Dear Members
What are the algos that are compromised ? or NOT to be used ? If this is too
long a list
What are the Algos that are _to_be_
/or/
_could_be_ used
/or/
_not_yet_compromised_
I understand that choosing the key size and algo is something personal and
others cant decide. but I'm tr
On Thu, May 21, 2009 at 01:19:44PM -0400, Steven W. Orr wrote:
[snip]
> The proper way to deal with this is to:
>
> * Source in your .bashrc from your .bash_profile
> * Set all of your environment variables in your .bash_profile
> * Check in your .bashrc to see if PS1 is set. If not then you are n
I have been creating key-pars for me and helping other people. Since I
am not a cryptographer I use always GPG defaults options and
suggestions (line command)
Alfter all this new stuff (creating sha-1 collisions, md-5 ? or so)
should I change the procedures I used to use?
Should I revoke (and he
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Allen Schultz escribió:
> For the reason of SHA1 issues in the news, I've recently set up
> a new OpenPGP key, and
> will be transitioning away from my old one.
...
> To fetch my new key from a public key server, you can simply do:
>
> gpg --keyser
2009/5/21 Steven W. Orr :
>
> This topic is getting far more complicated than you might expect.
I'm familiar with the differences between bash_profile and bashrc and
when they are or at not read. Or least I believe I am.
> If you use su then you do not go through the .bash_profile unless you use
(also cc'd to GnuPG-Users. This thread seems like it's more appropriate
there; let's continue it there if possible.)
John W. Moore III wrote:
> Presumably this tactic would also be effective by visiting a State
> Website.
I chose the example I did because I couldn't find information on
Arkansas
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Allen Schultz wrote:
> Thank you for the information. I will clearsign this using the
> new key only.
> Let me know if this signature does not work either.
OpenPGP Security Info
UNTRUSTED Good signature from Allen Schultz (aldaek)
Key ID: 0xF556
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Thu, May 21, 2009 at 7:31 AM, Raimar Sandner wrote:
> After all the _old_ key could have been compromised, that is
what I meant :)
Thank you for the information. I will clearsign this using the
new key only.
EE79C636 has already been updated [a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Pawe³ ¯uk wrote:
> I can not upgrade my current version of gnupg
Can You please be more specific regarding why You cannot Upgrade GnuPG?
Since You are apparently using a Windows O/S [based upon the version of
Thunderbird this message was sent with
On Wednesday, May 20th 2009 at 17:36 -, quoth Chris Babcock:
=>On Wed, 20 May 2009 20:00:42 +0100
=>mike _ wrote:
=>
=>> Can anyone offer any insight in this issue?
=>
=>http://www.joshstaiger.org/archives/2005/07/bash_profile_vs.html
=>
=>In .bash_profile, you will have something *like* this
On May 20, 2009, at 5:25 AM, Paweł Żuk wrote:
I use gnupg 1.2.1 version
For same cases during decrypting I receive:
gpg: encrypted with 2048-bit RSA key, ID 453733BB, created
2006-02-13 "Comapny (User) " gpg:
md_enable: algorithm 8 not available
This subject is increasingly off-topic for -devel. I've cc'd this
message to -users; let's see if we can't move the thread there.
Niels Dettenbach wrote:
> Hmmm, Keysigning parties makes sense if they strictly follow serious
> procedures and requirements - but can't give a 100% security (as the
>
On Thursday 21 May 2009 15:15:18 Raimar Sandner wrote:
> I believe (an I think others do too) it is good praxis to not sign new keys
> even if you have signed the old one and the new key is signed by the old
> one, without personally checking with the keyholder first. After all, the
> new key could
Hello
On Thursday 21 May 2009 11:35:44 Allen Schultz wrote:
> For the reason of SHA1 issues in the news, I've recently set up
> a new OpenPGP key, and
> will be transitioning away from my old one.
> This message is signed by
> both keys to certify the
> transition.
I have not recieved signatures
On Wednesday 20 May 2009 19:53:47 Fayina Zaporozhets wrote:
> I did trust and signed the key before:
>
>
>
> C:\GNU\GnuPG>gpg --edit-key E3655B17
>
> gpg (GnuPG) 1.4.9; Copyright (C) 2008 Free Software Foundation, Inc.
>
> This is free software: you are free to change and redistribute it.
>
> Ther
Allen Schultz wrote the following on 5/21/09 5:35 AM:
[...]
>
> Please let me know if there is any trouble, and sorry for the
> inconvenience.
[...]
No inconvenience.
Results of signature verification and key usage:
-BEGIN GPG OUTPUT-
gpg: Signature made Thu May 21 05:34:13 2009 EDT u
2009/5/20 Chris Babcock :
>
> In .bash_profile, you will have something *like* this:
> if test -f $HOME/.gpg-agent-info &&kill -0 `cut -d: -f 2
> [cut]
Nothing like that
b...@foo:~> grep -ir gpg-agent /etc/bash* 2>/dev/null
b...@foo:~> grep -ir gpg-agent /etc/profile* 2>/dev/null
b...@foo:~>
Good afternoon,
I have one problem encrypting the file using gnupg.
When I run:
cmd/c c:\gnu\GnuPG\gpg --homedir C:\GNU\GnuPG\pubrings\ --yes -e -r
"E3655B17" Medgate_LeaveOgAbsenceStatus_2009-05-20.csv 2>errors.txt
I'm getting the question:
pub 2048g/5A85DEB2 2008-07-14 Sch
On Monday 18 May 2009 16:35:29 Christoph Anton Mitterer wrote:
> In principle it is possible by issuing new self-sigs, but gnupg
> doesn't support this AFAIK.
Does there exist another program to do this (I won't tell anyone ;) )? The PGP
Desktop applications doesn't seem to be able to do anything
On Monday 18 May 2009 16:46:02 Resul Cetin wrote:
> On Monday 18 May 2009 16:35:29 Christoph Anton Mitterer wrote:
> > In principle it is possible by issuing new self-sigs, but gnupg
> > doesn't support this AFAIK.
>
> I will look at the gnupg source code to try to find the correct section to
> man
On Friday 15 May 2009 12:30:27 Resul Cetin wrote:
> Is there now a good way to move a subkey between two keys? The method
> described at http://atom.smasher.org/gpg/gpg-migrate.txt don't work because
> in the step "resign using the expire trick" doesn't work. I cannot see a
> usage behind the short
I use gnupg 1.2.1 version
For same cases during decrypting I receive:
gpg: encrypted with 2048-bit RSA key, ID 453733BB, created 2006-02-13
"Comapny (User) "
gpg: md_enable: algorithm 8 not available
gpg: Signature made Tue May 19 16:10:09 2009
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256,SHA1
For the reason of SHA1 issues in the news, I've recently set up
a new OpenPGP key, and
will be transitioning away from my old one.
The old key will continue to be valid for some time, but i
prefer all future
correspondence to come to the new o
23 matches
Mail list logo
