On Aug 14, 2009, at 7:01 PM, Dominik George wrote:
Hi folks,
I would like to updatea signature on a key, that is, add a sig-
policy-url
and change the verification level (turn a normal sig into a sig3,
that is).
Is this possible? If yes, how?
It is not possible. What you need to do is
On Aug 19, 2009, at 9:28 AM, Kevin Hilton wrote:
Although I usually get a wide range of responses, is there any
practical advice an end-user should take away from the recent AES256
attacks as described
here:http://www.schneier.com/blog/archives/2009/07/another_new_aes.html?
Should I continue to
On Aug 24, 2009, at 6:28 PM, John Betz wrote:
I was hoping to get some help with decrypting an archived file. I am
using the following command:
echo “passphrase”| gpg --passphrase-fd 0 -o output.txt -d input.pgp
The output file is created with no problem, however, there is
garbage in
On Aug 26, 2009, at 9:38 AM, John Betz wrote:
David,
The file is a PowerArchiver file (containing multiple text files)
that was
encrypted using PGP.
I'm not sure if that file is legal according to the OpenPGP spec. It
depends on how it was packed together. If you can encrypt a sample
On Aug 27, 2009, at 10:36 AM, John Betz wrote:
I appreciate the offer David, but I don't have PowerArchiver so I
can't
create a sample input file. The file I am trying to decrypt is
coming from
another source so I would have to get them involved in order to
create a
sample archive file.
On Aug 27, 2009, at 6:03 PM, Joseph Oreste Bruni wrote:
Would it be considered a best practice to rotate encryption subkeys
on an annual basis, or would that be considered overkill for most
uses?
It depends on what you're trying to do. :)
I realize that messages are encrypted using
On Aug 28, 2009, at 2:37 AM, Faramir wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
David Shaw escribió:
...
Incidentally, there have been proposals to add forward security
extensions to OpenPGP. See http://www.apache-ssl.org/openpgp-pfs.txt
As a side note, I am not sure I like
On Aug 31, 2009, at 11:20 AM, Kevin Hilton wrote:
Although I understand the compression algorithms within gnupg are
specified by the OpenGPG standard, are there any grumblings regarding
the addition of the lzma compression scheme?
I've seen it mentioned once or twice, but not much more than
On Sep 2, 2009, at 12:47 AM, Joseph Oreste Bruni wrote:
I tried compiling 1.4.10rc1 on Mac OS X 10.6 without success.
10.6 ships with a newer version of the compiler toolchain that is
giving a few headaches here and there. Until we work out the issue,
just compile with --disable-asm.
On Sep 1, 2009, at 1:51 PM, Seidl, Scott wrote:
We use gnupg in an automated mode within the organization to encrypt/
decrypt documents exchanged between companies. The Key Pair we have
is expiring soon and I am replacing it with a new key pair. This
new key would be provided to the other
On Sep 4, 2009, at 10:06 AM, joachim.blomb...@vr-leasing.de wrote:
Hi,
im sending *.gpg Mail-Attachments to external Customers , but our
EmailFilter - BCC Mail protect Quarantine stopps the and we have to
release them manual.
I need the HEX File Siganture for GPG Files to customize that
On Sep 5, 2009, at 5:25 AM, Laurent Jumet wrote:
I found information about CAMELLIA.
According to this info, I suppose I can assume that CAMELLIA is
part of
OpenPGP *and* S11, S12 S13 are from now on, owned by CAMELLIA.
Yes, and GnuPG 1.4.10 and 2.0.12 (if libgcrypt is recent
On Sep 4, 2009, at 12:53 PM, M.B.Jr. wrote:
when symmetrically encrypting a file, e.g.:
$ gpg --output file.ods.gpg --symmetric file.ods
the command above generates a gpg extension encrypted AND compressed
file, is that correct?
Unless you've disabled compression in your gpg.conf file, yes,
On Sep 5, 2009, at 8:59 PM, M.B.Jr. wrote:
Hi David, thank you.
On Sat, Sep 5, 2009 at 1:11 PM, David Shawds...@jabberwocky.com
wrote:
On Sep 4, 2009, at 12:53 PM, M.B.Jr. wrote:
How do I know which compression algorithm was used?
Unless you've overridden the default, it is ZIP.
Ok
On Sep 8, 2009, at 3:33 PM, Faramir wrote:
Iván Cervantes escribió:
...
