On Sun, Feb 10, 2019 at 03:36:05PM +0100, André Ockers wrote:
> Hi Peter,
>
> Thank you very much.
>
>
> Op 09-02-19 om 12:48 schreef Peter Lebbing:
> > Hello André,
> >
> > On 09/02/2019 09:06, André Ockers wrote:
> >> - 171 official keysigning party participants, of who 107 showed up to my
>
On Tue, Jun 05, 2018 at 05:17:10PM -0400, Phil Pennock wrote:
>
> Shell 1:
> $ docker-machine ssh default -R
> /var/run/pdp.gnupg:$HOME/.gnupg/S.gpg-agent.extra
> [ leave this window open, this is your login on the VM; when this
> closes, you stop forwarding GnuPG's socket ]
A suggestion: for
On Tue, May 22, 2018 at 05:47:43AM -0400, Robert J. Hansen wrote:
> > Get real. These people are long-time GnuPG users and now you want to
> > throw them under the bus because... well, because you prefer it that
> > way.
>
> 1.4 was deprecated the instant 2.0 was released. After much pushback it
On Wed, May 23, 2018 at 01:22:41AM +0200, Leo Gaspard via Gnupg-users wrote:
> On 05/22/2018 11:48 PM, Dennis Clarke wrote:
> > On 05/22/2018 05:38 PM, Dan Kegel wrote:
> >> Lessee...
> >> https://en.wikipedia.org/wiki/GNU_Privacy_Guard
> >> already give an end-of-life date for 2.0, but none for
On Mon, May 21, 2018 at 11:19:18AM -1100, Mirimir wrote:
> On 05/21/2018 02:31 AM, Ben McGinnes wrote:
>>
>> https://ssd.eff.org/en/blog/pgp-and-efail-frequently-asked-questions
>>
>> “What if I keep getting PGP emails?
>>
>> You can decrypt these ema
On Wed, May 23, 2018 at 12:15:58AM +0200, Steffen Nurpmeso wrote:
>
> I only use v1.4, and i will never never never never use anything
> newer because that is very large and consists of an immense amount
> of components that i really do not need. I receive keys via hkps://
> and sign, verify,
On Tue, May 22, 2018 at 02:19:37AM +0100, Mark Rousell wrote:
> On 21/05/2018 13:34, Ben McGinnes wrote:
>
>> I agree with most of the article and largely with the need to break
>> compatibility to an ancient flawed design. Particularly since we
>> still have a means of
On Mon, May 21, 2018 at 08:51:17AM -0400, Robert J. Hansen wrote:
>> That being the *incredibly* unhelpful and likely actively harmful
>> recommendation to remove encryption and decryption functionality from
>> vulnerable MUAs.
>
> I blame the EFF for that more than I blame the Efail developers.
On Sun, May 20, 2018 at 01:43:07PM -1100, Mirimir wrote:
> On 05/19/2018 11:44 PM, Aleksandar Lazic wrote:
>>
>> I do not want to create a conspiracy theory but it's wiggy that
>> EFF favors *NO* security ,pgp or s/mime, instead to fix the current
>> possibilities and promote signal.
>
> I read
On Sun, May 20, 2018 at 02:26:47AM -0400, Robert J. Hansen wrote:
> Writing just for myself -- not for GnuPG and not for Enigmail and
> definitely not for my employer -- I put together a postmortem on Efail.
> You may find it worth reading. You may also not. Your mileage will
> probably vary.
On Wed, May 16, 2018 at 10:54:52AM -0400, Randy Trinh wrote:
> Hi everyone,
>
> I'm fairly new to GnuPG and GPGME in general and I'm currently
Firstly, kudos for going straight to GPGME instead of wrapping the GPG
binary.
