Collaborate Disseminate
I have to generate a PGP keypair and share the public key with an external provider. Based on how we already handle it with RSA keypair, we are using the concept of trusted CA which issues certificate to share with providers instead of sha… Continue reading Create a certificate for a PGP key pair [duplicate]
Today it was time again to generate some new PGP key pairs that will be used for end-to-end-encrypted email. Now I’d like to know how exactly OpenPGP protects the private keys.
What I have understood so far is that the actual private PGP k… Continue reading How exactly does OpenGPG protect private keys?
How do I restructure my keys from current/old setup to new setup?
The new setup would allow better key-management: isolation of primary-key and rotation of sub-keys.
Current/Old Setup:
PrimaryKey – CS
SubKey – E
New Setup:
PrimaryKey – C
S… Continue reading Restructure PGP Keys
What are the following headers in an end-to-end ProtonMail email?
X-Pm-Content-Encryption
X-Pm-Origin
X-Pm-Scheduled-Sent-Original-Time
X-Pm-Recipient-Authentication
X-Pm-Recipient-Encryption
It also mentions pgp-pm.
Are they specific to … Continue reading What are ProtonMail’s headers? [closed]
Can I convert a PGP key to X.509, using OpenSSL or GNUPG?
Aren’t these only container/wrapper formats?
Apparently, there are some problems with the new defaults that are set when one creates a PGP key using a recent version of GnuPG (2.4).
I ran into this after generating a new ECC/ED25519 key to replace my "old" RSA one. The prob… Continue reading Should one really disable AEAD for recent GnuPG created PGP keys?
I’ve been looking around for smart cards with support for Ed25519. More specifically, I’d like to have a TLS CA with the private key on a YubiKey. The latest YubiKey 5 supports secp256k1, secp384r1, and RSA 2048 in the PIV tool for storing… Continue reading Can I Use an OpenPGP Smart Card to Sign a TLS Certificate?
In order to keep all my secret in the same place, I would like to store my GPG private key in KeePassXC, under the "Notes" field.
Provided that the db file has very good password, is this safe?
Os this field encrypted?
How can we ensure the best practice with mail pgp when the recipient is not using it?, so when Bob send the vary first email to Alex, Bob signing and encrypted it?
Q1. In that case, Is Alex able to read the message? With signing and encrypting the mail, how doe those two steps help Bob in the first place comparing to just address, content to alex@example.com?
Found this question, but not sure what exactly we need to do
Hypothetically, I’d like to demonstrate that I am the owner of a piece of published information. The requirements are the following.
The hash/ characteristic string is compact enough (ideally a few bytes, say 16 or 32.)
It does not expose… Continue reading What’s the shortest message you need to claim ownership of another message?