Re: encrypt file in batch mode
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 11/4/19 11:12 AM, Werner Koch via Gnupg-users wrote: > Separation of duties is an important part of the Unix philosophy. Thus > we use gpg-agent to handle the operations which require private keys and > also for some minor things which benefit from being implemented in a > daemon. I must disagree here. GPG is modular, and it's monolithic. A piece of software is modular if it is decomposable into distinct functional units such that each unit addresses a specific concern. This- the gpg-agent seems to do very well. A piece of software is monolithic if its components (if it has any at all) are tightly coupled--that is, components logically depend on one another to the point where using them in different contexts requires re-implementing the missing ones. The point is, despite the fact that gpg-agent (and tools) is comprised of multiple binaries, the hierarchical logical coupling between them means that it is more accurate to think of them parts of the same program as a unit that just happens to run in separate address spaces. They are not truly independent, composable programs. I do not think that it was the intent to develop gpg-agent as an interface that could be replaced by some other agent but instead to be run, as you said, as a daemon that provides helper functions in the background. For this reason I think it was a mistake to decouple the gpg-agent from the gpg core in this way, and to say that this agent was made with the unix philosophy in mind. Perhaps it would've been better to write the gpg-agent as a shared library to be called by the core instead. Well, we're probably too far down down the rabbit hole to change that now. Oh, wait, it's free software. We _can_ change it. And redistribute those changes. God I love free software. So, any volunteers? -BEGIN PGP SIGNATURE- iLgEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXcCv3QAKCRDo8fj9gx4T 0wkfAgi2GmWiK9QQYSPex3lsOMF3zXZfu6n7127S5WSD3aHoUbPPYN8N+i2oLrlc jQN6qcMEPE05GUfTw3RjXHH7Bu7z0AIJASPN2So5cfFHwaaVkIgGByouWelr4yup zqagTyVwGDagDqBiZhYxZEzIxWeAWFGkotZkClopwV8V1aLKPWjWhMEE =+l7e -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to decrypt a message while preserving the signature?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 11/3/19 4:15 AM, Peter Lebbing wrote: > Werner recently mentioned an undocumented command for this.[1] > > On 27/08/2019 11:30, Werner Koch via Gnupg-users wrote: >> You can extra the signature from the encrypted+signed data: >> >> gpg --unwrap -d -o SIG > >> and then run >> >> gpgv -o SIGNEDFILE SIG && echo verified! >> The '--unwrap' option alone seems to work for me. Thanks for sharing this. > --unwrap is not documented and has the minor problem that it also keeps the compression layer Why is keeping the compression layer a problem? Also what other undocumented options are out there? Can they be documented somewhere? -BEGIN PGP SIGNATURE- iLgEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXb+0DgAKCRDo8fj9gx4T 0ymVAgkBa9tE9xyhk1sk3Tx+//yoawVxZmAQB3vy1u0QIShHqOPirYHwyQODH/Xw NLYDpBZK9NthXLN5oq/FbmmBzqXm7H0CB1ditfCuvGdtslwzljGqzs6lbYCSp6N+ 9pNGwHPPT5nduCKZSERfvgQRq7nJW/b+2bLU4CwvA28GiLr1LCj0cVqw =B1yd -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: encrypt file in batch mode
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 11/3/19 1:24 AM, Fourhundred Thecat wrote: > But it makes no sense. This particular private key has no passphrase. So > shouldn't signing work in batch mode as well ? Are you sure? Try to --edit-key and select that key (not the cert key). Then passwd, for the empty passphrase. Don't forget to save. > Also, I still get an error when trustdb.gpg is not writable. > --lock-never Be careful with that option. The docs say this: > This option should be used only in very special environments > Improper usage of this option may lead to data and key corruption. Is there a chance that's what's happening here? -BEGIN PGP SIGNATURE- iLcEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXb55QgAKCRDo8fj9gx4T 0wIGAgUReI7Epg4xygz0BxRkl+TSUwSW6K7q98D6AlkbjLbHUZBEG2RfmRu9IINe UF3BFVddL1XqxV593DR81PPfU/gF+QIIrlMAvOW0kl/45S1cUrsrG9UkDMIRuM7i NniVfZ9Snj5RZSVIdZNHw9wwdKKkY1MujkqfdF9UL4mtzIl1RQ8EFo0= =dO9l -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to decrypt a message while preserving the signature?