Re: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org
On 30/01/12 03:23, MFPA wrote: Interestingly enough, your Sig Delimiter is bonked. That is an unfortunate consequence of signing my message with GnuPG; all lines lose trailing spaces and any line beginning with a dash gets prefixed with a dash and a space. Or: how a boring off-topic conversation got on-topic. Enigmail still recognises the bonked :) sig delimiter and correctly omits the signature when replying. That is, I assume it is Enigmail doing it for me, it seems the most logical conclusion. Could also be Thunderbird itself. Peter. PS: I wouldn't mind if this silly conversation were over. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org
On Mon, 30 Jan 2012 02:23:04 + MFPA articulated: That is an unfortunate consequence of signing my message with GnuPG; all lines lose trailing spaces and any line beginning with a dash gets prefixed with a dash and a space. That is because you are using inline rather than mime for signing. The inlinemethod has been for the most part deprecated. You might want to give serious thought to switching your signing method. By the way, as clearly stated at the bottom of my post, I do not require or want a CC'd copy. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org
On 01/30/2012 01:34, Jerry wrote: On Mon, 30 Jan 2012 02:23:04 + MFPA articulated: That is an unfortunate consequence of signing my message with GnuPG; all lines lose trailing spaces and any line beginning with a dash gets prefixed with a dash and a space. That is because you are using inline rather than mime for signing. The inlinemethod has been for the most part deprecated. Jerry, you've been around long enough to know that A) that's not true, and B) bringing it up only leads to the same rathole discussion over and over again. You might want to give serious thought to switching your signing method. By the way, as clearly stated at the bottom of my post, I do not require or want a CC'd copy. A) how unfortunate then that your signature gets clipped when I reply :) or B) Yeah, that's a silly rathole too. If you don't want the dupe, you go change your mailman settings to fix it. Meanwhile, including the poster in the reply goes back from before e-mail was a thing, and often helps carry on the conversation when the list is slow. ... and now we've come full circle Doug -- It's always a long day; 86400 doesn't fit into a short. Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org
On Mon, 30 Jan 2012 01:45:01 -0800 Doug Barton articulated: On 01/30/2012 01:34, Jerry wrote: On Mon, 30 Jan 2012 02:23:04 + MFPA articulated: That is an unfortunate consequence of signing my message with GnuPG; all lines lose trailing spaces and any line beginning with a dash gets prefixed with a dash and a space. That is because you are using inline rather than mime for signing. The inlinemethod has been for the most part deprecated. Jerry, you've been around long enough to know that A) that's not true, and B) bringing it up only leads to the same rathole discussion over and over again. You might want to give serious thought to switching your signing method. By the way, as clearly stated at the bottom of my post, I do not require or want a CC'd copy. A) how unfortunate then that your signature gets clipped when I reply :) or B) Yeah, that's a silly rathole too. If you don't want the dupe, you go change your mailman settings to fix it. Meanwhile, including the poster in the reply goes back from before e-mail was a thing, and often helps carry on the conversation when the list is slow. ... and now we've come full circle Unfortunately, eliminating dupes, aka CC'd mail is not that easy. I use to have a sieve rule that eliminated mail that was both sent to a mailing list and CC'd to me. I even went as far as having the superfluous copy sent to SpamCop thinking that perhaps the sender might get the idea that I didn't not want and specifically requested not to receive multiple copies of the same draft. Unfortunately, over the years I have not keep that rule updated. Now, thanks to you and a few other morons, I now have been sufficiently motivated to update it. Thanks Doug, it is not yet 6:30am and I have all ready added to my day's agenda. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org
That is because you are using inline rather than mime for signing. The inlinemethod has been for the most part deprecated. You might want to give serious thought to switching your signing method. Which is, why I don't understand why Enigmail still uses inline as a default setting… Cheers, steve signature.asc Description: Message signed with OpenPGP using GPGMail ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Clearsigning on Windows
