Patrick O'Callaghan wrote:
[please excuse delay in replying. i was waiting for noise level to drop]
> Needham and Schroeder famously said that anyone who thinks his problem will
> be solved by cryptography hasn't understood his problem, and hasn't
> understood cryptography.
i am not familiar w
Misha Shnurapet wrote:
> Am I signing my messages correctly?
>
Yes. It shows as a untrusted good signature.
Mikkel
--
Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!
signature.asc
Description: OpenPGP digital signature
--
fedora-list mailing list
Am I signing my messages correctly?
--
Misha Shnurapet
°v° I ♥ Linux
/(_)\ Download the free operating system here:
^ ^ http://fedoraproject.org
signature.asc
Description: Эта часть сообщения подписана цифровой подписью
--
fedora-list mailing list
fedora-list@redhat.com
To uns
On Tue, Jul 14, 2009 at 18:14:57 -0400,
"Steven W. Orr" wrote:
> -BEGIN PGP SIGNED MESSAGE-
>
> The Enigmail package gets added to Thunderbird and provides the human
> interface to GnuPG. Enigmail does provide a setting on a per addressbook entry
> for whether messages sent TO that add
On Tue, Jul 14, 2009 at 11:17:05 -0400,
David wrote:
>
> My request, it was never a demand in spite of what others have said, was
> to publish the key or not sign to the list. And I used the word 'please'
> twice. Several users have agreed with me. And several users have agree
> with him. Fair
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/14/09 11:17, quoth David:
> On 7/14/2009 8:24 AM, Bruno Wolff III wrote:
>> On Mon, Jul 13, 2009 at 14:04:11 -0400,
>> "Steven W. Orr" wrote:
>>> But what G did was much worse. He insisted on putting a little bomb in his
>>> mail that causes a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 7/14/2009 8:24 AM, Bruno Wolff III wrote:
> On Mon, Jul 13, 2009 at 14:04:11 -0400,
> "Steven W. Orr" wrote:
>>
>> But what G did was much worse. He insisted on putting a little bomb in his
>> mail that causes a number of us to just plain hang fo
On Mon, Jul 13, 2009 at 14:04:11 -0400,
"Steven W. Orr" wrote:
>
> But what G did was much worse. He insisted on putting a little bomb in his
> mail that causes a number of us to just plain hang for periods that are
> measured in minutes, not just once, but for every message that he sends and
>
Bruno Wolff III wrote:
> It was a multipart message. You should be able to override the sender's
> preference and display text/plain in preference to text/html (or just not
> display text/html parts inline).
i do have thunderbird set to 'view as text'.
i was just making light comment of fennix u
Bruno Wolff III wrote:
>
> I wasn't commenting on the list guidelines. I was trying to help someone that
> appeared to be seeing html when he would have preferred to have seen the
> included plain text part. That might be useful for him in general, not just
> on the Fedora lists.
>
LOL - somehow
On Mon, Jul 13, 2009 at 12:17 PM, g wrote:
> Fennix wrote:
>
>> Somehow I am disappointed to see all of this. G does not write often but
>> does so when he does think that it is worth offering a usefull contribution
>
> i thank you for your support. even if it was 'text/html'. :)
>
> i am not awar
On Mon, Jul 13, 2009 at 15:06:57 -0500,
"Mikkel L. Ellertson" wrote:
> Bruno Wolff III wrote:
> >
> > It was a multipart message. You should be able to override the sender's
> > preference and display text/plain in preference to text/html (or just not
> > display text/html parts inline).
> >
>
On Mon, Jul 13, 2009 at 12:37 PM, Mikkel L.
Ellertson wrote:
> Steven W. Orr wrote:
>> On 07/13/09 14:21, quoth Mikkel L. Ellertson:
>>
>>> You know, there is a simple fix to this - someone that has G's
>>> public key could upload it to a keyserver. Now, if someone
>>> wanted to be nasty, they coul
Bruno Wolff III wrote:
>
> It was a multipart message. You should be able to override the sender's
> preference and display text/plain in preference to text/html (or just not
> display text/html parts inline).
