xecutable?
>
> That's a good idea. I'll look at doing that.
>
Will that also include "undocumented" features like --enarmor?
--
Alphax
Message composed: 2006-04-10T15:19:27+09:30
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
alid self-signature; a
self-signature on a UID "binds" the UID to the key itself. If it were
not for selfsigs ike this, it would be trivial for someone to inject
their own UID (with your name, but a different email address) into their
copy of your key and then upload it to eg. a ke
t 3DES is *required* for a cipher
algorithm; it is mandatory that programs complying to the RFC implement
3DES as a cipher algorithm, DSA and Elgamal for keys, and SHA-1 for a
hash function.
http://en.wikipedia.org/wiki/Pretty_Good_Privacy#Feature_comparison sums
it up pretty neatly.
--
on. Of course,
it's still in beta, and I've never used it, and I have no idea if it
would work on a USB device, but it's worth a try...
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g
signature.a
How does one get keys from a keyserver when only the v3 fingerprint is
known? I recovered the fingerprints from a trustdb (they had
appended), but I can't work out how to get them off a keyserver...
--
Alphax
Death to all fanatics!
Down with catego
David Shaw wrote:
> On Wed, May 03, 2006 at 01:45:15AM +0930, Alphax wrote:
>> How does one get keys from a keyserver when only the v3 fingerprint is
>> known? I recovered the fingerprints from a trustdb (they had
>> appended), but I can't work out how t
David Shaw wrote:
> On Wed, May 03, 2006 at 05:59:52PM +0930, Alphax wrote:
>> David Shaw wrote:
>>> On Wed, May 03, 2006 at 01:45:15AM +0930, Alphax wrote:
>>>> How does one get keys from a keyserver when only the v3 fingerprint is
>>>> known? I recovered
t; Would it cause any other problems?
>
You will be asked to set an ownertrust value...
It might be worth trying to find an actual trust path using Wotsap
(http://www.lysator.liu.se/~jc/wotsap/) or similar as well as lsigning
the key, but YMMV.
--
A
u *really* know what you are doing,
> you may answer the next question with yes.
>
> Use this key anyway? (y/N)
>
Have you tried it with
trust-model always
in your gpg.conf? The key you're trying to encyrpt to probably isn't
within your trust path.
> Btw, DNS CERT r
y end it has checksums of:
MD5 = D2 37 D8 FE 1C 4A FA 37 9F 56 DB DA 0E 0B 40 E4
SHA1 = 9E96 B36E 4F4D 1E8B C502 8C99 FAC6 7448 2CBD B370
RMD160 = F6D3 2878 5F41 B74F 97D2 5305 C6FE 95AD 45BB 70A5
Of course, you should check the detached sig for that one rather than
trust me on it... :)
--
=5OsL
> -END PGP MESSAGE-
> ^Z
You get:
> The quick brown fox jumps over the lazy dog.
HTH,
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g
signature.asc
Description: OpenPGP digital signatur
8A2 -r 0xB1E06496
> The quick brown fox jumps over the lazy dog.
> ^Z
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g
signature.asc
Description: OpenPGP digital signature
__
uldn't find a user-agent string in your headers, but assuming you're
using Outlook Express: have you looked at GPGOL
<http://wald.intevation.org/projects/gpgoe>?
It's possible that this is a word-wrapping issue, but since I neither
use Outlook Express or Usenet, I can't real
this isn't entirely foolproof and may have unintended
consequences - make backups of your keyring(s) and trustdb first. I've
mainly used it semi-automatically where I check the status of some keys,
run the script, and then re-check the status of the keys.
HTH,
--
Alphax
-BEGIN PGP MESSAGE-
Version: GnuPG v1.4.4-svn4147:IDEA-TIGER192-DSA2 (MingW32)
owNCWmg2MUFZJlNZeXIg9QABDH/3mvZv7d3u1u7+6/9u9+fv7zbr3P+Y
et9XR/NAAbdzYbgyhoAA0aGgAAAB6gAAANBoAaDQAPUAAAD1AAAGgGgPKBo9TE09
T0nptUKqaep6npDQGgyD0gDQGjQA9TIAaGgaADIAaaaABpiAGgANABoyaAADTQNG
mgiqeRGwk0bUDIGT
;s key. Why does GPGFiletool not find it?
>
Is the key trusted?
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g
signature.asc
Description: OpenPGP digital signature
___
Alphax wrote:
> Laurent Jumet wrote:
>> Hello !
