Re: Thoughts on Keybase

John Clizbe wrote: > Does look interesting. Anyone have and willing to share an invite? > > Reply off-list please. > Invite received. Thanks to those who offered. -J -- John P. Clizbe Inet: John (a) Gingerbear DAWT net SKS/Enigmail/PGP-EKP

Re: Thoughts on Keybase

Robert J. Hansen wrote: > Keybase (https://keybase.io) is trying to solve the Web of Trust problem > in a new way. They're currently in beta, but I was able to snag an > invitation. (I have no invites to give out, unfortunately.) The > following is just a write-up on how it works and what my

Fwd: [Enigmail] [ANN] Enigmail v1.7 available

As there are many Enigmail users who read this list, but not [Enigmail], I'm forwarding the announcement of the newest release of Enigmail, v1.7. There are quite a few changes in this release. As Patrick writes in the announcement: > As usually, it will take up to two weeks until the version will

Re: New to OpenPGP getting frustrated.

Aaron Chelf wrote: > Okay so I'm using Open PGP software in conjunction with Thunderbird in > Linux. I've figured out about everything except the only way I can add > public keys to my key ring so far is to save them as an attachment from > an e-mail sent to me. > How can I just copy a public key

Re: On the advisability of stronger digests than SHA-1 in OpenPGP certifications [was: Re: riseup.net OpenPGP Best Practices article]

Kristian Fiskerstrand wrote: > On 06/27/2014 03:54 PM, shm...@riseup.net wrote: > > >> Robert J. Hansen: >>> On 6/26/2014 5:57 PM, Daniel Kahn Gillmor wrote: PGP 8 was released over a decade ago, that's hardly a modern implementation: >>> >>> And yet, it still conforms (largely) to RF

Re: riseup.net OpenPGP Best Practices article

Robert J. Hansen wrote: >> Even if they did intercept them, are the Americans any good at >> interrogating a horse? > > Yes. We are world champions at beating dead horses. To interrogate a > horse, first simply shoot it in the head, and then we can leverage our > dead-horse-beating skills in ord

Re: Docs central, with 'Email Self-Defence'

Kristy Chambers wrote: > Although some people would probably deny, that it's not the job > gnupg.org to provide a good tutorial about using gpg for e-mail-security > with some other gpg-related software like Enigmail+Thunderbird, I would > really appreciate it. Bad tutorials on the web reaffirm my

Re: adele

Robert J. Hansen wrote: >>> Is there a source code or a recipe available somewhere? Is it written in >> >> Not that I know. > > I believe John Clizbe has a copy of the Adele source code. I still have the copy from when the Enigmail team translated to message file

Re: It's 2014. Are we there yet?

gt; from last time: start by reading up on academic papers studying this > exact problem. For a while John Clizbe and I kept a list of good > papers, but I have to confess I haven't been keeping up on the latest > literature. Still, our last list is pretty good reading. > >

Re: It's 2014. Are we there yet?

or so this subject comes up, and my answers are unchanged > from last time: start by reading up on academic papers studying this > exact problem. For a while John Clizbe and I kept a list of good > papers, but I have to confess I haven't been keeping up on the latest > literature. Still,

Re: trying to find a folder

Justin Quakenbush wrote: > wheres my gnupg folder? On Mac OS X (you're using Applemail) and other *nix platforms, it is ~/.gnupg, which is a shortcut for $HOME/.gnupg. A directory named .gnupg in your main user folder. Since the name begins with '.' it is normally hid from Finder and other file ma

Re: trying to find a folder

fa-ml wrote: > On Fri, Jan 24, 2014 at 04:37:11PM -0800, Justin Quakenbush wrote: >> wheres my gnupg folder? >> > > Have you tried checking 'man gpg' (search for 'FILES')? It should be > ~/.gnupg/ , echo $GNUPGHOME to make sure. GNUPGHOME isn't set by default. It is for overriding the default loc

Re: add a request for advocating crypto to the crypto tools

Hauke Laging wrote: > Hello, > > due to its rather little visibility for the average user this affects GnuPG > less than its GUIs (the mail clients in particular). It may well be used in > the GnuPG documentation (man, info, www). But I assume that many GUI (or more > general: crypto tool) deve

Re: Selecting your own key with Enigmail

Johan Wevers wrote: > On 23-10-2013 2:26, Olav Seyfarth wrote: > >> have you set your key HERE : >> https://www.enigmail.net/documentation/per-account.php ? > > Ah, not for this mail address. Thanks, I had not found this option. > Testing the signature now. OpenPGP menu --> Preferences. Click [

Re: OpenPGP Smartcard + signing email = two signatures?