> trying to implement a process in which a file is uploaded from a
>
On Fri, Mar 09, 2018 at 04:55:14PM -0800, Ian Holmes wrote:
> Hi,
>
> I'm using gpg on macOS High Sierra, installed via homebrew. I have a file
> that is CAST5 encrypted. When I try to decrypt it using my previous
> homebrew version of gpg (gpg 2.0.30, libgcrypt 1.7.6), I type 'gpg
> --decrypt
On Wed, Mar 07, 2018 at 12:36:24AM +0900, Matt wrote:
> All problems disappeared with latest source. So everything is ok :)
> Thank you once again
Excellent. Some of the issues you raised (like oddness in test
output/behaviour) had already been picked up and fixed, as you no
doubt saw. Not
On Mon, Mar 05, 2018 at 01:24:28PM +0100, Werner Koch wrote:
>
> gpg searches for its configurarion file in this order (I use 1.4.23 as
> example):
>
> gpg.conf-1.4.23
> gpg.conf-1.4
> gpg.conf-1
> gpg.conf
>
> The first existing one is used. This allows to have separate
>
On Sun, Mar 04, 2018 at 02:50:52AM +0900, Matt wrote:
> Hi,
>
> I've been trying to package gpgme python bindings for nixos
> (www.nixos.org) since it's a dependency of the mail reader I use
> (alot) but I haven't succeeded yet.
Okay.
With GPGME as a dependency ... Claws or Mutt/Neomutt?
> I
On Fri, Mar 02, 2018 at 11:43:26PM -0500, Robert J. Hansen wrote:
> I'm taking a new job with IronNet Cybersecurity,
Congratulations. :-)
> which is run by former Director of the National Security Agency
> Keith Alexander. My work will not overlap with GnuPG in any way.
Well, that trumps my
On Wed, Feb 28, 2018 at 03:02:58PM +0100, Werner Koch wrote:
> On Wed, 21 Feb 2018 07:27, b...@adversary.org said:
>
> >> No, there is no way to configure an extra hack to also test a passphrase
> >> for an ssh key.
> >
> > Wanna bet?
>
> Oh no, I don't want to promote create solutions of our
On Thu, Feb 22, 2018 at 08:09:31AM -0800, Dan Kegel wrote:
>
> https://www.open-scap.org/download/ shows they provide an
> open source tool which is in repositories for four redhat-ish distros and
> two debian-ish distros; on Ubuntu, I was able to walk down the
> path of using it a bit, looks a
On Wed, Feb 21, 2018 at 07:36:08AM -0800, Dan Kegel wrote:
> On Tue, Feb 20, 2018 at 10:16 PM, Ben McGinnes <b...@adversary.org> wrote:
>>
>> Because these two lines explain *precisely* why you need something
>> like RHEL or CentOS (certified systems to go with the
On Wed, Feb 21, 2018 at 09:59:01AM -0500, Konstantin Ryabitsev wrote:
> Hi, all:
>
> I've been maintaining the kernel.org web of trust for the past 5+ years,
> and I wrote a number of tools to help me visualize trust paths between
> fully trusted keys and those belonging to newer developers.
>
>
On Tue, Feb 13, 2018 at 04:55:19PM +0100, Werner Koch wrote:
> On Tue, 13 Feb 2018 15:03, ambre...@gmail.com said:
>
> > Thanks for the detailed answer. But why not doing it for SSH then?
>
> I like to see when an ssh key is used the first time. Note that the
> maximum caching time for ssh
On Sat, Feb 17, 2018 at 05:06:54PM -0600, helices wrote:
> I will probably never understand why wanting to run the most current
> version of gnupg on a plethora of servers is controversial.
>
> Nevertheless, the two (2) greatest reasons are:
>
>1. PCI DSS v3.2
>2. PCI DSS compliance
On Mon, Feb 19, 2018 at 10:45:52AM -0800, Daniel Kahn Gillmor wrote:
>
> How can GnuPG contribute to fixing this problem? The traditional way
> that many other projects have taken is to define their core programmatic
> functionality into a library with a strict interface guarantees, and
> have
On Fri, Feb 09, 2018 at 03:35:13PM +, Anna Kitces and Seth Fishman wrote:
> Hi
>
> I ran ./configure, make, make check and entered make install over an
> hour ago
That seems a bit long.
> the make check was clean
Cool.
> If I hit ctrl-C, how do I proceed?
