The easiest way is to publish your code to a publicly controlled source
with a signature on or before your desired date. Not sure if there's a
*better* way.
On Dec 1, 2016 7:43 PM, "Bertram Scharpf" wrote:
> Hi,
>
> we all know that kidnappers do publish a picture of their
> hostage holding up a
What's annoying is when you're subscribed to a list and receiving posts,
but for some reason when you try to post, it says you're not subscribed and
getting moderated. I've had that happen, but I don't think it's happened
here yet.
On Nov 7, 2016 12:48 PM, "Ralph Seichter" wrote:
> On 07.11.16 1
twice*, and get annoyed.
On Nov 7, 2016 1:24 PM, "Ralph Seichter" wrote:
> On 07.11.16 21:59, Schlacta, Christ wrote:
>
> > What's annoying is when you're subscribed to a list and receiving
> > posts, but for some reason when you try to post, it says you&
I sent this a while ago in case anybody else wants to read it, but
accidentally only to Don.
On Jan 28, 2016 7:42 AM, "Schlacta, Christ" wrote:
> Unofficially, but functionality and contextually correct.. A cryptographic
> signature is a cryptographically strong hash of a messa
Hello list. I know this isn't exactly on topic, but I think it's
asymptotically close enough to justify asking here. I'm looking for a
way to authenticate myself to PAM (Specifically sudo) on a remote
server over SSH, though possibly also on a local server using
ssh-agent. if my gpg key is unlock
On Aug 16, 2015 2:27 PM, "Robert J. Hansen" wrote:
>
> > What other people do says nothing about me, and everything about
> > them.
>
> Except that 99% of people who see that signature will think you have an
> association with white supremacists.
>
> Should they? No.
>
> Will they? Yes.
People
I'll reiterate that there's really no such thing as unwanted signatures.
The more signatures on a key, the stronger the Web of Trust. End of story.
Please try to understand that no signature is inherently unwanted. Your
proposal, in any form, would weaken gpg on the whole by increasing the
alread
As a gpg user, I've been using the gpg 2.1.x releases for a while. as
of 2.1.1, gpg for windows included gpa and gpgex. I used them. newer
releases didn't remove these features, but didn't upgrade or include
them either. Now it's difficult if not impossible to install gpa and
gpgex with gnupg 2
You're confusing gpa and winpt. Gpa is the default utility included with
winpt, but kleopatra is also included with winpt. Comparison wise, kleo has
more features, but gpa's futures are more... useful? I find myself using
gpa daily, and kleopatra only on rare occasion
On Nov 28, 2014 11:41 PM, "Ben
On Nov 21, 2014 8:55 PM, "Ingo Klöcker" wrote:
>
> On Thursday 20 November 2014 14:36:35 Schlacta, Christ wrote:
> > On Nov 20, 2014 1:58 PM, "Ingo Klöcker" wrote:
> > > On Tuesday 18 November 2014 22:43:18 MFPA wrote:
> > > KMail encrypts an
For a password safe you might look into existing solutions, such as
keepass(x) or other similar password storage solutions
On Nov 21, 2014 10:29 AM, "Dave Pawson" wrote:
> Thanks Robert. I'll give it a try.
>
> regards Dave P
>
> On 21 November 2014 18:24, Robert J. Hansen wrote:
> >> Only I use
So to summarize, the best way to try this attack would be to encrypt lots
of small messages to a dummy key and a target key because the only knowable
plaintext is the session key. However, there's no known or reasonably
suspected method of plaintext attack anyway, so all this data is believed
to be
I know some encryption schemes reveal more information about the keys used
when an attacker has both the plaintext and the ciphertext. In general,
how much information does GPG reveal in such situations?
How much plaintext/ciphertext matched data would an attacker need (An order
of magnitude is fi
On Nov 20, 2014 1:58 PM, "Ingo Klöcker" wrote:
>
> On Tuesday 18 November 2014 22:43:18 MFPA wrote:
> KMail encrypts an individual copy for each BCC recipient. I thought
> Thunderbird+Enigmail would also do this.