Pete Stephenson wrote: > Hi all, > > I use Thunderbird, Enigmail, and GnuPG on Windows 7 (among others). > > I have my primary cert/sign key on one smartcard and two subkeys > (signature + encryption) on another. I have the "force signature PIN" > option enabled for both cards. > > Tonight I was

Re: CryptoList - Looking for beta testers

Kenneth Jones wrote: > Hmmm... Last two messages from Daniel prompt my Thunderbird/Enigmail setup > that an OpenPGP secret key is needed to decrypt the message (which nonetheless > shows up in cleartext). What's happening? Is it signed with a public key? Can > you do that? Why would one wnt to? >

Re: Signature timestamp ordering and dissecting

kwadronaut wrote: > Hi, > > Up until now, I always see signatures on a key ordered in chronological > fashion, with GnuPG, sks' web interface and enigmail. It's always in a > format with day, month and year (sometimes year-month-day or another > format of that data). Now I'm curious to see when a

Re: Fedora GPG Key Server

Marcio B. Jr. wrote: > On Sat, Sep 7, 2013 at 7:28 AM, Werner Koch wrote: >> On Thu, 5 Sep 2013 22:22, marcio.barb...@gmail.com said: >>> https://lists.fedoraproject.org/pipermail/announce/2013-September/003180.html >> >> Please do not post a mere link. This assume that everyone is online and >>

Re: GPG and Outlook revisited

Chris De Young wrote: > Hello, > > It's been some time since I looked at options for integrating GPG and > Outlook on Windows, and at the time there seemed to be no particularly > good solutions. GPG4Win/Enigmail/Thunderbird works great for my personal > use, but work mandates Outlook, and in l

Re: Recommended key size for life long key

; guesses, and the ultimate result would be an awful lot of confusion. A > great deal of heat and very little light. > > > [3] These guesses are completely made up, and I'm just using the names > of random people within the community. And Rob's friend, John Clizbe, has

Re: Can I revitalise an old key-pair?

Pete Stephenson wrote: > On Sun, Sep 1, 2013 at 2:57 PM, MartinHvidberg wrote: >> Or do I need to get one of my old computers up and running, hoping to find >> some sort of key file there. > > If you go through your old systems and are able to find the relevant > secret key files or the GPG/PGP k

Re: How to detect fingerprint and type of the key from pubring.gpg(public keyring file)?

Martin T wrote: > Hi, > > thanks for the reply! > >>> I think "method" in the example above is just indicating that this is a PGP >>> key. > > Exactly. However, how does RIPE server-side software detect that it's > a PGP key? Is this information(besides other information like key > creation dat

Re: best practice for handing over the private key

Martin T wrote: > Hi, > > I need to create a public and private key pair for a person > representing an organization, upload the public key to RIPE(regional > Internet registry in Europe) public server, create some database > entries using those public and private keys and finally hand over the >

Re: searching for keys

kardan wrote: > Hi, > > On Sat, 13 Jul 2013 20:20:16 -0500 Larry Brower > wrote: > >> http://keyserver.stack.nl also uses SSL. Is your main t that someone >> will see the keys you are looking for or retrieving? >> If this is the case then why not have them send them to you encrypted >> via email

Re: phrase "UNTRUSTED good signature" is dangerously misleading

Daniel Kahn Gillmor wrote: > On 07/13/2013 05:39 AM, Ximin Luo wrote: >> When we got to the part where we receive an email signed by a key which has >> not >> yet been verified by a trusted key, GPG outputs the familiar phrase >> "UNTRUSTED >> Good signature". Now previously, I didn't think too m

Re: charset weirdness with non-ascii User IDs

Daniel Kahn Gillmor wrote: > > Digging this old message up as i try to do some triage. i don't think i > ever heard a response about this. > > I'm still seeing the same problem, only with some UIDs and not others: > > > 0 dkg@alice:/tmp/cdtemp.fre2o5$ LANG=C gpg --keyserver keys.mayfirst.org

Re: Do we need / want (or already have) a mascot for OpenPGP?

