Hello,
Does GnuPG provide a mechanism to decrypt an encrypted-and-signed
message in such a way that preserves the original signature, such that
the original signature can be independently verified by an arbitrary
third-party?
Thanks,
Mark
f necessary, but to
save myself precious time and energy, I'm asking if GnuPG already
provides a mechanism to do this. More generally, does there exist free
software to do this?
Thanks,
Mark
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Tony Lane wrote:
> On 11/3/19 1:55 AM, Mark H Weaver wrote:
>> I'm asking if there's a way to decrypt the message while preserving the
>> existing signed message. Of course, this requires the private
>> decryption key, but it should *not* require the private signin
I said. So what I'm asking for can certainly be done.
Mark
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
The signature is on SIGNEDFILE which gpgv
>> outputs for you.
[...]
> [1] https://lists.gnupg.org/pipermail/gnupg-users/2019-August/062619.html
Thanks very much Peter, this is what I was looking for. I'm grateful.
Regards,
Mark
__
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
That reminds me: would someone please point me to a thorough discussion
of why I should be able to trust a smartcard, given that an untrusted
computer has complete control of the channel between me and my card.
- --
Mark H. Wood, Lead System
nderstand
the distinction and are enjoying a false sense of security.
- --
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Open-source executable: $0.00. Source: $0.00 Control: priceless!
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.0 (GNU/Linux)
Comme
lem, but then again it's no different than the
> status quo in that respect ("Alex Mauer" != "Aleks Mauer")
It's worse than that. I don't know of anybody who spells his name
"Aleks", but both "Yuri" and "Yuriy" are in use, not to
' SET PASSWORD/GENERATE command
supposedly uses this method and has been in the field for many years.
If you need a really long secret you could always make up a "sentence" of
shorter FIPS-181 "words". It might be easier to remember than one long
string.
- --
Mark H. Wood
nkage from the key to the directory object? (I'd be very
much surprised if there isn't an attribute ID allocated for PGP keys
already, which can effectively provide the reverse "link".)
- --
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Open-source executable:
le is supposed to shrink when substantial
numbers of keys are removed, but it never did.
- --
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Open-source executable: $0.00. Source: $0.00 Control: priceless!
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)
Co
d let clever people figure out new combinations of
data as they have need. Then they can just join records across the
services holding what they need for a custom view of the available data
which accomplishes their purposes.
- --
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Open-sour
would be stored in your personal home dir, if you have
installed XP on a NTFS partition(i.e.: permissions are enabled)
Assuming they spent the extra $100 for XP Professional rather than the XP
Toy^wHome edition that comes with most PCs (which has only the
protection-free VFAT).
- --
Mark H. Wood
Crossed spears on a recatngular field of 1s and 0s?
--
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Typically when a software vendor says that a product is "intuitive" he
means the exact opposite.
pgpSousBlFRoo.pgp
Description: PGP
inuing the grand tradition of
implementing MIME poorly where they bother to do so at all. I suspect
that the sign/encrypt community's role here will be limited to
repeating, "if you would follow the specifications then it would Just
Work" until the clue is accepted.
--
Mark H. Woo
or the product's reputation?" A moderate one (1-2 years)
seems like a reasonable answer, since it provides some protection to
the user who has no policy or omits to apply it, but isn't
tremendously burdensome. Still, some thought and discussion would be
good. Is there any science to supp
to choose to run is not at all
the same as breaking into the logic of a device controller to plant
autonomous malware. What evidence do we have that USB controllers are
reprogrammable once they leave the factory?
--
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Typically when a softwar
forms were designed for
a system that has very different ways of processing information, and
very different strengths and weaknesses.
--
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Typically when a software vendor says that a product is "intuitive" he
means the exact opposite.
, and
recopied as needed.
--
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Typically when a software vendor says that a product is "intuitive" he
means the exact opposite.
pgpiGsaaQzQUK.pgp
Description: PGP signature
___
Gnupg-use
, and I have no idea what would be involved in
adding such a feature -- but I was hoping for a command-line switch for
`anonymous' mode (and I take it that when deciphering in `anonymous'
mode, one would have to specify the desired algorithm). Woul
message.
A properly written rule shouldn't care that there is signed content
inside an unsigned message.
