On Feb 24, 2016, at 9:11 AM, Josef Carnap wrote:
>
> Hello everyone,
>
> I have a question to the options --compress-level and
> --bzip2-compress-level. Which are the supportet (possible)
> values of each of the options? -- Numbers from 0 up to 6?
1 through 9, with 1 being the least compression
On Mar 8, 2016, at 6:54 AM, Marco A.G.Pinto
wrote:
>
> Hello!
>
> I have made the mistake of adding the same photo with different file sizes
> using Enigmail and export it to the servers.
>
> I have already deleted two of the three photos using the CLI, but the key in
> the server still has
On Aug 19, 2016, at 11:56 AM, Scott Linnebur wrote:
>
> I have an issue that I just cannot figure out. What I’m trying to do is move
> a file between two organizations using two different transports while
> encrypting the file. On one side they use ipswitch movit to encrypt the file
> and po
On Jan 16, 2017, at 11:52 AM, John Lane wrote:
>
> I'm trying to experiment with trust signatures but I can't work out how
> the 'domain' question is used ?
>
> I think I understand what it is for, but I can't enter a value and get
> it to work.
>
> I have a key A that has signed b...@example.c
On Aug 18, 2013, at 11:45 AM, ashish tiwari
wrote:
> echo test123|/usr/local/bin/gpg --no-tty --passphrase-fd 0 -o
> /apploatr/.gnupg/ab.pgp --debug-level advanced --log-file a.log --sign
> --encrypt -r nkumar /apploatr/.gnupg/test.txt
>
> gpg: O j: ... this is a bug (getkey.c:2696:lo
On Aug 22, 2013, at 9:56 AM, "Robert J. Hansen" wrote:
> GnuPG extends this with support for Camellia-128, Camellia-192 and
> Camellia-256. I don't know the reasoning for introducing Camellia, but
> I'm sure there's a solid basis for it.
I think it was implemented in GnuPG first, but it's not a
On Aug 22, 2013, at 10:15 AM, Daniel Kahn Gillmor
wrote:
> On 08/22/2013 09:56 AM, Robert J. Hansen wrote:
>> GnuPG extends this with support for Camellia-128, Camellia-192 and
>> Camellia-256. I don't know the reasoning for introducing Camellia, but
>> I'm sure there's a solid basis for it.
>
On Aug 29, 2013, at 2:01 PM, Csabi wrote:
> Hi all,
>
> Why does not support GNUPG the CAST6 (256 bit key) variant of the CAST
> algorithm?
> It supports the CAST5 (128 bit key) variant and it is the default cipher.
There never was a really good reason to support it. The OpenPGP working group
On Sep 13, 2013, at 1:22 AM, Daniel Kahn Gillmor wrote:
> GnuPG is currently not able to create a non-exportable self-sig. If you
> try to do this, it gives an error:
>
> WARNING: the signature will not be marked as non-exportable.
This is by design (hence the warning message), as an unsigned
On Sep 25, 2013, at 9:18 AM, "Robert J. Hansen" wrote:
> I'm working on adding support for GnuPG keyrings to a file carver (a
> forensic tool that recovers data from damaged filesystems, or recovers
> things that have been deleted but not overwritten). Detecting an
> ASCII-armored keyblock is pr
On Sep 26, 2013, at 12:54 PM, Paul Taukatch wrote:
> I had a question regarding exporting a private key using GPG.
>
> I generated a Key pair using GPG 1.4.13 and then used the export command to
> export the private key into another file.
>
> Based on the RFC 4880 documentation:
>A Secret
On Sep 27, 2013, at 9:58 AM, Paul Taukatch wrote:
> Really appreciate the help and the quick response!
