Re: Securing the future of GnuPG with BitCoin

[Kristian Fiskerstrand]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On 12/19/2014 04:32 PM, Richard Ulrich wrote:
> https://gnupg.org/donate/index.html
> 
> Pay using BitCoin is missing

This might have been added after your original post, but "If you like
to donate Bitcoins you may use the Wau Holland Stiftung account too. ":
https://www.wauland.de/en/donation.html#61 offers bitcoin

- -- 
- 
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- 
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- 
Aurum est Potestas
Gold is power
-BEGIN PGP SIGNATURE-

iQIcBAEBCgAGBQJUlHY2AAoJEPw7F94F4TagFfIP/0sfGGpp7BkgTFNdWgcE5J81
qIVcDwQIjgIrlBQnjjyJtV1kfFM9TpeJHx3dgoOWPxrr9VBBirPv2yJy/8/ENVK4
Qse2ueyCe5Viidm6rRnlYYvr2yM1erhGkm3sJKSLZ5QzFpSQq+SUZZzIaOyqyjNd
rtWet7TKsseds/4U/ANCpcWnUYjdqM//JzXKTd4V41DqOql0Cd72mtgyyPPMsK9H
ADuhyuGFrbVF/cMQPkjaeMGJpJt3GOJ5YDXfxqAJ732GJ9UvwlhtIKy0U08XcoCq
IXtNfgLKAe7oDqsYgAIWmB7EzjbZuCNmdnV5xu5YrNkUg6cIqgIIvGxdPbtYadLL
FCnNXosE5KfY4xOqgCZRHJU2b9BKZu1erJu3vlwyCBMtfBx4ZEnjcZC1qoYBnM2X
UuvtdkJN72r4t6mANrHuvs23CS0CYfXOoPRcFtE2WQXZ+iin8QTcJ4DOIzfLmzww
jHA5BYS/1RY3Eq3ZZVCzPTc2fI8vXfEqL3VxnoWF12blpJcgZ8c4pFRFZcczUjwN
yuU5f++1UTQNeKHjmWwdjxn/ksuocPnITMeVSgY0OljeReCZVokYB92zWQ4ON3t6
Gtm/2qxltevTlr4xIkMohDxiWlCbqsZ6oVBJsAPAq/FSjQBGYxnoilumEgIpPI1j
z2JD3kTPzDs3gNGKKlIZ
=U7tz
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: [Announce] GnuPG 2.1.1 released

[Ludwig Hügelschäfer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On 19.12.14 18:09, Doug Barton wrote:

> Thank you for the time you've spent on this, but a minor quibble if
> you don't mind. Could you please provide signatures for the dmg
> files,

Open the .dmg and you'll notice the signature of the Installer
(Install.pkg).

Ludwig

-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQEcBAEBCgAGBQJUlHxTAAoJEA52XAUJWdLj8noH/i5l4Q89Oq7cnmjoIprVMSY+
fXY8QTwXTckHSNJgHLnqg3go6rKIPaQJozzFPHVeyj+J2NJB6vRlmG5oLQIN1LQI
89LX4o2t7hpF6GfbpdQ3OozaRxb5idHdSVrtelA/NG45U8UNmFgcJNL8aXYvFvLF
6FCzRkWL3Uw7cg5b5jqIISzAiMoAS7tzFYnhKAUjTTIxgR1QRHsfske/OQq7xMce
8Zqo91RiaqvRLfPG4bmpvbgD5gDv5zCqccjJ+s7Pm2xLboDLn7xgT/XoPuLMEh+Y
eFxaGGF3GehVSgtduL6dgF3EgeZtZsl2Whap5BmvIeidVN+HMq9x4siZBc3o7VY=
=q5dG
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

RE: Unable to encrypt file with private/public key

[Bob (Robert) Cavanaugh]

Dhiraj,
You need to clarify your terminology: Key pairs are composed of public and 
private keys. Each person generates a key pair. You freely distribute the 
PUBLIC key to any and all, you keep your PRIVATE key secret. When you use 
asymmetric encryption, you encrypt to each separate PUBLIC key for whom you 
send the message. So if you have three people you are sending the encrypted 
message to, you will encrypt three separate times. If you have the keys on a 
keyring the process is automatic. When you receive an encrypted message, you 
decrypt using your PRIVATE key. If you generate a digital signature, you sign a 
message using your PRIVATE key.  If you use symmetric encryption, your key 
pairs are not involved. You generate a passphrase that is converted into a key 
used internally by GPG. Both encryption and decryption must use the same 
passphrase.

You can also generate subkeys based on your original key pair which can be 
assigned individual functions (signing only, encrypting, etc.). This is not 
required but in many instances recommended. Use the GPG default settings 
whenever possible.

Does this clear things up?

Thanks,
 
Bob Cavanaugh

-Original Message-
From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of Haritwal, 
Dhiraj
Sent: Friday, December 19, 2014 2:36 AM
To: gnupgpacker; gnupg-users@gnupg.org
Subject: RE: Unable to encrypt file with private/public key

Thanks for the clarification, Chris. I got confused with recipient switch. In 
general (Exchange), Recipient is the one to whom we are sending the data or who 
will receive data. In our case we are sending the data to partner hence I was 
using partner's public key to encrypt the file. After I used my private key, 
the warning has gone & the file is encrypted in .asc format.

