Hi gnupgpack, :)
You can delete these values from your current gpg.conf.
s2k-digest-algo SHA256
s2k-cipher-algo AES256
cert-digest-algo SHA256
digest-algo SHA256
Reason 1: Those values are used when options like
'personal-cipher-preferences', 'personal-digest-preferences' and
'personal-compres
Il 26/11/2014 20:39, Peter Lebbing ha scritto:
> On 26/11/14 20:31, NdK wrote:
>> Well, IIUC with rhash you're giving the attacker another mean to tamper
>> with your message. Unless 'r' is chosen deterministically.
> 'r' is randomly generated for each signature by the /signing/ party. So the
> att
Hi gnupgpack, :)
You can delete these values from your current gpg.conf.
s2k-digest-algo SHA256
s2k-cipher-algo AES256
cert-digest-algo SHA256
digest-algo SHA256
Reason 1: Those values are used when options like
'personal-cipher-preferences', 'personal-digest-preferences' and
'personal-compres
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Peter,
I just wanted to say thank you very much for the explanation. It was very
enlightening.
I especially like the fact that, despite nobody asking specifically about
SHA-1, you
still decided to take the time to write a lengthy message explainin
On 26/11/14 19:52, Tristan Santore wrote:
> On 26/11/14 19:37, da...@gbenet.com wrote:
>> Hi Al,
>>
>> As so many have been aware, I tried LUbuntu amd64 LXDE with Thunderbird and
>> Enigmail - which
>> singularly failed to sign or even encrypt. I made add that Kleopatra Kgpg
>> GPA also failed to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2014-11-27 07:56, Tristan Santore wrote:
> Fedora is not dodgy! We only support Fedora for 2 releases + 1
> month! Stop using unsupported distributions then. Quite an ignorant
> statement to make. And that is the last I am writing.
More proof th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
Is there a GnuPG command/option combination that will produce a list
of just the v3 keys on a GnuPG keyring, or would I have to manipulate
the output from something like
gpg --with-colons --fingerprint?
- --
Best regards
MFPA
On 26/11/14 20:53, da...@gbenet.com wrote:
> On 26/11/14 19:52, Tristan Santore wrote:
>> On 26/11/14 19:37, da...@gbenet.com wrote:
>>> Hi Al,
>>>
>>> As so many have been aware, I tried LUbuntu amd64 LXDE with Thunderbird and
>>> Enigmail - which
>>> singularly failed to sign or even encrypt. I
On 26/11/14 19:37, da...@gbenet.com wrote:
> Hi Al,
>
> As so many have been aware, I tried LUbuntu amd64 LXDE with Thunderbird and
> Enigmail - which
> singularly failed to sign or even encrypt. I made add that Kleopatra Kgpg GPA
> also failed to
> work.
>
> As some of you are stuck with the min
On 26/11/14 20:31, NdK wrote:
> Well, IIUC with rhash you're giving the attacker another mean to tamper
> with your message. Unless 'r' is chosen deterministically.
'r' is randomly generated for each signature by the /signing/ party. So the
attacker loses control over the input to the hashing algo
Hi Al,
As so many have been aware, I tried LUbuntu amd64 LXDE with Thunderbird and
Enigmail - which
singularly failed to sign or even encrypt. I made add that Kleopatra Kgpg GPA
also failed to
work.
As some of you are stuck with the mind-set that the earth is flat eg "Oh it
works for me
there
Il 26/11/2014 20:15, Peter Lebbing ha scritto:
> Has something like randomized hashing[2] been considered by the OpenPGP
> standardization people?
Well, IIUC with rhash you're giving the attacker another mean to tamper
with your message. Unless 'r' is chosen deterministically. But then it
can be p
> My proposal doesn't have this problem. I want the manifest to summarize the
> entire content of the message, including sha256 (or whatever is considered
> good) fingerprints of each part.
1) What does a checksum add beyond the OpenPGP Modification Detection Code
(MDC)?
