#minisign — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #minisign, aggregated by home.social.
-
1/2
Today I was playing with Minisign and Cosign to evaluate whether it’s worth signing some of my OSS software with something other than PGP.Here’s my verdict: Minisign is promising… Much easier to use than PGP. That simplicity, of course, comes at the cost of giving up a few features.
#OSS #SoftwareSigning #ArtifactSigning #PGP #Minisign #Cosign #Sigstore
-
Thinking of email using #Neomutt, #AgeEncryption , and #Minisign
Setup a signed webpage with my public keys & explaining how to decrypt files and how verify signatures
Add a link to this webpage to my usual email signature text.
By default an email is an unencrypted, unsigned postcard ¯\_(ツ)_/¯
But when used to send important private data, sign and/or encrypt the files & send them as attachment to a cover letter explaining how to decrypt and verify signatures & a link to webpage above
-
Thinking of email using #Neomutt, #AgeEncryption , and #Minisign
Setup a signed webpage with my public keys & explaining how to decrypt files and how verify signatures
Add a link to this webpage to my usual email signature text.
By default an email is an unencrypted, unsigned postcard ¯\_(ツ)_/¯
But when used to send important private data, sign and/or encrypt the files & send them as attachment to a cover letter explaining how to decrypt and verify signatures & a link to webpage above
-
The PGP Problem
https://www.latacora.com/blog/2019/07/16/the-pgp-problem/
#OpenPGP #GnuPG #PGP #GPG #PublicKey #Email
#AgeEncryption https://age-encryption.org
#Minisign https://jedisct1.github.io/minisign/#AgePublicKey
age1s3n5ehvm8h3xjkc985hzjznw9cv0lk9ezj5heyy4m7l654rkzslq07ylps#MinisignPublicKey
RWRK8XFYuCHjYX1J/7cKCUy6eQKNYVAurb/70Q6pK8kjGHALVORZGJ+o -
The PGP Problem
https://www.latacora.com/blog/2019/07/16/the-pgp-problem/
#OpenPGP #GnuPG #PGP #GPG #PublicKey #Email
#AgeEncryption https://age-encryption.org
#Minisign https://jedisct1.github.io/minisign/#AgePublicKey
age1s3n5ehvm8h3xjkc985hzjznw9cv0lk9ezj5heyy4m7l654rkzslq07ylps#MinisignPublicKey
RWRK8XFYuCHjYX1J/7cKCUy6eQKNYVAurb/70Q6pK8kjGHALVORZGJ+o -
The PGP Problem
https://www.latacora.com/blog/2019/07/16/the-pgp-problem/
#OpenPGP #GnuPG #PGP #GPG #PublicKey #Email
#AgeEncryption https://age-encryption.org
#Minisign https://jedisct1.github.io/minisign/#AgePublicKey
age1s3n5ehvm8h3xjkc985hzjznw9cv0lk9ezj5heyy4m7l654rkzslq07ylps#MinisignPublicKey
RWRK8XFYuCHjYX1J/7cKCUy6eQKNYVAurb/70Q6pK8kjGHALVORZGJ+o -
The PGP Problem
https://www.latacora.com/blog/2019/07/16/the-pgp-problem/
#OpenPGP #GnuPG #PGP #GPG #PublicKey #Email
#AgeEncryption https://age-encryption.org
#Minisign https://jedisct1.github.io/minisign/#AgePublicKey
age1s3n5ehvm8h3xjkc985hzjznw9cv0lk9ezj5heyy4m7l654rkzslq07ylps#MinisignPublicKey
RWRK8XFYuCHjYX1J/7cKCUy6eQKNYVAurb/70Q6pK8kjGHALVORZGJ+o -
The PGP Problem
https://www.latacora.com/blog/2019/07/16/the-pgp-problem/
#OpenPGP #GnuPG #PGP #GPG #PublicKey #Email
#AgeEncryption https://age-encryption.org
#Minisign https://jedisct1.github.io/minisign/#AgePublicKey
age1s3n5ehvm8h3xjkc985hzjznw9cv0lk9ezj5heyy4m7l654rkzslq07ylps#MinisignPublicKey
RWRK8XFYuCHjYX1J/7cKCUy6eQKNYVAurb/70Q6pK8kjGHALVORZGJ+o -
thought it might be nice to sign #sphinx releases with #minisign and #ssh #eddsa keys, straight outta sphinx. minisign #privkeys are okish (they do need 40 B of entropy, 8 extra for a "keyid"). but did you know, that in ssh the public key is stored 3x in the ed25519 private #key? one time i can understand (could be 0 though), but 3 times? what have they been drinking? #fileformats