On 06/09/2014 02:24 PM, Stephen R Guglielmo wrote: > On Mon, Jun 9, 2014 at 2:18 PM, Kyle Marek <psppsn96@xxxxxxxxx> wrote: >> Well that's kinda what i'm saying, but without driving to meet people. all >> you have to do is get in a skype call or something and you can see right >> there who you're talking to. > Yeah, that'd work. Obviously I can't drive from the US to Taiwan, > haha. Technically, you're not supposed to transfer keys over unsecure > means (the internet) anyway. NITM attacks: NSA-In-The-Middle ;-) But I > suppose because we're so distributed around the world, that's > something we'll have to manage with for now. > > BTW, your top-posting is driving me nuts :-P > I was sure that would make someone mad but I didn't think that's how i should be doing it when the quote is just building and building. Should I be removing the quotes inside the quote and just leave it as the last message? Well anyway, i thought that since you're NEVER transferring your private key, that this is safe and the public key could never change otherwise communications wouldn't work. Like think about it, a tampered public key doesn't correspond to your private key, as in, things wouldn't say "Good signature from" or encrypted things couldn't decrypt at all. So since they can't tamper with the private key at the same time, i don't see anything wrong with it; i thought this thinking is by design. ------------------------------------------------------------------------ At the time of sending this message, I have not been contacted by any government official or worker regarding my participation in CipherShed or any related project. I have not been asked to supply any information to them that may be used to impersonate me nor have I been asked to aid the government or it's officials or workers in modifying part of CipherShed or any related project. I am not aware of any of my property or anything regarding me being bugged, searched, or compromised in any way. Anything that accepts PGP encryption or signing should have been cryptographically secured with my PGP key.
Attachment:
signature.asc
Description: OpenPGP digital signature