On Sun 2018-01-07 23:23:16 +1100, gn...@raf.org wrote:
> For the actual decryption, I'm using sudo. From the original
> post, the command to set things up contains something like:
>
> /usr/bin/screen -- \
> /usr/bin/sudo -u thing --set-home -- \
> /usr/bin/gpg-agent --homedir /etc/thing/.gnup
On Thu 2018-01-11 16:19:10 +1000, Allan McRae wrote:
> I am looking for a way to extract the issuer key ID from a signature
> file using gpgme without firstly having verified the signature.
> Basically, doing something like what gpg --list-packets does.
>
> My software current has a homemade sig f
On Mon 2018-01-15 17:45:49 -0500, Robert J. Hansen wrote:
> _Literally every major FOSS package manager breaks. Updates become
> impossible._
while i agree with rjh that destruction of the current SKS-based
keyserver network (either by technical or legal means) would today be a
net loss, this sta
On Tue 2018-01-16 01:02:11 +, listo factor via Gnupg-users wrote:
> Burning it down is not what I was advocating. I am advocating orderly
> evacuation and replacement of a system that has clearly outlived its
> usefulnesses. If it is not replaced in time, it will, at some point,
> burn ignited
On Tue 2018-01-16 22:56:58 +0100, Kristian Fiskerstrand wrote:
> thanks for this post Daniel, my primary question would be what advantage
> is gained by this verification being done by an arbitrary third party
> rather by a trusted client running locally, which is the current modus
> operandus. Any
On Tue 2018-01-16 16:26:49 -0800, Dan Kegel wrote:
> I worked hard to jump through hoops to use version 2 in such
> an environment, but then I ran into the fact that even the latest apt
> from debian does not support version 2's keybox format, so I had
> to drop back to gpg version 1 anyway.
apt a
On Tue 2018-01-16 20:10:38 -0800, Dan Kegel wrote:
> When I try to use gpg to manipulate secure apt repositories in the
> real world, my head explodes.
hi there! what kind of manipulation are you doing of secure apt
repositories with gpg?
are you talking about signing the repo as an author? or a
On Wed 2018-01-17 09:58:21 +0100, Werner Koch wrote:
> On Tue, 16 Jan 2018 22:56, kristian.fiskerstr...@sumptuouscapital.com
> said:
>
>>> (c) rejected all third-party certifications -- so data attached to a
>>> given primary key is only accepted when certified by that primary
>>> key.
>
On Wed 2018-01-17 15:51:07 +, Andrew Gallagher wrote:
> On 17/01/18 15:32, Daniel Kahn Gillmor wrote:
>> i don't think you need an extension to OpenPGP at all to do this -- you
>> just need policy. The policy could be (for example):
>
> The main technical question i
On Wed 2018-01-17 15:09:45 -0800, Dan Kegel wrote:
> Yes to all four questions. Here's the user story.
cool, your user story all makes sense to me except this bit:
> - The package depends on debian-archive-keyring (to leverage
> the web of trust as suggested in 'man secure-apt')
(itym 'man apt-
On Wed 2018-01-17 20:58:21 -0800, Dan Kegel wrote:
> Does one even need --import and --export while building foobar-archive;
> aren't the thing being imported and the thing being exported
> the same format?
i don't know -- what are you importing? if the thing you're importing
is already a clean T
On Mon 2018-01-22 08:43:41 +0100, Werner Koch wrote:
> Another problem with ssh is that ssh can't start gpg-agent on the the
> fly. Thus you need to make sure that gpg-agent has already been started
> when you use ssh. A way to ensure this is to run
>
> gpg -K
the systemd user service takes c
On Mon 2018-01-22 11:52:21 +0100, Peter Lebbing wrote:
> It works for me out-of-the-box on Debian stretch/stable, supervised by
> systemd... if I SSH before I do any GnuPG stuff, it correctly prompts me
> in the (graphical) session that started the agent. So something must be
> different in your in
On Mon 2018-01-22 15:37:37 -0500, Phil Pennock wrote:
> So at this point, it looks to me like it really is an incorrect
> checksum, exposing unfortunate edge-case handling in GnuPG.
