I'm confused by this e-mail, hopefully the notes and questions below can
start to un-confuse it a bit.
On Thu 2018-12-13 13:40:56 -0900, justina colmena via Gnupg-users wrote:
> OpenKeychain on my smartphone is able to verify the attached
> signatures .gpg, but not the detached .sig files.
This a
On 2018-12-13 at 13:40 -0900, justina colmena via Gnupg-users wrote:
> MAIN QUESTION: Is this a pinentry-curses problem with the tty over
> ssh, or is it an actual key incompatibility issue?
Looks like a pinentry issue.
I guess you are using some non-alphanumerical characters in the
passphrase? My
This e-mail is signed with a key generated by OpenKeychain on a smartphone. I
am able to verify the signatures on other signed e-mails I get on this mailing
list, with the exception of the footer added by the mailing list software.
I was able to back up the key, import it into GnuPG 1.4.23 and s
Hey Arthur, what makes you think that Yubikey is trustworthy?
Is it because you have assessed your threat model and you disbelieve
that any potential attacks via Yubikey would be not used against you?
Or have you done an independent audit of the Yubikey and satisfied
yourself that it's safe enoug
On 13.12.2018 08:13, Werner Koch wrote:
> If you care about side channel attacks, NFC communication is a bad idea
> because the decrypted session key can easily be picked up. To avoid
> this, /secure communication/ needs to be used but that is cumbersome
> because this requires a shared secret b
> I agree that smartphones are not safe, but I am not particularly in favor of
> smartcards, dongles, and security tokens like yubikeys, either.
>
> Any kind of special-purpose cryptographic *hardware* is essentially
> proprietary, and too attractive and soft a target for various nations' spy
On 12/12/2018 9:01 PM, Arthur Ulfeldt wrote:
> Yes! All the encryption happens on your computer (and or your phone) and
> you have complete control of the process.
True for the computer, by nature phone are not secure.
> The flip side of this is you are responsible for the whole process. There
>
On December 12, 2018 10:13:58 PM AKST, Werner Koch wrote:
>On Tue, 11 Dec 2018 19:27, art...@ulfeldt.com said:
>> using openkeychain with a yubikey nfc is totally solid, and
>convenient.
>> I've been using them for years. they also plug into the bottom of the
>> phones which some people prefer.
>
