gpg wants IDEA
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, I have an older gnuPG (v1.4.6) that is apparently mis-configured. When signing a message, it fails with a note about what a bad idea IDEA is, and quits. gpg is called from an email program to perform security services. There is no command option to indicate a preferred cipher. - [ command ] gpg.exe --passphrase-fd 0 --batch --armor --no-tty --status-fd 2 - --local-user per...@example.com --output output.pgp --clearsign input.bod 2> splat.err - [ end ] - [ error ] gpg: protection algorithm 1 (IDEA) is not supported [GNUPG:] RSA_OR_IDEA gpg: the IDEA cipher plugin is not present gpg: please see http://www.gnupg.org/faq/why-not-idea.html [^] for more information gpg: skipped "per...@example.com": unknown cipher algorithm gpg: W:\APPS\PMMAIL\TESTACCTS\test1_00.act\outbox.fld\nge4mh01.bod: clearsign failed: unknown cipher algorithm - [ end ] Why would gpg feel compelled to use IDEA? How do I convince gpg to forget about it? - -- James Moe moe dot james at sohnen-moe dot com 520.743.3936 -BEGIN PGP SIGNATURE- Version: GnuPG v2 iEYEARECAAYFAlSJNggACgkQzTcr8Prq0ZNKvgCcCqWR7LgSHW2lk+DHE79BAJhp zjYAni21pGKiWetthS7EN93CL/Fkk8tP =k2Ka -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
gpg / Enigmail behavior after disabling Gnome Keyring
Hi all, after a recent upgrade to Kubuntu 14.10, gpg started to show that warning message about Gnome Keyring hijacking it. After adding the following lines to a startup script: killall gpg-agent killall gnome-keyring-daemon gpg-agent --daemon --enable-ssh-support --write-env-file "${HOME}/.gpg-agent-info" . "${HOME}/.gpg-agent-info" export GPG_AGENT_INFO export SSH_AUTH_SOCK gnome-keyring-daemon --components=ssh,secrets,pkcs11 the pinentry dialog was back instead of the Gnome one. However, each time I decrypt an email now, gpg asks for my passphrase (apprently not caching it), and each time I want to sign an email, it asks for a passphrase twice. As described here: http://comments.gmane.org/gmane.comp.mozilla.enigmail.general/19022 (I also use Thunderbird and Enigmail). This is odd and a bit annoying. Using gpg directly on the command line to sign a message results in only one passphrase prompt though. Has anyone experienced the same problem and could point me to a solution? Thanks a lot. Greets, Lutz signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Enigmail] Enigmail is not using seahorse
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, On 07.12.14 21:36, Lucas Verney wrote:> > Le 07/12/2014 21:25, Ludwig Hügelschäfer a écrit : >> Hi, >> >> On 07.12.14 21:09, Lucas Verney wrote: >> >>> In Arch, with Thunderbird 31.2 and Enigmail 1.7.2, I can't get >>> Enigmail to use Seahorse instead of prompting me for my >>> passphrase. >> >> When using gnupg 2.x, it's not Enigmail asking for the >> passphrase, it's gpg-agent. >> >>> Is there some hidden configuration option ? >> >> Please search for gpg-agent and gnome keyring, you'll get lots of >> hits and all telling the same story: they cannot coexist >> peacefully. Gnome keyring tries to hijack the gpg-agent, but is >> not very successful in doing this. > > Thanks for pointing me in the right direction, this is due to an > update in gpg and not in Enigmail, contrary to what I was > thinking… > > For the record, here is the explanation : > https://wiki.archlinux.org/index.php/GnuPG#GPG_AGENT_INFO > > Then, does this mean I have to enter my passphrase at least once > per session, or is there still