One more query, partner is saying they are unable to decrypt this file with my 
private key which they have trusted & asking to encrypt this file with my 
private key & their public key (already trusted on my server). when I am suing 
both the key identifier's, giving some syntax error. Kindly suggest how can I 
do this.


Dhiraj




-Original Message-
From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of 
gnupgpacker
Sent: 19 December 2014 15:32
To: gnupg-users@gnupg.org
Subject: Unable to encrypt file with private/public key


* PGP Signed by an unknown key

@Dhiraj:

Encrypting:
You encrypt a message with recipient's public key, no password is required.
(Password is only known by recipient.)

Signing:
You sign a message with your own private key, you must admit your private key's 
password.

Regards, Chris
(RSA-Testkey 0x3E2E0598)

> What I have
> learned so far from these threads is Signing always require a
> passphrase whereas encryption can be done without Passphrase & it requires a 
> Key.
> Correct me if my understand is not correct.
> I was doing a mistake. I
> was trying to encrypt the file with Partner Key hence it was showing
> the warning. While sending the file to partner I have to use my own
> key which I have share with them to decrypt it.


* Unknown Key
* 0xD64D3126(L)

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users



This email is confidential and intended only for the use of the individual or 
entity named above and may contain information that is privileged. If you are 
not the intended recipient, you are notified that any dissemination, 
distribution or copying of this email is strictly prohibited. If you have 
received this email in error, please notify us immediately by return email or 
telephone and destroy the original message. - This mail is sent via Sony Asia 
Pacific Mail Gateway..

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Securing the future of GnuPG with BitCoin

[Kristian Fiskerstrand]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On 12/19/2014 04:32 PM, Richard Ulrich wrote:
> https://gnupg.org/donate/index.html

I notice that this page is also missing the Flattr option[0] that is
listed on [1] . This might over time be a better way to secure a
running donation to the project rather than a lump sum?

References:
[0] https://flattr.com/thing/1901175/GnuPG-donation
[1] http://g10code.com/gnupg-donation.html

- -- 
- 
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- 
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- 
"A ship is safe in harbour, but that's not what ships are for"
(Will Shedd)
-BEGIN PGP SIGNATURE-

iQIcBAEBCgAGBQJUlGQqAAoJEPw7F94F4TagTJsP/3w726YfOIgcwQFKI7nzYxpe
k4ADfKCCC8pEpn+F/Iy2kQd99k0DNxJ4qPOv22eOd7NYYI5d7AClYTS1qaxNfQ9V
OewrgERZQh9O2pKeVPbhiNJz014f99HvK0/5G8YrEzMR0grMfUJTouAOv+xP5CMi
VPYcPqLrGCvl9+0yqAZmWVtrOl4tuXV05Tzd4N88tCgTLdvwwEJ3DfCn7u7++cFf
TROreRTLGPoQ+eN/UFZsMKPGBgUJW71gQ+RQLeZC67clm49ipTEaN0Yn2BivjxXP
ZOrbrc02ZBlVkFhTFLDGh6L5ybGIhHAdcOc5Vy09XSYjAzADk1sNS6ZtxyJ8RoTA
1ea/7bEG4z4ZvCsEt3yeatEcqTkB6AYwqNtjarLoQ9AharEPPW9XkqV4Uy/bVNWw
bf6MzseFVl09XypXk60WuHrSbWX1jGtp1wWNlXqtNXZ0C9koUz9rYC/wAskk06u/
+qbycTNHAfWkeD88Z9rEZQ4YNtrtmU8rct8e4DN08C+WbM6dF6ERcRdPDr6YaXuf
4AUtVQJZEOCEGGLD1wWYa0HDw+D0EYcKth2MUCAr4e32jMpubF8Vpkm4Isv0PctG
l1Kk6W4NiEyED3zTbMnMfn4vGwmPcle/61H1TRpmktlPYjLMuU7HM+CrW0xhX9ui
/h496JP/Vr/OEICY5Sgx
=18Wv
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: [Announce] GnuPG 2.1.1 released

[Robert J. Hansen]

> Thank you for the time you've spent on this, but a minor quibble if you
> don't mind. Could you please provide signatures for the dmg files, and
> ideally sign the messages you send to the list about them?

While we're on the subject -- it might be nice for GnuPG to be able to
issue proper Authenticode-signed Windows binaries.  Code signing
certificates are fairly affordable although the paperwork is a headache.

"It might be nice" doesn't mean "we should do this," of course.  :)
Just it might be nice, and maybe we ought think about it some.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Securing the future of GnuPG with BitCoin

[Robert J. Hansen]

> Pay using BitCoin is missing

I suspect it's the opposite: it's not missing at all so much as it's
been considered and rejected.

BitCoin is more of a currency speculation scheme than it is a serious
currency.  Further, governments haven't quite figured out how to
regulate it yet -- what it should be taxed as, how it can be taxed, and
so on.