>
> I am installing all the
On Mon, Feb 19, 2018 at 01:30:06PM +, Green, Ian wrote:
> Hi
> Firstly, my knowledge of GPG is very weak and I am not a UNIX administrator,
> so my access and knowledge are rather limited.
>
> I have been asked to set up file encryption / decryption of files
> transferred between our SUN OS
On Fri, Jan 05, 2018 at 08:47:29AM -0800, Lou Wynn wrote:
> On 01/04/2018 02:28 PM, Ben McGinnes wrote:
> > It seems to me, though, that the idea was to provide a means for the
> > company to repudiate an employee's key even if the employee was no
> > longer available.
On Thu, Feb 15, 2018 at 10:36:28AM +0800, Genghuang Wang wrote:
> Hello, everybody as the Gnupg user
Well, Robert made an excellent point in his response and, indeed, it
is a point of view I share.
However, I felt in need of a laugh, so I at least had a look at this
thing and I certainly did get
On Wed, Jan 03, 2018 at 05:34:30PM -0800, Lou Wynn wrote:
>
> The management of users' private key is a little more complicated. I
> use two levels of protection. One level is at the organization. An
> organization actually has a fourth key, which I call the guard key,
> to encrypt the password
On Thu, Jan 04, 2018 at 12:40:59AM +, MFPA wrote:
>
> For example, my ISP [0] says "All staff keys are signed using the
> company signing key. This is very much like a traditional company
> seal. Only the director has access to this key and it is only used
> for signing other keys. If/when a
On Thu, Dec 28, 2017 at 05:49:58PM -0500, Leo Famulari wrote:
> Hello,
>
> I'm working on downstream packaging of GPGME and GPGME's Python
> language bindings for GNU Guix. [0]
Cool.
> Because it was easier, we began packaging the GPGME Python bindings
> based on the PyPi release [1] of version
On Tue, Oct 10, 2017 at 02:06:17AM +, Robert J. Hansen wrote:
> A request has been made that each instance of "Linux" in the FAQ be
> replaced with "GNU/Linux".
Oh ... say hi to RMS from us. ;)
> I'm not inclined to make this change. However, in order to make
> sure that the FAQ reflects
On Tue, Oct 10, 2017 at 08:40:38AM +, ankostis wrote:
> But it doesn't have to be XML!
> Besides ETSI, the european organization implementing eIDAS has 3 "standards"
> (e.g. [1]):
> XADES(XML), PADES (pdf), CADES - the last one doubting if it has any
> modern use.
>
> Why not push them for a
On Thu, Oct 05, 2017 at 07:19:10AM +, Werner Koch wrote:
> On Wed, 4 Oct 2017 22:29, r...@sixdemonbag.org said:
>
>> Twofish became part of the suite of ciphers with PGP 7, and GnuPG
>> had to
>
> Back in 1998/1999 we were keen to have a 128 bit block cipher in
> OpenPGP. The PGP folks and
On Sun, Sep 24, 2017 at 05:55:28PM +, Matthias Apitz wrote:
>
> I'm not on Emacs, but vim. But, with the example you gave and
> looking on some sources in the blog at gnupg.org I think I can do
> it. Groff was more challenging in the past :-)
You can always use the quick and dirty solution:
On Thu, Jun 08, 2017 at 01:18:35PM +0200, Peter Lebbing wrote:
> On 08/06/17 12:48, Matthias Apitz wrote:
> > Every time I write to gnupg-users@gnupg.org I get this crap from a robot
> > or from Sarah about dating. Can someone do anything that he/she/it is not
> > triggered.
>
> Yes, same here. I
On Sun, Jun 04, 2017 at 10:47:56PM +0200, Stefan Claas wrote:
>
> I'm not yet familar with the TOFU model, but if it helps to spot a
> fake pub key imediately, in addition to the regular trust-model i
> see no reason why not.
That's pretty much exactly what it does.
