Re: Keysigning party: after the event challenges

On Sun, Feb 10, 2019 at 03:36:05PM +0100, André Ockers wrote: > Hi Peter, > > Thank you very much. > > > Op 09-02-19 om 12:48 schreef Peter Lebbing: > > Hello André, > > > > On 09/02/2019 09:06, André Ockers wrote: > >> - 171 official keysigning party participants, of who 107 showed up to my >

Re: Forward gpg-agent to container

On Tue, Jun 05, 2018 at 05:17:10PM -0400, Phil Pennock wrote: > > Shell 1: > $ docker-machine ssh default -R > /var/run/pdp.gnupg:$HOME/.gnupg/S.gpg-agent.extra > [ leave this window open, this is your login on the VM; when this > closes, you stop forwarding GnuPG's socket ] A suggestion: for

Re: Breaking changes

On Tue, May 22, 2018 at 05:47:43AM -0400, Robert J. Hansen wrote: > > Get real. These people are long-time GnuPG users and now you want to > > throw them under the bus because... well, because you prefer it that > > way. > > 1.4 was deprecated the instant 2.0 was released. After much pushback it

Re: Breaking changes

On Wed, May 23, 2018 at 01:22:41AM +0200, Leo Gaspard via Gnupg-users wrote: > On 05/22/2018 11:48 PM, Dennis Clarke wrote: > > On 05/22/2018 05:38 PM, Dan Kegel wrote: > >> Lessee... > >> https://en.wikipedia.org/wiki/GNU_Privacy_Guard > >> already give an end-of-life date for 2.0, but none for

Re: A postmortem on Efail

On Mon, May 21, 2018 at 11:19:18AM -1100, Mirimir wrote: > On 05/21/2018 02:31 AM, Ben McGinnes wrote: >> >> https://ssd.eff.org/en/blog/pgp-and-efail-frequently-asked-questions >> >> “What if I keep getting PGP emails? >> >> You can decrypt these ema

Re: A postmortem on Efail

On Wed, May 23, 2018 at 12:15:58AM +0200, Steffen Nurpmeso wrote: > > I only use v1.4, and i will never never never never use anything > newer because that is very large and consists of an immense amount > of components that i really do not need. I receive keys via hkps:// > and sign, verify,

Re: A postmortem on Efail

On Tue, May 22, 2018 at 02:19:37AM +0100, Mark Rousell wrote: > On 21/05/2018 13:34, Ben McGinnes wrote: > >> I agree with most of the article and largely with the need to break >> compatibility to an ancient flawed design. Particularly since we >> still have a means of

Re: A postmortem on Efail

On Mon, May 21, 2018 at 08:51:17AM -0400, Robert J. Hansen wrote: >> That being the *incredibly* unhelpful and likely actively harmful >> recommendation to remove encryption and decryption functionality from >> vulnerable MUAs. > > I blame the EFF for that more than I blame the Efail developers.

Re: A postmortem on Efail

On Sun, May 20, 2018 at 01:43:07PM -1100, Mirimir wrote: > On 05/19/2018 11:44 PM, Aleksandar Lazic wrote: >> >> I do not want to create a conspiracy theory but it's wiggy that >> EFF favors *NO* security ,pgp or s/mime, instead to fix the current >> possibilities and promote signal. > > I read

Re: A postmortem on Efail

On Sun, May 20, 2018 at 02:26:47AM -0400, Robert J. Hansen wrote: > Writing just for myself -- not for GnuPG and not for Enigmail and > definitely not for my employer -- I put together a postmortem on Efail. > You may find it worth reading. You may also not. Your mileage will > probably vary.

Re: [GPGME] Repeated decrypt fails

On Wed, May 16, 2018 at 10:54:52AM -0400, Randy Trinh wrote: > Hi everyone, > > I'm fairly new to GnuPG and GPGME in general and I'm currently Firstly, kudos for going straight to GPGME instead of wrapping the GPG binary.  > trying to implement a process in which a file is uploaded from a >

Re: gpg 2.2.5 hangs instead of asking for a passphrase

On Fri, Mar 09, 2018 at 04:55:14PM -0800, Ian Holmes wrote: > Hi, > > I'm using gpg on macOS High Sierra, installed via homebrew. I have a file > that is CAST5 encrypted. When I try to decrypt it using my previous > homebrew version of gpg (gpg 2.0.30, libgcrypt 1.7.6), I type 'gpg > --decrypt

