* Nicolai Josuttis wrote:
> For those who didn't have time to see it yet,
> there was an important talk at 31C3
> about the social and technical status and consequences of
> encryption by Jacob Applebaum and Laura Poitras.
> As a side effect it covers GnuPG significantly.
>
> So, please watch it
Hi,
for those interested, there's going to be again a keysigning party at
Linuxtag 2009 in Berlin (June 26th):
http://wiki.linuxtag.org/w/Keysigning_2009
Deadline for key submission is Sunday, June 21st, 23:59
(Sorry for the late announcement, last year's keysigning was
announced 6 weeks befo
* Kevin Hilton wrote:
> Maybe this question is much too premature
It is, in my book.
--
left blank, right bald
pgpfrBedlIQUG.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/g
* Jean-David Beyer wrote:
> Too bad I would lose all the signatures on it, but since it would
> be no good, there would be no sense in transferring the signatures
> to my new key, even if that were possible (and I hope it is not).
For obvious reasons it isn't possible indeed.
--
left blank, ri
Hi,
for those interested, there's going to be a keysigning party at
FrOSCon 2009 in Sankt Augustin on August 22nd, 12:30h:
http://ksp.froscon.org/
Deadline for key submission is Thursday, August 20th 2009.
More info about the conference is online at http://www.froscon.org/
--
left blank, righ
* "Robert J. Hansen" wrote:
> >(am not overly worried, still use IDEA when encrypting for diehard
> >pgp2.x e-mailers, and that has 5 of 8 rounds broken ;-) ))
>
> 6.
7 - raise? fold?
--
left blank, right bald
pgpFiYo0Yf06I.pgp
Description: PGP signature
* Mario Castelán Castro wrote:
> I need GNU PG 2 because i want to get out of the 1024 bits limit
> and SHA forced for DSA, i want my next key (2010-2012) to be more
> secure and accept some SHA2.
You don't need gpg2 for that.
--
left blank, right bald
pgpdWVrO5XZaK.pgp
Description: PGP sign
Hi,
I cannot create keys on my shiny new v2 smartcard. Personalizing the
card works just fine, as does changing PINs.
But when I want to generate new keys I always get this error message
(after gpg asked about how long the key shall be valid):
gpg: key generation failed: Card error
* markus reichelt wrote:
> gpg: key generation failed: Card error
> Key generation failed: Card error
>
> That's on a stock Slackware 13 system, gpg (GnuPG) 2.0.12,
> libgcrypt 1.4.4 with OMNIKEY CardMan 4040 v1.1.0gm5.
Okay, after much cursing omnikey I finally was success
* David Shaw wrote:
> If you mean the signature verification level, then it is visible in
> the --list-sigs output - 3 for "positive" verification, 2 for
> "casual" verification, and 1 for "persona" (aka didn't check)
> verification. If none of these numbers appear, it's a "generic"
> verificati
* "Ciprian Dorin, Craciun" wrote:
> Thank you for the quick reply. (This is the kind of answer I was
> hopping to get. :) ) It seems that `s2k-count` escaped me. :)
>
> Maybe there should be an entry in the FAQ about this topic.
Well, other projects make good use of that option, f.e. lo
Hi,
for those interested in keysigning there are two upcoming events:
PGP/GPG/CA Keysigning events on Sunday Feb 7th at FOSDEM in Brussels
http://fosdem.org/2010/keysigning
Deadline for key submission: Monday, Feb 1st 2010 (hurry up!)
PGP/GPG Keysigning event on Saturday March 13th at Chemnitz L
* Alexander Murauer wrote:
> is there any plan to get ecc in mainstream gnupg? most stuff i
> found about gnupg and ecc is outdated. does somebody know something
> about this?
search the archives of the devel mailinglist. ecdsa. don't expect any
real info, tho.
> i own a OpenPGP Smartcard v2.
* Mohan Radhakrishnan wrote:
> What is the experience of this forum with split keys and storage ?
Great success.