some alternatives to Seahorse that > could handle this ? Taking this discussion from Enigmail to gnupg-users. I think there might be more and good advice :-) Ludwig -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCgAGBQJUiKsLAAoJEA52XAUJWdLjuSwIALVmfyOcYzsqslFoSXlZ9dDb 7qyeu9YbdkeOvTlUnkhHo5N2yAeC29MtZMAUP/rZ1fwgA+AoVJVl4K6rxkiwO/N5 X3blTDbIZC4xlhHcSniPkS69nw3Qjooj2XKQINLTlvDIEPJst9RjyvtAGJk77IcR r7ZCSuWisJa98cDbCszoRo5q18RKgQEy8/WRYcfguuDcdAXMrXse9t/Mi3PuhDJL IXKkRDMRVbiJE4l0JGzf319O10SWxig6wrWTvpHLOHaT5n85nr8WZgU4ug7T5cYf tlkwfyhycM3uJqSFJA82D98Eqa5kGmIVOMEBySW1163SyrSZIsD6KclDGR1N6Eo= =9c4Y -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
FYI: Arch linux provides GnuPG (2.1.0) package without ability to use HKPS
The Arch linux GnuPG package 2.1.0-6 is unable to connect to HKPS. The package maintainer is currently unable or unwilling to build GnuPG against GnuTLS. For further information you can follow: https://bugs.archlinux.org/task/42739 I attempted to convince the package maintainer that the current package breaks essential and previously working functionality and was told I could build my own package. -- Samir Nassar sa...@samirnassar.com https://samirnassar.com PGP Fingerprint: EE76 B39E 0778 8F95 F796 B044 FE67 9A90 8E99 7AB2 signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Beta for 2.1.1 available
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Wednesday 10 December 2014 at 8:57:30 AM, in , Hugo Hinterberger wrote: > Hi, > I am still trying to find a working solution It is more likely you will find help if you start your own thread, with a subject like that matches what you are talking about. > to verify > incoming files and messages with GnuPG on Windows … and > I want the solution to be able to handle PGP/MIME > messages read through Gmane using elliptic curve based > keys. Let's break this requirement down. 1. Works on Windows. In case it makes a difference to the range of available solutions, 32-bit or 64-bit? XP? Vista? 7? 8?... 2. able to handle PGP/MIME messages Perhaps a mail client that integrates with GnuPG (either directly or using a plugin. Or you could copy the message source to the clipboard or a text file and decrypt/verify it there, but there are some message encodings that seem to frustrate this approach. 3. Reading through Gmain. Web interface? News reader? In a mail client? RSS feed? 4. using elliptic curve based keys Needs to use GnuPG 2.1.x. > I just have started to try signing messages. > I tried signing a text several times, every time with > the same result, the broken signature. Sounds frustrating. - -- Best regards MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net No matter where you go, there you are. -BEGIN PGP SIGNATURE- iQF8BAEBCgBmBQJUiKYhXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw MDAwMDAwMDAwMDAwMDAwAAoJEGt8dM6zHyXwr8UIAIs5mAJO/HBXk9Bwv25GO9q3 +Kgy4JdcePtK55ci+a921hb8uhj0a6wJqBK8li9KDwnIYvJo11xVCKYRMaD/NtoU tZPZHiKyztO94YUYyZH0BE+bVxs5rHMBmndWRbyE4gupOst+/GDW2joLHwVkJFa/ Q5lGg9loafq/HFP/dUXas04H7ERH5lkMQr1EjbM1F3XMD/D2tuixuwJsiPpbZ0i1 9B5c8cPf980ksNQSMSYoQ6fIJ6VKxcM69YLOIcivsLHtFEfR/Yw5+uAjj+s9y1MG SzoS2oUdwm3NXSc1mOHU3xfieHdUOQ52zEEX7VPvRtxIbqddXofSPqpfMIcSSdiI vgQBFgoAZgUCVIimQ18UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw MDAwMDAwMDAwMDAwMAAKCRAXErxGGvd45K5NAQChTZzwC5i8jOLMEk1+v88W5Z4n GNSyl7apIogSGRwQPgEA0uqsV+feRBDwYdtxZWN5kWONxRkP5K8OQKelQnOX4wI= =61+r -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Release scheduling
