Re: How to 'un-sign' a key?

John W. Moore III wrote: > Joel C. Salomon wrote: > > Folks, > > > I foolishly signed a key I had not verified well, and the signed version > > is on a keyserver. How can I unsign it? > > Select the Key with the offending Signature and revoke the Signature. > > the command is --revsig form the Edi

Re: How to 'un-sign' a key?

Joel C. Salomon wrote: > I foolishly signed a key I had not verified well, and the signed version > is on a keyserver. How can I unsign it? > Go back in time. Seriously, there's nothing you can do about it once it's on a keyserver. ___ Gnupg-users m

Re: What do if forgot password?

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 don rhummy wrote: > What does GPG have to recover my data if i forgot my password? Well, it won't stop you from trying to brute-force guess your password until you get it right. Of course, depending on what you do remember about your passphrase,

Re: set type digest mode? plus other query

Robert J. Hansen wrote: > Andrew Berg wrote: > > 6.5.8 seems popular. Any idea why? > > It was the last version of PGP to be released freeware for UNIX. Ah. > PGP 6.5.8, like PGP 2.6, is "good enough for most people and purposes." > Which means that no matter how

Re: set type digest mode? plus other query

Robert J. Hansen wrote: > A: Depends on who you correspond with. There are still a lot of PGP 6 > installs out there. 6.5.8 seems popular. Any idea why? -- Key ID: 0xF88E034060A78FCB Fingerprint: 4A84 CAE2 A0D3 2AEB 71F6 07FD F88E 0340 60A7 8FCB Windows NT 6.0.6001.18145 | GPG 1.4.9 | Thund

Re: Testing a build

Werner Koch wrote: > It just happens that I use Debian and that you can simply do an "apt-get > install mingw32". But there is no reasons why you can't build that > chain from any other platform. Unfortunately, I am unable to run anything but Windows right now (the reason is way off topic) unless

Re: Testing a build

Initial testing (I encrypted a few files symmetrically using 3DES) shows that Werner's generic build is actually faster. Werner, which version of gcc do you use (or do you use something else?)? I used gcc 3.4.5 (anything higher for Windows is in alpha or experimental AFAIK). Correct me if I'm wron

Testing a build

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 How would one go about making sure everything works? I built GPG for Windows following the instructions at http://clbianco.altervista.org/gnupg/eng/gnupg.html (a link at gnupg.org/download.html). Unfortunately, I cannot find the libcurl package me

Re: Installation gnupg on Windows

> The point of %path% is to search /directories/. A file is out of context > and meaningless here. Thought I added this: Use the GPG directory, and not the GPG executable itself. -- Key ID: 0xF88E034060A78FCB Fingerprint: 4A84 CAE2 A0D3 2AEB 71F6 07FD F88E 0340 60A7 8FCB Windows NT 6.0.6001.18063

Re: Installation gnupg on Windows

Faramir wrote: > My PATH variable has the following values: > %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;"c:\archivos > de programa\gnu\gnupg\gpg.exe" The point of %path% is to search /directories/. A file is out of context and meaningless here. -- Key ID: 0xF88E034060A78FCB F

Re: Installation gnupg on Windows

Werner Koch wrote: > I do not think that this is a too good idea. Newer version of GnuPG (in > particular Gpg4win) add a whole bunch of DLLs and other binaries to this > directory. Thus they would all be public and wrong DLLs might get used > by other applications. I installed the regular package

Re: Installation gnupg on Windows

Faramir wrote: > and the only other thing it would be advisable to do, is to add > gpg.exe to Windows's path environment variable, so you can use it at > command line from any folder... The directory, not the executable itself. -- Key ID: 0xF88E034060A78FCB Fingerprint: 4A84 CAE2 A0D3 2AEB 71F6

Re: can't change to my real name on this mailing list

kurt c wrote: > I don't know if this is more of a ThunderBird question. I have already > changed this dummy kurtc name to my real name lawrence in the setting of > my Gmail account, but somehow on this mailing list I still appear as > "kurtc". I read it's because the outgoing server name is still u

