El día martes, septiembre 26, 2023 a las 09:35:52a. m. +0900, NIIBE Yutaka
escribió:
> Matthias Apitz wrote:
> > $ gdb /usr/local/libexec/scdaemon
> > ...
> > r --debug-all --verbose --verbose --server
> > ...
> > OK GNU Privacy Guard's Smartcard server ready
> > SERIALNO
> > [New LWP 101967 of
Matthias Apitz wrote:
> $ gdb /usr/local/libexec/scdaemon
> ...
> r --debug-all --verbose --verbose --server
> ...
> OK GNU Privacy Guard's Smartcard server ready
> SERIALNO
> [New LWP 101967 of process 2622]
>
> Thread 2 "pipe-connection" received signal SIGSEGV, Segmentation fault.
> Address not
El día lunes, septiembre 25, 2023 a las 11:03:23a. m. +0900, NIIBE Yutaka
escribió:
> Hello,
>
> Matthias Apitz wrote:
> > After an update of FreeBSD from 13-CURRENT to 14-CURRENT I can't used
> > my OpenPGP card with the USB token anymore. In /var/log/messages
&g
Hello,
Matthias Apitz wrote:
> After an update of FreeBSD from 13-CURRENT to 14-CURRENT I can't used
> my OpenPGP card with the USB token anymore. In /var/log/messages
> it says:
[...]
> Any hints how to debug this
You can run scdaemon as a foreground process to debug. An e
Hello,
After an update of FreeBSD from 13-CURRENT to 14-CURRENT I can't used
my OpenPGP card with the USB token anymore. In /var/log/messages
it says:
Sep 24 19:33:02 c720-1400094 kernel: ugen0.4: at usbus0
Sep 24 19:33:07 c720-1400094 kernel: pid 3886 (scdaemon), jid 0, uid 1001:
exit
Hi,
On Tue, Oct 15, 2019 at 03:17:58PM -0400, Robert J. Hansen wrote:
... Those were the high-priority changes that needed to be made. If
anyone has other suggestions, speak up: I'm listening. :)
A while ago (I can’t find the e-mail anymore) I suggested a few changes
that somehow didn’t fin
On 15/10/2019 21:59, Robert J. Hansen wrote:
> Should they update? Yes. Is the problem mitigated by an update? Yes.
> But will they? Probably not before wedging their keyring. Given that
> high-profile people in the community have had our certificates defaced,
> it's poss
ill get utterly wedged if they pull down a poisoned
certificate from SKS. There are a *lot* of these older installations
out there in the wild, and what we suggest to them should not lead them
into wedging their system.
Should they update? Yes. Is the problem mitigated by an update? Yes.
But wil
On Tue, 15 Oct 2019 15:17, Robert J. Hansen said:
> * Every reference to the SKS keyserver network now points to
> keys.openpgp.org. Reason: the SKS attacks a few months ago.
I have to object against this change. The SKS server network is still
useful and definitely more useful than an non-matu
The last time I gave the FAQ a thorough read-and-review was in October
2017, so it was time for a review. I fought off the urge to rewrite the
thing entirely -- I really don't like how it flows, but I view my job as
maintainer is more about making minor incremental changes than total
rewrites when
: 2019年3月31日 8:43
收件人: gnupg-users@gnupg.org
主题: Two questions about system entropy and update
Good Morning ,
I have been tried to generate a key pair and gotten the error :
Not enough random bytes available. Please do some other work to give
the OS a chance to collect more entropy
while running iostat, mpstat and using
find in other windows. Is there any way I may view the system entropy in
Solaris system ?)
My GPG is pretty old :
gpg (GnuPG) 1.4.10; Copyright (C) 2008 Free Software Foundation, Inc.
How can I update GPG ? I have the file transfers with dozens of
On 13.03.19 18:24, Peter Lebbing wrote:
On 13/03/2019 14:21, David wrote:
If someone posts hundreds of kilobytes or more, I agree,
but in this case I argue the opposite, for these reasons.
I fully agree. In fact, I much prefer someone include a lot of
information and maybe include too much tha
On 13/03/2019 14:21, David wrote:
> If someone posts hundreds of kilobytes or more, I agree,
> but in this case I argue the opposite, for these reasons.
