RE: Decrypt Issue

Paul, got it figured out. Programmer too stupid. The path to gpg.exe had changed, and I didn't catch it. -Original Message- From: Paul R. Ramer [mailto:free10...@gmail.com] Sent: Saturday, September 07, 2013 2:22 PM To: Diaz, John, A Cc: gnupg-users@gnupg.org Subject: Re: Decrypt Issue

Re: Why trust gpg4win?

On 9/9/2013 4:52 PM, Jan wrote: > Imagine an intact offline PC without "auto play" enabled for USB drives. Can't. USB is a peer protocol. There's an astonishing amount of computational power on both sides of that USB cable. Protocol negotiation is complex. Put it all together and you get a pee

Re: Why trust gpg4win?

On Mon, Sep 9, 2013 at 11:39 PM, Robert J. Hansen wrote: > On 9/9/2013 4:52 PM, Jan wrote: >> Imagine an intact offline PC without "auto play" enabled for USB drives. > > Can't. > > USB is a peer protocol. There's an astonishing amount of computational > power on both sides of that USB cable. Pr

Re: GPG and Outlook revisited

On 09/09/2013 12:17 PM, Peter Lebbing wrote: Remember that this would make it open source[1], but not free software. It can come with some provision that you do not offer binaries built from that source or modify the code. So then how do you know that the binaries he provides are built from the s

Re: Why trust gpg4win?

24.08.2013 23:14, Jan (takethe...@gmx.de) worte: It seems quite easy to advice people to have an offline windows PC with gpg4win on it and all their private stuff and a windows(?) online PC next to it. They could transfer encrypted messages with an USB stick from one PC to the other. I think this

Re: Problems using 10kbit keys in GnuPG instead of 4kbit keys

On Mon, Sep 9, 2013 at 12:28 PM, Ole Tange wrote: [snip] > Hopefully that will stop people from recommending against 10kbit keys > for the sake of the communication partners. While it certainly seems that 10kbit keys offer reasonable performance even for slow systems (thanks for doing the benchma

Re: GPG and Outlook revisited

On Mon, 9 Sep 2013 14:48, avi.w...@gmail.com said: > I use GPGShell too, but Werner has requested that we focus on open source > software on this list, and GPGShell is closed source. As we all owe an Well, my point was just that many folks are trying to improve security be using 4k or 10k keys wh

Re: GPG and Outlook revisited

Thanks all - alas we are on Outlook 2013, and given Outlook's market share it does seem pretty likely that the NSA would have poked into it as well. Maybe I can get them to let me speak IMAP to the mail store, and use Thunderbird for work too... Thanks! On 9/9/2013 6:32 AM, Werner Koch wrote: > O

Problems using 10kbit keys in GnuPG instead of 4kbit keys

I am really happy that no one so far shown any problems in the part on using 10kbit keys today (only the justification for using 10kbit keys seems to be controversial). I have therefore extracted the non-controversial part as a separate document: http://oletange.blogspot.dk/2013/09/problems-using-

Re: GPG and Outlook revisited

On 09/09/13 19:49, Avi wrote: > All he says on the matter is : > [...] > General: Do you sell your source-codes? > > Yes! It's just a matter of price. Send me an offer. :-) Remember that this would make it open source[1], but not free software. It can

Re: GPG and Outlook revisited

All he says on the matter is : General: Do you publish your source-codes? > > No! But when you've got the source-code for Windows, you can ask me again. > > > General: Do you sell your source-codes? > > Yes! It's just a matter of price. Send me an offer. :-) >

adding subkeys in gpg4 win

Was trying out gpg4win 2.2.0, and couldn't see how to add a subkey from either Kleopatra or GPA (was able to add it easily from the command line gnupg 2.0.21 that installs with gpg4win) Couldn't find anything about adding subkeys in the compendium. Is there something really basic that I missed

Re: Fedora GPG Key Server

Marcio B. Jr. wrote: > On Sat, Sep 7, 2013 at 7:28 AM, Werner Koch wrote: >> On Thu, 5 Sep 2013 22:22, marcio.barb...@gmail.com said: >>> https://lists.fedoraproject.org/pipermail/announce/2013-September/003180.html >> >> Please do not post a mere link. This assume that everyone is online and >>