Burkhard Schroeder wrote: > On 08-Jul-13 6:34 AM, Bob (Robert) Cavanaugh wrote: >> How about a lemur? They have masked varieties (and they are cute). >> Raccoon also comes to mind... > > But they are not associated with security. And security is not "cute". > > What about Erinaceidae ? They look

Re: Refreshing keys

Werewolf wrote: > Is there an option that when refreshing the keys, or batch command that > will download the keys needed to verify sigs of the keys on public key > ring? No, but it may be scripted. Example pulled from list archive: gpg --check-sigs| grep "User ID not found"|cut -b 14-21| sor

Re: Clarifying the GnuPG License

Henry Hertz Hobbit wrote: > The last time I looked at it, I had to install GPG4Win or > one of the GPG 1.x installs before I put Enigmail in THunderbird > on Windows. EnigMail is licensed under MPLv2/GPLv2 to avoid > licensing issues. If Enigmail doesn't bundle when they have > compatible licensi

Re: certificat for a key pair

Doug Barton wrote: > On 05/29/2013 11:28 PM, Henry Hertz Hobbit wrote: > | First, whose advice? > > The advice of the people who actually write Enigmail. All of your > irrelevant stuff aside, you still haven't explained yourself. Speaking as one of those people who took part in the discussion cre

Re: what is the option for "Use this key anyway? (y/N) y"

pradeep kumar wrote: > Hi Werner, > > Yes I have used both the commands as separate but when I am trying to run > command I am getting the below error can you please let me know how to > eliminate this. > > Inline image 1 > > But I can able to encrypt the files normally after asking "y" option.

Re: 1.4.12 beta installer for Windows

Veet Vivarto wrote: > Hello Werner, > > My friend and I, are working on a easy to use front-end for GPG for Windows > and Mac. > On Windows we are using the 1.4.11 because it only requires two files (.exe, > .dll) Just curious, which DLL? I just did a test with the 1.4.13 installer and didn't s

Re: RSA // OAEP // SHA-1

ved...@nym.hush.com wrote: > As the padding scheme in RSA, (OAEP) uses SHA-1, then , *eventually*, as > people move away from using SHA-1, and toward a V5 key where SHA-1 is not > used, > will it also be necessary to re-do the RSA padding to not use SHA-1, and > if so, would this fall under the op

Re: Paperkey 1.3

I.V. Frost wrote: > > Am I the only having trouble both the key for this message and the one > with the binaries? My installation tells me it is not Key ID: > 0x99242560 but key 0xA1BC4FA4 which is not found on any server that I use. > Something sounds odd about the search criteria or keyserver

Re: [ANN] Hockeypuck: OpenPGP Keyserver

Casey Marshall wrote: > On 11/05/2012 11:12 AM, Kristian Fiskerstrand wrote: >> On 11/05/2012 04:04 PM, Daniel Kahn Gillmor wrote: >>> On 11/04/2012 10:46 PM, Casey Marshall wrote: I’d like to share Hockeypuck, an OpenPGP Keyserver I’ve developed in Go (http://golang.org). >>> Cool, i'm

Re: new release of GPA

Robert J. Hansen wrote: > On 10/29/2012 2:05 PM, User wrote: >> You may want to take a look at GPGshell for an alternative. > > GPGshell is not Free Software, and for that reason it's not exactly > appropriate to recommend it on this list. Whether we agree or disagree > with the Free Software Fou

Re: Limit of maximum password length

j...@dodec.lt wrote: > Ok thanks, just found that compiling gpg without agent can be workaround > as well. > On 10/27/2012 10:17 PM, Robert J. Hansen wrote: >> On 10/27/2012 3:12 PM, j...@dodec.lt wrote: >>> Is it somehow possible to bypass ncurses dialog window? >> You want to use GnuPG 1.4, whic

Fwd: [Sks-devel] [Announcement] SKS 1.1.4 Released

Kristain left these groups off the initial email -John Original Message Subject: [Sks-devel] [Announcement] SKS 1.1.4 Released Date: Sun, 07 Oct 2012 22:24:27 +0200 From: Kristian Fiskerstrand To: sks-devel Hello, We are pleased to announce the availability of a new stable S

Re: Pseudonym (was Re: what is killing PKI?)

