-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 03-04-2017 a las 20:04, Will Senn escribió:
...
> Actually, I appreciate all of the detail. I will start off with a
> simple keypair that I am careful with. Based on my current
> understanding, if my passphrase is known only to me, is
> sufficient
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 02-04-2017 a las 20:23, Will Senn escribió:
...
>> In short, the main key acts as a level of indirection, which
>> separates your identity from your encryption/signing keys.
> Sounds like what I was led to believe to be the case, but at the
> end
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 30-09-2015 a las 14:17, David Niklas escribió:
> Hello,
Hello,
> Now, I'm a student (think penny less), and live in a rural area
> 100mi from the nearest LUG and people out here are _very_ computer
> illiterate
Well, I live in the capital
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 01-10-2015 a las 8:08, Bob Henson escribió:
...
>> It /is/ totally meaningless. And we should educate users that it
>> is meaningless.
>
> Agreed. But a new user who has yet to be educated would baulk at
> trusting a key signed by Genghis Khan o
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 01-10-2015 a las 5:33, Bob Henson escribió:
...
> Authority key, say. But a signature of any person's key that you
> have not met and positively verified is worse than useless as it
> degrades the whole trust process. Someone who I had never
> pre
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 01-10-2015 a las 7:26, Christian Loehle escribió:
> I want to use gpg to encrypt a potentially large file to some
> (cloud-like) storage provider, the recipients are not known at the
> time of uploading. What I want to do is to send the encrypted
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 03-09-2015 a las 19:46, Robert J. Hansen escribió:
>> IMHO, it would be desirable that the current version can still
>> open old data, even if it refuses to encrypt that way. But maybe
>> keeping the decrypt old data capability has some inconvenie
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 28-08-2015 a las 4:37, Werner Koch escribió:
...
> Some of these old time users may not follow the news thus may be
> baffled when they figure that gpg is not able to decrypt their old
> data. Thus a short note that a GPG 1 version is maintaine
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 17-06-2015 a las 11:15, Robert J. Hansen escribió:
...
> The most common one I've found is not understanding the material as
> well as they think. This tends to come through most in the
> metaphors an instructor uses. For instance, I frequently
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 05-02-2015 a las 16:00, MFPA escibió:
> Hi
>
>
> On Thursday 5 February 2015 at 9:38:29 AM, in
> , Peter Lebbing wrote:
>
>
>> Oh, by the way:
>
>>> But will a smartcard solve the problem that the host computer
>>> might be infected with mal
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 23-01-2015 a las 0:29, Robert J. Hansen escibió:
>>> Smartcards exist to keep private keys safe(r) from being
>>> stolen. They do a pretty good job of that. But when we expect
>>> smartcards to be able to somehow make a compromised environment
>>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hello,
Well, some months ago I wanted to take a look at existing
smartcards and/or readers that hopefully support both OpenPGP and x503
certificates, but my Google-Fo failed me, I couldn't figure out where
to buy something that works on Windows
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 22-01-2015 a las 20:43, Robert J. Hansen escibió:
> Smartcards exist to keep private keys safe(r) from being stolen.
> They do a pretty good job of that. But when we expect smartcards
> to be able to somehow make a compromised environment safe t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hello,
El 21-01-2015 a las 7:58, s7r escribió:
> Thank you very much for your reply.
...
> I have the public key of John Doe . He has
> more UserIDs associated with the same masterkey, as follows: John
> Doe John Smith Bob
> Jones Primary UserI
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 02-12-2014 a las 7:53, Robin Mathew Rajan escibió:
> Hello David, :)
>
> I already uploaded my public key to a public key server some months
> ago. But there's no local Linux users group where I live! I sent
> emails to some people listed at bigl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 06-07-2014 19:25, eMyListsDDg escribió:
>
> i found my error and the priv key. i had created this pair on a
> linux vm some time ago and had forgotten that. back then when i
> exported it and imported into a win machine something didn't quite
> t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 02-07-2014 0:45, eMyListsDDg escribió:
...
> well i managed to create a pub key without a priv key. that is, it
> only has a pub part. thats what gpa key manager is telling me.
