list
> Gnupg-users@gnupg.org
> https://lists.gnupg.org/mailman/listinfo/gnupg-users
http://catb.org/~esr/faqs/smart-questions.html
--
Mark H. Wood
Lead Technology Analyst
University Library
Indiana University - Purdue University Indianapolis
755 W. Michigan Street
Indianapolis, IN 46202
317-2
t;
> I guess that saves the day for some. I can almost hear the sigh of
> relief. ;)
:-)
https://en.wikipedia.org/wiki/The_Story_of_English if anyone finds
this interesting.
--
Mark H. Wood
Lead Technology Analyst
University Library
Indiana University - Purdue University Indianapolis
755 W.
On Thu, Sep 09, 2021 at 10:43:05AM +, Oli Kon via Gnupg-users wrote:
> On 2021-09-08 4:53 p.m., Mark H. Wood via Gnupg-users -
> gnupg-users@gnupg.org wrote:
> > I didn't know where else to turn, for folks who might be able to point
> > me at standards for or discuss
I didn't know where else to turn, for folks who might be able to point
me at standards for or discussion of embedding crypto signatures in
image formats, to detect tampering with the image.
--
Mark H. Wood
Lead Technology Analyst
University Library
Indiana University - Purdue Unive
tly the qt one, gtk
> was preferred with gtk2 but the gtk3 one is horrible.)
The only thing I can think of to check is: have you selected
pinentry-qt5 using 'eselect'?
--
Mark H. Wood
Lead Technology Analyst
University Library
Indiana University - Purdue University Indianapolis
755 W
nny," except an occasional comment that someone couldn't open
the "attachment" (meaning the PGP/MIME signature). Those stopped when
I got a corporate X.509 certificate and configured Mutt to use S/MIME
for internal mail.
Other console MUAs probably can do similar things when c
d be user-hostile, as there are people in some
> >> cultures who have only one name, the Indonesian dictator Suharto being one
> >> famous example.
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-
key
to the entity which will issue the certificate.
--
Mark H. Wood
Lead Technology Analyst
University Library
Indiana University - Purdue University Indianapolis
755 W. Michigan Street
Indianapolis, IN 46202
317-274-0749
www.ulib.iupui.edu
signature.asc
Des
the number of places that the bad guy must break into and get out of
undetected. This is the electronic analog of a principle in physical
security: require the bad guy to spend time, make noise, and create a
visible mess, to increase his fear of being discovered to the point
that the expectation
I do have a question, if you don't mind ...
> > >
> > > Why are the Students at the University don't use OpenPGP with Gmail
> > > via the free Mailvelope add-on for Firefox, Chrome? Wouldn't that be
> > > not cheaper instead of purchasing a whole l
l
certificates twice (once for Firefox, again for *everything else*.)
Maybe there will be an add-on, so that those who care can choose to
integrate Thunderbird into their systems rather than having it still
standing off to one side haughtily awaiting special treatment.
--
Mark H. Wood
Lead T
is almost absurdly simple:
1) Use PGP
2) Don't send secrets to people I don't trust to keep them.
Anyway, 99% of my PGP use is for the opposite of secrecy: I sign my
emails so that (if you care enough to install PGP) you can be highly
assured that they're from me.
--
Mark H.
We can't enforce technical security without proper OPSEC. Regarding the
> > Subject, Reference, etc, it is way easy and more secure to educate the
> > user about the fact that only the content is _end-to-end_ encrypted and
> > other parts, like the Subject, are required to
On Tue, May 22, 2018 at 01:42:07AM +0100, Mark Rousell wrote:
> On 21/05/2018 15:17, Mark H. Wood wrote:
> >> Break backwards compatibility already: it’s time. Ignore the haters. I
> >> trust you.
> > (I understand that that's a quote of a discussion-opener from th
us.
o What we have done, and are doing, to keep *your* cost down.
o What else would we need to do, to make this something *you* want?
--
Mark H. Wood
Lead Technology Analyst
University Library
Indiana University - Purdue University Indianapolis
755 W. Michigan Street
Indianapolis, IN 462
that locks can be picked, so you should remove
all the locks from your doors right now."
