Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
techhub.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A hub primarily for passionate technologists, but everyone is welcome

Administered by:

Server stats:

5.4K
active users

techhub.social: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.6

#openpgp

2 posts2 participants0 posts today
Replied in thread
Public
Preston Maness ☭

@Xeniax Totally nerdsniped :D I'd love to be a part of the study.

I don't think that #KeyServers are dead. I think they evolved into Verifying Key Servers (VKS), like the one run by a few folks from the OpenPGP ecosystem at keys.openpgp.org/about . More generally, I believe that #PGP / #GPG / #OpenPGP retains important use-cases where accountability is prioritized, as contrasted with ecosystems (like #Matrix, #SignalMessenger) where deniability (and Perfect Forward Secrecy generally) is prioritized. Further, PGP can still serve to bootstrap those other ecosystems by way of signature notations (see the #KeyOxide project).

Ultimately, the needs of asynchronous and synchronous cryptographic systems are, at certain design points, mutually exclusive (in my amateur estimation, anyway). I don't think that implies that email encryption is somehow a dead-end or pointless. Email merely, by virtue of being an asynchronous protocol, cannot meaningfully offer PFS (or can it? Some smart people over at crypto.stackexchange.com seem to think there might be papers floating around that can get at it: crypto.stackexchange.com/quest).

To me, the killer feature of PGP is actually not encryption per se. It's certification, signatures, and authentication/authorization. I'm more concerned with "so-and-so definitely said/attested to this" than "i need to keep what so-and-so said strictly private/confidential forever and ever." What smaller countries like Croatia have done with #PKI leaves me green with envy.

keys.openpgp.orgkeys.openpgp.org
Replied in thread
Public *
l

@eff @evacide
GnuPG is not the only way to encrypt email, I use #OpenPGP with Thunderbird and @delta, both don't use GPG.

Also pages
ssd.eff.org/module/how-use-pgp
and
ssd.eff.org/module/how-use-pgp
are outdated, Thunderbird now has built-in OpenPGP implementation and Enigmail does not work with the latest versions.

ssd.eff.orgHow to: Use PGP for LinuxNOTE: This guide is not being actively reviewed or updated, and is currently retired. If you would like to use PGP via GnuPG, or Thunderbird with Enigmail, please refer to those services’ websites and documentation for information on how to install and use them. To use PGP to exchange secure emails you have to bring together three programs: GnuPG, Mozilla Thunderbird and Enigmail. GnuPG is the program that actually encrypts and decrypts the content of your mail, Mozilla Thunderbird is an email client that allows you to read and write emails without using a browser, and Enigmail is an add-on to Mozilla Thunderbird that ties it all together. What this guide teaches is how to use PGP with Mozilla Thunderbird, an email client program that performs a similar function to Outlook. You may have your own favorite email software program (or use a web mail service like Gmail or Outlook.com). This guide won't tell you how to use PGP with these programs. You can choose either to install Thunderbird and experiment with PGP with a new email client, or you can investigate other solutions to use PGP with your customary software. We have still not found a satisfactory solution for these other programs. Using PGP doesn't completely encrypt all aspects of your email: the sender and receiver information is unencrypted. Encrypting the sender and receiver information would break email. For similar reasons, PGP does not encrypt the subject line of your emails so you may want to use a generic subject line when sending encrypted emails. What using Mozilla Thunderbird with the Enigmail add-on gives you is an easy way to encrypt the body of your email. You will first download all the software needed, install it, and then end with configuration and how to use the result.
Public
𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕

»Gmail Gets End-To-End Encryption From Google As 21'st Birthday Present:
[…] Google Claims To Have Invented An Entirely New Type Of Encryption For Gmail Users […]«

This is not an April joke and yes Google offers OpenPGP for Gmail Accounts. This is not difficult to set up but too many people are too lazy in my opinion.

📧 forbes.com/sites/daveywinder/2

ForbesGmail Gets End-To-End Encryption From Google As 21st Birthday PresentAs Gmail turns 21, Google has announced it is bringing end-to-end encryption to the email party. Here's what you need to know.
#e2ee#openpgp#email
Public
Delta Chat

We are not aware of other FOSS development teams that have as extensive knowledge, both theoretical and practical, about #email and #openpgp and regularly release across all platforms for users world wide ... except for #protonmail with whose technical and security experts we discuss regularly. They are the other major game in town doing pervasive email encryption after all. Did you know that Proton's and delta's VCards are compatible across ecosystems and establish immediate encryption?

Replied in thread
Public
Delta Chat

@mathilde #chatmail server users don't have these problems because they don't even need to know their password or email address. Messages in delta chat are stored locally and the server only stores them for a limited time, up to 20 days by default, so all devices have a chance to download the message. Blocklists are also not used, the only requirements are #DKIM signature and #OpenPGP encryption.

Public
Keith Nasman

Remember the old days with key signing parties? I never really got into that but I think with all the "AI" bots we are going to get to a place where we need to have trust networks built on cryptographic keys to filter out the crap.

Note to self: Set up public key and share it.

