Re: Use the same passphrase for PGP and SSH keys and get prompted only once by gpg-agent

On Tue, Feb 13, 2018 at 04:55:19PM +0100, Werner Koch wrote: > On Tue, 13 Feb 2018 15:03, ambre...@gmail.com said: > > > Thanks for the detailed answer. But why not doing it for SSH then? > > I like to see when an ssh key is used the first time. Note that the > maximum caching time for ssh

Re: How can we utilize latest GPG from RPM repository?

On Sat, Feb 17, 2018 at 05:06:54PM -0600, helices wrote: > I will probably never understand why wanting to run the most current > version of gnupg on a plethora of servers is controversial. > > Nevertheless, the two (2) greatest reasons are: > >1. PCI DSS v3.2 >2. PCI DSS compliance

Re: Why Operating Systems don't always upgrade GnuPG

On Tue 2018-02-20 16:08:35 +0100, Werner Koch wrote: > On Mon, 19 Feb 2018 19:45, d...@fifthhorseman.net said: > >> GnuPG is under active development, and it has never had a fully-featured >> stable API (Application Programming Interface). What i mean is, there >> are some capabilities that are

Re: Why Operating Systems don't always upgrade GnuPG [was: Re: How can we utilize latest GPG from RPM repository?]

On Tue 2018-02-20 13:18:40 +0100, Dashamir Hoxha wrote: > One solution to this situation may be to install the latest GnuPG > in a Docker container, where it can have all the required libraries > and dependencies that it needs, without disturbing the host OS. I think this misses the point that

Re: Why Operating Systems don't always upgrade GnuPG [was: Re: How can we utilize latest GPG from RPM repository?]

On Mon, Feb 19, 2018 at 10:45:52AM -0800, Daniel Kahn Gillmor wrote: > > How can GnuPG contribute to fixing this problem? The traditional way > that many other projects have taken is to define their core programmatic > functionality into a library with a strict interface guarantees, and > have

Re: Solaris 11 install libgpg-error/libgcrypt make install hangs

On Fri, Feb 09, 2018 at 03:35:13PM +, Anna Kitces and Seth Fishman wrote: > Hi > > I ran ./configure, make, make check and entered make install over an > hour ago That seems a bit long. > the make check was clean Cool. > If I hit ctrl-C, how do I proceed? > > I am installing all the

Re: Why Operating Systems don't always upgrade GnuPG

At Tue, 20 Feb 2018 16:08:35 +0100, Werner Koch wrote: > > Yet another complementary approach might be to aggressively police the > > ecosystem by finding other software that deends on GnuPG in any of the > > aforementioned brittle ways, and either ask those developers to stop > > That is what

Re: Why Operating Systems don't always upgrade GnuPG

On Mon, 19 Feb 2018 19:45, d...@fifthhorseman.net said: > GnuPG is under active development, and it has never had a fully-featured > stable API (Application Programming Interface). What i mean is, there > are some capabilities that are only available from the user interface > (UI), and are not

Re: GPG encryption and decryption takes excessive time.

On Mon, Feb 19, 2018 at 01:30:06PM +, Green, Ian wrote: > Hi > Firstly, my knowledge of GPG is very weak and I am not a UNIX administrator, > so my access and knowledge are rather limited. > > I have been asked to set up file encryption / decryption of files > transferred between our SUN OS

Re: Why Operating Systems don't always upgrade GnuPG [was: Re: How can we utilize latest GPG from RPM repository?]

On 02/20/2018 01:18 PM, Dashamir Hoxha wrote: > If anybody is willing to give a try to any of these solutions I would > like to help. I would be generally cautious for both approaches without proper support in the surrounding infrastructure. In particular an upgrade to a depending library would

Re: Why Operating Systems don't always upgrade GnuPG [was: Re: How can we utilize latest GPG from RPM repository?]

On Mon, Feb 19, 2018 at 7:45 PM, Daniel Kahn Gillmor wrote: > On Sat 2018-02-17 17:06:54 -0600, helices wrote: > > I will probably never understand why wanting to run the most current > > version of gnupg on a plethora of servers is controversial. > > Here's one last try

Re: Why Operating Systems don't always upgrade GnuPG

On 19/02/18 19:45, Daniel Kahn Gillmor wrote: > But shrugging and suggesting it's uncontroversial to upgrade arbitrary > machines to the latest version of GnuPG doesn't appreciate the scope of > the problem involved with software maintenance in an active and > interdependent ecosystem. You are