I fully agree. In fact, I much prefer someone include a lot of
information and maybe include too much than that the person trying to
help has to
On Wed, 27 Feb 2019 at 23:16, Oscar Carlsson via Gnupg-users
wrote:
>
> And in future emails, try to [...] use pastebin like
> services and/or attach logs instead of adding them inline like this.
Why is that suggested?
If someone posts hundreds of kilobytes or more, I agree,
but in this case I a
ve me usually a ballpark idea of what i can or
cannot do via the command line. i understand that this approach
doesn't always make sense or seems abit farfetched to the more
experienced programmer. that said, i recently learned when trying to
update my outmoded gnupg 2.0.22 on my Ubuntu 14.04 LTS di
hat i can or cannot do via the
command line. i understand that this approach doesn't always make sense
or seems abit farfetched to the more experienced programmer. that said,
i recently learned when trying to update my outmoded gnupg 2.0.22 on my
Ubuntu 14.04 LTS distro, that i ran into
fwiw, i agree with Damien that the existing text in the FAQ about
generating a revocation certificate should be removed.
I think that there should be some text like "where can i find my key's
revocation certificate?" which could be added to the FAQ.
However, situations like these:
On Sat 2018-11
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Thursday 8 November 2018 at 3:21:58 PM, in
,
Damien Goutte-Gattat via Gnupg-users wrote:-
> And with
> modern GnuPG there
> is no need to recommend to generate a revocation
> certificate.
Not immediately after generating a new GnuPG certif
On Fri, 09 Nov 2018 09:22:13 +0100, Werner Koch wrote:
> On Thu, 8 Nov 2018 18:34, stefan.cl...@posteo.de said:
>
> > apartment and accidentally threw away the box
> > in which the revocation cert was stored... :-(
>
> :-(
>
> > How would you procede now?
>
> Fetch your backup which for yo
On Thu, 8 Nov 2018 18:34, stefan.cl...@posteo.de said:
> apartment and accidentally threw away the box
> in which the revocation cert was stored... :-(
:-(
> How would you procede now?
Fetch your backup which for you will have stored at a different
venue .-)
Call the locksmith to open the loc
On Thu, 8 Nov 2018 15:21:58 +, Damien Goutte-Gattat via Gnupg-users
wrote:
> Hi GnuPG folks,
>
> The current version of the FAQ recommends creating a revocation
> certificate at several places.
>
>
> § 7.17
>
> "We recommend you create a revocation certificate immediately
>after gener
Hi GnuPG folks,
The current version of the FAQ recommends creating a revocation
certificate at several places.
§ 7.17
"We recommend you create a revocation certificate immediately
after generating a new GnuPG certificate."
§ 8.5
"What should I do after making my certificate?
Genera
> On 17 Oct 2018, at 14:26, Sandro Knau� wrote:
>
> Hey,
>
>> - Friday evening: we will meet at the Winery (Trois Tilleuls Street 1, 1170
>> – Brussels, www.winery.be ). People from Mailfence will be there from
>> 19:30, I will arrive a little later.
I’ve arrived in brussels and checked into h
Hey,
> - Friday evening: we will meet at the Winery (Trois Tilleuls Street 1, 1170
> – Brussels, www.winery.be ). People from Mailfence will be there from
> 19:30, I will arrive a little later.
I'll arrive at 4pm in Bruxelles and after getting rid of my luggage, I'll plan
to come to Winery at 19
On Sun, 7 Oct 2018 10:57, patr...@enigmail.net said:
> - we will start on Saturday at 09:30. If you have any issues such as finding
> the location or with local logistics, here is my phone number: +41 78 631 6622
Huh, that is early. Andre and me might arrive a bit later.
Salam-Shalom,
We
It's 2 weeks until the Summit. Here are some updates:
- Friday evening: we will meet at the Winery (Trois Tilleuls Street 1, 1170 –
Brussels, www.winery.be ). People from Mailfence will be there from 19:30, I
will arrive a little later.
- if you plan to come, but didn't tell me yet, please send
Hello,
I changed the expiration date on my primary key from "2018-09-22" to "never
expire".
On my subkeys I extended the expiration date to "2019-09-24".
On my local machine, everything is fine:
$ gpg --list-keys bbea93c8
pub rsa4096/BBEA93C8 2014-10-17 [SCA]
Key fingerprint = A8FC 7FEC
fail overnight, it would be an inconvenience but not a disaster.
