30 schrieb Juergen Polster:
> For those not reading German the "summary" of the summary report is:
>
> Symmetric 80 bit keys are accepted for transaction data and existing
> systems to be replaced in the next 5 -10 years. Symmetric keys of 128
> bit are OK for mid-term and
On Friday 15 November 2013 11:39:30 Phil Calvin wrote:
> On Nov 15, 2013, at 11:02, "Thomas Harning Jr." wrote:
> > The general practice I follow is to verify fingerprint and ID separately
> > then, in order to verify control of email address and private key, send
> > the signed ID encrypted to th
On Friday 15 November 2013 21:33:08 Mark Schneider wrote:
> Hi,
>
> There is GPL 3 based implementation of CURVE25519 called Pretty Curved
> Privacy (pcp1).
> http://www.daemon.de/PrettyCurvedPrivacy
>
> What do you think about using parts of the ppc1 source code to implement
> such functionality
That makes perfect sense. That's the approach I took on the most recent key I
signed.
What attacks are mitigated by verifying control of the secret key, though? I am
having a hard time grokking the benefit for someone whose ID you have verified
to present and fingerprint a key which she does no
Hi,
There is GPL 3 based implementation of CURVE25519 called Pretty Curved
Privacy (pcp1).
http://www.daemon.de/PrettyCurvedPrivacy
What do you think about using parts of the ppc1 source code to implement
such functionality into gnupg 2.1?
http://www.daemon.de/idisk/Apps/PrettyCurvedPrivacy/
Heise security news published an article "ENISA-Empfehlungen zu
Krypto-Verfahren" (ENISA Recommendation for Crypto processes). The
article is in German language and can be found under
http://heise.de/-2043356. It holds a summary of the latest
recommendations of ENISA, the European Union Agency for
On 11/15/2013 12:06 PM, Robert J. Hansen wrote:
> getting two
> computers to generate the exact same binary code from the exact same
> source code is a surprisingly difficult challenge. It requires a
> perfect match of everything from compiler versions to C library versions
> right down to identic
I'm replying because, Sourceforge? They fell out of vogue...
For a service that's "out of vogue" they still host an awful lot of
Free Software, and for that I think perhaps we should be a bit
thankful. Their bundling is distasteful, yes, but it's hardly the end
of the world given they've
So... 'Robert', who do you work for? NSA? Financial crime?
FBI, actually, in counterintelligence. No, wait, whoops, wrong Robert
Hanssen. Sorry, I get confused about myself sometimes.
All kidding aside, we don't need to cast aspersions on the motives of
people who post here. It is far,
The general practice I follow is to verify fingerprint and ID separately
then, in order to verify control of email address and private key, send the
signed ID encrypted to the provided email address.
On Wed, Nov 13, 2013 at 11:49 AM, Phil Calvin wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Ha
Heise security news published an article "ENISA-Empfehlungen zu
Krypto-Verfahren" (ENISA Recommendation for Crypto processes). The
article is in German language and can be found under
http://heise.de/-2043356. It holds a summary of the latest
recommendations of ENISA, the European Union Agency for
At 09:04 PM 11/13/2013, grarpamp wrote:
On Tue, Nov 5, 2013 at 2:38 AM, wrote:
> Hello,
>
> can BitMail.sf.net as a p2p email tool for encrypted Email (and
hybrid with IMAP-Email) be regarded as a reference model for
research to create a secure Email Client? as it uses both, gnupg and openssl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I seem to recall reading somewhere that when exchanging keys in
person, you should not only have the person verify the key
fingerprint, but you should also present them with 1) an unpredictable
challenge document to sign or 2) verify that they can decr
On Tue, Nov 5, 2013 at 2:38 AM, wrote:
> Hello,
>
> can BitMail.sf.net as a p2p email tool for encrypted Email (and hybrid with
> IMAP-Email) be regarded as a reference model for research to create a secure
> Email Client? as it uses both, gnupg and openssl!
>
> http://bitmail.sourceforge.net/
14 matches
Mail list logo