Title of this says it all. How do I clear sign my stuff in the Windows version of GnuPG? -- View this message in context: http://old.nabble.com/Clearsigning-on-Windows-tp33227342p33227342.html Sent from the GnuPG - User mailing list archive at Nabble.com. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org
On 30/01/12 12:27, Jerry wrote: Now, thanks to you and a few other morons, For crying out loud, stop crying out loud. Get over it. People will CC you. Stop bothering us with your complaints every time. We all, including you, have better things to do with our time than repeating this annyoing discussion ad infinitum. While I'm at it, I might point you towards DJB's Mail-Followup-To header. It might help us all to be freed of this endless litany. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Clearsigning on Windows
On Mon, 30 Jan 2012 07:57, cco...@gmail.com said: Title of this says it all. How do I clear sign my stuff in the Windows version of GnuPG? gpg --clearsign FILE results in FILE.asc Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org
On Mon, 30 Jan 2012 15:27:37 +0100 Peter Lebbing articulated: On 30/01/12 12:27, Jerry wrote: Now, thanks to you and a few other morons, For crying out loud, stop crying out loud. Get over it. People will CC you. Stop bothering us with your complaints every time. We all, including you, have better things to do with our time than repeating this annyoing discussion ad infinitum I have all ready updated my sieve rules to include this forum. I hadn't bothered doing it before because for the most part, the posters on this forum are intelligent enough to know that you need only reply to the group unless specifically requested to do otherwise. Since this is an OPT-IN forum, the need to CC in order to reach a poster is not required. Obviously, some posters prefer to clutter up other readers with superfluous garbage. While I'm at it, I might point you towards DJB's Mail-Followup-To header. It might help us all to be freed of this endless litany. There is no such header as Mail-Followup-To. Dan Bernstein does not specify the email standards. RFC 5322 (and earlier, RFC 2822 and RFC 822) does. I thought you would have been aware of that. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [META] please start To: with gnupg-users@gnupg.org, i.e.:
- Message from Jerry je...@seibercom.net on Mon, 30 Jan 2012 06:27:41 -0500 - Unfortunately, eliminating dupes, aka CC'd mail is not that easy. I believe Doug's reference to MAILMAN settings is suggesting that you log into the mailing list manager (http://lists.gnupg.org/mailman/options/gnupg-users) Once you get in and edit your settings, the last setting is titled Avoid duplicate copies of messages? If you change this setting to Yes, the list won't send you a copy of messages to which you are explicitly addressed (To: or CC:).___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[Announce] GnuPG 1.4.12 released
Hello! We are pleased to announce the availability of a new stable GnuPG-1 release: Version 1.4.12. The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It is a complete and free replacement of PGP and can be used to encrypt data and to create digital signatures. It includes an advanced key management facility, smartcard support and is compliant with the OpenPGP Internet standard as described by RFC-4880. Note that this version is from the GnuPG-1 series and thus smaller than those from the GnuPG-2 series, easier to build and also better portable to ancient platforms. In contrast to GnuPG-2 (e.g version 2.0.18) it comes with no support for S/MIME, Secure Shell, or other tools useful for desktop environments. Fortunately you may install both versions alongside on the same system without any conflict. What's New === * GPG now accepts a space separated fingerprint as a user ID. This allows to copy and paste the fingerprint from the key listing. * Removed support for the original HKP keyserver which is not anymore used by any site. * Rebuild the trustdb after changing the option --min-cert-level. * Improved JPEG detection. * Included more VMS patches * Made it easier to create an installer for Windows. * Supports the 32 bit variant of the mingw-w64 toolchain. * Made file locking more portable. * Minor bug fixes. * Ukrainian translation. Getting the Software First of all, decide whether you really need GnuPG version 1.4.x - most users are better off with the modern GnuPG 2.0.x version. Thene follow the