Hi,
On Tue, Oct 15, 2019 at 03:17:58PM -0400, Robert J. Hansen wrote:
... Those were the high-priority changes that needed to be made. If
anyone has other suggestions, speak up: I'm listening. :)
A while ago (I can’t find the e-mail anymore) I suggested a few changes
that somehow didn’t
On 15/10/2019 21:59, Robert J. Hansen wrote:
> Should they update? Yes. Is the problem mitigated by an update? Yes.
> But will they? Probably not before wedging their keyring. Given that
> high-profile people in the community have had our certificates defaced,
> it's possible someone will
On Tue, 15 Oct 2019 09:06, Bjarni Runar Einarsson said:
> Would the GnuPG issue tracker be a good place to file "bug
> reports" against the spec, to work towards clarifications?
That is okay for bug reports, but often it is more important to get the
opinions from more people than those who
On Tue, 15 Oct 2019 09:14, Chip Senkbeil said:
> Is there some separate setting for GPG agent to discard its cache
> earlier than the ttl/max ttl settings? I've checked the GPG agent
You can follow the cache operations by adding
log-file /some/log/file
debug cache
to gpg-agent.conf and
Let's start with the most important thing:
> I am sorry for having to write these harsh comments
I didn't find your comments harsh, but thank you for being considerate. :)
>> * Every reference to the SKS keyserver network now points to
>> keys.openpgp.org. Reason: the SKS attacks a few months
On Tue, 15 Oct 2019 15:17, Robert J. Hansen said:
> * Every reference to the SKS keyserver network now points to
> keys.openpgp.org. Reason: the SKS attacks a few months ago.
I have to object against this change. The SKS server network is still
useful and definitely more useful than an
The last time I gave the FAQ a thorough read-and-review was in October
2017, so it was time for a review. I fought off the urge to rewrite the
thing entirely -- I really don't like how it flows, but I view my job as
maintainer is more about making minor incremental changes than total
rewrites
> I'm confused. I thought the whole efail thing was about crafting a
> plain text message that says "Good signature verified" and fools the
> user even though it was never run through pgp or had its signature
> verified with s/mime.
I'd suggest reading the Efail paper. The vast majority of the
Werner Koch writes:
> authenticated encryption is different from signed and encrypted mails.
> There are relative easy attacks on the encryption layer if standard
> encryption modes like CBC (as in S/MIME) are used. Whether this really
> affects users is a different question but they can be
Hey folks!
Been using GPG for a couple of months to encrypt, sign, and authenticate and
it's been great!
I'm trying to understand the scenarios in which the GPG agent will remove an
entry from its cache.
I've got my default and max cache (both cache-ttl and cache-ttl-ssh) set to one
day such
On 14.10.2019 22:45, Werner Koch wrote:
> On Mon, 14 Oct 2019 20:43, Kristian Fiskerstrand said:
>
>> was suggested by Kristian and Andre: talking to SCDaemon (scd) with IPC.
>> Details need to be discussed, but it would be an optional solution, that
>
> Given that TB already has smartcard
11 matches
Mail list logo