[SC] [expires: 2020-08-01]
E053A25BCC302BBB2DADEC033003BEC50642D919
uid [ultimate] Mario Castelán Castro
sub secp256k1/B92640D9 2017-08-02 [S] [expires: 2020-08-01]
sub secp256k1/69F40765 2017-08-02 [E] [expires: 2020-08-01]
”””
Here “rsa3072” and “secp256k1” are the key types. The RSA main key is
3072 bits lon
On 13/10/17 09:30, Duane Whitty wrote:
>> Your argument is unsound, because the inference is unjustified.
>> The possibilities that a language is regulated by an official body
>> or defined by majority usage are not exhaustive.
>
> I'd be interested to know what the other possibilities are.
I men
On 12/10/17 17:50, Robert J. Hansen wrote:
>> The observation that one, some, many, or all people use a linguistic
>> construct in an incorrect way do not change the fact that it is
>> incorrect.
>
> It quite definitely does. Unlike, say, French or Icelandic, where
> there's an actual institution
On 12/10/17 17:58, MFPA wrote:
>> Would it be
>> correct to refer to
>> a car as an “engine”, because it includes an engine?
>
> It is usual in and around London to call a car a "motor".
Alright.
> Calling it an "engine" seems no more or no less correct.
But one can not conclude that it is corr
Despite the bulk of your message, the only attempt at an argument is
“English is an evolving language”. The rest is completely irrelevant.
That English is a changing language is not a justification to misuse
words. The word “Linux” meant a kernel when it was introduced to
informatics and it still
On 10/10/17 11:02, Ralph Corderoy wrote:
> Please note, it's "GnuPG". That's the project name. If you wish to
> acknowledge that it's a GNU project then it's GNU GnuPG. :-)
Well, then blame this project for being undecided about what its own
name is. They use both “GNU Privacy Guard” (which I a
On 10/10/17 11:05, Leo Gaspard wrote:
>> Recall that the most important contribution of the GNU project is not
>> the software packages, but starting the free software movement and
>> developing the most important licenses. GNU/Linux distributions are only
>> possible because of free software ideol
On 10/10/17 11:04, Ralph Corderoy wrote:
> You snipped the bit where I said "Linux" has two meanings in the English
> language depending on context. Given your admirable, though misplaced,
> zeal, I doubt there's a considered argument to be had here.
In the previous message you said “"Linux" can
On 10/10/17 01:46, Robert J. Hansen wrote:
> With respect to specific distros, we ought use the name the distro
> prefers. The Fedora Project releases Fedora, not Fedora GNU/Linux. The
> Debian guys release Debian GNU/Linux, not Debian Linux. The people who
> set up these distros have given thei
On 10/10/17 01:46, Robert J. Hansen wrote:
> With respect to specific distros, we ought use the name the distro
> prefers. The Fedora Project releases Fedora, not Fedora GNU/Linux. The
> Debian guys release Debian GNU/Linux, not Debian Linux. The people who
> set up these distros have given thei
On 10/10/17 07:13, Ralph Corderoy wrote:
> Do not change to using GNU/Linux. It's a purely political term; there
> is no case for technical accuracy. Alongside GNU programs I have Clang,
> musl C library, X Windows, KDE, Firefox, LibreOffice and many other
> non-GNU project, non-GNU licensed, pa
On 10/10/17 04:45, Peter Lebbing wrote:
> That to me means I would support leaving it as is. I don't feel strongly
> on writing it one way or another, but I do dislike the pressure some
> people exert on others pushing their view. If however you are
> consistently writing "Microsoft Windows®" every
On 05/09/17 23:37, shaarang tyagi wrote:
> I have a situation where I need to use GnuPG from command line and encrypt
> a file using a public certificate or PEM public key, please note that I
> will not have the private key at this point and encryption needs to be done
> only using public key.
>
>
Good point.
Note: You forgot to reply to list.
On 02/09/17 22:11, Lachlan Gunn wrote:
> Le 2017-09-03 à 11:48, Mario Castelán Castro a écrit :
>> I am well aware of that. Although deniable encryption is not a panacea
>> it is an improvement. It gives less power to the corresponde
On 03/09/17 17:42, Dan Horne wrote:
> Warning: using insecure memory!
