Auch diesen Monat gibt es am 4ten Donnerstag eine #CryptoParty in #Augsburg. Thema ist diesmal: E-Mail-Verschlüsselung auf PC und Handy. Wie immer 19 Uhr (Donnerstag, 24.04.2025), im #OpenLab, Bäckergasse 32.
Bringt bitte eure Freundinnen/Freunde mit. Eintritt frei. Keine Vorkenntnisse erforderlich.
Hello world, this is the #OpenPGP #keyserver service at https://keys.openpgp.org!
This account provides a low-volume channel for updates about the service.
Hello world, this is the #OpenPGP #keyserver service at https://keys.openpgp.org tooting!
This account provides a low-volume channel for updates about the service.
@triskelion
Proton Mail uses #OpenPGP standard and it is possible to send and receive encrypted messages between Delta Chat and Proton Mail. It is not straightforward currently but we work on making it easier by allowing to share the keys in vCards. Delta Chat cannot be used as a client for Proton Mail because Proton Mail does not allow the clients to use SMTP and IMAP to directly access mailboxes.
Tuta cannot be used to send and receive encrypted e-mail because it does not support OpenPGP.
Ich hab jetzt seit einiger Zeit die #openpgp_verschlüsselung in #thunderbird eingerichtet. Ich habe noch keinen gefunden, der auch verschlüsselt, also den öffentlichen Schlüssel auf einem #openpgp #schlusselserver ablegt. Macht das niemand oder muss ich auch andere Schlüsselserver hinterlegen?
Some of you may have heard of #simplex which likes to elevate itself as "the first messenger without user-ids" ... a goal, similar to ours, of not letting the transport layer know about who talks. Only we are doing it in the email system, fully interoperable with tens of thousands of existing email servers and other #openpgp endpoints. The email system is much more than SMTP/IMAP or even openpgp btw ... there is plenty of room for radical shifts and new takes. We are just starting :)
#openpgp traditions and #signal both bind a cleartext identifier, phone number or email address, to a cryptographic key. It opens up attack vectors as the servers/orgs controlling this binding can interfere.
#deltachat avoids such cleartext identity bindings by creating random #chatmail addresses, as transport only. The cryptographic key becomes the identifier and we want it hidden from the transport layer. Only people being in end-to-end encrypted chat need to identify each other, after all.
@Xeniax Totally nerdsniped :D I'd love to be a part of the study.
I don't think that #KeyServers are dead. I think they evolved into Verifying Key Servers (VKS), like the one run by a few folks from the OpenPGP ecosystem at https://keys.openpgp.org/about . More generally, I believe that #PGP / #GPG / #OpenPGP retains important use-cases where accountability is prioritized, as contrasted with ecosystems (like #Matrix, #SignalMessenger) where deniability (and Perfect Forward Secrecy generally) is prioritized. Further, PGP can still serve to bootstrap those other ecosystems by way of signature notations (see the #KeyOxide project).
Ultimately, the needs of asynchronous and synchronous cryptographic systems are, at certain design points, mutually exclusive (in my amateur estimation, anyway). I don't think that implies that email encryption is somehow a dead-end or pointless. Email merely, by virtue of being an asynchronous protocol, cannot meaningfully offer PFS (or can it? Some smart people over at crypto.stackexchange.com seem to think there might be papers floating around that can get at it: https://crypto.stackexchange.com/questions/9268/is-asynchronous-perfect-forward-secrecy-possible).
To me, the killer feature of PGP is actually not encryption per se. It's certification, signatures, and authentication/authorization. I'm more concerned with "so-and-so definitely said/attested to this" than "i need to keep what so-and-so said strictly private/confidential forever and ever." What smaller countries like Croatia have done with #PKI leaves me green with envy.
@eff @evacide
GnuPG is not the only way to encrypt email, I use #OpenPGP with Thunderbird and @delta, both don't use GPG.
