Re: Setpref is not working or is it a bug or something?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi bro, :) Thanks for correcting me. Regards! :) Robin Mathew Rajan On 29-11-2014 AM 08:57, Robert J. Hansen wrote: >> You can delete these values from your current gpg.conf. >> >> s2k-digest-algo SHA256 s2k-cipher-algo AES256 cert-digest-algo SHA256 >> digest-algo SHA256 >> >> Reason 1: Those values are used when options like >> 'personal-cipher-preferences', 'personal-digest-preferences' and >> 'personal-compress-preferences' are not given! But here, you already >> gave those three options already. > > This isn't quite true. personal-*-preferences won't affect s2k > preferences or cert-digest-algo. However, you're absolutely correct to > advise against using cipher-algo or digest-algo. > > (I *think* I'm right on this, but I can't promise I am, nor have I done > a quick empirical test to check. Take the preceding with a grain of salt.) > >> Reason 2: Those values are known to break the OpenPGP standard. > > Some of them are serious problems (digest-algo and cipher-algo). The > others are mostly safe. s2k is only used by the user on their own > machine, so there isn't much concern about interoperability with other > OpenPGP clients. > >> That's the same OpenPGP does. OpenPGP standard is just a reference >> model. Anyone can modify it and include unique features. But it's >> not necessary to be those 'unique features' to be included in every >> OpenPGP implemented products. But when it comes to communicating >> each other, there comes the problem if there's no common standard >> rule. > > Those who are concerned about OpenPGP conformance should add "openpgp" > to the end of their gpg.conf file. :) > >> But at the same time, these settings might be incompatible with >> older softwares. > > Nope! The preference list you gave will not cause troubles with any > OpenPGP application, not even old PGP 5.x. If there's no preference > list on your recipient's public key (which does happen, from time to > time), OpenPGP will gracefully degrade to use SHA-1 and 3DES. SHA-1 is > getting pretty long in the tooth, but 3DES is still solid as a rock. > > My usual joke about 3DES -- which, like most of my jokes, is a way of > telling truth with a laugh -- is that 3DES has all the beauty of a > Soviet workers' housing bloc, all the aesthetics of the Socialist > Realism school of art, and yet has been turning brilliant young > cryptanalysts into burned-out alcoholic wrecks for the last 35 years. :) > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCgAGBQJUenyNAAoJEJyRZAJNoXmulPYP/jWu0Om3Jt2FIZwWc65cPlbz odJrDeQvzwJ0b03xtJy5B1e42cIRfSZVNkLpUP8ajxdbH/ISgraXtEmhZwyZwIfg Rnx986Mnrb5kT9eY1JbBLYVm20Exq9nwkrvoMjbWnJESJxbqcNYKYcAIjZkRAHqd ow3um/OGlY/HS+t/0Q92d6TRfaLkJxhmIw6EqwutFuQ44MUd3no9I5J0sn1CnGXG 0twX2h6IXAlzPEBJz2eMSjpmwEDVLHzzMw7UixVc8jOjlf+uk1XboZZgxiaEXZAq ydycXICFI8rVtQQmKDgVuBQvFLUYC4ZInKFDM/qTEgi4r1bs3XGzoBk2y8BJxep+ q0lDeNvXDyZXRXms0Ga0aWUaJ29pfS95/nKqaF7/ndFNOVNS3/oXgAuS2uRs9s5l BRp2wWb7S82H5ueLffhNAvHTgq2vffDglNrm+TrAHyUw48H0Fsx0TsVjlgotAx+x 5yGcf5MzAxlpEa4FpcUZN1xjto3sh5/Q57bCFAsYoVbbkuyTsvPBD1FUzwY8SlC7 R1M7c0xLhO96NsKEQVdz7HQW0yE2jF4ZBsBcSUc7wzIvCEIKdtO6U9mQYOhJ9Fx1 HjUTRnLlPv3h+/D4GR4CQjER6LF5xGjXMaSWl6v83uUsVTL4tSKo/ZbgLszSh3TD rGhlmAvGGfwFpL8zf0nS =HQCO -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Keygrip v fingerprint ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 11/30/2014 12:23 AM, Philip Jackson