keys.openpgp.org<p>Hello world, this is the <a href="https://floss.social/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenPGP</span></a> <a href="https://floss.social/tags/keyserver" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keyserver</span></a> service at <a href="https://keys.openpgp.org" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">keys.openpgp.org</span><span class="invisible"></span></a>!</p><p>This account provides a low-volume channel for updates about the service.</p>
Recent searches
No recent searches
Search options
Only available when logged in.
digitalcourage.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Diese Instanz wird betrieben von Digitalcourage e.V. für die Allgemeinheit. Damit wir das nachhaltig tun können, erheben wir einen jährlichen Vorausbeitrag von 1€/Monat per SEPA-Lastschrifteinzug.
Administered by:
Server stats:
835active users
digitalcourage.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#openpgp
2 posts · 2 participants · 0 posts today
Florian :verified_coffee:<p>TIL: <a href="https://voi.social/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenPGP</span></a> im Browser/Webmail ist machbar mit Mailvelope und der deitsche <span class="h-card" translate="no"><a href="https://social.bund.de/@bsi" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>bsi</span></a></span> findets scheinbar auch brauchbar: <a href="https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Informationen-und-Empfehlungen/Freie-Software/E-Mail-Verschluesselung/Mailvelope/mailvelope_node.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bsi.bund.de/DE/Themen/Unterneh</span><span class="invisible">men-und-Organisationen/Informationen-und-Empfehlungen/Freie-Software/E-Mail-Verschluesselung/Mailvelope/mailvelope_node.html</span></a></p><p>Und <a href="https://voi.social/tags/Flatpak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Flatpak</span></a> arbeitet am native-messaging, wie es die Browser manchmal brauchen könnten:<br><a href="https://github.com/flatpak/xdg-desktop-portal/pull/1537" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/flatpak/xdg-desktop</span><span class="invisible">-portal/pull/1537</span></a></p>
teufelswerk<p>Wir verschicken Nachrichten, Dokumente und persönliche Informationen oft ganz selbstverständlich übers Internet, ohne groß darüber nachzudenken, wer sonst noch mitlesen könnte. Dabei ist genau das ein echtes Problem 👇👇👇</p><p><a href="https://social.tchncs.de/tags/openpgp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openpgp</span></a> <a href="https://social.tchncs.de/tags/emails" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>emails</span></a> <a href="https://social.tchncs.de/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>privacy</span></a> <a href="https://social.tchncs.de/tags/verschluesselung" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>verschluesselung</span></a> <a href="https://social.tchncs.de/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a></p><p><a href="https://teufelswerk.net/openpgp-deine-nachrichten-sicher-verschluesseln-ganz-einfach-erklaert/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">teufelswerk.net/openpgp-deine-</span><span class="invisible">nachrichten-sicher-verschluesseln-ganz-einfach-erklaert/</span></a></p>
Georg<p>Auch diesen Monat gibt es am 4ten Donnerstag eine <a href="https://digitalcourage.social/tags/CryptoParty" class="mention hashtag" rel="tag">#<span>CryptoParty</span></a> in <a href="https://digitalcourage.social/tags/Augsburg" class="mention hashtag" rel="tag">#<span>Augsburg</span></a>. Thema ist diesmal: E-Mail-Verschlüsselung auf PC und Handy. Wie immer 19 Uhr (Donnerstag, 24.04.2025), im <a href="https://digitalcourage.social/tags/OpenLab" class="mention hashtag" rel="tag">#<span>OpenLab</span></a>, Bäckergasse 32.</p><p>Bringt bitte eure Freundinnen/Freunde mit. Eintritt frei. Keine Vorkenntnisse erforderlich.</p><p><a href="https://cryptoparty.in/augsburg" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="">cryptoparty.in/augsburg</span><span class="invisible"></span></a></p><p><a href="https://digitalcourage.social/tags/Medienkompetenz" class="mention hashtag" rel="tag">#<span>Medienkompetenz</span></a> <br /><a href="https://digitalcourage.social/tags/Digitalisierung" class="mention hashtag" rel="tag">#<span>Digitalisierung</span></a><br /><a href="https://digitalcourage.social/tags/verschlusselung" class="mention hashtag" rel="tag">#<span>verschlusselung</span></a><br /><a href="https://digitalcourage.social/tags/Openpgp" class="mention hashtag" rel="tag">#<span>Openpgp</span></a></p>