Also pages
https://ssd.eff.org/module/how-use-pgp-linux
and
https://ssd.eff.org/module/how-use-pgp-windows
are outdated, Thunderbird now has built-in OpenPGP implementation and Enigmail does not work with the latest versions.
E-Mails und Dateien mit #OpenPGP #GnuPG zu verschlüsseln dürfte in Zukunft immer wichtiger werden.
Für meine Mail-Adresse michaela /at/ molthagen.de ist dies der öffentliche Schlüssel:
-----BEGIN PGP PUBLIC KEY BLOCK-----
xsDNBGCKoloBDAC3KxjVhoGRfM0OKRr1GJ3CQHAjfU1vdDpQIK0IU4wYC5rweusS
zPT2YKOnZJ6Ix5duk1Qdb2UZkpUisDmCu4JpW29Ro7m9DeRyqOY24+x5ZdyBM1ZY
oFoB/6+uc3mJzt1iZs5Heqdb689mUMlu7RuY5F9FKZYygLNPpGg37Hl74ng6ASeH
IA2EqD62fPEbMLARcDr9Z+jqiDJKXH/46n3xXPVnD17GVr+fdvZc/1P5Av2hRMCE
1pS3af9C3JqCbHAc5uiIfFG/YS5KyhBdVG73ifAl7fwdXHXp0eq2g57ZFF8ZQei8
uNT5qcqSHSHYqYSI8xUT/PmPMTKACdAwvH0xMxXsoXMTdhm9Yvd2HnEetZjYzHyc
aMhMcXX2A0/gfXTaR+B4Rd/PIayGE9XLN28tED8B650mRid9kRdKFbc1Hi2tPqec
zpd7rlRRqpMDOaTURc2CV8U20In3ES52xIzg/KXUznl87y3H8LCoxxdNbY/jZaTb
ySm5u7mi/kJovZkAEQEAAc0+TWljaGFlbGEgTWFyaW5hIEdyZXRhIE9obGh1cy1N
b2x0aGFnZW4gPG1pY2hhZWxhQG1vbHRoYWdlbi5kZT7CwRQEEwEIAD4WIQQQ2njG
t5HIbaNoE3+rkfu+z3b+ZwUCYIqiWgIbAwUJBaTNRgULCQgHAgYVCgkICwIEFgID
AQIeAQIXgAAKCRCrkfu+z3b+Z7pgC/9fNSI5EwLpcGAXc8G8Xi2QGXhnEscWwnzU
LtiSWWOgo8XtmTjY1ZxhZNl8IqyKbWiDELAFlCy4fB4qVFBQNbxZ7moW4IRdyxKQ
Je3+43Uan3e+RBav5WcFob+ZeLFOlw9exVgbAZVPDshu6sdcFrmJwg+xp2zCB0HB
SZ3uczuSeuIODNYrl/gaaIL5qCLLkGfnGOKuGB4n3eFJzwo5990h4jS2Roil8vIX
0SddrYhBE76XkewgeNhiUxvATRzDrxl1gS3EdoNBtVWJh6c+d1QLcagwhjcSs1Es
zp3ThI4m6yP3g53ZG4nZ2s0r14UUs7FcK5fA3ezCJ5he+zwKeeORhtDmi2LsGX7v
OIVgjWGNXa094Wh/LAnMUJK4zGb2z+B3mR6u9pbjKZoP6uhTl8aWqBSysMqnrALl
CoVO0A22g904KDz/91Wh1UtS/KVbUr2bzsx9qlYfIz9+zXG8xL2GY/dMaRxWnrFv
TPn872daed3iryQP2jz7Y2XA5pBbvJHCwRQEEwEIAD4WIQQQ2njGt5HIbaNoE3+r
kfu+z3b+ZwUCZiu16AIbAwUJC0PKhgULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAK
CRCrkfu+z3b+ZxWAC/wLuLPYs2ZCaRTJu6DqpUlcvYhkiXtrPU525LT6eFHDcAL3
fYYIBzsXJSkTv8VCz3/wLtzXKRdViOX6CKFY/tp01zF1Nwelsrcxmjlz75jqwE+O
4WeiNV/TtTDV6QdTNhgn3Lh+1OFqcUmKo5p2/uAsUK58Z5mKJHY6TR0E6Ak4oPVP
eKKNOor8nDL4tEOxSvwz1f2hISEbS2FY7b102u0SevMJbPv7e39nFNeV9CS/ASOz
HZYfaoSGJouMuVeJan/DhuwtDrIhRSjzJCcWuvZp2d+aOviyFXLJr/GlCUo8RoJb
4uhrF0GPsnaGIhEymNHNQUrvHZRVSBbkr5hHyOvIzZ0EgwuaWX+Kbv+q3v+bz7Bn
