Collaborate Disseminate
I’m doing some development work on an untrusted computer. I’d like to sign my commits I make from it, but I don’t want my personal PGP key to touch this computer. Or maybe I’m using a PGP smart card and I can’t present it to the computer b… Continue reading Is it possible to sign Git commits on a different computer?
Alice and Bob have TLS certificate authorities. My device trusts Alice’s CA, and connects to servers that present a certificate rooted at Alice’s CA. It does not explicitly trust Bob’s CA, or the servers that use his certificates.
Alice tr… Continue reading Can you sign a TLS root certificate that already exists? [duplicate]
I bought a new Yubikey, and am currently setting it up to use on my desktop PC. Previously the PC was secured with password only, and I’d like to use the Yubikey as an alternative: instead of using the password, I could instead use the Yub… Continue reading Security of using Yubikey to derive Diceware password?
When explaining the concept of signing a message, often it is presented as "encrypting with your private key", so that somebody who has the public key can "decrypt" the signature and verify it. However, PGP signatures (… Continue reading PGP "real" encryption with private key