keys.openpgp.org<p>Hello world, this is the <a href="https://fosstodon.org/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenPGP</span></a> <a href="https://fosstodon.org/tags/keyserver" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keyserver</span></a> service at <a href="https://keys.openpgp.org" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">keys.openpgp.org</span><span class="invisible"></span></a>!</p><p>This account provides a low-volume channel for updates about the service.</p>
keys.openpgp.org<p>Hello world, this is the <a href="https://fosstodon.org/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenPGP</span></a> <a href="https://fosstodon.org/tags/keyserver" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keyserver</span></a> service at <a href="https://keys.openpgp.org" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">keys.openpgp.org</span><span class="invisible"></span></a> tooting!</p><p>This account provides a low-volume channel for updates about the service.</p>
Delta Chat<p><span class="h-card" translate="no"><a href="https://fosstodon.org/@triskelion" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>triskelion</span></a></span> <br>Proton Mail uses <a href="https://chaos.social/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenPGP</span></a> standard and it is possible to send and receive encrypted messages between Delta Chat and Proton Mail. It is not straightforward currently but we work on making it easier by allowing to share the keys in vCards. Delta Chat cannot be used as a client for Proton Mail because Proton Mail does not allow the clients to use SMTP and IMAP to directly access mailboxes.</p><p>Tuta cannot be used to send and receive encrypted e-mail because it does not support OpenPGP.</p>
Jens<p>Ich hab jetzt seit einiger Zeit die <a href="https://social.tchncs.de/tags/openpgp_verschl%C3%BCsselung" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openpgp_verschlüsselung</span></a> in <a href="https://social.tchncs.de/tags/thunderbird" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>thunderbird</span></a> eingerichtet. Ich habe noch keinen gefunden, der auch verschlüsselt, also den öffentlichen Schlüssel auf einem <a href="https://social.tchncs.de/tags/openpgp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openpgp</span></a> <a href="https://social.tchncs.de/tags/schlusselserver" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>schlusselserver</span></a> ablegt. Macht das niemand oder muss ich auch andere Schlüsselserver hinterlegen?</p>
Delta Chat<p>Some of you may have heard of <a href="https://chaos.social/tags/simplex" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>simplex</span></a> which likes to elevate itself as "the first messenger without user-ids" ... a goal, similar to ours, of not letting the transport layer know about who talks. Only we are doing it in the email system, fully interoperable with tens of thousands of existing email servers and other <a href="https://chaos.social/tags/openpgp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openpgp</span></a> endpoints. The email system is much more than SMTP/IMAP or even openpgp btw ... there is plenty of room for radical shifts and new takes. We are just starting :)</p>