On Wednesday, 2014-12-10 19:01:25 Kristian Fiskerstrand wrote: > See https://bugs.archlinux.org/task/42739?opened=6005&status%5B0%5D= Well lo and behold. When I rebuilt the package with GnuTLS as a dependency and killed the running dirmngr process HKPS works. I understand that the GnuPG package maintainer is being conservative with adding requirements to Arch core repository, but I believe this is a mistake. Thank you all. -- Samir Nassar sa...@samirnassar.com https://samirnassar.com PGP Fingerprint: EE76 B39E 0778 8F95 F796 B044 FE67 9A90 8E99 7AB2 signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Release scheduling
On Wed, 10 Dec 2014 18:10, kristian.fiskerstr...@sumptuouscapital.com said: > The SNI issue last discussed in [0] springs to mind. But I still > experience this on gpg (GnuPG) 2.1.1-beta67 I have not yet tracked this down. For easier debugging I added some more debug output. Forgot to push them, though. ... Now available. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Release scheduling
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 12/10/2014 06:44 PM, Kristian Fiskerstrand wrote: > > ... > >> Individual keyserver should be no issue as long as you don't hit >> the SNI issue, are you sure gnupg is built with gnutls / hkps >> support? I know that at least earlier builds of arch did not >> include gnutls support, which caused some headache to debug >> while helping a user on IRC (the reason for the patch to only >> report hkps scheme earlier). Do > > that should read: only report hkps scheme when actually > available... > >> an ldd on dirmngr binary and see if it is linked with gnutls. > See https://bugs.archlinux.org/task/42739?opened=6005&status%5B0%5D= > > > > - -- - Kristian Fiskerstrand Blog: http://blog.sumptuouscapital.com Twitter: @krifisk - Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 - Timendi causa est nescire The cause of fear is ignorance -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJUiIpyAAoJEPw7F94F4TagNLIP/0qN3Xyt6yBT6E92zYGz+dPH vs2QTHrvoD82qcpppxX/EIQ0gOk/QimeNpnnJASVuKa+9hTQgNQi+XeaA5EdWZSN wenB9nE/8cs7Xsq1q/4p6r6/w3qdGVUiAU9/hcJ2orW3lPZWT1sJd7pyrjs25jm3 cdnQ9j+N6QsYV2togHkkOl/rhtrPYuow3JCll+IFhP3VhjnlTZSgDJDEP8DIaYTU SswrCRk2yOxLXYd+DqUjnwjMwPUC1e+rD8HMZEOK0bLEpzIo1QrwQPtLGcWGnQoH XCGDd3QQmMP/ivKSFJkJXKnC9oDiCOpHC2zYaniFkxvvOuPdyC+IUERE5s8g42D4 FvaRIJ5DRvbqR9K3FgagsyNgbeSQ0xcE2izX1f4diEPN+NmgcOmU1snmg48aCCBz qkj+9rDrYxIV2kTGHwOHLd1aqGBQZmLX+xMgLrkWXEclApmPgwM8vdEBd6zM9aKD kT9eqMmYtFHuPfEsdZ7CcvewdoS1LOmgamTau2FxhBUPGBEMf1b5Q2hdgWILL4la 3m9e9SxVRbm9AykN91OlYhPsy2J6pP9xYZohIcs+lmdTDagWpbd16raxigV4UjyK tmSgjOmkRX6GSe+gKwbPXq80/JKq5NiU4oLV93HeHnEBHLfEXa1rG7wWqcWGC5j5 CcWldu8pJsZRmRglaXl6 =bRtx -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Release scheduling
On Wednesday, 2014-12-10 12:10:28 Daniel Kahn Gillmor wrote: > > Can you provide more detail (or a link to a bug report) about the > > problem with hkps in 2.1.0 ? On upgrade to 2.1.0 looking up keys from a keyserver stopped working for me. I tracked down the following comment from Hugo Hinterberger: http://lists.gnupg.org/pipermail/gnupg-users/2014-November/051695.html and Kristian Fiskerstrand's suggestion: http://lists.gnupg.org/pipermail/gnupg-users/2014-November/051698.html On Wednesday, 2014-12-10 18:10:58 Kristian Fiskerstrand wrote: > The SNI issue last discussed in [0] springs to mind. But I still > experience this on gpg (GnuPG) 2.1.1-beta67 I had the impression that this bug is getting fixed in 2.1.1 and that I shouldn't increase noise to an existing and known problem. At this stage I can report that despite trying out Kristian's suggestion I am not able to interact with either the hkps pool or individual hkps keyservers. Arch Linux, GnuPG 2.1.0. -- Samir Nassar sa...@samirnassar.com https://samirnassar.com PGP Fingerprint: EE76 B39E 0778 8F95 F796 B044 FE67 9A90 8E99 7AB2 signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Release scheduling
