On Thu, 12 Sep 2013 07:35, d...@fifthhorseman.net said:
> GnuPG 2.1 (still currently in beta, afaict) is the first version to
> include ECC support for OpenPGP. the 2.0.x branch does not include ECC
Right. There are no plans to support it in older versions. 2.1 also
has a feature to work witho
Il 12/09/2013 23:10, Marko Randjelovic ha scritto:
> All the time I read suggestions on using USB sticks and I must say
> people are crazy about USB sticks. It is more convenient to use optical
> media then USB stick because they are read only. Boot from Live CD, not
> from USB stick and use USB s
On 12/09/13 22:03, NdK wrote:
> Nope. W/ Vinculum module you send it commands like "open mickey.txt" and
> then "read 1024". The filesystem driver is in the module and your interface
> only receives expected data.
I hadn't looked at the Vinculum module[1]; that would indeed be a way to remove
the
On 13/09/13 09:19, NdK wrote:
> PS: I'll tell you a secret: there are USB keys with a "write protect"
> switch :)
Since people were concerned about hacking the USB key, you need to define the
scenario.
First of all, if we are talking about hacking through a rogue firmware update
for the USB key:
09/12/2013 22:03, NdK wrote:
You really should define your "security perimeter".
09/13/2013 09:19, NdK wrote:
I can be "reasonably sure" nobody will hack my machine just to read my
mail. Obama can be "reasonably sure" that *many* attackers will try.
My "security perimeter" should be "equal"
On 09/10/13 21:42, Jan wrote:
> 10/9/2013 14:19, Werner Koch wrote :
>> So what about using that free USB stack for AVR's to implement a flash
>> device? You would be able to audit about everything; flylogic even has
>> these nice pictures of the ATmega88 masks...
>
> 10/9/2013 16:33, David Smit
On 9/13/2013 8:52, Werner Koch wrote:
> concerns about switching to GnuPG-2. However, if at some time ECC would
> really take off, we might backport it to 1.4 if we could agree to change
> 1.4 to make use of Libgcrypt.
Such a major change would warrant a 1.6 IMO.
BTW, is there any discussion in
Il 13/09/2013 11:33, Jan ha scritto:
> My "security perimeter" should be "equal" to the maximum of the
> "security perimeters" of my usual communication partners. That is so
> because with their private key they protect my mail and with my private
> key I protect their mail. What is "usual" is not
On 07/09/13 07:10 AM, Peter Lebbing wrote:
On 27/06/13 18:55, Jack Bates wrote:
except that I am using the key id of a subkey, with an exclamation
mark, to export just one subkey instead of all the subkeys belonging to the
primary key. The subkey with that key id definitely doesn't already exist
On Fri, Sep 13, 2013 at 12:22 AM, Daniel Kahn Gillmor
wrote:
> GnuPG is currently not able to create a non-exportable self-sig. If you
> try to do this, it gives an error:
>
> WARNING: the signature will not be marked as non-exportable.
>
> But: some people might never want their keys to be pub
On 2013-09-13 14:24, Nicholas Cole wrote:
The correct way would be to have keyservers
honour the no-modify flag, or perhaps have some notation on the ID
that prevents uploading to a public keyserver. I myself would favour
the latter approach.
The latter has the same problem as the no-modify f
On Sep 13, 2013, at 1:22 AM, Daniel Kahn Gillmor wrote:
> GnuPG is currently not able to create a non-exportable self-sig. If you
> try to do this, it gives an error:
>
> WARNING: the signature will not be marked as non-exportable.
This is by design (hence the warning message), as an unsigned
Hi,
I'm a newbie ... and I would like to do file and mail encryption from
different PCs at different locations with gnupg.
In any case I would not like to copy my private key on other pcs!
