This is not clear to me.
Certainly a key manager (example GPA) can have certificates that can be
version 2. Other keys may or may not be version two but have been signed by
the older version.
As far as I understand the all thing can not be trusted (worse if you can
not figure out the version of
from:
http://www.pgp.net/pgpnet/pgp-faq/pgp-faq-keys.html#key-public-key-forgery
at 2014-04-19T14:49+1
I retrieve
"Yes, it is possible to create a public key with the same fingerprint as an
existing one, thanks to a design misfeature in PGP 2.x when signing RSA
keys. The fake key will not be of
Any (easy) way to find out the version of a given key?
2014-04-19 15:46 GMT+01:00 Nicholas Cole :
> On Sat, Apr 19, 2014 at 3:35 PM, One Jsim wrote:
> >
> > from:
> >
> >
> >
> http://www.pgp.net/pgpnet/pgp-faq/pgp-faq-keys.html#key-public-key-forge
from:
http://www.pgp.net/pgpnet/pgp-faq/pgp-faq-keys.html#key-public-key-forgery
at 2014-04-19T14:49+1
I retrieve
"Yes, it is possible to create a public key with the same fingerprint as an
existing one, thanks to a design misfeature in PGP 2.x when signing RSA
keys. The fake key will not be of
>
> PRELIMINARIES
>
> In the '90 (I am old!) I was a moderated evangelist of the universal use
> of PGP (and later GPG) and public key infrastructure (web of trust) in
> order to achieve acceptable universal privacy and trust in email
> communication.
>
> At the time I have a good comprehension of
PGP/GPG does not work easily with web-mail.
Most email, today, is read and write using the browser
POP ou IMAP mail is a rarity
That is the problem
Some text/link in this problem?
José Simões
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://
Sending a file encrypted over vanilla FTP does not protect the FTP
password (if any). Worse if the FTP password is the account password.
Jose Simoes
2011/3/22 Mike Acker :
> Hi,="We are intending to use GNUPG to encrypt a file before we FTP it to an
> external party.
>
> Is it possible to use GNU
I have been creating key-pars for me and helping other people. Since I
am not a cryptographer I use always GPG defaults options and
suggestions (line command)
Alfter all this new stuff (creating sha-1 collisions, md-5 ? or so)
should I change the procedures I used to use?
Should I revoke (and he
