Re: fingerprint associated public key does not match displayed public key

hard way you have only yourself to > blame. First learn how to use GnuPG, and then figure out how to use > GnuPG like you would if it was 1992 after you've got your basic skills down. > > > and... I was hoping that, since I have your email, key ID, and fingerprint > &g

Re: fingerprint associated public key does not match displayed public key

Am 18.12.21 um 19:07 schrieb Ingo Klöcker: > On Freitag, 17. Dezember 2021 18:04:04 CET S.B. via Gnupg-users wrote: >>> Otherwise, you can simply send your exported key to the person you want to >>> give your public key to. >> >> Yeah so, I can attach the .asc file that's in my Disk/users/SamiBadri

Re: fingerprint associated public key does not match displayed public key

e your email, key ID, and fingerprint ;) I could write an encrypted message to your sixdemonbag email. I'd completely understand if you'd rather not. I just have now found myself luring friends and relatives into learning this with me and exchanging encrypted emails and... it's not

Re: fingerprint associated public key does not match displayed public key

sure what you are doing. Otherwise, in the extreme, you could > jeopardize the lives of other people. > > > Can I copy/paste and send > > that as a txt attachment? Will they be able to do anything with it? > > For instance, let's say they don't have my email, key

Re: fingerprint associated public key does not match displayed public key

ate encryption software like kleopatra. I wanted to know how to do it with just gpg and any email provider. It's difficult, and I have a lot to learn. and... I was hoping that, since I have your email, key ID, and fingerprint ;) I could write an encrypted message to your sixdemonbag email.

Re: fingerprint associated public key does not match displayed public key

eme, you could jeopardize the lives of other people. > Can I copy/paste and send > that as a txt attachment? Will they be able to do anything with it? > For instance, let's say they don't have my email, key ID, or > fingerprint, only the pgp public key block (aka certifica

Re: fingerprint associated public key does not match displayed public key

> On 18 Dec 2021, at 02:25, Robert J. Hansen via Gnupg-users > wrote: > > As the FAQ says, "The good news is the internet is a treasure trove of > information. The bad news is that the internet is a festering sewer of > misinformation, conspiracy theories, and half-informed speculations all

Re: fingerprint associated public key does not match displayed public key

What other keys would it hold? Behold: pub ed25519/1E7A94D4E87F91D5 2021-02-22 [SC] 7D8EC4B85B6FEDD6C10D3C791E7A94D4E87F91D5 uid [ultimate] Robert J. Hansen uid [ultimate] Robert J. Hansen sub cv25519/7D6CCDB66CA1202F 2021-02-22 [E] My public certif

Re: fingerprint associated public key does not match displayed public key

> Key(s): a certificate holds at least one, but usually more than one. I see. So, a certificate (aka pgp public key block) holds at least one key (+ pertinent metadata that changes/updates depending on use, etc.), but usually more. What other keys would it hold? The paired secret key? No. Oth

Re: fingerprint associated public key does not match displayed public key

The document snapshot analogy really helps. I'm glad it's helped! No, and I'm going to strongly encourage you to stop asking implementation questions. I think I'll take that advice. When you think you're ready, we'll be here to answer your implementation questions. It would break my hear

Re: fingerprint associated public key does not match displayed public key

's my public key certificate). Can I copy/paste and send that as a txt attachment? Will they be able to do anything with it? For instance, let's say they don't have my email, key ID, or fingerprint, only the pgp public key block (aka certificate), can you do anything with a txt-type file

Re: fingerprint associated public key does not match displayed public key

> Think of them as two different snapshots of the same document at different points in time, as various minor edits are made to it. But the important bits, the stuff you care about, will be consistent through revisions so long as the fingerprint remains unchanged. The document snapshot anal

Re: fingerprint associated public key does not match displayed public key

ad if you haven't done so already: https://gnupg.org/faq/gnupg-faq.html On Freitag, 17. Dezember 2021 02:43:25 CET S.B. via Gnupg-users wrote: > When you want to give someone your public key, do you normally just > give your email, fingerprint, key ID, or the armor form key block? The e

