Re: (No Subject)
Hi! On Wed, 4 Oct 2023 20:37, soil said: > i'd like to sign a public key that i'm keen to send emails to, but i'm > only given the option to sign with the 1st private key i set up. but In case you are using the command line this is easy: gpg -u YOURKEYID --quick-sign-key FINGERPRINT_OF_KEY_TO_SIGN You may also use gpg -u YOURKEYID --edit-key FINGERPRINT_OR_USERID_OF_KEY_TO_SIGN If you are using a GUI (e.g. Kleopatra) you will have a drop down box to select the signing key. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein openpgp-digital-signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
(No Subject)
hi, i've set up 2 public/private key pairs. with all this data stored in my linux home folder. i'd like to sign a public key that i'm keen to send emails to, but i'm only given the option to sign with the 1st private key i set up. but i'd like to keep these two keys separate and used for different use cases, and not just sign all pub keys i'm sending to from either email, with th same private key... pretty new to using PGP. explored quite bit online for solution, but can't find a way.. thanks. Sent with [Proton Mail](https://proton.me/) secure email.___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
I need help Sent from my iPhone ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
On 5/4/2021 at 1:19 PM, "Ingo Klöcker" wrote:I'd always use full disk encryption ideally with the key stored on a USB token. Otherwise, with a very good passphrase. And, after use, wipe the disk and destroy the token. Modern enterprise-level SSDs also have secure erase, but, of course, you'd have to trust the hardware manufacturer to implement it properly without any backdoors which you probably don't want to do in the above scenario. = Or, for the really paranoid ;-)you can have random data on a read-only mini cdrom,and use it as an OTP, and throw it into a garbage incinerator afterwards. But really, if anyone is up against adversaries where this is necessary,this methods may ultimately not help. These adversaries are not known for their honor and fair play ... vedaal ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
mailto:gnupg-users@gnupg.org?Subject=Re: Can IPAD or Android Tablets create Keys and use gnupg
mailto:gnupg-users@gnupg.org?Subject=Re: Can IPAD or Android Tablets create Keys and use gnupg=<20120912233505.4c747e6...@smtp.hushmail.com> Sent from ProtonMail mobile___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
amoffapu SOCORRO BEATRICE DOMINGUEZ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
https://lists.gnupg.org/pipermail/gnupg-users/2011-July/042485.html ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
Hi ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
Hi ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
What is this supposed to do ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
http://score.sacredpath4vitality.com Mark Drew ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
Hi I'm using GnuPG 2.0.29 on Solaris. This specific version is being used because it's the only one we could get installed and working. I'm trying to generate keys from a user I have su'd to, but I get the following error: gpg-agent[23024]: command get_passphrase failed: Permission denied gpg: problem with the agent: Permission denied gpg: Key generation canceled. I believe that thus occurs because when pinentry-curses is invoked by gpg-agent, the tty is owned by the original user I logged into via SSH, not the user I switched to via su. I've seen various workarounds online, but most are relevant to GNU/Linux, not Solaris (e.g. run the "script" command with the -c option, which doesn't exist on Solaris). Others have suggested using the loopback pinentry-mode, which doesn't seem to exist in version 2.0.29 of gpg-agent , as far as I can tell. Has someone got a workaround? I need to be able to use "su" as we are not allowed to log into the user directly. I'm also stuck with Solaris and the specified version of GnuPG Thanks ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Subject: Opening a gpg file format in read and write mode
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jaboatão dos Guararapes, PE, Brazil, may 06, 2015. Subject: Opening a gpg file format in read and write mode Hi everyone. I want to open a file called passwords.txt.gpg and editing it directly. The mentioned file holds a password list and I prefer not to decrypt it, that is, I want to read it directly in gpg format itself. I believe it is possible reading, editing and writing directly in gpg file format itself without decrypting it, provided that GnuPG itself does the same thing on the public keyring (pubring.gpg), on the secret keyring (secring.gpg) and on the trust database (trustdb.gpg). I hope I had made myself clear enought. Best regards. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.18 (GNU/Linux) iQEcBAEBCAAGBQJVSfRvAAoJECrgJcAIqGGA9TYIAI0k7bkuz8fGA4PKuxWweh4d uFi42d/qjorhPoOYcK+1MOUeQIXqPWCn4/WCojltrDrW1SUY9e7IxJnmaK1L52Wi zZyDPMs5JKVkZBrNzb/GB1/ZSb5QTDxqe/zc3vNSuupQ2tJ9SFx0b/BMbkxAd8PT /iTYkNYEc6M9sGLFk2CN7SdKMlEH+o2wtvoJCJJXJCF1aE7/SGJWhj1JMHFycv1x Nl4h1YSS5kNlTYls4YKQg5NpVgF98An/QnB//pmStVFly7F3q/drHJ/Kq0dg392v LyVHBAqGUg6DU9wx9TH9kHXjz19twQMWRCNDmSTvJC79A4riprewVH/nQZbFafo= =riX5 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subject: Opening a gpg file format in read and write mode
On 05/06/2015 05:04 AM, Jamenson Ferreira Espindula de Almeida Melo wrote: Hi everyone. I want to open a file called passwords.txt.gpg and editing it directly. The mentioned file holds a password list and I prefer not to decrypt it, that is, I want to read it directly in gpg format itself. I believe it is possible reading, editing and writing directly in gpg file format itself without decrypting it, provided that GnuPG itself does the same thing on the public keyring (pubring.gpg), on the secret keyring (secring.gpg) and on the trust database (trustdb.gpg). Search engine found this: http://www.vim.org/scripts/script.php?script_id=3645 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subject: cannot build database in GPA in ubuntu and won't generate GPG key.
On Thu 2015-01-15 05:42:20 -0500, georgeorwellhardwi...@riseup.net wrote: Every time I use GPA in ubuntu it says, when I start GPA: GnuPG is rebuilding the trust database. This might take a few seconds. And I can wait for hours, while nothing happens. I'm not seeing this with debian unstable, gpa version 0.9.5-2. what version of gpa are you using on what version of ubuntu? --dkg ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Subject: cannot build database in GPA in ubuntu and won't generate GPG key.
