Re: HOW to upgrade: 2.0.22 --> 2.3.3 ???

-2K-23-193-01 (FISERV SFG NA PROD GPG 2K) sub rsa2048 2023-07-10 [E] [expires: 2025-10-09] encryption error: gpg: 9B51B2A5C71BDCEC: There is no assurance this key belongs to the named user Is the _only_ solution to convert ALL keys to ultimate (6)? Please, advise. Thank you. ~ Mike On Thu

Re: HOW to upgrade: 2.0.22 --> 2.3.3 ???

e are loathe to do. We do not want every key at level ultimate, and we do not want to manually edit hundreds of keys to change each trust level. What are we missing? Please, advise. Thank you. ~ Mike On Wed, Oct 9, 2024 at 11:30 AM Werner Koch wrote: > On Tue, 8 Oct 2024 13:09, Mike Schl

Re: HOW to upgrade: 2.0.22 --> 2.3.3 ???

to transition yesterday ... ~ Mike On Tue, Oct 8, 2024 at 11:18 AM Werner Koch wrote: > On Fri, 4 Oct 2024 12:45, Mike Schleif said: > > > gpg (GnuPG) 2.3.3 > > > BEFORE taking your actions: > > > > -rw-r--r--. 1 root root 0 Oct 3 10:45 .gpg-v21-migrated

Re: HOW to upgrade: 2.0.22 --> 2.3.3 ???

As my subject states, we are using v2.3.3 - and your suggestion does not cleanup our keyring, continuing to spew these errors. Please, advise. Thank you. ~ Mike On Fri, Oct 4, 2024 at 10:14 AM Werner Koch wrote: > On Fri, 4 Oct 2024 07:41, Mike Schleif said: > > > Also, how oug

Re: HOW to upgrade: 2.0.22 --> 2.3.3 ???

Apparently, this upgrade also negatively affects trustdb, since encrypting files with previously trusted public keys not fails, stating the there is no trust assigned to these keys. How can we correct these trust issues? Please, advise. Thank you. ~ Mike On Thu, Oct 3, 2024 at 11:19 AM Mike

Re: HOW to upgrade: 2.0.22 --> 2.3.3 ???

070A8 uid [ultimate] public...@provell.com ssb elg1024 2002-04-01 [E] sec rsa4096 2016-03-18 [SC] 3EA174A350A97D4356A35BC6455FC35E80167A71 uid [ultimate] Sempris ssb rsa4096 2016-03-18 [E] Fri Oct 4 12:37:06 CDT 2024 Please, advise. Thank you. ~ Mike On Fri, Oc

Re: HOW to upgrade: 2.0.22 --> 2.3.3 ???

:31 CDT 2024 Please, advise. Thank you. ~ Mike On Thu, Oct 3, 2024 at 11:19 AM Mike Schleif wrote: > Finally, we are moving from CentOS Linux release 7.9.2009 (Core) _to_ > AlmaLinux release 9.4 (Seafoam Ocelot). > > I copied .gnupg/ to the new host. Problems unsued ... > > [ROOT

Re: HOW to upgrade: 2.0.22 --> 2.3.3 ???

Yes, that makes sense. However, I do not know if I can use this keyring - in this state - to encrypt files? Also, how ought I cleanup these old, unused keys? ~ Mike On Fri, Oct 4, 2024 at 2:23 AM Werner Koch wrote: > Hi! > > You should not update to a 3 years old devel version. Th

HOW to upgrade: 2.0.22 --> 2.3.3 ???

