just does not understand the issues
involved and this idea will not go anywhere.
Sandeep Murthy
s.mur...@mykolab.com
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Hi
I do think your key fingerprint should be made more visible on gpgtools.org
and it would be a good idea to have instructions for users to do the checksum
and
verify the signature of the dmg (there are probably lots of people who don’t
even
know how to do checksums).
Sandeep Murthy
s.mur
. Both can be used at the same time,
as I do, you don’t have to choose between them.
Sandeep Murthy
s.mur...@mykolab.com
> Begin forwarded message:
>
> Subject: Re: Please remove MacGPG from gnupg.org due to serious security
> concerns
> From: Sandeep Murthy
> Date: 17 February
and works well the other components
of the GPG suite. I have not used Enigmail, but it’s simply a
question of choice.
Sandeep Murthy
s.mur...@mykolab.com
> On 17 Feb 2015, at 16:31, Martin Paljak wrote:
>
> On Tue, Feb 17, 2015 at 6:00 PM, Ville Määttä
> wrote:
>> Inste
>
> Actually, I've noticed that there was a very quick reply to this when it was
> brought to the dev's attention. I'll leave this here for anyone else
> interested
> in following-up:
>
>
> https://github.com/GPGTools/GPGTools_Core/commit/5186bade36acedfdc0b76f9f5ddfcfc004ec698b
>
> I'm not a
>
>> http://support.gpgtools.org/
>
> If you are a security project, you should be thankful for people reporting
> bugs, not trying to make it as hard as possible to report a serious bug. This
> looks like more of a "users help users" forum kind of thing, nothing where
> you would want to rep
I have posted a message in the GPG Tools support forum
copying the original post in this thread, letting the developers
know of the concerns raised here.
Perhaps you will see some comments in the near future.
Sandeep Murthy
s.mur...@mykolab.com
> On 17 Feb 2015, at 13:31, Werner Koch wr
> I'm guessing because you need an SSH key at GitHub in order to pull via SSH.
> Yet another problem solved by git modules.
>
> Still, they could have at least changed it to https.
GitHub supports pull/push via SSH or HTTPS therefore you can do this to with
MacGPG (2)
or any GitHub repo.
>
>>
If you have concerns or suggestions then the best thing would be
to contact Luke Le, Steve or the other support staff on
http://support.gpgtools.org/
Sandeep Murthy
s.mur...@mykolab.com
> Begin forwarded message:
>
> Subject: Re: Please remove MacGPG from gnupg.org due to serious
are very responsive to posts on the
GPG Tools support forum
http://support.gpgtools.org/
The GitHub issues page for MacGPG is not the main places where
issues are raised, it’s actually the support forum, where there are
lots of other resources as well.
Sandeep Murthy
s.mur...@mykolab.com
>
could be compromised, the
question only becomes interesting when it relates to particular attacks /
exploits.
Sandeep Murthy
s.mur...@mykolab.com
> On 23 Jan 2015, at 03:15, Robert J. Hansen wrote:
>
>> I was referring to exactly that - *somebody else* having "complete
>
FTP or SSH, is recommended to either upgrade their Bash shell, or
turn off these services completely, which is easy to do.
Sandeep Murthy
s.mur...@mykolab.com
> On 22 Jan 2015, at 23:37, Robert J. Hansen wrote:
>
>> There are degrees of “control over your hardware” and complete
sources? Because it is using other ones, like
dev/random, so there is no one point of weakness and
from a practical point of view there is little risk.
Sandeep Murthy
s.mur...@mykolab.com
> On 22 Jan 2015, at 18:44, Robert J. Hansen wrote:
>
>> To prevent such an attack, I imagine a de
I know that all processes have an exit code, what I meant was
if you invoke gpg interactively like gpg —edit-key
and then execute a wrong subcommand or specify something incorrectly
then the gpg exit code will not reflect this unless the subcommand
launches another process.
Sandeep Murthy
s.mur
process
related to program functions, i.e. if you inside gpg editing a key
and enter an incorrect subcommand or use it incorrectly then this will
not affect the exit code, I don’t think.
Sandeep Murthy
s.mur...@mykolab.com
> On 14 Jan 2015, at 07:51, Dave Pawson wrote:
>
> In Unix term
D, how can this
risk arise
or is there still an issue with key servers?
