Domain: pgp.net
Stories and comments across the archive that link to pgp.net.
Comments · 12
-
Re:easy,
This relies on Carol controlling everything Alice and Bob can see. Anything outside the channel Carol controls will uncover her. This is why public keys are posted everywhere. "Hmm, Alice, that key doesn't match what i'm seeing here: http://wwwkeys.pgp.net:11371/pks/lookup?op=index&search=ak+mark"
-
Re:This is an example of the strength of the proto
Exactly - and some people have "vanity" short keys, and have had since 1999, including generating their own collisions...
http://subkeys.pgp.net:11371/pks/lookup?search=0xDEADBEEF
pub 1024D/DEADBEEF 2001-01-21 Imad R. Faiad
Preston Wilson <pres@palmjunkie.com>
pub 2048R/DEADBEEF 1999-08-03 Imad R. Faiad
pub 1024D/DEADBEEF 1999-04-28 Imad R. Faiad
Preston Wilson <pres@palmjunkie.com> -
Re:How many people do check the MD5 checksum?
Hmm that's a good point which I hadn't considered.
Luckily the key is located on a different serve to the download - but anybody who was really paranoid could find my key via one of the online key searchs
-
Another reason to PGP sign your mail..
-
Re:Backdoors
Actually, I think we're already there. If you wrote a book containing example code for certain cypto schemes, that book would not be allowed to leave the U.S.
Not true: PGP was exported that way: Do a book with the sources and an ISBN, print a limited edition (and have it protected by free speech), export it, scan it, correct the mistakes and compile it.
See e.g. here in item 1.7. -
Re:mutt
Point being: Sign everything!
Good idea...verify everything you send, just in case you accidentally (ahem) say anything objectionable. It will make legal proceedings against you so much easier, necessitating hiring one of those evil attorney things.
Unless you have a specific reason to prove that you wrote something, don't sign it. -
Re:Yes, PGP is mostly safe against snooping.
Unless there is some _other_ way of breaking a key, it would take quite a bit more resources than this. Something along the lines of the age of the universe or something, I forget the exact analogies....
See: the FAQ.
-
cluebie-freindly windows pgp options...
if someone is green to pgp than by far the easiest and most foolproof way to get them up and running is via pgp's native mail client plugins for outlook, outlook express, and eudora.
my suggestion is eudora light 3.0.6, at www.eudora.com. intutitive interface (remember netscape mail three ugly panes from hell? phooey.) and simple.
then stop by www.pgpi.com to pick up your preferred pgp version. 6.0.2 freeware works fine for people in the us. you'll want 6.0.2i (the international version) if you want backward compatibility, though. the great 'client selection wizard' will get most people through.
once you get these two programs up and running exchanging encrypted e-mails is a snap. just click 'encrypt/decrypt' (or sign, or whatever) right in eudora.
good luck. i've always believed that as more and more people use pgp, the 'digital worth' of each pgp-encrypted message increases. please help as many people as possible to download, use, and support pgp. it helps us all.
www.pgpi.com
www.pgp.net
wwwkeys.pgp.net -
cluebie-freindly windows pgp options...
if someone is green to pgp than by far the easiest and most foolproof way to get them up and running is via pgp's native mail client plugins for outlook, outlook express, and eudora.
my suggestion is eudora light 3.0.6, at www.eudora.com. intutitive interface (remember netscape mail three ugly panes from hell? phooey.) and simple.
then stop by www.pgpi.com to pick up your preferred pgp version. 6.0.2 freeware works fine for people in the us. you'll want 6.0.2i (the international version) if you want backward compatibility, though. the great 'client selection wizard' will get most people through.
once you get these two programs up and running exchanging encrypted e-mails is a snap. just click 'encrypt/decrypt' (or sign, or whatever) right in eudora.
good luck. i've always believed that as more and more people use pgp, the 'digital worth' of each pgp-encrypted message increases. please help as many people as possible to download, use, and support pgp. it helps us all.
www.pgpi.com
www.pgp.net
wwwkeys.pgp.net -
An old (may 1996) summary of secure MUAs (etc)Paul Leyland and I did an investigation for Secure Email for ac.uk, but the powers that be decided `secure email is not wanted'
:-(For MUA integration, see Mail User Agent Survey
-
An old (may 1996) summary of secure MUAs (etc)Paul Leyland and I did an investigation for Secure Email for ac.uk, but the powers that be decided `secure email is not wanted'
:-(For MUA integration, see Mail User Agent Survey
-
one repository is not enough - use pgp.net ...
pgp.net was set up for just this sort of thing.
See pgp.net for background info and a list of morror sites (or lookup the TXT RR for www.pgp.net for mirrors -- see wwwkeys.pgp.net for WWW access to to the distributed key servers).
Note that none of the keys are in any way checked -- it is up to *YOU* to check the signatures, etc.
On the other hand, "The Global Trust Register" does impart a warm glow ...