Hi!
Chris Sutton schrieb:
What doesn't work
-
I was under the impression that exactly the same process should work for
a message encrypted using GPG. I pass in a plaintext file with the -e
and -r options, and generate the binary and ASCII-armored versions as
above.
Hi!
Peter Lebbing schrieb:
By exchanging the order of the keyrings, hopefully this will mean it looks for
the key in secring2.gpg first, where the primary key is included too.
Works fine for certifying other people's keys, thank you!
However, since all updates to the my key would be done to
Hi!
Mark H. Wood schrieb:
I too would like to find some way to get the word
out about what it is and why my correspondent might find it desirable.
What about inline signatures when emailing people that do not yet use
OpenPGP?
Enigmail, for example, has per-recipient rules that are supposed to
Hi!
Am -10.01.-28163 20:59, schrieb Will McDonald:
what's the best way for me to test my 30,000 possible
passphrases?
No idea whether it's the best way for you, but there is a small tool
called rephrase which might do the job:
http://roguedaemon.net/rephrase/README.html
cu, Sven
Hi!
Am -10.01.-28163 20:59, schrieb takethe...@gmx.de:
I wonder how I can check whether the email address in the ID realy belongs to
the keyowner.
You can only check whether the key owner has access to the email
address. You cannot check whether this access is in any way exclusive,
legit or
Hi!
Am 20:59, schrieb Mark H. Wood:
someone probably could suggest a brute-force tool
I tried to respond to this thread already, but somehow mixed up email
settings and my relies appear to be lost, so let's try again:
There's a tool called nasty that does 'pure' brute forcing:
Hi!
Am 20:59, schrieb Aaron Toponce:
[snip]
Am I the only one who can't decrypt this message? Is there something I'm
missing?
I *could* decode it, but since I'm reading the list in digest and
MIME mode (i.e., I get one combined email for every 10 postings and
each posting is a separate MIME
Hi!
Am 20:59, schrieb Anthony Papillion:
My passphrases are
stored in a Keepass database that resides in a TrueCrypt container. It's
protected well. My actual key is protected by a 62 character passphrase
One could argue that this is equivalent to having a passphrase-less
keyring within the
Am -10.01.-28163 20:59, schrieb ved...@nym.hush.com:
Is there an option in gnupg like the '-m' option in pgp which
allows the display of decrypted plaintext on the screen instead of
saving to file,
Use - as the output filename and pipe that into more/less/..., as in
gpg -o - file.gpg |
Hi!
Perhaps it would be worthwhile to add a question to the signing
process: Have you met this person face-to-face and verified
his/her identity? (y/N) If the user answers no, display a warning
that the user probably wants to lsign, not to sign, and give the
option of making an lsign
Hello!
I can't answer all your questions, but I will go for those that I can.
Christoph Anton Mitterer schrieb:
2) GnuPG (and I think OpenPGP specifies that, too?) uses hybrid
algortihm, meaning that when encrypting data, it's first encryptet
using a symmetric algorithm (e.g. AES) with a
Hello!
-Original Message-
If this is what happened, that means that when one has obtained the
revocation certificate, it is possible to revoke the corresponding key
in one's own keyserver, without the intervention of the certificate's
issuer, and I believe that is detailed in GnuPG
might as well go for the aforementioned PCMCIA reader for convenience.
Thanks for your insights,
Sven Radde
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Hi!
Bazzz schrieb:
This replies by gpg: Go ahead and type your message ...
And there it stops. I can keep on typing .. but can't close the
text-entering and make the gpg continue.
You need to send the End of File character manually.
Try CTRL-Z ENTER.
But note that when invoking solely gpg
NikNot schrieb:
Unfortunately, the whole GPG, with WebOfTrust construct, makes the
assumption that there is no need whatsoever to protect the identity of
the secret key holder
You have, however, the possibility of using pseudonyms as UID. Only the
signers of your key would have to know about
CHALLENGE command while
reading through the card spec...
