346 entries in 1.288s
mircea_popescu:
http://log.bitcoin-assets.com/?date=25-05-2015#1144917 << the idea is that key/identity maintenance is expensive, and so people don't generally want to do it unless needed, which reduces to, unless some woman spent 9 months
with it in the oven and then what came out was smart enough to bother. if you want to / need to
pgp, use either of our sigs.
☝︎ assbot: Searching
pgp.mit.edu for key
with fingerprint: D191CE495914F681F7CA94EB31040DE39974C0B2. This may take a few moments.
assbot: Searching
pgp.mit.edu for key
with fingerprint: 2F13A45085FBE5A7E22E16211AA79029251E74D6. This may take a few moments.
assbot: Searching
pgp.mit.edu for key
with fingerprint: 32FE1E61B1C711186CA378DEFD8981F1BC41ABB9. This may take a few moments.
mircea_popescu:
with a correctly working
pgp implementation, the user connects ot a sks server, discards the wrong key and proceeds as expected.
assbot: Searching
pgp.mit.edu for key
with fingerprint: F4DE6DF4EB8BA2DAAD8D14A5B0045BC902AC1559. This may take a few moments.
williamdunne: thestringpuller:
PGP over HTTP is not necessary when using SSL (HTTPS). Signing and encrypting
with PGP is a nice way to bypass using authorization tokens, though, but it is not usable in a modern exchange interface. Trades on MPEx are very slow as a result.
assbot: Searching
pgp.mit.edu for key
with fingerprint: 1CF87B48F45FECB1C31625988C3B6B1EED7494DF. This may take a few moments.
pete_dushenski: "For maximum security, our BlackBerry
PGP encryption service utilizes AES 256 bit
PGP encryption
with a 4096 bit RSA key format." << also uses session keys, but these are presumably generated on the phone, so...
ascii_field: if folks were to put a million keys through this thing each day, every time a new planet
with intelligent
pgp-using aliens is contacted, i would probably tweak a few things, yes.
williamdunne still doesn't understand whats wrong
with git and
pgp sigs
williamdunne not sure what is wrong
with using github
with pgp signatures
mircea_popescu: here's another thing that doesn't work : "The worst part, is Torrie Fischer is competent
with PGP 4. My advice to her, is" << the problem being that i can readily see her cv, but i don't see yours. from whence do you give her advice ? this jars.
assbot: Searching
pgp.mit.edu for key
with fingerprint: 8501B2A64453796C5FD544B296C4CF3215685733. This may take a few moments.
assbot: Searching
pgp.mit.edu for key
with fingerprint: 7AA64CBF8362275B2189869784A13BE284D27F50. This may take a few moments.
assbot: Searching
pgp.mit.edu for key
with fingerprint: 7AA64CBF8362275B2189869784A13BE284D27F50. This may take a few moments.
assbot: Searching
pgp.mit.edu for key
with fingerprint: 7AA64CBF8362275B2189869784A13BE284D27F50. This may take a few moments.
assbot: Searching
pgp.mit.edu for key
with fingerprint: 7AA64CBF8362275B2189869784A13BE284D27F50. This may take a few moments.
ascii_field listened (in car) to an infuriatingly zimmermanish interview
with jon callas (former
pgp, now 'silent circle' garbage)
☟︎ nubbins`: enough for me to verify that there exists a piece of paper
with a bunch of
pgp shit on it that i can't do anything
with nubbins`: wow, a guy just sent me a photograph of a
pgp-signed custody document,
with a piece of paper over his personal info, saying "this should be enough, preferably you don't need to know the other 19 coin addresses"
mircea_popescu: nubbins` have you ever lelled at the circumstance that if one ever sees
pgp used like we use it, it's invariably
with a ridoinculous line-and-a-half signature ?
assbot: Searching
pgp.mit.edu for key
with fingerprint: 8680FD3C9D20B92FBEF3D058FD5A63B9EAC2A55E. This may take a few moments.
