On 23 February 2017 at 19:24, wrote:
> Today was announced that SHA1 is now completely broken
> https://security.googleblog.com/2017/02/announcing-first-
> sha1-collision.html
This is nonsense.
Google security team calling sha1 "completely broken" simply means google's
security
On 24 December 2015 at 17:02, Matthias Apitz wrote:
>
> Hello,
>
> I do not fully understand why some 4 random words like
>
> Correct, horse! Battery staple!
>
> is a better passphrase like, for example
>
> Und allein dieser Mangel und nichts anderes führte zum
This is a great conversation in general, including the inventors of the web
and the internet, pushing for more crypto
http://www.w3.org/2015/10/27-tpac-minutes.html
Vint: I would like to challenge people who are concerned about
security...is there some irreducible level of inconvenience that's
On 1 October 2015 at 17:56, Jon Millican wrote:
> On 26 September 2015 at 03:24, Christian Heinrich <
> christian.heinr...@cmlh.id.au> wrote:
> >
> > So as far as I am aware there is no integration with the Facebook
> > GraphAPI yet :(
>
> Hi, I'm Jon - I work on OpenPGP
On 1 October 2015 at 17:56, Jon Millican wrote:
> On 26 September 2015 at 03:24, Christian Heinrich <
> christian.heinr...@cmlh.id.au> wrote:
> >
> > So as far as I am aware there is no integration with the Facebook
> > GraphAPI yet :(
>
> Hi, I'm Jon - I work on OpenPGP
On 1 October 2015 at 22:30, Kristian Fiskerstrand <
kristian.fiskerstr...@sumptuouscapital.com> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On 10/01/2015 10:28 PM, Melvin Carvalho wrote:
> >
> >
>
> ...
>
> >
> > Reference:
ive been looking at UID in gpg
http://tools.ietf.org/html/rfc4880#section-5.11
is there any way to add an URL instead of an email address?
or to have both an emall and URL in a cert?
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
On 15 August 2015 at 17:25, Damien Goutte-Gattat dgouttegat...@incenp.org
wrote:
On 08/15/2015 03:35 PM, Melvin Carvalho wrote:
Is it possible to go the other way? openssh - gpg
I recently wrote an openssh - X.509 converter in nodejs
https://github.com/gitpay/util/blob/master
On 15 August 2015 at 08:50, Damien Goutte-Gattat dgouttegat...@incenp.org
wrote:
On 08/14/2015 10:44 PM, Kai Lemke wrote:
gpg v2.1 claims to be easy to use for SSH-authentification, too.
For me that's really great, because you can have on public key with
subkeys for all purposes, but I tried
On 15 December 2014 at 19:40, Robert J. Hansen r...@sixdemonbag.org wrote:
Keybase (https://keybase.io) is trying to solve the Web of Trust problem
in a new way. They're currently in beta, but I was able to snag an
invitation. (I have no invites to give out, unfortunately.) The following
On 4 February 2014 15:47, Daniel Kahn Gillmor d...@fifthhorseman.net wrote:
On 02/04/2014 09:01 AM, Mark H. Wood wrote:
Having said that, you might look at how OpenSSH has included X.509
certificates in its operation. There is precedent for something like
what you suggest.
fwiw, the
On 4 February 2014 15:47, Daniel Kahn Gillmor d...@fifthhorseman.net wrote:
On 02/04/2014 09:01 AM, Mark H. Wood wrote:
Having said that, you might look at how OpenSSH has included X.509
certificates in its operation. There is precedent for something like
what you suggest.
fwiw, the
On 10 June 2013 10:46, Henry Hertz Hobbit hhhob...@securemecca.net wrote:
My personal observations agrees with Rob Hansen's studies 100%.
Even when required to use encryption people hate doing it and
their concept is entirely focused on the ciphering with them
thinking that people who use
On 3 June 2013 19:20, Daniel Kahn Gillmor d...@fifthhorseman.net wrote:
On 06/03/2013 08:04 AM, Melvin Carvalho wrote:
Bitcoin is essentially a ledger where you have an array of fingerprints
(160 bit hashes of a public key) and a value (number of coins in wallet).
i thought that bitcoin
On 1 April 2013 19:46, Daniel Kahn Gillmor d...@fifthhorseman.net wrote:
On 04/01/2013 12:24 PM, adrelanos wrote:
gpg uses only(?) 40 chars for the fingerprint.
(I mean the output of: gpg --fingerprint --keyid-format long.)
this is a 160-bit SHA-1 digest of the public key material and the
On 2 April 2013 18:45, Daniel Kahn Gillmor d...@fifthhorseman.net wrote:
On 04/02/2013 05:40 AM, Melvin Carvalho wrote:
In bitcoin you have the concept of a 'vanity key' much like vanity
license
plates, see:
https://bitcointalk.org/index.php?topic=25804.0
I wonder
On 3 April 2013 19:39, Andreas Mattheiss please.post@publicly.invalidwrote:
Well, uhm, if it's really important to you:
The concept of hashes/fingerprints/etc. is that it is (next to) impossible
to find an entity-to-be-hashed (here a key) if you specify the hash. In
fact a hash function that
In bitcoin you have the concept of a 'vanity key' much like vanity license
plates, see:
https://bitcointalk.org/index.php?topic=25804.0
I wonder if there is anything similar for public keys in GPG?
What would you iterate on, the key or the fingerprint?
On 23 December 2012 23:17, Daniel Kahn Gillmor d...@fifthhorseman.netwrote:
On 12/23/2012 04:42 PM, Hauke Laging wrote:
Am So 23.12.2012, 16:31:01 schrieb Daniel Kahn Gillmor:
the ssh specification declares the use pgp-style certificates:
On 5 December 2012 23:15, Patrick Baxter pa...@cs.ucsb.edu wrote:
On Tue, Dec 4, 2012 at 5:29 AM, Melvin Carvalho
melvincarva...@gmail.com wrote:
Not sure I've grokked everything in this thread, but some thoughts.