Re: fingerprint associated public key does not match displayed public key

user IDs present on the keyserver copy, or vice-versa. Think of them as two different snapshots of the same document at different points in time, as various minor edits are made to it. But the important bits, the stuff you care about, will be consistent through revisions so long as the finger

Re: fingerprint associated public key does not match displayed public key

Thank you guys. This is helping. No, I did not export the key. Using the fingerprint, I downloaded the asc file from openpgp.org and placed it into my disk/users/SamiBadri, and then used the command: cat filename, to reveal the key block. That key block did not match the one on his profile

Re: fingerprint associated public key does not match displayed public key

Hi S.B., * "S.B. via Gnupg-users" [2021-12-16; 10:37]: > maybe I'm not explaining it well. I was able to import a public key using: > > gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys fingerprint* > > the fingerprint was provided to me by the intended reci

Re: fingerprint associated public key does not match displayed public key

when i compared the imported pgp public key block (which I obtained using the import command and the provided fingerprint) to the displated pgp public key block, they didn't match shouldn't they match? No. The key block is not a human-readable format. It's a binary format tha

Re: fingerprint associated public key does not match displayed public key

On Donnerstag, 16. Dezember 2021 16:37:30 CET S.B. via Gnupg-users wrote: > maybe I'm not explaining it well. Indeed. > I was able to import a public key using: > > gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys fingerprint* > > the fingerprint was provide

Re: fingerprint associated public key does not match displayed public key

maybe I'm not explaining it well. I was able to import a public key using: gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys fingerprint* the fingerprint was provided to me by the intended recipient via their profile page. the profile page also displayed the pgp public key block w

Re: fingerprint associated public key does not match displayed public key

On Donnerstag, 16. Dezember 2021 12:52:28 CET S.B. via Gnupg-users wrote: > Here is my situation: I have imported a public key using > gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys fingerprint* > > *provided by the intended recipient on their profile page > > The per

fingerprint associated public key does not match displayed public key

OS Monterey (v. 12.0.1) Here is my situation: I have imported a public key using gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys fingerprint* *provided by the intended recipient on their profile page The person also displayed the pgp public key block text (in armor) but not as an asc file.

Re: Best way to get fingerprint programatically

On Wed, 18 Dec 2019 11:51, john doe said: > By any chance, could something like the following be implemented?: > > $ gpg -K --print-fingerprint-only test I doubt that this helps because the only way to get a single result is to use the fingerprint for . Thus a second info item would be

Re: Best way to get fingerprint programatically

On 12/18/19 10:56 , Andrew Gallagher wrote: > On 18/12/2019 09:32, Werner Koch via Gnupg-users wrote: >> The -F:: is an interesting hack but Andrew's or my variant works >> with all AWK implementations: >> >>awk -F: '$1=="fpr" {print $10}' | head -1 > Aha, I forgot about handling multiple

Re: Best way to get fingerprint programatically

an avoid unneeded pipe redirection! :) By any chance, could something like the following be implemented?: $ gpg -K --print-fingerprint-only test Which would only print the fingerprint to avoid the awk redirection altogether. -- John Doe ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Best way to get fingerprint programatically

On 18/12/2019 09:32, Werner Koch via Gnupg-users wrote: > The -F:: is an interesting hack but Andrew's or my variant works > with all AWK implementations: > >awk -F: '$1=="fpr" {print $10}' | head -1 Aha, I forgot about handling multiple results. Note that you don't need head if you're a

Re: Best way to get fingerprint programatically

On Wed, 18 Dec 2019 08:19, john doe said: > In other words, why '--quick-set-expire' requires a fingerprint and does > not accept a . Only the fingerprint is a unique identifier for the keyblock (aka certificate, public key). Allowing a User-id would require extra code in gpg a

Re: Best way to get fingerprint programatically

On 18/12/2019 07:19, john doe wrote: > $ gpg --quick-set-expire $(gpg --with-colons -k test | awk -F: > 'NR==3{print substr($2,1,length($2)-1)}') 1d > > I'm just wondering if there isn't a better, programatically, way to go > about it? Your awk looks awkward to me. What about this instead?

