[no subject]
Of the five or so papers that I red, the one entitled "Why Johnny Cant Encrypt" was very good. After I read the paper I did my first implementation of PKI with Thunderbird, Enigmail and Mozilla and Yahoo. I found my self remembering bits and parts of this forum as well as prior experience in setting up PKI infrastructure in a lab. I also began to draw certain references from studying topics such as elliptical encryption and other security related issues. All of us are new in this post 911 cyber environment and the controls are still being implemented to monitor the people that protect our national cyber infrastructure. Accountability seems to increase when the data is encrypted as opposed to plain text. I am examining Finance House applications of PKI to establish identity (not hide it) so that transaction might be verifed with due diligence. This seems to be a certificate issue. If the certificate issuers are issuing certificates with reasonable due diligence then such transactions are reasonable. It is my opinion that certificates issued merely upon sending in a jpeg of your passport are not sufficient due to the capabilities of photo shop and the like. Thus predicating identity upon easily altered JPEGS does not demonstrate reasonable due diligence in order to cross reference to the Specially Designated National List and determine whether the access of the capitol is from Listees. Thank you for your time. Frank Spruill1701 Light StreetBaltimore MD 21230 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Deniability
Sure it is, we practice encryption and the people with lead pipes magically disappear. We don't know why. We just know they do. That is deniability. I dont know what you are talking about. DISCLAIMER: This email and any files transmitted with it may be privileged, confidential, and contain health information that is legally protected. This information is intended only for the use of the individual or entity named above. The authorized recipient of this information is prohibited from disclosing this information to any other party unless permitted to do so by law or regulation. If you are not the intended recipient, you are hereby notified that any use, disclosure, copying, or distribution, is strictly prohibited. If you have received this information in error, please notify the sender immediately and arrange for the return or destruction of these documents. Frank Spruill 1701 Light Street Baltimore MD 21230 --- On Tue, 3/22/11, d...@geer.org wrote: From: d...@geer.org Subject: Re: Deniability To: "Robert J. Hansen" Cc: "gnupg-users@gnupg.org" Date: Tuesday, March 22, 2011, 2:47 PM I don't think anyone was suggesting that adroit use of PGP/GPG is a talisman against those who wield lead pipes and want what they want. Not that there isn't a movie script in that line of thought... --dan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Secure unattended decryption
Are there refernces where such procedures are detailed that I might look at? --- On Fri, 3/19/10, Robert J. Hansen wrote: From: Robert J. Hansen Subject: Re: Secure unattended decryption To: gnupg-users@gnupg.org Date: Friday, March 19, 2010, 5:30 PM On 3/19/2010 4:26 PM, egg...@gmail.com wrote: > Yes, well, changing the AES key on a database (Which may be several > hundred gigabytes) is time consuming. Only if you design your database poorly. This is a solved problem in both database design and filesystem design. -Inline Attachment Follows- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: Backup of private key
Would you define ascii-armored --- On Wed, 11/25/09, Brian O'Kennedy wrote: From: Brian O'Kennedy Subject: Fwd: Backup of private key To: gnupg-users@gnupg.org Date: Wednesday, November 25, 2009, 4:19 PM So this implies that I could safely upload my ascii-armored private key to an email server without fear (assuming of course that my passphrase is secure and large). What symmetric encryption is typically used on the key itself? I'm assuming that this level of encryption is secure enough to not worry about it being broken? Thanks for the tip and welcome :) brian 2009/11/25 Robert J. Hansen Brian O'Kennedy wrote: > This is a complete n00b question, but I still need to get an opinion on > this. We were all new once. :) Welcome to the list! > All of these make sense to me, but aren't compatible with my ability to > lose physical things. So, what would the risks be of me using > symmetrical encryption with a long passphrase to encrypt my private key, > and storing that in an online email account (gmail/yahoo/etc)? If we > consider the symmetric encryption to be (practically) unbreakable, is > this safe? The good news is your private key is already encrypted with a symmetric cipher. The passphrase you type to use your key is really the passphrase needed to decrypt it. If you are sure that no one will ever guess your passphrase, then you could safely publish your private key in the _New York Times_. That would be a really extreme case, but you could do it. -Inline Attachment Follows- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users