Thanks for the diagnosis, Phil and Simon.
Please file a bug report about this at https://dev.gnupg.org/ so that
thi
On Tue 2018-01-23 16:55:20 -0500, Robert J. Hansen wrote:
>> From the man page:
>
> Note that this can be done in a bash one-liner:
>
> $ for x in `gpg --list-keys|grep "[A-F0-9]\{40\}"|sed 's/ //g'` ; do gpg
> --edit-key $x clean save ; done
please don't script based on the output of gpg without
On Tue 2018-01-30 21:35:57 -0500, FuzzyDrawrings via Gnupg-users wrote:
> Wouldn't it make more sense to hash only the public-key's MPI
> value(s)? That way if an implementation's code fails to generate a
> unique key-pair, it will be known because the fingerprint will be the
> same as some other k
On Wed 2018-01-31 09:37:54 +, Fiedler Roman wrote:
> Including it provides a fast way to generate keys without changing
> cryptographic material (slow),
I think you mean "to generate fingerprints", not "to generate keys" --
right? in particular, i think you're talking about the computational
On Mon 2018-01-29 15:44:56 +1300, Dan Horne wrote:
> Has someone got a workaround? I need to be able to use "su" as we are not
> allowed to log into the user directly. I'm also stuck with Solaris and the
> specified version of GnuPG
the problem you're running into is that pinentry is unable to pro
On Thu 2018-02-01 09:22:15 +1300, Dan Horne wrote:
> I'd love to have gone to 2.2 but getting GnuPG to work on Solaris is
> extremely difficult. We tried compiling from source, but hit several
> roadblocks. Looking online, several others have reported the same issues,
> but have had no resolution.
On Sat 2018-02-03 09:15:30 -0600, Pijus Kar wrote:
> We are using GnuPG 1.2.1 on AIX. We are trying to import a public key
> received from others which is generated on GnuPG v2.
> Will there be any problem importing the public key. While importing we are
> getting below error -
gnupg 1.2.1 is pos
On Wed 2018-02-14 14:20:10 -0600, helices wrote:
> CentOS 7 uses gnupg2 v2.0.22. EPEL doesn't have anything newer.
>
> We want to move to v2.2.x, and stay current, but we don't want to download
> source and compile for dozens of systems.
>
> We want all users to be using the same version all of the
On Thu 2018-02-15 21:33:05 +0100, Juergen Christoffel wrote:
> I'm looking for best practice tips for offline usage of GnuPG. What Do I
> mean by offline usage? I plan to encrypt backups or files on my machines
> with GnuPG and generate weekly or monthly keys for that purpose so backups
> for exam
On Sat 2018-02-17 17:06:54 -0600, helices wrote:
> I will probably never understand why wanting to run the most current
> version of gnupg on a plethora of servers is controversial.
Here's one last try to explain the situation.
GnuPG (and the libraries it depends on) are used by (aka "depended on
On Tue 2018-02-20 13:18:40 +0100, Dashamir Hoxha wrote:
> One solution to this situation may be to install the latest GnuPG
> in a Docker container, where it can have all the required libraries
> and dependencies that it needs, without disturbing the host OS.
I think this misses the point that it'
On Tue 2018-02-20 16:08:35 +0100, Werner Koch wrote:
> On Mon, 19 Feb 2018 19:45, d...@fifthhorseman.net said:
>
>> GnuPG is under active development, and it has never had a fully-featured
>> stable API (Application Programming Interface). What i mean is, there
>> are some capabilities that are on
On Fri 2018-02-09 16:03:01 +, Anna Kitces and Seth Fishman wrote:
> Correction. it is in libgpg-error this is happening
You can see logs of an example build on the Debian OS for gpg-error
here:
https://buildd.debian.org/status/logs.php?arch=&pkg=libgpg-error
Your build is likely to differ
On Wed 2018-02-28 16:14:42 +0100, Werner Koch wrote:
> On Wed, 28 Feb 2018 15:53, ed...@pettijohn-web.com said:
>
>> for chroot'd programs that need it on a filesystem mounted nodev. I
>> sent some patches awhile back to add arc4random_buf as the entropy
>> gathering 'device'. Which I've been using
On Thu 2018-03-15 17:11:15 +, Andrew Gallagher wrote:
>> If this doesn't exist in the main GnuPG project then I'd be happy to be
>> referred to any 3rd party bits of software (even if commercial or
>> proprietary) that could?
