On Sun, Apr 01, 2007 at 04:11:09PM +0800, Robert Roach wrote:
> I was wondering about that too. Went to local book store and found a
> good book on both PGP and GPG:
>
> http://www.amazon.com/PGP-GPG-Email-Practical-Paranoid/dp/1593270712/ref=sr_1_1/104-6276993-4918331?ie=UTF8&s=books&qid=117541
John L Fjellstad wrote on Thursday, April 05, 2007 10:43 AM -0500:
> "Seth Goodman" <[EMAIL PROTECTED]> writes:
>
> > Instead, they built
> > native S/MIME support into their MUA's, built a certificate store
> > into their operating system and bought VeriSign.
>
> Couple of points. There are lots
"Seth Goodman" <[EMAIL PROTECTED]> writes:
> S/MIME was intended to work with a certification authority (CA) model
> based on a small number of universally trusted root CA's, while PGP
> assumed a distributed web of trust model based on personal
> relationships between individual users. There's n
John L Fjellstad wrote on Tuesday, April 03, 2007 4:58 PM -0500:
> The reason you and people who use OE see it as an attachment is
> because MS is unable to implement an 11 years old standard.
> This page (http://www.imc.org/smime-pgpmime.html) has a discussion
> about the different standards (PGP
"John Fleming" <[EMAIL PROTECTED]> writes:
> While we're still on this, why do most of your (Debian-users-who-sign)
> emails show up in OE with the signature and the email text as
> attachments? It seems whether I use GPG or a Thawte cert, they still
> don't show up as attachments. Are you doing
Ron Johnson writes:
> An ATM machine's threshold of "trust in identity" is account number and
> PIN.
That is authentication, not identification.
> Meat sack tellers (who don't recognize you) want to verify your signature
> with a Government Issued ID Card.
A mistake. The teller should authentic
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, Apr 02, 2007 at 11:33:08AM -0400, Jim Hyslop wrote:
> Michael Pobega wrote:
> > Now I'm afraid.
> >
> > http://en.wikipedia.org/wiki/Key_signing_party
>
> Why are you afraid?
>
That picture just frightened me[0], but I was only kidding. It
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael Pobega wrote:
> Now I'm afraid.
>
> http://en.wikipedia.org/wiki/Key_signing_party
Why are you afraid?
- --
Jim Hyslop
Dreampossible: Better software. Simply. http://www.dreampossible.ca
Consulting * Mentoring * Training
Michael Pobega wrote:
> On Sun, Apr 01, 2007 at 06:24:02PM +0300, Andrei Popescu wrote:
>> On Sun, Apr 01, 2007 at 08:11:06AM -0400, Michael Pobega wrote:
>>
>> P.S. I am testing the autosign option for mutt right now ;)
>>
>
> Also, is there some way to set it so I can still send mail unsigned?
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael Pobega wrote:
> On Sun, Apr 01, 2007 at 10:54:27AM -0500, Ron Johnson wrote:
>> On 04/01/07 10:29, Brad Rogers wrote:
>>> On Sun, 01 Apr 2007 10:05:07 -0500
>>> John Hasler <[EMAIL PROTECTED]> wrote:
>>>
>>> Hello John,
>>>
"ID" is a slipp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/01/07 20:59, Seth Goodman wrote:
[snip]
> trust. The more signatures on your public key, the more likely it is
> that a random third party knows either someone who signed your key, or
> knows someone who knows someone who signed your key, etc.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Apr 01, 2007 at 10:16:10PM -0400, cga2000 wrote:
> On Sun, Apr 01, 2007 at 08:32:19PM EDT, Michael Pobega wrote:
> > On Sun, Apr 01, 2007 at 07:09:55PM -0500, John Hasler wrote:
> > > Michael Pobega writes:
> > > > Is it a bad practice to verif
On Sun, Apr 01, 2007 at 08:32:19PM EDT, Michael Pobega wrote:
> On Sun, Apr 01, 2007 at 07:09:55PM -0500, John Hasler wrote:
> > Michael Pobega writes:
> > > Is it a bad practice to verify keyrings of people on the mailing list, or
> > > is it better to wait until I meet up with some of them at say
Michael Pobega wrote on Sunday, April 01, 2007 7:32 PM -0500:
> On Sun, Apr 01, 2007 at 07:09:55PM -0500, John Hasler wrote:
> > Michael Pobega writes:
> > > Is it a bad practice to verify keyrings of people on the mailing
> > > list, or is it better to wait until I meet up with some of them
> > >
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Apr 01, 2007 at 08:50:02PM -0400, John Fleming wrote:
> On Sun, Apr 01, 2007 at 07:09:55PM -0500, John Hasler wrote:
> >Michael Pobega writes:
> >> Is it a bad practice to verify keyrings of people on the mailing list,
> >> or
> >> is it bette
On Sun, Apr 01, 2007 at 07:09:55PM -0500, John Hasler wrote:
Michael Pobega writes:
> Is it a bad practice to verify keyrings of people on the mailing list,
> or
> is it better to wait until I meet up with some of them at say Debconf or
> something similar?