--
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Typically when a software vendor says that a product is "intuitive" he
means the
personally met. I require a meager amount of secrecy and a good deal
of ease-of-use. This is just about the opposite of the requirements
of a guerilla, who risks lives and The Cause on communicating
sparingly with a very few well-known partners who already know most of
the message.
--
Mar
ill apply the
IDEA patch but not enable IDEA. But I'm nothing like a portage
expert, so don't give my analysis of ebuilds too much weight.
--
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Typically when a software vendor says that a product is "intuitive" he
means
rld about your associate as an individual, and
what you are willing to say about his persona as a representative of
his employers, may be two different things. For one thing, the
handling of his "company" UID may be dictated by policy beyond his
control and not altogether in his hands
So, GnuPG 1.4 implements OpenPGP. GnuPG 2.0 implements OpenPGP and
S/MIME.
So 2.0 is "better" than 1.4 if you need S/MIME, otherwise not.
So, perhaps 1.4 should be GnuPG and 2.0 should be GnuPG-Plus.
(Please, no "++"!)
--
Mark H. Wood, Lead System Programmer [EMAIL PROTE
ngers all over the globe. Generalizing, your business role ID might
need more information than your personal role ID, and details would be
different and different in nature when acting for your employer
vs. for your church or civic organization.
--
Mark H. Wood, Lead System Programmer [EMAI
identities -- for example, (4/2) = 2.
A name or a key may *label* a particular identity. So your question
perhaps should be: which set of labels do you want to use?
This is why I keep banging on about what a binding *means*, or what
you want to prove.
--
Mark H. Wood, Lead System Programmer [E
I can't be more specific about it.)
--
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Typically when a software vendor says that a product is "intuitive" he
means the exact opposite.
pgpRX7zx8rnj7.pgp
Description: PGP signature
__
ever yet heard of anyone who *did* that, mind you, so in
practice the system seems to work as you say. But I don't see why it
has to.
--
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Typically when a software vendor says that a product is "intuitive" he
means t
> End User.
Which evaluation is what Certification Practice Statements are for.
The CA's CPS should be one of the inputs to the audit.
This stuff all works. It just works differently.
--
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Typically when a software vendor says tha
tisfied
that they produce something better than I would without mechanical
aid.
--
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Typically when a software vendor says that a product is "intuitive" he
means the exact opposite.
pgpxDNUoZ
ng
like either 13-Aug-2008 or 20080813T093730 even if it does make people
stop and think.
--
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Typically when a software vendor says that a product is "intuitive" he
means the exact opposite.
pgpYt
gment's Curie
Point. In a sealed box, no less. I have no idea what will happen,
but maybe you should before trying the experiment.
--
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Typically when a software vendor says that a product is "intuitive" he
means the exact o
had the coating polished off with a
wire-wheel chucked into a portable drill? Dust is usually fairly
random.
Or how about supposedly happened to the Purple cipher machine just
before Pearl was hit: hammered to bits, dissolved in acid, poured in the
flower beds.
--
Mark H. Wood, Lead System Progr
ne "preferred" cipher in common) will always do so
using one of the ciphers they are both willing to use. Is that good
enough?
There seems to be confusion over whether to treat cipher preferences
as lists or sets.
--
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Typicall
hen others send to me? apparently so. Somehow the
two cases (I send; I receive) should be disentangled.
--
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Typically when a software vendor says that a product is "intuitive" he
means the exact opposite.
the user by default. If a user
> > uses the --expert flag while --edit-keying, then present it. Otherwise,
> > make an executive decision on a reasonable preference set and be done
> > with it.
>
> I've received this same, identical e-mail 8 different consecutive ti
On Tue, Sep 23, 2008 at 09:44:53AM -0400, David Shaw wrote:
> On Sep 22, 2008, at 10:17 AM, Mark H. Wood wrote:
>
>> On Mon, Sep 22, 2008 at 12:09:00AM -0400, David Shaw wrote:
>>> I'd be content with something that says "List algorithms in the order in
>&g
odes. So, although most readers probably understood
"glyph" in the way I believe it was meant, I think we should be using
some other word.
--
Mark H. Wood, pedantic nitwit [EMAIL PROTECTED]
Typically when a software vendor says that a product is "intuitive" he
means the e
etimes wondered about the phosgene link, and finally looked it
up. Its name has got nothing to do with phosphorus (which isn't used
in any of these chemicals), but to the use of light to power the
reaction in which it was first synthesized. So says Wikipedia, anyway.
