Re: encrypt the sent folder

2006-12-05 Thread Qed
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On 05/12/06 20:03, Robert J. Hansen wrote: >> How can I make sure that all the emails in my Sent folder are encrypted >> and can't be read without my private key? In other words, I want my >> email in my Sent folder to be encrypted even though th

Re: deleting signatures from uids

2006-11-02 Thread Qed
On 10/31/2006 02:58 PM, Stijn Hoop wrote: [..snip..] > In a way I can see why; removing signatures from uids seems like it > should require a passphrase, however it doesn't work that way. I've > also read that it's nearly impossible to remove a key from the > keyservers, however that's also not wha

Re: Key problem

2006-10-14 Thread Qed
On 10/14/2006 08:43 AM, Henry Hertz Hobbit wrote: > I hope your keys had an expiration date if you put them on the key > servers. If you didn't set an expiration they will be there in limbo > forever. [..snip..] > PS BACK UP YOUR KEYS AND GIVE THEM AN EXPIRE DATE! Or generate a revocation certif

Re: DSA2

2006-09-24 Thread Qed
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On 09/24/2006 05:08 PM, Alphax wrote: >>> And therefore, even better, what is the present status of adding to >>> GnuPG an "official" ECC keys support? >> ECC are not part in RFC2440 nor there's a plan to include them. > > You're wrong. > > 9.1.

Re: DSA2

2006-09-24 Thread Qed
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On 09/23/2006 03:15 PM, Carlo Luciano Bianco wrote: [..snip..] > So my point is: what is the real advantage of "DSA2" over RSA > (if any, beside being the US standard)? Smaller, much smaller, signatures(on certification this is a desiderable prop

Re: Compiling GnuPG 1.4.5 for Windows on Windows

2006-09-06 Thread Qed
On 09/06/2006 07:28 PM, John Clizbe wrote: [..snip..] > The official method is cross-compiling on a Debian system for win32. To build > natively on win32, one would normally start by Googling gnupg+win32+building. [..snip..] Maybe Cygwin would be easier, it worked for me in the past. -- Q.E.D.

Re: Using subkeys to renew an expiring key

2006-08-29 Thread Qed
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On 08/29/2006 05:42 PM, [EMAIL PROTECTED] wrote: [..snip..] >> This is a rather strange statement. >> Other organizations should have their OWN pubkeys to which documents >> sent to them are encrypted. > Good Point. I wasn't thinking of that. So

Re: Using subkeys to renew an expiring key

2006-08-29 Thread Qed
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On 08/29/2006 04:36 PM, [EMAIL PROTECTED] wrote: > Your talking about document inbound to my process, encrypted by the other > organizations. That should work without an issue as you pointed out, but > what about the outbound process? In that in

Re: Using subkeys to renew an expiring key

2006-08-29 Thread Qed
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On 08/29/2006 04:33 PM, [EMAIL PROTECTED] wrote: > How do you encrypt to both subkeys? Is this an option turned on with the > GPG command, or does it mean actually running the input file through two > seperate GPG commands? - From gpg manpage: gp

Re: Using subkeys to renew an expiring key

2006-08-28 Thread Qed
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On 08/28/2006 10:22 PM, [EMAIL PROTECTED] wrote: > I have two questions regarding how to "renew" this key. > 1) Is the correct way to renew the key to add another subkey that expires > in September, 2007, or is there a better way? This wouldn't re

Re: GnuPG neophyte inquiries.

2006-08-21 Thread Qed
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On 08/21/2006 02:59 PM, Mark H. Wood wrote: >>> 1). My roommate and I share a WinXP box. If I install GnuPG 1.4.5 on >>> it, would this represent a potential security concern? >> Your keyring would be stored in your personal home dir, if you have

Re: Book advice

2006-08-21 Thread Qed
On 08/20/2006 10:08 PM, Johan Wevers wrote: > Not directly related to GnuPG, but does anyone here know the book > "Handbook of Applied Cryptography" fromn A.J. Menezes, P.C. van Oorschoot > and S.A. Vanstone, printed in 1996? I found it on eDonkey and wanted to > know if someone knows if it is advi

Re: GnuPG neophyte inquiries.