Depends on what you mean by "verify"
On Sun, Apr 01, 2007 at 07:09:55PM -0500, John Hasler wrote:
> Michael Pobega writes:
> > Is it a bad practice to verify keyrings of people on the mailing list, or
> > is it better to wait until I meet up with some of them at say Debconf or
> > something similar?
>
> Depends on what you mean by "v
Michael Pobega writes:
> Is it a bad practice to verify keyrings of people on the mailing list, or
> is it better to wait until I meet up with some of them at say Debconf or
> something similar?
Depends on what you mean by "verify". There is nothing wrong with
downloading their public keys and us
On Sun, Apr 01, 2007 at 10:54:27AM -0500, Ron Johnson wrote:
> On 04/01/07 10:29, Brad Rogers wrote:
> > On Sun, 01 Apr 2007 10:05:07 -0500
> > John Hasler <[EMAIL PROTECTED]> wrote:
> >
> > Hello John,
> >
> >> "ID" is a slippery concept. What does it mean to "know who someone
> >> is"?
> >
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/01/07 17:24, John Hasler wrote:
> I wrote:
>> Again I have to ask, what is "identity"? That is not a flippant
>> question. Think about it.
>
> Ron Johnson writes:
>> In the metaphysical sense or the practical sense?
>
> Practical, but not "com
On Sun, 01 Apr 2007 14:43:48 -0500
Hugo Vanwoerkom <[EMAIL PROTECTED]> wrote:
[snip]
> No local bookstores here :-(
> I'm still waiting for a *well written plain English* description of
> PGP/GPG.
>
> ...
> The message recipient uses the sender's public key and the digital
> signature to recov
I wrote:
> Again I have to ask, what is "identity"? That is not a flippant
> question. Think about it.
Ron Johnson writes:
> In the metaphysical sense or the practical sense?
Practical, but not "commonsense".
Does your bank need to know "who you really are" in order to safely let you
withdraw
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/01/07 12:49, John Hasler wrote:
> Ron Johnson writes:
>> A couple of years ago there was a very long thread on what it means to
>> "trust". The bottom line was that you can't perfectly know, and that all
>> you can do is "your best" at verifying
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hugo Vanwoerkom wrote:
[snip]
>>> Michael, Wikipedia has a reasonably concise overview:
>>> http://en.wikipedia.org/wiki/Pretty_Good_Privacy
>>>
>>
>> I was wondering about that too. Went to local book store and found a
>> good book on both PGP an
Brad Rogers writes:
> Here, at least, using that link with Firefox, I get a warning about the
> certificate being unrecognised.
Yes, because Debian has not paid Verisign for one of their utterly
worthless certificates.
--
John Hasler
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subjec
Joe Hart writes:
> My doubts of the NSA mostly come from watching too many "conspiracy
>theory" [movies]...
