On 04/28/2016 11:30 PM, Viktor Dick wrote:
> On 2016-04-29 06:54, Paul R. Ramer wrote:
>> Personally, I would rather not have to hit the "Page Down" button
>> *every* time I wrote an email (provided I have full-size keyboard). If
>> you are always varying from t
On 04/26/2016 05:24 AM, Dashamir Hoxha wrote:
> On Tue, Apr 26, 2016 at 2:20 PM, Daniel Pocock wrote:
>> You can use the wiki to link to the Github tasks that are relevant to
>> using epgp in the Live CD, you don't have to copy the details of each
>> task, just link to them
>>
On 04/28/2016 02:49 AM, Paolo Bolzoni wrote:
> However, you can move around with keyboard even in "modern" mua. When
> using normal keyboards I think you are exagerating a bit. The problem
> is indeed annoying with limited keyboards, though.
Personally, I would rather not have to hit the "Page
On 04/26/2016 07:20 PM, Eric Pruitt wrote:
> On Tue, Apr 26, 2016 at 07:13:29PM -0700, Paul R. Ramer wrote:
>> I didn't see any indication of such a feature from the man page, but you
>> could just look at the gpg-agent.conf file.
>
> It's not that simple. I would also need
On 04/26/2016 02:31 PM, Eric Pruitt wrote:
> Is it possible to query the configuration of a running gpg-agent? In
> particular, I would like to query the running agent to see what
> values are being used for default-cache-ttl and max-cache-ttl. I have
> reviewed the documentation for
On 04/24/2016 10:59 AM, Peter Lebbing wrote:
> As for the OP's other questions, I can't answer them very well because I
> don't know MacOS, but I can give you advice: could you please indicate
> what software you are using? What mail client, what other GnuPG-related
> software? You say you compose
On 04/24/2016 09:51 AM, Daniel H. Werner wrote:
> I downloaded GPGTools on my Mac laptop (I have not done it on my Mac desktop
> yet
> as I want to be sure I know what I am doing!!!) and did the Install.
> I Imported my existing keys.
> And I have several question/problems:
First off, I can't
On 04/01/2016 01:21 AM, mick crane wrote:
> from what I read I don't think I can use gpg2 because
> Debian GNU/Linux 8 (jessie)apt uses gpg1 at present.
> I'm certain private-keys-v1.d was there before I attempted to use
> enigma/roundcube.
Debian has a package for GnuPG 2, which is gnupg2. If
On 03/31/2016 04:12 AM, Werner Koch wrote:
> Hello!
>
> We are pleased to announce the availability of a new stable GnuPG-2.0
> release: Version 2.0.30. This is a maintenance release which fixes a
> couple of bugs.
The subject line is about v2.0.29 instead of v2.0.30. Just FYI.
-Paul
On 03/16/2016 12:11 AM, Dashamir Hoxha wrote:
> On Wed, Mar 16, 2016 at 7:30 AM, Dashamir Hoxha
> wrote:
>>> You can stop it by --no-auto-check-trustdb option.
>>>
>>
> Actually, there is no problem if GnuPG checks trustdb periodically, I just
> don't want it to spill the
On November 15, 2014 10:02:44 AM PST, Samir Nassar sa...@samirnassar.com
wrote:
For those of you who come to David's post in the future through the
mailing
list archive: Disregard this misconception. Many of us, myself
included, use
gpg2 on a 64bit system without a problem.
Personally, I have
On November 15, 2014 3:52:02 AM PST, da...@gbenet.com da...@gbenet.com
wrote:
[snip]
david@laptop-1:/media/david/store$ gpg -ao --import
--allow-non-selfsigned-uid david-public.key
gpg: armour header: Version: GnuPG v1.4.11 (GNU/Linux)
pub 4096R/AAD8C47D 2014-08-17 postmaster (There's always
On August 29, 2014 11:37:27 AM PDT, Jonathan Brown jonbrownmaste...@gmail.com
wrote:
Is the crypto stick which is fully open source and open hardware more
secure than a Gemalto smart card reader with pin pad built in? Which of
these would make you more of a hard target and increase security.
I
On July 9, 2014 11:40:06 AM PDT, MFPA 2014-667rhzu3dc-lists-gro...@riseup.net
wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 9 July 2014 at 5:54:36 PM, in
mid:3222188.kZ1ztGDBqg@inno, Hauke Laging wrote:
Am Di 08.07.2014, 14:41:36 schrieb J. David Boyd:
which means
On July 6, 2014 4:40:13 PM PDT, MFPA 2014-667rhzu3dc-lists-gro...@riseup.net
wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Sunday 6 July 2014 at 3:25:57 PM, in
mid:53b95c75.5030...@vulcan.xs4all.nl, Johan Wevers wrote:
Since I don't know when I will consider a key
On June 26, 2014 8:26:16 AM PDT, Daniel Kahn Gillmor d...@fifthhorseman.net
wrote:
As for arguments about use on smartcards -- if you plan to get a
smartcard, and you have a primary key that is too large for it, you can
always generate and publish new subkeys that will fit in your
smartcard.
