On Aug 11, 2009, at 2:44 PM, Eric Robinson wrote:
Does GPG run on an iSeries platform? If that's a yes, could some
direct
me to some information as to how, if it's a no, is this projected for
the future?
iSeries running what? Linux?
If it's Linux, just compile it like you'd compile it any
On Aug 13, 2009, at 9:53 AM, michael GRIFFITHS wrote:
So who is on with the plausible deniability project for gpg?
I have to admit the thought of not being able to prove my innocence
doesn't sound like a good prospect. Innocent until proven guilty just
isnt an option anymore
While I believe P
On Aug 17, 2009, at 2:45 AM, Faramir wrote:
Werner Koch escribió:
Noteworthy changes in version 1.4.10 (unreleased)
I remember there were some improvements in the way the preferred
algorithms for encryption are chosen... Are these changes included in
this new version?
Yes. I'll add a note
On Aug 14, 2009, at 7:01 PM, Dominik George wrote:
Hi folks,
I would like to updatea signature on a key, that is, add a sig-
policy-url
and change the verification level (turn a normal sig into a sig3,
that is).
Is this possible? If yes, how?
It is not possible. What you need to do is m
On Aug 19, 2009, at 9:28 AM, Kevin Hilton wrote:
Although I usually get a wide range of responses, is there any
practical advice an end-user should take away from the recent AES256
attacks as described
here:http://www.schneier.com/blog/archives/2009/07/another_new_aes.html?
Should I continue to
On Aug 24, 2009, at 6:28 PM, John Betz wrote:
I was hoping to get some help with decrypting an archived file. I am
using the following command:
echo “passphrase”| gpg --passphrase-fd 0 -o output.txt -d input.pgp
The output file is created with no problem, however, there is
garbage in the
On Aug 26, 2009, at 9:38 AM, John Betz wrote:
David,
The file is a PowerArchiver file (containing multiple text files)
that was
encrypted using PGP.
I'm not sure if that file is legal according to the OpenPGP spec. It
depends on how it was packed together. If you can encrypt a sample
On Aug 27, 2009, at 10:36 AM, John Betz wrote:
I appreciate the offer David, but I don't have PowerArchiver so I
can't
create a sample input file. The file I am trying to decrypt is
coming from
another source so I would have to get them involved in order to
create a
sample archive file. Bec
On Aug 27, 2009, at 6:03 PM, Joseph Oreste Bruni wrote:
Would it be considered a best practice to rotate encryption subkeys
on an annual basis, or would that be considered overkill for most
uses?
It depends on what you're trying to do. :)
I realize that messages are encrypted using ephemer
On Aug 28, 2009, at 2:37 AM, Faramir wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
David Shaw escribió:
...
Incidentally, there have been proposals to add forward security
extensions to OpenPGP. See http://www.apache-ssl.org/openpgp-pfs.txt
As a side note, I am not sure I like
On Aug 31, 2009, at 11:20 AM, Kevin Hilton wrote:
Although I understand the compression algorithms within gnupg are
specified by the OpenGPG standard, are there any grumblings regarding
the addition of the lzma compression scheme?
I've seen it mentioned once or twice, but not much more than th
On Sep 2, 2009, at 12:47 AM, Joseph Oreste Bruni wrote:
I tried compiling 1.4.10rc1 on Mac OS X 10.6 without success.
10.6 ships with a newer version of the compiler toolchain that is
giving a few headaches here and there. Until we work out the issue,
just compile with --disable-asm.
Da
On Sep 1, 2009, at 1:51 PM, Seidl, Scott wrote:
We use gnupg in an automated mode within the organization to encrypt/
decrypt documents exchanged between companies. The Key Pair we have
is expiring soon and I am replacing it with a new key pair. This
new key would be provided to the other
On Sep 4, 2009, at 10:06 AM, joachim.blomb...@vr-leasing.de wrote:
Hi,
im sending *.gpg Mail-Attachments to external Customers , but our
EmailFilter - BCC Mail protect Quarantine stopps the and we have to
release them manual.