--
left blank, right bald
pgp8JRUD4AfZK.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.
* Faramir wrote:
> markus reichelt escribió:
> > * Mohan Radhakrishnan wrote:
> >
> >> What is the experience of this forum with split keys and storage
> >> ?
> >
> > Great success.
>
> By the way, I suppose the idea behind spli
* Joke de Buhr wrote:
> I'm not quiet sure but shouldn't gnupg encrypt to both (all
> not-revoked) encryption keys in this case? This way the user could
> decrypt the encrypted message (email) regardless what encryption
> keys secrets are available at the current location.
Nope. More to the poin
* Alex Mauer wrote:
> > Nope. More to the point, think about people having both private UID
> > and business UID on the same key - the way you describe it could mix
> > things up badly.
>
> How so? There's no connection between UIDs and keys
Exactly, and you are not getting my point.
--
Hi folks,
just a quick heads-up for those planning to visit Berlin within the
2nd week of June:
Linuxtag 2010, June 09-12,
http://www.linuxtag.org/2010/
Mini Debian Conference 2010, June 10-11,
http://wiki.debconf.org/wiki/Miniconf-LT-Berlin/2010
25th Chemspec Europe, June 09-10,
http://www.che
Aloha,
Oecher Keysigning Party III
Do 15.12.2011, 18:30 Uhr s.t.
Aachen, Elisenbrunnen (linker Flügel)
http://mareichelt.com/okp3/
pgpblGwdhal7M.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/
* adrelanos wrote:
> TrueCrypt.org says [1] they are signing "TrueCrypt Setup 7.1a.exe"
> [2] with a X.509 signature. How can I verify such a signature?
For Windows, they explicitly state how to do that.
> (On Debian Wheezy.) I tried:
> gpg2 --verify "TrueCrypt Setup 7.1a.exe"
>
> gpg: no va
* adrelanos wrote:
> How can I establish a pseudonym that no one can easily fake while
> remaining anonymous?
a) you can't
define 'easily' - these days nobody reads/checks anything anymore
(there's some XKCD about this issue)
b) you can try:
Meet with a high-profile person (of your realm/domain
* André Ockers wrote:
> But when I tried to do the some thing in Bash I ran into the following:
>
> $ gpg -a --output an...@ockers.eu.asc.revoke --gen-revoke an...@ockers.eu
>
> sec 4096R/F5FE3668 2014-07-31 André Ockers
>
> Which is the fingerprint of the old key.
>
> What happened and wha
* André Ockers wrote:
> Op 06-04-19 om 15:04 schreef Markus Reichelt:
> > gpg -a --output an...@ockers.eu.asc.revoke --gen-revoke 7CD3FBC8F6005ED5
>
> This leads to the following:
>
> gpg: secret key "7CD3FBC8F6005ED5" not found: eof
i'm using on slackware
* Wiktor Kwapisiewicz via Gnupg-users wrote:
> in a similar fashion to what --quick-* commands already do for other actions
> (e.g. --quick-add-uid).
--set-notation maybe?
HTH
--
left blank, right bald
___
Gnupg-users mailing list
Gnupg-users@gnup
It's all about where they look for new/updated keys. There's folks
out there who use a WKD setup, as you mentioned, then there's some
who use a standalone (isolated, non-peering) SKS keyserver, etc.
I do not think reverting the patch that causes issues for them is a
smart move in the long run. [.
* ilf wrote:
> Over the years, I have used quite a number of keypairs. Unfortunately, I
> have forgotten the passphrase for some of them. But I do know potential
> parts of the passphrase.
This is ancient, but may help you https://www.vanheusden.com/nasty/
--
left blank, right bald
_
* Thomas Jones <[EMAIL PROTECTED]> wrote:
> John W. Moore III wrote:
> >Running Knoppix from the CD I encrypted the Linux partition and
> >it's virtually invisible. (unless one knows my HD size)
> What do you mean by this statement? Are you referring to the
> /randomization of the partition by use
* Thomas Jones <[EMAIL PROTECTED]> wrote:
> >on a sidenote, using /dev/urandom is a bad idea. f.e. the standard
> >slackware install and other distros as well have the following code
> >(or something similar) in /etc/rc.d/rc.S:
> >
> The above statement, although worthwhile, is not well founded.
