Re: Update existing key to ECC?

2014-11-22 Thread MFPA 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi


On Saturday 22 November 2014 at 3:01:02 PM, in
, Hauke Laging wrote:


> You can change the subkeys (encryption, signing) easily
> but not the  mainkey (the one the fingerprint refers
> to). But hardly any GnuPG out  there can use ECC now.

Newly-added ECC signing and encryption subkeys would be used in
preference by GnuPG 2.1; older GnuPG versions would ignore them and
use the older subkeys. And you can configure GnuPG 2.1 to sign with
both signing subkeys (or just the older subkey, but then what's the
point of the newer one?), so that contacts using older versions would
be able to verify your signatures.

- --
Best regards

MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net

After all is said and done, a lot more will be said than done.
-BEGIN PGP SIGNATURE-

iPQEAQEKAF4FAlRxCt1XFIAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl
bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0
N0VDQTAzAAoJEKipC46tDG5pJsAD/ipid5eAcb1TEZCSmglkar11Hnp0s07WQVqI
7T9aUx/ypohX4sVi9tgt9PulXcOwESiXE7bP/RbN1yiFuaU2VjUGt+Y/88LNLXk/
F5uw3RSWCay54TyJYAQ4zw2GBKwjakx6sBmjU9OhzIHmWOKKOPakoifNRIUkv2bj
/ry+rRyKiQF8BAEBCgBmBQJUcQrdXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRp
b25zLm9wZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZB
NUEwRjU2QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXw1+IIAIFtqax3nSRRRPMq
L2Pv/iK0G0E3kH+Ce8rAiqjqqImRHmjcqOyD2WnbCNiLP5T6V67ulOlARcH81e+j
GF0hoMC3CRZQlOS5QFR3hFHbjkHnibdOdWrDHlECND1a1dJHKzEcvnpnSIk5GU2R
JhW3B9OwwVOvwLVeuAtgaD2vKcgsnA0Y1C/nTHCi7OCfKBGXZUZTDVr/DFRUQg+2
Z6p2lYzCmGILCFCdzMC+kXURrp7zgTsYRJBdvVbrcXlOHvMvupPfv/yMNdjSfKQS
v/8lwevW+icGkNIH0lE15QlO05S7FLXpLXA9QD3fr2fbr8IHWSutJH+y4tlXOrvl
LCUb5xM=
=Yphr
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Encryption on Mailing lists sensless?

2014-11-22 Thread MFPA 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi


On Thursday 20 November 2014 at 9:54:50 PM, in
, Ingo Klöcker
wrote:


> KMail encrypts an individual copy for each BCC
> recipient. I thought  Thunderbird+Enigmail would also
> do this.

I don't know how Thunderbird+Enigmail handles this.

The app I was thinking of encrypted an individual copy for each
recipient, be they a To, a CC or a BCC.



> Any mail client not doing this completely subverts BCC
> (unless --throw-keyids or --hidden-recipient is used,

I agree.



- --
Best regards

MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net

Vegetarian: Indian word for lousy hunter!!!
-BEGIN PGP SIGNATURE-

iPQEAQEKAF4FAlRxBGNXFIAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl
bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0
N0VDQTAzAAoJEKipC46tDG5p+H8EALMXRIHCXcNfC7TE05b5R0hgMRgkMkjTkXEH
eCsgvs0SAL2ai4JKraDIw28rEhLtXjLrZftcjns9y2IrIlTmJgI6S3uiar3G8srX
Eo6KbkPjD/kAzRzCbYoaW2DWV1PfLuqUeYtDxYeOM/V5ejo2U0HfblzfXQ+1KrIL
CVAFYajEiQF8BAEBCgBmBQJUcQRjXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRp
b25zLm9wZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZB
NUEwRjU2QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwR5wH/0cNDfTmWZCf4hG3
ITs9jrQtTvAoNmqVCJDjkmdKTK0G0vY3bkw20uzkDVik1ju1O2c6irnmLlMbHrut
7efkeIfbchxhRGGZkZXM8UhTK2NE+G47o82UrdSeGuJwKxfLYFXyPlgZzzYj4GAl
sz9VbErXqrCvyI0W8yl3bid8+zH1Mg2XEbbfJZh+j0xBa5A/0r/MTKkqUWSZYNYJ
zcC9UJoxtx4f8HYeQP3Ixl2McRf8tOW2xuXFh2Idj79hH+uS1KRIfjMuOQpf6jO2
TSeEwXgTa8uXLrK4HGC1oMkKRrx9yKwpG1S9QhX0Jo+g8uN6gvPTJBfeJrH6gOM0
FiyR90I=
=lwpN
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Encryption on Mailing lists sensless?

2014-11-22 Thread MFPA 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi


On Wednesday 19 November 2014 at 7:50:32 PM, in
,
michaelquig...@theway.org wrote:




> Which of course would not be possible if the public
> mailing list was all encrypted.

