On Tue, Mar 22, 2016 at 11:56 PM, Andrew Gallagher
wrote:
> On 22 Mar 2016, at 22:10, Dashamir Hoxha wrote:
>
> On Tue, Mar 22, 2016 at 10:21 PM, Peter Lebbing
> wrote:
>>
>> And why is your primary key capable of encryption? One of the reasons for
>> subkeys is so you don't have to use the sam
On Wed, Mar 23, 2016 at 6:04 AM, Viktor Dick wrote:
>
> Then there is the problem that the user might not notice that his key is
> expired. I remember vagely spending a day trying to find the error until
> I noticed that my subkeys were expired. But this might have been a
> problem with Enigmail,
Viktor Dick:
> In this case, I think you have got a point. I think the gnupg default of
> 'expires: never' is not the best solution, since people who just try it
> out might end up with a public key published to keyservers where they
> have lost the private key.
[...]
> But I still think it might b
Hello,
I'm using my yubikey 4 as a smartcard to log on remote SSH with PUTTY,
under Windows.
Putty have a little software called pageant that keep your keys
available for putty to use. Unfortunately, it is not smartcard
compatible.
Fortunately, it works if I use a modified pageant.exe found here :
On Wed, 23 Mar 2016 03:20, m...@tankredhase.de said:
> wanted to get the GnuPG community's thoughts. Making GCM the new
> standard mode for symmetric encryption would give us a modern and
> performant alternative to OpenPGP's CFB mode. Especially with regards
As I mentioned on the WG list, I woul
On Tue, 22 Mar 2016 20:35, dashoho...@gmail.com said:
> I still think that the colons format is a bit difficult to process and not
The colon format difficult? I can do almost everything on the command
line. awk(1) is your friend.
> not as easy as that. For example there is also --passphrase-fd
> On 23 Mar 2016, at 07:27, Dashamir Hoxha wrote:
>
> Is it OK to have a signing primary key? Is it useful?
A signing primary key is fine. I prefer making single-use subkeys for each of
A,E,S but only the E subkey is strictly necessary. You can always generate the
A,S subkeys later if you fin
Hi Werner,
thanks for quick response.
> Am 23.03.2016 um 22:56 schrieb Werner Koch :
>
> As I mentioned on the WG list, I would really like to see OCB used for
> OpenPGP. OCB is far superior over any other AE modes. There are no
> software patent issues even for closed source software with the
There is a way to know how many "hops" are a key from anything I trust
and see the path?
On Tue, Mar 22, 2016 at 7:43 PM, Andrew Gallagher wrote:
> On 22/03/16 18:30, Peter Lebbing wrote:
>> On 22/03/16 19:14, Andrew Gallagher wrote:
>>> All this is true. But this does not help *me* one iota.
>>
On 23/03/16 16:49, Paolo Bolzoni wrote:
> There is a way to know how many "hops" are a key from anything I trust
> and see the path?
PGP pathfinder will tell you what paths exist between any two specific
keys, so long as they are both in the strong set.
http://pgp.cs.uu.nl/mk_path.cgi
A
signa
Sigh.. it seems I am not yet part of the strong set.
Thanks anyhow!
On Wed, Mar 23, 2016 at 5:54 PM, Andrew Gallagher wrote:
> On 23/03/16 16:49, Paolo Bolzoni wrote:
>> There is a way to know how many "hops" are a key from anything I trust
>> and see the path?
>
> PGP pathfinder will tell you w
On 23/03/16 16:35, Andrew Gallagher wrote:
> [...] and since you can always enforce use of your A,S subkeys (unlike
> E, where it's out of your hands) this shouldn't cause you any issues if you
> change your mind.
I haven't tried it (it's more work than most "let's try this" things), but I
think i
On Tue 2016-03-22 15:11:23 -0400, Dashamir Hoxha wrote:
> On Tue, Mar 22, 2016 at 4:29 PM, Werner Koch wrote:
>
>> FWIW: We even consider to extend gpgme-tool to be a Native Messaging
>> Server for Browsers.
>
> In this case, "gpgme-tool" should be packaged on its own, not inside the
> package "*l
On Wed 2016-03-23 13:42:11 -0400, Peter Lebbing wrote:
> Yes, an on-disk authentication subkey seems really uncommon to me. I would
> completely omit an A subkey.
the monkeysphere project encourages the creation of on-disk
authentication subkeys. While that may be uncommon, i don't think it's
"re
On 23/03/16 19:30, Daniel Kahn Gillmor wrote:
> the monkeysphere project encourages the creation of on-disk
> authentication subkeys. While that may be uncommon, i don't think it's
> "really uncommon".
Fair enough :). Things like monkeysphere are exactly where it makes
sense. I have no idea how m
On Wed, Mar 23, 2016 at 6:48 PM, Daniel Kahn Gillmor
wrote:
>
> > In this case, "gpgme-tool" should be packaged on its own, not inside the
> > package "*libgpgme11-dev*".
> > I am refering to this message:
> > https://lists.gnupg.org/pipermail/gnupg-devel/2014-December/029206.html
>
> I'm entirely
On 3/22/2016 11:14 AM, Andrew Gallagher wrote:
the question most useful to a user is "given this particular
signature, how much confidence should I invest in it?".
No, the question *most* users that bother to use the signature at all
ask about it is, "Did it validate?"
The answer to *your* q
On 23 Mar 2016, at 21:07, Doug Barton wrote:
>
>> On 3/22/2016 11:14 AM, Andrew Gallagher wrote:
>> the question most useful to a user is "given this particular
>> signature, how much confidence should I invest in it?".
>
> No, the question *most* users that bother to use the signature at all as
Hi again,
> Am 23.03.2016 um 22:56 schrieb Werner Koch :
>
> On Wed, 23 Mar 2016 03:20, m...@tankredhase.de said:
>
>> wanted to get the GnuPG community's thoughts. Making GCM the new
>> standard mode for symmetric encryption would give us a modern and
>> performant alternative to OpenPGP's CFB
On 03/23/2016 04:38 PM, Andrew Gallagher wrote:
On 23 Mar 2016, at 21:07, Doug Barton wrote:
On 3/22/2016 11:14 AM, Andrew Gallagher wrote:
the question most useful to a user is "given this particular
signature, how much confidence should I invest in it?".
No, the question *most* users that
20 matches
Mail list logo