I need the HEX File Siganture for GPG Files to customize that i
On Sep 5, 2009, at 5:25 AM, Laurent Jumet wrote:
I found information about CAMELLIA.
According to this info, I suppose I can assume that CAMELLIA is
part of
OpenPGP *and* S11, S12 & S13 are from now on, owned by CAMELLIA.
Yes, and GnuPG 1.4.10 and 2.0.12 (if libgcrypt is recent enough
On Sep 4, 2009, at 12:53 PM, M.B.Jr. wrote:
when symmetrically encrypting a file, e.g.:
$ gpg --output file.ods.gpg --symmetric file.ods
the command above generates a "gpg" extension encrypted AND compressed
file, is that correct?
Unless you've disabled compression in your gpg.conf file, yes
On Sep 5, 2009, at 8:59 PM, M.B.Jr. wrote:
Hi David, thank you.
On Sat, Sep 5, 2009 at 1:11 PM, David Shaw
wrote:
On Sep 4, 2009, at 12:53 PM, M.B.Jr. wrote:
How do I know which compression algorithm was used?
Unless you've overridden the default, it is ZIP.
Ok but in this
On Sep 6, 2009, at 4:55 PM, Sean Wilson wrote:
The SCM Microsystems Inc. SCR3340 ExpressCard Reader seems to work
as it
can read the OpenPGP 2.0 card (I do have problems writing changes to
it
though, see below).
I have just upgraded to GPG 1.4.10 but when I try to create a key pair
on the O
On Sep 8, 2009, at 3:33 PM, Faramir wrote:
Iván Cervantes escribió:
...
Changing a little my question, why I have only three options in my
gpg
installation¿?
I'll reply in English so other people can correct me if I am wrong.
I think unless you activate the expert options, you get a red
On Sep 9, 2009, at 5:07 PM, BosseB wrote:
I have a number of encrypted files, which I need to decrypt. I have
installed GPG 1.4.9 on my Windows XP-Pro SP3 PC. I have the necessary
keyrings and they work with Thunderbird and Enigmail.
But as I said I need to decrypt files that are on my hard dis
On Sep 9, 2009, at 5:50 PM, BosseB wrote:
Funnily I only found GPG 1.4.9 on the GnuPG site even though Gpg4Win
came with some version 2.0.x, why is this?
There are two versions of GPG. One, the 1.4.x line is a self-
contained GPG that builds on many platforms. It only does OpenPGP.
The o
On Sep 9, 2009, at 6:43 PM, Philippe Cerfon wrote:
Hi.
Now something more realistic and pracitcal.
I'm using gpg for anonymous but secured communication together with
some of my friends for some years now
Recently I've read on severa attacks on SHA1 and AES256 that could
also affect gp
On Sep 10, 2009, at 8:02 AM, Philippe Cerfon wrote:
On Thu, Sep 10, 2009 at 3:45 AM, David Shaw
wrote:
Yes, but it won't actually go away completely. SHA1 is special in
OpenPGP.
Unlike the other hashes, SHA1 is required to be supported.
Removing SHA1
from an OpenPGP preference
On Sep 10, 2009, at 10:51 AM, Philippe Cerfon wrote:
Not really. If there were good reasons to believe OpenBSD's entropy
collector was better than Linux's, the Linux crew would fix the code,
maybe even borrowing OpenBSD's entropy collector.
Ah,.. right... it was the other way round it didn't
On Sep 10, 2009, at 3:36 AM, Sean Wilson wrote:
Does anyone know if the new OpenPGP 2.0 card supports Hushmail keys?
From what I understand Hushmail is based on OpenPGP so it should
work.
The key I have from my Hushmail account is 2048bit in length but
once I
copy the key onto the OpenPGP 2
On Sep 10, 2009, at 6:32 PM, Christoph Anton Mitterer wrote:
Hi folks.