2006-08-20 Thread Qed
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On 08/20/2006 07:31 AM, Caitlin wrote: > 1). My roommate and I share a WinXP box. If I install GnuPG 1.4.5 on > it, would this represent a potential security concern? Your keyring would be stored in your personal home dir, if you have installed XP

Re: Multiple recipients

2006-08-18 Thread Qed
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On 08/18/2006 11:17 PM, David Shaw wrote: >>> A vendor will be encrypting files for us and making them available via >>> FTP. We have three users that will decrypt the files at different >>> times. The vendor will not accept more than one key fr

Re: Multiple recipients

2006-08-18 Thread Qed
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On 08/18/2006 09:34 PM, Brian Rosenvinge wrote: > A vendor will be encrypting files for us and making them available via > FTP. We have three users that will decrypt the files at different > times. The vendor will not accept more than one key fr

Re: Multiple recipients

2006-08-18 Thread Qed
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On 08/18/2006 09:34 PM, Brian Rosenvinge wrote: > A vendor will be encrypting files for us and making them available via > FTP. We have three users that will decrypt the files at different > times. The vendor will not accept more than one key fr

Security of truncated hash functions

2006-07-29 Thread Qed
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Suppose you need a 160 bit digest. You can choose RIPEMD160/SHA1 or a truncated version of a bigger one (e.g.: SHA2 family). Which solution would be safer? Is a digest algo designed for a given length stronger than a truncated longer one? I googl

Re: Release candidate for 1.4.5

2006-07-29 Thread Qed
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On 07/28/2006 11:32 AM, Werner Koch wrote: > I just did a release candidate for 1.4.5. I'd kindly ask you to try > building it in the next days and report any build problems to this > mailing list. > Or as a diff against 1.4.4: > > ftp://ftp.gnu

Re: Fetching keys via http/https?

2006-07-28 Thread Qed
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On 07/24/2006 02:05 PM, Michael Kallas wrote: >> keyserver hkp://subkeys.pgp.net >> keyserver-options http-proxy=http://yourproxy:8080,honor-http-proxy > No luck although I even tried broken-http-proxy. > It's always: > gpg: requesting key 89074FA

Re: Fetching keys via http/https?

2006-07-22 Thread Qed
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On 07/22/2006 10:53 AM, Michael Kallas wrote: > Is there any way to properly fetch keys automatically if you are on a > machine where only HTTP to port 80 and HTTPS to port 443 are allowed? > (I.e. you are behind a firewall/proxy that checks not

Re: sha2 utilities: Print or check SHA-2 digests

2006-06-10 Thread Qed
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On 06/10/2006 03:03 PM, rmyster wrote: > Yes, and supposedly it's causing problems for support departments. On > the other hand, if you're looking for the command to calculate sha256 > and sha512 hashes, what are the odds you will be targeting w

Re: sha2 utilities: Print or check SHA-2 digests

2006-06-10 Thread Qed
On 06/10/2006 12:35 AM, rmyster wrote: >>--print-md algo [files] >>--print-mds [files] >> Print message digest of algorithm ALGO for all given files or >> stdin. With the second form (or a deprecated "*" as >> algo) >> digests for

Re: GPG Implementation of Symmetric Operations, and To-Self Encryption

2006-06-04 Thread Qed
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On 06/04/2006 10:36 PM, [EMAIL PROTECTED] wrote: > Firstly, in pure RSA/ElGamal etc, there is no passphrase U - there's > numbers p,q,g,a,b, etc. Only when you encrypt. > The way I understand it: > Your secret key is encrypted using your passphra

Re: SHA2 compatibility

2006-05-28 Thread Qed
On 05/28/2006 12:03 AM, David Shaw wrote: [..snip..] >> David Shaw in a recent message <[EMAIL PROTECTED]> >> about DSA2 said: >>> 3) Allowing truncation of a bigger hash to fit into the however many >>>bits the key allows. >>> >>> As far as I can tell at the moment, PGP 8 allows only #3. That

SHA2 compatibility

2006-05-27 Thread Qed
I was investigating the possibility to use a RSA master key with SHA256 or SHA512 as certification digest algorithm. The problem is, as usual, compatibility. I don't know anything about the diffusion of the various PGP versions and their capabilities. I've found a PGP compatibility table, written

Re: gpg --list-packets strange behaviour

2006-05-13 Thread Qed
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On 05/12/2006 08:22 PM, I wrote: [..snip..] > I simply don't understand. Why list-packets reports these spurios(?) > certification signature packets(they must be cross certifications since > 39795DA7 is a signing subkey) This hypothesis has been m

gpg --list-packets strange behaviour

2006-05-12 Thread Qed
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Using GnuPG 1.4.3. If I examine with --list-packets a message encrypted with $ gpg -e -r MyOwnKey the result is: > :pubkey enc packet: version 3, algo 16, keyid 3645ABF6365A1799 > data: [2047 bits] > data: [2047 bits] > :signature

Re: Automated processes

2006-04-07 Thread Qed
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 On 04/07/2006 09:56 PM, John M Church wrote: > Not sure if "mask the passphrase in a non-obvious way" does justice to > encrypting it with a filter and strong algorithm - ref. > . Were you >