Re: [gpgme] generate a wheel of the python bindings

On Wed, Mar 07, 2018 at 12:36:24AM +0900, Matt wrote: > All problems disappeared with latest source. So everything is ok :) > Thank you once again Excellent. Some of the issues you raised (like oddness in test output/behaviour) had already been picked up and fixed, as you no doubt saw. Not

Re: GPG is not working because of gpg.conf

On Mon, Mar 05, 2018 at 01:24:28PM +0100, Werner Koch wrote: > > gpg searches for its configurarion file in this order (I use 1.4.23 as > example): > > gpg.conf-1.4.23 > gpg.conf-1.4 > gpg.conf-1 > gpg.conf > > The first existing one is used. This allows to have separate >

Re: [gpgme] generate a wheel of the python bindings

On Sun, Mar 04, 2018 at 02:50:52AM +0900, Matt wrote: > Hi, > > I've been trying to package gpgme python bindings for nixos > (www.nixos.org) since it's a dependency of the mail reader I use > (alot) but I haven't succeeded yet. Okay. With GPGME as a dependency ... Claws or Mutt/Neomutt? > I

Re: New employment

On Fri, Mar 02, 2018 at 11:43:26PM -0500, Robert J. Hansen wrote: > I'm taking a new job with IronNet Cybersecurity, Congratulations. :-) > which is run by former Director of the National Security Agency > Keith Alexander. My work will not overlap with GnuPG in any way. Well, that trumps my

Re: Use the same passphrase for PGP and SSH keys and get prompted only once by gpg-agent

On Wed, Feb 28, 2018 at 03:02:58PM +0100, Werner Koch wrote: > On Wed, 21 Feb 2018 07:27, b...@adversary.org said: > > >> No, there is no way to configure an extra hack to also test a passphrase > >> for an ssh key. > > > > Wanna bet? > > Oh no, I don't want to promote create solutions of our

Re: How can we utilize latest GPG from RPM repository?

On Thu, Feb 22, 2018 at 08:09:31AM -0800, Dan Kegel wrote: > > https://www.open-scap.org/download/ shows they provide an > open source tool which is in repositories for four redhat-ish distros and > two debian-ish distros; on Ubuntu, I was able to walk down the > path of using it a bit, looks a

Re: How can we utilize latest GPG from RPM repository?

On Wed, Feb 21, 2018 at 07:36:08AM -0800, Dan Kegel wrote: > On Tue, Feb 20, 2018 at 10:16 PM, Ben McGinnes <b...@adversary.org> wrote: >> >> Because these two lines explain *precisely* why you need something >> like RHEL or CentOS (certified systems to go with the

Re: wotmate: simple grapher for your keyring

On Wed, Feb 21, 2018 at 09:59:01AM -0500, Konstantin Ryabitsev wrote: > Hi, all: > > I've been maintaining the kernel.org web of trust for the past 5+ years, > and I wrote a number of tools to help me visualize trust paths between > fully trusted keys and those belonging to newer developers. > >

Re: Use the same passphrase for PGP and SSH keys and get prompted only once by gpg-agent

On Tue, Feb 13, 2018 at 04:55:19PM +0100, Werner Koch wrote: > On Tue, 13 Feb 2018 15:03, ambre...@gmail.com said: > > > Thanks for the detailed answer. But why not doing it for SSH then? > > I like to see when an ssh key is used the first time. Note that the > maximum caching time for ssh

Re: How can we utilize latest GPG from RPM repository?

On Sat, Feb 17, 2018 at 05:06:54PM -0600, helices wrote: > I will probably never understand why wanting to run the most current > version of gnupg on a plethora of servers is controversial. > > Nevertheless, the two (2) greatest reasons are: > >1. PCI DSS v3.2 >2. PCI DSS compliance

Re: Why Operating Systems don't always upgrade GnuPG [was: Re: How can we utilize latest GPG from RPM repository?]

On Mon, Feb 19, 2018 at 10:45:52AM -0800, Daniel Kahn Gillmor wrote: > > How can GnuPG contribute to fixing this problem? The traditional way > that many other projects have taken is to define their core programmatic > functionality into a library with a strict interface guarantees, and > have

Re: Solaris 11 install libgpg-error/libgcrypt make install hangs

On Fri, Feb 09, 2018 at 03:35:13PM +, Anna Kitces and Seth Fishman wrote: > Hi > > I ran ./configure, make, make check and entered make install over an > hour ago That seems a bit long. > the make check was clean Cool. > If I hit ctrl-C, how do I proceed? > > I am installing all the

Re: GPG encryption and decryption takes excessive time.