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 11/3/19 1:55 AM, Mark H Weaver wrote: > I'm asking if there's a way to decrypt the message while preserving the > existing signed message. Of course, this requires the private > decryption key, but it should *not* require the private signing key. I do not think there is a way to do this. When both '-s' and '-r' options are used for some given file, the decryption operation atomically decrypts and verifies the file. Actually, I don't think it goes through PGP in two "passes" like you might think. You are probably best off having the signer encrypt and sign distinctly, like so: gpg -s http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to decrypt a message while preserving the signature?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 > Does GnuPG provide a mechanism to decrypt an encrypted-and-signed > message in such a way that preserves the original signature, such that > the original signature can be independently verified by an arbitrary > third-party? The term you're looking for is a detached signature. You can create a detached signature (or any signature, really) only if you possess the private key. -BEGIN PGP SIGNATURE- iLgEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXb5buwAKCRDo8fj9gx4T 0wcxAgkBsJUtcuXCPr6k/ed0eb7K4ep8vhVQlhKn1p7ropq87baL3hN0+Fg62Kef naqh7InflnAzBJh/wcpaPa9yhjfVro8CB0XiF/JQUTZqOwbM9vHkgVSrSvDdRiAo Sfz2Qjro2pIGs5Brgi9lYx0FdoyG44IadJTgd7MJvBhDJJJ5l4nD+l4Y =hETr -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: encrypt file in batch mode
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 11/2/19 10:35 AM, Fourhundred Thecat wrote: > Hello, > > how can I simply encrypt a file in "batch mode", ie in a script, without > user interaction, without need for the user to type password, without > gpg agent? Assuming you're using gpg 2.2.7 or above... gpg --batch --yes --passphrase="pw" --pinentry-mode loopback -o zz -esr u...@domain.com zz.gpg This can only be used if only one passphrase is supplied. Obviously, this is of very questionable security on a multi-user system. Don't use this option if you can avoid it. Also, unless you add yourself to the list of recipients, you won't be able to decrypt the file even if you possess the original unless you hold the private key for u...@domain.com -BEGIN PGP SIGNATURE- iLgEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXb2mCAAKCRDo8fj9gx4T 0/bBAgkBu6q04gPAfuVKNM8aEA3PG67cDV1tBWhv7hLjI0envbtUFdk/s9MCL9/q Nm7541e7VccYbvhwlY6MneswZPRoA2wCAwewuGZpXfSfc1QZOVr0y6PFLT2jmyvs bZRLF60efew2LW74tlqZBlOKTcMYsq8vOv8rD8VdDAH2DyaZvZIUFM0q =gQUz -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Is replacing a revoked signature valid?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 11/1/19 2:50 PM, Michał Górny via Gnupg-users wrote: > However, the original signature was revoked, so it's obviously no longer > valid. Now, I am able to work around this by deleting the old > signatures from local copy of the key, and signing it afterwards. After > refreshing to get the old signature back along with its revocation, GPG > seems to still consider the key valid (wrt new signature). > > My question: is the end result correct? That is, is it portable to have > two signatures made using the same key, with one of them revoked > and the other not? Is GnuPG refusing to make a new signature when > the old one is revoked a bug? The result is correct. When you revoke a signature, your exported signatures will have the revocation of that key/signature. So it makes no sense to sign it twice. You are better off instead cleaning your key such that the the revoked key(s) and any other IDs no longer usable (expired, for instance) are removed entirely. This will allow you to sign them "afresh" again. See https://gnupg.org/documentation/manuals/gnupg/OpenPGP-Key-Management.html#index-keyedit_003aclean -BEGIN PGP SIGNATURE- iLcEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXbyNOwAKCRDo8fj9gx4T 03IcAgjyNu7eUJmqzxqJITp0vPf3mxPJ2OFU7J1zYUoiL+P3/dCaIbG8RL2JPkXG 