Opengpg smartcard specs for kyber (PQC) algorithm

ld be in the stable releases stage. So i am wondering if this is planned for smart card too or already in the works. thanks kevin publickey - kevinotech@proton.me - 0xF9F43E49.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital sign

Re: kleopatra flatpak issue

ch is the one that > handles > the secret key material outside of the flatpak. Thanks for the pointer , i will keep this in mind, though currently it seems kleopatra won't work without the host gpg-agent running already. Regards, kevin publickey - kevinotech@proton.me - 0xF9F43E49.a

kleopatra flatpak issue

stions for tackling this problem is greatly appreciated. Also thanks to developers for their work on gnupg Its a  wonderful free software and i have been reading into a lot details lately :) Best regards kevin publickey - kevinotech@proton.me - 0xF9F43E49.asc Description: applica

Re: kleopatra flatpak issue

not possible as core DE components and applications rely on it. I checked the docs but it seems this information is not properly documented. So a list of files i need to check including config changes would be helpful. Thanking you kevin On Wednesday, 26 March 2025 at 17:17, kevinot...@pr

gnupg or gpg-agent options for parallelism and memory usage

ss(es) by running out of memory. Is anyone aware of any options or configurations which can increase the efficiency of memory resource usage, allowing us to quickly decrypt more things at once? Kevin ___ Gnupg-users mailing list Gnupg-users@gnupg.org

Re: Why doesn't gpg-agent forwarding work?

/18/2016 12:58 PM, Thomas Glanzmann wrote: > Hello Kevin, > >> Thanks for the advice. But as I mentioned, I tried using GnuPG 2.1.15 >> on the target machine as well (via the packages in Debian sid), and >> this did not work. gpg2 is simply not speaking to the forwarded >

Re: Invalid packet/keyring. How to find out what's responsible?

That'll do it! Thanks. On 10/19/2016 02:22 PM, Daniel Kahn Gillmor wrote: > Hi Kevin-- > > On Wed 2016-10-19 12:45:42 -0400, Kevin Gallagher wrote: >> I've been seeing this error lately both with one of my local GPG >> keyrings, and with apt. >> >>

Invalid packet/keyring. How to find out what's responsible?

I've been seeing this error lately both with one of my local GPG keyrings, and with apt. gpg: [don't know]: invalid packet (ctb=2d) gpg: keydb_get_keyblock failed: Value not found gpg: [don't know]: invalid packet (ctb=2d) gpg: /tmp/tmp.rObzKgJEj5/pubring.gpg: copy to '/tmp/tmp

Re: Why doesn't gpg-agent forwarding work?

Hey Thomas, Thanks for the advice. But as I mentioned, I tried using GnuPG 2.1.15 on the target machine as well (via the packages in Debian sid), and this did not work. gpg2 is simply not speaking to the forwarded gpg-agent socket, however gpg-connect-agent can. Any other ideas? Kevin On 10/16

Why doesn't gpg-agent forwarding work?

ny idea why it is that gpg-connect-agent can speak to the forwarded socket but not gpg? Has someone here got this working before? thanks in advance, Kevin signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@

public key used by many users on a single system

Hi, I'm currently working on setting up gpg for it to encrypt documents my software is producing. Basically, I only require the signed public key from a client in order to encrypt my data. My problem lies in the fact that multiple users log on to the computer (windows server 2003/2008/2012).

Git clone index-pack failed

Trying to clone gnupg repository on cygwin which I've done many times in the past, but this is what I'm getting: $ git clone git://git.gnupg.org/gnupg.git Cloning into 'gnupg'... fatal: index-pack failed I've even tried: $ git clone git://git.gnupg.org/gnupg.git --depth=1 Cloning into 'gnupg'...

Re: Issues when switching between smartcards

Personally, I have found that "killall gpg-agent" works for me in these cases, without much fuss. However, since you have a different reader, and most probably different OS, etc, YMMV. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnup

Re: A PC user unfamiliar with any free software would like to send me messages that only we can read. Now what do I do?

