On Tue, 24 Jun 2014 04:38, ca+gn...@esmtp.org said:
> This patch (hack?) fixes it for me (local timezone is PDT).
I changed the test to use timegm and only if that is missing I use this
patch.
Thanks,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
__
Hello!
I just released the fifth *beta version* of GnuPG 2.1. It has been
released to give you the opportunity to check out new features and
to fix the bugs in the last beta.
If you need a stable and fully maintained version of GnuPG,
you should use version 2.0.25 or 1.4.18.
This versio
Hallo,
da ich das gerade mit Matthias von der FSFE im Rahmen von
#EmailSelfDefense diskutiere, mal eine Frage: Welche Analogien benutzt
ihr, wenn ihr Menschen das Prinzip von PGP/GPG erklärt?
Ich verwende ich meistens folgende Version:
Es gibt ein Schloss mit zwei Schlüssellöchern. Jeder Schlü
At Thu, 03 Jul 2014 12:50:50 +0200,
Daniel Krebs wrote:
> da ich das gerade mit Matthias von der FSFE im Rahmen von
> #EmailSelfDefense diskutiere, mal eine Frage: Welche Analogien benutzt
> ihr, wenn ihr Menschen das Prinzip von PGP/GPG erklärt?
> Ich verwende ich meistens folgende Version:
>
>
On Thu, 3 Jul 2014 12:50, mailingl...@krebs.uno said:
> Anregungen, Meinungen?
You should translate your question to English or send it to
gnupg...@gnupg.org.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
__
Sorry!
I picked the wrong language / list last time...
So in English:
What metaphors do you use when explaining people PGP? Two examples:
1. A lock with two keys?
2. A lock (public) and a key (private)
Something completely different?
Problems with both:
1. Seems to be kind of hard to understand f
I seem to recall someone on this list using a mailbox like the one at [1]
as an analogy for public-key encryption: anyone can walk up to the mailbox
and place a letter in the slot ("encrypting a message to the recipient's
public key"), but they cannot retrieve any other letters in the box [2].
Tha
On Thu, Jul 03, 2014 at 01:46:33PM +0200, Neal H. Walfield wrote:
> At Thu, 03 Jul 2014 12:50:50 +0200,
> Daniel Krebs wrote:
> > da ich das gerade mit Matthias von der FSFE im Rahmen von
> > #EmailSelfDefense diskutiere, mal eine Frage: Welche Analogien benutzt
> > ihr, wenn ihr Menschen das Pri
On Thu, Jul 03, 2014 at 02:06:04PM +0200, Daniel Krebs wrote:
> Sorry!
> I picked the wrong language / list last time...
> So in English:
> What metaphors do you use when explaining people PGP? Two examples:
> 1. A lock with two keys?
> 2. A lock (public) and a key (private)
> Something completely
On Thu, Jul 03, 2014 at 10:56:30PM +1000, Fraser Tweedale wrote:
> On Thu, Jul 03, 2014 at 01:46:33PM +0200, Neal H. Walfield wrote:
> > At Thu, 03 Jul 2014 12:50:50 +0200,
> > Daniel Krebs wrote:
> > > da ich das gerade mit Matthias von der FSFE im Rahmen von
> > > #EmailSelfDefense diskutiere, m
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Daniel,
I'd also rather use the analogy of a "padlock without key" to be distributed by
the receipient of a message. That way you're able to explain the prerequisite
for asymmetric crypto as we use it in OpenPGP: the receipent must "do somethi
> I seem to recall someone on this list using a mailbox like the one at
> [1] as an analogy for public-key encryption: anyone can walk up to the
> mailbox and place a letter in the slot ("encrypting a message to the
> recipient's public key"), but they cannot retrieve any other letters in
> the box
Hi Olav,
Am 03.07.2014 14:00, schrieb Olav Seyfarth:
I'd also rather use the analogy of a "padlock without key" to be distributed by
the receipient of a message. That way you're able to explain the prerequisite
for asymmetric crypto as we use it in OpenPGP: the receipent must "do something"
BEFO
On Thu, 3 Jul 2014 13:27, kristian.fiskerstr...@sumptuouscapital.com
said:
> Functionally things are working nicely for me using git master. A
> feature request might be to make the number of objects for a keyserver
> refresh customizable as I can't refresh my keyring using 2.1 (but can
> using 2
On Thu, 3 Jul 2014 14:56, fr...@frase.id.au said:
> encryption, but will lead to more confusion when attempting to
> understand/explain signing - where indeed the public key is used to
> decrypt a digest encrypted by a public key.