Have fun,
Sven Radde
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Hi!
Moses schrieb:
How to better protect private keys of GPG users?
Apart from the *very* good point of Robert, your ürivate key is still
protected by its passphrase after you run gpg --export-secret-key. It
therefore cannot be used by someone who does not know the passphrase
(however, when
Hi!
Thomas Sowa schrieb:
- i can't revoke it -- no passphrase :-(
- i still need the email adresses with the useless keys
- i definitely can't find the passphrase
Well, the severity of the problem depends on whether your forgotten
keys are available on the public keyservers.
If not, you're
Matthias Barmeier schrieb:
I tried to investigate what the URL should look like, but I cannot find
an example.
Could you give me some pointers or hints howto form this URL ?
Just tried it out to get a quick HOWTO:
Export your key, upload it to some webserver (not keyserver) and note
the URL,
Hi!
Anders Breindahl schrieb:
So please restate that --
even in the face of quantum computers -- we won't ever factor 256 bit
numbers.
Apart from the fact that 256bit is about symmetric keys (a 256bit number
would be factored quite easily -- that's why we have 4096 bit RSA keys),
possible
Hi!
Casey Jones schrieb:
Does anyone know of software available to make an old PC into something
like a hardware security module.
What about Knoppix?
It supports GnuPG and you can easily have your keys on a (dedicated) USB
drive while booting your (regular or dedicated) PC with Knoppix to do
Hi!
Andrew Berg schrieb:
Try signing/encrypting files that are tens, hundreds, or thousands of
megabytes in size. Sure, your average machine can sign/encrypt
messages that don't even fill a cluster without breaking a sweat, but
if the sensitive data is large, RSA-4096 isn't a good choice
Hi!
Werner Koch schrieb:
I can't remember that we ever supported bzip 2 under Windows.
Here you go (installed gpg4win v1.1.0):
C:\Programme\GnuPGgpg --version
gpg (GnuPG) 1.4.7
(...)
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256,
Robert J. Hansen schrieb:
One more thing: the key expiry. Do you think that setting the expiry
date after a year or two is a good choice? Or is better not to set a
expiry date and revoke the key when necessary?
For most personal/home users, expiration is not necessary.
We might want to
Oskar L. schrieb:
No, in my example I used two, not one messages (pictures) and created
permutations of both, and then compared both groups of hashes against each
other.
This appears to be somewhere in the middle between a birthday attack and
a preimage attack.
It looks like a preimage attack
Hi!
Robert J. Hansen schrieb:
Ok, so RSA isn't always significantly faster, as I thought it was. I
had read somewhere that it was, (probably on this list) and my own
testing with my 4GB backup files showed RSA to be notably faster.
I second Robert here. With 4GB of data, the hashing /
Hi!
Robert J. Hansen schrieb:
Think of it this way. Let's say you don't trust Google for some reason.
Then you go to https://mail.google.com, and verify that the SSL
certificate is correct, so you can be sure your not on a phishing site.
Would you now claim that the site isn't authentic, just
Hi there!
Providing filenames to GnuPG (1.4.7, gpg4win) only results in output of
a syntax help, while piping the files still works.
As an example, I will use one of the commands in GnuPG's help, but it is
the same with other commands such as encrypt, symmetric, ...:
D:\Svengpg --clearsign
Hi!
Werner Koch schrieb:
FWIW, a few weeks ago I received the first PGP signed spam. The
signature was good and I believe that it was sent using a trojan
utilizing the local MUA which was configured to sign all outgoing mail.
Just out of curiosity: Does this (or, rather: should this) have
Hi!
Robert J. Hansen schrieb:
So, what, the plan then is to discard any message that's signed by an
unknown or untrusted key?
(...)
So _more_ valid OpenPGP data gets discarded? This plan gets better and
better.
The plan was not to discard anything, but *deny the bonus* in some cases
where
Hi!
Robert J. Hansen schrieb:
The instant spammers figure they can sneak past SpamAssassin a
fractional bit more by having a good PGP signature, we're going to see
an explosion of PGP/MIME.