Best way to get fingerprint programatically

Hi, I'm using the following command to get the fingerprint to quickly change the expiration date on a key. $ gpg --quick-set-expire $(gpg --with-colons -k test | awk -F: 'NR==3{print substr($2,1,length($2)-1)}') 1d I'm just wondering if there isn't a better, p

Re: Public vs Private Fingerprint

Hello all, >> On 14 Aug 2018, at 13:43, Damien Goutte-Gattat via Gnupg-users >> wrote: >> >>> On 08/14/2018 12:05 PM, Ralph Corderoy wrote: >> >> A [V4] fingerprint is the 160-bit SHA-1 hash of the octet 0x99, >> followed by the two-octet packet

Public vs Private Fingerprint

2 [1]): > A [V4] fingerprint is the 160-bit SHA-1 hash of the octet 0x99, > followed by the two-octet packet length, followed by the entire > *Public-Key packet* starting with the version field. Damien [1] https://tools.ietf.org/html/rfc4880#section-12.2 signature.asc Description:

Re: Public vs Private Fingerprint

Hi Damien, > Actually there's no such thing as a private key fingerprint. > Fingerprints are only calculated on public keys. That was my conclusion after having searched a bit this morning, but I didn't notice it explicitly documented? -- Cheers, Ralph. https://plus.google.co

Re: Public vs Private Fingerprint

On 08/14/2018 05:20 AM, Damian Rivas wrote: > Is there a reason why the fingerprints for my public and private keys are > exactly the same? Actually there's no such thing as a private key fingerprint. Fingerprints are only calculated on public keys. (Theoretically you *could

Public vs Private Fingerprint

Hello, Is there a reason why the fingerprints for my public and private keys are exactly the same? I'm new to encryption and this may be a dumb question so I apologize in advance. I just can't seem to find a straightforward answer to this on Google. -Damian __

Re: fingerprint of key

On Thu 2017-08-17 22:39:21 -0300, Duane Whitty wrote: > Sounds like a good approach but for someone who has more public keys > stored than me. I only exchange encrypted email with a very, very > small group of people and I am in regular voice communication with > them. If you're going to manage a

Re: fingerprint of key

On Thu 2017-08-17 22:48:36 -0300, Duane Whitty wrote: > Well, I'm not familiar enough with the arcana to say whether it should > be done away with or not but, I am a big believer in software not > trying to guess what I want. As you said, in version 2.1 GnuPG would > have complained that I hadn't

Re: fingerprint of key

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 17-08-17 09:20 PM, Daniel Kahn Gillmor wrote: > On Mon 2017-08-14 22:12:18 -0300, Duane Whitty wrote: >> Actually one suggestion, the way options and commands are >> specified look the same. It might make things clearer if there >> was a differ

Re: fingerprint of key

not* sensible, please complain > to VirtualBox!). Then all future updates can be verified against > the same key. > > Do you see how that's better than fetching the key each time? > Well, I see it potentially as less work but not less risk. I downloaded the key using wget

Re: fingerprint of key

On Mon 2017-08-14 22:12:18 -0300, Duane Whitty wrote: > Actually one suggestion, the way options and commands are specified > look the same. It might make things clearer if there was a difference > in the way they are expressed on the command line. Perhaps keep the > "--" for options and enter co

Re: fingerprint of key

usually end up being challenged by is importing > keys into my keyring and on being able to choose which UID I want to > sign with. Maybe that just means I don't know the software well enough. You don't sign with a UID, you sign with a key. > The approach I took was "gpg