Delta Chat<p><a href="https://chaos.social/tags/openpgp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openpgp</span></a> traditions and <a href="https://chaos.social/tags/signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>signal</span></a> both bind a cleartext identifier, phone number or email address, to a cryptographic key. It opens up attack vectors as the servers/orgs controlling this binding can interfere.</p><p><a href="https://chaos.social/tags/deltachat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>deltachat</span></a> avoids such cleartext identity bindings by creating random <a href="https://chaos.social/tags/chatmail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>chatmail</span></a> addresses, as transport only. The cryptographic key becomes the identifier and we want it hidden from the transport layer. Only people being in end-to-end encrypted chat need to identify each other, after all.</p>
Karl Voit :emacs: :orgmode:<p>If you need <a href="https://graz.social/tags/E2EE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>E2EE</span></a> via <a href="https://graz.social/tags/email" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>email</span></a>, the only 2 valid standards are <a href="https://graz.social/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenPGP</span></a> and <a href="https://graz.social/tags/SMIME" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SMIME</span></a>. </p><p>It's not that those are without issues but everything else is mediocre.</p><p>Yes, you can switch to non-email-services as well such as <a href="https://graz.social/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a>. But that's a different island.</p><p><a href="https://graz.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://graz.social/tags/encryption" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>encryption</span></a> <a href="https://graz.social/tags/mail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mail</span></a> <a href="https://graz.social/tags/GMail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GMail</span></a></p>
Ivan GJ<p><strong>Delta Chat es demasiado buena 🔥</strong></p>
<p><a href="https://fediverse.tv/videos/watch/21b54e75-f8ae-4a61-919c-a7d264f67b57" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">fediverse.tv/videos/watch/21b5</span><span class="invisible">4e75-f8ae-4a61-919c-a7d264f67b57</span></a></p>
Preston Maness ☭<p><span class="h-card" translate="no"><a href="https://mastodon.ml/@Xeniax" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Xeniax</span></a></span> Totally nerdsniped :D I'd love to be a part of the study.</p><p>I don't think that <a href="https://tenforward.social/tags/KeyServers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KeyServers</span></a> are dead. I think they evolved into Verifying Key Servers (VKS), like the one run by a few folks from the OpenPGP ecosystem at <a href="https://keys.openpgp.org/about" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">keys.openpgp.org/about</span><span class="invisible"></span></a> . More generally, I believe that <a href="https://tenforward.social/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGP</span></a> / <a href="https://tenforward.social/tags/GPG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GPG</span></a> / <a href="https://tenforward.social/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenPGP</span></a> retains important use-cases where accountability is prioritized, as contrasted with ecosystems (like <a href="https://tenforward.social/tags/Matrix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Matrix</span></a>, <a href="https://tenforward.social/tags/SignalMessenger" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SignalMessenger</span></a>) where deniability (and Perfect Forward Secrecy generally) is prioritized. Further, PGP can still serve to bootstrap those other ecosystems by way of signature notations (see the <a href="https://tenforward.social/tags/KeyOxide" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KeyOxide</span></a> project).