That's not possible, since the public key is based on the secret
ke
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 04-06-2014 4:32, Werner Koch escribió:
> On Wed, 4 Jun 2014 04:43, ds...@jabberwocky.com said:
>
>> I haven't looked at the fine details yet, but on the surface it
>> seems like they're aiming at Gmail (mainly, but not solely).
>
> Interesting.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 30-05-2014 20:21, Mark Rousell escribió:
...
> Note that there is also DiskCryptor for open source full disk
> encryption on Windows. See http://diskcryptor.com. I've not tested
> it but it does seem to work, although it suffers from the same
> dr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 09-05-2014 4:34, Josef Schneider escribió:
...
> Hi,
>
> compilation is straightforward, if msys and mingw is installed!
> pgpdump.c is missing a "#include ", after adding that
> just a ./configure and make to compile it! I compiled a 64 and a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 10-05-2014 4:23, Tomer Altman escribió:
> To whom it may concern,
>
> I recall reading somewhere some best practices for creating one's
> initial RSA key pair that they intend for building their Web of
> Trust. I think the recommended steps were:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hello,
I hope this is not much off-topic. I was looking for pgpdump
binaries, and the one I have is for version 0.20, I downloaded it on
september 2011. But in the website, the current version is 0.28, from
june 2013. Does somebody know where I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 16-04-2014 13:37, Hauke Laging escribió:
> Am Mi 16.04.2014, 18:21:16 schrieb Peter Lebbing:
>> The usual way it works here would be, in your example, for the
>> dean to send the recipients a message with "Please consider the
>> request in the att
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 16-04-2014 11:14, Hauke Laging escribió:
> Hello,
...
Hello Hauke,
> I was told that this effect was less about the offer itself but
> more about the point that this was "one more email from a stranger
> to a group of people". I.e. probably no
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 02-05-2014 18:18, Daniel Kahn Gillmor escribió:
> On 05/02/2014 06:03 PM, Faramir wrote:
>> El 28-04-2014 14:35, Daniel Kahn Gillmor escribió: ...
>>> But I also want to point out that some employers may have a
>>> le
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 27-04-2014 9:04, Simon Ward escribió:
...
> The password manager should clear or overwrite the clipboard after
> a short time, which should help. Keepass includes "timed clipboard
> clearing" in its feature list. Of course, there is still the
> qu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 28-04-2014 14:35, Daniel Kahn Gillmor escribió:
...
> But I also want to point out that some employers may have a
> legitimate need (even a legal compulsion) to be able to decrypt
> communications coming to your work-related e-mail. One reasonabl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 01-05-2014 8:55, Werner Koch escribió:
> On Wed, 30 Apr 2014 21:36, faramir...@gmail.com said:
>
>> I'm thinking, now you are using CAcert certificates, would it be
>> possible to get a CAcert signature on the gpg s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 01-05-2014 5:57, Peter Lebbing escribió:
> On 30/04/14 23:48, Daniel Kahn Gillmor wrote:
>> So a CA who learns that a statement that it has made is untrue
>> *should* revoke that statement as soon as it finds out
>
> However, how many of the free
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 30-04-2014 15:23, Doug Barton escribió:
> On 04/30/2014 01:25 AM, Martin Gollowitzer wrote:
...
> Yeah, I don't quite see your point. They are providing a very
> valuable service for free, and charge a nominal fee for revoking a
> cert. If you
...
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 30-04-2014 3:41, Werner Koch escribió:
...
> Note that https is not enforced for lists.gnupg.org and the other
> services because over there we use CAcert certificates which do not
> work widely enough. If there is an interest to have lists at h
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 30-01-2014 18:15, Donald Morgan Jr. escribió:
> If you know a user has a signature that they use to always end a
> message with, does that data aid in the decryption of the file?
> Would this exploit be applicable to symmetric encryption methods a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 03-10-2013 17:48, Alejandro Szita escribió:
> Dear All,
>
> I am a new member to this list, so first of all thank you so much
> for your time and consideration in helping me out, I hope I can
> return the favour in the near future.
>
> My system
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 21-08-2013 8:53, Emanuel Schütze escribió:
> Hello,
>
> we are pleased to announce the availability of the new stable
> Gpg4win version 2.2.0.