On Mon, Feb 19, 2018 at 01:30:06PM +, Green, Ian wrote: > Hi > Firstly, my knowledge of GPG is very weak and I am not a UNIX administrator, > so my access and knowledge are rather limited. > > I have been asked to set up file encryption / decryption of files > transferred between our SUN OS

Re: Modernizing Web-of-trust for Organizations

On Fri, Jan 05, 2018 at 08:47:29AM -0800, Lou Wynn wrote: > On 01/04/2018 02:28 PM, Ben McGinnes wrote: > > It seems to me, though, that the idea was to provide a means for the > > company to repudiate an employee's key even if the employee was no > > longer available.

Re: Huawei manual about Gnupg

On Thu, Feb 15, 2018 at 10:36:28AM +0800, Genghuang Wang wrote: > Hello, everybody as the Gnupg user Well, Robert made an excellent point in his response and, indeed, it is a point of view I share. However, I felt in need of a laugh, so I at least had a look at this thing and I certainly did get

Re: Modernizing Web-of-trust for Organizations

On Wed, Jan 03, 2018 at 05:34:30PM -0800, Lou Wynn wrote: > > The management of users' private key is a little more complicated. I > use two levels of protection. One level is at the organization. An > organization actually has a fourth key, which I call the guard key, > to encrypt the password

Re: Modernizing Web-of-trust for Organizations

On Thu, Jan 04, 2018 at 12:40:59AM +, MFPA wrote: > > For example, my ISP [0] says "All staff keys are signed using the > company signing key. This is very much like a traditional company > seal. Only the director has access to this key and it is only used > for signing other keys. If/when a

Re: GPGME Python bindings

On Thu, Dec 28, 2017 at 05:49:58PM -0500, Leo Famulari wrote: > Hello, > > I'm working on downstream packaging of GPGME and GPGME's Python > language bindings for GNU Guix. [0] Cool. > Because it was easier, we began packaging the GPGME Python bindings > based on the PyPi release [1] of version

Re: FAQ and GNU

On Tue, Oct 10, 2017 at 02:06:17AM +, Robert J. Hansen wrote: > A request has been made that each instance of "Linux" in the FAQ be > replaced with "GNU/Linux". Oh ... say hi to RMS from us. ;) > I'm not inclined to make this change. However, in order to make > sure that the FAQ reflects

Re: PGP for official documents / eIDAS and ZertES

On Tue, Oct 10, 2017 at 08:40:38AM +, ankostis wrote: > But it doesn't have to be XML! > Besides ETSI, the european organization implementing eIDAS has 3 "standards" > (e.g. [1]): > XADES(XML), PADES (pdf), CADES - the last one doubting if it has any > modern use. > > Why not push them for a

Re: 1024 key with large sub key

On Thu, Oct 05, 2017 at 07:19:10AM +, Werner Koch wrote: > On Wed, 4 Oct 2017 22:29, r...@sixdemonbag.org said: > >> Twofish became part of the suite of ciphers with PGP 7, and GnuPG >> had to > > Back in 1998/1999 we were keen to have a 128 bit block cipher in > OpenPGP. The PGP folks and

Re: GnuPG-card works in the Ubuntu smartphone

On Sun, Sep 24, 2017 at 05:55:28PM +, Matthias Apitz wrote: > > I'm not on Emacs, but vim. But, with the example you gave and > looking on some sources in the blog at gnupg.org I think I can do > it. Groff was more challenging in the past :-) You can always use the quick and dirty solution:

Re: Fwd: RE: setting GnuPG card to 'not forces' does not let sign

On Thu, Jun 08, 2017 at 01:18:35PM +0200, Peter Lebbing wrote: > On 08/06/17 12:48, Matthias Apitz wrote: > > Every time I write to gnupg-users@gnupg.org I get this crap from a robot > > or from Sarah about dating. Can someone do anything that he/she/it is not > > triggered. > > Yes, same here. I

Re: Question for app developers, like Enigmail etc. - Identicons

On Sun, Jun 04, 2017 at 10:47:56PM +0200, Stefan Claas wrote: > > I'm not yet familar with the TOFU model, but if it helps to spot a > fake pub key imediately, in addition to the regular trust-model i > see no reason why not. That's pretty much exactly what it does. TOFU stands for Trust On

Re: Question for app developers, like Enigmail etc. - Identicons

On Sun, Jun 04, 2017 at 08:29:31PM +0200, Kristian Fiskerstrand wrote: > On 06/04/2017 11:21 AM, Stefan Claas wrote: > >> The reason why i ask, i started to use Thunderbird with Enigmail >> and Enigmail shows me always Untrusted Good Signature with a 32bit >> key ID, when i have not carefully

Re: Question for app developers, like Enigmail etc. - Identicons

On Sun, Jun 04, 2017 at 11:21:33AM +0200, Stefan Claas wrote: > Hi, > > i like to ask application developers if it's possible to implement, > in the future, identicons like for example Bitmessage has? > > https://github.com/jakobvarmose/go-qidenticon It's possible, but it's highly unlikely that

Re: PGP for official documents / eIDAS and ZertES

On Fri, Jun 02, 2017 at 09:39:51PM +0200, Werner Koch wrote: > On Wed, 31 May 2017 19:34, ankos...@gmail.com said: > > | >>I have some questions related to XML-Dsig: > | > > | >Argghh!! Run away! > | > | A near-universal reaction. > > XML crypto can be summarized as >

Re: scdaemon coredumps

On Tue, May 30, 2017 at 09:27:30PM -0400, Daniel Kahn Gillmor wrote: > On Wed 2017-05-31 10:02:16 +1000, Ben McGinnes wrote: >> It is pretty standard (and IIRC part of the SMTP RFCs) that the >> forward and reverse DNS records must match. The PTR record does not >> have

Re: scdaemon coredumps

On Tue, May 30, 2017 at 06:48:04PM -0400, Daniel Kahn Gillmor wrote: > > On Tue 2017-05-30 15:09:18 +0300, Yuriy M. Kaminskiy wrote: >> >>> SMTP error from remote mail server after RCPT >>> TO:: host kerckhoffs.g10code.com >> >>> [217.69.77.222]: 550 Reverse DNS lookup

Re: Unicode and --with-colons

On Sat, Apr 01, 2017 at 04:57:04AM -0400, Robert J. Hansen wrote: > C:\Users\Robert J. Hansen\Desktop> gpg --fixed-list-mode --with-colons > --list-key 0x3ADBFA6D00A1E6FE > > = > [... trimmed ...] > uid:-1436536488::100E4A12486A5261E374B3B0CA16CF0516F4367C::Ludwig > Hügelschäfer

Re: Confusion about a statement in the FAQ

On Sat, Sep 10, 2016 at 07:36:27PM -0400, Robert J. Hansen wrote: > > Hmm, OK that's kind of what I thought. But I'm still a little > > confused. Doesn't the email server have to support it? > > No. > > > Or would the "to" be one of those things not encrypted? > > Headers that are strictly

Re: Decryption with suppressed key ID (--throw-keyids) different in 2.1

On Mon, Aug 29, 2016 at 08:01:23AM +0200, Werner Koch wrote: > On Mon, 29 Aug 2016 04:25, c...@nymph.paranoici.org said: > >>>No, this would be a bug. >> >> I get an error 0x02 in return: > > This is a regression in 2.1.14. Workaround is to either set > --default-key or --try-secret-key. Patch

Re: Attacks on encrypted communicxatiopn rising in Europe

On Wed, Aug 24, 2016 at 10:37:35AM -0400, Robert J. Hansen wrote: >> >> P.S. We may be in the Second Crypto Wars, but the genie is out of >> the bottle, so that sense of "oh noes, the governments is >> coming for my cryptoes" just isn't there so much. > > Yeah, which is why I find

Re: Attacks on encrypted communicxatiopn rising in Europe

On Wed, Aug 24, 2016 at 08:41:33AM +0200, Werner Koch wrote: > On Tue, 23 Aug 2016 21:37, joh...@vulcan.xs4all.nl said: > > > (German), the German and French government are attacking the right to > > encrypt communication of their serfs. Also because of their violent > > Despite their common

Re: SOLVED (was: Re: strange error message, how to delete key 0x00000000)

On Sat, Aug 20, 2016 at 06:05:17PM +0200, Gregor Zattler wrote: > Hi Ben, > * Ben McGinnes <b...@adversary.org> [20. Aug. 2016]: >> On Fri, Aug 19, 2016 at 09:16:47PM +0200, Gregor Zattler wrote: >> >> You may have had them in the past and the en

Re: strange error message, how to delete key

On Fri, Aug 19, 2016 at 09:16:47PM +0200, Gregor Zattler wrote: > > Thanks for your answer but in my case this seems not to be the > cause: I did a > > gpg --list-public-keys |sed -e "s/ //g"|grep 000 > > and > > gpg --fingerprint --list-public-keys |sed -e "s/ //g"|grep 000 > > and there

Re: strange error message, how to delete key

On Thu, Aug 18, 2016 at 11:51:55PM +0200, Gregor Zattler wrote: > Dear gnupg users/developers, > > I get strange errormessages when listing keys, e.g.: > > $ gpg --list-key doesnotexist > gpg: Oops: keyid_from_fingerprint: no pubkey > gpg: Oops: keyid_from_fingerprint: no pubkey > gpg: key

Re: Decryption failed: No secret key found (Please help !)

