GPG version trying to import: gpg (GnuPG) 2.0.14
Header from shared armored public key: Version: Encryption Desktop 10.3.0
(Build 8741)
GPG error on import:
# gpg --import /tmp/imps.asc
gpg: key 845F5188: no valid user IDs
gpg: this may be caused by a missing self-signature
gpg: Total number
I think "authenticity" covers the overtones much better than "validity", now
that you mention it. It even makes me wonder why it wasn't chosen in the first
place :). You have convinced me that it is the better term to use.
I'm not enthousiastic about "ownership", because it feels like a synonym to
Thank you, for your response.
[1]
-BEGIN PGP PUBLIC KEY BLOCK-
Version: Encryption Desktop 10.3.0 (Build 8741)
mQENBFE2VhMDCADMrztp76fxxpxtvbmPIEYqE+MAMhCn6guYS31S9DVZyz/qP1zu
9hp+XBj69W5L1P02I+Cvk9kKkuuC3Hz/xkJZQVFOLeHu0s6ipl8TME71STw+ADdq
Hj+FvxfkhlSwIlpIQAhb8zySbTJptME4kwoM1xASs+IjSWaO
Hi,
I've had a look at the various keys in a OpenPGP compatible client I'm writing
at the moment. All OpenPGP messages (including keys) are represented as a set
of packets, and my code has just reached the stage of deserializing the packets
and verifying some kinds of signatures, so it's good t
Hi, Daniel!
No
Please, re-read:
[4] Worse, they tried to export it again and we got this error:
# gpg --import /tmp/imps.asc
O j: ... this is a bug (sexp.c:1259:sexp_sscan)
Aborted
Key #2 gives me that bizarre error on trying to import it.
I do appreciate your analysis. I hope that a GP
On Apr 24, 2014, at 9:15 AM, helices wrote:
> Thank you, for your response.
>
> [1]
> -BEGIN PGP PUBLIC KEY BLOCK-
> Version: Encryption Desktop 10.3.0 (Build 8741)
[..]
> -END PGP PUBLIC KEY BLOCK-
Interesting! This definitely has a selfsig, but the key itself is very odd.
On 04/23/2014 06:13 PM, t...@piratemail.se wrote:
> This is a tiny bit philosophical. Perhaps a little off-topic. I think this is
> probably the best list to ask never-the-less.
>
> So I've been working on this pgp base web based mail service.
> https://github.com/timprepscius/mv
>
> Here is th
Thank you, David
For now, they have agreed to move forward with the new key pair that they
created yesterday, using that same "Encryption Desktop 10.3.0 (Build 8741)"
PGP is Symantec for several years now ...
It is strange to me that the newly created public key breezed through our
import process
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
NotDashEscaped: You need GnuPG to verify this message
Hi
On Wednesday 23 April 2014 at 10:00:41 PM, in
, Gabriel Niebler wrote:
> The average layperson already has a concept of
> "validity" from such things as credit cards ("valid
> thru"), mass
(The first attempt to send this message failed - so I'm resending it.)
Hello,
one of the features of OpenPGP v2 Smartcards is "Key generation on card".
>From this I would expect a high degree of security as the key is only stored
>on the smartcard and *never* touches the disk and therefore sho
On Apr 24, 2014 10:35 PM, "privacyfirst" wrote:
>
>
> (The first attempt to send this message failed - so I'm resending it.)
>
> Hello,
>
> one of the features of OpenPGP v2 Smartcards is "Key generation on card".
>
> From this I would expect a high degree of security as the key is only
stored on
Greetings
Is there a GnuPGP project anywhere that does PGP encryption that is usable in a
C# application? I know I can execute commands at a command line to do this, but
that would require the plaintext to reside on disk somewhere and I'd like to
avoid that. I'd also like to avoid having to rol
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Am 24.04.2014 11:13, schrieb Peter Lebbing:
> I think "authenticity" covers the overtones much better than
> "validity", now that you mention it. It even makes me wonder why it
> wasn't chosen in the first place :). You have convinced me that it
> is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Peter Lebbing has thankfully pointed out that, out of my two
suggestions, "authenticity" is the word that should be preferred.
I agree with him on this, so I shall use that word here.
> A key on my keyring is "valid" if it is not expired or revoked
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Isn't what you're talking about "verification?" I think the concept of
"validity" in PGP sort of implies that you have verified that the key
is valid for that particular user/e-mail address, but wouldn't it be
better to just say that explicitly?
An
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Am 25.04.2014 00:22, schrieb Doug Barton:
> Isn't what you're talking about "verification?"
To my mind, "verification" is the _process_ whereby the _properties_
like "validity" and "authenticity" are established*. I see a
difference there, but one c
> Please, re-read:
> [4] Worse, they tried to export it again and we got this error:
> # gpg --import /tmp/imps.asc
> O j: ... this is a bug (sexp.c:1259:sexp_sscan)
> Aborted
>
> Key #2 gives me that bizarre error on trying to import it.
>
Ah, sorry - I misunderstood your earlier email.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
NotDashEscaped: You need GnuPG to verify this message
Hi
On Thursday 24 April 2014 at 11:19:12 PM, in
, Gabriel Niebler wrote:
> Peter Lebbing has thankfully pointed out that, out of
> my two suggestions, "authenticity" is the word that
> should
Thank you for your responses. I'm still mulling over what to do. Your input has
been revealing.
I think I'm leaning towards the 1 year key, with a 1 year "fallow" time. For
the reasons implied by Daniel, (which I interpolated). I would not want another
user grabbing an e-mail account and posing
> Is there a GnuPGP project anywhere that does PGP encryption that is
> usable in a C# application?
Yes; gpgme-sharp. However, since it P/Invokes out to native code it's
limited to 32-bit only. This may be a problem if your code has to run
in a 64-bit .NET environment.
_
Hi,
My vote is to adopt Gabe's convention. I think it makes a great deal of sense.
Thanks,
Bob Cavanaugh
-Original Message-
From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of Gabriel
Niebler
Sent: Thursday, April 24, 2014 4:10 PM
To: Doug Barton; Peter Lebbing; gnup
Am Do 24.04.2014, 11:13:22 schrieb Peter Lebbing:
> I think "authenticity" covers the overtones much better than
> "validity", now that you mention it. It even makes me wonder why it
> wasn't chosen in the first place :). You have convinced me that it is
> the better term to use.
>
> I'm not entho
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 04/24/2014 07:49 PM, Hauke Laging wrote:
| Thus I would like to offer "accepted" as a possible alternative. I guess
| that shows the user decision. Maybe even as a combination: "authenticity
| accepted".
Did you not like my suggestion of "verifi
Am Mi 23.04.2014, 20:32:27 schrieb MFPA:
> Say a user has two keys, 0x0123456789abcdef and 0xfedcba9876543210. I
> propose each key could sign the other with a signature notation
> something like:-
> siblings-0x0123456789abcdef-0xfedcba9876543...@example.org.
a) You always want to use fingerprint
Am Do 24.04.2014, 15:22:20 schrieb Doug Barton:
> Isn't what you're talking about "verification?" I think the concept of
> "validity" in PGP sort of implies that you have verified that the key
> is valid for that particular user/e-mail address, but wouldn't it be
> better to just say that explicitl
25 matches
Mail list logo
