On 02/14/2017 07:51 PM, Marko Bauhardt wrote:
> The trust level of my two IDs was `unknown` in the one public key and
> `ultimate` in the other key.
Trust level is not a property of the public key, it is stored out of
band (in the local trustdb)
--
----
Kr
h for removal event?
--
----
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
-
On 01/04/2017 03:00 PM, Peter Lebbing wrote:
> On 04/01/17 14:56, Kristian Fiskerstrand wrote:
>> What gives you the indication that the UAT is about to be signed?
>
> First and foremost, that it was actually signed when I agreed. I deleted the
> signature afterwards.
>
>
ation that the UAT is about to be signed? (can
try it and not save/delete public key without publishing to see actual
result)
--
----
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
Public OpenPGP keyblock at hk
lication)
--
----
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
Nulla regula sine ex
ey to use outside of the system.
--
----
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
Aut disce au
-dev/2016-October/035409.html
--
----
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
--
s.net to see resolver results,
additionally output of $ gpg-connect-agent --dirmngr 'KEYSERVER --help',
make sure hkps is listed as a supported schemata
--
----
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
Pu
e.., but
doesn't seem like people care too much about things like this today so I
should remove it): "The signed keyblock is uploaded to a randomly chosen
set of keyservers. The signee may hint on what key server or choose to
receive it through mail instead."
t; <5% of the time, and this is literally the first time I've heard the
> word "keyblock".
>
I'd start with -BEGIN PGP PUBLIC KEY BLOCK- :)
--
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
fy third parties (and with the exception of ultimate trust, that
you should only use on keys you control yourself already requires the
key to be validated)
--
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
---
se anywhere else, and can rotate that
as often as wanted to start fresh from time to time.
--
----
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
Public OpenPGP certificate at hkp://pool.sks-keyservers.net
fp
t which point even short keyid isn't an issue as long as they only
select amongst valid keys to begin with, unless they actually have two
people with colliding keyids by coincidence that they communicate with.
--
----
Kristian Fiskerstrand
Blog: https://blog.sumpt
t to begin
with, although I might read it without the proper context in this email)
--
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
Public OpenPGP certificate at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109
d at all, but print full fingerprint so
setting 0xlong here will be a degrade
--
----
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
Public OpenPGP certificate at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034
On 08/08/2016 08:11 AM, Daniel Kahn Gillmor wrote:
> On Sun 2016-08-07 10:40:08 -0400, Kristian Fiskerstrand wrote:
>
..
>> Note when upgrading from earlier versions of SKS
>>
>> The default values for pagesize settings changed in SKS 1.1.4. To
>&
On 08/07/2016 04:40 PM, Kristian Fiskerstrand wrote:
> Hello lists,
>
> We are pleased to announce the availability of a new stable SKS
> release: Version 1.1.6.
>
> SKS is an OpenPGP keyserver whose goal is to provide easy to deploy,
> decentralized, and highly reliable
Hello lists,
We are pleased to announce the availability of a new stable SKS
release: Version 1.1.6.
SKS is an OpenPGP keyserver whose goal is to provide easy to deploy,
decentralized, and highly reliable synchronization. That means that a
key submitted to one SKS server will quickly be distribu
On 06/04/2016 04:26 PM, MFPA wrote:
>
>
> On Saturday 4 June 2016 at 11:15:36 AM, in
> ,
> Kristian Fiskerstrand wrote:
>
>> And if this is upgraded to 1.7 branch?
>
>
> Thanks for the swift reply. He has now noted from the Libgcrypt 1.7.0
> release'
r package libgcrypt20:
>
> Repository: openSUSE-13.2-Security-Privacy
> Name: libgcrypt20
> Version: 1.6.5-112.1
And if this is upgraded to 1.7 branch?
--
----
Kristian Fiskerstrand
Blog: https://blog.sumpt
several
situations (incidentally is a a good example of why the versioning
discussed above makes sense for LTS).
--
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
Public OpenPGP certificate at hkp://poo
character set 'utf-8'
> gpg: keyserver receive failed: No keyserver available
what is the dig +trace output and any firewall blocking port 11371 anywhere?
--
----
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
--
king ldd
[2] iirc using system provided root CAs wasn't included until 2.1.12 either
--
----
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
Public OpenPGP certificate at hkp://pool.sks-keyservers.net
fpr:
On 05/23/2016 09:56 PM, Bjoern Kahl wrote:
> I'd like to convert the existing secret key and the corresponding
> public key, preferably without destroying the signatures, from
> "version 2" to "version 4".
