On Fri 2015-02-27 03:07:39 -0500, MFPA wrote:
> On Tuesday 24 February 2015 at 10:16:20 PM, in
> , Daniel Kahn Gillmor wrote:
>
>> That is, only a malicious person who manages to
>> compromise that key material can make signatures with
>> it. So why are you keeping it around?
>
> To verify existin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Tuesday 24 February 2015 at 10:16:20 PM, in
, Daniel Kahn Gillmor
wrote:
> That is, only a malicious person who manages to
> compromise that key material can make signatures with
> it. So why are you keeping it around?
To verify existing sig
On 25/02/15 06:49, NdK wrote:
> Use a smartcard and generate on-card a new key that replaces the expired
> one.
While I agree this could be a neat setup for OP, it might be overkill or even
impractical given the signing speed of a smartcard. I don't know what volume of
signatures will be issued.
Il 25/02/2015 00:01, Peter Lebbing ha scritto:
> On 24/02/15 23:16, Daniel Kahn Gillmor wrote:
> If you asked me to /destroy/ the key, I would look through my drawers for all
> backups I have and do a "shred" on them, and think really hard where any
> further
> copies might have ended up.
Use a s
On 24/02/15 23:16, Daniel Kahn Gillmor wrote:
> So why are you keeping it around?
I suppose it depends on your definition of "destroying"...
I think you'd be fine with setting an expiry date and "--delete-secret-key"-ing
the subkey when the time comes.
If you asked me to /destroy/ the key, I wou
On Mon 2015-02-23 19:36:25 -0500, Daniele Nicolodi wrote:
> On 21/02/15 20:11, Daniel Kahn Gillmor wrote:
>> Using a subkey is a reasonable approach, and rotating (and destroying)
>> the secret key of the rotated subkey is not a bad idea.
>
> What do you exactly mean by "destroying"? Isn't setting
curity of the server where the
> >> automated process runs, but I would like to reduce to a minimum the
> >> risks.
> >
> > there are risks with unattended signing in general, related to what
> > messages you allow to get passed to your system. I'm sure you&#x
nimum the risks.
>
> there are risks with unattended signing in general, related to what
> messages you allow to get passed to your system. I'm sure you've
> already thought about this, but i'll just put it out there in case
> someone else reading this later hasn't thou
On Wed 2015-02-18 13:46:19 -0500, Daniele Nicolodi wrote:
> I have a sufficient trust in the security of the server where the
> automated process runs, but I would like to reduce to a minimum the risks.
there are risks with unattended signing in general, related to what
messages you allow
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2/21/2015 11:42 AM, Daniele Nicolodi wrote:
> On 18/02/15 19:46, Daniele Nicolodi wrote:
>> I have an automated process that collects some data and unattended sends
>> it via email. I want that data to be encrypted and signed. The
>> encryption pa
On 18/02/15 19:46, Daniele Nicolodi wrote:
> I have an automated process that collects some data and unattended sends
> it via email. I want that data to be encrypted and signed. The
> encryption part is easy as it requires only public keys of the
> recipients. Signing, however, requires to make th
Hello,
I have a quite simple question on best practice for the use of GPG. I
haven't found an answer searching online. I hope this mailing list is
the right place for asking.
I have an automated process that collects some data and unattended sends
it via email. I want that data to be encrypted an
Am Mo 27.05.2013, 13:38:08 schrieb Lema KB:
> I am writing a batch file, where i install gpg4win, generate keys, import
> public key, and sign it. Could anyone help me, how i silently(unattended)
> sign imported public-key?
> i did edit the key, fpr, signed it but it is asking my passphrase.
You
Hi
I am writing a batch file, where i install gpg4win, generate keys, import
public key, and sign it. Could anyone help me, how i silently(unattended)
sign imported public-key?
i did edit the key, fpr, signed it but it is asking my passphrase.
or should i generate my secret-public-key without pas
14 matches
Mail list logo