On Thu, Aug 18, 2016 at 06:22:39AM +, Hariharan Shweta wrote: > Hi Team, > > > > We have setup the entire GnuPG software along with the keys in our > Linux server. We are able to encrypt our message and send it to our > vendor. even our vendor is able to decrypt it at their end. But we >

Re: gpg.conf recommendations (FAQ improvement) was: GnuPG 1.4.19 - Encryption Questions

On Wed, Aug 17, 2016 at 05:32:03PM +0200, Kristian Fiskerstrand wrote: > On 08/17/2016 05:04 PM, Bernhard Reiter wrote: > > Am Mittwoch, 17. August 2016 16:53:57 schrieb Werner Koch: > >> FWIW, I really wonder why people seem to use the keyid to check keys. > > > > It is not done to check keys,

Re: Installing gnupg

On Fri, Jun 10, 2016 at 02:44:49PM +0200, Werner Koch wrote: > On Fri, 10 Jun 2016 11:38, b...@adversary.org said: > >> bash-4.3$ port search gnupg2 >> gnupg2 @2.0.29 (mail, security) >> GNU pretty-good-privacy package > > I am a bit disapointed to read this name. GnuPG is the GNU Privacy >

Re: Installing gnupg

On Thu, Jun 09, 2016 at 11:11:13AM -0400, Robert J. Hansen wrote: > > I have OSX El Capitan. > > GPGOSX provides a newer version of GnuPG than GPGTools does: > > https://sourceforge.net/projects/gpgosx/ MacPorts usually stays reasonably up to date: bash-4.3$ port search gnupg2 gnupg2 @2.0.29

Re: GNUPG Issues.

On Thu, May 05, 2016 at 04:39:30AM +, Mrityunjay Kumar03 wrote: > Hi Team, > > On my application server GPG 1.2.1 is being used. Recently the keys > expired on the server. [SNIP] > Could anyone please help. As Robert said, nope, but this made my day ... and here's why ... > Server version

Re: Top-posting

On Thu, Apr 28, 2016 at 11:26:52AM +0200, Matthias Apitz wrote: > El día Thursday, April 28, 2016 a las 11:02:30AM +0200, Paolo Bolzoni > escribió: > >> When you follow an email thread you do not read everything, you >> just read the new email and it makes little difference if it is in >> the

Re: Verification via the web of trust

On Tue, Mar 22, 2016 at 06:43:20PM +, Andrew Gallagher wrote: > On 22/03/16 18:30, Peter Lebbing wrote: > > On 22/03/16 19:14, Andrew Gallagher wrote: > >> All this is true. But this does not help *me* one iota. > > > > It sounds to me like you're not looking for the Web of Trust, which is >

Re: EasyGnuPG

On Fri, Mar 25, 2016 at 04:37:59AM -0400, Robert J. Hansen wrote: > > And that doesn't even get into the issues involved with selecting a > > format for producing the documentation in. Consider the following: > > Preach it, Brother Ben. :-D > And it's not just about formats, it's also about

Re: EasyGnuPG

On Tue, Mar 22, 2016 at 10:56:27PM +, Andrew Gallagher wrote: > > IMHO the only thing to do with E-usage primary keys is revoke them > and start again from scratch. The only reason they are even still > allowed in GPG is for backwards compatibility, right...? Right. Primary keys MUST be

Re: EasyGnuPG

On Tue, Mar 22, 2016 at 10:21:31PM +0100, Peter Lebbing wrote: > On 22/03/16 20:53, Dashamir Hoxha wrote: > > > the docs are like a maze and not clearly structured > > A reasonably fair criticism... writing good documentation is hard, > very hard. In fact, it turned out to be easier to write