> gpg-agent[10073]: command get_passphrase failed: End of file
> gpg: problem with the agent: End of file
> gpg: Key generation canceled.
There seems to be 2 different problems here:
* That gpg (or gpg-agent) fail when calling
Hello. It appears that you forgot to reply to the mailing list.
On 04/09/17 19:29, Lou Wynn wrote:
> The PGP standard has more details in Section 5.2.3.13 Trust Signature: […]>
> Do you have specific issues or questions to discuss about the Web of
> Trust model?
I have read this section of RFC 488
Hello.
Are the trust models “classical” and “pgp” as implemented in GNU PG
documented anywhere? In the manual I can only find this for “pgp”: “This
is the Web of Trust combined with trust signatures as used in PGP 5.x
and later. This is the default trust model when creating a new trust
database.”,
On 01/09/17 08:31, Andrew Gallagher wrote:
> On 31/08/17 03:35, Mario Castelán Castro wrote:
>> Writer and recipient have a Diffie-Hellman key over the same group and
>> know each other's public key.
>>
>> The writer computers the shared secret per the DH algor
On 31/08/17 17:49, s7r wrote:
>> You can use hash(private_key_1) to seed a cryptographically secure
>> pseudo-random number generator (E.g.: AES in CTR mode with the seed as
>> the key), and then use that random stream to generate (private_key_2,
>> pubic_key_2.
>>
>> This is a method applicable in
On 31/08/17 16:36, Bereshka Web and Photo wrote:
> it happens all the time, solution is of itself as soon as I ask it on a forum
> or like John Robbins said “My cat, as it turns out, is an excellent debugger,
> and she has helped me solve a number of nasty bugs when I talked to her about
> them”
Well, if the problem is solved then I am glad for you)))
--
Do not eat animals; respect them as you respect people.
https://duckduckgo.com/?q=how+to+(become+OR+eat)+vegan
signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing li
On 31/08/17 09:12, Bereshka Web and Photo wrote:
> Hello, Mario
> Thank you for your advice and attention.
Hello.
When replying to a message from a mailing list list, please reply to the
mailing list instead of the sender only. Most e-mail clients have a
“Reply to list” button to do this quickly.
> 3. Also I found on one forum that file gpg-agent.conf should be edited with
> adding this line - pinentry-program /bereshka/bin/pinentry-qt
> but it didn’t help
In my previous message I forgot to comment about this: There should be
no need to set “pinentry-program” if you use your distribution
On 31/08/17 07:20, Bereshka wrote:
> Hello, Dear Creators :)
>
> I will very appreciate if you can help me, because I was surfing a lot in the
> internet looking for an answer, and read tones of forums, but did not find
> solution.
>
> So I installed gnupg 2 , command gpg didn’t work in Termin
Hello. Thanks for your reply. I am aware of the first method as well as
a variation of the second (it had not occurred to me that they both can
use the same key!; I had thought that each correspondent used one key of
his own with a meaningless ID and used only for communication with the
other corre
On 30/08/17 00:57, Stefan Claas wrote:
> If your communication partners would use the same software, like opmsg.
>
> https://github.com/stealth/opmsg
>
> Or if you would use Bitmessage instead of classic email, then
> you have authenticated/encrypted messages too and can later
> nuke your keys, i
On 30/08/17 21:35, Mario Castelán Castro wrote:
> (2) can be signed
> without deniablity implications, but is not necessary.
Apologies. The authentication code should not be signed either to keep
full deniability.
--
Do not eat animals; respect them as you respect people.
https://duckduck
Hello.
Your message is very bad written and I can barely understand it. I will
answer what I have understood.
On 30/08/17 10:40, miz...@elude.in wrote:
> ***
> hi all,
>
> i do not clearly understand the difference between .asc , .gpg , .sign ,
On 29/08/17 13:33, Robert J. Hansen wrote:
> This is not true except in a theoretical mathematical sense.
>
> For instance, several people in the community (I know I have, and I
> recall Werner saying he as well) have seen PGP-signed spam mails that
> are the result of a home user using Symantec's
Hello.