>
> I just wanted to clarify, where exactly is the public key information stored
> within the exported secret key data? Is it part of the Secret key packet as
> part of the "Encrypted stuff
On Oct 10, 2013, at 1:45 PM, "Brian J. Murrell" wrote:
> I was told by a developer of a piece of software that my key does not
> conform to rfc4800. He said:
>
> According to http://tools.ietf.org/html/rfc4880#section-5.2.2
> signatures of version 3 don't have subpackets, which are only
> av
On Oct 15, 2013, at 7:30 PM, Hauke Laging wrote:
> Hello,
>
> I think it would be a good idea to change the handling of local signatures. I
> suggest to import local signatures even without
>--import-options import-local-sigs
> if the local signature is by one of the secret keys in the
On Oct 16, 2013, at 8:04 AM, "Brian J. Murrell" wrote:
> If you worked in a corporate environment, would you trust the HR
> department there to have verified the identity of employees well enough
> to leverage that into signing a GPG key?
>
> Let's say such an environment had an messaging system
On Oct 24, 2013, at 3:05 PM, Sylvain wrote:
> Hi,
>
> I saw a lot of activity in the Debian project about upgrading to a
> 4096 RSA key,
> e.g. http://lists.debian.org/debian-devel-announce/2010/09/msg3.html
>
> However GnuPG's default is 2048.
>
> Is this zealotry on the Debian front, or
On Oct 24, 2013, at 4:47 PM, "VINEETA DESHMUKH (CRGL-THIRDPARTY.COM)"
wrote:
> Hello,
>
> I am facing an issue with the Signature verification from one of our clients
> – JP Morgan. We currently have FTP+encryption+signature of all the files
> which they send to us. However, they recently ha
On Nov 13, 2013, at 6:08 PM, adrelanos wrote:
> Hi!
>
> I would like to partition my key like this:
>
> - long term identity key (air gapped, master key) [a]
> -- short term e-mail encryption key (less secured sub key, only on mail
> machine) [b]
> -- short term e-mail signing key (less secured
On Nov 20, 2013, at 1:21 PM, Josef G. Bauer wrote:
> Hi,
>
> I wonder how easily my private key(s) ('secgring.gpg') can be cracked
> once somebody get access to it.
Not at all easily, *if* you have a good passphrase on your private key(s).
> Q: Is the password stored as an hash and can it be c
On Nov 20, 2013, at 5:33 PM, Johan Wevers wrote:
> Hello,
>
> I communicate with someone whose key tells me it supports IDEA, and
> since that's my prefered algorithm my gpg uses it to encrypt the
> message. However, het setup does not in fact support it (any more, it
> used to do in the past).
On Dec 17, 2013, at 11:31 AM, Matt D wrote:
> On 12/17/2013 11:09 AM, Daniel Kahn Gillmor wrote:
>> Hi Matt--
>>
>> On 12/17/2013 10:07 AM, Matt D wrote:
>>> Hi! What encryption algorithm do we use in OpenPGP
>>
>> OpenPGP has "algorithm agility", meaning that it's possible to use
>> differen
On Dec 17, 2013, at 1:53 PM, Matt D wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 12/17/2013 01:37 PM, David Shaw wrote:
>> On Dec 17, 2013, at 12:41 PM, Matt D wrote:
>>
>>> How can I find whats on my list?
>>
>> gpg --edit-key
On Dec 17, 2013, at 12:41 PM, Matt D wrote:
> How can I find whats on my list?
gpg --edit-key (thekey)
showpref
You can see your own, or anyone else's preference list that way. Note that
each user ID (or photo ID) has its own preference list.
David
_
On Dec 18, 2013, at 5:41 AM, Werner Koch wrote:
> On Wed, 18 Dec 2013 02:27, r...@sixdemonbag.org said:
>
>> because you just shifted to arguing that "since GnuPG defaults to
>> AES-256, we need to use RSA-15000 by default otherwise the asymmetric
>
> FWIW:
>
>The rationale why we use the
On Dec 19, 2013, at 7:10 PM, Eric Swanson wrote:
> I'm trying to import a "raw" RSA secret key into GnuPG.
>
> I have p, q, d and the creation timestamp, as well as anything else
> that can be computed from them (n, u, e, etc etc).