>
> Any mail client not doing this completely subverts BCC (unless
--throw-keyids
> o
I wouldn't say invite only. Contrarywise, when you send the subscribe
email, in the immediate, automatic response would be the public and private
key, optionally encrypted to the recipient. Open enrollment, public
availability. Just making the data obfuscated in transit.
On Nov 17, 2014 10:15 AM, "
Most of the technical reasons can be bypassed by making a single subscriber
key (public and private) available as a part of the subscription process,
but that eliminates most of the technical advantages of encryption, so it's
really a moot point.
On Nov 17, 2014 8:52 AM, "Matthias Mansfeld" <
m.man
On Nov 10, 2014 10:48 AM, "Robert J. Hansen" wrote:
>>
>> DSA 4096, 5120, and 8192 should be available when governments
>> advocate 3072.
>
>
> The USG does not advocate any particular key size. They've made DSA
> available in three sizes (as of FIPS 180-something) to support a variety
> of diffe
I'm going to go out on a limb and suggest that gpg should support
government sponsored cryptographic standards whenever possible, but should
consider the highest government sponsored requirement as a minimum
requirement to actually implement. DSA 4096, 5120, and 8192 should be
available when govern
I'll add my +1 to the request
On Oct 28, 2014 12:08 AM, "Bob Holtzman" wrote:
> On Mon, Oct 27, 2014 at 02:20:36PM -0400, Robert J. Hansen wrote:
> > Just received word back from a friend of mine who's a law professor
> > focusing in electronic civil liberties, and is a former Commissioner of
> >
You could have just booted in from the lxde DVD and reset your password...
On Aug 13, 2014 11:22 AM, "da...@gbenet.com" wrote:
> Hauke,
>
> Yesterday whilst figuring out what to do, I found that I was logged out -
> my Linux box
> refused to accept my password.
>
> Anyway having copied the conten
As much as I'm sure there will be objections to this, I'd like to
re-suggest that you utilize the "one password for all keyrings" method. So
long as those keyrings are physically on premises, and you practice good
password habits, such as never using your master password for remote
services, chang
I might suggest using the same passphrase you use for your password
manager for GPG. So long as you use a strong passphrase and practice
good password practices on this password, it should remain
uncompromised.
On Fri, Jul 25, 2014 at 2:36 PM, Mathias Bauer wrote:
> * Sudhir Khanger wrote on Fri
On Jul 25, 2014 5:30 AM, "MFPA" <2014-667rhzu3dc-lists-gro...@riseup.net>
wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Hi
>
>
> On Wednesday 23 July 2014 at 9:02:23 PM, in
> , steve wrote:
>
>
> > Wouldn’t it be a nice solution, if key server software
> > had a mechanism for use
Verify, strip, resign. Of course each person would have to configure their
own trusted MTA. If it got compromised, it could either falsely verify
inbound mail to them, or spoof out bound mail as them. Dependent on which
function it was configured to perform.
On Jul 14, 2014 10:22 AM, "martijn.list
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I've googled, and I've searched, and I've tried and I've screwed up
and deleted without sending to keyserver... but I can't for the life
of me figure out how to add my lesser used e-mails to my gpg key as
secondaries. Every time I try, they become th
Depending on how many users are expected to have access to this file, you
can just maintain a public keyring that everyone has. You then have
everyone encrypt to the list of everyone, and then anyone can decrypt it
with their private key and password and re encrypt to everyone. This
solution scal
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I was recently setting up my new keys along with some other people,
and I discovered that as soon as one of my cohorts sent their keys and
recieved confirmation, I could retrieve the keys and they showed up.
When I sent stuff to the key servers, howeve
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi everyone. I just signed up to this list and thought to introduce
myself. I've been aware of gpg for a long time, but seldom have I had
occasion to actually use it. Well, now I do, so I'm all signed up and
introducing myself. As you can probably
28 matches
Mail list logo