On 12/10/2014 12:26 PM, Samir Nassar wrote: > On Wednesday, 2014-12-10 12:10:28 Daniel Kahn Gillmor wrote: >>> Can you provide more detail (or a link to a bug report) about the >>> problem with hkps in 2.1.0 ? > > On upgrade to 2.1.0 looking up keys from a keyserver stopped working for me. > I > tracked down the following comment from Hugo Hinterberger: > http://lists.gnupg.org/pipermail/gnupg-users/2014-November/051695.html and > Kristian Fiskerstrand's suggestion: > http://lists.gnupg.org/pipermail/gnupg-users/2014-November/051698.html kristian's suggestion works for 2.1.0 already. I currently use 2.1.0 with hkps just fine. > On Wednesday, 2014-12-10 18:10:58 Kristian Fiskerstrand wrote: >> The SNI issue last discussed in [0] springs to mind. But I still >> experience this on gpg (GnuPG) 2.1.1-beta67 > > I had the impression that this bug is getting fixed in 2.1.1 and that I > shouldn't increase noise to an existing and known problem. At this stage I > can > report that despite trying out Kristian's suggestion I am not able to > interact > with either the hkps pool or individual hkps keyservers. Arch Linux, GnuPG > 2.1.0. did you update ~/.gnupg/dirmngr.conf with a value for hkp-cacert ? --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Release scheduling
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 ... > Individual keyserver should be no issue as long as you don't hit > the SNI issue, are you sure gnupg is built with gnutls / hkps > support? I know that at least earlier builds of arch did not > include gnutls support, which caused some headache to debug while > helping a user on IRC (the reason for the patch to only report hkps > scheme earlier). Do that should read: only report hkps scheme when actually available... > an ldd on dirmngr binary and see if it is linked with gnutls. > > > - -- - Kristian Fiskerstrand Blog: http://blog.sumptuouscapital.com Twitter: @krifisk - Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 - "History repeats itself; historians repeat each other" (Philip Guedalla) -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJUiIZoAAoJEPw7F94F4TagNdsQALFxV+2lWt31u2UDhrvPBpfQ 5l9pR6Mly+uwhz1ngsWUFH34VHVbM8c/Ks1fqXdjPN5i0a4XxUmA66Ra1LCDWfJH hbh5urPAA+CSZEDzzcSbthkWs8mSwLW95TWxh/3mNT67jXn1WTW50kME0PZmsyFm j1VLoMGCrTXEugN6CucglV97hB5QE1zUVKv+hdAmTRWqbmyfUe6TWLQdqUFrQWFq bYIlKmYbb+u0mX9jtbPb0+y9MVf9HuWG58VyrAffA9u+sh7xAGy8Z3N6ScmvMil7 uNFIAzCbYaIo2O4DQn4oJ8lbcsRH/bl7vFmCAt+mgUr8UvOurneJizbKHc9sQ07V TA8vNSnuSBCrM8DQ2x8q8y4gjf4ySx8EREX1D57BuRfKnLQrB4HTdQsz2PkktE24 pIg4hSVFm37akttxtR4neFKw9kSN9pppO64oUNjYGFT3dd4XnohflCjHL8hiFic3 akMF4uKVh0kAJVHJhf0+2JXOgQHHt1ma0cMeYFQ5VYXCkoLFzwfpoRH2cilNUrKt H7408aDXDPQFES2mTMcCVp7v1avNh0r1oTGNjI6l2ZMeWKif2FKdW075aohhM4CS a1r/AGk2dU7QjzylbcAuBAOgSdz5AYXmLLvIftJWMGMK6Z4v+Y7qMkwmH6PP9aD7 KY+IOdclNFt0Xn9wDiZK =FDWh -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Release scheduling
