Multiple email addresses - any alternative to ask everyone to sign all my keys?
Philipp Klaus Krause
pkk at spth.de
Fri Jul 26 13:25:05 CEST 2013
Am 25.07.2013 07:49, schrieb Christopher J. Walters:
> On 7/24/2013 6:06 PM, Robert J. Hansen wrote:
>> (My original reply went just to Philipp. My apologies.)
> No apology necessary.
> I also must apologize, as my original reply got sent to Robert J.
> Hansen, when it was intended for the list.
>> On 7/24/2013 1:53 AM, Philipp Klaus Krause wrote:
>> Unfortunately, this is not casting very much light on things. The use
>> of phrases like CONFIDENTIAL, SECRET and TOP SECRET have very specific
>> meanings in NATO countries, and you're using them here in ways that are
>> at odds with their NATO meanings.
> This is true, and NATO countries have very specific and well defined
> ways of dealing with data with those titles, depending on the country.
>> Let me try this rephrasing:
>> Further, each piece of traffic can receive any of three classifications:
>> C, S or TS. You can send C traffic to Bender: the necessary keys to
>> decrypt it are held there. However, although you can technically send
>> TS traffic to Fry, Fry can't decrypt it: the keys aren't there.
>> If I have this right, then you've walked straight into the Bell-LaPadula
>> security model. You'll be well-served by reading up on it: a good
>> academic reference will answer many of your questions.
> I'll have to look that up and read up on it, when I have the time.
>> The short answer is, "OpenPGP by itself will not be sufficient for your
>> purposes. It might be able to provide a couple of tools, but what you
>> want to achieve is far beyond the scope of OpenPGP."
> That was my conclusion, as well. That is why I suggested the bootable
> GNU/Linux or *BSD Live CD (with some vital tools on it, of course) and
> a USB thumb drive - with an encrypted filesystem for storing the keys
> (I'm not familiar with the smart card's capabilities, and as every smart
> card reader I have is non-functional, I cannot test it out).
> My suggestion went beyond OpenPGP and GnuPG to try to solve the problem
> Philipp described.
Sorry, but I want to be able to read encrypted mail sent to my
university email address on my university computer. Without any extra
effort of booting from a live-cd or such.
More information about the Gnupg-users