GnuPG and PGP 5.0 compatibility problem
Hello, I got a problem with GnuPG and PGP 5.0: Also PGP 5 accepts my key, it is not possible for PGP 5 to encrypt with my key. It´s not even displayed in the selection dialog when I try to encrypt something (it shows identities correct in key list (but expiration not)). I read in the FAQ that PGP 5.0 does not accept ElGamal keys of type 20, but my key doesn´t seem to be of that type (--list-packets says version 4, algo 16, created 1153340019, expires 0) There seem to be another problem, do you have any idea how to solve it? In case you´re wondering, I do have PGP only for testing purpose, because I can´t get EUMEL of the 1822direkt bank (a system that sends you a OpenPGP encrypted mail with financial transactions on your account) to work, they use PGP 5.0. Sincerely, Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Openpgp card serial numbers
On Mon, 16 Jul 2007 11:50, [EMAIL PROTECTED] said: The specification for Openpgp card states that the serial number (+ manufacturers ID) must be globally unique. I wonder if this is truly needed or if unique enough would be ok. I have assigned the unmanaged S/N range: FF00..FFFE - Range reserved for randomly assigned serial numbers. Serialnumbers with manufacturer ID in this range are an exception to the rule that they should be unique. It is expected that such a serialnumber is assigned using a true random function which generates 5 bytes (4 for the actual serial number and one to select a manufacturer ID out of this range). Note, that the 0x is not part of this range. Implementers using serial numbers as a unique ID should keep in mind that duplicates may happen. Using the of manufacturer IDs out of this range should only be done if no other way of obtaining a manufacturer ID is possible. [Assigned 2007-07-17] I hope this satisfies your need. As written, it is an expection and should be avoided. In particular, if you target one specific card type it might be possible to use its native S/N and map it to a a proper serial number. We can then ask for a manufacturer ID to be used with this card and application. Salam-Shalom, Werner pgpky6i5DV6aI.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
openpgp card sharing violation
Hi, I have started to get these errors when trying to use my openpgp card. g4dual:~ tw$ gpg --card-status gpg: detected reader `OMNIKEY CardMan 3121 0 0' gpg: pcsc_connect failed: sharing violation (0x801b) gpg: card reader not available gpg: OpenPGP card not available: general error They do not happen all the time, but always when the machine has just booted up. Removing and replacing the card in the reader often persuades the set up to work. I have tried it with my other scmart card reader SCR335 and get the same. Also with various gpg from 1.42 up. This started to occur after I moved to a dual cpu machine - I can't ever having had it on my old machine. Any wisdom gratefully received. Kind regards Tristan Williams -- Tristan Williams [EMAIL PROTECTED] http://www.tristanwilliams.com GPG: 0xD5794B10 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG and PGP 5.0 compatibility problem
I got a problem with GnuPG and PGP 5.0: PGP 5.0 substantially predates RFC2440, the IETF standard which GnuPG implements. In fact, GnuPG doesn't even have a PGP 5 compatibility mode. (It has --pgp6, --pgp7 and --pgp8, but nothing for PGP 5.) PGP 5.0 is very, _very_ out of date. Please consider upgrading to something more recent and standards-conformant. In case you´re wondering, I do have PGP only for testing purpose, because I can´t get EUMEL of the 1822direkt bank (a system that sends you a OpenPGP encrypted mail with financial transactions on your account) to work, they use PGP 5.0. To me, this would cause me to doubt whether I wanted them to have my financial information at all. -- Robert J. Hansen [EMAIL PROTECTED] Most people are never thought about after they're gone. 'I wonder where Rob got the plutonium?' is better than most get. -- Phil Munson ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: where i can download gpgsm?
the dragon ceprn at hotmail.com writes: google is your friend. I'd look here http://packages.debian.org/unstable/utils/gpgsm peace, clark 'the dragon' willis thanks but where is official site of gpgsm downloads? its made by werner koch right or its debian application??? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG and PGP 5.0 compatibility problem
On Fri, Jul 13, 2007 at 10:42:37PM +0200, Stefan Oltmanns wrote: Hello, I got a problem with GnuPG and PGP 5.0: Also PGP 5 accepts my key, it is not possible for PGP 5 to encrypt with my key. It´s not even displayed in the selection dialog when I try to encrypt something (it shows identities correct in key list (but expiration not)). I read in the FAQ that PGP 5.0 does not accept ElGamal keys of type 20, but my key doesn´t seem to be of that type (--list-packets says version 4, algo 16, created 1153340019, expires 0) There seem to be another problem, do you have any idea how to solve it? We'd have to track down what the problem was first. Understand that PGP 5.0 predates the OpenPGP standard that modern PGP and GnuPG use by quite a while. It's not massively insecure (though there were some bugs reported), but it just doesn't follow the same rule book as everyone else. The usual PGP 5 behavior when it doesn't understand something is to ignore it, as you saw. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: where i can download gpgsm?