Hey. Every time I use GPA in ubuntu it says, when I start GPA: GnuPG is rebuilding the trust database. This might take a few seconds. And I can wait for hours, while nothing happens. And If I try to close the window and try to generate a GPG key, it will say: The GPGME library returned an unexpected error. The error was:General error. This is probably a bug in GPA. GPA will now try to recover from this error. Is there anyone that seen these errors before? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subject: openpgp card and basiccard RNG
On Fri, Feb 7, 2014 at 8:42 AM, Kostantinos Koukopoulos koukopoulos+gnupg-us...@gmail.com wrote: Makes sense, So does anyone know the version of BasicCard used for openpgp cards? Or who to contact with this question? I asked at the distributor ( kernelconcepts.de) and they said they couldn't answer such technical questions and suggested I try asking on this list. For everyone's information, fter getting in touch with ZeitCorp, the makers of the hardware and software in the OpenPGP cards in question, I received a reply from Michael Petig stating that they use the Professional BasicCard ZC7.5 which includes a hardware RNG. Of course in the end it still comes down to the question of how much we trust ZeitCorp, but I have no positive reason not to. Using these cards has risk of course but much smaller than the potential for increased security. Cheers, Konstantinos ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subject: openpgp card and basiccard RNG
On 13/02/14 12:13, Kostantinos Koukopoulos wrote: Of course in the end it still comes down to the question of how much we trust ZeitCorp, but I have no positive reason not to. Using these cards has risk of course but much smaller than the potential for increased security. If you create keys on the card with the option of a local backup, or if you create normal keys which you then keytocard, the included RNG is not used for key material. I don't think it's used elsewhere (apart from the obvious GET CHALLENGE command which is used to get verbatim random numbers from the RNG). Signature generation is deterministic, and the random bytes used for an encrypted message are generated by the sender, not the card. Werner Koch had this to say about an on-card RNG[1]: Compared to actual hardware RNGs they are very limited and probaly prone to errors. there is also no way to do extensive power up tests which all other hardware RNGs require. I consider a good OS supported RNG more reliable. Considering that Werner was involved in the creation of the OpenPGP card, I think the on-card RNG isn't blindly trusted. That does beg the question: is it still used when using addcardkey and declining to use a backup? HTH, Peter. PS: I restricted your statement trust ZeitCorp to the RNG. Obviously, more possibilities exist for a manufacturer to be nasty. [1] http://lists.gnupg.org/pipermail/gnupg-users/2013-June/046901.html -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subject: openpgp card and basiccard RNG
Am Do 13.02.2014, 14:32:56 schrieb Peter Lebbing: If you create keys on the card [...], the included RNG is not used How do you want to create a key on the card without an RNG? Hauke -- Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/ http://userbase.kde.org/Concepts/OpenPGP_Help_Spread OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subject: openpgp card and basiccard RNG
On Thu, 13 Feb 2014 19:32:19 +0100 Werner Koch w...@gnupg.org wrote: ... of the specs. Not of the concrete implementation. I hesitated to sign an NDA and thus have no more insight into this than most others. You've got to sign an NDA to learn about the implementation of this security device which is supposed to be open? That sounds nasty and basically means there could even be backdoors in the implementation, not only in the underlying system... Regards, Luis Ressel signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subject: openpgp card and basiccard RNG
On 13/02/14 21:13, Luis Ressel wrote: You've got to sign an NDA to learn about the implementation of this security device which is supposed to be open? You need an NDA to get the SDK, and you can't disclose the source code for your application. You don't need the implementation details of a smartcard to write an application for it. Those NDA's are rather common in the smartcard world, where companies with a lot of money are worried you'll devise a way to watch pay-TV for free and such.[1] Although I think there's a trend towards more openness, and I learned a while ago that you can get crypto-capable JavaCards these days without requiring an NDA. HTH, Peter. PS: I might be off on the exact details, this is all from an interested observer's standpoint. [1] Yes, security through obscurity. And they need the obscurity, because the security often isn't all that well. Although they have to face the problem that DRM is defective by design, and what they're doing borders on DRM, so partly it's a fundamental problem. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subject: openpgp card and basiccard RNG
Il 13/02/2014 21:29, Peter Lebbing ha scritto: Although I think there's a trend towards more openness, and I learned a while ago that you can get crypto-capable JavaCards these days without requiring an NDA. I've been able to work on JavaCards w/o having to sign anything (except the transactions to various online stores :) ). I'd have been interested in developing for Yubikey, too, but that required an NDA with NXP for their SDK, or I couldn't access the button (and access to the button was the only reason I was interested in Yubikey in the first place!). BYtE, Diego. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subject: openpgp card and basiccard RNG
On Thu, 13 Feb 2014 21:36, ndk.cla...@gmail.com said: I've been able to work on JavaCards w/o having to sign anything (except I am not interested in those small applications on the smartcard as long as I can't scrutinize the real code, i.e. the OS. Whether those applications are written for a p-code system (JavaCard, BasicCard) or for the native CPU doesn't change anything in the equation. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subject: openpgp card and basiccard RNG
Il 13/02/2014 23:20, Werner Koch ha scritto: [JavaCards] I am not interested in those small applications on the smartcard as long as I can't scrutinize the real code, i.e. the OS. Whether those applications are written for a p-code system (JavaCard, BasicCard) or for the native CPU doesn't change anything in the equation. Then where would you stop analyzing? If you look at the OS code, there could be a backdoor in the CPU microcode. Or in the chip firmware uploader (is there an HV programming mode available? was it disabled or physically removed from the die?). And these are just the most obvious. The best we can do is trust the manufacturer and read the fine print on the datasheets. It will be more secure than a sw only implementation that runs on a connected PC. ByTE, Diego ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subject: openpgp card and basiccard RNG
