jchris + gpg   20

Creating a 8192 bit GPG key to replace my 1024 bit one - Nick
My GPG key from 2003 to know has been a 1024 bit DSA key, which uses a 160 bit SHA-1 hash. As per the Debian Guidance, this isn't ideal, and I (along with many) have decided to move to a new, stronger key with a stronger hash.
gpg  security 
may 2018 by jchris
Weblog for dkg - HOWTO prep for migration off of SHA-1 in OpenPGP
So what can you do to help facilitate the move away from SHA-1? I'll outline three steps that current gpg users can do today, and then i'll walk through how to do each one: • start making data signatures and web-of-trust certifications using stronger digests, • explicitly state your preferences for stronger digests when receiving private communications, and • If you are currently using a 1024-bit DSA primary key (which relies for signatures on a 160-bit hash, traditionally SHA-1), transition to a new 2048-bit RSA key.
gpg  openpgp  security  howto 
september 2017 by jchris
The best crypto is the crypto you don't see – Exotic Security
I'd love to believe that PGP will take off in the wake of the Snowden revelations, it will become ubiquitous and built into every mail client as standard. But PGP has been around for almost 25 years now, and GNU Privacy Guard the open source implementation has been around for almost 20 years and it has not gone mainstream. I like the way Adam Boileau from Risky Business1 puts it "If GPG was going to solve our problems it would have by now"
linux  encryption  gpg  critique 
september 2017 by jchris
Weblog for dkg - HOWTO prep for migration off of SHA-1 in OpenPGP
Last week at eurocrypt, a small group of researchers announced a fairly serious attack against the SHA-1 digest algorithm, which is used in many cryptosystems, including OpenPGP. The general consensus is that we should be "moving in an orderly fashion toward the theater exits," deprecating SHA-1 where possible with an eye toward abandoning it soon (one point of reference: US gov't federal agencies have been directed to cease all reliance on SHA-1 by the end of 2010, and this directive was issued before the latest results).
cryptography  debian  gpg  security  howto  @goodie  SHA1 
february 2014 by jchris
Creating a new GPG key with subkeys | Into.the.Void.
A few weeks ago I created my new GPG/PGP key with subkeys and a few people asked me why and how. The rationale for creating separate subkeys for signing and encryption is written very nicely in the subkeys page of the debian wiki. The short answer is that having separate subkeys makes key management a lot easier and protects you in certain occasions, for example you can create a new subkey when you need to travel or when your laptop gets stolen, without losing previous signatures. Obviously you need to keep your master key somewhere very very safe and certainly not online or attached to a computer.
gpg  pgp  security  howto 
february 2014 by jchris
Welcome - GPGTools Support
We love to hear your questions and answer them as quickly as possible, listen to your ideas, and be of any help we can in regards to our tools. -==- A lot of questions have already been answered, so feel free to browse the public discussions and search the knowledge base for a quick solution or simply open a new discussion to ask us for help.
email  encryption  gpg  mac  privacy  support 
january 2014 by jchris
First steps - where do I start, where do I begin? / Tutorials / Knowledge Base - GPGTools Support
In this article you'll learn how to setup your own GPG key and send your first secure email.
email  encryption  gpg  howto  mac 
january 2014 by jchris
kostenlose OpenPGP-Schulungen
Crypto für alle – kostenlose OpenPGP-Schulungen
gpg  openpgp  pgp  tutorial 
november 2013 by jchris
This is Wotsap, a tool to find paths and some other information about keys in the OpenPGP Web of Trust.
collaboration  gpg  pgp  openpgp  security 
november 2013 by jchris
EmacsWiki: AutoEncryption
Is it possible to edit encrypted files from inside Emacs? I’d like to keep a file encrypted on disk, and even better, never have the decrypted parts swapped out to disk. Has this already been done? -=- There are a few solutions for this.
encryption  emacs  gpg 
november 2007 by jchris
sig2dot GPG/PGP Keyring Graph Generator
sig2dot.pl can be used to generate a graph of all of the signature relationships in a GPG/PGP keyring, like those resulting from keysigning parties, or the Debian Keyring (of all Debian developers). It converts the output of "gpg --list-sigs" to a .dot
gnupg  gpg  pgp  graph  linux  perl  tools 
november 2006 by jchris
c't 3/2006, S. 184: FAQ
Verschlüsseln und signieren mit PGP und GPG -- Antworten auf die häufigsten Fragen
heise  ct  pgp  gpg  email  privacy  security 
march 2006 by jchris
Deutsche GnuPG Anleitung / Die Selfsign FAQ
Warum sollte ich meinen eigenen Schlüssel unterschreiben? -- Alles hier Beschriebene betrifft PGP 2.6.3i (32 BIT), ist aber auch für GnuPG zum Verständnis des eigenen Zertifikats relevant.
email  gpg  pgp  privacy  security  howto 
march 2006 by jchris

Copy this bookmark: