Steffen Nurpmeso wrote in <20191021160908.4_hgk%stef...@sdaoden.eu>:
|Vincent Breitmoser wrote in <2UJQOP6NMJE80.2FS52GC36TCEU@my.amazin.horse>:
||> Especially if the key is shipped alongside the message already
||
||Are you sure that it is though? Seems to me you're giving out ill-informed
Steffen Nurpmeso wrote in <20191021160908.4_hgk%stef...@sdaoden.eu>:
'Just want to add that the DKIM i refer to in my first message is
in my eyes not a solution but a desastrous demolition ball
of the mail standard, and as such hatred by me, and the reply-to:
that was pointing to Tony Lane's real
Vincent Breitmoser wrote in <2UJQOP6NMJE80.2FS52GC36TCEU@my.amazin.horse>:
|
|> Especially if the key is shipped alongside the message already
|
|Are you sure that it is though? Seems to me you're giving out ill-informed
|advice here.
Bad advice of mine yes, PGP does not do it the way S/MIME
> Especially if the key is shipped alongside the message already
Are you sure that it is though? Seems to me you're giving out ill-informed
advice here.
- V
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
Hello Tony.
Tony Lane via Gnupg-users wrote in :
|On 10/18/19 2:12 PM, Steffen Nurpmeso wrote:
|> (redacted)... there are drugs and other specialists which
|> can make you talk and reveal that presence. At some later time
|> i would expect a court order to access log etc. data in and of the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 10/18/19 2:12 PM, Steffen Nurpmeso wrote:
> (redacted)... there are drugs and other specialists which
> can make you talk and reveal that presence. At some later time
> i would expect a court order to access log etc. data in and of the
> brain
Tony Lane via Gnupg-users wrote in :
|-BEGIN PGP SIGNED MESSAGE-
|Hash: SHA512
That seems to be a good choice.
|On 10/17/19 3:38 PM, Steffen Nurpmeso wrote:
|> You know, i would say people should be advised to use the most
|> compatible, most secure keys available for their "very
Vincent Breitmoser wrote:
> > It would be nice if you can add to the keyserver list also the
> > mailvelope.com keyserver,
>
> I concur keys.mailvelope.com is a fine keyserver today. However, you might
> want to consider:
>
> > because it requires users to authenticate their keys against the
> It would be nice if you can add to the keyserver list also the
> mailvelope.com keyserver,
I concur keys.mailvelope.com is a fine keyserver today. However, you might want
to consider:
> because it requires users to authenticate their keys against the keyserver
> with an received encrypted
On Fri, 2019-10-18 at 09:19 +0200, Stefan Claas via Gnupg-users wrote:
> Robert J. Hansen wrote:
>
> > 1. How should we handle the SKS keyserver attacks?
>
> I would list in the FAQ the kind of attacks possible,
> to educate users, before they choose one for uploading
> their key.
>
> > One
> 1. How should we handle the SKS keyserver attacks?
Worth mentioning that at the openpgp summit recently, Kristian announced some
plans that the SKS pool would:
1) Move implementation from SKS to Hockeypuck
2) Disable search by user id entirely
3) Filter out third party signatures, at least
Robert J. Hansen wrote:
> 1. How should we handle the SKS keyserver attacks?
I would list in the FAQ the kind of attacks possible,
to educate users, before they choose one for uploading
their key.
> One school of thought says "SKS is tremendously diminished as a
> resource, because using it
On Thu, 2019-10-17 at 15:18 -0400, Robert J. Hansen wrote:
> 1. How should we handle the SKS keyserver attacks?
>
> One school of thought says "SKS is tremendously diminished as a
> resource, because using it can wedge older GnuPG installations and we
> can't make people upgrade. We should
Robert J. Hansen [2019-10-17T15:18:07-04] wrote:
> 1. How should we handle the SKS keyserver attacks?
>
> One school of thought says "SKS is tremendously diminished as a
> resource, because using it can wedge older GnuPG installations and we
> can't make people upgrade. We should recommend
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 10/17/19 3:38 PM, Steffen Nurpmeso wrote:
> You know, i would say people should be advised to use the most
> compatible, most secure keys available for their "very key".
> Regardless of computing cost that is. And use specific "weaker",
>
Robert J. Hansen wrote in <99710af5-92ac-dbdd-afe9-d60d89614a76@sixdemon\
bag.org>:
...
|1. How should we handle the SKS keyserver attacks?
...
|Another says, "with a recent GnuPG release SKS may be used productively
|and we should keep the current advice."
I am using them, and have had
On 17-10-2019 21:18, Robert J. Hansen wrote:
> 1. How should we handle the SKS keyserver attacks?
>
> One school of thought says "SKS is tremendously diminished as a
> resource, because using it can wedge older GnuPG installations and we
> can't make people upgrade. We should recommend people
Unless there's no objection, I'll be making the edit to PGPNET's mailing
list address, as that seems uncontroversial.
I'd like to get a sense of the community on the other two changes I
made. Werner and I disagree on certain things (which is understandable
and okay!), and I'd really like to get
18 matches
Mail list logo