>
> I've been implementing bits of RFC 4880 in an attempt to ge
On Jan 27, 2014, at 3:02 PM, Uwe Brauer wrote:
> Hello
>
> I just tried out iPGmail a app for the iPhone which supports
> pgp. However I want to import my private key and here the trouble
> starts. For some reason iPGmail only supports private keys in armor
> format which are password protected.
On Jan 27, 2014, at 3:26 PM, Uwe Brauer wrote:
>>> "David" == David Shaw writes:
>
>> On Jan 27, 2014, at 3:02 PM, Uwe Brauer wrote:
>>> Hello
>>>
>>> I just tried out iPGmail a app for the iPhone which supports
>>> pgp. However
On Jan 28, 2014, at 9:37 AM, Uwe Brauer wrote:
> Hello
>
> I have a problem to import my secret key into a iOS app called iPGmail.
>
> The problem is that of course the key is password protected and the app
> seem to have difficulties with the password.
>
> So I just deleted the password and
On Feb 21, 2014, at 7:06 PM, john s. wrote:
> Having had no trouble generating a key pair, I am having some problems of
> understanding.
>
> I am going around in circles trying to understand something i am sure is quite
> straightforward.
>
> The command:
>
> gpg --edit-key UID takes me
On Feb 23, 2014, at 2:33 AM, Laurent Jumet wrote:
>With 1.4.16, I suppose there is no way to change the size of the main key
> (actual 1024), isn't it?
>I'm limited to RIPEMD160.
If you're limited to using RIPEMD160 for some reason (or SHA-1, also a 160-bit
hash), then you are limited
On Feb 23, 2014, at 10:54 AM, Laurent Jumet wrote:
>
> Hello David !
>
> David Shaw wrote:
>
>>> With 1.4.16, I suppose there is no way to change the size of the main
>>> key (actual 1024), isn't it?
>>> I'm limited to RIPEMD160.
>
On Feb 26, 2014, at 8:43 AM, Óscar Pereira wrote:
> Hello all,
>
> I've just stumbled across this question, on Security StackExchange,
> but it has no satisfactory answers, so I'd thought to relay it here.
> Basically, it asks whether after a GPG signing party, you still have
> to assign trust v
On Mar 12, 2014, at 9:07 AM, Kumar, Vikash X
wrote:
> Hi Team,
>
> Could you please help me to understand the following query.
>
> We are using gpg encryption method for encryption and decryption in our
> application. We have generated the keypairs on server A and public key is
> imported
On Mar 13, 2014, at 6:17 PM, MFPA <2014-667rhzu3dc-lists-gro...@riseup.net>
wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
> NotDashEscaped: You need GnuPG to verify this message
>
> Hi
>
>
> On Thursday 13 March 2014 at 2:31:06 PM, in
> , Hauke Laging wrote:
>
>
>
>> gpg --reci
On Mar 15, 2014, at 3:53 PM, Juha Heljoranta wrote:
> Hi,
>
> I am not able to get the gpg to verify a signature.
>
> Any advice how to fix this?
> Or could the key 9C973C92 be invalid/broken?
The key may be fine, but the signature is invalid. DSA keys specify how many
bits of hash are neces
On Mar 17, 2014, at 10:39 AM, Daniel Kahn Gillmor
wrote:
> On 03/15/2014 03:53 PM, Juha Heljoranta wrote:
>
>> I am not able to get the gpg to verify a signature.
>>
>> Any advice how to fix this?
>> Or could the key 9C973C92 be invalid/broken?
>>
>>
>> $ mkdir -m 700 newgnupg
>> $ echo foo
On Mar 23, 2014, at 8:37 AM, -- -- wrote:
> Hi!
>
> Just for the sake of curiosity, is it possible to store a 8192 bit RSA key on
> the OpenPGP smart card? Two keys ? Three keys?
No. You can store three 4096-bit RSA keys. Larger than that is not possible
on the card (and not support
On Mar 26, 2014, at 5:37 PM, -- -- wrote:
> Hi,
> is it possible to encrypt a file with a symmetric cipher (e.g., AES256) using
> a key file (e.g., a binary file) instead of a password?
