On Sat, 8 May 2010 21:14, please.p...@publicly.invalid said:
for some time gpg2 from subversion has been giving me grief, claiming
there was no secret key, while gpg1.xxx says there is:
This is the development version and you can't expect that it will work.
In particular we are doing lots of
On Tue, 11 May 2010 14:15, beppeco...@yahoo.it said:
checking for PTH - version = 1.3.7... yes
checking whether PTH installation is sane... no
Please look into config.log and locate the above is sane check. It
shows the actual test program run etc.
On Fri, 28 May 2010 13:18, matthew...@aol.com said:
I would like to know where one can get gpg 2.0.14 complied for windows?
http://www.gpg4win.org
Please wait until Sunday - I am currently preparing a new release. The
included GnuPG version is 2.0.14 with a couple of fixes to make it close
On Thu, 27 May 2010 00:08, m_d_berger_1...@yahoo.com said:
Also, AFAICT, truecrypt, luks, FreeOTFE do not have public key
encryption, which I would prefer.
GnuPG 2.1 will come with g13 which is a public key encryption frontend
to user filesystems. As of now we support Encfs but it is easy to
On Mon, 7 Jun 2010 12:48, mailinglis...@hauke-laging.de said:
When I use the keys on the card then gpg always asks me to use the reader
keypad. Do you have a special configuration so that it does this for changing
the PIN, too?
Changing the pin via the keypad is not implemented.
On Fri, 11 Jun 2010 02:16, expires2...@ymail.com said:
delete them if they don't. Or one message to everybody with a
customised subject line for each. Alternatively, those of us who are
That is a good idea. I was thinking of bisecting the mailing list to
make sure that test mails receive the
Hi!
One of the subscribers to this list created a mail forward to an
automated ticketing system which responds to the the poster. The
owner of the ticketing system at secure.mpcustomer.com does not
respond to any of our queries to send us more information on the mails
triggering the posting.
On Thu, 3 Jun 2010 16:58, jroll...@finestructure.net said:
regards to the Crypto Stick? Is that something that can be patched, or
is it a limitation of the communication protocol?
Right that is a limitation of an internal communication protocol. Not
hard to change but there are more
Hi,
a few hours ago I sent test mails to each subscribed user. The mails
should look like regular mailing list mail but with your address also in
the subject. This is a try to figure out who forwards postings to an
automated systems which in turn spams the original poster.
Please ignore these
On Fri, 11 Jun 2010 12:15, w...@gnupg.org said:
the subject. This is a try to figure out who forwards postings to an
automated systems which in turn spams the original poster.
The culprit was supp...@resell.biz - I unsubscribed this address and
banned it from further subscriptions.
On Fri, 11 Jun 2010 23:57, benja...@py-soft.co.uk said:
Did alava...@gmail.com ever get removed? See
http://lists.gnupg.org/pipermail/gnupg-users/2010-May/038724.html
I can see no evidence that this address is abusing this ML.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen
On Mon, 14 Jun 2010 07:06, do...@dougbarton.us said:
Working on updating gnupg in FreeBSD and ran into a problem. GnuPG
2.0.15 requires libassuan 2.0.0, but to build the gpgsm module it
requires dirmngr, which requires libassuan 1.x. My understanding is
Oppps. I though I released a new
Hi,
I just released dirmngr 1.1.0 which requires libassuan 2.0.
Let me know if you have any problems,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
On Mon, 14 Jun 2010 18:50, d...@fifthhorseman.net said:
here's a proposal: gpg could keep track of the last time it refreshed
any given key from a public keyserver. when the user tries to use that
That is one of the reasons why we should move away from the pubring.gpg
format. The new keybox
On Wed, 16 Jun 2010 04:06, alava...@gmail.com said:
But shall do so now, to ensure I am not offending you or others. But at
present I see no reply-to addresses in my headers.
That was not the problem. The owner of supp...@resell.biz uses
procmail/formail or similar to redirect certain
On Tue, 18 May 2010 08:57, beppeco...@yahoo.it said:
We understand that the problem is about FDSETSIZE.