6JDknzfJa6f3x+Jq/nwTNiMxS+q6DQIIhCthVJWCFW7wqwZ6jU3D1YxXW3QyqxSa 970UJrUYquhH/ZBGEZcJybUWEGKl3J8x5qYhlc5rzzSMR6D4jawNJI4= =o9wv -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to improve our GUIs (was: We have GOT TO make things simpler)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 10/29/19 8:33 PM, raf via Gnupg-users wrote: > Hi, > > Sorry if this was mentioned before but I've just come > across a novel approach to email encryption that > doesn't do end-to-end encryption, but rather it > encrypts email upon receipt so that an individual can > encrypt the email that is stored in their IMAP account > as it arrives without the need for every sender to > encrypt and without the need for any service provider's > involvement That doesn't sound very safe. My interpretation of the goals of GPG is two server two purposes: 1) To transmit data securely over an insecure medium in a way such that it can protect itself against some eavesdropper or man-in-the-middle listening, or... (2) Provide a means to create digital signatures on data such that you can be assured that some message was sent only by someone who possesses the private key who's public key you've added. Your proposal doesn't seem to address the MITM attacks. It doesn't seem deal with signatures either. It seems only to encrypt things only on receipt. What does that protect against, exactly? Maybe I'm missing something here... -BEGIN PGP SIGNATURE- iLgEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXbyKogAKCRDo8fj9gx4T 06a/AgjETQjTvlCkOeKWIqOrkcHQmNhbWtV1RYM3IbOoj6wddB3KPClw8aglVXMg BEockH7nPuYT1rxxDhG8+llq9uXiEgIJAUsF0cCZbxparDbfzkTCb32opFdCIqb6 X95rfCCbaE/luNCTUR9B0+VVNdfUn4dcNkTSx8W6svJvjNB6RSwGm1wg =MZCl -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Reading or extracting the initial file from a signed file
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 10/22/19 10:44 AM, Arbiel Perlacremaz wrote: > I read the gpg man page, but I haven't been able to find the appropriate > commands, either to decompress the file or to extract the original file. gpg -o -d "man gpg" is your friend. -BEGIN PGP SIGNATURE- iLgEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXa+gBQAKCRDo8fj9gx4T 05uuAgiJEdAoDbaXzFbExxUO+5SOTPjdmv3Ghpm1mYipPne4vtiDQumvnzzNuWmB KBbvtcBUezAc928SNR9YAoqq/O1eBAIJAXI9j7tOb+N/K1V8JTIAv++mLLU8KLR5 1BEs/O/RfCQ6kRkmsRE/ydP2fZu1Stl5HUAUzEwRAV+Ui5AoL03w91X6 =yoSb -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: FAQ: seeking consensus
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 10/18/19 2:12 PM, Steffen Nurpmeso wrote: > (redacted)... there are drugs and other specialists which > can make you talk and reveal that presence. At some later time > i would expect a court order to access log etc. data in and of the > brain implant will increase personal rights and freedom. Not exactly. Actually, this is precisely why I find public key cryptography so cool. If you do not explicitly add your own address to the list of recipients, you will not be able to decrypt the message! This may sound silly, but you may want to write something to someone that you cannot ever possibly be compelled to decrypt. It will be impossible for you to decrypt, even though you wrote it and encrypted it and even if you have the file in your possession and even if you have all your secret keys and you know all of your own passwords and have them written down. You can smile serenely while they're beating you with a rubber hose, knowing that you can't endanger the lives of your sources, nor give up your rights, even if you felt like that might be entertaining for a change. This is also exactly why governments find it such threat - the idea we have a way to truly, securely communicate in a way they cannot prove who sent what terrifies them. It's also what lead to the US trying to classify such crypto as a military munition, which was later repealed in court in Bernstein vs US Department of State. They're trying to bring it back though (hah, fat chance)! > Btw., you use autocrypt headers, in this mail of yours there are > thus two certificate keys included. Unfortunately my MUA not yet > can either of them, and will not before next spring. > At that time we will support PGP/MIME and inline signed/encrypted > messages (even though it will not be nice until some later > time). And will have a look into OpenPGP: headers. But not > autocrypt, no. I didn't realize there were people in this mailing list who didn't use it. Well, I turned it off here... that better? -BEGIN PGP SIGNATURE- iLcEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXapNbAAKCRDo8fj9gx4T 02M3AgifbiLAywfj+K8T0LujTLhyVAFy6UAkP7q+4SQjUuhN510K3RH7Z4WC0/h/ KugrLdV0W+SMPv0jRTuzXyIkAWCAHwIIkYC5/+n85ualrY9WF3Kpk6o2Yws5CWxW yTmM1wcnNN7uzXOXafLPTxGyca9uqil158OEbfX6GktAc2mrQkFLUNc= =8nMs -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: FAQ: seeking consensus
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 10/17/19 3:38 PM, Steffen Nurpmeso wrote: > You know, i would say people should be advised to use the most > compatible, most secure keys available for their "very key". > Regardless of computing cost that is. And use specific "weaker", > "faster" or whatever keys for specific purposes, like tarball > signing, or whatever. I have never understood any other advise, > actually. I have vague memories of a very "conservative" sentence > on the use of PGP keys on the mentioned FreeBSD handbook page, it > must be more than 15 years, and i have only read it once. > I adhered to that, and i now that all the RSA 4096 things i have > produced ever since will be safe for quite some time, maybe even > until i die (which could happen anytime though), unless the > quantum thing explodes somehow (not a mathematician here). If you absolutely, positively, _need_ the most bits of security then RSA4096 shouldn't be your go-to anymore. RSA4096 doesn't actually provide 4096 bits of security. The _key_ sizes may be 4096 bits, but you must understand the security comes from the the cardinality of prime numbers, so the actual amount of security is only 131 bits of security. Compare this to RSA's 3072 bit keys providing 125 bits of security. Unlike RSA, ECC keys don't scale logarithmically. For ECC, the fields need to be a prime modulus, but that's about it. As a result, the key sizes scale linearly with the bits of security by a factor of 2. So, if you want the most security possible with GPG _today_ you won't beat curve P-521, which provides ~261 bits of security, and to get an equivalent in RSA your key size would need to be at least 15360. But you have to understand, even 128 bits of security is so incredibly large that even the combined computing power of every processor we have now won't be enough to crack it. See: https://crypto.stackexchange.com/a/48669 for just how effort it'd take. By the way, 256 bits of security isn't twice the amount of 128 bits. 129 bits is twice the amount of security of 128 bits. Get it? If you are curious just how much effort it'd take to break a 256 bit key, I'd argue that it's physically impossible because there simply isn't enough energy in the universe to break it... see: https://youtu.be/S9JGmA5_unY But I digress. It's not the bits of security that matter anymore. You have a far bigger chance of being insecure with side-channel attacks etc, than you are with not enough bits of security. That is a far bigger security hole... Being on a device that is exposed to the internet. That's where you'd get cracked. Not the key size being too small. -BEGIN PGP SIGNATURE- iLkEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXajragAKCRDo8fj9gx4T 01GGAgkB8tgtFHtx91tvWxKzKdlFoceY68lzw968aWRqnv/ObRVUKDp/GVD/ykdj Zagk6D+t6V0ua7eUONo9j37/zmwOIfcCCQF4xvT4Mlaqfr2RUqt9Wyp+TEhLtrhJ GjmOOzrUcfjPT/ckvAk9Rl12gzuorIcbuwrCisN0r3htCwECJLz8s6r69A== =Rek+ -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Future OpenPGP Support in Thunderbird
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 10/8/19 9:34 AM, Philipp Klaus Krause wrote: > It would be really nice, if Thunderbird could add an option to use the > gpg key storage instead of its own, but so far the developers want to > always keep the Thunderbird key storage separately (thoug they are > considering functionality to import keys from gpg to Thunderbird): It doesn't do that? Why would they choose to tightly couple TB with OpenPGP? If I have to maintain two key databases, that's a dealbreaker for me. Welp, looks like I won't be upgrading. Thanks Mozilla. -BEGIN PGP SIGNATURE- iLgEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXZ2G+QAKCRDo8fj9gx4T 04hBAgkBa3KJriiIvDBG91RKezHEYrPK10Y8Rcc4rYa4RSTq266MGgNu8R0lY8q9 dSYL6JgM+aRvfvD56bclhkTVl/mROJECBiIeo/CBtU78+RFq8hbgpb+4hI5GKt+R s2/Oabhg+t5i9TZ4c3pG9y30A6Ih01bFgeX6FMA7HliGPGKr3PuWG0QO =AwFo -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: We have GOT TO make things simpler
