gnupg binaries too big? / OpenBSD Moving Towards Signed Packages — Based On D. J. Bernstein Crypto

2014-01-19 Thread Mark Schneider
Hi, Is there any possibility to create a minimal version of gnupg? http://bsd.slashdot.org/story/14/01/19/0124202/openbsd-moving-towards-signed-packages-based-on-d-j-bernstein-crypto # --- /"It's official: 'we are moving towards signed packages

Re: Is there a chance smartcards have a backdoor? (was Re: Any future for the Crypto Stick?)

2013-12-08 Thread Mark Schneider
Am 08.12.2013 19:13, schrieb NdK: Why is everyone thinking 'BIOS' as backdoorable piece of sw? Why not the hard disk? http://spritesmods.com/?art=hddhack Just another piece to think of when building a secure system... Excellent article! Thank you. Writing firmware I meant every piece of code "

Re: Is there a chance smartcards have a backdoor? (was Re: Any future for the Crypto Stick?)

2013-12-08 Thread Mark Schneider
Am 08.12.2013 11:51, schrieb Paul R. Ramer: Peter Lebbing wrote: We're debating the risk that a card is backdoored. If there is such a risk, that risk still exists if we allow for the possibility that manufacturers try to do what you say. They're not mutually exclusive; how come you infer that

Implementation idea of CURVE25519 for gnupg 2.1

2013-11-15 Thread Mark Schneider
Hi, There is GPL 3 based implementation of CURVE25519 called Pretty Curved Privacy (pcp1). http://www.daemon.de/PrettyCurvedPrivacy What do you think about using parts of the ppc1 source code to implement such functionality into gnupg 2.1? http://www.daemon.de/idisk/Apps/PrettyCurvedPrivacy/

Re: Threema. / don't trust closed source software

2013-11-10 Thread Mark Schneider
Am 10.11.2013 02:46, schrieb Robert J. Hansen: Looking over their site briefly I was unable to find a link for source code. As a result, I think very little of it. I don't think it's wise to trust unknown third-party binaries that don't provide source. It is commercial iOS and Androif applicati

Re: 2048 or 4096 for new keys? aka defaults vs. Debian

2013-10-27 Thread Mark Schneider
Am 27.10.2013 20:41, schrieb Werner Koch: On Sun, 27 Oct 2013 17:47, gn...@oneiroi.net said: Numbers please? Or are you talking about personal/subjective impressions? What about you running some benchmarks for us? Let's say: a 4k RSA key signed by 90 other 4k RSA keys, 8 2k RSA keys, and one