* Thomas Jones <[EMAIL PROTECTED]> wrote:
> The use of prng generated data to seed another prng function is
> utilized to compute data that is inherently random from the
> previous generation.
That is not my point, tho this might be the case. :)
If this generated data is used once, it's ok. If n
* [EMAIL PROTECTED] wrote:
> On Sat, Oct 22, 2005 at 07:31:54PM +0100, Neil Williams wrote:
> >
> > That is exactly my point, NOBODY should rely on ANY of that information to
> > identify a key. The only identifier for a key is the fingerprint. You MUST
> > verify the fingerprint with the perso
* Dirk Traulsen <[EMAIL PROTECTED]> wrote:
> I obviously think this to be a good thing to have, but I'm a little
> discouraged by the nearly total lack of interest of the list. I
> would really appreciate a discussion of the proposed feature and
> change of the man-page. Please write if you think
* Christoph Anton Mitterer <[EMAIL PROTECTED]> wrote:
> >No, we will however add some ECC support into Libgcrypt as time
> >permits.
> >
> What about using that uhm,.. libecc
> (http://libecc.sourceforge.net/)?
do you know of an application that uses this lib? it seems to be on
hold. mailinglist
* Christoph Anton Mitterer <[EMAIL PROTECTED]> wrote:
> >>What about using that uhm,.. libecc
> >>(http://libecc.sourceforge.net/)?
> >>
> >do you know of an application that uses this lib?
> No I don't but that shouldn't be a reason to forget about it,...
Now why is that? I didn't imply anyth
* Dirk Traulsen <[EMAIL PROTECTED]> wrote:
> So, fortunately in 1.4.3, there will be a 'clean', which does exactly
> what 'clean total' should have done.
Great news, I'm looking forward to it.
--
left blank, right bald
pgpmUqWFaKtPm.pgp
Description: PGP signature
* Christoph Anton Mitterer <[EMAIL PROTECTED]> wrote:
> >* Christoph Anton Mitterer <[EMAIL PROTECTED]> wrote:
> >>>do you know of an application that uses this lib?
> >>>
> >>No I don't but that shouldn't be a reason to forget about it,...
> >>
> >Now why is that? I didn't imply anythi
* Jean-David Beyer <[EMAIL PROTECTED]> wrote:
> markus reichelt wrote (in part):
>
> > Mainly, because I think that the guys with the small ... glasses
> > ;-) at NSA can break public key crypto quite easily,
>
> Could you give a basis for this assertion?
Well..
* "John W. Moore III" <[EMAIL PROTECTED]> wrote:
> Perhaps he believes TRANSLTR actually exists.
Perhaps he does not even know what TRANSLTR is, exactly. But he does
know about A.
--
left blank, right bald
pgp6Oio1k78rp.pgp
Description: PGP signature
__
* Jean-David Beyer <[EMAIL PROTECTED]> wrote:
> > I put the speculations aside and stick with the fact that the NSA
> > recommends ECC for government use. That's enough for _me_.
> >
> I guess it depends on how your paranoia works, and about whom you
> choose to be paranoid. Does the NSA recomme
* Johan Wevers <[EMAIL PROTECTED]> wrote:
> markus reichelt wrote:
>
> >I put the speculations aside and stick with the fact that the NSA
> >recommends ECC for government use. That's enough for _me_.
>
> What makes you think the NSA doesn't want to de
* Werner Koch <[EMAIL PROTECTED]> wrote:
> On Fri, 04 Nov 2005 19:32:07 +0100, markus reichelt said:
>
> > I put the speculations aside and stick with the fact that the NSA
> > recommends ECC for government use. That's enough for _me_.
