On Tue, Jul 9, 2019 at 2:10 PM Werner Koch wrote:
> The problem I see is that the keyservers need to check the validity of
> the 0x50 signature first. Only this will allow them to distribute only
> key-signatures which have veen approved buy the key owner.
Correct, a keyserver would need to val
On Tue, 9 Jul 2019 15:50, gnupg-users@gnupg.org said:
> setting it up and the feedback has been overwhelmingly positive. The
> only thing I needed was basically the local-part hash and actually
> that's what I built the checker for, to generate the URL in an easy
I think things are even easier n
On Tue, 9 Jul 2019 10:10, gnupg-users@gnupg.org said:
> However, if gpg doesn't support a way of adding that subpacket, then
> creating easy-to-copy-and-paste commands for users to use to approve
> signatures becomes difficult.
The problem I see is that the keyservers need to check the validity
Hi Bernhard,
On 09.07.2019 16:47, Bernhard Reiter wrote:
Once upon
a time I mailed random PGP-using people asking if they'd consider
setting it up and the feedback has been overwhelmingly positive.
Cool, if you receive answer, please help us to keep the list of supporting
organisations growing
Hmmm, ok.
Yes, I am considering ways of letting a user "whitelist" signatures on
their public key, and using the Signature Target subpacket[1] seemed
like a way to do that.
However, if gpg doesn't support a way of adding that subpacket, then
creating easy-to-copy-and-paste commands for users to u
Hello!
We are pleased to announce the availability of a new GnuPG release:
version 2.2.17. This is maintenance release to mitigate the effects of
the denial-of-service attacks on the keyserver network. See below for a
list changes.
About GnuPG
===
The GNU Privacy Guard (GnuPG, GPG) is
Hi Wiktor,
[https://metacode.biz/openpgp/web-key-directory]
Am Dienstag 09 Juli 2019 15:50:01 schrieb Wiktor Kwapisiewicz via Gnupg-users:
> On 09.07.2019 15:02, Bernhard Reiter wrote:
> > Note that on Wiktor's page a few details are missing:
> > * policy file is needed
> > * directory listi
Hi Bernhard,
On 09.07.2019 15:02, Bernhard Reiter wrote:
Note that on Wiktor's page a few details are missing:
* policy file is needed
* directory listing strongly recommend to be off
* minimum version of gpg that has --with-wkd (some versions don't).
Policy file is checked during WKD ch
Hi,
Am Sonntag 07 Juli 2019 22:37:00 schrieb Johannes Zarl-Zierl:
> On Sonntag, 7. Juli 2019 20:48:12 CEST Wolfgang Traylor via Gnupg-users
wrote:
> > > is there a service or similar where I can check if this email address
> > > is properly WKD-enabled?
> >
> > https://metacode.biz/openpgp/web-ke
On Mon, 8 Jul 2019 18:45, gnupg-users@gnupg.org said:
> Is there a way to create a "Third-Party Confirmation signature"[1]
> using the gnupg command line interface?
No. You need to add code for this which also requires that you have a
way to specify another signature packet.
Are you considerin
On Mon, 8 Jul 2019 16:17, gnupg-users@gnupg.org said:
> false negatives. It only supports the 'direct' method, where the key
> has to be hosted on `example.org` instead of `openpgpkey.example.org`.
BTW, the openpgpkey subdomain method was accidently not available in
2.2. This will be fixed wit
11 matches
Mail list logo