2) Why doesn't an attack
(By the way, how did the topic
- gpg.conf: settings for security and compatibility
ever get confused with the topic
- Setpref is not working or is it a bug or something?
because this definitely is the former but is called the latter. Also, @g, as you
apparently call yourself, you seem to start a ne
On 11/26/2014 10:59 AM, Anish Athalye wrote:
> What is the right place to send patches for and discuss security issues in
> gpg? The gpg-devel mailing list? Or directly to some particular person?
patches should go to gnupg-de...@gnupg.org, or to a bug report if you
file one here:
https://bugs.g
Hi,
What is the right place to send patches for and discuss security issues in gpg?
The gpg-devel mailing list? Or directly to some particular person?
Also, are there two different repositories for gpg 1/2 development? How exactly
is that organized?
Thanks,
Anish
__
Il 26/11/2014 15:30, Bjarni Runar Einarsson ha scritto:
> And if we further factor in viruses and phishing and
> exploits and spam, then widely deployed PGP/MIME might make the real
> world less secure, not more. :-P
Maybe including a mandatory proof-of-work that includes addressee
identity might
On 11/26/2014 02:19 AM, gnupgp...@on.yourweb.de wrote:
> Older versions of Debian (< sarge) don't support SHA512, AFAIK.
If anyone is running debian sarge (or even lenny, which came after
sarge), they have other problems. Those versions of the debian
operating system have not been maintained for
Hello!
I just couldn't resist the chance to play devil's advocate some more...
;-)
(Werner: Sorry about the duplicate, I fat-fingered the reply-all)
Werner Koch wrote:
> > It would be far, far more useful to have a signature for each part so
> > instead of a binary pass/fail, you get a more g
On Wed, 26 Nov 2014 12:14, gnupgp...@on.yourweb.de said:
> I am working with GnuPG-Pack, which includes extended gpg-1.4.18.
Sorry, I don't known GnuPG-Pack.
> s2k-count 100
Better use GnuPG-2 which uses a values suitable for the machines on
which you generated the key or change the passphr
Hi,
On Mon, 24 Nov 2014 09:24:28 +0100, Werner Koch wrote:
Bug reports please to the gnupg-users.
While executing a gpgsm --list-keys i noticed the following:
fingerprint: 9C:E2:38:44:6A:8E:gpgsm: conversion from 'utf-8' to 'CP850'
failed: Illegal byte sequence
4A:63:18:93:7C:41:62:7B:
Hi,
I have been asked to forward the CFP below. In case we want to do a
GnuPG BoF we should ask whether it is possible to share that devroom.
Shalom-Salam,
Werner
CFP: Security Devroom @ FOSDEM'15
AKA "Hardware and Software isolation mechanisms"
Next FOSDEM [1] will, again, have a se
Hello,
> No. The 2.0 cards from ZeitControl all support 4096 (if you feel a need
> for this). The problem was that old GnupG versions limited them to 3k.
I am working with GnuPG-Pack, which includes extended gpg-1.4.18.
This versions supports smartcard keys with 4096bit?
>> So, what are the mo
On Wed, 26 Nov 2014 08:19, gnupgp...@on.yourweb.de said:
> Many Smartcards are limited to key size <= 3072 bit, AFAIK.
No. The 2.0 cards from ZeitControl all support 4096 (if you feel a need
for this). The problem was that old GnupG versions limited them to 3k.
> So, what are the most useful c
On Mon, 24 Nov 2014 21:48, b...@pagekite.net said:
> 1. Mail clients have user interfaces that are at least somewhat
> optimized for conversations, like the one we are having now. Moving the
> text part into a container (rfc2822 or otherwise) breaks that flow for
> everyone.
Right. However, we,
On Mon, 24 Nov 2014 15:03, je...@seibercom.net said:
> On Mon, 24 Nov 2014 14:12:48 +0100, Werner Koch stated:
>
>> To be fair, that changed with Outlook 2010. We merely had not the
>> resources to change GpgOL to make use of the new Outlook structure.
>
> Interesting; has there been any movement
26 matches
Mail list logo