Re: fingerprint of key

load from the source > they expected, in this case via apt or apt-get, etc. from an Oracle > repo. > > >>> Before I go down the road on offering an opinion on how the >>> man page should be "fixed" (maybe it's not really broken) can >>> you ex

Re: fingerprint of key

fore I go down the road on offering an opinion on how the man >> page should be "fixed" (maybe it's not really broken) can you >> explain why it would be bad to let gpg generate and display the >> fingerprint of a key in an ascii armoured file? > > I'm n

Re: fingerprint of key

Can you say more about why you don't want to import the key, and why you prefer to fetch it each time? > Before I go down the road on offering an opinion on how the man page > should be "fixed" (maybe it's not really broken) can you explain why > it would be bad to let

Re: fingerprint of key

nse. If I may quote you: "the trouble with these two invocations of gpg is that they offer no command. Each invocation of GnuPG is supposed to include exactly one command and zero or more options. ..." I ran gpg2 --with-fingerprint oracle_vbox.asc which did what I wanted and I rece

Re: fingerprint of key

On Mon 2017-08-14 13:25:58 -0300, Duane Whitty wrote: > Thanks for your response. So, what you are saying is that the man > page is wrong ;-) I didn't think that was what i was saying, but there have certainly been bugs in the documentation in the past. Is there specific text that you think is w

Re: fingerprint of key

On Mon 2017-08-14 15:09:22 -0400, Todd Zullinger wrote: > $ gpg --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-25-primary > pub 4096R/FDB19C98 2016-03-31 Fedora 25 Primary (25) > > Key fingerprint = C437 DCCD 558A 66A3 7D6F 4372 4089 D8F2 FDB1 9C98 &g

Re: fingerprint of key

Daniel Kahn Gillmor wrote: with more modern versions of gnupg, you can just use: gpg --with-fingerprint --import-options show-only --import < public-key-file.asc FWIW, I've used "gpg --with-fingerprint public-key-file.asc" for what seems like years to do this sort of

Re: fingerprint of key

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 17-08-14 12:14 PM, Daniel Kahn Gillmor wrote: > On Mon 2017-08-14 03:32:08 -0300, Duane Whitty wrote: >> I was recently trying to compare the fingerprint of a key I >> downloaded to its online stated value. I thought I shoul

Re: fingerprint of key

On Mon 2017-08-14 03:32:08 -0300, Duane Whitty wrote: > I was recently trying to compare the fingerprint of a key I downloaded > to its online stated value. I thought I should be able to accomplish > my goal with "gpg --fingerprint public-key-file.asc". Gpg returned > "

fingerprint of key

trying to compare the fingerprint of a key I downloaded to its online stated value. I thought I should be able to accomplish my goal with "gpg --fingerprint public-key-file.asc". Gpg returned "gpg: error reading key: No public key" So I did a search and found --with-fingerprint

Re: gnupg 2.1.16: change of option --with-fingerprint

On Sat, 1 Jul 2017 16:46, linux_nutze...@mailbox.org said: > When I tried to import a CentOS gpg key according to the manual from [1], I > made the following observation: > > "gpg --quiet --with-fingerprint " does not return the fingerprint > when using gnupg 2.1.17 (

gnupg 2.1.16: change of option --with-fingerprint

Hello all, did the function of the option --with-fingerprint change in gnupg 2.1.16 and later? When I tried to import a CentOS gpg key according to the manual from [1], I made the following observation: "gpg --quiet --with-fingerprint " does not return the fingerprint when using gn

Re: Creating Unique Fingerprint

d like to generate a key with "unique 40" >> fingerprint. eg 1: Starts with ABCD ... eg 2: Starts with >> AXXX ... XXXA ends with A eg 3: ... without any '0' >> character at all How would I go about writi

Re: Creating Unique Fingerprint

Google is a pretty great tool for this kind of things. Here is one of the results I found: https://github.com/Valodim/pgp-vanity-keygen As far as I can tell from the source, it uses the method I suggested, decreasing timestamp one by one, and it finds a fingerprint that ends in a given string of