No such Client wrote: > With due respect Mr Lebbing, my initial post - > > http://lists.gnupg.org/pipermail/gnupg-users/2012-August/045291.html > > was in response to Mr. Hansen´s post > > http://lists.gnupg.org/pipermail/gnupg-users/2012-August/045269.html > > which (from my perspective) was

Re: what is killing PKI?

Robert J. Hansen wrote: > On 08/24/2012 07:33 PM, Robert J. Hansen wrote: >> Thank you, John. Simson Garfinkel has another one worth adding to the >> list, but I'm blanking on it for the life of me right now -- give me a >> day or two to dig through my pile of papers and I'll come up with it. > C

Re: what is killing PKI?

Robert J. Hansen wrote: > On 08/24/2012 08:24 AM, peter.segm...@wronghead.com wrote: >> I propose to you (and to the people who are putting all that hard >> work into gpg) that there are actually two "things killing PKI": > > At risk of sounding dismissive, I really don't care what your pet theory

Re: Elliptic Curve Cryptography

Sam Smith wrote: > Oh, phooey. You are right. I was mistaken. I meant PGP/MIME. I guess no ECC then? No... S/MIME --> X.509. PGP/MIME --> OpenPGP. ECC is part of OpenPGP with the issuance of RFC 6637 at the first of June this year. As Kristian pointed out, the GnuPG Development line currently su

Re: Malformed Revokation Certificate?

David Shaw wrote: > On Aug 8, 2012, at 5:24 AM, Jay Litwyn wrote: > >> On 2012-08-08 2:20 AM, Peter Lebbing wrote: >>> On 07/08/12 15:18, Jay Litwyn wrote: I submitted this revokation certificate to a couple of servers and they said it was malformed, and I had trouble guessing how to >>

Re: GPA and hkps

John wrote: > "Werner Koch" wrote in message > news:<87lijbfbzk.fsf__7982.15741892836$1340651488$gmane$o...@vigenere.g10code.de>... >> On Fri, 22 Jun 2012 23:22, jw72...@verizon.net said: >> >> > message when I use GPA to try retrieving a key. The message states >> > this: "There is no plugin ava

Re: RFE: --update-before-use

David Shaw wrote: > On Jun 14, 2012, at 4:34 PM, Robert J. Hansen wrote: > >>> 1) If the keyserver (of whatever type) isn't reachable... >> >> As you say, easy to solve: agreed. >> >>> 2) Concern that enough people turning this feature on would add >>> significant load to the keyserver network.

Re: can someone verify the gnupg Fingerprint for pubkey?

da...@gbenet.com wrote: > Hello Sam, > > Most people are normal users of pgp - I suspect there are few secret > government agents - not that they are likely to say so :) > though some believe them to be everywhere. Secret agents may or may not be here. Actual operatives one doesn't know if the

Unsubscribing (was Re: Draft of nine new FAQ questions)

Rupali Chitre wrote: > Hello, > > > I want to opt out from emails. I don't see unsubscribe option. How can I > opt out? > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users Visit the link above

Re: Some people say longer keys are silly. I think they should be supported by gpg.

tim.kac...@gmail.com wrote: > I think it should be okay to dredge up this topic ever couple years. From > what I am reading, links below, I do not feel comfortable with the key > length and algorithmic security offered by GPG's defaults. > > I have not been able to figure out how to get keylen

Re: Some people say longer keys are silly. I think they should be supported by gpg.

tim.kac...@gmail.com wrote: > I think it should be okay to dredge up this topic ever couple years. From > what I am reading, links below, I do not feel comfortable with the key > length and algorithmic security offered by GPG's defaults. [I think I write this same email on one list or another

Re: Why the "--export-secret-key" switch is not listed in help screen?