[SC] 3EA174A350A97D4356A35BC6455FC35E80167A71 uid [ultimate] Sempris ssb rsa4096 2016-03-18 [E] Thu Oct 3 11:19:03 CDT 2024 Please, advise. Thank you. ~ Mike ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users

Is there a way to forcefully re-enable allow_external_password_cache under KDE

?) Currently I downgraded the pinentry version. My problem is, that I  sign my git commits and now I have to write my passphrase every time I commit. (With version 1.2.1-3 it takes the passphrase out of my KeePass database) Regards, Mike OpenPGP_0xCB9123D02A51C1D3.asc Description: Ope

Finally moving from 2.0.22 to 2.2.x or higher

ns on how to upgrade to 2.2.17 and higher, which we're about to undertake. How can we "import" our existing keyring into newer GPG? What else do we need to know, and prepare for, for our production use? Please, advise. Thank you. ~ Mike ___

Re: gpg: can't handle public key algorithm 18

pg.org> wrote: > Mike Schleif wrote: > > $ gpg --version > > gpg (GnuPG) 2.0.22 > > libgcrypt 1.5.3 > > > > $ cat /etc/system-release > > CentOS Linux release 7.9.2009 (Core) > > Algorithm 18 is ECDH, which is not supported by gpg on > CentOS 7.

Re: gpg: can't handle public key algorithm 18

$ gpg --version gpg (GnuPG) 2.0.22 libgcrypt 1.5.3 $ cat /etc/system-release CentOS Linux release 7.9.2009 (Core) On Sat, Apr 15, 2023 at 1:36 PM Bruce Walzer wrote: > On Sat, Apr 15, 2023 at 11:17:31AM -0500, Mike Schleif wrote: > > On trying to decrypt a file, we get the subject

gpg: can't handle public key algorithm 18

On trying to decrypt a file, we get the subject error on failure. What does this mean? How ought we deal with this? Please, advise. Thank you. ~ Mike ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg

Re: Seeking help.

Ok, thank you. On Thu, Oct 22, 2020, 9:30 AM Werner Koch wrote: > On Wed, 21 Oct 2020 18:59, Mike said: > > I had to recover gnupg file from a corrupted os. The contents of the > gnupg > > file are encrypted and are not in openpgp data. So when I try to import > my > &

Seeking help.

I have an issue with my keys being separated and unable to access. I had to recover gnupg file from a corrupted os. The contents of the gnupg file are encrypted and are not in openpgp data. So when I try to import my keys from 'private-keys-v1.d' nothing happens. Output says no openpgp data found

Restoring keyring from backup fails

ng? One idea I had is that the new system has an encrypted hard disc (using lux), but I feel that shouldn't matter. Thanks for the help. Best, Mike System information: Debian GNU/Linux buster; the output of |gpg --version| begins with gpg (GnuPG) 2.

Re: What are some threats against which OpenPGP smartcards are useful?

I know how long the light on the smartcard should be on for and watch it the entire time. I never allow the card to be out of my view when connected to a system. Of course, there's also the risk that someone has physically tampered with the smartcard to suppress the LED under certain circumst

Re: What are some threats against which OpenPGP smartcards are useful?

er, or there's a security camera in the distance, an audio recording of your keypresses, or _anything_ that reduces the keyspace of your passphrase, then an attacker can brute force the rest offline forever using an old copy of your key, and there's nothing you can do about it. -- Mike Ge

Re: Enforcing password complexity for private keys

commits, and I'll sign sometimes dozens of times per day, with forced pinentry. I'm not suggesting that RSA be used instead of ECC; my token just doesn't support it. But newer Nitrokeys do. I'll likely switch eventually. -- Mike Gerwitz Free Software Hacker+Activist | GNU Maint

Re: git repo won't build for lack of source files?

Sorry, forgot a critical trick or maybe 2, should have just pasted the script in the first place: #!/bin/bash # # https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=README set -e export LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH pushd npth ./autogen.sh --force ./configure --enab

Re: git repo won't build for lack of source files?

Are you also building the required support libraries? I have recently build 2.2.8 successfully using this set of support libs: git checkout npth-1.5 git checkout libgpg-error-1.31 git checkout libgcrypt-1.8.2 git checkout libksba-1.3.5 git checkout libassuan-2.5.1 git checkout gnupg-2.2.8 then r

Re: gpgme_op_delete_ext flag GPGME_DELETE_FORCE not working?

