Robert J. Hansen [2019-10-17T15:18:07-04] wrote:
> 1. How should we handle the SKS keyserver attacks?
>
> One school of thought says "SKS is tremendously diminished as a
> resource, because using it can wedge older GnuPG installations and we
> can't make people upgrade. We should recommend
Philipp Klaus Krause [2019-10-08T15:34:28+02] wrote:
> It would be really nice, if Thunderbird could add an option to use the
> gpg key storage instead of its own, [...]
I agree with that even though I have never really used Thunderbird.
But using a custom key storage and implementation (or do
Daniel Bossert [2019-09-17T15:12:09+02] wrote:
> On the key servers are many old keys lying around which aren't valid
> anymore.
>
> Could you implement a function on the servers which delete keys after
> let's say one year automatically,reminding the user via email one
> month ahead to reupload
Daniel Kahn Gillmor via Gnupg-users [2019-08-01T09:27:45-04] wrote:
> Here's one use case (i've got others if you want):
>
> * You have my OpenPGP certificate (with userid with e-mail address),
>but it is not published in full publicly because i do not want people
>to be able to find
i...@zeromail.org [2019-07-22T23:40:42+02] wrote:
> Thanks, that sounds possible. But I wonder, if there is a reason GnuPG
> won't let me revoke it directly - and if so, if that reasoning is
> strong enough to not even have a way to override it. Since I have keys
> with all user IDs revoked and I
Stefan Claas via Gnupg-users [2019-07-14T14:17:55+03] wrote:
> Teemu Likonen wrote:
>> I think you should add "--sender email@address" option so that your
>> signatures have information for WKD auto-key-retrieve method (and
>> also for TOFU statistics).
> Thanks for the info, did not know this.
Stefan Claas via Gnupg-users [2019-07-14T06:55:53+02] wrote:
> My key is available via WKD or Hagrid.
I think you should add "--sender email@address" option so that your
signatures have information for WKD auto-key-retrieve method (and also
for TOFU statistics).
It is probably mail user agent's
Matthias Herrmann via Gnupg-users [2019-07-11T16:49:29+02] wrote:
> I created the .d directory and only overwrote ExecStart and ExecReload
> as you suggested.
Just remembered that there is also dirmngr.service for which you
probably want to the same thing as for gpg-agent.service.
--
///
Michael Kesper [2019-07-11T17:15:19+02] wrote:
> I'd consider it a bug if updating a package does not trigger reloading
> all necessary services.
We have not been discussing about Debian package upgrade. This message
thread is about additional local installation (/usr/local) which is
outside of
Michael Kesper [2019-07-11T16:45:06+02] wrote:
> Did anyone open a bug with Debian (best with proposing a fix)?
What bug? We have not seen a bug in this message thread.
--
/// OpenPGP key: 4E1055DC84E9DFF613D78557719D69D324539450
// https://keys.openpgp.org/search?q=tliko...@iki.fi
/
Matthias Herrmann [2019-07-11T16:16:29+02] wrote:
> I edited /usr/lib/systemd/user/gpg-agent.service directly and changed
> the ExecStart and ExecReload paths.
It is not a good idea to edit that file directly; it's not a
configuration file. In systemd you should make your own changes in
Matthias Herrmann [2019-07-11T01:33:43+02] wrote:
> I've recently upgraded to Debian buster, and then upgraded gpg by
> downloading and installing the new version 2.2.17.
> Now, I get this warning:
>
>> gpg: WARNING: server 'gpg-agent' is older than us (2.2.12 < 2.2.17)
> I don't know why the
Patrick Brunschwig [2019-07-10T10:23:50+02] wrote:
> First users ask for support on getting rid of the keys flooded with
> signatures.
There is no need to get rid of the itself key, just the key signatures
which are the "flood". The commands are --edit-key and then "clean" or
"minimize". It is a
David Bürgin via Gnupg-users [2019-07-06T18:57:24+02] wrote:
> I have implemented WKD for my domain, but now I don’t know an easy way
> of testing it … is there a service or similar where I can check if
> this email address is properly WKD-enabled?
Can't answer to those questions but I got your
Konstantin Boyandin via Gnupg-users [2019-07-05T20:45:59-04:00] wrote:
> ATM, none of systems I use GnuPG in has been hit with the signature
> flood disaster. If I might miss that point - is it possible to get,
> somehow, the list of flooded keys IDs (if anyone keeps the stats)?
I don't maintain
Steffen Nurpmeso [2019-07-03 17:08:32+02:00] wrote:
> My question: is there any better way than a shell script over
> --list-keys --with-colon | grep ^pub | ...etc... to "minimize" keys in
> my keyring (with gpg1)?
It seems that there is no better way than scripting it. My "--edit-key +
clean"
Werner Koch [2019-07-03 12:04:55+02:00] wrote:
> On Wed, 3 Jul 2019 10:38, tliko...@iki.fi said:
>> I think everyone would prefer that import-clean would do all the
>> checking and cleaning before importing certificates to the local
>> keyring. The same thing with import-minimal.
>
> It does
Werner Koch via Gnupg-users [2019-07-03 08:57:55+02:00] wrote:
> On Tue, 2 Jul 2019 11:00, d...@fifthhorseman.net said:
>> But "clean-then-import" is clearly a preferable approach to any of the
>> workarounds described so far.
>
> --import-options import-clean does exactly this.
Daniel
Werner Koch [2019-07-01 18:26:20+02:00] wrote:
> As stop-gap solution the next gpg release sports a --keyserver-options
> self-sigs-only to allow importing of spammed keys.
Why not make "import-clean" and "import-minimal" strip key signatures
before importing a key? That would make
19 matches
Mail list logo