On Wed, Feb 5, 2014 at 10:01 AM, Michael Anders micha...@gmx.de wrote: In my opinion a (good) PRNG seeded properly under user control is no problem. If -as the FAQ seems to tell- it is primed during production, beyond user control, this implies that normal users have to fully trust the manufacturer. A malicious manufacturer would be able to completely break privacy based on the Enhanced BasicCard without the user being able to detect this. An instance is created here, deliberately and unnecessarily, which the user has to trust. This pattern smells like a backdoor mechanism to me. I would outrighly reject to use such a card. Makes sense, So does anyone know the version of BasicCard used for openpgp cards? Or who to contact with this question? I asked at the distributor ( kernelconcepts.de) and they said they couldn't answer such technical questions and suggested I try asking on this list. http://vsre.info/ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Subject: openpgp card and basiccard RNG
Hello, Aparrently the OpenPGP card is based on BasicCard [1] and from the BasicCard FAQ [2] I read: For Enhanced BasicCards, the card has no hardware generator. The Enhanced BasicCards contain a unique manufacturing number which cannot be read from outside the card. The Rnd function uses this number to generate random numbers which are different for each card. For Professional and MultiApplication BasicCards, the random number is generated by use of a hardware random number generator. Does anybody know which version of BasicCard is used for the OpenPGP cards distributed by KernelConcepts.de? If it is the Enhanced version, does the use of a pseudorandom generator pose a security risk? In my opinion a (good) PRNG seeded properly under user control is no problem. If -as the FAQ seems to tell- it is primed during production, beyond user control, this implies that normal users have to fully trust the manufacturer. A malicious manufacturer would be able to completely break privacy based on the Enhanced BasicCard without the user being able to detect this. An instance is created here, deliberately and unnecessarily, which the user has to trust. This pattern smells like a backdoor mechanism to me. I would outrighly reject to use such a card. Cheers Michael Anders ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Changing the subject WAS Re: Setting encryption algorithm for specific key
Sorry Bill, Esoteric mail reader or not, changing the subject while maintaining the subject line is bad form, and has been forever. Maybe you're new. ;-) Cheers, Ken On 2013-11-25 05:06, Bill Albert wrote: Objection: your preference of an esoteric mail reader is not relevant to the rest of us ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi everyone. The last gpg-agent supports ECDSA and putty's pageant. But, does it support ECDSA for putty/pageant ? Regards. -BEGIN PGP SIGNATURE- Version: APG v1.0.8 iQI7BAEBCAAlBQJSJbADHhxNdXN0cnVtIDxNdXN0cnVtQE11c3RydW0ubmV0PgAK CRBMuv2GX9WDnh40D/9Zf8Mho4GYBedjrKBhPq6CXLr+fBmla/VFbKa08NNDJ+Jg kA0cD/CWo/3N5QgY7bSzkzHPHFz3X3zleL/+glGci7ILgybtow8d8M6TEaxg5uUk kAsxd6As9sdTGVJqhSHwX4f6o214izkjNFl710YWqwzXqIyyf5N40jnhrNBwodvN RGIYaqIgFULRUqC8G6FOnMqGv4Oz+JOwJuwbNu/qoYDMMZ8FckOdaM0CUnpOswyY SwZTYoArFKYnzwTiEr8OEtmqEczybdgkQzeeay25cbCqZncEC0lFXizfRZl1/mBS wW4m9WrTaMuBlbJ/maHy6twAxL6PxZiQaDg8065tK060PUM1MtunTJcjZbgtRpMj culIrtlKi68rwhvVGaEp1MOSgdBKdv1gIlSizyyGwtxTZd3ZzF1QLX42JFdftNvu H5YzfG1EVTamIn7Vz0JC+cJmjnrZ54dTIDqnBe5zXc+5EFXbmIkWIOjScZzbmkcc BtyUonwFM876SGp8i0FQNgdL2ugLi4Az5yBSzNsSQqkFEbn5i0ZrEXA6ANcLBepJ mgfT3N7SuB2MygdUSVSqLCINO+LoPvAhOotsDoBuI5+H5KaaLRbSfk0nvjbhrECV 8kWpZn54BO7LgHx3YDDK5ZZBGWRLMHqNEGuYtVsoDr/G8eFDt7DeXH+2JsiNcA== =ZwEs -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
— Sent from Mailbox for iPhone___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
-BEGIN PGP PUBLIC KEY BLOCK- Version: GnuPG v1.4.11 (MingW32) mQENBE8/u9wBCAC1C/RQwrIiOIWeIthV0aaoLUZUyiI6pIO0NLcTnBtqmWdVXYrA LOxI3XroHpmuj8z3P5iW6HzSsbgGq9+3WaJn+dIY6ttSSuCw2Lc4l4b5grCuOyRp 4++U8OAoaHHtepfxBww+YeLbC3iY4xZ2yNL27enyyOkJQ9cLVEaC+Iy6hssGAuAK Vyafv9gLiTdPu6cvkccxQe8DdSnP6P+X2B9WJ9pkvGxvY6xhc9AQ5ssghWMD0F22 VbGSin9IaEyGgo2hEYNcEId8W8Cffor0Y6td17QvalGA6kQlRN9s9fhoK3sDEyNK UN/5TxiybbI5zjpcByYzq9c7Vjh+5sf/AGMBABEBAAG0J1BlYWNlYW5kbG92ZSA8 cGVhY2VhbmRsb3ZlQHRvcm1haWwubmV0PokBPgQTAQIAKAUCTz+73AIbIwUJCWYB gAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQIzpxeVm6A6Egdgf/bpDIpW7P USbc3jeqa8BfzhrjvqN9iFVQDfdoJy3TU+aAROSGaaf/BtBisnkxv/zDSMX266KK 4KCR8P4IzvZqb0IG5pVmJpc0IOmJxTpUphXJThvY12Dt6FFW5pmNPwJMvnI56yy0 X15Xi7fdHTF7qh3OXYoETVT3RSPbqpOSVARSEz66yMWJX6omxbBSVUemGRlfv5Nu jYe3vFg4VReUHwAkFcTn5siY9y/wdI1DoQBTC+qPkCGi/sp07E8YULdH8gzWBVQH NNj1Mo29741/V3qnwEd2IG7gWdWvWf+qiLUIDBVPgwnQpKPxSNGRNdlz/WHzn1S+ OGj36Ikf3K2/hbkBDQRPP7vcAQgA9b7R5zlw9FgTWcfv/YNYjfdYkAZEeFfgkjfY JlK6IlXQD/QY8eQl6YzdtbRPbnxn3zfk28PBecltOQDUaJsorSPMb2pvypDmMsSr n2j9Go4ETn3a1D3LkNw8s98Y/UfCLnHTZJjEY9SX9p49f9yjA7Ct4MxhzlC6bMb8 YsNSJDoDMefklvmd3+qSxxDmdBn8DAqWamoeTC1mh7lfzLEYVVQJKCzR4YFulnnr FD3SE1smQ8iST6YLlOqZsSuomX+uSOEuKdJRpJBQSNavP1HK/4tVrabEwmuL0CFF /2agPV62ozO6RFIuehRW8mMIcBrazHDDTQmiLO8r/vPOqV0CXQARAQABiQElBBgB AgAPBQJPP7vcAhsMBQkJZgGAAAoJECM6cXlZugOhG64IAJ8WVrQsLvg4A+BuMzT8 oB1O4iD/5hHOgMEI7XYQtvHyOtLCiQ+svyuds2eGB+fnNYP2+0JG5zxxgxJkDOZ7 hK+Pw3lkzK/Im2CF1F6sP9kgrIkNTkvUeZwTxx0cxLkzleHh31MBbkUd5M8SK/1C aGNMA7WR92n4U+6E7/+JXVERB6wBEP0B+YdhRDjdhtmUCZy/j0cd2d/VgZovkKUs GeVNc1VUTWAL+5gTTGozOVY66Wg1ZrMvOvq3hjQ6H7NwTY5AOENNZvKslr5PGMp5 FdRikO/ajXYAaNC0ixe3ONgq7pSfeXWt9R7S3IAwhrnb0O2lDz460BTfo2xvontP 13E= =yg76 -END PGP PUBLIC KEY BLOCK- -BEGIN PGP PUBLIC KEY BLOCK- Version: GnuPG v1.4.11 (MingW32) mQENBE8/u9wBCAC1C/RQwrIiOIWeIthV0aaoLUZUyiI6pIO0NLcTnBtqmWdVXYrA LOxI3XroHpmuj8z3P5iW6HzSsbgGq9+3WaJn+dIY6ttSSuCw2Lc4l4b5grCuOyRp 4++U8OAoaHHtepfxBww+YeLbC3iY4xZ2yNL27enyyOkJQ9cLVEaC+Iy6hssGAuAK Vyafv9gLiTdPu6cvkccxQe8DdSnP6P+X2B9WJ9pkvGxvY6xhc9AQ5ssghWMD0F22 VbGSin9IaEyGgo2hEYNcEId8W8Cffor0Y6td17QvalGA6kQlRN9s9fhoK3sDEyNK UN/5TxiybbI5zjpcByYzq9c7Vjh+5sf/AGMBABEBAAG0J1BlYWNlYW5kbG92ZSA8 cGVhY2VhbmRsb3ZlQHRvcm1haWwubmV0PokBPgQTAQIAKAUCTz+73AIbIwUJCWYB gAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQIzpxeVm6A6Egdgf/bpDIpW7P USbc3jeqa8BfzhrjvqN9iFVQDfdoJy3TU+aAROSGaaf/BtBisnkxv/zDSMX266KK 4KCR8P4IzvZqb0IG5pVmJpc0IOmJxTpUphXJThvY12Dt6FFW5pmNPwJMvnI56yy0 X15Xi7fdHTF7qh3OXYoETVT3RSPbqpOSVARSEz66yMWJX6omxbBSVUemGRlfv5Nu jYe3vFg4VReUHwAkFcTn5siY9y/wdI1DoQBTC+qPkCGi/sp07E8YULdH8gzWBVQH NNj1Mo29741/V3qnwEd2IG7gWdWvWf+qiLUIDBVPgwnQpKPxSNGRNdlz/WHzn1S+ OGj36Ikf3K2/hbkBDQRPP7vcAQgA9b7R5zlw9FgTWcfv/YNYjfdYkAZEeFfgkjfY JlK6IlXQD/QY8eQl6YzdtbRPbnxn3zfk28PBecltOQDUaJsorSPMb2pvypDmMsSr n2j9Go4ETn3a1D3LkNw8s98Y/UfCLnHTZJjEY9SX9p49f9yjA7Ct4MxhzlC6bMb8 YsNSJDoDMefklvmd3+qSxxDmdBn8DAqWamoeTC1mh7lfzLEYVVQJKCzR4YFulnnr FD3SE1smQ8iST6YLlOqZsSuomX+uSOEuKdJRpJBQSNavP1HK/4tVrabEwmuL0CFF /2agPV62ozO6RFIuehRW8mMIcBrazHDDTQmiLO8r/vPOqV0CXQARAQABiQElBBgB AgAPBQJPP7vcAhsMBQkJZgGAAAoJECM6cXlZugOhG64IAJ8WVrQsLvg4A+BuMzT8 oB1O4iD/5hHOgMEI7XYQtvHyOtLCiQ+svyuds2eGB+fnNYP2+0JG5zxxgxJkDOZ7 hK+Pw3lkzK/Im2CF1F6sP9kgrIkNTkvUeZwTxx0cxLkzleHh31MBbkUd5M8SK/1C aGNMA7WR92n4U+6E7/+JXVERB6wBEP0B+YdhRDjdhtmUCZy/j0cd2d/VgZovkKUs GeVNc1VUTWAL+5gTTGozOVY66Wg1ZrMvOvq3hjQ6H7NwTY5AOENNZvKslr5PGMp5 FdRikO/ajXYAaNC0ixe3ONgq7pSfeXWt9R7S3IAwhrnb0O2lDz460BTfo2xvontP 13E= =yg76 -END PGP PUBLIC KEY BLOCK- hi, need help to cantact peaceandlove ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Fwd: (No Subject)
Re: Obtain a signature ID with only a sig file? Thanks. Based on that this also worked: wget http://detached sig.gpg --output-document=- | gpg --verify - /dev/null I'm writing a kickstart script for Ubuntu and needed a way to test a repository connection before using apt. The problem with apt is that it doesn't have a way to test for connectivity with a specific repository. I wanted to test for connectivity of a newly added repo by downloading the smallest verifiable file available (because of ISP data transfer caps) and the Release.gpg is best target I've found. Even better is being able to get a verifiable key ID without having to make a temporary file. I'm not worried about verifying the Release list since apt will download that and it's own copy of the sig for verification. I just wanted to catch 404 error pages and the like without having apt download the package lists of every repo (many MB each). -- Forwarded message -- From: Anonymous Remailer (austria) mixmas...@remailer.privacy.at Date: Wed, Jan 2, 2013 at 3:17 PM Subject: (No Subject) To: jhanso...@gmail.com, gnupg-users@gnupg.org Jeff Hanson wrote: Is there a way to obtain the signature ID from a detached sig file without the signed file? I haven't been able to get anything out of gpg without both files present. echo|gpg --verify detached.sig - follow: $ gpg -b -u testkey foobar $ gpg --verify foobar.sig gpg: Signature made 01/02/13 00:00:00 using DSA key ID DEADBEEF gpg: Good signature from testkey (testkey) $ del foobar $ echo|gpg --verify foobar.sig - gpg: Signature made 01/02/13 00:00:00 using DSA key ID DEADBEEF gpg: BAD signature from testkey (testkey) $ gpg --delete-secret-and-public-key testkey sec 1024D/DEADBEEF 2013-01-02 testkey (testkey) Delete this key from the keyring? (y/N) y This is a secret key! - really delete? (y/N) y pub 1024D/DEADBEEF 2013-01-02 testkey (testkey) Delete this key from the keyring? (y/N) y $ echo|gpg --verify foobar.sig - gpg: Signature made 01/02/13 00:00:00 using DSA key ID DEADBEEF gpg: Can't check signature: public key not found $ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
Is there a way to obtain the signature ID from a detached sig file without the signed file? I haven't been able to get anything out of gpg without both files present. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
Of the five or so papers that I red, the one entitled Why Johnny Cant Encrypt was very good. After I read the paper I did my first implementation of PKI with Thunderbird, Enigmail and Mozilla and Yahoo. I found my self remembering bits and parts of this forum as well as prior experience in setting up PKI infrastructure in a lab. I also began to draw certain references from studying topics such as elliptical encryption and other security related issues. All of us are new in this post 911 cyber environment and the controls are still being implemented to monitor the people that protect our national cyber infrastructure. Accountability seems to increase when the data is encrypted as opposed to plain text. I am examining Finance House applications of PKI to establish identity (not hide it) so that transaction might be verifed with due diligence. This seems to be a certificate issue. If the certificate issuers are issuing certificates with reasonable due diligence then such transactions are reasonable. It is my opinion that certificates issued merely upon sending in a jpeg of your passport are not sufficient due to the capabilities of photo shop and the like. Thus predicating identity upon easily altered JPEGS does not demonstrate reasonable due diligence in order to cross reference to the Specially Designated National List and determine whether the access of the capitol is from Listees. Thank you for your time. Frank Spruill1701 Light StreetBaltimore MD 21230 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
http://ryanestradaphotosblog.com/wp-content/themes/twentyten/test.php?riding227.php___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
Dear Gnupg users, I am having problems installing Gnupg on Solaris 10, and am getting library not found messages from the configure script. Any help from you is greatly appreciated ! Regards -Priya- This is what I basically did. 1) I untar 'ed the build libraries from required tar files from below sites ; ftp://ftp.gnupg.org/gcrypt/libgpg-error/ ftp://ftp.gnupg.org/gcrypt/libgcrypt/ ftp://ftp.gnupg.org/gcrypt/libassuan/ ftp://ftp.gnupg.org/gcrypt/libksba/ ftp://ftp.gnupg.org/gcrypt/pinentry/ ftp://ftp.gnu.org/gnu/make/ ftp://ftp.gnu.org/gnu/pth/ 2) After unzip/untar, formed below directories: Under /export/apps/gnupg egate dirs drwxr-xr-x gnupg-2.0.17 drwxr-xr-x libassuan-2.0.2 drwxr-xr- libgcrypt-1.5.0 drwxr-xr-x libgpg-error-1.9 drwxr-xr- libksba-1.2.0 drwxr-xr- make-3.82 drwxr-xr- pth-2.0.7 3) I ran build.sh file in downloaded make directory ( /export/apps/gnupg/make-3.82 ). I think that activated ‘make’ command. Than I ran make in same directory. 4) Ran ‘configure’ in /export/apps/gnupg/libgpg-error-1.9 ./configure …… …… ………... config.status: creating config.h config.status: config.h is unchanged config.status: executing depfiles commands config.status: executing libtool commands config.status: executing po-directories commands config.status: creating po/POTFILES config.status: creating po/Makefile Libgpg-error v1.9 has been configured as follows: Platform: sparc-sun-solaris2.10 6) Ran ‘make’ command in /export/apps/gnupg/libgpg-error-1.9 7) But, when I try to build the libgcryp, I get below error. pwd /export/apps/gnupg/libgcrypt-1.5.0 ./configure checking which public-key ciphers to include... dsa elgamal rsa ecc checking which message digests to include... crc md4 md5 rmd160 sha1 sha256 sha512 tiger whirlpool checking which random module to use... default checking whether use of /dev/random is requested... yes checking whether the experimental random daemon is requested... no checking whether MPI assembler modules are requested... yes checking whether memory guard is requested... no checking whether use of capabilities is requested... no checking whether a HMAC binary check is requested... no checking whether padlock support is requested... yes checking whether AESNI support is requested... yes checking whether a -O flag munging is requested... yes checking for gpg-error-config... no checking for GPG Error - version = 1.8... no Configure: error: libgpg-error is needed. See ftp://ftp.gnupg.org/gcrypt/libgpg-error/. Seems - libgcrypt appears to depend on libgpg-error, and I haven't successfully built libgpg-error. 8) The libgpg-error build installed the library somewhere that the libcrypt or libassuan build can't find - looking back at the log of the build, could not find exact install the library file? I added the path /export/apps/gnupg/libgpg-error-1.9 to the $LD_LIBRARY_PATH environment variable in .profile. Still does not recognize the libgpg-error ! 9) Tried to build libassuan ; same error as above. cd libassuan in Folder /export/apps/gnupg/libassuan-2.0.2 ./configure Still getting message: checking for gpg-error-config... no checking for GPG Error - version = 1.8... no configure: error: libgpg-error was not found___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