assbot: Searching
pgp.mit.edu for key
with fingerprint: 15F6BD45240C4679C5F559B5050434ED71A1704C. This may take a few moments.
ben_vulpes: <assbot> Successfully added a rating of 1 for brendafdez
with note: no such thing as a chick that can
pgp << hawwwww
assbot: Successfully added a rating of 1 for brendafdez
with note: no such thing as a chick that can
pgp assbot: Searching
pgp.mit.edu for key
with fingerprint: 59D8599B65A983BF0288E5B6CE5BEE6C81FCA4D4. This may take a few moments.
ascii_field: in this discussion i'm making the assumption that you intend to actually work
with the machine - rather than, say, using for
pgp assbot: Searching
pgp.mit.edu for key
with fingerprint: 178BF6EEA4C3A737F70878AC5E40172FEBBA0713. This may take a few moments.
adlai: asciilifeform: the convenience of
pgp with all the trustlessness of ssl!
assbot: Searching
pgp.mit.edu for key
with fingerprint: DAAEE6B5D72910B74A6F01F952A4B5B2F3188BF2. This may take a few moments.
assbot: Searching
pgp.mit.edu for key
with fingerprint: 6F227EFC5B577AE959E13138BACBCE400996EB88. This may take a few moments.
gabriel_laddel: As for
PGP, I'm assuming that I'm going to have to spend a decent amount of time
with the codebase and reading the spec. Perhaps not.
gabriel_laddel: hoever it was, and I'm fairly sure I grok ASCII's plan and will be handling some intro documentation for it + figuring out how the
PGP code needs to interface
with it exactly.
mircea_popescu: <assbot> Searching
pgp.mit.edu for key
with fingerprint: 6160E1CAC8A3C52966FD76998A736F0E2FB7B452. This may take a few moments.
kanzure: Searching
pgp.mit.edu for key
with fingerprint: %d. This may take a few moments.\n Could not find your key. Check if your key is available on keyservers and try later.
mircea_popescu: asciilifeform no, not so. the better comparison is you saying " winblows user walking to
pgp is somewhat like a virgin playing pensively
with a fat cucumber. she isstill a virgin."
badbitcoinadmin: I am familiar
with PGP, but only have a few contacts who use it. What's next?
assbot: Searching
pgp.mit.edu for key
with fingerprint: 291237F37A2C023CADBED52513288EAB01713428. This may take a few moments.
kakobrekla: assbot> Searching
pgp.mit.edu for key
with fingerprint: 291237F37A2C023CADBED52513288EAB01713428. This may take a few moments.
assbot: Searching
pgp.mit.edu for key
with fingerprint: 291237F37A2C023CADBED52513288EAB01713428. This may take a few moments.
assbot: Searching
pgp.mit.edu for key
with fingerprint: 155934BDD16E8EAF4493CB9CB36AE9849D961AC9. This may take a few moments.
mircea_popescu: asciilifeform: original
pgp was not an apparatus for one-off deals
with strangers, but something to use between friends, as i understand. << what you say is accurate, but doesn't excuse. suppose i knock up a girl, and the blastule in her folds goes "hey, daddy's cock was crooked, so let's make the baby's cunt crooked too. nothing like baking in random assumptionbs for no good reason!"
artifexd: mircea_popescu: can you elaborate on "a
pgp-signed document by the for key certifying the validity of the IPs public key
with an expiration unixtimev in case the for field differs and a nickname"?
mircea_popescu: decimation: one gets the picture that usg 'leaders' think of themselves as being above such trivialities as secure communications << this is not as unlikely as itmay seem. at a time when caesar came up
with the
pgp of that time, most of the senate a) loled at the nonsense ; b) wondered which gods caesar was praying to to be that successful.
keystroke: i reregged as keystrike as i figure the keystroke identity can't be proven anymore as i never registered
with pgp and that address is not accessible at this location
BingoBoingo: <badon> If someone betrays my trust, I can't punch them in the head
with their
PGP public key. << You can effectively indict them
with the text they've signed
badon: If someone betrays my trust, I can't punch them in the head
with their
PGP public key.