Re: EasyGnuPG

On Tue, Mar 22, 2016 at 04:29:42PM +0100, Werner Koch wrote: > On Tue, 22 Mar 2016 15:41, b...@adversary.org said: > > > provides a socket interface with which you can interact with > > portions of the GPGME functions, including most of the most common > > functions. > > FWIW: We even consider

Re: A better interface to the GnuPG-Framework (Re: EasyGnuPG)

On Tue, Mar 22, 2016 at 03:45:09PM +0100, Bernhard Reiter wrote: > On Tuesday 22 March 2016 at 15:14:41, Ben McGinnes wrote: > > You know what might, though, if someone were to take up the old GPA > > project perhaps ... maybe port it to GTK 3 or implement a Qt version. > >

Re: EasyGnuPG

On Tue, Mar 22, 2016 at 11:20:40AM +0100, Dashamir Hoxha wrote: > On Tue, Mar 22, 2016 at 9:56 AM, Bernhard Reiter > wrote: > > > > Any cross plattform approach would work. Python has the advantage > > that the source code can be changed by an editor an immedeately run > >

Re: EasyGnuPG

On Mon, Mar 21, 2016 at 06:38:31PM +0100, Peter Lebbing wrote: > On 21/03/16 16:49, Dashamir Hoxha wrote: > > Yes, but the overall number of commands and options supported > > is 10 times smaller than those of gpg2. Tutorials about egpg are also > > much shorter. > > These things can simply be

Re: EasyGnuPG

conf file anyway, they normally only need to be set once. Sometimes toggled back and forth (e.g. with --expert), but mostly it's set once and leave it that way (e.g. enable-large-rsa, enable-dsa2, allow-freeform-uid, etc.). Regards, Ben -- | Ben McGinnes | Adversarial Press | Twitter:

Re: Where is /usr/local/gnupg-2.1?

On Mon, Mar 21, 2016 at 11:31:56PM -0400, Robert J. Hansen wrote: > > There are two other possible explanations: MacPorts (see macports.org) > > and Home Brew. > > And Fink, and... etc. However, I'm omitting the ... let's call them > "comprehensive" solutions that allow you to install all manner

Re: Where is /usr/local/gnupg-2.1?

On Mon, Mar 21, 2016 at 06:39:33PM -0400, Robert J. Hansen wrote: > Edgar reached out to me earlier, and I directed him here to this list in > the hopes that someone with more clue than me would be able to help. > > Edgar, I'm not particularly up on GPG for OS X. However: > > > So, I went to

Re: OPENPGP URI PROPOSAL

On 22/05/2015 5:21 am, Daniel Kahn Gillmor wrote: On Thu 2015-05-21 11:59:07 -0400, mofo syne wrote: You might see a few copies around. This one is edited and streamlined with some advice from Hasimir to help keep this proposal focused. This is mirrored in here

Re: gpg-agent override to import secret keys in 2.1

On 22/05/2015 5:14 pm, Werner Koch wrote: On Thu, 21 May 2015 21:52, b...@adversary.org said: Does anyone know whether or not there is an override command or option to force -agent to read/import secret keys after the initial migration to version 2.1? If you want to migrate the keys

Re: [Enigmail] Popescu and keys

On 22/05/2015 5:00 pm, Werner Koch wrote: On Thu, 21 May 2015 23:58, b...@adversary.org said: Is it possible that a keyserver running the old, buggy PKS code (v. 0.9.something) mangled these keys? Yes, but that won't explain why the key binding signature is valid. Okay, there's clearly

Re: [Enigmail] Popescu and keys

On 22/05/2015 5:37 am, Werner Koch wrote: These are all encryption subkeys. The third key is the one from H. Peter Anvin. I have not found one of the fingerprints given in the said blog posting: gpg removed it while importing the key. It is a bit disturbing that the other subkey listed

gpg-agent override to import secret keys in 2.1

Hello, Does anyone know whether or not there is an override command or option to force -agent to read/import secret keys after the initial migration to version 2.1? The basic scenario here is a primary workstation which the initial migration was performed on and a subsequent

Re: OPENPGP URI PROPOSAL

On 22/05/2015 1:59 am, mofo syne wrote: You might see a few copies around. This one is edited and streamlined with some advice from Hasimir to help keep this proposal focused. For the benefit of the rest of the list, Hasimir is my IRC handle on freenode and a few other places. An /ns info

Re: GnuPG 2.1.3 Fails to Compile OS X

On 22/04/2015 5:22 pm, Werner Koch wrote: On Sat, 18 Apr 2015 21:35, b...@adversary.org said: e...@quot.po:54: 'msgid' and 'msgstr' entries do not both end with '\n' e...@quot.po:58: 'msgid' and 'msgstr' entries do not both end with '\n' but no need to paste them all in); obviously the

