Re: [Announce] A new Beta of GnuPG 2.1 is now available
Thanks Werner. This is very exciting. This new version already works on ArchLinux via AUR. Now where can we can find this mysterious patch for libgcrypt mentioned in the announcement for enabling encryption with Curve255519 ? I looked at libgcrypt development repository and don't find it. I'm about to release libgcrypt-git and libgcrypt-error-git to AUR as well and wanted to take an opportunity to add that extra support as well. Thank you in advance Alphazo On Thu, Jun 5, 2014 at 5:55 PM, Werner Koch w...@gnupg.org wrote: Hello! I just released the fourth *beta version* of GnuPG 2.1. It has been released to give you the opportunity to check out new features and a new beta was due anyway after 30 months. If you need a stable and fully maintained version of GnuPG, you should use version 2.0.23 or 1.4.16. This versions is marked as BETA and as such it should in general not be used for real work. However, the core functionality is solid enough for a long time and I am using this code base for a couple of years now. What's new in 2.1.0-beta442 since beta3 === * gpg: Add experimental signature support using curve Ed25519 and with a patched Libgcrypt also encryption support with Curve25519. * gpg: Allow use of Brainpool curves. * gpg: Accepts a space separated fingerprint as user ID. This allows to copy and paste the fingerprint from the key listing. * gpg: The hash algorithm is now printed for signature records in key listings. * gpg: Reject signatures made using the MD5 hash algorithm unless the new option --allow-weak-digest-algos or --pgp2 are given. * gpg: Print a warning if the Gnome-Keyring-Daemon intercepts the communication with the gpg-agent. * gpg: Changed the format of key listings. To revert to the old format the option --legacy-list-mode is available. * gpg: New option --pinentry-mode. * gpg: Fixed decryption using an OpenPGP card. * gpg: Fixed bug with deeply nested compressed packets. * gpg: Only the major version number is by default included in the armored output. * gpg: Do not create a trustdb file if --trust-model=always is used. * gpg: Protect against rogue keyservers sending secret keys. * gpg: The format of the fallback key listing (gpg KEYFILE) is now more aligned to the regular key listing (gpg -k). * gpg: The option--show-session-key prints its output now before the decryption of the bulk message starts. * gpg: New %U expando for the photo viewer. * gpg,gpgsm: New option --with-secret. * gpgsm: By default the users are now asked via the Pinentry whether they trust an X.509 root key. To prohibit interactive marking of such keys, the new option --no-allow-mark-trusted may be used. * gpgsm: New commands to export a secret RSA key in PKCS#1 or PKCS#8 format. * gpgsm: Improved handling of re-issued CA certificates. * agent: The included ssh agent does now support ECDSA keys. * agent: New option --enable-putty-support to allow gpg-agent on Windows to act as a Pageant replacement with full smartcard support. * scdaemon: New option --enable-pinpad-varlen. * scdaemon: Various fixes for pinpad equipped card readers. * scdaemon: Rename option --disable-pinpad (was --disable-keypad). * scdaemon: Better support fo CCID readers. Now, internal CCID driver supports readers with no auto configuration feature. * dirmngr: Removed support for the original HKP keyserver which is not anymore used by any site. * dirmngr: Improved support for keyserver pools. * tools: New option --dirmngr for gpg-connect-agent. * The GNU Pth library has been replaced by the new nPth library. * Support installation as portable application under Windows. * All kind of other improvements - see the git log. Getting the Software GnuPG 2.1-beta442 is available at ftp://ftp.gnupg.org/gcrypt/gnupg/unstable/gnupg-2.1.0-beta442.tar.bz2 ftp://ftp.gnupg.org/gcrypt/gnupg/unstable/gnupg-2.1.0-beta442.tar.bz2.sig and soon on all mirrors http://www.gnupg.org/mirrors.html. Please read the README file ! Checking the Integrity == In order to check that the version of GnuPG which you are going to install is an original and unmodified one, you can do it in one of the following ways: * If you already have a trusted version of GnuPG installed, you can simply check the supplied signature. For example to check the signature of the file gnupg-2.0.23.tar.bz2 you would use this command: gpg --verify gnupg-2.1.0-beta442.tar.bz2.sig This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by that signing key. Make sure that you have the right key, either by checking the fingerprint of that key with other sources or by checking that the key has been signed
Re: New user needs some help
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Friday 6 June 2014 at 12:32:38 AM, in mid:5390fe16.2020...@riseup.net, Mirimir wrote: I've used GnuPG almost exclusively with people who know me only as mirimir, or as another of my online personas. For the most part, those are people that I know only as their online personas. I've also used GnuPG with a few consulting clients. I use it with pgp...@yahoogroups.com which is an encrypted discussion list. - -- Best regards MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net CAUTION! - Beware of Warnings! -BEGIN PGP SIGNATURE- iPQEAQEKAF4FAlOTopdXFIAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0 N0VDQTAzAAoJEKipC46tDG5pg/kEAJOlGMZlsr+VvO+rIRvrc7HEqF7i7WGegz8K kkAzocCEdLJVsqgntbup6YFAbfu+MfC3nLBDt/QTX3LEo/nK4LzA6PPL0oAvjc9k hiffMdbp7454mwHBEMYVGnhIeXk/fTOIpGVbf8aZ8xPzvrDD+OtHmS+VQy2XrU4A U5HkAntF =tXfu -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Google releases beta OpenPGP code
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 El 04-06-2014 4:32, Werner Koch escribió: On Wed, 4 Jun 2014 04:43, ds...@jabberwocky.com said: I haven't looked at the fine details yet, but on the surface it seems like they're aiming at Gmail (mainly, but not solely). Interesting. This is in contrast to a recent online article in the German c't magazine [1] where the author claims that Google would cannibalize their own business model if they offer end-to-end encryption. Apple on the other hand can afford the luxury of encrypted chats because their revenue stream is not alone based on advertising. I have the feeling about Google doesn't care if a small percentage of users avoid the business model. As an example, since I made my first gmail account (at that time you needed an invitation to make an account, and people only had 6 invitations to send), I've been using my account through POP3/SMTP, so I never see the advertisement. Of course, when I got my 6 invitations, I sent them to other friends, and none of them use Thunderbird or equivalent, so google lost the advertisement I don't see, but got other 6 people that see it... I guess they bet it will be the same with OpenPGP. Most people value the ability to access their messages from anywhere, using webmail, and won't want to have to carry their private keys with them. Best Regards -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJTk65cAAoJEMV4f6PvczxAZjgH/3PxixC9U7mhHydMvho9Jlcj o2YZ7WLkwcthXF9XEhMjtNQFUCz3WsCb4NhveVv3MZjlpYkZ78te0yOWQ7jDoxNr I5ggxidGzEmB89WiTbKeUu6rY+rhuExPvIHVICOJf6z3Pz/lRZNIWtLbuVzwy/yI 5FjP/56NSwk1bjH4Cr6HyLD0cWt95JfFwD0980c/1qBbMDwniJLzppLvWCeIvMaF 6qOAl7SapGjKPrymNeo4Objus8qmfyVt/78Pp4se4cpcfuP8BZP6LlWSZvmmC419 Su1KXkOzZHne9rz9gmK4DpcoQ5rnw1EC3wbC/HLA7WjzWNcmQcFmA1YX1mfoeHQ= =a3We -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
