On Fri, 12 Jun 2015 12:39, li...@infosecurity.ch said:
Regarding GPGME, is it really exec()uting the gpg binary or is it
calling directly the gpg as a library?
Sure it does fork/exec. However, gpgsm is run as a co-process and thus
there is only one fork/exec for a bunch of operations
On Thu, 23 Apr 2015 08:25, li...@infosecurity.ch said:
Unluckily PyMe is unmaintained and there's no major software using GPGMe
interface.
On my Debian box I see ~50 direct dependencies including several MUAs
and Jabber clients. KDE uses the C++ wrapper in several packages.
libgmime is used
Foxtrott Two Alfa Delta Eight Five Alfa Charlie
One Echo Four Two Bravo Three Six Seven
uid [ unknown] Werner Koch w...@gnupg.org
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz
On Thu, 19 Feb 2015 11:04, i...@iang.org said:
I just realised one barrier -- language. It uses the English
language, and PGP might be stronger in Europe than in the anglo world.
Right. I recall that this has been discussed in the OpenPGP WG years
ago. IIRC, the conclusion was that the
On Fri, 19 Sep 2014 06:57, g...@toad.com said:
She can send you email at de...@ihtfp.com once, and when your replies
all come from:
From: Derek Atkins lkjasdflksdlkjp2338tnlsdfh848492-hds8f...@ihtfp.com
then when she replies to you, she'll be sending encrypted emails. But
The same can
On Fri, 19 Sep 2014 12:37, givo...@gmx.com said:
for a key in a key server (keystore). but, automatically sending a
separate header sounds, er...automatic, transparent to the user. and
lets the system do the work. long, more than 10 digits,
Actually such a header and an I-D exists for close
On Tue, 15 Oct 2013 18:10, fu...@yuggoth.org said:
Also, to bring this further onto topic, any critiques of the above
linked articles are of interest to me. I'm currently in the process
of drafting some similar recommendations for another large free
There is a simple rule for best practices:
On Fri, 23 Aug 2013 05:56, j...@spaz.org said:
I found it in libgcrypt. I don't understand why it's not in gnupg.
Becuase in GnuPG 2.x all crypto operations are done by Libgcrypt.
It looks to my untrained eye that gnupg and libgcrypt had a common
ancestor, but i'm not sure when that was.
On Thu, 15 Aug 2013 13:11, wasabe...@gmail.com said:
To: and From: headers leak the emails/identity of communicating parties,
but it's not the only place that happens. I've never used PGP but I've used
OpenPGP allows sending messages without information on the used keys
(e.g. gpg
On Wed, 19 Dec 2012 10:00, a...@cypherspace.org said:
probably is heading towards the computional in feasibility, so the only real
chance is if people would communicate the p_i values (or the seed for
re-generating them, perhaps.)
Actually GnuPG tracked those values up to version 1.4.1 in the
]: [224 bits]
pkey[2]: [2046 bits]
pkey[3]: [2048 bits]
:user ID packet: Werner Koch w...@g10code.com
:signature packet: algo 17, keyid F2AD85AC1E42B367
version 4, created 1199118881, md5len 0, sigclass 0x13
digest algo 11, begin of digest 2a 29
On Thu, 16 Feb 2012 13:03, bmoel...@acm.org said:
Oh, in this case it's a self-signature. Werner, the problem (aka feature)
is that expiry according to self-signatures isn't carried forward into
third-party certification signatures -- so if an attacker gets hold of the
That depends on how the
On Thu, 16 Feb 2012 12:30, bmoel...@acm.org said:
I call it a protocol failure, you call it stupid, but Jon calls it a
feature (http://article.gmane.org/gmane.ietf.openpgp/4557/).
It is a feature in the same sense as putting your thumb between the nail
head and the hammer to silently peg up a
On Fri, 28 Oct 2011 14:03, t...@panix.com said:
So this appears to be basically a smartcard and USB smartcard reader
built into the same frob. I can probably find a way to put it within
Right.
Unfortunately, it also appears to be unbuyable. I tried all three
sources listed on the
On Fri, 28 Oct 2011 11:10, mar...@martinpaljak.net said:
PKCS#11 but also open source drivers (also free, in the sense of free
software vs open source software) is as good excuse to reject PKCS#11
In 99% percent of all cases Open Source and Free Software describe
software distributed under the
On Thu, 27 Oct 2011 11:15, mar...@martinpaljak.net said:
I don't know about PGP(.com), but GnuPG is picky about hardware key
containers. Things like PKCS#11.
For the records: That is simply not true. We only demand an open API
specification for the HSM because we don't want to support binary
16 matches
Mail list logo