Re: [Enigmail] [PATCH] javascript cleanup
On 01/19/2013 01:30 PM, Patrick Brunschwig wrote: > your mails very often end up in the spam folder of my provider (i.e. > sorted out before they are downloaded from Thunderbird), with "sender > address does not exist". This just happened with your patch mail. How weird. When i checked this morning, i was pretty sure i still existed :) If there's any way that you can get more information from them about how they're making this assessment, i'd be happy to learn about it. I have no idea if there's something i can do about it, but i'd at least like to know why it's happening. > I'll review it. Thank you! --dkg signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] question on signing
On 01/19/2013 09:58 AM, Alessandro Basili wrote: > I now understand your point, even though I believe you missed mine. I > used b...@quz.com as a recipient for testing purposes only and not as > an a.k.a. of the same key pair. This kind of confusion is one reason why it's worth using explicit example addresses in your examples. also, it won't annoy the actual registrant of quz.com. *.example, *.example.org, *.example.net, and *.example.com are all reserved by the IETF for this sort of use: https://tools.ietf.org/html/rfc2606#section-2 https://tools.ietf.org/html/rfc2606#section-2 Regards, --dkg signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] [PATCH] javascript cleanup
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 19.01.13 19:19, Daniel Kahn Gillmor wrote: > On 01/17/2013 04:42 PM, Daniel Kahn Gillmor wrote: >> this patch should offer no significant surprises, as it just >> cleans up some cruft that has drifted into the javascript over >> the years > > i didn't see any followup on this patch -- is there a problem with > it? I think doing this sort of lint-y cleanup should help us to > use automated tools to check for other forms of errors in the > future (it helps because it would improve the signal-to-noise ratio > for those kind of automated reports). Hi Daniel, your mails very often end up in the spam folder of my provider (i.e. sorted out before they are downloaded from Thunderbird), with "sender address does not exist". This just happened with your patch mail. I'll review it. - -Patrick -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iQEVAwUBUPrmRsk25cDiHiw+AQjs3ggAkzCMoPcw9BRfCXBNzcRoZnDtRQ1NsIqk JHNCuheICk+eJHsI9e0WaqnPX2yy+6LUh0X37DoCTZ9Lv56J/OAPopoAk/ejNOQZ ka475tmOpYxodFatapeAiFrT+o1Hp6lVwJQ1qcsnKujhQ7oSaTe0GGp6aXjrSJlQ Nkxq3fEJWOt6rtTVAWnyA4r2+I7RA1JB7y1qngFEEOWEAs+dPLY3tr7Nty/hbtZ1 iev4RvcSUGpGzcC1jIZKPDCdD79DAEbqIkJyV5M1EsqipnCmMfh/PIourb0CpIjC JLk/YkZykliFn+zXuufta3rzikkTIX4TVZ+Rkt7S/B3GdauzcP9CfA== =Qx3V -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] [PATCH] javascript cleanup
On 01/17/2013 04:42 PM, Daniel Kahn Gillmor wrote: > this patch should offer no significant surprises, as it just cleans up > some cruft that has drifted into the javascript over the years i didn't see any followup on this patch -- is there a problem with it? I think doing this sort of lint-y cleanup should help us to use automated tools to check for other forms of errors in the future (it helps because it would improve the signal-to-noise ratio for those kind of automated reports). If there's some way to modify the patch that would make it more palatable, i'd be happy to take that into consideration and make another attempt. Please let me know if that's the case. Regards, --dkg signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] question on signing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/19/2013 09:58 AM, Alessandro Basili wrote: > On 19/01/2013 15:21, LeRoy wrote: > [] Why don't you edit your key and add a user ID like: > gpg --edit-key 0x7388FD80 adduid > >>> I'm afraid I haven't understood what is this for and how this >>> would solve the problem I had. I believe I have an User ID >>> attached to my key which correspond to my email. > At the same time you might want to add a couple of sub keys (1 for signing and 1 for encrypting) that have a preset expiration date. > >>> I believe that if you import my public key you should be able to >>> see a primary key (keyID 0x7388FD80) and a sub-key (keyID >>> 0x1622208F) which is used for encryption. > >> b...