PTH has been configured and compiled --with-fdsetsize=8192
Which should have installed a pth.h file with the test
#if defined(FD_SETSIZE)
#if FD_SETSIZE 8192
#error FD_SETSIZE is
On Wed, 16 Jun 2010 14:39, beppeco...@yahoo.it said:
/* check if the user requests a bigger FD_SETSIZE .
#if defined(FD_SETSIZE) .
The next 2 is more important; the one below /usr/local should have a
#if FD_SETSIZE 8192
No? Then you did not install pth properly or gpg does not use
On Tue, 22 Jun 2010 02:34, r...@sixdemonbag.org said:
Explain 'sexp', please? When I hear someone talk about sexps, I think
they're talking about LISP S-expressions. I don't know if that's what
you have in mind.
This is likely about the S-expression format as used with spki.
Libgcrypt uses
On Tue, 22 Jun 2010 02:34, r...@sixdemonbag.org said:
My name is Kahnan and I am looking to convert openpgp keys in to sexp
including key data ..
[I have not seen Kahnan mail (maybe spam filter issue). ]
The GnuPG SVN trunk has a lot of code to do the conversion. For
example:
On Thu, 24 Jun 2010 01:17, emylists...@gmail.com said:
should we uninstall 1.4.7 prior to upgrading to 2.0.xx or does the
win-installer take care of that.
It is suggested that you uninstall first. gpg4win 2 tries to take care
of it but it might fail.
Shalom-Salam,
Werner
--
Die
On Tue, 29 Jun 2010 00:31, m...@simplercomputing.net said:
Anyone know if it's possible to generate a subkey for signing purposes
via batch operations or a script? I can't seem to find anything that
references a way to do that.
No. You need to employ the --command-fd/status-fd mechanism to
Carsten Aulbert carsten.aulb...@aei.mpg.de writes:
Now the notorious question: Does anyone know how to forward the agent's
socket
to the remote machine? I've briefly tried socat (remote unix socket to tcp
It does not help you. gpg currently uses the agent only for passphrase
caching and
Leslie Mitchell l.mitch...@heywood.co.uk writes:
gpg: can't do this in batch mode
gpg: (unless you specify the key by fingerprint)
My question is how do I specify a fingerprint
Please have a look in the manual, there is a chapter titled How to
Specify a User Id. The man page has this info
On Fri, 2 Jul 2010 13:21, fwei...@bfk.de said:
Is it possible to use gpgsm to encrypt data for a self-signed X.509
certificate? Right now, the program bails out with issuer
certificate is not marked as a CA, and I would like to work around
that, preferably without running a full CA.
Add the
On Sat, 3 Jul 2010 05:33, do...@dougbarton.us said:
What's needed for this case is a way to tell gpg2 emulate gpg 1.x
behavior and prompt for the password in line. I haven't looked at the
internals in detail so I have no idea how difficult this would be. The
That is not easy but doable; see
Hüttenstr. 61 Geschäftsführung Werner Koch
D-40699 Erkrath -=- The GnuPG Experts -=- USt-Id DE215605608
pgpdL8guAUNpp.pgp
Description: PGP signature
___
Gnupg-announce mailing list
gnupg-annou...@gnupg.org
http://lists.gnupg.org
Hello!
We are pleased to announce the availability of a new stable GnuPG-2
release: Version 2.0.16.
The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication
and data storage. It can be used to encrypt data, create digital
signatures, help authenticating using Secure Shell and to
On Wed, 21 Jul 2010 00:31, jcr...@gmail.com said:
- option --use-standard-socket may now be used to use this feature by
+ option --enable-standard-socket may now be used to use this feature by
Thanks.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
On Wed, 21 Jul 2010 16:33, ds...@jabberwocky.com said:
Fedora 13 removed 'gnupg' (i.e. gnupg 1.4.x) and caused the 'gnupg2' (i.e.
gnupg 2.x) package to replace it. This breaks all sorts of scripts and
things that were written to use 1.4.x.
FWIW, the new 2.0.16 may help to mitigate this
. This bug was created, found and fixed by Werner Koch.
