Re: Secret key holder identity (was: Local file encryption)
On Mon, Feb 19, 2007 at 10:54:17AM -0800, NikNot wrote: > On 2/19/07, Adam Funk <[EMAIL PROTECTED]> wrote: > >Is there any reason to physically secure your *public* keyring in > >... (Well, I suppose you might want to hide your secret identity!) > > Unfortunately, the whole GPG, with WebOfTrust construct, makes the > assumption that there is no need whatsoever to protect the identity of > the secret key holder (and, by extension, that traffic analysis - as > opposed to the secret content analysis - is not something to be > concerned with). That statement is definitely not true. * PGP was the first cryptosystem to hide sender's ID (when signing+encrypting), compare PEM to see the difference; * one can issue himself a key pair with pseudonym User ID the same way as with RL identity and use it normally; * without having recipient pubkey it is impossible to determine the recipient of the message (assuming the subkey ID is not widely known) * it is possible to hide recipient's completely ID by using --throw-keyid Alex -- JID: [EMAIL PROTECTED] PGP: 0x46399138 od zwracania uwagi na detale są lekarze, adwokaci, programiści i zegarmistrze -- Czerski ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Compiling GnuPG 2.0.1 on MacOS X
Werner Koch wrote: > Let me know if it works and I change the code. It works perfectly - many thanks! :-))) > Using system helps because it creates a new argv[0]. Unfortunately, I was barking up the wrong tree after reading that MacOSX relies upon modified copies of the shell interpreters to interpret the bundle information. I must remember to be more critical of what I read on the web! :-/ In theory, this should also mean that the QT version of pinentry when properly bundled up should also work correctly. Rather than produce a whole new install to test v2.0.2, I'll knock together an archive with just the files that have changed. Thanks again for all your help, Ben ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Compiling GnuPG 2.0.1 on MacOS X
On Wed, 14 Feb 2007 19:58, [EMAIL PROTECTED] said: > 'cos I was searching through my MacOS programming book for a solution to > MacOS X not reading the GUI bundle information and it suggested using > system. I might have a solution. In agent/call-pinentry you find this code: if ( !(pgmname = strrchr (opt.pinentry_program, '/'))) pgmname = opt.pinentry_program; else pgmname++; argv[0] = pgmname; What is does is to setup argv[0] so that there is no directory part. Now my guess is that OS X uses argv[0] to locate the bundle and won't find it if there is no directory part in argv[0]. To test it, you just need to change the last line to: argv[0] = opt.pinentry_program; Let me know if it works and I change the code. Using system helps because it creates a new argv[0]. Shalom-Salam, Werner ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users