TOFU stands for Trust On
On Sun, Jun 04, 2017 at 08:29:31PM +0200, Kristian Fiskerstrand wrote:
> On 06/04/2017 11:21 AM, Stefan Claas wrote:
>
>> The reason why i ask, i started to use Thunderbird with Enigmail
>> and Enigmail shows me always Untrusted Good Signature with a 32bit
>> key ID, when i have not carefully
On Sun, Jun 04, 2017 at 11:21:33AM +0200, Stefan Claas wrote:
> Hi,
>
> i like to ask application developers if it's possible to implement,
> in the future, identicons like for example Bitmessage has?
>
> https://github.com/jakobvarmose/go-qidenticon
It's possible, but it's highly unlikely that
On Fri, Jun 02, 2017 at 09:39:51PM +0200, Werner Koch wrote:
> On Wed, 31 May 2017 19:34, ankos...@gmail.com said:
>
> | >>I have some questions related to XML-Dsig:
> | >
> | >Argghh!! Run away!
> |
> | A near-universal reaction.
>
> XML crypto can be summarized as
>
On Tue, May 30, 2017 at 09:27:30PM -0400, Daniel Kahn Gillmor wrote:
> On Wed 2017-05-31 10:02:16 +1000, Ben McGinnes wrote:
>> It is pretty standard (and IIRC part of the SMTP RFCs) that the
>> forward and reverse DNS records must match. The PTR record does not
>> have
On Tue, May 30, 2017 at 06:48:04PM -0400, Daniel Kahn Gillmor wrote:
>
> On Tue 2017-05-30 15:09:18 +0300, Yuriy M. Kaminskiy wrote:
>>
>>> SMTP error from remote mail server after RCPT
>>> TO:: host kerckhoffs.g10code.com >>
>>> [217.69.77.222]: 550 Reverse DNS lookup
On Sat, Apr 01, 2017 at 04:57:04AM -0400, Robert J. Hansen wrote:
> C:\Users\Robert J. Hansen\Desktop> gpg --fixed-list-mode --with-colons
> --list-key 0x3ADBFA6D00A1E6FE
>
> =
> [... trimmed ...]
> uid:-1436536488::100E4A12486A5261E374B3B0CA16CF0516F4367C::Ludwig
> Hügelschäfer
On Sat, Sep 10, 2016 at 07:36:27PM -0400, Robert J. Hansen wrote:
> > Hmm, OK that's kind of what I thought. But I'm still a little
> > confused. Doesn't the email server have to support it?
>
> No.
>
> > Or would the "to" be one of those things not encrypted?
>
> Headers that are strictly
On Mon, Aug 29, 2016 at 08:01:23AM +0200, Werner Koch wrote:
> On Mon, 29 Aug 2016 04:25, c...@nymph.paranoici.org said:
>
>>>No, this would be a bug.
>>
>> I get an error 0x02 in return:
>
> This is a regression in 2.1.14. Workaround is to either set
> --default-key or --try-secret-key. Patch
On Wed, Aug 24, 2016 at 10:37:35AM -0400, Robert J. Hansen wrote:
>>
>> P.S. We may be in the Second Crypto Wars, but the genie is out of
>> the bottle, so that sense of "oh noes, the governments is
>> coming for my cryptoes" just isn't there so much.