[1] See http://lists.gnupg.org/mailman/listinfo/gnupg-devel
[2]
http://cvs.gnupg.org/cgi-bin/viewcvs.cgi/*checkout*/trunk/tests/samplekeys/cert-with-117-akas.pem
[3] See http://www.gnupg.org/service.html
--
Die Gedanken sind frei. Ausnahmen
The problem though is when I'm trying to get SSH to work with it. It
wont authenticate.
Does ssh-add -l sdhow the key?
2010-07-23 20:01:57 gpg-agent[1315] gpg-agent (GnuPG) 2.0.13 started
It would better to try 2.0.16 becuase that is the one I can test.
2010-07-23 20:03:38
Stanislav Sidorenko stanis...@sidorenko.biz writes:
I've made a quickdirty fix that enables using SHA256 instead of RIPEMD160.
hashalgo == GCRY_MD_SHA256? --hash=sha256 : ,
Okay. I just fixed that and gnupg 1 will now allow all hash
algorithms. Note that this change is
On Wed, 21 Jul 2010 16:52, ved...@nym.hush.com said:
windows command line doesn't recognize it (without cygwin)
The gpg4win SVN has a sha1sum, sha256sum and md5sum complete with check
option and proper filename special character escaping. It will be part
of all future gpg4win releases. It is
On Sat, 24 Jul 2010 15:09, frankste...@gmail.com said:
gpg-protect-tool: invalid S-Expression in
E1771DB82D9516EE5866A3E617AE04ACE36B3574.key' (off=0): Unexpected
reserved punctuation in S-expression
There is somewthing wrong ;-). You need to look at the file to see what
the problem is. Or
On Mon, 26 Jul 2010 10:01, m...@proseconsulting.co.uk said:
gpg --fingerprint --list-keys $1 |\
$AWK -v tmpfile=$TMPFILE -v trustlevel=$2 '
Please use --with-colons for all scripts. The standard output is only
for humans. Something like
gpg --with-colons --with-fingerprint --list-keys
On Tue, 27 Jul 2010 18:33, stargr...@stargrave.org said:
successfully used. GnuPG supports many other various ciphers such as
CAMELIA, Blowfish, Twofish, AES. You should recompile it with the needed
ones.
In fact the standard demands a preference system where your key declares
what algorithms
Hi,
some more inforrmation about this bug
On Fri, 23 Jul 2010 14:36, w...@gnupg.org said:
bug was found in GnuPG's GPGSM tool. It is likely that this bug is
exploitable by sending a special crafted signed message and having a
On a first view this might actually happen. However, after some
On Wed, 21 Jul 2010 00:15, jjpe...@water.com said:
trying to figure out what happened. If the interface is being changed
in this manner than it would seem that simple code to check for a
responding X-server or if the X-server connection is denied, it would
fall back to curses style windows.
On Sun, 1 Aug 2010 11:34, mailinglis...@hauke-laging.de said:
be changed in 2.1 which will solve this kind of problem. But for 2.0.x this
will not be changed.
We won't change it for 1.4 either.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
On Wed, 11 Aug 2010 09:47, rich...@r-selected.de said:
However, GnuPG only recognizes the 1st reader:
If you enter scd help getinfo you can see this in the scdameon log file:
: chan_10 - # reader_list - Return a list of detected card readers. Does
: chan_10 - # currently only
On Fri, 13 Aug 2010 03:17, r...@sixdemonbag.org said:
received no response. I wish I had answers for you. All I can do
instead is tell you your best bet will probably involve writing JNI
wrappers for GPGME.
Isn't
http://github.com/smartrevolution/gnupg-for-java
that what he needs?
On Wed, 11 Aug 2010 18:18, timbern...@gmail.com said:
i have recently bought a samsung omnia 2 smartphone with windows
mobile 6.5 as the OS.
There is some hope for you. Meanwhile the entire GnuPG-2 system has
been ported to that OS. Our target device is the HTC touch pro 2 but I
don't think
On Thu, 12 Aug 2010 09:41, simon.rich...@hogyros.de said:
Can the system be adapted to scan all readers when looking for a
specific card, and to rescan for new readers when it prompted the user
to insert a card?
Yeah those cards with readers are a real problem. We need to do
something about
On Sun, 15 Aug 2010 01:25, emylists...@gmail.com said:
gpg4win seems to work fine except when trying to load up kleopatra.exe from
within TheBat!
