Re: [qubes-devel] Re: GitLab

2017-05-14 Thread Andrew David Wong
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2017-05-14 21:52, Peter Todd wrote: > On Sun, May 14, 2017 at 09:45:13PM -0500, Andrew David Wong wrote: (2), meanwhile, requires transferring the key to the QMSK's environment via: >>> >>> >>> >>> We're in agreement that's a

Re: [qubes-devel] Re: GitLab

2017-05-14 Thread Peter Todd
On Sun, May 14, 2017 at 09:45:13PM -0500, Andrew David Wong wrote: > >> (2), meanwhile, requires transferring the key to the QMSK's environment > >> via: > > > > > > > > We're in agreement that's a less-than-wise idea. :) > > > > Great points. Thanks! I think your setup would have been

Re: [qubes-devel] Re: GitLab

2017-05-14 Thread Andrew David Wong
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2017-05-14 21:36, Peter Todd wrote: > On Sun, May 14, 2017 at 02:11:30PM -0500, Andrew David Wong wrote: >>> Unfortunately the tools to actually find these paths all kinda suck, but >>> they >>> do at least the paths exist. The one I used to

Re: [qubes-devel] Re: GitLab

2017-05-14 Thread Peter Todd
On Sun, May 14, 2017 at 02:11:30PM -0500, Andrew David Wong wrote: > > Unfortunately the tools to actually find these paths all kinda suck, but > > they > > do at least the paths exist. The one I used to find the above is > > https://pgp.cs.uu.nl/, however it has the significant limitation that

Re: [qubes-devel] Re: GitLab

2017-05-14 Thread Andrew David Wong
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2017-05-14 20:57, Jean-Philippe Ouellet wrote: > On Sun, May 14, 2017 at 3:11 PM, Andrew David Wong wrote: >> On 2017-05-13 18:21, Peter Todd wrote: >>> On Sat, May 13, 2017 at 03:18:39PM -0500, Andrew David Wong wrote:

Re: [qubes-devel] Re: GitLab

2017-05-14 Thread Peter Todd
On Sun, May 14, 2017 at 09:57:45PM -0400, Jean-Philippe Ouellet wrote: > > Let's assume that (5) would be too cumbersome and error-prone to qualify > > as "practical." (3) would, again, entail that the machine is no > > longer airgapped. (4) is inherently risky. The riskiest storage media > > are,

Re: [qubes-devel] Re: GitLab

2017-05-14 Thread Andrew David Wong
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2017-05-13 22:06, Chris Laprise wrote: > On 05/13/2017 05:35 PM, Andrew David Wong wrote: >> On 2017-05-13 16:01, Felipe Dau wrote: >>> On Sat, May 13, 2017 at 03:18:39PM -0500, Andrew David Wong wrote: There are many other methods you could

Re: [qubes-devel] Re: GitLab

2017-05-14 Thread Andrew David Wong
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2017-05-14 14:11, Andrew David Wong wrote: > In particular, it's safe to assume that there is no networking (or > else it wouldn't be an air gap) and that no freely rewritable USB > drives (i.e., drives without write-protect switches) are

Re: [qubes-devel] Re: GitLab

2017-05-14 Thread Andrew David Wong
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2017-05-13 18:21, Peter Todd wrote: > On Sat, May 13, 2017 at 03:18:39PM -0500, Andrew David Wong wrote: >> There are many other methods you could use to attempt to verify the >> master key fingerprint aside from relying on the Qubes website.