>
> That way even though the extra bandwidth is wasted, you at least get to see
> the
On Mon, Jul 13, 2009 at 19:17:48 +,
g wrote:
> Fennix wrote:
>
> > Somehow I am disappointed to see all of this. G does not write often but
> > does so when he does think that it is worth offering a usefull contribution
>
> i thank you for your support. even if it was 'text/html'. :)
It
On Mon, 2009-07-13 at 18:53 +, g wrote:
> if you are still in question as to advantage of pgp sigs, i would be
> happy
> to look for it and post it so that all can see that there are times
> when
> having a pgp sig does work.
Whether it works or not is not the issue. The issue is "what does it
Steven W. Orr wrote:
> On 07/13/09 14:21, quoth Mikkel L. Ellertson:
>
>> You know, there is a simple fix to this - someone that has G's
>> public key could upload it to a keyserver. Now, if someone
>> wanted to be nasty, they could upload a fake public key with his
>> email address. Then if there
Fennix wrote:
> Somehow I am disappointed to see all of this. G does not write often but
> does so when he does think that it is worth offering a usefull contribution
i thank you for your support. even if it was 'text/html'. :)
i am not aware of 'karl', from what you say about him, i appreciate
Patrick O'Callaghan wrote:
> The whole point of PGP-style signatures is the "web of trust". If you
true. tho, if you email someone and they send you their pgp sig, then you
can feel reasonably certain that pgp sig is from them.
> The point of key servers is not to verify anything, it's to make k
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/13/09 14:21, quoth Mikkel L. Ellertson:
> You know, there is a simple fix to this - someone that has G's
> public key could upload it to a keyserver. Now, if someone
> wanted to be nasty, they could upload a fake public key with his
> email addr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 7/13/2009 1:43 PM, Fennix wrote:
>big snip<
> Somehow I am disappointed to see all of this. G does not write often
> but does so when he does think that it is worth offering a usefull
> contribution to a problem at hand. For some to try and to t
Steven W. Orr wrote:
>
> Sometimes people do things on the net that are considered to be minor
> violations of social protocols. This is all a part of being civilized. Posting
> html, top posting, not reducing quoted text, these are all examples of how
> people can get legitimately irritated. Othe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/13/09 13:43, quoth Fennix:
> Somehow I am disappointed to see all of this. G does not write often but
> does so when he does think that it is worth offering a usefull contribution
> to a problem at hand. For some to try and to tar him with the
Aaron Konstam wrote:
> I guess it is a matter of philosophy. I think signing mail to a list is
> a waste of time and space.
>
> On the fedora list what difference does it make if the poster is really
> who he says he is, I could understand if the poster was selling me
> something but any ideas he
Fennix wrote:
> Somehow I am disappointed to see all of this. G does not write often
> but does so when he does think that it is worth offering a usefull
> contribution to a problem at hand. For some to try and to tar him with
> the association/way of doing things such as Karl definitely is in e
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/13/09 13:03, quoth Rick Sewill:
> Steve, when I click on your signature, I can extract your public DSA
> public key, F0BE3724, see that it is verified, because you registered it
> with the pgp servers (Thank you for registering!), but untrusted
On Tue, Jul 14, 2009 at 1:03 AM, Rick Sewill wrote:
> On Mon, 2009-07-13 at 12:22 -0400, Steven W. Orr wrote:
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA1
> >
> > On 07/12/09 19:05, quoth Rick Sewill:
> >
> > > My thought is to pgp sign my mail.
> > >
> > > Those who know me, who have sp
On Mon, 2009-07-13 at 12:22 -0400, Steven W. Orr wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 07/12/09 19:05, quoth Rick Sewill:
>
> > My thought is to pgp sign my mail.
> >
> > Those who know me, who have spoken to me over the phone and have
> > received mail from me, can sav
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/12/09 12:47, quoth Les:
> Hi, Steven,
> The point about the envelope is a good one. It is a point I never
> considered. But g's attitude doesn't make me fond of signing, in fact
> it does more to discourage users of messaging services to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/12/09 19:05, quoth Rick Sewill:
> My thought is to pgp sign my mail.
>
> Those who know me, who have spoken to me over the phone and have
> received mail from me, can save my signature from my mail and know the
> mail, and any future mail with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/12/09 09:49, quoth Aaron Konstam:
> I guess it is a matter of philosophy. I think signing mail to a list is
> a waste of time and space.