Re: GnuPG 2.1.3 Fails to Compile OS X

On 23/04/2015 11:39 am, NIIBE Yutaka wrote: On 04/22/2015 04:22 PM, Werner Koch wrote: On Sat, 18 Apr 2015 21:35, b...@adversary.org said: e...@quot.po:54: 'msgid' and 'msgstr' entries do not both end with '\n' e...@quot.po:58: 'msgid' and 'msgstr' entries do not both end with '\n' but no

Re: GnuPG 2.1.3 Fails to Compile OS X

On 13/04/2015 5:59 pm, Werner Koch wrote: On Sun, 12 Apr 2015 00:29, dominyktil...@gmail.com said: = t-stringhelp.c:488:3: error: function definition is not allowed here { ^ Oh sorry, I didn't spotted the use of a nested

Re: Making the case for smart cards for the average user

On 8/04/2015 12:41 am, MFPA wrote: allowing them to drop the standard format of name em...@example.net and then they're shocked that doing so might produce unintended consequences? Don't know about shocked, but unintended consequences for a non-standard UID scheme was indeed the issue.

Re: Making the case for smart cards for the average user

On 8/04/2015 12:04 am, MFPA wrote: On Tuesday 7 April 2015 at 2:14:55 PM, in mid:87y4m43ws0@alice.fifthhorseman.net, Daniel Kahn Gillmor wrote: We know how to structure a proper name-addr and an addr-spec, and it's not difficult. If you want an e-mail address to be recognizable to

Re: Making the case for smart cards for the average user

On 7/04/2015 5:56 am, Peter Lebbing wrote: On 06/04/15 18:04, Ben McGinnes wrote: or enclose all GPG key UIDs in quotation marks in order to mitigate that (a feature request for The Bat!). I think that would be quite an exploitable bug, passing UIDs to be parsed by a shell... I hope

Re: gnupg preferences

On 3/04/2015 1:14 am, Robert Deroy wrote: Good Morning, I send you this letter because maybe you can help me about somethings, i know that my english is not perfect at all.. Is it possible to remake an original gpgconf file ? There should be a sample gpg.conf file installed to a

Re: Making the case for smart cards for the average user

to make it clearer. Obviously you all know how to see those addresses. bash4-4.3$ gpg -k ben.mcgin...@pirate.org.au pub rsa4096/0x321E4E2373590E5D 2012-07-28 uid [ultimate] Ben McGinnes b...@adversary.org uid [ultimate] Ben McGinnes ben.mcgin...@pirate.org.au sub

Re: One alternative to SMTP for email: Confidant Mail

On 30/03/2015 8:28 am, Mike Ingle wrote: Why should the user need to delete one, rather than just be told there were two and the one with such-and-such a fingerprint (or the one highlighted) signed this message? If it is just a string in a key UID rather than a functional email address, it

Re: One alternative to SMTP for email: Confidant Mail

On 24/03/2015 2:27 pm, Mike Ingle wrote: There has been some discussion on gnupg-users about replacing SMTP for secure email, and how BitMessage does not scale. There is an open source non-SMTP email system called Confidant Mail, which is based on GnuPG and hash table storage. The protocol

SOLUTION: GPG 2.1.x not compiling on OS X (any version)

Hello, A while back, when 2.1.0 was released I and many others encountered a most annoying error when compiling or attempting to compile both pinentry and GnuPG itself. It was a linker error where x86_64 architecture was not recognised. Online searches led to similar problems affecting

Re: [Announce] The maybe final Beta for GnuPG 2.1

On 9/10/2014 12:48 am, Werner Koch wrote: On Sun, 5 Oct 2014 09:13, b...@adversary.org said: Now since the configure script for pinentry is about 13,000 lines That is generated. The actual configure.ac script is 565 lines. I do not understand you remarks about libc++ - is that required

Re: How do I see what algorithm is used for a signature

On 9/10/2014 5:20 pm, Robert J. Hansen wrote: On 10/9/2014 12:54 AM, Doug Barton wrote: I'm sure there is a way to determine what algorithm a signature was created with... gpg2 --fixed-list-mode --with-colons --list-key [keyID] Once you learn how to read that output, you get a *ton* of

Re: [Announce] The maybe final Beta for GnuPG 2.1

On 9/10/2014 12:48 am, Werner Koch wrote: On Sun, 5 Oct 2014 09:13, b...@adversary.org said: Now since the configure script for pinentry is about 13,000 lines That is generated. The actual configure.ac script is 565 lines. I do not understand you remarks about libc++ - is that required

Re: [Announce] The maybe final Beta for GnuPG 2.1

On 4/10/2014 12:35 am, Werner Koch wrote: Hello! I just released another *beta* version of GnuPG *2.1*. It has been released to give you the opportunity to check out new features and to help fixing bugs. I'm most of the way through a test compile (in /opt/local) on OS X 10.9 (64-bit)

Re: a bit OT: pgpdump binaries?

