Re: why cissp says this about PGP/GnuPG?
Philipp Gühring wrote: Hi, Be warned that the CISSP certification is not universally loved. Many people feel that it is of dubious quality. Are there any facts or reasons against CISSP? Are there any alternatives? Google security+certifications http://www.google.com/search?q=security+certifications The top page on my search was http://certification.about.com/od/securitycerts/a/seccertessentls.htm It's a good place to start. -- John P. Clizbe Inet: JPClizbe(a)comcast DOT nyet Golden Bear Networks PGP/GPG KeyID: 0x608D2A10 Be who you are and say what you feel because those who mind don't matter and those who matter don't mind. - Dr Seuss, Oh the Places You'll Go signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: What does key properties validity and trust 'None' mean???
Bo Berglund wrote: I have done this and it works. But that was not the gist of my problem, it deals with adding public keys from persons who just installed GnuPG and created new key pairs. I learned here now that we have to: - Import the key into WinPT (Trust and Validity is now None) - Sign the key (Validity is now Full) - Change ownertrust to Full (only possible for a signed key) We did not know about the two last steps and this is the reason for my post. You should *ONLY* set ownertrust to Full if you trust the key owner to fully verify the identity of keys he signs, or if you don't care. -- John P. Clizbe Inet: JPClizbe(a)comcast DOT nyet Golden Bear Networks PGP/GPG KeyID: 0x608D2A10 Be who you are and say what you feel because those who mind don't matter and those who matter don't mind. - Dr Seuss, Oh the Places You'll Go signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG (GPG) Problem
Bo Berglund wrote: On Sat, 19 Aug 2006 16:46:07 +0200, Ismael Valladolid Torres [EMAIL PROTECTED] wrote: John Clizbe escribe: Just copy the keyring files. I store my private keyring and a public keyring containing only my public key on a pendrive, then in your gpg.conf: keyring /path/to/pendrive/pubring.gpg secret-keyring /path/to/pendrive/secring.gpg You should also move the trustdb to the pendrive. First copy it then add the following line to gpg.conf: --trustdb-name /path/to/pendrive/trustdb.gpg I wonder about the gpg.conf file: Is it used at all in Windows? Yes. I looked at my own one at C:\Documents and Settings\username\Application Data\gnupg and found only commented out lines there. The word keyring appeared only twice and this was in descriptive text, not in a setting. The default in the registry is %APPDATA%\GnuPG. That expands to C:\Documents and Settings\username\Application Data\GnuPG. You should probably store gpg.conf on your pen drive and choose one of the methods below for overriding the default - that way, you are taking the complete environment with you on the pen drive. There are three ways of changing it. In increasing priority 1) Use Regedit.exe, navigate to the key HKCU\Software\Gnu\GnuPG and change the HomeDir value 2) set the environment variable GNUPGHOME 3) include --homedir /path/to/pendrive/ on the commnd line each time you invoke gpg This totally portable environment is the approach used by the GPG2GO project. See http://www.angelfire.com/mb2/mbgpg2go/tp.html That sounds like a template gpg.conf. I know one like that ships with the Cygwin implementation. You may wish to check out the page http://enigmail.mozdev.org/gpgconf.html It contains a sample gpg.conf for windows you may download to your PC: http://enigmail.mozdev.org/gpg.conf Its contents are: + default-recipient-self keyserver random.sks.keyserver.penguin.de default-cert-check-level 3 keyserver-options auto-key-retrieve include-revoked include-subkeys no-mangle-dos-filenames no-secmem-warning # If you installed idea.dll, uncomment the following line # load-extension Lib\idea + Here's mine + comment When cryptography is outlawed, b25seSBvdXRsYXdzIHdpbGwgdXNlIG comment Be part of the £33t ECHELON -- Use Strong Encryption. comment It's YOUR right - for the time being. # # SKS keyserver keyserver minsky.surfnet.nl # # The option lines are one line only. They tend to wrap. # keyserver-options auto-key-retrieve include-subkeys include-revoked repair-pks-subkey-bug import-clean-sigs import-clean-uids export-clean-sigs export-clean-uids # import-options import-local-sigs repair-pks-subkey-bug import-clean-sigs import-clean-uids # export-options include-local-sigs export-clean-sigs export-clean-uids allow-non-selfsigned-uid # # Not always needed, since self-builts have IDEA hardwired into the binary #load-extension Lib\idea # no-default-keyring keyring pubring.gpg primary-keyring pubring.gpg secret-keyring O:\GnuPG\secring.gpg # default-key 0x608D2A10 default-recipient-self encrypt-to 0x18BB373A # bzip2-compress-level 9 compress-level 9 # no-greeting no-secmem-warning armor no-mangle-dos-filenames no-auto-check-trustdb # done by cron/scheduled tasks expert enable-dsa2 + -- John P. Clizbe Inet: JPClizbe(a)comcast DOT nyet Golden Bear Networks PGP/GPG KeyID: 0x608D2A10 Be who you are and say what you feel because those who mind don't matter and those who matter don't mind. - Dr Seuss, Oh the Places You'll Go signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: What does key properties validity and trust 'None' mean???