Changing a little my question, why I have only three options in my
gpg
installation¿?
I'll reply in English so other people can correct me if I am wrong.
I think unless you activate the expert options, you get a
On Sep 9, 2009, at 5:07 PM, BosseB wrote:
I have a number of encrypted files, which I need to decrypt. I have
installed GPG 1.4.9 on my Windows XP-Pro SP3 PC. I have the necessary
keyrings and they work with Thunderbird and Enigmail.
But as I said I need to decrypt files that are on my hard
On Sep 9, 2009, at 5:50 PM, BosseB wrote:
Funnily I only found GPG 1.4.9 on the GnuPG site even though Gpg4Win
came with some version 2.0.x, why is this?
There are two versions of GPG. One, the 1.4.x line is a self-
contained GPG that builds on many platforms. It only does OpenPGP.
The
On Sep 9, 2009, at 6:43 PM, Philippe Cerfon wrote:
Hi.
Now something more realistic and pracitcal.
I'm using gpg for anonymous but secured communication together with
some of my friends for some years now
Recently I've read on severa attacks on SHA1 and AES256 that could
also affect
On Sep 10, 2009, at 8:02 AM, Philippe Cerfon wrote:
On Thu, Sep 10, 2009 at 3:45 AM, David Shaw ds...@jabberwocky.com
wrote:
Yes, but it won't actually go away completely. SHA1 is special in
OpenPGP.
Unlike the other hashes, SHA1 is required to be supported.
Removing SHA1
from
On Sep 10, 2009, at 10:51 AM, Philippe Cerfon wrote:
Not really. If there were good reasons to believe OpenBSD's entropy
collector was better than Linux's, the Linux crew would fix the code,
maybe even borrowing OpenBSD's entropy collector.
Ah,.. right... it was the other way round it didn't
On Sep 10, 2009, at 3:36 AM, Sean Wilson wrote:
Does anyone know if the new OpenPGP 2.0 card supports Hushmail keys?
From what I understand Hushmail is based on OpenPGP so it should
work.
The key I have from my Hushmail account is 2048bit in length but
once I
copy the key onto the OpenPGP
On Sep 10, 2009, at 6:32 PM, Christoph Anton Mitterer wrote:
Hi folks.
On Thu, 2009-09-10 at 11:08 -0400, David Shaw wrote:
The real headache here is (as always) the practical - what to do with
existing keys and such. I suspect that removing SHA1 would
effectively mean a new key type
On Sep 10, 2009, at 8:38 PM, Daniel Kahn Gillmor wrote:
On 09/10/2009 06:32 PM, Christoph Anton Mitterer wrote:
3) One problem with such devices is,.. that one can never know
(well at
least normal folks like me) how good they actually are.
If this company would be evil (subsidiary of NSA or
On Sep 10, 2009, at 6:32 PM, Christoph Anton Mitterer wrote:
The people behind OpenPGP are working on a new OpenPGP proposal that
will use a stronger, better hash algorithm.
Have workings on an 4880 successor already started?
No, at this point things are mainly being proposed as *additions*
On Sep 10, 2009, at 5:44 PM, Philippe Cerfon wrote:
On Thu, Sep 10, 2009 at 10:21 PM, Robert J. Hansen r...@sixdemonbag.org
wrote:
I understood him to mean the key ID as the fingerprint of the
certificate's primary signing key, rather than checking each bit of
the
certificate's primary
On Sep 12, 2009, at 11:38 AM, Peter Lebbing wrote:
Hello list,
Does anybody know if the SCM SCR3320 USB card reader works with
GnuPG under
Linux? Specifically, I was thinking of buying the ChipDrive MyKey
2 from
Conrad[1] in The Netherlands. It's only 20 euros.
If you look at the product
On Sep 12, 2009, at 1:40 PM, Peter Lebbing wrote:
David Shaw wrote:
I can't speak to the MyKey device, but I have a SCR3320 and it works
just fine with GnuPG and the v2 card.
Great, thanks for the info. One more question, does your reader look
like
[1] or like [2]?
I must say I like
On Sep 13, 2009, at 4:52 PM, Sean Wilson wrote:
If I generate a brand new key pair and then add the key to an OpenPGP
2.0 card all works perfectly. But if I want to add the same key onto
another OpenPGP card (as a backup) I get the following error in
Thunderbird:
Error - decryption failed
On Sep 15, 2009, at 9:42 AM, Nicholas Cole wrote:
Hi all. This is a query mostly for my own interest, but I think it
might point to a change in the documentation being required.
