On Thu, Feb 22, 2018 at 08:09:31AM -0800, Dan Kegel wrote:
>
> https://www.open-scap.org/download/ shows they provide an
> open source tool which is in repositories for four redhat-ish distros and
> two debian-ish distros; on Ubuntu, I was able to walk down the
> path of using it a bit, looks a
On Wed, Feb 21, 2018 at 10:22 PM, Ben McGinnes wrote:
>> And when you're on those certified, curated systems, you have
>> access to tools like
>> https://www.open-scap.org/resources/documentation/make-a-rhel7-server-compliant-with-pci-dss/
>> to help make sure you're in
On 22/02/18 15:18, helices wrote:
> Let's cut through these ill-informed suppositions once and for all
You are rapidly squandering good will here. Your hostile tone will not
motivate anyone to help you any further. You are asking people to spend
their spare time on your issues, you should not
Let's cut through these ill-informed suppositions once and for all: If host
compliance was our problem, I would not have posted here at all.
Also, nowhere in this thread have I stated any inability to compile myself.
Having been doing such for 40+ years, that is not our problem either.
Defending
On Wed, Feb 21, 2018 at 07:36:08AM -0800, Dan Kegel wrote:
> On Tue, Feb 20, 2018 at 10:16 PM, Ben McGinnes wrote:
>>
>> Because these two lines explain *precisely* why you need something
>> like RHEL or CentOS (certified systems to go with the auditing)
>> *and* updated
On Tue, Feb 20, 2018 at 10:16 PM, Ben McGinnes wrote:
> On Sat, Feb 17, 2018 at 05:06:54PM -0600, helices wrote:
>> I will probably never understand why wanting to run the most current
>> version of gnupg on a plethora of servers is controversial.
>>
>> Nevertheless, the two
On Sat, Feb 17, 2018 at 05:06:54PM -0600, helices wrote:
> I will probably never understand why wanting to run the most current
> version of gnupg on a plethora of servers is controversial.
>
> Nevertheless, the two (2) greatest reasons are:
>
>1. PCI DSS v3.2
>2. PCI DSS compliance
On Tue 2018-02-20 13:18:40 +0100, Dashamir Hoxha wrote:
> One solution to this situation may be to install the latest GnuPG
> in a Docker container, where it can have all the required libraries
> and dependencies that it needs, without disturbing the host OS.
I think this misses the point that
On Mon, Feb 19, 2018 at 10:45:52AM -0800, Daniel Kahn Gillmor wrote:
>
> How can GnuPG contribute to fixing this problem? The traditional way
> that many other projects have taken is to define their core programmatic
> functionality into a library with a strict interface guarantees, and
> have
On 02/20/2018 01:18 PM, Dashamir Hoxha wrote:
> If anybody is willing to give a try to any of these solutions I would
> like to help.
I would be generally cautious for both approaches without proper support
in the surrounding infrastructure. In particular an upgrade to a
depending library would
On Mon, Feb 19, 2018 at 7:45 PM, Daniel Kahn Gillmor
wrote:
> On Sat 2018-02-17 17:06:54 -0600, helices wrote:
> > I will probably never understand why wanting to run the most current
> > version of gnupg on a plethora of servers is controversial.
>
> Here's one last try
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Monday 19 February 2018 at 8:51:08 PM, in a message with no id,
ed...@pettijohn-web.com wrote:-
> I think gpgme is the answer here as well. If you mean
> specifically
> a python interface to gpgme then it's probably up to
> a python
On Feb 19, 2018 12:45 PM, Daniel Kahn Gillmor wrote:
>
> On Sat 2018-02-17 17:06:54 -0600, helices wrote:
> > I will probably never understand why wanting to run the most current
> > version of gnupg on a plethora of servers is controversial.
>
> Here's one last try to
On Sat 2018-02-17 17:06:54 -0600, helices wrote:
> I will probably never understand why wanting to run the most current
> version of gnupg on a plethora of servers is controversial.
Here's one last try to explain the situation.