Probably true, but how will spammers get signatures on their stuff that
are valid *for me*? They would
Hi!
Quite some tima ago a have seen Spams with a (obviously bogus) ---BEGIN
PGP SIGNATURE--- + garbage part at the end of the mails.
This might have had negative influence on some Bayesian databases.
Apart from creating a special Spamassassin module which actually
verifies incoming emails, I
Hi!
Pitigrilli schrieb:
I thought that there is only one fingerprint and that this would be
sufficient to confirm the integrity of the public key.
All your subkeys are signed by your primary key (see gpg --list-sigs,
the lines with sig after each sub line).
Therefore, verifying the fingerprints
Hi!
Nicolas Pillot schrieb:
Here comes the Sad-result-of-a-cursed-day :
- i have lost the digital versions of my .gnupg, ascii pub/priv keys
due to a failing usb stick which hadn't been used for 5+ years.
- this means i have lost all my encrypted data (mainly accounting
information,
Atom Smasher schrieb:
in theory, if you're *really* using a strong pass-phrase, you can publish
your private key in a public place and rest secure in the knowledge that
no known technology can break your 100+ character pass-phrase... and if a
hard drive or several go up in smoke you can
Atom Smasher schrieb:
2) AFAIK the shamir secret sharing protocol is great in theory, but there
just aren't any practical ways to use it (read: applications).
IIRC it is implemented in PGP.
(Maybe in the commercial/corporate versions only, and maybe not that
particular protocol but they have a
Hi!
Noiano schrieb:
I was wondering about how gnupg works when I encrypt a message for
multiple recipients. As long as I know public-key encryption works as
described in this image
http://upload.wikimedia.org/wikipedia/commons/f/f9/Public_key_encryption.svg.
This image is a simplified view
Hi!
Hardeep Singh schrieb:
Its a tool for public key encryption using ECC rather than
prime number factoring.
AFAIK, some of the really efficient algorithms for the required math are
patented.
cu, Sven
___
Gnupg-users mailing list
Hi!
jramro schrieb:
I'm trying to send a php mail form and not able to get it to encrypt or do
much of anything.
First of all, make sure that you have access to the gpg executable from
your php script and that safe mode and similar restrictions do not cause
problems.
Make also sure that the
Hi!
Alexander W. Janssen schrieb:
How do you come to that figure? A keyspace of 1024 is the double
amount of 1023 bit, so I'm curious how you come to that figures.
While this is true for symmetric ciphers, there are far more efficient
attack methods on asymmetric ciphers (factoring - instead
Alexander W. Janssen schrieb:
In fact, some mathematician has proven that factoring is a polynomial
problem, IIRC.
A P-problem? Really?! Factoring primes is a polynomal problem nowadays?
Are you SURE about that?
Umm, no, not sure (hence the IIRC). Apparently, I am nearing an age
where this
Hi!
David Shaw schrieb:
A notation allows the issuer of
the signature to add special instructions or general information to be
seen by whoever verifies the signature.
Are there any conventions/suggestions for these notations? I mean,
something like signer-key-url=http://...; or the like? Or
[EMAIL PROTECTED] schrieb:
is there a section of the ascii-armored secret key block,
that by itself, is enough to reconstruct the secret key,
Based on the knowledge that paperkey exists, I would believe so.
Somewhere on your key will be the, e.g., 2048 bits that make it
Hi!
Jim Cook schrieb:
Does anyone know which type of cipher is used?
GnuPG uses a number of block ciphers in a variant of CFB mode.
See RFC 4880, section 13.9 for more details on the mode of operation.
btw, can someone explain to me what the design rationale for that
variant is? I did not find
Hi!
Wolf Canis schrieb:
I have a revocation
certificate.
Great! ;-)
But what is with the decrypted messages to me, can I still encrypt this
messages? Or is the secret key invalid too?
You will be able to decrypt messages and others will be able to verify
signatures which were issued by the
Hi!
