NSA or GCHQ taking in
every single email that crossed their borders.
--
Steve Jones
Key fingerprint: 3550 BFC8 D7BA 4286 0FBC 4272 2AC8 A680 7167 C896
pgpb9gmjiGWFb.pgp
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-u
o email
the person anyway you might as well have some confidence that you're
using the right key.
--
Steve Jones
Key fingerprint: 3550 BFC8 D7BA 4286 0FBC 4272 2AC8 A680 7167 C896
signature.asc
Description: PGP signature
___
Gnupg-us
ecurely? If the keyserver has certified the key with a
challenge response protocol you've got your answer.
Ideally you'd have an email address and a fingerprint, but often you
don't.
--
Steve Jones
Key fingerprint: 3550 BFC8 D7BA 4286 0FBC 4272 2AC8 A680 7167 C896
signature.
from the first
contact.
--
Steve Jones
Key fingerprint: 3550 BFC8 D7BA 4286 0FBC 4272 2AC8 A680 7167 C896
signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On Fri, 31 Jan 2014 15:02:14 +0100
NdK wrote:
> Il 31/01/2014 10:24, Steve Jones ha scritto:
>
> > Well the conventions of use, for example the key signing party
> > protocol, requires photographic id. If I publicly sign a key it has
> > to be in line with how I expec
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Fri, 31 Jan 2014 01:15:07 +
MFPA <2014-667rhzu3dc-lists-gro...@riseup.net> wrote:
> On Thursday 30 January 2014 at 10:43:39 PM, in
> , Steve Jones wrote:
>
> > Well therein lies my problem with the PGP system. It
> &
On Thu, 30 Jan 2014 21:09:45 +
MFPA <2014-667rhzu3dc-lists-gro...@riseup.net> wrote:
> On Thursday 30 January 2014 at 12:58:44 AM, in
> , Steve Jones wrote:
> > The advantage you have here though is the web of trust.
> > 1 level 1 signature would probably be not en
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Thu, 30 Jan 2014 00:22:08 +
MFPA <2014-667rhzu3dc-lists-gro...@riseup.net> wrote:
> On Tuesday 28 January 2014 at 11:37:25 PM, in
> , Steve Jones wrote:
>
>
> > A more sophisticated approach
> > would b
sily-noticed.
Maybe, a lot of compromised actors have gotten away with it for a long
time. But that's a different story, all the trust in a person's key and
identity is useless if they're secretly working against you.
- --
Steve Jones
Key fingerprint: 3550 BFC8 D7B
On Wed, 29 Jan 2014 11:14:11 +
"nb.linux" wrote:
> Gregor Zattler:
> > Hi Steve, gnupg users,
> > * Steve Jones [24. Jan. 2014]:
> > That's an interesting idea. But there is still the possibility
> > of a man in the middle attac... The web of tru
On Tue, 28 Jan 2014 20:13:30 +0100
Leo Gaspard wrote:
> On Fri, Jan 24, 2014 at 11:08:16PM +0000, Steve Jones wrote:
> > [...]
> >
> > Finally there's the possibility of explicit verification, if someone
> > sends me a challenge and I publish that challenge'
ontrol of that private key and
can publish to that blog.
Which reminds me that I'd really like an email client that
automatically signs keys at level 1 (persona) of anyone who replies
with a signed email that quotes a significant portion of the text I
sent, as this effectively counts as a challe
So I'm led to the idea that associating keys with areas on the web
where a person's work, writings, etc... are known is more important
than some sort of confirmation of a person's name, which is not even a
unique identifier. If, for example, you'd signed your commits to
monkeysph
ilar key and that key is one half a monitor in
> 'monitor' height
You can use the pgpdump tool to see all the data in a public key file. A given
key might contain lots of extra data beside the actual key, like signatures and
photos.
--
Steve Jones
Key fingerprint: 3550 BFC8 D7BA 428
um it would be useful to
be able to verify this. I'm curious what other people on this list think of
this.
[1] http://tools.ietf.org/html/rfc4880#section-5.11
--
Steve Jones
Key fingerprint: 3550 BFC8 D7BA 4286 0FBC 4272 2AC8 A680 7167 C896
signature.asc
Description: PGP
've not heard of any issues with that setup, but your mileage may vary.
Thanks, that was quite helpful. I've found I can just delete the self
signatures on my UID and replace them with better ones but I can't see a way to
change the subkey binding signature.
--
Steve Jones
K
key to not use
SHA1 digests which it appears to be using, as well as listing SHA1 as my second
favourite algorithm.
--
Steve Jones
Key fingerprint: 3550 BFC8 D7BA 4286 0FBC 4272 2AC8 A680 7167 C896
signature.asc
Description: PGP signature
___
Gnup
17 matches
Mail list logo