On Thu, 2009-09-10 at 11:08 -0400, David Shaw wrote:
The real headache here is (as always) the practical - what to do with
existing keys and such. I suspect that removing SHA1 would
effectively mean a new key type for
On Sep 10, 2009, at 8:38 PM, Daniel Kahn Gillmor wrote:
On 09/10/2009 06:32 PM, Christoph Anton Mitterer wrote:
3) One problem with such devices is,.. that one can never know
(well at
least normal folks like me) how good they actually are.
If this company would be evil (subsidiary of NSA or s
On Sep 10, 2009, at 6:32 PM, Christoph Anton Mitterer wrote:
The people behind OpenPGP are working on a new OpenPGP proposal that
will use a stronger, better hash algorithm.
Have workings on an 4880 successor already started?
No, at this point things are mainly being proposed as *additions* t
On Sep 10, 2009, at 5:44 PM, Philippe Cerfon wrote:
On Thu, Sep 10, 2009 at 10:21 PM, Robert J. Hansen > wrote:
I understood him to mean the "key ID" as the fingerprint of the
certificate's primary signing key, rather than checking each bit of
the
certificate's primary signing key individuall
On Sep 12, 2009, at 11:38 AM, Peter Lebbing wrote:
Hello list,
Does anybody know if the SCM SCR3320 USB card reader works with
GnuPG under
Linux? Specifically, I was thinking of buying the "ChipDrive MyKey
2" from
Conrad[1] in The Netherlands. It's only 20 euros.
If you look at the produc
On Sep 12, 2009, at 1:40 PM, Peter Lebbing wrote:
David Shaw wrote:
I can't speak to the MyKey device, but I have a SCR3320 and it works
just fine with GnuPG and the v2 card.
Great, thanks for the info. One more question, does your reader look
like
[1] or like [2]?
I must say I lik
On Sep 13, 2009, at 4:52 PM, Sean Wilson wrote:
If I generate a brand new key pair and then add the key to an OpenPGP
2.0 card all works perfectly. But if I want to add the same key onto
another OpenPGP card (as a backup) I get the following error in
Thunderbird:
Error - decryption failed
g
On Sep 15, 2009, at 9:42 AM, Nicholas Cole wrote:
Hi all. This is a query mostly for my own interest, but I think it
might point to a change in the documentation being required.
I was slightly confused by this message
http://lists.gnupg.org/pipermail/gnupg-users/2009-May/036361.html
David su
On Sep 16, 2009, at 1:56 PM, M.B.Jr. wrote:
Hi list,
I've recently had access to this document, written by the "United
States Patent and Trademark Office" (USPTO) which basically tries to
ban software patents.
The memorandum is here:
http://www.uspto.gov/web/offices/pac/dapp/opla/2009-08-25_int
On Sep 16, 2009, at 4:15 PM, Robert J. Hansen wrote:
David Shaw wrote:
Whether this means IDEA is okay or not patent-wise, I have a slightly
different take on this: who cares about IDEA at this point? IDEA was
good back in the 90s and PGP 2.x. It's 2009 now, and we have better
ciphers
On Sep 18, 2009, at 6:15 AM, Faramir wrote:
I while ago, I added a couple of lines to my gpg.conf file, and
at
that time I thought I knew what was I doing... but right now, I can't
remember exactly what effect do they have in gpg... maybe it is due to
lack of caffeine, but anyway, I'd lik
On Sep 18, 2009, at 6:46 AM, FOAD FOAD wrote:
Hi,
I want to know which version of gpg is install on my openbsd, could
you tell me how to do ?
Type "gpg --version"
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/m
On Sep 21, 2009, at 2:30 PM, Johan Wevers wrote:
David Shaw wrote:
If the "some people" still want this, I haven't seen it in a good
long
while. Possibly they gave up asking.