I am using gpg-agent to manage my github ssh key. I generate my (private) ssh key via openpgp2ssh from my private gpg key. Unfortunately, although my private gpg key is not password protected, gpg-agent asks me for a password (via a nice X dialog) before I ssh to github. Entering nothing works fine, and I can connect to github. ~$ eval $(gpg-agent --enable-ssh-support --daemon) ~$ gpg2 --export-secret-keys | openpgp2ssh | ssh-add /dev/stdin Identity added: /dev/stdin (/dev/stdin) ~$ ssh g...@github.com PTY allocation request failed on channel 0 Hi xxx! You've successfully authenticated, but GitHub does not provide shell access. Connection to github.com closed. Is there any way I can disable this needless dialog? I am running GNU/Linux; Debian 6; x86_64 - gpg-agent 2.0.14 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
Hi -- Best regards MFPAmailto:expires2...@ymail.com Never interrupt me when I'm trying to interrupt you. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
Hello all I am trying to automate gnupg and im really struggling with the batch file in trying to use, please could somebody help me? for test purposes i have created a drop folder in the root of C: C:\outgoingdropfolder i want to be able to drop any type of file in here with any file name, GPG to encrypt the file and place the encrypted version of that file in another location (for test purposes this is C:\encryptedfolder) this is the command ive placed into a batch cd C:\program files (x86)\gnu\gnupg gpg --batch --yes --output C:\encryptedfiles\*.gpg -e -u leeelcockstokey -r leeelcocksfromkey C:\outgoingdropfolder\* What i need the automation to do is the following for example I drop the file lee.txt into drop folder, GPG then encrypts it and places into encrypted files folder called lee.txt.gpg I have the batch running every minute on windows scheduler. I want to drop any file into the drop folder and GPG to output the encyrpted file with the same name. The file names will be different everytime. Any help with this greatly appreciated Lee Elcocks ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
I am using paperkey 1.2 from http://www.jabberwocky.com/software/paperkey/ and dmtxwrite version 0.7.3 libdmtx version 0.7.3 If I run this command: gpg --export-secret-key my...@me.com | paperkey --ignore-crc-error --output-type raw | dmtxwrite -e8 -f png my_pdf_file.png I get the 2D barcode generated correctly -- if the key is 1024 or 2048. If I try this with a secret key that is 4096, I am left with 20x20 pixel image that in no way looks complete. I wonder if there's a limitation with either paperkey or dmtxwrite, or if I am doing something wrong. If this isn't the right forum, please let me know... John ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi - -- Best regards MFPAmailto:expires2...@ymail.com Ultimate consistency lies in being consistently inconsistent -BEGIN PGP SIGNATURE- iQCVAwUBS4aK6aipC46tDG5pAQoWfgP+Kaflz5+32QsDfOJBV+tm33kXb8oDQzMo 5NJUH40YjCcrxbPU3rDiIb9Fznix3BSMyPysoX/+mHwwk10IdpsTdCv1bMAj31dZ Udpy9FZ0MI0HtoefXu6Q1JnQ2mplEY7slfVRjW/7A80NNqCHXjzblyx1CiRbctoH H4lA5mMEbvQ= =95Dh -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
As a new user to GnuPG 1.4.9 I'm not having a good day with the product. When importing a key, I receive a 'Permission denied' during the pubring renaming process. Log follows. Any help would be appreciated. Thank you. Steve Hrzic C:\Documents and Settings\momadministratorgpg --version gpg (GnuPG) 1.4.9 (Gpg4win 1.1.4) Copyright (C) 2008 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: C:/Documents and Settings/Default User/Application Data/gnupg Supported algorithms: Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2 C:\Documents and Settings\momadministratorgpg --import d:\mykey_key.asc gpg: renaming `C:/Documents and Settings/Default User/Application Data/gnupg\pub ring.gpg' to `C:/Documents and Settings/Default User/Application Data/gnupg\pubr ing.bak' failed: Permission denied gpg: error writing keyring `C:/Documents and Settings/Default User/Application D ata/gnupg\pubring.gpg': file rename error gpg: key BDFC43BD: public key [User ID not found] imported gpg: error reading `d:\\mykey_key.asc': file rename error gpg: import from `d:\\mykey_key.asc' failed: file rename error gpg: Total number processed: 0 gpg: imported: 1 (RSA: 1) C:\Documents and Settings\momadministrator ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
Anybody got any idea why my non-root admin user's ~/.gnupg directory is or should be owned by root? This is on a Mac, where root logins are generally disabled, so that, for instance, we install with sudo make install. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subject: Re: recover private key
On Tue, Jan 13, 2009 at 10:34 PM, Robert J. Hansen r...@sixdemonbag.orgwrote: Avi wrote: Yes, Robert, that is possible. However, IIRC, signatures come with a time stamp. The OpenPGP time stamp is not a trusted timestamp and should not be relied upon for any trusted purpose. Point taken. In the case I am envisioning, the quotER is taking it from somwhere, and the quotEE can show the prior, complete post. Yes, this does not prevent someone from pre-creating two different messages, but someone resorting to that level of duplicity is both uncommon and will likely have other prevaricatory methods as well. There's no pre-creation necessary in the scenario I outlined. Maybe I just know an uncommon class of scoundrels, but that level of skullduggery is fairly tame in my experience. Again, point taken, and remind me not to trust your friends with my wallet 8-) Thanks for the explanations, Robert. --Avi en:User:Avraham pub 1024D/785EA229 3/6/2007 Avi (Wikipedia-related) aviw...@gmail.com Primary key fingerprint: D233 20E7 0697 C3BC 4445 7D45 CBA0 3F46 785E A229 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subject: Re: recover private key
Avi wrote: On Tue, Jan 13, 2009 at 10:34 PM, Robert J. Hansen r...@sixdemonbag.org wrote: There's no pre-creation necessary in the scenario I outlined. Maybe I just know an uncommon class of scoundrels, but that level of skulduggery is fairly tame in my experience. Again, point taken, and remind me not to trust your friends with my wallet 8-) The first lesson in computer security is to *think* like the bad guys. One must foresee the skulduggery to defend against it in advance. Good idea on the wallet. ;-} -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:pgp-public-k...@gingerbear.net?subject=help Q:Just how do the residents of Haiku, Hawai'i hold conversations? A:An odd melody / island voices on the winds / surplus of vowels signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subject: Re: recover private key
