Re: [Enigmail] Kickstarting smart cards
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 16/03/2015 02:04, Gayle Lee Fairless wrote: On 3/15/2015 8:53 AM, Robert J. Hansen wrote: https://www.kickstarter.com/projects/joeycastillo/signet-simple-online-privacy-cards Might be interesting for some people here. That does seem interesting. I already have the smartcard from FSFE but have not quite figured it out yet. Have you used it? It would make enigmail more portable! I've had an FSFE smartcard for around 3 years, without a clue about how to use it. Portable enigmail sounds perfect, so any related links could indeed be interesting. Anne -BEGIN PGP SIGNATURE- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlUGryQACgkQj93fyh4cnBcApgCfXHU0P5pg2rj9pMUQsR7WqTL1 +UYAn0ZvFZ1kNCeZ5viQI545BzbZwczi =r9cb -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] Kickstarting smart cards
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 16/03/2015 10:48, Olav Seyfarth wrote: I've had an FSFE smartcard for around 3 years, without a clue about how to use it. I use it every day, in fact this messages is signed by it. Did you try to find out how to use it? There is some documentation, both on FSFE and on GnuPG side: I did try to find some when I first started, but found very little. I confess that I haven't tried at all recently. http://fsfe.org/fellowship/card.en.html https://www.gnupg.org/howtos/card-howto/en/smartcard-howto-single.html If you need assistance, feel free to contact me off-list. It will be easier to phone actually since there are considerations that should be discussed first. Ideally, you would provide a writeup afterwards that we could use on our site. long snip I'm seriously interested in looking at this but the timing is very wrong for me. With workmen in the house and boxes and boxes of things packed away, I'm not even sure which safe place I put the card in. Doubtless all will unravel back to sanity quite soon, and I'd like to take up your offer of help at that point. If we get it working well I'll try to supply whatever writeup would help you. Anne -BEGIN PGP SIGNATURE- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlUGzH4ACgkQj93fyh4cnBeFdACdEuEGM2cNSACy03eqJ3DrhgJy utIAoIGdc9t5+LR53Gito9jw9OP9Zf2g =zNZh -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] spontaneous change of message status
On 16/03/15 08:40, Patrick Brunschwig wrote: On 14.03.15 17:39, Philip Jackson wrote: On 14/03/15 15:22, Patrick Brunschwig wrote: On 13.03.15 20:06, Philip Jackson wrote: On 13/03/15 17:16, Patrick Brunschwig wrote: On 13.03.15 15:45, Philip Jackson wrote: For this spontaneous change to occur, one needs these factors to exist : 1. the 'To' field is in red type (with a red cursor) 2. the 'To' field must be completed and not left blank 3. the spontaneous change in message status occurs around five or six minutes into the creation of the email - the body can be blank or partly filled. Could it be triggered by auto-saving a draft message? Thanks Patrick - you're spot on ! After all the years of using it, I didn't even know Thunderbird did periodic backups. I've never seen a backup directory in the file system nor in the profiles. However, it was doing a backup every 5 minutes. I was rather inexact in the original description above. Only the different check box is ticked. The change in the displayed message status and the icons on the enigmail toolbar doesn't happen until I click 'ok'. What I don't understand is why sometimes I get a red cursor/ text in the 'To' field and sometimes black. I can provoke a red address field entry by making any address incomplete but my address for enigmail-users seems correct and complete. That's Thunderbird behavior - nothing Enigmail influences and nothing Enigmail could do to improve it. True. But I still don't understand why sometimes Thunderbird considers the To address broken. The emails always arrive at destination ok. And it is not consistent for any given address. But I do consider that a spontaneous change to established message conditions should not occur. Agreed The change induced by Thunderbird seems to be one way only : sign - encrypt. It doesn't reverse itself back to 'sign only' after a further backup period. But if you reset to 'sign only', after another backup period, it flips again to encrypt. I'm trying to reproduce it, but so far didn't succeed. What are your account settings and other rules when this happens? My account settings on OpenPGP Security : enable PGP support, Use specific PGP key, sign by default, PGP/MIME by default, sign non encrypted messages, sign encrypted messages, encrypt draft messages on saving. Nothing set under account settings Security. Enigmail preferences / Sending = Convenient encryption settings, Key Selection : By Per-recipient, By email addresses For this to happen when writing an email : 1. Thunderbird preferences/Composition/General : check autosave (every 5 minutes), confirm when using keyboard shortcuts, check for missing attachments 2. 