GnuPG (and the libraries it depends on) are used by (aka "depended
On 02/19/18 04:53, Werner Koch wrote:
> On Fri, 16 Feb 2018 14:38, konstan...@linuxfoundation.org said:
>
>> (if someone can recommend a better way that only statically links
>> gnupg's own libraries like libassuan and libgpg-error, but uses shared
>> objects for other system libraries, please
On Fri, 16 Feb 2018 14:38, konstan...@linuxfoundation.org said:
> (if someone can recommend a better way that only statically links
> gnupg's own libraries like libassuan and libgpg-error, but uses shared
> objects for other system libraries, please let me know, as I didn't find
> any quickie
On 18/02/18 00:06, helices wrote:
> I will probably never understand why wanting to run the most current
> version of gnupg on a plethora of servers is controversial.
I don't think it is. I'm sorry your question didn't get answered
satisfactorily; that's just how things can go on community
On 02/17/18 17:06, helices wrote:
I will probably never understand why wanting to run the most current
version of gnupg on a plethora of servers is controversial.
Nevertheless, the two (2) greatest reasons are:
1. PCI DSS v3.2
2. PCI DSS compliance audits
Being able to demonstrate that
I will probably never understand why wanting to run the most current
version of gnupg on a plethora of servers is controversial.
Nevertheless, the two (2) greatest reasons are:
1. PCI DSS v3.2
2. PCI DSS compliance audits
Being able to demonstrate that we are using the latest, greatest
On 02/14/18 15:20, gpg at mdsresource.net (helices) wrote:
> CentOS 7 uses gnupg2 v2.0.22. EPEL doesn't have anything newer.
>
> We want to move to v2.2.x, and stay current, but we don't want to download
> source and compile for dozens of systems.
I had a similar need (because my users started
users-boun...@gnupg.org] On Behalf Of Daniel
Kahn Gillmor
Sent: Wednesday, February 14, 2018 5:31 PM
To: helices; gnupg-users@gnupg.org
Subject: Re: How can we utilize latest GPG from RPM repository?
On Wed 2018-02-14 14:20:10 -0600, helices wrote:
> CentOS 7 uses gnupg2 v2.0.22. EPEL doesn't
time. For a Production environment that pace of upgrade
> is usually not desirable which is why people use RHEL/CentOS instead.
>
>
> -Original Message-
> From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of Daniel
> Kahn Gillmor
> Sent: Wednesday, Fe
; looked at rpmfind? rpmbone?
>
>
>
> And of course YOU could create the rpm and share it on EPEL yourself so
> others will have it.
>
>
>
>
>
> *From:* Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] *On Behalf Of *
> helices
> *Sent:* Thursday, February 15, 2018 9:10
?
And of course YOU could create the rpm and share it on EPEL yourself so others
will have it.
From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of helices
Sent: Thursday, February 15, 2018 9:10 AM
To: gnupg-users@gnupg.org
Subject: Re: How can we utilize latest GPG from RPM repository
e of
> upgrade is usually not desirable which is why people use RHEL/CentOS
> instead.
>
> -Original Message-
> From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of
> Daniel Kahn Gillmor
> Sent: Wednesday, February 14, 2018 5:31 PM
> To: helices; gnu
Hi.
Am Mittwoch, den 14.02.2018, 14:20 -0600 schrieb helices:
> CentOS 7 uses gnupg2 v2.0.22. EPEL doesn't have anything newer.
> We want to move to v2.2.x, and stay current, but we don't want to
> download
> source and compile for dozens of systems.
> We want all users to be using the same
On Wed 2018-02-14 14:20:10 -0600, helices wrote:
> CentOS 7 uses gnupg2 v2.0.22. EPEL doesn't have anything newer.
>
> We want to move to v2.2.x, and stay current, but we don't want to download
> source and compile for dozens of systems.
>
> We want all users to be using the same version all of
CentOS 7 uses gnupg2 v2.0.22. EPEL doesn't have anything newer.
We want to move to v2.2.x, and stay current, but we don't want to download
source and compile for dozens of systems.
We want all users to be using the same version all of the time.
Please, advise. Thank you.
28 matches
Mail list logo