That large companies like Microsoft are beginning to accept BitCoin is
promising, but Microsoft has a large team of lawyers to navigate these
sorts of things.  GnuPG doesn't.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: [Announce] GnuPG 2.1.1 released

[Doug Barton]

On 12/17/14 9:02 AM, Patrick Brunschwig wrote:


I created an installer for GnuPG 2.1.1 on Mac OS X, available from here:

http://sourceforge.net/projects/gpgosx/files/


Patrick,

Thank you for the time you've spent on this, but a minor quibble if you 
don't mind. Could you please provide signatures for the dmg files, and 
ideally sign the messages you send to the list about them?


Doug



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: [Announce] GnuPG 2.1.1 released

[Patrick Brunschwig]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 18.12.14 09:58, Werner Koch wrote:
> On Wed, 17 Dec 2014 18:02, patr...@enigmail.net said:
> 
>> I created an installer for GnuPG 2.1.1 on Mac OS X, available
>> from here:
> 
> Is that one already useful for general public and shall I add it to
> the download page?

Yes, it is - I'd love to see it on the download page :-)

- -Patrick

-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQEcBAEBCAAGBQJUlFURAAoJEMk25cDiHiw+ObwIAMMjdG1j5i+3imGktJE2Z1ZS
Fp7deEyCFGt7eX3GJS5mKOKBUCmEI8uOofcFhp8V9hh41FSNXrXBMIHU13MElQsB
2rx7Kc3HKFge1adJ2GHuXr5KACt7x7XFVWp+Wevpdt+JfFZUZw3NhhUSq/UXQ4uX
DZ4MmXcWMpmYCPpJmkF8CMhGAMCqGmSdgrJQ7mHbL+gFIGclrSqtJARsCXa+uN8R
HsZB45bzveohzGS7hVk3u9E8d+Urec6RD/o/VxBarIEpAV7boivgegwRwlb4bE1l
kWvzc9g2ycYv9oche6F/TS3+5/e+VK0xYWGxb+mlFqo+EMZDOYLZ8dJ74j/I+pc=
=K7CN
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Securing the future of GnuPG with BitCoin

[Antoine Michard]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

I'm agree !
-BEGIN PGP SIGNATURE-
Version: OpenPGP.js v0.7.2
Comment: http://openpgpjs.org

wsBcBAEBCAAQBQJUlFRQCRAQ6tJMY0nl4AAABucH/ihJ17qnQtttqYVPlkCy
jK81sUXF2k69mzRxiW5JwHsiwboKtaeWTCY/V4qjKnZXV4MpwqHxj0WGk1j5
44ZA0yy0y+aMLcXoJQpAGdUFLLHI2oUi/xr+PoIBKA4aMeOMAjfYgpGG36DG
Y1CVMsJV46wComkFQTceRcKiAgkUoQ93qarpeCWiW/dDxRJ5/vv8INUXexg2
r7PCkoSoJEVHeTSAEabbvMCVCj9ylS13NT4WktmcNPW6ZIq1mmtDDrpAjwvR
bqKEEEBN1/wonWWktfoTCf3h+nm0kXLHv7NgqQfm9Jpc0F2bgEEhTbJPgN15
vAYi4FzqXyv1Q9OniowmmL0=
=9SWz
-END PGP SIGNATURE-


2014-12-19 16:32 GMT+01:00 Richard Ulrich :
>
> https://gnupg.org/donate/index.html
>
> Pay using BitCoin is missing
>
> Rgds
> Richard
>
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
>

-- 
Antoine Michard
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Securing the future of GnuPG with BitCoin

[Richard Ulrich]

https://gnupg.org/donate/index.html

Pay using BitCoin is missing

Rgds
Richard


signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Unable to encrypt file with private/public key

[MFPA]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512



On Friday 19 December 2014 at 9:14:05 AM, in
,
Haritwal, Dhiraj wrote:


> Thank you all for your response.

> What I have learned so far from these threads is
> Signing always require a passphrase whereas encryption
> can be done without Passphrase & it requires a Key.
> Correct me if my understand is not correct.

Each key pair consists of a private key and a public key that are
mathematically related.

Each user shares their public key with other people, but keeps their
private key to themself and protects it with a passphrase.

A signature is made with your own private key, which you need the
passphrase to use. The person verifying your signature needs only your
public key and does not need your passphrase.



> I was doing a mistake. I was trying to encrypt the file
> with Partner Key hence it was showing the warning.
> While sending the file to partner I have to use my own
> key which I have share with them to decrypt it.

To encrypt a file (or a message) to me, you need only my public key
and you do not need a passphrase. To decrypt the file, I need my
private key, which I need my passphrase to use.


- --
Best regards

MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net

Change is inevitable except from a vending machine
-BEGIN PGP SIGNATURE-

iQF8BAEBCgBmBQJUlFMlXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2
QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwnAIH/00rCZ3q90EP0WVlB8zhQmsV
ZzBXJvZ0H7bJmx2Wljo4TjI4lA7v3Ov4ga72kCHnr3EotOLdptrTMkKDP9h3iEkX
NovstYyBPwOMHIm3A7Zbm6rneU9TxDv0lcPY2gzYBI2VRLGKDE6uR/kQ5c9kIrUD
1XFwLypBVU22EvGjwAyfvwLs7NIuXQbzTcybPQJBcOkGQe1cdeTHI7hdubScMkYg
b57Vn+lVvPwsDDqZHo6lMHgljFXkGHWKEfVJJis/wIBw+FbUvupMDLvNrhrdIqcQ
bznJUalkBZxZ4dbkketB7bP3LFnCeKucuGsrGMItsC9mOUs78/X1aQ2kQB+9gLaI
vgQBFgoAZgUCVJRTMF8UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx
MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45NpWAQDVNzrlSMi7HtThaJ2YRBslqYB4
VtYY0lvA1DykRfy7gwEAw8+bHOUDf5YBkYKkQWpnHS7APnngaa1zCUN72H9UFAA=
=YB+3
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

gpg_agent with python-gnupg

[Richard Ulrich]

