.
But for such a tradeoff other things should be considerd first (is your
PIN really your biggest concern if you don't trust your computer/keyboard,
is your reader really more trustworthy than your computer, ...).
--
Michel Messerschmidt li...@michel-messerschmidt.de
) erik.hjalmar.josefs...@gmail.com
--
Michel Messerschmidt li...@michel-messerschmidt.de
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On Thu, Feb 07, 2013 at 10:03:30AM -, refresh...@tormail.org wrote:
I have no reason to believe my system is compromised. Taking security very
serious. Otherwise I wouldn't bother posting here. :)
That sounds like a oxymoron. How can I be REALLY sure my system isn't
compromised? Mail
On Tue, Jan 29, 2013 at 06:36:25PM -0600, John Clizbe wrote:
ved...@nym.hush.com wrote:
if so, would this fall under the open-pgp RFC, or would it have to go
through an
RSA standard first?
RFC 4880 makes no mention of OAEP. RFC 4880 references RFC 3447 for details of
RSA
On Wed, Nov 21, 2012 at 06:46:36PM +0100, Hauke Laging wrote:
The card already has additional storage for private use (if I have understood
the documentation correctly). The idea: Wouldn't it be rather easily possible
to allow the use of the card by
a) either the real password (like today)
On Sat, Jun 16, 2012 at 05:32:36PM -0400, David Shaw wrote:
Yes, I understand that spreading out keyserver requests can help avoid this
sort of tracking, but remember that the keyserver URL feature allows the
keyholder to bypass the keyserver chosen by the user, and send the requests
On Tue, May 29, 2012 at 10:03:57PM -0400, Robert J. Hansen wrote:
There may be a use case for contextualization in certificates, but if so
I haven't found it yet. :)
You may wnat to lookup up all certificates that signed a certificate.
Or just get all your certificates displayed.
Or all
On Tue, Nov 29, 2011 at 10:06:45PM +0100, Olav Seyfarth wrote:
It seems the above files don't solve my problem since they all trigger on USB
events. However, my PCMCIA based reader Omnikey CardMan 4040 (linked as
supported device on http://www.gnupg.org/howtos/card-howto/en/ch02s02.html)
seems
On Sun, Oct 16, 2011 at 02:58:27AM +1100, Ben McGinnes wrote:
On 16/10/11 2:15 AM, MFPA wrote:
The key revocation message saying this key was revoked suggests it
to be referring to the key that was just listed rather than the one
that is about to be listed. Maybe something like the
On Thu, Oct 13, 2011 at 10:03:56AM -0400, Jean-David Beyer wrote:
It seems to me that to do much damage to my machine, you need to get a
shell with root access.
Depends on what you regard as damage.
Do you need root privileges to use your private gpg keys ???
I never run a web browser as
On Thu, Jul 21, 2011 at 05:17:27PM -0600, Aaron Toponce wrote:
On Thu, Jul 21, 2011 at 05:15:25PM -0600, Aaron Toponce wrote:
So, it appears I'm missing some configuration in Mutt then, as it remains
as the PGP message without any attempt to get to the plain text. Also, how
do you get the
Sounds very much like Off-the-Record messaging for every kind of
communication. Or is there a difference I have missed?
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On Mon, Jan 03, 2011 at 01:26:05AM -0800, Paul Richard Ramer wrote:
I'll gladly answer any questions about my setup or tools or run
different stuff to debug this situation. I just want to start using my
pinpad. :-)
Have you tried it with gnupg 2.0.x ?
IIRC you need at least 2.0.12 for the
On Thu, Sep 23, 2010 at 08:26:19PM +0200, Werner Koch wrote:
On Thu, 23 Sep 2010 14:20, war_is_pe...@privatdemail.net said:
While you're at it, you might want to update zlib to version 1.2.5 -
looking at the source, it seems that the currently used version is 1.1.4.
I see no reason for
On Thu, Sep 23, 2010 at 08:26:19PM +0200, Werner Koch wrote:
On Thu, 23 Sep 2010 14:20, war_is_pe...@privatdemail.net said:
While you're at it, you might want to update zlib to version 1.2.5 -
looking at the source, it seems that the currently used version is 1.1.4.
I see no reason for
On Tue, Jul 20, 2010 at 04:14:16PM -0400, ved...@nym.hush.com wrote:
Is there a gnupg command to verifiy a hash, not a signature, (e.g.
MD5, SHA1, SHA256), by entering the hash string and the file or
text it corresponds to?
Why would you want to use gnupg for this if md5sum, sha1sum,
On Sun, Mar 14, 2010 at 12:24:14PM -0700, James Moe wrote:
Hello,
opensuse v11.2, linux 2.6.31.12-0.1-desktop x86_64, gpg v2.0.12.
The docs at http://www.gnupg.org/ cover starting gpg-agent pretty
well. What is missing is how to re-start it.