Mika Suomalainen wrote: > 06.05.2012 21:15, Peter Lebbing kirjoitti: >> It does say in the "gpg --help" output: > >>> (See the man page for a complete listing of all commands and >>> options) > >> There are many more options and also commands in the full man(ual) >> page. I suppose it was thought

Re: SSH Agent keys >4096 bit?

Ali Lown wrote: > I am trying to use gpg-agent for my ssh keys as well as my gpg keys, > but am unable to add my 8192 bit ssh key to the agent. > > Agent log reports: "2012-05-03 17:48:02 gpg-agent[2190] ssh keys > greater than 4096 bits are not supported" > > The limit appears to be arbitarily s

Re: Current key servers

Mustrum wrote: > How can we use private IPs ? > See below. > >>OK, here's my list of addresses: >>192.168.1.2 booboo # Windows 2003 Svr[*] >>192.168.1.4 yogi# Slackware Linux >>192.168.1.5 picnic # Slackware Linux >>192.168.1.18 basket # MacOS X >>192.168.1.19 horse # Solaris 10 >

Re: Current key servers

Faramir wrote: > El 12-04-2012 20:29, John Clizbe escribió: > ... > >>> pool.sks-keyservers.net adds them to its own list. So really, >>> that's the only address you need. :) > >> It's best to stick with the pool address, otherwise if you select

Re: Current key servers

Robert J. Hansen wrote: > On 04/12/2012 02:38 PM, Malte Gell wrote: >> Any new key servers recommended to use? > > No. > > pool.sks-keyservers.net isn't really very much of a keyserver. It > doesn't service your requests itself. Instead, it picks a random > known-good keyserver from the global

Re: libgpg-error-1.10 make install error

Abhilash Roy Gollamandala wrote: > Hi, > I am getting the following error: > > /bin/bash ../libtool --mode=install /usr/bin/install -c > 'libgpg-error.la ' > '/usr/local/lib/libgpg-error.la ' > libtool: install: /usr/bin/install -c .libs/libg

Re: List-packets help

John Gill wrote: > I know that gpg chooses common algos between the sender and recipient. > (I've not tested what will happen with recipients who have no > preferences in common with my enabled algos, but that's a problem for a > new day.) 3DES will be used. That's why it is an implementation MU

Re: List-packets help

John Gill wrote: > Please point me to a detailed explanation for the output of > list-packets. I have googled and read manuals, etc. but just can't seem > to locate the knowledge. RFC 4880 - OpenPGP Message Format https://tools.ietf.org/html/rfc4880 You may run into values from RFC 5581 - T

Re: [Announce] GnuPG 2.0.19 released

Werner Koch wrote: > On Tue, 27 Mar 2012 19:18, jw72...@verizon.net said: >> Outstanding! Hopefully the GPG4Win port for Windows will follow suit before >> long. Thanks for an awesome product and support. > > I am working on a maintenance release. I also plan to provide an > ultralight installer

Re: compilation information ?

Robert J. Hansen wrote: > On 3/14/2012 12:44 AM, brian m. carlson wrote: >> From looking at the source, I don't believe so. Note that the only case >> in which you have more than one option is Windows/DOS. > > GnuPG compiles just fine under the Intel C/C++ compilers, under the GNU > Compiler Coll

Re: invalid gpg key revocation

Faramir wrote: > El 06-03-2012 16:58, Peter Lebbing escribió: > ... >> The keyservers don't do any validation on revocation certificates; >> anyone who feels like it can add /invalid/ revocation certificates >> to your key to annoy you. But as soon as OpenPGP software imports >> the key from the ke

Re: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org

Jerry wrote: > On Mon, 30 Jan 2012 02:23:04 + > MFPA articulated: > >> That is an unfortunate consequence of signing my message with GnuPG; >> all lines lose trailing spaces and any line beginning with a dash gets >> prefixed with a dash and a space. > > That is because you are using "inline"

Re: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org

MFPA wrote: > Hi > On Monday 30 January 2012 at 2:13:48 AM, Jerry wrote: >> On Mon, 30 Jan 2012 01:52:44 + MFPA articulated: >>> Looking through recent postings, the signature >>> delimiter seems to appear in about half of the >>> messages on this list. >>> - -- >>> Best regards >>> MFPA >>> m

