I should really journal my attempts at using GPG as evidence of how terrible it is from a usability perspective...
@matthew_d_green the OpenPGP applet on a Yubikey gives you 3 slots: signing, encryption, and authentication...
-
-
@matthew_d_green I tried to use a signing subkey in the signing slot. That didn't work. It really wants your primary there... -
.
@matthew_d_green maybe a GPG expert knows if I can publish my (primary) signing and encryption subkey w/o auth key and GPG still works o_O -
@bascule You shouldn't need an auth key. But that's just theory and common sense talking. -
@matthew_d_green I want one to use as a Yubikey-gapped PIN-locked SSH key
End of conversation
New conversation -
-
-
@bascule@matthew_d_green what in jehoshaphat's name are they claiming the difference between signing and authenticating is? -
@dvanduzer@matthew_d_green authentication is e.g. SSH -
@bascule@matthew_d_green authentication via asymmetric keys is essentially verifying a known signature. reading up on this product and ugh -
@dvanduzer@matthew_d_green using gpg-agent for SSH is a standard GPG feature, as are authentication keys... -
@bascule@matthew_d_green there is no meaningful distinction between "authentication keys" and "signing keys" regardless of context -
@dvanduzer@matthew_d_green even if the signing key is your primary key? -
@bascule@matthew_d_green the primitives for any asymmetric crypto are "sign/verify" and "encrypt/decrypt" -
@dvanduzer@matthew_d_green there are also signing subkeys in addition to auth subkeys! :o - 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.