I was slightly confused by this message
http://lists.gnupg.org/pipermail/gnupg-users/2009-May/036361.html
David
On Sep 16, 2009, at 1:56 PM, M.B.Jr. wrote:
Hi list,
I've recently had access to this document, written by the United
States Patent and Trademark Office (USPTO) which basically tries to
ban software patents.
The memorandum is here:
On Sep 16, 2009, at 4:15 PM, Robert J. Hansen wrote:
David Shaw wrote:
Whether this means IDEA is okay or not patent-wise, I have a slightly
different take on this: who cares about IDEA at this point? IDEA was
good back in the 90s and PGP 2.x. It's 2009 now, and we have better
ciphers than
On Sep 18, 2009, at 6:15 AM, Faramir wrote:
I while ago, I added a couple of lines to my gpg.conf file, and
at
that time I thought I knew what was I doing... but right now, I can't
remember exactly what effect do they have in gpg... maybe it is due to
lack of caffeine, but anyway, I'd
On Sep 18, 2009, at 6:46 AM, FOAD FOAD wrote:
Hi,
I want to know which version of gpg is install on my openbsd, could
you tell me how to do ?
Type gpg --version
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
On Sep 21, 2009, at 2:30 PM, Johan Wevers wrote:
David Shaw wrote:
If the some people still want this, I haven't seen it in a good
long
while. Possibly they gave up asking.
Probably. However, if someone wants IDEA support for whatever reason
there
is still the IDEA plugin. It still
On Sep 21, 2009, at 10:11 PM, M.B.Jr. wrote:
Gentlemen,
I really appreciate the comments you've made on the subject and the
little debates as well.
That was exactly what I was expecting.
Sometimes, regular users do not have the proper notion of whether some
functionality merits attention.
On Sep 22, 2009, at 1:11 PM, Daniel Kahn Gillmor wrote:
when encrypting messages to a user ID with multiple matching keys with
full calculated validity, gpg seems to just choose the first
matching
key, for some definition of first -- i think it's decided by
chronological age of first import
First of all, someone has factored a 512-bit RSA key (the one used to
protect a TI programmable calculator, it seems). It took 73 days on a
dual-core 1900Mhz Athlon64. It took just under 5 gigs of storage and
around 2.5 gigs of RAM. In other words: not much at all. It's not
some big
On Sep 22, 2009, at 4:40 PM, Daniel Kahn Gillmor wrote:
On 09/22/2009 04:09 PM, John W. Moore III wrote:
John Clizbe wrote:
IIRC, it's the first usable key with a matching User ID. Period.
First one it
can use.
thanks for catching that, John. It appears that if the first key
with a
On Sep 22, 2009, at 6:54 PM, Daniel Kahn Gillmor wrote:
Can you give me an example of a script
that has this behavior baked in to the point where adopting a better
heuristic would break it?
It doesn't work that way. The default is the first valid key. It's
been that way in the PGP world
On Sep 24, 2009, at 12:30 PM, M.B.Jr. wrote:
Hi David,
about the first tidbit:
On Tue, Sep 22, 2009 at 6:08 PM, David Shaw ds...@jabberwocky.com
wrote:
First of all, someone has factored a 512-bit RSA key (the one used to
protect a TI programmable calculator, it seems). It took 73 days
On Sep 24, 2009, at 3:13 PM, M.B.Jr. wrote:
On Thu, Sep 24, 2009 at 2:21 PM, David Shaw ds...@jabberwocky.com
wrote:
On Sep 24, 2009, at 12:30 PM, M.B.Jr. wrote:
Hi David,
about the first tidbit:
On Tue, Sep 22, 2009 at 6:08 PM, David Shaw
ds...@jabberwocky.com wrote:
First of all
On Sep 25, 2009, at 10:04 AM, Daniel Kahn Gillmor wrote:
Since most of
these tools rely on gpg as a backend, implementing a more-reasonable
choice in gpg seems like a good idea.
What troubles me about this sort of behavior is that it is genuinely
good and helpful in some cases and baffling
On Sep 25, 2009, at 7:19 PM, nschroth wrote:
I have been reading previous posts on this topic but have not found my
answer.
