bad keysigning by Geotrust

2006-02-15 Thread Atom Smasher
this is what happens when someone signs a key that shouldn't be signed. it's based on an x.509 (hierarchical) trust model, not a pgp (distributed) trust model, but the consequences are the same: a certification signature that should not have been issued was issued. this is basically "mallory" c

[Announce] False positive signature verification in GnuPG

2006-02-15 Thread Werner Koch
False positive signature verification in GnuPG == Summary === The Gentoo project identified a security related bug in GnuPG. When using any current version of GnuPG for unattended signature verification (e.g. by scripts and ma

RE: Necessity of GPG when using SSL

2006-02-15 Thread Henry Hertz Hobbit
Jim Berland <[EMAIL PROTECTED]> wrote: >Hi everybody, > >I understand the use of GPG end-to-end-encryption and use it with a >few of my contacts. What I want to make sure is the following. > >I am going to move to China for some time. My email ISP is located >outside China and I connect to i

Re: Necessity of GPG when using SSL

2006-02-15 Thread Janusz A. Urbanowicz
On Tue, Feb 14, 2006 at 10:34:38PM +0100, Jim Berland wrote: > Hi everybody, > > I understand the use of GPG end-to-end-encryption and use it with a > few of my contacts. What I want to make sure is the following. > > I am going to move to China for some time. My email ISP is located > outsid

SmartCard and Keypad

2006-02-15 Thread Ralf Cordes
Hi, is there a possibility to tell gpg to use the keypad of my Cardreader for the Card-PIN? In this way everything would even be more safe. Greetings Ralf Cordes ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/

Re: OpenPGP smartcard: addcardkey fails

2006-02-15 Thread Lionel Elie Mamane
On Wed, Feb 15, 2006 at 07:50:17PM +0100, Lionel Elie Mamane wrote: > Hi, > > I'm trying to generate an authentication subkey (tied to my main > OpenPGP key) in my OpenPGP (FSFE Fellowship) smartcard (for poldi / > SSH use), but can't get it to work. gpg --edit-card and --card-status > works like

OpenPGP smartcard: addcardkey fails

2006-02-15 Thread Lionel Elie Mamane
Hi, I'm trying to generate an authentication subkey (tied to my main OpenPGP key) in my OpenPGP (FSFE Fellowship) smartcard (for poldi / SSH use), but can't get it to work. gpg --edit-card and --card-status works like a charm. Command> addcardkey gpg: detected reader `SCM SCR 335 (60600ad9) 00 0

Re: OpenPGP smartcard: addcardkey fails

2006-02-15 Thread Lionel Elie Mamane
On Wed, Feb 15, 2006 at 07:50:17PM +0100, Lionel Elie Mamane wrote: > I'm trying to generate an authentication subkey (tied to my main > OpenPGP key) in my OpenPGP (FSFE Fellowship) smartcard (for poldi / > SSH use), but can't get it to work. gpg --edit-card and --card-status > works like a charm.

Re: OpenPGP smartcard: addcardkey fails

2006-02-15 Thread Alphax
Lionel Elie Mamane wrote: > Hi, > > I'm trying to generate an authentication subkey (tied to my main > OpenPGP key) in my OpenPGP (FSFE Fellowship) smartcard (for poldi / > SSH use), but can't get it to work. gpg --edit-card and --card-status > works like a charm. > > > Command> addcardkey > gpg