Hi,

I have a python script that signs a message using python-gnupg:

import gnupg
gpg = gnupg.GPG(gnupghome='~/.gnupg', use_agent=True)
qrInfoString = 'some long\nmessage\nspanning multiple\nlines'
qrInfoString = str(gpg.sign(qrInfoString, keyid='E8401492!',
clearsign=True, binary=False))

The last time I tried it about half a year ago, it worked. Since then
with upgrading ubuntu there was a change in behavior of the gpg_agent. I
can't remember the details, but it also affected enigform.

I'm not sure, but I suspect gpg doesn't get the info about the
gpg_agent.
How can I verify my assumption, and if true, how can I pass the
agent_info to python-gnupg?

Rgds
Richard


signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: [Announce] GnuPG 2.1.1 released

[MFPA]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512



On Friday 19 December 2014 at 7:33:35 AM, in
, Werner Koch wrote:



> I think I fixed this wrong error message yesterday in
> the npth library. No new release yet, though.


Comparing --photo-viewer gpg.conf lines with Paul Kapaldo on PGPNET,
Paul had no quotes around the path and it was working for him.

I removed the quotes to test. (I had always had them in because a path
with spaces normally needs them.)

It seems --photo-viewer works in 2.0.x and 2.1.x without quotes around
the path, and errors with the quotes in place. (1.4.x accepts it with
or without).


- --
Best regards

MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net

The problem is not that we're paranoid;
it's that we're not paranoid enough.
-BEGIN PGP SIGNATURE-

iQF8BAEBCgBmBQJUlFBoXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2
QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwRxsH/20OkR9CGnq6M/Q511hiIN/4
H2WwBLnb/9X5Yzw/kO66XmnlE5p1mO2hH8zFYcOnPJz1P9CMXxzvfDrDGx/naL1r
TflZgnVOElMax7MGS+veRP2ITZ9CObvz1QZr79Z/PAgA+Ng3f8Lbs4v0a45c1VQN
N32faQJnTKh372EGXlggjRO3pPSIQ2u6/DatrdMfbziYjaofndVM4zatwIZmdgiL
JG07Rr2G1e3ZD5USkoYuDYa3x2qST+DSJqkJ+jlgCsfj9fkwVqZ3AnV6slLqzX4K
vn6wH4O0GzD52FI+IhbXMs0QXDIWba0tutHo7UpfEmcEz6edtNdyqqC/nRNiiWuI
vgQBFgoAZgUCVJRQbV8UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx
MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45JwHAQA9FeMnnwA+TSSoQUa0ezPtYajM
RgCRRcQzNk79I/jcfAEAS+8WkVC6IxhoA/kcxqEDqwcEG6Laz8u39cUxTpqSEQY=
=N4ED
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Unable to encrypt file with private/public key

[Pete Stephenson]

On 12/19/2014 6:05 AM, Haritwal, Dhiraj wrote:
> One more thing, this time when I encrypt the file with my private key
> (without sign & only with armor switch), it's still asking passphrase
> to decrypt it even  on my same server. That means it's still using
> PassPhrase to encrypt the file. Does it somewhere set by default in
> the Gnupg config.

I assume that you mean that you encrypted the file using your own public
key.

If so, it's normal for GnuPG to prompt you for your passphrase when you
decrypt the file: the private key is needed to decrypt the file, and the
passphrase is used to unlock the private key so it can be used.

When you're using symmetric encryption mode, the passphrase is used to
encrypt and decrypt the file.

When used with public/private keys, the passphrase is not used at all to
encrypt the file. The file is encrypted using the recipient's *public*
key[1] and sent to the recipient. The recipient uses their passphrase to
unlock their *private* key, which is used to decrypt the file.

Public-key crypto is somewhat of a black art, and there's many aspects
that can be quite confusing. You might find the "Art of the Problem"
video series on cryptography[3] to be interesting.

Mozilla also has an introduction to cryptography[4] which might also
help clarify things. While it focuses on the use of cryptography in a
general web browser-server system, many of the concepts apply to GnuPG.

Cheers!
-Pete

[1] This is a somewhat simplified explanation. In actuality, the file is
encrypted using a randomly-generated session key and a symmetric cipher
like AES, and the session key is encrypted using the recipient's public
key. This "hybrid cryptosystem"[2] has several advantages over
encrypting the whole file using the recipient's public key.

[2] https://en.wikipedia.org/wiki/Hybrid_cryptosystem

[3] https://www.youtube.com/playlist?list=PLB4D701646DAF0817

[4]
https://developer.mozilla.org/en-US/docs/Introduction_to_Public-Key_Cryptography

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Unable to encrypt file with private/public key

[Pete Stephenson]

On 12/19/2014 5:36 AM, Haritwal, Dhiraj wrote:
[snip]
> One more query, partner is saying they are unable to decrypt this
> file with my private key which they have trusted & asking to encrypt
> this file with my private key & their public key (already trusted on
> my server). when I am suing both the key identifier's, giving some
> syntax error. Kindly suggest how can I do this.