>>
>> I understand if the answer *should* be block-level e
On Fri 2018-03-16 11:58:45 +1100, gn...@raf.org wrote:
> Daniel Kahn Gillmor wrote:
>> or, if what you really care about is file-level encryption on a
>> GNU/Linux desktop and you *don't* care about files being OpenPGP
>> formatted, you could look into ext4's
On Wed 2018-03-21 14:48:26 -0700, Evan Klitzke wrote:
> I am using gpg 2.2.5 and stumbled across the --supervised option while
> reading the man page. I was able to get the ssh-agent functionality
> working perfectly, but I'm having problems with the gpg-agent
> functionality.
>
> I created syst
Hi Jukka--
On Tue 2018-04-03 14:33:18 +0300, Jukka Kakko wrote:
>
> I am trying to upgrade my old GnuPG (version 2.0.14) in order to
> use Enigmail with my current Thunderbird.
what operating system are you using?
> [root@llappari libgcrypt-1.8.2]# ./configure |tee -a mylog.txt
I suspect you wa
On Tue 2018-04-17 00:04:11 +0200, Paul H. Hentze wrote:
>> gpg: WARNING: unsafe permissions on homedir '/home/giraffenhorde/.gnupg'
>
> So I fixed that with
>
>> chown -R "$USER:$(id -gn)" ~/.gnupg
>> chmod 700 ~/.gnupg
>> chmod 600 ~/.gnupg/*
>
> from here: https://superuser.com/a/954639
this doe
On Tue 2018-04-17 11:11:22 +0200, Kristian Fiskerstrand wrote:
> On 04/17/2018 10:52 AM, Paul H. Hentze wrote:
>> Actually those commands
>>> find ~/.gnupg -type d -exec chown 0700 '{}' ';'
>>> find ~/.gnupg -type f -exec chown 0600 '{}' ';'
>> didn't work.
>> The terminal responded: "chown
On Tue 2018-04-17 23:05:44 +0200, Paul H. Hentze wrote:
> I did. This works fine as I asses that.
I'm glad it's working now.
> Now I'm still stuck with the pinentry problem.
can you explain the pinentry problem you're seeing? I'm afraid the bad
ownership of your files was distracting from any o
Hi Laszlo--
I'm afraid we don't know the details of how your docker instance is set
up; which versions of which packages you have installed inside docker
vs. outside of docker, what's bind-mounted, what the networking
constraints are in place. this makes debugging remotely a bit more
difficult.
On Fri 2018-04-13 11:00:59 +0100, Laszlo Papp wrote:
> Yes, I meant to reply yesterday after solving this.
>
> systemd --user import-environment http_proxy
>
> is what I used.
i think you mean:
systemctl --user import-environment http_proxy
Please read the "Environment Commands" section of s
On Thu 2018-05-17 08:45:18 +, Fiedler Roman wrote:
> As gnupg starts getting more and more problematic regarding some
> functions (see the discussions on command line/unattended use), Ubuntu
> Bionic AND Debian Buster dropped it from their debootstrap
I don't know about Ubuntu Bionic, but for
On Thu 2018-05-17 10:01:37 +0200, Werner Koch wrote:
> On Thu, 17 May 2018 01:48, r...@sixdemonbag.org said:
>
>> While y'all are having this discussion, remember that GnuPG's 95% use
>> case is verifying Linux packages, and that number isn't expected to
>> change a whole lot.
