On Tue, 28 Jul 2015 21:13, 2014-667rhzu3dc-lists-gro...@riseup.net said:
> My point was that when I list the public keys, the listing for each
> key starts with "Keyring: C:/PATH/TO/pubring.kbx". When listing the
> private keys, I would expect to instead be given the path to
> private-keys-v1.d.
On Tue, 28 Jul 2015 18:27, w...@gnupg.org said:
> Right. I'll check whether this can be done easily.
Okay, with commit 8b2b988 it does now look this way:
sec rsa1024/53B620D01CE0C630
created: 2006-01-01 expired: 2011-06-30 usage: SC
card-no: 0001 0347
trust: unknown
Hi all,
I've discover recently the Private DO field in my OpenPGP Smart Card V2.1.
First, I try it on my Windows System and Gpg4Win 2.2.5 but I did't see
anything. Yesterday, on my Debian system I finally saw it ( Private DO
#1 & #2).
Now, I've got a big TEST in my field and I didn't find how to
On Tue, 28 Jul 2015 19:57, 2014-667rhzu3dc-lists-gro...@riseup.net said:
> Couldn't human-readable data with a suitable field delimiter (such as
> generated by GnuPG's "--with-colons" option) be interpreted by a
> parser?
OpenPGP allows to indicate whether a notation data item is human
readable.
On Tue, 28 Jul 2015 20:46, 2014-667rhzu3dc-lists-gro...@riseup.net said:
> Unless at least some of the major email providers were to provide a
> means for these DNS entries to be added, any DNS-based approach has
> very limited potential.
Right, but is the only solid way of doing it. The provide
On 29/07/2015 08:57, Werner Koch wrote:
> On Tue, 28 Jul 2015 18:27, w...@gnupg.org said:
>
>> Right. I'll check whether this can be done easily.
>
> Okay, with commit 8b2b988 it does now look this way:
>
> sec rsa1024/53B620D01CE0C630
> created: 2006-01-01 expired: 2011-06-30 usage: SC
On Wednesday 29 July 2015 07:42:34 n...@enigmail.net wrote:
> Am 29.07.2015 um 03:30 schrieb MFPA:
> > Why not simplify the workflow:-
> >
> > 1. key reaches validation server.
> >
> > 2. for each UID containing an email address, validation server creates
> >a copy of the key stripped of all
On Wednesday 29 July 2015 01:48:54 MFPA wrote:
> On Tuesday 28 July 2015 at 8:17:28 PM, in
> , n...@enigmail.net wrote:
> > AFAIK, there are not THAT many faked keys, but the
> > problem exists especially for key parties of our
> > internet world (a famous German magazine, at least one
> > GPG tool
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 29 July 2015 at 3:53:47 AM, in
, fmv1...@gmail.com wrote:
> Is there a way to comment a key locally?
I think the closest currently available is a non-exportable signature
with brief comment in a signature notation.
- --
Best re
Hmmm,
first i talked to him/them a couple of times personally
(there are multiple editors at that magazine)
about the issue in detail and tried to convince them following
the WoT without success.
Note that they just behave as ordinary users,
having not much time to deal with the problems of OpenP
On 07/29/2015 10:10 AM, Antoine Michard wrote:
how to delete field or how to show field #3 & #4
Private DOs #3 and #4 are only readable once the User and Admin PIN,
respectively, have been verified.
So to show the contents of Private DO #3 :
$ gpg --card-edit
gpg/card> verify
[enter y
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/29/2015 01:07 PM, n...@enigmail.net wrote:
> Hmmm,
> There should simply be no overhead in using OpenPGP in the ordinary
> case for the ordinary user.
>
Any secure system needs proper operational security surrounding it,
that require user a
At Wed, 29 Jul 2015 01:03:53 +0100,
MFPA wrote:
> On Tuesday 28 July 2015 at 11:46:10 PM, in
> , Neal H. Walfield wrote:
> > At Tue, 28 Jul 2015 19:22:29 +0100, MFPA wrote:
> >> It also eliminates any attempt to to establish a link
> >> between the key and the email address in the UID.
>
> > I'm n
At Wed, 29 Jul 2015 02:30:47 +0100,
MFPA wrote:
> On Monday 27 July 2015 at 1:15:57 PM, in
> , Neal H. Walfield wrote:
>
>
> > Regarding the design: personally, I wouldn't have the
> > user follow a link that includes a swiss number, but
> > have the user reply to the mail, include the swiss
> >
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 29 July 2015 at 6:42:34 AM, in
, n...@enigmail.net wrote:
> Interesting. What comes into my mind is the following:
> - This requires special email clients.
How would this require a special email client?
