On 29-01-2022 4:43, jonkomer via Gnupg-users wrote:
>> When the keyserer operator operates outside
>> of the EU I don't think that is a legal problem.
> If an individual that requests his personal information is
> removed (i.e., the "right to be forgotten") is EU resident,
> GDPR applies regardle
My personal preferences have nothing to do with the topic
discussed here. I was simply trying to help an organization
that is, for *their own good business reasons* very much
motivated to adhere to GDPR, use existing IT infrastructure
to move to a more secure method of communication.
I was the on
On 03.12.2021 12:04, Bernhard Reiter wrote:
First I wanted to gather some feedback, especially about the following
section, where I've added a recommendation what to use instead
of incompatible header encryption:
| Transport information in a decentral network - just like the writing on the
| o
I was simply trying to help an organization
that is, for *their own good business reasons* very much
motivated to adhere to GDPR, use existing IT infrastructure
to move to a more secure method of communication.
And, for those people and businesses who have to do business with the
EU, the GDPR i
Small correction: The standard is called OpenPGP, not OpenPG.
IIRC, OpenPGP is an open protocol specification by the IETF that succeeded the
original proprietary Pretty Good Privacy.
GNU Privacy Guard (often abbreviated to GnuPG or GPG), the software this
mailing-
list is for, is merely one impl
I would like to set up a YubiKey 5C NFC for SSH, but it doesn’t get
detected by GnuPG:
$ ykman config usb -l
OTP
FIDO U2F
FIDO2
OATH
PIV
OpenPGP
YubiHSM Auth
$ cat .gnupg/scdaemon.conf
reader-port Yubico Yubi
$ gpgconf --kill gpg-agent
$ ps x | grep
On Samstag, 29. Januar 2022 17:38:24 CET jonkomer via Gnupg-users wrote:
> Posting the question was worthwhile, as I have learned
> that:
>
> (a) Unfortunately, OpenPG email encryption is incompatible
> with GDPR and should not be used by those that either want
> or need to be GDPR compliant.
I d
On Samstag, 29. Januar 2022 22:24:03 CET Felix E. Klee wrote:
> I would like to set up a YubiKey 5C NFC for SSH, but it doesn’t get
> detected by GnuPG:
>
> $ ykman config usb -l
> OTP
> FIDO U2F
> FIDO2
> OATH
> PIV
> OpenPGP
> YubiHSM Auth
> $ cat .gnupg/scdae
On Sat, Jan 29, 2022 at 12:59 PM Robert J. Hansen via Gnupg-users
wrote:
>
> > I was simply trying to help an organization
> > that is, for *their own good business reasons* very much
> > motivated to adhere to GDPR, use existing IT infrastructure
> > to move to a more secure method of communicati
On 2022-01-28 at 20:43 -0700, jonkomer wrote:
> > When the keyserer operator operates outside
> > of the EU I don't think that is a legal problem.
>
> If an individual that requests his personal information is
> removed (i.e., the "right to be forgotten") is EU resident,
> GDPR applies regardless
(changing back the thread subject)
On 2022-01-29 at 09:38 -0700, jonkomer wrote:
> I was the one to suggest to them to use e-mail and OpenPG
> encryption. The reasons were two-fold: first to avoid one of
> those centralized, web-browser based, single-point-of-failure,
> essentially insecure commun
PS: I guess by the "emotional reactions" you mean Robert J. Hansen
mails, since replies by other people seem much more technical in
nature.
If by 'emotional' people mean 'amused', then yes. I thought it was
cuter than a pailful of kittens. :)
If by 'emotional' people mean angry, annoyed, or
On 2022-01-23 at 15:23 -0500, Robert J. Hansen wrote:
> > When generating the key-pair with Re: pgp263iamulti06, the
> > "randomness" is obtained by user's keyboard input. Is it
> > then that the above applies only when the session key is
> > generated?
>
> No, the whole CSPRNG is (probably) compr
On 1/29/2022 at 5:39 PM, "Mauricio Tavares via Gnupg-users" wrote
Not quite. It cares about personal data from people residing in
Europe at the time said data was collected. And even then, you need to
be targeting EU/EEA residents. So, if a German citizen goes to FL and
needs to stop at the
On 2022-01-28 at 08:18 +0100, Werner Koch wrote:
> The problem here is that the public parts of the encrypted private
> parts are not authenticated and by modifying the public parts and
> tricking the user to import such a modified backup, information about
> the secret key can be revealed.
I'm a
On Fri, 28 Jan 2022 13:02:03 -0700, jonkomer via Gnupg-users
wrote:
> After the user removal the domain owner is ipso facto
> GDPR compliant. However, he would prefer that a naive user
> (rightly or not) does not consider him unresponsive, and both
> sides have some interest in preventing any Int
Ok, you made me actually look at pgp263iamulti06. :-)
I almost feel like I should apologize.
However, the entropy gathering seems overly optimistic:
*wince*
That's quite a bit worse than I remember. (I haven't looked at 2.6.3
source code in probably 25 years.)
So, yeah. I'm comfortable
Unrelated note: I find the rhetoric of a few posts in this thread
absolutely astounding. From a crypto question to red scare and "my army
is going to kick your country's ass if it dares talk to me" in two easy
steps ? This is vile.
"Tell it to the Marines" is a standard American and British prov
On Sat, Jan 29, 2022 at 10:17 PM vedaal via Gnupg-users
wrote:
>
> On 1/29/2022 at 5:39 PM, "Mauricio Tavares via Gnupg-users"
> wrote
>
>
> Not quite. It cares about personal data from people residing in
> Europe at the time said data was collected. And even then, you need to
> be targeting EU/
On 1/29/2022 at 11:02 PM, "Robert J. Hansen" wrote:> Please
comment if this is adequate, or there is still a problem with
> Disastry's Linux Version.
Why?
I've been trying to get people to move to OpenPGP for literally a
quarter-century, Vedaal. I'm not going to suddenly switch gears
If person1 has a signed and encrypted email to person 2, but which
used IDEA and MD 5, and now wants to decrypt, and re-encrypt and
sign, and send to person 2, who will then destroy the original
email, why shouldn't they be allowed to know if this is safe.
They *are* allowed. Th
On 1/29/2022 at 11:06 PM, "Mauricio Tavares via Gnupg-users" wrote:
> The patient can choose any, all, any combination, or none of them.
> And still get treatment.
>
Can you provide which regulation states that? I could have used
it many times.
=
It's in the HIPPA act which requires
22 matches
Mail list logo
