-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Ted Smith escribió:
...
Deniable encryption is a useful tool, but it is not a universally good idea.
An interrogator as described in this thread is a movie plot threat. In
reality, nobody is going to torture you for your key, because there are
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Doug Barton escribió:
On Thu, 22 Jul 2010, Faramir wrote:
...
I don't see the signature, nor the claim about it being signed. I saw
an attachment, but Thunderbird didn't say it was a signature...
If you navigate to the message in Thunderbird
Grant Olson k...@grant-olson.net wrote
On 7/22/10 6:13 PM, Malte Gell wrote:
Hi there!
I have the following setup: a Linux luks encrypted partition. It is
encrypted with a keyfile, the keyfile itself is GnuPG encrypted and
stored in /root
...
When I use these commands after
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Robert J. Hansen escribió:
...
An interrogator as described in this thread is a movie plot threat. In
reality, nobody is going to torture you for your key...
The point is not about torture. The point is about interrogation.
Imagine this
On Thu, Jul 22, 2010 at 08:03:25PM -0700, Doug Barton wrote:
Can anyone else verify messages sent by Andre? His message claims to
have a PGP signature, but what's in what should be the signature
block isn't.
Mutt isn’t verifying these either. The message Content-Type appears to
be
Yes and the boot partition is not encrypted, only /home But I solved it. It
was an init script issue. On openSUSE there is an init script earlyxdm and
it has overridden so to say the pinentry-ncurses program. I have now edited
earlyxdm and have added my own script to Requried-Start, thus
BODY { font-family:Arial, Helvetica, sans-serif;font-size:12px; }I
need to be able to ultimately trust a public key in batch mode, that
I have downloaded automatically with wget from an internal server
over HTTPS.
I don't want to do --trust-model always, apart from the fact I want
to use a
m...@proseconsulting.co.uk wrote:
I need to be able to ultimately trust a public key in batch mode, that I
have downloaded automatically with wget from an internal server over HTTPS.
I don't want to do --trust-model always, apart from the fact I want to
use a trusted key anyway, gpg
On Fri 23/07/10 11:48 AM , David Smith dave.sm...@st.com sent:
I need to be able to ultimately trust a public key
in batch mode, that I have downloaded automatically with wget from an
internal server over HTTPS.
I think that you might be confusing trust with validity.
If you want it
Hello,
How do I import a subkey into an existing secret key?
I use a DSA key with El-Gamal encryption keys that I regenerate every
year. At some point my keyrings got out of sync and I ended up carrying
on with an older key. There was a secret subkey in the middle there that
got lost and I only
Realloc Bug with X.509 certificates in GnuPG
==
2010-07-23
Summary
===
While trying to import a server certificate for a CDN service, a segv
bug was found in GnuPG's GPGSM tool. It is likely
Message: 4
Date: Thu, 22 Jul 2010 21:19:50 +0100
From: Andre Amorim an...@amorim.me
To: GnuPG Users gnupg-users@gnupg.org
Do we have a plausibly deniable option ?
GnuPG can be used for plausible deniability both for encrypting and
for signing:
[1] hiding the identity of the encryption:
The
vedaal at nym.hush.com wrote on Fri Jul 23 15:51:38 CEST 2010
and since you really didn't
encrypt the message, you can't give up the session key, and now
the
government wants *all* your keys and passwords to prove you didn't
encrypt the message.
Sorry :-)
meant to say:
and since you
On 07/23/2010 09:51 AM, ved...@nym.hush.com wrote:
From: Andre Amorim an...@amorim.me
Do we have a plausibly deniable option ?
[1] hiding the identity of the encryption:
The 'throw-keyids' option hides which keys the message is encrypted to
[...]
The government can claim, that in order
Daniel Kahn Gillmor dkg at fifthhorseman.net wrote on
Fri Jul 23 16:32:17 CEST 2010 :
There is no way to prove that you did not encrypt a message.
Agreed.