--
Mark H. Wood
Lead Technology Analyst
University Library
Indiana University - Purdue University Indianapolis
755 W. Michigan Street
Indianapolis, IN 46202
317-274-0749
www.ul
I would be interested to hear this auditor's explanation of how *any*
completely automated software system can protect private keys from a
human with access to the system.
--
Mark H. Wood
Lead Technology Analyst
University Library
Indiana University - Purdue University Indianapolis
ight one for each To: address.
In some workplaces, S/MIME is mandated. That's another reason. :-)
With all the phishing going on these days, I foresee a wave of
companies issuing policies that unsigned mail seeming to come from a
fellow employee must be reported and then ignored. Since it's al
ady* a
> nightmare without adding this to it.
>
> Better by far to provide a cronjob that can do the refreshing
> automatically -- or, on Windows, to write a service to do it.
No need for yet another service; use Task Scheduler to run the refresh
command periodically.
--
Mark H
top leyphohap number 3!"
I can learn that just about as quickly as "leyphohap" alone.
--
Mark H. Wood
Lead Technology Analyst
University Library
Indiana University - Purdue University Indianapolis
755 W. Michigan Street
Indianapolis, IN 46202
317-274-0749
www.ulib.iupui.edu
There
are already enough examples of systems which have been made so easy to
use that they should not be used at all.
--
Mark H. Wood
Lead Technology Analyst
University Library
Indiana University - Purdue University Indianapolis
755 W. Michigan Street
Indianapolis, IN 46202
317-274-0749
www.ul
- were that person someone "known"
> to be nasty, it would have degraded my key's value. The best it could
> have been is totally meaningless.
To put my point more plainly: signatures on products and signatures
on keys mean different things, and to gain trust for them works in
differe
you think as carefully about your choice of CA as you
do about who you would have sign a PGP key. The more you depend on
a certificate for *establishing* trust, the more it's going to cost
you, because it's going to cost the issuer more to provide that
assurance while protecting his
ct communities of
communicators? *Are* there useful clusterings of communication needs,
w.r.t. security, within the community of communicators?
--
Mark H. Wood
Lead Technology Analyst
University Library
Indiana University - Purdue University Indianapolis
755 W. Michigan Street
Indianapolis, IN 4
XKVDstXV2FbgO9Jvkze9Uo+10oQ6XNntG/xi
> TTBnF6pFGsG8yrS1ecK/Oq2dSqif0g8cjjJ1SKUHhZr91pGWdr5X0UkmXjJIvP8=
> =KuOK
> -END PGP SIGNATURE-
>
> _______
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
--
Mark H.
lot of labels
("identities") stuck on me by family, friends, enemies, employers,
trading partners, etc., each of which is more or less independent.
Various sets of these labels make up how my associates retrieve their
concepts of me.)
--
Mark H. Wood
Lead Technology An
eath my collected letters
to someone, how do I arrange the transmission of the necessary
passphrases as well? I wonder if the lawyer who draws up my will
would even understand the question.
--
Mark H. Wood
Lead Technology Analyst
University Library
Indiana University - Purdue University In
as I know, the principal effect of
MTA-based antivirus in my life is to prevent me consciously emailing
known innocuous code that I wrote to people who ask for it. So I for
one wouldn't miss it. That's selfish of me, of course.
--
Mark H. Wood
Lead Technology Analyst
University
honestly answer that question, if the suspected
weakness has never been found? We don't know that it exists, and if
it does exist we don't know its nature.
--
Mark H. Wood
Lead Technology Analyst
University Library
Indiana University - Purdue University Indianapolis
755 W. Michigan Stre
it evaporates entirely.
Lies, rumors, and faulty logic readily die of exposure. Expose them!
If someone attacks your secrets...attack his! The falsity of a false
argument is one of your opponent's centers of gravity, so strike it
to keep him busy protecting it.
Secrecy alone is defensive. Th
(c) rely on some large corporation to handle the encryption and decryption
> for us
Same answer as (b).