As a followup: I have done some tracing of the code, found that the GPGME_DELETE_FORCE flag to gpgme_op_delete_ext causes a --yes option to be added to the gpg command. I confirmed on command line that the behavior is the same there: --yes does not suppress the "are you sure" graphic dialog boxes

gpgme_op_delete_ext flag GPGME_DELETE_FORCE not working?

Hi, I've been trying to use the GPGME_DELETE_FORCE flag in gpgme_op_delete_ext, but I'm still getting not one, but two "Do you really want to delete..." prompts popping up, one for the secret key, one for the sub-key. I am using GPGme version 1.11.1 in combination with gpg 2.2.8 (as confirmed by r

gpgme_key_t or gpgme_op_export_keys keydata to gcry_sexp_t

Hi, I'm trying to work with gpgme to manage public/private key pairs on a keyring, but also use these keys with libgcrypt for signing, verifying signatures, etc. without interacting with gpg or the keyring... I've found and used the functions like: https://www.gnupg.org/documentation/manuals/gpgm

Re: GnuPG usage for automatic remote decryption

Errata, 3 - Compute SHe = sk^d mod n of course really meant: 3 - Compute SHe = SH^d mod n Mike ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: GnuPG usage for automatic remote decryption

eys with new updates, but does it provide a mechanism for multiple authentications on a single message? ( Like: SHe1+SHe2...+SHeN+"Authenticated message" ? ) Thanks, Mike On Wed, Apr 11, 2018 at 10:29 AM, Peter Lebbing wrote: > On 11/04/18 14:51, Mike Inman wrote: > > Encrypt the

Re: GnuPG usage for automatic remote decryption

*** Correcting one, somewhat important, word *** Hi Dirk & Ken, I'm working on a similar problem... automated decryption "in the field" and what I have come to is this: Encrypt the message with a symmetric algorithm, adding salt and a hash/checksum to ensure validity. Then, taking that result a

Re: GnuPG usage for automatic remote decryption

Hi Dirk & Ken, I'm working on a similar problem... automated decryption "in the field" and what I have come to is this: Encrypt the message with a symmetric algorithm, adding salt and a hash/checksum to ensure validity. Then, taking that result and signing with a private key. In the field - the

Features vs versions

le in libgcrypt vs when? I see the old releases here: https://github.com/gpg/libgcrypt/releases but it's a little cumbersome to download and search the source, and even then that's not always a good way to judge stability. Thanks, Mike ___

Followup: gpgme_set_passphrase_cb not working...

PGME 2018-03-21 18:58:18 <0x6205> gpgme_data_new_from_filepart: enter: r_dh=0x7ffc864d3440, file_name=/home/mike/ft/working/settings/n4sGrass, copy=1 (yes) GPGME 2018-03-21 18:58:18 <0x6205>gpgme_data_new_from_filepart: enter: r_dh=0x7ffc864d3440, file_name=/home/mike/ft/working/set

Re: gpgme_set_passphrase_cb not cooperating...

ey resolve /usr/bin/gpg with a link to /usr/bin/gpg2 - which does not play nice with set_passphrase_cb(). Any suggestions on the best way to untangle that knot? Mike On Thu, Mar 22, 2018 at 3:20 AM, Werner Koch wrote: > On Wed, 21 Mar 2018 23:53, mangoc...@gmail.com said: > > > Which

gpgme_set_passphrase_cb not cooperating...

_version returns 1.5.5 and gpg --version returns 1.4.18 in Ubuntu 15.10 Any help would be appreciated. Thanks, Mike Inman ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: FAQ and GNU

On Tue, Oct 10, 2017 at 17:56:05 +0100, Andrew Gallagher wrote: > On 10/10/17 17:33, Mike Gerwitz wrote: >> Not promoting its own ideals is working contrary to its goals. > > There is nothing in the GPL that requires one to be an evangelist. If > the FAQ is incorrect or misleadin

