this is what happens when someone signs a key that shouldn't be signed.
it's based on an x.509 (hierarchical) trust model, not a pgp (distributed)
trust model, but the consequences are the same: a certification signature
that should not have been issued was issued. this is basically mallory
False positive signature verification in GnuPG
==
Summary
===
The Gentoo project identified a security related bug in GnuPG. When
using any current version of GnuPG for unattended signature
verification (e.g. by scripts and
On Tue, Feb 14, 2006 at 10:34:38PM +0100, Jim Berland wrote:
Hi everybody,
I understand the use of GPG end-to-end-encryption and use it with a
few of my contacts. What I want to make sure is the following.
I am going to move to China for some time. My email ISP is located
outside
On Wed, Feb 15, 2006 at 07:50:17PM +0100, Lionel Elie Mamane wrote:
Hi,
I'm trying to generate an authentication subkey (tied to my main
OpenPGP key) in my OpenPGP (FSFE Fellowship) smartcard (for poldi /
SSH use), but can't get it to work. gpg --edit-card and --card-status
works like a
Hi,
I'm trying to generate an authentication subkey (tied to my main
OpenPGP key) in my OpenPGP (FSFE Fellowship) smartcard (for poldi /
SSH use), but can't get it to work. gpg --edit-card and --card-status
works like a charm.
Command addcardkey
gpg: detected reader `SCM SCR 335 (60600ad9) 00
On Wed, Feb 15, 2006 at 07:50:17PM +0100, Lionel Elie Mamane wrote:
I'm trying to generate an authentication subkey (tied to my main
OpenPGP key) in my OpenPGP (FSFE Fellowship) smartcard (for poldi /
SSH use), but can't get it to work. gpg --edit-card and --card-status
works like a charm.
Lionel Elie Mamane wrote:
Hi,
I'm trying to generate an authentication subkey (tied to my main
OpenPGP key) in my OpenPGP (FSFE Fellowship) smartcard (for poldi /
SSH use), but can't get it to work. gpg --edit-card and --card-status
works like a charm.
Command addcardkey
gpg: detected