Re: Some broken links on the openpgp website
On Fri, 16 May 2014 17:34, a...@riseup.net said: * Links for list pages are broken in https://lists.gnupg.org/: there's a port (8002) in the urls which if you remove will take you to the correct pages. These links are ok in https://www.gnupg.org/documentation/mailing-lists.html Boa weirdness: Boa sends a redirect if the URL does not end in a slash. lists.gnupg.org runs Boa on port 8002 behind the pound proxy. Fixed by changing the links; need to implement a better solution, though. * Also, the links to portuguese and japanese gnupg pages are broken in https://www.gnupg.org/documentation/sites.html. Pt seems to not exist anymore, and Jp might be going through some configuration hard times. Noted. Thanks. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gnupg smartcard on boot for LUKS on sid debian howto ?
Hello Peter, First good news, as I tell you during initramfs generation, I see no trace for /etc/key/cryptkey.gpg, but this file is obligatory OK because passphrase works on boot (with gpg.conf in /etc/keys) (may be it it's because my test is for /data/test encrypted FS and not /) But I've always : gpg: pcsc_etablish_context failed: no service (0x8010001d) gpg: card reader not evailable may be it's problem on boot with 60-gnupg.rules file ? This file works fine after boot because smartcard redaer works fine. Best Regards ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gnupg smartcard on boot for LUKS on sid debian howto ?
Hello, First good news, as I tell you during initramfs generation, I see no trace for /etc/key/cryptkey.gpg, but this file is obligatory OK because passphrase works on boot (with gpg.conf in /etc/keys) (may be it it's because my test is for /data/test encrypted FS and not /) Indeed you will only get the messages when it's the root drive you want to unlock. I haven't tested other configurations. I think it ought to work for other volumes that are unlocked on boot. But I've always : gpg: pcsc_etablish_context failed: no service (0x8010001d) gpg: card reader not evailable may be it's problem on boot with 60-gnupg.rules file ? This file works fine after boot because smartcard redaer works fine. Is your card reader supported by GnuPG's internal CCID driver or do you need pcscd for the smartcard to work? Related question: Is pcscd usually running? As I said, your smartcard reader really needs to be supported by GnuPG's internal driver, it will not work if pcscd is needed. The messages seem to indicate that pcscd is needed. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gnupg smartcard on boot for LUKS on sid debian howto ?
Hello Peter - Mail original - De: Peter Lebbing pe...@digitalbrains.com À: tux tsndcb tux.tsn...@free.fr Cc: gnupg-users@gnupg.org Envoyé: Lundi 19 Mai 2014 20:01:38 Objet: Re: gnupg smartcard on boot for LUKS on sid debian howto ? But I've always : gpg: pcsc_etablish_context failed: no service (0x8010001d) gpg: card reader not evailable may be it's problem on boot with 60-gnupg.rules file ? This file works fine after boot because smartcard redaer works fine. Is your card reader supported by GnuPG's internal CCID driver or do you need pcscd for the smartcard to work? Related question: Is pcscd usually running? As I said, your smartcard reader really needs to be supported by GnuPG's internal driver, it will not work if pcscd is needed. The messages seem to indicate that pcscd is needed. Yes of course, it's for that than I'm very surprise to see pcsc invocated, my smartcard reader is a Vega Alpha supported by gnupg internal drivers, on my debians I don't install pcscd and libccid because it is not necessary, works fine with PINPAD only with gnupg internal drivers with this smartcard reader It's officially confirmed at this link : http://wiki.gnupg.org/CardReader/PinpadInput?highlight=%28vega%29 On debian (jessie and sid) I can sign, encrypt use ssh support and poldi with this reader and my smartcard and use PINPAD fully supported. Best Regards ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GPG's vulnerability to quantum cryptography
On 05/13/2014 04:03 PM, David Q. wrote: For this reason, what I do today is share long keys with people I know *in person*. We then use regular AES-256 to encrypt/decrypt our messages back and forth. Every 6 months we meet in person to renew our keys. You are right, but, in my opinion, for the wrong reasons. I agree with the poster above who is quite skeptical about the quantum computing. I do however believe that factoring a product of two large prime numbers might either be the subject of a sudden mathematical breakthrough, or that the solution is already known to my adversaries but this fact has been kept secret. While this view might be somewhat extreme, it is much more realistic than doubt in the security of any modern, well researched symmetric block cipher. Public key cryptography has it's place, but anybody that is in a position to exchange via a secure method a symmetric crypto key, is well advised to avoid public key cryptography. After all, GPG is nothing but a method to exchange a symmetric key for those that lack the opportunity to do so via an alternative, more secure method. Looking at the crypto primitives as the links in a chain that breaks when the weakest link breaks, asymmetric/symmetric hybrids (such as GPG) have three links: public key algorithm, random number generator and private key algorithm. In contrast, symmetric key only systems avoids first two of those potentially weak links altogether. dekgado ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GPG's vulnerability to quantum cryptography
I do however believe that factoring a product of two large prime numbers might either be the subject of a sudden mathematical breakthrough, or that the solution is already known to my adversaries but this fact has been kept secret. tl;dr summary of the rest of this email -- don't focus on factorization, and be careful of thinking about a post-RSA future. I can't comment on this (for the most pedestrian of reasons: I can't predict the future, and if anyone currently knows how to do it they sure haven't told me), but a little commentary might be appropriate: 1. We would like integer factorization to belong to complexity class NP-Complete, but there are good reasons to think it's not. If its NP-Completeness could be proven, then so much of mathematics would be transformed that I'm not sure continued confidence in *anything* involving computers would be warranted. 2. If someone could prove IFP was in P, that would be ... breathtaking, to say the least. Same thing: if it could be proven, that would be such a seismic shift -- and would foment such revolutions in mathematics -- as to jeopardize confidence for years until the repercussions of it were fully understood. 3. If IFP is NP-intermediate, as it's currently conjectured to be, then nothing short of quantum computation will endanger it. 4. But RSA is not the same as the IFP, and Dan Boneh has written a great paper showing that it may be possible to break RSA without needing to factor anything. We don't know how to do it, we don't even have *hints* about how to do it, just a good paper from Dan Boneh showing that it may in fact be possible to do it. But this, too, would be such a breakthrough as to jeopardize confidence, etc., etc. 5. If and when RSA gets broken, all bets are off. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