Probably. However, if someone wants IDEA support for whatever reason
there
is still the IDEA p
On Sep 21, 2009, at 10:11 PM, M.B.Jr. wrote:
Gentlemen,
I really appreciate the comments you've made on the subject and the
little debates as well.
That was exactly what I was expecting.
Sometimes, regular users do not have the proper notion of whether some
functionality merits attention.
All
On Sep 22, 2009, at 1:11 PM, Daniel Kahn Gillmor wrote:
when encrypting messages to a user ID with multiple matching keys with
full calculated validity, gpg seems to just choose the "first"
matching
key, for some definition of "first" -- i think it's decided by
chronological age of first impo
First of all, someone has factored a 512-bit RSA key (the one used to
protect a TI programmable calculator, it seems). It took 73 days on a
dual-core 1900Mhz Athlon64. It took just under 5 gigs of storage and
around 2.5 gigs of RAM. In other words: not much at all. It's not
some big dis
On Sep 22, 2009, at 4:40 PM, Daniel Kahn Gillmor wrote:
On 09/22/2009 04:09 PM, John W. Moore III wrote:
John Clizbe wrote:
IIRC, it's the first usable key with a matching User ID. Period.
First one it
can use.
thanks for catching that, John. It appears that if the first key
with a
mat
On Sep 22, 2009, at 6:54 PM, Daniel Kahn Gillmor wrote:
Can you give me an example of a script
that has this behavior "baked in" to the point where adopting a better
heuristic would break it?
It doesn't work that way. The default is "the first valid key". It's
been that way in the PGP worl
On Sep 24, 2009, at 12:30 PM, M.B.Jr. wrote:
Hi David,
about the first "tidbit":
On Tue, Sep 22, 2009 at 6:08 PM, David Shaw
wrote:
First of all, someone has factored a 512-bit RSA key (the one used to
protect a TI programmable calculator, it seems). It took 73 days
on a
On Sep 24, 2009, at 3:13 PM, M.B.Jr. wrote:
On Thu, Sep 24, 2009 at 2:21 PM, David Shaw
wrote:
On Sep 24, 2009, at 12:30 PM, M.B.Jr. wrote:
Hi David,
about the first "tidbit":
On Tue, Sep 22, 2009 at 6:08 PM, David Shaw
wrote:
First of all, someone has factored a 512-b
On Sep 25, 2009, at 10:04 AM, Daniel Kahn Gillmor wrote:
Since most of
these tools rely on gpg as a backend, implementing a more-reasonable
choice in gpg seems like a good idea.
What troubles me about this sort of behavior is that it is genuinely
good and helpful in some cases and baffling a
On Sep 25, 2009, at 7:19 PM, nschroth wrote:
I have been reading previous posts on this topic but have not found my
answer.
When I ENcrypt on BoxA using -r UserName, decryption on BoxB errors
with :
"decryption failed: secret key not available".
However, doing the same test using the email a
On Oct 11, 2009, at 11:50 PM, Jim Dever wrote:
Just a quick question:
Are there any caveats I should be aware of if I generate an RSA
signing
key with an Elgamal encryption subkey?
No caveats. In fact, my own key is exactly that.
David
___
Gn
On Oct 12, 2009, at 7:58 AM, Ciprian Dorin, Craciun wrote:
Hello all!
I'm facing the following problem: I need to run gpg-agent, but
without him going into background. Is there any solution to this one?
I'm not sure exactly what you're trying to do, but you can run gpg-
agent without i
On Oct 15, 2009, at 9:37 PM, Dan Mahoney, System Admin wrote:
1) Currently the only tool that can generate a CERT record, make-dns-
cert, is not built or packaged by default under any os I've found
(I've tried FreeBSD and ubuntu). It has no documentation, no
examples, and only a terse 4-lin
On Oct 20, 2009, at 10:55 PM, Dan Mahoney, System Admin wrote:
On Thu, 15 Oct 2009, David Shaw wrote:
On Oct 15, 2009, at 9:37 PM, Dan Mahoney, System Admin wrote:
I'm running:
echo foo | gpg -v -v --auto-key-locate cert --recipient gu...@gushi.org
--encrypt -a
And get gpg:
On Oct 18, 2009, at 2:37 PM, Alejandro Erickson wrote:
Hi,
I'm a little confused about the verification/installation process.
