On 01/06/2018 12:23 AM, Lou Wynn wrote:
> On 01/05/2018 12:54 PM, Kristian Fiskerstrand wrote:
>> On 01/05/2018 05:29 PM, Lou Wynn wrote:
>>> The auditing key is certified by the root key and stays with the latter
>>> in my design. Only the administrator can make policy to turn on/off
>>>
On 01/05/2018 12:54 PM, Kristian Fiskerstrand wrote:
> On 01/05/2018 05:29 PM, Lou Wynn wrote:
>> The auditing key is certified by the root key and stays with the latter
>> in my design. Only the administrator can make policy to turn on/off
>> auditing, the client plugin takes corresponding
On 01/05/2018 05:29 PM, Lou Wynn wrote:
> On 01/05/2018 01:10 AM, Kristian Fiskerstrand wrote:
>> There are easily scenarios where a customer forgets to add the "auditing
>> key", making the data unavailable to the organization, in particular in
>> context of loss of employee.
>>
> The auditing
On 01/04/2018 02:28 PM, Ben McGinnes wrote:
> It seems to me, though, that the idea was to provide a means for the
> company to repudiate an employee's key even if the employee was no
> longer available.
This is just one of the benefits enabled by my goals which I stated at
the beginning, and it
On Thu 2017-12-21 16:19:00 +1100, raf wrote:
> Sorry, I thought I already did. The 4th point above does not
> work. When the public-facing host connects via ssh to the
> key management host, and runs gpg, instead of it successully
> connecting to the existing gpg-agent process that I started
>
On 01/05/2018 01:10 AM, Kristian Fiskerstrand wrote:
> There are easily scenarios where a customer forgets to add the "auditing
> key", making the data unavailable to the organization, in particular in
> context of loss of employee.
>
The auditing key is certified by the root key and stays with
On 01/05/2018 02:59 PM, MFPA wrote:
> These old keys are not supported in GnuPG 2.1/2.2 and the
> - --with-keygrip option is not valid in GnuPG 2.0 or 1.4.
>
> I have googled, but could not come up with a search term that produced
> any relevant hits.
I'd start with libgcrypt's
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Is it possible to find out the Keygrip of a version 3 key?
These old keys are not supported in GnuPG 2.1/2.2 and the
- --with-keygrip option is not valid in GnuPG 2.0 or 1.4.
I have googled, but could not come up with a search term that produced
On 01/05/2018 10:13 AM, Andrew Gallagher wrote:
>
>> On 5 Jan 2018, at 08:41, Lou Wynn wrote:
>>
>> The only need for an
>> organization to access their data is decrypting the encrypted data,
>> which is satisfied by the auditing key.
>
> The standard way of doing this
> On 5 Jan 2018, at 08:41, Lou Wynn wrote:
>
> The only need for an
> organization to access their data is decrypting the encrypted data,
> which is satisfied by the auditing key.
The standard way of doing this without allowing for impersonation is escrow of
the encryption
On 01/05/2018 09:41 AM, Lou Wynn wrote:
> On 01/05/2018 12:18 AM, Kristian Fiskerstrand wrote:
>> Businesses have reasonable need to access their data, so they need to
>> have access to his private keys, which contradicts "which
>> is meant to prevent others from using his private keys", although
On 01/05/2018 12:18 AM, Kristian Fiskerstrand wrote:
> Businesses have reasonable need to access their data, so they need to
> have access to his private keys, which contradicts "which
> is meant to prevent others from using his private keys", although
> reading it again I presume you're limiting
On 01/05/2018 01:46 AM, Lou Wynn wrote:
> On 01/04/2018 04:15 PM, Kristian Fiskerstrand wrote:
>> On 01/05/2018 01:12 AM, Lou Wynn wrote:
>>> I guess that you've missed somewhere I said in my previous posts that
>>> the end user chooses his own password to protect his key password, which
>>> is
13 matches
Mail list logo