When I ENcrypt on BoxA using -r UserName, decryption on BoxB errors
with :
decryption failed: secret key not available.
However, doing the same test using the email
On Oct 11, 2009, at 11:50 PM, Jim Dever wrote:
Just a quick question:
Are there any caveats I should be aware of if I generate an RSA
signing
key with an Elgamal encryption subkey?
No caveats. In fact, my own key is exactly that.
David
___
On Oct 12, 2009, at 7:58 AM, Ciprian Dorin, Craciun wrote:
Hello all!
I'm facing the following problem: I need to run gpg-agent, but
without him going into background. Is there any solution to this one?
I'm not sure exactly what you're trying to do, but you can run gpg-
agent without
On Oct 15, 2009, at 9:37 PM, Dan Mahoney, System Admin wrote:
1) Currently the only tool that can generate a CERT record, make-dns-
cert, is not built or packaged by default under any os I've found
(I've tried FreeBSD and ubuntu). It has no documentation, no
examples, and only a terse
On Oct 20, 2009, at 10:55 PM, Dan Mahoney, System Admin wrote:
On Thu, 15 Oct 2009, David Shaw wrote:
On Oct 15, 2009, at 9:37 PM, Dan Mahoney, System Admin wrote:
I'm running:
echo foo | gpg -v -v --auto-key-locate cert --recipient gu...@gushi.org
--encrypt -a
And get gpg: error
On Oct 18, 2009, at 2:37 PM, Alejandro Erickson wrote:
Hi,
I'm a little confused about the verification/installation process.
I have gpg 1.4.7 which came with Mac OS X - assume I trust it. I
want to verify and install gpg 2. I download gnupg-2.0.13.tar.bz2
and gnupg-2.0.13.tar.bz2.sig
On Oct 23, 2009, at 6:38 PM, sari Al-alem wrote:
Hi
I dont know if this is the right place but im new to this encryption
software and i would like to ask some questions:
1- does GPG have to be installed on all users who will recieve my
mail?
2- does it have to be installed on the mail
On Oct 30, 2009, at 2:10 PM, Faramir wrote:
Hello,
In the hypothetical case I want to encrypt a file, using 3DES
symmetric
algo, and without using asymmetric encryption (the file would just be
encrypted with 3DES and a password provided by the user), how would it
be the syntax I must enter?
http://news.electricalchemy.net/2009/10/cracking-passwords-in-cloud.html
This is not, of course, an OpenPGP crack, but rather high-speed
password guessing. The nice thing about cloud password guessing is it
enables people to spin up massive cracking farms without actually
having to manage
On Nov 4, 2009, at 3:33 PM, Josselin Jacquard wrote:
Yes but you're supposed to pay to use ressource on a cloud system
arn't you ? Is it usable computing for free ?
Of course not. Where did anyone say it was free?
I said The nice thing about cloud password guessing is it enables
people
On Nov 7, 2009, at 10:24 PM, Kevin Kammer wrote:
On Sat, Nov 07, 2009 at 09:44:23PM -0500
Also sprach Robert J. Hansen:
Kevin Kammer wrote:
If I attempt to create a data signature using a 2048-bit DSA signing
key, and the SHA224 hash algorithm, GnuPG complains as follows:
~ $ gpg -u A39CE7E5
On Nov 8, 2009, at 11:11 PM, Robert J. Hansen wrote:
Kevin Kammer wrote:
Unless there is some inescapable constraint on the size of one's
signature, I am hard pressed to think of a reason for using SHA224
when
SHA256 is available.
Conformance with corporate IT policies. Many corporate IT
On Nov 9, 2009, at 8:20 AM, Kevin Kammer wrote:
On Mon, Nov 09, 2009 at 11:52:48AM +0100 Also sprach Werner Koch:
On Mon, 9 Nov 2009 04:17, r...@sixdemonbag.org said:
When did this changeover take place, and is there any way to get
the old
behavior back?
On 2009-07-09; that is since
On Nov 11, 2009, at 7:13 AM, Morten Kjærulff wrote:
Hi,
I am new here, so sorry if I ask stupid questions.
I would like to use my unused storage on various web servers for
backup of my personal data, including the file with all my passwords.