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 10/8/19 9:21 AM, Jeff Allen via Gnupg-users wrote: > On 10/7/19 4:59 PM, Sheogorath via Gnupg-users wrote: >> Protonmail on the other hand is able to speak OpenPGP, they just don't >> do it. Not even when you answer to a OpenPGP encrypted email, which will >> result in the answer getting send to you in plaintext. And since a reply >> contains a copy of the original email at the bottom you also get your >> own, previously encrypted mail as answer without encryption. > > I disagree. No widely used OpenPGP implementation is going to > automatically encrypt replies to encrypted email out of the box. With > ProtonMail you have to import your correspondent's public key and flip > an encryption switch in settings. You have to do that with GnuPG too, > whether you are working from the command line or using > Thunderbird/Enigmail or a GUI front-end. Not quite. Enigmail addon Thunderbird and even GPGMail addon for Apple Mail encrypt it out of the box if you reply to a recipient who's sent you an an encrypted email if you already imported their public key. Moreover, the private key is stored on your local machine so no middleman can read it without access to your device. AFAIK, protonmail holds your private keys for you in some server. That doesn't sound very safe to me, and I wouldn't take that risk. I would argue even Gmail with inline PGP encryption over Enigmail or GPGMail is more secure than protonmail for this reason alone. >> And no, making a mail account at each of those providers is no solution. >> We have email to explicitly not run into this problem. > > Sure it's a solution. I have accounts at both. Most of my email is not > encrypted because, as the original poster pointed out, most people I > communicate with are not particularly interested in privacy. When a > private discussion _is_ required, I suggest that we have it on one of > those platforms. That seems terribly inefficient. Do you intend to maintain accounts on each of these platforms and take all of the risks of each into account? You must have a lot more trust than I do, but I digress. I think his whole point is "We should use e-mail as an insecure transport protocol and do secure end-to-end encryption on an agnostic encryption module such as GPG". And it makes sense to do things this way if you want to be secure. And before you point me to how PM stores your private keys (I've read it), remember that all of that salting and hash/password storage is done using business logic they developed, which means anytime there's an update, hidden or announced, you are running a risk of a backdoor being introduced. Can you even audit that code? At least with GPG I can not just audit but also substitute the module with any OpenPGP-compliant library. This gives me a heck of a lot more freedom (and security) than maintaining a thousand different accounts on a thousand different platforms. -BEGIN PGP SIGNATURE- iLgEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXZ1hdwAKCRDo8fj9gx4T 03jGAgdQ5F64jhGM2rYwAJjGW0sD75tE029SMUxSbL2mV90XcL6Rdu94YL6oTpSE QJWP93dCYmqvX9btuRviFBjuIyBtmAIJASKWeAzEyfrva2ljveBPOru3XsvM5xL4 bHwgTEmycH6nG6JMwBIu5A450OdEIC/83EgRVFXG4NZo67ndhHTGA+KN =K5la -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: We have GOT TO make things simpler
