Re: Future OpenPGP Support in Thunderbird

Am 11.10.19 um 20:15 schrieb Phillip Susi: > Why the heck don't they just run gpg the way enigmail did? > They don't want users to require to install gpg first. And they don't want to ship gpg with Windows installers, since it isn't MPL. Philipp signature.asc Description: OpenPGP digital

Re: Future OpenPGP Support in Thunderbird

While having OpenPGP support directly in Thunderbird is probably a good thing, I found it convenient to just use the gpg kerys for Email encryption and signing (and conversely, being able to just use keys imported via Enigmail to encrypt files using gpg). It would be really nice, if Thunderbird

[OT] Where can I find some papers to read on mail (and envelope) security?

There has been plenty of research on email security and the need for encryption is well-known. However, I wonder if there has been any research on mail security. Of course, one could just put a GPG-encrypted letter in an ordinary envelope, but there are more common measures that are meant to give

Re: STM32F103 flash ROM read-out service

Am 05.06.2018 um 02:37 schrieb NIIBE Yutaka: > Hello, > > While learning Chinese language, I found this service (in Chinese): > > http://www.pcbcopy.com/2016/ic_1128/1928.html > > IIUC, It's a company in ShenZhen, which offers a service reading out > from protected STM32F103, even if it

Re: A postmortem on Efail

Am 20.05.2018 um 08:26 schrieb Robert J. Hansen: > Writing just for myself -- not for GnuPG and not for Enigmail and > definitely not for my employer -- I put together a postmortem on Efail. > You may find it worth reading. You may also not. Your mileage will > probably vary. :) > >

Re: New smart card / token alternative

Am 06.11.2017 um 23:26 schrieb ved...@nym.hush.com: > > > On 11/6/2017 at 4:55 PM, "Tim Steiner" wrote: > > \We have been working on a project to build a direct interface for > PGP/GPG usage using U2F for web apps and browser extensions. This is > similar to existing smart cards

Re: The symmetric ciphers

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 10.09.2013 15:30, schrieb Robert J. Hansen: On 9/10/2013 6:35 AM, Philipp Klaus Krause wrote: I wonder if it would be a good idea to have an option to combine symmetric ciphers, e.g. users could state a preference list like

Re: 2048 or 4096 for new keys? aka defaults vs. Debian

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 27.10.2013 19:47, schrieb Peter Lebbing: On 27/10/13 19:09, Filip M. Nowak wrote: 1) Specialized microcontrollers with crypto capabilities are available and used for years now (AVR XMEGA which is 8 bit for example) AVR XMEGA has DES and AES,

Re: The symmetric ciphers

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 10.09.2013 13:45, schrieb Werner Koch: You would also need a second public keypair to protect the second symmetric key. If you don't, the attacker would target the public key scheme directly - ah well that is in any case the lower hanging

Re: The symmetric ciphers

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 30.10.2013 18:39, schrieb Robert J. Hansen: Well, here's a (rough, and maybe naive) explanation of why I assumed that the effort is at least max(a, b): If you first encrypt with ROT10 and then with ROT16, the final strength is not the maximum

Re: The symmetric ciphers

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 10.09.2013 12:35, schrieb Philipp Klaus Krause: I wonder if it would be a good idea to have an option to combine symmetric ciphers, e.g. users could state a preference list like this: TWOFISH+AES256 3DES+BLOWFISH+AES AES 3DES The meaning

Re: The symmetric ciphers

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Is there a known good way to combine multiple symmetric ciphers into something that is at least as strong as the weakest of them? Philipp -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.15 (GNU/Linux) Comment: Using GnuPG with Icedove -

Re: The symmetric ciphers

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 30.10.2013 23:33, schrieb Philipp Klaus Krause: Is there a known good way to combine multiple symmetric ciphers into something that is at least as strong as the weakest of them? Philipp This should have been ... as the strongest of them

Re: The symmetric ciphers

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 30.10.2013 23:51, schrieb Bob (Robert) Cavanaugh: I guess I lost track of the initial purpose of this thread. Why do you want this if you can only achieve the same cryptographic strength as one of the ciphers? What problem are you solving?