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 12/10/2014 06:26 PM, Samir Nassar wrote: > On Wednesday, 2014-12-10 12:10:28 Daniel Kahn Gillmor wrote: >>> Can you provide more detail (or a link to a bug report) about >>> the problem with hkps in 2.1.0 ? > > On upgrade to 2.1.0 looking up keys from a keyserver stopped > working for me. I tracked down the following comment from Hugo > Hinterberger: > http://lists.gnupg.org/pipermail/gnupg-users/2014-November/051695.html > and Kristian Fiskerstrand's suggestion: > http://lists.gnupg.org/pipermail/gnupg-users/2014-November/051698.html > > On Wednesday, 2014-12-10 18:10:58 Kristian Fiskerstrand wrote: >> The SNI issue last discussed in [0] springs to mind. But I still >> experience this on gpg (GnuPG) 2.1.1-beta67 > > I had the impression that this bug is getting fixed in 2.1.1 and > that I shouldn't increase noise to an existing and known problem. > At this stage I can report that despite trying out Kristian's > suggestion I am not able to interact with either the hkps pool or > individual hkps keyservers. Arch Linux, GnuPG 2.1.0. > Individual keyserver should be no issue as long as you don't hit the SNI issue, are you sure gnupg is built with gnutls / hkps support? I know that at least earlier builds of arch did not include gnutls support, which caused some headache to debug while helping a user on IRC (the reason for the patch to only report hkps scheme earlier). Do an ldd on dirmngr binary and see if it is linked with gnutls. - -- - Kristian Fiskerstrand Blog: http://blog.sumptuouscapital.com Twitter: @krifisk - Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 - "We can only see a short distance ahead, but we can see plenty there that needs to be done." (Alan Turing) -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJUiIWfAAoJEPw7F94F4Tag31UQAJKSimTMhBif5PCUexU2fUZi zEquZ41JJEyrcVqhmB2MWHDRWl0uZ0NrRomxig/w99BQKUSNN147rEI/mcF1vSa7 g2Fmbi/WSd+lJGrBZAJ56uEGI/o7WcHoMRDiGucESCHE3zv4r9ZrIoWlHC1gZ/xj GBDLgk6kt5UiuRUYIcMjwe0lWowqyyUJGozm8ZGivULozNhU8CEGoame/NTCrE56 H8o6KaqpML1WMAEO9b2CnfVqOGJTYCJ0OwcunhuMlMiWG4ZsH5u7TlES67lY1Bzq TRbu5zsasJD5t81hCb90t69vOh1qH/K80h/WG0qXHjzOim41fSk9NbrZjp84i6Tk R6D0pAUnDxV0bst0mkhDjI3Sh0+VCsZg7PxtVnSruXYrL3LSCy30xHNzaSrMKxtH cRkoIcspl8E0tgMUDdSC/T0Z9KFNWKHf0/gkuv99K8z9k0uBDMAq/vgzoekR25cd ukyYEfhhsS9JSHaPX620g2fZ/qFxk/m3loNlYgXb6XyxPSYkNewqcMlrHpFFSUOv vx1kFfOzyxpH/al1ihsSLLnawP6xX5NSS729HHYL7RVaUFtexXiyR9PWd8Yt7nnL ZRIWB4MW2pugS1FUdiCAepYe5sQGx1uLcKGUP9zsoUsdkFDAVrAS4rEq5hNzbjDv 0LTrQMcxREE3yx5c45bi =Ro0f -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Release scheduling
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 12/10/2014 06:10 PM, Daniel Kahn Gillmor wrote: > On 12/10/2014 12:02 PM, Samir Nassar wrote: >> It is my understanding that 2.1.0 has a problem with hkps >> keyservers (such as the hkps SKS pool) and that this is only >> fixed in the betas for 2.1.1. If this understanding is correct >> and 2.1.1 fixes the hkps issues, I'd vote to release 2.1.1 > > Can you provide more detail (or a link to a bug report) about the > problem with hkps in 2.1.0 ? The SNI issue last discussed in [0] springs to mind. But I still experience this on gpg (GnuPG) 2.1.1-beta67 References: [0] http://lists.gnupg.org/pipermail/gnupg-users/2014-November/051471.html - -- - Kristian Fiskerstrand Blog: http://blog.sumptuouscapital.com Twitter: @krifisk - Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 - "If you choose to sail upon the seas of banking, build your bank as you would your boat, with the strength to sail safely through any storm." (Jacob Safra (1891–1963)) -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJUiH6cAAoJEPw7F94F4TagWNYQAJwiRpGgHoeJdzjuVQNg8JnZ wv+6sZSONpPZUwAAZHcr7Ix5AYb78OMSYur69PLKsd4L+2hw6dXsP/lfvRXoV0Oq X5aIrAuYqf58wQ/mIQ9wZoKyNvMXc6WAFMSXiNSB5frzYOIpoPadKpg4Mhg+pefA h6JDpo905vR9bJd9p8W1aXED+kSxAYb05sp88aCrGpW61i9kPObmtIfw82pq+cDb DFAh+2cpNqlVq6OYPo2aM7/a2UAaPQHYMayBxumZvpFUwF6eumUk1MqlFViL5WRc Y13fin6hKbvA97b3PR0gBDkAOL/JLA5IivAkcuVVzygsOOZWv/3n0lN/J4V2pI0l Zb+FNMlow8omPwj8fy+suhA6f6bz5PTMVUYMcWL91UJay7Mt+YftLm7HO8moIJyO Yhj5BnTSx3hfmnSY6sAft9W702K9D7+lRekPB15guAmPdFPc/QW4EiQKFCI0f8qH iSKsHjLU7e747L8vCraEIkuyVfWptBX2/OuXFJIhVBNMsZJhhpc+G8CMBXgya0ZC 6z4DiVcLKEcVZyKaDYT90FRRO2ZNGJa3vh5C7dtM0eZPtrpzyxTeYYQiaKBtTzX5 K0WV3Cjt2UWul7UO4cbeXYWAYpn1Ty/QAsH/voaWWUr8hmg+PtVwI/UpIaoq7+fO Jr56Zwkpp+2aP+r9g7S3 =7xnz -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Release scheduling
On 12/10/2014 12:02 PM, Samir Nassar wrote: > It is my understanding that 2.1.0 has a problem with hkps keyservers (such as > the hkps SKS pool) and that this is only fixed in the betas for 2.1.1. If > this > understanding is correct and 2.1.1 fixes the hkps issues, I'd vote to release > 2.1.1 Can you provide more detail (or a link to a bug report) about the problem with hkps in 2.1.0 ? thanks, --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Release scheduling
On Wednesday, 2014-12-10 17:41:21 Werner Koch wrote: > Hi! > > it is now more than a month since the 2.1.0 release and I am asking > myself whether it is time to do another release. There are about 50 > commits including It is my understanding that 2.1.0 has a problem with hkps keyservers (such as the hkps SKS pool) and that this is only fixed in the betas for 2.1.1. If this understanding is correct and 2.1.1 fixes the hkps issues, I'd vote to release 2.1.1 -- Samir Nassar sa...@samirnassar.com https://samirnassar.com PGP Fingerprint: EE76 B39E 0778 8F95 F796 B044 FE67 9A90 8E99 7AB2 signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Release scheduling
On 12/10/2014 11:41 AM, Werner Koch wrote: > However, there are still open bugs and new bugs are also detected every > few days. I think it is better to do a 2.1.1 now instead of trying to > get all new bugs fixed - it would delay things into the next year. > > I plan to look into the learn card problem and find a solution before a > 2.1.1, though. > > Okay? Yes, i think releasing 2.1.1 even if we haven't fixed all the bugs is a good plan. Clearly there are a lot of improvements that would be good to have in a released version. Thanks for your work on this, Werner. --dkg signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
"key algorithm" in GnuPG's signature verification output
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Hugo, yes, I am sorry: it seems to be like this assumption, but only if you are using other quotation marks than standard "something". Regards, Chris > -Original Message- > From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of Hugo > Hinterberger > Hi Chris, > So, are you saying that my messages break your signatures of replies to my > messages? -BEGIN PGP SIGNATURE- iF4EAREKAAYFAlSIerIACgkQI4+xq0ppLEm56wD/YqUzECDWK2RfRtA3Z8VVgOPf mGFZvL1fvTs7syLa/qsBAOUWacyWtNPySLbiuWXXoVOtfMYEKjrOLPSErPNyzWpZ =9xex -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Release scheduling
