Talking about Cryptodevices... which one?
peter at digitalbrains.com
Fri Feb 6 12:09:35 CET 2015
On 06/02/15 01:21, Matthias-Christian Ott wrote:
> If they provably don't sign their firmware or incorrectly check the signature
> and are not responsive, perhaps it would be helpful to talk to them through
> third parties like BSI or S-CERT
Why?! Why would I do that?! I do like to think of myself as a bit altruistic,
but seriously, why would I go through all that effort? Thanks for making me
smile. It does a person good.
Furthermore, I am a bit tired of this subject, forgive me for not answering most
of what you say. I get the impression you're not picking up on what I'm trying
to say, and that becomes a bit tiresome.
>> I'm absolutely sure nobody made that claim. More miscommunication galore?
> Werner Koch suggested it (<87y4oen5lx.fsf at vigenere.g10code.de>).
If you would link to the mailing list archives I wouldn't have to open the
(what Thunderbird calls) "message source" to visually compare the Message-ID on
a likely message.
Anyway, that wasn't such a long mail. It sure doesn't contain your suggestion.
You're really doing a lot of extra interpretation and inference if you take that
> I think such a discussion is important and belongs here. I see no
> reason to discuss the need for 8k or even 4k keys if we neglect to
> discuss hardware or malware based attacks. In fact the immediate need
> for very large keys is mostly an academic exercise while the latter are
> real threats.
To me, it says that 4k or 8k keys are not the weak spot of a cryptosystem. And
that we should discuss weak spots on this list. Thank you for your contribution
in that. But it sure as hell doesn't say that a smartcard keeps you safe when
you're working on a compromised system.
> If somebody wants to discuss or answer these questions that I'm asking myself
> for years, I will be happy to continue the discussion otherwise I'm out of
Glad we agree on that at least.
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users