[talk] How I stopped worrying, and learned to love GPG
Isaac (.ike) Levy
ike at blackskyresearch.net
Sat Feb 21 20:45:27 EST 2015
On 02/21/15 20:33, Brian Callahan wrote:
> On 02/21/15 20:23, Isaac (.ike) Levy wrote:
>> On 02/21/15 20:02, Brian Callahan wrote:
>>> Hi Ike --
>>> For reasons I can't figure out, Thunderbird has totally mangled
>>> your email so I'll reproduce the relevant parts here and reply.
>> I couldn't post about GPG without signing it, and enigmal/thunderbird
>> mangling it for you :)
>>>> Who really trusts GPG these days?
>>> I guess I do, by way of the fact that I keep myself running the
>>> latest GPG-modern (2.1.2 as of now). I'll be excited when more make
>>> it over to this side of the fence and I can start using my EC keys
>>> for real.
>> EC. Rad. The future.
>>>> And, my last question- the *BSD world is filled with so many
>>>> impacting cryptographers, and some of the most prolific
>>>> security-minded programmers in the world. Why are we all still
>>>> OK with this gnu-pg stuff, and all this RMS-ware?
>>> tedu@ has a "simple, semi-modern wannabe PGP clone" called reop. I
>>> think it's in FreeBSD's ports tree. Code is here:
>>> https://github.com/tedu/reop Post about it:
>>> http://www.tedunangst.com/flak/post/reop With that said, I only
>>> know about it. Not used it. Would be interested in hearing Ted's
>>> thoughts on the current version of the code and future directions
>>> (but no idea if he's on this list or reads it).
>> I'd be very interested in hearing about users practical experiences
>> with 'reop'!
>> Yet, this OpenBSD key,
>> Appears to be created using,
>> "PGP 2.6.3i is not an official PGP version. It is based on the source
>> code for MIT PGP 2.6.2 (the latest official version of PGP) and has
>> been modified for international use."
> That key was generated in 1997 :-)
> The newest item in that directory dates from mid-2002. I don't think
> that key is still in use.
Shall I use it to send a bug report and ask for it to be removed?
I'm not kidding :)
> These days, we sign everything with our signify tool (also written by tedu@)
Pretty darned nifty, for what it's designed to do, I must say.
More information about the talk