Is it possible to sign a key again after revoking a signature?

Hi all, I'm new to GnuPG and have probably been a little too ambitious for my own good. I originally signed key AB4DFBA4 at level 3 after a meetup, but was later paranoid that I was too lax and wanted to resign it at level 2, but did the resigning (by deleting the first signature locally) and revo

Re: Is it possible to sign a key again after revoking a signature?

On fre, 2013-08-02 at 07:17 +0200, Philip Jägenstedt wrote: > The first time I bypassed this didn't turn out great, so can someone > confirm to me that my (3) existing signatures locally, signing again and ... that *deleting* my signatures locally ... / Philip signature.asc Description: This i

Re: How to detect fingerprint and type of the key from pubring.gpg(public keyring file)?

On Aug 1, 2013, at 6:58 PM, Martin T wrote: > Hi, > > RIPE(RIR in European region) database allows one to upload ASCII armored PGP > public keys: http://www.ripe.net/data-tools/support/security/pgp Server-side > software is able to generate some "key-cert" object attributes automatically. > F

How to detect fingerprint and type of the key from pubring.gpg(public keyring file)?

Hi, RIPE(RIR in European region) database allows one to upload ASCII armored PGP public keys: http://www.ripe.net/data-tools/support/security/pgp Server-side software is able to generate some "key-cert" object attributes automatically. For example "method", "owner" and "fingerpr": noc@T42 ~ $ who

Re: gpg use in Debian popcon

> On Wed, 31 Jul 2013 13:51, bill.allomb...@math.u-bordeaux1.fr said: > > > gpg --no-default-keyring --keyring debian-popcon.gpg --trust-model=always \ > > --armor -o "$POPCONGPG" -r "$POPCONKEY" --encrypt "$POPCON" > > You better add the option "--batch" and because you are using "-o" you >

Re: gpg use in Debian popcon

On Wed, Jul 31, 2013 at 04:46:34PM -0400, Daniel Kahn Gillmor wrote: > hi Bill-- > > On 07/31/2013 07:51 AM, Bill Allombert wrote: > > > I am the maintainer of Debian popularity-contest > > > > thank you! > > > 1) This creates spurious empty files in /root/.gnupg > >

Re: Successful experiment boosting the number of users using OpenPGP verification for file download

Responding to a message at random ... There is a much simpler way to encourage downloading the signature files. Bundle the exe and signature in a zip file, and make that the only download available. However, what you really want to encourage is the verification of the signature (ignoring the

Re: Successful experiment boosting the number of users using OpenPGP verification for file download

Werner Koch: > On Wed, 31 Jul 2013 19:30, adrela...@riseup.net said: > >> verification is the least secure method, to the download page? >> (You can see the design here: [3]) >> >> A: 1 in ~11 users. > > Actually [3] is the same URL as [1]. Sorry about that. [1]: www.webcitation.org/6IWk5h4E9

Re: Successful experiment boosting the number of users using OpenPGP verification for file download

On 31.07.2013, adrelanos wrote: > Downloading a signature doesn't imply, the user > successfully managed to use OpenPGP verification or that the user > couldn't be tricked or just ignored an invalid signature error message. And therefore, these numbers are without meaning. While there is eviden

Re: Successful experiment boosting the number of users using OpenPGP verification for file download

On Wed, 31 Jul 2013 19:30, adrela...@riseup.net said: > verification is the least secure method, to the download page? (You can > see the design here: [3]) > > A: 1 in ~11 users. Actually [3] is the same URL as [1]. > standards. However, while the number of downloads didn't decrease, the > numbe

Re: gpg use in Debian popcon

On Wed, 31 Jul 2013 13:51, bill.allomb...@math.u-bordeaux1.fr said: > gpg --no-default-keyring --keyring debian-popcon.gpg --trust-model=always \ > --armor -o "$POPCONGPG" -r "$POPCONKEY" --encrypt "$POPCON" You better add the option "--batch" and because you are using "-o" you should also us