On Tue 13/Jun/2023 13:02:09 +0200 Alexander Leidinger via Gnupg-users wrote:
Quoting Alessandro Vesely (from Tue, 13 Jun 2023 11:19:02
+0200):
On Tue 13/Jun/2023 08:46:06 +0200 Alexander Leidinger via Gnupg-users wrote:
Quoting Alessandro Vesely via Gnupg-users (from Mon,
12 Jun 2023 18:45
On Tue 13/Jun/2023 11:40:39 +0200 Werner Koch via Gnupg-users wrote:
BTW, the whole DKIM thing does not protect the body of a mail because
for example the Content-type is not commonly included in the hash and
thus you can change the boundary in this header and then tweak the body.
That hack
On Tue 13/Jun/2023 08:46:06 +0200 Alexander Leidinger via Gnupg-users wrote:
Quoting Alessandro Vesely via Gnupg-users (from Mon, 12
Jun 2023 18:45:37 +0200):
The From was re-written be the list and as such the header check fails. The
body check fails as the list adds the following
On Tue 13/Jun/2023 09:26:06 +0200 Alexander Leidinger via Gnupg-users wrote:
Quoting Werner Koch via Gnupg-users (from Tue, 13 Jun
2023 09:02:31 +0200):
lists.gnupg.org does not do DKIM. I know stripped the obvious wrong
DKIM-Signature headers before they are processed by Mailman. Let's see
On Mon 12/Jun/2023 21:24:54 +0200 Konstantin Ryabitsev via Gnupg-users wrote:
On Mon, Jun 12, 2023 at 06:45:37PM +0200, Alessandro Vesely via Gnupg-users
wrote:
What the list-software would need to do is to strip the original DKIM signature
Why? Original signatures can often be recovered
On Mon 12/Jun/2023 13:05:51 +0200 Alexander Leidinger via Gnupg-users wrote:
Quoting Alessandro Vesely via Gnupg-users (from Mon, 12
Jun 2023 10:57:32 +0200):
Hi,
would someone please explain DKIM settings of lists.gnupg.org?
I'm not involved in gnupg.org administration, but it looks like
Hi,
would someone please explain DKIM settings of lists.gnupg.org?
Looking at recent posts, I counted 44 with a failed signature by d=gnupg.org,
22 with no DKIM signature at all and none with a good signature.
I'm asking because there was a proposal to eliminate SPF from DMARC
On Mon 17/Oct/2022 09:43:56 +0200 Werner Koch via Gnupg-users wrote:
How to check whether GnuPG has been fixed
~
GnuPG is the most prominent user of Libksba and it is not immediately
visible whether a fixed version of Libksba is used. To check this
On Tue 28/Sep/2021 17:39:29 +0200 Bernhard Reiter wrote:
Feedback (and help) is always appreciated.:)
I'm not sure if WKD/forHosts would be a better location than WKDHosting.
Anyway, I'd publish the test suggested by Alissa on this list on 8 July 2019:
gpg --homedir "$(mktemp -d)"
On Fri 29/May/2020 12:29:48 +0200 Stefan Claas wrote:
> Binarus wrote:
>> On 28.05.2020 23:21, Stefan Claas wrote:
>>>
>>> while it is not my business, I do not understand why you have to
>>> take care about the Thunderbird issue, as a users and not the
>>> Aufsichtsbehörde ... If for example you
On Wed 13/May/2020 11:54:12 +0200 Damien Goutte-Gattat via Gnupg-users wrote:
> On Wed, May 13, 2020 at 10:02:14AM +0200, Sylvain Besençon via Gnupg-users
> wrote:
>
>> I guess that Curve 25519 is mentioned in the IETF standard, isn't it?
>
> Not yet. Officially, only the NIST P-256, P-384, and
On Mon 07/Oct/2019 12:04:33 +0200 Werner Koch via Gnupg-users wrote:
> On Sat, 5 Oct 2019 21:21, vedaal said:
>
>> and then a separate option of
>> "Export Secret Keys"
>
> The OP explictly suggested to make the exporting of the secret key not
> too easy so that users don't accidently send out
On Tue 13/Aug/2019 13:07:07 +0200 Peter Lebbing wrote:
> On 13/08/2019 09:54, Alessandro Vesely via Gnupg-users wrote:
>> More than a reasonable number of signatures makes no sense in
>> practice, so I agree lists should somehow be "fixed" so as not to
>>
On Tue 13/Aug/2019 12:08:31 +0200 Werner Koch Via Gnupg-users wrote:
> On Tue, 13 Aug 2019 09:54, gnupg-users@gnupg.org said:
>
>> The bug, however, is in the program that chokes on poisoned keys!
>
> Nope. This is a long standing DoS protection by limiting the total
> length of a keyblock.
On Mon 12/Aug/2019 19:27:49 +0200 Peter Lebbing wrote:
> On 12/08/2019 18:39, Stefan Claas via Gnupg-users wrote:
>> Why was is then not fixed a decade ago, like it was done with 2.2.17?