We have OpenPGP/MIME to sign and encrypt e-mail, thus securing the
communication. It is my understanding that the other party can publish
the signature and the unencrypted message and thus prove that somebody
in the possession of the private key wrote (or at least signed) the message.
One
On 29/08/17 02:09, s7r wrote:
> I understand that the first one is ECDSA and the second is ECDH, but
> can't I use the same secp256k1 key (if I import it) but in different two
> representations (ECDSA representation for Sign and Certify and ECDH for
> Encrypt)?
> The subkey might have a different
On 28/08/17 22:27, Robert J. Hansen wrote:
> secp256k1 is a certain field of numbers in which elliptical curve
> operations may be defined. It is not an algorithm. You do not have a
> secp256k1 key. You have an ECDSA key which operates in the curve
> defined by secp256k1.
Although elliptic curv
On 27/08/17 04:40, arznix via Gnupg-users wrote:
> I am developing a closed mesh network application where
> I want to encrypt the traffic using PGP. The local network
> will have no access the the greater worldwide web so it
> will not be able to access existing trusted Key Servers.
If it is an i
On 2017-08-17 23:25 -0400 Daniel Kahn Gillmor
wrote:
>I still don't think this is a good justification, fwiw. If you think
>you'll be making these certifications for other people to consume,
>please do those other people a favor and just use your primary key.
>The OpenPGP world has a habit of try
On 17/08/17 18:49, Daniel Kahn Gillmor wrote:
> aiui, your main goal was because the certifications are smaller, but
> you're still requiring people to fetch your larger primary key. if you
> want to really minimize the size, just make a new OpenPGP key that is
> ECDSA-only.
I have chosen RSA as
It is my understanding that --export-secret-subkeys outputs a *dummy*
(not the actual key) for the private part of the primary key, hence the
output of --list-packets.
The “gpg” man page says “The second form of the command [i.e.:
--export-secret-subkeys] has the special property to render the sec
No, it does not have the certify capability. How can I enable this
capability?
If I add a subkey with “--expert --edit-key” no option is given to
enable certify capability (as mentioned in my previous message), only
sign and authenticate in the case of ECC keys and sign, authenticate and
encrypt
Suppose I would like to sign another user's key using one of my
secp256k1 subkeys, instead of my primary key, because it generates
smaller signatures. gpg does not appear to support this. If I try to
generate a subkey with certify capability “gpg --expert --edit-key ...”
and then “addkey”, the opti
El 15/12/15 a las 17:21, Anthony Papillion escribió:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 12/15/2015 5:07 PM, Andrew Gallagher wrote:
On 15 Dec 2015, at 22:58, Anthony Papillion
wrote:
I'd like to script encryption and decryption from the command
line. Is there a way to pass t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
March 3rd in gnupg-users@gnupg.org, thread "Continued PKA problems on
Windows"
Sean: get a real operating system as GNU/Linux, see a list of free as
in freedom distribucions in
http://www.gnu.org/distros/free-distros.html
cryptography on a propieta
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
February 27th 2010 in gnupg-users@gnupg.org thread "Hot to give the
keyword from the command line"
>Also, if you encrypt to a key, you shouldn't need to provide a
>passphrase at all, unless you need to sign the file too. I get
>nervous about passph
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
February 27th 2010 in gnupg-users@gnupg.org thread "Hot to give the
keyword from the command line"
Thanks Laurent, it works :).
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEAREIAAYFAkuKjnwACgkQZ4DA0TLic4gvbACeI6iz3fXlywEgkFDF
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
February 27th 2010 in gnupg-users@gnupg.org thread "Hot to give the
keyword from the command line".
Hi, I'm doing a bash script for pack (Tar), compress (lzip or bzip2)
and encrypt (GPG with Rijndael 128) very important files, but is
supposed to be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
January 12th 2010 in gnupg-users@gnupg.org thread "Web of Trust itself
is the problem"
Actually I was quoting Robert Holtzman, not Robert J. Hansen, sorry
for not including the full name.
