Re: failed to build a binary for version 2.0.19 please advise
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 04/07/2012 11:28 PM, ? wrote: Execuse me where can I find the binaries of this new version on a windows platform http://files.gpg4win.org/gpg4win-2.1.0.exe Enjoy. I gather that a new build is expected soon, but last time I checked gpg4win-2.1.0 included GnuPG 2.0.18 not 2.0.19. Regards. -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJPhwWhAAoJEEy6/YZf1YOeTjAP/jKG/Vsfspz35SkCevUEITjn 2udvRivX/vOprZKOwiD83yykwlws8qDNDCCIdRL/d8ihPe1Y0F4oJU2Tn7/e/+m1 pu+zYXPjiBG7zfvhsXXH3xlPFfQkeOOXazB+A23Tuw1pCYAWcq6Qd/ouTevK7Yy8 0FIkQYa+cPsJa0xnVHmsTDmyWkq9QOLMShi8jMO4rayMpXFQTppp0sC+ndsIonX9 kzqJmJASsSUc4vcEbvFQuMUcJgcvuxl48LTpKoVblLE9ZiQ86Y6NoUnxiNunughT PSjM77fgySDDSkFq0i6dhU3swrFxSTkHRB4Pt95okDoZdtLHqfYCWBBKLgjM0yVv KXg3fo90/8thLvc39KvaeCPGJUpVqX1RUjCVtb/XrQ3SmlDAiVfChdIuwf3Oi8k3 u9GDxAjUFQf4VXQpEogvIiy9GZxNxNbJaAwtPaAoXUw0wCrBOjAMNlLhBJv+OBt3 Rj3TiGOO60A+fUKvsPvPhjv43nNg7uDv0NEh6AjmjH3r6/g5eoGLt7bDM1NVcaVZ 7ipef/8NC9wtfCjqgNqyVNvrhvQZwnbP44VZhVNIlRSaw+i+gq1YHDIb2NEKKN1P MZXM+SnczUYSRv4+1mq1p3HYUMxiYuzzcMrAJyYWmRqlQ2PpkS9v8UG4BzWfJ3D0 OWr/ONilAIavWvtIsAJs =xGgY -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Current key servers
Hi there, haven´t used key servers in recent time and wonder what key servers are recommended currently. I have used pool.sks-keyservers.net, they were said to be okay especially due to the subkeys issues. Any new key servers recommended to use? Thanx Malte ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
GPG Decryption fails for files 1MB
Hello list, We have an issue with one of our users. When he sends encrypted messages larger than ~1 MB, we get these errors: 8218 - PGP decryption error - gpg: encrypted with RSA key, ID CD5AA2E4 gpg: encrypted with 2048-bit RSA key, ID B44D925D, created 2006-03-29 Mehdi Rahman m...@bvdep.com gpg: encrypted with 2048-bit RSA key, ID 4E9BF326, created 2010-03-16 Mehdi Rahman mehdi.rah...@bvdinfo.com gpg: encrypted with 2048-bit ELG-E key, ID 044C8E09, created 2008-04-04 EXDI_STC (EXDI PGP key for STC) exdidata.st...@ecb.int gpg: [don't know]: invalid packet (ctb=27) gpg: [don't know]: invalid packet (ctb=0d) gpg: mdc_packet with invalid encoding gpg: decryption failed: invalid packet gpg: [don't know]: invalid packet (ctb=0a) gpg: block_filter: pending bytes! gpg: no valid OpenPGP data found. This is the output of gpg.exe –version: $ /cygdrive/d/GNU/GnuPG/gpg.exe --version gpg (GnuPG) 1.4.8 Copyright (C) 2007 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: C:/Users/sa_vazqula/AppData/Roaming/gnupg Supported algorithms: Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2 And we run it on a Windows 2008 – 64 Bit VM. Is this a gnupg bug? Best Regards, David Vázquez EDEN Team __ Tel. (+49) 69 1344 7029 Mail. david.vazquez-la...@ecb.europa.eu mailto:david.vazquez-la...@ecb.europa.eu Any e-mail message from the European Central Bank (ECB) is sent in good faith but shall neither be binding nor construed as constituting a commitment by the ECB except where provided for in a written agreement. This e-mail is intended only for the use of the recipient(s) named above. Any unauthorised disclosure, use or dissemination, either in whole or in part, is prohibited. If you have received this e-mail in error, please notify the sender immediately via e-mail and delete this e-mail from your system. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Current key servers
On 04/12/2012 02:38 PM, Malte Gell wrote: Any new key servers recommended to use? No. pool.sks-keyservers.net isn't really very much of a keyserver. It doesn't service your requests itself. Instead, it picks a random known-good keyserver from the global keyserver network and proxies your request there. This way, load is broken up among the entire network. As new keyservers join the global keyserver network, pool.sks-keyservers.net adds them to its own list. So really, that's the only address you need. :) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[new-user] question
hello, I'm trying to understand the principals and benefits of using pgp/gpg I think I understand that I send the part of my key that is public to somebody and they use that key to encrypt a message which only I can decypher. So what if somebody uses my public key to send me a message purporting to come from somebody else ? what is the mechanism to ensure it came from who I think it did ? regards mick ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Current key servers
Robert J. Hansen wrote: On 04/12/2012 02:38 PM, Malte Gell wrote: Any new key servers recommended to use? No. pool.sks-keyservers.net isn't really very much of a keyserver. It doesn't service your requests itself. Instead, it picks a random known-good keyserver from the global keyserver network and proxies your request there. This way, load is broken up among the entire network. As new keyservers join the global keyserver network, pool.sks-keyservers.net adds them to its own list. So really, that's the only address you need. :) It's best to stick with the pool address, otherwise if you select a single server, you'll run into trouble if it's offline or there is a connectivity issue, e.g. last Friday I had new cable and DSL equipment installed, each of my servers was offline while its new CPE was installed. That was a couple hours for the ATT U-Verse DSL link. There are usually anywhere from 80 to 100 servers in the pool. pool.sks-keyservers.net is a random selection of 20 of them. There are also some specialty pools. You may read more about those at http://sks-keyservers.net/overview-of-pools.php pool.sks-keyservers.net is the best choice ;-) -John -- John P. Clizbe Inet: John (a) Gingerbear DAWT net John (@) Enigmail DAWT netor: John (@) Keyservers DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-k...@gingerbear.net?subject=HELP Q:Just how do the residents of Haiku, Hawai'i hold conversations? A:An odd melody / island voices on the winds / surplus of vowels ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [new-user] question
On Thu, Apr 12, 2012 at 11:21:16PM +0100, michael crane wrote: hello, I'm trying to understand the principals and benefits of using pgp/gpg I think I understand that I send the part of my key that is public to somebody and they use that key to encrypt a message which only I can decypher. So what if somebody uses my public key to send me a message purporting to come from somebody else ? what is the mechanism to ensure it came from who I think it did ? The sender can sign the message to verify that it came from him or her. If someone just sends you an unsigned encrypted message, there is no way to verify that I came from who you think it did. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187 signature.asc Description: Digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [new-user] question
On 04/12/2012 06:21 PM, michael crane wrote: what is the mechanism to ensure it came from who I think it did ? Turn it around. The public and the private key are inverses. Each can decrypt what the other one encrypts. When someone encrypts a message with your public key, only your private key can decrypt it. And if you encrypt a message with your private key, then anyone who has your public key can decrypt it. So if I have a copy of your public key, and it decrypts a message successfully... then I know it was encrypted with your private key. And since you're the only one who has your private key, it means I can have confidence the message came from you. Usually this process is called signing a message. This is how signatures work. :) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [new-user] question
Hello michael ! michael crane mick.cr...@gmail.com wrote: I'm trying to understand the principals and benefits of using pgp/gpg I think I understand that I send the part of my key that is public to somebody and they use that key to encrypt a message which only I can decypher. So what if somebody uses my public key to send me a message purporting to come from somebody else ? what is the mechanism to ensure it came from who I think it did ? You are refering to the 2nd part of crypting: signature. Crypting to your key is only to ensure that you'll be the only one to read it, but you are supposed to know what you'll find in the message. Signing is dedicated to the receipient: it allows him to be sure that the message comes from exactly you. -- Laurent Jumet KeyID: 0xCFAF704C ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users