Re: Confusion with signature digest type.
On Thu, 2 May 2013 06:48, r...@sixdemonbag.org said: thinking of these problems, and if-and-when Werner and g10 Code decide to shift the default behaviors I'm certain it will be towards a stronger hash algorithm. We always tried to make sure that new algorithms are deployed for a long time before we make them the default. The next big change will be the switch to ECC and we not even have a real GnuPG release with. I expect that in a few years we can/need to switch to ECC and with that the end of signing SHA-1 digests will have come. Given that you need to create a new key anyway, the hash algorithm will be a non-brainer then. The special cases which Daniel constructed are, well, special cases and not the common use of signatures. People designing such a system should really consult with an expert to come up with a proper plan on how to implement that system. And that plan should include a discussion of used algorithms and threat models. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
FW: gpgee operation failed
Hi, Peter. Thanks for help. I definitely will try your method next time because my colleague do the PC recovery into earlier date. Then, everyrhing goes back to normal. It used to work without signing the identity of public key though.Right now, I have no PC to try it out until next error occurs. I believe I downloaded this version gpg4win-1.1.4.exe 17-Feb-2009 17:46 9.5M . It is a little bit old but I have a hard time to install newer version on my windows XP SP3. It simplely doesn’t work on my windows XP. I googled it . Some people said , it is not compatible with windows XP SP3 Chinese system. That is why I only install the older version of gpg4win. AS for the pictures in the mail, I was not aware of that. I will make a shortcut link next time . Again, Thanks. Yuwen Pan Best Regards, -Original Message- From: Peter Lebbing [mailto:pe...@digitalbrains.com] Sent: Monday, April 29, 2013 10:02 PM To: 儒風管理部-潘右文 Cc: gnupg-users@gnupg.org Subject: Re: gpgee operation failed On 29/04/13 05:39, 儒風管理部-潘右文 wrote: Can someone help me with this error? It says Key validity - Unknown, so it seems you haven't signed the key and GnuPG is refusing to encrypt to a key of which the identity is unverified. My program version is 1.1.4. Are we talking about GnuPG 1.1.4? Because that should be exhibited in a museum instead of run on your computer. It is way too old to use. If it's the GPG4Win version, I can't tell how old it is. HTH, Peter. PS: I might be mistaken, but I think you're not supposed to include pictures in mails on the mailing list. It's better to put it on the web somewhere and include a link to it in your mail. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter -Original Message- From: Peter Lebbing [mailto:pe...@digitalbrains.com] Sent: Monday, April 29, 2013 10:02 PM To: 儒風管理部-潘右文 Cc: gnupg-users@gnupg.org Subject: Re: gpgee operation failed On 29/04/13 05:39, 儒風管理部-潘右文 wrote: Can someone help me with this error? It says Key validity - Unknown, so it seems you haven't signed the key and GnuPG is refusing to encrypt to a key of which the identity is unverified. My program version is 1.1.4. Are we talking about GnuPG 1.1.4? Because that should be exhibited in a museum instead of run on your computer. It is way too old to use. If it's the GPG4Win version, I can't tell how old it is. HTH, Peter. PS: I might be mistaken, but I think you're not supposed to include pictures in mails on the mailing list. It's better to put it on the web somewhere and include a link to it in your mail. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GPA 0.9.4 released
-BEGIN PGP SIGNED MESSAGE- w - does the new GPA work with win7-64? or are you still waiting 4funding? On 2013-05-01 (121), at 06:18:43, Werner Koch w...@gnupg.org wrote: __outer -BEGIN PGP SIGNATURE- Version: 10.3.0.8741 wsBVAwUBUYGdRUJrWteExW9jAQGMLwgAurmlVYGmxQpKHso9C4MzjnVeoMnV+6aL nA28FT/TlHHsDEHQZFSTtA9N7976qg08C7rPW7KNqe30eouIO49kLAACPLQDvCL1 vGiCqy36nfMwCnak8HHpFCYkEBHHnuDLClbfqwmi5tR9ucs+/5na2+z3iVPy7ZgU LtNbvxSBcpsBhXwVBJyQf9aKTtdjHAT2QIzGFykVZ3x+a7SBIgCKHybJGsOjvj90 JihR5XU+5PPB2IriUkrUPeEFcQC6JXYzXxwIlISj/toqulTTMrokGRJXHfDeLwmI OVlK3XhCUKwJ2IA/HfyFpZmt2psixMd5rfsWqoSYCLPJBGmMUnbI2g== =Qal0 -END PGP SIGNATURE- Hello! We are pleased to announce GPA version 0.9.4. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GPA 0.9.4 released
On Thu, 2 May 2013 00:56, ou...@interlog.com said: w - does the new GPA work with win7-64? Sure it has always worked with it. What does not work with 64 bit versions of Windows is GpgOL (Outlook plugin) [1] and GpgEX (Explorer plugin). If you encountered a problem with GPA in the 1.1.1-beta installer from last year: This was my fault: I forgot to port a patch for glib to the there included updated glib version. Salam-Shalom, Werner [1] It also does not work with any version of Outlook 2010. -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: 2.0.20 beta available
