Thank you Daniel. As it turns out my difficulties were mostly being caused
by the fact that I had some how "broken" my apt updates. I was playing
around with backports in Debian 9.0 Stretch in order to properly download
and install Tor-Browser-Launcher.
I suspect that because Debian 9.0 is so new,
On Fri, Jun 23, 2017 at 03:50:27PM +0200, Neal H. Walfield wrote:
>
> Ensuring that a cache is consistent is *hard*. I don't think we want
> to add complexity (nevermind a cache!) to this security-critical
> functionality.
>
Neal (or Werner), what executable is responsible for maintaining the t
At Fri, 23 Jun 2017 13:04:02 -0400,
Brian Minton wrote:
>
> [1 ]
> On Fri, Jun 23, 2017 at 03:50:27PM +0200, Neal H. Walfield wrote:
> >
> > Ensuring that a cache is consistent is *hard*. I don't think we want
> > to add complexity (nevermind a cache!) to this security-critical
> > functionalit
On 23/06/17 15:50, Neal H. Walfield wrote:
> Ensuring that a cache is consistent is *hard*. I don't think we want
> to add complexity (nevermind a cache!) to this security-critical
> functionality.
There are two hard problems in computer science: Cache invalidation,
naming things, and off-by-one
At Fri, 23 Jun 2017 15:35:05 +0200,
martin f krafft wrote:
> also sprach Werner Koch [2017-06-22 19:02 +0200]:
> > For a key listing this means computing it for every listed key. And the
> > majority of frontends first do a key listing and show the validity of
> > the keys before you can encrypt
also sprach Werner Koch [2017-06-22 19:02 +0200]:
> For a key listing this means computing it for every listed key. And the
> majority of frontends first do a key listing and show the validity of
> the keys before you can encrypt something.
Obviously, one could work with caching hereā¦
Running -
Peter and Andrew,
Thank you both for your responses. I'm going to see if I can't use your
advice to ease my frequent system hoteling woes.
-CJones
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On 23/06/17 03:07, MFPA wrote:
> I thought "good signature" just meant the message has not been
> altered in transit.
That's very well possible. In that case there is no verbal indication of
a valid signature, only a colour. The text I see for a signature by a
fully valid key is:
Good signature f
At Fri, 23 Jun 2017 13:22:23 +0200,
Peter Lebbing wrote:
> On 23/06/17 12:56, Neal H. Walfield wrote:
> > It's up to the GPG client to interpret it. This document (authored by
> > Andre and me) has some recommendations for MUAs:
>
> Ah! Thanks for the information.
>
> I was thinking about how Gn
On 23/06/17 12:56, Neal H. Walfield wrote:
> It's up to the GPG client to interpret it. This document (authored by
> Andre and me) has some recommendations for MUAs:
Ah! Thanks for the information.
I was thinking about how GnuPG handled it, i.e., on the gpg command line
or as a backend for some
At Fri, 23 Jun 2017 12:52:48 +0200,
Peter Lebbing wrote:
>
> [1 ]
> On 23/06/17 11:14, Neal H. Walfield wrote:
> > No, both keys are set to ask. The key with a lot of observed
> > signatures could be bad. This could occur, if there is a MitM, but
> > the MitM has a small lapse, because, perhaps
On 23/06/17 11:14, Neal H. Walfield wrote:
> No, both keys are set to ask. The key with a lot of observed
> signatures could be bad. This could occur, if there is a MitM, but
> the MitM has a small lapse, because, perhaps, you've used an
> unintercepted network path to retreive the "new" signatur
Neal H. Walfield [2017-06-23 11:14:31+02] wrote:
> At Thu, 22 Jun 2017 20:32:48 +0300, Teemu Likonen wrote:
>> Then let's say I have a key which has been used to verify hundred or
>> so signatures. In --status-fd's TOFU_STATS it gets higher
>> value, say 4. Then the keyring gets a new key with co
On 2017/06/21 18:17, Peter Lebbing wrote:
> On 18/06/17 03:48, Christopher Jones wrote:
>> It's a task to setup gpg on new boxes: Import pub key, ultimately trust
>> my key, and muck around with gpg and ssh agents.
>
> Configuring gpg as an SSH agent for Linux in the easiest way is very,
> very di
On 2017/06/22 14:34, martin f krafft wrote:
> also sprach Andrew Gallagher [2017-06-21 15:57 +0200]:
>> I have a quick and dirty tool here:
>> https://github.com/andrewgdotcom/synctrust
>
> Yeah, that'll do the job, except it blindly overwrites changes made
> locally. It's unlikely this happens,
At Thu, 22 Jun 2017 20:32:48 +0300,
Teemu Likonen wrote:
> Teemu Likonen [2017-06-22 09:42:50+03] wrote:
> > Does the SUMMARY field's value (0-4) have effect on how key's validity
> > is calculated or how TOFU conflicts are resolved or presented to a
> > user?
>
> I didn't get answers yet but I'll
also sprach Werner Koch [2017-06-23 09:40 +0200]:
> Those flags are tracked in self-signatures. When changing a flag
> a new self-signature is used. This will be uploaded to the
> keyserver. gpg uses the flags from the latest self-signature it
> has.
So how does this explain
% export GNUPGH
On Fri, 23 Jun 2017 00:33, 2014-667rhzu3dc-lists-gro...@riseup.net said:
> I didn't know you could remove a usage flag once the key was on the
Those flags are tracked in self-signatures. When changing a flag a new
self-signature is used. This will be uploaded to the keyserver. gpg
uses the fla
18 matches
Mail list logo