Hello,
there is a discussion ongoing regarding future of pgp/gpg encryption.
German ct magazine has postulated in their last edition that our pgp
handling seems to be too difficult for mass usage, keyserver infrastructure
seems to be vulnerable for faked keys, published mail addresses are
collect
Thx.
Maybe implementation with an opt-in could preserve publishing of faked keys on
public keyservers?
So if new key is uploaded an email with verification link is sent from
keyserver to issuer.
If embedded link is verified by issuer in 10 Minutes => uploaded public key is
published
If embedd
Hello,
> On Behalf Of Patrick Brunschwig
> Sent: Sunday, March 01, 2015 3:42 PM
> The idea I have in mind is roughly as follows: if you upload a key to
> a keyserver, the keyserver would send an encrypted email to every UID
> in the key. Each encrypted mail contains a unique link to confirm the
>
). gnupgpacker (testkey)
Target:
pub 4096R/ erzeugt: 2014-12-09 verfällt: 2016-11-11 Aufruf: C
Vertrauen: unbekannt Gültigkeit: unbekannt
sub 4096R/F0E6644F erzeugt: 2014-12-09 verfällt: 2016-11-11 Aufruf: A
sub 2048D/4A692C49 erzeugt: 2014-12-09 verfällt: 2016
Hello,
if encrypting big files (500 Mb...) with gpg-1.x, only one core of Intels
multicore processors is used. Is there an enhancement for using more than
one core while de-/encrypting files?
Thanks + regards, Chris
___
Gnupg-users mailing list
Gnupg-u
Hi,
there is a German government service that signs PGP keys??
What's the way to get it signed? Which institution?
Thanks, Chris
> -Original Message-
> From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of
> gnupg-users-requ...@gnupg.org
> Sent: Sunday, November 15, 2015
Hello,
I did install Gpg4win-3.0 beta (with gpg 2.1.10 included). All older pub/sec
keys are imported with Kleopatra, gpg encryption / decryption is working.
But if using GPGrelay 0.9.6, while starting it displays attached error
message. There seems to be a different key storing location or key fo
Thanks for answer. It seems GPGrelay is not longer maintained by its
developers but is still working with a charme if gpg.exe 1.4x is used.
So, how to work around and supply keys to GPGrelay even if using gpg version
2 and up?
Regards, Chris
http://sites.inka.de/tesla/gpgrelay.html
http://is.g
Thanks for hint, that would be a distress way.
But it seems to be limited to v1.4x supported keys only.
What will happen, if v1.4x tries to import gpg-2.x keys with elevated
features?
Regards, Chris
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
Thanks for hint!
> From: Peter Lebbing [mailto:pe...@digitalbrains.com]
> Install GnuPG 1.4 alongside 2.1 and manually sync all keys from GnuPG
> 2.1 to 1.4, with for instance:
> $ gpg2 --export | gpg --import
I did get it running even on Windows:
gpg2\gpg2.exe --export --output C:\temp\exported.
Wowh, what a comprehensive answer... :)
THANKS!
> Furthermore, pipes do generally work on Windows.
> Wouldn't this work?
> gpg2\gpg2.exe --export | gpg14\gpg.exe --import
Similar pipes are working in Windows.
> gpg2\gpg2.exe --export-ownertrust >C:\temp\exported.trust
> gpg2\gpg2.exe --output
Hello,
> Matthias:
> Maybe it will become a bit more complicated if it is necessary to
> keep the keyrings syncronized in both directions. This will happen at
> least if you let GPGRelay "Learn aliases from POP3"
Switch off! ;)
Serious answer:
Latest known version of GPGrelay ist 0.962, e
Hello,
did try it too:
Thomas' attempt gave me with Gpg-1.4.18:
gpg: verwende Vertrauensmodell PGP
[GNUPG:] GET_LINE keyedit.prompt
[GNUPG:] GOT_IT
[GNUPG:] USERID_HINT 5D4F1C79E62651B3 testpassw tester (44)
[GNUPG:] NEED_PASSPHRASE 5D4F1C79E62651B3 5D4F1C79E62651B3 1 0
[GNUPG:] BAD_PASSPHRASE 5
Kristian,
I am a little bit confused about your key design ;)
Main key has options SC.
There is an active newer signing key S, so this will be always used for
signing?