But there is no known alternative to the second function, which is the
distribution of key updates, including revocations. Therefore I believe
the immediate priority should be to protect update distribution.
How to preven
On Wed 2018-01-17 08:57:12 +0100, Kristian Fiskerstrand wrote:
> On 01/17/2018 01:20 AM, Daniel Kahn Gillmor wrote:
>> On Tue 2018-01-16 22:56:58 +0100, Kristian Fiskerstrand wrote:
>>> thanks for this post Daniel, my primary question would be what advantage
>>> is gained by this verification being
On Wed 2018-01-17 15:51:07 +, Andrew Gallagher wrote:
> On 17/01/18 15:32, Daniel Kahn Gillmor wrote:
>> i don't think you need an extension to OpenPGP at all to do this -- you
>> just need policy. The policy could be (for example):
>
> The main technical question is where should this policy b
On 17/01/18 15:32, Daniel Kahn Gillmor wrote:
> i don't think you need an extension to OpenPGP at all to do this -- you
> just need policy. The policy could be (for example):
The main technical question is where should this policy be applied?
1. At upload stage - easy to implement, but requires
On Wed 2018-01-17 09:58:21 +0100, Werner Koch wrote:
> On Tue, 16 Jan 2018 22:56, kristian.fiskerstr...@sumptuouscapital.com
> said:
>
>>> (c) rejected all third-party certifications -- so data attached to a
>>> given primary key is only accepted when certified by that primary
>>> key.
>
Werner Koch [2018-01-17 09:58:21+01] wrote:
>>> (c) rejected all third-party certifications -- so data attached to
>>> a given primary key is only accepted when certified by that primary
>>> key.
> This can help to avoid DoS attacks. I would love to see that to get my
> key down to a reasonabl
On Tue, 16 Jan 2018 22:56, kristian.fiskerstr...@sumptuouscapital.com
said:
>> (c) rejected all third-party certifications -- so data attached to a
>> given primary key is only accepted when certified by that primary
>> key.
>>
>
> thanks for this post Daniel, my primary question would
On 01/17/2018 01:20 AM, Daniel Kahn Gillmor wrote:
> On Tue 2018-01-16 22:56:58 +0100, Kristian Fiskerstrand wrote:
>> thanks for this post Daniel, my primary question would be what advantage
>> is gained by this verification being done by an arbitrary third party
>> rather by a trusted client runn
On Tue 2018-01-16 22:56:58 +0100, Kristian Fiskerstrand wrote:
> thanks for this post Daniel, my primary question would be what advantage
> is gained by this verification being done by an arbitrary third party
> rather by a trusted client running locally, which is the current modus
> operandus. Any
> On 16 Jan 2018, at 22:26, Leo Gaspard wrote:
>
> It could also help limit the impact of the nightmare scenario RJH has
> described, by making sure all the data is “cryptographically valid and
> matching”, thus making it harder to just propagate arbitrary data down
> the network.
It would make
On 01/16/2018 10:56 PM, Kristian Fiskerstrand wrote:
> On 01/16/2018 07:40 PM, Daniel Kahn Gillmor wrote:
>
>> The keyserver network (or some future variant of it) can of course play
>> a role in parallel to any or all of these. for example, keyservers are
>> particularly well-situated to offer k
On 01/16/2018 07:40 PM, Daniel Kahn Gillmor wrote:
> The keyserver network (or some future variant of it) can of course play
> a role in parallel to any or all of these. for example, keyservers are
> particularly well-situated to offer key revocation, updates to expiry,
> and subkey rotation, non
he need for
external distribution mechanisms for all messages but the first.
https://autocrypt.org/
* VVV
DNS (SRV) discovery of HKP service operated by the mail provider.
https://keys4all.de/media/beschreibung-vvv-loesung.pdf
I'm sure i've missed some other distr
> On 14 Feb 2017, at 19:53, Kristian Fiskerstrand
> wrote:
>
> Trust level is not a property of the public key, it is stored out of
> band (in the local trustdb)
Ah ok. Thanks.
Marko
---
Marko Bauhardt
https://keybase.io/mbauhardt
GPG Key ID: 53192101
GPG Fingerprint: DC0F E851 82A3 72E3
On 02/14/2017 07:51 PM, Marko Bauhardt wrote:
> The trust level of my two IDs was `unknown` in the one public key and
> `ultimate` in the other key.
