Re: article about Air Gapped OpenPGP Key

Paul R. Ramer: > adrelanos wrote: >> When one uses a Live system for its air gapped OpenPGP key, one >> would have to constantly remember re-creating this that gpg.conf. >> (Gone after reboot.) > > Not necessarily. You can plug in a USB drive with your custom > gpg.conf file on it, for example.

Re: article about Air Gapped OpenPGP Key

adrelanos wrote: >When one uses a Live system for its air gapped OpenPGP key, one would >have to constantly remember re-creating this that gpg.conf. (Gone after >reboot.) Not necessarily. You can plug in a USB drive with your custom gpg.conf file on it, for example. A more elegant solution wou

Re: article about Air Gapped OpenPGP Key

On 11/21/2013 7:14 PM, MFPA wrote: > Logically, wouldn't you have to destroy it after being ordered to hand > it over to be in contempt of court? Depends on the meaning of "contempt of court" in your jurisdiction and what your local rules are with respect to document discovery. We're getting pret

Re: article about Air Gapped OpenPGP Key

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Tuesday 19 November 2013 at 8:06:18 PM, in , Johan Wevers wrote: > destroying the key will prevent > you from having to hand it over. In some jurisdictions > this may be seen as "contempt of court" Logically, wouldn't you have to destroy

Re: article about Air Gapped OpenPGP Key

On 11/19/2013 6:03 PM, Chris De Young wrote: > I'd be surprised if this gets you very far in a US court. Depends on when you did it and why. Many businesses have document retention policies (crafted with the assistance of counsel) that specify old documents are to be put beyond recovery, and scra

Re: article about Air Gapped OpenPGP Key

On Tue, Nov 19, 2013 at 02:50:20PM -0800, Robert J. Hansen wrote: > >>That depends on your threat model. If you fear juridical problems (say, > >>for example, some encrypted mails have been intercepted by the police > >>but they can't decrypt them), destroying the key will prevent you from > >>havi

Re: article about Air Gapped OpenPGP Key

On 11/19/2013 3:50 PM, Robert J. Hansen wrote: [...] > then used to do all further crypto operations. To put the data forever > beyond recovery, you generate a new nonce, encrypt it with the same > passphrase, and write it over the old nonce. If someone demands your > cryptographic key you can ho

Re: article about Air Gapped OpenPGP Key

That depends on your threat model. If you fear juridical problems (say, for example, some encrypted mails have been intercepted by the police but they can't decrypt them), destroying the key will prevent you from having to hand it over. In some jurisdictions this may be seen as "contempt of court"

Re: article about Air Gapped OpenPGP Key

On Tue, Nov 19, 2013 at 09:06:18PM +0100, Johan Wevers wrote: > On 19-11-2013 7:07, Robert J. Hansen wrote: > > Even then, scrubbing data is usually a sign you've misunderstood the > > problem you're trying to solve. If you're concerned about sensitive > > data lurking on your hard drive the solut

Re: article about Air Gapped OpenPGP Key

On 19-11-2013 7:07, Robert J. Hansen wrote: > Even then, scrubbing data is usually a sign you've misunderstood the > problem you're trying to solve. If you're concerned about sensitive > data lurking on your hard drive the solution isn't to scrub the drive, > it's to use an encrypted filesystem.

Re: article about Air Gapped OpenPGP Key

Robert J. Hansen:>> Please leave feedback or hit the edit button. Maybe it's useful for >> someone. It's under public domain. > > A major omission: > > "What is this, why should I care, and what security risks does it > mitigate?" > > Without that, the article is useful only to people who have alre

Re: article about Air Gapped OpenPGP Key

Hauke Laging: > Am Mo 18.11.2013, 17:21:22 schrieb adrelanos: >> Hi, >> >> An article about air gapped OpenPGP keys has been written by me: >> https://www.whonix.org/wiki/Air_Gapped_OpenPGP_Key >> >> Please leave feedback or hit the edit button. > > > >> By de

Re: article about Air Gapped OpenPGP Key

Pete Stephenson: > 1. If you set the keyprefs in your gpg.conf configuration file before > you generate a new key it will generate new keys with these stronger > defaults rather than having you need to edit them later. See > for details > a

Re: article about Air Gapped OpenPGP Key

> I have never understood why people seem to believe that they cannot safely > store a key backup (including the passphrase if necessary) but can safely > store a revocation certificate. It comes into play more when entrusting others. If I give my lawyer a copy of my certificate and passphrase

Re: article about Air Gapped OpenPGP Key

Am Mo 18.11.2013, 17:21:22 schrieb adrelanos: > Hi, > > An article about air gapped OpenPGP keys has been written by me: > https://www.whonix.org/wiki/Air_Gapped_OpenPGP_Key > > Please leave feedback or hit the edit button. > By default GPG creates one signi

Re: article about Air Gapped OpenPGP Key

On Mon, Nov 18, 2013 at 11:45 AM, Pete Stephenson wrote: > On 11/18/2013 6:21 PM, adrelanos wrote: > > Hi, > > > > An article about air gapped OpenPGP keys has been written by me: > > https://www.whonix.org/wiki/Air_Gapped_OpenPGP_Key > > > > Please leave feedback or hit the edit button. Maybe it

Re: article about Air Gapped OpenPGP Key

4. Are there any known issues with your "air gapped" system being the same physical hardware as your everyday system even if you use a LiveCD? The airgap networks I've seen have run in separate rooms from the regular network and use a different kind of networking hardware in order to make cr

Re: article about Air Gapped OpenPGP Key

On 11/18/2013 6:21 PM, adrelanos wrote: > Hi, > > An article about air gapped OpenPGP keys has been written by me: > https://www.whonix.org/wiki/Air_Gapped_OpenPGP_Key > > Please leave feedback or hit the edit button. Maybe it's useful for > someone. It's under public domain. > > Cheers, > adrel

article about Air Gapped OpenPGP Key

Hi, An article about air gapped OpenPGP keys has been written by me: https://www.whonix.org/wiki/Air_Gapped_OpenPGP_Key Please leave feedback or hit the edit button. Maybe it's useful for someone. It's under public domain. Cheers, adrelanos ___ Gnupg-