>
> There is a rationale
* Johan Wevers <[EMAIL PROTECTED]> wrote:
> markus reichelt wrote:
>
> >> What makes you think the NSA doesn't want to decrypt US government
> >> traffic?
>
> > I don't care what the NSA wants.
>
> I meant to say that, as others also poin
* Thomas Widhalm <[EMAIL PROTECTED]> wrote:
> We are looking for cross- signatures with other CAs, too. So please
> contact us, if you want to change signatures.
Sorry for hijacking, but I guess the easiest way of obtaining those
soon is to attend the upcoming Linuxtage in Wiesbaden, Germany, sin
* "John W. Moore III" <[EMAIL PROTECTED]> wrote:
> Also, Post your Revoke Cert to Groups/List so that others may
> Import quickly!
first time that i stumble upon this kind of advice; it depends, i'd
say. if the majority of that list is in fact using digital signatures
and/or only encrypted messag
* Werner Koch <[EMAIL PROTECTED]> wrote:
> This is just a short note, that I will attend the LinuxTag and be
> available for key signing.
will you attend the key signing party too?
--
left blank, right bald
pgpWSS3IbSfnK.pgp
Description: PGP signature
_
po/de.po:msgstr "%d marignal-needed, %d complete-needed, %s
Trust-Modell\n"
I guess it should be "marginal-needed"
--
left blank, right bald
pgp4VMW60jAhI.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.
* [EMAIL PROTECTED] wrote:
> We are beginning the process to upgrade our gnuPG installation from
> 1.2.1 to 1.4.4. I have looked on the website, but have not found
> directions on how to do this upgrade. Can someone please provide
> me that information, or a link to the site containing that
> in
* Johan Wevers <[EMAIL PROTECTED]> wrote:
> David Shaw wrote:
>
> >There should be no special steps to take. Aside from the obvious
> >steps of making a backup and testing that your environment still
> >does what you want it to do, you can just install 1.4.3 on top of
> >1.2.1.
>
> The OP doesn
* [EMAIL PROTECTED] wrote:
> just thought it would be much quicker and more convenient if the
> same were possible from the command line ...
I agree.
--
left blank, right bald
pgpmx3dkiLv1V.pgp
Description: PGP signature
___
Gnupg-users mailing list
* [EMAIL PROTECTED] wrote:
> Does anyone know of a perl script or some other utility that could
> bruteforce the rest of it? I'd rather not have to revoke this key.
Have a look at http://www.vanheusden.com/nasty/
--
left blank, right bald
pgp0zxmmzKivj.pgp
Description: PGP signature
* Paul Surgeon <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED]: gpg bigfile.pgp
> gpg: fatal: zlib inflate problem: invalid block type
> secmem usage: 1920/3872 bytes
Have you tried redirection?
gpg < bigfile.pgp > bigfile
Using redirection is the correct way of handling large files
regarding b
* Laurent Jumet <[EMAIL PROTECTED]> wrote:
> > Many mail clients will assume that any GPG message is encrypted and
> > prompt for a passphrase prior to invoking GPG.
>
> Are you sure?
> Security wouldn't be compromised if passphrase is given to anything else
> then gpg?
F.e. mutt itself
* [EMAIL PROTECTED] wrote:
> If you want to have the same private key on several physical cards,
> your only option is off-card generation, with import of the key
> afterwards.
I'm not a smartcard user (somehow the concept hasn't been able to
convince me ... yet), but what you write really sounds
* markus reichelt <[EMAIL PROTECTED]> wrote:
> Essentially you're saying: no backup of a private key generated
> on/via a smartcard cannot be exported. Because if it could be
> exported, importing the key(s) in question just works.
