On 07/18/2014 08:37 PM, Hauke Laging wrote:
> I have prepared a mail file for those who want to give this a try:
>
> http://www.crypto-fuer-alle.de/docs/mail-symmetric/mail.cr-lf.eml
I just emailed that to myself using Thunderbird + Enigmail in Ubuntu. I
was prompted for a password, and "foo"
Am Sa 19.07.2014, 01:42:19 schrieb Ingo Klöcker:
> If we add enough buttons then users will
> eventually start pressing them. (Sorry, for being sarcastic, but I
> really don't see how adding another button can possibly improve the
> users' willingness to use email encryption.)
Yeah and this works
Am Fr 18.07.2014, 22:51:13 schrieb Robert J. Hansen:
> > Are symmetric keys more probable to be compromised than asymmetric
> > ones?
> Immensely. An asymmetric key is a secret held by one person; a
> symmetric key is a secret shared by two or more.
A factor of two is "immense" to you...?
Furthe
> Are symmetric keys more probable to be compromised than asymmetric ones?
Immensely. An asymmetric key is a secret held by one person; a
symmetric key is a secret shared by two or more.
> What I am suggesting is neither an alternative to regular OpenPGP
> encryption nor meant as "real crypto"
Am Fr 18.07.2014, 13:49:54 schrieb Robert J. Hansen:
> If/when a key is compromised, all traffic that has been generated or
> will be generated with that key gets compromised, and there's no
> guarantee about whether you'll know the key is compromised -- so it's
> only sane to have an agreed-upon
On Friday 18 July 2014 17:20:27 Hauke Laging wrote:
> Am Fr 18.07.2014, 15:40:34 schrieb Ingo Klöcker:
> > > And, quite important: It would not require serious
> > >
> > > development effort as this possibility is built-in with GnuPGP.
> >
> > I think you underestimate the development effort.
>
Hello,
* Heinz Diehl wrote on Fri, 18 Jul 2014, at 20:59 (+0200):
> On 18.07.2014, The Fuzzy Whirlpool Thunderstorm wrote:
>
> > I wonder if Mutt can be configured to decrypt inline pgp
> > messages automatically, without piping the attachment to `gpg
> > --decrypt`.
>
> You can't. Put this into
Yeah, thanks for giving me this idea.
I've asked on mutt mailing list and got the answer that inline pgp
messages can be manually decrypted using ESC + P button.
Automatic decryption is invoked by putting `set pgp_auto_decode=yes` on
~/.muttrc file. So this is the most convenient method for me.
Aga
On Friday 18 July 2014 21:01:54 Peter Lebbing wrote:
> On 18/07/14 15:40, Ingo Klöcker wrote:
> > OpenPGP keys are created and uploaded to some key server
> > automatically, and they are looked up and used automatically
>
> This creates a privacy issue with key lookup. It exposes
> correspondents
On 2014-07-18 at 19:39, Ingo Klöcker wrote:
> Sure. But the fingerprint is only used once (for verifying the key). And
> it's not even secret information, so exchange via an insecure channel is
> not an issue (at least, not a severe issue).
>
> OTOH, symmetric keys really should be exchanged via
On Fri, Jul 18, 2014 at 06:18:39PM +0200, The Fuzzy Whirlpool Thunderstorm
wrote:
> Hello,
> I wonder if Mutt can be configured to decrypt inline pgp messages
> automatically, without piping the attachment to `gpg --decrypt`.
> I know, piping works, but it'd be more convenient to have mutt do the
> I think what Hauke meant was an exchange of the *passphrase* for the
> symmetric encryption, not the session key.
Same issue, although now you're sharing the seed to a random number
generator for which you want the seed to expire very quickly. You can
mitigate this somewhat using gating and som
On 7/18/2014 at 1:52 PM, "Robert J. Hansen" wrote:
>
>> Symmetric keys and fingerprints have to be exchanged through a
>secure
=
I think what Hauke meant was an exchange of the *passphrase* for the symmetric
encryption, not the session key.