>>
>> Charly Avital <[EMAIL PROTECTED]> wrote:
>>
>>> This is a bit strange.
>>
>> You mean that you cannot read compressed (not crypted) messages.
>>
>>
>
> eg. a me
n sub keys, aside from technical
> specifications (such as RFC 2440), then please let me know.
>
Adrian von Bidder wrote an excellent tutorial on subkeys at
<http://fortytwo.ch/gpg/subkeys>.
--
Alphax
Death to all fanatics!
Down with categorical imperativ
by the signature.
HTH,
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g
signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://l
il.
You could of course use --passphrase-file , provided the file is
only readable by yourself, but on a MinGW32 platform this is quite
unlikely. That leaves --passphrase-string, which is still a security risk.
--
Alphax
D
I don't know.
>
Minimum requirement is MSYS <http://www.mingw.org/msys.shtml>, which is
a small set of the Cygwin tools. Never used gpg-zip myself though.
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.
file her_userid
> pgp -kxa userid keyfile [keyring]
HTH,
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g
signature.asc
Description: OpenPGP digital signature
___
ou still have the secret key, you can have the key sign itself and
then this error will not occur. Otherwise, you can use the option in GnuPG
--allow-non-selfsigned-uid
to import the key, and then have it sign itself.
--
Alphax
Death to all fanatics!
Down with categorica
cring.gpg, pubring.gpg, gpg.conf.
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g
signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gn
x27;ll
> be happier that way.
>
*thunk*
Yeah, I should have thought of that... that's what comes of posting just
before lunch.
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g
signature.asc
Descrip
d
about it?
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g
signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists
quot;C:\\Documents and Settings\\Username\\Application Data\\GnuPG"
"OptFile"="C:\\Documents and Settings\\Username\\Application
Data\\GnuPG\\gpg.conf"
--
Alphax
Death to all fanatics!
Down with categorical imperative!
Op
data\gnupg\some-other-secring.gpg
#
# set the trustdb to use
trustdb-name c:\documents and settings\username\application
data\gnupg\some-other-trustdb.gpg
Note that on Windows paths are case insensitive, and unlike in the
registry, backslashes do not need to be escaped and paths with spaces in
the
Y may or
may not have been faked (which is trivial).
The "owners" of W, X, Y and Z could be four different people, or they
might not be people at all; all you can really say about the "key owner"
is that X is in contact with W and Z, and Z is in contact with X and Y.
--
. Excellent suggestion. This worked well with a .asc
> file, but not with a .gpg file. Does anyone on the list have a
> preference for .asc vs .gpg output? Pros? Cons? The size is almost
> twice as big as a .gpg at this time, which is a definite con. But there
> are probably some se
ote machine can then tell the local one to delete the
> original; and if it's not OK, it can scream at you.
>
Better than that, if you get GPG to sign the file when it encrypts it
(using a passwordless key/subkey) and/or use the MDC option, you'll be
able to do this more reliably...
what "common sense" seems
to suggest.
> I googled, but I found only
> http://www.schneier.com/blog/archives/2005/10/nist_hash_works_3.html
> I know that sci.crypt would be a better place to ask this question, but
> I don't like it.
You could also ask at PGP-Basics :)
--
oo many secret keys used simultaneously
|or due to excessive large key sizes)
Now, although it can't generate keys that big, GPG can *use* a key of
16384 bits (presumably generated with one of Disastry's PGP 2.6.3
builds); again, operations involving such keys are painfully slow and
ox, but it won't be
forwarded by any filters, and it probably won't be accessible via the
POP3 interface either.
I'm fairly certain that the behaviour is identical for sending an email
to yourself.
--
Alphax
Death to all
mental and don't have the instant
usability of a USB stick
(/me mutters something about "The right tool for the right job"...)
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g
signature.asc
Descripti
ig file - normally GnuPG will ask you
for the certification level when you sign a key, but the default /can/
be used if the right options are set, and /will/ be used at the time of
key generation.
--
Alphax
Death to all fanatics!
Down wit
and
line. Something funny going on with Apple Mail?
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g
signature.asc
Description: OpenPGP digital signature
___
Gnupg-users
e
command line or ~/.gnupg/gpg.conf (-- is removed for config files):
Use --pgp6 or --pgp7 depending on which version of PGP they are using.
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key:
e relevant instructions and files at
http://blueness.port5.com/gpgcvs/ based on the trial-and-error that a
number of people went through to get "native" building on W32 to work.
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: ht
he
signature packet used in a clearsigned message is... I haven't looked at
the "working draft" of the RFC but hopefully it's a lot clearer than the
published version.