There may be worse sources if information, but I can think of few.
> The phrase "in the interest of National Security" has been and can be
> used to cover up just about anything, and the NS
Robert Roach wrote:
Jim Hyslop wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jose Luis Rivas Contreras wrote:
Michael Pobega escribió:
[...]
What are the advantages to having it?
You can be sure that the person is who says it is.
We that's a pretty bi
On Sun, Apr 01, 2007 at 07:19:40PM +0300, Andrei Popescu wrote:
> Jose Luis Rivas Contreras <[EMAIL PROTECTED]> wrote:
>
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA1
> >
> > Andrei Popescu escribió:
> > > Ron Johnson <[EMAIL PROTECTED]> wrote:
> > >
> > >>> What are the advantages to ha
On Sun, Apr 01, 2007 at 06:58:33PM +, Joe Hart wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Joe Hart wrote:
> > John Hasler wrote:
> >> Joe Hart writes:
> >>> I also have serious doubts over the real security benefits of SELinux
> >>> specifically because it was developed by t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael Pobega wrote:
> On Sun, Apr 01, 2007 at 10:09:58PM +0300, Andrei Popescu wrote:
>> Michael Pobega <[EMAIL PROTECTED]> wrote:
>>
>>> On Sun, Apr 01, 2007 at 06:24:02PM +0300, Andrei Popescu wrote:
On Sun, Apr 01, 2007 at 08:11:06AM -0400, M
On Sun, Apr 01, 2007 at 02:30:19PM -0400, Michael Pobega wrote:
> On Sun, Apr 01, 2007 at 06:24:02PM +0300, Andrei Popescu wrote:
> > On Sun, Apr 01, 2007 at 08:11:06AM -0400, Michael Pobega wrote:
> >
> > P.S. I am testing the autosign option for mutt right now ;)
> >
>
> Also, is there some way
Sven Arvidsson <[EMAIL PROTECTED]> wrote:
> There's actually a coordinated effort for this sort of thing, check
> https://nm.debian.org/gpg.php and specifically the "list of key
> signing offers". You can also register for a signing request.
>
> I see one DD from Romania, and several from Vienna
On Sun, Apr 01, 2007 at 10:09:58PM +0300, Andrei Popescu wrote:
> Michael Pobega <[EMAIL PROTECTED]> wrote:
>
> > On Sun, Apr 01, 2007 at 06:24:02PM +0300, Andrei Popescu wrote:
> > > On Sun, Apr 01, 2007 at 08:11:06AM -0400, Michael Pobega wrote:
> > >
> > > P.S. I am testing the autosign option
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, 01 Apr 2007 13:42:47 +0100
Brad Rogers <[EMAIL PROTECTED]> wrote:
> application/pgp-signature (No public key to verify the signature)]
> Signature made at Sun 01 Apr 2007 08:42:47 AM EDT
> No public key to verify the signature
> Key fingerp
Michael Pobega <[EMAIL PROTECTED]> wrote:
> On Sun, Apr 01, 2007 at 06:24:02PM +0300, Andrei Popescu wrote:
> > On Sun, Apr 01, 2007 at 08:11:06AM -0400, Michael Pobega wrote:
> >
> > P.S. I am testing the autosign option for mutt right now ;)
> >
>
> Also, is there some way to set it so I can s
On Sun, 2007-04-01 at 14:30 -0400, Michael Pobega wrote:
> Also, is there some way to set it so I can still send mail unsigned?
> I've heard that GPG keys give trouble to M$ clients, and most of my
> family uses Outlook.
You should be able to switch between encrypt, sign, and unsigned
somewhere. I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Joe Hart wrote:
> John Hasler wrote:
>> Joe Hart writes:
>>> I also have serious doubts over the real security benefits of SELinux
>>> specifically because it was developed by the NSA. It is not rational
>>> that they would design a security system t
On Sun, 1 Apr 2007 14:30:19 -0400
Michael Pobega <[EMAIL PROTECTED]> wrote:
Hello Michael,
> Also, is there some way to set it so I can still send mail unsigned?