Re: FAQ and GNU

On Tue, Oct 10, 2017 at 12:37:15 -0300, Duane Whitty wrote: > On 17-10-10 10:13 AM, Mike Gerwitz wrote: >> GnuPG is part of the GNU operating system. Anywhere "Linux" is >> used to describe the GNU/Linux operating system, "GNU/Linux" should >> be used. &g

Re: FAQ and GNU

On Tue, Oct 10, 2017 at 18:03:52 +0200, Leo Gaspard wrote: > On 10/10/2017 03:13 PM, Mike Gerwitz wrote: >> On Mon, Oct 09, 2017 at 22:06:17 -0400, Robert J. Hansen wrote: >>> A request has been made that each instance of "Linux" in the FAQ be >>> replaced with

Re: FAQ and GNU

rating system, "GNU/Linux" should be used. Please see: https://www.gnu.org/prep/maintain/maintain.html#GNU-and-Linux -- Mike Gerwitz Free Software Hacker+Activist | GNU Maintainer & Volunteer GPG: D6E9 B930 028A 6C38 F43B 2388 FEF6 3574 5E6F 6D05 https://mikegerw

Re: Smart card

tlenecks that increase the cost/risk of an attack possibly to the point that it's not worth carrying out. That's also a driver behind a lot of the legislation/laws we see under the guise of protection against terrorism and "going dark"---if you can't beat 'em, make th

Re: Smart card

nals, don't click on herbal Viagra ads" and "Mossad, magical amulets". The original conversation into which you pasted that quote wasn't talking about Mossad (unless I missed something). -- Mike Gerwitz Free Software Hacker+Activist | GNU Maintainer & Volunteer GPG: D

Re: Smart card

use of my smartcard sometimes initiates discussion. And sometimes people use GPG simply because they want to be able to use a smartcard for something like SSH. -- Mike Gerwitz Free Software Hacker+Activist | GNU Maintainer & Volunteer GPG: D6E9 B930 028A 6C38 F43B 2388 FEF6 3574 5E6F 6D0

Re: Smart card

a smartcard to be essential. Otherwise, the user is just furthering her risk of compromise. Key safety is still important. But again, that's assuming that Eve/Mallory _exist_. With my original argument: they may not. The average user is far more likely to get some ran

Re: Smart card

hat have made their way into pentesting frameworks with a click-to-pwn usability level. Do I think Mickens is going to stand there and tell Karen Sandler that she shouldn't give a care about the security of her pacemaker because someone can season her cup of noodles with uranium? No,

Re: Smart card

is, but my Nitrokey survived a wash and the majority of a dry cycle unscathed. I've never run into the basement so quickly in my life when I realized what I had done. -- Mike Gerwitz Free Software Hacker+Activist | GNU Maintainer & Volunteer GPG: D6E9 B930 028A 6C38 F43B 23

Re: Smart card

;s stored in one of two locations that cannot be accessed without being seen and felt. -- Mike Gerwitz Free Software Hacker+Activist | GNU Maintainer & Volunteer GPG: D6E9 B930 028A 6C38 F43B 2388 FEF6 3574 5E6F 6D05 https://mikegerwitz.com signature.asc Description: PGP signature ___

With which key did I sign my encrypted file?

My company uses several keys for signing files encrypted with one of many recipient public keys. Once in awhile, we get pushback from a recipient that they cannot decrypt our file, and sometimes they claim it is because the encrypted file is signed. Yesterday, I took the same file, encrypted it a

Re: PCI DSS compliance

our auditor agrees. You can find his non-member post here: https://lists.gnupg.org/pipermail/gnupg-users/2016-November/057009.html He says that PGP has some mechanism that satisfies this requirement. I haven't touched PGP in more than four years. Do they have something new? ~ Mike On Wed,

PCI DSS compliance

e GPG encryption for all file exchanges between this company and banks, and between vendors/clients and this company. The latter is the issue. What can be done about this? Please, advise. Thank you. ~ Mike ___ Gnupg-users mailing list Gnupg-users@gnupg.org