</p><p>Ultimately, the needs of asynchronous and synchronous cryptographic systems are, at certain design points, mutually exclusive (in my amateur estimation, anyway). I don't think that implies that email encryption is somehow a dead-end or pointless. Email merely, by virtue of being an asynchronous protocol, cannot meaningfully offer PFS (or can it? Some smart people over at crypto.stackexchange.com seem to think there might be papers floating around that can get at it: <a href="https://crypto.stackexchange.com/questions/9268/is-asynchronous-perfect-forward-secrecy-possible" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">crypto.stackexchange.com/quest</span><span class="invisible">ions/9268/is-asynchronous-perfect-forward-secrecy-possible</span></a>).</p><p>To me, the killer feature of PGP is actually not encryption per se. It's certification, signatures, and authentication/authorization. I'm more concerned with "so-and-so definitely said/attested to this" than "i need to keep what so-and-so said strictly private/confidential forever and ever." What smaller countries like Croatia have done with <a href="https://tenforward.social/tags/PKI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PKI</span></a> leaves me green with envy.</p>
l<p><span class="h-card" translate="no"><a href="https://mastodon.social/@eff" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>eff</span></a></span> <span class="h-card" translate="no"><a href="https://hachyderm.io/@evacide" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>evacide</span></a></span> <br>GnuPG is not the only way to encrypt email, I use <a href="https://fosstodon.org/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenPGP</span></a> with Thunderbird and <span class="h-card" translate="no"><a href="https://chaos.social/@delta" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>delta</span></a></span>, both don't use GPG.</p><p>Also pages<br><a href="https://ssd.eff.org/module/how-use-pgp-linux" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ssd.eff.org/module/how-use-pgp</span><span class="invisible">-linux</span></a><br>and<br><a href="https://ssd.eff.org/module/how-use-pgp-windows" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ssd.eff.org/module/how-use-pgp</span><span class="invisible">-windows</span></a><br>are outdated, Thunderbird now has built-in OpenPGP implementation and Enigmail does not work with the latest versions.</p>
Michaela Molthagen<p>E-Mails und Dateien mit <a href="https://meerjungfrauengrotte.de/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenPGP</span></a> <a href="https://meerjungfrauengrotte.de/tags/GnuPG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GnuPG</span></a> zu verschlüsseln dürfte in Zukunft immer wichtiger werden. </p><p>Für meine Mail-Adresse michaela /at/ molthagen.de ist dies der öffentliche Schlüssel:</p><p>-----BEGIN PGP PUBLIC KEY BLOCK-----</p><p>xsDNBGCKoloBDAC3KxjVhoGRfM0OKRr1GJ3CQHAjfU1vdDpQIK0IU4wYC5rweusS<br>zPT2YKOnZJ6Ix5duk1Qdb2UZkpUisDmCu4JpW29Ro7m9DeRyqOY24+x5ZdyBM1ZY<br>oFoB/6+uc3mJzt1iZs5Heqdb689mUMlu7RuY5F9FKZYygLNPpGg37Hl74ng6ASeH<br>IA2EqD62fPEbMLARcDr9Z+jqiDJKXH/46n3xXPVnD17GVr+fdvZc/1P5Av2hRMCE<br>1pS3af9C3JqCbHAc5uiIfFG/YS5KyhBdVG73ifAl7fwdXHXp0eq2g57ZFF8ZQei8<br>uNT5qcqSHSHYqYSI8xUT/PmPMTKACdAwvH0xMxXsoXMTdhm9Yvd2HnEetZjYzHyc<br>aMhMcXX2A0/gfXTaR+B4Rd/PIayGE9XLN28tED8B650mRid9kRdKFbc1Hi2tPqec<br>zpd7rlRRqpMDOaTURc2CV8U20In3ES52xIzg/KXUznl87y3H8LCoxxdNbY/jZaTb<br>ySm5u7mi/kJovZkAEQEAAc0+TWljaGFlbGEgTWFyaW5hIEdyZXRhIE9obGh1cy1N<br>b2x0aGFnZW4gPG1pY2hhZWxhQG1vbHRoYWdlbi5kZT7CwRQEEwEIAD4WIQQQ2njG<br>t5HIbaNoE3+rkfu+z3b+ZwUCYIqiWgIbAwUJBaTNRgULCQgHAgYVCgkICwIEFgID<br>AQIeAQIXgAAKCRCrkfu+z3b+Z7pgC/9fNSI5EwLpcGAXc8G8Xi2QGXhnEscWwnzU<br>LtiSWWOgo8XtmTjY1ZxhZNl8IqyKbWiDELAFlCy4fB4qVFBQNbxZ7moW4IRdyxKQ<br>Je3+43Uan3e+RBav5WcFob+ZeLFOlw9exVgbAZVPDshu6sdcFrmJwg+xp2zCB0HB<br>SZ3uczuSeuIODNYrl/gaaIL5qCLLkGfnGOKuGB4n3eFJzwo5990h4jS2Roil8vIX<br>0SddrYhBE76XkewgeNhiUxvATRzDrxl1gS3EdoNBtVWJh6c+d1QLcagwhjcSs1Es<br>zp3ThI4m6yP3g53ZG4nZ2s0r14UUs7FcK5fA3ezCJ5he+zwKeeORhtDmi2LsGX7v<br>OIVgjWGNXa094Wh/LAnMUJK4zGb2z+B3mR6u9pbjKZoP6uhTl8aWqBSysMqnrALl<br>CoVO0A22g904KDz/91Wh1UtS/KVbUr2bzsx9qlYfIz9+zXG8xL2GY/dMaRxWnrFv<br>TPn872daed3iryQP2jz7Y2XA5pBbvJHCwRQEEwEIAD4WIQQQ2njGt5HIbaNoE3+r<br>kfu+z3b+ZwUCZiu16AIbAwUJC0PKhgULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAK<br>CRCrkfu+z3b+ZxWAC/wLuLPYs2ZCaRTJu6DqpUlcvYhkiXtrPU525LT6eFHDcAL3<br>fYYIBzsXJSkTv8VCz3/wLtzXKRdViOX6CKFY/tp01zF1Nwelsrcxmjlz75jqwE+O<br>4WeiNV/TtTDV6QdTNhgn3Lh+1OFqcUmKo5p2/uAsUK58Z5mKJHY6TR0E6Ak4oPVP<br>eKKNOor8nDL4tEOxSvwz1f2hISEbS2FY7b102u0SevMJbPv7e39nFNeV9CS/ASOz<br>HZYfaoSGJouMuVeJan/DhuwtDrIhRSjzJCcWuvZp2d+aOviyFXLJr/GlCUo8RoJb<br>4uhrF0GPsnaGIhEymNHNQUrvHZRVSBbkr5hHyOvIzZ0EgwuaWX+Kbv+q3v+bz7Bn<br>Lv7xAkZOs06jmMcFFdfGRp8PLYkmFspsPbR3zx0poT17HtZIJu8RpC0cqQCTPt1c<br>v2fifJiSb5pJUYhymgo4CNJN00Yhd2EPtRPoeCXPFP1vGbO1ZaqBYO7GYsdmP5Qv<br>xqvEQNFsgRf/osB9+QbOwM0EYIqiWgEMANdLVzqyL1hvFA7ml7TggC5kwxKTLTBJ<br>a5g70Ect+ZdScxOEv8s3vpirA1smUqevlFpOZF3/ONqJYftzbmSOywM/VeU0ldKc<br>uapbs1PZD2xP8BYMkPMxtM4tJSpbtlEO5skUFUsn7uyTHoO0evDddGXK2nvM9YbG<br>JD6drunkOyBNtG1HihacsHwk5WyZjVfStQxyrRw5rSQ/+UH331CSQjVTVjrBwm2b<br>YkXfBBBNH7+/k6Wq18P27JewWI2BH6B8xVNiIxGHyyLBnU9wug6IUkGH3ikOSJQk<br>6I8CK4m5RxiFbwypD/VsQ0hx6M0hsRgEPmMFjzOI2gpp6yWRR2EonIUVNM3X4ebY<br>Xu4n9vxXO0UpJEDQUGzJg8ZgYK1NEiHxG0o2CJ85tVTn4R4m4Mmu0lCdHAcxPVJ7<br>g/HrXZ39hGdDe/PuJP7Bs2TK4fdnyT1WFm6XoKOS2x7qFqrbEENVddY7ue/pd0Jp<br>NExx9IIAhSFWhS8xWHK6aF1PuG3cvDq2XQARAQABwsD8BBgBCAAmFiEEENp4xreR<br>yG2jaBN/q5H7vs92/mcFAmCKoloCGwwFCQWkzUYACgkQq5H7vs92/mdynAv/VZfD<br>npVPPq7z+cW9S+qB02vazt4uNLsbIcTcHZUQKyEAQ8U6id/eJ+YIOm3tK9OrnPyt<br>K8HjgiXvrQo+QQ0uyKQmEk56jCodlyX/km0r1C4Clb5xnZfHwCCq4m0KOoSdam3q<br>g4ob5xPZMYctaCZkQreJrfzhdWfK9i89wohWfxQ8SC7uPpCiAOaEQ3nXD1pbsgK2<br>JmRMfoaGTpSnoZ9rlAYV+CK6yV8vlO/ZBPhB3XSwjxp031q/yYjBglu90/XYUYNv<br>vKThwn9hcU/TvZ403pNLYgIQwTPi+H+Hz7CyQaT/nl5Mj34U1bdAiBkEoO8rZmJh<br>W1vBVgU1pIKJ/lkGoL80FQbI+SP/EAKGZHi9srhi66Y2DRVv/AWBqqFGKSqEjzda<br>htIxboveC4Sgj4G0djXk4eYGE2WNOWhdWRK01wAGjJKwaQZIL2/EBuO7vk6ejZsR<br>f8UcUxgoUnjN9MjGBH7GxnVDuu1XkRwQBvkpH9UHrLL/mk+E4nH3vLifjXg2wsD8<br>BBgBCAAmFiEEENp4xreRyG2jaBN/q5H7vs92/mcFAmYrtegCGwwFCQtDyoYACgkQ<br>q5H7vs92/mcy0QwAnOOmoj/xssnwOIHTqQLlwzmmzWRYcPI4iLNhq6mZFQg6yMp4<br>c34jJ0KIDkeELeT+sLsv489o0BcXYz0+U0LhiahWjXLMxL6olgUWRr6jfnzhIsAh<br>ToVIaAfzLfYIwhPJLPPz2eVVSFRnuJGcWOh4OxqxC57Ofa0/gCkP/OVLTsdbavyp<br>XpMCaSGm6t+H31qKo9NS3B6UlejrSgeO7cmP8IEZRSZCfjlaJYCBpegQ6tHpT3hW<br>uaGHi+VpDnvCJ7EKD09VmCbKaAl4xsB/jtfBlbI42TcKhyoFulk03xZ+CPwSQEK8<br>2935un2XI3tJJHsitZ692SGgAlhd9BC21SyJY2E+wfy1PmIEit4pEaTW1pFftRfM<br>xOdNMcNwkaDyG2906UVC5iXtL91rj4lvYHcLNtKfN3th0tLxG3O87N16Q47Kb4w5<br>Ly8Ikvsf/ePpLAYH92i6v5hGZTxB71NgqMmAsqPIKm7cKVqUMgMFW6Fb2bc5o9TL<br>tZUxodqlAyffwb5f<br>=jbzu<br>-----END PGP PUBLIC KEY BLOCK-----</p><p>Oder <a href="https://files.molthagen.de/gnupg/0xCF76FE67_public.asc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">files.molthagen.de/gnupg/0xCF7</span><span class="invisible">6FE67_public.asc</span></a></p><p>Auch auf diversen Key-Servern veröffentlicht.</p>
StefanEs werden ja immer wieder neue Schlüssel zur Kommunikation erstellt. Diese müssten ja auch irgendwann auslaufen / ausgetauscht werden. D.h. wenn der Client länger nicht online war, bekommt man keine neue Schlüssel mehr. Ich denke, dass dies dann ein paar Probleme machen wird.<br><br>Beispiel: Dein Computer geht kaputt. Es dauert ein paar Tage bis du einen neuen besorgt hast und diesen wieder eingerichtet hast. In der Zeit hast du aber einige Nachrichten bekommen. Man hat zwar ein Backup, aber vielleicht nicht gerade ein tägliches. Mit <a href="https://devlug.de/social?t=openpgp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenPGP</a> via <a href="https://devlug.de/social?t=xmpp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#XMPP</a> müsste man sich keinen Kopf machen. Die Nachricht kann man ohne Probleme lesen. Bei PFS könnte dies komplexer werden.<br><br>Wenn Personen mehrere Geräte haben, dann haben diese Person auch mehrere Schlüsseln. Das kann dann zu einem kleinen Schlüssel Chaos führen. Es wird für den normalen User ggf. auf die Verwendung von "Blind Trust" hinauslaufen.<br><br>Mal ein Beispiel, welches ich so nicht haben, mir aber vorstellen könnte.<br>Man verwendet ein Theam-Chat. Vielleicht auch ein Chat mit Kunden. Der Chef selber ist zwar nicht im Chat oder vielleicht nicht immer alle Kollegen. Allerdings sollten bestimmte Personen im Fall von Krankheit / Urlaub Zugriff haben können. Das stelle ich mir mit PFS auch schwerer vor. Bei OpenPGP ist es bestimmt einfacher.<br><br>CC: <span class="h-card"><a href="https://freie-re.de/users/qbi" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@qbi@freie-re.de</a></span> <span class="h-card"><a href="https://gruene.social/users/Gerbsen" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Gerbsen@gruene.social</a></span> <span class="h-card"><a href="https://osna.social/users/ber" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@ber@osna.social</a></span><br>