Q1) Assume that I make a good passphrase, would it
On Nov 11, 2009, at 10:49 AM, Kevin Kammer wrote:
On Wed, Nov 11, 2009 at 09:01:09AM -0500
Also sprach David Shaw:
AES256 is probably the best all-round choice in GPG if you want to
just say strongest and leave it at that
AES 192 or AES 128 may actually be a more secure choice than AES 256
On Nov 17, 2009, at 4:29 PM, Robert J. Hansen wrote:
Mario Castelán Castro wrote:
I need GNU PG 2 because i want to get out of the 1024 bits limit and
SHA forced for DSA, i want my next key (2010-2012) to be more secure
and accept some SHA2.
GnuPG 1.4.7 or later (? on the precise version #)
On Nov 17, 2009, at 12:38 PM, Melikamp T. Medley wrote:
Thanks for your answers, David, Timo.
A somewhat related question: is there a tool that is designed
to produce undetectable encryption, i.e. something that is
very plausibly random? I gather from your answers that gpg does
not do that.
On Nov 17, 2009, at 3:54 PM, Mario Castelán Castro wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
November 17th for David SMITH dave.sm...@st.com
Linux do not have a file command, that belogs to the rest of the OS.
Linux is only a kernel than is commonly used with the GNU Operating
On Nov 17, 2009, at 10:00 PM, M.B.Jr. wrote:
Hi list,
one lame confusion I'm facing now.
I was reading GnuPG's Signing Subkey Cross-Certification page [1],
and as a matter of fact, these two simple doubts did arise.
Suppose one provides the command:
gpg --gen-key
and chooses the default DSA
On Nov 18, 2009, at 8:49 AM, M.B.Jr. wrote:
Hi David,
On Wed, Nov 18, 2009 at 1:21 AM, David Shaw ds...@jabberwocky.com wrote:
On Nov 17, 2009, at 10:00 PM, M.B.Jr. wrote:
both my public and private keys will be built upon my DSA primary key
and my Elgamal encryption subkey?
I'm
On Nov 21, 2009, at 1:48 PM, ratzip wrote:
HI,guys
If some one has signed my key and set the trust level on my key, how
could I check the trust level he set?
which commands should I use?
It depends on what you mean by trust level. If you mean the
ownertrust, then you can't - that's
On Nov 21, 2009, at 6:47 PM, markus reichelt wrote:
* David Shaw ds...@jabberwocky.com wrote:
If you mean the signature verification level, then it is visible in
the --list-sigs output - 3 for positive verification, 2 for
casual verification, and 1 for persona (aka didn't check)
verification
On Nov 28, 2009, at 9:42 AM, Ciprian Dorin, Craciun wrote:
Maybe someone could clear this out (at least from GnuPG part). (My
original post was related with both GnuPG an OpenSSH).
~~ Original post:
(I have a very basic question that to most of the persons reading
this
On Nov 28, 2009, at 12:37 PM, Robert J. Hansen wrote:
David Shaw wrote:
Difficult question to answer, since everyone is going to wave around
their opinion. :)
There are some empirical facts which may be useful, though -- like
observing the RC5-64 project was able to break a 64-bit key via
On Nov 28, 2009, at 11:55 AM, Ciprian Dorin, Craciun wrote:
Thank you for the quick reply. (This is the kind of answer I was
hopping to get. :) ) It seems that `s2k-count` escaped me. :)
Maybe there should be an entry in the FAQ about this topic.
Related with my question about the
On Nov 29, 2009, at 5:13 AM, Werner Dittmann wrote:
All,
to set-up configuration script I use the libgcrypt-config command
to determine parameters about libgcrypt. During tests I get a
confusing result :-) when checking available algorithms:
To check the availabe algorithms I do:
On Jan 2, 2010, at 5:40 PM, Allen Schultz wrote:
GnuPG-Users:
Is there a way to force an expiration date when encrypting a message
for additional security. I have a friend who is inquiring. I've
already informed him of the for his/her eyes only option.
No, there isn't. The basic problem
On Jan 3, 2010, at 12:01 AM, Dan Mahoney, System Admin wrote:
On Sat, 2 Jan 2010, David Shaw wrote:
On Jan 2, 2010, at 11:10 PM, Faramir wrote:
Allen Schultz escribió:
GnuPG-Users:
Is there a way to force an expiration date when encrypting a
message
for additional security. I have
On Jan 4, 2010, at 1:17 AM, Robert J. Hansen wrote:
Morten Gulbrandsen wrote:
Allen Schultz wrote:
Is there a way to force an expiration date when encrypting a message
for additional security.