Re: Creating Unique Fingerprint

Hi everyone Thanks for your input so far. I am surprised to learn about the suggested methods. For my example 1, I had assumed there would be only (1/16)^4 combinations so it should be fairly quick (i.e. less than a week to find one). Let say for now, I just want my full fingerprint to start

Re: Creating Unique Fingerprint

The easiest strategy, of course, is to simply use gpg to generate a key and check its fingerprint until you get the one you need (see batch mode). Generation of an RSA 2048 key is taking around a second, so e.g. for your example #1 (four bytes fixed) we are talking tens of hours or ones of days

Re: Creating Unique Fingerprint

On 06/18/2017 07:23 PM, Long Si wrote: > Hi > > I am on Linux, and would like to generate a key with "unique 40" fingerprint. > > eg 1: Starts with ABCD ... > > eg 2: Starts with AXXX ... XXXA ends with A > > eg 3: ... without any &#x

Re: Creating Unique Fingerprint

Am Mon, 19 Jun 2017 10:23:58 +0800 schrieb Long Si : > Hi > > I am on Linux, and would like to generate a key with "unique 40" > fingerprint. > > eg 1: Starts with ABCD ... > > eg 2: Starts with AXXX ... XXXA ends with A > > eg 3: .

Creating Unique Fingerprint

Hi I am on Linux, and would like to generate a key with "unique 40" fingerprint. eg 1: Starts with ABCD ... eg 2: Starts with AXXX ... XXXA ends with A eg 3: ... without any '0' character at all How would I go about writing such a script? Don'

Overwriting a fingerprint in card-status

Hello, I have a key on a smartcard and at some point I added it as a subkey to a different primary key by giving its keygrip in `--expert` mode. This works great but I recently realised that when this was done its fingerprint changed and as a result a wrong fingerprint is now stored in the card

Re: How to show fingerprint in email header?

Peter Lebbing writes: > Enigmail puts the following in my mails: > > Openpgp: id=8FA94E79AD6AB56EE38CE5CBAC46EFE6DE500B3E; > url=http://digitalbrains.com/2012/openpgp-key-peter > > I think that is the generally accepted method to give both a fingerprint > and a URL. I

Re: How to show fingerprint in email header?

Daniel Kahn Gillmor writes: > This is probably more of a question for your mail user agent than for > GnuPG, since GnuPG doesn't send mail. What program do you use to send > mail? I am using Gnus. I know how to edit email header. I want to know Openpgp: style still alive or not. Sorry my poor E

Re: How to show fingerprint in email header?

Werner Koch writes: > Here is what I use: > > OpenPGP: url=https://k.gnupg.net/80615870F5BAD690333686D0F2AD85AC1E42B367 > > This is a complete URL of our dedicated keyserver with the finperint > appended. How to configure this depends on your mailer. I do this in > Gnus: Is this style still

Re: How to show fingerprint in email header?

On Thu 2017-06-08 22:05:40 +0900, Satoshi Yoshida wrote: > How to show fingerprint in email header? > I found > https://datatracker.ietf.org/doc/draft-josefsson-openpgp-mailnews-header/ > But it is expired. This is probably more of a question for your mail user agent than for GnuPG,

Re: How to show fingerprint in email header?

On 08/06/17 15:05, Satoshi Yoshida wrote: > How to show fingerprint in email header? Enigmail puts the following in my mails: Openpgp: id=8FA94E79AD6AB56EE38CE5CBAC46EFE6DE500B3E; url=http://digitalbrains.com/2012/openpgp-key-peter I think that is the generally accepted method to give bot

Re: How to show fingerprint in email header?

On Thu, 8 Jun 2017 15:05, sato...@linux.com said: > https://datatracker.ietf.org/doc/draft-josefsson-openpgp-mailnews-header/ Here is what I use: OpenPGP: url=https://k.gnupg.net/80615870F5BAD690333686D0F2AD85AC1E42B367 This is a complete URL of our dedicated keyserver with the finperint app

How to show fingerprint in email header?