On 9/05/14 6:34 PM, Josef Schneider wrote: Hi, something strange happened in my mail client so the signature of the last message was invalid! I'm sure we've all had that happen at some point. Anyway, thanks, I'm sure Faramir will appreciate these and I can probably think of a few other

Re: a bit OT: pgpdump binaries?

On 9/05/14 1:00 PM, Faramir wrote: Hello, I hope this is not much off-topic. I was looking for pgpdump binaries, and the one I have is for version 0.20, I downloaded it on september 2011. But in the website, the current version is 0.28, from june 2013. Does somebody know where I can get

Re: Managing Subkeys for Professional and Personal UIDs

On 3/05/14 11:32 AM, Robert J. Hansen wrote: Seems perfectly reasonable for me for the company to issue a signature on a purchase order using your *corporate-owned*, *corporate-controlled* certificate, which was always issued for the needs of the corporation. Just because a certificate

Re: Quotes from GPG users

On 6/11/13 2:40 AM, Sam Tuke wrote: Feel free to use any of my public comments on the topic, either on my blog or on Twitter. Those are great resources I hadn't seen before, thanks for the links! What do you think about these two? I had a hard time finding quotes from your articles that

Re: Quotes from GPG users

/news/2011-08-19/lnp-candidate-expelled-over-email/2847428 If you make a hashtag for this topic, let me know so I can point my fellow Pirates at it all. We've got some very good people on our social media team. Regards, Ben - -- Ben McGinnes http://www.adversary.org/ Twitter: benmcginnes

Re: Quotes from GPG users

On 30/10/13 9:58 PM, Sam Tuke wrote: Hi all, I'm working with Werner to promote GnuPG and raise awareness. To that end we're collecting quotes from users - endorsements from people who know and trust GPG, people like you. If you want to help us, send your own statement about why GPG is

Re: cant open public keyring file

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 5/09/13 3:05 PM, Matt D wrote: my open pgp wont work. i cant get keys. using ubuntu 12.10. latest version of gpg. OpenPGP Security Info Unverified signature gpg command line and output: gpg gpg: Signature made Wed 14 Aug 2013

Re: Issue with --sign option

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 18/08/13 1:04 PM, Tiwari, Ashish wrote: Still not working. Saying Inavlid OPtion -sign. Yes, it's supposed to be: --sign --encrypt [the rest of the command] Regards, Ben -BEGIN PGP SIGNATURE-

Re: PGP for zLinux [full info]

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 4/03/13 9:17 AM, Werner Koch wrote: On Sat, 2 Mar 2013 08:16, b...@adversary.org said: list. Since you have already received one reply to all from Werner, this has already happened. I apologize for having being tricked to do a drive by

Re: Any value to duplicate signatures?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2/03/13 7:14 PM, Doug Barton wrote: I am pretty sure the answer to this question is no, but I thought I'd ask just in case. I've attended a conference for the last 2 years where there was a PGP key signing. Several of the people who signed

Re: Any value to duplicate signatures?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2/03/13 8:51 PM, Doug Barton wrote: On 03/02/2013 01:20 AM, Ben McGinnes wrote: I can think of two reasons why there may be some value in including the second signatures. The first being if you have added a new UID to your key and the new

Re: PGP for zLinux [full info]

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2/03/13 3:04 AM, gcal...@br.ibm.com wrote: Hello, I have sent an email earlier requesting information about the best PGP version to install in a zLinux server. Please don't attempt to post to gnupg-annou...@gnupg.org. While your messages

Re: [NOOB] Export subkey

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 28/08/12 1:17 AM, Arthur Rance wrote: Hello, I'm a noob and I'm going to export a subkey : $ gpg --list-keys pub 2048R/12345678 2010-01-01 uid Arthur Rance arthur_ra...@noob.com sub 2048R/90123456 2010-01-01 sub

  1   2   3   >