also sprach Peter Lebbing [2017-06-23 17:56 +0200]:
> There are two hard problems in computer science: Cache invalidation,
> naming things, and off-by-one errors.
I haven't heard that one in years. Lol. ;)
> Martin, I think --no-auto-check-trustdb and a cron job will
> already make it much more
also sprach Werner Koch [2017-06-22 19:02 +0200]:
> For a key listing this means computing it for every listed key. And the
> majority of frontends first do a key listing and show the validity of
> the keys before you can encrypt something.
Obviously, one could work with caching hereā¦
Running -
also sprach Werner Koch [2017-06-23 09:40 +0200]:
> Those flags are tracked in self-signatures. When changing a flag
> a new self-signature is used. This will be uploaded to the
> keyserver. gpg uses the flags from the latest self-signature it
> has.
So how does this explain
% export GNUPGH
also sprach MFPA <2014-667rhzu3dc-lists-gro...@riseup.net> [2017-06-23 00:33
+0200]:
> I didn't know you could remove a usage flag once the key was on the
> keyservers.
Well, it somehow seems to work, apart from the fact that gnupg first
needs to clean up the key (using --edit-key) after download
also sprach Neal H. Walfield [2017-06-22 16:15 +0200]:
> I didn't say that it is not possible to have a better algorithm. It
> is possible. But, it is not as easy as you suggest (and what you
> suggest doesn't sound trivial).
>
> For instance, adding or updating a key doesn't necessarily result
also sprach Peter Lebbing [2017-06-22 15:46 +0200]:
> > As far as I understand, the parameters --marginals-needed and
> > --completes-needed can be used to define a maximum search depth D,
> > so when I ask GPG to update the trustdb WRT key 0xdeadbeef, then I'd
> > envision it to
>
> Don't you me
also sprach Andrew Gallagher [2017-06-21 15:57 +0200]:
> I have a quick and dirty tool here:
> https://github.com/andrewgdotcom/synctrust
Yeah, that'll do the job, except it blindly overwrites changes made
locally. It's unlikely this happens, but say I declared your key
trustworthy last night at
also sprach Neal H. Walfield [2017-06-21 14:00 +0200]:
> It starts with the set of ultimately trusted keys. But let's say
> that you start with key X, which is not ultimately trusted. What
> should GnuPG do with the result? Or, let's say that X is
> ultimately trusted and it decides that key Y
Hey Justus, thanks for writing in. Here are the answers you wanted:
> gpg --version please?
2.1.18
> > So far, so good. Do note the [SC] usage flags.
>
> What are the capabilities of your primary key supposed to be?
There were [SC] when I created it, but I've recently changed to
a signing subk
also sprach Neal H. Walfield [2017-06-21 11:53 +0200]:
> > 3. Is there a way to run --check-trustdb or --update-trustdb not
> >over the entire key graph, but only traversing to a certain depth
> >starting from a specific key? Then I could tell parcimonie to run
> >--check-trustdb for e
ome/ssd/madduck/.tmp/cdt.p0R8ly/trustdb.gpg: trustdb created
gpg: key 55C9882D999BBCC4: public key "Martin F. Krafft
" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1
% gpg --list-keys !$
gpg --list-keys 0x55C9882D999BB
Hello,
I've spent some time trying to figure out how to make actual use of
the web-of-trust (the "pgp" trust-model), and I am turning to this
list for some advice, related to a couple of questions:
1. My public keyring has several thousand keys and "weighs" almost
500Mb. Every couple of runs,
also sprach MFPA [2010.10.14.0102 +0200]:
> The user can type their password once per session into a text file
> and paste it every time it is requested. This reduces the
> annoyance factor and does not train the user to constantly re-type
> the passphrase.
That's a great idea. I have started wor
also sprach Werner Koch [2009.07.10.1532 +0200]:
> > I have a 4096 bit RSA key -- can I create 2048 or 3072 bit
>
> 4096 is in fact also supported but that would require major
> changes in GnuPG, thus this published limit of 3072
Could you give us a hint why GnuPG would need changing?
>
also sprach David Shaw [2009.07.09.2040 +0200]:
> http://shop.kernelconcepts.de/product_info.php?cPath=1_26&products_id=42
>
> They say they have the new cards in stock now.
So they say key length up to 3k. Does that affect key generation
only? If not, why wouldn't those cards be able to handle
Hey folks,
Two years ago, there was a thread on this list, in which RSA key
sizes >2048 were discussed [0]. In these two years, the crypto-world
has been shaken up a bit, and computers got yet a bit more powerful.
0. http://lists.gnupg.org/pipermail/gnupg-users/2007-June/031285.html
I am trying
16 matches
Mail list logo