How to show fingerprint in email header? I found https://datatracker.ietf.org/doc/draft-josefsson-openpgp-mailnews-header/ But it is expired. -- Satoshi Yoshida https://satoshi.blog ___ Gnupg-users mailing list Gnupg-users@gnupg.org http

Re: sha1 pgp fingerprint

On Thu, 26 Jan 2017 10:56, pe...@digitalbrains.com said: > second-preimage attack. The problems with SHA-1 are with collision > resistance, not preimage attacks. Correct, but we should also mention that even collissions are not yet a current problem - but one we definitely want to be prepared for

Re: sha1 pgp fingerprint

On 26/01/17 00:47, sivmu wrote: > The question I have not yet found any clear answer for, is why is nobody > talking about this and should pgp keys be identified by a stronger hash > alogrithm in the future? Subverting SHA-1 as used for OpenPGP fingerprints requires a second-preimage attack. The p

Re: sha1 pgp fingerprint

On 01/26/2017 12:47 AM, sivmu wrote: The question I have not yet found any clear answer for, is why is nobody talking about this and should pgp keys be identified by a stronger hash alogrithm in the future? People *do* talk about this. But a change of the hash algorithm used for fingerprinting

sha1 pgp fingerprint

I have been wondering for a while about the use of sha1 in pgp fingerprints. Although sha1 may not be easily broken in practise, there are theoreticall collosion attacks that are feasible for well funded organisations. Cryptographers, like Bruce Schneier, have been recommending for years to migra

Re: gpg --encrypt-to says a key by fingerprint is ambigous

u show us the output of --list-keys for that fingerprint? Doug -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBCAAGBQJWjXJNAAoJEFzGhvEaGryErNkH/2e81P2zaHt+EM0gvJp9VgrD BqdiH6p8pzYLvQK1iVgMRymQXCjFhJWDFvWl1enOIeJbiO5OVHiK9vIuRRC7O3mF mN0s84illeJfIHBjYANt7fdpUhHr/rQ+KY

gpg --encrypt-to says a key by fingerprint is ambigous

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hello, When I use gpg --encrypt-to I am getting this: gpg --encrypt-to 06195004D8FBF459786B2CA2D731496480A63D5A gpg: key specification '06195004D8FBF459786B2CA2D731496480A63D5A' is ambiguous gpg: (check argument of option '--encrypt-to') gpg: '0619

Re: What is 'CA fingerprint 1' on Smartcard

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Am 03.04.2015 um 13:14 schrieb Werner Koch: > Back in 2005 the idea was to setup our own OpenPGP "CA" and the > FSFE prepared the cards for this (this is also one of the the > reasons for the PIN letter). However, the folks responsible for > the

Re: What is 'CA fingerprint 1' on Smartcard

On Tue, 31 Mar 2015 18:50, mailingl...@krebs.uno said: > What is the CA fingerprint on FSFE-Smartcard? $ gpg -k 'C485 A6CD 7EC6 6E9E EC33 65F2 70F2 75E4 C32F 6CA5' pub dsa1024/70F275E4C32F6CA5 2005-04-10 [expired: 2009-12-31] uid [ expired] FSFE Fellowship (cert

Re: What is 'CA fingerprint 1' on Smartcard

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Am 02.04.2015 um 04:40 schrieb NIIBE Yutaka: > It seems that it's intended to be hold a fingerprint of OpenPGP, > but it is not clear what/how this fingerprint is used for. > > From a view point of scdaemon developer, I don't

Re: What is 'CA fingerprint 1' on Smartcard

On 04/01/2015 01:50 AM, Daniel Krebs wrote: > What is the CA fingerprint on FSFE-Smartcard? > > A gpg2 --car-status gave the information: > CA fingerprint 1 .: C485 A6CD 7EC6 6E9E EC33 65F2 70F2 75E4 C32F 6CA5 Well, I can't find a key with this fingerprint on key servers. >