At 1365125582 seconds of The Epoch, Don Saklad wrote: > A PC user unfamiliar with any free software would like to send > messages that only the two of us can read. Now what do I do? The numbers > of steps for it appear to be insurmountable! And I've failed to > understand GNUPG myself. There isn't

Re: The Lord of the Keys

At 1364755319 seconds of The Epoch, Ken Kundert wrote: > I am currently using gpg-agent to hold both my gpg and ssh keys. I use two > ssh > keys, which means that when I log in I have to give up to four passphrases to > unlock all of my keys. Given that gpg-agent is primarily a labor-saving > d

Re: Create subkey that will expire in 10 hours

At 1365102936 seconds of The Epoch, Werner Koch wrote: > Specifying the Epoch will anyway stop working in 2038 on many systems, > thus it is probably not good to allow its use. If a fixed data is > required, one may always specify something like "20130404T153012" for > both, the creation date and

Re: Mac OS X 10.8 and OpenPGP Cards

On Tue, Jul 31, 2012 at 12:00:23PM +0200 Also sprach Olav Seyfarth: > -BEGIN PGP SIGNED MESSAGE- > Hash: RIPEMD160 > > Hi Kevin, list, > > > I just upgraded from Mac OS X 10.7 to 10.8, and my ZeitControl cards, which > > were formerly working perfectly, are no

Re: Mac OS X 10.8 and OpenPGP Cards

On Fri, Jul 27, 2012 at 08:45:51PM +0200 Also sprach Richard Höchenberger: > On 27/7/2012 20:12, Kevin Kammer wrote: > > It has been so long since I had to mess with it (on my mac anyway) that > > I don't remember. Which libraries do you mean? > > I never had to instal

Re: Mac OS X 10.8 and OpenPGP Cards

On Fri, Jul 27, 2012 at 09:26:14AM +0100 Also sprach Nicholas Cole: > On Thu, Jul 26, 2012 at 8:34 PM, Kevin Kammer > wrote: > > ... > > > > I just upgraded from Mac OS X 10.7 to 10.8, and my ZeitControl cards, > > which were formerly working perfectly, are now ina

Mac OS X 10.8 and OpenPGP Cards

Well, the inevitable has happened, again. I just upgraded from Mac OS X 10.7 to 10.8, and my ZeitControl cards, which were formerly working perfectly, are now inaccessible. ~ $ gpg2 --card-status gpg: selecting openpgp failed: Card error gpg: OpenPGP card not available: Card error Since I haven

Unable to edit card

t error 1 - change PIN 2 - unblock PIN 3 - change Admin PIN 4 - set the Reset Code Q - quit - Same thing happens when I try to change the name: gpg/card> admin Admin commands are allowed gpg/card> name Cardholder's surname: Norris Cardholder's given name: Kevin gpg: error setting

Re: private key protection

On Tue, Oct 18, 2011 at 09:15:14AM -0400 Also sprach Mark H. Wood: > On Tue, Oct 18, 2011 at 02:10:07PM +0200, Jerome Baum wrote: > > >> I'm going to lean very far out the window and assume he meant the actual > > >> private key, not the private key-ring/-file/... > > > > > > I'm not sure I unders

Re: GPG with GPUs

On Sat, Jun 16, 2012 at 03:44:04PM -0400 Also sprach Robert J. Hansen: > ... unless he's running on an Ivy Bridge or later, in which case it > already has a hardware RNG built in. If he's currently running on hardware later than Ivy Bridge, then he's either an Intel engineer or a time traveler, an

Re: FAQ, take two

On Mon, Jun 04, 2012 at 09:11:13PM +0200 Also sprach Werner Koch: > On Mon, 4 Jun 2012 18:35, lists.gn...@mephisto.fastmail.net said: > > > require extensive manual configuration for it to work properly (but if > > you're using Mutt, you already know that). See > > http://wiki.mutt.org/?MuttGuide

Re: FAQ, take two

On Mon, Jun 04, 2012 at 02:08:52PM -0400 Also sprach Robert J. Hansen: > On 6/4/12 12:35 PM, Kevin Kammer wrote: > > Section 2.6: For Solaris 11, gnupg is also available via the default > > IPS publisher. The version Oracle provides is 2.0.17 vs 2.0.18 from > > Ope

Re: no password needed to export secret-keys?

On Mon, Jun 04, 2012 at 11:57:02AM -0400 Also sprach Sam Smith: > No, the exported file is NOT protected by the passphrase. > > If I export the key. And then delete my secret key from my keyring. > And now Import what I exported, I am not asked for a password before > the import is allowed to co

Re: FAQ, take two

e use of the related terms "certificate" and "key" throughout the FAQ may be confusing. Questions like "What's a certificate?" "What's a key?" and "What's the difference?" may deserve an explanation someplace. A good place

Re: Draft of nine new FAQ questions

On Wed, May 23, 2012 at 05:34:16PM +0100 Also sprach michael crane: > > for me the first should always be "what is gnupg ?" > I believe these nine "new" FAQ entries are to be added to the existing entries to provide additional information regarding keysizes specifically. They are not comprehens

Re: Some people say longer keys are silly. I think they should be supported by gpg.