If
On June 1, 2014 10:45:45 AM PDT, frank ernest do...@mail.com wrote:
Hi again, I have been browsing and downloading gpg signed files and I'm
acctually been downloading the sigs! However, I'm having trouble
figuring out who signed what. Is there some way to determin this using
the sig? Perhaps it
On January 30, 2014 1:15:08 PM PST, Donald Morgan Jr.
donaldmorga...@gmail.com wrote:
If you know a user has a signature that they use to always end a
message
with, does that data aid in the decryption of the file? Would this
exploit
be applicable to symmetric encryption methods as well?
A
On 01/21/2014 03:23 AM, Peter Lebbing wrote:
TL;DR: I think you might be helped by [4]. Do an scd killscd from
gpg-connect-agent, install and start pcscd, install the Python module pyscard
and run the script from [4]. By the way, if you have an OpenPGP v.1 card,
you're
screwed, they
Hello,
I am having trouble reseting an OpenPGP card on which I locked the admin
PIN. Running gpg2 --card-status gives me the following error:
gpg: OpenPGP card not available: Not supported
When I try the instructions to reset the card from
Peter Lebbing pe...@digitalbrains.com wrote:
On 05/12/13 13:20, Paul R. Ramer wrote:
On that note, why assume that the manufacturer would not do the
opposite:
feign helping the spy agency by giving them a compromised ROM and
then
substituting a secure one on the real product. In either case, we
Peter Lebbing pe...@digitalbrains.com wrote:
On 02/12/13 20:37, Andreas Schwier (ML) wrote:
Wait a second - you can not simply hide a backdoor in a Common
Criteria
evaluated operating system. There are too many entities that would
need
to be involved in the process
Why couldn't the
adrelanos adrela...@riseup.net wrote:
When one uses a Live system for its air gapped OpenPGP key, one would
have to constantly remember re-creating this that gpg.conf. (Gone after
reboot.)
Not necessarily. You can plug in a USB drive with your custom gpg.conf file on
it, for example. A more
Johan Wevers joh...@vulcan.xs4all.nl
I communicate with someone whose key tells me it supports IDEA, and
since that's my prefered algorithm my gpg uses it to encrypt the
message. However, het setup does not in fact support it (any more, it
used to do in the past). Re-signing the key is no option,
adrelanos adrela...@riseup.net wrote:
- [b] and [c] for convenience, communication which isn't that important
- [c] to sign software / apt repository
- [a] to sign important messages (key transition etc.)
- [f] little convenience, for receiving important messages
What is the best way to make key
Leo Gaspard ekl...@gmail.com wrote:
However, to come back to the initial problem, I still believe the key
change
problem (ie. owner of K1 switchs to K2) does not require re-verifying
ownership
etc. (BTW, isn't this also why transition statements, like
Leo Gaspard ekl...@gmail.com wrote:
You are right. Decryption is sufficient to demonstrate control of
the private key, because if he can decrypt, he can also sign. What I
said, decrypt and sign, was redundant.
Well... I still do not understand why decryption is sufficient to
demonstrate
On 11/05/2013 09:26 AM, Leo Gaspard wrote:
On Tue, Nov 05, 2013 at 12:40:11AM -0800, Paul R. Ramer wrote:
I don't know how I can explain it any better than I have. I think you are
confusing assertion with verification. Unless you can differentiate between
the two in this case, I don't think
On Tuesday 5 November 2013 at 11:03:19 PM, in
mid:52797937.5090...@gmail.com, Paul R. Ramer wrote:
But if you sign it with an exportable
signature, you are saying to others that you have
verified the key.
In the absence of a published keysigning policy, isn't that an
assumption?
Signing
Griffin Cheng [CLIB] csch...@cpce-polyu.edu.hk wrote:
Hello,
I am new to GPG, especially writing programs to decrypt stuff. Is this
the right mailing list to ask?
gnupg-users is for most discussions and gnupg-devel is for
programming/development specific questions. HTH.
Cheers,
--Paul
--
MFPA expires2...@ymail.com wrote:
Why do we need to establish they can also sign? Isn't it enough to
demonstrate they control the email address and can decrypt, by signing
one UID at a time and sending that signed copy of the key in an
encrypted email to the address in that UID?
You are right.
Stan Tobias st...@privatdemail.net wrote:
Yes, but by remote communication. The reasoning goes like this: The
signature is validated by my certificate (or, in case 2a, by my
friends'
whom I trust fully). The message is authenticated by X's valid
signature,
therefore the message has not been
On 11/02/2013 02:25 PM, Leo Gaspard wrote:
On Sat, Nov 02, 2013 at 11:02:57AM -0700, Paul R. Ramer wrote:
Stan Tobias st...@privatdemail.net wrote:
Yes, but by remote communication. The reasoning goes like this: The
signature is validated by my certificate (or, in case 2a, by my
friends
On 11/02/2013 07:34 PM, Leo Gaspard wrote:
Well...
1) Checked by the other key's message. Because signed (K1) message from
Alice,
saying she has access to K2, means any UID on K2 named Alice is as right
as
the equivalent UID on K1. So the UIDs are correct.