kanzure: asciilifeform: because i don't want to setup a
pgp user agent
with my irc client
punkman: mircea_popescu: I think problem
with that is that it stops at nested END
PGP SIGNATURE, instead of the outer one
kakobrekla: sorta on topic, i tried to get a box at OVH and when they asked for dox, i asked for
pgp. after about 10 days, i got a reply : You can upload the documents to Dropbox or google Docs and password protect them. And provide us
with the password. And we will be able to validate your account.
mats_cd03: top comment conflates gpg
with pgp, ten odd comments in a useless discussion about key exchange and comms over the same channel, five comments by a bunch of fucking dummies talking about key signing parties, and a few pumping keybase
cazalla: Pierre_Rochard, they won't ever register and yet someone like kyle torpey is now preaching bitcoin +
pgp but isn't even in the wot to begin
with bounce: more elegant to invent your own
pgp control script complete
with glyphs and have it accepted in the unicode standard
pete_dushenski: and i said we're doing
pgp or irc. but he'd "lost his key" so had to make another...
with kryptokit!
pentestr: mircea_popescu: can you like, reply quick
with a pastie
with your
pgp key and email?
xmj: hum how does one create
pgp keys
with openSSL ?
ContingencyPlan: thanks for the up - does anyone have a link for getting started
with PGP/WoT?
assbot: Schneier on Security: The Problems
with PGP danielpbarron: ya, just type it up and clearsign it
with your
PGP key; get the other guy to sign that
assbot: Schneier on Security: The Problems
with PGP mircea_popescu: ben_vulpes VAN doesn't recognize that keyid. Please try again
with the shortform of your GPG/
PGP keyid. << now wouldn't it be saner if you just took the last 8 ?
TomServo: Pff. Schneier says "Matthew Green has a good post on what's wrong
with PGP and what should be done about it." (
with link of course)
assbot: Aaron Toponce : What's The Matter
With PGP?
mircea_popescu: asciilifeform re gpg clunk (not to be confused
with pgp issues) : "MolokoDeck : for some reason gpg returns the useful info about the status of a signature verify via the error channel."
assbot: A Few Thoughts on Cryptographic Engineering: What's the matter
with PGP?
decimation: I would agree
with his point that the
pgp protocol is complex, but I suspect that anything that tries to solve the same problems will have similar complexity
mircea_popescu: by now i can sorta distinguish the noobs from the veterans because the noobs send me gpg blobs
with "Content-Type: multipart/mixed;" mixed in, whereas the veterans just neatly paste the
pgp in the email body.
☟︎ assbot: A Few Thoughts on Cryptographic Engineering: What's the matter
with PGP?
assbot: A Few Thoughts on Cryptographic Engineering: What's the matter
with PGP?
wyrdmantis: they can't stole my btc
with my
pgp key, so i fell safe for now
chetty: changing
pgp keys is messy, make a good one to start
with Jason: so i'm still not entirely sure what i just saw happen. you sent it a
pgp message, and it responded
with a different
pgp message.
mircea_popescu: it's signed itself (there's a link to the
pgp sks infrastructure
with my signature on it)
mike_c: right, we need ad copy. ad copy for mp: "we auth
with pgp"
BingoBoingo: Rassah: And the last tolerable version of Multibit does something else as well. When
PGP/GPG has the ascii armored text block already it just isn't worth trying to replace it
with bitcoin signing just to save a few bytes.
mircea_popescu: can senator trying to curb anonymity there's going to be a Scandinavian cyberpirate who will come up
with a workaround, and only one of them knows how to code. Besides, there's no power in abolishing anonymity, the power is in giving everyone the pretense of anonymity while secretly retaining the
PGP keys to the kingdom.
kakobrekla: so tell me people, i need to make some api
with signcryption model. should i go
with sodium (ed25519), or just use
pgp or something else? Curve25519 wont do (no signatures).
joecool: the good stuff i keep offline or on other devices (ie. my
pgp keys are on smartcard), media i keep on my server and access it wherever
with sshfs