wrote: > I see on : > > https://www.gnupg.org/documentation/manuals/gnupg/Option-Index.html#Option-Index > > references to both --with-keygrip and --with-fingerprint. When I > try --with-keygrip on gnupg2.0.26, it appears not to be a valid > option. > It is available in 2.1 > The only other time I have seen a reference to a keygrip (and I > don't remember where I saw it), it seemed to me that a keygrip > looked just like a fingerprint. > > Could someone please explain the difference between a keygrip and a > fingerprint or point me to a relevant document ? The keygrip is protocol-agnostic whereby the fingerprint would differ e.g. between OpenPGP and X.509. From [0] (note "[2]"): The keygrip is a unique identifier for a key pair, it is independent of any protocol, so that the same key can be used with different protocols. PKCS-15 calls this a subjectKeyHash; it can be calculated using Libgcrypt's gcry_pk_get_keygrip (). References: [0] http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=agent/keyformat.txt;h=42c4b1f06faf1bbe71ffadc2fee0fad6bec91a97;hb=refs/heads/master - -- - Kristian Fiskerstrand Blog: http://blog.sumptuouscapital.com Twitter: @krifisk - Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 - "I have always wished that my computer would be as easy to use as my telephone. My wish has come true -- I no longer know how to use my telephone" (Bjarne Stroustrup, April 1999) -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJUemW3AAoJEPw7F94F4Tag29IP/iO+JvAlFBZyqgF5Juf+F005 iCHj7piTb5uTKFHCS+tZl481HCet1dEti8JUlQBYq5G7HAKfwWGvSsg3XSg+bpJu s9UM3JQpC4Nc+rxVqyYkB6rwPRCdWHiJgVV9vCBX9WzRfLT4TkVBVarMRWl7v6mx mUspI9PAm3pHVS9Sp4ehvLaDH+0tew3sCGeMLa6F4tvEcjtl6v9TXEtlsmJaBE0R 4m945ik6rAidSLVViCHBBL28UmKsXgho0YHP1fINT3nrmqojesZhqSwQ/dGL3Ppn 9Jcqiz7jLJAmx3pwBgeOV5kzFLE0iWS4x6bwNLaopjI0gM2U/ccuH3HVKbl0xu0w Ki+z9U1eLXc2zxuGrc7M0bVjcGt72pdODPf2HNUzYeFlTcX6mmIRRVGydoKbvQBB o84Io2pIjprCcC07lqyWU8lB6QaNHHrJ/cp1NVSfPhnxfpnPLW3u62K/2WXiWfMJ aztfgWSIFNjrFUY01ayQj/OePei6V4FRQa9G13PSCF8C+6ESNOvLL7FpeAqQM9Es H0I8FjWmBpVfbamuNiQxZymwN2Rc0FknGHxpwvWcZEu6PUJUyY2PtNmWwKd7nvpq rYfp9okBRs0TCIAs0XRuF0RepwbVcbr9Z2Kxy5vqE3XsSZ5B9a4zU7OzGIoqkcH5 UQtfRrgLvyVpIiEgWq8V =ZaEC -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Keygrip v fingerprint ?
I see on : https://www.gnupg.org/documentation/manuals/gnupg/Option-Index.html#Option-Index references to both --with-keygrip and --with-fingerprint. When I try --with-keygrip on gnupg2.0.26, it appears not to be a valid option. The only other time I have seen a reference to a keygrip (and I don't remember where I saw it), it seemed to me that a keygrip looked just like a fingerprint. Could someone please explain the difference between a keygrip and a fingerprint or point me to a relevant document ? Philip signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Difference Kleopatra vs WinPT
You're confusing gpa and winpt. Gpa is the default utility included with winpt, but kleopatra is also included with winpt. Comparison wise, kleo has more features, but gpa's futures are more... useful? I find myself using gpa daily, and kleopatra only on rare occasion On Nov 28, 2014 11:41 PM, "Ben Stover" wrote: > As far as I can see Kleopatra and WinPT are similar, competing tools for > the same purpose: > > Management of pgp keys & certificates. > > What are the differences in details? > > Which one is better/more used? > > Ben > > > > > > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users