Hi list,
I did search but did not find a useful answer to my question. In 2017
someone else asked:
During generating the keys on the GnuPG card, one can (and should)
create some backup of the secret key into a file. It is totally
unclear to me how to make something usefull out of this file,
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
In gpg.conf I have set these two options
default-key 2C8E43DAEBB23B3E668AF459A197DF6B6AE1EF56
default-recipient-self
These worked fine for one key. I now want to use two, in other words: every
message and file I encrypt shall also be encrypted
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Kristian,
Look into the encrypt-to option
thanks a lot, didn't find it since it's in a different page on the web:
gnupg.org/documentation/manuals/gnupg-devel/GPG-Key-related-Options.html
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Daniel,
I'd also rather use the analogy of a padlock without key to be distributed by
the receipient of a message. That way you're able to explain the prerequisite
for asymmetric crypto as we use it in OpenPGP: the receipent must do something
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Steve,
maybe you just want to clean sigs using one of the import/export options.
Olav
___
- From /man gpg/
*--import-options parameters*
This is a space or comma delimited string that gives options for importing
keys. Options can be
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Edwin,
IN SHORT
To your question: I don't think there is a mobile solution for ePGP available.
LONG ANSWER
I wasn't aware that you referred to a product. I interpreted Enterprise PGP as
(any) enterpsise-grade OpenPGP-Implemenation. I
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Edwin,
[...] The current ePGP tool as-is is more of desktop solution. [...] Is
there an Enterprise PGP solution for mobile devices running Android/iOS?
you mean something that does not only work as plugin for default Android/iOS
Mail apps
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Edwin,
The question is about data-in-motion (email). Is there a way to extend the
deployment to cater for emails sent from mobile devices (running Android
and iOS OSes)?
I am sure you did a search before you posted this, didn't you?
It
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi list,
I asked dkg off-list whether a whitespace after the field name-value delimiter
would be OK. He answered:
monkeysign will accept it with spaces, but the Vcard format commonly used
for personal metadata like this tends to expect no
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Werner,
am 19.12.2013 11:08, schrieb Werner Koch:
Today GNU Privacy Guard (GnuPG) has launched its first crowdfunding
campaign [1] with the aim of building a new website and long term
infrastructure. The 24.000 EUR target ...
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi list,
for a couple of years now I use an OpenPGP SmartCard for my daily mail.
Every message I sign gets signed by the card, every encrypted message I
receive gets decrypted by it. My v1 card failed one day without warning,
my v2 card works
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi GnuPG users,
I see at https://www.enigmail.net/documentation/quickstart-ch1.php that
GnuPG 2.0 is apparently recommended (at least for Windows).
You may use Enigmail with either GnuPG 1.4 or 2.0.
The reasons for the recommendation are
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Dear W.,
I have installed Win7-64bit and Thunderbird.
OK
Have I no chance to install GnuPG / enigmail-plugin in Thunderbird?
There should be no problem to do so. Install Thunderbird from
https://www.mozilla.org/de/thunderbird
GnuPG from
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Werner,
Given that the default for smartcards is to store the backup on disk and
ask the user to move it to a safer place, we might as well do something
similar for revocation certificates. Comments?
my vote: yes. Non-intrusive
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Werner,
When creating a key using Enigmail, it asks the user to save a rev cert.
CLI should do the same.
You mean printing a hint to create a recovation certificate would be
enough?
well, first it's just my opinion. Second, I'd vote
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi anonymous writer,
Smartcard or cryptostick will not help in my situation.
might a SmartCard with reader that has its own pinpad help?
http://www.gnupg.org/howtos/card-howto/en/ch02s02.html#id2519120
Olav
- --
The Enigmail Project -
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi John,
current directory issue, I am curious about why including it would result
in a less secure situation.
I did not exactly say that it does. I said that I prefer it that way since it
uses well-defined places that I may look after.
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi John,
some of your questions might be answered by reading README.W32 which you can
find in the doc folder of GnuPG source tarballs:
| GnuPG makes use of a per user home directory to store its keys as well as
| configuration files. The
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hello, John.
Is that about right, then?
Yes.
Would it not be true that gpg.exe would finally look in its own current
directory, which should suffice consequently for this purpose?
That's an authors' decision. I'm fine with it. It gives
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Len,
I used PGP years ago and created key pairs. I should probably create new
ones. Is there any good reason I should keep my old decryption keys?
you must distinguish between using your old keys for new messages/files and
keeping them to
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Sebastian,
How can i control the gpg-agent?
http://www.gnupg.org/documentation/manuals/gnupg/Agent-Configuration.html
There are a few configuration files needed for gpg-agent. By default they may
all be found (or created) in the current
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Kevin, list,
I just upgraded from Mac OS X 10.7 to 10.8, and my ZeitControl cards, which
were formerly working perfectly, are now inaccessible.
please note that 10.8 brings significant changes (namely sandboxing) to Mac OS X
which does
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi kunle odu,
you posted 3 messages to the GnuPG mailing list. There is a better place to
get help with Enigmail: http://www.mozdev.org/mailman/listinfo/enigmail/
Please subscribe and post further messages there.
And before you post, please
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Marko,
how I understood your issue: you have a key, changed it's passphrase and used
it successfully after that. Then, after some time, you could no longer use it
since GnuPG said you entered a bad passphrase.