PCI DSS compliance

e GPG encryption for all file exchanges between this company and banks, and between vendors/clients and this company. The latter is the issue. What can be done about this? Please, advise. Thank you. ~ Mike ___ Gnupg-users mailing list Gnupg-users@gnupg.org

How to detect patched versus bugged gpg binary

to ask the version. Thanks, Mike https://www.confidantmail.org ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

AW: WINDOWS - Adding passphrase to gpg via command line

mor -u sen...@sendercompany.com --digest-algo SHA512 --sign c:\ESA\EIOPA\LI001_DATPPP_EIOPA_000001_16.csv Thank you very much for all your advises help! Regards Mike ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

AW: WINDOWS - Adding passphrase to gpg via command line

I use the following command to sign a file: gpg --homedir c:\ESA\EIOPA\PreProd\DCCR --output C:\ESA\EIOPA\Export\LI001_DATPPP_EIOPA_01_16.asc --armor -u sen...@sendercompany.com --digest-algo SHA512 --sign c:\ESA\EIOPA\LI001_DATPPP_EIOPA_01_16.csv Regards Mike

AW: WINDOWS - Adding passphrase to gpg via command line

> ERR 67108881 No secret key I've tried this commands with all the KeyGrips that are listed with a command similar to gpg2 --with-keygrip -K DCDFDFA4 sec rsa1024/DCDFDFA4 2012-03-17. I always receive the message ERR 67108881 No secret key Regards, Mike _

AW: WINDOWS - Adding passphrase to gpg via command line

placed, when I run the command). Any further ideas? I am despairing slowly but surely... Regards, Mike -Ursprüngliche Nachricht- Von: Peter Lebbing [mailto:pe...@digitalbrains.com] Gesendet: Mittwoch, 15. Juni 2016 13:17 An: Mike Kaufmann Cc: gnupg-users@gnupg.org Betreff: Re: WINDOWS - Add

AW: AW: WINDOWS - Adding passphrase to gpg via command line

ng preset-passphrase? Regards, Mike -Ursprüngliche Nachricht- Von: Peter Lebbing [mailto:pe...@digitalbrains.com] Gesendet: Mittwoch, 15. Juni 2016 14:35 An: Mike Kaufmann Cc: gnupg-users@gnupg.org Betreff: Re: AW: WINDOWS - Adding passphrase to gpg via command line Hi, > Any further ideas?

AW: WINDOWS - Adding passphrase to gpg via command line

not to be made for Windows OS :( Regards Mike -Ursprüngliche Nachricht- Von: Peter Lebbing [mailto:pe...@digitalbrains.com] Gesendet: Montag, 13. Juni 2016 20:15 An: Mike Kaufmann Cc: gnupg-users@gnupg.org Betreff: Re: WINDOWS - Adding passphrase to gpg via command line On 13/06/16 08:12

AW: AW: AW: WINDOWS - Adding passphrase to gpg via command line

e also attached an image to this e-mail where you can see the commands and errors. Do you have any further ideas? Regads, Mike -Ursprüngliche Nachricht- Von: Werner Koch [mailto:w...@gnupg.org] Gesendet: Freitag, 10. Juni 2016 21:48 An: Mike Kaufmann Cc: gnupg-users@gnupg.org Betref

AW: WINDOWS - Adding passphrase to gpg via command line

Abfragedialog ;) Herzlichen Dank für Ihre Hilfe! Freundliche Grüsse Mike Kaufmann -Ursprüngliche Nachricht- Von: Werner Koch [mailto:w...@gnupg.org] Gesendet: Freitag, 10. Juni 2016 09:51 An: Mike Kaufmann Cc: gnupg-users@gnupg.org Betreff: Re: WINDOWS - Adding passphrase to gpg via

AW: AW: WINDOWS - Adding passphrase to gpg via command line

sign c:\UnSignedFiles\temp.csv What modifications do I have to made on my command to sign the file without passphrase dialog? Kind Regards, Mike -Ursprüngliche Nachricht- Von: Werner Koch [mailto:w...@gnupg.org] Gesendet: Freitag, 10. Juni 2016 13:46 An: Mike Kaufmann Cc: gnupg-users@gn

