Notices by Joshua Judson Rosen (rozzin) tagged pgp
-
Joshua Judson Rosen (rozzin)'s status on Wednesday, 03-Jul-2019 01:15:55 EDT Joshua Judson Rosen That #Tails "use the WoT" download #verification guide is telling you to do 2 distinct things:
1) use #PGP WoT metrics to identify someone who is a Tails developer (but not AFAICT to identify that person *as* a Tails developer);
2) make a WoT-less leap from "this is Bob" to "Bob is verified as a Tails developer AND his signatures mean something".
In that "→A→B→C" chain of mixed ops, #WoT only takes you to B. -
Joshua Judson Rosen (rozzin)'s status on Wednesday, 03-Jul-2019 00:49:32 EDT Joshua Judson Rosen That #PGP's #WoT metrics (supposedly) propagate through signature-chains is somehow basically an extremely popular #myth; "talks about WoT being all about arbitrarily-long multi-hop chains of trust" and "conflates #trust and #identity #certification" have been "understands-pgp-p" litmus tests for me since I realized how confused *I was myself* years ago, and they've never failed before. -
Joshua Judson Rosen (rozzin)'s status on Tuesday, 02-Jul-2019 08:12:09 EDT Joshua Judson Rosen Contrary to popular belief, "trust paths" are not actually a thing in #PGP. -
Joshua Judson Rosen (rozzin)'s status on Monday, 01-Jul-2019 15:50:40 EDT Joshua Judson Rosen ALSO, I'm reminded that there was this other #HKP #keyserver released a few years ago, compatible w/ #SKS but written in #Golang, which might relieve some of "zomg unmaintainable!" problems with the SKS servers: https://hockeypuck.github.io/ !crypto #PGP #GnuPG -
Joshua Judson Rosen (rozzin)'s status on Friday, 28-Sep-2018 16:37:05 EDT Joshua Judson Rosen With the sudden realization that #Enigmail has been able to decrypt #email permanently upon reception for the last 3 years, I'm excited about using #PGP #crypto w/ #Enigmail again! But, oh, just in time for me #Mozilla broke Enigmail in #Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909000 #ugh -
Joshua Judson Rosen (rozzin)'s status on Friday, 28-Sep-2018 16:22:38 EDT Joshua Judson Rosen Holy crap! "Since version 1.8, Enigmail can decrypt mails permanently." https://enigmail.net/index.php/en/faq-en?view=topic&id=15 #enigmail #pgp #crypto -
Joshua Judson Rosen (rozzin)'s status on Sunday, 21-May-2017 15:16:27 EDT Joshua Judson Rosen Wow: !TIL that #keybase was founded on a fundamental misunderstanding about how the #PGP / #GnuPG #weboftrust works: http://web.archive.org/web/20141027135352/https://keybase.io/docs/tracking https://lists.gnupg.org/pipermail/gnupg-users/2014-December/051939.html https://www.linux.com/blog/pgp-web-trust-delegated-trust-and-keyservers -
Joshua Judson Rosen (rozzin)'s status on Wednesday, 11-May-2016 00:36:37 EDT Joshua Judson Rosen Can't remember: who had the clever !coffee #mug with his #PGP fingerprint on it? -
Joshua Judson Rosen (rozzin)'s status on Thursday, 24-Mar-2016 14:53:28 EDT Joshua Judson Rosen @windigo, I guess that's why ID-certification and trust are two separate things in #PGP, "sign" and "tsign" are separate commands in #GnuPG, and nobody uses "tsign" ;) -
Joshua Judson Rosen (rozzin)'s status on Tuesday, 22-Mar-2016 23:17:35 EDT Joshua Judson Rosen Met a bunch of awesome people at #lp2016. And few... #interesting ones. Like the one who refused to sign my #PGP key because she thought I was a government spook... because I claimed to be from #NH but "didn't know that *every* FreeStater is (obviously) #crypto savvy enough to sign PGP keys... since most of them use #bitcoin as their only currency... so they can remain anonymous". #wtf #notevenwrong -
Joshua Judson Rosen (rozzin)'s status on Thursday, 12-Mar-2015 08:18:23 EDT Joshua Judson Rosen I'm a fan of #hardcopy #plaintext #PGP fingerprints ☺ -
Joshua Judson Rosen (rozzin)'s status on Saturday, 14-Feb-2015 18:47:12 EST Joshua Judson Rosen "The #Debian #PGP #disaster that almost was": http://rdist.root.org/2009/05/17/the-debian-pgp-disaster-that-almost-was/ !crypto -
Joshua Judson Rosen (rozzin)'s status on Monday, 02-Feb-2015 22:58:16 EST Joshua Judson Rosen @boneidol, I'd rather bank on #DKIM. Or #PGP. Or S/MIME. -
Joshua Judson Rosen (rozzin)'s status on Friday, 12-Dec-2014 18:24:01 EST Joshua Judson Rosen I need to get some new #businesscards made up before #libreplanet 2015, with an updated #PGP fingerprint and my #gnusocial address.... -
Joshua Judson Rosen (rozzin)'s status on Thursday, 07-Aug-2014 11:45:19 EDT Joshua Judson Rosen PGP pathfinder, a tool that finds trust-paths between #PGP keys: http://pgp.cs.uu.nl/