Re: Mainkey with many subkeys??

On 13/12/14 12:12, Tomo Ruby wrote: > But what does "meaningful way" mean? That there may be theoretic methods to use signatures to learn information about the private key, but that they are all so impractical that they can be ignored. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in comb

Re: Randomized hashing

On 28/11/14 11:41, NdK wrote: >> Oh, I agree, I already thought that might close any 'r'-swapping security >> issues, if there would be any; just like you can include the hash >> algorithm in the signature to prevent swapping it out for a weaker one. But >> when >> swapping 'r''s does not actually

Re: Mainkey with many subkeys??

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 08/12/14 16:37, Kristian Fiskerstrand wrote: > This key will always be capable of signing by definition In what sense is that? It seems GnuPG is not letting me sign data with a certify-only key: $ gpg2 --edit-key de500b3e [...] pub 2048R/DE500B3E

Re: Signature-notation %-expandos expanding to strings of zeros

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Saturday 6 December 2014 at 3:25:02 PM, in , MFPA wrote: > I have the following line in my gpg.conf to generate a > signature notation:- > sig-notation > issuer-...@notations.openpgp.fifthhorseman.net=%g > I noticed when verifying sig

Linux and windows mix?

I asked a few weeks ago about sharing an encrypted file between windows and Linux boxes. Lots of hassle uninstalling an old version of gpg4win (I had to stop the service prior to deleting / uninstalling), but now working well. Thanks for the suggestion. Bash/shell scripts available if wanted. r

Re: Mainkey with many subkeys??

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 12/13/2014 02:41 PM, Peter Lebbing wrote: > -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 > > On 08/12/14 16:37, Kristian Fiskerstrand wrote: >> This key will always be capable of signing by definition > > In what sense is that? It seems GnuPG i

Re: Mainkey with many subkeys??

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Saturday 13 December 2014 at 2:22:17 PM, in , Kristian Fiskerstrand wrote: > But you could always generate a new self-signature > giving it signing capability. As you said in an earlier posting, that requires the use of a hacked GnuPG version

Re: FYI: Arch linux provides GnuPG (2.1.0) package without ability to use HKPS

On Wednesday, 2014-12-10 21:08:05 Samir Nassar wrote: > The Arch linux GnuPG package 2.1.0-6 is unable to connect to HKPS. As of the latest update to GnuPG 2.1.0-7, thanks to Gaetan Bisson, gpg should work with HKPS -- Samir Nassar sa...@samirnassar.com https://samirnassar.com PGP Fingerprint:

Re: FYI: Arch linux provides GnuPG (2.1.0) package without ability to use HKPS

On 14 December 2014 at 08:18, Samir Nassar wrote: > On Wednesday, 2014-12-10 21:08:05 Samir Nassar wrote: >> The Arch linux GnuPG package 2.1.0-6 is unable to connect to HKPS. > > As of the latest update to GnuPG 2.1.0-7, thanks to Gaetan Bisson, gpg should > work with HKPS What was the underlyi