///[error msg]/
kleopatra.exe - Unable to Locate Component
Please check the source code
On Tue, 17 Aug 2010 11:31, j...@seiken.de said:
to import my public key from a keyserver. But if done so gnupg doesn't
recognize the private subkeys stored on the smartcard. How do I tell gnupg
where it should look for the private subkeys?
Insert the smartcard and run gpg --card-staus
On Wed, 25 Aug 2010 21:47, ti...@xroot.org said:
GnuPG is version 1.4.9 and I'm using the second version of the card.
1.4.9 does not support this card. Upgrade to 1.4.10.
One thing I also noticed is that the PIN retry counter has the
following values: 3 0 3
There is no PIN2 anymore thus
On Sun, 29 Aug 2010 22:40, jpboa...@yahoo.com said:
This problem exists with gpg and with the older pgp 2.x. I'd like to solve
it by redirecting STDIN because pgp 2.x doesn't implement the options that
you specify.
Use --batch i you don't want to be asked. For automating GPG processing
you
On Mon, 30 Aug 2010 20:28, mabr...@mabrand.nl said:
I have been working on updating from libgpg-error-1.8 to
libgpg-error-1.9 in mingw-cross-env. Mingw-cross-env is a cross
Actually you may only build libgpg-error with a cross compiler; in
particular mingw32 (but not using that newer (Debian)
On Wed, 8 Sep 2010 01:21, k...@grant-olson.net said:
I imagine that the cryptostick is a little unique in this regard. Most
Not really, I have an USB stick size card reader and thus the same
problem.
Anyone know of an easy way for me to fix this?
No. I know how to fix that but it needs
On Wed, 1 Sep 2010 11:17, pe...@digitalbrains.com said:
My guess is it is to address the user correctly in dialogs, in some languages.
The sex of the person addressed might determine the grammatical gender of
words
used in dialogs. I've forgotten which languages have this feature, but I'm
Hi,
The Windows installer version of GnuPG 1.4 uses a statically linked bzip
library. Thus the bzip2 bug affects this version.
We have not done a gnupg 1.4 release for more than a year. I believe it
is best to first do a release candidate. There a couple of bug fixes
collected over the last
On Thu, 23 Sep 2010 14:20, war_is_pe...@privatdemail.net said:
While you're at it, you might want to update zlib to version 1.2.5 -
looking at the source, it seems that the currently used version is 1.1.4.
I see no reason for such an update.
Salam-Shalom,
Werner
--
Die Gedanken sind
On Thu, 23 Sep 2010 20:59, li...@michel-messerschmidt.de said:
On Thu, Sep 23, 2010 at 08:26:19PM +0200, Werner Koch wrote:
On Thu, 23 Sep 2010 14:20, war_is_pe...@privatdemail.net said:
While you're at it, you might want to update zlib to version 1.2.5 -
looking at the source, it seems
On Tue, 5 Oct 2010 13:18, kolad...@web.de said:
My question is: How can I import a (sec-pub-)key which was
generated on a crypto stick (containing an integrated smart card)
into another crypto stick? A crypto stick like:
The whole point of generating keys on a smartcard is that it is
On Tue, 12 Oct 2010 04:44, d...@fifthhorseman.net said:
(e.g. one process can send a simulated mouseclick to another process
pretty easily) but that doesn't mean no one is running with a
The standard pinentry grabs mouse and keyboard and thus we should be
protected against this kind of attack.
On Tue, 12 Oct 2010 09:05, d...@fifthhorseman.net said:
the kbd and mouse events. It doesn't prevent synthesized events from
triggering those inputs (e.g. clicking OK on a button).
You are right. However it is the only protection we can use on X; it
might be helpful in some cases, but as you
On Tue, 12 Oct 2010 11:10, mailinglis...@hauke-laging.de said:
There are ways to prevent this. E.g. I protect important and hardly ever
changed files like ~/.gnupg/options with root priviledge (chattr immutable on
It doesn't help - you need to protect gpg.conf and gpg.conf-2 and
gpg.conf-2.0
On Wed, 13 Oct 2010 17:51, d...@fifthhorseman.net said:
If i run the agent locally, and forward access to it to a constrained
account, then the constrained account (which is talking to the agent)
*does not* have the ability to simulate such X11 events.