Hi! it is now more than a month since the 2.1.0 release and I am asking myself whether it is time to do another release. There are about 50 commits including * gpg: Detect faulty use of --verify on detached signatures. * gpg: New import option "keep-ownertrust". * gpg: Fixed regression in --refresh-keys. * gpg: Fixed best matching hash algo detection for ECDSA and EdDSA. * gpg: Improved perceived speed of secret key listisngs. * gpg: Print number of skipped PGP-2 keys on import. * gpgconf --kill does not anymore start a service only to kill it. * Fixed keyserver access for Windows. * Fixed build problems on Mac OS X * The Windows installer does now install development files * More translations (but most of them are not complete). * gpg: Removed the option aliases --throw-keyid and --notation-data; use --throw-keyids and --set-notation instead. * gpg: Skip too large keys during import. However, there are still open bugs and new bugs are also detected every few days. I think it is better to do a 2.1.1 now instead of trying to get all new bugs fixed - it would delay things into the next year. I plan to look into the learn card problem and find a solution before a 2.1.1, though. Okay? Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: "key algorithm" in GnuPG's signature verification output
Hi Chris, So, are you saying that my messages break your signatures of replies to my messages? Regards, Hugo ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Unattended subkey generation
On Wed, 10 Dec 2014 08:52, karda...@gmail.com said: > article, but currently it allows just one subkey while generating key pair. > What I want is a little bit different: I want to generate just sub-keys > without user interaction. It might be usefull to add a --quick-gen-subkey FINGERPRINT ALGO USAGE command. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
RE: "key algorithm" in GnuPG's signature verification output
Hi Hugo, I did make some test with your last post: Outlook-incoming as Content-Transfer-Encoding: base64 Content-Type: text/plain; charset="utf-8"; Format="flowed" If signing “something” (your choice) and resending, signature is broken. If signing „something“ and resending, signature is broken. (Word-2010; incoming Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable) If signing "something" and resending, signature works as expected. (Standard for Outlook-2010, Thunderbird-31.3; incoming Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit) Most used common keyboards are using SHIFT+2 for quotation marks. This results in above shown results, depending on charset and program used. Your (German) keyboard seems to be a scientific one with some additional chars enabled: http://is.gd/nkQQzK My Outlook-2010 (and Thunderbird too) generates "something" by default, not “something” (your choice), or „something“. Settings are set to "iso-8859-1", if new message is generated. If replying, incoming charset is used. I didn't notice such a behavior before!? Regards, Chris > -Original Message- > From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of Hugo > Hinterberger > Sent: Wednesday, December 10, 2014 9:15 AM > > Why break quotation marks "1AF778E4" and "good" or "bad" in OP signature > > verification while answering? > > I use “"” when it is required. In regular text I try to follow > typographical conventions for text. > Nothing seems to be broken on my end. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Beta for 2.1.1 available
On 10-12-2014 9:57, Hugo Hinterberger wrote: In anorther post you write: > The default encoding of my messages should be UTF-8, the message > format is set to MIME with no special text encoding (neither quoted > printable nor base64), and I allow 8-bit characters in headers. I think we have the culprit. If you do things like that, your "text" will probably be seen as binary data and treated as such. -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Beta for 2.1.1 available