I have gpg 1.4.7 which came with Mac OS X - assume I trust it. I
want to verify and install gpg 2. I download gnupg-2.0.13.tar.bz2
and gnupg-2.0.13.tar.bz2.sig and
On Oct 23, 2009, at 6:38 PM, sari Al-alem wrote:
Hi
I dont know if this is the right place but im new to this encryption
software and i would like to ask some questions:
1- does GPG have to be installed on all users who will recieve my
mail?
2- does it have to be installed on the mail
On Oct 30, 2009, at 10:24 AM, David Gray wrote:
Hello all,
GPG 2.0.12
Windows Server 2003
I've written a C# application which scans for input files and
decrypts using
GPG.
This applications works fine when run under the account
(Administrator) that
GPG was installed
under but when run
On Oct 30, 2009, at 2:10 PM, Faramir wrote:
Hello,
In the hypothetical case I want to encrypt a file, using 3DES
symmetric
algo, and without using asymmetric encryption (the file would just be
encrypted with 3DES and a password provided by the user), how would it
be the syntax I must enter?
http://news.electricalchemy.net/2009/10/cracking-passwords-in-cloud.html
This is not, of course, an OpenPGP "crack", but rather high-speed
password guessing. The nice thing about cloud password guessing is it
enables people to spin up massive cracking farms without actually
having to manag
On Nov 4, 2009, at 3:33 PM, Josselin Jacquard wrote:
Yes but you're supposed to pay to use ressource on a cloud system
arn't you ? Is it usable computing for free ?
Of course not. Where did anyone say it was free?
I said "The nice thing about cloud password guessing is it enables
people t
On Nov 7, 2009, at 10:24 PM, Kevin Kammer wrote:
On Sat, Nov 07, 2009 at 09:44:23PM -0500
Also sprach Robert J. Hansen:
Kevin Kammer wrote:
If I attempt to create a data signature using a 2048-bit DSA signing
key, and the SHA224 hash algorithm, GnuPG complains as follows:
~ $ gpg -u A39CE7E5
On Nov 8, 2009, at 11:11 PM, Robert J. Hansen wrote:
Kevin Kammer wrote:
Unless there is some inescapable constraint on the size of one's
signature, I am hard pressed to think of a reason for using SHA224
when
SHA256 is available.
Conformance with corporate IT policies. Many corporate IT
On Nov 9, 2009, at 8:20 AM, Kevin Kammer wrote:
On Mon, Nov 09, 2009 at 11:52:48AM +0100 Also sprach Werner Koch:
On Mon, 9 Nov 2009 04:17, r...@sixdemonbag.org said:
When did this changeover take place, and is there any way to get
the old
behavior back?
On 2009-07-09; that is since 1.4.
On Nov 11, 2009, at 7:13 AM, Morten Kjærulff wrote:
Hi,
I am new here, so sorry if I ask stupid questions.
I would like to use my unused storage on various web servers for
backup of my personal data, including the file with all my passwords.
Q1) Assume that I make a good passphrase, would it
On Nov 11, 2009, at 10:49 AM, Kevin Kammer wrote:
On Wed, Nov 11, 2009 at 09:01:09AM -0500
Also sprach David Shaw:
AES256 is probably the best all-round choice in GPG if you want to
just say "strongest" and leave it at that
AES 192 or AES 128 may actually be a more secure choice th
On Nov 17, 2009, at 4:29 PM, Robert J. Hansen wrote:
Mario Castelán Castro wrote:
I need GNU PG 2 because i want to get out of the 1024 bits limit and
SHA forced for DSA, i want my next key (2010-2012) to be more secure
and accept some SHA2.
