no passphrase request
Running Debian Jessie with mutt 1.5.23 and gnupg 1.4.18-7 (yeah, I know it's old, but then so am I) Trying to send an test message to myself using mutts' compiled-in gpg support. After selecting an action from the menu, (sign encrypt, etc) and hitting return, I'm prompted for a key ID, never for a passphrase. The message then refuses to send. In checking for mutts' compiled options, I ran across this which may have some bearing on what I'm seeing, or not. The options in question are: +CRYPT_BACKEND_CLASSIC_PGP +CRYPT_BACKEND_CLASSIC_SMIME +CRYPT_BACKEND_GPGME. I'm assuming if it handles classic pgp it will also handle gnupg. Yes? Searches and doc reading haven't turned up much of anything. Any pointers on how to get out of this appreciated. -- Bob Holtzman A man is a man who will fight with a sword or conquer Mt. Everest in snow. But the bravest of all owns a '34 Ford and tries for six thousand in low. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gnupg doesn't create new keys
On Mon, Mar 14, 2016 at 09:40:44PM -0400, Fabian Santiago wrote: > ¿Que? What are you questioning? Don't top post. -- Bob Holtzman A man is a man who will fight with a sword or conquer Mt. Everest in snow. But the bravest of all owns a '34 Ford and tries for six thousand in low. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Anything that just works easily for folks?... without knowing this stuff.
On Mon, Mar 09, 2015 at 01:19:28AM -0400, Don Warner Saklad wrote: It's too complicated to setup, a too complicated learning curve to setup... How to make it easier needs to be a greater priority. Hand holding is down the hall on the left. -- Bob Holtzman Giant intergalactic brain-sucking hyperbacteria came to Earth to rape our women and create a race of mindless zombies. Look! It's working! signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Update on USG, Software, and the First Amendment
On Mon, Oct 27, 2014 at 02:20:36PM -0400, Robert J. Hansen wrote: Just received word back from a friend of mine who's a law professor focusing in electronic civil liberties, and is a former Commissioner of the FCC to boot. He's skeptical that ITAR/EAR enforcement will affect U.S. hackers participating in libre software development. More than that I can't/shouldn't say, since he was writing off-the-cuff in a personal email rather than carefully drafting remarks for public consumption. He rather likes writing short essays on law. If there's interest, I'll try and talk him into writing something layman-friendly about ITAR/EAR, cryptography, and the First Amendment. Great interest here. -- Bob Holtzman Giant intergalactic brain-sucking hyperbacteria came to Earth to rape our women and create a race of mindless zombies. Look! It's working! signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
On Mon, Aug 18, 2014 at 10:43:49PM -0400, Robert J. Hansen wrote: On 8/18/2014 9:32 PM, Bob Holtzman wrote: There are quite a few ways police and prosecutors can coerce a suspect to hand over his encryption key(s). Your examples which involve coercion are illegal, and the ones that are legal do not involve coercion. Dangling the prospect of a lighter sentence under the poor bugger's nose Not coercion. Prosecutor: We know you have an encrypted drive partition with a lot of child porn on it. Give up your passphrase and we'll reduce it to ten counts of possession and drop the intent to distribute, and we won't object to sentences running concurrently. Which, of course, carries the implied threat of not reducing it to ten counts and objecting to concurrency if he doesn't come across with the keys. Not coercion? Defendant: ... that sounds really good. Or, alternately, imagine the defendant is innocent of the charge: Defendant: I can't accept that deal. I'm innocent of that. (True: if you're innocent of the charge, you're not allowed to plead guilty to it. You might be able to talk the judge into accepting an Alford, but it'd be an uphill battle.) ...and if the prosecutor is hungry for another conviction to aid in his political ambitions it's Katy bar the door and the hell with the truth. BTW what's an Alford? Or, alternately, imagine the defendant is guilty, but only of eight counts of possession: Defendant: No deal. I'll take my risks in court. Good luck producing these 'thousands of images' you're talking about. or conversely, threatening to come down hard, perhaps going for a death penalty. Grossly illegal, in violation of the canons of legal ethics, So is hiding exculpatory evidence. Of course prosecutors would never do such a thing, right?right? and wil get an attorney disbarred. If caught. Some were caught and are still practicing. It made the papers. http://usatoday30.usatoday.com/news/washington/judicial/2010-09-22-federal-prosecutors-reform_N.htm http://reason.com/archives/2009/08/17/innocent-man-freed-but-shabby There are a bunch more. Don't confuse Law Order re-runs with real life. Give me some credit, pal. The DA is allowed to threaten prosecution of only those crimes the DA reasonably believes a person violated, and the DA is expressly forbidden from using the threat of the death penalty to persuade someone to taking a lesser sentence. What should be and what is isn't always the same. The surrender of a suspect's keys would be voluntary and therefore constitutional. In your first example yes, in your second example no. Don't get me wrong: prosecutors have a lot of power, and I personally believe they have too much power with too little accountability. However, it's not a de-facto state of tyranny, either. Of course not. Some prosecutors are real, live, human beings with consciences. Others...pregnant pause As always, my best advice for people facing legal problems is shut up and get a lawyer. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Bob Holtzman Giant intergalactic brain-sucking hyperbacteria came to Earth to rape our women and create a race of mindless zombies. Look! It's working! signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Fwd: It's time for PGP to die.
