Re: plaintext non-ssl distribution - who things this is a good idea?

On Fri, 11 Sep 2015 00:05, r...@sixdemonbag.org said: > (Getting an Authenticode certificate, for instance.) Yeah, when testing the installer I always see that annoying "unknown issuer" warning. Thus it is probably a good idea to silence this warning by signing the installer. I need to see how

Re: plaintext non-ssl distribution - who things this is a good idea?

Hi all, On Friday 11 September 2015 at 00:15:51, Daniel Kahn Gillmor wrote: > On Thu 2015-09-10 18:05:35 -0400, Robert J. Hansen wrote: > >> Who else thinks someone should spring for the $10 it would take to > >> buy and install an SSL certificate for the principal distribution > >> point of gpg a

Gnupg 2.1.7 can't decrypt using smartcard key.

Hi all, I'm currently using GnuPg 2.1.7 and GnuK with FST-01. It workd some ago, but suddenly, When I trying to decrypt content using key on card, it says: gpg: public key decryption failed: Invalid ID gpg: decryption failed: No secret key and refuese to decrypt. However, when I encrypt and dec

Re: plaintext non-ssl distribution - who things this is a good idea?

Hi, The OP is continuing to "spam" the bug tracker . For the record: OP: [Claims of linking FTP mirrors which are not secure and to the known problem of the non-https gpg4win site.] me: This has nothing to do with gnupg.org. And if you have follo

Re: plaintext non-ssl distribution - who things this is a good idea?

On Fri, 11 Sep 2015 00:05, r...@sixdemonbag.org said: > (Getting an Authenticode certificate, for instance.) FWIW, the Gpg4win installer is code signed. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gn

Re: Temporary lock files?

On Tue, 8 Sep 2015 20:19, d...@fifthhorseman.net said: > I don't know of any such cronjob in debian. Would you expect this to be > something system-wide, or run on a per-user basis? This used to be a system wide policy on old Unix installations. This is the reasons why you create tempfiles wit

Re: Temporary lock files?

On Wed, 9 Sep 2015 23:24, as...@mythicflow.com said: > That was the only time I ever saw the lock files, so this is likely not > an issue. FWIW, the .#* files are not the lock files but temporary files used to create the lock files. In case you terminate a process while it is waiting for the lo

Re: Gnupg 2.1.7 can't decrypt using smartcard key.

On 09/11/2015 10:41 AM, perillamint wrote: > gpg: public key decryption failed: Invalid ID > gpg: decryption failed: No secret key Could you please try 'gpg --card-status' and see 'General key info'? In my case, it's like: == General key info..: pub rsa2048/4CA7BABE 2010-10-15 N

Re: OpenPGP card v2.1 and Cherry ST-2000U - Only 1024-bit keys are possible

On Fri, Sep 11, 2015 at 3:11 AM, NIIBE Yutaka wrote: > > I think that you are using some Unix Operating System. Could you try > to use PC/SC service, by installing pcscd (and libccid)? If it works, > I think that it's the issue of timeout management of internal CCID of > GnuPG. > Hello NIIBE,

Re: Please remove MacGPG from gnupg.org due to serious security concerns

Dear all, any bug reports should be filed on our support platform at https://gpgtools.tenderapp.com . For highly sensitive inquiries you can always get in touch at t...@gpgtools.org - our public key is on our homepage, bottom left, an

Re: Please remove MacGPG from gnupg.org due to serious security concerns

> The source in question is on GitHub > at https://github.com/GPGTools/localizeXIB and the binary is no longer > required to compile pinentry-mac. Given we've already had this conversation (about the inappropriateness of binary blobs in what should be FOSS software) once, I feel the need to say th

[HowTo] use gpg2.1 with an onion service

Hi, With the upgrade to GnuPG 2.1 my GPG+Tor setup broke. This was due to the fact that GnuPG now relies on dirmngr to handle all its networking. Which is good, because it separates different parts of functionality, but it also cost me some time to figure out. In the end, it’s very easy: 1. Y

Re: gnupg-for-java

On 09/10/2015 05:17 PM, Antony Prince wrote: > without gpgme installed). I'm not 100% sure how to test the > functionality of the binary and library, so if anyone wants to give it a > go, I'd be glad to hear the results. The ftp server[2] allows for > anonymous download. > [2]ftp://blazrsoft.com/ >

OpenPGP smartcard reader

Hi! I recently contributed to the FSFE and received an OpenPGP smartcard. I ordered an Omnikey 3121 USB card reader. I am facing some problems when using this reader and card combination on a Ubuntu 14.04 machine. Using GnuPG 1.4.15 as root it works fine. GnuPG 2 does not work at all. As a regu

Re: OpenPGP smartcard reader

> Any clues? GNOME implements its own gpg-agent... badly... in ways that break smartcards. I've heard they've recently fixed it, but as of 14.04 the broken GNOME behavior was still in place. Search for GNOME and gpg-agent in these archives and you should find a solution. ___

Re: OpenPGP smartcard reader

> GNOME implements its own gpg-agent... badly... in ways that break > smartcards. I've heard they've recently fixed it, but as of 14.04 the > broken GNOME behavior was still in place. Search for GNOME and > gpg-agent in these archives and you should find a solution. And there's a wiki page for i