Unless the search engine subscribed to the encrypted list and produced
search results in the clear.

- --
Best regards

MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net

However beautiful the strategy, you should occasionally look at the results.
-BEGIN PGP SIGNATURE-

iPQEAQEKAF4FAlRw/TtXFIAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl
bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0
N0VDQTAzAAoJEKipC46tDG5p7DQEAIKc0KX9GOiNA8Hu/Vp0AT2zHOjVHWKecRbP
uZWkhsY1m73aZJGgy54HdFhzslGwoZiePwlUxSmRSZsSId78XsXVjlNUZshadyMT
uJZvo1IJw3rpqmzCt05bzD2G3BinxvIBwaf/HnOpgMvZK/ga7irq2aNdix3Mxm1K
IslEsxbMiQF8BAEBCgBmBQJUcP07XxSAAC4AKGlzc3Vlci1mcHJAbm90YXRp
b25zLm9wZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZB
NUEwRjU2QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwd+wH/2ztQ9fvkVV9Ztkn
tJmRJD+ELQCMn3z+M/Yhr62wzQbTkH3bFiczD6DwLQknhr21wS01CWT5Fh6uD97K
vjWFfxs+PzVlBgdjIsQHo2kDMg5wnPyAdUBjWPa5RufhsOFbJMSKr4edZAzNe5bC
GHvMA5de2mfHjPrjM5hm7LagRZzvCl5FLjsf3T6Cez0r+5m/kZY4AaRTk8FS8Mty
u7PP/q8eTJEwzhgRq4aWUah+34rDKdn397v4vg5aPhS7FYVBMIU/mmsmJOsl37XC
+k9x80dOnyEmAK4C2RnarBcLqFreboz4P8FmKuFDQlt4edGYOpaREFu+ClYoe4LE
7z9pKuQ=
=qcVd
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Error message "Ohhhh jeeee: ... this is a bug"

2014-11-22 Thread MFPA 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi


On Wednesday 19 November 2014 at 5:07:37 PM, in
, Hugo Hinterberger
wrote:


> I just tried to verify your message, but failed at
> importing your key. GPG tellst me that the key packet
> is of an obsolete version 3. Do you have the key in a
> newer format? Is it possible to import the old key
> somehow?

My key 0xA8A90B8EAD0C6E69 is an obsolete version 3 key and cannot be
imported into GnuPG 2.1.

That key will still work with GnuPG 1.4.x or 2.0.x.

I do not have the key in a newer format, and have not yet investigated
whether there is any useful way to achieve this. I understand it is
possible to convert the same key material from an OpenPGP key to an
X509 certificate and vice versa, so I presume it's technically
possible to convert a v3 key to a v4 key. But I am not optimistic that
such a converted key could be used to check signatures made by, or
decrypt data encrypted to, the original v3 key.


- --
Best regards

MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net

You're only young once; you can be immature forever
-BEGIN PGP SIGNATURE-

iPQEAQEKAF4FAlRw7jVXFIAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl
bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0
N0VDQTAzAAoJEKipC46tDG5pUlUEAIQoYxQn0jCWrcATAPM9My8hKlxChfdqd6Z/
Y5ah+e11ErFgkCT3zshYn9PA3BgPGLAPJpwcgf84ry5zu1j4iPt1+Y/Bie7Cxe5L
8UXmfTeJmdSE+yXw7RtTtPEaR9dC7DpIkb9TsVlt+Gj8oe2NZldkNBKjnrPZM6Yp
tGmroax7iQF8BAEBCgBmBQJUcO41XxSAAC4AKGlzc3Vlci1mcHJAbm90YXRp
b25zLm9wZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZB
NUEwRjU2QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwoYkH/jHKV2CDnvsbaiEx
xI5lpn38xh0OHYJ1rjH+wbYKUW6KzqMNIs18Mv+JujGJszmk1NLcqDdmD9GR8sPk
46UIEsY18afrh3G1jE4pNk7zjlqGoabAPyXn+idSt3G7Rv8Efj3bRrXfOAGlRV1a
j6UkSlZX5jCBAsWoBnlR1l4MRX2mYW1amzWVJddZvEaeDwEBu8NPJZGfxWiDCiQ7
bLdeo4XRSMTUswURaDQxdCS1Wj/67LVWY1RKWEuUiawnqrC8vQ55Rg0qW4fXNKet
MzeVjdG/4ZLNV19AVxosWVnpk4vr9Zu7sSsO+YiuNhqcs7hyPk/1e8GCJg9/7jPy
K4RnbR4=
=SPly
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Update existing key to ECC?