Not really, but you can sort of weakly approximate it via something like this:
base64 -w0 binary-
On Mar 31, 2014, at 2:18 PM, Barnet Wagman wrote:
> In symmetric encryption (AES256), is it possible for me to supply my own key,
> rather than entering a passphrase and having a key generated by pgp?
No. Not without patching the source.
David
___
On Apr 1, 2014, at 9:01 PM, Tim Chase wrote:
> I've been trying to find a good explanation on how something like
>
> gpg -r DEADBEEF -r CAFEBABE -r 8BADFOOD -o output.gpg -e input.txt
>
> works. The best I've been able to find is this:
>
> http://lists.gnupg.org/pipermail/gnupg-users/2007-Oc
On Apr 7, 2014, at 2:06 AM, Johan Wevers wrote:
> Hallo,
>
> I changed the preferences for my gpg key to add the new Camelia ciphers
> and move IDEA more backward as I got problems with people with old pgp
> keys using old gnupg versions claiming they supported it but actually
> didn't support i
On Apr 8, 2014, at 1:48 AM, Johan Wevers wrote:
> On 07-04-2014 15:16, David Shaw wrote:
>
>> When you change preferences you add another selfsig for your
>> user ID that contains the new preferences.
>
>> If you want to make the old preferences go away completely,
&
On Apr 23, 2014, at 3:24 PM, helices wrote:
> No matter how I try, I cannot encrypt a file using that public key, even
> using --edit-key to assign trust:
>
> gpg: 845F5188: skipped: Unusable public key
>
> gpg: /tmp/test.txt: encryption failed: Unusable public key
>
>
> The owner of the pu
On Apr 23, 2014, at 6:13 PM, t...@piratemail.se wrote:
> Greetings,
>
> This is a tiny bit philosophical. Perhaps a little off-topic. I think this is
> probably the best list to ask never-the-less.
>
> So I've been working on this pgp base web based mail service.
> https://github.com/timprepsci
On Apr 23, 2014, at 11:14 PM, David Shaw wrote:
> On Apr 23, 2014, at 3:24 PM, helices wrote:
>
>> No matter how I try, I cannot encrypt a file using that public key, even
>> using --edit-key to assign trust:
>>
>> gpg: 845F5188: skipped: Unusable public
On Apr 24, 2014, at 9:15 AM, helices wrote:
> Thank you, for your response.
>
> [1]
> -BEGIN PGP PUBLIC KEY BLOCK-
> Version: Encryption Desktop 10.3.0 (Build 8741)
[..]
> -END PGP PUBLIC KEY BLOCK-
Interesting! This definitely has a selfsig, but the key itself is very odd.
On Apr 29, 2014, at 6:40 PM, Koen wrote:
> Hi,
>
> I use '--keyserver --search-keys to get info on a number of
> keys. As far as I can tell, that doesn't return an expiration date (if
> that exists).
GPG's keyserver code is capable of displaying expiration date, if the keyserver
provides it.
On Apr 30, 2014, at 3:23 PM, Doug Barton wrote:
> ... your whole premise seems to be invalid as there is no clear evidence at
> this time (that I'm aware of, and I've been paying attention) that any actual
> secret keys have been compromised by Heartbleed. It was listed as a potential
> risk w
On May 2, 2014, at 9:08 PM, gn...@tim.thechases.com wrote:
> So I guess I'm looking for
>
> 1) something that doesn't leak identities across signatures
> 2) a single passphrase to manage the multiple identities
> 3) can be identified by the signing email address (Claws seems to
> make this easy f
On May 5, 2014, at 1:05 AM, Hauke Laging wrote:
> Hello,
>
> from time to time when changes to GnuPG's behaviour (about validity and
> trust) are suggested, Werner responds kind of: "No, that should be done
> on top of GnuPG." This attitude makes sense but in the current situation
> I would a
On May 13, 2014, at 7:15 PM, Aaron Toponce wrote:
> I don't know if this is a bug, or if I am doing something wrong, so I might as
> well ask here. I ran the following command from my terminal, and cannot
> retrieve the fingerprint from the file:
>
>$ gpg --output 0xBB065B251FF4945B.gpg --ex
On May 14, 2014, at 9:35 AM, Sin Trenton wrote:
> Hello everyone,
>
> Just out of curiousity, are there any plans for including Threefish into
> GnuPG?