instructions found at http://www.gnupg.org/download/ or read on: GnuPG 1.4.12 may be downloaded from one of the GnuPG mirror sites or direct from ftp://ftp.gnupg.org/gcrypt/ . The list of mirrors can be found at http://www.gnupg.org/mirrors.html . Note, that GnuPG is not available at ftp.gnu.org. On the mirrors you should find the following files in the *gnupg* directory: gnupg-1.4.12.tar.bz2 (3500k) gnupg-1.4.12.tar.bz2.sig GnuPG source compressed using BZIP2 and OpenPGP signature. gnupg-1.4.12.tar.gz (4823k) gnupg-1.4.12.tar.gz.sig GnuPG source compressed using GZIP and OpenPGP signature. gnupg-1.4.11-1.4.12.diff.bz2 (574k) A patch file to upgrade a 1.4.11 GnuPG source tree. This patch does not include updates of the language files. Select one of them. To shorten the download time, you probably want to get the BZIP2 compressed file. Please try another mirror if exceptional your mirror is not yet up to date. In the *binary* directory, you should find these files: gnupg-w32cli-1.4.12.exe (1557k) gnupg-w32cli-1.4.12.exe.sig GnuPG compiled for Microsoft Windows and OpenPGP signature. This is a command line only version; the source files are the same as given above. Note, that this is a minimal installer and unless you are just in need for the gpg binary, you are better off using the full featured installer at http://www.gpg4win.org . Checking the Integrity == In order to check that the version of GnuPG which you are going to install is an original and unmodified one, you can do it in one of the following ways: * If you already have a trusted version of GnuPG installed, you can simply check the supplied signature. For example to check the signature of the file gnupg-1.4.12.tar.bz2 you would use this command: gpg --verify gnupg-1.4.12.tar.bz2.sig This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by that signing key. Make sure that you have the right key, either by checking the fingerprint of that key with other sources or by checking that the key has been signed by a trustworthy other key. Note, that you can retrieve the signing key using the command finger wk ,at' g10code.com | gpg --import or using a keyserver like gpg --recv-key 4F25E3B6 The distribution key 1CE0C630 is signed by the well known keys 1E42B367. If you get an key expired message, you should retrieve a fresh copy as the expiration date might have been prolonged. NEVER USE A GNUPG VERSION YOU JUST DOWNLOADED TO CHECK THE INTEGRITY OF THE SOURCE - USE AN EXISTING GNUPG INSTALLATION! * If you are not able to use an old version of GnuPG, you have to verify the SHA-1 checksum. Assuming you downloaded the file gnupg-1.4.12.tar.bz2, you would run the sha1sum command like this: sha1sum gnupg-1.4.12.tar.bz2 and check that the output matches the first line from the following list: 9b78e20328d35525af7b8a9c1cf081396910e937 gnupg-1.4.12.tar.bz2 790587e440ec7d429b120db7a96a237badc638fd gnupg-1.4.12.tar.gz 5ce9105ce6b6c9c38638eead87658f4b735a4a68 gnupg-1.4.11-1.4.12.diff.bz2 e7d8e48900d35fe407a8d8308b3a02b8de46b2f2
Re: Enigmail and PGP/MIME
On 1/30/12 12:07 PM, Werner Koch wrote: Outlook has PGP/MIME support via a plugin. Out of the box, Outlook doesn't support PGP/MIME and won't even render the plain text portions -- or, at least, such was the case the last time I checked Outlook, which was some time ago: I try to avoid dealing with Outlook whenever possible. Thunderbird at least will render the plaintext. Both are hampered by decisions of Microsoft and Mozilla, not to help implementing proper MIME handlers. [much history omitted] I'm certainly not disagreeing with any of this. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Using the not-dash-escaped option
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 NotDashEscaped: You need GnuPG to verify this message - -- Best regards ... Interestingly enough, your Sig Delimiter is bonked. That is an unfortunate consequence of signing my message with GnuPG; all lines lose trailing spaces and any line beginning with a dash gets prefixed with a dash and a space. That's exactly what the --not-dash-escaped option is for. Granted, it's not portable to some other PGP implemetations, but if there is any mailing list in world in which it would be acceptable, I would think it would be this one! :) -- Greg Sabino Mullane g...@turnstep.com PGP Key: 0x14964AC8 201201301125 http://biglumber.com/x/web?pk=2529DF6AB8F79407E94445B4BC9B906714964AC8 -BEGIN PGP SIGNATURE- iEYEAREDAAYFAk8mxLAACgkQvJuQZxSWSsgoDQCg2QifdcDmm9mfQpuD8Lzz8+2C nZAAoOUuDIohAz9OVrZEeqyBDO2dLBFV =VVmM -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Enigmail and PGP/MIME
