-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andrew Berg wrote:
> Alexander W. Janssen wrote:
>> Or chown() the gnupg.conf to some other user. Not sure if gpg will read
>> the file then though.
> If the user has read access (and gpg is being run with that user's
> privileges of course), why would
Robert J. Hansen wrote:
Andrew Berg wrote:
Well, /I/ could've told you that. Don't tell me you never figured that
out on your own.
Unless your day job involves being intimately involved in IP
transactions (not just writing code), you could have _speculated_ on
that.
Although I would not
Andrew Berg wrote:
> Well, /I/ could've told you that. Don't tell me you never figured that
> out on your own.
Unless your day job involves being intimately involved in IP
transactions (not just writing code), you could have _speculated_ on
that. There's a big difference between what you believe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andrew Berg wrote:
> Why can't they take away write privileges of gpg.conf (and the gpg
> executables for that matter) from normal users? AFAIK, that would be
> pretty simple (at least on a *nix system).
You'd need to take away write-rights from the d
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Robert J. Hansen wrote:
| The last time I talked to a patent lawyer about software (I had a
nifty thing I wanted to implement and needed to make sure I wasn't
walking into a patent lawsuit), I paid my $200/hr and got this bit of
professional a
://www.SeeingWithC.org/
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of David Shaw
Sent: Tuesday, February 19, 2008 7:04 PM
To: gnupg-users@gnupg.org
Subject: Re: Corporate use of gnupg
On Fri, Feb 15, 2008 at 07:00:12PM -0800, Texaskilt wrote:
>
> I guess what
On Tue, 19 Feb 2008 16:14:55 -0500 "Robert J. Hansen"
<[EMAIL PROTECTED]> wrote:
>Technical fixes to provide ADK-like functionality are well and
>good, but
>if you aren't looking at the patent and creating this new
>technology
>with an eye towards avoiding the patent, you're playing the legal
[EMAIL PROTECTED] wrote:
a simple corporate solution,
Again, check the patent and then check with a patent lawyer. The patent
language is suitably broad that this sort of thing might be construed by
a court to fall under the patent.
Technical fixes to provide ADK-like functionality are wel
>> We won't add ARR (aka ADK) to GnuPG. It would be more useful to
>add a
>> re-encode feature to add another public or symmetric key for
>decryption.
>
>The patent language on #6314190 is sufficiently broad that it
>would
>arguably cover this, too, depending on how it's implemented.
a simple
Werner Koch wrote:
> Frankly, I did not knew about this patent until now.
US Patent 6314190, for those who want to check it out.
> I consider the ADK the wrong solution to a problem which can't be solved
> by a tool.
Mostly agreed.
> We won't add ARR (aka ADK) to GnuPG. It would be more useful
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
>From: Nicholas Cole
>Sent: Tuesday, February 19, 2008 6:54 AM
>To: gnupg-users@gnupg.org
>Subject: Re: Corporate use of gnupg
>On Tue, Feb 19, 2008 at 1:23 PM, David Picón Álvarez <[EMAIL PROTECTED]> wrote:
>&g
On Tue, 19 Feb 2008 14:25, [EMAIL PROTECTED] said:
> PGP Corporation has a patent on ADKs. That's the number one reason
> why the other OpenPGP implementations do not support it.
Frankly, I did not knew about this patent until now.
I consider the ADK the wrong solution to a problem which can't
On Tue, Feb 19, 2008 at 1:23 PM, David Picón Álvarez
<[EMAIL PROTECTED]> wrote:
> > I know that ADK can be circumvented by a determined attacker, but it
> > strikes me as a useful feature, and I have never quite understood the
> > opposition to it. It would have made encryption more palatable in
Just to address the original point of the thread, though, could you
not use sub-keys to achieve the most of the effect you want?
Have everyone share an encryption/decryption subkey, but have their
own separate signing keys. The disadvantage would be that anyone in
the group (ie not just an admini
David Shaw schrieb:
>> Looks like this is ADK. Is there any way to do this on gpg?
>>
> Yes. Put "encrypt-to (the-adk-key)" in everyone's gpg.conf.
I thought that ADKs would work whenever encrypting to a key with that
feature enabled (i.e. also for incoming emails)? I.e. it is per-key and
no
Nicholas Cole wrote:
I know that ADK can be circumvented by a determined attacker, but it
strikes me as a useful feature, and I have never quite understood the
opposition to it.
PGP Corporation has a patent on ADKs. That's the number one reason why
the other OpenPGP implementations do not sup
On Fri, Feb 15, 2008 at 07:00:12PM -0800, Texaskilt wrote:
>
> I guess what we are wanting is for every mail user to have their own
> public/private key. This way they can encrypt their own email on the
> corporate system.
>
> In addition, every email would also be encrypted using the "corporate
I know that ADK can be circumvented by a determined attacker, but it
strikes me as a useful feature, and I have never quite understood the
opposition to it. It would have made encryption more palatable in
corporate settings, which surely would have been a good thing!
IMO there are two possibili
On Sat, Feb 16, 2008 at 3:00 AM, Texaskilt <[EMAIL PROTECTED]> wrote:
>
> Looks like this is ADK. Is there any way to do this on gpg?
GPG does not implement ADK. I think that, historically, it seemed too
much like the kind of key escrow systems that governments have from
time to time talked abo
I guess what we are wanting is for every mail user to have their own
public/private key. This way they can encrypt their own email on the
corporate system.
In addition, every email would also be encrypted using the "corporate key"
that would be in the hands of a select few (supposedly).
For exa
n do admin
tasks).
Max
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Robert J. Hansen
> Sent: 14 February 2008 05:24
> To: gnupg-users@gnupg.org
> Subject: Re: Corporate use of gnupg
>
> Quoting [EMAIL PROTECTED]:
> > And
Quoting [EMAIL PROTECTED]:
And what do they want to do with the recieved emails? The only possibility I
see is to put everyone's private keys and passowrds into a safe - then you
can decrypt sent and received mail later.
Same problem exists with PGP's ADK feature, which should really be
named
And what do they want to do with the recieved emails? The only possibility I
see is to put everyone's private keys and passowrds into a safe - then you
can decrypt sent and received mail later.
> Apologies if this has already been asked. Honestly, I did my homework and
> looked in the archives!
On Wed, Feb 06, 2008 at 11:35:14AM -0800, Texaskilt wrote:
>
> Apologies if this has already been asked. Honestly, I did my homework and
> looked in the archives!
>
> I am wanting to setup up users to use GnuPG for encrypting email, mainly for
> internal e-mail.
>
> Unfortunately, the "powers-t
24 matches
Mail list logo