--
Mark H. Wood
Lead Technology Analyst
University Library
Indiana University - Purdue University Indianapolis
755 W. Michigan Street
Indianapolis, IN 46202
317-274-0749
www.ulib.iupui.ed
On Mon, Aug 18, 2014 at 08:15:49AM -0600, Aaron Toponce wrote:
> On Mon, Aug 18, 2014 at 09:59:33AM -0400, Mark H. Wood wrote:
> > Perhaps it would be a start if sites providing SMTP would turn on
> > STARTTLS.
>
> STARTTLS does not encrypt mail. It only provides safe passag
ps it would be a start if sites providing SMTP would turn on
STARTTLS.
--
Mark H. Wood
Lead Technology Analyst
University Library
Indiana University - Purdue University Indianapolis
755 W. Michigan Street
Indianapolis, IN 46202
317-274-0749
www.ulib.iupui.edu
signature.asc
Description: Digital signatur
s is only exposed on the sending SMTP server and
> the receiving SMTP and mailbox servers (f.e., IMAP). The mailbox server
I treat hop-by-hop encryption, not as an alternative to end-to-end,
but as defense in depth.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Machines should not
> can only be kept for a while. Yes, that's an immense difference.
>
> Old Hell's Angels saying, "3 people can keep a secret if two of them are
> dead". Not a very sophisticated bunch but..
Often attributed to Benjamin Franklin.
--
Mark H. Wood, Lea
an do that.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Machines should not be friendly. Machines should be obedient.
signature.asc
Description: Digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/ma
On Wed, Jun 18, 2014 at 01:56:45PM +0100, Brad Rogers wrote:
> On Wed, 18 Jun 2014 08:45:26 -0400
> "Mark H. Wood" wrote:
> >What sort of mascot would combine the two aspects?
>
> Racoon? Easily recognised so an allusion to identity there. Their face
> has a &#
Assuming that there *should * be a mascot, the discussion seems to
concentrate on the secrecy aspect of GnuPG. But what about the
other aspect -- assertion of identity? Does that spark any ideas?
What sort of mascot would combine the two aspects?
--
Mark H. Wood, Lead System Programmer mw
We have one, but it's a secret. :-)
> How about an Octopus? As I understand it, they like to try and open
> locks.
Alas, the octopus is already associated with GitHub:
https://octodex.github.com/original/
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Machines should
ected by
*trademark* or *service mark*.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Machines should not be friendly. Machines should be obedient.
signature.asc
Description: Digital signature
___
Gnupg-users mailing list
Gnupg-users@gnu
meone more
knowledgable will correct my errors. I figure that, if I trot out my
limited knowledge, I may help someone to understand just a bit, and I
too may learn something in the process.
> I suggest: Just give it a try.
That is my suggestion as well.
--
Mark H. Wood, Lead System
who wants to offer to recover session keys rather than hand
over more-general keys should work on that *now*, when you can perhaps
get it into the law and common practice, rather than later, when you
cannot get it into court. Right now might be a good time to be heard
on questions of narrowing
which gives the interesting summary: thermodynamically reversible
processes are theoretical and don't occur in the real world. These
seem to live in the same realm with 100% frictionless surfaces and
insulation with infinite R-factor.
That article seems confused as to whether a reversible proces
for a
certificate *and the services necessary to maintain it*. As someone
pointed out, this is a predictable and avoidable cost. I do think
that a CA should not charge for revocation, but that implies that I
should have already paid for possible needs to which I'm committing
myself.
--
M
On Tue, Apr 29, 2014 at 06:46:30PM +0100, MFPA wrote:
> On Tuesday 29 April 2014 at 3:23:10 PM, in
> , Mark H. Wood wrote:
>
> > Eh, I consider the possibility of address harvesting an
> > opportunity for a bit of sport. I enjoy occasionally
> > crafting a new regular
Eh, I consider the possibility of address harvesting an opportunity
for a bit of sport. I enjoy occasionally crafting a new regular
expression to make maildrop automatically toss a new strain of UCE.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Machines should not be friendly
What about abandoning terms of art and just saying things more simply:
"This message was signed by key . You have indicated that you
trust that key."
