1700+ entries in 0.382s
williamdunne: >
PGP over HTTP is not necessary when using SSL (HTTPS).
williamdunne: thestringpuller:
PGP over HTTP is not necessary when using SSL (HTTPS). Signing and encrypting with
PGP is a nice way to bypass using authorization tokens, though, but it is not usable in a modern exchange interface. Trades on MPEx are very slow as a result.
williamdunne: thestringpuller: Not the first exchange to add
PGP support
mircea_popescu: go to all that trouble to introduce git hooks to sign, eschew
pgp. i wouldn't use them to put a fire out.
assbot: Searching
pgp.mit.edu for key with fingerprint: 1CF87B48F45FECB1C31625988C3B6B1EED7494DF. This may take a few moments.
dhill: oh i need a
pgp key
pete_dushenski: mircea_popescu: the impressive and simultaneously worrying aspect of the bb-
pgp biz is that the owner was a former tradesman who apparently thought to himself "hey, you know what the market needs, properly encrypted messaging!"
jurov: iirc
pgp/rsa is computationally expensive, so it's only used to establish rsa keys
pete_dushenski: i dun follow that part at all. the
pgp/rsa makes sense but where aes comes in is anyone's guess.
pete_dushenski: "For maximum security, our BlackBerry
PGP encryption service utilizes AES 256 bit
PGP encryption with a 4096 bit RSA key format." << also uses session keys, but these are presumably generated on the phone, so...
assbot: Logged on 30-04-2015 03:33:07; mircea_popescu: hey various folks whose
pgp keys i've signed at teh conference key signing party... you're supposed to also sign mine!
mircea_popescu: hey various folks whose
pgp keys i've signed at teh conference key signing party... you're supposed to also sign mine!
☟︎ pete_dushenski: just whatever you do, don't
pgp up and wander in here.
ascii_field: if folks were to put a million keys through this thing each day, every time a new planet with intelligent
pgp-using aliens is contacted, i would probably tweak a few things, yes.
mircea_popescu: mhagelstrom
PGP: 548A 84F8 60CF E0AB EA11 A2BA 4D34 0126 F402 0636 ?
BingoBoingo: Nah, I'm not talking the "essential" "accessories" the distros themselves try to put up a
PGP front
BingoBoingo: Doesn't pretty much every linux Distro try to at least pretend to the
PGP signed sherezade?
williamdunne still doesn't understand whats wrong with git and
pgp sigs
ascii_field: or for that matter anything other than
pgp williamdunne not sure what is wrong with using github with
pgp signatures
mircea_popescu: here's another thing that doesn't work : "The worst part, is Torrie Fischer is competent with
PGP 4. My advice to her, is" << the problem being that i can readily see her cv, but i don't see yours. from whence do you give her advice ? this jars.
mircea_popescu: i do have some acct manager ppl who are technically bank clerks that i contact via
pgp, which is a greast improvemnent over phone and i have nfi how they get into the systems
mircea_popescu: seems kinda contorted, the ssl key is used to "secure"
pgp'd info ?
assbot: Logged on 24-04-2015 17:24:04; mats:
pgp sig is SOP for DMCA notices
assbot: Logged on 24-04-2015 17:02:05; nubbins`: of note: the text of the notice was
PGP-signed
mats:
pgp sig is SOP for DMCA notices
☟︎ williamdunne: nubbins`: Wait, did you have to type in the
PGP sig?
nubbins`: asciilifeform unfortunately, sprayed-on
PGP indicates to me that this email is fraudulent
nubbins`: well, they come "
pgp"-"signed"/
pete_dushenski: nubbins`: i heard about these being sent out. didn't know they came
pgp-signed!
nubbins`: of note: the text of the notice was
PGP-signed
☟︎ assbot: No valid OpenPGP data found on
pgp.mit.edu.
assbot: Searching
pgp.mit.edu for key with fingerprint: 8501B2A64453796C5FD544B296C4CF3215685733. This may take a few moments.
funkenstein_: <mircea_popescu> and then $ gpg --keyserver sks-keyservers.net --send-key <KEYID> and $ gpg --keyserver
pgp.mit.edu --send-key <KEYID> where keyid you just copy from the line above. <-- what about those three letters showing up here?
ben_vulpes: * ascii_lander [13:43] read mircea_popescu
pgp rfc in half-awake state and almost released brain from nose until realized that it is for -keyserver- and not a pgptron (e.g. gpg) per se << wasn't there an actual keyserver rfc at some point? i swear i read this thing but now cannot find it.
ascii_lander read mircea_popescu
pgp rfc in half-awake state and almost released brain from nose until realized that it is for -keyserver- and not a pgptron (e.g. gpg) per se
mircea_popescu: actually i suppose this could be a job for a young fellow not afraid of work : inherit phuctor and build a
pgp keyserver around it.
mircea_popescu: certserver.
pgp.com seems dead (gpg: keyserver send failed: keyserver error)
mircea_popescu: and then $ gpg --keyserver sks-keyservers.net --send-key <KEYID> and $ gpg --keyserver
pgp.mit.edu --send-key <KEYID> where keyid you just copy from the line above.