Re: Sign key and export for each UID

Am 17.09.2013 02:09, schrieb Doug Barton: On 09/16/2013 03:02 PM, Philipp Klaus Krause wrote: | Unfortunately, tools for signing keys with multiple UIDs IMO are not | user-friendly enough, tpically due to the following: | | 1) They require the user to be familiar with the command-line, | 2

Re: Sign key and export for each UID

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 17.09.2013 08:23, schrieb atair: On 9/16/13, Doug Barton do...@dougbarton.us wrote: The way that your signer did it is _a_ standard way to do it. CAFF is a very popular program for that, and there is another here that is also pretty good:

Re: Sign key and export for each UID

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 16.09.2013 23:18, schrieb Ingo Klöcker: On Monday 16 September 2013 11:57:04 Doug Barton wrote: The way that your signer did it is _a_ standard way to do it. CAFF is a very popular program for that, and there is another here that is also pretty

The symmetric ciphers

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I wonder if it would be a good idea to have an option to combine symmetric ciphers, e.g. users could state a preference list like this: TWOFISH+AES256 3DES+BLOWFISH+AES AES 3DES The meaning of A+B would be to encrypt using A first, and then encrypt

Should the use of multiple UID per key be discouraged?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 GPG supports the feature of having multiple UIDs per key. However this requires special care of anyone signing such a key. AFAIK, there is no really user-friendly, and definitely no newbie-friendly way to do so. IMO this makes it much harder to expand

Re: key management APG

Am 03.08.2013 14:51, schrieb Hauke Laging: Am Sa 03.08.2013, 12:16:56 schrieb ix4...@gmail.com: On 30 July 2013 22:30, ix4...@gmail.com wrote: I only need one GPG identity for now. I also use GPG on devices of two classes: Secure and insecure. I would like to take some operational

Re: Multiple email addresses - any alternative to ask everyone to sign all my keys?

. On 7/24/2013 1:53 AM, Philipp Klaus Krause wrote: Unfortunately, this is not casting very much light on things. The use of phrases like CONFIDENTIAL, SECRET and TOP SECRET have very specific meanings in NATO countries, and you're using them here in ways that are at odds with their NATO

Re: Multiple email addresses - any alternative to ask everyone to sign all my keys?

Am 24.07.2013 08:35, schrieb Heinz Diehl: On 24.07.2013, Philipp Klaus Krause wrote: I do not trust the computer at university with the secret key used to decrypt my private mail. [] Still, I want to be able to read any encrypted mail sent to my unversity addresses on the computer

Re: Multiple email addresses - any alternative to ask everyone to sign all my keys?

Am 24.07.2013 15:18, schrieb Mark H. Wood: On Wed, Jul 24, 2013 at 11:33:18AM +0200, Philipp Klaus Krause wrote: I just want multiple security levels: Decrypt mail addressed to the university address, but not mail addressed to my private address on the university computer. Decrypt both types

Multiple email addresses - any alternative to ask everyone to sign all my keys?

I'm currently using 4 email addresses - 1 for private mail, 1 for a small business, and 2 for university. Currently I have three keys - one for the private mail, one for the business, and one for unversity. Each of the keys has been signed with all keys. Of course it is annoying to have to ask

Re: Multiple email addresses - any alternative to ask everyone to sign all my keys?

Am 23.07.2013 21:04, schrieb Heinz Diehl: On 23.07.2013, Philipp Klaus Krause wrote: Of course it is annoying to have to ask everyone to sign three keys - after all they are all my keys, and the people I ask to sign my key all get to see the same passport. Is there a better alternative

Re: Multiple email addresses - any alternative to ask everyone to sign all my keys?

Am 23.07.2013 23:22, schrieb Max Parmer: Sounds like you might want an offline master key with a couple UIDs and several subkeys. But can I have multiple encryption subkeys, with encryption subkeys associated with UIDs? I though one subkey per UID only works for signing. Also if I didn't

Re: Multiple email addresses - any alternative to ask everyone to sign all my keys?

Am 23.07.2013 23:22, schrieb Max Parmer: Sounds like you might want an offline master key with a couple UIDs and several subkeys. But can I have multiple encryption subkeys, with encryption subkeys associated with UIDs? I one subkey per UID only works for signing. Also if I didn't trust

Re: Multiple email addresses - any alternative to ask everyone to sign all my keys?

Hmm, since everyone seems to think He doesn't consider the unviersity computer secure enough for something, so he shouldn't consider it secure enough for anything, it seems I'm failing and communicating what I want to do. Maybe having a look at the following scenario will help: I have three