On Tue, May 22, 2012 at 08:26:14PM +0200 Also sprach Hauke Laging: > Given the frequency of this discussion and the amount of effort takes by the > participants: Wouldn't it make sense to make this a FAQ entry? Honestly now, do you think having a FAQ entry stops this topic resurrecting every few

Re: how to use samrtcard with PC/SC cardreader

On Wed, May 16, 2012 at 10:13:51AM +0800 Also sprach Yang Hon-Jang: > I am interested in NOT put private keys in disk. I like the idea, put > private keys in smartcard. > > How to use the Fellowship > Smartcarddescri

Card fails to decrypt using 4096-bit key

0x24620B795999A6DB gpg: encrypted with 4096 bit RSA key, ID 0xA9D4A64F1FADF7D2, created 2012-05-16 "Kevin Kammer " gpg: public key decryption failed: General error gpg: decryption failed: No secret key This is essentially the same error that Edmond

Obtaining different script results than via command line

pient "AFG_PROD" --output file.txt.pgp --always-trust --encrypt file.txt All other aspects remain the same: * User * Directory * Input file I have searched extensively and can find no reason for it to do this. Does anyone have any recommendations as to what I am ov

Re: PGP Help Require Basic

On Tue, May 10, 2011 at 04:32:24PM +1000 Also sprach Aakash: > Hi folks, > > Well, I have got to encrypt/decrypt the files using Open PGP. Now I have got > PGP key block and Pgp KEY from other party. I have also installed GPG on my > local machine. > > but i really dont have any idea what to do n

Re: I'm looking for a very beginnerfriendly gpg

On Fri, May 06, 2011 at 05:25:23AM -0700 Also sprach Erica3: I'm looking for the most newbie-friendly, easiest-to-use version of gpg. No writing commands, just clicking and if possible, I want to download and install the whole thing at once and not have to put things (gpg and interface?) togethe

Conditional options directives

I think this post falls under the heading of "Feature Request," unless someone already knows how to accomplish the following. I think it would be useful if there was a way to format the GnuPG options file to conditionally apply options, depending on the key used (or potentially, depending upon

Re: Updating signature cert-level

On Wed, Apr 27, 2011 at 08:59:49AM -0400 Also sprach David Shaw: Incidentally, it is possible to tweak the trust calculations to take signature level into account. GnuPG supports reading a trust "map" generated by an external process that can use whatever trust rules it likes. I don't know of

Re: Question regarding the migration of the pgp keyring to gpg

On Fri, Apr 15, 2011 at 12:23:56AM -0500 Also sprach Pramod.R: Is there a way where I could migrate the entire key ring at one go? I'm currently extracting my keys from pgp using the pgp -dx command and then importing each of these into the gpg. Is there one single command which would help me m

Re: How can i get the fingerprint from the gnupg public file

On Mon, Apr 11, 2011 at 04:09:25PM +0800 Also sprach stutiredboy: The question is how can i get the fingerprint from the gnugp public file without import it? I can get it from gpg --list-keys --fingerprint after i import it but, i can not import it first, how can i do ? Werner answered this

Re: Set key to be default to sign/encrypt

On Thu, Apr 07, 2011 at 09:10:45PM +0200 Also sprach Csabi: Hi! Thx your reply. I tried the following: gpg -u 4096R/626D791C --detach-sign t.txt The error is the same: gpg: skipped "4096R/626D791C": secret key not available gpg: signing failed: secret key not available I tried it with

Re: Signing a key (meaning)

On Thu, Apr 07, 2011 at 10:31:24AM +0200 Also sprach takethe...@gmx.de: Hi everybody out there, I put some thoughts on the meaning of signing a key and came to an unusual definition. Maybe someone likes to discuss it with me, since I'm not quite sure whether I should recommend others to interpre

OpenPGP Card source

it would be obvious, since it is presumably in BASIC where almost everything else is in C). Thanks for pointing me in the right direction. -Kevin pgpdRzKeyD6Cn.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http

Re: Test mail to kevhil...@gmail.com

Not sure who that was but I was not responsible On Jun 11, 2010 4:26 AM, "Werner Koch" wrote: Hi! One of the subscribers to this list created a mail forward to an automated ticketing system which responds to the the poster. The owner of the ticketing system at secure.mpcustomer.com does not re