@quz.com is not one of the user ID's Your key looks like: gpg2 >> --fingerprint 0x7388FD80 pub 2048R/7388FD80 2013-01-18 Key >> fingerprint = 36CE 2A86 53F5 AC4F 2CAD 925E 1A2A CAC4 7388 FD80 >> uid Alessandro Basili >> sub 2048R/1622208F 2013-01-18 > >> With adding an additional UID of b...@quz.com you could alleviate >> the trouble you have had. > > > I now understand your point, even though I believe you missed mine. I > used b...@quz.com as a recipient for testing purposes only and not as > an a.k.a. of the same key pair. Personally I use GnuPG not only for email but for also encrypting files like my password file that contains about 100 different passwords. I use a random password generator pwgen for each new account. I use emacs to edit the file which I keep in my home directory as a hidden file. gpg2 -aesr le...@lrcressy.com .passwd will ascii encrypt filename with my own public key. If my laptop ever gets stolen not only is /home encrypted but several files within it are encrypted with my 4096 bit key. When you encrypt a file you need to first make sure that you can open the file and read it. gpg2 -d .passwd.asc | less You need a passphrase to unlock the secret key for user: "LeRoy D. Cressy (15 Nov 2011) " 4096-bit RSA key, ID E9147D70, created 2012-11-20 (main key ID C34B77CC) After you have tested that you can open the encrypted file it is safe to remove the original unencrypted file. I like using shred for this so that the file is overwritten numerous times. shred -uvzn 20 .passwd Just using rm or del will not over write the file and erase it cleanly from the disk. > > I indeed thought in the beginning that for a key pair there was only > one email account bound to it, but I guess this was a very silly > assumption. I now have two key pairs for two different email accounts. > Any suggestion on how to 'merge' them? Should I simply revoke one and > use the other adding an user ID to it? That choice is up to you. Personally, if you have different passphrases for each key as a security precaution then it is wise to keep the two keys. On the other hand if you are using the same passphrase for both keys then I would revoke one and add a UID to the other. One of the nice things is that you can revoke UID's and sub keys as needed while keeping the original public key for years. - -- Rev. LeRoy D. Cressy mailto:le...@lrcressy.com /\_/\ http://lrcressy.com( o.o ) > ^ < Cell Phone: 267-307-3527 Open PGP Key: C34B77CC gpg fingerprint: 8AD5 35EF 1FDF F1A7 E483 8CCE A50D 4E81 C34B 77CC For info on enigmail:http://enigmail.mozdev.org/ For info on gpg: http://www.gnupg.org/ Jesus saith unto him, I am the way, the truth, and the life: no man cometh unto the Father, but by me. (John 14:6) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJQ+tE9AAoJEI9ujBCAoueIAoEP/2YMkgtMAXPzAjyPSeUPZNbu b89XtH0pMDdlEApThIfmk8zgeJvJdE66B5HCwbEOPNJBdSjYXLW92/H57Uw1ytJ5 WTszBxr31yFiwZK47kkkM2ZGRejSz2Ut38OZt3MUTk1NSZNFtpyxpsdrtRTCGS22 5CEMXsLtqzg1ZsJRkHKnzjnoroqtZyO9m3ajRDRZsOvKvWZ1GAZ0/7n8YKmwbijf AbW6g6/Nknv0ClLgp3dI3yZD5cuWPzcCV14/mxR89/za9iyIjmWaZG9uac4hIte5 Pe+c4XaK5+S+fePNaiVh5nU7/N/KmULt6BDAh3CjhA099XswveJUDDoVjtk01FDS aNOkSh9kvBss7ZslyWmBCEJnPPzdBa1itQWnYpo6ZgTB3T2nGxE5bmRXXBhImMYb t1aPN7qydLm1a2z6Rd+t9WvoaspwRSPv2FAlaj1W6mFWWqYcmbX9/Rl43woPKP1y 3g4C2bPxRnISV/hjh0wgtsCgZMt4peyFdaOQF0AS/GJbi7eS7R/QCtZUK6ut21ru M9EkcsbpAShpSh/+yuTs+nHTa+O/B80OEgqKwFbZdX2EEs5/Y+ymTemNchKXIUhx 3r8b9o1z7/ZFvg031TvTVqwpum6xahaLqUk/GpJrCVG92HyxNm9v93EX5sm0klVH By0zz4Kfg1DZQRV4GPcy =1VaG -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] revoking a key