Yes, Robert, that is possible. However, IIRC, signatures come with a time stamp. In the case I am envisioning, the quotER is taking it from somwhere, and the quotEE can show the prior, complete post. Yes, this does not prevent someone from pre-creating two different messages, but someone resorting to that level of duplicity is both uncommon and will likely have other prevaricatory methods as well. --Avi On 1/13/09, Robert J. Hansen r...@sixdemonbag.org wrote: Avi wrote: For example, given the possibility of a piece of an e-mail being quoted out of context, signing my messages allows me to demonstrate the totality of what I did write at the time I wrote it, so I have a recourse to show the entire post and its context. The same would apply for text documents, etc. Yes and no. If I ask Avi, did you really say 'I liked Yasser Arafat'?', you might present me with this message: With respect to the Munich Massacre -- I don't know who was ultimately responsible for it, but I always liked Yasser Arafat as the chief culprit. ... But unbeknownst to me, you /did/ actually say I liked Yasser Arafat. I liked him quite a bit, really. I often had him over for tea and scones and we would talk about our families. When confronted with the quote I like Yasser Arafat, you wanted to be able to deny saying it. So you wrote up an innocuous text message involving the Munich Massacre, reset your computer clock back, signed it, and then presented me with the doctored message as proof of what you _really_ said at that point in time. You cannot use signatures to put excerpts in context, not in the general case. The timestamp problem is a killer. If the person presenting you with a quote also includes the signature of the message they're quoting, though, then yes, this becomes possible. But if they're excerpting you, odds are good they don't have your signature. -- Sent from my mobile device en:User:Avraham pub 1024D/785EA229 3/6/2007 Avi (Wikipedia-related) aviw...@gmail.com Primary key fingerprint: D233 20E7 0697 C3BC 4445 7D45 CBA0 3F46 785E A229 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subject: Re: recover private key
Avi wrote: For example, given the possibility of a piece of an e-mail being quoted out of context, signing my messages allows me to demonstrate the totality of what I did write at the time I wrote it, so I have a recourse to show the entire post and its context. The same would apply for text documents, etc. Yes and no. If I ask Avi, did you really say 'I liked Yasser Arafat'?', you might present me with this message: With respect to the Munich Massacre -- I don't know who was ultimately responsible for it, but I always liked Yasser Arafat as the chief culprit. ... But unbeknownst to me, you /did/ actually say I liked Yasser Arafat. I liked him quite a bit, really. I often had him over for tea and scones and we would talk about our families. When confronted with the quote I like Yasser Arafat, you wanted to be able to deny saying it. So you wrote up an innocuous text message involving the Munich Massacre, reset your computer clock back, signed it, and then presented me with the doctored message as proof of what you _really_ said at that point in time. You cannot use signatures to put excerpts in context, not in the general case. The timestamp problem is a killer. If the person presenting you with a quote also includes the signature of the message they're quoting, though, then yes, this becomes possible. But if they're excerpting you, odds are good they don't have your signature. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subject: Re: recover private key
Avi wrote: Yes, Robert, that is possible. However, IIRC, signatures come with a time stamp. The OpenPGP time stamp is not a trusted timestamp and should not be relied upon for any trusted purpose. In the case I am envisioning, the quotER is taking it from somwhere, and the quotEE can show the prior, complete post. Assuming you still have a copy of the message, yes. But in the case you're talking about, what does the signature buy you? Yes, I did write that, but in the full context (available at this link...) you see I meant something quite different. That's as effective with a signature as without. So I don't see how this is an example of the utility of a signature. Yes, this does not prevent someone from pre-creating two different messages, but someone resorting to that level of duplicity is both uncommon and will likely have other prevaricatory methods as well. There's no pre-creation necessary in the scenario I outlined. Maybe I just know an uncommon class of scoundrels, but that level of skullduggery is fairly tame in my experience. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subject: Re: recover private key
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Robert J. Hansen escribió: ... If the person presenting you with a quote also includes the signature of the message they're quoting, though, then yes, this becomes possible. But if they're excerpting you, odds are good they don't have your signature. If they excerpt the message, I can claim it was forged... sure, people can believe my word, or not... but at least, signing the message would not harm me. And if the present the whole message, including the signature, then they can't change the context... In that context my signature is protecting me or at least, it would be neutral... Anyway, *I* think digital signatures doesn't have to be perfect, since they intend to (somehow) replace the handwritten signatures, which can also be forged... if a digital signature is not easier to forge than a handwritten signature, I would consider it as a authenticity proof. Of course, if there are legal or economical stuff involved, I would also need to know the security policies used to keep the private key safe, but usually I would not require something so elaborated... But that is just _my opinion, if somebody is a bank CEO, probably he would have a different point of view about this subject... Best Regards. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEcBAEBCAAGBQJJbWIYAAoJEMV4f6PvczxAYU8H/37jZf5sFq2SLS27DgX1Caam UCMw3JOqnUUGkwFDT9G2C9cfP/nYRG2jAMd5z5Nd8O1m+C9Umuew/8x2+z0a3JhV YOLoiiRqJ3KacFKPEROnaFEyf3Vyh1Wf49PtRB51HEnA+EeHg5VvXlaKlCuDlQ7u w8q7SPX1d300+WgFg4+2owFFFfiVam4canjVTe8A3OmIq1ybTUTHkTDY4t1qR7kV SZSPjau7SB0PVNMdmS1JAU5M0Atn0WkKXI2StMYo1+MnwUYshztj3ND2RQT8XgOs v9LUkTrZ6Ys1GjPL9pdJC7PLWfnhlsccCdaGRVhQprv2r229qqXA53/Q/MaxtZ4= =i2sE -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
Kevin Pahnke B2B Integration Team Lead Appleton 825 E. Wisconsin Ave. Appleton, WI 54912-0359 Helpdesk: (800) 345-8791 Phone: (920) 991-8453 Fax: (920) 991-7463 www.appletonideas.com ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
Kevin Pahnke B2B Integration Team Lead Appleton 825 E. Wisconsin Ave. Appleton, WI 54912-0359 Helpdesk: (800) 345-8791 Phone: (920) 991-8453 Fax: (920) 991-7463 www.appletonideas.com ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Subject: I saw this strange thing...
