Re: Multiple dev one signing key

On Fri, 8 Mar 2019 20:05, johndoe65...@mail.com said: > What is the best way forward? > - One signing key accessible on the release system I'd say depends on the release system. In most cases this is a networked box and I would hesitate to do this. Using gpg --with a remote gpg-agent would be

Re: Default trust-model TOFU

On Fri, 8 Mar 2019 20:21, tliko...@iki.fi said: > have plans for that, to set the default trust model to "tofu" or > "tofu+pgp"? I am still not convinced that the UI as implemented on the command line is better that what we have now. It looks more complicated than what one would expect under TO

Re: PGP Anonymous Board Idea

On Fri, 8 Mar 2019 22:00, ab...@monksofcool.net said: > a) We're moving ever further off topic in terms of GnuPG. FWIW, given the low traffic on gnupg-users, I would consider this still to on topic. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. sig

Re: user id question

On Sun, 10 Mar 2019 14:51, 2017-r3sgs86x8e-lists-gro...@riseup.net said: > Is "nerdy" good or bad in this context? That is really up to you. Often it is fun to be a nerd. To the OP: I have done keysigning for about 25 years but meanwhile I don't think that the Web of Trust is a good idea to mak

Re: Keys in the keystore dir (private-keys-v1.d/) are being modified

On Sun, 10 Mar 2019 15:54, claudio.flore...@gmail.com said: > After signing a file with my sign subkey I noticed that the private key > file of the sign subkey was modified. Why? What happens? To speed up the migration and to not annoy you by asking for your passphrase for each private key, GnuPG

Re: Questions about finding keys used to encrypt files with gpg

On Sat, 9 Mar 2019 17:52, mattia.cod...@poste.it said: > I noticed that the gpg -d [filename] command works out without asking > me for the passphrase, so after a brief search i became aware of the > fact that gpg uses public/private keys encrypting, combined with a Right public key cryptography

Keys in the keystore dir (private-keys-v1.d/) are being modified

I recently updated to GnuPG 2.2 and migrated my secret keyring file (secring.gpg) to the new keystore dir (private-keys-v1.d). I use a VCS to track what is being modified inside my $GNUPGHOME. After signing a file with my sign subkey I noticed that the private key file of the sign subkey was modi

Re: user id question

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Friday 8 March 2019 at 8:15:43 AM, in , Werner Koch wrote:- > If you plan to take part in that nerdy key signing > game Is "nerdy" good or bad in this context? - -- Best regards MFPA

Re: Several GnuPG instances, with their corresponding agents

Hi, On Sun, Mar 10, 2019 at 01:25:41AM -0500, Konstantin Boyandin wrote: > Question: how do I keep several GnuPG versions installed, every > version with its own gpg-agent? A Gpg-agent is tied to a specific home directory (as specified in the GNUPGHOME environment variable or through the --homedi

Questions about finding keys used to encrypt files with gpg

Hi, i've encrypted some files from my hd using the gpg -c [filename] command. As usual gpg prompted me for a passhprase and then created the encrypted files, so far it worked out perfectly. I noticed that the gpg -d [filename] command works out without asking me for the passphrase, so after a b