I don't know how to do it in Mutt, but for ease, I created a duplicate
account in Claws-Mail that doesn't sign emails. Each list I'm
On Sun, 01 Apr 2007 12:42:33 -0500
John Hasler <[EMAIL PROTECTED]> wrote:
Hello John,
> What is a "real ID"?
Does it ever actually matter? One of the reasons I put the word real
in quotes was because it's difficult to quantify.
--
Regards _
/ ) "The blindingly obvious is
On Sun, 01 Apr 2007 19:42:42 +0200
Sven Arvidsson <[EMAIL PROTECTED]> wrote:
Hello Sven,
> There's actually a coordinated effort for this sort of thing, check
> https://nm.debian.org/gpg.php and specifically the "list of key
> signing offers". You can also register for a signing request.
Here, a
On Sun, 01 Apr 2007 12:53:11 -0500
John Hasler <[EMAIL PROTECTED]> wrote:
Hello John,
> In the phrase "web of trust" the word "trust" does not have quite the
> same meaning as it does in everyday conversation.
Very true. Outside PGP users though, the difference in meaning would be
lost though,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael Pobega wrote:
> On Sun, Apr 01, 2007 at 06:24:02PM +0300, Andrei Popescu wrote:
>> On Sun, Apr 01, 2007 at 08:11:06AM -0400, Michael Pobega wrote:
>>
>>> I can't figure out how to set it up. The articles mention only talk
>>> about PGP, not GPG
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John Hasler wrote:
> Joe Hart writes:
>> I also have serious doubts over the real security benefits of SELinux
>> specifically because it was developed by the NSA. It is not rational
>> that they would design a security system that they could not acc
On Sun, Apr 01, 2007 at 06:24:02PM +0300, Andrei Popescu wrote:
> On Sun, Apr 01, 2007 at 08:11:06AM -0400, Michael Pobega wrote:
>
> P.S. I am testing the autosign option for mutt right now ;)
>
Also, is there some way to set it so I can still send mail unsigned?
I've heard that GPG keys give tr
On Sun, Apr 01, 2007 at 06:24:02PM +0300, Andrei Popescu wrote:
> On Sun, Apr 01, 2007 at 08:11:06AM -0400, Michael Pobega wrote:
>
> > I can't figure out how to set it up. The articles mention only talk
> > about PGP, not GPG.
>
> Here are the changes (actually additions) I made, everything els
Joe Hart writes:
> I also have serious doubts over the real security benefits of SELinux
> specifically because it was developed by the NSA. It is not rational
> that they would design a security system that they could not access, and
> then release it to the public.
Only if you have a very naiv
Brad Rogers writes:
> As said in interviews with ordinary people that knew the various
> criminals that achieve notoriety; "He was always such a *nice* polite
> man". Well obviously, because to be otherwise might arouse suspicion.
In the phrase "web of trust" the word "trust" does not have quite
Ron Johnson writes:
> A couple of years ago there was a very long thread on what it means to
> "trust". The bottom line was that you can't perfectly know, and that all
> you can do is "your best" at verifying his identity, and then have faith.
Again I have to ask, what is "identity"? That is not
Brad Rogers writes:
> However, with some sort of photo ID, such as passport of driving license,
> and knowledge of the relevant key fingerprint, it's possible to be fairly
> sure you're dealing with the person that created the public key.
For many purposes (guaranteeing that bank account withdrawa
On Sun, 2007-04-01 at 19:19 +0300, Andrei Popescu wrote:
> Jose Luis Rivas Contreras <[EMAIL PROTECTED]> wrote:
> > There're KSP (Keysigning party) where ID's are checked and keys are
> > signed for another keys, that raises the web of trust.
>
> This is the theory ;) But how can I, in Romania, ge
Andrei writes:
> This is the theory ;) But how can I, in Romania, get my key signed by at
> least one of the regular users of this list? I'll have a look to see if
> there are any DDs from Romania or at least Vienna. I can imagine the web
> is well established between the DDs.
