-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Jason Harris:
> On Wed, Dec 18, 2013 at 10:20:26PM +, adrelanos wrote:
>
>> I am planing to write a script, which will refresh the apt
>> signing key before updating using "apt-get update". The script
>> might get accepted in Debian. [1] With my
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Robert J. Hansen:
>> I am planing to write a script, which will refresh the apt
>> signing key before updating using "apt-get update".
>
> The question I have is, "What problem are you trying to solve?"
What in case the apt signing key gets comprom
> I am planing to write a script, which will refresh the apt signing key
> before updating using "apt-get update".
The question I have is, "What problem are you trying to solve?" I am
certain that Debian Security already has a protocol in place for how to
handle compromised certificates. Is this
On Wed, Dec 18, 2013 at 10:20:26PM +, adrelanos wrote:
> I am planing to write a script, which will refresh the apt signing key
> before updating using "apt-get update". The script might get accepted in
> Debian. [1] With my Whonix hat on, it's safe to say, that this script
> will be added to
Hi,
I am planing to write a script, which will refresh the apt signing key
before updating using "apt-get update". The script might get accepted in
Debian. [1] With my Whonix hat on, it's safe to say, that this script
will be added to Whonix (which is a derivative of Debian).
Writing that script
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Well,
I'm really sorry to have set up such a conversation :o)
As I said earlier I'm not quite good at crypto-things, all I wanted to
do was to protect my private key easily in case of HDD error.
And all I wanted to do with this little tool was to
>> "Jens" == Jens Lechtenboerger
>> writes:
> On Mi, Dez 18 2013, Uwe Brauer wrote:
>> I am using Xemacs, gnus the epa pkg for encrypting s/mime using gpgsm.
>>
> Hi Uwe,
> if I understand you correctly, you fail to encrypt to your From
> address, right?
Not really, my fro
On Dec 18, 2013, at 5:41 AM, Werner Koch wrote:
> On Wed, 18 Dec 2013 02:27, r...@sixdemonbag.org said:
>
>> because you just shifted to arguing that "since GnuPG defaults to
>> AES-256, we need to use RSA-15000 by default otherwise the asymmetric
>
> FWIW:
>
>The rationale why we use the
On 12/18/2013 1:25 PM, Doug Barton wrote:
> (Robert, please ignore my tortuous use of "secure" in that sentence.) :)
Hey, I was being *nice*. I wasn't even pointing out that 3DES only has
112 bits of keyspace... ;)
___
Gnupg-users mailing list
Gnupg-u
On 12/18/2013 08:53 AM, Peter Lebbing wrote:
On 16/12/13 23:41, Doug Barton wrote:
but one argument against what you're suggesting is that it's only as secure
as the encryption used in step 1 of the hybrid approach.
If only everything in cryptoland was "only as secure as 3DES"...
I understan
Getting Goteo approval
==
Posted 18th December 2013 by Sam Tuke
http://blog.gnupg.org/20131218-getting-goteo-approval.html
The targets are set, the rewards are prepared, the press release has been edited
and translated, and now we’re waiting for approval from the crowdfunding
On Wed, 18 Dec 2013 18:31, sys...@ioioioio.eu said:
> "Here, we describe a new acoustic cryptanalysis key extraction attack,
> applicable to GnuPG's current implementation of RSA. The attack can
Well that is what I posted a few hours ago to this list ;-).
Salam-Shalom,
Werner
--
Die Gedan
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 12/18/2013 07:32 AM, Sam Tuke wrote:
| On 18/12/13 00:01, Micah Lee wrote:
|> The problem is you're wanting to make GnuPG go mainstream but then
you end
|> up with people seeing this: http://i.imgur.com/53nvUqm.png
|
| Yup. That should be avoided
"Here, we describe a new acoustic cryptanalysis key extraction attack,
applicable to GnuPG's current implementation of RSA. The attack can
extract full 4096-bit RSA decryption keys from laptop computers (of
various models), within an hour, using the sound generated by the
computer during the de
On Mi, Dez 18 2013, Uwe Brauer wrote:
> I am using Xemacs, gnus the epa pkg for encrypting s/mime using gpgsm.
>
> I have several email accounts with different (comodo certificates).
> Now one certificate for the address addre...@gmail.com has expired.