>
> I am pretty sure
On Thu 2018-05-17 15:37:55 +, Fiedler Roman wrote:
> Von: Daniel Kahn Gillmor [mailto:d...@fifthhorseman.net]
>
>> See sources.list(5) and
>> https://wiki.debian.org/DebianRepository/UseThirdParty for more details.
>>
>> See also https://bugs.debian.or
On Fri 2018-05-18 13:50:00 +, Whitey wrote:
> Robert J. Hansen wrote:
>> I don't have concrete numbers here, but my suspicion is that GnuPG is a
>> package verification system that's useful for email... and most of the
>> problems people have with it as a package verification system stem from
>
On Fri 2018-05-18 05:31:36 +, Fiedler Roman wrote:
> I see. If understood correctly, the trusted.gpg.d bypasses key
> management with apt-key completely, so not running into problems with
> apt-key deprecation.
I'm actually advocating avoiding trusted.gpg.d entirely as well, and
moving to expl
On Fri 2018-06-08 17:03:07 +0200, Andre Heinecke wrote:
> I have a problem with the test
> It asks me for a symetric passphrase.
I'm having the same problem. Werner, what is the passphrase for this
test example?
--dkg
___
Gnupg-users mailing lis
On Fri 2018-06-08 14:29:52 -0400, Daniel Kahn Gillmor wrote:
> On Fri 2018-06-08 17:03:07 +0200, Andre Heinecke wrote:
>
>> I have a problem with the test
>> It asks me for a symetric passphrase.
>
> I'm having the same problem. Werner, what is the passphrase for
dredging this up from the past:
On Fri 2017-03-03 08:51:57 +0100, Werner Koch wrote:
> As a compatible hack we could add an 'expired' property to the
> export-filter's drop-subkey method. Just did this:
>
> gpg --export-options export-clean \
> --export-filter drop-subkey='expired -t' \
>
On Wed 2018-01-17 08:57:12 +0100, Kristian Fiskerstrand wrote:
> On 01/17/2018 01:20 AM, Daniel Kahn Gillmor wrote:
>> On Tue 2018-01-16 22:56:58 +0100, Kristian Fiskerstrand wrote:
>>> thanks for this post Daniel, my primary question would be what advantage
>>> is
On Sat 2018-08-25 08:18:48 +0200, sunri...@gmx.com wrote:
> Hi all, since some days I'm having an issue with pinentry, I've set the
> default agent as pinentry-qt4
> from update-alternatives (I've also tried pinentry-qt and pinentry-gnome) but
> when I run gpg --decrypt file
> it's always falling
On Thu 2018-08-30 15:46:08 +0200, Werner Koch wrote:
> We are pleased to announce the availability of a new GnuPG release:
> version 2.2.10. This is a maintenance release; see below for a list
> of fixed bugs.
thanks for this work!
I note that https://gnupg.org/ftp/gcrypt/gnupg/ does not list 2
On Mon 2018-09-03 09:58:24 +0200, Kristian Fiskerstrand wrote:
> Just to have it mentioned, turned out this was an issue with missing
> keep-display in gpg-agent.conf, without this the Qt4/5 pinentry fail
> (although I've been told it is not an issue in KDE environment).
to be clear, keep-display
On Wed 2018-09-05 09:39:31 +0200, Kristian Fiskerstrand wrote:
> On 9/4/18 6:10 PM, Daniel Kahn Gillmor wrote:
>> or do you mean something else?
>
> without DISPLAY env var, qt version automatically falls back to curses
> variant despite the argument
>
> kristian
On Fri 2018-09-07 14:31:16 +0200, Kristian Fiskerstrand wrote:
> On 9/5/18 4:20 PM, Daniel Kahn Gillmor wrote:
>> I'm unable to replicate this. here's a transcript of my session,
>> testing pinentry-qt 1.1.0-1+b1 and gnupg 2.2.10-1 on debian
>> testing/unstable:
>
On Sun 2018-09-23 18:18:13 +0200, Peter Lebbing wrote:
> The intent of this mail is not to ask whether something works. This can
> be easily verified. It's asking whether it is a supported way of doing
> things. I hope I can get some guidance on this!
