Am 11.10.19 um 20:15 schrieb Phillip Susi:
> Why the heck don't they just run gpg the way enigmail did?
>
They don't want users to require to install gpg first. And they don't
want to ship gpg with Windows installers, since it isn't MPL.
Philipp
signature.asc
Description: OpenPGP digital
While having OpenPGP support directly in Thunderbird is probably a good
thing, I found it convenient to just use the gpg kerys for Email
encryption and signing (and conversely, being able to just use keys
imported via Enigmail to encrypt files using gpg).
It would be really nice, if Thunderbird
There has been plenty of research on email security and the need for
encryption is well-known.
However, I wonder if there has been any research on mail security. Of
course, one could just put a GPG-encrypted letter in an ordinary
envelope, but there are more common measures that are meant to give
Am 05.06.2018 um 02:37 schrieb NIIBE Yutaka:
> Hello,
>
> While learning Chinese language, I found this service (in Chinese):
>
> http://www.pcbcopy.com/2016/ic_1128/1928.html
>
> IIUC, It's a company in ShenZhen, which offers a service reading out
> from protected STM32F103, even if it
Am 20.05.2018 um 08:26 schrieb Robert J. Hansen:
> Writing just for myself -- not for GnuPG and not for Enigmail and
> definitely not for my employer -- I put together a postmortem on Efail.
> You may find it worth reading. You may also not. Your mileage will
> probably vary. :)
>
>
Am 06.11.2017 um 23:26 schrieb ved...@nym.hush.com:
>
>
> On 11/6/2017 at 4:55 PM, "Tim Steiner" wrote:
>
> \We have been working on a project to build a direct interface for
> PGP/GPG usage using U2F for web apps and browser extensions. This is
> similar to existing smart cards
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 10.09.2013 15:30, schrieb Robert J. Hansen:
On 9/10/2013 6:35 AM, Philipp Klaus Krause wrote:
I wonder if it would be a good idea to have an option to combine
symmetric ciphers, e.g. users could state a preference list
like
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 27.10.2013 19:47, schrieb Peter Lebbing:
On 27/10/13 19:09, Filip M. Nowak wrote:
1) Specialized microcontrollers with crypto capabilities are
available and used for years now (AVR XMEGA which is 8 bit for
example)
AVR XMEGA has DES and AES,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 10.09.2013 13:45, schrieb Werner Koch:
You would also need a second public keypair to protect the second
symmetric key. If you don't, the attacker would target the public
key scheme directly - ah well that is in any case the lower hanging
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 30.10.2013 18:39, schrieb Robert J. Hansen:
Well, here's a (rough, and maybe naive) explanation of why I
assumed that the effort is at least max(a, b):
If you first encrypt with ROT10 and then with ROT16, the final
strength is not the maximum
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 10.09.2013 12:35, schrieb Philipp Klaus Krause:
I wonder if it would be a good idea to have an option to combine
symmetric ciphers, e.g. users could state a preference list like
this:
TWOFISH+AES256 3DES+BLOWFISH+AES AES 3DES
The meaning
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Is there a known good way to combine multiple symmetric ciphers into
something that is at least as strong as the weakest of them?
Philipp
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Icedove -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 30.10.2013 23:33, schrieb Philipp Klaus Krause:
Is there a known good way to combine multiple symmetric ciphers
into something that is at least as strong as the weakest of them?
Philipp
This should have been ... as the strongest of them
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 30.10.2013 23:51, schrieb Bob (Robert) Cavanaugh:
I guess I lost track of the initial purpose of this thread. Why do
you want this if you can only achieve the same cryptographic
strength as one of the ciphers? What problem are you solving?
Am 17.09.2013 02:09, schrieb Doug Barton:
On 09/16/2013 03:02 PM, Philipp Klaus Krause wrote:
| Unfortunately, tools for signing keys with multiple UIDs IMO are not
| user-friendly enough, tpically due to the following:
|
| 1) They require the user to be familiar with the command-line,
| 2
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 17.09.2013 08:23, schrieb atair:
On 9/16/13, Doug Barton do...@dougbarton.us wrote:
The way that your signer did it is _a_ standard way to do it.
CAFF is a very popular program for that, and there is another
here that is also pretty good:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 16.09.2013 23:18, schrieb Ingo Klöcker:
On Monday 16 September 2013 11:57:04 Doug Barton wrote:
The way that your signer did it is _a_ standard way to do it.
CAFF is a very popular program for that, and there is another
here that is also pretty
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I wonder if it would be a good idea to have an option to combine
symmetric ciphers, e.g. users could state a preference list like this:
TWOFISH+AES256 3DES+BLOWFISH+AES AES 3DES
The meaning of A+B would be to encrypt using A first, and then encrypt
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
GPG supports the feature of having multiple UIDs per key.
However this requires special care of anyone signing such a key.
AFAIK, there is no really user-friendly, and definitely no
newbie-friendly way to do so. IMO this makes it much harder to expand
Am 03.08.2013 14:51, schrieb Hauke Laging:
Am Sa 03.08.2013, 12:16:56 schrieb ix4...@gmail.com:
On 30 July 2013 22:30, ix4...@gmail.com wrote:
I only need one GPG identity for now. I also use GPG on devices of two
classes: Secure and insecure. I would like to take some operational
.
On 7/24/2013 1:53 AM, Philipp Klaus Krause wrote:
Unfortunately, this is not casting very much light on things. The use
of phrases like CONFIDENTIAL, SECRET and TOP SECRET have very specific
meanings in NATO countries, and you're using them here in ways that are
at odds with their NATO
Am 24.07.2013 08:35, schrieb Heinz Diehl:
On 24.07.2013, Philipp Klaus Krause wrote:
I do not trust the computer at university with the secret key used to
decrypt my private mail.
[]
Still, I want to be able to read any encrypted mail sent to my
unversity addresses on the computer
Am 24.07.2013 15:18, schrieb Mark H. Wood:
On Wed, Jul 24, 2013 at 11:33:18AM +0200, Philipp Klaus Krause wrote:
I just want multiple security levels: Decrypt mail addressed to the
university address, but not mail addressed to my private address on the
university computer. Decrypt both types
I'm currently using 4 email addresses - 1 for private mail, 1 for a
small business, and 2 for university. Currently I have three keys - one
for the private mail, one for the business, and one for unversity. Each
of the keys has been signed with all keys.
Of course it is annoying to have to ask
Am 23.07.2013 21:04, schrieb Heinz Diehl:
On 23.07.2013, Philipp Klaus Krause wrote:
Of course it is annoying to have to ask everyone to sign three keys -
after all they are all my keys, and the people I ask to sign my key all
get to see the same passport. Is there a better alternative
Am 23.07.2013 23:22, schrieb Max Parmer:
Sounds like you might want an offline master key with a couple UIDs and
several subkeys.
But can I have multiple encryption subkeys, with encryption subkeys
associated with UIDs? I though one subkey per UID only works for signing.
Also if I didn't
Am 23.07.2013 23:22, schrieb Max Parmer:
Sounds like you might want an offline master key with a couple UIDs and
several subkeys.
But can I have multiple encryption subkeys, with encryption subkeys
associated with UIDs? I one subkey per UID only works for signing.
Also if I didn't trust
Hmm, since everyone seems to think He doesn't consider the unviersity
computer secure enough for something, so he shouldn't consider it secure
enough for anything, it seems I'm failing and communicating what I want
to do. Maybe having a look at the following scenario will help:
I have three
28 matches
Mail list logo