On Sun, 30 Jun 2019 at 22:23:11 +, Alyssa Ross wrote:
>> Third-party signatures from locally unknown certificates are arguably
>> not so useful, so how about using ?--keyserver-options import-clean??
>> (Or even making it the default behavior?) Of course it's not perfect as
>> it still clutter
On Sun, 30 Jun 2019 at 00:36:19 -0700, Mirimir via Gnupg-users wrote:
> | High-risk users should stop using the keyserver network immediately.
>
> So OK, I can purge requests to SKS keyservers from my machines. But what
> about upstream impacts? As I understand it, GnuPG authentication is
> pervas
Hi,
On Fri, 09 Nov 2018 at 16:12:19 +0100, Peter Lebbing wrote:
> On 07/10/2018 03:01, Daniel Kahn Gillmor wrote:
>> Does this make sense? you just need to make sure you tie the version of
>> gpg and the keyring into the same initramfs build time.
>
> The problem is that the gpg invocation is no
Hi there,
On Sun, 23 Sep 2018 at 16:19:22 -0400, Daniel Kahn Gillmor wrote:
> But the real question is: why do you need this, and what do you intend
> to do with it?
I believe it was a follow up to https://bugs.debian.org/903163, messages
≥160 in particular. TL;DR: for smartcard usage (decryptio
On Tue, 23 Jan 2018 at 09:01:25 +0100, Simon Josefsson wrote:
> Guilhem Moulin writes:
>> On Mon, 01 Jan 2018 at 14:28:34 +0100, Simon Josefsson wrote:
>>> I want to use ed25519/curve25519, but right now I have an offline
>>> master RSA key with three subkeys. D
Hi Simon,
On Mon, 01 Jan 2018 at 14:28:34 +0100, Simon Josefsson wrote:
> I want to use ed25519/curve25519, but right now I have an offline
> master RSA key with three subkeys. Does it work well to add new
> subkeys for Ed25519/Curve25519? What is the user experience in
> various applications?
On Fri, 22 Sep 2017 at 22:32:37 +0200, Kristian Fiskerstrand wrote:
> And what happens if you do gpg --import-options import-clean --recv-key
> ? is the bad MPI value sigs removed or still there in that case?
Should be `gpg --keyserver-options import-clean --recv-key $keyid`; or
alternatively, `gp
On Fri, 30 Jun 2017 at 18:29:41 +0200, Peter Lebbing wrote:
> It would be really good if the SSH agent protocol would be extended to
> communicate on which tty a request comes in. Without updates to the SSH
> protocol, there is simply no way to know where it comes from.
I also hope some day this w
Hi Martin,
On Wed, 21 Jun 2017 at 11:03:40 +0200, martin f krafft wrote:
> And then check this out:
>
> % gpg --edit-key 0x55C9882D999BBCC4
> […]
>
> key 55C9882D999BBCC4:
> 24 duplicate signatures removed
>
> That's a bit weird. Where do these come from?
The OpenPGP packets were not ordered p
Hi,
On Sat, 14 Jan 2017 at 12:17:01 +, MFPA wrote:
> In fact, nearly a hundred signatures seem to be on the subkey
> 0x73CC004C3EE4249E rather than on any of the UIDs.
> […]
> Can anybody explain?
Using GnuPG ≥2.1.13, running `gpg --edit-key $keyID check save` should
fix it locally, cf. https
On Tue, 14 Jun 2016 at 23:17:59 +0200, Werner Koch wrote:
> On Tue, 14 Jun 2016 14:11, manto...@vollbio.de said:
>> This key has been created as a more or less default 3k RSA key, and I added
>> an
>> ECC encryption subkey with curve25519 after creation.
>> What I am missing is the curve field fil
On Fri, 12 Feb 2016 at 20:57:18 +0100, Werner Koch wrote:
> On Fri, 12 Feb 2016 13:51, guil...@fripost.org said:
>> However it seems to be a noop with 2.1.11, unless the deprecated option
>> ‘--keyserver’ is also given. From the manpage it looks like only some
>> not all keyserver options are depr
Hi there,
With 1.4.x and 2.0.x ‘--keyserver-options auto-key-retrieve’ provided a
convenient way to automatically download a missing key, when verifying a
message signature in the MUA for instance.
However it seems to be a noop with 2.1.11, unless the deprecated option
‘--keyserver’ is also given
On Fri, 27 Nov 2015 at 12:39:30 +0300, Dmitrii Tcvetkov wrote:
> In this case passphrase is needed to decrypt private key from keyring.
> Becuase of passphrase is not provided gpg-agent can't give gpg the
> private key.
Or perhaps Andrey tries to export an *unprotected* private key using
GnuPG 2.
On Thu, 17 Sep 2015 at 13:56:51 +0200, Werner Koch wrote:
> To add this flag I need to find documentation on how to route DNS
> requests via tor. A simple record lookup is not sufficient.
Unfortunately this doesn't seem to be possible currently, since at the
end of the circuit creation the e
On Thu, 11 Dec 2014 at 13:22:28 +0100, Peter Lebbing wrote:
> On 11/12/14 11:39, Werner Koch wrote:
>> I will be at the 31C3 at Hamburg from the 28th (late afternoon) to the
>> 30th. You may find me at the FSFE Assembly or ask there for my local
>> communication parameters.
>
> I intend to organi
16 matches
Mail list logo