This is not possible.
--
-----
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 04/08/2016 12:38 PM, Philip Colmer wrote:
> On 7 April 2016 at 17:03, Kristian Fiskerstrand
> wrote:
>> is ldap listed as a schema when doing KEYSERVER --help ? you can
>> also check if ldd /usr/bin/dirmngr shows a
e only
> information I seem to be getting is:
>
> gpg: DBG: chan_4 <- ERR 167772346 No keyserver available
is ldap listed as a schema when doing KEYSERVER --help ? you can also
check if ldd /usr/bin/dirmngr shows a linkage to libldap
- --
-
Kristian
me way and
the user don't have a path; and this is first download so the TOFU
scenario fails .. and they aren't doing some probabilistic
consideration based on other public sources as well the end result
will be the same as having provided the checksum, but...
- --
-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 02/27/2016 10:17 AM, Martin Konold wrote:
> Am Freitag, 26. Februar 2016, 12:43:54 CET schrieb Kristian
> Fiskerstrand:
>
> Hi Kristian,
>
>>> the two cards with the gpg -- homedir commandline option.
>
>> A
from private-keys-v1.d (for gnupg 2.1) for the known stubs and doing a
gpg-connect-agent learn /bye or gpg --card status during e.g smartcard
attachment in an udev rule etc, etc.
But see the thread "Re: stub-key migration from gpg 1.4/2.0 to 2.1"
where it is also discussed some options.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 02/25/2016 08:30 PM, Peter Lebbing wrote:
> On 25/02/16 20:24, Kristian Fiskerstrand wrote:
>> 2.0 supports --batch --passphrase-fd 0
>
> Oh! I must have mixed up some things.
>
> Thanks for the rectification!
>
and 2.1 needs a loopback
> pinentry. But of course, the answe
2.0 supports --batch --passphrase-fd 0
- --
- ----
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
-
Public OpenPGP key at hkp://pool.sks-keyser
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 02/25/2016 03:54 PM, Peter Lebbing wrote:
> On 2016-02-25 15:50, Kristian Fiskerstrand wrote:
>> (in particular in cases where action from yourself is required,
>> default key for signing etc).
>
> I agree. Note that the di
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 02/25/2016 02:38 PM, Peter Lebbing wrote:
> (If this feels like droning on to you, just stop reading and go do
> something fun!)
>
> On 2016-02-25 14:25, Kristian Fiskerstrand wrote:
>> Now, the real question discussed here t
>
> which is the nano. It seems that even killing the gpg-agent and
> inserting the other yubikey doesn't seem to work. Suggestions?
Delete the stubs and do gpg --card-status to learn of the new smartcard
- --
-
Kristian Fiskerstrand
ission
but preimage attack, that is a different story and far more difficult :)
- --
- ----
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
-
Public OpenPGP key at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034
refreshes or by manipulation of the
update channel (e.g. a preference for fetching from non-tls URI rather
than a keyserver).
- --
-
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
-
Public Op
; archiving?
>
> Not that I'm aware of.
Not following this thread too closely, but I expect --show-session-key
and --override-session-key has been discussed.
- --
- ----
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
- ---
have you tried all
> permutations of what you think the passphrase was?"), please let me
> know. :)
Would a reference to nasty[0] or other tools to aid such brute-force
attacks be useful in this context?
Reference:
[0] http://freecode.com/projects/nasty
- --
-
Kr
rotation of several known password
string using separators and number paddings etc so they have been able
to build a good pattern to base it on
- --
- ----
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
-
[Sent from my iPad, as it is not a secured device there are no cryptographic
keys on this device, meaning this message is sent without an OpenPGP signature.
In general you should *not* rely on any information sent over such an unsecure
channel, if you find any information controversial or un-e
36/curve25519-oid-for-encryption
>
>
Fwiw, this patch is now applied to the servers in the keys2.kfwebs.net
cluster and the subkey is listed at
http://keys2.kfwebs.net/pks/lookup?op=vindex&search=0x3AED5886
--
----
Kristian Fiskerstrand
Blog: http://blog.sumptuo
s one.
>
> AFAICS, it's the dirmngr who does the request. Can I reproduce it
> with dirmngr alone, not involving gpg binary?