Re: SSL on gnupg.org

On Mon, Sep 9, 2013 at 3:19 PM, Werner Koch wrote: > Due to public demand I enabled https for www.gnupg.org on v4 and v6. IT > is a 2048 bit CaCert certificate, so you need to install the cacert root > certificate. Excellent. > Note also that recent Mozilla browsers tell you in the certificate

RE: Decrypt Issue

I'm logging in with the service account, which is the same account that the mainframe JCL uses. -Original Message- From: Paul R. Ramer [mailto:free10...@gmail.com] Sent: Saturday, September 07, 2013 2:22 PM To: Diaz, John, A Cc: gnupg-users@gnupg.org Subject: Re: Decrypt Issue On 09/04/2

Re: Fedora GPG Key Server

This whole NSA blackmailing situation is causing strange reactions in you, sir. Marcio Barbado, Jr. On Sat, Sep 7, 2013 at 7:28 AM, Werner Koch wrote: > On Thu, 5 Sep 2013 22:22, marcio.barb...@gmail.com said: >> https://lists.fedoraproject.org/pipermail/announce/2013-September/003180.html >

Re: GPG and Outlook revisited

On Mon, 9 Sep 2013 09:55, laurent.ju...@skynet.be said: > You can use GPGShell that has a non-specific utility to Are you sure that such a closed source software is not on the list of the Bullrun program? Why does the author stick to closed-source despite that it is freeware he won't make

Re: GPG and Outlook revisited

On Mon, 9 Sep 2013 09:52, j...@enigmail.net said: > If you're already using the GPG4Win package, install the PGPOL Outlook plugin > that ships with it. It should work with Outlook 2003/2007. In fact we put quite some work into enabling it for OL2010 - no MIME stuff there, but at least we have op

Re: Some doubts about signature procedure

Hi Francesco, Let me review something about signing and what happens when you do it. Signing a signed email with PGP (or GPG, GnuPG or whatever) means that the message text is inspected by the PGP program and a small additional data file is produced that has a specific relationship to the message

Re: SSL on gnupg.org

On Mon, 9 Sep 2013 04:06, ghostba...@gmail.com said: > Are there any chances that gnupg.org could use SSL? I have seen some Due to public demand I enabled https for www.gnupg.org on v4 and v6. IT is a 2048 bit CaCert certificate, so you need to install the cacert root certificate. Note also th

Re: GPG and Outlook revisited

I use GPGShell too, but Werner has requested that we focus on open source software on this list, and GPGShell is closed source. As we all owe an enormous debt of gratitude to Werner and his team, the least we can do is honor his request on the list he maintains about the program he almost single-ha

Re: SSL on gnupg.org

Am Montag, 9. September 2013, 12:54:49 schrieb Peter Lebbing: > If there is /an/ organization that can spoof the authenticity of an SSL > website, it'll be the NSA. I will eat my hat[1] if they don't have access to > a few certificate authorities. > > If you want to verify authenticity of a downl

Re: SSL on gnupg.org

Am 09.09.2013 12:54, schrieb Peter Lebbing: > [1] Luckily, the washing label says "AZO free". I have no idea what that is, > though. OT: AZO colours make up the majority of artificial colours used for all kinds of stuff. They are known to have negative side effects on their own especially on speci

Re: SSL on gnupg.org

On 09/09/13 04:06, Jose Luis Rivas wrote: > I have seen some worrisome about downloading stuff from a site without a > proper SSL certificate, specially nowadays with the NSA issues which > include them in the middle of the internet pipes. SSL is precisely /not/ the technology to use to escape th

SSL on gnupg.org

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hello, Are there any chances that gnupg.org could use SSL? I have seen some worrisome about downloading stuff from a site without a proper SSL certificate, specially nowadays with the NSA issues which include them in the middle of the internet pipes

Re: Some doubts about signature procedure

On 09/09/13 09:42, Francesco C. wrote: > Hi, here I come back to ask you some clarification about the signature > procedure. > The purpose of signature procedure is making sure of anybody can't > modify the file you're trying to send. > > Many times they use also the check of Md5sum or SHA512Sum,