>
> On the fedora list what difference does it make if the poster is really
> who he says he is, I could und
On Sun, 2009-07-12 at 09:47 -0700, Les wrote:
> One might make it more robust and not pass on unregistered
> emails, nor those that do not pass verification (whatever that may end
> up being).
>
> But that would be the end of spammers as they would have to
> register, and be verifi
On Sun, 2009-07-12 at 09:47 -0700, Les wrote:
> On Sat, 2009-07-11 at 18:38 -0400, Steven W. Orr wrote:
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA1
> >
> > On 07/11/09 18:05, quoth David:
> \
> > If I may, I'd like to amplify on "G"'s lack of Netiquette. I am also using
> > Thunderbird w
Les wrote:
> Hi, Steven,
> The point about the envelope is a good one. It is a point I never
> considered. But g's attitude doesn't make me fond of signing, in fact
> it does more to discourage users of messaging services to not use PGP or
> SMIME to sign messages. His actions slow access,
On Sat, 2009-07-11 at 18:38 -0400, Steven W. Orr wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 07/11/09 18:05, quoth David:
\
> If I may, I'd like to amplify on "G"'s lack of Netiquette. I am also using
> Thunderbird with the Enigmail plugin. I too have my system set up for
> "Au
On Friday 10 July 2009 05:47:52 pm Mikkel L. Ellertson wrote:
> g wrote:
> > one of reasons that i use a pgp sig is that it maintains my idenity and
> > prevents someone from trying to send an email as me, which has happened
> > on this very list.
>
> How does it maintain your identity when we can
I guess it is a matter of philosophy. I think signing mail to a list is
a waste of time and space.
On the fedora list what difference does it make if the poster is really
who he says he is, I could understand if the poster was selling me
something but any ideas he or she sells are either valid and
On 7/11/2009 10:10 PM, Gene Heskett wrote:
> On Saturday 11 July 2009, David wrote:
>> On 7/11/2009 6:15 PM, Mikkel L. Ellertson wrote:
>>> David wrote:
My email client, Thunderbird, goes out and searches for his 'not made
public as it should be' public Key each and every post. Which take
On 7/11/2009 9:31 PM, Steven W. Orr wrote:
> On 07/11/09 21:14, quoth David:
>
>> I already have your public key sir! :-)
>
>
> And if we ever meet then we could sign each others keys.
You and I, properly identified, sure. It would be my pleasure.
>> I do not, as a practice, sign emails to
On Saturday 11 July 2009, David wrote:
>On 7/11/2009 6:15 PM, Mikkel L. Ellertson wrote:
>> David wrote:
>>> My email client, Thunderbird, goes out and searches for his 'not made
>>> public as it should be' public Key each and every post. Which takes,
>>> depends on the various Keyservers, 20 +- se
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/11/09 21:14, quoth David:
> I already have your public key sir! :-)
>
And if we ever meet then we could sign each others keys.
> I do not, as a practice, sign emails to mail lists. Nor do I add long
> 'signatures' to anything.
Consistency h
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/11/09 21:14, quoth David:
> I already have your public key sir! :-)
>
And if we ever meet then we could sign each others keys.
> I do not, as a practice, sign emails to mail lists. Nor do I add long
> 'signatures' to anything.
Consistency h
On 7/11/2009 6:15 PM, Mikkel L. Ellertson wrote:
> David wrote:
>> My email client, Thunderbird, goes out and searches for his 'not made
>> public as it should be' public Key each and every post. Which takes,
>> depends on the various Keyservers, 20 +- seconds *each* Kerserver for
>> *each* post. T
On 7/11/2009 6:38 PM, Steven W. Orr wrote:
> On 07/11/09 18:05, quoth David:
>> My email client, Thunderbird, goes out and searches for his 'not made
>> public as it should be' public Key each and every post. Which takes,
>> depends on the various Keyservers, 20 +- seconds *each* Kerserver for
>> *
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/11/09 18:05, quoth David:
> My email client, Thunderbird, goes out and searches for his 'not made
> public as it should be' public Key each and every post. Which takes,
> depends on the various Keyservers, 20 +- seconds *each* Kerserver for
> *ea
David wrote:
>
> My email client, Thunderbird, goes out and searches for his 'not made
> public as it should be' public Key each and every post. Which takes,
> depends on the various Keyservers, 20 +- seconds *each* Kerserver for
> *each* post. Two in one thread? Does it twice. Three? Does it thre
On 7/11/2009 4:45 PM, Aaron Konstam wrote:
> On Sat, 2009-07-11 at 12:05 -0400, David wrote:
>> On 7/10/2009 11:34 PM, Steven W. Orr wrote:
>>> On 07/10/09 18:47, quoth Mikkel L. Ellertson:
David, one way to solve the problem is to write a filter rule that
sends g's messages directly to t
On Sat, 2009-07-11 at 12:05 -0400, David wrote:
> On 7/10/2009 11:34 PM, Steven W. Orr wrote:
> > On 07/10/09 18:47, quoth Mikkel L. Ellertson:
> >> David, one way to solve the problem is to write a filter rule that
> >> sends g's messages directly to trash.