On 01/19/2013 08:11 AM, Alessandro Basili wrote: > > Moreover some people may have my previous key, how can I reliably make > sure that they don't use it anymore? > There is no reliable way to do this. You can notify your contacts and hope they update their keyrings. I personally set up my keys to expire in a year, and then bump up the expiration every year. That way someone who normally doesn't update their keyring will start seeing that my key is expired, and will (hopefully) update their keyring at least once a year. ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] question on signing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 19.01.13 15:58, Alessandro Basili wrote: > (...) I now have two key pairs for two different email accounts. > Any suggestion on how to 'merge' them? You can't merge keys. > Should I simply revoke one and use the other adding an user ID to > it? This is one possibility, and maybe the better one, if at least one of the keys is very new and not distributed widely. The other possibility is to keep both and sign each key with the other one. When going to keysigning parties or at other opportunities where you can gather signatures for your keys, you present both your keys. HTH Ludwig -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (Darwin) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCgAGBQJQ+sXzAAoJEA52XAUJWdLjSAoH/3DfRM+MSMtSp3vNG5G8JnTw 8/V3n9xZUlLPfXOvpJJ9p1+3LiVg/MLoF08SAt/gMz+Ydlr0q3Np0nliKtss+sVc odMnFI3XFDvQk9qXbTdvrBU0r4uTtoqK+2vdiOn85okQvjiyRLsKIjyEBpPhXqj8 Hlc7m+mXAZtgpU13ahh0JMug3fnjinketb9XIEDfHfp9f9P0KPlE7jpkBiGh3gAL 2XmRMqaOfGAwCsjU9Az9URWlxrw7oUGIiCwPHasQk56vAITIhMo3F7+quX1NIWan Mq2aeiDP/zQ96We6akcwxC6BFEdUOGfS1wOoFNgYOqZo0cGFp7yjF9q4WeImdJc= =87aV -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] revoking a key
Hi, On 19.01.13 14:11, Alessandro Basili wrote: > Hi everyone, > > as you can see from the 'history' of (one of) my account: > > http://gpg.nebrwesleyan.edu:11371/pks/lookup?search=alessandro.basili%40cern.ch&op=vindex > > some of my previous keys were revoked since they were just trials. > > Unfortunately I lost my last -1 private key (0xBCF40F41) during my last > job change and even though I have the revocation certificate I do not > really know how to revoke it. This is quite easy. Make sure that you have your old public key in your public keyring, e.g. by retrieving it from a keyserver. Then import your revocation certificate (OpenPGP -> Keymanagement. Then File -> Import Keys from File -> Select your revocation certificate. The revocation certificate is merged into your public key by adding a certain signature packet, marking it as revoked. If your public key was on a keyserver, please upload it. The revocation signature is then merged to your key on the server, marking it as revoked. Everybody trying to download it will see that it is revoked. Everybody who is refreshing their public keyring will then import the revocation certificate. > Moreover some people may have my previous key, how can I reliably make > sure that they don't use it anymore? Export your revoked public key to file and send it to them, asking them to import it. After that they are no longer able to encrypt to it. This will cover people that do not regularly refresh their public keyring. You should also tell people what your new key-Id is, or attach the new public key to the mail. HTH Ludwig ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] question on signing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 19/01/2013 15:21, LeRoy wrote: [] >>> Why don't you edit your key and add a user ID like: > >>> gpg --edit-key 0x7388FD80 adduid > >> I'm afraid I haven't understood what is this for and how this >> would solve the problem I had. I believe I have an User ID >> attached to my key which correspond to my email. > >>> At the same time you might want to add a couple of sub keys (1 >>> for signing and 1 for encrypting) that have a preset expiration >>> date. > >> I believe that if you import my public key you should be able to >> see a primary key (keyID 0x7388FD80) and a sub-key (keyID >> 0x1622208F) which is used for encryption. > > b...