Re: WoT question - policy

kered with it, but BouncyCastle can be found here [1]. [0] https://github.com/guardianproject/gnupg-for-java [1] http://bouncycastle.org/java.html -- -- Antony Prince ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: WoT question - policy

nd it unless you use MinGW or something like it, but that will only further complicate the process. -- -- Antony Prince ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Verify that the file is from who I expect it to be from

You need to verify the key that signed it. A valid signature means nothing. A malicious actor could sign any message or days with a valid, verifiable key and send it to you. The heart of the matter is the key that signed it. Gnupg tells you which key signed the data, usually by long key ID

Re: libgcrypt

flags. If I'm wrong there, I'm sure someone else on the list can point you in the right direction. -- -- HTH, Antony Prince ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Question on Putty and gpg-agent

On 4/13/2017 1:40 PM, Antony Prince wrote: > On 4/13/2017 7:06 AM, Jerry wrote: >> On Wed, 12 Apr 2017 16:42:57 -0400, Antony Prince stated: >> ... >>> When I try to connect to the server with putty using the "Attempt >>> authentication using Pag

Re: Question on Putty and gpg-agent

On 4/13/2017 7:06 AM, Jerry wrote: > On Wed, 12 Apr 2017 16:42:57 -0400, Antony Prince stated: > ... >> >> OS: Windows 7 SP1 x64 >> Putty: 0.63 >> ... >> When I try to connect to the server with putty using the "Attempt >> authentication

Question on Putty and gpg-agent

My old key is expiring at the beginning of next month, so I've generated a new set of keys. Dropped down to 2048 from 4096 RSA since 4096 seemed a bit of overkill and have the master key in a single location. That's a different discussion. Anyway, using my new Authentication key on Linux with SSH

Re: ? Comments re key servers? re gpg-encrypted mail? re key servers carry many phony keys?

On 2/6/2017 6:01 PM, Miroslav Rovis wrote: > Maybe just if anybody can confirm whether another key is or is not > available from the common keyservers, as that is the only one that I > haven't managed to receive yet, this one: > > 3F533109A9509B14 $gpg --keyserver hkp://pool.sks-keyservers.net

Re: Paper backup of all keys

) is/are all you need since it contains all information associated with that key. -- Antony Prince Key ID: 0xAF3D4087301B1B19 Fingerprint: 591F F17F 7A4A A8D0 F659 C482 AF3D 4087 301B 1B19 URL: http://pool.sks-keyservers.net/pks/lookup?op=get=0xAF3D4087301B1B19 signature.asc Description: Open

Re: gnupg website

On 1/25/2017 4:36 PM, sivmu wrote: > Basically if you can collect a few hundred GB of data, it is trivial to > calculate the key. There is a prove of concept for https connections, > although I believe this is especially relevant for VPN connections > (openvpn uses a 64 bit ciphers (blowfish) by

Re: Fresh OS installation

On 1/20/2017 8:39 AM, unknown wrote: > Hi, > > > it worked fine, altough i got this message on the terminal: > > process@process ~ $ tar cf gnupg-backup.tar .gnupg/ > tar: .gnupg/S.gpg-agent: socket ignored > > Is this important? No. It just means that tar skipped the socket file for

Re: GnuPG to create CSR

On 1/12/2017 5:35 PM, Antony Prince wrote: > On 1/12/2017 6:14 AM, Ali Hassan Hamed Al Ajmi (eChannels) wrote: >> >> Does *"GnuPG" *support creating CR (CSR) that is compatible with >> Microsoft CA (from command line/ other tools with GUI)? > > Not sure on th

Re: GnuPG to create CSR

On 1/12/2017 6:14 AM, Ali Hassan Hamed Al Ajmi (eChannels) wrote: > > Does *"GnuPG" *support creating CR (CSR) that is compatible with > Microsoft CA (from command line/ other tools with GUI)? Not sure on that one. > If Yes, how to generate a certification request that is compatible with >

Re: gnupg-for-java

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On October 7, 2016 11:52:09 AM EDT, "Robert J. Hansen" wrote: >A while ago someone was trying to update gnupg-for-java to work with a >more >modern environment. Does anyone remember who did that work, or where I >could find

Re: gpg-agent only works when started in terminal

5-05-06 [expires: 2017-05-05] uid Antony Prince uid Antony Prince uid Antony Prince uid Antony Prince ssb 4096R/ADB13E99 2015-05-06 [expires: 2017-05-05] NOTE: uids have been altered here. They show correctly in the actual output. a