>
> Yeah, which is why I find
On Wed, Aug 24, 2016 at 08:41:33AM +0200, Werner Koch wrote:
> On Tue, 23 Aug 2016 21:37, joh...@vulcan.xs4all.nl said:
>
> > (German), the German and French government are attacking the right to
> > encrypt communication of their serfs. Also because of their violent
>
> Despite their common
On Sat, Aug 20, 2016 at 06:05:17PM +0200, Gregor Zattler wrote:
> Hi Ben,
> * Ben McGinnes <b...@adversary.org> [20. Aug. 2016]:
>> On Fri, Aug 19, 2016 at 09:16:47PM +0200, Gregor Zattler wrote:
>>
>> You may have had them in the past and the en
On Fri, Aug 19, 2016 at 09:16:47PM +0200, Gregor Zattler wrote:
>
> Thanks for your answer but in my case this seems not to be the
> cause: I did a
>
> gpg --list-public-keys |sed -e "s/ //g"|grep 000
>
> and
>
> gpg --fingerprint --list-public-keys |sed -e "s/ //g"|grep 000
>
> and there
On Thu, Aug 18, 2016 at 11:51:55PM +0200, Gregor Zattler wrote:
> Dear gnupg users/developers,
>
> I get strange errormessages when listing keys, e.g.:
>
> $ gpg --list-key doesnotexist
> gpg: Oops: keyid_from_fingerprint: no pubkey
> gpg: Oops: keyid_from_fingerprint: no pubkey
> gpg: key
On Thu, Aug 18, 2016 at 06:22:39AM +, Hariharan Shweta wrote:
> Hi Team,
>
>
>
> We have setup the entire GnuPG software along with the keys in our
> Linux server. We are able to encrypt our message and send it to our
> vendor. even our vendor is able to decrypt it at their end. But we
>
On Wed, Aug 17, 2016 at 05:32:03PM +0200, Kristian Fiskerstrand wrote:
> On 08/17/2016 05:04 PM, Bernhard Reiter wrote:
> > Am Mittwoch, 17. August 2016 16:53:57 schrieb Werner Koch:
> >> FWIW, I really wonder why people seem to use the keyid to check keys.
> >
> > It is not done to check keys,
On Fri, Jun 10, 2016 at 02:44:49PM +0200, Werner Koch wrote:
> On Fri, 10 Jun 2016 11:38, b...@adversary.org said:
>
>> bash-4.3$ port search gnupg2
>> gnupg2 @2.0.29 (mail, security)
>> GNU pretty-good-privacy package
>
> I am a bit disapointed to read this name. GnuPG is the GNU Privacy
>
On Thu, Jun 09, 2016 at 11:11:13AM -0400, Robert J. Hansen wrote:
> > I have OSX El Capitan.
>
> GPGOSX provides a newer version of GnuPG than GPGTools does:
>
> https://sourceforge.net/projects/gpgosx/
MacPorts usually stays reasonably up to date:
bash-4.3$ port search gnupg2
gnupg2 @2.0.29
On Thu, May 05, 2016 at 04:39:30AM +, Mrityunjay Kumar03 wrote:
> Hi Team,
>
> On my application server GPG 1.2.1 is being used. Recently the keys
> expired on the server.
[SNIP]
> Could anyone please help.
As Robert said, nope, but this made my day ... and here's why ...
> Server version
On Thu, Apr 28, 2016 at 11:26:52AM +0200, Matthias Apitz wrote:
> El día Thursday, April 28, 2016 a las 11:02:30AM +0200, Paolo Bolzoni
> escribió:
>
>> When you follow an email thread you do not read everything, you
>> just read the new email and it makes little difference if it is in
>> the
On Tue, Mar 22, 2016 at 06:43:20PM +, Andrew Gallagher wrote:
> On 22/03/16 18:30, Peter Lebbing wrote:
> > On 22/03/16 19:14, Andrew Gallagher wrote:
> >> All this is true. But this does not help *me* one iota.
> >
> > It sounds to me like you're not looking for the Web of Trust, which is
>
On Fri, Mar 25, 2016 at 04:37:59AM -0400, Robert J. Hansen wrote:
> > And that doesn't even get into the issues involved with selecting a
> > format for producing the documentation in. Consider the following:
>
> Preach it, Brother Ben.
:-D
> And it's not just about formats, it's also about
On Tue, Mar 22, 2016 at 10:56:27PM +, Andrew Gallagher wrote:
>
> IMHO the only thing to do with E-usage primary keys is revoke them
> and start again from scratch. The only reason they are even still
> allowed in GPG is for backwards compatibility, right...?
Right.
Primary keys MUST be
On Tue, Mar 22, 2016 at 10:21:31PM +0100, Peter Lebbing wrote:
> On 22/03/16 20:53, Dashamir Hoxha wrote:
>
> > the docs are like a maze and not clearly structured
>
> A reasonably fair criticism... writing good documentation is hard,
> very hard. In fact, it turned out to be easier to write
On Tue, Mar 22, 2016 at 04:29:42PM +0100, Werner Koch wrote:
> On Tue, 22 Mar 2016 15:41, b...@adversary.org said:
>
> > provides a socket interface with which you can interact with
> > portions of the GPGME functions, including most of the most common
> > functions.