@quz.com is not one of the user ID's Your key looks like: gpg2 > --fingerprint 0x7388FD80 pub 2048R/7388FD80 2013-01-18 Key > fingerprint = 36CE 2A86 53F5 AC4F 2CAD 925E 1A2A CAC4 7388 FD80 > uid Alessandro Basili > sub 2048R/1622208F 2013-01-18 > > With adding an additional UID of b...@quz.com you could alleviate > the trouble you have had. > I now understand your point, even though I believe you missed mine. I used b...@quz.com as a recipient for testing purposes only and not as an a.k.a. of the same key pair. > If you look at my key you can see several user ID's and etc. gpg2 > --fingerprint C34B77CC pub 4096R/C34B77CC 2011-11-15 Key > fingerprint = 8AD5 35EF 1FDF F1A7 E483 8CCE A50D 4E81 C34B 77CC > uid LeRoy D. Cressy (15 Nov 2011) > uid LeRoy D. Cressy > uid Rev. LeRoy D. Cressy > uid [jpeg image of size > 9529] sub 4096R/02E082A5 2011-11-15 sub 4096R/80A2E788 > 2012-11-20 [expires: 2014-11-20]e sub 4096R/E9147D70 2012-11-20 > [expires: 2014-11-20] > > For signing and encrypting the 2 subkeys are used until they expire > when GnuPG reverts back to using the original key pair. Also when > you go to a key signing party all of your UID's can be signed. > When I do a job for a company I might have a temporary email > address with the client which would become an additional UID > instead of creating a new key pair. I indeed thought in the beginning that for a key pair there was only one email account bound to it, but I guess this was a very silly assumption. I now have two key pairs for two different email accounts. Any suggestion on how to 'merge' them? Should I simply revoke one and use the other adding an user ID to it? -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJQ+rSMAAoJEBoqysRziP2AouYIALYH+vmJAcEO7+HTWP87pFAt skMbZ3GOZ1EtuEEd+eFq6WiWIfek1mHLYxzuxkeEJdHJLfbuNqmXk0FPonw3RPqh jIJlXi+9IqE9sKl4s7tYUvKsoxwD/ID0zOGT8GUBZ/aVx5fGtZMrCrBWDmmcjh7S p08oxdytgDYjCjY4095GpZKIPSLM7GobM7UKZL7qbnsMd/5HjJSc8ewswhflHUxS Iy7/HniSRmsZUg1D7mLZOkye1Z1CRpJQQdgGU7Z181N8DLOCnFa3hkU2sigTB359 K4GIbCaPq7Ty65g50Y4UUx2fI/FmY+C4gM3bHgYFuA4nk41PakKHZrPB+iyvllc= =jv8Z -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] question on signing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/19/2013 07:48 AM, Alessandro Basili wrote: > On 18/01/2013 17:10, LeRoy wrote: >> On 01/18/2013 08:59 AM, Alessandro Basili wrote: >>> On 18/01/2013 14:41, Andreas Hirsch wrote: > > >>> Thanks a lot! Now that is clear that i can send signed messages >>> I'd like to know why I cannot send the signed message to >>> b...@quz.com (my alter-ego) of whom I do not have any key. > >>> A window titled 'OpenPGP Key Selection' opens before sending, >>> which says: > >>> 'Recipients not valid, not trusted or not found' > >>> Why should I care about the recipient if I simply want to sign my >>> email? > > > >> Why don't you edit your key and add a user ID like: > >> gpg --edit-key 0x7388FD80 adduid > > I'm afraid I haven't understood what is this for and how this would > solve the problem I had. I believe I have an User ID attached to my > key which correspond to my email. > >> At the same time you might want to add a couple of sub keys (1 for >> signing and 1 for encrypting) that have a preset expiration date. > > I believe that if you import my public key you should be able to see a > primary key (keyID 0x7388FD80) and a sub-key (keyID 0x1622208F) which > is used for encryption. b...@quz.com is not one of the user ID's Your key looks like: gpg2 --fingerprint 0x7388FD80 pub 2048R/7388FD80 2013-01-18 Key fingerprint = 36CE 2A86 53F5 AC4F 2CAD 925E 1A2A CAC4 7388 FD80 uid Alessandro Basili sub 2048R/1622208F 2013-01-18 With adding an additional UID of b...