Hello!
We are pleased to announce GPA version 0.9.4.
GPA is a graphical frontend for the GNU Privacy Guard (GnuPG,
http://www.gnupg.org). GPA can be used to encrypt, decrypt, and sign
files, to verify signatures and to manage the private and public keys.
You can find the release here:
Hello!
I am pleased to announce version 1.4.1 of GPGME.
GnuPG Made Easy (GPGME) is a C language library that allows to add
support for cryptography to a program. It is designed to make access
to public key crypto engines as included in GnuPG easier for
applications. GPGME provides a high-level
On Mon, Apr 29, 2013 at 09:29:58PM +, Henry Hertz Hobbit wrote:
On 04/29/2013 02:43 PM, M Russell wrote:
Hello,
I hope someone might be able to lend me a hand. I am running
into an error message that I resolve. I get a lock error when
trying to encrypt or decrypt a file. I found
On Wed, May 01, 2013 at 03:44:09PM +0300, Peter Pentchev wrote:
On Mon, Apr 29, 2013 at 09:29:58PM +, Henry Hertz Hobbit wrote:
On 04/29/2013 02:43 PM, M Russell wrote:
Hello,
I hope someone might be able to lend me a hand. I am running
into an error message that I resolve. I
On 04/28/2013 04:26 AM, Robert J. Hansen wrote:
On 4/27/2013 8:01 PM, Daniel Kahn Gillmor wrote:
I don't think this recommendation was made to defend against preimage
attacks. Avoiding the use of SHA-1 in certifications in general is a
step towards defend against collision attacks, which is
Thanks for the responses. I did find out that the home drive is a NFS
mount. NFS is version 3, and I don't see any nolock option specified in
/etc/fstab. It appears that NFS is mounted properly. I'm thinking it might
be a NFS problem too, but not sure were. I'll dig into that side more.
Peter Lebbing's thoughtful consideration of the issues in this thread
was spot-on, imho. Thanks, Peter!
On 04/29/2013 12:29 AM, Quinn Wood wrote:
My question in simpler terms could probably be summed up How can one find
the most popular- most signed- key (matching some query such as name or
On 5/1/2013 10:16 PM, Daniel Kahn Gillmor wrote:
It doesn't facilitate a collision attack against that specific
certification; but if a collision attack is possible against a
particular digest, then *any* signature made over that digest becomes
suspect.
First, thank you for a thorough reply.
On 05/02/2013 12:03 AM, Robert J. Hansen wrote:
Eve manages to inject data into your collection that makes the
data collection have the same digest as a particularly weird User ID
when bound to your primary key (i'm handwaving past the details of the
OpenPGP boilerplate involved in a self-sig
On 5/2/2013 12:33 AM, Daniel Kahn Gillmor wrote:
if it was a preimage attack (even for SHA1), then yeah, it'd be game
over in a lot of horrible ways i don't want to think about in detail
right now :)
I think I can make a compelling argument this is a preimage attack and
not a collision attack,
On 5/2/2013 12:48 AM, Robert J. Hansen wrote:
She cares what the collision is: it has to be a valid OpenPGP signature
sequence.
Erf, did I really write that?
s/signature/User ID
The point being the User ID isn't allowed to be completely arbitrary:
there's a lot of structure to it. I think
On 05/02/2013 12:51 AM, Robert J. Hansen wrote:
On 5/2/2013 12:48 AM, Robert J. Hansen wrote:
She cares what the collision is: it has to be a valid OpenPGP signature
sequence.
Erf, did I really write that?
s/signature/User ID
The point being the User ID isn't allowed to be completely
12 matches
Mail list logo