I think you mean that your partner is unable to decrypt the file with
your *public* (rather than your private) key, right?

If so, that's expected behavior: if you have encrypted a message to your
partner's public key, your partner needs to use their private key to
decrypt the message.

They can use your public key for verifying your signature on the
encrypted file.

Cheers!
-Pete

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: OT, but related ... Google’s End-To-End Email Encryption Tool Gets Closer To Launch

[Brian Minton]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Not to mention the fact that they released technical documents about
their combined keyserver / logger system.  I always thought that would
be a good idea, after reading about Certificate Transparency for TLS,
to have a similar thing for OpenPGP, which seems to be what they are
planning.
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iF4EARYIAAYFAlSULR8ACgkQN7lQes/yAW4gNAEAUZVG89IdStRP4yrV4wh/YrlI
dMLH/eKzN2GgNRDM+TEBAAHAKT4k9YgDaKPjrQwf5A2Qzm+g5Em6oalyBrPvc/kK
=5WU1
-END PGP SIGNATURE-

On Thu, Dec 18, 2014 at 9:08 PM, Doug Barton  wrote:
> The relevant bit is that the code is now public at github, so anyone
> interested can review it, and provide comments.
>
> http://techcrunch.com/2014/12/17/googles-end-to-end-email-encryption-tool-gets-closer-to-launch/
>
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

RE: Unable to encrypt file with private/public key

[Haritwal, Dhiraj]

One more thing, this time when I encrypt the file with my private key (without 
sign & only with armor switch), it's still asking passphrase to decrypt it even 
 on my same server. That means it's still using PassPhrase to encrypt the file. 
Does it somewhere set by default in the Gnupg config.

Dhiraj



-Original Message-
From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of Haritwal, 
Dhiraj
Sent: 19 December 2014 16:06
To: gnupgpacker; gnupg-users@gnupg.org
Subject: RE: Unable to encrypt file with private/public key

Thanks for the clarification, Chris. I got confused with recipient switch. In 
general (Exchange), Recipient is the one to whom we are sending the data or who 
will receive data. In our case we are sending the data to partner hence I was 
using partner's public key to encrypt the file. After I used my private key, 
the warning has gone & the file is encrypted in .asc format.

One more query, partner is saying they are unable to decrypt this file with my 
private key which they have trusted & asking to encrypt this file with my 
private key & their public key (already trusted on my server). when I am suing 
both the key identifier's, giving some syntax error. Kindly suggest how can I 
do this.


Dhiraj




-Original Message-
From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of 
gnupgpacker
Sent: 19 December 2014 15:32
To: gnupg-users@gnupg.org
Subject: Unable to encrypt file with private/public key

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

@Dhiraj:

Encrypting:
You encrypt a message with recipient's public key, no password is required.
(Password is only known by recipient.)

Signing:
You sign a message with your own private key, you must admit your private key's 
password.

Regards, Chris
(RSA-Testkey 0x3E2E0598)

> What I have
> learned so far from these threads is Signing always require a
> passphrase whereas encryption can be done without Passphrase & it requires a 
> Key.
> Correct me if my understand is not correct.
> I was doing a mistake. I
> was trying to encrypt the file with Partner Key hence it was showing
> the warning. While sending the file to partner I have to use my own
> key which I have share with them to decrypt it.


-BEGIN PGP SIGNATURE-

iQIcBAEBCAAGBQJUk/epAAoJEMMs0SrWTTEmkz8P/1yuKwvlFf4w2tE4/q84G/Ae
zqhvgcwK5ILEfBJtL6Hc027ujnrmATe42Vk4TCaN1aEG8/uLPlsqIO8+ZfVV0YDl
+UP+eLPw9Zqi7Bq+tvKtbSfS7VTmAUYtfTckAco/1PBfI5Sm0EbzvGf1jzPGHgoH
z1b3MiYy4RWK/S3syL8TmV6tPYpl+Jf9D5qtMTQ/e0SfoLm4AFRTg5N/vU0Hg1Xc
h1oEHDmRdlZ2TZTTsGscfx9WwzruVpg2cxZeUgZ4uFfgGOdazHvpEy+li/yVRAwf
PWoM5xjPte9Tc0/5q4NL7CFvvlKMdLJhZHAOhjIFOvHrCIlEhViy8kKoqoFyKG9a
HmzyNL3tajRASCdXaN92UUee2781nB7FIer65QoUdQ7cTozUHF3A2GCRwKu/jyb+
QLa8VOxPF/UUdeS9sYcoe2Cu4A69HJnohYpTaLzAnr89O7FyK2zjqbtIJhxoXy8v
6IIk1DfYCZkb9k1E3dMoIORGYCwdCcnNdJUkA4EkOh+9+a2e4hThnJm0b3OUT9Jy
NShDaMS+ZFv61Wv5KH8js/d38ryG5lXcopNuav2LxHb+zMh8CulFQ8FhW4rVA72S
pJFRmGfEusRVnCaPCwCHcOOlM8gHyZGrCP/GmrLT7v8vKe/AGbXCtavCss8UWeNz
x/GqhPsbfXE1FuhMHWhF
=r8V4
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users



This email is confidential and intended only for the use of the individual or 
entity named above and may contain information that is privileged. If you are 
not the intended recipient, you are notified that any dissemination, 
distribution or copying of this email is strictly prohibited. If you have 
received this email in error, please notify us immediately by return email or 
telephone and destroy the original message. - This mail is sent via Sony Asia 
Pacific Mail Gateway..

