Signing already-encrypted files (all to self)?
faramir.cl at gmail.com
Sun Nov 13 11:36:31 CET 2011
-----BEGIN PGP SIGNED MESSAGE-----
El 11-11-2011 19:57, Doug Barton escribió:
> On 11/11/2011 14:54, Chris Poole wrote:
>> OK thanks, I hadn't thought of that. I'd still have to decrypt
>> and re-encrypt them to keep hashes of all plaintext versions of
>> the files though. (Thinking about running this script every few
>> days and hashing the latest files pulled from the IMAP server;
>> it'd be far easier just to find any files not ending in ".gpg" to
> I think this came up last time and I don't remember the reason you
> didn't like the solution, but wouldn't something like truecrypt be
> a whole heckuva lot easier?
That time there was a portability requirement, but that doesn't seem
to be the current case. A truecrypt container would solve the problem,
since it both keeps the files encrypted, and unless the container is
decrypted, people can't put fake files inside.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the Gnupg-users