The attachment contains the preliminary final BETA version for remote
signatures.
Patch and recompile gpg-1.4-* to get 2 new commands:
1) gpg --print-seed SHA1 ./dir/to_be_signed_file
Creates a signature seed. Can be combined with "--text".
2) gpg --sign-seed THE_SEED
Use the signature seed to c
Hi, David Shaw wrote:
> Anyway, that is (more or less) how I was expecting LDAP to be used. I
> never added LDAP auth because I wasn't sure exactly what was needed,
> and didn't want to implement it without some clear use case.
The pam_ldap module has optional "binddn" and "bindpw" configuration
Johan Wevers wrote:
>Henry Hertz Hobbit wrote:
>
>>Usually, if you are using a web interface to access your email, only the
>>initial authentication is done via SSL. After that if your URL address
>>shifts to using an "http://"; rather than the "https://"; you made your
>>initial connection with
Roscoe ha scritto:
Sure will.
gpg -c is what you want.
Make sure you are using a MDC, which means either using one of the
128bit blocksize ciphers (your gpg will probably use AES256 by
default, which is good - gpg -vc to find out) or passing the
--force-mdc option.
so no need to hash files
David Shaw wrote:
> 5) Make this file:
>
> cat > pgp.ldif
> dn: ou=PGP Keys,dc=DOMAIN,dc=COM
> objectclass: organizationalUnit
> ou: PGP Keys
>
> dn: cn=PGPServerInfo,ou=PGP Keys,dc=DOMAIN,dc=COM
Change this line to:
dn: cn=PGPServerInfo,dc=DOMAIN,dc=COM
beause GnuPG looks for PGPServerInfo unt
On Tue, Feb 21, 2006 at 05:21:25PM +0100, Walter Haidinger wrote:
> David Shaw wrote:
> > 5) Make this file:
> >
> > cat > pgp.ldif
> > dn: ou=PGP Keys,dc=DOMAIN,dc=COM
> > objectclass: organizationalUnit
> > ou: PGP Keys
> >
> > dn: cn=PGPServerInfo,ou=PGP Keys,dc=DOMAIN,dc=COM
>
> Change this li
On Tue, Feb 21, 2006 at 10:10:40AM +0100, Matthias Urlichs wrote:
> Hi, David Shaw wrote:
>
> > Anyway, that is (more or less) how I was expecting LDAP to be used. I
> > never added LDAP auth because I wasn't sure exactly what was needed,
> > and didn't want to implement it without some clear use
On Tue, Feb 21, 2006 at 01:15:08AM +0100, Walter Haidinger wrote:
> On Mon, 20 Feb 2006, David Shaw wrote:
>
> > LDAP had TLS support back in 1.3.5. HTTP and FTP just got TLS support
> > in 1.4.3. At one point, I started documenting the new options and
> > stopped because the man page would be e
On Tue, Feb 21, 2006 at 07:58:36PM +0100, Wolfgang Klein wrote:
> Is there any chance that there will be an implementation of GnuPG
> for Palm handhelds in the near future?
Not in the near future, no. There are vague possibilities if and when
the new Palm OS (aka "Linux on a Palm") comes out, bu
On Tue, Feb 21, 2006 at 11:12:32PM +0100, Walter Haidinger wrote:
> On Tue, 21 Feb 2006, David Shaw wrote:
>
> > > beause GnuPG looks for PGPServerInfo unter the base DN,
> > > not under dn="ou=PGP Keys,dc=DOMAIN,dc=COM".
> >
> > Not exactly. It looks for PGPServerInfo under each DN returned fro
On Tue, 21 Feb 2006, David Shaw wrote:
> > beause GnuPG looks for PGPServerInfo unter the base DN,
> > not under dn="ou=PGP Keys,dc=DOMAIN,dc=COM".
>
> Not exactly. It looks for PGPServerInfo under each DN returned from
> namingContexts in order. It may well check for
> "cn=PGPServerInfo,dc=DOM
On Tue, 21 Feb 2006, David Shaw wrote:
> On Tue, Feb 21, 2006 at 01:15:08AM +0100, Walter Haidinger wrote:
> > On Mon, 20 Feb 2006, David Shaw wrote:
> >
> > > LDAP had TLS support back in 1.3.5. HTTP and FTP just got TLS support
> > > in 1.4.3. At one point, I started documenting the new optio
On Tue, 21 Feb 2006, David Shaw wrote:
> On Tue, Feb 21, 2006 at 11:12:32PM +0100, Walter Haidinger wrote:
> > On Tue, 21 Feb 2006, David Shaw wrote:
> >
> > > > beause GnuPG looks for PGPServerInfo unter the base DN,
> > > > not under dn="ou=PGP Keys,dc=DOMAIN,dc=COM".
> > >
> > > Not exactly.
On Tue, Feb 21, 2006 at 11:42:56PM +0100, Walter Haidinger wrote:
> On Tue, 21 Feb 2006, David Shaw wrote:
>
> > On Tue, Feb 21, 2006 at 11:12:32PM +0100, Walter Haidinger wrote:
> > > On Tue, 21 Feb 2006, David Shaw wrote:
> > >
> > > > > beause GnuPG looks for PGPServerInfo unter the base DN,
>
On Tue, Feb 21, 2006 at 11:35:02PM +0100, Walter Haidinger wrote:
> > > > A LDAP keyserver would be useful as a company keyserver where people
> > > > inside the company IP range or an administrator can add keys, and the
> > > > rest of the world can just read.
> > >
> > > That eliminates tcp-wr
On Tue, 21 Feb 2006, David Shaw wrote:
> > > The problem here is remote authentication. Each user would need some
> > > way to authenticate to the LDAP server to give them the delete
> > > ability.
> >
> > Every user could get this own DN just for authentication, like
> > dn="uid=username,ou=
On Wed, Feb 22, 2006 at 01:07:48AM +0100, Walter Haidinger wrote:
> > Potentially dangerous. How sensitive is this password?
> > Is a mode 600 file secure for your usage?
>
> Yes, I'd think so. After all, we're talking about protecting
> a keystore of _public_ keys...
>
> If GnuPG could als
Francesco Turco wrote:
> i have disabled compression becouse files i have to encrypt are already
> compressed, and compression takes much more time then encryption.
>
> do you think it is a good choice?
>
IIRC GnuPG will detect if data is compressed before it tries to compress
it; if so, it won
18 matches
Mail list logo
