> Over the last year Marcus and me discussed ideas on how to make
> encryption easier for non-crypto geeks.
> We prepared a short paper...
Interesting. However, the problem of widening email encryption
practice is not technical, it is motivational.
Broadly speaking, there are those that "have no
Hi Peter,
thanks for your feedback.
On 10/19/2011 09:30 PM, Peter Lebbing wrote:
> However, I think you're not ambitious enough when you opt for using DNS for
> key
> distribution. Yes, the infrastructure and RR types[1] are already there. But
> it
> brings this nasty dependency on the provider
On 10/19/2011 4:54 PM, Peter Lebbing wrote:
> Because in the latter case, I hardly think commonality matters.
As an example:
Three years ago I was thrown into a week-long sink-or-swim course on
malware analysis, taught by an instructor who was a principal scientist
at a company that's a big name
On Wednesday 19 of October 2011 22:10:30 Ingo Klöcker wrote:
> On Wednesday 19 October 2011, Harakiri wrote:
> >
> > Also - inventing just ANOTHER protocol for email encryption that mail
> > clients should implement? Heck, the only protocol available in all
> > major mail clients right now for out
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 19-10-2011 17:54, Peter Lebbing escribió:
> On 19/10/11 22:43, Faramir wrote:
>> Ok, but if the online computer uses Windows, and the offline one
>> uses Linux, then it would be a multiplataform trojan horse...
>> that is not likely to be a commo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 19 October 2011 at 9:49:20 PM, in
, Peter Lebbing wrote:
> By default the STEED system as proposed creates a new
> certificate for every e-mail address. So unless
> manually overridden, there is a one-to-one relation
> between e-
On 10/19/2011 4:43 PM, Faramir wrote:
> Ok, but if the online computer uses Windows, and the offline one
> uses Linux, then it would be a multiplataform trojan horse... that is
> not likely to be a common case.
At this point we're throwing conjecture onto conjecture. If the offline
one happened
On 2011-10-19 22:49, Peter Lebbing wrote:
> On 19/10/11 22:22, Jerome Baum wrote:
>>> It would be awesome if this could be achieved without revealing other
>>> email addresses or UIDs that might happen to map to the same
>>> key/certificate.
>>
>> Hash the UID many times. (Didn't someone propose th
On Wednesday 19 October 2011, Harakiri wrote:
> --- On Mon, 10/17/11, Werner Koch wrote:
> > From: Werner Koch
> > Subject: STEED - Usable end-to-end encryption
> > To: gnupg-de...@gnupg.org
> > Cc: "Marcus Brinkmann" , gnupg-users@gnupg.org
> > Date: Monday, October 17, 2011, 2:11 PM
> > Hi!
> >
On 19/10/11 22:43, Faramir wrote:
> Ok, but if the online computer uses Windows, and the offline one
> uses Linux, then it would be a multiplataform trojan horse... that is
> not likely to be a common case.
Define your threat model... are we talking random trojan infection or a focused
attacker
On 19/10/11 22:22, Jerome Baum wrote:
>> It would be awesome if this could be achieved without revealing other
>> email addresses or UIDs that might happen to map to the same
>> key/certificate.
>
> Hash the UID many times. (Didn't someone propose that a while ago?)
By default the STEED system as
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 18-10-2011 10:07, Peter Lebbing escribió:
...
> A capable enough hacker might infect the USB pendrive while it is
> in your internet-connected PC and that way still gain access to the
> non-connected system.
Ok, but if the online computer uses
>> If you could do something similar for
>> mapping e-mail addresses to certificates
>
> It would be awesome if this could be achieved without revealing other
> email addresses or UIDs that might happen to map to the same
> key/certificate.
Hash the UID many times. (Didn't someone propose that a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 19 October 2011 at 8:30:48 PM, in
, Peter Lebbing wrote:
> If you could do something similar for
> mapping e-mail addresses to certificates
It would be awesome if this could be achieved without revealing other
email addresses or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 19 October 2011 at 7:07:45 PM, in
,
Harakiri wrote:
> Also - inventing just ANOTHER protocol for email
> encryption that mail clients should implement? Heck,
> the only protocol available in all major mail clients
> right now for
On 19/10/11 21:30, Peter Lebbing wrote:
> that is a really major hurdle; probably a too steep one, IMHO.
Given that all normal, literal hurdles are at right angles to the ground, they
are all equally steep. Obviously I meant high :D.
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination
Werner, Marcus,
Thank you for thinking about taking end-to-end e-mail encryption to the next
level. I really like your ideas.
However, I think you're not ambitious enough when you opt for using DNS for key
distribution. Yes, the infrastructure and RR types[1] are already there. But it
brings this
--- On Mon, 10/17/11, Werner Koch wrote:
> From: Werner Koch
> Subject: STEED - Usable end-to-end encryption
> To: gnupg-de...@gnupg.org
> Cc: "Marcus Brinkmann" , gnupg-users@gnupg.org
> Date: Monday, October 17, 2011, 2:11 PM
> Hi!
>
> http://g10code.com/docs/steed-usable-e2ee.pdf
>
> The
Hi,
On 19.10.2011, at 15:11, Tom Ritter wrote:
> Other Security Folks: Absolutely NO javascript cryptography. Zero, none.
well, JavaScript itself is just another programming language and combined with
modern technologies like HTML5 Web Storage there is nowadays technically no
need to implement
Am Mittwoch, 19. Oktober 2011, 16:09:26 schrieb Jerry:
> I have several keys listed as expired. The key is listed as having
> only a public part. All attempts at deleting these keys has failed. How
> do I go about removing them?
It would be helpful to know what you have done and what happened. Hav
I have several keys listed as expired. The key is listed as having
only a public part. All attempts at deleting these keys has failed. How
do I go about removing them?
--
Jerry ✌
gnupg.u...@seibercom.net
___
Gnupg-users mailing list
Gnupg-users@gnupg.o
On 18 October 2011 12:00, Werner Koch wrote:
> On Tue, 18 Oct 2011 16:35, jer...@jeromebaum.com said:
>
>> operations will be the most important part to making that work, and the
>> ISPs don't have to help out there (modulo webmail which isn't even
>> end-point).
>
> Even webmail. It is easy to w
- Original Message -
From: "Werner Koch"
To: "Jerome Baum"
Cc:
Sent: Tuesday, October 18, 2011 7:00 PM
Subject: Re: STEED - Usable end-to-end encryption
On Tue, 18 Oct 2011 16:35, jer...@jeromebaum.com said:
operations will be the most important part to making that work, and the
Hi Folks,
I'm new to this site and I have a prob with the gpg --clearsign option.
My mails to RIPE NCC are signed with my PGP-Key.
This worked well for the last 6 years. Now I have the prob, that the
signature is called bad from the RIPE mailer
I' using:
gpg (GnuPG) 1.4.11 on ubuuntu
the email
24 matches
Mail list logo