Lv7xAkZOs06jmMcFFdfGRp8PLYkmFspsPbR3zx0poT17HtZIJu8RpC0cqQCTPt1c
v2fifJiSb5pJUYhymgo4CNJN00Yhd2EPtRPoeCXPFP1vGbO1ZaqBYO7GYsdmP5Qv
xqvEQNFsgRf/osB9+QbOwM0EYIqiWgEMANdLVzqyL1hvFA7ml7TggC5kwxKTLTBJ
a5g70Ect+ZdScxOEv8s3vpirA1smUqevlFpOZF3/ONqJYftzbmSOywM/VeU0ldKc
uapbs1PZD2xP8BYMkPMxtM4tJSpbtlEO5skUFUsn7uyTHoO0evDddGXK2nvM9YbG
JD6drunkOyBNtG1HihacsHwk5WyZjVfStQxyrRw5rSQ/+UH331CSQjVTVjrBwm2b
YkXfBBBNH7+/k6Wq18P27JewWI2BH6B8xVNiIxGHyyLBnU9wug6IUkGH3ikOSJQk
6I8CK4m5RxiFbwypD/VsQ0hx6M0hsRgEPmMFjzOI2gpp6yWRR2EonIUVNM3X4ebY
Xu4n9vxXO0UpJEDQUGzJg8ZgYK1NEiHxG0o2CJ85tVTn4R4m4Mmu0lCdHAcxPVJ7
g/HrXZ39hGdDe/PuJP7Bs2TK4fdnyT1WFm6XoKOS2x7qFqrbEENVddY7ue/pd0Jp
NExx9IIAhSFWhS8xWHK6aF1PuG3cvDq2XQARAQABwsD8BBgBCAAmFiEEENp4xreR
yG2jaBN/q5H7vs92/mcFAmCKoloCGwwFCQWkzUYACgkQq5H7vs92/mdynAv/VZfD
npVPPq7z+cW9S+qB02vazt4uNLsbIcTcHZUQKyEAQ8U6id/eJ+YIOm3tK9OrnPyt
K8HjgiXvrQo+QQ0uyKQmEk56jCodlyX/km0r1C4Clb5xnZfHwCCq4m0KOoSdam3q
g4ob5xPZMYctaCZkQreJrfzhdWfK9i89wohWfxQ8SC7uPpCiAOaEQ3nXD1pbsgK2
JmRMfoaGTpSnoZ9rlAYV+CK6yV8vlO/ZBPhB3XSwjxp031q/yYjBglu90/XYUYNv
vKThwn9hcU/TvZ403pNLYgIQwTPi+H+Hz7CyQaT/nl5Mj34U1bdAiBkEoO8rZmJh
W1vBVgU1pIKJ/lkGoL80FQbI+SP/EAKGZHi9srhi66Y2DRVv/AWBqqFGKSqEjzda
htIxboveC4Sgj4G0djXk4eYGE2WNOWhdWRK01wAGjJKwaQZIL2/EBuO7vk6ejZsR
f8UcUxgoUnjN9MjGBH7GxnVDuu1XkRwQBvkpH9UHrLL/mk+E4nH3vLifjXg2wsD8
BBgBCAAmFiEEENp4xreRyG2jaBN/q5H7vs92/mcFAmYrtegCGwwFCQtDyoYACgkQ
q5H7vs92/mcy0QwAnOOmoj/xssnwOIHTqQLlwzmmzWRYcPI4iLNhq6mZFQg6yMp4
c34jJ0KIDkeELeT+sLsv489o0BcXYz0+U0LhiahWjXLMxL6olgUWRr6jfnzhIsAh
ToVIaAfzLfYIwhPJLPPz2eVVSFRnuJGcWOh4OxqxC57Ofa0/gCkP/OVLTsdbavyp
XpMCaSGm6t+H31qKo9NS3B6UlejrSgeO7cmP8IEZRSZCfjlaJYCBpegQ6tHpT3hW
uaGHi+VpDnvCJ7EKD09VmCbKaAl4xsB/jtfBlbI42TcKhyoFulk03xZ+CPwSQEK8
2935un2XI3tJJHsitZ692SGgAlhd9BC21SyJY2E+wfy1PmIEit4pEaTW1pFftRfM
xOdNMcNwkaDyG2906UVC5iXtL91rj4lvYHcLNtKfN3th0tLxG3O87N16Q47Kb4w5
Ly8Ikvsf/ePpLAYH92i6v5hGZTxB71NgqMmAsqPIKm7cKVqUMgMFW6Fb2bc5o9TL
tZUxodqlAyffwb5f
=jbzu
-----END PGP PUBLIC KEY BLOCK-----
Oder https://files.molthagen.de/gnupg/0xCF76FE67_public.asc
Auch auf diversen Key-Servern veröffentlicht.
Ich wollte mich mal mit #OpenPGP beschäftigen in #Thunderbird, aber kann meine Schlüssel nicht online veröffentlichen.
Fehler beim Senden Ihres öffentlichen Schlüssels an "vks://keys.openpgp.org".