Re: WINDOWS - Adding passphrase to gpg via command line

Hi, Im am using GnuPG v2.1.11.59877 on Windows 10. The utility gpg-preset-passphrase.exe is not available on my system. Is there a location I can download this tool and install on my machine? I would like to use the tool, to set the password on gpg-agent. Regards Mike

Re: Batch key creation curve25519 not working in version 2.1.12 Windows

I tried my inputs with eddsa instead of ecdsa and it worked. Not sure if there is still a bug to report? Thank you for the workaround. On 5/6/2016 1:58 AM, NIIBE Yutaka wrote: On 05/06/2016 05:59 AM, Mike Ingle wrote: Key-Type: ecdsa Name-Real: t 6 Subkey-Curve: Curve25519 Subkey-Usage

Batch key creation curve25519 not working in version 2.1.12 Windows

GPG version 2.1.12 added support for Curve25519 sign and encrypt. I am trying to support such keys in Confidant Mail. Installed from gnupg-w32-2.1.12_20160504.exe If I create a key manually I get: GOOD pub ed25519/C850D9A5 2016-05-05 [SC] uid [ultimate] test 3 sub cv25519/22967908 2

Re: OpenPGP based SSH authentification

You can use the gpg-agent for ssh auth. In gpg-agent.conf you put: enable-putty-support Than you can run the agent like this: "c:\Program Files (x86)\GNU\GnuPG.v2\bin\gpg-agent.exe" --daemon --enable-ssh-support [assuming that is where your GPG is installed] Putty will then login using the key

Build script problem with gnupg 2.1.3

ibgpg-error-prefix doesn't actually work. You have to use: --with-gpg-error-prefix= Mike ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: GPG 1.4.19 homedir Command

Both of these worked for me. F:\>"c:\Program Files (x86)\GNU\GnuPG\gpg.exe" --homedir "f:\abc def\gpg" --list-keys F:\>"c:\Program Files (x86)\GNU\GnuPG\gpg.exe" --homedir "\abc def\gpg" --list-keys Try dropping the initial double slash. On 4/6/2015 12:37 PM, Clark Rivard wrote: Hi I am r

Re: One alternative to SMTP for email: Confidant Mail

s" CM provider wanted to interview vendors of that darknet market. She could do so using CM without needing a technical expert to handle the encryption, and without either party being exposed to any risks. In the past that has been difficult. It is also possible to run mailing lists and file

Re: One alternative to SMTP for email: Confidant Mail

That is a good idea and if I build a commercial provider I will probably implement that. Anyone can run a provider and I expect them to range from strictly business to the dodgy darknet variety. Mike ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: One alternative to SMTP for email: Confidant Mail

anything from the Confidant server I set up. From what I gathered > reading through the docs, the Confidant protocol doesn't use domain > names as identifiers, but each user has a specific identifier. The email > address is just a more human readable way of referring to their >

Enabling and using ECC keys (any reason not to?)

? I want to enable them, but not until it's safe. Thanks, Mike ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: One alternative to SMTP for email: Confidant Mail

PG key stays at home, and if the remote user fails to login a few times, the web UI shuts down. Confidant Mail can sync itself across multiple clients already, so one of those clients could be a mobile web UI and the other a PC GUI. Mike ___ Gnup

One alternative to SMTP for email: Confidant Mail

r, or get an account on the test environment to try it out immediately. More information and downloads at: https://www.confidantmail.org Mike Ingle d2b89e6f95e72e26e0c917d02d1847dfecfcd0c2 ___ Gnupg-users mailing list Gnupg-users@gnupg.org

Vanity Keys

ut it: https://news.ycombinator.com/item?id=8873182 Apparently some of the funds will be donated to the GnuPG project. I suspect he hasn't been in contact, and I imagine the funds would not be welcome? -- Mike Cardwell https://grepular.com https://emailprivacytester.com OpenPGP Key35BC