I appreciate that you're asking for clarificat
On Mon 2018-09-24 01:09:25 +0100, Andrew Luke Nesbit wrote:
> This is using the contents of `~/.gnupg/private-keys-v1.d/` as an API.
> If this is *not* part of the API, then what *is* the official
> recommendation for generating subkeys?
The part of those pages about "generating subkeys" does use
On Mon 2018-09-24 12:44:38 +0200, Peter Lebbing wrote:
> The always-correct option would be to --export, copy the exported key to
> the initramfs, and simply --import it before use, no meddling with
> prefabricated keyrings. It does waste some processing.
I think you're right that this is an "alwa
fwiw, i agree with Damien that the existing text in the FAQ about
generating a revocation certificate should be removed.
I think that there should be some text like "where can i find my key's
revocation certificate?" which could be added to the FAQ.
However, situations like these:
On Sat 2018-11
Hi there--
On Mon 2018-11-12 11:04:09 +0100, gnupgpac...@on.yourweb.de wrote:
> there occurs an issue while exporting/ importing keypair from
> Windows-7/GPG-1.423 to Android-8.1/R2mail2.
1.423 is not a valid GnuPG version, so i assume you meant GnuPG 1.4.23.
the "classic" version of GnuPG (the
On Mon 2018-11-12 18:27:59 +0100, gnupgpacker wrote:
>> the "classic" version of GnuPG (the 1.4.x series) not only does not
>> ...
>> If you upgrade to the modern version of GnuPG on your windows machine,
>> and then try to re-import, i think you'll find the merge issue resolved.
>
> GnuPG 1.4.23
On Tue 2018-11-13 09:15:46 +0100, gnupgpacker wrote:
> Hello,
>
> importing to R2mail2 is working *without* changing expiration dates, if key
> is exported from GnuPG-2.1.11...
>
> "Converting-way":
> Export GnuPG-1.4.23(GPGkeys/Win7) > Import GnuPG-2.1.11(Win7) > Export
> GnuPG-2.1.11(Win7) > Impo
Hi MFPA--
On Wed 2018-11-14 09:40:35 +, MFPA wrote:
> Taking the opportunity to point out the software list on gnupg.org's
> GPGrelay link returns a 403 "You don't have permission to access..."
> error. (For me at least, YMMV.)
Can you please point to the specific URL where there is a broken
On Wed 2018-11-14 08:43:19 +0100, gnupgpacker wrote:
> Did try it several times, but no response. Development seems to be stopped
> since 2005...
> https://sourceforge.net/projects/gpgrelay/files/
all the more reason to move away from it then. security software that
deals with complex data struc
On Wed 2018-11-14 15:45:34 +, MFPA wrote:
> The broken link is at https://gnupg.org/software/swlist.html#sec-1-23.
> The link that returns the 403 error is
> http://sites.inka.de/tesla/gpgrelay.html. A possible working link is
> https://sourceforge.net/projects/gpgrelay/.
thanks, i've reported
On Thu 2018-11-15 23:41:32 +0100, Stefan Claas wrote:
> or if i sign with sig0 a key on a key signing party, where i also don't
> know that the person who attended is a good or bad person
OpenPGP identity certifications ("keysignings") make no claims one way
or the other about a person's moral cha
On Fri 2018-11-16 17:00:33 +0100, Stefan Claas wrote:
> I understand your points, but like to point out my view of sig0
> and why i think it is not good and why i wrote a policy that way.
I think you're talking about this:
> With the sig0 approach i have the following problem: I could create
I'm confused by this e-mail, hopefully the notes and questions below can
start to un-confuse it a bit.
On Thu 2018-12-13 13:40:56 -0900, justina colmena via Gnupg-users wrote:
> OpenKeychain on my smartphone is able to verify the attached
> signatures .gpg, but not the detached .sig files.
This a
On Tue 2019-01-08 15:55:30 +0100, Stefan Claas wrote:
> it seems a bit to much if you look at avatars, profile images
> etc. on social media sites and other places. The images there are always
> reasonably in size when displayed and do not offer such large image size for
> usage, IIRC.