You mean to a different X server? For
On Thu, 14 Oct 2010 20:03, sascha-ml-reply-to-201...@silbe.org said:
One instance where the proposed mechanism (in conjunction with the new
version of gpg-agent that will handle the secret keys itself) would be
Just for the records: This is no new mechanism of the agent. It is in
use for
On Fri, 15 Oct 2010 12:55, mailinglis...@hauke-laging.de said:
Following your pessimistic attitude there would hardly be any reason not to
work as root.
Nope. Not working under root is important to keep the system stable and
provide access restrictions to the non-malicious users.
OTOH, it
Hello!
We are pleased to announce the availability of a new stable GnuPG-1
release: Version 1.4.11.
The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication
and data storage. It is a complete and free replacement of PGP and
can be used to encrypt data and to create digital
On Mon, 18 Oct 2010 18:36, jhar...@widomaker.com said:
The .exe is there and matches the SHA-1, but the .sig isn't there:
Ooops. Forgot to upload that one - fixed. Sorry.
the .tar.bz2{,.sig} files yet. Ever consider publishing a .torrent
with web-based seeds?
On Fri, 22 Oct 2010 02:29, expires2...@ymail.com said:
Does it matter how many characters are for real name, comment,
email address, or is it just a limit to the total length?
The limit is on the total length:
/* Cap the size of a user ID at 2k: a value absurdly large enough
that there
On Fri, 22 Oct 2010 03:58, aaron.topo...@gmail.com said:
First, there is _ZERO_ documentation for this binary. No manual, no info
page, nothing under /usr/share/doc/, segfaults pasing -h or --help.
Ah well, it should be removed from the package. It used to be a kind of
debug tool but I never
On Thu, 21 Oct 2010 18:41, danthe...@gmail.com said:
I'm not sure how computationally feasible they are. According to the
paper, successful attacks were conducted on a 4 and 6 round version of
CAST-128.
You can mount attacks on all algorithms if you reduce the number of
rounds. In
On Sun, 24 Oct 2010 20:40, osa...@gnu.org said:
I wonder if it's the smartcard reader (SCR335) or the smartcard
itself.
It pretty much looks like the card is broken. If you have a chance to
try the card on another reader, please do that to be sure that there is
no other problem. Ask the FSFE
On Fri, 22 Oct 2010 18:04, ha...@hawkesnest.net said:
Why does it not do this on its own for non-smartcard authentication
keys? Shouldn’t they already be in gpg-agent?
gpg-agent does not known about GPG or OpenPGP or X/509. Thus there is
no chance it may known about an key stored in GPG's
Hello!
We just released the first *beta version* of GnuPG 2.1. It has been
released to give you the opportunity to check out the new features.
It is marked as a beta versions and the plan is to release a couple more
betas in the next months before we can declare 2.1.0 stable enough for
On Tue, 26 Oct 2010 22:30, dkara...@tc3health.com said:
We are running GPG 1.2.0 in production. We use it to decrypt all the
That one is an 8 years old version and this 1.2 series entered end of
life status 5 years ago.
1 - What do I need to do with gpg 1.4.11 so that it will decrypt pgp
Hi,
While building GnuPG 1.4.11 on MIPS a build problem was encountred.
Please try the patch below which should fix the problem.
Salam-Shalom,
Werner
2010-10-28 Werner Koch w...@g10code.com
* longlong.h: Revert last two changes and replace by code from
libgcrypt 1.4.6
On Sun, 31 Oct 2010 19:20, jcr...@gmail.com said:
Is it typical for smartcard support not to be in beta versions?
From the announcement:
GPG's smartcard commands --card-edit and --card-status as well as the
card related sub-commands of --edit-key are not yet supported.
However, signing
On Mon, 1 Nov 2010 00:24, d...@fifthhorseman.net said:
I recommend you remove pgp.mit.edu (18.9.60.141) from the keys.gnupg.net
DNS round robin until the server begins re-syncing properly with the
global pool.