Re: Is it safe to put an encrypted file on a public web server

ated cryptanalytic attacks, because there are so many avenues of attack that are much easier, cheaper, and still very effective. E.G. is your computer physically guarded 24/7? If not, how do you know someone hasn't put a keylogger on it? Hey--it's easier than a related- key attack with 2^117

Re: gpg rejects SHA224 with DSA-2048

; if(nbits>2047) > qbits=256; > else if(nbits>1024) > qbits=224; > else > qbits=160; > I imagine it would not be terribly difficult to rewrite keygen.c to offer the option of qbits=224 for nbits==2048, offered at key generation time (likely

Re: gpg rejects SHA224 with DSA-2048

On Sun, Nov 08, 2009 at 11:11:01PM -0500 Also sprach Robert J. Hansen: > Kevin Kammer wrote: > > Unless there is some inescapable constraint on the size of one's > > signature, I am hard pressed to think of a reason for using SHA224 when > > SHA256 is available. > &g

Re: Algorithm used to encrypt

Encrypted Data Packet... So, it would appear that the symmetric algo is specified as part of the "string of octets that is the encrypted session key," and therefore, being encrypted, is only accessible if you have the means (the correct private key)

Re: Algorithm used to encrypt

g the appropriate private key) is successful. If my inference is correct, then it is possible (in fact, necessary) to be able to ascertain the public key algo on any OpenPGP encrypted document, but it is only possible to determine the symmetric algo if you have access to the appropriate private ke

Re: I am sure I did not forget my passphrase

On Sun, Nov 08, 2009 at 04:24:01PM +0100 Marko Randjelovic wrote: > > Is there a way to check if secret key info was modified? Check the time/date of the latest self-signature on the key. However, if the key data was unintentionally modified outside of gpg, such as through data corruption, then

Re: gpg rejects SHA224 with DSA-2048

orth asking if only to sate curiousity. -Kevin ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: gpg rejects SHA224 with DSA-2048

utable part of the key. I imagine I may at some point have been using a key generated with an older version of GnuPG, with a 224-bit q, and became accustomed to the permissibility of SHA224. Thanks again for your response, Kevin -- "Le hasard favorise l'esprit préparé."

Re: gpg rejects SHA224 with DSA-2048

On Sat, Nov 07, 2009 at 09:44:23PM -0500 Also sprach Robert J. Hansen: > Kevin Kammer wrote: > > If I attempt to create a data signature using a 2048-bit DSA signing > > key, and the SHA224 hash algorithm, GnuPG complains as follows: > > > > ~ $ gpg -u A39CE7E5 --

Re: gpg rejects SHA224 with DSA-2048

mply not implemented. But I would appreciate it if someone with more knowledge were to give me an authoritative answer. Thanks, Kevin -- "Le hasard favorise l'esprit préparé." --Louis Pasteur ___ Gnu

gpg rejects SHA224 with DSA-2048

If I attempt to create a data signature using a 2048-bit DSA signing key, and the SHA224 hash algorithm, GnuPG complains as follows: ~ $ gpg -u A39CE7E5 --digest-algo H11 -b test.txt ... 2048-bit DSA key, ID A39CE7E5, created 2009-11-02 (main key ID 14CA0E78) gpg: writing to `test.txt.asc' gpg:

LZMA Compression

Although I understand the compression algorithms within gnupg are specified by the OpenGPG standard, are there any grumblings regarding the addition of the lzma compression scheme? -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnupg.org

Practical Advice for those using AES256 cipher?

or simply default back to 3DES, or just sit tight? Although I found the article interesting (not sure if I understood a lot of the blog comments), is there any practical advice I should take away from it as it relates to GnuPG? -- Kevin Hilton ___ Gnupg

SHA3 implementation considerations

on is much too premature, however it would seem the actual implementation of SHA3 is not too far off in the distant future with the winner of the NIST competition to be named around 2012. -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnup

Re: Paperkey 1.0 released

Thanks for this release. Reading the explanation on the website: http://www.jabberwocky.com/software/paperkey/ got me thinking. Is there an explanation or description of all the metadata that is contained within the secret key? -- Kevin Hilton

GnuPG + PSI Portable

Did you alter your path statement and put your USB drive directories first in the path? -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

GnuPG 2.0,9 - Error when trying to compile in Linux.