'To' field in email must be red. This happens at random for any given email address but I can provoke it by breaking the address. (I assumed the red indicated that Thunderbird considered the address broken ) 3. The 'To' field must have an entry 4. The enigmail setting for that email must be 'sign only' Then just sit and wait for five minutes while checking the enigmail toolbar button from time to time. I still cannot reproduce it. Could you send me a debug log file (menu Enigmail Debugging Options View Log)? sent to you at your address. Apart from the Thunderbird peculiarity of turning the address field red (even though the address is already in my address book since years), it looks like the tick box flips from 'sign' to 'encrypt' when Thunderbird auto-saves a copy of the mail being prepared for sending. Unless the sender actually clicks on the enigmail button in the enigmail toolbar and also clicks on ok, this autosave process doesn't actually affect the final email status when it is sent. If it was originally 'sign' only, that is the way it gets sent. The encrypt only affects the auto-backup, as far as I can tell. This should be fixed with the latest nightly build. Looks ok with 16 March nightly Philip signature.asc Description: OpenPGP digital signature ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
Re: [Enigmail] spontaneous change of message status
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 14.03.15 17:39, Philip Jackson wrote: On 14/03/15 15:22, Patrick Brunschwig wrote: On 13.03.15 20:06, Philip Jackson wrote: On 13/03/15 17:16, Patrick Brunschwig wrote: On 13.03.15 15:45, Philip Jackson wrote: For this spontaneous change to occur, one needs these factors to exist : 1. the 'To' field is in red type (with a red cursor) 2. the 'To' field must be completed and not left blank 3. the spontaneous change in message status occurs around five or six minutes into the creation of the email - the body can be blank or partly filled. Could it be triggered by auto-saving a draft message? Thanks Patrick - you're spot on ! After all the years of using it, I didn't even know Thunderbird did periodic backups. I've never seen a backup directory in the file system nor in the profiles. However, it was doing a backup every 5 minutes. I was rather inexact in the original description above. Only the different check box is ticked. The change in the displayed message status and the icons on the enigmail toolbar doesn't happen until I click 'ok'. What I don't understand is why sometimes I get a red cursor/ text in the 'To' field and sometimes black. I can provoke a red address field entry by making any address incomplete but my address for enigmail-users seems correct and complete. That's Thunderbird behavior - nothing Enigmail influences and nothing Enigmail could do to improve it. True. But I still don't understand why sometimes Thunderbird considers the To address broken. The emails always arrive at destination ok. And it is not consistent for any given address. But I do consider that a spontaneous change to established message conditions should not occur. Agreed The change induced by Thunderbird seems to be one way only : sign - encrypt. It doesn't reverse itself back to 'sign only' after a further backup period. But if you reset to 'sign only', after another backup period, it flips again to encrypt. I'm trying to reproduce it, but so far didn't succeed. What are your account settings and other rules when this happens? My account settings on OpenPGP Security : enable PGP support, Use specific PGP key, sign by default, PGP/MIME by default, sign non encrypted messages, sign encrypted messages, encrypt draft messages on saving. Nothing set under account settings Security. Enigmail preferences / Sending = Convenient encryption settings, Key Selection : By Per-recipient, By email addresses For this to happen when writing an email : 1. Thunderbird preferences/Composition/General : check autosave (every 5 minutes), confirm when using keyboard shortcuts, check for missing attachments 2. 