me answer from a little different perspective. Anyone can generate
some piece of text and encrypt it using your public key. There is
nothing special about encrypting your mails vs encrypting arbitrary
data. So if that were a problem, access to your mails would be entirely
irrelevant to it.
--
Be
brochen (broken pipe)
> 2020-08-28 21:21:13 gpg-agent[23604] DBG: chan_10 -> ERR 67141741
> Datenübergabe
> unterbrochen (broken pipe)
>
> I went back to 2.2.21.
>
Maybe it's the same root cause as https://dev.gnupg.org/T5039
--
Best regards,
Michał Górny
signature.asc
Desc
bikey
> for key storage & usage. Works flawless with GnuPG 2.2.21.
>
I suppose I'm hitting the same problem. With 2.2.22, I need to manually
run 'gpg --card-status' after rebooting to get Nitrokey working.
--
Best regards,
Michał Górny
signature.asc
Description: This is a digi
additional offline laptop[1]
> connected to my smartphone via a USB OTG cable
> and an FTDI USB to USB cable, costs for both less then 20 USD. When both
> devices are connected one uses on the laptop
> CoolTerm (cross-platform) and on the Android device serial usb terminal,
> avail
used it, etc...
--
Best regards,
Michał Górny
signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On Mon, 2020-05-25 at 10:01 +0200, Peter Lebbing wrote:
> On 25/05/2020 09:47, Michał Górny wrote:
> > ...and that's really a good thing they can do that instead of choosing
> > a more painful way of getting your fingerprints.
>
> How is that an advantage compared to
nstead of choosing
a more painful way of getting your fingerprints.
--
Best regards,
Michał Górny
signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
-keyservers.net,
> hkps://pgp.mit.edu
>
> The keyserver that is used in Kelopatra (GPG4Win) is:
>
> hkp://keys.gnupg.net
$ host keys.gnupg.net
keys.gnupg.net is an alias for hkps.pool.sks-keyservers.net.
--
Best regards,
Michał Górny
signature.asc
Description: This is a
e older one or
> ??
>
This depends on the keyserver implementation. Generally, the new key
gets merged into the old one. Sometimes the stale data is cleaned up,
sometimes it remains. The same happens when you fetch updated key
from the keyserver.
--
Best regards,
Michał Górny
signature.asc
Descr
m
> not a python programmer (the python2/3 migration catastrophe has put me
> off ever wasting my brain cells on it) but I might be willing to suffer
> it for this one project.
>
Gentoo has removed it back in 2018. It says:
| Please use caff from app-crypt/signing-party instead.
Mayb
G is entirely happy with
the result after rewrapping at 50 chars, as well as after cheap
rewrapping with uneven lines.
--
Best regards,
Michał Górny
signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
em revoked
and the other not? Is GnuPG refusing to make a new signature when
the old one is revoked a bug?
--
Best regards,
Michał Górny
signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnup
d to proceed as if no DNS records were
received, and attempt to perform the request via proxy? TIA.
[1] https://bugs.gentoo.org/661376
[2] https://bugs.gentoo.org/661376#c31
--
Best regards,
Michał Górny
signature.asc
Description: This is a digitally signed
ers to authenticate
> their keys against the keyserver with an received encrypted email
> and it also allows keeping third party signatures, compared to
> Hagrid.
>
> https://keys.mailvelope.com
>
This domain seems not to resolve with DNSSEC-capable resolvers.
--
Best regar
need to take any action"
>
> (Again, third, fourth, and fifth ways are welcomed.)
>
The latter. Let's wait a bit how things emerge. It would be silly to
have people redo their keys just to have them redo them for ECC again
soonish.
--
Best regards,
Michał Górny
signature.as
nstalled.
--
Best regards,
Michał Górny
signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
ll and medium
> businesses, and cripple the base of normal human communication.
>
Exactly. Some companies just close, some live hoping their non-
compliance won't be caught. And by 'non-compliance', I'm not talking
about personal data abuse, just not meeting the nonsense.
--
On Wed, 2019-07-03 at 03:01 -0700, Mirimir via Gnupg-users wrote:
> On 07/02/2019 11:42 PM, Michał Górny wrote:
> > Then, they may decide to start mass poisoning other keys just to
> > prove this is not the right solution.
>
> If what I propose is workable, attackers ca
________
>> Gnupg-users mailing list
>> Gnupg-users@gnupg.org
>> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>>
>
>___
>Gnupg-users mailing list
>Gnupg-users@gnupg.org
>http://lists.gnupg.org/mailman/listinfo/gnupg-users
(I'm replying from phone, sorry about lack of line wrapping and uncut quote)
--
Best regards,
Michał Górny
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
il address is present, then it is reliably
confirmed.
--
Best regards,
Michał Górny
signature.asc
Description: This is a digitally signed message part
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
be
'good enough'. That is, as long as attackers won't decide to create
and verify humongous number of e-mail addresses.
This could work fine alongside 'first-party attested blah blah' model,
or at least work as an interim solution until the latter is widely
deployed.
-
d then
become defunct because few years later nobody wants to touch them.
Presuming you're still able to build them. It's ironic people still
don't see that even though SKS has just proven an example of that.
--
Best regards,
Michał Górny
signature.asc
Description:
ely why we've decided it for syncing
distribution keys in Gentoo. However, the main problem with WKD right
now is that AFAIK GnuPG doesn't support refreshing existing keys via WKD
-- we had to employ a large hack to do it.
--
Best regards,
Michał Górny
signature.as
ultiple new keyservers up, and gain advantage
over other servers in the pool. In fact, this is probably easier than
corrupting the single central server.
--
Best regards,
Michał Górny
signature.asc
Description: This is a digitally signed message part
___
o install it in the hardware and go
straight for the unencrypted data? In fact, I'm pretty sure they would
actually encourage you to use strong encryption just to let your guard
down!
--
Best regards,
Michał Górny
signature.asc
Description: This is a digitally signed mes
can detect re-use of phone number or email addresses for
> human verification."
>
Don't you think that brute-forcing a hash of a phone number would be
trivial?
--
Best regards,
Michał Górny
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
password containing one digit
and one special character, you replace trivial passwords with trivial
passwords followed by '1!'.
--
Best regards,
Michał Górny
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
;
> Are there any advantages of disadvantages either way?
>
Gentoo policy [1] requires split signing subkey. The main advantage is
that you can then store primary key offline, and not have it exposed
the same way subkeys are.
[1]:https://www.gentoo.org/glep/glep-0063.html
--
Be
the revocation signature separately.
>
> Can you please enter a feature request at dev.gnupg.org?
>
https://dev.gnupg.org/T4370
Thanks.
--
Best regards,
Michał Górny
signature.asc
Description: This is a digitally signed message part
___
Gnu
revoked, and use that for the purpose. However,
I think it would be much more convenient if had an option to generate
the revocation signature separately.
--
Best regards,
Michał Górny
signature.asc
Description: This is a digitally signed message part
30 matches
Mail list logo
