On Fri, Jan 24, 2014 at 07:47:15AM +0100, Werner Koch wrote:
> [...]
>
> > the usefulness of revocation certificate, just the advice always popping
> > out to
> > generate a revocation certificate in any case, without thinking of whether
> > it
> > would be useful.
>
> Okay, that is a different
On Thu, Jan 23, 2014 at 04:38:19PM -0800, Robert J. Hansen wrote:
> >Well... I don't know how you type
>
> With a nine-volt battery, a paperclip, and a USB cable that has only one end
> -- the other is bare wires. You wouldn't believe how difficult it is to do
> the initial handshake, but once yo
On 24.01.2014, Leo Gaspard wrote:
> Actually, this is something I never understood. Why should people create a
> revocation certificate and store it in a safe place, instead of backing up the
> main key?
Because a backup only makes sense when it's stored in a diffrent place
than the key itself:
On Thu, 23 Jan 2014 23:15, ekl...@gmail.com said:
> Oh? I thought the most common reason was test keys, and tutorials which
> explain
> step-by-step how to make a keypair and push it on a keyserver, without telling
Obviously, I don't have no hard evidence for the claim that forgotten
passpharses
Well... I don't know how you type
With a nine-volt battery, a paperclip, and a USB cable that has only
one end -- the other is bare wires. You wouldn't believe how
difficult it is to do the initial handshake, but once you've got it
down you can easily tap out oh, three or four words a min
On Thu, Jan 23, 2014 at 03:08:40PM -0800, Robert J. Hansen wrote:
> >Yet, I agree I would not send my encrypted private key. But having your
> >divorced
> >spouse bruteforce 90 bit of passphrase just to annoy you... seems quite an
> >unreasonable threat to me.
>
> It is. That's why that's not the
Yet, I agree I would not send my encrypted private key. But having
your divorced
spouse bruteforce 90 bit of passphrase just to annoy you... seems quite an
unreasonable threat to me.
It is. That's why that's not the threat being defended against.
The threat is against your spouse seeing you
On Thu, Jan 23, 2014 at 01:27:58PM -0800, Robert J. Hansen wrote:
> [...]
>
> And yes, a strong passphrase is still the strongest bar against these
> backups being misused -- but unless you've got an eye-poppingly strong
> passphrase, your best bet is to rely on denying attackers access to the dat
On Thu, Jan 23, 2014 at 10:26:33PM +0100, Werner Koch wrote:
> On Thu, 23 Jan 2014 21:25, ekl...@gmail.com said:
>
> > PS: Please, do not tell me one might have forgotten his passphrase. In this
> > case
> > there is no harm in shredding the secret key and waiting for the expiration
>
> Experien
On Thu, Jan 23, 2014 at 09:59:30PM +0100, Pete Stephenson wrote:
> [...]
>
> They would need to be trustworthy
> enough to not abuse the revocation certificate by revoking your
> certificate, but otherwise would not need to be given absolute trust
> that comes with having a copy of the private key
On Thu, 23 Jan 2014 21:25, ekl...@gmail.com said:
> PS: Please, do not tell me one might have forgotten his passphrase. In this
> case
> there is no harm in shredding the secret key and waiting for the expiration
Experience has shown that this is the most common reason why there are
so many secr
Actually, this is something I never understood. Why should people create a
revocation certificate and store it in a safe place, instead of
backing up the main key?
A "safe place" for a revocation certificate may be vastly different
from a "safe place" for a backup of your certificate. For i
On Thu, Jan 23, 2014 at 9:25 PM, Leo Gaspard wrote:
> On Thu, Jan 23, 2014 at 05:53:57PM +, nb.linux wrote:
>> And, you can be prepared for such an event (i.e. having created the
>> revocation certificates in advance, stored them in a save but accessible
>> place, printed out on paper,...).
>
On 01/28/2010 10:44 PM, Richard Geddes wrote:
> Generating a revocation certificate as soon as you generate your key
> pair is a wise thing to do, in case you lose control of your passphrase
> ... I did that.
Good! :)
> My question is, if I edit my key pair... let's say I add a new uid to my
> k
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Jorgen Christiansen Lysdal wrote:
> Robert J. Hansen wrote:
>> This deputy sheriff reported to his superior, and I wound up
>> with a thirty-day delay in the paperwork while the county sheriff made
>> sure that I didn't have murder afoot. Were they
Robert J. Hansen wrote:
> This deputy sheriff reported to his superior, and I wound up
> with a thirty-day delay in the paperwork while the county sheriff made
> sure that I didn't have murder afoot. Were they overreacting? Sure,a
> bit. But they were also doing their job.
They could have been
Faramir wrote:
> With due respect to USA, each time I read things like this, I am happy
> for not living there... my main concern here is if economy will be
> affected or not for things happening outside my country. But at least I
> know I can rely on justice to don't cause me problems for things
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Lawrence Chin escribió:
> I'm sorry to have failed to observed Netiquette, but I was just too
> afraid. I have been reported before to law enforcement as saying things
You was reported? By somebody? The *proper* use of encryption should
prevent
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Robert J. Hansen wrote:
> If you are that concerned about the intelligence and/or law-enforcement
> communities seeing what you write, you should be very careful about your
> involvement on this, or any of several other, mailing lists.
More precise
Lawrence Chin wrote:
> So I'm very paranoid about, not just what I said to others, but
> precisely what others said to me.
If this is of so much concern to you, you should probably consider
leaving the various crypto mailing lists altogether. Members of various
national intelligence communities a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
markus reichelt wrote:
> * Faramir <[EMAIL PROTECTED]> wrote:
>
>> Begin of "spoiler blank lines"
>> [...]
>> End of "spoiler blank lines"
>
> niiice, I bet he didn't catch that one!
>
>
>
>
* Faramir <[EMAIL PROTECTED]> wrote:
> Begin of "spoiler blank lines"
> [...]
> End of "spoiler blank lines"
niiice, I bet he didn't catch that one!
--
left blank, right bald
pgptXuX9KPvBR.pgp
Description: PGP signature
___
Gnupg-users mailing list
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Lawrence, if your nerves are so shaken, maybe you should stop reading
this message right now, and delete this message, or maybe keep it to
read it once you are better. I will put some blank lines as "spoiler",
just in case. And please note, this mess
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Lawrence Chin wrote:
> This is another message of Kara's that's causing me nightmare last night
> when I read through it. We shouldn't have words like "...Deputy
> director" or "NS adviser" etc in an encrypted email!
Why? Even if Reference to enti
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Kara wrote:
>
>
> Reference Faramir's 27 Sep (2218 -0400) "Re: backing up keys etc"
> which responded to your 27 Sep (1738 -0700) "backing up keys etc":
>
> Lawrence wrote in part:
>>> So, if I need to revoke this public key in the future, I jus
25 matches
Mail list logo
