Notices tagged with pgp
-
https://nu.federati.net/url/255372 #pgp #gpg #sha-1 #software_signing #vulnerability #exploit
-
That #Tails "use the WoT" download #verification guide is telling you to do 2 distinct things:
1) use #PGP WoT metrics to identify someone who is a Tails developer (but not AFAICT to identify that person *as* a Tails developer);
2) make a WoT-less leap from "this is Bob" to "Bob is verified as a Tails developer AND his signatures mean something".
In that "→A→B→C" chain of mixed ops, #WoT only takes you to B.
-
That #PGP's #WoT metrics (supposedly) propagate through signature-chains is somehow basically an extremely popular #myth; "talks about WoT being all about arbitrarily-long multi-hop chains of trust" and "conflates #trust and #identity #certification" have been "understands-pgp-p" litmus tests for me since I realized how confused *I was myself* years ago, and they've never failed before.
-
Contrary to popular belief, "trust paths" are not actually a thing in #PGP.
-
ALSO, I'm reminded that there was this other #HKP #keyserver released a few years ago, compatible w/ #SKS but written in #Golang, which might relieve some of "zomg unmaintainable!" problems with the SKS servers: https://hockeypuck.github.io/ !crypto #PGP #GnuPG
-
With the sudden realization that #Enigmail has been able to decrypt #email permanently upon reception for the last 3 years, I'm excited about using #PGP #crypto w/ #Enigmail again! But, oh, just in time for me #Mozilla broke Enigmail in #Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909000 #ugh
-
Holy crap! "Since version 1.8, Enigmail can decrypt mails permanently." https://enigmail.net/index.php/en/faq-en?view=topic&id=15 #enigmail #pgp #crypto
-
Wow: !TIL that #keybase was founded on a fundamental misunderstanding about how the #PGP / #GnuPG #weboftrust works: http://web.archive.org/web/20141027135352/https://keybase.io/docs/tracking https://lists.gnupg.org/pipermail/gnupg-users/2014-December/051939.html https://www.linux.com/blog/pgp-web-trust-delegated-trust-and-keyservers
-
@csaurus A message sent to multiple !GnuPG (or #PGP) recipients uses a symmetric key generated for that session to encrypt the message, and then encrypts that symmetric key with the public key for each recipient, creating multiple encrypted key packets. When you receive such a message your GnuPG finds the packet with the symmetric key encrypted to your public key, decrypts it with…
-
Vorsicht, da draußen sind gefälschte PGP-Schlüssel von mir im Umlauf:
http://qttr.at/1fwj
#pgp #gnupg !security !verschluesselung
-
!privacy !crypto Don't the signatures on #PGP public keys in a web of trust give away the social graph?
-
♻ @gnupg@twitter.com !GnuPG 2.1.14 released: https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000393.html #pgp #gpg !privacy
-
I'm the Keymaster for the Formal Keysigning at the #KWLUG "Short Presentations and Activities" meeting on 8 August 2016. For anyone who wants to participate, here are the preparation instructions: http://sobac.com/wiki/index.php/KWLUG_Keysigning_2016-08-08 #Crypto #GnuPG #PGP
-
dear !gnusocial , have any of you received a mail for a #gpg #pgp survey by the Oxford Internet Institute? !privacy
-
have you guys heard about this! https://lwn.net/Articles/689792/rss I have had the same pgp key for years now does this I mean I possibly need to change? !gnusocial #privacy #pgp
-
Can't remember: who had the clever !coffee #mug with his #PGP fingerprint on it?
-
@windigo, I guess that's why ID-certification and trust are two separate things in #PGP, "sign" and "tsign" are separate commands in #GnuPG, and nobody uses "tsign" ;)
![Nobody [LinuxWalt (@lnxw48a1)]](https://status.hackerposse.com/avatar/6598-48-20200623042734.png)
Nobody [LinuxWalt (@lnxw48a1)]
Joshua Judson Rosen
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca
qbi
arunisaac
Bob Jonkman
ghostdancer
Andrew Ridgway
All Hacker Poesy content and data are available under the