redstar wrote: thanks but where is official site of gpgsm downloads? its made by werner koch right or its debian application??? No, it's not a Debian app. See http://www.gnupg.org/(en)/download/index.html GnuPG 2.0 GnuPG 2.0 is the new modularized version of GnuPG supporting OpenPGP and S/MIME -- ToddOpenPGP - KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~ You can make it illegal, but you can't make it unpopular. -- Anonymous pgpORViW29hrs.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG and PGP 5.0 compatibility problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Stefan wrote: But that doesn´t mean PGP 5 is insecure in any way, it´s just outdated and not RFC2440 conform, right? GnuPG is an RFC2440-conformant application. PGP 5.0 is not RFC2440-conformant. It far predates RFC2440. The two applications do not work together well. That's not to say they can't be finessed into working together. They clearly can be. However, I would not trust my financial data to a communications system that was built of parts that did not interoperate well. That said, your security model is your own lookout. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (Darwin) iQEcBAEBCgAGBQJGnPhXAAoJELcA9IL+r4EJPYEH/i689ewuA+F3lnGomQULd0/z UO+tM/Cpxkvdpbo8Pmx3dz4HznjobVZajEicuT0MRSbGtgWBNB0lDm7rN6mwPFl1 QHDBZlYSGjTu6wSc0f/G2j8wGHzWjJWKIUlknfENd3KAsNBiQ6gebVDdyUY4WGf5 ZfnOkM6YYfzRicVHGG6uNrGrFJ0dUSQ2YBrblYgxeBOCI3IsuGvrND3rG8CjNzvK llXgA4j8Hy9DG5u+DoU5lMxJP5oSUfeHO+81lbAchhz0dijY9HgeY0EG25vR75OB anopJrc3byST4c2csPC7z2K/tKEM0355VaMqRUYg4c2N/7d2+3YWTxKpJHFH9Bw= =VSvJ -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: where i can download gpgsm?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 redstar wrote: thanks but where is official site of gpgsm downloads? its made by werner koch right or its debian application??? Authenticate the source code, not the site you're downloading it from. Check to make sure the source code is signed by someone you trust (whether it be the Debian project, wk, or someone else). If it is, and the signature is valid, then use it with confidence. That said, I don't think gpgsm has an official site. It was, IIRC, part of Project Ägypten, which has since been supplanted by Ägypten2. Try: http://www.gnupg.org/aegypten2/index.html -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (Darwin) iQEcBAEBCgAGBQJGnPT0AAoJELcA9IL+r4EJgNoH/1oGUTQOUBKK/vBafz78vAVw GI1ryUzU00z2YkLLmWSLJH04VaM3gZkKwWjhvVvOtxl6VrM8Ct4wyLJrm3j7GNQP pG3hNh9i9OLruHMxjVM85A1R9fgRDezLfUjLLbFVvnqVB5sP9ivyBjIUtjxf6R2I 5hHpamv6FEqb2ryMNzgBZAhi73xlSSdMSk3Ybz+esybFLK/OJdgAN6aUm+2enI/d QdJafdLbI72RBsOFd4H4T+ADOXPqTb3IEZwxx5PxQhEhj9sUxl9BSmz6yBKGLLv1 k5p1Nw5vb67ql5ZIkbTKpDhhqpCw/kZGkAPMm+uZhmHRu6Te6deVmvGaYGvJpH4= =COzO -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Pin fails with svn ssh gnupg-agent smartcard.
On Sat, 14 Jul 2007 05:00, [EMAIL PROTECTED] said: - poldi's documentation is rather hard to find on the web. For now, I found it only in the source of the poldi, and in the the source itself was not that easy to find. It's here: Ahh, you are using Poldi. I was not aware of that as it opens another case of potential problems. - in gpg-agent.conf, the line write-env-file /home/tyrael/.gpg-agent-info may perhaps work on Ubuntu, but on my Debian distribution, with a rather standard setup, this file looks more like ~/.gnupg/.gpg-agent-info-hostname. This is distribution specific. You should find a note about this in the README.Debian file. - there's a confusion between the documentation of poldi and the output of gpg --card-status concerning the expressions serial number and application ID. The wording should be consistent in order to avoid confusion. Poldi is not yet that matured Glad to have it working and stable, Good to hear. Shalom-Salam, Werner ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: openpgp card sharing violation
On Fri, 13 Jul 2007 16:31, [EMAIL PROTECTED] said: booted up. Removing and replacing the card in the reader often persuades the set up to work. I have tried it with my other scmart card reader SCR335 and get the same. Also with various gpg from 1.42 up. Is there some background process running gpg too? Is gpg-agent installed or a PAM wwith card support? Or a pcscd problem? Disable pcscd and setup gpg so that it can use its internal ccid driver. Basically setup permissions in the USB file system Salam-Shalom, Werner ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: where i can download gpgsm?
On Tue, 17 Jul 2007 18:57, [EMAIL PROTECTED] said: That said, I don't think gpgsm has an official site. It was, IIRC, part of Project Ägypten, which has since been supplanted by Ägypten2. Let me add that gpgsm is just one module from GnuPG2. Much like rmail and mailq are parts of sendmail. It does not make sense to distribute gpgsm alone. Debian has only splitted GnuPG2 up into several binary packages whereas the source package for all of them is gnupg2. Shalom-Salam, Werner ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: where i can download gpgsm?
Werner Koch wk at gnupg.org writes: On Tue, 17 Jul 2007 18:57, rjh at sixdemonbag.org said: That said, I don't think gpgsm has an official site. It was, IIRC, part of Project Ägypten, which has since been supplanted by Ägypten2. Let me add that gpgsm is just one module from GnuPG2. Much like rmail and mailq are parts of sendmail. It does not make sense to distribute gpgsm alone. Debian has only splitted GnuPG2 up into several binary packages whereas the source package for all of them is gnupg2. Shalom-Salam, Werner thanks Todd and Robert and Werneri didnt realize it, gpgsm is part of gnupg2!! now i see why, i cant find this module on gpg downloads site! i will try to build this application of gnupg2 thanks everybody. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
gpg2 for windows?
Hi, Are there any plans to provide a gpg2 installer for windows? as i am not interested in using the gpg4win package. In particular, does anyone know why the gpg4win gpg builds does not come with bzip2 support? -- Jorgen Ch. Lysdal / 0xAFFD23A6 signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