--
Alphax
Death to all fanatics!
Down with categorical impera
eserved for Elliptic Curve
19 - Reserved for ECDSA
20 - Elgamal (Encrypt or Sign)
21 - Reserved for Diffie-Hellman (X9.42,
as defined for IETF-S/MIME)
100 to 110 - Private/Experimental algorithm.
--
Alphax
D
Qed wrote:
> On 09/24/2006 05:08 PM, Alphax wrote:
>>>> And therefore, even better, what is the present status of adding to
>>>> GnuPG an "official" ECC keys support?
>>> ECC are not part in RFC2440 nor there's a plan to include them.
>> Yo
out the key?
You probably want "gpg --expert --gen-key", select "(7) RSA (set your
own capabilities)", and to set "Sign, encrypt, certify".
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com
re not just for the upper left corner of but
> are needed in suitable versions for print as well.
So yes, logos should be available at high resolutions. One easy way to
ensure this is to create them in vector form, eg. as an SVG file.
--
y?
>
I assume you mean fingerprint?
ssh-keygen -l [-f input_keyfile]
-l Show fingerprint of specified public key file. Private RSA1
keys are also supported. For RSA and DSA keys ssh-keygen tries
to find the matching public key file and prints its fingerprint.
--
Al
correct this? Or, is the expected behavior?
>
HTML + OpenPGP = FAIL.
In English: HTML screws up OpenPGP. You don't want it. There are other
reasons why you don't want HTML anyway but I won't go into them here.
--
Alphax
Death to all fanatics!
Do
ients /may/ handle it, but you'd have to
actually try it to be certain. Such a test should be conducted off-list
in order to avoid flames for an HTML posting.
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g
si
p availible, the error is
> in all backups...
>
What version of GPG/PGP did you create your key/backups with? Try using
that version to recover your key.
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g
si
ay integration, and let you use a .pgp extension. I've filed an
RFE at <http://bugzilla.mozdev.org/show_bug.cgi?id=15442>.
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g
sig
Alphax wrote:
> I've filed an RFE at
> <http://bugzilla.mozdev.org/show_bug.cgi?id=15442>.
>
Well, apparantly it's already doable:
> You can set this with the following two preferences in about:config (or in
> Thunderbird via Pre
that the file
> had not been manipulated in the meantime.
>
> Any help is very much appreciated because this is a backup file.
>
You could try the --ignore-mdc-error option and if it's an ASCII armored
file the --ignore-crc-error option. No guarantees though...
--
key for
user: "Person (comment) <[EMAIL PROTECTED]>"
2048-bit RSA key, ID 0xDEADBEEF, created 2006-01-01
Enter passphrase:
Command> quit
Save changes? (y/N) y
HTH,
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tiny
ness reason ? Or ideological ?
>
As I understand, technological: the structures used in GPG2 simply don't
exist in W32-land.
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g
signa
to copy the
random-seed file!
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g
signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-use
Henry Bremridge wrote:
> On Wed, Nov 29, 2006 at 08:20:06PM +1030, Alphax wrote:
>
>> That advice is seriously flawed. You do *not* want to copy the
>> random-seed file!
>>
> Just out of interest: why?
>
As someone a lot smarter than me pointed out in a message
bothered explaining, here are some links that will do
it for me:
http://en.wikipedia.org/wiki/Public-key_cryptography
http://www.gnupg.org/gph/en/manual.html
http://sixdemonbag.org/cryptofaq.html
--
Alphax
Death to all fanatics!
Down with categorical imperati
I saw something weird where moving entries around didn't preserve the
order that you had put things in... I ended up writing out all the
option numbers on scraps of paper and shuffling them around until they
were in the order I wanted :)
--
Alphax
Death to all fanatic
2440) and a hex editor; alternatively, you could add a
subkey with this capability (gpg --expert --edit 0x, addkey,
, 7, A, Q).
HTH,
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g
signature.asc
Description:
o even if you hacked around the
> timestamp problem, the signature would not match. RSA signatures do
> not contain random data.
>
Err, I thought it was the other way around, which is why RSA signatures
are bigger than DSA signatures... or is the RSA signature
packaging-thing s
k I sort of get what you are trying to do here:
random key -> encrypt data w/ random key
|
V
encrypt key w/ public key
... which is actually what GPG does with bog-standard public key
encryption! Or do you want something else?
--
Alphax
Death to all fan
101 - 160 of 160 matches
Mail list logo