#OpenPGP#OpenSSL
Public
Delta Chat

The downside of our project approach was that we often got experts being very dismissive on re-using email and #OpenPGP ... and there still is some opposition which often subsides when actually trying #deltachat and #chatmail, looking at security audits and our strong usable security focus.

There may also be surprising upsides. The UK "Online Safety Bill" which attacks end-to-end encryption integrity seems to not apply for ... e-mail. Because everyone knows, e-mail is unencrypted, right? :)

screenshot of page 7 of https://www.legislation.gov.uk/ukpga/2023/50/enacted CHAPTER 7Interpretation of Part 3 55“Regulated user-generated content”, “user-generated content”, “news publisher content” (1)This section applies for the purposes of this Part. (2)“Regulated user-generated content”, in relation to a regulated user-to-user service, means user-generated content, except— (a)emails, (b)SMS messages, (c)MMS messages, (d)one-to-one live aural communications (see subsection (5)), (e)comments and reviews on provider content (see subsection (6)), (f)identifying content that accompanies content within any of paragraphs (a) to (e), and (g)news publisher content (see subsection (8)).
Public
Pirate Praveen

Has anyone here on #fedi figured out the correct recipe for dealing with #OpenPGP, #DMARC and #mailman ?

The problem, by default mailman will modify messages and this will break the dkim signature.
gitlab.com/mailman/mailman/-/i

Mailman provides two DMARC mitigation options (other option is reject or discard which is not useful in this case).

1. Replace the from address with list address
2. Wrap original message in an envelope

thunderbird flags 1 and fails 2.
#askfedi #gnupg #gpg #thunderbird

GitLabAdd DMARC conformity mode (do not modify DKIM signed headers and body) (#1079) · Issues · GNU Mailman / Mailman Core · GitLabCRITICAL I deployed mm3 to my e-mail server working with the large Linux developer community and we are facing DMARC issues [1]. It seems that...
Public
Em :official_verified:

New Privacy Guides article 🔑✨
by me:

If you are using a YubiKey,

you might get in some situations where you need to reset your key to factory default, and/or set up a backup of it on a spare key.

This tutorial will guide you
through each step to reset and back up your YubiKey successfully, with clear instructions and plenty of visual support.

I hope you find it helpful!

privacyguides.org/articles/202

Photo of a YubiKey security key on a table between a MacBook computer and a cellphone.
#PrivacyGuides#Privacy#Yubico
Public
Iamlive

Verschlüsselte Kommunikation:

Public Key auf digitale Gesundheitskarten. Dann kann jeder Arzt den öffentlichen Schlüssel auslesen und mit dem Patienten verschlüsselt per eMail und openPGP kommunizieren.

Public Key auf dem Personalausweis, Kreditkarten/Bankkarten (Kassenzettel könnte verschlüsselt an den Kunden gesendet werden), ...

Wäre alles so einfach wenn man nur wollte.

#Verschlüsselung
#eMail
#Gesundheitskarte
#digitaleGesundheitskarte
#Personalausweis
#PublicKey
#openPGP

Replied in thread
Public *
l

@duncan_bayne @sigismundninja @Daojoan The article was outdated already when it was released, but people keep repeating "CAST5" even now. Finding an #OpenPGP implementation that will encrypt to CAST5 by default is not an easy task.

MDC-stripping is only an issue for hacky "pipe data into GPG with unix pipes" implementations, not integrated OpenPGP implementations like Delta Chat.

Some claims in the article are just wrong, e.g. for "16 bits of security" see articles.59.ca/doku.php?id=pgp

articles.59.caThe PGP Problem: A Critique [The Call of the Open Sidewalk]
Public
Rivane Rasetiansyah

Initializing a new project - Interplanetary Markdown. Might explore a #Web3 (off-chain) approach later for a better experience, but for now, keeping it simple with good old #OpenPGP.

A censorship-resistant #Markdown publishing platform, enabling seamless content distribution. Powered by the Interplanetary File System (#IPFS), ensuring #blogs, #articles, and other written content remain accessible and verifiable across the distributed web.

github.com/rvnrstnsyh/cupoftea

Interplanetary Markdown. Contribute to rvnrstnsyh/cupoftea development by creating an account on GitHub.
GitHubGitHub - rvnrstnsyh/cupoftea: Interplanetary MarkdownInterplanetary Markdown. Contribute to rvnrstnsyh/cupoftea development by creating an account on GitHub.
Public
Anthony Accioly

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Good afternoon, folks! Just a quick reminder: PGP isn't dead. Sign with pride!

Signed with my GPG key: 1BBD C23D 1853 255D 6415 D2EC 814E DF85 1AAB 370E

#OpenPGP #GPG #Cybersecurity #Tech #DigitalIdentity #SignYourCode
-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQTHaQ+iFRwfaXx+TxhjUbpCCVDiNAUCZ7cd5gAKCRBjUbpCCVDi
NOZSAPoDPFoZXKuxya98iY6nAV6hzgOghpqF/OtOVSW4qtEdMQEA3x/jqaD4R9vo
qi89wA4Hsd4KeqwTSQxKDECesI+W8QU=
=3gty
-----END PGP SIGNATURE-----

ExploreLive feeds
About