Re: gpg-agent only works when started in terminal

26 Sep 12 13:51 /usr/local/bin/pinentry -> /etc/alternatives/pinentry antony@050415:~$ /etc/alternatives/pinentry OK Your orders please -- Antony Prince Key ID: 0xAF3D4087301B1B19 Fingerprint: 591F F17F 7A4A A8D0 F659 C482 AF3D 4087 301B 1B19 URL: http://pool.sks-keyservers.net/pks/lookup?op=g

gpg-agent only works when started in terminal

I know this has got to be something simple. When invoking gpg2 normally to decrypt, I get: gpg: encrypted with 4096-bit RSA key, ID 0E98CD22ADB13E99, created 2015-05-06 "Antony Prince " gpg: public key decryption failed: No pinentry gpg: decryption failed: No secret key I hav

Re: Yubikey + GNUPG 2.1.14 + GPG Agent Forwarding + Mutt 1.6.0 (gpgme 1.6.0): Not asking for PIN for smartcard on first use of an encryption key

nentry or some such. To get it to perform a call to pinentry on your local machine would require the call to be routed back through the tunnel. Neither response is much help, I know, but just my thoughts on what the issue is. Hopefully, one of the gurus on the list can help you through it. -- Antony Prince

Re: GPGME-if gpg is necessary

nce GPGME is an interface to access the functions of gpg. You can do this directly with your program and gpg without GPGME, but it would likely be fairly cumbersome which is why GPGME came about. That's merely my understanding of it and I could be wrong. -- Antony Prince Key ID: 0xAF3D4087301B1B

Re: How to convert (ancient) key in "version 2" to more modern "version 4" format?

On 5/28/2016 6:04 PM, Bjoern Kahl wrote: > > Because I have *tons* of mails (and other archived data files) that > have been signed and / or encrypted with such keys and I (I have to > use such a strong word here) *insist* on being able to continue to > read these mails and files whenever the

Re: Can I able to integrate GNUPG windows version directly with the Android application

gt; I just realized the project I linked was the exact one you were talking about. :-) In this case though, I'd say there's no need to re-invent the wheel. They've already got it ported to Android and if you can fit it to your needs, then I'd go with that. -- Antony Prince Key ID: 0xAF3D408

Re: Can I able to integrate GNUPG windows version directly with the Android application

gt; Guardianproject has a port of gnupg to android[1] that might be of some use to you. [1]https://github.com/guardianproject/gnupg-for-android -- Antony Prince Key ID: 0xAF3D4087301B1B19 Fingerprint: 591F F17F 7A4A A8D0 F659 C482 AF3D 4087 301B 1B19 URL: http://pool.sks-keyservers.

Re: All mails identified as spams by Google

On March 25, 2016 9:24:00 AM EDT, Brad Rogers wrote: >On Fri, 25 Mar 2016 11:11:28 +0100 >Guan Xin wrote: > >Hello Guan, > >>Why does it happen? > >Google are a law unto themselves. May be a reverse lookup issue. Werner mentioned he added a V6 address to

Re: (OT) mathematicians-discover-prime-conspiracy

On March 25, 2016 12:34:51 AM EDT, Antony Prince <ant...@blazrsoft.com> wrote: >On March 24, 2016 11:17:58 PM EDT, "Marcio Barbado, Jr." ><marcio.barb...@gmail.com> wrote: >>Not sure if it's counterintuitive once tossing can be seen as >>abando

Re: (OT) mathematicians-discover-prime-conspiracy

On March 24, 2016 11:17:58 PM EDT, "Marcio Barbado, Jr." wrote: >Not sure if it's counterintuitive once tossing can be seen as >abandoning inertia. > > >Marcio Barbado, Jr. > > > >On Fri, Mar 18, 2016 at 9:18 AM, Peter Lebbing > wrote: >> On

Fwd: Re: Are ZLIB and ZLIB2 no longer supported in GnuPG?

>On February 26, 2016 2:23:12 PM EST, Anthony Papillion > wrote: > >I recently compiled the latest version of GnuPG 2 from source >(.29, I believe) and, when I tried to use it, was told that I had >invalid options in my .conf file. Specifically, it told me that ZLIB

Re: AW: Key generation with GPGME and GnuPG hangs at gpgme_op_genkey

On 1/28/2016 4:32 AM, Robert J. Hansen wrote: ... > > Antony Prince was the guy updating Guardian Project's code. See the > thread at: > > http://www.gossamer-threads.com/lists/gnupg/users/73146 > > According to Antony, you can grab his updates from: > >

Re: BAD signatures for GnuPG Stable

On 1/28/2016 12:45 AM, Antony Prince wrote: > F:\Downloads>gpg --version > gpg (GnuPG) 2.1.10 I also just realized that you said BAD signature with gnupg _stable_ and my test was not with stable. My apologies. -- Antony Prince Key ID: 0xAF3D4087301B1B19 Fingerprint: 591F F17F 7A4A

