Collaborate Disseminate
I am looking for a secure (and as easy as possible) way to store my encryption key.
I have been looking at some services that will hold the key for you and then you can retrieve it with an api. The idea is that they store it safely and on … Continue reading Is api encryption key vault services really secure?
I have published my gpg key on keys.openpgp.org, keyserver.ubuntu.com, and my own WKDs corresponding to each of the two email addresses on my own domains.
Another user updated my public key from my WKD (per my instruction using gpg –auto-… Continue reading How does one publish UID revocations in the age of Hagrid?
ArchLinux wiki page on GnuPG reads
Once a key has been submitted to a keyserver, it cannot be deleted from the server.
Does that mean that also the expiration date with which I published the key via gpg –send-keys key-id cannot be chang… Continue reading Can I change expiration date of a gpg key I’ve already sent to a key server?
I would like to set up a read-only key-server operating by me where I am going to publish my own keys. So that anyone could do gpg –keyserver example.mymedia.su –receive-keys 0xDEADBEEF and get the key. Is it some sort of HTTP server? Is… Continue reading How do I deploy my own GPG keyserver?
From the gpg manual:
–refresh-keys
Request updates from a keyserver for keys that already exist on the local keyring.
This is useful for updating a key with the latest signatures, user IDs, etc.
Calling this with no arguments will refres… Continue reading Is `gpg –refresh-keys` secure and where is this documented?
I’m working in a desktop application using Electron.js with React.js and I have to store some sensitive information like API keys and database credentials. So I started digging and decided to encrypt the database credentials in a JSON file… Continue reading Best Practices to Store Sensitive Information in Desktop Application (Electron)
In the installation procedure of Gentoo, there is a step to check signature of the downloaded iso file. To do so, we first need to download the set of keys from a key server:
$ gpg –keyserver hkps://hkps.pool.sks-keyservers.net –recv-key… Continue reading How to securely get a key from a key server?
I uploaded my master key’s public part to the keys.openpgp.org-keyserver. It has 4 UIDs set up (4 different e-mail addresses) and each of them are correct and valid e-mail addresses.
The keyserver sent a confirmation mail to all of the e-m… Continue reading keys.openpgp.org keyserver fails to send confirmation mail to an Outlook-address
I wish to privately submit my public key (without it being sniffed on the internet). I found that I have 3 ways to connect to the keyserver securely:
https://<keyserver-url>
hkps://<keyserver-url> (HKP over TLS)
hkp://<keys… Continue reading Secure and private connection to GnuPG keyservers
I have a desktop application written in Python. The application is connects with an external SAP HANA service and pulls data. There are couple of configuration files where several connection string are stored unencrypted as of now.
I want… Continue reading Implementing key vault and key rotation for a non-cloud application