On Thu, 17 Oct 2013 17:55, christian.we...@gmail.com said:
> I bought a cyberJack go [1] to use it with my openPGP smart card for
> authentification. Since the firmware of that device is upgradeable and
> is capable of saving atleast 2 GB of data, how can I be sure it is not a
This is not just a
On Thu, 17 Oct 2013 21:26, r...@sixdemonbag.org said:
> Is there any way to make GnuPG 1.4 behave like 2.0 in this regard?
Yes. See commit 0bdf121 which will be included into 1.4.16.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
___
On 18/10/13 08:41, Werewolf wrote:
> Now what if the Company/HR department had a Notary public, for their
> documents, and this same Notary had a gpg key he/she treated same his/her
> stamp equipment, and used the same standards before signing a gpgkey?
Then you could simply sign the notary's key
On 18/10/13 11:37, Peter Lebbing wrote:
> The moral: I think it is a really bad idea to sign keys because you trust
> already made signatures. That's what your trust database is for, use that. You
> should sign keys because you verified the identity *outside* the Web of Trust.
However, here an int
On 10/18/2013 2:41 AM, Werewolf wrote:
> Now what if the Company/HR department had a Notary public, for their
> documents, and this same Notary had a gpg key he/she treated same
> his/her stamp equipment, and used the same standards before signing a
> gpgkey?
Forgive a nonanswer here, but this isn
On 13-10-18 05:59 AM, Peter Lebbing wrote:
>
> However, here an interesting dichotomy surfaces: the scenario the OP painted
> was
> that the HR person or notary did not use OpenPGP or key signatures, but that
> you
> still rely on the identity verification done by the HR person.
That's correct.
