Re: Unecrypted download of public keys

Am 04.02.2017 um 23:27 schrieb Daniel Kahn Gillmor: > On Sat 2017-02-04 15:14:50 -0500, sivmu wrote: >> I suppose this config did not change after upgrading from 2.1.17. >> Just tested it on 2.1.18 using arch and it still uses http on my setup. > > it's not a config change -- it's a defaults

Re: Unecrypted download of public keys

On Sat 2017-02-04 15:14:50 -0500, sivmu wrote: > I suppose this config did not change after upgrading from 2.1.17. > Just tested it on 2.1.18 using arch and it still uses http on my setup. it's not a config change -- it's a defaults change. in the old arrangement, if you didn't specify a

Re: Unecrypted download of public keys

Am 04.02.2017 um 08:18 schrieb Daniel Kahn Gillmor: > On Sat 2017-02-04 01:33:56 -0500, sivmu wrote: >> When using --revc-key or the gpa frontend, I noticed that the >> target public keys are still downloded using unencrypted http. While the >> trnasmitted information is generally public, it

Re: Key Used to Lookup Symmetric Passphrase.

I'd like to point out that one way of solving this completely differently is to encrypt to a private key on your keyring rather than using symmetric mode. Then GnuPG can trivially recognise it all can be decrypted with cached data. It doesn't have to be your usual OpenPGP key, you could create a

Re: Key Used to Lookup Symmetric Passphrase.

Hi, I wrote: > What's the key being used to look up the symmetric passphrase? Is it > something random stored in *.gpg and thus survives the rename? So I used `gpg --debug-level guru -d foo.gpg' and see the GET_PASSPHRASE --data --repeat=0 -- S08635B195E745ED6 X X Enter+passphrase%0A and

Re: Paper backup of all keys

On Feb 4, 2017 04:33, "Daniel Kahn Gillmor" wrote: On Fri 2017-02-03 18:28:03 -0500, MyCraigs List wrote: > Also, let's say the key associated with the email address (not a paper > backup) gets corrupted or I delete it or render the key unuseable- can > the paper backup