Is it planned to support --delete-secret-keys? ~abel Werner Koch: Hi, it is now more than a year since we released 2.0.19. Thus it is really time to get 2.0.20 out of the door. If you want to quickly try a beta you may use: ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-2.0.20-beta118.tar.bz2 Please send bug reports only to the mailing list. Noteworthy changes in version 2.0.20 (unreleased) - * The hash algorithm is now printed for sig records in key listings. * Decryption using smartcards keys 3072 bit does not work. * New meta option ignore-invalid-option to allow using the same option file by other GnuPG versions. * [gpg] Skip invalid keyblock packets during import to avoid a DoS. * [gpg] Correctly handle ports from DNS SRV records. * [gpg-agent] Avoid tty corruption when killing pinentry. * [scdaemon] Rename option --disable-keypad to --disable-pinpad. * [scdaemon] Better support for CCID readers. Now, the internal CCID driver supports readers without the auto configuration feature. * [scdaemon] Add pinpad input for PC/SC, if your reader has pinpad and it supports variable length PIN input, and you specify --enable-pinpad-varlen option. * [scdaemon] New option --enable-pinpad-varlen. * [scdaemon] Install into libexecdir to avoid accidental execution from the command line. The code also builds for Windows and we plan to do a Gpg4win release soon after 2.0.20. Shalom-Salam, Werner ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: 2.0.20 beta available
On 5/2/2013 8:06 PM, Abel Luck wrote: Is it planned to support --delete-secret-keys? Do existing versions not support --delete-secret-keys? I've been using 2.0.17 and 2.0.19 on both Linux and Windows and have had no issues with --delete-secret-keys. It seems to have worked for me: I moved several secret keys over to smartcards (after making offline, secure backups, of course), deleted the secret keys from the keyring, and gnupg created the appropriate stubs pointing to the smartcard without any issues. Cheers! -Pete ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
determine encryption key without trying to decrypt
Hello, how can I determine the key(s) for which a file has been encrypted without gpg trying to decrypt the file? I don't understand why --list-packets tries to decrypt it anyway. --batch and --no-tty do not solve the problem. I don't consider my two ideas very elegant: 1) Call gpg --status-fd $whatever --list-packets file.gpg, get the info from --status-fd and kill gpg 2) Start another gpg-agent, this one with --batch, and let gpg connect to this instance. I cannot imagine that this cannot be done with the gpg call alone so I hope I just don't see the good solution. Hauke -- ☺ PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04) http://www.openpgp-courses.org/ signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: determine encryption key without trying to decrypt
Am Do 02.05.2013, 23:46:41 schrieb Kristian Fiskerstrand: how can I determine the key(s) for which a file has been encrypted without gpg trying to decrypt the file? Try --list-only Yeah, that's it. Still dark corners in man gpg I am unfamiliar with... And what a response time, serverfault-like. :-) Hauke -- ☺ PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04) http://www.openpgp-courses.org/ signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: determine encryption key without trying to decrypt
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 05/02/2013 11:41 PM, Hauke Laging wrote: Hello, how can I determine the key(s) for which a file has been encrypted without gpg trying to decrypt the file? Hi Hauke, Try --list-only - -- - Kristian Fiskerstrand Twitter: @krifisk - Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 - Docendo discimus We learn by teaching -BEGIN PGP SIGNATURE- Version: GnuPG v2.1.0-beta210 (GNU/Linux) iQIcBAEBCAAGBQJRgt68AAoJEAt/i2Dj7frjMS4P/3tzsHIeiydHEaEATJd8Lxqf e4xvhSfoSUscAA4ak4nt3Ld6lfzXJiBYmKgRrHBM6/KUsFJM1e/gR1HEfvqiPcIK DTw5WuLv5lmuZwxqBCh/AYOUDkrS2WADnQsKIlpDqF6YYjqxf0Vuho5YrYGe7p7/ ItR9AqxybGKRr5LVbqz8A4se0rYSU9Ok2AWU8VGd9ZIIjYrlwLYju1XUyTcBK3s+ Q/wkaYuMCm4Lx76Ui8dfsB6JL96O8CZB5S2MKeJ8bo++DmarnZEwsoLRriFNeaZy 5LelVm9ENBkZkZBjhR76KngWnUzyqoyVXzZma5+Fjz6qhYyWocJgTTcXHd680cJL F+fm4PnOXNIZqP83uNfAW+JozlD5RjLw7W2B7kWRLeZUgWiHfwCWMP7GbkAk0nda L0sK/oNq3hBgiFod4BYd06LxJMYxS9bjpp+XfP+7zbsEw/MW6OQyhrK2eN3Vk9W5 Vhy3tpgYAIh1qrkuxq3I0ZPFodOPRZoULLQxbV/rzwre2pb/5d+wBGRL2Js6ibVT 1FtjPkhyxJug2yLRFGvWRnj9J/3V+ac9IoB6GYxNFVyKx+BfDLzxlxkCNh/8VVB7 QTCaJ44svF6QFFmxi8G9jDTB/W6xvrvkfQJoh7f40UQX1HC56LBB4xqN3bhJ48bL yGGTzww3hGj3VGPu6Ybk =zTCy -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