Re: Some doubts about signature procedure

On Mon, Sep 9, 2013 at 10:42 AM, Francesco C. wrote: > Hi, here I come back to ask you some clarification about the signature > procedure. > The purpose of signature procedure is making sure of anybody can't modify > the file you're trying to send. > > Many times they use also the check of Md5sum

Re: Recommended key size for life long key

On 9/9/2013 4:27 AM, Doug Barton wrote: > If what you meant was, "It's important for knowledgeable people to > examine how long various key sizes can be expected to remain secure" More like, "it is good that key lengths and their expected lifetimes be subjected to rigorous study," with a soupcon o

Re: Recommended key size for life long key

On 9/9/2013 5:27 AM, Peter Lebbing wrote: > [1] https://en.wikipedia.org/wiki/Bald_man_paradox Heh. I always heard that as the "beard paradox." Same basic idea, except the example given involves beards instead of full heads of hair. :) At age thirty-eight, I'm beginning to develop a bit of gra

RSA Conjectures

tl;dr version -- RSA has not been damaged. RSA is still believed to be a safe algorithm. The world is not ending. Do not panic. Anyone who tries to use what I've written here to fearmonger about the future will make me Distinctly Displeased. = Some people have been asking me to explai

Re: Recommended key size for life long key

On 09/09/13 04:04, Robert J. Hansen wrote: > Or you throw 125 machines at it instead of one. Or... etc. If something is > unsafe at work level X, it won't be safe at work level 125X. You've just proven that all RSA is unsafe! Repeated application (bald man paradox[1]) of your indeed valid premis

Some doubts about signature procedure

Hi, here I come back to ask you some clarification about the signature procedure. The purpose of signature procedure is making sure of anybody can't modify the file you're trying to send. Many times they use also the check of Md5sum or SHA512Sum, but anyway my question is: if any spiteful person

Re: GPG and Outlook revisited

Le 09/09/2013 08:00, Chris De Young a écrit : > Hello, > > It's been some time since I looked at options for integrating GPG and > Outlook on Windows, and at the time there seemed to be no particularly > good solutions. GPG4Win/Enigmail/Thunderbird works great for my personal > use, but work man

Re: Recommended key size for life long key

On 09/09/2013 12:49 AM, Robert J. Hansen wrote: On 9/8/2013 6:25 PM, Doug Barton wrote: he seems to have studiously ignored all of the facts that point to why what he's trying to do is a bad idea. Nitpick: I think what he's trying to do (make credible, accurate long-term projections) is a good

Re: GPG and Outlook revisited

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Hello Chris ! Chris De Young wrote: > It's been some time since I looked at options for integrating GPG and > Outlook on Windows, and at the time there seemed to be no particularly > good solutions. GPG4Win/Enigmail/Thunderbird works great for

Re: GPG and Outlook revisited

Chris De Young wrote: > Hello, > > It's been some time since I looked at options for integrating GPG and > Outlook on Windows, and at the time there seemed to be no particularly > good solutions. GPG4Win/Enigmail/Thunderbird works great for my personal > use, but work mandates Outlook, and in l

Re: Recommended key size for life long key

On 9/8/2013 6:25 PM, Doug Barton wrote: > he seems to have studiously ignored all of the facts that point to > why what he's trying to do is a bad idea. Nitpick: I think what he's trying to do (make credible, accurate long-term projections) is a good idea. I just think he's going about it in a wa

Re: Recommended key size for life long key

On 9/9/2013 3:03 AM, John Clizbe wrote: > Several minutes to verify a signature makes such large key sizes non-starters. > Folks using a baseline of a 1GHz cellphone seem to have no idea of the > lifetimes involved in MIL-SPEC equipment. I'm sure there are some 1 MIPS VAX > 11/780s still in militar

GPG and Outlook revisited

Hello, It's been some time since I looked at options for integrating GPG and Outlook on Windows, and at the time there seemed to be no particularly good solutions. GPG4Win/Enigmail/Thunderbird works great for my personal use, but work mandates Outlook, and in light of the latest NSA-related i

Re: Recommended key size for life long key

Robert J. Hansen wrote: > >> Based on the guess that 10kbit has the potential of not being broken >> within a person's life span: What problems would you experience if >> you chose to use a 10kbit key today instead of a 4kbit key (which >> seems to be the common choice - but which we are fairly