Nice! But... is the stable version different than Gpg4win
2.2.0-beta56 ? Sometimes the final version
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 22-08-2013 9:56, Robert J. Hansen escribió:
...
> GnuPG extends this with support for Camellia-128, Camellia-192 and
> Camellia-256. I don't know the reasoning for introducing Camellia,
> but I'm sure there's a solid basis for it.
IIRC, someb
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 02-03-2013 5:14, Doug Barton escribió:
...
> The signatures are from the same keys, same certification level,
> everything. The only thing different is the date of the signature
> (obviously).
>
> So the question is, what value, if any, would t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 25-02-2013 19:54, Peter Loshin escribió:
...
> 2. On keeping an encrypted backup of my secret key material, what
> method is recommended for doing that? (Presumably something like
> "gpg --export-secret-keys | gpg --output secretkeymatter.gpg
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 08-02-2013 6:48, Peter Lebbing escribió:
> On 08/02/13 03:12, Josef Schneider wrote:
>> With GnuPG on the other hand someone who has access to my PC can
>> sign whatever he likes and sign as much as he likes, as long as
>> my card reader is attach
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 06-02-2013 19:51, Robert J. Hansen escribió:
> On 2/6/13 4:28 AM, Peter Lebbing wrote:
>> Can you explain (broadly) how one would compromise the
>> signature/the device that you sign with?
>
> Happily!
>
> I have an OpenPGP smartcard and an SCM
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 04-12-2012 18:18, Allen Schultz escribió:
> GnuPG-Users:
>
> I was wondering where that article was about seperating the master
> key from daily subkeys (both signing and encrypting). I can't seem
> to find it. Are there other articles on the s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 02-12-2012 16:38, Richard Höchenberger escribió:
...
> http://www.corsair.com/usb-drive/flash-padlock-2-usb-drive.html
>
> Do you guys have any experience with one of these?
I found the favorable review:
http://www.everythingusb.com/corsair-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 02-12-2012 16:38, Richard Höchenberger escribió:
> Apparently I just now figured out how to use Google ;) Found two
> flash drives with built-in encryption & pinpad:
>
> http://www.lok-it.net/
> http://www.corsair.com/usb-drive/flash-padlock-2-u
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 02-12-2012 18:31, Doug Barton escribió:
...
> It's OT for this mailing list, but you could use TrueCrypt in
> portable mode in this situation with a file volume.
I think he can't, TrueCrypt in portable mode still require admin
rights to run,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 06-11-2012 11:30, Werner Koch escribió:
> On Tue, 6 Nov 2012 07:56, faramir...@gmail.com said:
>
>> My fault, I was trying with www.gpg4win.org
>
> Your problem might be that you still filter out the 5.0.0.0/8 net
> which
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 06-11-2012 11:30, Werner Koch escribió:
> On Tue, 6 Nov 2012 07:56, faramir...@gmail.com said:
>
>> My fault, I was trying with www.gpg4win.org
>
> Your problem might be that you still filter out the 5.0.0.0/8 net
> which
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 05-11-2012 18:26, MFPA escribió:
> Hi
Hello,
>> I have 2 questions:
>
>> 1.- Is it me, or gpg4win site is down?
>
> http://gpg4win.org/ is working for me at the moment. I wasn't
> trying an hour ago. (-;
My fault, I was trying with www.gp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 30-10-2012 9:31, Werner Koch escribió:
> On Mon, 29 Oct 2012 21:41, r...@sixdemonbag.org said:
>
>> Could you perhaps make a list of, say, the top five features
>> GPGshell supports that GPA doesn't? Things that you, yourself,
>> use regularly,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 29-10-2012 15:34, Robert J. Hansen escribió:
> On 10/29/2012 2:05 PM, User wrote:
>> You may want to take a look at GPGshell for an alternative.
>
> GPGshell is not Free Software, and for that reason it's not
> exactly appropriate to recommend it
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 29-08-2012 5:28, antispa...@sent.at escribió:
> Hello List!
>
> I'm (for some of you) your worst nightmare. Somebody who does not
> master the fine arts of cryptography, yet has an oppinion about
> cryptography. I might say I enjoy reading the th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 28-08-2012 20:01, MFPA escribió:
Hello,
>> IMHO, the main trouble probably is people don't feel the need to
>> protect their privacy.
