Re: New smart card / token alternative

2017-11-09 Thread Peter Lebbing
On 09/11/17 00:39, listo factor via Gnupg-users wrote: > Real-life threat-models are much more varied than what Alice, Bob > and Eve would have us believe. Hey, note that I'm not advocating against this proposed new alternative; it sounds like you think I do. I explicitly said I'm not commenting

Re: New smart card / token alternative

2017-11-08 Thread listo factor via Gnupg-users
On 11/08/2017 03:45 PM, Peter Lebbing wrote: On 08/11/17 16:27, ved...@nym.hush.com wrote: or, more practically, just post anonymously to a blog or website, using --throw-keyid, with a pre-arranged understanding that the sender and receiver post to and check certain websites I did not phrase

Re: New smart card / token alternative

2017-11-08 Thread Peter Lebbing
On 08/11/17 16:27, ved...@nym.hush.com wrote: > or, more practically, just post anonymously to a blog or website, > using --throw-keyid, with a pre-arranged understanding that the > sender and receiver post to and check certain websites I did not phrase it properly, leading to a misunderstanding.

Re: New smart card / token alternative

2017-11-08 Thread vedaal
On 11/7/2017 at 12:10 PM, "Peter Lebbing" wrote: >How exactly can the identity ever be unknown when we're talking >about stuff encrypted to an OpenPGP public key or signed by one? That's a >completely unique identifier! = Well, if someone were really *crazy

Re: New smart card / token alternative

2017-11-07 Thread timothy.steiner--- via Gnupg-users
If you are using something like Tails you would probably just install the GPG agent. Tails allows installing additional software -  https://tails.boum.org/doc/advanced_topics/additional_software/index.en.html. U2F is available in the new version of Firefox being released later this year so if

Re: New smart card / token alternative

2017-11-07 Thread listo factor via Gnupg-users
On 11/06/2017 10:26 PM, ved...@nym.hush.com wrote: On 11/6/2017 at 4:55 PM, "Tim Steiner" wrote: With this solution you can keep the key offline, carry it with you and it > works even on a computer where you can't install software... > We are interested to hear feedback on

Re: New smart card / token alternative

2017-11-07 Thread Philipp Klaus Krause
Am 06.11.2017 um 23:26 schrieb ved...@nym.hush.com: > > > On 11/6/2017 at 4:55 PM, "Tim Steiner" wrote: > > \We have been working on a project to build a direct interface for > PGP/GPG usage using U2F for web apps and browser extensions. This is > similar to existing smart cards

Re: New smart card / token alternative

2017-11-06 Thread Seby
Hello, "Tim Steiner" wrote: We have been working on a project to build a direct interface for PGP/GPG usage using U2F for web apps and browser extensions. This is similar to existing smart cards and tokens but no software install is required. We set out to solve this problem

Re: New smart card / token alternative

2017-11-06 Thread vedaal
On 11/6/2017 at 4:55 PM, "Tim Steiner" wrote: \We have been working on a project to build a direct interface for PGP/GPG usage using U2F for web apps and browser extensions. This is similar to existing smart cards and tokens but no software install is required. We set out to

New smart card / token alternative

2017-11-06 Thread Tim Steiner
We have been working on a project to build a direct interface for PGP/GPG usage using U2F for web apps and browser extensions. This is similar to existing smart cards and tokens but no software install is required. We set out to solve this problem -"Man, I really wish I could read this PGP