Re: multiple instances of gpg-agent

On Thu, 21 May 2015 04:37, jeandav...@verizon.net said: >> --write-env-file "$@{HOME@}/.gpg-agent-info" > > I tried this and it would not work. No such file or directory. > > I removed the @ signs and then that part worked. Sorry, I copied it from the texinfo source and missed these e

[admin] Please do not reply to obvious spam

Hi! As some of you might have noticed, from time to time spam slips through the filter by means of subscribed users. That is a little bit annoying but it does not really harm. However, it is worse to reply to spam or send the mailing list owner a notice of that. That does not help. For the rec

Re: Popescu and keys

Hello, I tried to read this guy's blog either but it seams like you have to pay to read it (buy credits with bitcoin). I don't know who the hell this guy thinks he is, not even Bruce Schneier asks to pay fees to read his blog/research papers, but I am just going to keep calm. So, since I wouldn't

Re: [Enigmail] Popescu and keys

On Wed 2015-05-20 20:13:32 -0400, Robert J. Hansen wrote: > In the last couple of days a few different people have pointed me to > Mircea Popescu's blog, where he's claimed he's broken ~150 keys that are > in common circulation among the keyservers. At least one of the keys he claimed to have brok

Re: [Enigmail] Popescu and keys

> Which key does he claim to have broken? If Mircea has broken your > encryption-capable subkey (0xB8A6B74C001892C2) then he might only be > able to decrypt messages sent to you, but not sign them. He didn't say. You're correct in that I made an unfounded assumption; thank you for the correcti

OPENPGP URI PROPOSAL

You might see a few copies around. This one is edited and streamlined with some advice from Hasimir to help keep this proposal focused. This is mirrored in here Last updated: 2015-05-22 *=

Re: OPENPGP URI PROPOSAL

On 22/05/2015 1:59 am, mofo syne wrote: > > You might see a few copies around. This one is edited and > streamlined with some advice from Hasimir to help keep this proposal > focused. For the benefit of the rest of the list, Hasimir is my IRC handle on freenode and a few other places. An /ns info

Re: Ohhhh jeeee: can't encode a 512 bit MD into a 608 bits frame

On 20/05/15 12:24, Werner Koch wrote: > gpg tried to verify a key signature and ran into that problem. Of > course it should not abort here. It would be helpful if you can you > figure out which key causes the problem. Maybe the key shown last or > the one which would be shown next. Running wit

Re: OPENPGP URI PROPOSAL

On Thu 2015-05-21 11:59:07 -0400, mofo syne wrote: > You might see a few copies around. This one is edited and streamlined with > some advice from Hasimir to help keep this proposal focused. This is > mirrored in here >

Re: [Enigmail] Popescu and keys

On Thu, 21 May 2015 18:23, d...@fifthhorseman.net said: > At least one of the keys he claimed to have broken is a degraded copy of > one of H. Peter Anvin's actual subkeys, as Hanno Böck pointed out here: That reminds if of a private discussion I had last autumn. Some guy downloaded most RSA key

Re: [Enigmail] Popescu and keys

On Thu 2015-05-21 12:23:20 -0400, Daniel Kahn Gillmor wrote: > Which key does he claim to have broken? If Mircea has broken your > encryption-capable subkey (0xB8A6B74C001892C2) then he might only be > able to decrypt messages sent to you, but not sign them. > > To provide him with an opportunity

gpg-agent override to import secret keys in 2.1

Hello, Does anyone know whether or not there is an override command or option to force -agent to read/import secret keys after the initial migration to version 2.1? The basic scenario here is a primary workstation which the initial migration was performed on and a subsequent decommisioning

Re: OPENPGP URI PROPOSAL

> This proposal is to provide an alternative to the openpgp block > messages, in the form of a uri ( e.g. `http://` ). The format of a URI is, generally, "mechanism:address for that mechanism". For instance, email has a URI scheme: mailto:r...@sixdemonbag.org?subject=URI%20schemes FTP

Re: [Enigmail] Popescu and keys

On 22/05/2015 5:37 am, Werner Koch wrote: > > These are all encryption subkeys. The third key is the one from > H. Peter Anvin. I have not found one of the fingerprints given in the > said blog posting: gpg removed it while importing the key. It is a bit > disturbing that the other subkey liste

Re: OPENPGP URI PROPOSAL

So what are data uri classified as then? https://en.wikipedia.org/wiki/Data_URI_scheme Because this is based off datauri, in terms of structure. So since datauri works, I'm inclined to think that there isn't any technical restriction to including content within a uri context as long as the appropr

Lower Bound for Primes during GnuPG key generation (was Re: [Enigmail] Popescu and keys)

On 5/21/2015 at 3:45 PM, "Werner Koch" wrote: >Some guy >downloaded most RSA keys from a keyserver and tried to factor 1.9 >million moduli. They found 30 keys with a subkey having one of the >first 1000 primes as a factor. > I looked at 8 of those keys and > found that 2 are likely PGP create

Re: gpg-agent override to import secret keys in 2.1

Hi On Thursday 21 May 2015 at 8:52:49 PM, in , Ben McGinnes wrote: > Hello, Does anyone know whether or not there is > an override command or option to force -agent to > read/import secret keys after the initial migration to > version 2.1? Doesn't it detect the presence/absence of the

Re: multiple instances of gpg-agent

On 05/21/2015 05:30 AM, Werner Koch wrote: > On Thu, 21 May 2015 04:37, jeandav...@verizon.net said: > >>> >> --write-env-file "$@{HOME@}/.gpg-agent-info" >> > >> > I tried this and it would not work. No such file or directory. >> > >> > I removed the @ signs and then that part worked.

Re: OPENPGP URI PROPOSAL

On 2015-05-21 15:21, Daniel Kahn Gillmor wrote: > On Thu 2015-05-21 11:59:07 -0400, mofo syne wrote: > > You might see a few copies around. This one is edited and streamlined with > > some advice from Hasimir to help keep this proposal focused. This is > > mirrored in here > >

Re: OPENPGP URI PROPOSAL

> So what are data uri classified as then? Something that's mostly limited to web browsers and a couple of email clients. It's meant for including data in-line in web pages, not as separate documents, and has pretty close to nil adoption in the rest of the ecosystem. Adopting a special OpenPGP d

Re: OPENPGP URI PROPOSAL

> Something that's mostly limited to web browsers and a couple of email clients. It's meant for including data in-line in web pages, not as separate documents, and has pretty close to nil adoption in the rest of the ecosystem. I'm not sure you need to wait for browsers to adopt this standard for