Your message dated Tue, 19 Aug 2014 22:34:29 +0000
with message-id <[email protected]>
and subject line Bug#752261: fixed in gnupg2 2.0.26-1
has caused the Debian Bug report #752261,
regarding suggest parcimonie to slowly refresh the public keyring
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
752261: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752261
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: gnupg2
Version: 2.0.23-1
Please add "parcimonie" to Suggests.
From Riseup Labs OpenPGP Best Practices:
Make sure you are receiving regular key updates.
If you do not regularly refresh your public keys, you do not get
timely expirations or revocations, both of which are very important to
be aware of!
If you do a simple ‘gpg —refresh-keys’, you disclose to anyone
listening, and the keyserver operator, the whole set of keys that you
are interested in refreshing. To avoid this, you can do regular key
updates by using parcimonie to refresh your keyring.
Parcimonie is a daemon that slowly refreshes your keyring from a
keyserver over Tor. It uses a randomized sleep, and fresh tor circuits
for each key. The purpose is to make it hard for an attacker to
correlate the key updates with your keyring. Parcimonie is packaged in
both debian and ubuntu.
https://we.riseup.net/riseuplabs+paow/openpgp-best-practices
Since parcimonie seems to be the only tool to do this that has a Debian
package, this seems the perfect suggestion.
Thanks, and keep up the good work!
--
ilf
Über 80 Millionen Deutsche benutzen keine Konsole. Klick dich nicht weg!
-- Eine Initiative des Bundesamtes für Tastaturbenutzung
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Source: gnupg2
Source-Version: 2.0.26-1
We believe that the bug you reported is fixed in the latest version of
gnupg2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Eric Dorland <[email protected]> (supplier of updated gnupg2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 19 Aug 2014 18:09:08 -0400
Source: gnupg2
Binary: gnupg-agent scdaemon gpgsm gnupg2 gpgv2
Architecture: source amd64
Version: 2.0.26-1
Distribution: unstable
Urgency: medium
Maintainer: Eric Dorland <[email protected]>
Changed-By: Eric Dorland <[email protected]>
Description:
gnupg-agent - GNU privacy guard - password agent
gnupg2 - GNU privacy guard - a free PGP replacement (new v2.x)
gpgsm - GNU privacy guard - S/MIME version
gpgv2 - GNU privacy guard - signature verification tool (new v2.x)
scdaemon - GNU privacy guard - smart card support
Closes: 752261
Changes:
gnupg2 (2.0.26-1) unstable; urgency=medium
.
* New upstream release.
* debian/control: Suggest parcimonie. Thanks ilf. (Closes: #752261)
Checksums-Sha1:
e0508a0bc101483d76d76af2a1f65ce2a8f4ed23 2331 gnupg2_2.0.26-1.dsc
