On 13/01/2014, Peter Lebbing wrote:
> On 12/01/14 00:18, Sam Kuper wrote:
>> Again, perhaps I am wrong. But if I am not, then the use of OpenPGP
>> cards with non-pinpad readers still makes no sense (at least, not to
>> me).
>
> Since most readers don't filter VERI
On 05/01/2014, Sam Kuper wrote:
> In group 2 above, the smallest reader I have found online which offers
> secure PIN entry is the ACR83.
Hm, I've now found several mailing list and forum discussions, etc,
that indicate the ACR83 is not compatible with OpenPGP cards. That's a
pit
Dear GnuPG users,
I am new to this list, so please be gentle.
At some point in the coming months, I may try to obtain an OpenPGP
smart card and reader.
At the moment, such combinations, whether separable or combined into a
single device, seem to be available in two form factors, neither of
which
On Jan 5, 2014 1:18 PM, "Werner Koch" wrote:
> On Sun, 5 Jan 2014 05:02, sam.ku...@uclmail.net said:
> Take care: The Omnikey does not work with free software and 2048 bit
> or larger keys. Better get a Gemalto or Identive (SCM) reader.
Thanks for the warning :)
> > In group 2 above, the small
Dear Werner,
Thank you for your kind reply.
On 06/01/2014, Werner Koch wrote:
>>> The question is whether this is really helpful. Yes, it protects your
>>> PIN
That is helpful. No question about this part!
> After a successful verification of the PIN the card allows the use of
> the PSO Decry
On 07/01/2014, Sam Kuper wrote:
> On 06/01/2014, Werner Koch wrote:
>>>> The question is whether this is really helpful. Yes, it protects your
>>>> PIN
>
> That is helpful. No question about this part!
Perhaps I should be clearer about why I believe it is u
On 07/01/2014, Peter Lebbing wrote:
> On 07/01/14 17:27, Werner Koch wrote:
>> See the card HOWTO or try gpg --card-edit, admin, help.
>
> Additionally, in the OpenPGP Card 2.0.1 spec, the DO with tag C4 on page
> 17,
> section 7.2.2 (VERIFY) and section 7.2.8 (PSO: COMPUTE DIGITAL SIGNATURE)
> al
On Jan 9, 2014 7:16 PM, "David Tomaschik" wrote:
>
> if the machine you are using for crypto operations is compromised, you have
> lost (at least for the operations conducted while it is compromised)
Perhaps I'm wrong, but I don't entirely accept this. Surely if you are
signing with a key stored
On 11/01/2014, David Tomaschik wrote:
> On Sat, Jan 11, 2014 at 1:05 PM, Sam Kuper wrote:
>> On Jan 9, 2014 7:16 PM, "David Tomaschik"
>> wrote:
>> > if the machine you are using for crypto operations is compromised, you
>> have lost (at least
On Jan 12, 2014 3:52 AM, "MFPA" <2014-667rhzu3dc-lists-gro...@riseup.net>
wrote:
> Sam Kuper wrote:
> > Yes, as I said, it could tamper with the message. But
> > if it does that, then when a recipient attempts to
> > verify the signature, gpg --verify will give
On 09/04/2014, Kapil Aggarwal wrote:
> Now, what will help drive this adoption more?
>
> All thoughts are very much welcome and appreciated.
One possible answer: https://www.mailpile.is/faq/
I haven't tried it myself, btw.
___
Gnupg-users mailing list
11 matches
Mail list logo