Hat jemand noch diese Probleme beobachtet oder die Probleme?
man 1 profanity-ox-setup.Just figured out, that the massive performance hit my #PGPainless test suite was suffering since I started to port to a newer BC version was caused by the default S2K iteration count being bumped to 0xff instead of 0x60.
This had caused the runtime of the test suite to rise to 7 minutes compared to ~1 minute.
I decided to dial down the default value again, but make it customizable :D
We are not aware of other FOSS development teams that have as extensive knowledge, both theoretical and practical, about #email and #openpgp and regularly release across all platforms for users world wide ... except for #protonmail with whose technical and security experts we discuss regularly. They are the other major game in town doing pervasive email encryption after all. Did you know that Proton's and delta's VCards are compatible across ecosystems and establish immediate encryption?
@mathilde #chatmail server users don't have these problems because they don't even need to know their password or email address. Messages in delta chat are stored locally and the server only stores them for a limited time, up to 20 days by default, so all devices have a chance to download the message. Blocklists are also not used, the only requirements are #DKIM signature and #OpenPGP encryption.
My latest "Bringing PGP to the 21st Century" update:
I’ve set up WKD for all my "public-facing" identities, with both direct and advanced methods working across the relevant domains. I’ve also uploaded all my keys to Keybase, OpenPGP, and Ubuntu keyservers. I even even generated a QR code with the openPGP4FPR URI scheme: https://openpgpkey.accioly.social/
PGP experts, am I missing anything?
The downside of our project approach was that we often got experts being very dismissive on re-using email and #OpenPGP ... and there still is some opposition which often subsides when actually trying #deltachat and #chatmail, looking at security audits and our strong usable security focus.
There may also be surprising upsides. The UK "Online Safety Bill" which attacks end-to-end encryption integrity seems to not apply for ... e-mail. Because everyone knows, e-mail is unencrypted, right? :)