Re: Publish Certificates

Carlos Williams wrote: > On Mon, Aug 18, 2008 at 8:25 PM, Andrew Berg <[EMAIL PROTECTED]> wrote: >> gpg --list-keys [EMAIL PROTECTED] >> will show your public key's properties (including the key ID). > > How do I make out which is my key ID? It is not clear and I c

Re: revocation certificate command

kurt c wrote: > What should I do now? I hope it's not too late to generate a revocation > certificate now that the key has already been created and sent to keyserver. Nope. If you lose your secret key, then it's too late. -- Key ID: 0xF88E034060A78FCB Fingerprint: 4A84 CAE2 A0D3 2AEB 71F6 07FD F

Re: public newer than the signature

Robert J. Hansen wrote: It is ridiculously hard to come up with a robust time and date standard. Why is that? Note that in some instances, GnuPG will use an ISO date format as opposed to seconds-since-Epoch. Is this for non-Unix-like systems or is it something completely different? -- Key ID:

Re: public newer than the signature

Faramir wrote: Then I began to think... what does 06/09/08 mean? Here (at Chile), that would mean September 6, 2008. But on USA, that means June 09, 2008. Clearly, since we are at August 11, 2008, the time format in the output message is mm/dd/yy. But my windows is using dd/mm/, so, maybe at

Re: I may have the wrong secret key...

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 I have the right key. Thanks to everyone who confirmed it for me. I would've sent myself one, but GMail thinks it's helpful when it takes emails with my address in the From: field out of my inbox. - -- Key ID: 0xF88E034060A78FCB Fingerprint: 4A84

Re: Some questions

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 reynt0 wrote: | So two-fingered simpleton typing, or carpal tunnel syndrome | typing, may be a protection :-) . And I guess, type at | least your passwords, etc, in a way strange for you and for | your keyboard. I've gotten into the habit of ty

I may have the wrong secret key...

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 I've moved between systems, and I may have an old secret key. Would someone please verify that A) the signature is indeed from 0xF88E034060A78FCB (it seems to be, but I want to be sure), and that I can decrypt messages encrypted to that key (i.e.

Re: public key newer than the signature

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Ludwig Hügelschäfer wrote: | I assume, FAEBD5FC is very well known and in a lot of keyrings. Can | somebody check please? 32370053 seconds is 374,6533912037 days, 9 more | than a year... | | Greetings | | Ludwig It wasn't originally on my keyring

Re: Problem with default key

andrea giovannoni wrote: Hi, I have a problem with my default key. gpg --default-key 0x12345578 gpg: Go ahead and type your message ... Can you help me? Because you have not specified a file, GPG tries to read from stdin. Because there is nothing there, you see that message. The --default

Re: export key: access denied

kurt c wrote: Ah so sorry, I run into another problem. I followed the instruction and typed into my command prompt gpg --export -a 0x8e758d5f>mykey.asc in order to create an ASCII armored version of my key and somehow I got the reply: "access is denied". Why? Why? Why? What was your working d

Re: [admin] What is top posting, and why should you avoid it?

Faramir wrote: Andrew Berg escribió: Faramir wrote: It happens too with pop3... I hate that "feature"... well, it (gmail) had to have some disadvantage... Not in my experience. That's why I use POP3 instead of IMAP. Do you mean you can see the messages you send to the li

Re: [admin] What is top posting, and why should you avoid it?

Faramir wrote: It happens too with pop3... I hate that "feature"... well, it (gmail) had to have some disadvantage... Not in my experience. That's why I use POP3 instead of IMAP. -- Key ID: 0xF88E034060A78FCB Fingerprint: 4A84 CAE2 A0D3 2AEB 71F6 07FD F88E 0340 60A7 8FCB Windows NT 6.0.6001.

Re: [admin] What is top posting, and why should you avoid it?