What is 'CA fingerprint 1' on Smartcard

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, Hope this question is OK on this list. What is the CA fingerprint on FSFE-Smartcard? A gpg2 --car-status gave the information: CA fingerprint 1 .: C485 A6CD 7EC6 6E9E EC33 65F2 70F2 75E4 C32F 6CA5 This is a smartcard issued by the FSFE. After

Re: Issuer Fingerprint

On Wed, 14 Jan 2015 00:54, 2014-667rhzu3dc-lists-gro...@riseup.net said: > I thought we already took care of this with > sig-notation issuer-...@notations.openpgp.fifthhorseman.net=%g [0] But GnuPG does not know about this - it is Dkg's private thing. Further this triples the required size for e

Re: Issuer Fingerprint (was: Vanity Keys)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Tuesday 13 January 2015 at 11:33:25 AM, in , Werner Koch wrote: > Should be pursue this > task or take a quick solution by using notation data? I thought we already took care of this with sig-notation issuer-...@notations.openpgp.fifthhors

Issuer Fingerprint (was: Vanity Keys)

ing within the standard which will be backward compatible. We currently use this subpacket: 5.2.3.5. Issuer (8-octet Key ID) The OpenPGP Key ID of the key issuing the signature. A new optional subpacket: 5.2.3.27. IssuerFingerprint (N-octet Key Fingerprint) The OpenPGP Fingerpr

Re: Keygrip v fingerprint ?

On 30/11/14 01:32, Kristian Fiskerstrand wrote: > The keygrip is protocol-agnostic whereby the fingerprint would differ > e.g. between OpenPGP and X.509. From [0] (note "[2]"): > > The keygrip is a unique identifier for a key pair, it is > independent of any protocol, so

Re: Keygrip v fingerprint ?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 11/30/2014 12:23 AM, Philip Jackson wrote: > I see on : > > https://www.gnupg.org/documentation/manuals/gnupg/Option-Index.html#Option-Index > > references to both --with-keygrip and --with-fingerprint. When I > try

Keygrip v fingerprint ?

I see on : https://www.gnupg.org/documentation/manuals/gnupg/Option-Index.html#Option-Index references to both --with-keygrip and --with-fingerprint. When I try --with-keygrip on gnupg2.0.26, it appears not to be a valid option. The only other time I have seen a reference to a keygrip (and I

DANE (was: mailto with pgp fingerprint)

t; by the sender. > > > Shalom-Salam, > > Werner > -- Nicolai M. Josuttis www.josuttis.de mailto:n...@enigmail.net PGP fingerprint: CFEA 3B9F 9D8E B52D BD3F 7AF6 1C16 A70A F92D 28F5 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: mailto with pgp fingerprint

On Fri, 25 Jul 2014 14:44:54 +0100 MFPA <2014-667rhzu3dc-lists-gro...@riseup.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > Hi > > > On Friday 25 July 2014 at 2:01:28 PM, in > , > Schlacta, Christ wrote: > > > > On Jul 25, 2014 5:30 AM, "MFPA" > > <2014-667rhzu3dc-lists-g

Re: mailto with pgp fingerprint

MFPA wrote: > If I recall correctly, PGP's keyserver "PGP Global Directory" sends an > email to each email address in the uids when a key is submitted, and > only lists those uids whose email address replies. It re-sends these > verification emails every six months, and deletes keys if there is no

Re: mailto with pgp fingerprint

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Friday 25 July 2014 at 3:12:58 PM, in , Thomas Harning wrote: > While PGP Global Directory provides for some basic > level of "this email address belongs to this key"... > its key signing policy leads to "cruft" buildup. Yes, I wasn't prom