Re: hashed user IDs redux [was: Re: Creating a key bearing no user ID]

MFPA wrote: > On Saturday 28 January 2012 at 1:37:17 PM, John Clizbe wrote: > >> To achieve the two goals, you only need to put each in its own UID. Just >> remember once they locate the matching key, they will have all the >> information in all the UIDs. > > Which

Re: hashed user IDs redux [was: Re: Creating a key bearing no user ID]

MFPA wrote: > On Friday 27 January 2012 at 12:48:30 AM, Doug Barton wrote: >> put whatever you like in the name and e-mail fields, and notify the people >> you communicate with > > Which is exactly what I do already, using a key with "MFPA " as > its sole User ID. > >> There is no software modifi

Re: Why hashed User IDs is not the solution to User ID enumeration

Jerome Baum wrote: > On 2012-01-28 06:14, Robert J. Hansen wrote: >> It isn't just that no one's written the code: it's there's no community >> consensus to deploy such code, even if it were written. It would be a >> pretty major flag day. After all, if one keyserver enforces it and >> others don

Re: Why hashed User IDs is not the solution to User ID enumeration (was: Re: Creating a key bearing no user ID)

Peter Lebbing wrote: > And a curious person with a mean streak might sign a key with an obscured > e-mail > address with a signature saying "this is the key for > expires2...@rocketmail.com" > }:-]. Which is verifiable by hashing the e-mail address. And once "keyserver > no-modify" is implemente

Re: hashed user IDs redux [was: Re: Creating a key bearing no user ID]

Doug Barton wrote: > On 01/26/2012 15:41, MFPA wrote: >> The use of the word "harvesting" in this context suggests to me a >> concern about spamming rather than about privacy. And I would like >> the ability to protect my name as well as (or instead of) my email >> address. > > As I said the last

Re: Why hashed User IDs is not the solution to User ID enumeration (was: Re: Creating a key bearing no user ID)

MFPA wrote: > Hi > On Tuesday 24 January 2012 at 3:21:35 PM, in Daniel Kahn Gillmor wrote: >> Certainly, the keyservers will continue to support non-digested User IDs, >> so now tools will need to be able to handle both of them; we'll also need a >> policy for end-user agents to answer questions li

Re: Creating a key bearing no user ID

MFPA wrote: > On Monday 23 January 2012 at 3:04:45 PM, Holger wrote: > >> Please simply accept that it's an issue for me as well as many others. >> Harvesting is supereasy: full keydumps are readily available. Yep, Full keydumps are readily available. http://www.keysigning.org/sks/ Yep, harvesti

Re: 1024 key with 2048 subkey: how affected?

Chris Poole wrote: > On Mon, Jan 23, 2012 at 4:52 PM, brian m. carlson > wrote: > >> Because it's also used to sign other people's keys. Using a very large >> key (for 256-bit equivalence, ~15kbits) makes verification so slow as to >> be unusable. You have to not only verify signatures on other

Re: Creating a key bearing no user ID

st and build my personal "star of trust"?! I have a very unique last name and I'm not afraid of the keyservers. I know of about six "John Clizbe"s. We differ by middle initial and name. BTW, if I represented an entity concerned with whomever you communicated, I would

Re: First-time gpg compile - compiling gnupg-1.4.11 for Windows - configure log

Barry Smith wrote: > Environ - Windows 7 (64Bit) > SeaMonkey 2.6.1 > Enigmail 1.3.4 > GnuPG 1.4.9 > GPG4Win 2.1.0 > GPGShell 3.78 (which is complaining about GPG 1.4.9, > but working) > > Problem -- There is no binary

Re: Short ID Collision

Dan McGee wrote: > > On Thu, Dec 29, 2011 at 2:18 AM, John Clizbe wrote: >> >> Jerry wrote: >>> >>> >>> >>> It would seem, and this is strictly my own opinion, that if the "old >>> >>> pksd" servers are de

Re: Short ID Collision

Dan McGee wrote: > On Thu, Dec 29, 2011 at 2:18 AM, John Clizbe wrote: >> Jerry wrote: >>> >>> It would seem, and this is strictly my own opinion, that if the "old >>> pksd" servers are dead then there is no logical reason to continue to >>&g