Alexander W. Janssen wrote: Andrew Berg wrote: On a side note, is there any reason I didn't see the last message I sent to the list? You're using Gmail... And probably IMAP? Common problem. Google calls it a "feature". You need to open the "All Mail" folder i

Re: question about hkp protocol

kurt c wrote: what's the $ before "gpg for? It's part of the prompt string. $ is for a normal user, # for root (this is for Unix-like systems). Your headers indicate that you're using Windows (I have a nifty little extension for Thunderbird that scans headers for MUA information and displays

Re: [admin] What is top posting, and why should you avoid it?

Alexander W. Janssen wrote: Andrew Berg wrote: James P. Howard, II wrote: A minor vent: the problem now is the proliferation of mobile devices which make it too difficult to not top post. Users, at this point, are fooled into thinking this is the correct form due to the lack of a practical

Re: [admin] What is top posting, and why should you avoid it?

John B wrote: On 17 July 08, John Clizbe wrote: A4: Yes, *only* when introducing the text of a forwarded message Q4: Is it ever OK to top post? A: Wrong, it's *never* correct, it leads only to someone, *again*, trying to argue that somehow it's okay, and still discombobulates everything.

Re: [admin] What is top posting, and why should you avoid it?

James P. Howard, II wrote: A minor vent: the problem now is the proliferation of mobile devices which make it too difficult to not top post. Users, at this point, are fooled into thinking this is the correct form due to the lack of a practical alternative. I think top-posting is common historic

Re: I need a portable GUI for GnuPG

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Werner Koch wrote: | Thunderbird is free Software and one of the | most important properties of Free Software is that you are allowed to | distribute modified copies. | | But beware, the Mozilla Corporation has a trademark on the name of | Thunde

Re: I need a portable GUI for GnuPG

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Faramir wrote: | Hello! | I have been carrying portable thunderbird with portable gnupg in | my flash memory stick, plus GPGShell, and it works fine. But GPGShell | licence forbids to redistribute it. The idea is to make that "combo" | avai

Re: One Time Password and GnuPG (OT tangent)

Robert J. Hansen wrote: Having not seen John's original message come through on GnuPG-Users, I can only assume that you are taking public something that he sent off-list, presumably for good reason. Please do not do this. It's rude. I don't do this intentionally. That message was threaded (by

Re: One Time Password and GnuPG

John Clizbe wrote: Andrew Berg wrote: Bricks can be hallowed out. :P HOLY BRICKBATS, BATMAN! Would such bricks then be filled with the Holy Spirit to give them strength? I must assume you meant 'hollowed'. Yes I did. Of course, little plastic angel-like wings could be added f

Re: One Time Password and GnuPG

Robert J. Hansen wrote: If you don't have physical security over your hardware, you don't have anything. You cannot use GnuPG safely on a malicious machine Exactly. There are keyloggers (both hardware and software), screenloggers, USB drive copy programs, and a lot of other nasty stuff you'll

Re: GnuPG (win32) on a USB stick

John Clizbe wrote: Andrew Berg wrote: John Clizbe wrote: set GNUPGHOME=x:\location\you\want It would be inconvenient (and inconsiderate to the host machine's owner(s)) to set an environment variable on every machine encountered, wouldn't it? Sven's idea is

Re: GnuPG (win32) on a USB stick

John Clizbe wrote: set GNUPGHOME=x:\location\you\want It would be inconvenient (and inconsiderate to the host machine's owner(s)) to set an environment variable on every machine encountered, wouldn't it? Sven's idea is much better, I think. ___

Re: Corporate use of gnupg

Robert J. Hansen wrote: Andrew Berg wrote: Well, /I/ could've told you that. Don't tell me you never figured that out on your own. Unless your day job involves being intimately involved in IP transactions (not just writing code), you could have _speculated_ on that. Althou

Re: Corporate use of gnupg

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Robert J. Hansen wrote: | The last time I talked to a patent lawyer about software (I had a nifty thing I wanted to implement and needed to make sure I wasn't walking into a patent lawsuit), I paid my $200/hr and got this bit of professional a

Re: How to remove a key from keyserver?