Trust level is not a property of the public key, it is stored out of
band (in the local trustdb)
--
Kristian Fiskerst
Hi Peter,
> On 13 Feb 2017, at 12:16, Peter Lebbing wrote:
>
>
> An OpenPGP public key is composed of many parts which can be reordered
> without changing the meaning. Keyservers do reorder stuff, so you can't
> just compare two keys byte by byte and say anything useful about their
> equivalenc
On 12/02/17 13:32, Marko Bauhardt wrote:
> Hi,
> The amor definition of my public key i uploaded
> to hkps://hkps.pool.sks-keyservers.net differs to the public key
> definition i uploaded to another web service.
An OpenPGP public key is composed of many parts which can be reordered
without changin
>
> Signed PGP part
> You can add signatures, user-ids, subkeys, etc. to a key that is
> already on the server. But you cannot delete anything from it.
Sure, understood. But this does not answer the question i have why i can not
upload my current local GPG public key to a key server? Again i ge
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Sunday 12 February 2017 at 12:32:06 PM, in
, Marko Bauhardt
wrote:-
> Is there a rule or something which prevents the
> update of a key?
You can add signatures, user-ids, subkeys, etc. to a key that is
already on the server. But you
Hi,
The amor definition of my public key i uploaded to
hkps://hkps.pool.sks-keyservers.net
differs to the public key definition i uploaded to another web service. When i
import both key pairs the result looks the same. I don’t know exactly what the
difference is.
Anyway, i want to update my
On Thu, 29 Dec 2016 14:15:52 +
Christoffer Stjernlöf wrote:
> do...@mail.com writes:
> > I used a config file (hand written), and concatenated several of it's
> > lines to form a super long strong passphrase for my key.
>
> There is no way to crack an arbitrary private key. However, since
> Now, I've read that you could use a program to crack the private key and
I'd
> rather not create a new key since my original was never compromised.
For a strong passphrase, there is no effective way to crack it. Sorry,
you're SOL.
___
Gnupg-users m
Hello,
I used a config file (hand written), and concatenated several of it's
lines to form a super long strong passphrase for my key.
Bad news is that I foolishly changed the file and lack an old enough
backup to find the original one.
Now, I've read that you could use a program to crack the privat
Hi Anthony,
Anthony Papillion:
> On 11/25/2016 4:02 AM, Stephan Beck wrote:
[...]
>
> No problem. When I try to decrypt your message, I get the follow from GPG:
>
> gpg: invalid radix64 character 2D skipped
> gpg: invalid radix64 character 2D skipped
> gpg: invalid radix64 character 2D skipped
>
Stephan Beck:
>
> Anthony Papillion:
[...]
>
> Thanks, Anthony. I'll have a look into libpgp-error, maybe I can find
> some info. The message may have been altered (tampered).
>
Oops, I wrote and then I thought.
To speak with the libgcrypt manual (libgcrypt uses libgpg-error)
This manual is
Anthony Papillion:
> On 11/25/2016 4:02 AM, Stephan Beck wrote:
>> Hi Anthony,
>>
> No problem. When I try to decrypt your message, I get the follow from GPG:
>
> gpg: invalid radix64 character 2D skipped
> gpg: invalid radix64 character 2D skipped
> gpg: invalid radix64 character 2D skipped
> gp
On 11/25/2016 4:02 AM, Stephan Beck wrote:
> Hi Anthony,
>
> Stephan Beck:
>>
>>
>> Anthony Papillion:
>>> Hello Everyone,
>>>
>>> When I run
>>>
>>> gpg2 --keyserver --refresh-keys
>
>>>
>>> Can someone tell me what this error means and how can I fix it?
>>
>> Which gpg2 version are you running
Update:
I actually tried
gpg2 --keyserver hkps://hkps.pool.sks-keyservers.net --refresh-keys
4F765425380A9BBA5F0E0892CC9D1E072AC97369 --no-emit-version
--display-charset utf-8 --keyserver-options
ca-cert-file=~/sks-keyservers.netCA.pem use-temp-files keep-temp-files
verbose
as well (with
Hi Anthony,
Stephan Beck:
>
>
> Anthony Papillion:
>> Hello Everyone,
>>
>> When I run
>>
>> gpg2 --keyserver --refresh-keys
>>
>> Can someone tell me what this error means and how can I fix it?