[...]
sure
http://vanish.cs.washington.edu/
There are, as near as I can tell, only
On Jan 4, 2010, at 10:02 AM, Stringer, Robert wrote:
Hi
We just downloaded the latest version of GNuPg, version 1.4.10.
Questions:
Can we reuse the same keys to encrypt the data?
Impossible to say without knowing how you are using GPG. I can say almost
certainly, though.
Can we
No terrible shock - we knew this was coming, but still, how
wonderfully neat, and a new factoring record, too.
http://eprint.iacr.org/2010/006
Note that 1024-bit RSA has not yet been factored, but if you haven't
phased it out yet, it's really time to get started. It's supposed to
be
On Jan 18, 2010, at 1:35 PM, Daniel Kahn Gillmor wrote:
so basically, what i'm saying is that the speedup is that you get to
throw away (2^16-1) of every 2^16 possible passphrases, but you still
need to do a signficant amount of work to figure out if you can throw
them away.
Exactly. The
On Jan 21, 2010, at 6:03 AM, Mohan Radhakrishnan wrote:
Hi,
Question 1 :
Is there any way to store a password in a keyring ? I
don't have a database for this. I was just thinking that I can hash
a password and use a keyring to store it to avoid the need for a
database.
Not
On Jan 17, 2010, at 12:23 PM, Sean Rima wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi
A friend on the pgpnet mailing list is using a hushmail.com gpg key but
when I import it, I get:
C:\Users\Sean Rimagpg --import test.txt
gpg: key C4E23A82: accepted non self-signed user
On Feb 16, 2010, at 2:29 PM, Stefan Xenon wrote:
Hi!
When using gpg --card-edit and fetch gnupg tries to download the
public key from a key server. Instead, is it possible to fetch the
public key from an OpenPGP Card v2.0 directly? If so, how to do this?
Otherwise do I need to keep a backup
On Feb 19, 2010, at 9:53 PM, Zy Zylek wrote:
I'm looking for a way to include a group of people in gpg file
encryption/decryption (not email-based, just gpg encrypted files) without
having to incorporate individual names, yet also such that more people can be
added to the group in the
On Feb 17, 2010, at 12:46 PM, Laurent Bigonville wrote:
Hi,
I've have a OpenGPG smartcard version 2.0 and I would generate digests
stronger than SHA1.
I've added personal-digest-preferences SHA256 to my gpg.conf file,
but when I sign a message the headers still uses SHA1. If I force with
On Feb 24, 2010, at 9:46 PM, Smith, Cathy wrote:
Folks
We are starting to migrate from OpenPGP to GnuPG. One of the batch jobs I
have to convert uses:
pgp +force
This is supposed to assume a yes to any interactive questions. I wasn't
clear after reading the man pages about the
On Feb 25, 2010, at 5:17 PM, Smith, Cathy wrote:
Folks
Another question about this migration. Is it possible to do a mass import of
a single user's keyring or do I have to do it for each individual key. I've
not been able to find anything so far about anything that addresses this.
Yes,
On Feb 26, 2010, at 11:24 AM, Robert J. Hansen wrote:
On 2/26/10 9:49 AM, MFPA wrote:
I thought signing somebody's key was just stating to the world that
you believe the claimed identity of the person who controls that key
at the time you are signing it - not an indication that you are in any
On Feb 26, 2010, at 1:30 PM, Grant Olson wrote:
On 2/26/2010 12:38 PM, MFPA wrote:
I am *not* advocating the implementation of any form of
Digital Restrictions Malware (DRM).
Uploading a somebody else's key without first checking it is OK by
them is a breach of their privacy and could
On Feb 26, 2010, at 3:37 PM, Grant Olson wrote:
Alas, while GnuPG supports the flag, no keyserver does.
David
Just curious... Does support just mean it sets the bit? Or will it turn
an attempt to --send-keys on that key into a no-op?
Support means it gives the user the ability to
On Feb 26, 2010, at 1:34 PM, Martin Bretschneider wrote:
Hi,
I want to recreate my GnuPG keys. My question is if I can omit the email
address? Since I do not want my email addresses to appear on the
keyservers because of spammers and so on. I only want to put my name and
maybe my
On Feb 26, 2010, at 4:10 PM, MFPA wrote:
Just curious... Does support just mean it sets the
bit? Or will it turn an attempt to --send-keys on
that key into a no-op?