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 10/5/19 7:19 AM, Werner Koch via Gnupg-users wrote: > On Sat, 5 Oct 2019 12:15, Stefan Claas said: > >> installing MUAs and plug-ins, besides of GnuPG) point them to the FAQ as >> learning resource and then show them as modern alternative Mailvelope > > And don't forget to point them to all the HOWTOS and RFCs required to to > use and admin a MUA, sendmail, and the net configuration to name just a > few. The point here is that you falsely compare a system tool with an > end user visible interface. Thank you. This was exactly the point that set me off in my first message. The standalone GnuPG interface was never meant for those kinds of end-users. It was meant for power-users, system administrators, developers, and other folk who know their way around the terminal. If we want, say, an elegant graphical user interface for your average Joe, then that's a discussion to be had. But it's not an issue with GnuPG, per say. Applications that interface to GnuPG are responsible for _that_ burden. You don't go complain to OpenSSL devs when it's difficult to attain a secure connection to some website unless it's a technical issue with OpenSSL. No, you complain to Mozilla (or whoever made your browser of choice) or to Github admins. OpenSSL (or NSS, whatever your tool of choice) is just a back-end utility that non-tech-folk who don't know what they're doing should -never- interface to. And it's not because it's a difficult tool to use (it is), but because it's not intended for them. Dumbing the interface down, _especially_ if it compromises its security or our level of control over it, is a recipe for disaster. /endrant -BEGIN PGP SIGNATURE- iLgEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXZkDyAAKCRDo8fj9gx4T 0wd8AgkB71/0Q2AE0QxTQsDLtvCnnuZo2bOGhyhOKeNaJ0FiTcGdxIo+nAyEh+NF D1DF0wIAkfSywJemPVFP2NaHGm2JPvcCCLLfVZ7ZeYT86BvVnrcnlNFXSGZkNiVC JXwuTjLNRNsgG/TI+KwtBZmfQmeQ3Cs2XNle63yKHeRw9BRQD+ERo1LR =KeRH -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: We have GOT TO make things simpler
On 10/5/19 2:11 AM, Chris Narkiewicz via Gnupg-users wrote: > 20? Wow. There are 8 billion people on this planet, most of them don't > work at 20 companies from Fortune 500. Most don't even work on software to begin with. What's your point? > WhatsApp build crypto system that is successfully adopted by billions of > users without technical knowledge. Did you really set the bar _that_ low? Forgetting for a moment that Whatsapp is proprietary and there's no way to actually audit the code... We already know that governments have been pushing https://archive.is/suDJS for ways to decrypt it directly and that they can in fact read messages via a central authority/server https://archive.is/2TXqU when the receiving user of a message is offline. If you consider deliberately breaking E2E encryption by design a "success" then yes, our views _strongly_ differ on not just what's successful, but also what's acceptable. But go ahead, please rationalize why "ease-of-use" is more important than actual security for power-users such as myself and those who absolutely won't compromise on true E2EE. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: We have GOT TO make things simpler
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 10/4/19 3:35 AM, Stefan Claas wrote: > And do those 20 companies business with their customers were GnuPG > signatures are legally binding, like real signatures on letters? _At least_ 20 fortune 500 businesses _that I know of_. Mind you, I'm not even counting governments. And yes, it is recognized by the US government at the very least. See https://lists.gnupg.org/pipermail/gnupg-users/2018-September/060987.html and https://app.leg.wa.gov/RCW/default.aspx?cite=42.45.130 > That for example is the case with eIDAS conform digital signatures > here in Europe. Digital signatures are, in general, legally binding. If for instance a government official who's known to use PGP signatures signs off on a treasonous act, that signature can be used against him or her in court of law. But it can also be used for contracts. e-signature is a legal concept used to capture a person’s intent to be legally bound by the terms of an agreement or contract. While a digital signature is a mathematical algorithm. A cryptographic technology used to make data tamper evident, digitally sign of documents. Even the "newer" signatures that are the Elliptic Curves are recognized as per FIPS-186-4, see: https://www.federalregister.gov/documents/2015/10/20/2015-26539/federal-information-processing-standard-fips-186-4-digital-signature-standard-request-for-comments#h-9 and notably https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf -BEGIN PGP SIGNATURE- iLgEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXZd8fgAKCRDo8fj9gx4T 02ZvAgjW4j3F1vJna5KRq2po8xW6qmds0u8wUIJNDnQ46nBecy7nxTVyRNgMqdTq kG19RhDdWvQZ850hmeAK6KJiYUAR+gIJAQ7YSL91Ncopuj8Eeamlh/KBpHfsrCS9 KT/7ZaFhKusw8fOz5XjvQxTksxeJrDsAYvIyufjdu837ri+qEqXWMWSd =Lx49 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: We have GOT TO make things simpler