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Sorry. I try to, but gmail's web interface hides the subject of a reply as the defualt, and I do forget. Thanks, - --Avi -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) - GPGshell v3.64 iEYEAREDAAYFAkhYSysACgkQy6A/RnheoikOywCcCN7VPrZuvQJbyFcydanl4ink 5TkAniYcP26nk9HA6lzIu/yYqLoS3OJa =I3Yk -END PGP SIGNATURE- 2008/6/17 [EMAIL PROTECTED]: - Forwarded message -- From: John W. Moore III [EMAIL PROTECTED] To: #3GnuPG Users List gnupg-users@gnupg.org Date: Tue, 17 Jun 2008 10:47:42 -0400 Subject: Re: Armor Icon Associated with 7-Zip Executable -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Avi wrote: For what its worth, I recall getting the gpg icon when I recently installed 7z as well. The 'armor' icon indicates that the .exe File has a companion detached Signature file. Had You also downloaded the Sig File You could have verified that the .exe File had been signed by the Author. FWIW: When Replying to a Subject contained within a Digest it is better form to Change the Subject in the Posted Reply to indicate what the Post pertains to. This facilitates Readers in parsing those items they are interested in. JOHN ;) Timestamp: Tuesday 17 Jun 2008, 10:47 --400 (Eastern Daylight Time) -BEGIN PGP SIGNATURE- Version: GnuPG v1.5.0-svn4754: (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: https://www.gswot.org Comment: Homepage: http://tinyurl.com/yzhbhx iQEcBAEBCgAGBQJIV86MAAoJEBCGy9eAtCsPT+wIAIuJ6Jz654f44T9VshZznoHv X7yYXCPnr4et7bR5eBqv43oO6rAumWT2ID/MaEioIZ06MS+LH4ucJKnj1YcYR7ZF EqoZA3ljc63ONax6Zl5h1XefSEPRMsPAJAWMQeuJm9LT5GQckNHgNqCoiHyFUD1p payYDhQCi1CyYQVkljHQlnIml6odhuFCWiZ3iJCWbQK0Ksnbt6bCSbkoeNfsQPGM TBMBoCdjlK1AwSDCsFFiZv4VSIL6x4NnvIH4pKvXILzpDlsLimO7pHXBnszM5UPa OYbU3NFQtGwFjP5YMjntS8+p95DIFFkhGFSpt4kcCfTSvK6ikYeMXgKj5qF6uMA= =kgE0 -END PGP SIGNATURE- -- en:User:Avraham pub 1024D/785EA229 3/6/2007 Avi (Wikipedia-related) [EMAIL PROTECTED] Primary key fingerprint: D233 20E7 0697 C3BC 4445 7D45 CBA0 3F46 785E A229 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
smime.p7s Description: S/MIME Cryptographic Signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
(no subject)
set show end ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
(no subject)
set help end ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: (no subject)
On 3/23/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: was checking the key preferences in gnupg 1.4.2.2(MingW32) with the SHOWPREF command, and found all the algorithms listed except for twofish the key accepts and decrypts messages done in twofish, and works fine have tested this for many of the keys and none of them display twofish in the preferences C:\gpg --edit c5dcca32 gpg (GnuPG) 1.4.2.2; Copyright (C) 2005 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. Secret key is available. pub 2048R/C5DCCA32 created: 2006-03-05 expires: never usage: CS trust: ultimate validity: ultimate sub 2048R/B9F25302 created: 2006-03-05 expires: never usage: E sub 2048R/16D982EE created: 2006-03-05 expires: never usage: S [ultimate] (1). Simon H. Garlick Command showpref pub 2048R/C5DCCA32 created: 2006-03-05 expires: never usage: CS trust: ultimate validity: ultimate [ultimate] (1). Simon H. Garlick Cipher: TWOFISH, AES256, 3DES Digest: SHA512, SHA384, SHA256, RIPEMD160, SHA1 Compression: ZIP, ZLIB, BZIP2, Uncompressed Features: MDC, Keyserver no-modify Command working OK here. Simon ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Dash escape (Was no subject)
On Sun, Jul 03, 2005 at 10:54:07PM +0200, [EMAIL PROTECTED] wrote: Hi list, I'm using GnuPG 1.4.1 on WinXP Service Pack 2. Whenever I --clearsign a text message containing some kind of list, dash characters get duplicated. Is that a feature or bug? See yourself ... As you can see OpenPGP use lines beginning with dashes to separate parts of the message. To avoid the risk for ambiguity any line beginning with a dash is escaped with a - tis is removed when the message is verified. HTH //Samuel -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - A dash followed by a space character at the beginning of the line as it is commonly used in enumerations produces an extra dash. - -Second test with a dash and no whitespace in between yields the same result. - - Third test with a dash and a tab character has the same effect. - Fourth test with a space character followed by a dash character. - Fith test with a tab character followed by a dash character. Lastly a dash anywhere inside the text like this one - isn't duplicated. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (MingW32) iD8DBQFCyEwoF64dOS3//CwRAp/SAJ9kgz6GyNx/Fzk/aap85N8jWyVHfACfd1a5 xTdO4Ue2fWP3VU2sDvKdhbA= =FZy1 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[no subject]
Hi list, I'm using GnuPG 1.4.1 on WinXP Service Pack 2. Whenever I --clearsign a text message containing some kind of list, dash characters get duplicated. Is that a feature or bug? See yourself ... -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - A dash followed by a space character at the beginning of the line as it is commonly used in enumerations produces an extra dash. - -Second test with a dash and no whitespace in between yields the same result. - - Third test with a dash and a tab character has the same effect. - Fourth test with a space character followed by a dash character. - Fith test with a tab character followed by a dash character. Lastly a dash anywhere inside the text like this one - isn't duplicated. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (MingW32) iD8DBQFCyEwoF64dOS3//CwRAp/SAJ9kgz6GyNx/Fzk/aap85N8jWyVHfACfd1a5 xTdO4Ue2fWP3VU2sDvKdhbA= =FZy1 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
(no subject)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hey everyone, just letting you all know i'm new to mailing lists. by the way, here's my public key. make sure to sign it! Public key for 0x4DB6E71B8061A830 - -BEGIN PGP PUBLIC KEY BLOCK- Version: GnuPG v1.4.1 (MingW32) mQGiBEJuhSERBADLM03wfD19tlfpwGCFhb3oHgLe/9Z2d9N9rLRNk77ISV3w9SgM P07W3x43EeM5K9rz55Islvgoa9tE1CBTzkZCxFndhsmPOUEfd4uSl/Qo+vScpEcS 3da6NkMUCx9lRv94pibTriAtqhZN37zGNtJyGHQvlGJsGfv8DK9NU3OwUwCg/5ul 8aj3sOYsPUW0hzismDMJZakD/jxeH1j3uYMSJ+TtEPiUJFysRbQ4EHA3yjlI79QM /Hn9bnTg0JXWAsMOPNr+xrCkLryYHZILfN/duVBGic7lESqWuhl19MR2hDt4yO/9 boY1q1wzDs5AkWgmSdwFdNzQcDB5xCDssjBTsL1b2zyiUOJlsntVVwHCqROyP4O3 44veA/96VlcH7B2N1YOqlgjXWTJgRqBJQaR7k6LnQTyOf4/qVyOLSiNsauZJYz2f dgqNJC3VWLG1A8zi1tp7NoKO5B6yTSVfMJcS2U/12WZBRjeNftZ8rvT9H2bnbJss 5WqcPPB6N3oMJ5T5S6XG6+eulaE5crNUnDw1anKzJlsDeE1clLQ2RGFuIE11bmR5 ICgqKipPRkZJQ0lBTCBLRVkqKiopIDxoYXJvYjAyQGVhcnRobGluay5uZXQ+iF4E ExECAB4FAkKY/RgCGyMGCwkIBwMCAxUCAwMWAgECHgECF4AACgkQTbbnG4BhqDDE CgCg+NN6isy3sMZOPLAqrTHF3ZkWo1wAoLTuZY5QEsiMjZABxq2p+DO/Z71ZtCFE YW4gTXVuZHkgPGhhcm9iMDJAZWFydGhsaW5rLm5ldD6IYQQTEQIAIQIbIwYLCQgH