ystem. Hopefully others may find these instructions useful: http://ubuntuforums.org/showthread.php?t=649466 -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Happy Thanksgiving

A little off topic, however I wanted to wish Happy Thanksgiving to all those users in America, and actually give Thanks to the regular contributors to this mailing list. Thanks -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnupg.org http

Re: Question regarding s2k algorithms

Ok so let me ask things in a different way Is the s2k-cipher-algo used in any other methods other than for protection of the keyring? Seems odd to me that CAST5 is the default -- however I'm sure this is specified according the one of the RFCs. There is no current security implication for using

Question regarding s2k algorithms

fault back to CAST5? What if you change this parameter after keys are already stored on the keyring? Will this confuse things? And lastly what specifically is the purpose of the -for-your-eyes-only flag? Is this option currently still in use, or only included for backwa

Re: Anyone know what became of the Gaim-E Project?

I'm going to try to steer this back onto a relevant topic Robert I love your "off the cuff feelings" about things. Its when you are at your best. Question: What value do signatures serve then however other than to provide data authentication but not sender authentication? How can you be sure i

Re: Anyone know what became of the Gaim-E Project?

As others have mentioned there is another pidgin encryption technique: http://pidgin-encrypt.sourceforge.net/ . This project also seems to have stalled if I'm looking at the release dates as an appropriate indication. The OTR website specifically addresses this plugin with the following: "How is t

Anyone know what became of the Gaim-E Project?

was abandoned. -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: set type digest mode? plus other query

On Fri, Oct 24, 2008 at 5:54 AM, Robert J. Hansen <[EMAIL PROTECTED]> wrote: > Kevin Hilton wrote: >> Who was behind the pgp 6.5.8 ckt release? > > http://sixdemonbag.org/cryptofaq.xhtml#ckt > >> How does this piece of antiquated software compare to modern >&

set type digest mode? plus other query

used, digests used, etc. -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Session Key Questions

80 bits and then #2 is added to #1? Randomly generated session keys -- once produced are these salted and hashed similiar to passwords? Or is the generated session key the required length for the chosen cipher? When passwords are salted -- how long is the salt? Is this appended or prepended to the

Re: Session Key Questions

- wouldn't another 160 bit hash be produced again? How would a 256 bit hash ever be produced is the SHA1 hash was always used. Thanks -- I have a feeling I'm getting off in left field here and missing some understanding of some basic concepts. -- Kevin Hilton _

Re: Session Key Questions

d in the normal salting/hashing process during symmetric encryption? I dont believe this is the s2k-digest-algo since this is for key protection. -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Session Key Questions

When the session key is randomly generated (asymmetric encryption), how large is the session key? Is the length set or does it depend on other parameter such as the length of the DSA/RSA key or hash? Thanks for clarification. -- Kevin Hilton

Testing a build

Just to throw it out there -- if you need to compile for Windows why don't you do it for cygwin? I've just recently been able to compile both gpg and gpg2 using cygwin on WinXP. This saved me the need to cross compile. Probably not the most elegant solution, however it does work.

Re: GPG --symmetric option and passphrases

>> On Mon, Oct 6, 2008 at 10:17 AM, David Shaw <[EMAIL PROTECTED]> wrote: > On Oct 6, 2008, at 10:54 AM, Kevin Hilton wrote: > >> When using gpg with the --symmetric flag (as when symmetrically >> encrypting a file with a passphrase), is the passphrase salted and &

Computational Efficiency of GnuPG ciphers and hashes

Its often been mentioned on this mailing list, that 3DES is notoriously slow. On the flipside, what cipher is considered the fastest -- or the most computationally efficient (if this term even applies)? Are there similar relative results among the GnuPG hashes? Thanks -- Kevin Hilton

GPG --symmetric option and passphrases

line flag? Thanks -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

GPG2 - IDEA

Ok, I've finally managed to compile the gpg2 package (the stable package, not svn) with cygwin. Is there a way to add idea support to gpg2 or is this feature not supported? Thanks -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnup

Re: Changing preferences

really understand the process of cryptography other than on the surface, I could be mistaken. However on the surface -- mathematics removed -- these decisions seem to be more political than based on proven concept. -- Kevin Hilton ___ Gnupg-users mailing

Changing preferences

, hence the reason why Serpent was never the AES standard. I'll stop ranting now. -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Changing preferences

between RSA vs DSA signing keys has been waged many times prior on this mailing list -- Google for it if you don't believe me -- and to summarize the conclusions of many on this list -- this is no functional advantage of using one over the other