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Robert J. Hansen wrote: > Andrew Berg wrote: >> Robert J. Hansen wrote: >>> In the universe of practicability, what he wants to do is not possible. >> I know that. I just forgot to add that I know it. > > Firs

Re: How to remove a key from keyserver?

John Clizbe wrote: > You are contemplating the successful completion of a task both so extremely > effortful and futile as to rightly proclaim the description Sisyphean. > Robert J. Hansen wrote: > In the universe of practicability, what he wants to do is not possible. I know that. I just forgot

Re: How to remove a key from keyserver?

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Robert J. Hansen wrote: > You don't. This isn't possible. Well, it could be /possible/, but many steps would be difficult, illegal, expensive, or some combination of the three. - -- Windows NT 5.1.2600.2180 | Thunderbird 2.0.0.6 | Enigmail 0.

Re: Odd characters in Thunderbird compose of gnupg

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Robert D. wrote: > thank you for the help. I have relayed it to my friend. Mind you, > she's off again to her family and I am unable to watch the > "repairs" first hand. There's also another way to handle it that I forgot to mention. If you have

Re: Odd characters in Thunderbird compose of gnupg

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Robert D. wrote: > However, this started a different problem on her XP machine. Namely, > from a command prompt, typing in gpg yields an error stating that gpg > isn't registered or available or located or whatever. > > I took it to mean that gpg

Re: GnuPG in Linux

Charly Avital wrote: > My question, please help: where, how can I find and open, actually open > and edit as required, gpg.conf? You have to create the file yourself and place it in ~/.gnupg. Robert suggested gedit, but if you have KDE (you mentioned that you installed kgpg), you can use Kate or KW

Re: GnuPG 1.4.7 and OS X 10.5

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Robert J. Hansen wrote: > I'm currently running GnuPG 1.4.7 on OS X 10.5 (Leopard). While I > haven't done any serious regression testing, routine operations > appear to work just fine. Damn. And I was hoping you'd get your fiber for the day. *s

Re: For Mac users: the oncoming Mac OS X 10.5 "Leopard"

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Robert J. Hansen wrote: > I will eat my own hat if GnuPG has any problems whatsoever with > Leopard. From all that I know of Leopard, GnuPG will continue to > work just fine. > > I will be getting Leopard very soon after release. If there are >

Re: Compression routines - please include 7-Zip

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Henry Hertz Hobbit wrote: > It is so blisteringly fast that it is time to give credit where > credit is due. I had it updating our (my?) PAC filter. Even with > copying the executable for 7zip.exe on Windows it is so blisteringly > fast I can't

Not sure how to build w32pth

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 If I run ./configure, it tells me it can only build for w32. If I run ./autogen.sh --build-w32, it tells me to run make distclean. If I run make distclean, it tells me there is no rule for distclean and stops. - -- Windows NT 5.1.2600.2180 | Thu

Re: [Announce] GnuPG 2.0.5 released

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Werner Koch wrote: > * Basic support for Windows. Could you be more specific? - -- Windows NT 5.1.2600.2180 | Thunderbird 2.0.0.4 | Enigmail 0.95.2 | GPG 1.4.7 Key ID: 0xF88E034060A78FCB - available on major keyservers and upon request Fingerpr

Re: Algorithm 11

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Charly Avital wrote: >> I built it from source from gnupg.org. No SHA224, no bzip2. > I believe it is because the src that is posted does not include > libgcrypt 1.3.0 It doesn't include any libgcrypt. The configure script said I didn't have it,

Re: Algorithm 11

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Charly Avital wrote: > Under MacOS 10.4.9, I run gpg2 from a binary installer compiled by > Ben Donnachie: > > item > 'mac-gpg 2.0.4-2.zip that uses libgcrypt 1.3.0 with support for > SHA224:

