On 03/11/13 20:13, Daniel Kahn Gillmor wrote:
> As a Debian user, I rely on GnuPG to ensure that the software I install hasn't
> been tampered with.
Excellent thanks Daniel!
Sam.
--
Sam Tuke
Campaign Manager
Gnu Privacy Guard
0044 78680 77871
signature.asc
Description: OpenPGP digital signat
Hi!
Taylor asked me to forward this background info:
On Sat, 5 Oct 2013 10:56, w...@gnupg.org said:
> not yet been seen in the wild. Details of the attack will eventually
> be published by its inventor.
The zlib compression language that OpenPGP uses is powerful enough to
express an OpenPG
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Saturday 2 November 2013 at 6:48:39 PM, in
, Uwe Brauer wrote:
> Your point being?
> I presume it goes like this: NSA is "a government
> based organisation" doing, among other things,
> violations of civil rights.
> So any other governme
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi list,
for a couple of years now I use an OpenPGP SmartCard for my daily mail.
Every message I sign gets signed by the card, every encrypted message I
receive gets decrypted by it. My v1 card failed one day without warning,
my v2 card works fin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Sunday 3 November 2013 at 10:02:14 PM, in
, Uwe Brauer wrote:
>>> "Ingo" == Ingo Klöcker writes:
>> So, your point/hope probably was that a government
>based CA > wouldn't have such a business model and
>would instead offer thi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Saturday 2 November 2013 at 4:22:29 PM, in
, Heinz Diehl wrote:
> "GPG - keeps the XXX from your door!" :-)
> [Replace XXX with any three letter agency of your
> choice]
Is that actually true, rather than bringing you to their attention?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Sunday 3 November 2013 at 2:08:15 AM, in
, Paul R. Ramer wrote:
> When you verify a key to sign you are verifying the following:
> 1) For each UID, that the name is correct and that the
> purported owner has control of the email in that UI
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 30/10/13 9:58 PM, Sam Tuke wrote:
> Hi all,
>
> I'm working with Werner to promote GnuPG and raise awareness. To
> that end we're collecting quotes from users - endorsements from
> people who know and trust GPG, people like you.
Feel free to use
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Monday 4 November 2013 at 2:02:30 PM, in
, MFPA wrote:
> Where actual identity is not required, just continuity
> of communication, I see no value in obtaining any
> certification at all.
Or, indeed, where encryption is required but not a
On 11/04/2013 11:02 AM, MFPA wrote:
And as an aside, does it really make a difference to only sign some
UIDs and not others? Does GnuPG actually take account of which UIDs
are signed in its validity or trust calculations?
Yes, it does make a difference.
Let's say I make key X and attach to Use
On 30/10/13 9:58 PM, Sam Tuke wrote:
> Hi all,
>
> I'm working with Werner to promote GnuPG and raise awareness. To
> that end we're collecting quotes from users - endorsements from
> people who know and trust GPG, people like you.
>
> If you want to help us, send your own statement about why GPG
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Monday 4 November 2013 at 4:52:02 PM, in
, Daniel Kahn Gillmor wrote:
> Yes, it does make a difference.
[snipped]
> If you had certified both User IDs on my
> key, gpg would be happy to encrypt the message to my
> key instead of Alice's
On 04.11.2013, MFPA wrote:
> > "GPG - keeps the XXX from your door!" :-)
>
> > [Replace XXX with any three letter agency of your
> > choice]
> Is that actually true, rather than bringing you to their attention?
It depends.
My key is publically available, with my current email address in it.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Monday 4 November 2013 at 8:07:01 PM, in
, Julian H.
Stacey wrote:
> Talking about an alien loathed three letter agency ...
> See 4 top secret papers from it published by UK's
> Guardian newspaper today :-) at the bottom of this link
> htt
> information which could be of importance for a three letter agency. In
Talking about an alien loathed three letter agency ...
See 4 top secret papers from it published by UK's Guardian newspaper today :-)
at the bottom of this link
http://www.theguardian.com/world/interactive/2013/nov/01/snowde
MFPA wrote:
>Why do we need to establish they can also sign? Isn't it enough to
>demonstrate they control the email address and can decrypt, by signing
>one UID at a time and sending that signed copy of the key in an
>encrypted email to the address in that UID?
You are right. Decryption is suffi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/04/2013 04:29 PM, MFPA wrote:
> That's phenomenal: isn't everybody in the world separated by an
> average of just six hops?
I tried to check that out, and I have never needed more than about
three hops.
Three hops to former president Richard N
On Mon, Nov 04, 2013 at 01:44:51PM -0800, Paul R. Ramer wrote:
> MFPA wrote:
> >Why do we need to establish they can also sign? Isn't it enough to
> >demonstrate they control the email address and can decrypt, by signing
> >one UID at a time and sending that signed copy of the key in an
> >encrypt
On Monday 04 Nov 2013 21:07:01 Julian H. Stacey wrote:
> http://www.theguardian.com/world/interactive/2013/nov/01/snowden-nsa
> -files-surveillance-revelations-decoded
And in other news...
http://slashdot.org/topic/datacenter/google-chief-eric-schmidt-slams-nsa-for-tapping-datacenters/
Google Ch
That's phenomenal: isn't everybody in the world separated by an
average of just six hops?
That's more urban myth than reality. Reality is hard to model. An
isolated village in a remote area of Africa might have a very hard
time connecting to London in six hops, but the instant one villager
I tried to check that out, and I have never needed more than about
three hops.
Sure, but then again you're trying to hit people with *extremely*
large networks, and whose first-order networks are themselves
*extremely* well-connected. Even the exotic ones like Ronald Coase --
he co-author
On Monday 04 Nov 2013 21:07:01 Julian H. Stacey wrote:
> http://www.theguardian.com/world/interactive/2013/nov/01/snowden-nsa
> -files-surveillance-revelations-decoded
And in other news...
http://slashdot.org/topic/datacenter/google-chief-eric-schmidt-slams-nsa-for-tapping-datacenters/
Google Ch
On 11/04/2013 05:40 PM, Robert J. Hansen wrote:
>> I tried to check that out, and I have never needed more than about
>> three hops.
>
> Sure, but then again you're trying to hit people with *extremely* large
> networks, and whose first-order networks are themselves *extremely*
> well-connected.
23 matches
Mail list logo