On Sun, Aug 17, 2014 at 04:42:52PM -0400, Robert J. Hansen wrote: Unfortunately most of us do. Including the US, UK and the Dutch are aklso pushing for such laws. Speaking only for the U.S., this is not the case. Dream on. The United States Constitution protects an individual's right not to testify against themselves. If the production of a passphrase would have any kind of testimonial value, then such production cannot be ordered. The only time production of a passphrase is permitted is when it lacks any testimonial value. There are quite a few ways police and prosecutors can coerce a suspect to hand over his encryption key(s). Dangling the prospect of a lighter sentence under the poor bugger's nose, or conversely, threatening to come down hard, perhaps going for a death penalty. The surrender of a suspect's keys would be voluntary and therefore constitutional. Even if the role production serves is testimonial, if it's voluntary, and the statement the poor sod is required to sign will so state, it's constitutional (I think). Don't forget, even non-testimonial key surrender can be used to build a body of evidence. DISCLAIMER: I'm not a lawyer and the above is opinion only. Many people look at one particular case and say, hey, production was required in that case, clearly the U.S. can compel you to produce!, or production wasn't required in that case, clearly the U.S. can't compel you to produce! The reality is different. You need to look at the role the production serves. Testimonial in nature? Nope, forbidden. Non-testimonial? Yep, permitted. -- Bob Holtzman Giant intergalactic brain-sucking hyperbacteria came to Earth to rape our women and create a race of mindless zombies. Look! It's working! signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: symmetric email encryption
On Mon, Jul 21, 2014 at 09:12:36AM -0400, Mark H. Wood wrote: On Sat, Jul 19, 2014 at 05:46:02PM -0700, Bob Holtzman wrote: On Sat, Jul 19, 2014 at 01:55:45PM -0400, Robert J. Hansen wrote: A factor of two is immense to you...? Yes. A secret that only I know I can keep; a secret known to two people can only be kept for a while. Yes, that's an immense difference. Old Hell's Angels saying, 3 people can keep a secret if two of them are dead. Not a very sophisticated bunch but.. Often attributed to Benjamin Franklin. Wow! Didn't know he was a h.a. or that he could ride. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Bob Holtzman A man is a man who will fight with a sword or tackle Mt Everest in snow, but the bravest of all owns a '34 Ford and tries for 6000 in low. signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: symmetric email encryption
On Sat, Jul 19, 2014 at 01:55:45PM -0400, Robert J. Hansen wrote: A factor of two is immense to you...? Yes. A secret that only I know I can keep; a secret known to two people can only be kept for a while. Yes, that's an immense difference. Old Hell's Angels saying, 3 people can keep a secret if two of them are dead. Not a very sophisticated bunch but.. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Bob Holtzman A man is a man who will fight with a sword or tackle Mt Everest in snow, but the bravest of all owns a '34 Ford and tries for 6000 in low. signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Mutt: Decrypting inline gpg format directly
On Fri, Jul 18, 2014 at 06:18:39PM +0200, The Fuzzy Whirlpool Thunderstorm wrote: Hello, I wonder if Mutt can be configured to decrypt inline pgp messages automatically, without piping the attachment to `gpg --decrypt`. I know, piping works, but it'd be more convenient to have mutt do the piping task and automatically display the decrypted message inside. If anyone has an idea or experience with Mutt, please give your answer. mutt-us...@mutt.org -- Bob Holtzman A man is a man who will fight with a sword or tackle Mt Everest in snow, but the bravest of all owns a '34 Ford and tries for 6000 in low. signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: New user needs some help
On Thu, Jun 05, 2014 at 05:32:38PM -0600, Mirimir wrote: On 06/05/2014 12:09 PM, Bob Holtzman wrote: On Thu, Jun 05, 2014 at 03:26:16AM -0400, Cpp wrote: Dear GnuPG users, As part of the ResetTheNet campaign I decided to start using email encryption. I am a relatively new user of gpg, who is looking forward to using it for secure communication. This is not a critism, but with who do you plan on communicating using encryption? Absolutely no one I know uses it or is remotely interested in it. I get the standard answer I have nothing to hide. I've used GnuPG almost exclusively with people who know me only as mirimir, or as another of my online personas. For the most part, those are people that I know only as their online personas. I've also used GnuPG with a few consulting clients. Mentioning their bank p/w does tend to pull them up short. I do enjoy the look on their faces. I've never used GnuPG with a bank ;) I mentioned their bank p/w in reply to their mindless statement I have nothing to hide to show them that yes lad, you do indeed have plenty to hide. -- Bob Holtzman A man is a man who will fight with a sword or tackle Mt Everest in snow, but the bravest of all owns a '34 Ford and tries for 6000 in low. signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: New user needs some help
On Thu, Jun 05, 2014 at 03:26:16AM -0400, Cpp wrote: Dear GnuPG users, As part of the ResetTheNet campaign I decided to start using email encryption. I am a relatively new user of gpg, who is looking forward to using it for secure communication. This is not a critism, but with who do you plan on communicating using encryption? Absolutely no one I know uses it or is remotely interested in it. I get the standard answer I have nothing to hide. Mentioning their bank p/w does tend to pull them up short. I do enjoy the look on their faces. .snip.. -- Bob Holtzman A man is a man who will fight with a sword or tackle Mt Everest in snow, but the bravest of all owns a '34 Ford and tries for 6000 in low. signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users