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Machines should not be friendly. Machines should be obedient.
sig
cally authenticated
by comparing the signature sample on the draft to a trusted signature
sample, either already on file or executed by the named person in the
presence of the authenticator. (Apparently Latin borrowed this one
from Greek.)
Is that of any help at all?
--
Mark H. Wood, Lead S
was made, the
inner document bore a specific signature. It may be possible to
compress the structure if there were defined signature types for these
uses, so that one knows (for example) to include all of the foregoing
signatures in the text to be validated.
--
Mark H. Wood, Lead System Programm
t you
know it.
After that, it's all just multiplying impossibly huge numbers.
That's dumbed down considerably, but I think it gets the basic idea
across simply.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Machines should not be friendly. Machines sho
al CAs typically are audited
periodically to determine that their operations conform to their CPS.
The problem is that a CPS can say *anything*. Without reading it, you
have no way of knowing what you should expect that CA's certificates
to mean.
--
Mark H. Wood, Lead System Programmer mw...@
re and haven't thought deeply
about why they might want more.
So: what would one want from X.509 certificates used to initialize an
OpenPGP session? What would it take to get that?
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Machin
Assuming you trust those CAs. All of them.
Having said that, you might look at how OpenSSH has included X.509
certificates in its operation. There is precedent for something like
what you suggest.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Machines should not be friendly. Ma
ts. Most people haven't got anything worth that much time
and effort. The greatest expectation of reward probably lies in
waiting for me to make a misteak.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu Machines
should not be friendly. Machines should be obedient.
signature.a
rmal
> & common in England when I grew up there.
This is also common in USA, and seems to refer to the tradition of
giving a just-born infant a swat on the rump to encourage the
beginning of breathing (because the baby needs air to yell at you).
At any rate, it means as new as can be; fre
me
away. The cost, as we've recently seen, could be considerable.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Machines should not be friendly. Machines should be obedient.
signature.asc
Description: Digital signature
___
Gnupg-use
opic anyway, I'll continue and opine that this
add-on would only be doing for self-signed cert.s and other unknown
CAs the same thing that the user *should* have done with those
commercial root cert.s: evaluate and install them individually. (Of
course hardly any of us have done this.)
--
Ma
rong as, or stronger
than, either AES or BLOWFISH alone. Then ask the same question for
each composition you think promising.
You will wind up doing quite a LOT of math. You could probably get a
book out of it, if you do a thorough job.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Ma
Having not read far enough down the thread, Mark H. Wood wishes to
recall a completely redundant message:
> Consider a composition of *three* ciphers:
>
> A := ROT13
> B := ROT10
> C := ROT3
--
Mark H. Wood, hasty poster mw...@iupui.edu
Machines should not be friendly.
no stronger than any single one.
Obviously this should not be assumed to hold true for all possible
functions, but it provides a counterexample: composing ciphers does
not necessarily produce a stronger cipher.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Machines should n
s is
the notion that one can buy a box of security off the shelf and
thereafter be secure, without thinking about what one is doing. It
seems to me that designing secure processes for your specific needs
should work better and be cheaper in the end.
--
Mark H. Wood, Lead System Programmer mw..
n you keep a secret?
B: No.
A: Then I won't tell you any.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Machines should not be friendly. Machines should be obedient.
signature.asc
Description: Digital signature
___
Gnupg-u
keeping an eye on it.
>
> And let me give a big "d'accord!" to Werner's "we don't need to rush."
On the one hand, we don't need to rush. On the other, it is good to
see that people are thinking ahead, because I don't want to see
matters come to a state
es
mingled. It would depend on how I have known him to use his
identities. But if they are the same person, then what harm? I try
to keep my personal and professional identities distinct, but some
people don't.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Machines should not be
natures. Suspicious, verify
out-of-band.