>
> So why do they use envelopes rather than postcards, and keep
> secret the PIN for their cashpoint cards?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 28-08-2012 18:27, Stan Tobias escribió:
...
>> What would happen if you start reading your daughter's diary
>> everyday, but never let anybody catch you reading it? And you
>> are
...
> I would be violating her privacy.
Right, that was my poi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 24-08-2012 8:42, peter.segm...@wronghead.com escribió:
...
>> Yes and no. If the group manager configures the software,...
>
> This group's view is now that a single point of failure (such as a
> "group manager" - who probably either does (or ea
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 26-08-2012 17:37, Stan Tobias escribió:
...
> If you want to preserve the Privacy (like I described above), you
> have to exercise it. You have to take a risk that someone will
> open and read your letter/email, and if they do, you demand them
>
think it is good to
discuss a bit about the "why" from time to time. Of course, the list
is devoted to discussing the "how".
...
> Faramir wrote:
>> IMHO, the main trouble probably is people don't feel the need to
>> protect their privacy. If they don't
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 25-08-2012 1:35, Laurent Jumet escribió:
> Hello Faramir !
Hello Lauren,
> On your message below, my GPG gives this warning:
>
> === Begin Windows Clipboard === gpg: armor: BEGIN PGP SIGNED
> MESSAGE gpg: armor header: Hash:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 24-08-2012 19:33, Robert J. Hansen escribió:
...
> Thank you, John. Simson Garfinkel has another one worth adding to
> the list, but I'm blanking on it for the life of me right now --
> give me a
Maybe "Bridge over troubled waters"? (I'm joki
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 22-08-2012 14:59, peter.segm...@wronghead.com escribió:
> Thank you for your comprehensive comments,
You are welcome, lets add more comments.
> On 22/08/12 03:16, Faramir - faramir...@gmail.com wrote:
>> I think you are wrong abo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 31-07-2012 8:17, peter.segm...@wronghead.com escribió:
...
> Correct me if I'm wrong, but it is unreasonable to expect anybody
> to successfully and safely use gpg without understanding the
> concepts and mastering the skills essential to the WO
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hello,
I saw a message at spanish help list, requesting where to find
an example pattern file to use with check-passphrase-pattern option.
Since this list is a lot more populated than spanish list, I thought I
should forward the question here.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 26-07-2012 8:43, Heinz Diehl escribió:
> On 26.07.2012, Faramir wrote:
>
>>> That's security through obscurity assuming the other one won't
>>> know where to search for the key, which is not stored with
...
&
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 26-07-2012 5:56, Ben McGinnes escribió:
> On 26/07/12 6:40 PM, Robert J. Hansen wrote:
...
>> For instance, I don't like Serpent very much on account of how
>> complex it is. My rule of thumb is, "if I don't believe an
>> undergraduate in compu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 25-07-2012 8:29, antispa...@sent.at escribió:
>
> On Wed, Jul 25, 2012, at 03:23, Faramir wrote:
...
>>> Yes, security through obscurity. A possible attacker won't know
>>> for
...
>> I don't know w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 25-07-2012 2:50, Heinz Diehl escribió:
> On 25.07.2012, Faramir wrote:
>
>> Clearly I'm out of my league there. I had heard about that, but
>> later I also heard about stacking different algos (with different
>>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 25-07-2012 1:12, Robert J. Hansen escribió:
> On 7/24/2012 10:21 PM, Faramir wrote:
>> Clearly I'm out of my league there. I had heard about that, but
>> later I also heard about stacking different algos (with different
&
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 22-07-2012 16:52, Robert J. Hansen escribió:
> On 7/22/2012 12:12 PM, Faramir wrote:
>> If your secret key is password protected, placing it inside a
>> keepass file would add a second (maybe unneeded) layer of
>> protection
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 22-07-2012 19:39, antispa...@sent.at escribió:
> On Sun, Jul 22, 2012, at 16:25, Doug Barton wrote:
...
>> Your private key is encrypted, right? Use a strong password for
>> that and you're in fine shape.