As far as I understood, using a smartcard was the ideal solution as I
won't have to store my private keys on
On Fri, Sep 13, 2013 at 3:29 PM, Daniel Kahn Gillmor
wrote:
> On 09/13/2013 08:24 AM, Nicholas Cole wrote:
>
>> I don't think this is sensible. What is the point of a UID that
>> cannot be used by someone else? If the UID is shared with anyone else
>> (even privately), it must have a self-signat
On 09/13/2013 10:17 AM, David Shaw wrote:
> On Sep 13, 2013, at 1:22 AM, Daniel Kahn Gillmor
> wrote:
>
>> GnuPG is currently not able to create a non-exportable self-sig. If you
>> try to do this, it gives an error:
>>
>> WARNING: the signature will not be marked as non-exportable.
>
> This i
On Fri, Sep 13, 2013 at 3:42 PM, Daniel Kahn Gillmor
wrote:
> On 09/13/2013 09:49 AM, Peter Lebbing wrote:
>> On 2013-09-13 14:24, Nicholas Cole wrote:
>>> The correct way would be to have keyservers
>>> honour the no-modify flag, or perhaps have some notation on the ID
>>> that prevents uploading
On 09/13/2013 09:49 AM, Peter Lebbing wrote:
> On 2013-09-13 14:24, Nicholas Cole wrote:
>> The correct way would be to have keyservers
>> honour the no-modify flag, or perhaps have some notation on the ID
>> that prevents uploading to a public keyserver. I myself would favour
>> the latter approa
On 09/13/2013 08:24 AM, Nicholas Cole wrote:
> I don't think this is sensible. What is the point of a UID that
> cannot be used by someone else? If the UID is shared with anyone else
> (even privately), it must have a self-signature, and so that signature
> must be exportable.
It is possible
On Fri, Sep 13, 2013 at 3:33 PM, Didier
wrote:
>
>
> Hi,
> I'm a newbie ... and I would like to do file and mail encryption from
> different PCs at different locations with gnupg.
> In any case I would not like to copy my private key on other pcs!
> As far as I understood, using a smartcard was th
On 09/13/2013 11:35 AM, Nicholas Cole wrote:
> Well. Why not trust your circle of contacts (because anyone using this
> scheme must be in a small circle) not to upload the keys to
> keyservers?
>
> Perhaps if there is enough demand gpg could even have a "Never send
> these keys to keyservers" opti
In 09/13/2013 14:05, NdK wrote:
> Some other approach might be to compare the output of several
> versions of gnuPG, PGP etc.. This way you could check whether the
> information was secretly decrypted with a second "FBI key". This is
> even
> possible for someone how is no programer. Do you thi
On 09/13/2013 14:05, NdK wrote:
What happens if one of your correspondents is willing to undergo the
whole procedure and he's an FBI agent?
I'd tell him confidential information, - but I did not intent to protect
me against such a thread by means of gnuPG.
If you want to
certify that your secu
Il 13/09/2013 21:12, Jan ha scritto:
>> How can you check there isn't a weakness in RNG, for exampel [...]
> There are statistical test with which you can test whether a random
> number generator produces for instance uniformly distributed numbers.
> This in connection with the above procedure mig
On Fri, 13 Sep 2013 13:25, joh...@vulcan.xs4all.nl said:
> Such a major change would warrant a 1.6 IMO.
Sure.
> BTW, is there any discussion in the OpenPGP community about other public
> key systems, like NTRUEncrypt (see
No, I am not aware of any discussions. QC resistant algorithms are not
y
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Tuesday 10 September 2013 at 8:01:30 PM, in
, Philipp Klaus Krause wrote:
> GPG supports the feature of having multiple UIDs per
> key. However this requires special care of anyone
> signing such a key. AFAIK, there is no really
> user-fr
On 9/13/2013 6:20 PM, Werner Koch wrote:
> No, I am not aware of any discussions. QC resistant algorithms are not
> yet something we need to rush for.
Although it hasn't hit the IETF WG mailing list, I know that some list
participants have had intermittent off-list conversations about lattice
cry
26 matches
Mail list logo
