On Wed, Jan 13, 2021 at 12:00 AM André Colomb wrote:
>
> On 12/01/2021 23.47, Stefan Claas wrote:
> > Mmmh ... github.io or GitHub does *not* have issues with wildcard
> > domains ...
>
> Here we are back at you denying facts, or maybe just generalizing too
> much. As several others have put it a
On 12/01/2021 23.47, Stefan Claas wrote:
> Mmmh ... github.io or GitHub does *not* have issues with wildcard
> domains ...
Here we are back at you denying facts, or maybe just generalizing too
much. As several others have put it already:
When "browsing" to openpgpkey.sac001.github.io with whatev
On 12/01/2021 23.33, Stefan Claas via Gnupg-users wrote:
> On Tue, Jan 12, 2021 at 11:32 PM Remco Rijnders wrote:
>> I don't see the valid SSL certificate you keep on insisting is there.
I totally agree with that. It's valid for the sac001 subdomain, but
INVALID for anything below that, which Git
On Tue, Jan 12, 2021 at 11:46 PM André Colomb wrote:
>
> Hi Stefan,
>
> On 12/01/2021 23.16, Stefan Claas wrote:
> > Andre, please appoligze that I snipped your reply and that I only
> > give a short reply, your explanations of server/client IO was
> > welcome.
>
> I'm happy if it helps keeping th
Hi Stefan,
On 12/01/2021 23.16, Stefan Claas wrote:
> Andre, please appoligze that I snipped your reply and that I only
> give a short reply, your explanations of server/client IO was
> welcome.
I'm happy if it helps keeping this discussion constructive and not
turning into a flame war :-)
> I t
On Tue, Jan 12, 2021 at 11:32 PM Remco Rijnders wrote:
>
> On Tue, Jan 12, 2021 at 10:17:13PM +0100, Stefan wrote in
> :
> >> How can GPG solve bugs that are not in the GPG code or infrastructure? I
> >> think André did a great job explaining what the issues are. How do you
> >> think they can be a
On Tue, Jan 12, 2021 at 11:02 PM Daniele Nicolodi wrote:
> The point of WKD is using the trust of the CA machinery (and the
> assumption that the email infrastructure and web servers serving a
> specific domain are run by the same organization) to securely retrieve
> OpenPGP keys associated to an
On Tue, Jan 12, 2021 at 10:17:13PM +0100, Stefan wrote in
:
How can GPG solve bugs that are not in the GPG code or infrastructure? I
think André did a great job explaining what the issues are. How do you
think they can be addressed by GPG?
If you followed the whole thread you may agree that Gnu
On Tue, Jan 12, 2021 at 10:58 PM André Colomb wrote:
[...]
Andre, please appoligze that I snipped your reply and that I only
give a short reply, your explanations of server/client IO was
welcome.
In my OP I only asked for help from the community to set-up
WKD for GnuPG or gpg4win usage and I ga
On 12/01/2021 20:40, Stefan Claas via Gnupg-users wrote:
> On Tue, Jan 12, 2021 at 8:17 PM André Colomb wrote:
>> One more question: You're talking about OpenPGP key discovery setups for
>> families and small groups, IIUC. And that should involve WKD and
>> GitHub. But how should these people a
On 12/01/2021 20.40, Stefan Claas wrote:
>> So there are two "bugs" involved here. 1. GitHub presenting an invalid
>> certificate for the sub-subdomain and 2. Sequoia not noticing that.
>> Neither of these are bugs in GnuPG. If you can accept these facts, then
>> it makes sense to further discuss
On Tue, Jan 12, 2021 at 10:09 PM Daniele Nicolodi wrote:
>
> On 12/01/2021 20:40, Stefan Claas via Gnupg-users wrote:
> > On Tue, Jan 12, 2021 at 8:17 PM André Colomb wrote:
> >>
> >> Hi Stefan,
> >
> >> So there are two "bugs" involved here. 1. GitHub presenting an invalid
> >> certificate for
On 12/01/2021 20:40, Stefan Claas via Gnupg-users wrote:
> On Tue, Jan 12, 2021 at 8:17 PM André Colomb wrote:
>>
>> Hi Stefan,
>
>> So there are two "bugs" involved here. 1. GitHub presenting an invalid
>> certificate for the sub-subdomain and 2. Sequoia not noticing that.
>> Neither of these a
On Tue, Jan 12, 2021 at 9:43 PM Andrew Gallagher wrote:
>
>
> > On 12 Jan 2021, at 19:44, Stefan Claas via Gnupg-users
> > wrote:
> >
> > Hi Andre, currently I can only accept the fact that these two "bugs" are
> > currently not resolved in GnuPG and gpg4win, if you allow me to
> > formulate it
> On 12 Jan 2021, at 19:44, Stefan Claas via Gnupg-users
> wrote:
>
> Hi Andre, currently I can only accept the fact that these two "bugs" are
> currently not resolved in GnuPG and gpg4win, if you allow me to
> formulate it this way.