On Mon, 30 Jan 2012 18:15, r...@sixdemonbag.org said: Out of the box, Outlook doesn't support PGP/MIME and won't even render the plain text portions -- or, at least, such was the case the last time I checked Outlook, which was some time ago: I try to avoid dealing with It renders the plain text fine, at least with OL2003 SP2. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Clearsigning on Windows
I'm at the gpg.exe application, which file do I clearsign exactly? Do I need to export my key? I'm a little new at this. Werner Koch wrote: On Mon, 30 Jan 2012 07:57, cco...@gmail.com said: Title of this says it all. How do I clear sign my stuff in the Windows version of GnuPG? gpg --clearsign FILE results in FILE.asc Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- View this message in context: http://old.nabble.com/Clearsigning-on-Windows-tp33227342p33232115.html Sent from the GnuPG - User mailing list archive at Nabble.com. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Clearsigning on Windows
Am Montag, 30. Januar 2012, 21:57:41 schrieb Belleraphone: I'm at the gpg.exe application, which file do I clearsign exactly? You are probably the only one who knows which file(s) you want clearsigned. Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814 signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Clearsigning on Windows
I realize that, but how do I make it so that my files are fit to be clearsigned? I was given a bunch of information from a website that said what needed to be clearsigned. How do I put this information into a file that gpu.exe can read and clearsign? Hauke Laging wrote: Am Montag, 30. Januar 2012, 21:57:41 schrieb Belleraphone: I'm at the gpg.exe application, which file do I clearsign exactly? You are probably the only one who knows which file(s) you want clearsigned. Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- View this message in context: http://old.nabble.com/Clearsigning-on-Windows-tp33227342p33232212.html Sent from the GnuPG - User mailing list archive at Nabble.com. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Clearsigning on Windows
On 01/30/2012 13:12, Belleraphone wrote: I realize that, but how do I make it so that my files are fit to be clearsigned? I was given a bunch of information from a website that said what needed to be clearsigned. How do I put this information into a file that gpu.exe can read and clearsign? You're probably overthinking it. Create the file in the manner that is described in your instructions, and then sign it. If that doesn't make sense to you, we need more information about what you're trying to accomplish. Doug -- It's always a long day; 86400 doesn't fit into a short. Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Clearsigning on Windows
Am Montag, 30. Januar 2012, 22:12:13 schrieb Belleraphone: I realize that, but how do I make it so that my files are fit to be clearsigned? I am not sure whether I understand what you mean. --clearsign is usable for text files only not for binary files. Those need --sign or --detach-sign. I was given a bunch of information from a website that said what needed to be clearsigned. How do I put this information into a file that gpu.exe can read and clearsign? It seems not to be possible to make a single signature for several files at once whose names are read from STDIN (or a file). But you can give several files on the command line: gpg --armor --output signature.asc --detach-sign file1 file2 file3 The result can be checked by gpg --verify signature.asc file1 file2 file3 In that case you have to check all files simultaneously. If you have a big lot of files to be signed then you can a) either create an archive file (by whatever archieve application you like and which supports reading file names from a file) and sign that single file b) use scripting (which I don't know anything about under Windows) to 1) either create the long command line The Linux (bash) way would be: gpg --armor --output signature.asc --detach-sign $(cat filelist.txt) 2) call gpg for each file (which makes sense only without a passphrase od with passphrase caching (gpg-agent) The Linux (bash) way would be: while read filename do gpg --armor --detach-sign $filename done filelist.txt Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814 signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Clearsigning on Windows