>
> Yes, security through obscurity. A po
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 20-07-2012 11:51, antispa...@sent.at escribió:
> I don't know much about security and cryptography. So what do you
> think about this combination? Is it any safer or is just a waste of
> time with the conversion to ASCII and back?
If your secre
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 22-05-2012 4:58, tim.kac...@gmail.com escribió:
...
> There are also estimates made that in the US 1 in 6 "protestors" is
> actually a government agent of one sort or another, dept of
> defense, homeland security, fbi what have you. And that exl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 22-05-2012 8:34, da...@gbenet.com escribió:
...
> Some say that all the power of the universe - and all the time its
> been in existence will not crack a 2048 bit key with a secure
> passphrase. So by the time the universe is well and
That is a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 22-05-2012 12:33, Jerry escribió:
...
> that sort of logic. What really amazed me though was that the OP
> wants security and yet he uses GMail. "GMail" and "security" are
> diametrically opposed concepts.
Why? If I send an encrypted message,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 05-05-2012 7:46, Milo escribió:
...
>> You also indicate yourself where this goes askew: RSA 8k is
>> immensely more CPU intensive than AES256 v AES128.
>
> If you can't afford this "immense" expense - don't use 8k RSA.
But if you send a sign
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 04-05-2012 10:17, Milo escribió:
> Hello Robert, Hello all.
...
>> How many petabytes are sent across the wire each day? Do you
>> really think people will be storing all of today's traffic for
>> twenty years, just so some analyst not even born
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 12-04-2012 20:29, John Clizbe escribió:
...
>> pool.sks-keyservers.net adds them to its own list. So really,
>> that's the only address you need. :)
>
> It's best to stick with the pool address, otherwise if you select a
> single server, you'l
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 18-03-2012 15:13, freej...@is-not-my.name escribió:
>> I should note that many people actually *don't* check if the
>> e-mail address belongs to the person whose UID they sign. If this
>> were as
...
> That doesn't sound right. If you can't verify
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 18-03-2012 5:13, freej...@is-not-my.name escribió:
...
> Alright that's a good answer but aren't people just confirming the
> email address belongs to a known signer when they sign a key? Does
> it really matter what the UID comment is? I think it
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 07-03-2012 18:24, MFPA escribió:
...
>> Only your private key can generate the revocation certificate,
>
>
> Can't you add another key as a designated revoker, and then
> generate the revocation certificate with that other private key?
You ar
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 06-03-2012 16:58, Peter Lebbing escribió:
...
> The keyservers don't do any validation on revocation certificates;
> anyone who feels like it can add /invalid/ revocation certificates
> to your key to annoy you. But as soon as OpenPGP software imp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 06-03-2012 15:59, auto15963...@hushmail.com escribió:
...
> I do in fact use gpg-agent and a cache >0, but this machine is not
> in a workplace or public location. It is in my home, in a place
> where visitors have no access, and my family woul
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 04-03-2012 19:29, Hauke Laging escribió:
...
> The interesting question about that is not about you publishing the
> public key but about how the person could get access to your
> private key. It is not possible to revoke a key without the private
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 31-01-2012 9:12, Marko Randjelovic escribió:
> I tried to revoke this key since after changing a passphrase on
> 2012-01-28 and using it with new passphrase immediately after,
> after a few hours I could not again be successfull (bad
> passphrase)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 31-01-2012 9:12, Marko Randjelovic escribió:
> I tried to revoke this key since after changing a passphrase on
> 2012-01-28 and using it with new passphrase immediately after,
> after a few hours I could not again be successfull (bad
> passphrase)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hello,
Is key D869 2123 C406 5DEA 5E0F 3AB5 249B 39D2 4F25 E3B6 (
0x4F25E3B6 ) the current key used for signing files? I suppose it is,
but I'd like to ask before issuing a local signature.
Best Regards
-BEGIN PGP SIGNATURE-
Ver
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 24-01-2012 16:26, brian m. carlson escribió:
> On Tue, Jan 24, 2012 at 03:13:46PM -0300, Faramir wrote:
>> Well, if Trent signs Alice key, Bob, who trust Trent, might sign
>> her key too. Charly doesn't know Trent,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 21-01-2012 18:50, Gregor Zattler escribió:
> Hi Aaron, gnupg users, * Aaron Toponce
> [21. Jan. 2012]:
>> I just signed an OpenPGP key with cert level 0x12 (casual
>> checking) given the following scenario:
>>
>> * A PGP key was signed by an SSL
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 11-11-2011 19:57, Doug Barton escribió:
> On 11/11/2011 14:54, Chris Poole wrote:
...