> Or does it have to be incorprorated into the OpenPGP standard first and
> *then* perhaps baked into GnuPG?
Yes. GnuPG follows the OpenPGP
On May 22, 2014, at 1:04 PM, martijn.list wrote:
> According to RFC 4880
>
> "For subkeys that can issue signatures, the subkey binding signature
> MUST contain an Embedded Signature subpacket with a primary key binding
> signature (0x19) issued by the subkey on the top-level key."
>
> The sub
On Jun 1, 2014, at 6:54 AM, Suspekt wrote:
> Hi there,
> I understand the concept of using a secure offline key and than creating one
> or multiple subkeys to use in rather insecure environments like a
> internet-connected laptop or a smartphone. Depending on which tutorial you
> look at, the
On Jun 1, 2014, at 3:25 PM, Suspekt wrote:
> OK,lets take the forced-by-law-theory in account. Than the "best" way from a
> pure security-standpoint in this regard would be:
> 0. OFFline-mainkey (certification of own keys and other people's keys)
> -> 1. OFFline-subkey (signing)
> -> 2. OFFline-
On Jun 2, 2014, at 11:30 AM, Suspekt wrote:
> Am 02.06.2014 17:01, schrieb David Shaw:
> > One problem with multiple encryption subkeys is that the person
> > encrypting to you doesn't know which one to use. As things stand in
> > OpenPGP clients today, unless the pe
Likely of interest to this group:
http://googleonlinesecurity.blogspot.com/2014/06/making-end-to-end-encryption-easier-to.html
Briefly, it's a Chrome extension for doing OpenPGP. It can import and use RSA
keys generated elsewhere, but only has code to generate ECC keys internally.
I haven't
On Jun 4, 2014, at 4:32 AM, Werner Koch wrote:
> On Wed, 4 Jun 2014 04:43, ds...@jabberwocky.com said:
>
>> I haven't looked at the fine details yet, but on the surface it seems
>> like they're aiming at Gmail (mainly, but not solely).
>
> Interesting. This is in contrast to a recent online a
On Jun 25, 2014, at 1:53 PM, Jérôme Pinguet wrote:
> Hello!
>
> Thanks to Werner, I learned a new english word today: bikeshedding! :-)
>
> This guide
> http://spin.atomicobject.com/2013/11/24/secure-gpg-keys-guide/ suggests
> creating a subkey with authentication capability. Most other sources
On Jun 27, 2014, at 6:45 AM, Viktar Siarheichyk wrote:
> On 26.06.2014 23:28, Paul R. Ramer wrote:
>> On June 26, 2014 8:26:16 AM PDT, Daniel Kahn Gillmor
>> wrote:
>>
>>> As for arguments about use on smartcards -- if you plan to get a
>>> smartcard, and you have a primary key that is too lar
On Jun 27, 2014, at 4:24 PM, John Clizbe wrote:
> Kristian Fiskerstrand wrote:
>> On 06/27/2014 03:54 PM, shm...@riseup.net wrote:
>>
>>
>>> Robert J. Hansen:
On 6/26/2014 5:57 PM, Daniel Kahn Gillmor wrote:
> PGP 8 was released over a decade ago, that's hardly a modern
> implemen
On Jun 28, 2014, at 5:20 AM, MFPA <2014-667rhzu3dc-lists-gro...@riseup.net>
wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Hi
>
>
> On Friday 27 June 2014 at 11:35:00 PM, in
> , David Shaw
> wrote:
>
>
>> Incidentally, since subk
On Jun 29, 2014, at 6:23 AM, Werner Koch wrote:
> On Sat, 28 Jun 2014 15:22, ds...@jabberwocky.com said:
>
>> I put a limited workaround in GnuPG at the time - that's why the
>> encryption key is always written to the card after the auth key (so
>> the encryption key would always be the "newest"
On Aug 11, 2014, at 1:31 PM, Johan Wevers wrote:
> On 11-08-2014 8:49, Robert J. Hansen wrote:
>
>> On Enigmail, I recently had a frustrating
>> experience helping a user who was trying to use GnuPG to exchange
>> traffic with a PGP *2.6* user... a codebase which is about 20 years old now.