It seems unduly risky. Traditional methods of forgery try to bury one
identity under another, but forging PK certificates *asserts* a new
identity. It feels to me like making too much noise -- it attracts
attention just when and where the forger wants to
t; Fri, 26 Jul 2013 09:22:32 -0400
> "Mark H. Wood" wrote:
>
> > Well, Windows users who aren't programmers, who switch to e.g. Linux,
> > will then be Linux users who aren't programmers, so this alone changes
> > little for the individual. He is stil
or
people to find out for themselves who is reliable and form open-eyed
trust relationships.
If one wishes to be more self-sufficient, one must learn a great deal
about work formerly left to others.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Machines should not be friendly. Mach
rent
dimensions of communication security.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Machines should not be friendly. Machines should be obedient.
signature.asc
Description: Digital signature
___
Gnupg-users mailing list
Gnupg-us
urreptitious monitoring, how do "they" know that I am
not doing surreptitious monitoring? Remote log servers, firewall
logs, 'tripwire', cheap cameras the size of an aspirin tablet
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
M
mail sent to my
> unversity addresses on the computer at university. And I want to use
> encryption, since the mails might contain sensitive information, such as
> exams, grades, etc (and the mail servers are maintained by students).
It's called compartmental design. No one compromise
at the real cost of crypto: you have to think about
it. There is no escape; you have to think deeply about slippery
things like identity and trust and threat models, and then you have to
apply your resulting policies a hundred times a day. Software can
relieve large parts of the latter
it is right and
proper for me to control, and it is wrong and improper for others to
attempt to control them, because my society generally agrees that
this is so and my government is (generally) willing to enforce laws
codifying these norms.
--
Mark H. Wood, Lead System Programmer mw...@i
use now. The world is changing
> but most of the changes aren't good.
Wow, *real* military use? I want to see an iPhone after Raytheon has
had a go at it.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Machines should not be friendly. Machines should be obedient.
signature.asc
Ha, that reminds me, when I submit artifacts to Maven Central (a
public code repository) I'm required to OpenPGP sign them. Maven has
a very nice plugin which handles this automatically.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Machines should not be friendly. Machines s
ils I've sent, but I assert that I sign all
emails addressed to humans. (Some mailing-list robots are fragile and
have trouble with signatures when directly addressed. Boo.)
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Machines should not be friendly. Machines should be o
ven sure who would study such things. Anthropologists, I suppose.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Machines should not be friendly. Machines should be obedient.
signature.asc
Description: Digital signature
___
Gnupg-users
ct: No route to host
> gpg: keyserver internal error
> gpg: keyserver send failed: Keyserver error
The site doesn't want unencrypted connections, and they way they
enforce this is by returning "no route" to requests for connection to
port 80. I would have used "administ
their jaws up off the floor. This is
probably the origin of the closed, private email system locked away
inside each bank's site. That is, perhaps, where one should work on
acceptance of suitable encryption and signing. ("Suitable" including
wh
ghtly difficult to steal or forge, is not something that most
people can realistically do with the current crop of CAs.
Long-distance relationships in the security realm make trust
difficult, in both directions.
None of this has a great deal to do with OpenPGP or GnuPG as such.
--
Mark H. Wo
On Mon, Jan 07, 2013 at 05:54:15PM +0100, Peter Lebbing wrote:
> On 07/01/13 16:39, Mark H. Wood wrote:
> > I'd suggest assuming some periodic read-only use, since we *should* be
> > testing our backups regularly to discover decay *before* it makes
> > something irretrie
than the on-the-shelf lifespan of already written
> data.
I'd suggest assuming some periodic read-only use, since we *should* be
testing our backups regularly to discover decay *before* it makes
something irretrievable.
--
Mark H. Wood, Lead System Programmer mw...@iu
I don't know, but I must say that I'm wary of dealing with unknown
people who are collecting signature samples from all over Europe,
offering a service which seems to accomplish very little and making
disputed claims about its legal effect.
--
Mark H. Wood, Lead System Progr
ed-flapped or zipped pocket, for example, or even a
money belt or a traveller's concealed document shoulder pouch) in which
you will carry the medium, and write out a checklist to make certain
that you've followed your procedure.