Hi, I am still trying to find a working solution to verify incoming files and messages with GnuPG on Windows … and I want the solution to be able to handle PGP/MIME messages read through Gmane using elliptic curve based keys. I just have started to try signing messages. A misunderstanding of EOL conventions? I tried signing a text several times, every time with the same result, the broken signature. I just tried to reproduce my previous results; now it seems to work. What is different? I ran Windows Update. I tried it on the console before using GPA. OK, so I did some more experimenting: 1. Sign “Clipboard” in GPA using key 1. 2. Sign signed text in “Clipboard” in GPA using key 2. 3. Verify text in “Clipboard” in GPA. 4. Verify text in “Clipboard” in GPA. Results: After 1.: Signed text looks fine, just like on the console. After 2.: Signed text looks fine, just like on the console (two “BEGIN PGP SIGNED MESSAGE” and two PGP signature blocks). After 3.: Validation successful (valid), message stripped of signature is mangled (empty lines inserted). After 4.: Validation successful (valid), message stripped of signature is mangled again (now each line is followed by two empty lines). Copying text from “Clipboard” in GPA to Windows clipboard results in message stripped of signature after step 4 to not be mangled, except for two newlines at the end of the message (they were not there at the start). The text copied to the Windows clipboard is mangled again (just the signature part): every line created by GPA is followed by 2 empty lines, the original message seems unchanged. Verifying the content of the Windows clipboard by pasing it into the “Clipboard” in GPA results in a “"Clipboard" contained no OpenPGP data.” warning. Something is rotten in the state of GPA. Regards, Hugo ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: "key algorithm" in GnuPG's signature verification output
Hi Chris, Why break quotation marks "1AF778E4" and "good" or "bad" in OP signature verification while answering? I hope I understood you correctly. I use “"” when it is required. In regular text I try to follow typographical conventions for text. Nothing seems to be broken on my end. It might be an encoding issue, but I could not find one on my side. It could also have to do with the fonts you are using. Below are some details. I use a DIN 2137-1:2012-06 T2 keyboard layout and try to make use of it. Some charset settings needed? The default encoding of my messages should be UTF-8, the message format is set to MIME with no special text encoding (neither quoted printable nor base64), and I allow 8-bit characters in headers. I read the mailing list through Gmane (too little mailing list support in my e-mail clients, yes I use a few). I noticed some processing of my messages after they were sent (base64 encoding). Using [1] to decode the payload of the news article under observation of the content-type header (charset="utf-8") gives me my expected result, as do the messages archived at [2] and [3] (with Chrome on Windows). Regards, Hugo [1] https://www.base64decode.org/ [2] http://lists.gnupg.org/pipermail/gnupg-users/2014-December/051872.html [3] http://permalink.gmane.org/gmane.comp.encryption.gpg.user/39182 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users