>
>
On Aug 12, 2014, at 3:33 AM, Werner Koch wrote:
> On Tue, 12 Aug 2014 00:08, ds...@jabberwocky.com said:
>
>> Rather than fixing RFC-1991 support, why not go in the other direction
>> and make it clear that it isn't supported, and won't work? I did a
>> bunch of work to make --pgp2 work well an
On Aug 13, 2014, at 8:22 AM, Peter Lebbing wrote:
> It is precisely as you said, GnuPG does allow reinstigating a revoked
> UID. However, there is a slight hitch in the UI that means you can't do
> it completely straight-forwardly. You need to delete the offending UID
> before re-adding it, but o
On Aug 14, 2014, at 1:20 AM, Doug Barton wrote:
> On 08/12/2014 08:41 PM, David Shaw wrote:
>> Maybe the answer is to remove the things to generate PGP 2 messages
>> specifically, and leave the other stuff?
>
> Yes please. :)
>
> Not being able to encrypt/sign
On Aug 13, 2014, at 3:56 AM, Werner Koch wrote:
>> state. One place that comes to mind is in --gen-revoke. GPG can
>> import a bare revocation certificate. No version of PGP can, so there
>> is code to push out a minimal public key before the revocation
>> certificate. We'd need to add some s
On Aug 14, 2014, at 5:46 AM, Peter Lebbing wrote:
> On 13/08/14 23:51, David Shaw wrote:
>> Try this:
>>
>> gpg2 --expert -u (thekey) --edit-key (thekey)
>
> Ah! I never thought of trying good old --expert. Thanks!
It may be appropriate to not need --expert f
On Aug 13, 2014, at 2:27 AM, shm...@riseup.net wrote:
> i've seen a multitude of ways people input data into this pref
>
> for example, some people put a link to their public key .asc or .txt file
>
> some others put a link to an actual keyserver
>
> from the name of the actual pref, it states
On Aug 14, 2014, at 1:08 AM, Doug Barton wrote:
> On 08/12/2014 11:27 PM, shm...@riseup.net wrote:
>> i've seen a multitude of ways people input data into this pref
>>
>> for example, some people put a link to their public key .asc or .txt file
>>
>> some others put a link to an actual keyserve
On Aug 13, 2014, at 4:20 PM, Bill HT wrote:
> We are on HP-UX ver 11.11 U 9000/800. GnuPG 2 was installed at
> /usr/local/bin, we have to call it with the at path to do anything with it:
> /usr/local/bin/gpg2. I can list keys and import keys. However, when trying to
> generate keys or encrypt,
On Sep 14, 2014, at 9:05 PM, Hauke Laging wrote:
> Hello,
>
> after filing a bug report for my mail client because it does not allow
> me to encrypt to an expired certificate (neither does Enigmail) I was
> surprised to notice that I didn't manage to encrypt to an expired
> certificate with
On Sep 15, 2014, at 3:06 PM, Hauke Laging wrote:
> Am Mo 15.09.2014, 09:47:21 schrieb David Shaw:
>
>> I disagree with this. Expiration is the way the key owner (the person
>> who knows best whether the key should be used or not) tells the
>> world, "Do not
On Sep 17, 2014, at 3:54 PM, MFPA <2014-667rhzu3dc-lists-gro...@riseup.net>
wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Hi
>
>
> On Tuesday 16 September 2014 at 11:03:29 PM, in
> , Doug Barton wrote:
>
>
>
>> When you get into the edit-key menu you can do 'uid *'
>> (or s
On Nov 10, 2014, at 7:00 AM, Nicholas Cole wrote:
> Just out of curiosity: DSA key sizes are now rounded to one of 3
> values, whereas RSA keys are available in a range of sizes between two
> limits. Why the difference?