I think you
On Sat 2019-01-12 14:25:02 -0500, Ineiev wrote:
> On Sat, Jan 12, 2019 at 02:12:47PM -0500, Ineiev wrote:
>> dti@manas:~$ gpg --home h1 --import
> Sorry, this is what works:
>
> gpg --home h1 --import sec.asc
to be clear, i think the issue that you were having is that both
commands use pinentry-t
On Tue 2019-01-15 12:05:39 -0500, Ineiev wrote:
> On Mon, Jan 14, 2019 at 03:06:22PM -0500, Daniel Kahn Gillmor wrote:
>> fwiw, if you use --batch with --import, there will be no attempt to use
>> pinentry, ever, which should make both commands work without complaint.
>
&
On Sat 2019-01-19 17:10:38 +0100, Stefan Claas wrote:
> Now i wonder why i have such high discrepancies in the numbers?
jpegextractor looks like it uses a simple heuristic to find jpegs.
in particular (quoting from
https://www.digiater.nl/openvms/decus/vmslt02a/net/jpeg-extractor.html):
jpe
On Mon 2019-01-21 08:29:35 -0900, justina colmena via Gnupg-users wrote:
> How can people be so insufferably rude?
How indeed.
Justina, please keep discussion on-topic and friendly for this mailing
list. Too many of your posts to the list are full of invective,
threating assault, or incoherently
On Mon 2019-02-25 18:01:22 +0100, Marcel Waldvogel wrote:
> this is probably not the right place to post, but I did not find
> anything more appropriate:
>
> The certificate for git.gnupg.org expired yesterday. Could someone with
> the appropriate privileges please fix this?
It's probably a fine p
On Mon 2019-02-25 19:53:17 +0100, Andrei Fokau wrote:
> I have just installed GnuPG on macOS Mojave using Homebrew. When I try to
> generate a new key I can go through almost all steps seeing messages and
> dialogs in English, but when it asks my passphrase, I see
[ image of cyrillic glyphs and
On Sun 2019-02-24 19:53:53 +, Farhan Khan via Gnupg-users wrote:
> I was under the impression that best practice was to keep the master
> key offline in cold storage.
"best practice" for some is "unusable complexity" for others :) If it
works for you, it's probably not unreasonable to keep the
On Mon 2019-02-25 07:54:33 +0100, Olliver Schinagl wrote:
> What I am trying to accomplish, is to generate an OS image, which
> contains a public gpg key. The public is added using gpg --import and
> kets added to the newly created pubkey.gpg.
I think your description here is missing some backgr
On Wed 2019-02-27 21:10:36 +0100, Olliver Schinagl wrote:
> During development, engineers also login to the system and may
> need to use the gpgv tool to check things. Having to point to the exact
> file is just common cause of imstakes 'where was that file again' or 'oh
> forgot'. But sure it is m
Hi Geoffrey--
On Wed 2019-02-27 17:19:08 +0100, gpir...@manymore.fr wrote:
> I've been unsuccessfully trying for a while now to have gpg working in an
> automated environment. I've been following the point 8.20 int the gnupg faq
> and I get an error at the gpg -homedir command (see screenshot be
On Sat 2019-03-02 11:31:44 +0100, Olliver Schinagl wrote:
> Well the actualy firmware image validation will be done via a script
> there, so no worries on that regard. But if an engineer is tasked with
> modifying any of these scripts, they may struggle to know what's going
> on when invoking the t
On Fri 2019-03-08 20:05:53 +0100, john doe wrote:
> I'm considering working on a project that has only for now a couple of
> developers.
> As part of that project everything that will be released will need to be
> gpg signed.
>
> What is the best way forward?