There is a web of tr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Marko Randjelovic wrote:
>>> P.S. I just setup Claws-Mail to use signing a few days ago. This thread
>>> looks like a good opportunity to start using it here.
>> Yep, and I noticed that that message was the first one you signed. Now
>> your public key
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andrei Popescu escribió:
> Jose Luis Rivas Contreras <[EMAIL PROTECTED]> wrote:
>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> Andrei Popescu escribió:
>>> Ron Johnson <[EMAIL PROTECTED]> wrote:
>>>
> What are the advantages to having
On Sun, 01 Apr 2007 10:54:27 -0500
Ron Johnson <[EMAIL PROTECTED]> wrote:
Hello Ron,
> A couple of years ago there was a very long thread on what it means
All before my time on the list. If I have time, I might read through
it via the archives.
> to "trust". The bottom line was that you can't
On Sun, 01 Apr 2007 11:06:57 -0500
Ron Johnson <[EMAIL PROTECTED]> wrote:
Hello Ron,
[SELinux]
> Since the source code is open for all to see, every kernel hacker
> with a bit of paranoia has pored over SELinux with a sub-micron
> comb. They've found nothing.
I don't read source code. Primaril
On Sun, 1 Apr 2007 19:19:40 +0300
Andrei Popescu <[EMAIL PROTECTED]> wrote:
Hello Andrei,
> This is the theory ;) But how can I, in Romania, get my key signed by
> at least one of the regular users of this list? I'll have a look to
It does become problematic, that's for sure. The best many of u
On Sun, 1 Apr 2007 19:19:40 +0300
Andrei Popescu <[EMAIL PROTECTED]> wrote:
> Jose Luis Rivas Contreras <[EMAIL PROTECTED]> wrote:
>
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA1
> >
> > Andrei Popescu escribió:
> > > Ron Johnson <[EMAIL PROTECTED]> wrote:
> > >
> > >>> What are the adv
>> P.S. I just setup Claws-Mail to use signing a few days ago. This thread
>> looks like a good opportunity to start using it here.
>
> Yep, and I noticed that that message was the first one you signed. Now
> your public key is in my keyring :).
>
> Now you can send me encrypted mail (if you hav
Jose Luis Rivas Contreras <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Andrei Popescu escribió:
> > Ron Johnson <[EMAIL PROTECTED]> wrote:
> >
> >>> What are the advantages to having it?
> >> Using a web of trust, you can validate whether the entity that
> >>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/01/07 10:23, Brad Rogers wrote:
> On Sun, 01 Apr 2007 14:48:54 +
> Joe Hart <[EMAIL PROTECTED]> wrote:
>
> Hello Joe,
>
>>> You can *send* it them. They're unlikely to be able to *read* it,
>>> though. :-)
>> LOL. You've got that right.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/01/07 10:29, Brad Rogers wrote:
> On Sun, 01 Apr 2007 10:05:07 -0500
> John Hasler <[EMAIL PROTECTED]> wrote:
>
> Hello John,
>
>> "ID" is a slippery concept. What does it mean to "know who someone
>> is"?
>
> Indeed. However, with some sort
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andrei Popescu escribió:
> Ron Johnson <[EMAIL PROTECTED]> wrote:
>
>>> What are the advantages to having it?
>> Using a web of trust, you can validate whether the entity that
>> claims to have sent the email actually sent the email.
>
> Which makes
On Sun, 1 Apr 2007 18:30:38 +0300
Andrei Popescu <[EMAIL PROTECTED]> wrote:
Hello Andrei,
> > You can *send* it them. They're unlikely to be able to *read* it,
> > though. :-)
> Well IIUC you can only encrypt to self (because they don't have a
> public key) which is supposed to be unreadable.
On Sun, 01 Apr 2007 10:05:07 -0500
John Hasler <[EMAIL PROTECTED]> wrote:
Hello John,
> "ID" is a slippery concept. What does it mean to "know who someone
> is"?