--
Mark H. Wood, Lead Syste
ly,
or walk away. *Are* there any success stories more compelling than,
"no compromises that we know of so far"?
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Friends don't let friends publish revisable-form documents.
pgpnqgPIZ3JKM.pgp
Description: PGP signature
__
years, which is probably longer than you need. Much of it can be
automated, requiring your attention only briefly.
Or you can stash it all in an old shoebox, like the rest of us do. :-/
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Friends don't let friends publish revisable
#x27;t understand which ones *should* have special preservation, until
it's too late.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Mama don't take my Kodachrome away!
pgpF5FRmVobj4.pgp
Description: PGP signature
___
Gnupg-users maili
0x, process id 0x1068, application start time
0x01cdb760d48d32b0.
If I run gpg -help logged on as user_account it works fine... but if I use a
shell program (Autosys) to log on as the same user to execute the same command
it fails with the above message
Please help!!!
Cheers
Mark
Mark
I'm using TB 78.7 as well and I can read Werner's posts just fine. The
other issue is with the key. TB reports back that it has an uncertain
signature (mismatch).
On 1/29/2021 6:02 PM, Ángel wrote:
On 2021-01-29 at 18:41 +0100, Daniele Nicolodi wrote:
Hello,
this is only to report that Thunder
It "does and it doesn't" I have some that were created in Kleopatra and
then imported into Thunderbird 78. As for creating them, no You
don't get to choose any options when generating ECC keys.
On 3/19/2021 12:33 AM, Robert J. Hansen via Gnupg-users wrote:
The next default is ECC (ed25519+cv
It also has issues with signed messages and lists. For example you
signed this message but it says "uncertain digital signature". I don't
remember this being an issue in the older TB/Enigmail.
On 3/19/2021 10:42 AM, Werner Koch via Gnupg-users wrote:
On Fri, 19 Mar 2021 03:33, Robert J. Hansen
This will work too and doesn't care about the type 😁
https://youtu.be/wb3Xa1h_RqM
On 5/4/2021 9:47 AM, Robert J. Hansen via Gnupg-users wrote:
Modern harddisks don't allow that anymore. Should I assume that
"low-level format" in this case means something like
dd if=/dev/zero of=/dev/sdX
[put
I saw this in the key from Microsoft and was wondering how the was done.
Was it automated and done at the time of creation or ??
Thanks
-BEGIN PGP PUBLIC KEY BLOCK-
Comment: User-ID: Microsoft Security Notifications
Comment: Created: 10/26/2020 9:54 PM
Comment: Expires: 10/29/20
I used Edge and it's built in translator function to read it after I got
past the page asking regarding the cookies (which Privazer will remove
anyway)
On 11/17/2021 4:13 PM, Jonas Tobias Hopusch via Gnupg-users wrote:
Is there an English translation of this article somewhere?
No, I don't think
I just looked at what Kleopatra has it set for and it has it set for
hkp://keys.gnupg.net as well. I'm guessing that is no longer the best
choice?
On 6/9/2022 5:01 AM, Andrew Gallagher via Gnupg-users wrote:
On 09/06/2022 12:20, Jan Eden wrote:
I had configured hkp://keys.gnupg.net in gpg.conf
this patch? Ideally I'd like to have a production 'version' (1.4.x),
but if it is too soon for that I'd live with using the development
version (2.x). My distribution is and the latest release they have
is 1.4.5.
I'd appreciate any suggestions.
Regards
Mark
_
http://score.sacredpath4vitality.com
Mark Drew
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
http://deal.icmma.in
John
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
-didn't
convince me that mail was much secured. Postmen can be blackmailed, bribed,
or succumb to other methods of attack. What's stopping someone working in
the postal system from simply corruptly sending data to outside the EU?
Thanks,
Mark F
P. S. I have an idea about
>
> Date: Tue, 6 Oct 2020 12:34:43 +0200
> From: Stefan Claas
> To: Mark Fernandes ,
> gnupg-users@gnupg.org
> Subject: Re: Five volunteers needed (EU Are you sure that this is
> really advantageous?
> Message-ID: <20201006113425.7...@300ba
amounts of
memory, in order to be more secure: if your computer has been hacked, it
may try to do arbitrary code execution of data on the NFC, where someone
may have deceptively planted malware.
