On Sun, 30 Jun 2019 at 22:23:11 +, Alyssa Ross wrote:
>> Third-party signatures from locally unknown certificates are arguably
>> not so useful, so how about using ?--keyserver-options import-clean??
>> (Or even making it the default behavior?) Of course it's not perfect as
>> it still
On Sun, 30 Jun 2019 at 00:36:19 -0700, Mirimir via Gnupg-users wrote:
> | High-risk users should stop using the keyserver network immediately.
>
> So OK, I can purge requests to SKS keyservers from my machines. But what
> about upstream impacts? As I understand it, GnuPG authentication is
>
Hi,
On Fri, 09 Nov 2018 at 16:12:19 +0100, Peter Lebbing wrote:
> On 07/10/2018 03:01, Daniel Kahn Gillmor wrote:
>> Does this make sense? you just need to make sure you tie the version of
>> gpg and the keyring into the same initramfs build time.
>
> The problem is that the gpg invocation is
Hi there,
On Sun, 23 Sep 2018 at 16:19:22 -0400, Daniel Kahn Gillmor wrote:
> But the real question is: why do you need this, and what do you intend
> to do with it?
I believe it was a follow up to https://bugs.debian.org/903163, messages
≥160 in particular. TL;DR: for smartcard usage
On Tue, 23 Jan 2018 at 09:01:25 +0100, Simon Josefsson wrote:
> Guilhem Moulin <guil...@fripost.org> writes:
>> On Mon, 01 Jan 2018 at 14:28:34 +0100, Simon Josefsson wrote:
>>> I want to use ed25519/curve25519, but right now I have an offline
>>> master RSA key
Hi Simon,
On Mon, 01 Jan 2018 at 14:28:34 +0100, Simon Josefsson wrote:
> I want to use ed25519/curve25519, but right now I have an offline
> master RSA key with three subkeys. Does it work well to add new
> subkeys for Ed25519/Curve25519? What is the user experience in
> various applications?
On Fri, 22 Sep 2017 at 22:32:37 +0200, Kristian Fiskerstrand wrote:
> And what happens if you do gpg --import-options import-clean --recv-key
> ? is the bad MPI value sigs removed or still there in that case?
Should be `gpg --keyserver-options import-clean --recv-key $keyid`; or
alternatively,
On Fri, 30 Jun 2017 at 18:29:41 +0200, Peter Lebbing wrote:
> It would be really good if the SSH agent protocol would be extended to
> communicate on which tty a request comes in. Without updates to the SSH
> protocol, there is simply no way to know where it comes from.
I also hope some day this
Hi Martin,
On Wed, 21 Jun 2017 at 11:03:40 +0200, martin f krafft wrote:
> And then check this out:
>
> % gpg --edit-key 0x55C9882D999BBCC4
> […]
>
> key 55C9882D999BBCC4:
> 24 duplicate signatures removed
>
> That's a bit weird. Where do these come from?
The OpenPGP packets were not ordered
Hi,
On Sat, 14 Jan 2017 at 12:17:01 +, MFPA wrote:
> In fact, nearly a hundred signatures seem to be on the subkey
> 0x73CC004C3EE4249E rather than on any of the UIDs.
> […]
> Can anybody explain?
Using GnuPG ≥2.1.13, running `gpg --edit-key $keyID check save` should
fix it locally, cf.
On Tue, 14 Jun 2016 at 23:17:59 +0200, Werner Koch wrote:
> On Tue, 14 Jun 2016 14:11, manto...@vollbio.de said:
>> This key has been created as a more or less default 3k RSA key, and I added
>> an
>> ECC encryption subkey with curve25519 after creation.
>> What I am missing is the curve field
Hi there,
With 1.4.x and 2.0.x ‘--keyserver-options auto-key-retrieve’ provided a
convenient way to automatically download a missing key, when verifying a
message signature in the MUA for instance.
However it seems to be a noop with 2.1.11, unless the deprecated option
‘--keyserver’ is also
On Fri, 12 Feb 2016 at 20:57:18 +0100, Werner Koch wrote:
> On Fri, 12 Feb 2016 13:51, guil...@fripost.org said:
>> However it seems to be a noop with 2.1.11, unless the deprecated option
>> ‘--keyserver’ is also given. From the manpage it looks like only some
>> not all keyserver options are
On Fri, 27 Nov 2015 at 12:39:30 +0300, Dmitrii Tcvetkov wrote:
> In this case passphrase is needed to decrypt private key from keyring.
> Becuase of passphrase is not provided gpg-agent can't give gpg the
> private key.
Or perhaps Andrey tries to export an *unprotected* private key using
GnuPG
On Thu, 17 Sep 2015 at 13:56:51 +0200, Werner Koch wrote:
> To add this flag I need to find documentation on how to route DNS
> requests via tor. A simple record lookup is not sufficient.
Unfortunately this doesn't seem to be possible currently, since at the
end of the circuit creation the
On Thu, 11 Dec 2014 at 13:22:28 +0100, Peter Lebbing wrote:
On 11/12/14 11:39, Werner Koch wrote:
I will be at the 31C3 at Hamburg from the 28th (late afternoon) to the
30th. You may find me at the FSFE Assembly or ask there for my local
communication parameters.
I intend to organise a
16 matches
Mail list logo