[EMAIL PROTECTED] schrieb:
I know that A disadvantage of
the ElGamal system is that the encrypted message becomes very big,
about twice the size of the original message,
This may be true, but mind you that the message the ElGamal (or RSA)
encrypts is only the symmetric (=256bit) key
Hi!
Brad Tilley schrieb:
Hope this isn't too inappropriate. It is OK to redistribute the GnuPG
Windows binary installer?
IANAL, but given that GnuPG is GPLed, it should be perfectly OK.
However, you probably have to GPL your additions to the binary (i.e. the
customized scripts).
We'd like
Hi!
Steven Woody schrieb:
I don't trust any electrical medium ( USB disk, DVD-R and so on ) as
backup copy of my keypairs. I think I want hardcopy of my keys.
You may want to have a look at David Shaw's Paperkey :
http://www.jabberwocky.com/software/paperkey/
HTH, Sven
David Shaw schrieb:
No. Preferences, including the digest preferences, are not relevant
here at all. This is a signature *you* are making. The digest
preferences are consulted when someone *else* is making a signature,
and wants to know if you can handle it.
How would someone else (i.e. his
David Shaw schrieb:
Looks like this is ADK. Is there any way to do this on gpg?
Yes. Put encrypt-to (the-adk-key) in everyone's gpg.conf.
I thought that ADKs would work whenever encrypting to a key with that
feature enabled (i.e. also for incoming emails)? I.e. it is per-key and
not a
Hi!
Dirk Traulsen schrieb:
b. some keys do not belong to me in a common keyring.
I am really not sure whether that is a good idea at all.
Granting other people (write!) access to my secret keyring would be a
troubling thought, even though I am not currently aware of any practical
exploits.
Hi!
Am Freitag, den 29.02.2008, 15:10 -0500 schrieb Maury Markowitz:
O:\Utilitiesecho o:\apricing\pass.txt | ...
Try type o:\apricing\pass.txt | ... if you really want to do it this
way.
cu, Sven
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
Hi!
nunzky schrieb:
However, GPG, when run, creates the keyrings and
conf files on the HDD (documents and settings\appdata). Is it possible to
avoid this behavior and have GnuPG write those files, say, in its own dir on
my usb stick? How would I do this?
Try using --homedir
Hi!
John Clizbe schrieb:
Using the Gnu version of echo with the suppress newline option 'echo
-n' to
create passfile is also an option, probably the best.
FWIW, I just created a text file using *notepad*, containing
1234567890 (without pressing enter after that line, and without the
Hi!
Elmer Espinosa schrieb:
I used the command gpg -s file to encrypt the file.
First of all, I am not quite sure whether you just spelled it wrongly
here or whether you made a potentially serious mistake.
gpg -s does *not* encrypt. It signs your file. gpg -e encrypts.
While the outputs of
Hello!
I was quite happy with my OpenPGP smartcard under Ubuntu until to the
point where it simply stopped working.
This is what I currently get:
$ gpg -v --card-status
gpg: selecting openpgp failed: unknown command
gpg: OpenPGP Karte ist nicht vorhanden: Allgemeiner Fehler
Apart from applying
Hi!
Thanks for your ideas, Harvey.
Am Sonntag, den 09.03.2008, 10:56 -0700 schrieb Harvey Muller:
If pcscd is running,
Yes, it is.
then my guess is that there is something wrong with the smartcard driver.
(...)
I'm using a GemPC Twin usb card reader. To get it to work, I only have to
Hi!
Michael Kesper schrieb:
pcscd sometimes gives trouble, for example when you try to create keys on the
card.
No problem with that, I created my keys off-card and then moved them.
I thought this would be the easiest way to have a backup key ready if
the card breaks.
For best effect try
Hi!
Werner Dittmann schrieb:
I've the same problem with an SCM 535. By running the pcscd in
forgroung with debug enabled I got the follwoing messages:
As far as I can tell from its output, pcscd is running normally.
