On Mon, 17 Oct 2011 20:25, jer...@jeromebaum.com said:
> Skimmed over this. You say that you need ISP support to get the system
> adopted (for the DNS-based distribution). Wouldn't that hinder adoption?
Please look at how most people use mail: They get a mail address from
their ISP, a preinstalle
On 10/17/2011 6:07 PM, Jerome Baum wrote:
>>> So enabling _Enigmail_'s "Send 'OpenPGP' header" option is difficult now?
>
> The emphasis was clearly on "Enigmail", not on whether it's difficult or
> not.
And the answer to your question is obviously, "Yes."
> If you hadn't misquoted me you might
On 10/17/2011 14:44, Jerome Baum wrote:
>> Your private key being stolen isn't really that big of a deal. If you
>> have a very strong passphrase, possessing your private key gives an
>> attacker almost no leverage. With a strong passphrase, the average
>> attacker isn't going to be able to break
On 10/17/11 5:18 PM, takethe...@gmx.de wrote:
> Hi everybody,
>
> what is the best way to protect
> your private key from getting stolen?
Page 29 (http://www.gnupg.org/gph/en/manual.html#AEN513) of the Gnu
Privacy Handbook (http://www.gnupg.org/gph/en/manual.html)recommends a
strong passphrase t
On Mon, Oct 17, 2011 at 08:25:04PM +0200, Jerome Baum wrote:
> How about an opportunistic approach? This email should include the
> following header:
>
> OpenPGP: id=C58C753A;
> url=https://jeromebaum.com/pgp
>
> The MUA could recognize a header like this one and remember that there's
> a cer
> Your private key being stolen isn't really that big of a deal. If you
> have a very strong passphrase, possessing your private key gives an
> attacker almost no leverage. With a strong passphrase, the average
> attacker isn't going to be able to break your key on modern hardware
> and anyone who
On 12 October 2011 16:44, Vortran66 wrote:
> I realize now that changing the cache values involves a little more than
> changing a few values and that I am probably in
>
way over my head.
Open a terminal and type "man gpg-agent". Make a note of any ttl values you
want to set, eg:
--def
On Mon, Oct 17, 2011 at 4:18 PM, wrote:
>
> what is the best way to protect
> your private key from getting stolen?
Your private key being stolen isn't really that big of a deal. If you
have a very strong passphrase, possessing your private key gives an
attacker almost no leverage. With a stron
On Mon, Oct 17, 2011 at 4:44 PM, Jerome Baum wrote:
>> Your private key being stolen isn't really that big of a deal. If you
>> have a very strong passphrase, possessing your private key gives an
>> attacker almost no leverage. With a strong passphrase, the average
>> attacker isn't going to be a
On Mon, Oct 17, 2011 at 4:44 PM, Jerome Baum wrote:
>> Your private key being stolen isn't really that big of a deal. If you
>> have a very strong passphrase, possessing your private key gives an
>> attacker almost no leverage. With a strong passphrase, the average
>> attacker isn't going to be a
On 2011-10-17 23:59, Robert J. Hansen wrote:
> On 10/17/11 5:21 PM, Jerome Baum wrote:
>> So enabling _Enigmail_'s "Send 'OpenPGP' header" option is difficult now?
>
> [long rant about Enigmail]
The emphasis was clearly on "Enigmail", not on whether it's difficult or
not. If you hadn't misquoted
On 10/17/11 5:21 PM, Jerome Baum wrote:
> So enabling _Enigmail_'s "Send 'OpenPGP' header" option is difficult now?
Unquestionably, indubitably, beyond doubt, *yes*. You are assuming a
level of computer literacy that is beyond 95% of the computing public.
Remember, under 10% of the computing publ
> http://windowslivehelp.com/solution.aspx?solutionid=a485233f-206d-491e-941b-118e45a7cf1b
Wow, since 2009 (I haven't checked back in a while -- stay clear of
strange hosts like hotmail).
I think the point still stands though. I don't think email providers are
the right place to look for end-to-e
On 10/17/11 5:18 PM, takethe...@gmx.de wrote:
> what is the best way to protect your private key from getting
> stolen?
Smartcard and a good PIN. That's pretty much the gold standard. It's
not the best way (there is no 'best way'), but it's generally an
excellent place to start from.