Re: Automatic e-mail encryption

eople having access to signing > keys for the root and the TLD, instead of anyone with access to a CA > certificate. I believe Postfix already has support for using DANE and it's on the roadmap for Exim too. I already have it set up for my own domain "grepular.com": mike@f

Re: Calculating the Private Key

mailbox.org is useful. Maybe we'll have to look at this topic again in > 10 years or so. FWIW, if you run your own mail system, this is a fairly trivial feature to set up. I've been doing it myself for about three and a half years. Here's how I do it, including links to the softwa

Re: How to determine who signed what

rror > >If I select a paricular file I get: > >gpg2 --verify gtypist-2.9.tar.xz.sig gtypist-2.9.tar.xz >gpg: Signature made Mon 31 Oct 2011 06:31:17 PM EDT using RSA key ID >C94AFA52 >gpg: Can't check signature: No public key > >S

Re: Google releases beta OpenPGP code

gs about the state of OpenPGP.js source code yesterday: https://news.ycombinator.com/item?id=7843297 -- Mike Cardwell https://grepular.com https://emailprivacytester.com OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1

Re: Access to www.gnupg.org only via TLS

For the average person, SSL warnings are a nuisance that needs to be ignored and clicked so they can continue doing what they were doing. For the average geek, an SSL warning seems to be a declaration of War. -- Mike Cardwell https://grepular.com https://emailprivacytester.com OpenPGP Key35BC

Re: We are now at ic6au7wa3f6naxjq.onion

e. Also, note that the link there is none-https, which would redirect people out of the "secure" version of the site if they're using a browser which does not support HSTS, e.g Internet Explorer 11 and below. -- Mike Cardwell https://grepular.com https://emailprivacytester.com Ope

Re: Managing Subkeys for Professional and Personal UIDs

known, and at no point was it discouraged. Several of my colleagues also used OpenPGP, although I don't believe any of them used a smart card. -- Mike Cardwell https://grepular.com https://emailprivacytester.com OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR

Re: Managing Subkeys for Professional and Personal UIDs

my work machine, so I never have to worry about it being compromised. When I left my previous job, I revoked the UID containing the email address assigned by that company, and then added the new UID for the new company. -- Mike Cardwell https://grepular.com https://emailprivacytester.com OpenPGP K

GPG cannot import public key

GPG version trying to import: gpg (GnuPG) 2.0.14 Header from shared armored public key: Version: Encryption Desktop 10.3.0 (Build 8741) GPG error on import: # gpg --import /tmp/imps.asc gpg: key 845F5188: no valid user IDs gpg: this may be caused by a missing self-signature gpg: Total number

Re: It's 2014. Are we there yet?

replaced by a similar but better protocol (HTTP). I would be happy to see Email replaced by a similar but better protocol. It will probably still be called Email though. I think it's more likely that various Email protocols will be extended and refined rather than an outright replacement thoug

Re: It's 2014. Are we there yet?

ote on wikipedia, but people will still be using Email, in some form or other. There will always be a system for pushing messages around electronically that isn't tied to a single provider. If email is replaced, it will be by something similar to email. Not by whichever social ne

Re: PGP/GPG does not work easily with web-mail.

Also, if there are any XSS flaws, there's another potential way of losing the key. -- Mike Cardwell https://grepular.com https://emailprivacytester.com OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4 si

Re: GnuPrivacyGuard for Android v0.3 released!

s with APG to add OpenPGP encryption for email... -- Mike Cardwell https://grepular.com/ http://cardwellit.com/ OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4 signature.asc Description:

Re: Printing PGP Businesscard

GP and OTR fingerprints. Mike * on the Tue, Dec 24, 2013 at 04:44:23AM -0500, Avi wrote: > Perhaps printing your fingerprint and e-mail address as a QR code. I've > done it on a piece of paper, but never a business card. > > Avi > > > User:Avraham > > pub 3072D/F80