> - One signing key accessible on the
On Wed 2019-04-10 17:28:54 +0200, Peter Lebbing wrote:
> On 10/04/2019 17:24, Peter Lebbing wrote:
>> gpg> delkey
>
> Sorry, my fatigued head was being silly. That's for deleting the public
> part, not the secret part. I don't think I know the way to delete the
> secret part when you just want to d
Hi Gregor, everyone--
On Wed 2019-06-05 19:10:57 +0200, Gregor Zattler wrote:
> I use notmuch-emacs to read my email and sometimes do use GnuPG,
> therefore notmuch-emacs is configured to verify signatures but
> does so also for S/MIME signatures. When displaying such emails
> I'm asked if I tru
On Fri 2019-06-21 15:26:17 +0100, Andrew Gallagher wrote:
> On 21/06/2019 14:32, Werner Koch via Gnupg-users wrote:
>> That new thing now is the n-th repetition of the same game: Replacing
>> PGP by a centralized approach, or well many centralized approaches, in
>> an attempt to repeat the story of
On Sat 2019-06-22 09:41:46 +0200, Wolfgang Traylor via Gnupg-users wrote:
> On Debian: Prepare GnuPG
>
>
> SSH support is not given by GnuPG 1. The `gpg` executable must be version 2.0
> or higher.
> On Debian system, `gpg` is still the old version by default. We change th
On Tue 2019-06-18 04:03:45 -0400, vijai kumar via Gnupg-users wrote:
> I am using gpg inside a docker container. By default, there is no
> /run/user/ in the container so gpg defaults to ~/.gnupg as socket
> directory. Is there a provision to change the socket directory later?
> Now, I would like to
On Sun 2019-06-09 19:17:10 +0200, Wiktor Kwapisiewicz via Gnupg-users wrote:
> Hi Markus,
>
> On 09.06.2019 14:16, Markus Reichelt wrote:
>>> in a similar fashion to what --quick-* commands already do for other actions
>>> (e.g. --quick-add-uid).
>>
>> --set-notation maybe?
>
> Yes, but as far a
On Sat 2019-06-01 12:14:00 +0200, Uwe Brauer wrote:
> In any case I finally solveed the issue by just importing all available
> cer into gpgsm and it worked, by mistake was to assume that gpgsm uses
> the ones which are installed system wide.
I agree that gpgsm integration with the system keyring
On Tue 2019-06-25 13:07:03 +0200, Dirk Gottschalk via Gnupg-users wrote:
> This is my $HOME/.config/systemd/user/gpg-agent.service:
If you're using gpg-agent as a systemd user service, please use the
systemd unit files (.service and .socket definitions) that ship with
GnuPG itself.
There are a nu
On Sun 2019-06-23 15:00:40 -0700, James Moe via Gnupg-users wrote:
> On 23/06/2019 11.53 AM, James Moe via Gnupg-users wrote:
>
>> gnupg does appear in the update log
>>
> Sigh. Typo.
> gnupg does NOT appear in the update log. Nor does libscrypt.
Without having access to your pubring.gpg, it's
On Tue 2019-06-25 17:41:12 +0200, Dirk Gottschalk via Gnupg-users wrote:
> Am Dienstag, den 25.06.2019, 16:30 +0200 schrieb Vincent Breitmoser:
>> Have you considered the option to have keys cross-sign third party
>> signatures for publication? It's a very slight switch in tooling if
>> we assume a
On Tue 2019-06-25 12:02:13 -0700, James Moe via Gnupg-users wrote:
> On 25/06/2019 8.30 AM, Daniel Kahn Gillmor wrote:
>
>> Is it possible that your pubring.gpg is corrupt?
>
> As it happens, yes.
> The size of pubring.gpg was 20MB; the backup copy was 1.3MB. After
&g
On Tue 2019-06-25 23:03:18 -0400, Phil Pennock wrote:
> With GnuPG 2.2.16 :
>
> % ls -ldh ~/.gnupg/pubring.kbx
> -rw-r--r-- 1 pdp pdp 241M Jun 22 22:16 /home/pdp/.gnupg/pubring.kbx
> % time gpg --list-keys >/dev/null
> [...]