>
> Which gpg2 version are you running? 2.0x or 2.1x?
sorry for the delay in getting back to you
On 11/23/2016 3:10 PM, Stephan Beck wrote:
>
>
> Anthony Papillion:
>> Hello Everyone,
>>
>> When I run
>>
>> gpg2 --keyserver --refresh-keys
>>
>> I get a list of all of the keys in my keyring with the message that they
>> have not been changed (this is expected). At the bottom of the output, I
Anthony Papillion:
> Hello Everyone,
>
> When I run
>
> gpg2 --keyserver --refresh-keys
>
> I get a list of all of the keys in my keyring with the message that they
> have not been changed (this is expected). At the bottom of the output, I
> see the following message:
>
> gpg: Total number p
Hello Everyone,
When I run
gpg2 --keyserver --refresh-keys
I get a list of all of the keys in my keyring with the message that they
have not been changed (this is expected). At the bottom of the output, I
see the following message:
gpg: Total number processed: 31
gpg: unchanged: 3
Thank you for all the replies!
Martin
On Mon, Oct 17, 2016 at 7:52 PM, Brian Minton wrote:
>
>
> On 10/17/2016 11:41 AM, Daniel Kahn Gillmor wrote:
>> On Mon 2016-10-17 06:31:16 -0400, Martin T wrote:
>>
>>> I am aware that one can update all the keys in loca
On 10/17/2016 11:41 AM, Daniel Kahn Gillmor wrote:
> On Mon 2016-10-17 06:31:16 -0400, Martin T wrote:
>
>> I am aware that one can update all the keys in local-keyring from a
>> keyserver using "gpg --refresh-keys". Are there any disadvantages to
>> simply put
I forgot to send it to the list as well...
Forwarded Message
Subject: Re: regular update of all keys from a keyserver
Date: Mon, 17 Oct 2016 16:20:00 +
From: Stephan Beck
Reply-To: st...@mailbox.org
To: Martin T
Hi Martin,
Martin T:
> Hi,
>
> I am aware tha
On Mon 2016-10-17 06:31:16 -0400, Martin T wrote:
> I am aware that one can update all the keys in local-keyring from a
> keyserver using "gpg --refresh-keys". Are there any disadvantages to
> simply put this command into user crontab and execute for example once
> a day?
> I am aware that one can update all the keys in local-keyring from a
keyserver
> using "gpg --refresh-keys". Are there any disadvantages to simply put this
> command into user crontab and execute for example once a day?
Not that I know of. Some people will tell you that &qu
Hi,
I am aware that one can update all the keys in local-keyring from a
keyserver using "gpg --refresh-keys". Are there any disadvantages to
simply put this command into user crontab and execute for example once
a day?
thanks,
Martin
___
G
Thank you, dkg for Cc-ing.
On 09/29/2015 02:05 AM, Daniel Kahn Gillmor wrote:
> On Sun 2015-09-27 22:04:40 -0400, SGT. Garcia wrote:
>> On Thu, Sep 24, 2015 at 11:09:28PM -0400, Daniel Kahn Gillmor wrote:
>>> You might be interested in libpam-poldi:
>>>
>>> http://www.g10code.com/p-poldi.html
>>
On Sun 2015-09-27 22:04:40 -0400, SGT. Garcia wrote:
> On Thu, Sep 24, 2015 at 11:09:28PM -0400, Daniel Kahn Gillmor wrote:
>> You might be interested in libpam-poldi:
>>
>> http://www.g10code.com/p-poldi.html
>
> i get 'not found' error. google finds me this:
> http://www.schiessle.org/howto/pol
On 26/11/14 19:52, Tristan Santore wrote:
> On 26/11/14 19:37, da...@gbenet.com wrote:
>> Hi Al,
>>
>> As so many have been aware, I tried LUbuntu amd64 LXDE with Thunderbird and
>> Enigmail - which
>> singularly failed to sign or even encrypt. I made add that Kleopatra Kgpg
>> GPA also failed to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2014-11-27 07:56, Tristan Santore wrote:
> Fedora is not dodgy! We only support Fedora for 2 releases + 1
> month! Stop using unsupported distributions then. Quite an ignorant
> statement to make. And that is the last I am writing.