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users



This email is confidential and intended only for the use of the individual or 
entity named above and may contain information that is privileged. If you are 
not the intended recipient, you are notified that any dissemination, 
distribution or copying of this email is strictly prohibited. If you have 
received this email in error, please notify us immediately by return email or 
telephone and destroy the original message. - This mail is sent via Sony Asia 
Pacific Mail Gateway..

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

RE: Unable to encrypt file with private/public key

[Haritwal, Dhiraj]

Thanks for the clarification, Chris. I got confused with recipient switch. In 
general (Exchange), Recipient is the one to whom we are sending the data or who 
will receive data. In our case we are sending the data to partner hence I was 
using partner's public key to encrypt the file. After I used my private key, 
the warning has gone & the file is encrypted in .asc format.

One more query, partner is saying they are unable to decrypt this file with my 
private key which they have trusted & asking to encrypt this file with my 
private key & their public key (already trusted on my server). when I am suing 
both the key identifier's, giving some syntax error. Kindly suggest how can I 
do this.


Dhiraj




-Original Message-
From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of 
gnupgpacker
Sent: 19 December 2014 15:32
To: gnupg-users@gnupg.org
Subject: Unable to encrypt file with private/public key

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

@Dhiraj:

Encrypting:
You encrypt a message with recipient's public key, no password is required.
(Password is only known by recipient.)

Signing:
You sign a message with your own private key, you must admit your private key's 
password.

Regards, Chris
(RSA-Testkey 0x3E2E0598)

> What I have
> learned so far from these threads is Signing always require a
> passphrase whereas encryption can be done without Passphrase & it requires a 
> Key.
> Correct me if my understand is not correct.
> I was doing a mistake. I
> was trying to encrypt the file with Partner Key hence it was showing
> the warning. While sending the file to partner I have to use my own
> key which I have share with them to decrypt it.


-BEGIN PGP SIGNATURE-

iQIcBAEBCAAGBQJUk/epAAoJEMMs0SrWTTEmkz8P/1yuKwvlFf4w2tE4/q84G/Ae
zqhvgcwK5ILEfBJtL6Hc027ujnrmATe42Vk4TCaN1aEG8/uLPlsqIO8+ZfVV0YDl
+UP+eLPw9Zqi7Bq+tvKtbSfS7VTmAUYtfTckAco/1PBfI5Sm0EbzvGf1jzPGHgoH
z1b3MiYy4RWK/S3syL8TmV6tPYpl+Jf9D5qtMTQ/e0SfoLm4AFRTg5N/vU0Hg1Xc
h1oEHDmRdlZ2TZTTsGscfx9WwzruVpg2cxZeUgZ4uFfgGOdazHvpEy+li/yVRAwf
PWoM5xjPte9Tc0/5q4NL7CFvvlKMdLJhZHAOhjIFOvHrCIlEhViy8kKoqoFyKG9a
HmzyNL3tajRASCdXaN92UUee2781nB7FIer65QoUdQ7cTozUHF3A2GCRwKu/jyb+
QLa8VOxPF/UUdeS9sYcoe2Cu4A69HJnohYpTaLzAnr89O7FyK2zjqbtIJhxoXy8v
6IIk1DfYCZkb9k1E3dMoIORGYCwdCcnNdJUkA4EkOh+9+a2e4hThnJm0b3OUT9Jy
NShDaMS+ZFv61Wv5KH8js/d38ryG5lXcopNuav2LxHb+zMh8CulFQ8FhW4rVA72S
pJFRmGfEusRVnCaPCwCHcOOlM8gHyZGrCP/GmrLT7v8vKe/AGbXCtavCss8UWeNz
x/GqhPsbfXE1FuhMHWhF
=r8V4
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users



This email is confidential and intended only for the use of the individual or 
entity named above and may contain information that is privileged. If you are 
not the intended recipient, you are notified that any dissemination, 
distribution or copying of this email is strictly prohibited. If you have 
received this email in error, please notify us immediately by return email or 
telephone and destroy the original message. - This mail is sent via Sony Asia 
Pacific Mail Gateway..

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: latest version build error

[Joshua Rogers]

On 19/12/14 09:20, Daniel Kahn Gillmor wrote:
> You don't mention what platform you're on, but given your recent reports
> in the debian BTS, i think you're using debian.  The package you're
> probably looking for is libgpg-error-dev.
I'm using
ftp://ftp.gnupg.org/gcrypt/libgpg-error/libgpg-error-1.17.tar.gz , but
still to no avail.

Is that the right package?

Thanks,

-- 
-- Joshua Rogers 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: [Announce] GnuPG 2.1.1 released

[Dominyk Tiller]

Apologies, that option is indeed gone.