Re: BAD signatures for GnuPG Stable

using RSA key 0x249B39D24F25E3B6 gpg: Good signature from "Werner Koch (dist sig)" [full] Primary key fingerprint: D869 2123 C406 5DEA 5E0F 3AB5 249B 39D2 4F25 E3B6 -- Antony Prince Key ID: 0xAF3D4087301B1B19 Fingerprint: 591F F17F 7A4A A8D0 F659 C482 AF3D 4087 301B 1B19 URL: http

Re: Java library for OpenPGP

anproject/gnupg-for-java -- Antony Prince Key ID: 0xAF3D4087301B1B19 Fingerprint: 591F F17F 7A4A A8D0 F659 C482 AF3D 4087 301B 1B19 URL: http://pool.sks-keyservers.net/pks/lookup?op=get=0xAF3D4087301B1B19 signature.asc Description: OpenPGP digital

Re: How to get your first key signed

and do not share keys to other keyservers. The largest pool of public keyservers that I know of is the SKS pool, but there may be others that I'm unaware of. [1]https://sks-keyservers.net/ -- Antony Prince Key ID: 0xAF3D4087301B1B19 Fingerprint: 591F F17F 7A4A A8D0 F659 C482 AF3D 4087 301B 1B

Re: (OT) Blocking ICMP

, as long as you have a LOG rule before the packet is dropped of course. [1]http://cipherdyne.org/psad/ -- Antony Prince Key ID: 0xAF3D4087301B1B19 Fingerprint: 591F F17F 7A4A A8D0 F659 C482 AF3D 4087 301B 1B19 URL: http://keyserver.blazrsoft.com/pks/lookup?op=get=0xAF3D4087301B1B19 signatu

Re: (OT) Blocking ICMP

suming it is fine. Haven't looked at the iptables in a while, so I don't remember specifically. Thanks for the heads-up though. -- Antony Prince Key ID: 0xAF3D4087301B1B19 Fingerprint: 591F F17F 7A4A A8D0 F659 C482 AF3D 4087 301B 1B19 URL: http://keyserver.blazrsoft.com/pks/lookup?op=get=0xAF3D408730

Re: How to get your first key signed

ell. My name may or may not really be "Antony Prince", but the keys created with that UID are chained together by their signatures. I could go even further and make a short web page listing the previous and current fingerprints and why I revoked the previous key (called a "transition sta

Re: gnupg-for-java

For those who'd prefer a TLS encrypted download over plain FTP, the compiled binaries can be found at https://www.blazrsoft.com/gnupg-for-java . They are the exact same files as the ftp downloads, just symlinked into the web server. -- Antony Prince Key ID: 0xAF3D4087301B1B19 Fingerprint

Re: gnupg-for-java

case anyone wants to verify that the hosted files are genuinely the ones created from the source by Travis. [1]ftp://blazrsoft.com/gnupg-for-java/ [2]https://github.com/HellUnit/gnupg-for-java [3]https://travis-ci.org/HellUnit/gnupg-for-java -- Antony Prince Key ID: 0xAF3D4087301B1B19 Fingerpri

Re: gnupg-for-java

On 09/10/2015 05:17 PM, Antony Prince wrote: > without gpgme installed). I'm not 100% sure how to test the > functionality of the binary and library, so if anyone wants to give it a > go, I'd be glad to hear the results. The ftp server[2] allows for > anonymous download. > [2]ftp:

Re: gnupg-for-java

On 09/09/2015 10:45 PM, Antony Prince wrote: > since maven is actually controlling the ant build. My objective > currently is to produce the binaries for Linux since the default maven > build creates the *.jar and *.so files needed to make this process > easier for those who prefer

Re: gnupg-for-java

On 09/09/2015 01:39 PM, Antony Prince wrote: > On 09/09/2015 10:10 AM, Robert J. Hansen wrote: >> Other stuff that needs to be done: verify it works on Java 1.8, clean up >> the OS X build (which is really hackish), and consider distributing >> pre-built jarfiles co

Re: gnupg-for-java

et in touch with the guys from guardianproject and see about submitting a pull request if they feel the changes are a benefit to the project. -- Antony Prince Key ID: 0xAF3D4087301B1B19 Fingerprint: 591FF17F7A4AA8D0F659C482AF3D4087301B1B19 URL: https://keyserver.blazrsoft.com signature.as

Re: gnupg-for-java

ot a professional, expectations here should be pretty low. ;-) - -- Antony Prince Key ID: 0xAF3D4087301B1B19 Fingerprint: 591FF17F7A4AA8D0F659C482AF3D4087301B1B19 URL: https://keyserver.blazrsoft.com -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCAAGBQJV71iFAAoJEK89QIcwGxsZixEP/jNcnFl

