GnuPG User ID expiry
Hi there, I tried to generate test keys with expired user IDs (under faked system time), but I failed, with gpg 1.4 as well as 2.1.8. I tried to use the options default-sig-expire and default-cert-expire as well as ask-sig-expire and ask-cert-expire when adding user IDs via --edit-key. However, gpg --list-options show-sig-expire --list-sigs indicates that the signatures expire “never”. How can I generate/add user IDs with expiration dates or change the expiration date of user IDs? Best wishes Jens ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gnupg-for-java
For those who'd prefer a TLS encrypted download over plain FTP, the compiled binaries can be found at https://www.blazrsoft.com/gnupg-for-java . They are the exact same files as the ftp downloads, just symlinked into the web server. -- Antony Prince Key ID: 0xAF3D4087301B1B19 Fingerprint: 591F F17F 7A4A A8D0 F659 C482 AF3D 4087 301B 1B19 URL: http://keyserver.blazrsoft.com/pks/lookup?op=get&search=0xAF3D4087301B1B19 signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: unlock keychain with pam authentication
On Tue 2015-09-22 11:13:38 -0400, SGT. Garcia wrote: > been looking for a solution to get gpg dance nicely with pam in the sense that > once a user authenticated in keychain is unlocked. that is to have one central > authentication that lasts for the duration of the user's session. You might be interested in libpam-poldi: http://www.g10code.com/p-poldi.html I'm not sure if it meets your particular goals/use cases, though. There are some conceptual caveats to what you're proposing: Note that a user's GnuPG secret keyring potentially contains multiple secret keys, and each secret key could be encrypted with a different password. which secret key would need to be decrypted to make that work? Potentially even scarier, if i can convince you to import key material, i could give you a secret key that is set with a passphrase that i know. Once you've done that, if the PAM module allows me to connect if i can unlock any key, then i could use it to unlock your account! You could also consider a more integrated desktop environment like GNOME, which has a single keyring/password manager that is integrated with account login. GNOME's keyring can be used to also talk to gpg-agent if both tools are configured to do so. hth, --dkg ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Facebook and OpenPGP
Robert, https://www.facebook.com/notes/protect-the-graph/update-facebook-openpgp/1646991155541029 is Facebook's announcement. I believe the @protonmail.ch e-mail address rather than the @facebook.com e-mail address is integrated since https://blog.protonmail.ch/protonmail-facebook-pgp/ references https://support.protonmail.ch/knowledge-base/using-protonmail-with-facebook-pgp/ So as far as I am aware there is no integration with the Facebook GraphAPI yet :( On Fri, Sep 25, 2015 at 1:05 AM, Robert J. Hansen wrote: > A friend at Facebook just clued me in to a story at The Register: > > http://www.theregister.co.uk/2015/09/24/facebook_crypto_upped/ > > I know nothing more about this than what's in the page. Figured some > people here might find it interesting, though. :) > > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Regards, Christian Heinrich http://cmlh.id.au/contact ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