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 10/3/19 5:53 PM, Stefan Claas via Gnupg-users wrote: > And this is probably the reason why digital signatures from GnuPG were never > been adopted (for business related things) in the EU and elsewere. I don't know about the EU, but I can name at least 20 fortune-500 businesses that use GPG, including Facebook (yes, even they use GPG, see for yourself). And those are just the ones -I- know of. And this isn't even counting government. As far as security goes, you cannot beat GnuPG. You do not have to submit your secret online or to some shady third party. In fact, there's an entire industry dedicated to the sorts of services GnuPG provides, you might've heard of one - Yubikey. -BEGIN PGP SIGNATURE- iLgEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXZbEKAAKCRDo8fj9gx4T 05qBAgY94RW3iWAsqAp1epy44ArbPCRkU56kq9VihTKqQls/TMDx2FTx28LpafC5 qaUZhvABKoW9/5a2wN0m0av3aaB+bgIJAaCwT2qBU5OYpvxyaDX+RZwQ7GDd1/LT 3B8cJeQhCcDigoO4OazoMd1CgD6F1e63Y+NKeWfnLUlC3mvYcMnc2FQh =abwF -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: We have GOT TO make things simpler
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 With all due respect... NO. It is not wise to impede on the power-users who use GPG due to the availability of the various configurations that brought us here in the first place. On 9/30/19 9:43 AM, Roland Siemons wrote:[snip] > 4/ Here is my proposal: > 4.1/ Stimulate that people use a GUI like GPA or Kleopatra. Not Enigmail, > although it offers the same, but it offers too much for beginners. Email > integration comes after people have a basic understanding. Please do > appreciate if people only want to be able to prepare encrypted documents for > sending them as attachments. This is not an issue with GnuPG. GnuPG is a back-end utility that front-end applications (like GUIs) interface to. Go to your vendor of choice that interfaces with GPG and complain to them about the complexity their interface. As far as GPG goes, it does exactly what it's supposed to. It's a command-line utility. Its raw interface is not supposed to be exposed to the kind of user you're expecting. > 4.2/ Ensure that, when generating a keypair, GnuPG creates one directory > "Secretkeys", and one directory "Publickeys". Make GnuPG to store the public > part and the secret part separately in those directories. If GnuPG needs also > keypairs in a single file, store that under Secretkeys.Keys are stored in a > keyring database. You're not supposed to export them by copying files over in > this way. You use the command-line utility to import or export your public > keys. For instance, the following command exports all of your signed public keys in PGP format: gpg -a --export ...or you can export a specific key by suffixing that last command with the key (or name or email some other identifier) that you want to export. Exporting private keys is done the same way. Exporting the trust database can be done this way as well, albeit with different options. > 4.5/ Get rid of the options to NOT publish keys on keyservers. Just work the > opt-in alternative: If you want to publish to keyservers, make that a > separate action that requires some effort.AFAIK, distributing keys to > keyservers already takes a separate action. Unless there's some other command > I'm not aware about, the only way I see to distribute keys to some keyserver > is with the following command: gpg --send-keys $KEY_IDENTIFIER -BEGIN PGP SIGNATURE- iLcEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXZPnWAAKCRDo8fj9gx4T 0/YtAgEBKgPN/9Ua2odPSPn2K7g1Qnc2XovMnDWE30reqNT4/cYCQmnVuwjMspqs w5dA7SSIj/fSm9NJptn5dS7y70NoIgIEDJ2+QDNj/4PpUSkkIr3zHpI+y4yIanLP UxWL8YI5mHUAfGAZ05O8HwwDUm+Z+q4joxVjBjP8pNASTklHrf4U32A= =Oi8M -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