$ dirmngr
...
OK Dirmngr 2.1.9 at your service
KEYSERVER --clear hkp://pool.sks-keyservers.net
OK
KS_GET 409B6B1796C275462A1703113804BB82D39DC0E3
...
BYE
- --
-
t, even keys2.kfwebs.net (got this one
> from #gnupg).
>
That is very possible, as there is not yet an ID except for
http://www.ietf.org/internet-drafts/draft-koch-eddsa-for-openpgp-01.txt for
curve25519 related keys
--
Kristian Fiskerstrand
Blog: http://blog.su
4 Compression:
> Uncompressed, ZIP, ZLIB
>
> $ gpg2 --keyserver hkp://keys.gnupg.net <http://keys.gnupg.net>
> --recv-key 0x409B6B1796C275462A1703113804BB82D39DC0E3 gpg:
> keyserver receive failed: No keyserver available
What are the known schematas listed for:
$ echo "KEYSERV
time is IPv4 vs IPv6, so pay attention to the address it
is trying to connect to in the output.
--
----
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
uch research, is that the key
can't be requested by username, only by user id. So if anyone were to
want to using it as a keyserver / CA of sorts to establish identity
for a user profile they believe to be genuine, they couldn't do so
from outside of FB.
- --
-
t as a keyserver / CA of sorts to
> establish identity for a user profile they believe to be genuine,
> they couldn't do so from outside of FB.
>
>
>> It works! I found how:
>
>> curl https://www.facebook.com/melvo/publickey/download/
>
Thats great, thank
pg: keyserver receive failed: No route to
> host
Please try the ipv4-only pool hkp://ipv4.pool.sks-keyservers.net
- --
- ----
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
-
Public OpenPGP key 0xE3EDFAE3 at hkp:/
d you update the setup.
- --
- ----
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
-
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
-
"Don'
nown good keys. If you rely solely on the number of
signatures that can easily be constructed, either through generating
new keys or due to the keyservers not doing any cryptographic
verification that the signatures themselves are correct.
... and that is intended behavior ...
- --
-
-expected send a response and request a signed confirmation]
On Jul 29, 2015 4:02 PM, "MFPA" <2014-667rhzu3dc-lists-gro...@riseup.net>
wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Hi
>
>
> On Wednesday 29 July 2015 at 1:47:35 PM, in
> , Kristia
ome of the purpose of this
being an easy to use for senders (while still providing _some_ level
of security).
- --
-
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
-
Public OpenPGP key 0xE3EDFAE3 at h
d on the computer, running a 10 year
old version of Operating System XY with so many trojan horses working
on copying the private key data that they are fighting over the
resources on the computer.
To paraphrase Schneier, security isn't a product it is a process.
- --
- ---
ming this information contains data objects in json
format it will be interpreted by a parser, and raw data from
keyservers anyways shouldn't be trusted directly before validating the
signature (including its subpackets/notations) since no crypto has
been performed at that point.
- --
-
irely sure how it'd work in
practice unless the blockchain itself was decentralized (it can't
function securely if completely local to validation server). iirc this
is what Google is doing with its approach as well[0].
References:
[0] http://www.certificate-transparency.org/
--
-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/27/2015 11:03 AM, Kristian Fiskerstrand wrote:
> On 07/27/2015 10:48 AM, Marko Božiković wrote:
>> On 25/07/2015 13:26, MFPA wrote:
>>> Hi
>
>
> ..
>
>> Ok, but why doesn't it make much sense anymore
toggling between keyrings.
- --
- ----
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
-
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- ---
gt; a card reader.
>
> Removing/inserting YubiKey NEO works fine for me with GnuPG 2.0.x
> from Jessie. Could this be a GnuPG 2.1.x issue? Lance, did this
> work with older GnuPG versions?
>
No issue here at least using Gentoo's gnupg-2.1.5 ebuild with
IUSE:{smartcard,usb
he same name.
Can you try to elaborate on what you're trying to achieve (and for
that matter why what happened so long ago matter to any extent, and
whether it is worthwhile to look into)
- --
- ----
Kristian Fiskerstrand
Blog: htt
that
Seems to be from https://www.gnupg.org/download/release_notes.en.html
- --
- ----
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
-
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3
ere for the archive purpose, but you have
ipv4.pool.sks-keyservers.net that only servers A records (and the
opposite for IPv6 at ipv6.pool.) to use as mitigants if such
situations arise.