> gpg --list-keys > /dev/null 1473.99s user 1965.72s system 99% cpu 57:1
On Wed 2019-06-26 07:47:11 +0200, Matthias Apitz wrote:
> Thanks for all the helping hands and hints about systemd(8), but FreeBSD
> normally does not run/use this. AFAIK, there is not even an official
> port of it in the FreeBSD's ports collection.
That's correct, systemd depends on the Linux ker
On Fri 2019-06-28 10:04:44 +0200, Michael Kesper wrote:
> On 23.06.19 12:21, Matthias Apitz wrote:
>> I'm used to use 'startx' and ~/.xinitrc to bring up Xorg+KDE:
>
> This makes your setup depend on a suid binary.
Can you give more details? I know that some older systems did rely on X
or startx
On Fri 2019-06-28 11:09:36 +0200, Michael Kesper wrote:
> On 28.06.19 10:23, Daniel Kahn Gillmor wrote:
>> On Fri 2019-06-28 10:04:44 +0200, Michael Kesper wrote:
>>> On 23.06.19 12:21, Matthias Apitz wrote:
>>>> I'm used to use 'startx' and ~/.xinitrc
On Sun 2019-06-30 00:33:22 +0100, Andrew Gallagher wrote:
> Indeed, c) was exactly the killer use case I had in mind.
so, how do we get there?
> On the other hand, b) is also quite useful in the short to medium
> term, until all mail providers decide to support WKD etc.
WKD is mighty nice, but i
On Tue 2019-07-02 12:24:42 +0200, Werner Koch via Gnupg-users wrote:
> On Tue, 2 Jul 2019 10:23, gnupg-users@gnupg.org said:
>
>> Why not make "import-clean" and "import-minimal" strip key signatures
>> before importing a key? That would make "import-minimal" behave like
>
> Because that contradic
On Thu 2019-07-25 14:00:08 -0400, Kynn Jones via Gnupg-users wrote:
> The GnuPG documentation refers to an "INTEROPERABILITY WITH
> OTHER OPENPGP PROGRAMS section", but when I search for this
> title, I find only references to it, not the actual section.
>
> Does any one know where that section is?
Hi MFPA--
On Sun 2019-07-28 14:12:45 +0100, MFPA via Gnupg-users wrote:
> I have the option "allow-non-selfsigned-uid" in my gpg.conf.
A bit of background first, since the documentation around
allow-non-selfsigned-uid appears to be confusing/mistaken.
the manual says:
--allow-non-selfsig
On Thu 2019-08-01 13:37:26 +0200, Werner Koch wrote:
> The user ID is important because the accompanying self-signature conveys
> important information about the keyblock. For example expiration date
> and preferences. It is true that this can also be conveyed with
> direct-key-signatures (a self
Hi Tomasz--
On Sat 2019-08-17 18:45:24 +0200, Tomasz Buchert wrote:
> what would be the most "canonical" way to store arbitrary, signed data
> along the gpg key? And then: what is the programmatic way of extracting
> said data?
>
> My specific usecase is putting a signify [1] public key inside my
On Tue 2019-10-15 22:57:16 +0200, Werner Koch via Gnupg-users wrote:
> If your system has a method to run a script
> on suspend or lid closing it may already do just that. I consider this
> a good idea but we can't do that by default in GnuPG because systems
> differ to much on how to detect a lid
On Tue 2019-10-15 23:01:33 +0200, Werner Koch via Gnupg-users wrote:
> On Tue, 15 Oct 2019 09:06, Bjarni Runar Einarsson said:
>
>> Would the GnuPG issue tracker be a good place to file "bug
>> reports" against the spec, to work towards clarifications?
>
> That is okay for bug reports, but often it
On Thu 2019-10-17 11:08:46 +, Bjarni Runar Einarsson wrote:
> Daniel Kahn Gillmor wrote:
>> I'd be happy to set up such a tracker at (say)
>> https://gitlab.com/openpgp-wg/web-key-directory/issues if folks
>> are OK with it.
>>
>> Werner, does that sound
801 - 900 of 930 matches
Mail list logo
