Did someone say encryption? Encryption helps protect the privacy of people you communicate with, and makes life difficult for bulk surveillance systems. Learn more with our Email Self Defense guide: https://u.fsf.org/1df#GPG#PGP#E2E#encryption
Did someone say encryption? Encryption helps protect the privacy of people you communicate with, and makes life difficult for bulk surveillance systems. Learn more with our Email Self Defense guide: https://u.fsf.org/1df#GPG#PGP#E2E#encryption
I think it's telling that #GitHub, #GitLab, and even #Forgejo all don't have a workflow for "renew an #OpenPGP key", i.e. extend its validity before (or after) expiry. On all of them, you have to delete and re-add the key. It's as if nobody is following OpenPGP best practices and everyone is using keys without an expiry date.
#UnpopularOpinion The current spam wave supports one of my suspicions that federated networks should be built as a web of trust, Friends of a Friend style. Open registrations invite abuse and there's only so much algorithmic stuff you can throw at that. An invitation based system is also not a perfect solution as it creates artificial scarcity. A solution somewhere in-between is needed but I am still pondering how that could look like. Will continue my thoughts as a thread starting here.
This crate paves the way for convenient handling of #OpenPGP card User PINs, for users whose threat model allows persisting the PIN locally on the host computer.
If a User PIN is stored, applications can obtain it via this crate, and perform cryptographic operations without prompting the user for PIN entry.
Currently org.freedesktop.Secret is supported for storage.
Did someone say encryption? Encryption helps protect the privacy of people you communicate with, and makes life difficult for bulk surveillance systems. Learn more with our Email Self Defense guide: https://u.fsf.org/1df#GPG#PGP#E2E#encryption
«Ende-zu-Ende-Verschlüsselung (E2EE) durch Urteil EU-weit geschützt»
– @tarnkappeinfo
Mal eine positive Nachricht was die #EU und #IT angeht. Die #E2EE ist geschützt und eingesehen das #Privatsphare wichtig ist. Jetzt müssen nur noch die Firmen und Behörden die #Verschlusselung ihrer #Kommunikation, wie zB #EMail mit #GPG, noch konsequent umsetzen. Ich hoffe, die #Schweiz zieht dem nach.
GPG/PGP tip: When trust-signing company keys, either from another company key or a personal key, sign it so you trust the whole company, not just the individual key. To do this use tsign and select a depth of 2 with a domain restriction that matches the company's domain. This will cause you to automatically trust all employees of the company that are trusted by the company's master key and verified without you needing to set the trust individually or verify individual identities.
This is more of a security question, but I currently know way more people on ruby.social than infosec.exchange. I want to use a #Yubikey for #SMIME or #GPG signing on #iOS & #iPadOS, but can't find:
Any documentation about how to integrate it with Apple Mail.
Anyplace that offers #x509 certificates for S/MIME at zero or minimal cost the way @letsencrypt offers free #SSL certs.
Self-signed S/MIME certs are a non-starter, and there are no full-featured #OpenPGP apps on iOS. Suggestions?
Does anyone have suggestions that can do #cryptographic signature verification of streaming data (as in a pipe)? The problem with #gpg in this case is that it will emit all the data out the pipe, only indicating with an exit code if the signature was good - at which point most of the data may have been processed. #SequoiaPGP is slightly better, withholding the last 25MB until things are fully verified.
I suspect I need something that signs blocks of the input. Does it exist? #askFedi
Yubikey-Guide: a very complete (and long) Guide to use #YubiKey as a SmartCard for storing #GPG encryption, signing and authentication keys, which can also be used for #SSH
Anyone willing to sign gpg Keys @fosdem 2024 ? Shall we meet with papers in front of the infodesk Sunday around 12:00? Let me know so I print before coming
If you use #GnuPG#GPG, and you would like to ensure interoperability with Thunderbird, you might consider to disable the use of #LibrePGP features, by using option --rfc4880 in your configuration (e.g. by adding a line with the word "rfc4880" to your gpg.conf file.)
At this time it is undecided whether future Thunderbird versions will support LibrePGP or the upcoming refresh of the #IETF#OpenPGP specification, or both, or none of them. Hopefully we'll eventually see a new universal standard.
Did someone say encryption? Encryption helps protect the privacy of people you communicate with, and makes life difficult for bulk surveillance systems. Learn more with our Email Self Defense guide: https://u.fsf.org/1df#GPG#PGP#E2E#encryption
During the migration work to the new PC I found this guide by Jordan Williams on backing up and restoring OpenPGP keys using Gnu Privacy Guard (also known as GnuPG and GPG) useful 🎉
Did someone say encryption? Encryption helps protect the privacy of people you communicate with, and makes life difficult for bulk surveillance systems. Learn more with our Email Self Defense guide: https://u.fsf.org/1df#GPG#PGP#E2E#encryption
Did someone say encryption? Encryption helps protect the privacy of people you communicate with, and makes life difficult for bulk surveillance systems. Learn more with our Email Self Defense guide: https://u.fsf.org/1df#GPG#PGP#E2E#encryption
Thunderbird GPG Ready - E-Mails verschlüsseln und signieren
Thunderbird bietet die Möglichkeit E-Mails mit OpenPGP zu signieren und zu verschlüsseln.
Das E-Mail-Programm bietet eine übersichtliche GUI zur Verwaltung und hilft damit dem Benutzer bei der Einrichtung und der Arbeit mit der Verschlüsselung.