> >
> > New entry in my access file
> >
On 7/10/2009 11:34 PM, Steven W. Orr wrote:
> On 07/10/09 18:47, quoth Mikkel L. Ellertson:
>> David, one way to solve the problem is to write a filter rule that
>> sends g's messages directly to trash.
>
> New entry in my access file
> From:gel...@bellsouth.net REJECT 553 PGP signing with n
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/10/09 23:34, quoth Steven W. Orr:
> On 07/10/09 18:47, quoth Mikkel L. Ellertson:
>> David, one way to solve the problem is to write a filter rule that
>> sends g's messages directly to trash.
>
> New entry in my access file
> From:gel...@bellso
On Sat, 2009-07-11 at 00:49 +, g wrote:
> another reason, at least as i was told, key servers do not verify who
> submits a key is actual owner of address.
The whole point of PGP-style signatures is the "web of trust". If you
don't get someone's public key directly from them (e.g. at a key-sig
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/10/09 18:47, quoth Mikkel L. Ellertson:
> David, one way to solve the problem is to write a filter rule that
> sends g's messages directly to trash.
New entry in my access file
From:gel...@bellsouth.net REJECT 553 PGP signing with no publi
Todd Zullinger wrote:
> This sub-thread needs to stop now. If all there is to say in a reply
> is name-calling, it does not belong on fedora-list. Please respect
> the many thousands of other list members.
i agree about name-calling, but to say that one is 'bitching' is not same
as saying one i
g wrote:
[big snip]
This sub-thread needs to stop now. If all there is to say in a reply
is name-calling, it does not belong on fedora-list. Please respect
the many thousands of other list members.
--
ToddOpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~
Bruno Wolff III wrote:
> Because the messages are signed with the same key. So whoever is creating
> the signed messages has access to the private key. Key servers don't add a lot
> of assurance on top of this. And they add a risk that it tells other parties
> who you are communicating with.
than
Bruno Wolff III wrote:
> On Fri, Jul 10, 2009 at 17:47:52 -0500,
> "Mikkel L. Ellertson" wrote:
>> How does it maintain your identity when we can not verify that you
>> signed the message. Without having your public key, all we know is
>> that someone signed the message. So, your signing your me
Mikkel L. Ellertson wrote:
> How does it maintain your identity when we can not verify that you
> signed the message.
as i told david, ask.
> David, one way to solve the problem is to write a filter rule that
> sends g's messages directly to trash.
i wish he would.
seems david is having menstr
On Fri, Jul 10, 2009 at 17:47:52 -0500,
"Mikkel L. Ellertson" wrote:
> How does it maintain your identity when we can not verify that you
> signed the message. Without having your public key, all we know is
> that someone signed the message. So, your signing your messages sent
> to the mailing l
g wrote:
>
> one of reasons that i use a pgp sig is that it maintains my idenity and
> prevents someone from trying to send an email as me, which has happened
> on this very list.
>
How does it maintain your identity when we can not verify that you
signed the message. Without having your public k
On Sun, Jun 1, 2008 at 5:30 PM, Patrick O'Callaghan
<[EMAIL PROTECTED]> wrote:
> On Sun, 2008-06-01 at 14:32 -0500, Mikkel L. Ellertson wrote:
>> Even if you are using it for security purposes, you should not need
>> to protect the public keys.
>
> Probably not what you meant, but just to be absolu
On Sun, 2008-06-01 at 14:32 -0500, Mikkel L. Ellertson wrote:
> Even if you are using it for security purposes, you should not need
> to protect the public keys.