Signing is a very different thing than encryption. It has nothin
On Wednesday 02 July 2014 19:38:41 Linux DEBIAN wrote:
> Hello all,
>
>
> now I use KMail post client where it's alla automatically checked
> but when I am on the webmail where the signing and verifying is not
> "built-in" supported and when I receive an e-mail with an attchement
> "signature.a
On Thursday 03 July 2014 08:49:12 Linux DEBIAN wrote:
> Hello,
>
> thanks for your reply.
>
> Maybe I do soemthing wrong and following the instructions, still
> receiving 'bad signature'.
I'm not surprised. It seems that Francesco Ariis has left out a crucial
step (or you have removed it when
On 06/28/2014 12:09 AM, Robert J. Hansen wrote:
> When faced with that, it's only a matter of time until Alice decides to
> put 3DES first in her own preference list. And then all her
> communications to Bob have 112 bits of keyspace, not the 256 Bob
> demands.
I think you're talking about person
A good friend just gave me a handful of NFC tags that are capable of
storing about 400 bytes. It's a convenient form factor: a cardboard
disk with an adherent backing, perhaps 2.5cm across. Bring it close to
a mobile phone and presto, bang, it can access the 400 bytes.
This is too large to store
Am Do 03.07.2014, 23:54:39 schrieb Robert J. Hansen:
> Bring it close
> to a mobile phone and presto, bang, it can access the 400 bytes.
>
> This is too large to store an RSA or DSA2 certificate, unfortunately.
I don't even have a smartphone... but
1) might it be possible to combine several of
> I think you're talking about personal-cipher-preferences here, which
> Alice uses to govern the cipher she uses.
Correct.
> Note that she could even put IDEA first here.
Sure, but it wouldn't take unless Bob had IDEA in his preference list.
If Bob's preference list is AES256 CAMELLIA256 3DES,
> This is too large to store an RSA or DSA2 certificate, unfortunately.
Too *small*. Sorry. Time for me to go drink coffee straight from the pot.
Also, for Americans, happy Fourth of July. :)
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http:
> 1) might it be possible to combine several of these storage devices
> (reading them one after the other) to add up their capacity?
Probably, but once you've got a dozen of these things they sort of stop
being a convenient form factor. :)
> 2) wouldn't it be enough to transfer the mainkey? Or
On 07/04/2014 12:08 AM, Robert J. Hansen wrote:
> Bob is all about "I must have at least 256 bits of keyspace in all my
> email!" But Bob can't do that, because Alice can *always* degrade him
> to 112 bits by choosing 3DES.
Of course. And Alice can always send Bob cleartext too. does that mean
> Of course. And Alice can always send Bob cleartext too. does that mean
> that Bob shouldn't offer any encryption key at all because there's no
> guarantee that it will be used?
It means Bob should have a line item for that in his security model.
"Alice may send me cleartext."
It also means Bo
> You can also get all of the above properties...
*Almost*. NFC is significantly more convenient than fumbling with your
phone's camera app, taking a snapshot, etc. Wave it and it's done. NFC
has some interesting human interface engineering behind it.
signature.asc
Description: OpenPGP digit
On 07/03/2014 11:54 PM, Robert J. Hansen wrote:
> the ability to store 400 bytes, to
> access it quickly and easily, and all in a tag that costs less than a
> dollar and can be read with almost any modern smartphone, is kind of cool.
it is cool indeed.
You can also get all of the above properties
On 04-07-2014 6:18, Robert J. Hansen wrote:
> But what if giving them your key was as simple as putting down a
> read-only NFC token and telling people, "there, scan that"?
Read-only you say? NFC writers are cheap (they were even sold out here
when someone foud out you could use them to top-up th
On 03.07.2014 16:16, Werner Koch wrote:
> Signing is a very different thing than encryption. It has nothing to do
> with encryption. Using the terms decryption or encryption to describe
> signature creation and verification leads to confusion
I think the term «signing» leads to confusion, too. W
This will be my last on the thread.
You've said several times that your interest is in making sure crypto
isn't the weak link in the chain.
Well, it's not. We know it's not. (And not just because of XKCD,
either.[*]). Roughly one in four desktop PCs is already exploited.
Applications are a see
> Read-only you say?
Given I've only been playing around with these things for the last few
hours, you'll have to forgive the occasional newbie mistake. :) But
damn, they're *neat*!
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg
31 matches
Mail list logo
