Collaborate Disseminate
I have created a pgp keypair and uploaded the public key to keys.openpgp.org.
It included my email address.
A government service has now verified my citizen ID and signed my pgp public key user id (proof that the name on my ID matches with… Continue reading How can I "update" a pgp public key on a keyserver with a new signature for one of the user id
I am a newcomer to GPG, and wanted to compare different ways of exporting keys, so I wrote the following shell script:
#!/bin/bash
for key in "FE…" "17.." "BB.."; do # key_ids are trimmed here
echo &quo… Continue reading Explaining output of GPG –export/–export-private-key key_id vs key_id!
I have to generate a PGP keypair and share the public key with an external provider. Based on how we already handle it with RSA keypair, we are using the concept of trusted CA which issues certificate to share with providers instead of sha… Continue reading Create a certificate for a PGP key pair [duplicate]
I’m trying to make a package(suricata) locally on my machine, and when making the package, the system verifies the source file signatures with gpg and I recieve "FAILED (unknown public key X) (from an AUR package).
From my understandi… Continue reading Standards for recieving GPG public key?
I don´t really understand the tech behind that. I don´t understand how the image is not changed by the ones who want to steal from you but the rest of the pgp signature match the phishing site.
The image is from a darknet market and all of… Continue reading Why do phishing attackers not alter the reference image along with the PGP signature and other content?
I would like to encrypt many files using symmetric encryption such as AES256, using a single memorised password.
I was planning to use gpg but gpg symmetric encryption does not work with –multifile flag. gpg has the ability to cache the p… Continue reading Best way to symmetrically encrypt multiple files using a password
I am trying to figure out the implications of authentication technologies. Answers to a previous question indicate my real question is more "meta than that.
The primary requirements for an authentication system from my point of view… Continue reading Is there a private, secure and easy login system?
For example PGP keys imported to a program like Thunderbird. Is there any reason why Thunderbird, due to a rogue programmer or just a bug in the code, can’t send your private key off to a malicious actor or make copies of it once imported?… Continue reading What prevents applications from misusing private keys?
How do I restructure my keys from current/old setup to new setup?
The new setup would allow better key-management: isolation of primary-key and rotation of sub-keys.
Current/Old Setup:
PrimaryKey – CS
SubKey – E
New Setup:
PrimaryKey – C
S… Continue reading Restructure PGP Keys
What are the following headers in an end-to-end ProtonMail email?
X-Pm-Content-Encryption
X-Pm-Origin
X-Pm-Scheduled-Sent-Original-Time
X-Pm-Recipient-Authentication
X-Pm-Recipient-Encryption
It also mentions pgp-pm.
Are they specific to … Continue reading What are ProtonMail’s headers? [closed]