Sandeep Murthy
s.mur...@mykolab.com
> On 13 Jan 2015, at 20:52, David Shaw wrote:
>
> On Jan 13, 2015, at 2:53 PM, NdK wrote:
>>
>> Il 13/01/2015 16:34, David Shaw ha scritto:
>>
>&
Hi
At the moment one has to remember a passphrase for each keypair,
which becomes more difficult as you have several emails each associated
with different key pairs. Would it be possible to have one passphrase for
the whole bunch of keypairs?
Sandeep Murthy
s.mur...@mykolab.com
signature.asc
458317039047398248889922809181821393428829567971736994315246044
7027290669964066816
Sandeep Murthy
s.mur...@mykolab.com
> On 7 Jan 2015, at 02:30, MFPA <2014-667rhzu3dc-lists-gro...@riseup.net> wrote:
>
> Signed PGP part
> Hi
>
>
> On Monday 5 January 2015 at 10:46:54 PM, in
> , Nex6|Bill wrote
, in order to protect your
private communications.
Sandeep Murthy
s.mur...@mykolab.com
> On 7 Jan 2015, at 02:14, Mirimir wrote:
>
> Signed PGP part
> On 01/06/2015 06:04 PM, MFPA wrote:
>
>
>
>> Anyway, we have gone *way* off-topic. My original comment was inten
I think 4096 is enough for me, I don’t want to key of length 8192.
I was just suggesting that the key generation dialogue in gpg could
be improved.
Sandeep Murthy
s.mur...@mykolab.com
> On 5 Jan 2015, at 22:46, Nex6|Bill wrote:
>
>>
>> On Jan 5, 2015, at 7:54 AM, San
first
time users it seems these updates should be (and could be) made very quickly.
I use GnuPG but I would also like to contribute. Would it be possible to clone
the repo and make a pull request or something like that?
Sandeep Murthy
s.mur...@mykolab.com
signature.asc
Description: Message
. :)
Sandeep Murthy
s.mur...@mykolab.com
> On 4 Jan 2015, at 13:39, Philip Jackson wrote:
>
> On 04/01/15 13:18, Giordano Lipari wrote:
>> My machine runs with on a Ubuntu 14.04 LTS distribution. This comes with a
>> default GnuPG 1.4.16 located mainly in /usr/bin as
/ImageHash (Python).
Would it not be possible for gpg to incorporate these so that a user
can attach a set of hash values for their photo(s) to their public key that
recipients could check against some other source?
Sandeep Murthy
s.mur...@mykolab.com
> On 1 Jan 2015, at 02:30, Robert J. Han
usage: E
[ultimate] (1). keybase.io/sandeepmurthy
gpg> fpr
pub 4096R/9EAB92B4 2014-12-30 keybase.io/sandeepmurthy
Primary key fingerprint: AE7B 5571 64AF 1025 AF89 4180 6EA7 1DBC 9EAB 92B4
Sandeep Murthy
s.mur...@mykolab.com
> On 30 Dec 2014, at 09:49, Kelly Dean wrote:
>
I don’t agree.
Why isn’t the photo ID feature not useful? Surely any piece of
information that would help another person, with whom you
are proposing to communicate, to identify you first, is a good
thing. Before they can trust you enough to sign the key (which
can’t be very often using the PGP
based program like Keychain (from MacGPG2 suite), because
there the user can see the keys and know which one to edit.
Sandeep Murthy
s.mur...@mykolab.com
> On 31 Dec 2014, at 16:54, Daniel Kahn Gillmor wrote:
>
> On 12/27/2014 02:41 PM, Doug Barton wrote:
>> On 12/27/14 9:36 AM,
acceptable dimensions but not size. However some GUI key
management tools, such as Keychain tool from the GPG Suite
(https://gpgtools.org/) specify that
photos must be < 500 KB and the recommended size be < 15 KB.
Sandeep Murthy
s.mur...@mykolab.com
> On 31 Dec 2014, at 12:42, Philip Jacks
,
Sandeep Murthy
s.mur...@mykolab.com
> On 29 Dec 2014, at 15:28, gnupg-users-requ...@gnupg.org wrote:
>
> Send Gnupg-users mailing list submissions to
> gnupg-users@gnupg.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.gnupg.org/m
points to one of the revoked keys rather than the
active key. I have to explicitly
give the short ID of the active key to edit that key and get its fingerprint.
Is there a way to change this, or I am doing something wrong?
Sandeep Murthy
s.mur...@mykolab.com
signature.asc
Description: Message
29 matches
Mail list logo