Probably not what you meant, but just to be absolutely clear: you *do*
need to protect public keys against modification (not against re
Les wrote:
From the last two posts, I gather that the encryption comment was
specifically directed toward the PGP signatures... DUUHHH! I should have
read the subject. I was responding in regards to encryption for
security purposes. Please
disregard my previous post.
Even if you are using it
> them.
> > i.e. If keys didn't contain addresses, just unique IDs.
>
> The whole crux of the problem isn't exposing the (public) keys, it's
> reliably associating a public key with an identity.
>
>From the last two posts, I gather that the encryption co
On Sun, 2008-06-01 at 17:12 +0930, Tim wrote:
> > Simply put, one could create a keylist, publish it someplace secure
> > with limited access and limited time availability, communicate to
> the
> > designated individual where and when, and the designated individual
> > could use something like VPN
On Sat, 2008-05-31 at 10:59 -0700, Les wrote:
> Simply put, one could create a keylist, publish it someplace secure
> with limited access and limited time availability, communicate to the
> designated individual where and when, and the designated individual
> could use something like VPN to pick up
On Sat, 2008-05-31 at 10:59 -0700, Les wrote:
> The truly hard part of any secure system is the user understanding of
> how security applies to the actual information and the keys. And that
> is the most difficult part of all, but I wouldn't call it confusing,
> just really detail oriented.
The e
On Fri, 2008-05-30 at 11:46 -0430, Patrick O'Callaghan wrote:
> On Fri, 2008-05-30 at 13:04 +0930, Tim wrote:
> > On Thu, 2008-05-29 at 15:23 -0500, Aaron Konstam wrote:
> > > Let me share that to me the whole discussion of PGP signatures was
> > > very unenlighte
Tim wrote:
On Fri, 2008-05-30 at 11:46 -0430, Patrick O'Callaghan wrote:
It's a basic fact of life that crypto software is complicated for
users, and there appear to be fairly fundamental reasons why this is
so (see "Why Johnny Can't Encrypt", an interesting paper by a group of
Stanford research
Tim wrote:
> It would have helped if Evolution, for instance, allowed you to set
> an option in the address book to always encrypt for this person,
> rather than requiring the user to do an encrypt action choice for
> every email. I've had that option in other clients. That'd help
> against accid
On Fri, 2008-05-30 at 11:46 -0430, Patrick O'Callaghan wrote:
> It's a basic fact of life that crypto software is complicated for
> users, and there appear to be fairly fundamental reasons why this is
> so (see "Why Johnny Can't Encrypt", an interesting paper by a group of
> Stanford researchers fr
On Fri, 2008-05-30 at 13:04 +0930, Tim wrote:
> On Thu, 2008-05-29 at 15:23 -0500, Aaron Konstam wrote:
> > Let me share that to me the whole discussion of PGP signatures was
> > very unenlightening. I have no idea how to sign e-mail or validate a
> > pgp signed e-mail All the
On Friday 30 May 2008 04:34:41 Tim wrote:
> On Thu, 2008-05-29 at 15:23 -0500, Aaron Konstam wrote:
> > Let me share that to me the whole discussion of PGP signatures was
> > very unenlightening. I have no idea how to sign e-mail or validate a
> > pgp signed e-mail All the di
On Thu, 2008-05-29 at 15:23 -0500, Aaron Konstam wrote:
> Let me share that to me the whole discussion of PGP signatures was
> very unenlightening. I have no idea how to sign e-mail or validate a
> pgp signed e-mail All the discussion seemed to me to be aimed at
> people who knew al
Tim wrote:
> On Wed, 2008-05-28 at 16:29 +0100, Bill Crawford wrote:
> > What do you do if you encounter a key that's signed by both someone
> > you trust personally, *and* someone you don't trust?
>
> I suppose that would depend on whether that was: You didn't know
> whether to trust them, or you
On Thu, 2008-05-29 at 15:54 -0500, Mikkel L. Ellertson wrote:
> Aaron Konstam wrote:
> > On Thu, 2008-05-29 at 11:07 -0500, Mikkel L. Ellertson wrote:
> >> Aaron Konstam wrote:
> >>> On Wed, 2008-05-28 at 16:48 -0500, Mikkel L. Ellertson wrote:
> gpg --list-keys 1E1C9C17
> >>> This does not wo
t would work. I am using: keyserver
> hkp://wwwkeys.us.pgp.net
Yes, hkp://subkeys.pgp.net works, it's what I have in my gpg config
and what was the default for a while. With gnupg-1.4.9, the default
changed to hkp://keys.gnupg.net.
