[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [ESD-translators] Slides for workshop in Prague
|
From: |
Tomas Stary |
|
Subject: |
Re: [ESD-translators] Slides for workshop in Prague |
|
Date: |
Fri, 30 Mar 2018 12:23:32 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 |
Hi Kate,
Thanks for your efforts. I have been keenly following your emails and
suggestions for improvements. Although I haven't had time to reply
myself yet, it is nice, that there is some progress going on.
The preparations for the workshop is continuing. I have met with some
people and we secured a place for the workshop. So now it remains to
invite the people who are interesting in encryption and spreading the
word. We plan to contact journalists, which is even more important in
the light of current events, when Italian mafia with a link to the
government killed a journalist in Slovakia in order to threaten others.
I am not aware of any slides made for that purpose at all. In theory we
could just put the websites on a projector screen and go along with
that, but it might be more professional to do libreoffice or latex
(beamer) slides with the manual + some more relevant information (e.g.
why the encryption matter, what do other organisations say about
encryption, generating password using the diceware method). Do you have
any other suggestions what should the slide include? What format would
you use?
Regarding the signatures, I normally sign messages only when I want to
make sure that nobody tampered with the content during the transmission
-- e.g. when sending account numbers which somebody could change for
theirs, or when sending piece of code, that could be replaced with some
harmful bits. But there shouldn't be any problem if you just sign
everything.
I also wonder, how thoroughly should we check the identity when signing
the keys of others. Is the check of the ID really necessary? The reason
why I think of that is that some people might use pseudonym rather than
their official name. Also, there might be more people with the same
official name and then some of them might create certificate to
impersonate one another (for the email address they don't own). I think
the alternative could be to verify if they have an access to the email
address they claim the certificate for.
All the best,
Tomas
On 03/30/2018 11:52 AM, Kateryna Razumova wrote:
> Hello Tomas,
>
> sorry for not responding for quite a long time - I was busy with
> contributing (annoying all people in the mail list) to Outreachy
> project.
>
> So, I have read about the workshop. What about the slides? Are there
> any already available slides?
>
> Also, I found out that some instructions in the guide are not applicable:
> https://medium.com/p/proposal-for-outreachy-project-a-need-of-an-update-of-esd-guide-instructions-1d6bda95477f
>
> I also don't understand the policy of signing messages here. I never
> used signing for mailing lists but we are in a mailing list about
> email self defense so I don't understand whether I should use signing.
>
>
> Yours truly,
> Kateryna Razumova.