Inserting and removing the OpenPGP card prints the appropriate messages.
I
Hi!
Albert Dengg schrieb:
i don't know if it is changed..but last time i looked it did set the
permission through a shell script
Yes. It is a script that runs chgrp and chmod on 'something'.
i rewrote the rules file to do it directly and it know works flawlessly
on instant on all machines
Hi!
Am Sonntag, den 09.03.2008, 15:05 +0100 schrieb Sven Radde:
Apart from applying the regular patches, the only action I remember that
could possibly have an impact on GnuPG was installing the seahorse
package. However, removing it again did not change anything.
Update: It works again
Hi!
Am Mittwoch, den 19.03.2008, 09:59 -0400 schrieb James P. Howard, II:
Can I put an old SMS card (I have piles from T-Mobile) in this device,
blank it, and load a new key? Or does this require a different kind of
card?
The OpenPGP smartcard is totally different from mobile phone SIM
manoj schrieb:
i am trying this using php on windows
$res=shell_exec(echo $passphrase | $gpg --passphrase-fd 0
--clearsign 'd:\gp_test\tt.inmp');
but is not working
What is not working?
Can you call the GPG executable at all? I.e. try to print the output of
gpg --version in your PHP page.
Hi!
Am Donnerstag, den 27.03.2008, 08:34 -0700 schrieb Harvey Muller:
If you decide not to remove seahorse-agent, for any reason,
you can workaround the issue by using the --no-use-agent option with gpg.
Thanks, putting no-use-agent into gpg.conf did the trick.
Now I have the nice things of
Hi!
Am Dienstag, den 01.04.2008, 17:29 -0600 schrieb Allen Schultz:
What is the recommended frontend/plugin to Office Outlook 2003
I think the one coming with gpg4win is fine?
I am running Office 2007 at work in the meantime but AFAIR I used it
when we still had 2003. And I definitely did never
Hi!
Stephen Fromm schrieb:
I'd like to use gpg for symmetric key encryption, but I cannot find
anything that tells me the mode of operation
GnuPG does a variant of CFB mode.
The exact details are specified in the OpenPGP standard:
http://tools.ietf.org/html/rfc4880#section-13.9
HTH, Sven
Hi!
Well apart from the fact that this whole thing sounds rather strange, I
would assume that you should include a step to separate those two files
again before decrypting both separately (and saving to two different
names ;-).
The message from GnuPG suggests to me that the files are ASCII
Hi!
Am Donnerstag, den 03.04.2008, 22:06 +0530 schrieb ravi shankar:
Once the file has been fetched, we get the merged file(if there are 2
files present with same name on the client machine) directly. How can
we separate the 2 encrypted files from the merged file? Is there a way
to
Hi!
Am Donnerstag, den 03.04.2008, 18:41 +0200 schrieb Werner Koch:
The real reason for GnuPG-2 is the support for S/MIME.
I'm just curious and do not mean to be offensive or to belittle the
effort to implement S/MIME, but is GnuPG's S/MIME implementation
actually used somewhere?
As far as I
Hello GnuPG users,
Is there a convenient way to access the data objects of the OpenPGP
smartcard? The best thing I know is to use gpg --card-edit to get at
the PIN-protected DOs, which is cumbersome and does not give a very
machine-friendly output...
What I am thinking of is the following:
Hi!
Am Mittwoch, den 09.04.2008, 15:50 -0600 schrieb Allen Schultz:
I have either a 256 or a 512 MB USB Flash drive that I am not using.
Is there anyway I can turn that into a smartcard for GNUPG and other
security stuff?
I was talking about the chip card, as seen here:
Herbert Furting schrieb:
Ah you think cryptography is engineering? Always thought it would be math.
Implementing crypto is purest engineering.
Not even algorithm design is pure math if you think of timing or power
consumption attacks that might have to be considered.
Anyway if we always
Herbert Furting schrieb:
But imagine the following:
Yours: 3DES, AES256
Mine: AES256, 3DES
Which one is chosen now? But when I only include AES256 I can at least
somewhat control it.