>
> There is no fix for the SKS keyserver network, which explains why it
> wasn't fixed in 2.2.17 either. In
On Tue 12/Feb/2019 19:36:12 +0100 Werner Koch wrote:
> On Mon, 11 Feb 2019 14:04, ves...@tana.it said:
>
>> WELLKNOWN :=
>> https://openpgpkey.example.org/.well-known/example.org/openpgpkey
>>
>> doesn't seem to make much sense to me. I tried it with posteo.de, and got:
>
> The two parts were
Werner,
I just saw version -07 today. The advanced method:
WELLKNOWN := https://openpgpkey.example.org/.well-known/example.org/openpgpkey
doesn't seem to make much sense to me. I tried it with posteo.de, and got:
ale@pcale:~/tmp$ dig +short openpgp.posteo.de
89.146.220.134
ale@pcale:~/tmp$
On Sat 09/Feb/2019 11:20:39 +0100 Wolfgang Traylor wrote:
>
> Is there a way to upload my public key to the Web Key Directory (WKD) of my
> email provider using command-line tools?
It might be possible, but not straightforward. The protocol is designed to
work over SMTP. It makes sense that a
On Wed 26/Dec/2018 22:59:19 +0100 Stefan Claas wrote:
>
>> You seem to have already solved that:
>
> May i ask you what version of GnuPG you are using and what OS?
Sure:
ale@pcale:~/tmp$ uname -a
Linux pcale 4.9.0-8-amd64 #1 SMP Debian 4.9.130-2 (2018-10-27) x86_64 GNU/Linux
ale@pcale:~/tmp$
On Wed 26/Dec/2018 10:39:39 +0100 Stefan Claas wrote:
>
> I have set up WKD on my VPS, in order to learn more about it and get now
> the following error:
>
> gpg --encrypt -r s...@300baud.de OpenSSL.txt
> gpg: error retrieving 's...@300baud.de' via WKD: Not trusted
You seem to have already
Hi Damien,
On Tue 11/Dec/2018 19:11:03 +0100 Damien Goutte-Gattat wrote:
>
> I know of at least one NFC-enabled OpenPGP card, the "Fidesmo
> Card" [1].
I contacted Leif Scheppelmann at Cotech.de. He says they don't have a shop for
their cards because end user market is too small. However,
On Thu 13/Dec/2018 10:48:52 +0100 Andreas Schwier wrote:
>
>> I agree that smartphones are not safe, but I am not particularly in favor of
>> smartcards, dongles, and security tokens like yubikeys, either.
>>
>> Any kind of special-purpose cryptographic *hardware* is essentially
>>
ard, somehow?
Best
Ale
--
> On Tue, Dec 11, 2018, 10:14 AM Damien Goutte-Gattat via Gnupg-users
> mailto:gnupg-users@gnupg.org> wrote:
>
> On Tue, Dec 11, 2018 at 12:35:57PM +0100, Alessandro Vesely wrote:
> > Is it possible to get OpenPGP functionality o
Hi all,
I'm trying to spread use of OpenPGP among users of my tiny mail server. I'm
recommending 4096-bit keys on smart card, which seems to be the safest bet for
a long lasting setup. I print email addresses on the cards, and publish their
keys on the web server's wkd.
My problem is with
Henry Hertz Hobbit wrote:
1. Vista considers the %ProgramFiles% area as semi-protected. Since
GnuPG is installing into this area, it is a reason for concern.
Next question is Why is GnuPG installing into this area?
___
Gnupg-users mailing list
Joseph Oreste Bruni wrote:
Trying to secure webmail is a lot more tedious since you'd need to
prepare the email in a local text-editor, sign it using GnuPG, and
paste the resulting text into your browser.
There are webmail servers that can do that. The security is weaker,
as one has to
Ryan Malayter wrote:
On 5/17/07, Alessandro Vesely [EMAIL PROTECTED] wrote:
Not quite. That may happen as an undocumented side effect on some
(or all) OS versions, and is not what the function is meant to do.
The documentation clearly states:
These pages are guaranteed not to be written
Ryan Malayter wrote:
On 5/15/07, Alessandro Vesely [EMAIL PROTECTED] wrote:
On Windows there is
just one way to share memory. Memory locking must be understood in that
context. It is meant for synchronization purposes, not for security.
LocalLock() and GlobalLock() do indeed seem
Peter S. May wrote:
Peter Lebbing wrote:
an editor which will not leak the text in any way, so locking it's pages in
memory so they won't be swapped out, and other angles of attack.
...
(Developers familiar with swap-locked memory: I'd appreciate at least a
short explanation of how it
Werner Koch wrote:
[...]
Libgcrypt is a general purpose library of cryptographic building
blocks. It is originally based on code used by GnuPG. It does not
provide any implementaion of OpenPGP or other protocols. Thorough
understanding of applied cryptography is required to use libgcrypt.
Linda Jen wrote:
I am new to this list and to GnuPG.
so am I
I get the following messages in my apache server log:
[Fri Apr 20 14:10:45 2007] [error] [client 852.12.22.138] gpg: WARNING:
unsafe permissions on homedir
//.gnupg, referer:
This is actually a warning. Do ls
Hi,
I've installed a tool to verify signed mail, enigmail,
that signals lots of bad signatures, using gpg. When
I verified those messages manually they were all ok.
Disagreement happens after the tool combines text and
signature into a unique file. I reproduced it as follows:
D:\tmpgpg
32 matches
Mail list logo