2) Checked by the
Sam Tuke samt...@gnupg.org wrote:
Hi all,
I'm working with Werner to promote GnuPG and raise awareness. To that
end we're
collecting quotes from users - endorsements from people who know and
trust GPG,
people like you.
If you want to help us, send your own statement about why GPG is
important to
Robert J. Hansen r...@sixdemonbag.org wrote:
Let's say that tomorrow I lose my passphrase and make a new keypair.
Then in 25 years someone approaches me with a signed OpenPGP message
dated Christmas 2013, saying I agree to pay you one million dollars at
Christmas 2038. I scream it's a forgery,
On 10/26/2013 07:36 AM, Robert J. Hansen wrote:
On 10/26/2013 12:16 AM, Paul R. Ramer wrote:
I am not saying that any one should use 2048 bit RSA because the DoD
uses it. It is just a data point. That being said, I am doubtful that
classified discussions are being done over email.
CAC
Johan Wevers joh...@vulcan.xs4all.nl wrote:
On 25-10-2013 1:46, Robert J. Hansen wrote:
Mostly zealotry. According to NIST, RSA-2048 is expected to be
secure
for about the next 25 years.
The authority of NIST is of course severely reduced since the Snowden
revelations and their own suspicious
On 10/24/2013 04:46 PM, Robert J. Hansen wrote:
Is this zealotry on the Debian front, or something to update in gnupg?
Mostly zealotry. According to NIST, RSA-2048 is expected to be secure
for about the next 25 years.
To add further to this, the U.S. military uses 2048 bit RSA keys for
Sylvain b...@beuc.net wrote:
Hi,
I saw a lot of activity in the Debian project about upgrading to a
4096 RSA key,
e.g.
http://lists.debian.org/debian-devel-announce/2010/09/msg3.html
However GnuPG's default is 2048.
Is this zealotry on the Debian front, or something to update in gnupg?
Hi,
Robert J. Hansen r...@sixdemonbag.org wrote:
On 10/22/2013 11:01 AM, Stan Tobias wrote:
That phrase, to a sufficient degree, is important. You cannot ever
verify someone's identity 100%, not even with DNA testing -- it's
always
possible they have an identical twin, always possible the lab work
Stan Tobias st...@privatdemail.net wrote:
Peter Lebbing pe...@digitalbrains.com wrote:
On 24/10/13 01:15, Stan Tobias wrote:
, then why do we believe WoT authenticates anything? Why do we
accept, for
example, a conversation by telephone to validate a key fingerprint?
Because these are
Diaz, John, A jd...@azdes.gov wrote:
Good morning Paul. Instead of having the mainframe run a process to
call the script on the server, I was able to get an answer from 'them'
regarding when the file would be available, and I've scheduled the
process to run on the server. All is well now.
On 09/25/2013 09:36 AM, Diaz, John, A wrote:
Spoke too soon. The wrong path was part of the problem, but I’m still having
the issue:
Mainframe calls .bat file that calls C# application that calls second .bat
file to call GnuPG to decrypt a file. Once decrypted, other stuff happens,
On 09/10/2013 06:41 AM, Diaz, John, A wrote:
Spoke too soon. The wrong path was part of the problem, but I’m still having
the issue:
Mainframe calls .bat file that calls C# application that calls second .bat
file to call GnuPG to decrypt a file. Once decrypted, other stuff happens,
Anthony Papillion anth...@cajuntechie.org wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Is there a good way to add authentication capabilities to an existing
RSA key? I see how to toggle it if I create a new subkey but not how
to add it to an existing key.
[snip]
Hello Anthony,
As far
Philipp Klaus Krause p...@spth.de wrote:
I wonder if it would be a good idea to have an option to combine
symmetric ciphers, e.g. users could state a preference list like this:
TWOFISH+AES256 3DES+BLOWFISH+AES AES 3DES
The meaning of A+B would be to encrypt using A first, and then encrypt
the
On 09/06/2013 03:08 PM, Pete Stephenson wrote:
On Thu, Sep 5, 2013 at 8:35 PM, Pete Stephenson p...@heypete.com wrote:
Quick followup: I was also able to create the correct private key with
stubs pointing at both smartcards by loading the actual private keys
onto the smartcard using keytocard,
On 09/04/2013 01:54 PM, Diaz, John, A wrote:
Mainframe calls .bat file that calls C# application that calls second .bat
file to call GnuPG to decrypt a file. Once decrypted, other stuff happens,
e-mails are sent, blah, blah, blah.
Here's the issue: When the mainframe calls the .bat file to
On 03/29/2013 11:17 AM, adrelanos wrote:
Using your real identity would be the alternative. The trade-off is
easier key signatures vs. identity obscurity.
It would only be safer in
the sense that there won't be a scandal when/if your identity is
uncovered.
Why would that be a scandal?
On Mon, 2009-09-28 at 09:46 -0700, kearney wrote:
I am trying to export a secret key created on my local box to multiple
servers. Let's say the key is 12345678.
The goal is to have 1 script which runs on all the servers to encrypt and
backup the data to S3. And 1 script to decrypt the data
51 matches
Mail list logo