The symmetric keys would always change with ea
On 18.07.2014, The Fuzzy Whirlpool Thunderstorm wrote:
> I wonder if Mutt can be configured to decrypt inline pgp messages
> automatically, without piping the attachment to `gpg --decrypt`.
You can't. Put this into your .procmailrc. It'll transform your inline
pgp mails accordingly:
:0
* !^Con
On 18/07/14 15:40, Ingo Klöcker wrote:
> OpenPGP keys are created and uploaded to some key server
> automatically, and they are looked up and used automatically
This creates a privacy issue with key lookup. It exposes correspondents
to the keyserver, including time-of-use.
Also, you need to defin
> Symmetric keys and fingerprints have to be exchanged through a secure
> channel only once.
Whoa, let's back that up a moment.
Fingerprints and symmetric keys need to be exchanged *as often as they
change*. Which, in the case of symmetric keys, is quite frequently.
If/when a key is compromised
On Friday 18 July 2014 19:21:05 Hauke Laging wrote:
> Am Fr 18.07.2014, 09:46:14 schrieb Doug Barton:
> > Hauke,
> >
> > I think you skated past a previous question about your idea, and I'm
> > also interested in the answer so I'll ask it again. :)
> >
> > If you have a secure channel of communic
On 07/16/2014 09:24 PM, Phillip Susi wrote:
> I would like to protect the master key with a password that is different
> from that used on the daily use subkey
I take the Low Road and use two different key rings, the "master" key
ring in a non-default location ("gpg --homedir /path/to/master .
Am Fr 18.07.2014, 09:46:14 schrieb Doug Barton:
> Hauke,
>
> I think you skated past a previous question about your idea, and I'm
> also interested in the answer so I'll ask it again. :)
>
> If you have a secure channel of communication by which you can
> exchange the symmetric password (which yo
Hauke,
I think you skated past a previous question about your idea, and I'm
also interested in the answer so I'll ask it again. :)
If you have a secure channel of communication by which you can exchange
the symmetric password (which you would need to make your scheme work),
why don't you use
While scd/apdu.c assumes a maximum length of 4096 byte for an extended
length APDU, scd/pcsc-wrapper allocates only 1024 byte for the response.
As most certificates are larger than 1024, reading them with extended
length fails.
The attached patch fixes the buffer size.
Andreas
>From 937a7660c83c
Hello,
I wonder if Mutt can be configured to decrypt inline pgp messages
automatically, without piping the attachment to `gpg --decrypt`.
I know, piping works, but it'd be more convenient to have mutt do the
piping task and automatically display the decrypted message inside.
If anyone has an idea o
Am Fr 18.07.2014, 15:40:34 schrieb Ingo Klöcker:
> > And, quite important: It would not require serious
> > development effort as this possibility is built-in with GnuPGP.
>
> I think you underestimate the development effort.
That is easily possible. But what would have to be done (at least)?
Hi list,
we've added support for the SmartCard-HSM to scdaemon. Please find the
patch that applies to master at [1].
The driver allows read/only operations with keys and certificates on a
SmartCard-HSM. To generate keys and certificates please use OpenSC, XCA
or the tools in OpenSCDP.
There are
On Friday 18 July 2014 02:03:24 Hauke Laging wrote:
> Hello,
>
> is there any OpenPGP mail client which supports symmetric encryption?
KMail does not. At least, KMail does not support creating such messages.
It's possible that KMail would be able to read such messages since the
decryption is de
Evaluate http://bitmail.sf.net
Am 18.07.2014 02:04 schrieb "Hauke Laging" :
> Hello,
>
> is there any OpenPGP mail client which supports symmetric encryption?
>
> I think that would be a nice feature for recipients who don't have an
> asymmetric key (those 99%). Many new communication systems have
Hauke schrieb:
> Why should a feature be added that can so easily be emulated by a simple
> script?
To spare people the work of writing the same „simple script“ over and over
again.
> gpgdir="/tmp/keyring.$$"
> test -d "$gpgdir" && rm -r "$gpgdir"
> gpg --homedir "$gpgdir" --import KEYFILE
> KE
27 matches
Mail list logo