FIPS-186-3, the document that specifies DSS (aka DSA with some additional
On Nov 10, 2014, at 8:56 AM, Robert J. Hansen wrote:
>> FIPS-186-3, the document that specifies DSS (aka DSA with some
>> additional restrictions as to algorithm, key length, etc) specifies 4
>> key sizes:
>
> Five, but nobody uses DSA-512 and I think it's been formally obsoleted.
> But yes, DSA
On Jan 13, 2015, at 3:10 AM, Werner Koch wrote:
>
> On Mon, 12 Jan 2015 21:51, gn...@lists.grepular.com said:
>
>> Apparently some of the funds will be donated to the GnuPG project. I suspect
>> he hasn't been in contact, and I imagine the funds would not be welcome?
>
> I have not heard about
On Jan 13, 2015, at 2:53 PM, NdK wrote:
>
> Il 13/01/2015 16:34, David Shaw ha scritto:
>
>> I like the idea of adding a proper fingerprint to signature packets. I seem
>> to recall this was suggested once in the past, but I don't recall why it
>> wasn'
On Jan 13, 2015, at 10:11 PM, Sandeep Murthy wrote:
>
> Hi
>
>> Only the right key will actually work for verification, but the program may
>> not be able to find that right key.
>
> Wouldn’t this issue of possible collisions in the long key ID (64 bits / 16
> hex digits)
> causing problems f
On Jan 16, 2015, at 7:56 AM, Salih Kardan wrote:
>
> Hi everyone,
>
> I have two simple questions about subkey mechanism. I search gnupg
> documentations and mailing list, but could not find answers to my questions.
> I would be so glad, if someone can answer below questions.
>
> 1) Is it po
On Jan 17, 2015, at 5:48 PM, Robert J. Hansen wrote:
> quorra:~ rjh$ grep default-pref .gnupg/gpg.conf
> default-preference-list SHA256 RIPEMD160 AES256 CAMELLIA256 TWOFISH 3DES
>
>
> ... As I understand the way algorithms are selected, GnuPG uses the
> most-preferred algorithm in my list that
On Tue, Mar 03, 2009 at 02:31:13PM -0700, Joseph Oreste Bruni wrote:
> http://www.theregister.co.uk/2009/03/03/encryption_password_ruling/
>
> Hi List,
>
> This article caught my eye. One of the things that I gleaned from the
> article is that it's obvious that law enforcement (at this level) doe
On Tue, Mar 03, 2009 at 05:11:47PM +0100, Werner Koch wrote:
> On Sat, 7 Feb 2009 10:40, i...@ushills.co.uk said:
>
> > How can I combine them so I have one secret key with both the ELG and
> > RSA subkeys under the primary key.
>
> That is possible but requires some manual work. You need to us
On Mar 3, 2009, at 7:08 PM, John Clizbe wrote:
gerry_lowry (alliston ontario canada) wrote:
unfortunately, it's likely that certain countries handle this using
torture.
Folks on this list have said for years that rubber-hose key extraction
is orders of magnitude faster than brute-force compu
On Mar 3, 2009, at 6:04 PM, Atom Smasher wrote:
On Tue, 3 Mar 2009, David Shaw wrote:
This article caught my eye. One of the things that I gleaned from
the article is that it's obvious that law enforcement (at this
level) does not have the ability to brute-force crack PGP
encrypted
On Tue, Mar 03, 2009 at 07:31:03PM -0500, Robert J. Hansen wrote:
> Atom Smasher wrote:
> > most people don't use pass-phrases that strong.