And there are two active encryption keys E:
GPG uses in my opinion only the key generated latest, isn't it?
So how to desire whi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hello,
signing with two keys in one block can be done. But also, if unequal technology
used (e.g. RSA+edDSA)?
Verifying of MFPA's signature with Gpg-1.4.18 gave me:
gpg: Unterschrift vom 06.12.2014 16:56:22 mittels RSA-Schlüssel ID B31F25F0
gpg:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hello,
by the way:
Pls refer to OP:
http://lists.gnupg.org/pipermail/gnupg-users/2014-December/051872.html
Why break quotation marks "1AF778E4" and "good" or "bad" in OP signature
verification while answering?
Some charset settings needed?
Thx +
Hi Hugo,
I did make some test with your last post:
Outlook-incoming as Content-Transfer-Encoding: base64 Content-Type: text/plain;
charset="utf-8"; Format="flowed"
If signing “something” (your choice) and resending, signature is broken.
If signing „something“ and resending, signature is broken.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Hugo,
yes, I am sorry: it seems to be like this assumption, but only if you are
using other quotation marks than standard "something".
Regards, Chris
> -Original Message-
> From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Beh
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hello,
is there is a need keeping old key id, you can generate new subkeys for A/S/E,
keeping the old 2048bit certification key C only for offline signing.
Keystructure:
Mainkey with old ID 2048bit
- - Subkey A 8096bit
- - Subkey S 8096bit (beware
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
@Dhiraj:
Encrypting:
You encrypt a message with recipient's public key, no password is required.
(Password is only known by recipient.)
Signing:
You sign a message with your own private key, you must admit your private
key's password.
Regards, Chr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hello,
did anyone get a response from encrypt.to?
Btw and sorry for this question:
Seems https://encrypt.to to be a reliable service regarding data security?
Transmission of newly created messages are transferred from browser window
to encrypt.to-se
Hello,
if importing a public gpg rsa key to current Thunderbird/Enigmail/Gpg4Win on
Win7-64, there is an issue with German Umlaute, pls refer to attached
screenshot.
Exported key has been created by GPG-1.4.18/Win7-64, importing Enigmail
works with GPG4Win (GPG-2.0.26)/Win7-64.
Everything (signin
Hello,
is there any possibility to extend key's validity of *all* keys in a keyset
in *one* step?
So 2017-12-31 should be changed to 2019-12-31 for all subkeys...
Otherwise it would be necessary to choose every subkey with key 1, key 2 and
so on, than 'expire', than passphrase...
--example--
Gehe
Sorry, it doesn't work for GPG v1.4.22...
Key set is called, then
gpg> key * => Changing date with 'expire' is not working for all (sub)keys.
gpg> key 1 => working
Any additional hint?
Thx + regards, Chris
>> is there any possibility to extend key's validity of *all* keys in a
>> keyset
>> in
Hello Juergen,
thanks for kind explanation about MailDroid :)
Does MailDroid support several different mail accounts using GPG and/or
S/Mime?
I am using K9-Mail in conjunction with CipherMail for S/Mime, but CiperMail
only supports *one* S/Mime account...
Thx and regards!
> -
Hello,
there occurs an issue while exporting/ importing keypair from
Windows-7/GPG-1.423 to Android-8.1/R2mail2.
Private/public key contains one main key and three subkeys, all valid til
31.12.2019:
pub xDDDC C
sub x5B9E A
sub x493D S
sub x2BE6 E
But if exporting and importing whole key, subkey
Hello,
and thanks for reply!
> the "classic" version of GnuPG (the 1.4.x series) not only does not
> ...
> If you upgrade to the modern version of GnuPG on your windows machine,
> and then try to re-import, i think you'll find the merge issue resolved.
GnuPG 1.4.23 is part of GnuPG-Pack with old
Hello,
importing to R2mail2 is working *without* changing expiration dates, if key
is exported from GnuPG-2.1.11...
"Converting-way":
Export GnuPG-1.4.23(GPGkeys/Win7) > Import GnuPG-2.1.11(Win7) > Export
GnuPG-2.1.11(Win7) > Import R2mail2(Android-8.1) > works faultless
>> Exporting (older) RSA
Hello,
> well, you said that they imported correctly into other programs, right?