Re: gpg-rsa-key decryption with a mobile

1. I have a V2 OpenPGP SmartCard. I'm wondering if this would be vulnerable to the attack in question? Also, what about the Crypto Stick? Presumably these generate the same sort of noise during signing/decryption that the CPU would, but there's nothing GnuPG can do in software to mask i

Re: Gnupg-users Digest, Vol 120, Issue 29

On 09/15/2013 05:05 PM, gnupg-users-requ...@gnupg.org wrote: > > On 09/15/2013 03:40 PM, Mike Acker wrote: >> > it is important to understand that the specification i have in MY key is >> > addressed to any party which may be sending to me. > That's not how c

Re: Pgp key

On 09/15/2013 12:54 PM, Jack Szary wrote: > I have someone's PGP key and he said to use that to send him information, how > do I use his key to send him a message? > first off, are you Windows or Linux ? In Linux you should have GPG installed by deafult; in Windows you will need to go download

Preferred block cipher

On 09/07/2013 07:34 PM, gnupg-users-requ...@gnupg.org wrote: > Hi Mike, > > Interesting. Would you care to explain your logic as to why you set > the preferences in that particular order? > > In particular, why did you prioritize 3DES over the three AES > variants? I can under

Setting Preference for Block Cipher

t even look > at the rest of the ciphers in your preference list. "Okay, Mike likes > Twofish, but the recipient doesn't support it... then CAST5, but that's > not supported... then Blowfish, again not supported... hey, 3DES. 3DES > is *guaranteed* to be supported. The reci

NSA backdoors and Set Preferred Cipher

a lot of information has been reported recently regarding NSA an back-door entries behind digital encryption attached are some notes I offered recently on the MINT forum i have altered my cipher pr

Re: Using GPG for reading email in VPS

side channel attack. > In this context is there any best practices? I was thinking creating a new > signing subkey and removing the master private key from keyring that I want > to upload to the VPS. That way I might limit the damage to the subkey alone > while keeping the maste

Re: gnupg for android phones

carry a smart card reader around with me, or the patience to pull it out and plug it in each time I want to read an email/sms. I agree that it would be cool though. - -- Mike Cardwell https://grepular.com/ http://cardwellit.com/ OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 46

Re: Gnupg-users Digest, Vol 105, Issue 38

ster.co.uk/2004/10/22/security_report_windows_vs_linux/ all I could say was 'hmmm' so that's the problem -- /MIKE signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Gnupg-users Digest, Vol 104, Issue 37

IMHO(FWIW) it is unlikely, at best, that anyone will attack your cipher text. haquers work by getting malware into the endpoint computers hence it is that requiring signatures on software distributions is one of the most critical topics on the table today -- /MIKE

Re: UBUNTU\Thunderbird\ENIGMAIL\GnuPG

On 04/20/2012 09:18 AM, Mika Suomalainen wrote: > 20.04.2012 15:46, Mike Acker kirjoitti: >> 19.04.2012 14:45, Mike Acker kirjoitti: >> I'm trying to setup Enigmail on an UBUNTU system and it gives me GnuPG: >> Not Found >> override ? ( browse ) >> >>

UBUNTU\Thunderbird\ENIGMAIL\GnuPG

19.04.2012 14:45, Mike Acker kirjoitti: I'm trying to setup Enigmail on an UBUNTU system and it gives me GnuPG: Not Found override ? ( browse ) what do I give it? I found gpg in the /usr directory and I can run GPG commands from the Terminal window so GPG is clearly available. --

Re: Gnupg-users Digest, Vol 103, Issue 11

I'm trying to setup Enigmail on an UBUNTU system and it gives me GnuPG: Not Found override ? ( browse ) what do I give it? I found gpg in the /usr directory and I can run GPG commands from the Terminal window so GPG is clearly available. --

courier re-writing of mime boundaries, verification fails

verification happens. -- Thanks for any hint. Mike ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Understanding --status-fd output

software updates > It basically says, the malware authors spend a few bucks on buying a > compromised key for the certificate. > > > Shalom-Salam, > >Werner > > -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. thanks for the note. I have a

  1   2   >