> 1. Using
On Mon, 17 Oct 2011 20:25:04 +0200
Jerome Baum articulated:
> Skimmed over this. You say that you need ISP support to get the system
> adopted (for the DNS-based distribution). Wouldn't that hinder
> adoption? hotmail and the like still don't support POP3 or IMAP in a
> standard account, and they
Hi everybody,
what is the best way to protect
your private key from getting stolen?
I think:
1. Using gnupg on a windows PC with internet connection is not good, because
there are too many trojans out there.
2. Using gnupg on a linux PC with internet connection (like privatix, see
http://ww
On 2011-10-17 23:00, Ben McGinnes wrote:
> On 18/10/11 7:32 AM, Aaron Toponce wrote:
>>
>> I like the idea, but how are you setting the header? I see you're
>> using Thunderbird, and I don't believe that setting that header is
>> part of Enigmail. Further, it appears your mail isn't signed. Just
>>
On 18/10/11 7:32 AM, Aaron Toponce wrote:
>
> I like the idea, but how are you setting the header? I see you're
> using Thunderbird, and I don't believe that setting that header is
> part of Enigmail. Further, it appears your mail isn't signed. Just
> curious.
No, but it is part of Thunderbird:
> http://g10code.com/docs/steed-usable-e2ee.pdf
Skimmed over this. You say that you need ISP support to get the system
adopted (for the DNS-based distribution). Wouldn't that hinder adoption?
hotmail and the like still don't support POP3 or IMAP in a standard
account, and they are still popular
Hi!
Over the last year Marcus and me discussed ideas on how to make
encryption easier for non-crypto geeks. We explained our plans to
several people and finally decided to start a project to develop such a
system. Obviously it is based on GnuPG but this is only one component
of the whole system.
On Mon, Oct 17, 2011 at 7:51 AM, sweepslate wrote:
> The end goal is to encrypt a volume of around 100GB of personal files that
> I'll be carrying arround with me in a portable drive.
I like GnuPG as much as the next guy around here, but is there a
reason you want to use GPG instead of a tool des
Am Montag, 17. Oktober 2011, 13:51:03 schrieb sweepslate:
> The end goal is to encrypt a volume of around 100GB of personal files
> that I'll be carrying arround with me in a portable drive.
> The key point is doing the encryption of 14000 files in a
> non-interactive way.
echo fubar | gpg --symm
On 10/17/2011 7:51 AM, sweepslate wrote:
> I wanted to use something larger than a passphrase so I wondered if I
> can use a key. But on a second thought, I could use a SHA512SUM as a
> passphrase, which is 128 bytes in length. That makes it 1024 bits;
> correct? It's like a small key. I could use
The end goal is to encrypt a volume of around 100GB of personal files
that I'll be carrying arround with me in a portable drive.
It's around 14000 files, so I can't possibly encrypt them one-by-one
interactively! Doing a tarball is going to be time-consuming, space
consuming [1], and cumbersom
On 10/16/2011 9:31 PM, Vortran66 wrote:
> Thank you very much. Looks like alter agent will not work with Snow
> Leopard.
It will, actually: all I have to do is recompile it for Snow Leopard.
There's nothing in there that's Lion-specific. I'll see about making a
new build within the next couple o
Mr. Hansen:
Thank you very much. Looks like alter agent will not work with Snow
Leopard. As soon as I upgrade to Lion I will give it a try. Thanks for
helping out a novice!
Bill
Robert J. Hansen-3 wrote:
>
> On 10/12/11 11:44 AM, Vortran66 wrote:
>> Thanks for all your effort. I realize
On Sun, 16 Oct 2011 02:51, mwink...@compass-analytics.com said:
> * GPG 1.1.4
Do you mean GnuPG 1.4.11 or GPGME 1.1.4? The latter is quite old and
the NEWS file shows that 1.1.5 and 1.1.6 both had fixes for Windows.
The current version is 1.3.0; a binary for Windows of that versions (or
On 17/10/11 01:37, Doug Barton wrote:
On 10/16/2011 14:37, sweepslate wrote:
It's sort of hard to understand what you're trying to accomplish,
can you give us more details?
To me, it is perfectly obvious what the OP is trying to accomplish:
perform the encryption by supplying the cryptographic
28 matches
Mail list logo