Hello. Your message is very bad written and I can barely understand it. I will answer what I have understood.
On 30/08/17 10:40, miz...@elude.in wrote: > ******************************************************* > hi all, > > i do not clearly understand the difference between .asc , .gpg , .sign , > .sig , cert and do not know the official_usage & conventions. > i made my own research before but ... unsuccessfully. The main specification for OpenPGP (the format used by the “gpg” command line program) is this: <https://tools.ietf.org/html/rfc4880>. *Apparently* it does not specify any file extension. There are some *conventions* regarding file names. “.asc” is used for _ASC_II-armored OpenPGP files. “.sig” is used for OpenPGP detached signatures (generated with “gpg -b”). I think that GNU PG uses “.gpg” by default for everything else (as long as it is in OpenPGP format). Anyway, what matters is the content of the file, not the file name. You can obtain a summary of the content of any OpenPGP file with “gpg --list-packets < FILE”. > key is also a certificate if i understood well what i read. > it looks like : > - gnupg uses public.key for being exported on a server_internal > operation. > - gnupg uses public.asc for being exported on an > e-mail/mailing-list_external I have no idea of what you mean by “server_internal operation”. GNU PG does not interfaces with e-mail at all. Many e-mail clients call GNU PG in the background, but then GNU PG will do whatever the e-mail client requests. Some people use the word “certificate” to refer to OpenPGP primary keys. Primary keys should not be confused with “revocation certificates”. *Revocation* certificates are a type of signed message that say “Do not longer this key; it may have been compromised or it is not longer in use” in a machine-readable way. The act of signing a key (that is, giving your word that the key belongs to whoever it claims to belong) is also called “certification”, and the resulting signature is called a “certification signature” in RFC 4880. > operation. > - gnupg uses cert for server/vpn = multiple keys > - key = gpg = cert ? > - cert = sign = sig = every keys (subkeys inc luded) > - cert = gpg = soft/file encrypted > - cert = asc = sign = sig = gpg = gpg2 ? > --- is it not the same ? GNU PG is the name of the software. “gpg” is the name of one of the command line programs that GNU PG provides. I do not understand the rest. > i do not clearly understand the difference between .cert .asc , .gpg , > .sign , .sig and do not know the official_usage & conventions. > - could i rename the public.* as .sign and what is the difference using > .sig ? > - could i export the public.key on the hkps-server or must i use the > public.asc ? > - could i rename public.asc in public.gpg2 ? > ... and the same questions come in my mind about the *SUMS files. > ... and the same confusion about user-id , fpr , e-mail : > --- is it not the same ? These are all misguided questions. The filename is irrelevant. The file extensions are there for *you* to help you recognize the files, not for GNU PG. > have you a link where all these embarrassing questions are clearly > explained ? Look at the “Documentation” page in the GNU PG web site <https://www.gnupg.org/documentation/index.html>. > OFF-TOPIC : could gnupg add a special option in his settings/option : > quantum resistant ? > I mean an embedded version of codecrypt. I am not a developer of GNU PG, but I assume that public-key algorithms resistant to quantum computing will be standardized (by some standard group like the IETF) and added to GNU PG *when* the need arises, just as support for ECC was recently added. *Currently* the factorization and discrete logarithm algorithms are enough. Also note that symmetric encryption algorithms are minimally affected by quantum computing. GNU PG implements, for example, AES-256 and SHA-512 which should be strong against quantum computers if they are strong against classical computers. Instead of worrying about quantum computers, worry about proper security practices as the end user. The chain is no stronger than the weakest link, and the user is almost always the weakest link. -- Do not eat animals; respect them as you respect people. https://duckduckgo.com/?q=how+to+(become+OR+eat)+vegan
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