I have no time now to read those texts because my holidays e
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
January 10th 2010 in gnupg-users@gnupg.org thread "Web of Trust itself
is the problem"
>Crypto is not like this. Sure, you don't need to understand Feistel
>networks or large number theory in order to use crypto, but look at
>what you *do* need to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
January 10th 2010 in gnupg-users@gnupg.org thread "Web of Trust itself
is the problem"
>I get the impression that it's mostly a matter of their fear of not
>being able to comprehend it. After all, it is a "computer thing".
Is not neseesary to compr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
January 10th 2010 in gnupg-users@gnupg.org thread "very short
plaintexts symmetrically encrypted"
>then there should be some sort of alert or advisory that the
>plaintext should be a minimum length (whatever that minimum length or
>alert/advisory sh
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Januery 8th 2010 in gnupg-users@gnupg.org thread "Web of Trust itself
is the problem"
>However, most people lack the skills necessary to do anything about
>their privacy, and lack the inclination (time, energy, or even
>self-confidence) to do anythi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Januery 7th 2010 in gnupg-users@gnupg.org thread "Web of Trust itself
is the problem"
I think the WoT and in general the cryptography is not widely used
because few people really care about their privacity.
Is about the same issue as free software,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Januarty 3rd 2010 in gnupg-users@gnupg.org thread "Encrypting with an
message expiration date"
"self-destructing data" is a big fallacy, is almost the same issue as
computer "virus".
There is no data/software (Software is data) that act by itself,
>
> gpg: Total number processed: 2
>
> gpg: imported: 1 (RSA: 1)
>
> gpg: unchanged: 1
>
> gpg: secret keys read: 1
>
> gpg: secret keys imported: 1
>
> So it looks like I should have a secret key imported, but when I look in
K8/ay3JuWCqvxrP
Kq8An1GDC/bGlgbwjGr8ebrdRAPgJ+H4
=o+UI
-END PGP SIGNATURE-
2009/11/28 Ciprian Dorin, Craciun :
> On Sun, Nov 29, 2009 at 12:29 AM, Mario Castelán Castro
> wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA256
>>
>> November 28th 2009 for gnupg-users@gn
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
November 28th 2009 for gnupg-users@gnupg.org thread "GnuPG private key
resilience against off-line brute-force attacks"
Loop unrolling only gives more performance in very small loops, for
not so small ones there can be in fact a performance penality
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
November 28th for gnupg-users@gnupg.org thread "GnuPG private key
resilience against off-line brute-force attacks"
Entropy is a relative thing AFAIR:
For one who knows than a password was generated by using diceware the
entropy will be 7776^n + 777
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
November 19th 2009 for gnupg-users@gnupg.org
IMO steganography should be mixed with cryptography to be secure.
As example: LSB in pictures (Unless you have a professional camera)
will be random (High entropy and no predecible). You can replace it
wit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
November 17th for gnupg-users@gnupg.org
Thanks by the --enable-dsa2 tip.
Someone can tellme wath line should i put on my gpg.cong?.
BTW I also want to remove sha1 from my key preferences. I understand
than the standard requires to support sha1 but i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
November 17th 2009 for gnupg-users@gnupg.org
Hi, I suggest to search for steganography, the cience/art of hidding
messages.
I never used a program than do steganography but search for one, there
must be a lot of free (as in freedom) ones. LSB stegano
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
November 17th for gnupg-users@gnupg.org
I need GNU PG 2 because i want to get out of the 1024 bits limit and
SHA forced for DSA, i want my next key (2010-2012) to be more secure
and accept some SHA2.
Charly Avital: Please note than Linux is a Kernel
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
November 17th for David SMITH
Linux do not have a file command, that belogs to the rest of the OS.
Linux is only a kernel than is commonly used with the GNU Operating
System, but the name for that system is GNU or GNU/Linux.
In advance thanks by yo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
November 16th 2009 for gnupg-users@gnupg.org, subject "Problem with
the agent, gpg2"
I do not have that pinentry program. GNU PG 1.4.9 (The one than comes
with debian) do not give me that message but i need the new version of
GNU PG.
-BEGIN PGP SI
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
November 14th 2009 for gnupg-users@gnupg.org subject "Problem with the
agent, gpg2"
Hi, I sucefulle compiled and installed GNU PG 2.0.12 but when i do
some operation than requires a password i get a message like the
following.
Someone can tellme how
61 matches
Mail list logo