Sorry, that was heat-induced and shall read
* Rizwan Khan <[EMAIL PROTECTED]> wrote:
> I need a C/C++ program that should be able to enable password on
> any readable text file, and when user try to open that file it
> should first ask for password and then will open that file. I will
> appreciate, if some one can give me this kind of progr
Hi,
this is just a reminder that there's a key signing party at FOSDEM
this year again. I am a bit late to post this note (due to carneval
season), submissions are already closed by now, but it's possible to
exchange key fingerprints according to the usual scheme (with me ;-)
FOSDEM takes place i
* Thomas Sowa <[EMAIL PROTECTED]> wrote:
> - i definitely can't find the passphrase
Have a look at http://vanheusden.com/nasty/
HTH
--
left blank, right bald
pgpvNLbhhsNSQ.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnup
Hi,
for those interested, there's going to be again a keysigning party at
Linuxtag 2008 in Berlin (May 30th):
http://wiki.linuxtag.net/w/Keysigning_2008
--
left blank, right bald
pgprFLK2anXpA.pgp
Description: PGP signature
___
Gnupg-users mailing
* Faramir <[EMAIL PROTECTED]> wrote:
> >So, here is the question: Can that public key cause problems,
> > if I associate another key with the same email account?
> I have good news (good for me at least): I checked the gpg
> installed in my USB flash memory, and I found the private key (or
Hi,
for those interested, there's going to be again a keysigning party at
FROSCON 2008 in Bonn-Rhein-Sieg (August 23rd):
http://ksp.froscon.org/
--
left blank, right bald
pgpvVe1LZ4gS3.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gn
* Chris Walters <[EMAIL PROTECTED]> wrote:
> I would sooner use 30 M hydrochloric acid than sulfuric acid
30M? I guess not. Industrial grade conc. hydrochloric acid is about
12M max
--
left blank, right bald
pgpSvlVNH7WX4.pgp
Description: PGP signature
__
* Faramir <[EMAIL PROTECTED]> wrote:
> Begin of "spoiler blank lines"
> [...]
> End of "spoiler blank lines"
niiice, I bet he didn't catch that one!
--
left blank, right bald
pgptXuX9KPvBR.pgp
Description: PGP signature
___
Gnupg-users mailing list
* Hideki Saito <[EMAIL PROTECTED]> wrote:
> I did look for one, but no...
you could give it your best shot :)
--
left blank, right bald
pgpwNozmNvuP2.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnup
Hi,
for those interested in keysigning there are two upcoming events:
PGP/GPG/CA Keysigning events on Sunday Feb 8th at FOSDEM in Brussels
The exact time is yet to be announced, more info (in English) at
http://fosdem.org/2009/keysigning
Deadline for key submission: Thursday Jan 29th, 8:00 PM CE
* "Robert J. Hansen" wrote:
> When Freon catches fire it decomposes into phosgene, a nerve gas,
> which makes it kind of hard to fight the fire. In the book, a fire
> ravages the datacenter and yet somehow people in it aren't dead
> from phosgene exposure.
Phosgene is not a nerve gas, it is "ju
* markus reichelt wrote:
> PGP/GPG/CA Keysigning events on Sunday Feb 8th at FOSDEM in
> Brussels The exact time is yet to be announced, more info (in
> English) at http://fosdem.org/2009/keysigning
>
> Deadline for key submission: Thursday Jan 29th, 8:00 PM CEST
This is just
* Sven Radde wrote:
> > Then they would need brute force against key AND password or they
> > know about weaknesses in algorithms which nobody else knows.
>
> Let me clarify this a bit:
>
> Whoever wants to break your key needs to do "only" one of the following:
> 1) Retrieve your public key
* don rhummy wrote:
> What does GPG have to recover my data if i forgot my password?
Your last chance is a tool like nasty, check it before you do
anything stupid in a rush @ http://www.vanheusden.com/nasty/
--
left blank, right bald
pgpVu3j3MHs5j.pgp
Description: PGP signature
_
* markus reichelt wrote:
> PGP/GPG Keysigning event on Saturday March 14th 18:00h at Chemnitz
> Linux Days in ... Chemnitz.
>
> Deadline for key submission: *Monday March 9th*
This is just a friendly (and last) reminder that you can still
participate, just honour the deadline. M
68 matches
Mail list logo