'To' field in email must be red. This happens at random for any given email address but I can provoke it by breaking the address. (I assumed the red indicated that Thunderbird considered the address broken ) 3. The 'To' field must have an entry 4. The enigmail setting for that email must be 'sign only' Then just sit and wait for five minutes while checking the enigmail toolbar button from time to time. I still cannot reproduce it. Could you send me a debug log file (menu Enigmail Debugging Options View Log)? sent to you at your address. Apart from the Thunderbird peculiarity of turning the address field red (even though the address is already in my address book since years), it looks like the tick box flips from 'sign' to 'encrypt' when Thunderbird auto-saves a copy of the mail being prepared for sending. Unless the sender actually clicks on the enigmail button in the enigmail toolbar and also clicks on ok, this autosave process doesn't actually affect the final email status when it is sent. If it was originally 'sign' only, that is the way it gets sent. The encrypt only affects the auto-backup, as far as I can tell. This should be fixed with the latest nightly build. - -Patrick -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCAAGBQJVBojVAAoJENsRh7ndX2k7KK4QAJ71SYkds5ky4ANe5EF7bfUL zSKOM9DvHueNYz9GQqG0Ig8B9zTQ4fxu3j0nF2knH6ji5xo5Mg/0g98OFcBzmjja sNs8nv8Oq3gPpxhRNXxHr+XT84j8KpVTqvhaI3h0gFom70R+OlJsvNYazUMPlUzL wSd1ZgIZ2sTX1MgZALKnVNQAAm5pcwLkfLRgZtT++55bB3e2f2r3RYvjY6pihWiC gDsEMib1jsyp1bktWN1hXolza5LKqjwTJXj17sFRQQkhhQtjjbBL0ar7Do4JAqfo FyM0oKq2JRBkGcpNBaJAuUI9tq0O1jSuD2ZvCIXJfjes+H2t+xMT12an/No1xZSh DVof8rUsJ6hP34yEuoSjkAzUCg4kAEtDhfSFrmtTGqpjnlc5GdG6zSSzbWhJZQEi kRjbNkDAQy1U3IrMjJ2bIN/HNtiA5rGRqGUnErmwMLJFTqZrX71OPhP2qFyP9ggr hDnj0DizMPjzEvvP388rJFRdpSvh54l4tmDl5LessoyavyaDe9K69yoUTxdJTu6N 2RybuIRF2n4XN63IsdlzDFoo/wiao/7oWs1RKZ82CkYAN8qqJYfTtX/NoTNCblMD r3bkUXE44Yf4cNKMgoilPSXvIRe7iJ7vDtRtJoe0WOcGA2deSLDvQzE3QrMUa7c6 V+WJi0Gbc4ml30PnOqEO =PXd4 -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here:
Re: [Enigmail] Kickstarting smart cards
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi Anne, I've had an FSFE smartcard for around 3 years, without a clue about how to use it. I use it every day, in fact this messages is signed by it. Did you try to find out how to use it? There is some documentation, both on FSFE and on GnuPG side: http://fsfe.org/fellowship/card.en.html https://www.gnupg.org/howtos/card-howto/en/smartcard-howto-single.html If you need assistance, feel free to contact me off-list. It will be easier to phone actually since there are considerations that should be discussed first. Ideally, you would provide a writeup afterwards that we could use on our site. Apart from that, I asked Joey what the difference between his card and Werner's OpenPGP Smartcard (which is the FSFE card). He replied (but did not add the answer to the FAQ on kickstarter): It differs in a couple of ways. The g10 card is a contact-only interface; this card is dual interface, which means it could potentially work with NFC devices like Android tablets and smart phones. The g10 card is also not open source. This card is open source, written for the JavaCard platform, and the code is openly available here: https://github.com/josecastillo/OpenPGP-Card Having said that, the g10 card does offer one feature that this card does not. The g10 card supports adjustable key sizes; this card only supports 2048-bit keys. I wrote about the rationale behind this in the project FAQ, but it is important to mention because if you have a key larger than 2048 bits, this won't work for you. Having said that, the g10 card has been out of stock at kernelconcepts since last June, and if you click the link on the page you sent, their store is currently down. I'm not aware of any other sources for the g10 card at this time. I checked KernelConcepts: their site yields The shop will is temporarily closed. If you have an urgend need of OpenPGP cards or Gemalto Shell token card reader, feel free to contact us. So, basically, write them an E-Mail and you'll get it anyway. Concerning The g10 card is also not open source., I cannot comment on. But the spec is available at http://g10code.com/p-card.html Olav - -- The Enigmail Project - OpenPGP Email Security For Mozilla Applications -BEGIN PGP SIGNATURE- Version: GnuPG v2 Comment: Dies ist eine elektronische Signatur - http://www.enigmail.net/ iQGcBAEBCAAGBQJVBrUPAAoJEKGX32tq4e9WtaEL/iLNeJgZ84CjbPne7QqT96dn f9OXCUJMlp644EhVgA3bybnwwZ283Ra4svAB1gg/UBoHSA+snz9fHAKZ6+5UiOtB uQYx5B2sBB64Ih0fEc8Zn5Ew5d6LK8g7OHVlAjJMt78xbL3/Vveoocz/B1nGuJtH Df9/hlJoaq8ZISsv5rv7jwztt0qKuvz8UVgkZQrBWpYZH4ahJrC7/mjBu6WsPVie QMlvtGwrmdpf5Ye/u/HTYnjvM+F4yopeEtPH1b1r0y0tNen5N1lgrjEnccDsw+qG SK0ZhtOOWC7tM4U+oKJjT/JWSf+FxA5KzxXTi4eHuUQn696qbxv2X+BXnH8OHoLV ktFLuNnOdMS1loGt1NGKM3sJ+s/IO09kSsGndQLz8XKoIDhIIG+9brYn7yXT8kR4 P1upPgu4i7rtFHQXxcTsVrbhflrt9xBfiYBM/6lzovSxFkWP2rA7BS085gcK3iET iV8O5lSPKLeadd21YZ5uy/hFcQes1CssI5dDRwUhyA== =Jg9D -END PGP SIGNATURE- ___ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net