Done.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt
On Tue, 2 Nov 2010 03:51, jcr...@gmail.com said:
However, things seem not to be working with subkeys. I'm getting Need
the secret key to do this or no default secret key for a many
That is quite possible. I only did a brief test which showed that I was
abale to sign packages. Most smart
On Tue, 2 Nov 2010 15:12, dcent...@ydl.net said:
Thanks for your response Heinz. However the latest version of
libassuan was compiled first and installed (as per instructions
provided in the compilation procedure of gnupg 2.0.16) before
compiling gnupg 2.0.16. See here:
In any case, GnuPG
On Thu, 4 Nov 2010 20:27, georgschm...@gmx.at said:
It has been reported in the past, that the pinpad on the Cyberjack didn't
work with gpg2 and I was wondering whether that still was the case or whether
with the new drivers it should be OK now. Or is there an option, which tells
the
On Tue, 9 Nov 2010 22:41, d...@fifthhorseman.net said:
Basically, i'm asking about creating a new self-sig packet with a
modified key usage flags subpacket on a key that i control. How would i
do that with GnuPG?
That is not supported by an option. You need to change the code.
I would try
On Wed, 10 Nov 2010 09:23, u...@unixuser.org said:
I couldn't find --annotate option in EncFS versions from 1.4 to 1.7.3.
Do I need some patch to EncFS for G13?
My fault. I thought it has been merged already. Let me please look
into this; it is quit esome time since I hacked this stuff.
Hi,
find below a pacth agains EncFS 1.5.2 - this is the one I used for
testing.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
2009-10-14 Werner Koch w...@gnupg.org
* encfs/main.cpp (processArgs): Add option --annotate.
(EncFS_Args
On Wed, 10 Nov 2010 15:16, s...@pobox.com said:
is there a --status-fd flag, there is a --logger-fd flag. I
don't know what the difference between emitting a status message
--status-fd N gives the file descriptor to write status messages like
[GNUPG:] GOODSIG 53B620D01CE0C630 Werner Koch
On Wed, 10 Nov 2010 18:37, r...@sixdemonbag.org said:
Recent versions of GnuPG support S/MIME, which *may* use PKCS-12. (I
Well for 7 years or so ;-)
don't recall offhand for a fact: I just have a vague impression they
do... or maybe it's PKCS-7 I'm thinking of.)
PKCS#12 is a bunch of
On Thu, 11 Nov 2010 03:24, u...@unixuser.org said:
Thanks. It now basically works (I used encfs-1.7.3_annotate.diff you
posted to gnupg-devel), though the usage was a bit unclear to me :)
Well the documentation is non existent. However gpgme already supports
it. Which does not mean that
On Fri, 12 Nov 2010 05:19, d...@fifthhorseman.net said:
i'd like to use gpg to verify a detached signature, but for various
reasons i don't want to put either part (the body or the signature) in
the filesystem (i have the data queued in two otherwise anonymous file
descriptors).
No problem.
On Thu, 18 Nov 2010 17:59, r...@sixdemonbag.org said:
Not true. For instance, WinZip is a 32-bit application, yet it
integrates just fine into the context sensitive menu.
In this case it is not an explorere extension. An explorer extensions
needs to be a 64 bit DLL. Of course using an
On Thu, 18 Nov 2010 18:10, d...@fifthhorseman.net said:
0 d...@pip:/tmp/cdtemp.VsWK6o$ gpg --enable-special-filenames --verify
--batch '-4' '-3' 3test 4test.asc
gpg: Invalid option -4
2 d...@pip:/tmp/cdtemp.VsWK6o$
What am i doing wrong? i'm using gnupg 1.4.11 from debian experimental
On Thu, 18 Nov 2010 15:24, bo.bergl...@gmail.com said:
There seems to be no *separate* installer for GpgEx available, the
only way to get it is to also have GnuPG 2.0.14 forced on me. :(
Why?
Because you can't use it without GnuPG. You even can't use it without
Kleopatra or GPA.
On Fri, 19 Nov 2010 11:39, bo.bergl...@gmail.com said:
Couldn't the installer then sense that GnuPG is installed already and
then offer not to install yet another copy of GnuPG???
There should be only one copy of GnuPG on a system. If you install a
second one it is up to you to fix problems.