>> Let me share that to me the whole discussi
://wwwkeys.us.pgp.net
Let me share that to me the whole discussion of PGP signatures was very
unenlightening. I have no idea how to sign e-mail or validate a pgp
signed e-mail All the discussion seemed to me to be aimed at people who
knew all about this.
Before anyone gets offended let me admit you
eys.pgp.net/
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
Let me share that to me the whole discussion of PGP signatures was very
unenlightening. I have no idea how to sign e-mail or validate a pgp
signed e-mail All the discussion seemed to me to be aimed at people who
knew all ab
Aaron Konstam wrote:
On Wed, 2008-05-28 at 16:48 -0500, Mikkel L. Ellertson wrote:
gpg --list-keys 1E1C9C17
This does not work for me.
Do you have her key in your key ring? If not, you have to run
gpg --recv-keys 1E1C9C17
first.
Mikkel
--
Do not meddle in the affairs of dragons,
for thou
On Wed, 2008-05-28 at 16:48 -0500, Mikkel L. Ellertson wrote:
> gpg --list-keys 1E1C9C17
This does not work for me.
--
===
genealogy, n.: An account of one's descent from an ancestor who did not
particularly care to trace his own.
On Thursday 29 May 2008 02:08, Tim wrote:
> On Wed, 2008-05-28 at 17:49 +0100, Anne Wilson wrote:
> > It is important, though, to maintain the web-of-trust. It does have
> > legal implications, and that's why local signing is an option. I use
> > encryption for correspondence with one person, and
On Wed, 2008-05-28 at 16:29 +0100, Bill Crawford wrote:
> What do you do if you encounter a key that's signed by both someone
> you trust personally, *and* someone you don't trust?
I suppose that would depend on whether that was: You didn't know
whether to trust them, or you distrusted them.
--
Patrick O'Callaghan wrote:
> Slightly OT, but what the hell: we should realize that trusting keys
> isn't the same as trusting people. Trust as applied to PGP/GPG keys
> means "I believe this key belongs to this person (e.g. because the
> person physically gave me the public key and demonstrated th
On Thu, 2008-05-29 at 10:38 +0930, Tim wrote:
> On Wed, 2008-05-28 at 17:49 +0100, Anne Wilson wrote:
> > It is important, though, to maintain the web-of-trust. It does have
> > legal implications, and that's why local signing is an option. I use
> > encryption for correspondence with one person,
On Wed, 2008-05-28 at 17:49 +0100, Anne Wilson wrote:
> It is important, though, to maintain the web-of-trust. It does have
> legal implications, and that's why local signing is an option. I use
> encryption for correspondence with one person, and for that I have to
> use ultimate trust, yet I've
On Wed, 2008-05-28 at 21:45 +0100, Anne Wilson wrote:
> On Wednesday 28 May 2008 20:26:19 Patrick O'Callaghan wrote:
> > On Wed, 2008-05-28 at 17:49 +0100, Anne Wilson wrote:
> > > On Wednesday 28 May 2008 17:11:07 Mikkel L. Ellertson wrote:
> > > > Tim wrote:
> > > > > Patrick O'Callaghan:
> > > >
Todd Zullinger wrote:
Patrick wrote:
[EMAIL PROTECTED] ~]$ gpg --list-keys 1E1C9C17
gpg: error reading key: public key not found
Got these keyservers enabled in .gnupg/gpg.conf
keyserver hkp://keys.gnupg.net
keyserver hkp://subkeys.pgp.net
keyserver ldap://keyserver.pgp.com
You'd need to fet
On Wednesday 28 May 2008 20:26:19 Patrick O'Callaghan wrote:
> On Wed, 2008-05-28 at 17:49 +0100, Anne Wilson wrote:
> > On Wednesday 28 May 2008 17:11:07 Mikkel L. Ellertson wrote:
> > > Tim wrote:
> > > > Patrick O'Callaghan:
> > > >>> gpg --sign-key
> > > >
> > > > Bill Crawford:
> > > >> --lsi
On Wed, 2008-05-28 at 13:06 -0400, Todd Zullinger wrote:
> Patrick O'Callaghan wrote:
> > On Wed, 2008-05-28 at 08:04 -0500, Aaron Konstam wrote:
> >> Ok, I agree with your analysis. It can't be ruled as invalid if had
> >> not been retrieved. But I am ignorant. I do not know how to do the
> >> sig
Patrick wrote:
> [EMAIL PROTECTED] ~]$ gpg --list-keys 1E1C9C17
> gpg: error reading key: public key not found
>
> Got these keyservers enabled in .gnupg/gpg.conf
>
> keyserver hkp://keys.gnupg.net
> keyserver hkp://subkeys.pgp.net
> keyserver ldap://keyserver.pgp.com
You'd need to fetch the key
On Wed, 2008-05-28 at 17:49 +0100, Anne Wilson wrote:
> On Wednesday 28 May 2008 17:11:07 Mikkel L. Ellertson wrote:
> > Tim wrote:
> > > Patrick O'Callaghan:
> > >>> gpg --sign-key
> > >
> > > Bill Crawford:
> > >> --lsign-key, please, unless you have met the person and seen their
> > >> passport
On Wednesday 28 May 2008 19:54:50 Patrick wrote:
> On Wed, 2008-05-28 at 18:01 +0100, Anne Wilson wrote:
> [snip]
>
> > gpg --list-keys 1E1C9C17
> >
> > shows all the identities that my key can be used for.
>
> [EMAIL PROTECTED] ~]$ gpg --list-keys 1E1C9C17
> gpg: error reading key: public key not
On Wed, 2008-05-28 at 18:01 +0100, Anne Wilson wrote:
[snip]
> gpg --list-keys 1E1C9C17
>
> shows all the identities that my key can be used for.
[EMAIL PROTECTED] ~]$ gpg --list-keys 1E1C9C17
gpg: error reading key: public key not found
Got these keyservers enabled in .gnupg/gpg.conf
keyserver
Patrick O'Callaghan wrote:
> On Wed, 2008-05-28 at 08:04 -0500, Aaron Konstam wrote:
>> Ok, I agree with your analysis. It can't be ruled as invalid if had
>> not been retrieved. But I am ignorant. I do not know how to do the
>> signing
>
> gpg --sign-key
Bzzt! Don't do that. Not unless you ha
On Wednesday 28 May 2008 17:07:59 Mikkel L. Ellertson wrote:
> Bill Crawford wrote:
> > 2008/5/28 Mike Chambers <[EMAIL PROTECTED]>:
> >> What is mean by "name"? Guess I am clueless to gpg and don't know my
> >> way around it (viewing man gpg at the moment) and nto sure what to do
> >> for example
On Wednesday 28 May 2008 17:11:07 Mikkel L. Ellertson wrote:
> Tim wrote:
> > Patrick O'Callaghan:
> >>> gpg --sign-key
> >
> > Bill Crawford:
> >> --lsign-key, please, unless you have met the person and seen their
> >> passport.
> >
> > A good idea, but could you tell a forged passport apart from
Tim wrote:
Patrick O'Callaghan:
gpg --sign-key
Bill Crawford:
--lsign-key, please, unless you have met the person and seen their passport.
A good idea, but could you tell a forged passport apart from a real one?
I'm sure that I couldn't. Likewise for other forms of ID, I couldn't
tell a r
Bill Crawford wrote:
2008/5/28 Mike Chambers <[EMAIL PROTECTED]>:
What is mean by "name"? Guess I am clueless to gpg and don't know my
way around it (viewing man gpg at the moment) and nto sure what to do
for example, when like someone's signature says invalid from evo on an
email to the list?
2008/5/28 Tim <[EMAIL PROTECTED]>:
> Though I seriously doubt that most of use would be using gpg in a way
> that required such a level of personal identify assurance.
While that may be true, it's not really polite to pollute the "web of
trust" with "possibly dubious" signatures (I'm not for a mo
On Wed, 2008-05-28 at 09:42 -0500, Mike Chambers wrote:
> What is mean by "name"? Guess I am clueless to gpg and don't know my
> way around it (viewing man gpg at the moment) and nto sure what to do
> for example, when like someone's signature says invalid from evo on an
> email to the list?
The
1 - 100 of 119 matches
Mail list logo