GnuPG 1.4.7 or later (? on the precise version #) s
On Nov 17, 2009, at 12:38 PM, Melikamp T. Medley wrote:
Thanks for your answers, David, Timo.
A somewhat related question: is there a tool that is designed
to produce "undetectable" encryption, i.e. something that is
very plausibly random? I gather from your answers that gpg does
not do that.
On Nov 17, 2009, at 3:54 PM, Mario Castelán Castro wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
November 17th for David SMITH
Linux do not have a file command, that belogs to the rest of the OS.
Linux is only a kernel than is commonly used with the GNU Operating
System, but the name
On Nov 17, 2009, at 10:00 PM, M.B.Jr. wrote:
Hi list,
one lame confusion I'm facing now.
I was reading GnuPG's "Signing Subkey Cross-Certification" page [1],
and as a matter of fact, these two simple doubts did arise.
Suppose one provides the command:
gpg --gen-key
and chooses the default "D
On Nov 18, 2009, at 8:49 AM, M.B.Jr. wrote:
> Hi David,
>
>
> On Wed, Nov 18, 2009 at 1:21 AM, David Shaw wrote:
>> On Nov 17, 2009, at 10:00 PM, M.B.Jr. wrote:
>>
>>> both my public and private keys will be built upon my DSA primary key
>>> and my El
On Nov 21, 2009, at 1:48 PM, ratzip wrote:
HI,guys
If some one has signed my key and set the trust level on my key, how
could I check the trust level he set?
which commands should I use?
It depends on what you mean by "trust level". If you mean the
ownertrust, then you can't - that's per
On Nov 21, 2009, at 6:47 PM, markus reichelt wrote:
* David Shaw wrote:
If you mean the signature verification level, then it is visible in
the --list-sigs output - 3 for "positive" verification, 2 for
"casual" verification, and 1 for "persona" (aka didn'
On Nov 21, 2009, at 3:13 PM, markus reichelt wrote:
* markus reichelt wrote:
gpg: key generation failed: Card error
Key generation failed: Card error
That's on a stock Slackware 13 system, gpg (GnuPG) 2.0.12,
libgcrypt 1.4.4 with OMNIKEY CardMan 4040 v1.1.0gm5.
Okay, after much cursing omn
On Nov 28, 2009, at 9:42 AM, Ciprian Dorin, Craciun wrote:
Maybe someone could clear this out (at least from GnuPG part). (My
original post was related with both GnuPG an OpenSSH).
~~ Original post:
(I have a very basic question that to most of the persons reading
this news-group
On Nov 28, 2009, at 12:37 PM, Robert J. Hansen wrote:
David Shaw wrote:
Difficult question to answer, since everyone is going to wave around
their opinion. :)
There are some empirical facts which may be useful, though -- like
observing the RC5-64 project was able to break a 64-bit key via a
On Nov 28, 2009, at 3:07 PM, M.B.Jr. wrote:
Hi,
On Sat, Nov 28, 2009 at 1:47 PM, David Shaw
wrote:
The question is: what does GnuPG or OpenSSH do to slow down
password brute-force? I mean does the password derivation function
use
some iterations? If so how many? Can I configure them
On Nov 28, 2009, at 11:55 AM, Ciprian Dorin, Craciun wrote:
Thank you for the quick reply. (This is the kind of answer I was
hopping to get. :) ) It seems that `s2k-count` escaped me. :)
Maybe there should be an entry in the FAQ about this topic.
Related with my question about the pas
On Nov 29, 2009, at 5:13 AM, Werner Dittmann wrote:
All,
to set-up configuration script I use the libgcrypt-config command
to determine parameters about libgcrypt. During tests I get a
confusing result :-) when checking available algorithms:
To check the availabe algorithms I do:
libgcrypt-co
On Nov 29, 2009, at 4:51 PM, wavelength wrote:
>
> Can someone explain why large segments within the ASCII armored key blocks of
> Fedora 11 & 12 match? Attached below are the respective key blocks. Two
> matching regions between the blocks are highlighted with bold arrows.