On Fri, 19 Nov 2010 11:34, bo.bergl...@gmail.com said:
But this is a *source* download, how do I get a binary to install in
Windows7??
see doc/README.W32. For your convience I yank it here:
How to build GnuPG from the source:
===
Until recently all official
On Tue, 23 Nov 2010 14:53, al...@archlinux.org said:
validity of the key. I am currently testing:
(gpgme_verify_result_t-summary GPGME_SIGSUM_VALID)
Is that the correct approach?
That's fine. However if a key expired you won't get VALID. An expired
key does not mean that the signature is
On Wed, 24 Nov 2010 07:34, l...@gmx.at said:
However I find that OpenVPN does not have support for the card yet. :/
So I am forced to use scute, a PKCS #11 implementation for the OpenPGP
card.
Now my question is: would this work? Has anybody tried this successfully?
It may not work instantly
On Wed, 24 Nov 2010 02:31, al...@archlinux.org said:
1) I would have expected the trust level to be something like
TRUST_FULL rather than TRUST_UNDEFINED. Is this because I have no
signatures on that key or more specifically because I have no
ultimately trusted key in the keyring signing
On Thu, 25 Nov 2010 01:32, free10...@gmail.com said:
No. GPGSM is for CMS and S/MIME; GnuPG is for OpenPGP and PGP/MIME.
No. GPGSM is for CMS and S/MIME; GPG is for OpenPGP and PGP/MIME.
GnuPG is the entire system which provides tools for S/MIME (GPGSM),
OpenPGP (GPG) as well as some other
On Fri, 26 Nov 2010 05:26, l...@gmx.at said:
This is great news. How do you know this? Are you affiliated with scute?
Check the ChangeLog; you should find mail addresses of my company.
Marcus Brinkmann did most of the work.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen
On Fri, 3 Dec 2010 03:52, l...@gmx.at said:
Even with PIN-pad on a compromised computer you still have no guarantee
WHAT you are signing.
Right.
My opinion is that if the computer is compromised you are lost anyway.
However your key won't become compromised and by plugin the smartcard in
On Fri, 3 Dec 2010 13:21, mailinglis...@hauke-laging.de said:
A first improvement would be to show the hash to be signed. Of course, you
That does not help. Even if you would be able to compare it with the
hash displayed on the host box, you gain nothing: Any malware which
foist you a
On Wed, 8 Dec 2010 23:35, mailinglis...@hauke-laging.de said:
aren't any IETF notations yet. I suggest a standard for at least these pieces
of information:
- key owner has been personally known for x years
- frequent contact with the key owner for x years
[many more]
It is very unlikely
On Fri, 10 Dec 2010 05:32, r...@sixdemonbag.org said:
Sooner or later you *will* have a key compromise event, you *will* need
to revoke keys in a hurry and you *will* need to find some way to
Unless you use an offline primary key which should not suffer from a key
compromise unless you are
On Thu, 9 Dec 2010 19:01, d...@fifthhorseman.net said:
This discussion currently seems to be idle, so i would not wait on it.
We need to get the discussion going again, certainly.
The understanding of the WG is that we want to wait for the outcome of
the SHA-3 contest before we change
On Mon, 13 Dec 2010 01:27, ds...@jabberwocky.com said:
The fix in OpenPGP is to hash the contents of the secret key, so any
tampering is evident.
FWIW: We verify a signature immediatley after its creation which also
thwarts this attack.
I am also skeptical of this. I strongly doubt that
On Fri, 31 Dec 2010 02:17, mel.gor...@wellnow.com said:
I've spent all week trying to get either gnupg-2.0.16 or
gnupg-2.0.15 to make on my systemno luck. I have
googled the problem, and tried every suggestion...no luck.
I have no time to look into this. You may try a VPATH
On Mon, 3 Jan 2011 11:25, li...@michel-messerschmidt.de said:
Have you tried it with gnupg 2.0.x ?
IIRC you need at least 2.0.12 for the SPR-532 pinpad and gnupg-agent
should be running.
.. and do not run pcscd - only the GnuPG internal driver works with the
pinpad.
Shalom-Salam,
101 - 200 of 3671 matches
Mail list logo