Kind regards,
Mark Fernandes
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Hi,
The default behaviour of the pinentry app (on macOS at least) is to have
the option "save password in Keychain" automatically selected.
I have to deselect this every time I use a specific GPG key where I don't
want the password saved in the macOS Keychain. Unfortunately it seems I
neglected t
; associated numbers - It is the fifth element in —with-key-data but I don’t
> recognize it.
>
> This default for pin entry is … frustrating.
>
> Regards,
>
> bex
> On Mar 16, 2021, 12:05 PM +0100, Mark McDonnell via Gnupg-users <
> gnupg-users@gnupg.org>, wrote:
>
I'm wondering if this
is possible?
I'm using gpg2 2.2.27 and python gpgme_version 1.16.0
Thank you,
Mark
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users
is almost absurdly simple:
1) Use PGP
2) Don't send secrets to people I don't trust to keep them.
Anyway, 99% of my PGP use is for the opposite of secrecy: I sign my
emails so that (if you care enough to install PGP) you can be highly
assured that they're from me.
--
Mark H.
l
certificates twice (once for Firefox, again for *everything else*.)
Maybe there will be an add-on, so that those who care can choose to
integrate Thunderbird into their systems rather than having it still
standing off to one side haughtily awaiting special treatment.
--
Mark H. Wood
Lead T
I do have a question, if you don't mind ...
> > >
> > > Why are the Students at the University don't use OpenPGP with Gmail
> > > via the free Mailvelope add-on for Firefox, Chrome? Wouldn't that be
> > > not cheaper instead of purchasing a whole l
the number of places that the bad guy must break into and get out of
undetected. This is the electronic analog of a principle in physical
security: require the bad guy to spend time, make noise, and create a
visible mess, to increase his fear of being discovered to the point
that the expectation
key
to the entity which will issue the certificate.
--
Mark H. Wood
Lead Technology Analyst
University Library
Indiana University - Purdue University Indianapolis
755 W. Michigan Street
Indianapolis, IN 46202
317-274-0749
www.ulib.iupui.edu
signature.asc
Des
On Wed, May 20, 2020 at 03:27:28PM -0700, Mark wrote:
> Did a bit more experimenting with it. You can have something only in
> the first name field but it has to be a minimum of 5 characters and the
> first one must be a letter. ..
*sigh*
https://www.kalzumeus.com/2010/06/17/f
nny," except an occasional comment that someone couldn't open
the "attachment" (meaning the PGP/MIME signature). Those stopped when
I got a corporate X.509 certificate and configured Mutt to use S/MIME
for internal mail.
Other console MUAs probably can do similar things when c
tly the qt one, gtk
> was preferred with gtk2 but the gtk3 one is horrible.)
The only thing I can think of to check is: have you selected
pinentry-qt5 using 'eselect'?
--
Mark H. Wood
Lead Technology Analyst
University Library
Indiana University - Purdue University Indianapolis
755 W
I didn't know where else to turn, for folks who might be able to point
me at standards for or discussion of embedding crypto signatures in
image formats, to detect tampering with the image.
--
Mark H. Wood
Lead Technology Analyst
University Library
Indiana University - Purdue Unive
On Thu, Sep 09, 2021 at 10:43:05AM +, Oli Kon via Gnupg-users wrote:
> On 2021-09-08 4:53 p.m., Mark H. Wood via Gnupg-users -
> gnupg-users@gnupg.org wrote:
> > I didn't know where else to turn, for folks who might be able to point
> > me at standards for or discuss
t;
> I guess that saves the day for some. I can almost hear the sigh of
> relief. ;)
:-)
https://en.wikipedia.org/wiki/The_Story_of_English if anyone finds
this interesting.
--
Mark H. Wood
Lead Technology Analyst
University Library
Indiana University - Purdue University Indianapolis
755 W.
list
> Gnupg-users@gnupg.org
> https://lists.gnupg.org/mailman/listinfo/gnupg-users
http://catb.org/~esr/faqs/smart-questions.html
--
Mark H. Wood
Lead Technology Analyst
University Library
Indiana University - Purdue University Indianapolis
755 W. Michigan Street
Indianapolis, IN 46202
317-2
301 - 372 of 372 matches
Mail list logo