I was trying to pass it anyhow, in order to use an external (but
up-to-date) gpg-agent as my agent, because that's how I was configuring
the 2.0.x branch, "--disable-agent
--with-agent-pgm=/usr/local/opt/gpg-agent/bin/gpg-agent".

When I went to build this new release of the 2.1.x branch I just
automatically passed those configure options, and when the configure
script didn't flag the option as unrecognised I wondered if it was a bug
that it was erroring out. I should have probably double-checked to see
if I was just being stupid ;).

Cheers for the reply,

Dom

Sent from OS X. If you wish to communicate more securely my PGP Public
Key is 0x872524db9d74326c.

On 18/12/2014 08:35, Werner Koch wrote:
> On Wed, 17 Dec 2014 13:54, dominyktil...@gmail.com said:
> 
>> I'm still hitting a new one though. If you attempt to compile using an
>> external gpg-agent, rather than one with the package, you hit this:
> 
> You mean an option --disable-agent?  Do we still have this option - it
> needs to be removed.  gpg-agent is not optional.
> 
> 
> 
> Salam-Shalom,
> 
>Werner
> 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: latest version build error

[Joshua Rogers]

On 19/12/14 17:35, Joshua Rogers wrote:
> On 19/12/14 09:20, Daniel Kahn Gillmor wrote:
>> > You don't mention what platform you're on, but given your recent reports
>> > in the debian BTS, i think you're using debian.  The package you're
>> > probably looking for is libgpg-error-dev.
> I'm using
> ftp://ftp.gnupg.org/gcrypt/libgpg-error/libgpg-error-1.17.tar.gz , but
> still to no avail.
>
> Is that the right package?
>
> Thanks,
Ends up that I had an old installation of libgpg-error still on the box.
I just did apt-get remove libgpg-error-dev.

I did use --with-gpg-error=/usr/local (or whatever it is), which is
strange, though..

-- 
-- Joshua Rogers 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Unable to encrypt file with private/public key

[gnupgpacker]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

@Dhiraj:

Encrypting:
You encrypt a message with recipient's public key, no password is required.
(Password is only known by recipient.)

Signing:
You sign a message with your own private key, you must admit your private
key's password.

Regards, Chris
(RSA-Testkey 0x3E2E0598)

> What I have
> learned so far from these threads is Signing always require a passphrase
> whereas encryption can be done without Passphrase & it requires a Key.
> Correct me if my understand is not correct.
> I was doing a mistake. I
> was trying to encrypt the file with Partner Key hence it was showing the
> warning. While sending the file to partner I have to use my own key
> which I have share with them to decrypt it.


-BEGIN PGP SIGNATURE-

iQIcBAEBCAAGBQJUk/epAAoJEMMs0SrWTTEmkz8P/1yuKwvlFf4w2tE4/q84G/Ae
zqhvgcwK5ILEfBJtL6Hc027ujnrmATe42Vk4TCaN1aEG8/uLPlsqIO8+ZfVV0YDl
+UP+eLPw9Zqi7Bq+tvKtbSfS7VTmAUYtfTckAco/1PBfI5Sm0EbzvGf1jzPGHgoH
z1b3MiYy4RWK/S3syL8TmV6tPYpl+Jf9D5qtMTQ/e0SfoLm4AFRTg5N/vU0Hg1Xc
h1oEHDmRdlZ2TZTTsGscfx9WwzruVpg2cxZeUgZ4uFfgGOdazHvpEy+li/yVRAwf
PWoM5xjPte9Tc0/5q4NL7CFvvlKMdLJhZHAOhjIFOvHrCIlEhViy8kKoqoFyKG9a
HmzyNL3tajRASCdXaN92UUee2781nB7FIer65QoUdQ7cTozUHF3A2GCRwKu/jyb+
QLa8VOxPF/UUdeS9sYcoe2Cu4A69HJnohYpTaLzAnr89O7FyK2zjqbtIJhxoXy8v
6IIk1DfYCZkb9k1E3dMoIORGYCwdCcnNdJUkA4EkOh+9+a2e4hThnJm0b3OUT9Jy
NShDaMS+ZFv61Wv5KH8js/d38ryG5lXcopNuav2LxHb+zMh8CulFQ8FhW4rVA72S
pJFRmGfEusRVnCaPCwCHcOOlM8gHyZGrCP/GmrLT7v8vKe/AGbXCtavCss8UWeNz
x/GqhPsbfXE1FuhMHWhF
=r8V4
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

RE: Unable to encrypt file with private/public key

[Haritwal, Dhiraj]

Thank you all for your response.

What I have learned so far from these threads is Signing always require a 
passphrase whereas encryption can be done without Passphrase & it requires a 
Key. Correct me if my understand is not correct.

I was doing a mistake. I was trying to encrypt the file with Partner Key hence 
it was showing the warning. While sending the file to partner I have to use my 
own key which I have share with them to decrypt it.