>
> FWIW: We even consider
On Tue, Mar 22, 2016 at 03:45:09PM +0100, Bernhard Reiter wrote:
> On Tuesday 22 March 2016 at 15:14:41, Ben McGinnes wrote:
> > You know what might, though, if someone were to take up the old GPA
> > project perhaps ... maybe port it to GTK 3 or implement a Qt version.
>
>
On Tue, Mar 22, 2016 at 11:20:40AM +0100, Dashamir Hoxha wrote:
> On Tue, Mar 22, 2016 at 9:56 AM, Bernhard Reiter
> wrote:
> >
> > Any cross plattform approach would work. Python has the advantage
> > that the source code can be changed by an editor an immedeately run
> >
On Mon, Mar 21, 2016 at 06:38:31PM +0100, Peter Lebbing wrote:
> On 21/03/16 16:49, Dashamir Hoxha wrote:
> > Yes, but the overall number of commands and options supported
> > is 10 times smaller than those of gpg2. Tutorials about egpg are also
> > much shorter.
>
> These things can simply be
conf file anyway, they
normally only need to be set once. Sometimes toggled back and forth
(e.g. with --expert), but mostly it's set once and leave it that way
(e.g. enable-large-rsa, enable-dsa2, allow-freeform-uid, etc.).
Regards,
Ben
--
| Ben McGinnes | Adversarial Press | Twitter:
On Mon, Mar 21, 2016 at 11:31:56PM -0400, Robert J. Hansen wrote:
> > There are two other possible explanations: MacPorts (see macports.org)
> > and Home Brew.
>
> And Fink, and... etc. However, I'm omitting the ... let's call them
> "comprehensive" solutions that allow you to install all manner
On Mon, Mar 21, 2016 at 06:39:33PM -0400, Robert J. Hansen wrote:
> Edgar reached out to me earlier, and I directed him here to this list in
> the hopes that someone with more clue than me would be able to help.
>
> Edgar, I'm not particularly up on GPG for OS X. However:
>
> > So, I went to
On 22/05/2015 5:21 am, Daniel Kahn Gillmor wrote:
On Thu 2015-05-21 11:59:07 -0400, mofo syne wrote:
You might see a few copies around. This one is edited and streamlined with
some advice from Hasimir to help keep this proposal focused. This is
mirrored in here
On 22/05/2015 5:14 pm, Werner Koch wrote:
On Thu, 21 May 2015 21:52, b...@adversary.org said:
Does anyone know whether or not there is an override command
or option to force -agent to read/import secret keys after the initial
migration to version 2.1?
If you want to migrate the keys
On 22/05/2015 5:00 pm, Werner Koch wrote:
On Thu, 21 May 2015 23:58, b...@adversary.org said:
Is it possible that a keyserver running the old, buggy PKS code
(v. 0.9.something) mangled these keys?
Yes, but that won't explain why the key binding signature is valid.
Okay, there's clearly
On 22/05/2015 5:37 am, Werner Koch wrote:
These are all encryption subkeys. The third key is the one from
H. Peter Anvin. I have not found one of the fingerprints given in the
said blog posting: gpg removed it while importing the key. It is a bit
disturbing that the other subkey listed
Hello,
Does anyone know whether or not there is an override command
or option to force -agent to read/import secret keys after the initial
migration to version 2.1?
The basic scenario here is a primary workstation which the initial
migration was performed on and a subsequent
On 22/05/2015 1:59 am, mofo syne wrote:
You might see a few copies around. This one is edited and
streamlined with some advice from Hasimir to help keep this proposal
focused.