> so maybe the issue is at the intersection of r2mail2 and classic GnuPG.
Yes, same opinion...
> This sounds like a bug in gnupgpack, but i don't see a good way
> to report bugs at the URL above.
In "Impressum" a
Hello,
> MFPA
> I see https://www.gpg4win.org/links.htm has a link to gpgrelay.
> Some of the links on that page are marked "outdated", but
> not this one.
Indeed, but better link:
https://www.gpg4win.org/links.html
;) Regards!
___
Gnupg-users mail
> -Original Message-
> I think you should add "--sender email at address" option so that your
> signatures have information for WKD auto-key-retrieve method (and also
> for TOFU statistics).
>
> It is probably mail user agent's job to add "--sender" but maybe it is
> also fine to have that
Hello,
possibly there is a bug present if manipulating a GnuPG key with subkeys
attached!?
Example:
We want to expire validity of primary key and all subkeys.
C:>gpg --edit-key 7BF4
gpg> expire
This command modifies the date for primary key only, subkeys are NOT
affected.
BUT:
C:>gpg --edit
Hello,
are there recommendations or samples for common gpg.conf file out there for
secure and convenient use with v2.x *and* v1.4?
On my system GPG-2.x (Gpg4win) and GPG-1.4x (GpgRelay) are both used, so
compatibility is eligible.
Thx + regards, Chris
So a trustful CA issueing free S/Mime certificates > 3 month and acceptance
in major browsers / mail tools is wanted.
Why doesn't Let's Encrypt offer this service?
https://letsencrypt.org/
Why isn't CAcert after years of participation listed as trusted CA in root
stores?
http://www.cacert.org/
Claws Mail is an useful alternative, but please keep aware it does not
support html mail, text only!
https://www.claws-mail.org/manual/de/claws-mail-manual.html#AEN955
Best regards, Chris
> Date: Sat, 21 Nov 2020 19:02:33 +0100
> From: Werner Koch
> To: Daniel Bossert via Gnupg-users
> Subjec
Thanks Werner.
After further investigation about html mailing with Claws Mail:
'Dillo HTML viewer' project has been updated Jun-2015, not available for
Windows.
'litehtml' is available for Windows, but latest update is Oct-2015.
In our environment ~ 70% of contacts are using M$ Outlook and its
s
Hello,
my attempt to verify all keys with GnuPG-2.2.25 shows this response:
$ gpg --refresh-keys
gpg: 59 Schlüssel werden per hkps://hkps.pool.sks-keyservers.net aktualisiert
gpg: ...
gpg: signature packet: hashed data too long
gpg: read_block: read error: Ungültiges Paket
gpg: Anzahl insgesamt be
Hello,
the --verbose options gave me some more unusual information:
gpg: Schlüssel 22EEE0488086...F: Ungültige Eigenbeglaubigung für User-ID "[jpeg
image of size 7915]"
gpg: Schlüssel 22EEE0488086...F/CE7911B7FC04...F: Ungültige
Unterschlüssel-Anbindung
gpg: key 41E7044E1DBA...9: number of dropp
Hello,
a key contains an old, expired verification.
If searching this key by WKD, it shows:
$ gpg --locate-key x...@xyxy.de
pub rsa2048 2013-10-21 [SCEA] [verfallen: 2019-03-26]
6EB139DA63B4D15xyxyB970F435Fxy3FB0Dxyxy
uid[ verfallen ] Pre Name
Valid keys included are not shown.
Hello
and thanks for this hints.
If using:
$ gpg -v --auto-key-locate clear,wkd,nodefault --locate-key xy at xyxy.de
gpg: verwende Vertrauensmodell pgp
gpg: pub rsa4096/F507E7850xxC 2015-01-05 Vorname Name
gpg: Schlüssel F507E785xxC: "Vorname Name " nicht geändert
gpg: pub rsa2048/435F
Hello
and thanks for this hints.
If using:
$ gpg -v --auto-key-locate clear,wkd,nodefault --locate-key xy at xyxy.de
gpg: verwende Vertrauensmodell pgp
gpg: pub rsa4096/F507E7850xxC 2015-01-05 Vorname Name
gpg: Schlüssel F507E785xxC: "Vorname Name " nicht geändert
gpg: pub rsa2048/435F
41 matches
Mail list logo
