On 21/01/12 23:01, Robert J. Hansen wrote:
Then they're signing it with *their* certificate, backed up by
credentials that you yourself checked. How is this a problem?
While I generally agree with you on the rest of your mail, this is not
necessarily the case. You met them at a keysigning
Hi Aaron, gnupg users,
* Aaron Toponce aaron.topo...@gmail.com [21. Jan. 2012]:
On Sat, Jan 21, 2012 at 10:50:11PM +0100, Gregor Zattler wrote:
IMHO by signing a key you make a statement about the connection
between a person or owner and the user id you sign, saying I
somehow convinced myself
On 22/01/12 02:49, Aaron Toponce wrote:
Yes. That's all I'm after. I think the militant I _absolutely_ won't sign
any keys unless I verify their identification, face-to-face attitude is
hindering adoption. There must be a way to build the WOT, while still
allowing people to sign keys without
Greetings everyone!
As I understand, such asymmetric ciphers as RSA and/or ElGamal requires
strong padding applied before message is encrypted. Message is of
course the one-time session key, used to encipher the actual data.
There are different versions of PKCS#1, NESSIE, OAEP and other schemes
Hello list,
I intend to use gpg only for receiving encrypted e-mail, not signing my
outgoing e-mail. Because I don't want my name or e-mail address out there on
the keyservers, I want do create a key without a uid. People who want to send
me e-mail, get my e-mail address and keyID/fingerprint
Hello gnupg-users,
I intend to use gpg only for receiving encrypted e-mail, not signing my
outgoing e-mail. Because I don't want my name or e-mail address out there on
the keyservers, I want do create a key without a uid. People who want to send
me e-mail, get my e-mail address and
Mega sorry for the triple post.
H
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Hello gnupg-users,
I intend to use gpg only for receiving encrypted e-mail, not signing my
outgoing e-mail. Because I don't want my name or e-mail address out there on
the keyservers, I want do create a key without a uid. People who want to send
me e-mail, get my e-mail address and
On 1/22/2012 11:59 AM, Holger wrote:
Will this work or did I miss something?
The OpenPGP spec (RFC4880) says that a transferable public key (one that
can be shared, basically) is required to have one or more user IDs
attached (RFC4880 section 11.1). If you don't have a user ID on your
On Sun, Jan 22, 2012 at 07:48:28PM +0400, Sergey Matveev wrote:
As I understand, such asymmetric ciphers as RSA and/or ElGamal requires
strong padding applied before message is encrypted. Message is of
course the one-time session key, used to encipher the actual data.
To use them correctly and
- User brian m. carlson on 2012-01-22 18:54:22 wrote:
GnuPG uses PKCS #1 v1.5. This is specified in RFC 4880.
You cannot choose a different padding scheme and remain in compliance
with the OpenPGP standard.
Ah! I see. Thank you! Now I understand.
If the standard allowed different padding
On Jan 22, 2012, at 1:05 PM, Holger wrote:
Hello gnupg-users,
I intend to use gpg only for receiving encrypted e-mail, not signing my
outgoing e-mail. Because I don't want my name or e-mail address out there on
the keyservers, I want do create a key without a uid. People who want to send
On 01/22/2012 10:05, Holger wrote:
Hello gnupg-users,
I intend to use gpg only for receiving encrypted e-mail, not signing
my outgoing e-mail. Because I don't want my name or e-mail address
out there on the keyservers,
Why not?
I want do create a key without a uid.
People who want to
On Sun, Jan 22, 2012 at 11:29:54PM +0400, Sergey Matveev wrote:
If the standard allowed different padding schemes, then all
implementations would have to support multiple padding schemes, which
would be burdensome without providing significantly more security.
Hmm, I see. However does it
2012-01-22T16:11:14-08:00, Doug Barton:
On 01/22/2012 10:05, Holger wrote:
I intend to use gpg only for receiving encrypted e-mail, not signing
my outgoing e-mail. Because I don't want my name or e-mail address
out there on the keyservers,
Why not?
One reason is spam, though we haven't
Holger wrote:
2012-01-22T16:11:14-08:00, Doug Barton:
On 01/22/2012 10:05, Holger wrote:
I intend to use gpg only for receiving encrypted e-mail, not signing
my outgoing e-mail. Because I don't want my name or e-mail address
out there on the keyservers,
Why not?
One reason is spam,
- User brian m. carlson on 2012-01-23 00:47:03 wrote:
* sending ciphertext with the same e to several recipients
This depends on a small message. All secure padding schemes avoid this
problem because the pad the message so it is not small.
* no randomness
All secure padding schemes provide
17 matches
Mail list logo
