recentpopularlog in


« earlier   
xkcd: PGP
How to use PGP to verify that an email is authentic:
Look for this text at the top... if it's there, the email is probably fine.
pgp  humor  gpg  email 
yesterday by bwiese
ANSSI-FR/SmartPGP: SmartPGP is a JavaCard implementation of the OpenPGP card specifications
SmartPGP is a JavaCard implementation of the OpenPGP card specifications - ANSSI-FR/SmartPGP
javacard  openpgp  pgp  smartcard  cardlet  anssi 
7 days ago by vrobin
drduh/YubiKey-Guide: Guide to using YubiKey for GPG and SSH
This is a guide to using YubiKey as a SmartCard for storing GPG encryption, signing and authentication keys, which can also be used for SSH. Many of the principles in this document are applicable to other smart card devices.

Keys stored on YubiKey are non-exportable (as opposed to file-based keys that are stored on disk) and are convenient for everyday use. Instead of having to remember and enter passphrases to unlock SSH/GPG keys, YubiKey needs only a physical touch after being unlocked with a PIN code. All signing and encryption operations happen on the card, rather than in OS memory.
ssh  security  guide  yubikey  gpg  pgp  encryption  GnuPG  key 
7 days ago by vrobin
Switching between YubiKey's PIV and PGP applets on macOS — Custom Programming Solutions
Switching between YubiKey's PIV and PGP applets on macOS

Published on September 13th, 2018 by Aapeli Vuorinen.

Quick tip on using the PIV and PGP applets simultaneously on a YubiKey on macOS.

We use YubiKeys for a variety of purposes, and as this involves using different functionality, we often have to switch between the PGP and PIV applets.

PGP, or "Pretty Good Privacy", is a format for encrypted messages, cryptographic signatures and keys. Initially developed in 1991 by Phil Zimmermann, it was later standardised in RFC4880 as the OpenPGP format. We use PGP to sign git commits, for encrypted email, for code and release signing, and so on. The PGP trust model is based on a web of trust.

PIV, which stands for "Personal Identity Verification" is another format, originally created to authenticate United States federal employees and contractors. It's based on X.509 certificates and is commonly interfaced with through smart cards, with the latest standard being FIPS 201-2. We use the PIV applet for client-side TLS authentication to some security-critical sites, as well as for our internal X.509 public key infrastructure.

However, after starting to use the YubiKey with OpenSC, we quickly found out that there's a few issues with it unless you set it up right.
piv  pgp  applet  smartcard  yubikey  gpg  openpgp 
7 days ago by vrobin

Copy this bookmark:

to read