So I received a public key from a party. I verified it and I'm ready to sign it.
What's next step? What should I ideally do with that signature?
1) send back to the key owner hoping that he will publish it to the keyserver?
2) should I just push it to keyserver myself?
3) what if the key owner di
> I must have missed the memo
> describing the exact nature of the problem.
https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On 25/08/2019 19:40, Stefan Claas via Gnupg-users wrote:
> Hi all,
>
> I am curious what apps you are using when not at home, to send
> OpenPGP compatible email messages? Do you carry a Notebook with
> GnuPG or do you use an OpenPGP smartphone app?
Shortly, I know only one combination that provide
On 26/08/2019 19:47, Wiktor Kwapisiewicz via Gnupg-users wrote:
> If one sets URL field on the
> token then just plugging the token when OpenKeychain is opened is enough
> to get the key ready-to-use.
Can you explain what kind of workflow do you mean here?
signature.asc
Description: OpenPGP d
On 27/08/2019 22:41, Peter Lebbing wrote:
> If a computer is compromised, this is game over for cryptography. Full
> stop.
This is not true. Many crypto systems are designed to perform damage
control and recovery in such cases.
If the compromise is game over for the user - it depends on threat pr
On 27/08/2019 20:50, Stefan Claas via Gnupg-users wrote:
> But what would be, when using computers at work or public places, then
> the best strategy for using OpenPGP, without carrying a Notebook or
> smartphone?
The strategy I advice would be to not use GnuPG and look for alternatives.
I wouldn'
On 02/10/2019 00:55, Tony Lane via Gnupg-users wrote:
> This is not an issue with GnuPG. GnuPG is a back-end utility that front-end
> applications (like GUIs) interface to. Go to your vendor of choice that
> interfaces with GPG and complain (...)
And this is precisely why GnuPG failed.
Cheers,
C
> On 10/4/19 3:35 AM, Stefan Claas wrote:
>> And do those 20 companies business with their customers were GnuPG
>> signatures are legally binding, like real signatures on letters?
>
> _At least_ 20 fortune 500 businesses _that I know of_. Mind you, I'm
not even counting governments.
20? Wow. Ther
On 05/10/2019 15:06, Robert J. Hansen wrote:
> OpenPGP was never meant to be about email.
https://www.openpgp.org/ tells a different story.
It would benefit the community if you guys stop bending over backwards,
explaining potential users that their needs are invalid.
Over and out. I really don'
On 11/10/2019 19:15, Phillip Susi wrote:
> Why the heck don't they just run gpg the way enigmail did?
They don't want to bundle GnuPG because of GnuPG licence:
https://wiki.mozilla.org/Thunderbird:OpenPGP:2020#OpenPGP_engine
Requiring user to set up GnuPG separately is out of question if
they wa
On 09/10/2019 08:06, Tony Lane via Gnupg-users wrote:> It doesn't do
that? Why would they choose to tightly couple TB with
> OpenPGP? If I have to maintain two key databases, that's a dealbreaker
for me.
Dealing with GnuPG complexity is a deal breaker for ordinary users,
preventing adoption. You n
On 12/10/2019 12:14, Werner Koch via Gnupg-users wrote:
> After 20 years of strong resistance against implementing OpenPGP [1], they
> finally seem to do it. That is a good move.
Do you know why they resited OpenPGP adoption it so much?
Cheers,
Chris
On 15/10/2019 21:59, Robert J. Hansen wrote:
> Should they update? Yes. Is the problem mitigated by an update? Yes.
> But will they? Probably not before wedging their keyring. Given that
> high-profile people in the community have had our certificates defaced,
> it's possible someone will say
YubiKeys are supported. You can use NFC key to perform crypto gimmicks or plug
USB one.
OpenKeychain does support quite large palette of hardware tokens.
Paired with K-9 it actually provides relatively good UX.___
Gnupg-users mailing list
Gnupg-users@g
14 matches
Mail list logo