>> OK thanks, I hadn't thought of that. I'd still have to decrypt
>> and re-encrypt them to keep hashes of all plaintext versions of
>> the files though. (Thinki
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 19-10-2011 17:54, Peter Lebbing escribió:
> On 19/10/11 22:43, Faramir wrote:
>> Ok, but if the online computer uses Windows, and the offline one
>> uses Linux, then it would be a multiplataform trojan horse...
>> that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 18-10-2011 10:07, Peter Lebbing escribió:
...
> A capable enough hacker might infect the USB pendrive while it is
> in your internet-connected PC and that way still gain access to the
> non-connected system.
Ok, but if the online computer uses
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 05-10-2011 6:21, Peter Lebbing escribió:
> On 05/10/11 08:15, Faramir wrote:
>> Would Paperkey be useful to do that? I guess no, since it
>> encodes the private key somehow... but maybe tweaking it?
>
> IMHO, if you want
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
> On 28/09/11 15:50, Werner Koch wrote:
>> There is no feature for it. You may use gpgsplit to manually
>> construct a key from such a backup. You need to take the
>> keybinding signature etc from the matching public key. I have
>> not tried, it t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hello,
I've been a very happy user of 1.4.x branch for some years. Now
I'm thinking about moving to 2.x, which would mean GPG4Win. How do I
migrate my keyrings to 2.x? Simple copy/paste?
Best Regards
-BEGIN PGP SIGNATURE-
Version
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 26-08-2011 15:08, David Tomaschik escribió:
> On Fri, Aug 26, 2011 at 12:31 PM, Faramir
> wrote:
>> According to keepass strength measurer, you can get more than 128
>> bits with just 30 characters (including some
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 26-08-2011 12:35, Aaron Toponce escribió:
...
> Also, 62-character passphrase might be a bit extreme, giving you a
> false-sense of security. Using a truly random sequence of characters
> from the 94-printable ASCII pool of characters, a 12-char
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 03-08-2011 9:40, ved...@nym.hush.com escribió:
> Sorry, wrong link extension,
>
> here is the correct one: http://www.pgpdump.net/
By the way, what would be required to run pgpdump locally? I guess
there is no compiled version for windows...
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 13-07-2011 7:28, Chris Poole escribió:
...
> Is there some feasible attack that could change the encrypted data
> in such a way that I won't notice it when I decrypt the file, but
> somehow the file will still decrypt?
Anyone that has a copy of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 19-06-2011 4:20, 0 escribió:
>
> I see. I read that it is a good practice to sign one's public key before
> giving it to other people. I thought they meant signing the key as a
> message. Now that you clarified this, I went to seahorse, Name
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 13-06-2011 11:39, Hauke Laging escribió:
...
> I would like to have the possibility to pass the hash to be signed.
I suppose if the hash is sent using a "secure" connection, it should
be safe enough. But that option, no doubt, would be an "expe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 07-06-2011 4:18, Werner Koch escribió:
...
>> Those are a lot of questions, but I'm still highly sceptical towards
>> that GPG2 monster and would prefer to stay with my more manageable
>
> It is not a moster; rthe installer is only that larger be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 16-05-2011 12:35, Jerome Baum escribió:
...
> In the worst case, you may be looking at loosing everything from the
> corruption point onwards, assuming some kind of stream compression. This
> is IIRC the default for GnuPG when it encrypts. Otherwi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 24-04-2011 6:49, Mike Acker escribió:
> On 14:59, Faramir wrote:
>> You can store them in a password manager, it's more secure than a txt
...
> how long have we been asking the industry for Single Logon? a password
> m
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 24-04-2011 13:47, Ingo Klöcker escribió:
> On Sunday 24 April 2011, Faramir wrote:
...
>> You can store them in a password manager, it's more secure than a
>> txt file or a post-it on the screen.
>
> That's n
1 - 100 of 539 matches
Mail list logo