Re: algortihm 11

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 John Clizbe wrote: > Also, this is a *known error*, see this thread, 'Algorithm 11 not > available', > http://lists.gnupg.org/pipermail/gnupg-users/2007-April/030974.html > > > It stems from the fact that the cipher library in gpg2 does not > hav

FireGPG (correction)

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 There was a mismatch of GPG versions. I fixed that, and FireGPG makes valid signatures with GPG 2.0.4. The "algorithm 11 not available" problem remains, though. - -- Windows NT 5.1.2600.2180 | Thunderbird 2.0.0.4 | Enigmail 0.95.2 | GPG 1.4.7 Ke

"algorithm 11 not available"

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 gpg2 -k returns some public keys, then this: > DBG: md_enable: algorithm 11 not available gpg: O j: ... > this is a bug (sig-check.c:450:check_backsig) Aborted (GPG 2.0.4) I'm testing FireGPG in Linux, and entered a lower-case 'k' by mist

Re: Two questions

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 John Clizbe wrote: >>> You also may wish to specify the new key as the default-key >>> along with various other helpful settings in gpg.conf. >> I can't get the format right. > > default-key 0xdecafbad# use this key to sign > default-recipien

Re: Two questions

) unique key ID. "Andrew Berg" returns my old key; "Andrew Berg <[EMAIL PROTECTED]>" returns the newer key. > I'm not sure if this answers your question. Here is another answer > to your question with a different interpretation: If you have a key > with mu

Two questions

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 1. Why is it using RIPEMD160, when my preference is SHA256? > C:\Documents and Settings\backup\ThunderbirdPortable\App\gpg>gpg > --edit-key "Andrew Berg <[EMAIL PROTECTED]>" gpg (GnuPG) > 1.4.7; Copyright (C) 2006 F

Re: If the message is encrypted symmetrically...

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 > GPG creates a random key from a source of entropy such as > /dev/random. This key is used in a symmetric cipher such as AES128 > to encrypt my message. > This symmetric KEY is then ENCRYPTED using your public key and > attached to the end of t

Re: If the message is encrypted symmetrically...

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Joseph Oreste Bruni wrote: > By definition of symmetric encryption, you must use the same key to > decrypt that was used to encrypt. I'm not sure what you're really > asking. > > When you say "public key is used to generate symmetric key" you >

If the message is encrypted symmetrically...

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Why can't I use the same (symmetric) key I used to encrypt (public key is used to generate symmetric key that the corresponding private key can calculate) to decrypt? - -- Windows NT 5.1.2600.2180 | Thunderbird 2.0.0.4 | Enigmail 0.95.1 | GPG 1.

Re: RSA 1024 ridiculous

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Joseph Oreste Bruni wrote: > On Jun 19, 2007, at 7:36 AM, Andrew Berg wrote: > >> I wonder how many more people are going to tell me this, even >> after I've demonstrated that I understand the concept (I'm prett

Re: RSA 1024 ridiculous

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Janusz A. Urbanowicz wrote: > On Sun, Jun 17, 2007 at 01:02:58PM -0500, Andrew Berg wrote: >> -BEGIN PGP SIGNED MESSAGE- >> Hash: RIPEMD160 >> >> Atom Smasher wrote: >>> gpg does support RSA-2048/SHA-

Re: RSA 1024 ridiculous

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Sven Radde wrote: > The actual "bulk" data processing is done by a symmetric algorithm > / hash function. You only encrypt the key to the symmetric > algorithm / sign the hash value. Both are typically 256bit or > smaller. > > In fact, the larger

Re: RSA 1024 ridiculous

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Robert Hübener wrote: > Andrew Berg wrote: >> Try signing/encrypting files that are tens, hundreds, or >> thousands of megabytes in size. Sure, your average machine can >> sign/encrypt messages that don't even fill a c

Re: RSA 1024 ridiculous

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Atom Smasher wrote: > gpg does support RSA-2048/SHA-256 (or even RSA-4096/SHA-512) which > is what i've been using for a while now. i'll sign this email with > RSA-2048/SHA-256 (my default on this key) just to show what it > looks like. it's a

