Signing already-encrypted files (all to self)?

Faramir faramir.cl at gmail.com
Sun Nov 13 11:36:31 CET 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

El 11-11-2011 19:57, Doug Barton escribió:
> On 11/11/2011 14:54, Chris Poole wrote:
...
>> OK thanks, I hadn't thought of that. I'd still have to decrypt
>> and re-encrypt them to keep hashes of all plaintext versions of
>> the files though. (Thinking about running this script every few
>> days and hashing the latest files pulled from the IMAP server;
>> it'd be far easier just to find any files not ending in ".gpg" to
>> hash.)
> 
> I think this came up last time and I don't remember the reason you 
> didn't like the solution, but wouldn't something like truecrypt be
> a whole heckuva lot easier?

  That time there was a portability requirement, but that doesn't seem
to be the current case. A truecrypt container would solve the problem,
since it both keeps the files encrypted, and unless the container is
decrypted, people can't put fake files inside.

  Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBCAAGBQJOv52vAAoJEMV4f6PvczxAmzkH/3pOcSJC15vEL9CsSkhfTF00
WVkwVneOD9Gbl0lgW3HDI2AIRkoxQeg8wQvjlVlhvIH+q5+3yPQ5H+fj1ZBxoaU4
HINiXQgU0GD0ShMG+fe/PH3pi3XRbZATaXlFbkq56geg2hLkxlrIaHwekZ2MKN5R
at8EVDrFcESumiGcGWJ0+ajnfiwBfTqm5Jn/CPxhpVWP6H+98HKEKmEOtEwyZ8iV
KhfdyzAwmLL+eKt77sw63NNuDGHvqDFVuvmrbqupjkB0nhBVDvDYnht1//t82ToC
u7JYYLqxzUcb+7yLkinaGgqxrAn0DlHDTF5FWKXnXgvu4TsPI1e6noBqDKXBt48=
=CHVf
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list