>
> Let me see if I have this clear:
>
> - He knew he was approaching a border
> - He knew he had child porn on his system
> - He knew his laptop might be se
On Mar 3, 2009, at 12:27 PM, Joseph Oreste Bruni wrote:
Is there a way to have GnuPG automatically retrieve a key for
encryption similar to the way the "auto-key-locate" feature works,
but when specifying a keyid instead of an email address? For
example, if someone has a key id, but not a k
On Wed, Mar 04, 2009 at 10:51:39AM +0100, Werner Koch wrote:
> On Wed, 4 Mar 2009 05:58, ds...@jabberwocky.com said:
>
> > This is not currently possible. It seems like it should be (the
> > principle of least surprise dictates that it should work with anything
> > that can be passed to '-r').
>
On Wed, Mar 04, 2009 at 10:38:23AM -0500, ved...@hush.com wrote:
> >Date: Tue, 3 Mar 2009 19:21:46 -0500
> >From: David Shaw
> >Subject: Re: surrendering one's passphrase to authorities
>
> >> Folks on this list have said for years that rubber-hose key
> &
On Wed, Mar 04, 2009 at 05:46:38PM -0500, Robert J. Hansen wrote:
> David Shaw wrote:
> > I suspect things would go rather like this:
> > http://www.mail-archive.com/cryptogra...@metzdowd.com/msg10391.html
>
> Perry is an optimist. It's considerably worse than he makes
On Mar 4, 2009, at 9:17 PM, Robert J. Hansen wrote:
David Shaw wrote:
Indeed, and also (in the US at least), the attorneys for each side
can (to a limited degree that varies from situation to situation)
remove people from the "potential juror" list after interviewing them
(a
On Mar 4, 2009, at 11:20 PM, Faramir wrote:
Well, I followed the tutorial that shows how to use just subkeys
(without the main key), in order to keep the main key a bit safer than
usual. But that made me play a bit with the GPGShell options for GPG,
and managed to make it work, allowing to easil
On Mar 5, 2009, at 12:32 AM, Faramir wrote:
David Shaw escribió:
secret-keyring z:\gpghome\secring.gpg
(that's the location of the secring that has the unedited keys)
But my question is: what does that line do? When it is in
gpg.conf, do
I have the 2 secrings at the same time,
On Mar 5, 2009, at 4:22 AM, Felipe Alvarez wrote:
Me again. Sorry to sound newbish. I've googled, but I haven't found
anything quite as detailed enough for me to grasp the 'whole
forest' (so to speak). My question is regarding 'subkeys.' Let me
know if I am getting the wording/terminology
On Mar 5, 2009, at 4:48 AM, Dirk Zemisch wrote:
Hi,
i'm just had some trouble with my keyrings and after all recovery
etc. a
lot of keys I earlier received are gone.
But a lot of them are named in the sigs of my own key. Is there a
possibility to read out all key-IDs from the sigs and impor
On Thu, Mar 05, 2009 at 12:14:24PM -0500, gerry_lowry (alliston ontario canada)
wrote:
> David Shaw wrote, in part:
>
> You can have one subkey for encryption, one subkey for signing, and
> leave your primary key for certification.
>
> This lets you do tricks
On Mar 7, 2009, at 5:28 AM, dmdm wrote:
When I sign a message that contains a gpg key what happens is that
the key
has the '-'
missing at top and bottom of key. its ok before its signed .(see
example
below)
That is a normal part of OpenPGP called "dash escaping". Basically,
since you
On Thu, Mar 12, 2009 at 08:08:35PM +1000, Felipe Alvarez wrote:
> On Fri, Mar 6, 2009 at 12:10 AM, David Shaw wrote:
> >> What do the letters to the right of the words "usage" mean? (S,C,A,E) I
> >> can only guess |S|ign, |E|ncrypt,
> >
> > (S)ign:
On Mar 17, 2009, at 8:24 AM, Bo Berglund wrote:
Is it possible to use GPG encryption in embedded applications?
I would like to protect data passing from a PC over to an embedded
computer unit via an unsecure channel (TCP/IP or USB) such that when
it passes in the transfer line it will be GP
1 - 100 of 1718 matches
Mail list logo