If gpg-agent is terminated for some reason,
On Mon, Nov 02, 2009 at 10:51:46AM -, David Gray wrote:
Could anyone point me in the right direction for a manual/examples
on how to edit the gpg.conf file for GnuPG 2.0.12 (GPG 4 Win)?
http://www.gnupg.org/documentation/manuals/gnupg/Invoking-GPG.html#Invoking-GPG
Within this manual
On Fri, Aug 21, 2009 at 03:39:34PM +0200, tux.tsn...@free.fr wrote:
So how can I do that (import key, when I've only keys on smartcard, no public
key on keyserver or on file and no file private and secret keys backup.
AFAIK the smartcard contains only your secret keys not the public keys.
On Sun, Jun 21, 2009 at 02:42:45AM -0500, John Clizbe wrote:
Joel C. Salomon wrote:
gpg command line and output:
C:\\Program Files\\GNU\\GnuPG\\gpg.exe --charset utf8 --batch --no-tty
--status-fd 2 --keyserver-options auto-key-retrieve --keyserver
pool.sks-keyservers.net --verify
gpg:
On Sun, Jun 21, 2009 at 12:15:48PM +0400, gpg2.20.mani...@dfgh.net wrote:
4. Sorry if this is OT or if this is a long post I felt that this
experience sharing is essential on this list , because there may be other
users who may be blisfully un aware of this problem of temp files and my
On Sun, Jun 21, 2009 at 06:33:11PM +0200, Thomas Bohn wrote:
On Jun 21, 2009, at 6:17 PM, Joel C. Salomon wrote:
Interesting, now it comes up as good. Did you change some setting?
I didn't change anything.
At least the version in the signature header changed from 2.0.11 to
2.0.12.
On Fri, Jun 05, 2009 at 05:33:07PM +0200, Werner Koch wrote:
On Fri, 5 Jun 2009 14:41, li...@michel-messerschmidt.de said:
I don't think gpg has problem identifying and finding the secret key,
but it refuses to decrypt a message with a key that had no encryption
capability set during
...
[...]
:encrypted data packet:
length: unknown
gpg: encrypted with 1024-bit RSA key, ID 96C5988D, created 2006-12-03
Michel Messerschmidt m...@michel-messerschmidt.de
gpg: encrypted with RSA key, ID
gpg: decryption failed: No secret key
I don't think gpg has problem
: encrypted with 1024-bit RSA key, ID 96C5988D, created 2006-12-03
Michel Messerschmidt m...@michel-messerschmidt.de
gpg: public key decryption failed: Wrong secret key used
gpg: encrypted with RSA key, ID
gpg: decryption failed: No secret key
$ gpg2 --edit-key 96C5988D
Secret key
On Mon, Feb 23, 2009 at 01:42:32PM -0500, Robert J. Hansen wrote:
Open up my wallet, fish out the list, and there it is.
Although I think this one of the most secure but usable places, what if
a real life phisher gets your wallet?
No problem to cancel credit cards. But are you able to reset all
One last test: Rather than having BPEL run gpg directly, perhaps you
could have it run a shell script that in turn runs gpg. You should then
be able to set whatever variables you need prior to the call of gpg from
within the shell script. You can also enable tracing (set -o xtrace) to
help
On Thu, Jan 22, 2009 at 08:51:23AM -0500, Robert J. Hansen wrote:
Faramir wrote:
And the second question is: Does somebody know about this virus? Is is
as fast spreading as it looks like?
Yes. No. Moo. Ten pounds of flax. Getting accurate intelligence
about the spread of malware is a
On Tue, Nov 04, 2008 at 12:04:19PM -0500, David Shaw wrote:
Indeed. The alteration also may or may not be malicious. The most
common alteration I've ever seen are mail programs that break the
signature via word-wrap or the like. (Hence the frequent Does my
signature verify now? message
On Wed, Aug 20, 2008 at 04:21:04PM -0400, John W. Moore III wrote:
I believe that We are all agreed that physical destruction of the HD is
the only truly effective means of ensuring Data cannot be recovered.
There is also the possibility to use encryption for *all* data on a
harddisk. If the
On Wed, Jul 23, 2008 at 03:54:35PM -0700, kurt c wrote:
no, i typed in my windows vista command prompt: gpg -a --export
0x8e758d5f mykey.asc and i only get access is denied. i guess no one
knows why.
Are you sure that your user has write permissions in the current directory?
signature.asc
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello, I want to move my keyring files from %appdata%/gnupg to R:/
You can either set
GNUPGHOME=R:/
or add/change the entry HomeDir in the registry under the key
HKEY_CURRENT_USER\Software\GNU\GnuPG
Michel
-BEGIN PGP SIGNATURE-
Version:
Hello,
is there a possibility to force gnupg 2 to use the internal CCID
smartcard driver even if pcscd is running (something like the
--disable-ccid option but for pcsc) ?
I have a SCM SPR532 reader and like to use the pinpad. But it's
deactivated if pcscd is running.
Thanks,
Michel
33 matches
Mail list logo