Changing preferences

choices progressed from the last key on the list up through the first key. I thought that example was very informative. Thank you very much. -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg

Changing preferences

the confusion surrounding about individual ciphers and hashes are chosen. -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Changing preferences

the confusion surrounding about individual ciphers and hashes are chosen. -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Changing preferences

your rant was unjustified and inappropriate. I'm not making any claims or false statements or presumptions other than those specifically discussed within the documentation. -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnup

Changing preferences

> If you never want to see that algorithm used ever, leave it > off the list completely. Not to beat a dead horse, but this statement isn't exactly true. The sender can force the use of a particular algorithm that is not on the list. I take objection to the use of the work "ne

Changing preferences

hat the recipient can not decode. If there is a null union of the personal-cipher-preferences and the key preferences, then 3DES is chosen. -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Changing preferences

however since they are included as possible options, I think that they should at least be covered by a "what if" scenario. -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Changing preferences

I think the problem is with the word preferences. The use of this word in the setpref command and in the personal-cipher/hash-preferences really doesn't convey what preferences are preferred over each other. The sender's preferences always trump the recipient's preferences. The use of personal-c

Changing preferences

n time are controlled by the: --default-preference-list string Set the list of default preferences to string. This preference list is used for new keys and becomes the default for "setpref" in the edit menu. Hopefully that is clear. -- Kevin Hilton _

Re: Session Key Questions

e -r KevDog --override-session-key 9:345DFG session_key_test_original > > --override-session-key is for decyrption only. > > > Shalom-Salam, > > Werner > > -- I take it there is not encryption equivalent -- making it in one session

GnuPG Defaults

s as you describe it. Thanks everyone for the clarification. -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Session Key Questions

>> for ?? historical reasons of compatibility ?? with pgp 5+ >> the default cipher that will be used for encryption, and also for >> protection of the secret key, is CAST-5, not 3DES >Nope, 3DES is the only MUST cipher algorithm and thus used as the >last-resort if the preference system can't deci

Re: Session Key Questions

On Wed, Sep 17, 2008 at 9:41 AM, Werner Koch <[EMAIL PROTECTED]> wrote: > On Wed, 17 Sep 2008 15:52, [EMAIL PROTECTED] said: > >> 1. How is the session key generated? How is its entropy randomness >> determined? Is there a specific algorithm used to generate the key? > > It is a random number of

Session Key Questions

with 256-bit key [TWOFISH] 100 to 110 - Private/Experimental algorithm 3. Is it possible to decrypt a gnupg encrypted message if I know the decrypted session key? How could this be accomplished? -- Kevin Hilton ___ Gnupg-users mailing list

Re: GnuPG Defaults

ly supplanted and Camellia cipher officially recognized, I only see this list expanding, not shrinking! -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

GnuPG Defaults

es (ie TWOFISH, BLOWFISH), than what was listed in the key. Why were these not included in the "capability list"? If I do not specify a personal-cipher-preference or cipher-algo within the gpg.conf file, 3DES will always be chosen as the cipher algorithm? -- Kevin Hilton __

GnuPG Defaults

I am aware of default in terms of compatibility that 3DES must be included in any OpenGPG compliant implementation, however I thought as a "default", gnupg preferred AES over 3DES (as over 1.4.8). -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: GnuPG Defaults

On Tue, Sep 16, 2008 at 11:50 PM, Robert J. Hansen <[EMAIL PROTECTED]> wrote: > Kevin Hilton wrote: >> I'm sure its probably contained in one of the RFC's, however when was >> DSA signing keys and ElGamal Encryption keys, along with the AES-256 >> cipher and S

GnuPG Defaults

pt to lure people into a discussion of which is better than that). I'm just curious why these were chosen as defaults. -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

GnuPG ElGamal Signing Key

been compromised: http://silverstr.ufies.org/blog/archives/000415.html As a side note, are there any other possible algorithms that may be used to generate a signing key other than DSA/RSA/ElGamal. Thanks. -- Kevin Hilton ___ Gnupg-users mailing list

GPG2 compile problems on cygwin

o): In function `do_bin2hex': /home/klal/temp/gnupg/gpg2/common/convert.c:120: undefined reference to `_gcry_m alloc' Is there something I can do to help with the debugging of this error? Thanks for any suggestions. -- Kevin Hilton ___ Gnupg-users

  1   2   >