Highest Voted 'openpgp' Questions - IT Security Stack Exchange

93

votes

2 answers

How many OpenPGP keys should I make?

I am learning how to use OpenPGP keys in GnuPG, and I am wondering what is the threshold people generally use to maintain separate OpenPGP keys. Maintaining an incredibly large number of keys is not good since it makes it difficult to be trusted by…

asked Jan 29 '13 at 04:48

user9117

77

votes

3 answers

Does OpenPGP key expiration add to security?

I've created a new OpenPGP key to sign a software package in a source repository with an expiration date three years from now. It seemed like a good security measure, because if the key is compromised or stolen the damage will be limited. But then I…

key-management pgp digital-signature openpgp

asked May 08 '12 at 11:25

Adam Matan

1,237
2
11
14

52

votes

5 answers

What actions should I, as an end user, take in response to EFAIL?

There's a lot of talk about EFAIL: The EFAIL attacks exploit vulnerabilities in the OpenPGP and S/MIME standards to reveal the plaintext of encrypted emails. In a nutshell, EFAIL abuses active content of HTML emails, for example externally loaded…

encryption email openpgp smime efail

asked May 14 '18 at 13:58

Anders

64,406
24
178
215

45

votes

2 answers

Who owns the gpg key 4AEE18F83AFDEB23 and how did it sign a commit in my GitHub repo?

This commit in my GiHub repo is signed by a key I don't recognize: https://github.com/jonathancross/jc-docs/pull/2/commits/124672699991af75dd2454831670758f08bc74ab What is going on here?

gnupg code-signing openpgp github

asked Nov 14 '17 at 20:38

Jonathan Cross

1,548
1
12
25

31

votes

2 answers

What exactly is a subkey?

I fairly understand the math behind RSA, Elgamal, AES, SHA but not how things are used in practise. How are subkeys different from master key? I understand its purpose from various websites but How is it internally implemented? How is it bound to…

gnupg pgp key-generation openpgp

asked Dec 27 '14 at 16:49

balki

817
3
9
12

26

votes

1 answer

GPG masterkey and subkey for encryption and signature and default keys

I am a little confused (as many others) about the concept of subkeys as related to the primary key. gpg by default (at least it seems on my system --- using RSA), upon gpg --gen-key creates a masterkey and a subkey. The masterkey has flags SC that…

pgp gnupg openpgp

asked May 28 '18 at 22:30

atapaka

403
1
4
5

25

votes

3 answers

How to raise a key to ultimate trust on another machine?

I have created a master key with two subkeys: one for signing and the other for encryption. Finally, I have exported the two subkeys to a new machine. How can I tell the new machine to consider the master as "ultimate", even if it is absent from the…

pgp gnupg openpgp

asked Jul 07 '16 at 17:09

Antoine

549
1
4
7

13

votes

2 answers

What is the meaning of GnuPG's --list-sigs output?

gpg --list-sigs gives me somethings like the following (I edited the output only to show the interesting/different rows): pub 2048R/4ACE309C 2016-11-01 uid lala_test2 sig 3 4ACE309C 2016-11-01 lala_test2…

digital-signature gnupg openpgp web-of-trust

asked Nov 01 '16 at 18:33

Lilás

339
2
7

11

votes

2 answers

Is using PGP/MIME or PGP Inline more secure?

Using Enigmail for Thunderbird, the setup wizard automatically sets itself to PGP/MIME and also disables HTML formatting. I am looking for security and have no idea which to use, though I do know HTML will not work with PGP Inline but will with…

encryption email pgp openpgp enigmail

asked Jun 26 '16 at 17:09

user4191887

749
1
6
10

9

votes

0 answers

PGP security with Thunderbird 78 email client

I have a query regarding best practice of using PGP to sign emails with Thunderbird 78. Thunderbird 78 took an existing system by Enigmail and brought it "in-house" to be built into the email client program. This results in some notable changes…

email openpgp thunderbird

asked Dec 02 '20 at 14:12

Martin

1,057
1
11
18

9

votes

2 answers

Does GnuPG use symmetric + public key encryption for large files?

Recently, I have a need to encrypt few large files. I have the option to use the OpenSSL command line utility, however I prefer to use GnuPG. How does GnuPG works under the hood with the --encrypt option? Does it generate symmetric key first, then…

encryption pgp rsa gnupg openpgp

asked Jun 14 '17 at 19:49

Mike Cors

91
1
3

9

votes

4 answers

Can I encrypt with GnuPG and decrypt with OpenSSL?

I wonder why this does not work on Linux? gpg --cipher-algo AES256 -c -o test.zip.enc test.zip Enter passphrase: openssl enc -AES-256-CBC -d -in test.zip.enc -out test.zip enter aes-256-cbc decryption password: bad magic number To give a context,…

linux openssl aes gnupg openpgp

asked Nov 29 '16 at 08:58

xtrb8433

91
1
3

9

votes

1 answer

Is the OpenPGP implementation of the YubiKey 4 Open Source?

Although previous versions of the YubiKey (eg Neo and Neo-N) used an Open Source Java applet to handle OpenPGP signing, encryption and authentication, it is unclear from the yubico website / documentation if this is also true for the newer YubiKey…

pgp smartcard opensource yubikey openpgp

asked May 11 '16 at 13:40

Jonathan Cross

1,548
1
12
25

8

votes

3 answers

Why am I asked personal information when creating an OpenPGP key?

Today I learned about the basics of OpenPGP and tried to create my first OpenPGP key. However, I found a couple of options suspicious - in the GUI version of the program I downloaded there are fields like name or email or expiration date. Why am I…

encryption pgp gnupg openpgp

asked Aug 23 '16 at 18:00

George

271
2
6

8

votes

1 answer

How to manage employee OpenPGP keys?

I am trying to create a secured policy for storing and maintaining keys between users of my company. I am rather new to OpenPGP and thus need some advice. Currently, the idea is: Generate a master key per user with only the certify capability.…

key-management pgp gnupg yubikey openpgp

asked May 26 '16 at 09:42

NewbiZ

183
5

Questions tagged [openpgp]