Re: Short ID Collision

Jerry wrote: > > It would seem, and this is strictly my own opinion, that if the "old > pksd" servers are dead then there is no logical reason to continue to > support them. Just my 2¢. If only all software support decisions were that cut and dried. Oh well... David Shaw committed patches to the

Re: windows binary for gnupg 1.4.11 // compilation instructions posted

ved...@nym.hush.com wrote: > So, if , for example, in a case where I don't have my laptop with me, (but I > do have a usb with gpg and keyrings, and a miniDVD with ubuntu), > > then, assuming there is no keylogger on the borrowed laptop, what > is the problem with booting from the ubuntu miniDVD,

Re: windows binary for gnupg 1.4.11 // compilation instructions posted

ved...@nym.hush.com wrote: > > Thanks, > I knew about the MSYS method, but not about the others, > but my point was about running gnupg from a flash drive. > > I was under the impression that there is no portable way to do that > on a flashdrive that doesn't have these systems installed on the

Re: windows binary for gnupg 1.4.11 // compilation instructions posted

ved...@nym.hush.com wrote: > BTW, > There is a unique advantage to running gnupg from cygwin on > windows, as it's the only way to make use of unix-like commands, > (cat, grep, printf, etc.) and pipe them to and from gnupg. ONLY? How much effort did you expend looking? The MinGW compiler folks p

Re: windows binary for gnupg 1.4.11 // compilation instructions posted

Werner Koch wrote: > Hi, > > there is a thing for Windows called System Services for Unix (SFU). It > is a modern POSIX implementation on top of the NT kernel but very > different to the old we-need-to-be-compliant-to-gov-ITBs Posix > subsystem. Did anyone ever tried to build a GnuPG on it? > >

Re: windows binary for gnupg 1.4.11 // compilation instructions posted

Johan Wevers wrote: > On 16-09-2011 21:30, Simone Cianfriglia wrote: > >> To achieve your desired result, it's required to run the exactly same >> compiler, including the version, with the same options targeting the >> correct architecture. Also a minor tweak in architecture settings >> could chan

Re: simple gpg syntax question

Yard, John wrote: > Forgive the simple gpg syntax issue, > > I have > > gpg --verbose --trust-model always --yes --armour --recipient X_UCLA --encrypt $T1 > > which encrpts a file , I would like to sign it in the same command , I would like the output to be $T1.asc > gpg -v --yes --trust-

Re: Best practice for periodic key change?

Hauke Laging wrote: > > BTW: Would it be a good idea for gpg to suggest the user to check for an > updated version of the key (or do it automatically before if configured to do > so) if it find an expired subkey? This would probably not work with the GUIs > though (but might make the GUI develo

Re: Conditional options directives

Kevin Kammer wrote: > Let us suppose that we have more than one private key on our keychain. Safe bet. > For this example, let's say we use one key to sign our personal email, and a > different one to sign software packages we host on a company server. There > may be settings in our gpg.conf

Re: Offline Master Key

David Shaw wrote: > > There is/was a HOWTO document for this method of handling keys written at one > point. I can't seem to find the link at the moment, but if someone has it > handy, please do post it. Adrian von Bidder's How-To, http://fortytwo.ch/gpg/subkeys, comes to mind. It's linked on th

Re: Slightly OFF TOPIC - Traffic analysis...in reverse?

Charly Avital wrote: > Hi, > > in the avalanche of news about the [recently] late Osama Bin Laden, I > noticed a small item: the area where he was caught had been *also* > defined/pinpointed by the lack of cellular phone communications. Among other anomalies at the compound: No cell traffic, no i

Re: Syncing Keys between multiple computers?

Christopher Tran wrote: > Whats the easiest way to keep GPG keys synced between my computers? Like, I have my MacBook, which is usually my main machine, but I also have my netbook which I prefer carrying around and sometimes I update my key with User IDs on either machine but the only way I have th

Re: OFF LIST - Your signed posts.

