Re: OpenPGP Card in SIM Size.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jörn Bratzke wrote: > Hi, > > is it possible to cut the OpenPGP Card to the size of a SIM Card without > destroying it? > I am asking this because i want to use a Kobil KAAN SIM III Reader, its > a ccid compatible > USB Token which takes Cards in SIM size. I guess it should work ..?! > Of course, the problem with a card that small is that you could swallow it (or otherwise lose it) ;) I wonder if someone will start producing SIM-sized OpenPGP cards? How about as SD/XD cards? - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 |X Against HTML email & vCards http://tinyurl.com/cc9up| / \ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ0JD+7MAAH8MeUlWAQgYrwgAitQAEJPuzwz0UJO8HhIHrDHVh7Wb+R0y 2OYM9s8nJZtx+eZZ7+jpfVhIZpRsLNnIGWMuCYouNHqSeCtFCm0ZQY5ItZiqlfrm sBXqNs1cZBRFOS7eY0MO9K/cf3f7p3NPCm1kDKWbUqRdj0WOw9216/eaTBM4fALb e4MB0Du+UWJkkkEJhAJsOIEV8eLrXeeAAjuiWBYmr040h3p6JpLQotNoNJ5KfAzN SLE/9dnzYqJRV2aHRR/zaZSBf8NvoHPEGMW1ucKK1bgxKY5aAozEM52lc6VtA0Jv iEjx4jmIalRcqVnOP+WkO9pT5PCn51KcI1M0/yXYDhlgHnMUR0bdqw== =bCyO -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Convert "Sign Only" Primary Key
Hi, a time ago I created a "Sign Only" DSA Key with an ElGamal Encrypt Subkey. Now I noticed that it is not possible to encrypt a message with PGP to this Public Key because PGP only sees the "sign only" primary Key and not the encrypting subkey. Ist there a possibility to convert the "Sign Only" primary Key to a "Sign and Encrypt" Key? Any other possibilitys to use this Key, so it is compatible with PGP? Many thanks for Your help! Bye, Klaus ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Convert "Sign Only" Primary Key
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Klaus Fuerstberger wrote: > Hi, > > a time ago I created a "Sign Only" DSA Key with an ElGamal Encrypt > Subkey. Now I noticed that it is not possible to encrypt a message with > PGP to this Public Key because PGP only sees the "sign only" primary Key > and not the encrypting subkey. > Must be a very old version of PGP... > Ist there a possibility to convert the "Sign Only" primary Key to a > "Sign and Encrypt" Key? > It's not possible to use DSA keys for encryption. You can however generate RSA sign & encrypt keys. > Any other possibilitys to use this Key, so it is compatible with PGP? > I'll cc: this to PGP-Basics @ yahoogroups; see what the people over there can dig up. - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 |X Against HTML email & vCards http://tinyurl.com/cc9up| / \ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ0JTri/ia4ZoBgmdAQg0pQf/TU5I4Frw54QqJTd8EHYYhIBMqb5iCW2Y JUlrXJcSHQ3rOg5PbUlXL8RO1gq7oGIZN+4pm/fnxcFlZ/o+uMx9mKl4QQM9GL3T LXL2xgwPNlcHH9mU5sXZza/OfeXsPTar2axpeAKgrR16dzNYztLdgBCvjLrq6MdG 5XLdKeaGJecCOLrD8utUm4G9cSA5Z2hyqx6oVsF/bI60qQZhqQ5Bnwp/zpAKtNWI 535lFexUVVhNWxho7koakcAXBbrf1hHbZikUwxN68LroXHM3usFOyHB/hPedE9q2 zvuwcCiaky6P2A+fdRAujQUH5BnPe4p+dRITyjrbEh6NMsxU05EUfg== =BDNN -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: OpenPGP Card in SIM Size.