>
> However I want to send an email from add
On 16/12/13 23:41, Doug Barton wrote:
> but one argument against what you're suggesting is that it's only as secure
> as the encryption used in step 1 of the hybrid approach.
If only everything in cryptoland was "only as secure as 3DES"...
> The ability to apply SSS to the entire secret would be
Werner Koch wrote on 12/18/13, 4:05 PM:
> Hello!
>
> Along with the publication of an interesting new side channel attack by
> Daniel Genkin, Adi Shamir, and Eran Tromer we announce the availability
> of a new stable GnuPG release to relieve this bug: Version 1.4.16.
>
> This is a *security fix*
On Wed, 18 Dec 2013 16:09, bernh...@intevation.de said:
> What about placing this as an FAQ in the wiki.gnupg.org?
We have a FAQ which answers a lot of questions around key sizes in
“Advanced Topics” section. If something is missing it can easily be
added.
Salam-Shalom,
Werner
--
Die Ged
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 18/12/13 00:01, Micah Lee wrote:
> The problem is you're wanting to make GnuPG go mainstream but then you end
> up with people seeing this: http://i.imgur.com/53nvUqm.png
Yup. That should be avoided. However there are only a few pages that
critic
Am Montag, 16. Dezember 2013 20:42:54 schrieb Werner Koch:
> May I suggest to read the archives of just a few weeks to collect the
> reasons why suggestions of using SHA-512 are missing the point. Some
> folks here must have bleeding fingertips from repeating the arguments
> over and over.
What a
On Wednesday, December 18, 2013 at 9:25 AM, "Werner Koch"
wrote:
>The paper describes two attacks. The first attack allows to
>distinguish
>keys: An attacker is able to notice which key is currently used for
>decryption.
...
> While listening to the acoustic
>emanations of
>the targeted ma
On Tue, 17 Dec 2013 20:40, c...@rheloud.net said:
> How about an RSS-Feed.
We used to have one for the News. It is currently disabled but will
come back with the new website.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
___
Hello!
Along with the publication of an interesting new side channel attack by
Daniel Genkin, Adi Shamir, and Eran Tromer we announce the availability
of a new stable GnuPG release to relieve this bug: Version 1.4.16.
This is a *security fix* release and all users of GnuPG versions 1.x are
advise
On 12/18/2013 2:18 AM, Daniel Kahn Gillmor wrote:
> Sorry, but NIST does face a crisis of trust, particularly in the area of
> cryptography, whether either of us wants that to happen or not.
Perhaps: but *not over the PRNG they published*. Please stay on point.
You are demonstrating a tendency h
Am Di 17.12.2013, 10:40:21 schrieb Doug Barton:
> On 12/17/2013 01:09 AM, Lev Serebryakov wrote:
> | Is it possible to synchronize UID list without transferring "new"
>
> version
>
> | of private key from B to A by external means?
>
> No.
I can reproduce the problem but it doesn't make any se
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/18/2013 12:05 AM, Robert J. Hansen wrote:
>> So in other words the message can not be read by some govt genius
>> with a rack of computers??
>
> How would I know? Ask a government genius with a rack of
> computers.
>
> I don't know the extent
On Wed, 18 Dec 2013 02:27, r...@sixdemonbag.org said:
> because you just shifted to arguing that "since GnuPG defaults to
> AES-256, we need to use RSA-15000 by default otherwise the asymmetric
FWIW:
The rationale why we use the order AES256,192,128 is
for compatibility reasons with PGP.
Hello
I am using Xemacs, gnus the epa pkg for encrypting s/mime using gpgsm.
I have several email accounts with different (comodo certificates).
Now one certificate for the address addre...@gmail.com has expired.
However I want to send an email from address2 (whose certificate is
*not* expired
On Tue, 17 Dec 2013 20:01, anth...@cajuntechie.org said:
> I know that gnupg is experimenting with ECC and I'm wondering which
> curves the team has decided to use. I know there are some curves that
> are now suspected of being tainted by the NSA through NIST. Has the
> gnupg team ruled using those
On Tue, 2013-12-17 at 13:01 -0600, Anthony Papillion wrote:
> I know that gnupg is experimenting with ECC and I'm wondering which
> curves the team has decided to use. I know there are some curves that
> are now suspected of being tainted by the NSA through NIST. Has the
> gnupg team ruled using th
30 matches
Mail list logo