2014-11-22 Thread Hauke Laging 
Am Fr 21.11.2014, 20:17:38 schrieb Patrick Schleizer:

> is it possible to update an existing (RSA) gpg key to ECC?
> 
> Or would a usual transition process be required?

You can change the subkeys (encryption, signing) easily but not the 
mainkey (the one the fingerprint refers to). But hardly any GnuPG out 
there can use ECC now.


Hauke
-- 
Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/
http://userbase.kde.org/Concepts/OpenPGP_Help_Spread
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Update existing key to ECC?

2014-11-22 Thread Patrick Schleizer 
Hi,

is it possible to update an existing (RSA) gpg key to ECC?

Or would a usual transition process be required?

Cheers,
Patrick

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Symmetrical encryption or ...

2014-11-22 Thread Jason Antony 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On 2014-11-22 20:23, Dave Pawson wrote:

> Not found for Fedora.

It can be done for Fedora. You'll need to download the portable
version of Keepass2 from the official website, and install the Mono
runtimes and xdotool.

After extracting the keepass2 archive, cd to the directory, then run:

mono KeePass.exe

Instructions found here:

https://cloudplasma.co.uk/2014/01/keepass-2-fedora-20/

Regards,

Jason
-BEGIN PGP SIGNATURE-

iQIcBAEBCgAGBQJUcGEfAAoJED1Q2DsLuMaGVO0QALaTvt2zP9SC2yZ+uqhbm/ko
JYfjvxRVjT3FLEfA2sZ4NAVTHS/wO0qSW8F+jSjRyybW85A8mDJHgF0LSVcRzvcr
qYYys1J8IohcfkBMfSXNUyfEvG2Dl2qoeryvKg1Ar1iDG8G1SAcHMoPgHdrgWCAb
RmhdBR0QCMOEBbS+c/YKLowIcCvC/XRmvMEYBPStHHs1Lm6arbsysP4DpN3KSbZK
kEjDSqbp7P0B7ghpkX1I0XNILt9GJ6CQaq0TB1riKrIaEPzl9VY8cLk7VgWGFboc
A8AATZXMdp4+veijRtvYv8dwzb0Tsl5Kt2Q/JtoXTjMfy1lZTW3nCxromi2WJP0Z
peZb5Ii7Mkw5p3HNLzzllM/fDSI3qNerdpp9oIyY7XG69ctrqz40u0hBpDa+RLXW
ojKDu2h54npFXDF2r5006VZ4JEDuZwUH1ojqbhq6J/Luet8M4tpkg4hc38Gad9ay
LEwpwNm5oAhWyt9JTOusYwtZUXQqF4iCr1SXllmkHBXUtLwXXwr82Ar+c9pOxMix
EYyRhWGVVdtYSQQmdb3S6jpFjdhmOMLTWjIjU8xNM0TjhIiZ8AidFfsS0CWnXbAw
wG0SCN/Q+c4icQiD5Mriwo2/KxGawj1aOdSKhLd9NBDLM7X86sZS3jy5QMnQNwBl
7Z7BhCsNupM82yyytby5
=n+6a
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Symmetrical encryption or ...

2014-11-22 Thread Peter Lebbing 
On 22/11/14 11:11, Peter Lebbing wrote:
> If I look at the KeePass website, specifically at [1], I see:

Whoops!

[1] http://keepass.info/help/v2/setup.html#mono

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Symmetrical encryption or ...

2014-11-22 Thread Peter Lebbing 
On 22/11/14 10:23, Dave Pawson wrote:
> https://launchpad.net/ubuntu/+source/keepass2
> 
> Looks like Ubuntu only?
> 
> Not found for Fedora.

If I look at the KeePass website, specifically at [1], I see:

 8< -- >8 
In addition to Windows, KeePass 2.x runs fine under Mono, i.e. Linux, Mac OS
X, BSD, etc.

Links to all supported packages can be found on the KeePass downloads page:
http://keepass.info/download.html.

Debian/Ubuntu Linux:
Install the keepass2 / KeePass 2.x for Debian/Ubuntu Linux package (e.g.
using APT). A link to a page with more information about this package can be
found on the downloads page.

Fedora Linux:
Install the keepass package (from the Fedora repository; link on the
downloads page).
[...]

 8< -- >8 

So it would appear that Fedora calls the package "keepass" rather than
"keepass2", but it is available (and is actually version 2.x).

I use KeePass 2 myself and like it. I only use Linux though.

By the way, regarding your first post: while symmetric mode is pretty much
invented for your use case, you can also encrypt to your own public key. It
would be overkill if that is all you have the private key installed for. But
if you have the private key installed anyway and use it for other stuff, and
have gpg-agent cache your passphrase, it would mean you wouldn't have to type
the passphrase every time.

I can think of a special case where it gets even better in my eyes: if you
have a smartcard. You only have to type a relatively short PIN instead of a
strong passphrase. Then again, I type my KeePass 2 strong passphrase often
enough, and it's not bothersome. Maybe I just like smartcards :). Yep, that's 
it.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Symmetrical encryption or ...

