FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 06-01-2008, 07:32 PM
"Mikkel L. Ellertson"
 
Default PGP signatures.

Les wrote:

From the last two posts, I gather that the encryption comment was
specifically directed toward the PGP signatures... DUUHHH! I should have
read the subject. I was responding in regards to encryption for
security purposes. Please
disregard my previous post.

Even if you are using it for security purposes, you should not need
to protect the public keys. You use the public key of the person you
are sending to to encrypt the message to them, and sign it with your
private key. The they use their private key to decrypt the message,
and your public key to verify the signature. For added security, the
private keys should be signed with a good pass-phrase. (Not just a
password!)


For example, you could use my public key, available from the key
servers, or my web page, and encrypt a message. I should be the only
one that can decrypt it. (With enough computer power, you could
brute force decrypt it.) If I had your public key, I could then
verify that it was from you if you had signed it using your private
key, just like verifying a signed e-mail.


One other thought - for maximum security, you should encrypt all
message between you and the other person, not just the ones that
need to be kept confidential. That way, you can not tell what
messages are worse decrypting.


Mikkel
--

Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 06-01-2008, 09:30 PM
"Patrick O'Callaghan"
 
Default PGP signatures.

On Sun, 2008-06-01 at 14:32 -0500, Mikkel L. Ellertson wrote:
> Even if you are using it for security purposes, you should not need
> to protect the public keys.

Probably not what you meant, but just to be absolutely clear: you *do*
need to protect public keys against modification (not against reading,
after all they're public :-)

poc

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 06-03-2008, 09:14 PM
"max bianco"
 
Default PGP signatures.

On Sun, Jun 1, 2008 at 5:30 PM, Patrick O'Callaghan
<pocallaghan@gmail.com> wrote:
> On Sun, 2008-06-01 at 14:32 -0500, Mikkel L. Ellertson wrote:
>> Even if you are using it for security purposes, you should not need
>> to protect the public keys.
>
> Probably not what you meant, but just to be absolutely clear: you *do*
> need to protect public keys against modification (not against reading,
> after all they're public :-)
>
> poc
>
> --
> fedora-list mailing list
> fedora-list@redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>

Just for completeness and not meant to comment on this conversation.

http://en.wikipedia.org/wiki/Kerckhoffs%27_principle

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 

Thread Tools




All times are GMT. The time now is 11:54 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org