Re: RSA 1024 ridiculous

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Remco Post wrote: > Does gnupg support elliptic curve crypto? ;-) I found this link on the Wikipedia page: http://www.calcurco.cat/eccGnuPG/index.en.html - -- Windows NT 5.1.2600.2180 | Thunderbird 2.0.0.4 | Enigmail 0.95.1 | GPG 1.4.7 Key ID: 0

Re: RSA 1024 ridiculous

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Snoken wrote: > Hi, I just read the latest CRYPTO-GRAM, June 15, 2007, by Bruce > Schneier. He writes: > > "We have a new factoring record: 307 digits (1023 bits). It's a > special number -- 2^1039 - 1 -- but the techniques can be > generalized

Re: decrypt and secret key location

1, > keyid BBC3C45BBBC5C9CF data: [2046 bits] gpg: public key is > BBC5C9CF :encrypted data packet: length: unknown mdc_method: 2 gpg: > using subkey BBC5C9CF instead of primary key 60A78FCB gpg: > encrypted with 2048-bit RSA key, ID BBC5C9CF, created 2007-04-20 > "Andrew Berg &l

Re: initial GnuPG install?

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Claude Poliakoff, MD FACS wrote: > downloaded and installed the Windows XP binary, tried entering > gpg.exe in a DOS cmd window, and command not recognized, so off to > Control Panel>System>advanced tab & added ;C:\Program > Files\GNU\GnuPGwi

[Fwd: Re: decrypt and secret key location]

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Bruno Costacurta wrote: > Hello, I received an encrypted file called 'test.asc' (recipient is > correct, hereafter it is truncated) but trying to decrypt it I have > following error : > > gpg --decrypt test.asc gpg: encrypted with 2048-bit ELG-E

Re: Can't run GPG --recv-keys under Windows Vista.

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Henry Hertz Hobbit wrote: >> 1. Vista considers the %ProgramFiles% area as semi-protected. >> Since GnuPG is installing into this area, it is a reason for >> concern. IIRC, NT 5 and higher (and probably 9x) treat %programfiles% that way. But, sin

Re: easy way to confirm email validity

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Peter Todd wrote: > The *only* thing included in the hash is what is between the START > and END bits, that's it, no headers no nothing. I'm not positive, > but I belive the MIME based PGP is pretty similar. Of course, this > means that you can f

Re: decryption not possible?

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 engage wrote: > I wasn't prompted for a passphrase! Perhaps the message was only ASCII-armored. - -- Windows NT 5.1.2600 | Thunderbird 2.0.0.0 | Enigmail 0.95.0 | GPG 1.4.7 Key ID: 0x60A78FCB - available on major keyservers and upon request Fing

Re: Feature request: load gpg.conf from the same directory as GPG

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 John Clizbe wrote: > FWIW, the "look for gpg.conf > in same directory as executable" idea, falls apart if you ever need to have > additional copies of GnuPG in the case of different OS or CPUs. There's not really a directory that W32, Mac, and*ni

Re: Feature request: load gpg.conf from the same directory as GPG

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Peter S. May wrote: > Andrew Berg wrote: >> In instances where GPG is used on a portable drive and used on >> different machines, it is much better to have gpg.conf read from the >> same directory as GPG rather than read fr

Re: Printing Keys and using OCR.

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Benjamin Donnachie wrote: > David Shaw wrote: >> For paper to last 100 years is not even vaguely impressive. Paper >> regularly lasts many hundreds of years even under less than optimal >> conditions. > > All seems rather academic to me as I wou

Re: Printing Keys and using OCR.

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Ryan Malayter wrote: >> Aren't optical discs supposed to last for many decades if stored >> properly and almost never used? > Theory and practice are often far apart. The price of CD media has > dropped so low that quality is often an issue. CDfr

Re: Printing Keys and using OCR.