>
> In addition, larg
On Jan 2, 2010, at 5:40 PM, Allen Schultz wrote:
GnuPG-Users:
Is there a way to force an expiration date when encrypting a message
for additional security. I have a friend who is inquiring. I've
already informed him of the "for his/her eyes only" option.
No, there isn't. The basic problem he
On Jan 2, 2010, at 11:10 PM, Faramir wrote:
Allen Schultz escribió:
GnuPG-Users:
Is there a way to force an expiration date when encrypting a message
for additional security. I have a friend who is inquiring. I've
already informed him of the "for his/her eyes only" option.
What is that opti
On Jan 3, 2010, at 12:01 AM, Dan Mahoney, System Admin wrote:
On Sat, 2 Jan 2010, David Shaw wrote:
On Jan 2, 2010, at 11:10 PM, Faramir wrote:
Allen Schultz escribió:
GnuPG-Users:
Is there a way to force an expiration date when encrypting a
message
for additional security. I have a
On Jan 4, 2010, at 1:17 AM, Robert J. Hansen wrote:
>> Morten Gulbrandsen wrote:
>>> Allen Schultz wrote:
>>>
Is there a way to force an expiration date when encrypting a message
for additional security.
>>
>> [...]
>>
>>>
>>> sure
>>>
>>> http://vanish.cs.washington.edu/
>
> There
On Jan 4, 2010, at 10:02 AM, Stringer, Robert wrote:
> Hi
>
> We just downloaded the latest version of GNuPg, version 1.4.10.
>
> Questions:
>
> Can we reuse the same keys to encrypt the data?
Impossible to say without knowing how you are using GPG. I can say "almost
certainly", though.
No terrible shock - we knew this was coming, but still, how
wonderfully neat, and a new factoring record, too.
http://eprint.iacr.org/2010/006
Note that 1024-bit RSA has not yet been factored, but if you haven't
phased it out yet, it's really time to get started. It's supposed to
be compl
On Jan 10, 2010, at 10:24 PM, RobertHoltzman wrote:
On Sun, Jan 10, 2010 at 02:24:22PM -0600, Mario Castel�n Castro
wrote:
Is not neseesary to comprehend cryptography to use it. In fact, the
pknowledge of the use of one thing and the knowledge to use it are
independient. I.e: don't know how
On Jan 10, 2010, at 11:01 PM, Mario Castelán Castro wrote:
The only crypto they use is the crypto that is invisible to them
(usually https, which is pretty invisible).
HTTPS is not invisible, is transparent with most browers. Invisible
is as example, the logs that your ISP, mine or google (li
On Jan 18, 2010, at 1:35 PM, Daniel Kahn Gillmor wrote:
> so basically, what i'm saying is that the speedup is that you get to
> throw away (2^16-1) of every 2^16 possible passphrases, but you still
> need to do a signficant amount of work to figure out if you can throw
> them away.
Exactly. The
On Jan 22, 2010, at 12:43 AM, Kalyana_SBS wrote:
Hi,
We are trying to install gnupg on Sun Solaris Box.
We are trying to figure out which version of C compiler is most
suitable for compiling the source code on Solaris box.
The OS version is as follows:-
SunOS 5.10 sun4v sparc SUNW,SPARC-E
On Jan 21, 2010, at 6:03 AM, Mohan Radhakrishnan wrote:
Hi,
Question 1 :
Is there any way to store a password in a keyring ? I
don't have a database for this. I was just thinking that I can hash
a password and use a keyring to store it to avoid the need for a
database.
Not wi
On Jan 17, 2010, at 12:23 PM, Sean Rima wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hi
>
> A friend on the pgpnet mailing list is using a hushmail.com gpg key but
> when I import it, I get:
>
> C:\Users\Sean Rima>gpg --import < test.txt
> gpg: key C4E23A82: accepted non self-si
On Feb 16, 2010, at 2:29 PM, Stefan Xenon wrote:
> Hi!