@quz.com you could alleviate the trouble you have had. If you look at my key you can see several user ID's and etc. gpg2 --fingerprint C34B77CC pub 4096R/C34B77CC 2011-11-15 Key fingerprint = 8AD5 35EF 1FDF F1A7 E483 8CCE A50D 4E81 C34B 77CC uid LeRoy D. Cressy (15 Nov 2011) uid LeRoy D. Cressy uid Rev. LeRoy D. Cressy uid [jpeg image of size 9529] sub 4096R/02E082A5 2011-11-15 sub 4096R/80A2E788 2012-11-20 [expires: 2014-11-20] sub 4096R/E9147D70 2012-11-20 [expires: 2014-11-20] For signing and encrypting the 2 subkeys are used until they expire when GnuPG reverts back to using the original key pair. Also when you go to a key signing party all of your UID's can be signed. When I do a job for a company I might have a temporary email address with the client which would become an additional UID instead of creating a new key pair. ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net - -- Rev. LeRoy D. Cressy mailto:le...@lrcressy.com /\_/\ http://lrcressy.com( o.o ) > ^ < Cell Phone: 267-307-3527 Open PGP Key: C34B77CC gpg fingerprint: 8AD5 35EF 1FDF F1A7 E483 8CCE A50D 4E81 C34B 77CC For info on enigmail:http://enigmail.mozdev.org/ For info on gpg: http://www.gnupg.org/ Jesus saith unto him, I am the way, the truth, and the life: no man cometh unto the Father, but by me. (John 14:6) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJQ+qvWAAoJEI9ujBCAoueIUNEP/0lOW1b5CuRnp0ZxbtDLnrQJ 6tMSJz2XcWLG9HJIPjEy3mjR5B5hTCZqvycq1eYlzf1O54SMXx6533PWw0wXp3ef j6q9mppHpMV0sYHUrSqGKlRGcGp7weymEVaCrSVpzvubyPzqpG4FDaFJ6jnR3tvi vWnuK+T3xnMTX+m1Fyt4uqr4oLF915quGaoBM2RHpnbc34hBj4q83sC/+XPyjVcx dXMeSZCxlvWWxaHgp6xFbj6BHS+ABM5++qEIaq5RY27T7UuzJufndbgTHSoN7mph JvJa6Pd46H5WVXjUe5chdPlwY9lH9ImlkTK8RdPjO5EVYDjEznuRxLoCU/1ids8E xRjOpZpK3ZFnHxN81lqbO5sgS5fBr6AaeQV1/iAeeF2wBcAS8xk7FI8JZSAAyGxD 50HDE6zlfAsLNTlgEnKwRt720E2tjozWT8tfy1zQpI02jAdg6tzARd7JvxtbpZ5w FtLYBOWEUwYkEEzhV4QZanmmeBCVHZQfUCiRnqTzLq7h19+0OX1Rht41a8eCOnb/ UH3COtYDJvL9iV5JIMbRBVx92+z44lL7PzpNbCEf7oxMzmtRP1Pbui12NgQh4Uov lva2FIxF4K3RG9t3HCWfd6qsMykdwsNZYAyeiGHNJ/NRWND7mUbn3ayiZaTJLs4y R4SoW/jBixG1dCkeoHhQ =JtZJ -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] question on signing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/18/2013 01:30 PM, John A. Wallace wrote: > Hi, LeRoy. What is the reason for your recommendation along those lines? I > am not understanding what it would accomplish to facilitate his purpose, > which is simply to sign his messages. Thanks. > > > > >> -Original Message- >> From: enigmail-users-boun...@enigmail.net [mailto:enigmail-users- >> boun...@enigmail.net] On Behalf Of LeRoy >> Sent: Friday, January 18, 2013 10:11 AM >> To: Enigmail user discussion list >> Subject: Re: [Enigmail] question on signing >> >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA1 >> >> On 01/18/2013 08:59 AM, Alessandro Basili wrote: >>> On 18/01/2013 14:41, Andreas Hirsch wrote: >> >>> >>> Thanks a lot! Now that is clear that i can send signed messages I'd >>> like to know why I cannot send the signed message to b...@quz.com (my >>> alter-ego) of whom I do not have any key. >>> >>> A window titled 'OpenPGP Key Selection' opens before sending, which >> says: >>> >>> 'Recipients not valid, not trusted or not found' >>> >>> Why should I care about the recipient if I simply want to sign my >> email? >>> >>> >> >> Why don't you edit your key and add a user ID like: >> >> gpg --edit-key 0x7388FD80 >> adduid >> >> At the same time you might want to add a couple of sub keys (1 for >> signing and 1 for encrypting) that have a preset expiration date. If I remember right it was not just signing that he had a problem with but if you do not have the public key for the recipient you cannot encrypt to the recipient. Thus if he added an additional user ID for his alter ego he would automatically have the key. I think the recipient window opening was indicating that he was attempting to encrypt the message and not just sign it. This could be happening because of a configuration error stating to automatically encrypt to certain addresses. - -- Rev. LeRoy D. Cressy mailto:le...