Indeed. However, with some sort of photo ID, such as passport of
driving license, and knowledge of the relevant key fingerprint, it'
Brad Rogers <[EMAIL PROTECTED]> wrote:
> On Sun, 01 Apr 2007 14:03:24 +
> Joe Hart <[EMAIL PROTECTED]> wrote:
>
> Hello Joe,
>
> > Hmm, that's an interesting observation. I didn't think of that. Of
> > course, most of the people I communicate with via e-mail don't use
> > PGP so I can't se
On Sun, Apr 01, 2007 at 08:11:06AM -0400, Michael Pobega wrote:
> I can't figure out how to set it up. The articles mention only talk
> about PGP, not GPG.
Here are the changes (actually additions) I made, everything else works
out of the box:
~/.muttrc
# auto sign outgoing
set crypt_autosign=
On Sun, 01 Apr 2007 14:48:54 +
Joe Hart <[EMAIL PROTECTED]> wrote:
Hello Joe,
> > You can *send* it them. They're unlikely to be able to *read* it,
> > though. :-)
> LOL. You've got that right.
It's the pedant in me.
> > Since various governments stopped trying to prosecute Phil
> > Zim
Brad Rogers writes:
> Yes, you've got the right key, and it *has* verified. However, since
> Andrei's key is not included in your web-of-trust, GPG gives the warning.
> A valid signature != a trusted signature.
Such signatures can serve a useful purpose, though. You may not have a
trust path to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Brad Rogers wrote:
> On Sun, 01 Apr 2007 14:03:24 +
> Joe Hart <[EMAIL PROTECTED]> wrote:
>
> Hello Joe,
>
>> Hmm, that's an interesting observation. I didn't think of that. Of
>> course, most of the people I communicate with via e-mail don't u
On Sun, 01 Apr 2007 14:03:24 +
Joe Hart <[EMAIL PROTECTED]> wrote:
Hello Joe,
> Hmm, that's an interesting observation. I didn't think of that. Of
> course, most of the people I communicate with via e-mail don't use PGP
> so I can't send them encrypted mail.
You can *send* it them. They'r
On Sun, 1 Apr 2007 09:35:19 -0400
Michael Pobega <[EMAIL PROTECTED]> wrote:
Hello Michael,
> gpg: Good signature from "Andrei Popescu <[EMAIL PROTECTED]>"
> gpg: WARNING: This key is not certified with a trusted signature!
[snip]
> Looks like it should work to me; 70859BD9 is the same ID, no?
Ye
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Kent West wrote:
> Joe Hart wrote:
>> Now you can send me encrypted mail (if you have my public key)!
>> Whoopie! Like you really need to.
>
> It's been suggested that you should use encryption whenever possible as
> standard procedure; otherwise, wh
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Brad Rogers wrote:
> On Sun, 1 Apr 2007 08:37:11 -0400
> Michael Pobega <[EMAIL PROTECTED]> wrote:
>
> Hello Michael,
>
>> Not all of the GPG keys are verifying, Andrei's still isn't but others
>> are.
>
> Andrei's GPG sig verifies here.
>
>> Is t
On Sun, Apr 01, 2007 at 01:42:47PM +0100, Brad Rogers wrote:
> On Sun, 1 Apr 2007 08:37:11 -0400
> Michael Pobega <[EMAIL PROTECTED]> wrote:
>
> Hello Michael,
>
> > Not all of the GPG keys are verifying, Andrei's still isn't but others
> > are.
>
> Andrei's GPG sig verifies here.
>
> > Is the
Joe Hart wrote:
> Now you can send me encrypted mail (if you have my public key)!
> Whoopie! Like you really need to.
It's been suggested that you should use encryption whenever possible as
standard procedure; otherwise, when you need to send an encrypted
message and do so, it catches the attenti
On Sun, 1 Apr 2007 08:37:11 -0400
Michael Pobega <[EMAIL PROTECTED]> wrote:
Hello Michael,
> Not all of the GPG keys are verifying, Andrei's still isn't but others
> are.