OpenPGP-aware email cli
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 29 July 2015 at 11:05:13 AM, in
, Ingo Klöcker
wrote:
> A possible benefit would be that the user can choose
> not to upload the validation signatures to the
> keyservers. With a minor change in step 1 (the key
> owner uploads his
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/29/2015 02:41 PM, MFPA wrote:
> Hi
>
>
> On Wednesday 29 July 2015 at 11:05:13 AM, in
> , Ingo Klöcker
> wrote:
>
>
>> A possible benefit would be that the user can choose not to
>> upload the validation signatures to the keyservers. With
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 29 July 2015 at 1:09:54 PM, in
, Neal H. Walfield wrote:
> Personally, I think c is the killer in this plan:
> people aren't going to bother to upload it (assuming
> they even get that far)!
They have gone to the effort of sendin
On Wednesday 29 July 2015 14:09:54 Neal H. Walfield wrote:
> At Wed, 29 Jul 2015 02:30:47 +0100,
>
> MFPA wrote:
> > On Monday 27 July 2015 at 1:15:57 PM, in
> >
> > , Neal H. Walfield wrote:
> > > Regarding the design: personally, I wouldn't have the
> > > user follow a link that includes a swis
At Wed, 29 Jul 2015 14:05:49 +0100,
MFPA wrote:
> On Wednesday 29 July 2015 at 1:09:54 PM, in
> , Neal H. Walfield wrote:
>
>
> > Personally, I think c is the killer in this plan:
> > people aren't going to bother to upload it (assuming
> > they even get that far)!
>
> They have gone to the effo
At Wed, 29 Jul 2015 15:14:07 +0200,
Ingo Klöcker wrote:
> If you replace "validation server" with "keysigning party participant" then
> you get one of the ways participants of keysigning parties get their
> signatures to the key owners. So, it's already done and people do upload
> their
> signe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 29 July 2015 at 1:07:21 PM, in
, Neal H. Walfield wrote:
> It doesn't have to be per-email address. It is
> sufficient to attach it to the primary key.
Fair enough if it is just to signify the key is in current usage. But
I thi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 29 July 2015 at 12:07:20 PM, in
, n...@enigmail.net wrote:
> They get hundreds of emails per day and each email they
> can't read is a significant problem because the 2
> seconds they have for reading emails turn out to become
>
On Wed, 29 Jul 2015 12:38, kloec...@kde.org said:
> I personally chose to ignore the stupid editorial. IMHO it does not deserve
> more attention than any other rant written by a random troll. OTOH, the
The publication came to a surprise to me given that we had a mail Q+A in
the week before to e
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 29 July 2015 at 1:47:35 PM, in
, Kristian Fiskerstrand wrote:
> On 07/29/2015 02:41 PM, MFPA wrote:
>> That would be good: mail clients that applied a rule
>> to only use validated keys would otherwise deny
>> service when emaili
[Please do not CC me. I am subscribed.]
On Wednesday 29 July 2015 13:07:20 n...@enigmail.net wrote:
> I see no reason NOT to solve this problem,
> but I see many reasons to solve it.
>
> Just saying "deal with it" simply means that
> we place unneccesary burden on OpenPGP users.
> IMO, that's a r
[Sent from my HTC, as it is not a secured device there are no cryptographic
keys on this device, meaning this message is sent without an OpenPGP
signature. In general you should *not* rely on any information sent over
such an unsecure channel, if you find any information controversial or
un-expecte
On 29.07.15 14:07, Neal H. Walfield wrote:
> At Wed, 29 Jul 2015 01:03:53 +0100,
> MFPA wrote:
>> On Tuesday 28 July 2015 at 11:46:10 PM, in
>> , Neal H. Walfield wrote:
>>> At Tue, 28 Jul 2015 19:22:29 +0100, MFPA wrote:
It also eliminates any attempt to to establish a link
between the k
Am 29.07.2015 um 15:41 schrieb MFPA:
>> Well, I don't like the CA model and that's what Nico is
>> basically proposing (with less rigorous checks).
>> Another huge disadvantage is that user's have to
>> actively participate by replying to emails / visiting a
>> link.
>
> Yes, PoW has none of that
On Wed 2015-07-29 07:05:50 -0400, MFPA wrote:
> On Wednesday 29 July 2015 at 3:53:47 AM, in ,
> fmv1...@gmail.com wrote:
>
>> Is there a way to comment a key locally?
>
> I think the closest currently available is a non-exportable signature
> with brief comment in a signature notation.
That's exa
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 29 July 2015 at 5:34:52 PM, in
, Daniel Kahn Gillmor
wrote:
> note that this has the side effect of marking every
> lsigned key+user id as valid (since i'm certifying it
> with my own key).
Would it work to keep a special key wit
On Wed 2015-07-29 19:06:26 -0400, MFPA wrote:
> On Wednesday 29 July 2015 at 5:34:52 PM, in
> , Daniel Kahn Gillmor wrote:
>
>> note that this has the side effect of marking every lsigned key+user
>> id as valid (since i'm certifying it with my own key).
>
> Would it work to keep a special key wit
On 2015-07-29 18:24, n...@enigmail.net wrote:
> So, could somebody explain in a bit more detail how a PoW approach works?
>
As far as I understand it, for any key that you have - regardless
whether you have access to the mail address in the uid - you can add
some signature where anyone with the p
33 matches
Mail list logo