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 David Shaw wrote: > Most of the storage media in use today do not have particularly > good long-term (measured in years to decades) retention of data. > If and when the CD-R and/or tape cassette and/or hard drive the > secret key is stored on bec

Feature request: load gpg.conf from the same directory as GPG

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 In instances where GPG is used on a portable drive and used on different machines, it is much better to have gpg.conf read from the same directory as GPG rather than read from %appdata%\gnupg or ~/.gnupg. Just to have it check the same directory,

Re: Old PC as Hardware Security Module?

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Sven Radde wrote: > unless you can calculate SHA-1 values in your head... I know it's off topic, but how hard would that be? I've never looked over the algorithm. How hard would it be to calculate MD5? MD4? CRC32? - -- Windows NT 5.1.2600 | Thun

Re: Old PC as Hardware Security Module?

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Robert J. Hansen wrote: >> I've been considering getting an OpenPGP Card, but there are >> three reasons I'm reluctant to. The main one is that I want >> something that will only do one signature or decryption at a >> time. That way if my machine

Re: Extra key best solution for very insecure locations?

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Janusz A. Urbanowicz wrote: > On Mon, May 07, 2007 at 04:27:55PM +0800, Jim Berland wrote: >> Hello everybody, >> >> I'm trying to find the best solution for using GPG on a USB drive >> while travelling. >> >> I read the FAQ about subkeys which s

Re: W32 version tries to write to /dev/null

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Werner Koch wrote: > On Mon, 7 May 2007 16:58, [EMAIL PROTECTED] said: > >> gpg: can't create `/dev/null': No such file or directory >> gpg: signing failed: file create error > > Fixed in my working copy by using /dev/nul instead How would that

W32 version tries to write to /dev/null

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 I used the -n switch to simulate signing and it returned an error saying that /dev/null doesn't exist. gpg -v -n -o "somefile" -s "someotherfile" returns gpg: can't create `/dev/null': No such file or directory gpg: signing failed: file create err

Re: Generating and storeing keys on usb pen

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Robert J. Hansen wrote: > ... Moral of the story: be very careful where you go plugging your > USB tokens into, recognize they are infection vectors and infection > targets, recognize they can be compromised, and act accordingly. Or better yet,

Re: GnuPG incompatible with windows-vista ?

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 I think that this problem came up before, and that one has to rename gpgkeys_hkp.exe to gpgkeys_curl.exe (or was it the other way around?; I can't remember). -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with M

Re: no-force-v3-sigs

Laurent Jumet wrote: > Hello Andrew ! > > Andrew Berg <[EMAIL PROTECTED]> wrote: > >>> owNCWmg2MUFZJlNZdJmIEgAAe3///nJoRmAH/Niv/3AAf///6gBYUQJIRKgCBAGA >>> EDAAMkCwANlIioNAGmgAAyAAAaA0aAAB6hoaA0YhwaNGgaDQGTEBkaGQABppkAAA >>> wQAGqZNBPFTbVPQnqaB

Re: [Announce] GnuPG: remotely controllable function pointer [CVE-2006-6235]

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Ludwig Hügelschäfer wrote: > Enigmail didn't even indicate a signed message :-(( Same here. - -- /\_/\ /\_/\ /\_/\ ( o.o ) ( o.o ) ( o.o ) > ^ < > ^ < > ^ < Don't make me send my ASCII kitten minions. Key ID: 0x9C6CC3A3 Fingerprint: 5474

Re: Logo ballot reminder

Joseph Oreste Bruni wrote: > Werner, your original ballot announcement ended up in my "Junk" box > accidentally by my filter. I only noticed it after a rare venture to > look to see what was there. Perhaps the HTML email is setting off > people's filters? I don't think HTML was why, it could be bec

Re: [Announce] GnuPG 2.0.1 released

Johan Wevers wrote: > Werner Koch wrote: > > >> This is maintenance release to fix build problems found after the >> release of 2.0.0 and to fix a buffer overflow in gpg2 >> > > Will there come a 1.4.6 too? > > Yes. I don't remember if this was asked, but will 1.4.6 have a Win32 build