More proof th
On 26/11/14 20:53, da...@gbenet.com wrote:
> On 26/11/14 19:52, Tristan Santore wrote:
>> On 26/11/14 19:37, da...@gbenet.com wrote:
>>> Hi Al,
>>>
>>> As so many have been aware, I tried LUbuntu amd64 LXDE with Thunderbird and
>>> Enigmail - which
>>> singularly failed to sign or even encrypt. I
On 26/11/14 19:37, da...@gbenet.com wrote:
> Hi Al,
>
> As so many have been aware, I tried LUbuntu amd64 LXDE with Thunderbird and
> Enigmail - which
> singularly failed to sign or even encrypt. I made add that Kleopatra Kgpg GPA
> also failed to
> work.
>
> As some of you are stuck with the min
Hi Al,
As so many have been aware, I tried LUbuntu amd64 LXDE with Thunderbird and
Enigmail - which
singularly failed to sign or even encrypt. I made add that Kleopatra Kgpg GPA
also failed to
work.
As some of you are stuck with the mind-set that the earth is flat eg "Oh it
works for me
there
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Saturday 22 November 2014 at 3:01:02 PM, in
, Hauke Laging wrote:
> You can change the subkeys (encryption, signing) easily
> but not the mainkey (the one the fingerprint refers
> to). But hardly any GnuPG out there can use ECC now.
Newl
Am Fr 21.11.2014, 20:17:38 schrieb Patrick Schleizer:
> is it possible to update an existing (RSA) gpg key to ECC?
>
> Or would a usual transition process be required?
You can change the subkeys (encryption, signing) easily but not the
mainkey (the one the fingerprint refers to). B
Hi,
is it possible to update an existing (RSA) gpg key to ECC?
Or would a usual transition process be required?
Cheers,
Patrick
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On Tue, 18 Nov 2014, Werner Koch wrote:
On Mon, 17 Nov 2014 21:01, j...@panix.com said:
Have you sat down, in front of one or more of the computers at
issue here, with a friend who is experienced and willing to help?
That is what I was about to suggest - having a second pair of eyeballs
On Mon, 17 Nov 2014 21:01, j...@panix.com said:
> Have you sat down, in front of one or more of the computers at
> issue here, with a friend who is experienced and willing to help?
That is what I was about to suggest - having a second pair of eyeballs
looking at a problem very often solves a prob
On 11/17/2014 3:01 PM, Jay Sulzberger wrote:
>
> [a lot of stuff with no quote-editing]
>
Please, guys. Werner has asked for us to trim our quotes, not to just
quote the other person's email in full. Let's do that, okay?
___
Gnupg-users mailing list
On Mon, 17 Nov 2014, da...@gbenet.com wrote:
Having spent many many days on this problem I have failed to come with any
working solution.
Running a 64 bit version of LUbuntu does not work. This is a real fact of life
no matter
what all you people say. It does not work for me. I have tried F
Having spent many many days on this problem I have failed to come with any
working solution.
Running a 64 bit version of LUbuntu does not work. This is a real fact of life
no matter
what all you people say. It does not work for me. I have tried Fedora-16 64 bit
in the past
- it failed - I tried
Am 27.10.2014 um 19:20 schrieb Robert J. Hansen:
> Just received word back from a friend of mine who's a law professor
> focusing in electronic civil liberties, and is a former Commissioner of
> the FCC to boot. He's skeptical that ITAR/EAR enforcement will affect
> U.S. hackers participating in l
I'll add my +1 to the request
On Oct 28, 2014 12:08 AM, "Bob Holtzman" wrote:
> On Mon, Oct 27, 2014 at 02:20:36PM -0400, Robert J. Hansen wrote:
> > Just received word back from a friend of mine who's a law professor
> > focusing in electronic civil liberties, and is a former Commissioner of
> >
On Mon, Oct 27, 2014 at 02:20:36PM -0400, Robert J. Hansen wrote:
> Just received word back from a friend of mine who's a law professor
> focusing in electronic civil liberties, and is a former Commissioner of
> the FCC to boot. He's skeptical that ITAR/EAR enforcement will affect
> U.S. hackers p
On 27/10/14 20:51, Robert J. Hansen wrote:
>> Since you seem to be requesting it explicitly, I'll share that I'm
>> interested personally.
