Dear list,
I am using gpgsm in a script for its ability to efficiently process CMS
format messages larger than available memory. However after a recent
script change, it now fails every time on previously accepted data with
error messages that are essentialy gpg implementation internals
gobbledy
Hi,
On 2023-12-14 19:43, Werner Koch wrote:
On Thu, 14 Dec 2023 16:19, Jakob Bohm said:
zcat ${infl} |
faketime "${DSTAMP}" gpgsm --verify --validation-model shell
--assume-binary --status-fd 3 --output - - 3>${wrkdir}/sigdec.status
|| :
gpgsm: ksba_cms_parse failed: Broken pi
On 2024-02-03 17:31, Bruce Walzer wrote:
On Sat, Feb 03, 2024 at 11:35:20PM +0900, witchy via Gnupg-users wrote:
[...]
I noticed that the npth signature data has expired.
Why is anyone signing software with expiring keys anyway? I have
ranted against the practice of PGP key expiry in general[1]
On 2024-02-13 14:32, Matthias Apitz wrote:
El día martes, febrero 13, 2024 a las 11:04:31a. m. +0100, Werner Koch via
Gnupg-users escribió:
On Fri, 9 Feb 2024 15:36, Matthias Apitz said:
So, can I buy this card here in Europe or even in Germany?
floss-shop.de
I've contacted floss-shop.de.
On 2024-02-15 18:42, Juergen BRUCKNER via Gnupg-users wrote:
Hello Matthias,
Am 13.02.24 um 17:32 schrieb Matthias Apitz:
We need here 'Microm SIM'. And I talked to the owner of floss-shop. They
do not offer a way to pop out Micro SIM.
I don't know exactly how the situation about this is in G
On 2024-02-17 12:37, Juergen BRUCKNER via Gnupg-users wrote:
Hello Jacob,
Am 17.02.24 um 12:04 schrieb Jakob Bohm via Gnupg-users:
[...]
I don't know exactly how the situation about this is in Germany. But
here in Austria many mobile phone shops have a SIM card punch with
which you can
On 2024-03-19 00:01, Bee via Gnupg-users wrote:
However if you known the passphrase, you can pass it to gpg directly using
--passphrase-file and --pinentry-mode=loopback.
I figured, but am trying to avoid having the passphrase land on disk at all.
Due to the way a pipe works there is not much
On 2024-08-05 20:08, Björn Persson wrote:
Daniel Kahn Gillmor via Gnupg-users wrote:
On Mon 2024-07-29 15:47:09 -0400, Todd Zullinger via Gnupg-users wrote:
Using /usr/lib/rpm/redhat/gpgverify -- which is a small
shell script wrapper for gpgv -- avoids new dependencies and
produces quite readab
On 2024-08-06 13:28, andrewg wrote:
On 2024-08-06 10:32, Jakob Bohm via Gnupg-users wrote:
For issues such as the above, the proper script-friendly solution is to
enhance gpgv itself with command line options to specify the desired
trust requirements. For the multi-signer scenario above, an
On 2024-08-23 06:27, Ineiev via Gnupg-users wrote:
On Thu, Aug 22, 2024 at 02:01:15PM +0200, Björn Persson wrote:
Those who already have GPG and the release-signing keys can verify the
next version of GPG that way. To anyone who doesn't already have GPG,
HTTPS is the best integrity protection th
Dear GnuPG team,
According to the documentation for the version I have received from
Debian, scripts that wish to check for success failure of decryption
and/or signature validation done by invocation of gpg/gpgv/gpgsm, the
script is currently required to set up a "status-fd", then check the
On 2024-09-01 10:07, Henning Follmann wrote:
On Sep 1, 2024, at 02:18, Stuart Longland via Gnupg-users
wrote:
[Re-send with correct from: address… apologies to the moderators for the noise]
On 1/9/24 15:55, Marco Moock via Gnupg-users wrote:
Is there a limit for DNS records?
In theory, p
On 2024-09-02 09:00, Werner Koch via Gnupg-users wrote:
On Sat, 31 Aug 2024 18:29, T. S. said:
either because of the -BEGIN PGP SIGNED MESSAGE- strings, or because
the unknown attachments in MIME message.
