Security Experts,
I'm considering encrypting a tar archive and optionally a block file system
(via FUSE) using either utility. Does anyone have comments on the best
practices and tools for either?
I read that the OpenSSL AES-CBC CLI mode is prone to a malleable attack
vector and it's CLI
> From: openssl-users on behalf of Nicholas
> Papadonis
> Sent: Friday, November 2, 2018 14:29
> I read
Where? It's hard for us to determine the quality of your source, or your
interpretation of it, if we don't know what it is.
> that the OpenSSL AES-CBC CLI mode is prone to a malleable
Hello Dirk,
Am 02.11.18 um 15:20 schrieb Dirk Gottschalk via Gnupg-users:
> You mean, you "tampered" with the file and the signature is still
> valid? Are you sure? Then Adome does sometging really bad, IMHO.
>
> Such a signature should ensure that the file is unmodified completely.
> otherwise
On 02.11.2018 15:35, Dirk Gottschalk wrote:
> I prefer GPG. And no, GPG does not lack timestamping, a timestamp is
> included in every signature.
Signature creation date is not the same as timestamping. As for why you
may consider the problem of validating signatures made by revoked keys.
Without
Am 02.11.18 um 15:20 schrieb Dirk Gottschalk:
Hello Stefan.
Am Freitag, den 02.11.2018, 12:53 +0100 schrieb Stefan Claas:
Hi Wiktor,
thanks a lot! Now this is awesome... i just timestamped my already
signed .pdf with Adobe Reader DC and this does not invalidate my
qualified signature, when
Hello Wiktor.
Am Donnerstag, den 01.11.2018, 20:14 +0100 schrieb Wiktor Kwapisiewicz:
> On 01.11.2018 11:19, stefan.cl...@posteo.de wrote:
> Do you mean X.509 is technically good or just more widely supported
> in software than OpenPGP? For me there are only few cases where X.509
>
Hello Stefan.
Am Freitag, den 02.11.2018, 12:53 +0100 schrieb Stefan Claas:
>
> Hi Wiktor,
>
> thanks a lot! Now this is awesome... i just timestamped my already
> signed .pdf with Adobe Reader DC and this does not invalidate my
> qualified signature, when saving the document again! :-) I must
Hi guys.
Am Freitag, den 02.11.2018, 12:53 +0100 schrieb Stefan Claas:
> On Fri, 2 Nov 2018 12:20:43 +0100, Wiktor Kwapisiewicz wrote:
> > On 02.11.2018 10:53, Stefan Claas wrote:
> > > Simply one can use a time stamping service, based on blockchain
> > > technology. I can then time stamp the
On Fri, 2 Nov 2018 12:20:43 +0100, Wiktor Kwapisiewicz wrote:
> On 02.11.2018 10:53, Stefan Claas wrote:
> > Simply one can use a time stamping service, based on blockchain
> > technology. I can then time stamp the .pdf. and put also a
> > statement in the .pdf that the file is timestamped and
On 02.11.2018 10:53, Stefan Claas wrote:
> Simply one can use a time stamping service, based on blockchain
> technology. I can then time stamp the .pdf. and put also a
> statement in the .pdf that the file is timestamped and don't must
> worry in the future if one MITM would try (and why?) to
On Thu, 1 Nov 2018 23:50:48 +0100, Stefan Claas wrote:
Hi veedal,
> > A simple, but slightly tedious workaround, would be to GnuPG Armor
> > Sign the .pdf
> >
> > The elDAS signature will still work, but the Armored Signed message
> > is much harder to alter, and such alteration is detectable
11 matches
Mail list logo