>
> I just don't want to ask my friend to put together something on the
> subject and then discover there's no interest in it -- it seems
> disrespectful to Pr
On Mon, Oct 27, 2014 at 03:51:04PM -0400, Robert J. Hansen wrote:
> I just don't want to ask my friend to put together something on the
> subject and then discover there's no interest in it -- it seems
> disrespectful to Professor Johnson. :)
I think there will be great interest on the list for i
>He rather likes writing short essays on law. If there's interest, I'll
>try and talk him into writing something layman-friendly about ITAR/EAR
I would be interested.
Thanks,
Terry
From: Robert J. Hansen
To: "gnupg-users@gnupg.org"
Sent: Monday, October 27, 201
> Since you seem to be requesting it explicitly, I'll share that I'm
> interested personally.
I just don't want to ask my friend to put together something on the
subject and then discover there's no interest in it -- it seems
disrespectful to Professor Johnson. :)
__
On 10/27/2014 02:20 PM, Robert J. Hansen wrote:
> If there's interest, I'll
> try and talk him into writing something layman-friendly about ITAR/EAR,
> cryptography, and the First Amendment.
Robert,
Since you seem to be requesting it explicitly, I'll share that I'm interested
personally.
Just received word back from a friend of mine who's a law professor
focusing in electronic civil liberties, and is a former Commissioner of
the FCC to boot. He's skeptical that ITAR/EAR enforcement will affect
U.S. hackers participating in libre software development. More than
that I can't/should
The FAQ that was mentioned earlier this year is still being worked
on/revised. Werner requested that we shift to using org-mode
formatting, so I took the XML markup and wrote a small script to convert
it to org-mode.
There is a GitHub repo set up for the FAQ at:
http://github.com/rjhanse
turn it off:
keyserver-options no-honor-keyserver-url
But then of course, the user is responsible for finding updates themselves.
> If such an "automatic update" is added, I'd like to have an additional
> option to define the maximum update interval. This allows everybod
e default configuration in my mind.
If such an "automatic update" is added, I'd like to have an additional
option to define the maximum update interval. This allows everybody to
define his own tradeoff. With a default value of for example 24 hours,
public keys are still kept fairl
On Jun 15, 2012, at 12:33 PM, John Clizbe wrote:
>> It's a similar problem in type as auto-key-retrieve or auto-key-locate, but
>> it's a different problem in degree: both AKR and AKL fire only as needed
>> (either when a key is needed for sig verification, or when a key is needed
>> to encrypt to
On 15/06/12 18:33, John Clizbe wrote:
> You remember where that was? Sounds interesting, and I have plenty of
> keyservers here at home to choose from.
Werner mentioned it[1] in his reply to this thread:
> You should be able to use
>
> --auto-key-locate nodefault,keyserver -r f...@example.org
David Shaw wrote:
> On Jun 14, 2012, at 4:34 PM, Robert J. Hansen wrote:
>
>>> 1) If the keyserver (of whatever type) isn't reachable...
>>
>> As you say, easy to solve: agreed.
>>
>>> 2) Concern that enough people turning this feature on would add
>>> significant load to the keyserver network.
On Jun 14, 2012, at 4:34 PM, Robert J. Hansen wrote:
>> 1) If the keyserver (of whatever type) isn't reachable...
>
> As you say, easy to solve: agreed.
>
>> 2) Concern that enough people turning this feature on would add
>> significant load to the keyserver network...
>
> An open question and
1) If the keyserver (of whatever type) isn't reachable...
As you say, easy to solve: agreed.
2) Concern that enough people turning this feature on would add
significant load to the keyserver network...
An open question and one we'd need to address: agreed.
3) It leaks information more than
On Thu, 14 Jun 2012 19:48, r...@sixdemonbag.org said:
> We already have something similar to this in --auto-key-retrieve, and
> the same warnings about that option probably also apply here. The
> principal difference would seem to be that auto-key-retrieve only
> fetches certificates that are not
always-on
> and fairly reliable internet connectivity, perhaps it makes sense to add a
> new option: "update-before-use" (and its "no-update-before-use").
>
> This option would only be effective if a --keyserver option is also in use.
>
> When the update-before-
1 - 100 of 125 matches
Mail list logo