3ff5b38152c919724fd09cf2f17df704272ba192 4303384 gnupg2_2.0.26.orig.tar.bz2
12c74df322217b3e27a531c65550545ea898c41f 26464 gnupg2_2.0.26-1.debian.tar.bz2
c9468c9f94bdd649ce33441847c844e9ea6a7248 271184 gnupg-agent_2.0.26-1_amd64.deb
e7e5c6bfaf99ea930840c0de4bb71513d2a64644 202006 scdaemon_2.0.26-1_amd64.deb
248e1455918381cd044a11114143bdfe42d67be2 233550 gpgsm_2.0.26-1_amd64.deb
a71996877314fe7cb7976627c8167f56414525da 1367414 gnupg2_2.0.26-1_amd64.deb
e035e62ad237c209b42debc5725bd66cb3bb856c 188478 gpgv2_2.0.26-1_amd64.deb
Checksums-Sha256:
9e0b40fe4577214a8a212a9e2ddab575c8ccec8e0c79fbc6b42674dd43003ee2 2331
gnupg2_2.0.26-1.dsc
7758e30dc382ae7a7167ed41b7f936aa50af5ea2d6fccdef663b5b750b65b8e0 4303384
gnupg2_2.0.26.orig.tar.bz2
36850d0fd1d0bf791ae0208ab06f9795481a9591514609818fca355153df75bc 26464
gnupg2_2.0.26-1.debian.tar.bz2
fb56e94b889e6bc3a1a9f67f6248753872ba92d9409095b23212eb933eb9e7a6 271184
gnupg-agent_2.0.26-1_amd64.deb
9f14b772a05dc957151d837e9623d9b8f8c3a5761030d57cad13861a05a1e806 202006
scdaemon_2.0.26-1_amd64.deb
02bccd9729d4c76e61ffca86392af84361e8ffcb619fcb465cbf52b6f34bbeae 233550
gpgsm_2.0.26-1_amd64.deb
12e2eea5c8ea88c04d407b26fcf4f68e03a164ea9b2311da1ead70027dde5f5f 1367414
gnupg2_2.0.26-1_amd64.deb
8477f2a6ae05faaa66e3a2f8833290e1bf2f2f9cbd2bf1d8753c0465cb4c9ea9 188478
gpgv2_2.0.26-1_amd64.deb
Files:
af046ded5062d7f785da0e4c83eef148 271184 utils optional
gnupg-agent_2.0.26-1_amd64.deb
10d31752170ed3dfd577cd12f846591d 202006 utils optional
scdaemon_2.0.26-1_amd64.deb
9ad6c368bc9e2aa9f61a4df26e89057d 233550 utils optional gpgsm_2.0.26-1_amd64.deb
94341fb15d40cf54a155b068ec960335 1367414 utils optional
gnupg2_2.0.26-1_amd64.deb
34ec593af3e77a78384e22e17b6fe747 188478 utils optional gpgv2_2.0.26-1_amd64.deb
06bf0d2940acc3ce68bcc6bc97e6dcb2 2331 utils optional gnupg2_2.0.26-1.dsc
fa7e704aad33eb114d1840164455aec1 4303384 utils optional
gnupg2_2.0.26.orig.tar.bz2
1f978fd8aab069f87a201c80872dbfd7 26464 utils optional
gnupg2_2.0.26-1.debian.tar.bz2
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJT883QAAoJEBiP/EqTqnFyXzkQAIJ2Ccsp6t1zUoY/+frMoqtz
uZSkhAfk6u8G+h6fyEEgwlEvh97NL6S8H0Mip0FvgTjHZ7NGxW9tKp0o/zNMeXAB
WLgaECv6RkI+TBQ5xixaqtCnEoz7yH3Fj6oJHv95m37CUNSSc7jvMaqV5fbSGHvr
ltt3hgAwok3CjNsacFcEZKVEfTG0lXzVle4m4yFmHKFcNEu+sZy97cs5eANnHkii
UBLsT7P3Lpcm825zmAaMcQKeav7my1XE9lmVURWYG9CZiISl77zxzXm+9V8UtJ/l
2oRKmuw2RPo8GHcLpdIplBKw4eF3oo85w3fx3bJzSTWic4SyOaQyzqltE8SIaMaq
tZ8rhoJJWiGn7xe7nPPci7R7EPGIYHL3FUlOwceNgOycL8isXorZ8b3UWyglrt0F
PpMxzN4ZPXCYYdxg28kJS4ZgplRLOk5nvSTFLEsPrUJtwwMfup8QW8Yv7eQxPWio
xuNziWMWINc4LiN0cQ80j8c4hO/gR2B4cXymaPGwRqXkN9jA6lO5MjrrnEB9GD4k
CGLbUCVRGABNFcg1h7nC1Dfw53AADe/S7THvTjl97ClVuPs3Ysd/6Hzmz+nKdJ7n
VHwh3saMmX3+y5wwv6t95fh7HFpP4u0KintPFkp95mKErmb0vS8cGVBUNlvgTaxp
eKkY2jFIwg9Qx17hhf7A
=90af
-----END PGP SIGNATURE-----
--- End Message ---