> When using "gpg --card-edit" and "fetch" gnupg tries to download the
> public key from a key server. Instead, is it possible to fetch the
> public key from an OpenPGP Card v2.0 directly? If so, how to do this?
> Otherwise do I need to keep a
On Feb 19, 2010, at 9:53 PM, Zy Zylek wrote:
> I'm looking for a way to include a group of people in gpg file
> encryption/decryption (not email-based, just gpg encrypted files) without
> having to incorporate individual names, yet also such that more people can be
> added to the group in the f
On Feb 17, 2010, at 12:46 PM, Laurent Bigonville wrote:
> Hi,
>
> I've have a OpenGPG smartcard version 2.0 and I would generate digests
> stronger than SHA1.
>
> I've added "personal-digest-preferences SHA256" to my gpg.conf file,
> but when I sign a message the headers still uses SHA1. If I fo
On Feb 24, 2010, at 9:46 PM, Smith, Cathy wrote:
> Folks
>
> We are starting to migrate from OpenPGP to GnuPG. One of the batch jobs I
> have to convert uses:
> pgp +force
>
> This is supposed to assume a "yes" to any interactive questions. I wasn't
> clear after reading the man pages
On Feb 25, 2010, at 5:17 PM, Smith, Cathy wrote:
> Folks
>
> Another question about this migration. Is it possible to do a mass import of
> a single user's keyring or do I have to do it for each individual key. I've
> not been able to find anything so far about anything that addresses this.
On Feb 26, 2010, at 11:24 AM, Robert J. Hansen wrote:
> On 2/26/10 9:49 AM, MFPA wrote:
>> I thought signing somebody's key was just stating to the world that
>> you believe the claimed identity of the person who controls that key
>> at the time you are signing it - not an indication that you are
On Feb 26, 2010, at 1:30 PM, Grant Olson wrote:
> On 2/26/2010 12:38 PM, MFPA wrote:
>>
>> I am *not* advocating the implementation of any form of
>> Digital Restrictions Malware (DRM).
>>
>> Uploading a somebody else's key without first checking it is OK by
>> them is a breach of their privacy
On Feb 26, 2010, at 3:37 PM, Grant Olson wrote:
>
>>
>> Alas, while GnuPG supports the flag, no keyserver does.
>>
>> David
>>
>
> Just curious... Does support just mean it sets the bit? Or will it turn
> an attempt to --send-keys on that key into a no-op?
Support means it gives the user th
On Feb 26, 2010, at 1:34 PM, Martin Bretschneider wrote:
> Hi,
>
> I want to recreate my GnuPG keys. My question is if I can omit the email
> address? Since I do not want my email addresses to appear on the
> keyservers because of spammers and so on. I only want to put my name and
> maybe my t
On Feb 26, 2010, at 4:10 PM, MFPA wrote:
>>> Just curious... Does support just mean it sets the
>>> bit? Or will it turn an attempt to --send-keys on
>>> that key into a no-op?
>
>> Support means it gives the user the ability to set and
>> clear the bit (it is set by default).
>
> Would there n
On Feb 26, 2010, at 4:03 PM, MFPA wrote:
> Not including your name or your email address in the UID offers
> protection against the accidental upload scenario. But somebody could
> still generate a key with a UID suggesting nefarious activities, sign
> your key with it, and upload it. Or their UID
On Feb 26, 2010, at 7:30 PM, MFPA wrote:
> On Friday 26 February 2010 at 10:12:29 PM, you wrote:
>
>
>> The nefarious UID signature is not uncommon. There are many
>> "presid...@whitehouse.gov" keys (and other famous figures) that have
>> signed well-known keys. It's just easily-ignored noise,
201 - 300 of 1718 matches
Mail list logo