If *you* send, it is AES; if RJH sent, it would be 3DES.
It doesn't matter if your key indicates a
Stan Tobias schrieb:
If a public key has a UID1, which I already
trust, and a new UID2 is added, why can't I infer trust for the new uid?
(...)
So the
only person that could have added UID2 is the one that is in control of
UID1 (supposedly, it's the same person). Why is there a need to check
Peter Lewis schrieb:
Because you do not know whether the owner of UID1 is also the owner of
UID2.
Let's say, someone trusts my key and my user-id on that key.
Now, I add another ID: Stan Tobias [EMAIL PROTECTED]...
No good idea to trust that without checking, is it?
But isn't that the
Hi!
Am Dienstag, den 15.04.2008, 11:03 -0500 schrieb John Clizbe:
There is nothing to backport. David Shaw answered this exact same post last
Friday on both GnuPG-Users and GnuPG-Devel.
I felt already last Friday that this was only a partial answer to the
question.
Although it might not be
Hi!
Am Dienstag, den 15.04.2008, 20:35 -0500 schrieb Robert J. Hansen:
Even if those subpacktes would be used in my suggested way, each
implementation would know Nanana, 3DES is a fallback, so in each case I
can find my algorithm match, but in addition to that a user could force
his
Hi!
Am Sonntag, den 20.04.2008, 03:45 +0200 schrieb Christoph Anton
Mitterer:
That's even true for different branches like Apache's http server. One
should probably only use the 1.x branch if using the 2.x is impossible
for some reason.
While it isn't directly true for GnuPG, interpreting the
Hi!
Am Sonntag, den 20.04.2008, 00:40 -0400 schrieb Bill Royds:
the present GNUPG 2.x line should be called GNUPG-SMIME y.x
While the GNUPG 1.x line should be GNUPG-OpenPGP y.x
This would imply that 2.x could not do OpenPGP anymore, which simply
isn't the case.
cu, Sven
Hi!
Matt Kinni schrieb:
Everyone says it should be as long as possible (...) What do you think?
You might find this interesting read:
http://www.schneier.com/blog/archives/2007/01/choosing_secure.html
Also keep in mind that in order to attack your password, an attacker
would first have to
Faramir schrieb:
I was reading again this message, and I'd like to know: is there any
point about signing a key _but not giving any trusted status_ ?
Yes.
Signing the key makes it valid for you (i.e. you believe that the person
indicated in the key's User-IDs is the person who actually has
Hi!
Am Montag, den 05.05.2008, 22:58 -0400 schrieb Faramir:
So there are only 64 bits in an 8 character password, which can be
cracked quite quickly using rainbow tables for any password.
That is unlikely to work because gpg uses a random 64 bit salt as well
as extended hashing.
I
Hi!
Ramon Loureiro schrieb:
Is it possible for these users to hack my secret key?
If they have got it, can they use some kind of brute force system to
guess my pass phrase?
Yes. If they can read your private keyring, they can start to
brute-force your passphrase.
You should make sure that 1)
Carlos Williams schrieb:
What does this list recommend for Windows / Outlook clients sending
encrypted email using GNUPG?
Cannot speak for the list as a whole, but I would recommend gpg4win
(www.gpg4win.org) which comes with a plugin for Outlook - and some other
useful GUIs.
Unfortunately,
Hi!
Am Mittwoch, den 28.05.2008, 21:27 +0200 schrieb Josef Wolf:
homedir is readable only by myself:myself. Why is this directory
considered to have unsafe permissions? How do I get rid of this warning?
I would suggest to remove any access rights except for the *user*
myself.
In other words,
Hi!
Am Dienstag, den 17.06.2008, 15:23 -0400 schrieb John W. Moore III:
Ostensibly, next to or below the Application You downloaded was a Link
to Download the Signature for the file.