My instructions just tell me to clearsign the following and then the paste the results in a box. Here's what i have to clearsign. Keep in mind I'm using GnuPG for windows. mode new_user username XX fprint FUDForum Fossil Moin Zine Now what exactly do I do with this? I put it in a text file and then verify it with gpg.exe? The same gpg.exe thats in the pub folder? So far everytime I try to clearsign the .txt file with the info posted above but it does not work. Doug Barton-2 wrote: On 01/30/2012 13:12, Belleraphone wrote: I realize that, but how do I make it so that my files are fit to be clearsigned? I was given a bunch of information from a website that said what needed to be clearsigned. How do I put this information into a file that gpu.exe can read and clearsign? You're probably overthinking it. Create the file in the manner that is described in your instructions, and then sign it. If that doesn't make sense to you, we need more information about what you're trying to accomplish. Doug -- It's always a long day; 86400 doesn't fit into a short. Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- View this message in context: http://old.nabble.com/Clearsigning-on-Windows-tp33227342p33232502.html Sent from the GnuPG - User mailing list archive at Nabble.com. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Clearsigning on Windows
Am Montag, 30. Januar 2012, 22:53:56 schrieb Belleraphone: So far everytime I try to clearsign the .txt file with the info posted above but it does not work. It doesn't work without any explanation what exactly you have done and what It doesn't work means precisely does not make it easier to help you. You have already been told the necessary command by Werner. Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814 signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Clearsigning on Windows
On Mon, Jan 30, 2012 at 3:12 PM, Belleraphone cco...@gmail.com wrote: I realize that, but how do I make it so that my files are fit to be clearsigned? I was given a bunch of information from a website that said what needed to be clearsigned. How do I put this information into a file that gpu.exe can read and clearsign? GPG can read and clearsign any file. Just put the information into a file and then execute the given command against that file. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Clearsigning on Windows
I figured it out, there was a sign button on the windows version which was the clear sign. Hauke Laging wrote: Am Montag, 30. Januar 2012, 22:53:56 schrieb Belleraphone: So far everytime I try to clearsign the .txt file with the info posted above but it does not work. It doesn't work without any explanation what exactly you have done and what It doesn't work means precisely does not make it easier to help you. You have already been told the necessary command by Werner. Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- View this message in context: http://old.nabble.com/Clearsigning-on-Windows-tp33227342p33232991.html Sent from the GnuPG - User mailing list archive at Nabble.com. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org
MFPA wrote: Hi On Monday 30 January 2012 at 2:13:48 AM, Jerry wrote: On Mon, 30 Jan 2012 01:52:44 + MFPA articulated: Looking through recent postings, the signature delimiter seems to appear in about half of the messages on this list. - -- Best regards MFPA mailto:expires2...@rocketmail.com Interestingly enough, your Sig Delimiter is bonked. That is an unfortunate consequence of signing my message with GnuPG; all lines lose trailing spaces and any line beginning with a dash gets prefixed with a dash and a space. That is part of the OpenPGP standard RFC 4880. Trailing space removed and line endings canonicalized to CR-LF. Lines beginning with a hyphen/dash are dash-space escaped - in order to avoid confusion with OpenPGP message headers. There used to be a bug in the Mozilla mailnews code that left -- alone, but stripped the space from - -- . I think it was fixed some time ago. -- John P. Clizbe Inet: John ( a ) Enigmail DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-k...@gingerbear.net?subject=HELP ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org