For the benefit of the rest of the list, Hasimir is my IRC handle on
freenode and a few other places. An /ns info
On 22/04/2015 5:22 pm, Werner Koch wrote:
On Sat, 18 Apr 2015 21:35, b...@adversary.org said:
e...@quot.po:54: 'msgid' and 'msgstr' entries do not both end with '\n'
e...@quot.po:58: 'msgid' and 'msgstr' entries do not both end with '\n'
but no need to paste them all in); obviously the
On 23/04/2015 11:39 am, NIIBE Yutaka wrote:
On 04/22/2015 04:22 PM, Werner Koch wrote:
On Sat, 18 Apr 2015 21:35, b...@adversary.org said:
e...@quot.po:54: 'msgid' and 'msgstr' entries do not both end with '\n'
e...@quot.po:58: 'msgid' and 'msgstr' entries do not both end with '\n'
but no
On 13/04/2015 5:59 pm, Werner Koch wrote:
On Sun, 12 Apr 2015 00:29, dominyktil...@gmail.com said:
=
t-stringhelp.c:488:3: error: function definition is not allowed here
{
^
Oh sorry, I didn't spotted the use of a nested
On 8/04/2015 12:41 am, MFPA wrote:
allowing them to drop the standard format of name
em...@example.net and then they're shocked that doing so might
produce unintended consequences?
Don't know about shocked, but unintended consequences for a
non-standard UID scheme was indeed the issue.
On 8/04/2015 12:04 am, MFPA wrote:
On Tuesday 7 April 2015 at 2:14:55 PM, in
mid:87y4m43ws0@alice.fifthhorseman.net, Daniel Kahn Gillmor
wrote:
We know how to structure a proper name-addr and an addr-spec, and
it's not difficult. If you want an e-mail address to be
recognizable to
On 7/04/2015 5:56 am, Peter Lebbing wrote:
On 06/04/15 18:04, Ben McGinnes wrote:
or enclose all GPG key UIDs in quotation marks in order to mitigate
that (a feature request for The Bat!).
I think that would be quite an exploitable bug, passing UIDs to be
parsed by a shell... I hope
On 3/04/2015 1:14 am, Robert Deroy wrote:
Good Morning,
I send you this letter because maybe you can help me about somethings,
i know that my english is not perfect at all..
Is it possible to remake an original gpgconf file ?
There should be a sample gpg.conf file installed to a
to make it clearer.
Obviously you all know how to see those addresses.
bash4-4.3$ gpg -k ben.mcgin...@pirate.org.au
pub rsa4096/0x321E4E2373590E5D 2012-07-28
uid [ultimate] Ben McGinnes b...@adversary.org
uid [ultimate] Ben McGinnes ben.mcgin...@pirate.org.au
sub
On 30/03/2015 8:28 am, Mike Ingle wrote:
Why should the user need to delete one, rather than just be told
there were two and the one with such-and-such a fingerprint (or the
one highlighted) signed this message? If it is just a string in a
key UID rather than a functional email address, it
On 24/03/2015 2:27 pm, Mike Ingle wrote:
There has been some discussion on gnupg-users about replacing SMTP for
secure email, and how BitMessage does not scale.
There is an open source non-SMTP email system called Confidant Mail,
which is based on GnuPG and hash table storage. The protocol
Hello,
A while back, when 2.1.0 was released I and many others
encountered a most annoying error when compiling or attempting to
compile both pinentry and GnuPG itself. It was a linker error where
x86_64 architecture was not recognised. Online searches led to
similar problems affecting
On 9/10/2014 12:48 am, Werner Koch wrote:
On Sun, 5 Oct 2014 09:13, b...@adversary.org said:
Now since the configure script for pinentry is about 13,000 lines
That is generated. The actual configure.ac script is 565 lines.
I do not understand you remarks about libc++ - is that required
On 9/10/2014 5:20 pm, Robert J. Hansen wrote:
On 10/9/2014 12:54 AM, Doug Barton wrote:
I'm sure there is a way to determine what algorithm a signature was
created with...
gpg2 --fixed-list-mode --with-colons --list-key [keyID]
Once you learn how to read that output, you get a *ton* of
On 9/10/2014 12:48 am, Werner Koch wrote:
On Sun, 5 Oct 2014 09:13, b...@adversary.org said:
Now since the configure script for pinentry is about 13,000 lines
That is generated. The actual configure.ac script is 565 lines.