You should not formulate it this way. If the bugs are not i
On Tue, Jan 12, 2021 at 8:17 PM André Colomb wrote:
>
> Hi Stefan,
> So there are two "bugs" involved here. 1. GitHub presenting an invalid
> certificate for the sub-subdomain and 2. Sequoia not noticing that.
> Neither of these are bugs in GnuPG. If you can accept these facts, then
> it makes
Hi Stefan,
maybe I'm not the only one here who doesn't fully follow what your
"proposal" actually is. For me, it sounds like you are misunderstanding
some things and therefore think you are making a superior proposal where
it is actually based on wrong assumptions.
On 12/01/2021 18.05, Stefan Cl
On Tue, Jan 12, 2021 at 5:36 PM Ingo Klöcker wrote:
>
> On Dienstag, 12. Januar 2021 12:47:59 CET Stefan Claas via Gnupg-users wrote:
> > On Tue, Jan 12, 2021 at 12:43 PM Andrew Gallagher
> wrote:
> > > Yes, WKD is great. But as André has explained, there is an overhead cost
> > > (to everyone) f
On Dienstag, 12. Januar 2021 12:47:59 CET Stefan Claas via Gnupg-users wrote:
> On Tue, Jan 12, 2021 at 12:43 PM Andrew Gallagher
wrote:
> > Yes, WKD is great. But as André has explained, there is an overhead cost
> > (to everyone) for trying the direct method first, so inverting this to
> > work
On Tue, Jan 12, 2021 at 1:04 PM Stefan Claas
wrote:
>
> On Tue, Jan 12, 2021 at 12:47 PM Stefan Claas
> wrote:
> And for the fun factor I could put also an .ots file from my pub key into
> the hu directory,thus making Mallory a bit angry ... :-D
Unfortunaly I am no skilled Golang programmer, ot
On Tue, Jan 12, 2021 at 2:22 PM Stefan Claas
wrote:
>
> On Tue, Jan 12, 2021 at 1:04 PM Stefan Claas
> wrote:
> >
> > On Tue, Jan 12, 2021 at 12:47 PM Stefan Claas
> > wrote:
>
> > And for the fun factor I could put also an .ots file from my pub key into
> > the hu directory,thus making Mallory
On Tue, Jan 12, 2021 at 12:47 PM Stefan Claas
wrote:
> Well, I am not sure about the details for a server or a user when it comes
> to overhead and if you mean with one particular vendow GitHub, well
> that may be the beginning, for such request. But like I mentioned if people
> would wish to man
On Tue, Jan 12, 2021 at 12:43 PM Andrew Gallagher wrote:
>
> On 12/01/2021 11:27, Stefan Claas wrote:
> > The point for me is WKD exists and can be used as an cheap inhouse
> > solution, for families or organizations, if it would allow cost effective
> > wildcard subdomain support for SSL certs, w
On 12/01/2021 11:27, Stefan Claas wrote:
The point for me is WKD exists and can be used as an cheap inhouse
solution, for families or organizations, if it would allow cost effective
wildcard subdomain support for SSL certs, which IMHO can not hurt
and if the direct method would be triggered first
On Tue, Jan 12, 2021 at 11:49 AM Andrew Gallagher wrote:
>
> On 12/01/2021 08:25, Stefan Claas via Gnupg-users wrote:
>
> > if this would work, like I mentioned in my bund.de example, organizations
> > would have the freedom to choose WKD instead of hockeypuck or Hagrid,
> > and they would have a
On 12/01/2021 08:25, Stefan Claas via Gnupg-users wrote:
if this would work, like I mentioned in my bund.de example, organizations
would have the freedom to choose WKD instead of hockeypuck or Hagrid,
and they would have a compatible*inhouse* solution, via simple
Web management, instead of runn
On Tue, Jan 12, 2021 at 09:25:15AM +0100, Stefan Claas via Gnupg-users
wrote:
It would be nice to know why the advanced method was added.
To give more flexibility for people setting up a WKD for more than one
domain.
Let’s say that I manage example.org and example.net, and I want to serve
k
On 12/01/2021 09.25, Stefan Claas via Gnupg-users wrote:
> It would be nice to know why the advanced method was added. In case
> the direct method would not be sufficent or would have security issues
> I would think that than one replaces the direct method with advanced
> one and then we only need
On Mon, Jan 11, 2021 at 11:03 PM Ángel wrote:
>
> On 2021-01-11 at 16:36 +0100, Stefan Claas wrote:
> > On Sun, Jan 10, 2021 at 11:22 PM Ángel wrote:
> > > On 2021-01-10 at 18:47 +0100, Stefan Claas wrote:
> > > > Can you tell me/us in laymen terms how this works with gnupg.org?
> > >
> > > Sure.
29 matches
Mail list logo