Bo Berglund wrote: On Mon, 21 Aug 2006 10:38:35 +0200, Werner Koch [EMAIL PROTECTED] wrote: Hi! FWIW, there is a little script in the gpg-distribution: # lspgpot - script to extract the ownertrust values # from PGP keyrings and list them in GnuPG ownertrust format. I have not used it for a long time, but it might be helpful. Run it with PGP's pubring as argument. Probably good on Linux systems but I can't find anything in my GnuPG installation on WindowsXP-Pro. And I doubt scripts will run on Windows... (I installed using gpg4win-1.0.4) Feeling adventurous? Look into Cygwin for running those scripts. It's one of several POSIX compatibility layers. -- John P. Clizbe Inet: JPClizbe(a)comcast DOT nyet Golden Bear Networks PGP/GPG KeyID: 0x608D2A10 Be who you are and say what you feel because those who mind don't matter and those who matter don't mind. - Dr Seuss, Oh the Places You'll Go signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Decrypting Files Automatically
Hi, I am trying to decrypt a file automatically.I want to use it in a dts package. I am using following command: type passphrase | gpg --passphrase-fd 0 --decypt-file File Name in my case it looks like: type C:\SampleProjects\GnuPGDotNet\GnuPG\passphrase.txt | gpg --passphrase-fd 0 decrypt-files C:\DocLib\EncryptedFile\Clock1.swf.gpg I get one of the following errors: Reading passphrase from file descriptor 0 usage: gpg [options] [filename] OR Reading passphrase from file descriptor 0 gpg: encrypted with ELG-E key, ID ECEB4FC5 gpg: decryption failed: secret key not available I am using GPG version of 1.4.5 on windowsXP professional and default dirctory of secring is C:\Documents and Settings\bgadhia\Application Data\gnupg. And my public key is at C:\DocLib\PublicKey I am able to encrypt and decrypt using UI tools provieded by GPG and WinPT. Can anyone please help me. Thank you in advance. Bharat Gadhia -- View this message in context: http://www.nabble.com/Decrypting-Files-Automatically-tf2161885.html#a5974796 Sent from the GnuPG - User forum at Nabble.com. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Decrypting Files Automatically
Hi, I am trying to decrypt a file automatically.I want to use it in a dts package. I am using following command: type passphrase | gpg --passphrase-fd 0 --decypt-file File Name in my case it looks like: type C:\SampleProjects\GnuPGDotNet\GnuPG\passphrase.txt | gpg --passphrase-fd 0 decrypt-files C:\DocLib\EncryptedFile\Clock1.swf.gpg I get one of the following errors: Reading passphrase from file descriptor 0 usage: gpg [options] [filename] OR Reading passphrase from file descriptor 0 gpg: encrypted with ELG-E key, ID ECEB4FC5 gpg: decryption failed: secret key not available I am using GPG version of 1.4.5 on windowsXP professional and default dirctory of secring is C:\Documents and Settings\bgadhia\Application Data\gnupg. And my public key is at C:\DocLib\PublicKey I am able to encrypt and decrypt using UI tools provieded by GPG and WinPT. Can anyone please help me. Thank you in advance. Bharat Gadhia -- View this message in context: http://www.nabble.com/Decrypting-Files-Automatically-tf2161882.html#a5974781 Sent from the GnuPG - User forum at Nabble.com. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
sig!3 entry vs sig! entry on certain GnuPG keys from the PuTTY software site
The web site for the PuTTY software provides GnuPG keys to verify downloads of the PuTTY software. see http://www.chiark.greenend.org.uk/~sgtatham/putty/keys.html With these keys imported into the GnuPG public keyring, issuing gpg --check-sigs produced the following output (the user name has been redacted): C:/Documents and Settings/[redacted]/Application Data/gnupg\pubring.gpg - pub 1024R/1E34AC41 2000-12-20 uid PuTTY Master Key (RSA) [EMAIL PROTECTED] sig! 1E34AC41 2000-12-20 PuTTY Master Key (RSA) [EMAIL PROTECTED] rus.org sig! B41CAE29 2000-12-20 PuTTY Releases (RSA) [EMAIL PROTECTED] s.org sig! 32B903A9 2000-12-20 PuTTY Development Snapshots (RSA) putty-bugs@ lists.tartarus.org pub 1024R/B41CAE29 2000-12-20 uid PuTTY Releases (RSA) [EMAIL PROTECTED] sig! B41CAE29 2000-12-20 PuTTY Releases (RSA) [EMAIL PROTECTED] s.org sig! 1E34AC41 2000-12-20 PuTTY Master Key (RSA) [EMAIL PROTECTED] rus.org pub 1024R/32B903A9 2000-12-20 uid PuTTY Development Snapshots (RSA) [EMAIL PROTECTED] s.org sig! 32B903A9 2000-12-20 PuTTY Development Snapshots (RSA) putty-bugs@ lists.tartarus.org sig! 1E34AC41 2000-12-20 PuTTY Master Key (RSA) [EMAIL PROTECTED] rus.org pub 1024D/6A93B34E 2000-12-20 uid PuTTY Master Key (DSA) [EMAIL PROTECTED] sig!36A93B34E 2000-12-20 PuTTY Master Key (DSA) [EMAIL PROTECTED] rus.org sig! 08B0A90B 2000-12-20 PuTTY Releases (DSA) [EMAIL PROTECTED] s.org sig! 7D3E4A00 2000-12-20 PuTTY Development Snapshots (DSA) putty-bugs@ lists.tartarus.org pub 1024D/08B0A90B 2000-12-20 uid PuTTY Releases (DSA) [EMAIL PROTECTED] sig!308B0A90B 2000-12-20 PuTTY Releases (DSA) [EMAIL PROTECTED] s.org sig! 6A93B34E 2000-12-20 PuTTY Master Key (DSA) [EMAIL PROTECTED] rus.org pub 1024D/7D3E4A00 2000-12-20 uid PuTTY Development Snapshots (DSA) [EMAIL PROTECTED] s.org sig!37D3E4A00 2000-12-20 PuTTY Development Snapshots (DSA) putty-bugs@ lists.tartarus.org sig! 6A93B34E 2000-12-20 PuTTY Master Key (DSA) [EMAIL PROTECTED] rus.org 4 signatures not checked due to missing keys For the self-signatures on the DSA-type keys (and only the DSA-type keys) there is a sig!3 entry instead of a sig! entry. The other signatures on the DSA-type keys just have a sig! entry. It has been said elsewhere that the 3 in the sig!3 entry indicates a certificate check level of 3. However, the 3 does not appear on the self-signature entries for the RSA-type keys. Is this to do with the key types (the DSA type and the RSA type), the way that the keys were created and/or signed, or some other reason? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: sig!3 entry vs sig! entry on certain GnuPG keys from the PuTTY software site
[EMAIL PROTECTED] wrote: The web site for the PuTTY software provides GnuPG keys to verify downloads of the PuTTY software. see http://www.chiark.greenend.org.uk/~sgtatham/putty/keys.html With these keys imported into the GnuPG public keyring, issuing gpg --check-sigs produced the following output (the user name has been redacted): snip For the self-signatures on the DSA-type keys (and only the DSA-type keys) there is a sig!3 entry instead of a sig! entry. The other signatures on the DSA-type keys just have a sig! entry. It has been said elsewhere that the 3 in the sig!3 entry indicates a certificate check level of 3. However, the 3 does not appear on the self-signature entries for the RSA-type keys. Is this to do with the key types (the DSA type and the RSA type), the way that the keys were created and/or signed, or some other reason? It's to do with the way the keys were signed at the time they were generated. There is a default certification level option that can be used either on the command line or in a config file - normally GnuPG will ask you for the certification level when you sign a key, but the default /can/ be used if the right options are set, and /will/ be used at the time of key generation. -- Alphax Death to all fanatics! Down with categorical imperative! OpenPGP key: http://tinyurl.com/lvq4g signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: sig!3 entry vs sig! entry on certain GnuPG keys from the PuTTY software site
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alphax wrote: There is a default certification level option that can be used either on the command line or in a config file - normally GnuPG will ask you for the certification level when you sign a key, but the default /can/ be used if the right options are set, and /will/ be used at the time of key generation. I believe you will not normally be asked for a cert-level, at least not with most recent versions of gpg (I forget when that changed exactly). You must set ask-cert-level in your config or on the command line to be prompted. - -- ToddOpenPGP - KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp == What it means to take rights seriously is that one will honor them even when there is a significant social cost in doing so. -- Ronald Dworkin -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) iQFDBAEBAgAtBQJE7v24JhhodHRwOi8vd3d3LnBvYm94LmNvbS9+dG16L3BncC90 bXouYXNjAAoJEEMlk4u+rwzjBxAH/3g+/Whk3cubupcbQPQ0uIa/NjwxZOH20ABZ ZWyTR1++ZHJgNxyUcqN+MkeiVCtS3uieqEFfDV40v53aZE2flAr/gDZWcwG5Xlek qWJOn9EnOzjsoHLVbWekBGA88IAx4X6yyBd5qvoEwYynkW/tIInNQqmtg1/HNYmI IjJjtGrWSATEdJ5o4Ojmqmwz0R4vhpVVSfXXReQ42Fb03VXBgy6/soNjZzsUrza2 IrjTyW23+W0vfKbgEZTjrqG+Kdz5BXHfPlG4TRqwdGlRCJUT5Twzhv1NiXW1m3Q3 spnI8bm6SDWBXcLD51yFZ8bDkAObffpQ86XyrDWnz3YcYK48k4A= =jwpd -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users