Re: gnupg-for-java

On 09/08/2015 05:52 PM, Antony Prince wrote: > On 09/08/2015 05:29 PM, Robert J. Hansen wrote: >> The offender seems to be jUnit. The gnupg-for-java code uses a lot of >> imports like "junit.framework", and the current jUnit drops everything >> in the org.junit

Re: Trying to install version 2.1.4

before /bin in the PATH. After reading the other replies though, I'm not sure whether this will cause any keyring issues. I haven't experienced any in my case, but I haven't tested it extensively. - -- Hope that helps, Antony Prince -BEGIN PGP SIGNATURE- Version: GnuPG v2

liblber-2.4 compile error for dirmngr 1.1.0

-llber to the LDAPLIBS variable in the Makefile for dirmngr. root@050415:/usr/local/src/dirmngr-1.1.0/src# diff Makefile.bak Makefile 160c160 LDAPLIBS = -lldap - --- LDAPLIBS = -lldap -llber Just a heads-up as I'm not sure if anyone else has run into this issue. - -- Antony Prince Key ID

Re: One alternative to SMTP for email: Confidant Mail

. I could be wrong though and I'm sure Mike can explain it better. -- Antony Prince Key ID: 0x4F040744 Fingerprint: FE96 5B7F A708 18D3 B74B 959F A6E1 6242 4F04 0744 URL: keyserver.blazrsoft.com signature.asc Description: OpenPGP digital signature

Re: PGP/MIME (Was: One alternative to SMTP for email: Confidant Mail)

. Viewing my own PGP/MIME mails in the Sent folder does not show any attachments, but the signature verifies. -- Antony Prince Key ID: 0x4F040744 Fingerprint: FE96 5B7F A708 18D3 B74B 959F A6E1 6242 4F04 0744 URL: keyserver.blazrsoft.com signature.asc Description: OpenPGP digital signature

Re: upgrading v1 to v2

odd that they wouldn't since Ubuntu is known for keeping its repositories pretty up-to-date. -- Antony Prince Key ID: 0x4F040744 Fingerprint: FE96 5B7F A708 18D3 B74B 959F A6E1 6242 4F04 0744 URL: keyserver.blazrsoft.com signature.asc Description: OpenPGP digital signature

Re: upgrading v1 to v2

, etc.) especially for software that has a one man development team. -- Antony Prince Key ID: 0x4F040744 Fingerprint: FE96 5B7F A708 18D3 B74B 959F A6E1 6242 4F04 0744 URL: keyserver.blazrsoft.com signature.asc Description: OpenPGP digital signature

Re: upgrading v1 to v2

), but its easy to see how that could be confusing. Easier than compiling it and all its dependencies from source, that's for darn sure. -- Antony Prince Key ID: 0x4F040744 Fingerprint: FE96 5B7F A708 18D3 B74B 959F A6E1 6242 4F04 0744 URL: keyserver.blazrsoft.com signature.asc Description

Re: bugs.gnupg.org TLS certificate

into the downsides or repercussions of relying strictly on such a system (if external CA's no longer existed, for example). [1]https://tools.ietf.org/html/rfc4035 [2]https://tools.ietf.org/html/rfc6698 - -- Antony Prince Key ID: 0x4F040744 Fingerprint: FE96 5B7F A708 18D3 B74B 959F A6E1 6242 4F04 0744 URL

Re: bugs.gnupg.org TLS certificate

benefit as far as internet security is concerned. Thanks for your reply BTW. :) - -- Antony Prince Key ID: 0x4F040744 Fingerprint: FE96 5B7F A708 18D3 B74B 959F A6E1 6242 4F04 0744 URL: https://hkps.pool.sks-keyservers.net/pks/lookup?op=getsearch=0xA6E162424F040744 -BEGIN PGP SIGNATURE

Re: bugs.gnupg.org TLS certificate

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 3/13/2015 9:28 PM, Antony Prince wrote: As far as I know, most if not all of the DNS resolvers immediately available on a client system don’t perform DNSSEC validation. I use BIND(named) as my DNS server and it is DNSSEC capable as well

Re: Unattended signing

key and rotate it periodically if you're concerned about the key being compromised, especially since the key will not be password protected. I could be horribly wrong, but that's my two cents on it. - -- Antony Prince Key ID: 0x4F040744 Fingerprint: FE96 5B7F A708 18D3 B74B 959F A6E1 6242 4F04

Re: Help need to use truecryt + openpgp applet.

@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users I wasn't aware TrueCrypt had been abandoned. I also haven't visited their site for some time. That's a shame though. Its a useful piece of software. I hope someone continues in their footsteps. - -- Antony Prince Key ID: 0x4F040744