Hi folks!
Ok,.. I know that you can set at least the following flags to specify
the purpose of a key:
A - authorsation
C - certification
E - encryption
S - signation
Ok,.. as far as I understood, if a key is C-only that this indicates
that it is used solely for signing other keys, but not for
On Tue, Nov 08, 2005 at 12:27:13PM +0100, Christoph Anton Mitterer wrote:
> Hi folks!
>
> Ok,.. I know that you can set at least the following flags to specify
> the purpose of a key:
> A - authorsation
> C - certification
> E - encryption
> S - signation
>
> Ok,.. as far as I understood, if a k
David Shaw wrote:
So I think it would be better to have the following:
primary: C, RSA-S, 4096 bit
secondary: S, RSA-S, 4096 bit
secondary: E, ElGamal, 4096 bit
Ok...
1) Is it advisable at all?
Yes. Many people do it this way, including myself. It's not actually
an RSA-S key (that's dep
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Christoph Anton Mitterer wrote:
> David Shaw wrote:
>
>>> So I think it would be better to have the following:
>>> primary: C, RSA-S, 4096 bit
>>> secondary: S, RSA-S, 4096 bit
>>> secondary: E, ElGamal, 4096 bit
>>>
>>> Ok...
>>> 1) Is it advisable
On Tue, Nov 08, 2005 at 03:29:39PM +0100, Christoph Anton Mitterer wrote:
> >Yes. Many people do it this way, including myself. It's not actually
> >an RSA-S key (that's deprecated), but a regular RSA key with the S
> >flag set. However, you don't actually want to change the primary from
> >CS t
On Mon, Nov 07, 2005 at 11:32:29PM +0100, Christoph Anton Mitterer wrote:
> David Shaw wrote:
>
> >>How is the priority specified? Is it from left to right, meaning that an
> >>algorithm a left from another (b) is preferd in favour of b?
> >>setpref --->--->--->---> ?
> >>
> >>
> >Correct, i
David Shaw wrote:
On Tue, Nov 08, 2005 at 03:29:39PM +0100, Christoph Anton Mitterer wrote:
Yes. Many people do it this way, including myself. It's not actually
an RSA-S key (that's deprecated), but a regular RSA key with the S
flag set. However, you don't actually want to change the prim
Christoph Anton Mitterer wrote:
> Ok,.. I know that you can set at least the following flags to specify
> the purpose of a key:
> A - authorsation
> C - certification
> E - encryption
> S - signation
>
What does type "A" mean and where is it used?
--
With best regards,
Current OpenPGP key ID: 0
On Tue, Nov 08, 2005 at 07:17:01PM +0300, lusfert wrote:
> Christoph Anton Mitterer wrote:
>
> > Ok,.. I know that you can set at least the following flags to specify
> > the purpose of a key:
> > A - authorsation
> > C - certification
> > E - encryption
> > S - signation
> >
> What does type "A"
Alphax wrote:
>What would be the disadvantages?
You could end up with conflicting copies of the same key for one...
What does that mean?
Chris.
begin:vcard
fn:Mitterer, Christoph Anton
n:Mitterer;Christoph Anton
org:Munich University of Applied Sciences;Department of Mathematics and Compute
* Johan Wevers <[EMAIL PROTECTED]> wrote:
> markus reichelt wrote:
>
> >I put the speculations aside and stick with the fact that the NSA
> >recommends ECC for government use. That's enough for _me_.
>
> What makes you think the NSA doesn't want to decrypt US government
> traffic?
I don't care
* Werner Koch <[EMAIL PROTECTED]> wrote:
> On Fri, 04 Nov 2005 19:32:07 +0100, markus reichelt said:
>
> > I put the speculations aside and stick with the fact that the NSA
> > recommends ECC for government use. That's enough for _me_.
>
> There is a rationale reason why NIST (not the NSA) will
lusfert wrote:
What does type "A" mean and where is it used?
It means that the key can be used for authentication,... e.g. for ssh or so.
Chris.
begin:vcard
fn:Mitterer, Christoph Anton
n:Mitterer;Christoph Anton
org:Munich University of Applied Sciences;Department of Mathematics and Computer
a problem has been discovered with truecrypt in that it is possible
to
detect a 'hiiden volume'
(i.e. the 'plausible deniability' is *not* reliable)
i posted here recommending truecrypt
(http://lists.gnupg.org/pipermail/gnupg-users/2005-
October/027155.html)
for 'plausibile deniability'
so,
to
David Shaw wrote:
If such a feature existed in GnuPG, yes.
David
Uhm,.. I rethought the whole thing,... and I came to the reason that I
gave up too fast ;-)
Ok,.. you told me that the disadvantage of C-only keys would be that you
can't response to challenges. Is this the only reason?
As
Or is there perhaps another software that I could use for chaging the
key usage flags (without damaging my key or changing the format or so).
Of course I'd prefer using GnuPG because I trust this the most :-)
Once again,.. I'm only going to do this,.. if it wouldn't have
disadvantages for the
On Wed, Nov 09, 2005 at 12:53:45AM +0100, Christoph Anton Mitterer wrote:
> Or is there perhaps another software that I could use for chaging the
> key usage flags (without damaging my key or changing the format or so).
> Of course I'd prefer using GnuPG because I trust this the most :-)
>
> Onc
On Tue, Nov 08, 2005 at 11:41:43PM +0100, Christoph Anton Mitterer wrote:
> David Shaw wrote:
>
> >If such a feature existed in GnuPG, yes.
> >
> >David
> >
> >
> Uhm,.. I rethought the whole thing,... and I came to the reason that I
> gave up too fast ;-)
>
> Ok,.. you told me that the disadva
Alphax wrote:
It means, the "expected" behaviour for what the keyservers/PGP/GPG will
do when it finds that the usage flags have changed on a primary key is
completely undocumented, because they are *not supposed to change*. I
don't think they're protected by the fingerprint/selfsignature (altho
19 matches
Mail list logo
