Re: 2 Q's

On Wed, Aug 17, 2016 at 09:52:59AM -0400, Robert J. Hansen wrote: > > That sounds like an argument for marking downloaded local copies of > > public keys stale after a certain period, similarly to DNS TTL... > > That suggestion fills me with horror. Key management is *already* a > nightmare witho

Re: 2 Q's

On 17/08/16 19:35, Andrew Gallagher wrote: > > Public keys are low-latency things D'oh. s/low/high/ A signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gn

Re: 2 Q's

On 17/08/16 19:15, Robert J. Hansen wrote: > > Parcimonie is a key refreshing daemon. (So far, cool! It's a real > problem. Solving this problem is cool.) In order to defend against > completely hypothetical movie plot attacks, it insists on refreshing the > keys spread out over a long period o

Re: 2 Q's

> Okay, I give up. What is "Parcimonie"? A poorly-thought-out answer to a problem that doesn't exist. Parcimonie is a key refreshing daemon. (So far, cool! It's a real problem. Solving this problem is cool.) In order to defend against completely hypothetical movie plot attacks, it insists o

Re: 2 Q's

On Wed, Aug 17, 2016 at 04:07:34PM +0100, Andrew Gallagher wrote: On 17/08/16 15:54, Jerry wrote: On Wed, 17 Aug 2016 15:36:05 +0100, Andrew Gallagher stated: Parcimonie already exists. But it's an optional extra that most people don't install (or even know of). People shouldn't be expected to

Re: 2 Q's

On 17/08/16 17:03, Gabriel Philippe wrote: > On Wed, Aug 17, 2016 at 5:43 PM, Andrew Gallagher wrote: >> On 17/08/16 16:36, Gabriel Philippe wrote: >>> >>> Set an expiration date to your key one year from now. Every 6 months, >>> postpone this expiration date to 6 more months. It's too late for >>

Re: 2 Q's

On 17/08/16 16:36, Gabriel Philippe wrote: > > Set an expiration date to your key one year from now. Every 6 months, > postpone this expiration date to 6 more months. It's too late for > these people, but in the future and same conditions, others won't have > a false security feeling when writing

Re: 2 Q's

On 2016-08-17 at 16:36, Andrew Gallagher wrote: > Parcimonie already exists. But it's an optional extra that most people > don't install (or even know of). People shouldn't be expected to > install or configure extras before they have a (safely) usable system. > Last time I checked, Parcimonie wa

Re: 2 Q's

On 16-08-17 10:54, Jerry wrote: > On Wed, 17 Aug 2016 15:36:05 +0100, Andrew Gallagher stated: > > >Parcimonie already exists. But it's an optional extra that most people > >don't install (or even know of). People shouldn't be expected to > >install or configure extras before they have a (safely)

Re: 2 Q's

On Wed, Aug 17, 2016 at 5:43 PM, Andrew Gallagher wrote: > On 17/08/16 16:36, Gabriel Philippe wrote: >> >> Set an expiration date to your key one year from now. Every 6 months, >> postpone this expiration date to 6 more months. It's too late for >> these people, but in the future and same conditi

Re: 2 Q's

On 17/08/16 16:43, Gabriel Philippe wrote: > On Wed, Aug 17, 2016 at 4:36 PM, Andrew Gallagher wrote: >> Parcimonie already exists. But it's an optional extra that most people >> don't install (or even know of). People shouldn't be expected to >> install or configure extras before they have a (saf

Re: 2 Q's

Le 18 août 2016 00:09, "Andrew Gallagher" a écrit : > Parcimonie already exists. But it's an optional extra that most people > don't install (or even know of). People shouldn't be expected to > install or configure extras before they have a (safely) usable system. I coincidentally am working on a

Re: 2 Q's

On Wed, Aug 17, 2016 at 4:36 PM, Andrew Gallagher wrote: > Parcimonie already exists. But it's an optional extra that most people > don't install (or even know of). People shouldn't be expected to > install or configure extras before they have a (safely) usable system. I wonder if it's possible t

Re: 2 Q's

On Wed, Aug 17, 2016 at 3:21 PM, Robert J. Hansen wrote: > You're assuming people refresh their keyrings. Although that's a > recommended practice, it appears to be the opinion of the minority. I am used to being a minority. :) > My > certificate 0x23806BE5D6B98E10 has been revoked for seven m