Support means it gives the user the ability to set and
clear the bit (it is set by default).
Would there not be some
On Feb 26, 2010, at 12:04 PM, Robert J. Hansen wrote:
In some cases, the authorities knowing an individual used encryption
could be a problem.
Why? Because they have a key on the keyservers? If this is what you're
worried about, rest easy: there are so many easier ways to learn whether
On Feb 27, 2010, at 11:22 AM, Robert J. Hansen wrote:
On 2/27/10 9:58 AM, David Shaw wrote:
Do you really mean to suggest that a US authority getting email
headers - even without a warrant - is easier than typing a name into
a search box on a keyserver?
No. You're right, that's clearly
On Feb 28, 2010, at 12:54 AM, MFPA wrote:
On Saturday 27 February 2010 at 11:19:43 PM, you wrote:
GnuPG doesn't, at least as of 1.4.10, force you to include an e-mail
address in your user ID. It merely requests an e-mail address, and you
can just press enter and ignore the request.
On Feb 27, 2010, at 4:54 PM, Grant Olson wrote:
Doh! Originally sent off list... Maybe Robert got a psychic vibe...
On 2/27/2010 2:21 PM, MFPA wrote:
I don't want such a vote. Whether somebody chooses to include an email
address in their UID is up to the individual. I have not seen
On Feb 27, 2010, at 3:23 PM, Robert J. Hansen wrote:
I agree that generally speaking, it's a good idea to put keys on the
keyservers. I don't know if that makes it conventional wisdom, or who the
arbiter of such wisdom might be, but clearly a very common use of OpenPGP is
for encrypted
On Feb 28, 2010, at 4:20 PM, reynt0 wrote:
On Sat, 27 Feb 2010, Robert J. Hansen wrote:
. . .
The perfect is the enemy of the good.
Just to note, did RJH actually intend to write
...the enemy of the good enough., which I believe is
the usual quote? The two are rather different ideas,
On Feb 28, 2010, at 8:09 PM, Robert J. Hansen wrote:
You can certainly tell a lot about someone by the signatures on their key.
Either directly from the signature or because those signatures point to
other keys that have their own signatures, etc. With your permission, may I
see what I
On Feb 28, 2010, at 11:54 PM, Robert J. Hansen wrote:
David and I apparently had a bit of a misunderstanding. I thought he was
going to attempt to figure out information based solely on the key material:
he was using it as a springboard for other research. I think that both of us
are
On Mar 1, 2010, at 12:20 PM, Phillip Susi wrote:
I would like to keep the private portion of my primary key stored offline and
use an expiring secondary key for day to day signing. To accomplish this I
have tried backing up the key after creating the secondary signing key, then
attempting
On Mar 1, 2010, at 2:59 PM, John Clizbe wrote:
David Shaw wrote:
Didn't someone write a nice HOWTO about offline private keys at one point? I
thought there was one out there, but can't find it at the moment. Can anyone
post the URL for Philip?
Adrian von Bidder's page is the only one
On Mar 1, 2010, at 3:31 PM, Phillip Susi wrote:
On 3/1/2010 1:57 PM, David Shaw wrote:
What you need to do is an --export-secret-subkeys (there is no such command
as --delete-primary-keys). So, starting from a state where your whole key
(primary and all secondaries) are all imported
On Mar 1, 2010, at 4:11 PM, Phillip Susi wrote:
On 3/1/2010 3:37 PM, David Shaw wrote:
This does the trick, but I still do not understand why
--delete-secret-key removes BOTH the primary and subkey secrets
when I specifically gave only the ID of the subkey? Shouldn't it
remove exactly what
On Feb 28, 2010, at 2:58 PM, Grant Olson wrote:
On 2/28/2010 10:41 AM, Mario Castelán Castro wrote:
February 27th 2010 in gnupg-users@gnupg.org thread Hot to give the
keyword from the command line
Thanks Laurent, it works :).
Also, if you encrypt to a key, you shouldn't need to provide a
On Mar 2, 2010, at 9:18 PM, Smith, Cathy wrote:
Folks
The gpg --import option worked without any problems for importing the OpenPGP
public keyring. When I try to import the secret keyring, I get the following
message:
[app1 ~/.gnupg]$ gpg --import secring.skr
gpg: key B4A839CC:
1 - 100 of 1386 matches
Mail list logo