Regards,

Dhiraj



-Original Message-
From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of Duplicity 
Mailing List
Sent: 18 December 2014 21:35
To: gnupg-users@gnupg.org
Subject: Re: Unable to encrypt file with private/public key

On 18/12/14 15:39, Haritwal, Dhiraj wrote:
> Hi,
>
> Thanks for your response.
>
> About the below command, it's asking for passphrase whereas my requirement is 
> to use only keys to encrypt/sign it.
>
> gpg2 -u FFEEDDCC -r AABBCCDD -se supersecret.txt
>
> I tried below command which shows confirmation screen where I have entered y 
> (yes) & now able to see a file named  supersecret.txt.gpg. m not sure what 
> file it is because it think encrypted file should has an .asc extension.
>
> ./gpg --encrypt --hidden-recipient AABBCCDD supersecret.txt
> gpg: 89709B71: There is no assurance this key belongs to the named
> user
>
>
> Regards,
>
> Dhiraj

.gpg is the extension of encrypted files, .asc is normally ASCII armored files 
(Signatures and the like), if you'd like to generate one of those, look into 
the -a option (for Ascii). A complete command would look something like `gpg2 
-u AABBCCDD -as supersecret.txt`. The generated supersecret.txt.asc will only 
verify to someone who already has the .txt that it hasn't been touched/modified 
and that the key AABBCCDD did verify it as being legitimate, they won't be able 
to extrapolate supersecret.txt out of it. It's _only_ for signing, _not_ for 
encrypting/transportation of data, which is why you often see them on this 
mailing list and downloads (You want to verify that the user sent the data, but 
not encrypt it (Since it's public)).

If you try to run:-

>gpg -d supersecret.txt.gpg

It should tell you it's encrypted and the destination public key, then error 
out (As it's not destined for you). As for the "There is no assurance this key 
belongs to thhe named user", this is because you haven't trusted them yet. If 
you do trust the key as being the key they claim to be, and have verified the 
key through out-of-bands means (I.E.
Not over the internet, or using an already secure channel over the internet, 
this is *not* emails, this is *not* Skype, this is *not* text messages), then 
you can take a look at this:- https://www.gnupg.org/gph/en/manual/x334.html

P.S. I'm replying to you on-list for the reasons:-

1. People are able to verify if I say anything stupid 2. In the case I haven't 
said anything stupid, someone else could also learn from this (I.E. Location 
this thread in the future via a search engine).

I recommend you do the same.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users



This email is confidential and intended only for the use of the individual or 
entity named above and may contain information that is privileged. If you are 
not the intended recipient, you are notified that any dissemination, 
distribution or copying of this email is strictly prohibited. If you have 
received this email in error, please notify us immediately by return email or 
telephone and destroy the original message. - This mail is sent via Sony Asia 
Pacific Mail Gateway..

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Refreshing private key

[gnupgpacker]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hello,
is there is a need keeping old key id, you can generate new subkeys for A/S/E, 
keeping the old 2048bit certification key C only for offline signing.

Keystructure:
Mainkey with old ID 2048bit
- - Subkey A 8096bit
- - Subkey S 8096bit (beware of this, long signature...)
- - Subkey E 8096bit

Old subkeys can be deactivated/revoked or not, GPG will use latest keys 
generated.

Generating keys > 4096bit can be done with GnuPG-Pack up to 50176bit (RSA) with 
some additional features:
http://home.arcor.de/rose-indorf/

Beware of compatibility with standard gpg installations!
Security advantage isn't as great as it seems to be...

Regards, Chris
(RSA-Testkey 0x3E2E0598)

> -Original Message-
> Sent: Thursday, December 18, 2014 11:52 AM
> My current key is 2048 bits in length and I
> would like to have something that is closer to 8192 bits in length. Is
> there a way that I can accomplish this without revoking my key so that I
> can keep the same public key id? Any preferred RTFMing you can point me
> to?

-BEGIN PGP SIGNATURE-

iQIcBAEBCAAGBQJUk908AAoJEMMs0SrWTTEmRz4P/i8iJYKz5ta0145WEH3E64A5
mzVkN/7YI9mXapYp/7YzQAYq583P8kKoubCQorvyXYOI2RnehsThw/lRSvU3KId7
u+iqxdPOMT10tWzBSjIObxNZiw5DEV733Y8uI+I0CVSAiVYlvEEPY2j76SMngwWQ
XkcJUW2oOagnJSfK8IKJ3es+N72JHh7ZHJQYTj1iV+SKJN83Y+RdP4XcSJiHjLsu
hWeim3h19gYg/Kt9SQDIaJj94ucP2b9QADdZjQEx0yYUdZMpswa0Velq69LwWKi9
PUkR47R9PdJbfo0AeCfXmVY4kto2gkUNvgbFWcAko7CTVY+fJyIrFl/4MaDi/vo9
oNLNmhdUUHbXaxVQaAAuR+yK0aQu6C+hHWTzlKdmhGgPPQxcFLBmiLplv+Q36qmI
JHd5j2On6uzJ1s3WtvxcOr9Hs1f54q0LpkK6X4bMj91/PY9DLzNLXTOSGpq2ICsm
H++zQC3Nz1Ap8CIY5bsuZJpjZgpeIBPL2QMvmg53DpozSb2PAL4quCeNDRcluFjc
7ReOQ7BHUbXTN2EBSlhA/oBPr8eFh/qdLBN+9toR+7eX4ScFIauwegOxVjj+Eq00
9HSJBOTI7KS+MRarnkMoKP3CG4HjbiVpUIRUEI86O+pY0SkjgtDPVDyxh4uRkuJe
uxhLHOtkSF3qCL07P0h7
=iVQV
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users