@lrcressy.com /\_/\ http://lrcressy.com( o.o ) > ^ < Cell Phone: 267-307-3527 Open PGP Key: C34B77CC gpg fingerprint: 8AD5 35EF 1FDF F1A7 E483 8CCE A50D 4E81 C34B 77CC For info on enigmail:http://enigmail.mozdev.org/ For info on gpg: http://www.gnupg.org/ Jesus saith unto him, I am the way, the truth, and the life: no man cometh unto the Father, but by me. (John 14:6) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJQ+qFNAAoJEI9ujBCAoueIQroQAI9bbkOoQ+4dwLqAO4TSTzz+ gIpPNUUNNg3TlS/mm9CoDp1JgP24K1Nb8pEvcgjBn8lfNXU2HOM/ODupJR9Vu4fL WDy10mSnQM063SK00tEvKtCm2n9SlwTXVOS5UQPfM8kFx1xDXeudU5zOIoMEXdUB Mli6awuevmFG5HH1ZnwiGUq514YvdAaf6t2oqv1ohWWo9wPj8aoatsDPBHgjGrWi SrPNYxXdWsDT7fxnPfZIAaZP/qmu12DMNPjqjgBM+zPE9BoUb9FLLjXNDToQOTh2 6X3+SGnxcdXPqS5aYx/4QftnxsSv2/ytWJr9cyQZumYfqMjw/oR/htSBfyLHST9V Eb7DITn/nRKpns+wFTqG2AYtssp0Q7zpQIGT/BBtmqfSV3N/so4D6xnE/QCeWExi 4eVqJZhtofA5vnXnYX1KqFOeSz+EAkq92Zq0aZyriiAIHL6r9HizZZv+4RoKv2eZ usTISlf/j1OeYRHFjr43kArnng2noiMsA8+LgyXsgt20iJJHAOVBMTKFARY2pHWC qgr+44Ait+FmlmShV33L03WaypCGYFjnf9MZntW//4+Q0p6HUjQNThhzea8BSQBF 6lkqQ7M/sfyW+751awWcZOhOisFhsAfixTR1E8E10YtEScADKJlI9VV5yGaJUMWM pxQFszCpDEK8qsGuHMgz =M+on -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
[Enigmail] revoking a key
Hi everyone, as you can see from the 'history' of (one of) my account: http://gpg.nebrwesleyan.edu:11371/pks/lookup?search=alessandro.basili%40cern.ch&op=vindex some of my previous keys were revoked since they were just trials. Unfortunately I lost my last -1 private key (0xBCF40F41) during my last job change and even though I have the revocation certificate I do not really know how to revoke it. Moreover some people may have my previous key, how can I reliably make sure that they don't use it anymore? Thanks for your inputs, Al -- PGP Fingerprint 36CE 2A86 53F5 AC4F 2CAD 925E 1A2A CAC4 7388 FD80 PGP Public Key available at http://keys.mit.edu ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] question on signing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 18/01/2013 17:10, LeRoy wrote: > On 01/18/2013 08:59 AM, Alessandro Basili wrote: >> On 18/01/2013 14:41, Andreas Hirsch wrote: > > >> Thanks a lot! Now that is clear that i can send signed messages >> I'd like to know why I cannot send the signed message to >> b...@quz.com (my alter-ego) of whom I do not have any key. > >> A window titled 'OpenPGP Key Selection' opens before sending, >> which says: > >> 'Recipients not valid, not trusted or not found' > >> Why should I care about the recipient if I simply want to sign my >> email? > > > > Why don't you edit your key and add a user ID like: > > gpg --edit-key 0x7388FD80 adduid I'm afraid I haven't understood what is this for and how this would solve the problem I had. I believe I have an User ID attached to my key which correspond to my email. > At the same time you might want to add a couple of sub keys (1 for > signing and 1 for encrypting) that have a preset expiration date. I believe that if you import my public key you should be able to see a primary key (keyID 0x7388FD80) and a sub-key (keyID 0x1622208F) which is used for encryption. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJQ+pYuAAoJEBoqysRziP2AsjkIALBkKXzzBYNoE847dYpheiqt j8P1nx44+e4wuvCtF3tqC914AXVYwUSh3mD6Kh0SLqkJgFhTpmj0K+wUB+FjWRaQ x1HVzlnu8O/lktrzFRDRcZO1qLyV1AJ1yoQTwScwHanBetLkFQbmbbn1O/vI49HY FDnuwXyNgJAu6N96Gs8AU2iLvqBgcT6CU8Wk8ytZRsC9KGEYXK7fy2F77WGDT71a m6FopETh/zhJEv+1dBFTggaqDoM8DnC0LQ2aMRMVbfd+dDzIbrtp0BC/0ZqEORnV vxSuEkLw9b5iaCSfQ1slnwMCxUKRKFf0ewD1mbPXthstHgVY31FggWs6wlcbNKk= =lRgD -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
