Re: GPGSM detached signature without auth attributes

Hi, I forgot to include the links to the docs. [1] http://g10code.com/docs/openpgp-card-2.1.pdf [2] http://g10code.com/docs/openpgp-card-3.0.pdf Stephan Beck: > Hi Jerney, > > Jernej Kos: >> Hello! >> >> I would like to use GPGSM to sign a Linux kernel module with a private >> key stored on an

Re: Implications of a common private keys directory in 2.1

Hello Werner! On Mon, 21 Nov 2016 10:28:47 +0100, you wrote: >On Sun, 20 Nov 2016 21:37, c...@nymph.paranoici.org said: > >>>Is there any chance to get that disentangled, maybe by defining a >>>separate secret key directory for each public .kbx keyring in use? > >No. > >> The silence makes me bel

Re: configure warnings and errors upon ./configure for Pinentry v0.9.7

Hi, David Adamson: > On Mon, Nov 21, 2016 at 12:33 PM, Stephan Beck wrote: >> Hi, >> >> David Adamson: >> >> If you only want to use the command line (i.e. text mode) and do not >> need a GUI, you'll probably need the pinentry-curses package. Install it >> by typing: sudo apt-get install pinentry

Re: GPGSM detached signature without auth attributes

Hi Jerney, Jernej Kos: > Hello! > > I would like to use GPGSM to sign a Linux kernel module with a private > key stored on an OpenPGP smartcard. As to the OpenPGP card 2.1 [1] specification, you can store the private key of an X.509 certificate on card (Data Object Cardholder Certificate, TAG 7F

Re: configure warnings and errors upon ./configure for Pinentry v0.9.7

On Mon, Nov 21, 2016 at 12:33 PM, Stephan Beck wrote: > Hi, > > David Adamson: > > If you only want to use the command line (i.e. text mode) and do not > need a GUI, you'll probably need the pinentry-curses package. Install it > by typing: sudo apt-get install pinentry-curses Thanks for the tip.

Re: configure warnings and errors upon ./configure for Pinentry v0.9.7

Hi, David Adamson: > On Mon, Nov 21, 2016 at 4:16 AM, Werner Koch wrote: > >>> configure: error: No pinentry enabled. >> >> You need to install the appropriate development package for the GUI >> platform. > > I looked for a GUI platform but had no idea what it's called where to > find it and wh

Re: gpg-agent crashes on Windows 10

On 2016-11-18 at 09:45, Matthias Wachs wrote: > Hi Werner, hi all, > > 2.1.12 may be outdated but is the latest version for Windows (available on > Heise): > https://www.heise.de/download/product/gnu-privacy-guard-gnupg-1677/download > > The version included in gpg4win is even older: > https://ww

Re: How to prevent passphrase caching in 2.1

Hello Werner, thanks for your fast reply. On Mon, 21 Nov 2016 10:30:51 +0100, you wrote: >On Sun, 20 Nov 2016 22:18, c...@nymph.paranoici.org said: > >> to gpg-agent.conf the official way to deactivate passphrase caching >> completely and make GnuPG only use the term transferred with the > >Plea

Re: configure warnings and errors upon ./configure for Pinentry v0.9.7

On Mon, Nov 21, 2016 at 4:16 AM, Werner Koch wrote: >> configure: error: No pinentry enabled. > > You need to install the appropriate development package for the GUI > platform. I looked for a GUI platform but had no idea what it's called where to find it and why I need a GUI if I plan on using

Re: Primary and Signing Key on Different Smart Cards

On 21/11/16 11:04, Peter Lebbing wrote: >>> >> rather trust GnuPG's random number generator than the one on a cheap >>> >> smartcard >>> >> (or any smartcard for that matter). So I would recommend to not use the >>> >> on-card >>> >> key generation feature anyway. >> > >> > That's quite an inter

Re: Primary and Signing Key on Different Smart Cards

On 20/11/16 22:50, Anton Marchukov wrote: > I think you will have to keep it as backup too in case you will want > to add another smartcard with a new subkey to an existing key or not? Oh, good point! Maybe it's possible without on-disk keys, I'll try it out later. Otherwise: yes, it would be impo

Re: Primary and Signing Key on Different Smart Cards

On 20/11/16 22:48, Anton Marchukov wrote: >> Which version, GnuPG 2.0 or 2.1? I think you can use 2.1 to reach the desired >> outcome without difficulty, even if it might be a bit non-standard. > > I have 2.1.11 Ah! I don't have time right now, but once I do, I'll try to see to write up some inst

Re: How to prevent passphrase caching in 2.1

On Sun, 20 Nov 2016 22:18, c...@nymph.paranoici.org said: > to gpg-agent.conf the official way to deactivate passphrase caching > completely and make GnuPG only use the term transferred with the Please describe what you want to achieve. Salam-Shalom, Werner -- Die Gedanken sind frei. Aus

Re: Implications of a common private keys directory in 2.1

On Sun, 20 Nov 2016 21:37, c...@nymph.paranoici.org said: >>Is there any chance to get that disentangled, maybe by defining a >>separate secret key directory for each public .kbx keyring in use? No. > The silence makes me believe that what I described is intended behavior, > not a 2.1 design fla

Re: configure warnings and errors upon ./configure for Pinentry v0.9.7

On Sat, 19 Nov 2016 21:51, davidadamson...@gmail.com said: > *** The config script /usr/local/bin/gpg-error-config was > *** built for x86_64-pc-linux-gnu and thus may not match the > *** used host x86_64-unknown-linux-gnu. This warning is a bit unfortunate but it is harmless. Both platform trip