Don't use those legacy inline PGP encryption. Use PGP/MIME, a 28 year
old standa
On 2024-09-13 16:42, Werner Koch wrote:
Hi!
GnuPG 2.5.1 has the option --assert-signer and 2.4.6 will have this
option as well:
--assert-signer fpr_or_file
This option checks whether at least one valid signature on a file
has been made with the specified key. The key is e
On 2024-09-13 13:39, Werner Koch via Gnupg-users wrote:
Hi!
On Thu, 12 Sep 2024 13:28, Alejandro Colomar said:
I have my ~/.gnupg keyring under git source control, which helps
creating and updating backups, and also having a history of the changes.
We actually moved to an SQL database to spee
On 10/29/2024 10:05 AM, Werner Koch via Gnupg-users wrote:
Hi!
you should really set aside problems wit the distribution and use the
speedo variant to build eberthing. This is somewhat similar to an
AppImage. From the README:
To quickly build all required software without installing it, th
Dear Nils,
Given the error message in the subject line above, the step to reproduce
may be to pass 32 instead of 64 to the openssl command that makes the
test certificate.
Otherwise, look for a command that can dump out the formatting details
of the (non-distributable) problematic pkcs12 fil
I wonder if removing the UID information from a key is enough to be forgotten
(vs the entire key).
(Disclaimer: I am *not* a lawyer)
I believe it should be enough to satisfy the right to be forgotten. According
to Article 4(1) of the GDPR, "‘personal data’ means any information relating to
an
On 4/9/2025 23:57:24, Stuart Longland via Gnupg-users wrote:
Hi all,
I recently bought a second hand Panasonic Toughpad FZ-G1 which is a
tablet form-factor PC. I've loaded it with Debian 12 using the KDE
Plasma desktop (using X11 for now) and have `xvkbd` set up as a
virtual keyboard.
It i
On 4/10/2025 20:50:44, Ingo Klöcker wrote:
On Donnerstag, 10. April 2025 14:09:56 Mitteleuropäische Sommerzeit Jakob Bohm
via Gnupg-users wrote:
I have not had opportunity to test our tools with pinentry-qt yet, but
thanks for the heads up about this misfeature.
Dear Mr. Bohm,
I'd appre
Dear Mr. Backmeyer,
First, notice that Mr. Schweikle explained that their issue is being forced
to use 3rd party builds of GnuPG because 3rd party software suites use those
builds to /verify/ signatures, not make them.
Secondly, at least one of those suites (GIT) happens to also use their
privat
On 5/19/2025 18:08:07, Jay Acuna via Gnupg-users wrote:
On Sun, May 18, 2025 at 6:58 AM Richard Stoughton wrote:
To "sign" the hash on M, it would be necessary to inject a one-time
secret (e.g. a OpenPGP private key
This would seem to invalidate H's purpose for existing. At that point
may as
On 5/21/2025 17:09:21, Jay Acuna wrote:
On Wed, May 21, 2025 at 9:00 AM Jakob Bohm via Gnupg-users
wrote:
Please stop suggesting less secure solutions to those who have already set
up high security compartmentalized systems. It makes you look malicious .
These are not less secure solutions
On 5/13/2025 10:09:13, Francesco Ariis wrote:
Hello Atod,
Il 13 maggio 2025 alle 03:01 Atod Bora via Gnupg-users ha scritto:
What are the best practices and/or pros/cons of including your email
address on the key server? For instance now, I have not included my
email address, yet it is in the
On 6/1/2025 16:54:19, Richard Stoughton via Gnupg-users wrote:
On Tue, May 20, 2025 at 10:09 AM Werner Koch wrote:
On Mon, 19 May 2025 15:40, Richard Stoughton said:
creates the final signatures. This could be done in a much more
efficient way if GnuPG would be able to create signatures with h
On 6/6/2025 14:32:41, Werner Koch via Gnupg-users wrote:
On Thu, 5 Jun 2025 21:14, aslamK said:
However, if 'log-file' is set in gpg.conf, then the following does not
override it; the output is written to the log-file but not to stderr:
gpg --logger-fd 2 --verify file_to_verify.sig
I
26 matches
Mail list logo