Jerry wrote: On Mon, 30 Jan 2012 02:23:04 + MFPA articulated: That is an unfortunate consequence of signing my message with GnuPG; all lines lose trailing spaces and any line beginning with a dash gets prefixed with a dash and a space. That is because you are using inline rather than mime for signing. The inlinemethod has been for the most part deprecated. You might want to give serious thought to switching your signing method. I always get a chuckle every time I read someone writing that inline signing is somehow deprecated. Strangely enough, the only place I can find the origination of such an idea is in the PGP/MIME RFC 3156 itself which strikes me as somewhat self-serving. Deprecation is not mentioned in the OpenPGP standard RFC 4880. I use PGP/MIME when I know a mailing list supports it and inline when I know it doesn't. I use PGP/MIME if I know the recipient's MUA supports it, inline otherwise. On the Netiquette part of this thread, I too set a Reply-To header that seems at least one person regularly ignores. Please don't CC me on list replies. One copy is enough. -- John P. Clizbe Inet: John ( a ) Enigmail DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-k...@gingerbear.net?subject=HELP Q:Just how do the residents of Haiku, Hawai'i hold conversations? A:An odd melody / island voices on the winds / surplus of vowels ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
PGP/MIME use (was Re: META)
On 1/30/12 6:09 PM, John Clizbe wrote: I always get a chuckle every time I read someone writing that inline signing is somehow deprecated. Strangely enough, the only place I can find the origination of such an idea is in the PGP/MIME RFC 3156 itself which strikes me as somewhat self-serving. Deprecation is not mentioned in the OpenPGP standard RFC 4880. Well, in defense of that interpretation, RFC4880 just specifies a packet format and ASCII armoring -- it's deliberately silent on everything from RFCx822 integration to concerns about using it as the basis for disk encryption products. I would favor seeing an OpenPGP best practices RFC. 4880 tells us what's legal OpenPGP traffic, but says nothing about what's worthwhile. I use PGP/MIME when I know a mailing list supports it and inline when I know it doesn't. I use PGP/MIME if I know the recipient's MUA supports it, inline otherwise. This comes fairly close to my own practices, with one significant exception: since it's almost impossible for me to know whether all the MUAs used on a mailing list support PGP/MIME, I feel it's better for mailing list traffic to be inline. Of course, I really feel it's better for mailing list traffic to not be signed at all, since usually all it gives us is a false sense of security. A signature from an unvalidated key belonging to an unknown person whom we don't know from Adam doesn't mean much, if anything at all. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
GnuPG distribution signature
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hello, Is key D869 2123 C406 5DEA 5E0F 3AB5 249B 39D2 4F25 E3B6 ( 0x4F25E3B6 ) the current key used for signing files? I suppose it is, but I'd like to ask before issuing a local signature. Best Regards -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJPJyJnAAoJEMV4f6PvczxAdT0IAIk+D4P847GCWn3bZbkIqHPI rXZkdov92g25YfOXfZLJAB0J994IEdc+PwwV0T3/UdScxWxCuJpuRffVsxWyxVeO phrV1C/7vQ81OdaUR0Rq2cPb3n2vjj4lbGNTj9KHkJ34LLt5ngPp6wInf1FDoBH0 rcjtBOcjHhVZq7iSFK8No6wwjeRwSrPjcJRtdmcu6kUT0dNK1X+1ke0/Lw2FfQg6 5cJcX+yZ02/u5fNwhOr5ALP5napSsFogu3DGUFm2TD91j3zso3LA5EbRGa1hmQk4 eZeA1VURQOuIKT9VJk8pr7oXJ7yjh0veWH1BIrHf0x6Su0f5uWYSm27zWX2mveA= =XfC7 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG distribution signature
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Hi Faramir, Is key 0x4F25E3B6 the current key used for signing files? according to the website, it is: In the 3rd text paragraph on http://gnupg.org/download/integrity_check.en.html signing key links to http://gnupg.org/signature_key.en.html which lists | pub 2048R/4F25E3B6 2011-01-12 [expires: 2019-12-31] | Key fingerprint = D869 2123 C406 5DEA 5E0F 3AB5 249B 39D2 4F25 E3B6 | uid Werner Koch (dist sig) | sub 2048R/AC87C71A 2011-01-12 [expires: 2019-12-31] | | Releases done in the years 1996 to 2010 are signed by this key: | [older key summyries and ascii-armored key follows] That new key 4F25E3B6 is signed by the older signing key 1CE0C630. Olav - -- The Enigmail Project - OpenPGP Email Security For Mozilla Applications -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: Dies ist eine elektronische Signatur - http://enigmail.mozdev.org/ iQGcBAEBAwAGBQJPJ4tUAAoJEKGX32tq4e9W94kL/jypq3l1Zwmi+N4Rjkokzuaw hyx/yxU/hOqb1qE+v7sL8FdvD+jN0s+2QBOdjyya3ij1bz0s/zmNnbC64qpo818h DxW8h73gvCX9bzAfrIk6WDvpOziBPi9z0BNOlFN7Q4dcqKmOCWRmugjp2/mU/uo5 eG4UMF9dM3cIy/5DLfOBC+Dq+xAJgc6c7XIR8NL/ifp6rFYyDRrEVLHKAtZ6s8/N XNF99r0DuXIm4xmnhRJjx1nevg90SnotzLn3UbMmjFvrEOTFhk0QDXDlYybCauVd pswvHdi8m+4uUgLjtQydR5BLwzBxCITdFqGI2ac8UsCk0KocAlrtzk8XrsirjA/I sSBYdBNfEL0aVmrn2XZGHyPhUs+JSKAFOPQQ+96cJAk4uCf2/QhOCtCYfDpC9GuG gKdhEFnkecZEwoCF+kRHtQSdZ/Uexr1NxZ45EHVrDTVSTC6rbWZWQ/pYllKL+L7u kUvCdCuv33VPb0IscuLFFP0rMaSfrQ7JSWQGAfKihw== =LmkF -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