On Mon, 03 Oct 2005 23:27:50 +0200, Jörn Bratzke said: > is it possible to cut the OpenPGP Card to the size of a SIM Card without > destroying it? Should be possible with a sharp tool. I have no experience, though. Shalom-Salam, Werner ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: libpam_poldi without entering pin
On Sun, 02 Oct 2005 21:26:15 +0200, Jörn Bratzke said: > I am sucessfully using libpam_poldi with my OpenPGP Smartcard to > authenticate myself, but i still have a question, is there a way to > authenticate without entering the pin? I allready tried to set the > "Force signature pin" Option to no but this didnt work. With force signature pin option the card itself requires that a PIN is presented before each signature creation; i.e. the card does not cache the PIN internally. We have a hack using the login-data to tell the code that the card uses a standard pin. There is parsing code in app-openpg.c but it is not currently used. It is on my todo list. /* GnuPG makes special use of the login-data DO, this function parses the login data to store the flags for later use. It may be called at any time and should be called after changing the login-data DO. Everything up to a LF is considered a mailbox or account name. If the first LF is followed by DC4 (0x14) control sequence are expected up to the next LF. Control sequences are separated by FS (0x28) and consist of key=value pairs. There is one key defined: F= Were FLAGS is a plain hexadecimal number representing flag values. The lsb is here the rightmost bit. Defined flags bits are: Bit 0 = CHV1 and CHV2 are not syncronized Bit 1 = CHV2 has been been set to the default PIN of "123456" (this implies that bit 0 is also set). */ CHV2 is used with the authentication key. Salam-Shalom, Werner ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Windows Corp Implementations
On Thu, 15 Sep 2005 01:46:37 -0700, Richard Sperry said: > What I want to do is extend the AD schema possibly with ADAM to incorperate > basic keyserver functionality. Any clues, I know ldap > is outdated but it will work well for AD admins. IIRC, David Shaw already replied to this. > Next I was wondering what it would take to make the gpgexch have the ability > to do the following: > Rich Text (so I can paste out of word and what not) We will support HTML, AFAICS this should allow you to paste text from Word to Outlook. > Symmetric encryption for mailing lists I have made a note to implement that. I don't think that this is widely used. > Auto key retreveal if it is not in the pub ring (from the perfered key > server, perferably ldap) For signatures this can already be done by setting an appropriate option into gpg.conf. For encryption (i.e. no recipient key available) I am proposing a thing called PKA which as a side effect allows auto retrieval of keys. However this requires an widely deployed infrastructure implemented in the DNS. The future will show how this works out. Salam-Shalom, Werner ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Convert "Sign Only" Primary Key
Alphax said the following on 10/04/05 12:04: >>>a time ago I created a "Sign Only" DSA Key with an ElGamal Encrypt >>>Subkey. Now I noticed that it is not possible to encrypt a message with >>>PGP to this Public Key because PGP only sees the "sign only" primary Key >>>and not the encrypting subkey. > Must be a very old version of PGP... Maybe You missunderstand my procederes: $ gpg --gen-key Please select what kind of key you want: (1) DSA and ElGamal (default) (2) DSA (sign only) (4) RSA (sign only) Here I selected "2". After the key creation I did a: Command> addkey Please select what kind of key you want: (2) DSA (sign only) (3) ElGamal (encrypt only) (4) RSA (sign only) (5) RSA (encrypt only) Here I selected "3". This key does not work with PGP5 for encryption. Only for signing. Bye Klaus ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Convert "Sign Only" Primary Key
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Klaus Fuerstberger wrote: > Alphax said the following on 10/04/05 12:04: > > a time ago I created a "Sign Only" DSA Key with an ElGamal Encrypt Subkey. Now I noticed that it is not possible to encrypt a message with PGP to this Public Key because PGP only sees the "sign only" primary Key and not the encrypting subkey. > > >>Must be a very old version of PGP... > > > Maybe You missunderstand my procederes: > $ gpg --gen-key > Please select what kind of key you want: >(1) DSA and ElGamal (default) >(2) DSA (sign only) >(4) RSA (sign only) > > Here I selected "2". After the key creation I did a: > > Command> addkey > Please select what kind of key you want: >(2) DSA (sign only) >(3) ElGamal (encrypt only) >(4) RSA (sign only) >(5) RSA (encrypt only) > > Here I selected "3". > > This key does not work with PGP5 for encryption. Only for signing. > It may be that PGP 5 doesn't support ElGamal keys. Try adding an RSA subkey. - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 |X Against HTML email & vCards http://tinyurl.com/cc9up| / \ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ0J757MAAH8MeUlWAQhZlggAjao1fhPEx4AHlDETCAHXAVTqMv6rZhJk PmU5oecEkk/IkS1JLXdacrpNzSl+1FUL3nSVYPdAUSq+ZQ8TEBdHnvhnKW8EjOaQ G7JIAEBW9xn6ctLEGkDGdPQYdsjB6dFuCmnjleQtLEsw6XE2VGDyRLBUPhpKG0Lq 66i2WtNK2T9+bh913jdQHMt2xpf86LAxAySAEZA7jYqh6mL2+SV5/+Lbkg1JRl3D SREiNFWPQENYpnUQ3vY0yrUR96AzbCR1ucRk7b7GtJjxnTaIT7kRpy9bCqXM1zHV x2G7xnDuWk1uiRyJkUlNGsuzOAIw4D/V4ei3EHkA1FMBMMKjmXxmFQ== =Ukir -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
OpenPGP Card and ssh howto
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi there i sucessfully used my OpenPGP Card together with ssh and I worte a very very short and rather compact HOWTO for this. You can find it at http://cyphertext.de/ssh-openpgpcard-howto.txt Hope someone finds it usefull. Greetings, Jörn ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpa / gpg-agent
On Thu, 15 Sep 2005 19:12:00 -0400, Gary Graham said:
> I do not see any notes on how to run gpg-agent. I went thru the
The manual describes how to install and use it. ("info gnupg")
> Is this the right mailing list to discuss GPA? There are too many
> problems to mention before finding out if this is the correct place to
> address it.
There is a gpa-dev at gnupg.org list which might be buiter suited.,
BTW, we are currently in the process of cleaning up some GPA bits.
Shalom-Salam,
Werner
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
gnome-keyring
Greetings All. I haven't follwed this list lately but google claims that my question hasn't been asked yet ;) What do you think about using gnome-keyring to store GnuPG passwords? As far as I know it allows one either store a password permanently in an ecrupted file or in a temporary "session" keyring, which is the same what gnupg-agent-does. -- |/ |_, _ .- --, Już z każdej strony pełzną, potworne żądze |__ |_|. | \ |_|. ._' /_. Będę uprawiał nierząd, za pieniądze pgpa4WxQqhKef.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