- --
- ----
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krif
ail/gnupg-devel/2015-February/029546.html
- --
- ----
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
-
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- --
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/18/2015 10:33 PM, Samir Nassar wrote:
> On Wednesday, March 18, 2015 10:14:53 PM Kristian Fiskerstrand
> wrote:
>> gpg-connect-agent --dirmngr 'KEYSERVER --help' /bye S # Known
>> schemata: S # hkp S # hk
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/18/2015 10:08 PM, Samir Nassar wrote:
> On Wednesday, March 18, 2015 09:21:08 PM Kristian Fiskerstrand
> wrote:
>> 11371 is expected to be for HKP, so requiring this to be TLS is
>> bad practice.
>
...
> gpg: DBG:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/18/2015 09:13 PM, Samir Nassar wrote:
> On Wednesday, March 18, 2015 08:54:47 PM Kristian Fiskerstrand
> wrote:
>> Hmm, I didn't notice that it was a wildcard cert, that should
>> also support holdfast.myriapolis.n
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/18/2015 08:39 PM, Samir Nassar wrote:
> On Wednesday, March 18, 2015 07:28:31 PM Kristian Fiskerstrand
> wrote:
>> Likely related to the PTR issues[0, 1], its already in the
>> roadmap[2]
>
> Thank you Kristian,
&
tp://lists.gnupg.org/pipermail/gnupg-devel/2014-May/028458.html
[2] https://gnupg.org/roadmap.html
- --
- ----
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
-
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-ke
tive compromise, and is a
far better to try to bootstrap a key validity in the absence of a
direct key path.
References:
[0] http://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000362.html
[1] http://permalink.gmane.org/gmane.org.fsf.announce/2278
- --
- ------
ist-options show-uid-validity is the default since GnuPG 2.0.24
- --
-
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
-
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F
ompiled with libgcrypt >= 1.6.0
- --
- ----
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
-
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F
y anyways needs to be verified, the second because the
key anyways needs to be verified.
- --
-
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
-
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/03/2015 04:20 PM, Kristian Fiskerstrand wrote:
> On 03/03/2015 01:50 PM, Hans of Guardian wrote:
>
>> On Feb 27, 2015, at 1:11 PM, Kristian Fiskerstrand wrote:
>
...
>
>>> The standard PGP keyserver pool
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/03/2015 01:50 PM, Hans of Guardian wrote:
>
> On Feb 27, 2015, at 1:11 PM, Kristian Fiskerstrand wrote:
>
> On 02/27/2015 12:43 PM, Hauke Laging wrote:
>>>> Am Fr 27.02.2015, 12:27:40 schrieb gnupgpacker:
>>
-users/2015-March/052931.html
- --
- ----
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
-
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B
time! (and remember to sign each other's
OpenPGP keys) :)
- --
-
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
-
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94C
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/02/2015 12:12 PM, Kristian Fiskerstrand wrote:
> On 03/02/2015 10:16 AM, gnupgpacker wrote:
>> Hello,
Seems I inadvertently sent this message only directly without CCing
the list
>
>
> ..
>
>
>> This proc
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/02/2015 04:50 AM, Chuck Peters wrote:
> Kristian Fiskerstrand said:
>>>>
>>>> You wouldn't need the keyservers to be involved in this at
>>>> all. Anyone could set up such a mail verification CA out
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/02/2015 02:45 AM, Helmut Waitzmann wrote:
> Kristian Fiskerstrand
> writes:
>
>> On 02/27/2015 12:57 PM, Philip Jackson wrote:
>>> On 26/02/15 18:15, Helmut Waitzmann wrote:
>>>> I tried
>>>>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/01/2015 06:08 PM, Kristian Fiskerstrand wrote:
> On 03/01/2015 06:01 PM, Marco Zehe wrote:
>> Hi Kristian,
>
>>> Am 01.03.2015 um 17:54 schrieb Kristian Fiskerstrand
>>> :
>>>
...
