On Friday 17 January 2014 14:33:25 Daniel Kahn Gillmor wrote:
> I think you're conflating revocation of the primary key with revocation
> of a user ID.
>
> Revocation of a primary key is permanent and cannot be overridden.
> Revocation of a user ID can be overridden as long as the primary key
> (t
Greetings!
I've been happily using pgp and gpg off and on for decades. One thing I
never quite figured out was what the best way to use it for encrypting
sensitive files on disk. After doing that one has to remember to cleanup
after themselves and delete all the leftover plaintext versions of
Am Fr 17.01.2014, 20:03:15 schrieb Johannes Zarl:
> If, however, the revocation is only a temporary act until a newer
> self- signature supersedes it, it would be almost impossible to
> effectively and permanently revoke a key.
That's why we all use only the super-secure (haha) offline mainkeys.
On 01/17/2014 02:03 PM, Johannes Zarl wrote:
> If the revocation is a final act, as long as I can make sure that the
> revocation certificate reaches my communication partners I can be sure that
> nobody can compromise the key and "reenable" it and start impersonating me.
>
> If, however, the re
On Friday 17 January 2014 13:28:50 Hauke Laging wrote:
> IIRC then GnuPG accepts a later self-signature (overriding the
> revocation). IMHO that makes most sense. As long as the mainkey isn't
> revoked or expired why shouldn't one "change one's mind"?
Wouldn't that have huge implications for the s
Scute accesses the card via either scdaemon or gpg-agent (I can't remember
which and I'm on my phone), so you don't need to release the card and
reenter your PIN to switch back and forth between PKCS#11 and gpg/gpgsm.
However, it's a minimal implementation of the parts of the API necessary
for X.50
On 01/17/2014 03:05 AM, Werner Koch wrote:
> On Fri, 17 Jan 2014 02:24, se...@literati.org said:
>
>> Scute works great with Firefox, but keep in mind it requires gpg-agent (or
>
> Sure. That is the whole point of the exercise.
>
>> at least scdaemon). AFAIK it's not intended to work with any
Am Fr 17.01.2014, 11:44:55 schrieb Daniele Ricci:
> My question is the following: suppose I create a user ID or attribute.
> I sign it with my key and that's ok.
> One day I revoke that user ID or attribute and sign it again with a
> certification revocation.
>
> A few years later, I want to rest
Hello list,
I'm manipulating PGP keys with Bouncy Castle, especially signatures of
user IDs and user attributes. But my question is not about
development, it's about signatures.
My question is the following: suppose I create a user ID or attribute.
I sign it with my key and that's ok.
One day I re
On Fri, 17 Jan 2014 02:24, se...@literati.org said:
> Scute works great with Firefox, but keep in mind it requires gpg-agent (or
Sure. That is the whole point of the exercise.
> at least scdaemon). AFAIK it's not intended to work with anything other
> than Firefox right now. I've been meaning t
10 matches
Mail list logo