When looking at 7-zip.org and their Sourceforge site, I did not find
anything like a separate detached
Hi!
andrea giovannoni schrieb:
I have a problem with my default key.
gpg --default-key 0x12345578
gpg: Go ahead and type your message ...
Maybe, there was a misunderstanding, about what this call does..?
If you want to set your default-key permanently, you would have to do
this by editing
Hi!
Am Mittwoch, den 20.08.2008, 21:09 -0400 schrieb Faramir:
The idea is
to make deleted files (not whole drives) unrecoverable to commercial
recovery software.
The german IT-magazine c't did such a test quite some time ago (in 2003,
IIRC) and found that a data recovery firm was unable to
Hi!
Am Montag, den 08.09.2008, 19:40 -0500 schrieb Robert J. Hansen:
The conversation we're not having, which I think we should be having, is
how can we have trusted communications on a hostile network when we
don't know if we really control our own PCs?
I guess we're not having this
Hi!
Am Montag, den 15.09.2008, 16:36 -0700 schrieb Chris De Young:
I have a UID on my key for an email address that I no longer use. Is it
generally considered good practice to remove that sort of thing when no longer
current, or should I leave old UIDs in place?
Revoke it using the revuid
Robert J. Hansen schrieb:
Right, but where is this preference actually used? personal-*-prefs
seems to rule the roost.
Now, as the sender is the one that creates the message, you would have a
hard time to force him doing something.
Therefore it is quite reasonable to have the sender's
Hi!
Although David's awesome little tool [1] reduces the chance of losing a
secret key, I am still a fan for pre-generated revocation certificates
in case a key is irrecoverably lost.
David, is there a chance that you will extend paperkey so that it
encodes and decodes revocation certificates?
Hi!
Am Sonntag, den 05.10.2008, 17:50 -0400 schrieb Faramir:
2.- Well... I am really newbie with ubuntu (I am starting to think I am
a noob in ubuntu, since time is passing, and I am not improving at all),
so I have some doubts about how to install the tool in ubuntu...
It's in the
Am Sonntag, den 05.10.2008, 19:49 -0400 schrieb David Shaw:
A revocation certificate, on the other hand, doesn't
have all that much that can be removed. Luckily revocation
certificates are pretty short to begin with. The only real advantage
that paperkey could bring to revocation
Hi gnupg-users!
I noticed some oddities (to me) with the selection of a hash algorithm
by GnuPG. I assume that the particular use-cases have additional
limitations which are not obvious to me, so could you please clarify?
First, when sending a signed email from Evolution, SHA1 seems to be
Hi GnuPG-Users!
Is there anywhere a list of notations that do currently have any kind of
canonical meaning (or, rather, are interpreted by GnuPG and/or popular
MUAs in any way)?
I found out about pka-adr...@gnupg.org=... and a quite old notation
that tells the commercial PGP about PGP/MIME
Hi!
Am Freitag, den 06.02.2009, 19:16 +0100 schrieb Matthias Mansfeld:
even if the rumours are true that the government may have such an
ability, we'd never know.
Then they would need brute force against key AND password or they
know about weaknesses in algorithms which nobody else
Hi!
David Shaw schrieb:
If you can't remove the redundant parts, then you're basically storing
a secret key, unchanged.
Apart from the encoding and line-wise checksums which paperkey adds,
that is...
Maybe this posting from a thread when I asked to extend paperkey for use
with revocation
Hi!
Michael Kesper schrieb:
Of course. The idea is that you can encrypt everything but the kernel
+initrd, which is needed in order to decrypt the partition (better said,
to set up the dm-crypt mapping).
And an USB stick could be always with you.
What is the additional gain to having an
Hi!
Tanu schrieb:
Is there any Standard JAVA API from SUN or Apache for GnuPG v1.80?
Any inputs on this will be highly appreciated.
This might not be exactly what you want, but have a look at
bouncycastle.org.
They do not utilize GnuPG, but rather implement OpenPGP (RFC2440) in Java.
cu,
1 - 100 of 108 matches
Mail list logo