Re: 2 Q's

On 17/08/16 15:54, Jerry wrote: > On Wed, 17 Aug 2016 15:36:05 +0100, Andrew Gallagher stated: > >> Parcimonie already exists. But it's an optional extra that most people >> don't install (or even know of). People shouldn't be expected to >> install or configure extras before they have a (safely)

Re: 2 Q's

On Wed, 17 Aug 2016 15:36:05 +0100, Andrew Gallagher stated: >Parcimonie already exists. But it's an optional extra that most people >don't install (or even know of). People shouldn't be expected to >install or configure extras before they have a (safely) usable system. Okay, I give up. What is "

Re: 2 Q's

On 17/08/16 14:52, Robert J. Hansen wrote: >> That sounds like an argument for marking downloaded local copies of >> public keys stale after a certain period, similarly to DNS TTL... > > That suggestion fills me with horror. Key management is *already* a > nightmare without adding this to it. ;-

Re: 2 Q's

On 2016-08-17 at 15:52, Robert J. Hansen wrote: > Better by far to provide a cronjob that can do the refreshing > automatically -- or, on Windows, to write a service to do it. > Or an scheduled task. -- Juan Miguel Navarro Martínez GPG Keyfingerprint: 5A91 90D4 CF27 9D52 D62A BC58 88E2 947F 9B

Re: 2 Q's

> That sounds like an argument for marking downloaded local copies of > public keys stale after a certain period, similarly to DNS TTL... That suggestion fills me with horror. Key management is *already* a nightmare without adding this to it. Better by far to provide a cronjob that can do the re

Re: 2 Q's

On 17/08/16 14:21, Robert J. Hansen wrote: >> Concerning key servers, unless in very specific cases, I think keys >> should be on big and commonly used keyservers which synchronize among >> themselves. Otherwise new signatures, IDs, and revocations will not >> get propagated when people refresh the

Re: 2 Q's

> Concerning key servers, unless in very specific cases, I think keys > should be on big and commonly used keyservers which synchronize among > themselves. Otherwise new signatures, IDs, and revocations will not > get propagated when people refresh their keyring. You're assuming people refresh the

Re: 2 Q's

On Tue, Aug 16, 2016 at 3:00 PM, Robert J. Hansen wrote: >> 2) What is the best way to automatically send my Public Key to message >> recipients? > > Don't. Public keys are big and a little obnoxious. Send your public > certificate to a keyserver. In your email signature, you can say > somethin

Re: 2 Q's

> 1) How can I set the time for retention of the Passphrase? This depends on what version of GnuPG you're using. The mechanism changed between GnuPG 1.4 and 2.0. Look for a configuration file called "gpg-agent.conf" (normally found in ~/.gnupg; dunno where it would be stored on iOS). Open it u

Re: 2 Q's

On 08/15/2016 04:48 PM, Francesco Ariis wrote: > On Mon, Aug 15, 2016 at 06:33:47AM -0700, Daniel H. Werner wrote: >> 2) What is the best way to automatically send my Public Key to message >> recipients? > > Why not upload it to your site (if you have it) or to a keyserver? I like

Re: 2 Q's

On Tue, Aug 16, 2016 at 12:48:25AM +0200, Francesco Ariis wrote: > On Mon, Aug 15, 2016 at 06:33:47AM -0700, Daniel H. Werner wrote: > > 2) What is the best way to automatically send my Public Key to > > message recipients? > > Why not upload it to your site (if you have it) or to a keyserver? Fol

Re: 2 Q's

On Mon, Aug 15, 2016 at 06:33:47AM -0700, Daniel H. Werner wrote: > 2) What is the best way to automatically send my Public Key to message > recipients? Why not upload it to your site (if you have it) or to a keyserver? ___ Gnupg-users mailing list Gnu

2 Q's

I have finally and successfully gotten GPG up and running on my Mac desktop and my Mac laptop (and also on my iPhone with iPGMail). Your application is so superior to the earlier version of PGP that I used some years ago. My hat is off to everyone who working on this! I have 2 questions: 1)