profanityMore information about <a href="https://devlug.de/social?t=openpgp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenPGP</a> for <a href="https://devlug.de/social?t=xmpp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#XMPP</a> (<a href="https://devlug.de/social?t=ox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OX</a>) in <a href="https://devlug.de/social?t=profanity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#profanity</a>: <code>man 1 profanity-ox-setup</code>.<br><br><a href="https://devlug.de/social?t=gnupg" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GnuPG</a><br><br>CC: <span class="h-card"><a href="https://social.mdosch.de/martin" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@martin@social.mdosch.de</a></span> <span class="h-card"><a href="https://mathstodon.xyz/users/caten" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@caten@mathstodon.xyz</a></span> <span class="h-card"><a href="https://mastodon.social/users/Goffi" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Goffi@mastodon.social</a></span> <span class="h-card"><a href="https://fosstodon.org/users/gajim" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@gajim@fosstodon.org</a></span><br>
vanitasvitae<p>Just figured out, that the massive performance hit my <a href="https://fosstodon.org/tags/PGPainless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGPainless</span></a> test suite was suffering since I started to port to a newer BC version was caused by the default S2K iteration count being bumped to 0xff instead of 0x60.<br>This had caused the runtime of the test suite to rise to 7 minutes compared to ~1 minute.</p><p>I decided to dial down the default value again, but make it customizable :D</p><p><a href="https://fosstodon.org/tags/openpgp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openpgp</span></a></p>
Delta Chat<p>We are not aware of other FOSS development teams that have as extensive knowledge, both theoretical and practical, about <a href="https://chaos.social/tags/email" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>email</span></a> and <a href="https://chaos.social/tags/openpgp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openpgp</span></a> and regularly release across all platforms for users world wide ... except for <a href="https://chaos.social/tags/protonmail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>protonmail</span></a> with whose technical and security experts we discuss regularly. They are the other major game in town doing pervasive email encryption after all. Did you know that Proton's and delta's VCards are compatible across ecosystems and establish immediate encryption?</p>
Delta Chat<p><span class="h-card" translate="no"><a href="https://jura.social/@mathilde" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>mathilde</span></a></span> <a href="https://chaos.social/tags/chatmail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>chatmail</span></a> server users don't have these problems because they don't even need to know their password or email address. Messages in delta chat are stored locally and the server only stores them for a limited time, up to 20 days by default, so all devices have a chance to download the message. Blocklists are also not used, the only requirements are <a href="https://chaos.social/tags/DKIM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DKIM</span></a> signature and <a href="https://chaos.social/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenPGP</span></a> encryption.</p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload