Re: Can version 1.4.11 be configured to use IDEA?
All right, thanks! :) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpgsm and OCSP problems
Hi, can you please try the attached patch for GnuPG? I checked that it applies against a vanilla 2.0.17 but I have not done any tests. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. x Description: Binary data ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Where are those stubs..
On Wed, 20 Jul 2011 21:48, pe...@digitalbrains.com said: AFAIK, you need to get the public key imported in GnuPG before you do --card-status. So you first download your own public key from a keyserver or a website or a USB stick, you don't get it from the smartcard. Only when GnuPG already has the public key, will it create the secret key stubs when it sees your smartcard. Right. This is also the reason why we have the URL field on the card. For example on my card: URL of public key : finger:w...@g10code.com Now if I run gpg --card-edit I just need to enter fetch and gpg will fetch the key from that URL. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
gpg-agent automatically use passphrase for signing subkey?
Hi I have a program which encrypts and signs files; I supply the same key ID for both operations, the 'primary ID'. My key actually consists of the main key and two subkeys, for encryption and signing. I'm using gpg-agent to cache my passphrase. I get asked for my passphrase (pinentry screen) once for the encryption key, and then again, for the signing key. Can I instruct the agent to give the passphrase for any subkey? Given that they're both subkeys, the passphrases are the same. Thanks Chris Poole [PGP BAD246F9] ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: secring and dropbox
On 22/07/11 12:20 AM, Aaron Toponce wrote: On Wed, Jul 20, 2011 at 06:01:23PM -0600, Jay Litwyn wrote: -BEGIN PGP MESSAGE- Version: GnuPG v2.0.17 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp owF9Vl1oHFUUThpb6eJSfa7oKYJJcH8msWmTWFISH9otplaptPVF7s7c3bnJzNzp vXey2bZo37QIolKhSBUR/KEovvRFxBeh9lUQf6AgaB8VXwTpW/3OnZ20VTAksDv3 3HO+853vfJM36xNj28YfeWrt8k/u/N/jn+/c0b2/n/dbbtMdnUzGn81oNpiZaQb7 m7MBzQSLc3O0vNqgZWF0Rsd1rrNQ0sBoJxfrtSVC/AkZNehIkeBiw18m4SjYt7h3 [snip] Am I the only one who can't decrypt this message? Is there something I'm missing? It wasn't encrypted, it was signed and base64 encoded (gpg -sa). That said, you're almost certainly not the only one who couldn't read it (for the record, I could). Regards, Ben signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg-agent automatically use passphrase for signing subkey?
Chris Poole CAF=p9qd+tpgrpnlkk9qr9efhslgcoo8t3dtjuzrbi+bvsis...@mail.gmail.com wrote on 7/21/11 2:51:42 PM: Hi I have a program Which version of GnuPG are you running, and where did you download it from, please? Just for information. which encrypts and signs files; I supply the same key ID for both operations, the 'primary ID'. My key actually consists of the main key and two subkeys, for encryption and signing. This is the information pertaining to the key whose key ID is mentioned in your e-mail: pub 1024D/BAD246F9 created: 2006-03-31 expires: never usage: SC trust: unknown validity: unknown sub 2048D/7ED39759 created: 2010-12-11 expires: never usage: S sub 4096g/E71D7B3E created: 2006-03-31 expires: never usage: E [ unknown] (1). Chris Poole ch...@chrispoole.com [ unknown] (2) Chris Poole li...@chrispoole.com I'm using gpg-agent to cache my passphrase. I get asked for my passphrase (pinentry screen) once for the encryption key, and then again, for the signing key. You are asked for your passphrase once for *decrypting* an e-mail that has been encrypted using your public key; and then once again to sign an e-mail. In other words, when you need to use your secret key. Can I instruct the agent to give the passphrase for any subkey? Given that they're both subkeys, the passphrases are the same. gpg-agent *caches* your passphrase (in encrypted form) for each of the two operations described above. The passphrase remains cached (you are not requested to type it again) for the value in seconds set in ~/.gnupg/gpg-agent.conf - You can edit that file (gpg-agent.conf) with a suitable text editor (like TextEdit that is a part of MacOSX, or with BBEdit light (freeware). Best regards, Charly OSX 10.7 (11A511) MacBook Intel C2Duo 2GHz-GnuPG 1.4.11-MacGPG2-2.0.17 Shredder 8.0a1 (2011-07-21) Enigmail 1.3a1pre (20110717-1422) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg-agent automatically use passphrase for signing subkey?
Perhaps I explained poorly. I'm using gpg 1.4.11, gpg-agent 2.0.17. Is it possible to enter a passphrase using gpg-agent, and have it cached such that it's used whenever I want to use any subkeys from the same main key? Scenario: I sign a file with my signing subkey, and give gpg-agent my passphrase. I then decrypt another file, which has been encrypted using my encryption key, which is a sister subkey to the signing key (i.e., they both have the same parent 'main key'). Is it possible to not be prompted for my passphrase again for this operation? I understand that they're separate keys, so I'm being prompted twice, but they are both belonging to the same primary key: can that passphrase apply to all subkeys when entered for any one? I hope that clarifies what I want to do... Cheers Chris Poole [PGP BAD246F9] ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Where are those stubs..
On 21 Jul 2011 at 14:58, Werner Koch wrote: On Wed, 20 Jul 2011 21:48, pe...@digitalbrains.com said: AFAIK, you need to get the public key imported in GnuPG before you do --card-status. So you first download your own public key from a keyserver or a website or a USB stick, you don't get it from the smartcard. Only when GnuPG already has the public key, will it create the secret key stubs when it sees your smartcard. Right. This is also the reason why we have the URL field on the card. For example on my card: URL of public key : finger:w...@g10code.com Now if I run gpg --card-edit I just need to enter fetch and gpg will fetch the key from that URL. Thank you both for that piece of info, it was the missing information I think. In a real world scenario this wouldn't be an issue (and hardly noticed) but in this case I was testing this specifically and only, and didn't see any notice of the pubkey having to be imported first; I'm unsure if those pieces of information have been put together earlier in the replies I've read. Thanks. /J Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg-agent automatically use passphrase for signing subkey?
Chris Poole CAF=p9qdhabjhb6v6icde12qvvt1xy7mtylp0_-3+0eu0fuy...@mail.gmail.com wrote on 7/21/11 4:40:17 PM: Perhaps I explained poorly. You explained very clearly. I'm using gpg 1.4.11, gpg-agent 2.0.17. You can have, as I do, both 1.4.11 and 2.0.17 installed side by side in the same system. You can use either one, as set in the path of your e=mail application. You are using a @gmail.com based user ID, and the raw source of your e-mail does not display which MUA you are using. I am using Shredder, which is a trunk release of Thunderbird, where the path, as displayed in OpenPGP/Preferences, is /usr/local/MacGPG2/bin/gpg2. Thus I am using gpg2, in this case MacGPG2-2.0.17-9 If instead I had set /usr/local/MacGPG2/bin/gpg , I would be using gpg, that would be gpg 1.4.11 If you are using Apple's Mail application (under 10.6.8), it will chose gpg2 by default. Under Lion, the Mailbundle for Apple's Mail application does not work, it is being rewritten by a group of developers. Is it possible to enter a passphrase using gpg-agent, and have it cached such that it's used whenever I want to use any subkeys from the same main key? Scenario: I sign a file with my signing subkey, and give gpg-agent my passphrase. I then decrypt another file, which has been encrypted using my encryption key, which is a sister subkey to the signing key (i.e., they both have the same parent 'main key'). Is it possible to not be prompted for my passphrase again for this operation? I understand that they're separate keys, so I'm being prompted twice, but they are both belonging to the same primary key: can that passphrase apply to all subkeys when entered for any one? I hope that clarifies what I want to do... Maybe *I* wasn't clear enough. gpg-agent goes by *actions*: decrypt, or sign. gpg-agent is invoked whenever you use your secret key, either for decrypting or for signing. As far as gpg-agent is concerned, those are two different *actions*. When your passphrase has been cached for each of those *actions*, it will remain in gpg-agent's memory for the duration of the cache set in your home directory ~/.gnupg/gpg-agent.conf Charly ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Re: secring and dropbox
Hi! Am 20:59, schrieb Aaron Toponce: [snip] Am I the only one who can't decrypt this message? Is there something I'm missing? I *could* decode it, but since I'm reading the list in digest and MIME mode (i.e., I get one combined email for every 10 postings and each posting is a separate MIME attachment), I would have to specifically open such a particular mail attachment and hit decrypt/verify in Enigmail. I don't do that. cu, Sven ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Where are those stubs..
On Wed, Jul 20, 2011 at 09:01:23PM -0400, Robert J. Hansen wrote: You just alienated the entire FOSS community. Please don't claim to speak for the entire FOSS community. You don't. No one does: not even RMS, Linus or Jordan Hubbard. I don't presume to. It was a deliberate exaggeration and I'm not going to get into a pissing match about methods of expression. -- Bob Holtzman If you think you're getting free lunch, check the price of the beer. Key ID: 8D549279 signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users