> that have
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/01/2015 06:01 PM, Marco Zehe wrote:
> Hi Kristian,
>
>> Am 01.03.2015 um 17:54 schrieb Kristian Fiskerstrand
>> :
>>
>> Since the author's first reaction was closing it WONTFIX I didn't
>>
pts to {S,C}
key, not encryption key, dual usage of same key material for different
purposes... BAD)
- --
-
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
-
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/01/2015 05:45 PM, Marco Zehe wrote:
> Hi Kristian,
>
>> Am 01.03.2015 um 17:36 schrieb Kristian Fiskerstrand
>> :
>>
>> Seriously? Please look at
>> https://bugzilla.mozilla.org/show_bug.cgi?id=790
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/01/2015 05:36 PM, Marco Zehe wrote:
> Hi Kristian,
>
>> Am 01.03.2015 um 16:38 schrieb Kristian Fiskerstrand
>> :
>>
>> You wouldn't need the keyservers to be involved in this at all.
>> Anyone
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/01/2015 04:35 PM, Patrick Brunschwig wrote:
> On 01.03.15 15:58, Kristian Fiskerstrand wrote:
>> On 03/01/2015 03:41 PM, Patrick Brunschwig wrote:
>>> On 27.02.15 20:56, Werner Koch wrote:
>>>> On Fri, 27 Feb 20
ne in its methodology by creating a
signature from their CA on the key. Whether you put any merit to
having such a CA signature or not is left up to the user (excluding
for now the "fun" related to the spammy number of signatures from it)
- --
-
Kristian Fisk
n OpenPGP channel.
This product does not support the HKP protocol, so I'm actually
experimenting with a HKP<->LDAP gateway using OpenLDAP myself.
- --
-
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- ---
at why assume that he doesn't just hack your system?
>
>
_cracking_ the system (I hack my system every day..) would leave
traces, the same would not necessarily be true for DNS poisioning or
BGP hijacking on the network layer.
- --
-
Kristian Fiskerstr
l resonsibility for
> improper use of this device" ;-)
I might use a slightly different wording :) But adding something of
the sort to my TODO list for SKS.
- --
-
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- --
ace for keyserver intro, or would it have to
be added on each individual index page?
- --
-
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
-
Public OpenPGP key 0xE3EDFAE3 at hkp:/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 02/27/2015 07:37 PM, Marco Zehe wrote:
> Hi Kristian,
>
>> Am 27.02.2015 um 17:31 schrieb Kristian Fiskerstrand
>> :
>>
>> On 02/27/2015 05:26 PM, Patrick Brunschwig wrote:
>>> On 27.02.15 13:11, Kristian
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 02/27/2015 05:26 PM, Patrick Brunschwig wrote:
> On 27.02.15 13:11, Kristian Fiskerstrand wrote:
>> On 02/27/2015 12:43 PM, Hauke Laging wrote:
>>> Am Fr 27.02.2015, 12:27:40 schrieb gnupgpacker:
>>
>>>> Maybe
verbose to get more
information about the interaction from the curl helpers, this will be
useful for debugging.
- --
-
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
-
Public OpenPGP key 0xE3EDFAE3
or through probabilistic measures e.g. based on historical
postings on mailing lists over a long time for a project etc).
- --
-
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
-
Public OpenPGP key 0xE3EDFAE
d need are better ways to educate people, and get it into
school earlier, like the algorithm classes in kindergarden in britain
teching kids algos through games (i.e physical games)
- --
-
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
get
more info by increase dirmngr verbosity and looking at its logs.
- --
-
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
-
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 02/10/2015 01:24 PM, Peter Lebbing wrote:
> On 10/02/15 12:52, Kristian Fiskerstrand wrote:
>> No, the signature is still valid:
>>
>
> Why? The key was revoked because it was superseded or has been
> retired, not
gerprint: EFF1 596F 1A68 F708
> 8699 579D 0815 4E55
B2F1 C0D8
... However you have an unknown situation wrt the validity of the key
having issued the signature, you get the additional information and
you need to make your own considerations as to the validity of the key
at the present st
IDN
NTLM
NTLM_WB
TLS-SRP
References:
[0] https://bugs.gentoo.org/show_bug.cgi?id=538852
[1] https://538852.bugs.gentoo.org/attachment.cgi?id=395722
- --
- ----
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
-
Pub
References:
[0] https://gnupg.org/download/mirrors.html
- --
- ----
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
-
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 01/18/2015 06:13 PM, Kristian Fiskerstrand wrote:
> On 11/26/2014 12:27 PM, Werner Koch wrote:
>> Hi,
>
>> I have been asked to forward the CFP below. In case we want to
>> do a GnuPG BoF we should ask whether it is p
101 - 200 of 306 matches
Mail list logo
