On Wed, 23 May 2007 22:01, [EMAIL PROTECTED] said:
> I'm thinking about that, even if I installed, I may never use it.
> I'm used to the binary name "gpg", but not "gpg2". And most
> environments I'm working on are servers, not desktops. I use GnuPG from
1.4.7 is better for servers.
Shal
On Thu, 24 May 2007 10:59:50 +0200
Werner Koch <[EMAIL PROTECTED]> wrote:
> On Wed, 23 May 2007 22:01, [EMAIL PROTECTED] said:
> > I'm thinking about that, even if I installed, I may never use it.
> > I'm used to the binary name "gpg", but not "gpg2". And most
> > environments I'm working on
Hi,
I'm looking at easy way for my email recipients to validate that email sent
from me is actually from me.
I was thinking about some web way, ie: they could copy and paste email body
to verify it.
Is there some secure provider of such service?
Are there maybe better ways to do it?
Thanx
Peter
Securing normal email can be done using either an OpenPGP-compliant
email client and/or one that support S/MIME using X.509 certificates.
Trying to secure webmail is a lot more tedious since you'd need to
prepare the email in a local text-editor, sign it using GnuPG, and
paste the resulting
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 5/24/07, Joseph Oreste Bruni <[EMAIL PROTECTED]> wrote:
> Trying to secure webmail is a lot more tedious since you'd need to
> prepare the email in a local text-editor, sign it using GnuPG, and
> paste the resulting text into your browser. The recip
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
> I'm looking at easy way for my email recipients to validate that
> email sent
> from me is actually from me.
The obvious way is to suggest they use an OpenPGP application, such
as GnuPG or PGP, to verify your signature.
> Is there some secure
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 5/24/07, Hardeep Singh <[EMAIL PROTECTED]> wrote:
> Can you provide more info on this? Can windows users use this with Cygwin or
> something? what is Seahorse?
Seahorse[1] is a password and encryption key manager for the GNOME
desktop. Additionall
On 17.05.2007 16:10, Janusz A. Urbanowicz wrote:
[...]
> When I did similar things the setup was as follows:
>
> * there is one well-guarded organization key (org key)
> * every person involved has a key signed by the org key
> * people keys have designated-revoker set to org key
> * all OpenPGP s
I cannot "force" my recipients to install any PGP software so I was thinking
about creating signature verification form on my website. If someone wanted
to check if the email is really from me, he/she could paste the signed email
part on the form, then the server-side script would verify that.
I'
On Thursday 24 May 2007 01:21, engage wrote:
> I wasn't prompted for a passphrase!
>
> gnupg2-1.9.22-2.2mdv2007.0
> gnupg-1.4.7-0.2mdv2007.0
> kdepim-kmail-3.5.4-12mdv2007.0
That's just a wild guess, but the usual reason for this behavior is that
gpg-agent is not setup correctly. I suggest you re
On Thu, May 24, 2007 at 10:29:11AM -0700, ptr wrote:
>
> I cannot "force" my recipients to install any PGP software so I was thinking
> about creating signature verification form on my website. If someone wanted
> to check if the email is really from me, he/she could paste the signed email
> part
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
engage wrote:
> I wasn't prompted for a passphrase!
Perhaps the message was only ASCII-armored.
- --
Windows NT 5.1.2600 | Thunderbird 2.0.0.0 | Enigmail 0.95.0 | GPG 1.4.7
Key ID: 0x60A78FCB - available on major keyservers and upon request
Fing
Agree with the DNS poisoning, my form would need to be SSL'ed with my private
certificate.
In terms of educating my recipients - yes, it may be tricky, that is
probably the weakest point of my concept, will need to think how to approach
it.
The solution should be both easy for the recipient, but
ptr <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I'm looking at easy way for my email recipients to validate
> that email sent from me is actually from me. I was thinking
> about some web way, ie: they could copy and paste email body
> to verify it. Is there some secure provider of such service?
> Are th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, May 24, 2007 at 11:37:09AM -0700, ptr wrote:
>
> Agree with the DNS poisoning, my form would need to be SSL'ed with my private
> certificate.
>
> In terms of educating my recipients - yes, it may be tricky, that is
> probably the weakest poin
Henry Hertz Hobbit wrote:
As an aside, if you are concerned about DNS cache server
poisoning, then take the IP address and stick it into the
hosts file (make sure hosts come before DNS in the
nsswitch.conf file in nix machines). If nothing else it
stops the chatter happy Zone Alarm firewall fro
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Peter Todd wrote:
> The *only* thing included in the hash is what is between the START
> and END bits, that's it, no headers no nothing. I'm not positive,
> but I belive the MIME based PGP is pretty similar. Of course, this
> means that you can f
On Thursday 24 May 2007 11:54, Ingo Klöcker wrote:
> On Thursday 24 May 2007 01:21, engage wrote:
> > I wasn't prompted for a passphrase!
> >
> > gnupg2-1.9.22-2.2mdv2007.0
> > gnupg-1.4.7-0.2mdv2007.0
> > kdepim-kmail-3.5.4-12mdv2007.0
>
> That's just a wild guess, but the usual reason for this be
18 matches
Mail list logo