But it is very simple to either give up a session key to an
encrypted message, or show that that the message was not encrypted
to any
On 07/23/2010 07:35 AM, m...@proseconsulting.co.uk wrote:
On Fri 23/07/10 11:48 AM , David Smith dave.sm...@st.com sent:
I need to be able to ultimately trust a public key
in batch mode, that I have downloaded automatically with wget from an
internal server over HTTPS.
I think that you
Hi,
I'm planning on finally uploading my key to a keyserver. Now I had the
idea to add a primary user ID which contains only my name and no email
address. The reason would be that i won't lose any signatures if I
change my email address and revoke the then obsolete user id.
Does that make sense?
On 7/23/10 11:51 AM, war_is_pe...@privatdemail.net wrote:
Does that make sense? Are there known problems if a (primary) user ID
doesn't contain any email address?
Nope! Check out 0xE6602099 for my key with a primary uid of James
Patrick Howard, II.
James
--
James P. Howard, II, MPA MBCS
On Jul 23, 2010, at 11:51 AM, war_is_pe...@privatdemail.net wrote:
Hi,
I'm planning on finally uploading my key to a keyserver. Now I had the
idea to add a primary user ID which contains only my name and no email
address. The reason would be that i won't lose any signatures if I
change my
tux.tsn...@free.fr wrote
Yes and the boot partition is not encrypted, only /home But I solved it.
It was an init script issue. On openSUSE there is an init script
earlyxdm and it has overridden so to say the pinentry-ncurses program.
I have now edited earlyxdm and have added my own
On Fri, 23 Jul 2010, Faramir wrote:
Doug Barton escribió:
On Thu, 22 Jul 2010, Faramir wrote:
...
I don't see the signature, nor the claim about it being signed. I saw
an attachment, but Thunderbird didn't say it was a signature...
If you navigate to the message in Thunderbird and then
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
David Shaw escribió:
On Jul 23, 2010, at 11:51 AM, war_is_pe...@privatdemail.net wrote:
...
I'm planning on finally uploading my key to a keyserver. Now I had the
idea to add a primary user ID which contains only my name and no email
address.
On 7/23/10 2:52 AM, Malte Gell wrote:
Yes and the boot partition is not encrypted, only /home But I solved it.
Regards
Malte
Just keep in mind that if you're not encrypting the whole disk, your
sensitive data can leak to /tmp and swap. I'm only bringing this up
because it seems like
Hi Guys.
I am currently running OpenSolaris 2010, I got GPG2 set up and my
(OpenPGP) Smartcard. I have no problems accesing the smartcard from GPG2
(e.g gpg2 --card-status) everything shows up fine, I am able to edit and
view my keys and so on.
The problem though is when I'm trying to get
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I have what I am sure is a frequently asked question, but I cannot find
a FAQ. I can find the archives, but I know no good way to search them.
It is the question about the order of signing and encrypting a message.
I am pretty sure that is the
On Fri, 2010-07-23 at 02:07 -0400, Faramir wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Ted Smith escribió:
...
Deniable encryption is a useful tool, but it is not a universally good
idea.
An interrogator as described in this thread is a movie plot threat. In
reality,
On 23 July 2010 23:08, Ted Smith ted...@gmail.com wrote:
On Fri, 2010-07-23 at 02:07 -0400, Faramir wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Ted Smith escribió:
...
Deniable encryption is a useful tool, but it is not a universally good
idea.
An interrogator as
On 7/23/2010 6:08 PM, Ted Smith wrote:
Nobody in any country is going to torture you for your key, because
keyloggers are much less expensive than torturers + torturing equipment.
This is not true. There are documented instances where people have been
tortured to turn over crypto keys.
You
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Ted Smith escribió:
On Fri, 2010-07-23 at 02:07 -0400, Faramir wrote:
...
Well, I suppose in most countries nobody is going to torture you, but
there are other countries where you can't be so sure... Also, an
...
Nobody in any country is going
29 matches
Mail list logo