--
Mark H. Wood, Lead System Programmer mw...@iupui.ed
in the virtual world as in the physical world and I had better
understand how to get it. If more people would cross that bridge, I
wouldn't have to work so hard, because more of the burden would be
shared.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Who also thinks locks are i
;me + anybody in the IT
department at ${giant e-tailer} + anybody at the records management
service they use" to "me". I think that's a significant reduction.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Asking whether markets are efficient is like askin
On Thu, Aug 30, 2012 at 10:33:32AM -0400, Mark H. Wood wrote:
> On Wed, Aug 29, 2012 at 03:14:50PM -0400, Landon Hurley wrote:
> [snip]
> > I do have a question about where you talk about backups though. How
> > does PKI prevent back up loss?
>
> If I can prove that I pos
isclose my public key,
which is not secret, to my correspondents; my private key never leaves
my equipment unless someone penetrates *my* system or steals *my*
backups.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Asking whether markets are efficient is like asking whether people
ryone from my more intimate conversations
with my wife -- we feel comfortable being vulnerable in the presence
of those who love us, but uncomfortable showing that same
vulnerability to others. In every society there are questions it
would be highly improper for a stranger t
tor or lawyer who adopts a
pervasive records security plan (of which customer communications
would be but a part) should be able to negotiate lower insurance
premiums. It seems to me that people are leaving money on the table
all over.
--
Mark H. Wood, Lead System Programmer mw...@iupui.
ful (in his eyes) that he
might want assurance that only the intended recipient be party to the
discussion. I doubt there ever was anyone who had *nothing* to hide.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Asking whether markets are effici
locks and
sealed envelopes, but they are not taught to generalize these acts.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Asking whether markets are efficient is like asking whether people are smart.
pgp8zojtuQtPo.pgp
Description: PGP signature
___
re
it is. Perhaps the search function (when there is one) could scroll
it, or sort all of the current hits to the top of the table widget's
viewport.
I've been meaning to do something about that but, I'm ashamed to say,
I haven't gotten it done.
--
Mark H. Wood, Lead System Pr
n't guarantee reducing it to
a single-element space.
* And anyone who puts socks in one drawer and shirts in another has
used hash indexing. :-)
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Asking whether markets are efficient is like asking whether people are s
to deaddiaeresis. For German I also need a lower quote. Finding
> 3 new keys with Emacs is hard ;-).
And life is too short to go trawling the Internet for X Compose
sequences. If I could find a comprehensive table I'd probably use
them more.
--
Mark H. Wood, Lead System Programmer mw.
On Thu, May 24, 2012 at 08:27:59PM +0100, michael crane wrote:
> >> mwood@mhw ~ $ dir /usr/bin/gpg*
Sorry, that's lingering evidence of my VMS habits:
mwood@mhw ~ $ alias dir
alias dir='ls -l'
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Asking whether
works on my system, even though there is no GPG v1
installed on it anywhere, does demonstrate that gpg v1 is not required
and gpg v2 is not the problem.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Asking whether markets are efficient is like asking whether people are smart.
pgpSQ
signed message to myself at another
address, from Thunderbird, using Enigmail. It arrived signed, with a
valid signature. Thunderbird + Enigmail + gpg2 works. You should
consider the possibility that you have a different problem.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Let me turn things around. Other than providing opportunities to
discuss the practicalities of large RSA keys, is there any reason why
the agent should care what size key it is storing?
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Asking whether markets are efficient is like asking
jects don't come from you. The pattern that you establish is
evidence but not proof.
I would like to say that, while proof settles the matter, evidence
short of proof often has value. I'm going to continue to sign every
email. Besides, I'm too lazy to turn it on and off. :-)
hat someone does once they have your
> private information: harvesting is the act of collecting.
A difficulty here is that "spamming" is fairly specific, while
"privacy" (it seems to me) is huge, amorphous, and defined differently
by different people.
--
Mark H. Wood, L
1 - 100 of 176 matches
Mail list logo