If that's correct, here are my
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Faramir,
Is key 0x4F25E3B6 the current key used for signing files?
according to the website, it is:
In the 3rd text paragraph on http://gnupg.org/download/integrity_check.en.html
signing key links to http://gnupg.org/signature_key.en.html
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Werner,
Omnikey based devices don't work with the v2 card on nin-Unix platforms.
that should be mentioned in the SmartCard HowTo then.
And: I can access --card-status as root, just not as user ...
Olav
- --
The Enigmail Project - OpenPGP
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi anonymous Crypto Stick and OpenPGP card users on Linux,
You need an appropriate UDEV rule. On Debian you can install...
Thanks for that link!
Will the package find its way to the official debian repositories?
// Historical side note: Once
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi list,
I use my OpenPGP SmartCard in my laptop (W7+Linux) with a PCMCIA reader.
I think about buying a new laptop. Unfortunately, new models often only
ExpressCard/54 slot is available today (if at all).
After having had trouble with
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi,
Is there a way to require the password every time I try and decrypt a
file. The current situation presents a security risk as opening one file
essentially unlocks all files encrypted with the same key.
Caching in gpg-agent is
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Mike,
I just ordered an OpenPGP smartcard from Kernel Concepts as per
http://www.g10code.com/p-card.html Does anyone else have one of these?
yes, I use these cards for several years now. This Email is signed by one.
At the moment, my
Hi Robert,
I use SCM Microsystems SCR-335 and OMNIKEY CardMan 4040 PCMCIA Readers
for years and never had any issues with them using Windows XP, Windows 7
and Ubuntu 10.04 with 1024 and 2048-Bit OpenPGP cards. I have no OS X.
My FUJITSU E780 laptop has a built-in O2Micro SmartCardBus Reader
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Jonathan,
I can not find an executable for 2.0.17 for Windows
http://gpg4win.org/download.html , but later you wrote that you installed
(and uninstalled) it already. In fact, gpg4win 2.1.0-rc2 comes with GnuPG
2.0.17. The 2.x series MUST
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Jim / Bob,
In Firefox I can sign or encrypt or encrypt+sign an e-mail.
In what case would I want my encrypted emails also signed?
Does it provide any additional benefit over a pure encrypted email?
encrypted = only persons you encrypted
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi David,
[2010-12-11 o...@mozilla-enigmail.org]
OpenPGP SmartCard v2 key 0x6AE1EF56 (RSA 3072) Card 0005 0222
Why can't I use SHA256/SHA512 with this card?
| enable-dsa2
is set and showpref lists
[2010-12-20 ds...@jabberwocky.com]
The
Hi list,
since a couple of days I encounter gpg errors that I do not know how to solve.
echo test _
gpg --clearsign _
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
test
gpg: checking created signature failed: Bad signature
gpg: signing failed: Bad signature
gpg: [stdin]: clearsign failed:
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Mike,
Is it possible to forward a digitally signed email without loosing the
signature information of the email?
Yes, inline/cleartext signed messages may just be forwarded as they are
(as attachment or as copy, just don't quote them ;-)
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Mike,
Any idea how to do that in a generic way (I use Mail::GPG).
no. sorry.
Sombody else any thoughts on forward signed message?
Olav
- --
The Enigmail Project - OpenPGP Email Security For Mozilla Applications
-BEGIN PGP
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Chetan,
gnupg.org's Installer doesn't add a PATH, so you must either do that manually
or call it directly from program files[ (x86)\GNU\gnupg or use the gpg4win
installer from http://gpg4win.org/
Olav
- --
The Enigmail Project - OpenPGP
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Mistey,
cross-posting to the Enigmail users list since I expect your issue to be
more related to Engimail-GnuPG interaction than to GnuPG itself.
I have been trying to get my enigmail extension to work on my Thunderbird
for two days and I
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Matthew,
I would like to know where one can get gpg 2.0.14 complied for windows?
http://gpg4win.org/
Olav
- --
The Enigmail Project - OpenPGP Email Security For Mozilla Applications
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.14
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi *,
english version:
http://www.privacyfoundation.de/crypto_stick/crypto_stick_english/
Olav
- --
The Enigmail Project - OpenPGP Email Security For Mozilla Applications
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.14 (MingW32)
Comment:
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Stefan,
gpg: Prüfung der erstellten Unterschrift ist fehlgeschlagen: Bad signature
gpg: Beglaubigung fehlgeschlagen: Bad signature
gpg: make_keysig_packet failed: Bad signature
Schlüsselerzeugung fehlgeschlagen: Bad signature
No, I don't
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Stefan,
GPG4Win is a great package but unfortunately the included GnuPG 2.0.12
does not support the OpenPGP Card v2. Is there a schedule when a new
release of GPG4Win will be released? This would be great!
GPG4Win 2.0.1 / GnuPG 2.0.12
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Marcio,
Suppose I'd like to bind the same key pair to more than one e-mail address.
Is it recommended? Any comments will be greatly appreciated.
it depends.
Using it for two private mail addresses that both are public is no problem.
You
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi Burcu,
you tried to derive the key strength from the number of lines of the (ASCII
armored) public key. It does not work like that. The secret of a 2048 bit key
is 2048 bit, that would be approx. [1] 5.5 lines you counted.
However, the
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Hi list,
I spent a lot of time trying to find out how to set up a second SmartCard from
the default card backup (public key, secret key stub, off-card sk_enc) in order
to be able to read my old messages again - since the first card was broken
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dear List,
I intend to share one computer with a person I trust. We both have an
OpenPGP SmartCard. My question is whether it is (or will be) possible
to install card readers / cards in such a way that we both can sign
and decrypt using our
47 matches
Mail list logo