Mike Acker wrote: > thanks for the note > > i have PGP/MIME set ON so this should not happen (and HTML has to be MIMEd ) > > from your note it sounds like Thunderbird is sending BOTH .txt and .html > formats. I would expect your e/mail client to selecvt one of these -- > and either should verify

Re: Passphrase

Stephen H. Dawson wrote: > Dire need, hoping for help. > > I have my private and public keys, but you have neither the passphrase > nor a revocation certificate. I need to revoke my published key. Can > they recommend a bash script to discover the passphrase using brute > force on the private k

Re: Question regarding the migration of the pgp keyring to gpg

Pramod.R wrote: > Hi, > > We are migrating from pgp 6.5.8 to gpg 1.4.11. I had a question > regarding the migration of the public keys and the private keys: > > Is there a way where I could migrate the entire key ring at one go? I’m > currently extracting my keys from pgp using the pgp –dx comm

Re: keys not available for signed messages in this maillist

Bernhard Kleine wrote: > > I am quite sure that Grant Olson's key is on the keyserver, thus there > is no matter of hiding it, as robert j.hansen suggested. however, i > wonder why i can't retrieve it. > > gpg --search-keys A18A54D > gpg: Suche nach "A18A54D" von hkp Server pool.sks-keyservers.n

Re: keys not available for signed messages in this maillist

John Clizbe wrote: > Bernhard Kleine wrote: >> Hi, >> >> i wonder whether the keys from several members of this maillist should >> be available from the keyserver. e.g. Grant Olson signs all his messages >> here. evolution and gpg on ubuntu, however, fail to re

Re: keys not available for signed messages in this maillist

Bernhard Kleine wrote: > Hi, > > i wonder whether the keys from several members of this maillist should > be available from the keyserver. e.g. Grant Olson signs all his messages > here. evolution and gpg on ubuntu, however, fail to retrieve the public > key from the server: > > the message alway

Re: gpg: encryption failed: public key not found

123098 wrote: > > I've made a script that (among other things) encrypts some sensitive data > that I have to send afterwards to a different user on a different computer. > If I encrypt the data by command-line I have no problem at all and > everything goes smoothly. However, when I try to get cron

Re: GnuGP Error

Bronson K Shadlock wrote: > > Hi there, > > We are using GnuGP 1.1.3 on a few PCs, all able to decrypt using 1 public Do you mean GPG4Win 1.1.3? GnuPG 1.1.3 (if it existed) would date back to circa 2000. > key. I can use it on my PC, but a new user on a new PC is getting constant > errors. I

Re: Group Membership Keyring

Jerome Baum wrote: > Nicholas Cole writes: Please remove my name from future replies on this thread. I did not ask to be included nor do I wish to be included. Thank you. signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing

Re: Group Membership Keyring

Mike Acker wrote: > I really liked the idea of having the Membership Secretary sign a Public > Keyring for the Group Members and then to circulate that keyring to the > membership. That's just super-neato great, but what does it have to do with the message thread you replied to dealing with 4096-b

Re: 4096 bit keys

Jerome Baum wrote: > Grant Olson writes: > >> On 03/22/2011 06:06 PM, Jonathan Ely wrote: >>> I really wish 8192 would become available. Not that it would be the end >>> all/be all of key security but according to your theory it sounds much >>> more difficult to crack. >>> >> >> The actual cutti

Re: Using GNUPG as a standalone client

gayamantra wrote: > > Hi, > > We are intending to use GNUPG to encrypt a file before we FTP it to an > external party. > > Is it possible to use GNUPG as a standalone client without having to install > in on our servers? Yes, GnuPG may be installed on a workstation and accessed at the command

Re: keyservers

Grant Olson wrote: > On 3/17/11 4:43 PM, Andrew Long wrote: >> Anyone else having problems accessing pool.sks-keyservers.net? I've >> tried pointing nslookup at a couple of the root DNS name servers and get >> DOMAIN (not known) >> > > There were a few emails on sks-devel this morning. Apparentl

Re: compatible with PGP/Desktop

Mike Acker wrote: > Is PGP/ENIGMAIL compatible with folks using Outlook or Microsoft Mail > with PGP Desktop? > > I've tried searching for this but no luck,-- :-( Enigmail is an extension for Thunderbird and Mozilla mail. It uses GnuPG for its cryptographic processing. It conforms to RFC2 4880 an

  1   2   3   4   5   >