On Thu, 2009-09-10 at 22:35 -0400, David Shaw wrote:
> Yes. It's not that gpg has a driver for it though. The developers of
> the entropy key were clever and instead of making programs write new
> code to use the key, they made a program that reads the key and feeds
> the Linux entropy pool
On Thu, 2009-09-10 at 22:52 -0400, David Shaw wrote:
> I suspect you are more in danger of being hit by meteors several times
> in a row as you walk to your friend's house with the USB stick, than
> you are in danger from SHA-1.
I was watching Armageddon yesterday evening... so watch out what y
On Thu, 2009-09-10 at 20:38 -0400, Daniel Kahn Gillmor wrote:
> Worse than this: the devices could produce measurably "good" entropy
> that happens to be predictable to a malicious individual in control of a
> special secret.
>
> For example, if such a key were to contain a copy of the secret, and
On Thu, 2009-09-10 at 22:23 -0400, David Shaw wrote:
> Sure, but your computer vendor "could" have a relationship with the
> NSA and put some special code in the BIOS to capture keyboard input
> and periodically send it to a central server. Your disk drive vendor
> "could" keep a few extra s
On Thu, 2009-09-10 at 22:55 -0400, Daniel Kahn Gillmor wrote:
> There is also open hardware for random number generation, for whatever
> that's worth:
>
> http://warmcat.com/_wp/whirlygig-rng/
I think David already pointed me to this one some time ago,.. but
they're not yet selling it, right?
C
Hi.
I just wanted to fresh up my knowledge on trust signatures and have it
confirmed whether I've understood it correctly.
So first of all, level 0 TSigs are identical to normal non-trust-sigs.
e.g.:
[my self] --normal sig--> [person A] +-normal sig--> [person B]
On Thu, 2009-09-10 at 22:46 -0400, David Shaw wrote:
> The place for all such suggestions is the IETF OpenPGP working group:
> http://www.imc.org/ietf-openpgp/
Yeah I know,.. and if you remember, most of what I've mentioned before
was already discussed at that list... but with no very big support
Hi.
One additional question:
Is it possible to give multiple trust signatures to the same subject,
but with different levels and trust amounts.
e.g.
[myself] +-trust 1 sig / value=120-+> [some person or trustworthy CA] --trust 1
sig --> [some sub CA, which is "less" trustworthy]
`-trus
Henrik O A Barkman ha scritto:
>
> What is the reason for the Windows build of 1.4.10 (both the pulled and
> fixed binaries) not supporting BZIP2?
>
>
[cut]
I can see the bzip2, windows vista SP2
C:\Users\noiano>gpg --version
gpg (GnuPG) 1.4.10
Copyright (C) 2009 Free Software Foundation, Inc
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
BosseB wrote:
> I have a number of encrypted files, which I need to decrypt. I have
> installed GPG 1.4.9 on my Windows XP-Pro SP3 PC. I have the necessary
> keyrings and they work with Thunderbird and Enigmail.
>
> But as I said I need to decrypt fil
10 matches
Mail list logo