Re: mailto with pgp fingerprint

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Friday 25 July 2014 at 2:01:28 PM, in , Schlacta, Christ wrote: > On Jul 25, 2014 5:30 AM, "MFPA" > <2014-667rhzu3dc-lists-gro...@riseup.net> wrote: >> If I recall correctly, PGP's keyserver "PGP Global >> Directory" sends an email to each

Re: mailto with pgp fingerprint

On Jul 25, 2014 5:30 AM, "MFPA" <2014-667rhzu3dc-lists-gro...@riseup.net> wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > Hi > > > On Wednesday 23 July 2014 at 9:02:23 PM, in > , steve wrote: > > > > Wouldn’t it be a nice solution, if key server software > > had a mechanism for use

Re: mailto with pgp fingerprint

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Wednesday 23 July 2014 at 9:02:23 PM, in , steve wrote: > Wouldn’t it be a nice solution, if key server software > had a mechanism for users to verify their UserID by > sending a mail to the mail address in question. If I recall correctly,

Re: mailto with pgp fingerprint

On 24/07/14 02:14, Sam Gleske wrote: > I'm hoping keybase.io will hopefully resolve the > issue of identity checking with key fingerprints. I've just scanned through [1]. I'm not convinced. This quote is from the front page: > If you trust the client (our reference client is

Re: mailto with pgp fingerprint

Wouldn’t it be a nice solution, if key server software had a mechanism for users to verify their UserID by sending a mail to the mail address in question. Those verified keys then could be prioritized over the not verified keys when a search is done. Could still be faked, but would make faking a

Re: mailto with pgp fingerprint

owner and can't be changed by the > sender. > > > Shalom-Salam, > >Werner > > -- > Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. > > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org &g

Re: mailto with pgp fingerprint

On Tue, 22 Jul 2014 09:40, enigm...@josuttis.de said: > More and more we seem to have the problem of faked keys in the key > servers. This especially applies to "well known" keys such as > authors of magazines and famous tools. This is actually the problem of checking the validity of the key. Gran

mailto with pgp fingerprint

servers, but it should be easy to associate that with a (known) public key. So, I was wondering whether it is possible to force somehow the usage of a specific pgp key identified by its fingerprint. One obvious approach might be to extend the mailto format (see http://www.rfc-editor.org/rfc/rfc23

Re: "gpg --with-fingerprint $FILE" is not listing the keyfingerprint in some cases

On Wed, May 14, 2014 at 06:26:31PM +0200, Werner Koch wrote: > > Ah. Interesting. Should I file a proper bug against GnuPG then? > > Please do that. Done. https://bugs.g10code.com/gnupg/issue1640 Thanks, -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o

Re: "gpg --with-fingerprint $FILE" is not listing the keyfingerprint in some cases

On Wed, 14 May 2014 14:51, aaron.topo...@gmail.com said: > Ah. Interesting. Should I file a proper bug against GnuPG then? Please do that. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mail

Re: "gpg --with-fingerprint $FILE" is not listing the keyfingerprint in some cases

On Tue, May 13, 2014 at 11:30:21PM -0400, David Shaw wrote: > Looks like a bug. Note that on each of the keys that didn't work there is a > direct signature on the key. This is not very common, and is usually used > for a designated revoker (i.e. "I permit so-and-so to revoke my key for me"). > I

Re: "gpg --with-fingerprint $FILE" is not listing the keyfingerprint in some cases

On Wed, May 14, 2014 at 11:32:07AM +1000, Fraser Tweedale wrote: > This behaviour also occurs for me in 2.0.22. Instead of exporting > the key, you could use --list-keys, which works for me: Yeah, I'm not interesting in running it from the keyring, as I am assuming that the key is not imported, b

Re: "gpg --with-fingerprint $FILE" is not listing the keyfingerprint in some cases

On May 13, 2014, at 7:15 PM, Aaron Toponce wrote: > I don't know if this is a bug, or if I am doing something wrong, so I might as > well ask here. I ran the following command from my terminal, and cannot > retrieve the fingerprint from the file: > >$ gpg --output 0x

  1   2   3   >