Andrei's GPG sig verifies here.
> Is there any way to verify individual keys?
Make sure you have got his key imported with
Michael Pobega:
>
> I got this for your mail:
>
> [-- PGP output follows (current time: Sun 01 Apr 2007 08:09:36 AM EDT)
> --]
> gpg: Signature made Sun 01 Apr 2007 04:27:11 AM EDT using DSA key ID
> 70859BD9
> gpg: Can't check signature: public key not found
> [-- End of PGP output --]
This mea
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Andrei Popescu wrote:
> Ron Johnson <[EMAIL PROTECTED]> wrote:
>
>>> What are the advantages to having it?
>> Using a web of trust, you can validate whether the entity that
>> claims to have sent the email actually sent the email.
>
> Which makes me
On Sun, Apr 01, 2007 at 02:24:39PM +0200, Florian Kulzer wrote:
> On Sun, Apr 01, 2007 at 08:11:06 -0400, Michael Pobega wrote:
> > On Sun, Apr 01, 2007 at 11:26:54AM +0300, Andrei Popescu wrote:
> > > Ron Johnson wrote:
> > >
> > > > > What are the advantages to having it?
> > > >
> > > > Using
On Sun, Apr 01, 2007 at 08:11:06 -0400, Michael Pobega wrote:
> On Sun, Apr 01, 2007 at 11:26:54AM +0300, Andrei Popescu wrote:
> > Ron Johnson wrote:
> >
> > > > What are the advantages to having it?
> > >
> > > Using a web of trust, you can validate whether the entity that
> > > claims to have
On Sun, Apr 01, 2007 at 11:26:54AM +0300, Andrei Popescu wrote:
> Ron Johnson <[EMAIL PROTECTED]> wrote:
>
> > > What are the advantages to having it?
> >
> > Using a web of trust, you can validate whether the entity that
> > claims to have sent the email actually sent the email.
>
> Which makes
On Sun, 1 Apr 2007 11:26:54 +0300
Andrei Popescu <[EMAIL PROTECTED]> wrote:
Hello Andrei,
> P.S. I just setup Claws-Mail to use signing a few days ago. This
> thread looks like a good opportunity to start using it here.
All set up nicely, then. Your public key imported, and everything
works.
W
On Sun, Apr 01, 2007 at 11:26:54AM +0300, Andrei Popescu wrote:
> Ron Johnson <[EMAIL PROTECTED]> wrote:
>
> > > What are the advantages to having it?
> >
> > Using a web of trust, you can validate whether the entity that
> > claims to have sent the email actually sent the email.
>
> Which makes
Ron Johnson <[EMAIL PROTECTED]> wrote:
> > What are the advantages to having it?
>
> Using a web of trust, you can validate whether the entity that
> claims to have sent the email actually sent the email.
Which makes me wonder, how is anyone to establish such a web of trust
in this community?
R
Jim Hyslop wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jose Luis Rivas Contreras wrote:
Michael Pobega escribió:
[...]
What are the advantages to having it?
You can be sure that the person is who says it is.
We that's a pretty big simplification. I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jose Luis Rivas Contreras wrote:
> Michael Pobega escribió:
[...]
>>>What are the advantages to having it?
>
>
> You can be sure that the person is who says it is.
We that's a pretty big simplification. It is possible to do
that, but you mus
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/31/07 21:30, Michael Pobega wrote:
> I noticed a lot of people on this mailing list have GPG enabled in
> their emails, and now that I've seen it enough I'm wondering a few
> things;
>
> What exactly does GPG/GnuPG do?
Digitally signs and or en
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael Pobega escribió:
> I noticed a lot of people on this mailing list have GPG enabled in
> their emails, and now that I've seen it enough I'm wondering a few
> things;
>
> What exactly does GPG/GnuPG do?
Sign and/or encrypt things
>
> What are
88 matches
Mail list logo