I do not understand you remarks about libc++ - is that required
On 4/10/2014 12:35 am, Werner Koch wrote:
Hello!
I just released another *beta* version of GnuPG *2.1*. It has been
released to give you the opportunity to check out new features and to
help fixing bugs.
I'm most of the way through a test compile (in /opt/local) on OS X
10.9 (64-bit)
On 9/05/14 6:34 PM, Josef Schneider wrote:
Hi,
something strange happened in my mail client so the signature of the
last message was invalid!
I'm sure we've all had that happen at some point. Anyway, thanks, I'm
sure Faramir will appreciate these and I can probably think of a few
other
On 9/05/14 1:00 PM, Faramir wrote:
Hello,
I hope this is not much off-topic. I was looking for pgpdump
binaries, and the one I have is for version 0.20, I downloaded it on
september 2011. But in the website, the current version is 0.28,
from june 2013. Does somebody know where I can get
On 3/05/14 11:32 AM, Robert J. Hansen wrote:
Seems perfectly reasonable for me for the company to issue a
signature on a purchase order using your *corporate-owned*,
*corporate-controlled* certificate, which was always issued for the
needs of the corporation.
Just because a certificate
On 6/11/13 2:40 AM, Sam Tuke wrote:
Feel free to use any of my public comments on the topic, either on my
blog or on Twitter.
Those are great resources I hadn't seen before, thanks for the links!
What do you think about these two? I had a hard time finding quotes
from your articles that
/news/2011-08-19/lnp-candidate-expelled-over-email/2847428
If you make a hashtag for this topic, let me know so I can point my
fellow Pirates at it all. We've got some very good people on our
social media team.
Regards,
Ben
- --
Ben McGinnes http://www.adversary.org/ Twitter: benmcginnes
On 30/10/13 9:58 PM, Sam Tuke wrote:
Hi all,
I'm working with Werner to promote GnuPG and raise awareness. To
that end we're collecting quotes from users - endorsements from
people who know and trust GPG, people like you.
If you want to help us, send your own statement about why GPG is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 5/09/13 3:05 PM, Matt D wrote:
my open pgp wont work. i cant get keys. using ubuntu 12.10.
latest version of gpg.
OpenPGP Security Info
Unverified signature
gpg command line and output: gpg gpg: Signature made Wed 14 Aug
2013
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 18/08/13 1:04 PM, Tiwari, Ashish wrote:
Still not working.
Saying Inavlid OPtion -sign.
Yes, it's supposed to be: --sign --encrypt [the rest of the command]
Regards,
Ben
-BEGIN PGP SIGNATURE-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 4/03/13 9:17 AM, Werner Koch wrote:
On Sat, 2 Mar 2013 08:16, b...@adversary.org said:
list. Since you have already received one reply to all from
Werner, this has already happened.
I apologize for having being tricked to do a drive by
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2/03/13 7:14 PM, Doug Barton wrote:
I am pretty sure the answer to this question is no, but I
thought I'd ask just in case. I've attended a conference for the
last 2 years where there was a PGP key signing. Several of the
people who signed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2/03/13 8:51 PM, Doug Barton wrote:
On 03/02/2013 01:20 AM, Ben McGinnes wrote:
I can think of two reasons why there may be some value in
including the second signatures. The first being if you have
added a new UID to your key and the new
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2/03/13 3:04 AM, gcal...@br.ibm.com wrote:
Hello,
I have sent an email earlier requesting information about the best
PGP version to install in a zLinux server.
Please don't attempt to post to gnupg-annou...@gnupg.org. While your
messages
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 28/08/12 1:17 AM, Arthur Rance wrote:
Hello,
I'm a noob and I'm going to export a subkey :
$ gpg --list-keys
pub 2048R/12345678 2010-01-01 uid Arthur Rance
arthur_ra...@noob.com sub 2048R/90123456 2010-01-01 sub
1 - 100 of 218 matches
Mail list logo