AwIDFQIDAxYCAQIeAQIXgAUCQpj9MQIZAQAKCRBNtucbgGGoMMO8AKDxFvBYtSlR Eefa+nuLIj47ZllZ5wCgt6KW/sDN1UIj9fRTCdK2WwGrw1WITgQQEQIADgUCQm6F IQQLAwIBAhkBAAoJEE225xuAYagw8vYAn1JGybSIfAWKCJStY+frSLHP7wsvAKC7 urTW7U9Hsruay5DDah9l0RAhT4heBBMRAgAeBQJCmOuHAhsjBgsJCAcDAgMVAgMD FgIBAh4BAheAAAoJEE225xuAYagwYq0An1KwFc5F/i7sw1aRex6tp0QL1MhVAJ0S WpzHgow1ALW0t7R27jm38yM637RBRGFuIE11bmR5ICgqVVNFIFRISVMgS0VZIEZP UiBFTkNSWVBUSU9OKikgPGhhcm9iMDJAZWFydGhsaW5rLm5ldD6IXgQTEQIAHgUC QpjqjQIbIwYLCQgHAwIDFQIDAxYCAQIeAQIXgAAKCRBNtucbgGGoMHZkAKCMfyRk r9z5u0HaYKSTmGUnvlrF4ACfZUsVVhBo2qdtMlPMO3JlH3JS8QC5AQ0EQm6FIxAE AOSh51rPgOHTzqrpTVw3cdQTl6TzdcsQgZMU9/3QgPnpmq7ae9zT/H8hfVQilCQE BH8t6gk8k7Y+ycBp/6XYbncIOnwDHHNMYe4nC/Ftsn7PwCnJ/JpLby9eOlB8zozn IJFAR8vM57Qp6xHMvppTHfyXUBki7vtU+rKTLJgFs7mxAAICA/4j68fmXRRhygBA S2GPKdUXHlPHgKoAkdbIOfuQBM86W9NKNi3L/h65iLFltvz0C1/yVdfbfRVqTJw1 KXSH25qutCdfnPxURMeL24VgX58z2/FLnlb/5yt/MNpMJPgFF3hTe/019bA8dxWU qIk4pJXMBseXqXissalCw6tvOWKyEIhGBBgRAgAGBQJCboUjAAoJEE225xuAYagw eWwAnjo+g9fNx0n3SBAXiHdUAvpFtI/QAKCkfao662U4NTZt5DDeTaim39tk3Q== =LLgi - -END PGP PUBLIC KEY BLOCK- -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCmQgrTbbnG4BhqDARAo3oAJ9GrFLwwwrr1h/uUSGtJaMCVELCsACbBV6t bD3Fx7AW6bJfxaGX8gkUbBQ= =bvJM -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
please read the documentation Re: (no subject)
Hi Dan, * Dan Mundy [EMAIL PROTECTED] [28. Mai. 2005]: hey everyone, just letting you all know i'm new to mailing lists. by the way, here's my public key. make sure to sign it! Public key for 0x4DB6E71B8061A830 -BEGIN PGP PUBLIC KEY BLOCK- Version: GnuPG v1.4.1 (MingW32) mQGiBEJuhSERBADLM03wfD19tlfpwGCFhb3oHgLe/9Z2d9N9rLRNk77ISV3w9SgM You are new to public key cryptography also, aren't you? Please read the documentation, especially: http://www.gnupg.org/gph/en/manual.html#AEN335 Ciao, Gregor ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Sign my key - Was (no subject)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 How do we know it's really yours or that you are really you? I'll accept that this message was signed with it, but by signing you key it means I have no doubt that it really does indeed belong to Dan Mundy. And I've nver met him. I personally don't have any signatures except from my other identities (who have seperate keys instead of subkeys), I will have more, I'm waiting for my local LUG's keysigning party after their next meeting. To miss-quote someone else here. (It's got the same jist) People travel long and far to get their key's signed. I'd give you some links off hand (if I had any on hand) for how to find any keysigning parties or people in your area who will meet with you to sign your key. You should look yourself, and I'm sure there are plenty of other people here who have those links handy. Good luck. - -Francis Dan Mundy wrote: hey everyone, just letting you all know i'm new to mailing lists. by the way, here's my public key. make sure to sign it! -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (Darwin) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCoIAoTJEaZCt0gQsRAk0oAJ4vOh/8Vrfw+dysa4UoPDfOhexQdwCfeB4r gZogKpH5OCVXUXyOw0kKtNQ= =W/a9 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Sign my key - Was (no subject)
Francis Gulotta wrote: How do we know it's really yours or that you are really you? I'll accept that this message was signed with it, but by signing you key it means I have no doubt that it really does indeed belong to Dan Mundy. And I've nver met him. I know this is rather controversial, but for a lot of people it doesn't matter if the person really is Dan Mundy, since Dan Mundy is just a string, and doesn't really have any inherent meaning attaching it to a physical entity. You can be *somewhat* sure that if you send an encrypted email to some address, and they respond to its contents, that someone who has access to that mailbox also knows the passphrase to the relevant key. Physically meeting someone doesn't prove that the keyholder hasn't shared the passphrase and private key. If there's a picture UID on the key and it matches the person that you physically meet, it doesn't prove that the person you met has the passphrase to the key, or that they have access to the mailbox associated with the key. With a photo ID, it can prove (to the extent that they have proven it to the ID issuer, i.e. not a whole lot) that the name on the key matches the person you've physically met. But if you interact primarily over the net, that doesn't really matter. There's a major missing link between the email address and the physical person at the meeting. For purposes of network addresses, I mostly couldn't care less if the person who uses the email address [EMAIL PROTECTED] *actually* goes by the name, or is known to some government by the name Dan Mundy. What I do care about is that the same keyholder who signed this message, also signed that one, and I have some basis for believing they both came from the same person. And *that* is the important step. I can build up a level of trust based on the contents of messages signed by that key. If he starts spouting crap that is inconsistent with prior messages, I can lower my trust on the determination that his key has been compromised, or he's gone nuts, or he's changed his mind. But what he's actually named by his parents is totally irrelevant to that. If I was entering into some sort of contract with him, validating the government ID might start to matter so I could enlist some governmental aid in enforcing it, if it became necessary. But the more risk I'm taking in some contract, the less likely I am to trust any middle-men to have verified someone's identity. -- Bad - You get pulled over for doing 90 in a school zone and you're drunk off your ass again at three in the afternoon. Worse - The cop is drunk too, and he's a mean drunk. FUCK! - A mean drunk that's actually a swarm of semi-sentient flesh-eating beetles. gpg/gpg key id: 51192FF2 @ subkeys.pgp.net signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Sign my key - Was (no subject)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Well, I'm glad someone out there saw that message... anyway, now I've got the hang of these mailing lists! Alright, I understand that nobody really knows I'm Dan Mundy. But about key signing parties, you guys really are nerds! Oh well, I guess I am one too... Anyway, I've been spreading the word about gnupg, and hopefully some of my friends will get a key. In fact, I think by the end of the weekend, we will have a new guy, so to speak... Hope he joins this mailing list! Dan -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (MingW32) - GPGshell v3.44 iD8DBQFCoLJLTbbnG4BhqDARAg/DAKCDtq8YrX3zAly9qei5UidrhN7XJQCgmJVY CbAK3PB5GrIkT//iqGIlB4w= =V6WX -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