I'm working on the TL;DR version :).
Tying a key to a 'domain' (aka URI
On 8 November 2012 14:01, Werner Koch w...@gnupg.org wrote:
On Thu, 8 Nov 2012 09:37, melvincarva...@gmail.com said:
Does anyone know if there's a safe way to recover my web of trust, or
should I make an ultimately trusted key first, and start from scratch?
ssh otherbox rm
I've just managed to recover my gpg key from an old machine that died.
But the trust db was not imported.
Does anyone know if there's a safe way to recover my web of trust, or
should I make an ultimately trusted key first, and start from scratch?
___
Is it possible to construct a GPG 'Certificate' from an existing RSA key
pair?
I've got some 2048 RSA keys I'd like to reuse, is there any way I can use
them to make everything I need for GPG?
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
On 6 October 2012 16:15, Hauke Laging mailinglis...@hauke-laging.de wrote:
Am Sa 06.10.2012, 15:53:25 schrieb Melvin Carvalho:
Is it possible to construct a GPG 'Certificate' from an existing RSA key
pair?
I've got some 2048 RSA keys I'd like to reuse, is there any way I can use
them
On 6 October 2012 18:34, Daniel Kahn Gillmor d...@fifthhorseman.net wrote:
On 10/06/2012 09:53 AM, Melvin Carvalho wrote:
Is it possible to construct a GPG 'Certificate' from an existing RSA key
pair?
I've got some 2048 RSA keys I'd like to reuse, is there any way I can use
them
On 24 August 2012 22:06, Robert J. Hansen r...@sixdemonbag.org wrote:
On 08/24/2012 08:24 AM, peter.segm...@wronghead.com wrote:
I propose to you (and to the people who are putting all that hard
work into gpg) that there are actually two things killing PKI:
At risk of sounding dismissive,
On 24 August 2012 14:24, peter.segm...@wronghead.com wrote:
On 23/08/12 17:07, Robert J. Hansen - r...@sixdemonbag.org wrote:
Deploying PKI is nowhere near as big of a problem as convincing people
that PKI adds benefit to their lives.
and
Right now the number one thing killing PKI is
On 16 December 2011 18:50, Daniel Kahn Gillmor d...@fifthhorseman.net wrote:
On 12/16/2011 10:51 AM, gn...@lists.grepular.com wrote:
I understand that once you've uploaded something to the keyservers, it
can't be removed. Eg, if I sign someone elses key and upload that, it
will be attached to
On 30 October 2011 05:21, Eric Abrahamsen e...@ericabrahamsen.net wrote:
I own a small business that works with contractors all over the world,
and I'm currently scratching my head over the issue of signing
contracts. I know that gpg can/has been used to this purpose, but I
wanted to ask the
On 17 October 2011 20:11, Werner Koch w...@gnupg.org wrote:
Hi!
Over the last year Marcus and me discussed ideas on how to make
encryption easier for non-crypto geeks. We explained our plans to
several people and finally decided to start a project to develop such a
system. Obviously it is
On 11 October 2011 22:32, Robert J. Hansen r...@sixdemonbag.org wrote:
Accurate to 6%, there are 2**25 seconds in a year. Worth remembering:
it makes certain kinds of computations much easier. (It follows there
would be about 2**35 seconds in a thousand years, or 2**45 seconds in a
million.)
Just wondering is there a way to browse the GPG web of trust?
Is some of the signing data public and downloadable, or is it mainly private?
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On 7 October 2011 11:51, Aaron Toponce aaron.topo...@gmail.com wrote:
On Fri, Oct 07, 2011 at 10:26:59AM +0200, Melvin Carvalho wrote:
Just wondering is there a way to browse the GPG web of trust?
Is some of the signing data public and downloadable, or is it mainly private?
Yes
On 7 October 2011 17:54, Aaron Toponce aaron.topo...@gmail.com wrote:
On Fri, Oct 07, 2011 at 12:46:32PM +0200, Melvin Carvalho wrote:
This is awesome, thanks!
No problem. It's pretty crazy stuff.
Is it possible to get a dump of all the signatures in a particular key
server?
Possible
On 7 October 2011 20:55, Aaron Toponce aaron.topo...@gmail.com wrote:
On Fri, Oct 07, 2011 at 06:56:36PM +0200, Werner Koch wrote:
On Fri, 7 Oct 2011 11:51, aaron.topo...@gmail.com said:
gpg --list-sigs --keyring ~/.gnupg/pubring.gpg | sig2dot
~/.gnupg/pubring.dot 2
I've noticed that some apps add some fields on the end of your public
key e.g. in Retroshare, the end of my key looks like this:
-END PGP PUBLIC KEY BLOCK-
--SSLID--5bcc296e6b3e40c859a031dd6c0d07b3;--LOCATION--home;
In this case:
SSLID=5bcc296e6b3e40c859a031dd6c0d07b3
LOCATION=home
On 2 August 2011 20:10, Sébastien tigresetdrag...@yahoo.fr wrote:
Hello,
I would like to know an easy way to get numbers used in a key.
For example, in a RSA key, N and e (used like this: message^e modulus N)
Why do you want N and E?
I think exponent is almost always 65537
Some apps display
On 28 July 2011 16:01, MFPA expires2...@ymail.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Thursday 28 July 2011 at 12:53:41 PM, in
mid:4e314dc5.4000...@freenet.edmonton.ab.ca, Jay Litwyn wrote:
Attaching a photo to your public key might
help. So might putting a
38 matches
Mail list logo