☟︎ ben_vulpes:
pgp: * Signed message? More like “cryptographic proof that I wrote this incriminating statement” << myeah
ben_vulpes: As I write this, the prosecution has showed that DPR’s private
PGP key was on Ross Ulbricht’s laptop. How’s that strong proof of identity looking now? << funnily, it's more or less common knowledge that they shared the key around
assbot: Logged on 17-04-2015 20:27:29; pete_dushenski: ;;later tell ben_vulpes but what if i wanna advertise my
pgp version and its implied affiliations ? also, sorry for skipping your scoop mention in the cavirtex article, it just seemed a little tardy to have mentioned it.
Citizenfive: Both are very good tools. At present, I see many solutions trying to fit the square peg of
PGP into the gaping goatse of "maintaining OPSEC in an adverse environment of well-heeled adversaries". That is, it fits, but a large round peg, perhaps OTR, would allow less... spillage.
pete_dushenski: ;;later tell ben_vulpes but what if i wanna advertise my
pgp version and its implied affiliations ? also, sorry for skipping your scoop mention in the cavirtex article, it just seemed a little tardy to have mentioned it.
☟︎ assbot: Searching
pgp.mit.edu for key with fingerprint: 7AA64CBF8362275B2189869784A13BE284D27F50. This may take a few moments.
jayk: gpg: sending key 84D27F50 to hkp server
pgp.mit.edu
danielpbarron: did you add it to
pgp.mit.edu ? because if so, it might take a sec to show up
assbot: No valid OpenPGP data found on
pgp.mit.edu.
assbot: Searching
pgp.mit.edu for key with fingerprint: 7AA64CBF8362275B2189869784A13BE284D27F50. This may take a few moments.
williamdunne: jayk: gpg --send-keys --keyserver
pgp.mit.edu 7AA64CBF8362275B2189869784A13BE284D27F50
assbot: No valid OpenPGP data found on
pgp.mit.edu.
assbot: Searching
pgp.mit.edu for key with fingerprint: 7AA64CBF8362275B2189869784A13BE284D27F50. This may take a few moments.
williamdunne: assbot: gpg --send-keys
pgp.mit.edu 7AA64CBF8362275B2189869784A13BE284D27F50
assbot: No valid OpenPGP data found on
pgp.mit.edu.
assbot: Searching
pgp.mit.edu for key with fingerprint: 7AA64CBF8362275B2189869784A13BE284D27F50. This may take a few moments.
ascii_field: funkenstein_> for example, i could check your pubkey and send you coin << you can do that now. create addr, fill it, send over proper
pgp williamdunne: mircea_popescu: What about using citations found on WikiPedia from somewhat credible sources (post 1980) that lack
PGP sigs?
mircea_popescu: "knowledge" without source is gunk. ideally the source is a
pgp signature. absent that, it may be a name pre 1980.
assbot: Logged on 08-02-2015 19:54:52; mircea_popescu: gabriel_laddel you seriously thinking of implementing a sane
pgp ?
Chillum: Did you know that gribble is a real person? Never sleeps, can do bitcoin sigs and
PGP in his head.
IHB: and my
pgp has zero points on WoT
ascii_field listened (in car) to an infuriatingly zimmermanish interview with jon callas (former
pgp, now 'silent circle' garbage)
☟︎ nubbins`: "this heavily redacted version of a
pgp-signed document should be enough"
nubbins`: enough for me to verify that there exists a piece of paper with a bunch of
pgp shit on it that i can't do anything with
nubbins`: wow, a guy just sent me a photograph of a
pgp-signed custody document, with a piece of paper over his personal info, saying "this should be enough, preferably you don't need to know the other 19 coin addresses"
mircea_popescu: nubbins` have you ever lelled at the circumstance that if one ever sees
pgp used like we use it, it's invariably with a ridoinculous line-and-a-half signature ?
ben_vulpes: "additional pieces of circumstantial evidence prove that FORCE is "French Maid." Both "French Maid" and Force (operating as "Nob") used the exact same brand of
PGP software,a feww brand called GnuPG. There are different brands of
PGP software, so it is noteworthy that both FORCE (operating as "Nob") and "French Maid" used the same brand."