On Tue, 5 Nov 2013 23:13, mailinglis...@hauke-laging.de said:
revokers. But that didn't work as expected. After entering the command
addrevoker I was asked to enter the user ID of the respective key. Why the
user ID and not the key ID or fingerprint? Does that make any sense?
You may use
Hi
A couple of years ago I created a gpg key for an account that is use to
transfer documents with vendors. It's worked fine. We now have a new vendor
that won't accept the public key because of the expiration date. I don't see a
way to create another public key for this account with the
On 06/11/13 23:28, Leo Gaspard wrote:
The fact that others could get just the same effect by twisting their WoT
parameters is not an issue to me. Firstly, because there are few trust
signatures (according to best practices I read, that said trust signatures
are mainly made for closed-system
On 11/06/13 23:57, Smith, Cathy wrote:
Hi
A couple of years ago I created a gpg key for an account that is use to
transfer documents with vendors. It's worked fine. We now have a new vendor
that won't accept the public key because of the expiration date. I don't see
a way to create
On Thu, Nov 07, 2013 at 11:48:07AM +0100, Peter Lebbing wrote:
On 06/11/13 23:28, Leo Gaspard wrote:
But mostly because signing is an attestion of your belief someone is who
(s)he is. Thus, if you believe someone is who the UID states (s)he is as
much as if you met him/her in person and
On 2013-11-07 17:09, Leo Gaspard wrote:
If I understood correctly, the depth parameter you are talking about
is useless, except in case there are trust signature. And you agreed
with me for
them to be taken out of the equation.
Of course it's not useless. You seem to misunderstand the Web of
On 11/07/2013 11:09 AM, Leo Gaspard wrote:
Except they do not have to know X, nor that he makes perfectly reasonable
decisions in signing keys.
And I believe it's not noise. Let's make an example in the real world :
* I would entrust X with my life
* X would entrust Y with his life, without
On Thu, Nov 07, 2013 at 07:21:28PM +0100, Peter Lebbing wrote:
On 2013-11-07 17:09, Leo Gaspard wrote:
If I understood correctly, the depth parameter you are talking about
is useless, except in case there are trust signature. And you agreed with
me for
them to be taken out of the equation.
On Thu, Nov 07, 2013 at 01:40:22PM -0500, Daniel Kahn Gillmor wrote:
On 11/07/2013 11:09 AM, Leo Gaspard wrote:
Except they do not have to know X, nor that he makes perfectly reasonable
decisions in signing keys.
And I believe it's not noise. Let's make an example in the real world :
* I
On Thu, Nov 07, 2013 at 08:10:11PM +0100, Leo Gaspard wrote:
I'm sorry, I think I gave too much importance to your earlier statement
(Signing is to be an attestation to the validity of the key.) [...]
Sorry again, just noticed it actually wasn't you statement, but Paul's !
So, double
Hi
Is it possible to have 2 public keys with different expiration dates for the
same user? I created a public key a couple of years ago to be used to exchange
documents with vendors for a batch processing account. That is working just
fine. A new vendor wants our public key but requires the
Thank you
The earlier answer got caught at the firewall. I apologize for posting twice.
Best regards,
Cathy
---
Cathy L. Smith
IT Engineer
Pacific Northwest National Laboratory
Operated by Battelle for the
U.S. Department of Energy
Phone: 509.375.2687
Fax: 509.375.2330
Email:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Thursday 7 November 2013 at 11:16:36 AM, in
mid:87txfotqaz@gilgamesch.quim.ucm.es, Uwe Brauer wrote:
BTW, I see you switched back to pgp, but why do you use
old inline mode and not pgpmine?
Because I prefer it. I like to see the
On 11/07/2013 01:02 PM, Smith, Cathy wrote:
Thank you
The earlier answer got caught at the firewall. I apologize for posting twice.
Np, it happens. :)
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
Hi,
I'm currently thinking about using a raspberry pi as a non-networked stand-
alone system for signing keys. Since I haven't heard anything to the contrary,
I'm pretty sure that entropy is relatively scarce on the pi.
How is GnuPG affected by such a low-entropy system? Will operations just
(Failed again to answer to list. I really ought to replace this shortcut...)
On Fri, Nov 08, 2013 at 12:11:38AM +0100, Johannes Zarl wrote:
Hi,
I'm currently thinking about using a raspberry pi as a non-networked stand-
alone system for signing keys. Since I haven't heard anything to the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Thursday 7 November 2013 at 11:16:36 AM, in
mid:87txfotqaz@gilgamesch.quim.ucm.es, Uwe Brauer wrote:
However it is not necessary I just export our signature
as a pem file and import in under authorities. Still
this is very
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Thursday 7 November 2013 at 7:10:11 PM, in
mid:20131107191011.GF470@leortable, Leo Gaspard wrote:
But I still wonder how one should deal with key
duplication (ie. owner of K1 now has a second key
K2)...
If the owner doesn't revoke one,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 6 November 2013 at 7:46:50 AM, in
mid:aa96def1c0ebc54d989e760702dcae32013f23c9a...@stfmsx01.staff.cpce.hk,
Griffin Cheng [CLIB] wrote:
[nothing]
I thought subscribe and unsubscribe and help requests went to
19 matches
Mail list logo