2014-11-22 Thread Dave Pawson 
https://launchpad.net/ubuntu/+source/keepass2

Looks like Ubuntu only?

Not found for Fedora.

I'll stick with symmetric for now.

Thanks Jason

On 22 November 2014 08:47, Jason Antony  wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On 2014-11-22 18:54, Dave Pawson wrote:
>
>> I installed keepassx. Not much use to me. 1. Illegible with my
>> eyesight (reported to them) 2. Insufficient fields (seems to be non
>> expandable).
>
> Try Keepass2 (official). It worked fine for me when I last used Linux,
> and requires the Mono runtime. Fonts are adjustable, and the auto-type
> (requires the xdotool package for Linux) will fulfil the wishes you
> had stated earlier.
>
> All the best,
>
> Jason
> -BEGIN PGP SIGNATURE-
>
> iQIcBAEBCgAGBQJUcE22AAoJED1Q2DsLuMaGC9oQAIRgnf0bZ5/m1ZADwkLMe9GV
> 6pytc9ThExmRFUYNstHOdl7UHY+dgXzIvhszcyZsSDAMLG2zHrdIuWEoud429qol
> 6Mu7Xp44wQfmlqMCPi7zX69YgnZo2E/I5Wwi10hPhcy80UGprkilMbHl9DrR6m5q
> 40nFas6FQG6dOG6OHZPizUc7JI6/bdJhH0NxLoBnSynoqvsnEQvpDnufzXqQZRUa
> GYV5n0pO3OUPTXSWxtJKWVWdNdUQGe+16pyPPdrc+7WLJkFGQ42ZxxxQYTTskt+M
> IFnJu8QnQ31vn0ydpia7cagOYvYohPfkai84rFHNEioeKY5JUsS3N3u9l4j0NM5Q
> 6howXRnxINfKZ3u0XrEEvXBiZy6jBFwfeofqrGGLveP2HuaLxRDhjpmhJqdad4VK
> Ccc/4B0CYFNMi4sYctKGEd83MYQdDNu4+4XJWbgVrddsxQXbrks6GBwv7q7aSoif
> SUCasJwZHK9xa2OWoSUixlkmZ9TwviixphbagvulABmaW0JIAux9o7CwnxfvRf2r
> SLm5mXQIY3L9f3iX/gqwXiBjrMNk4mOKutAJel2DcKWDa+3kh6mlWHMKxD9uYi6c
> E3Hvg26XI2fe+cjJ87nyMGrxGdK/8BEHJKAs02tCK7af3plCcqd+nUhpP8cspM2A
> u3pLdGRT4dMI4NdiNSM6
> =VeTD
> -END PGP SIGNATURE-
>
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users



-- 
Dave Pawson
XSLT XSL-FO FAQ.
Docbook FAQ.
http://www.dpawson.co.uk

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Symmetrical encryption or ...

2014-11-22 Thread Jason Antony 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On 2014-11-22 18:54, Dave Pawson wrote:

> I installed keepassx. Not much use to me. 1. Illegible with my
> eyesight (reported to them) 2. Insufficient fields (seems to be non
> expandable).

Try Keepass2 (official). It worked fine for me when I last used Linux,
and requires the Mono runtime. Fonts are adjustable, and the auto-type
(requires the xdotool package for Linux) will fulfil the wishes you
had stated earlier.

All the best,

Jason
-BEGIN PGP SIGNATURE-

iQIcBAEBCgAGBQJUcE22AAoJED1Q2DsLuMaGC9oQAIRgnf0bZ5/m1ZADwkLMe9GV
6pytc9ThExmRFUYNstHOdl7UHY+dgXzIvhszcyZsSDAMLG2zHrdIuWEoud429qol
6Mu7Xp44wQfmlqMCPi7zX69YgnZo2E/I5Wwi10hPhcy80UGprkilMbHl9DrR6m5q
40nFas6FQG6dOG6OHZPizUc7JI6/bdJhH0NxLoBnSynoqvsnEQvpDnufzXqQZRUa
GYV5n0pO3OUPTXSWxtJKWVWdNdUQGe+16pyPPdrc+7WLJkFGQ42ZxxxQYTTskt+M
IFnJu8QnQ31vn0ydpia7cagOYvYohPfkai84rFHNEioeKY5JUsS3N3u9l4j0NM5Q
6howXRnxINfKZ3u0XrEEvXBiZy6jBFwfeofqrGGLveP2HuaLxRDhjpmhJqdad4VK
Ccc/4B0CYFNMi4sYctKGEd83MYQdDNu4+4XJWbgVrddsxQXbrks6GBwv7q7aSoif
SUCasJwZHK9xa2OWoSUixlkmZ9TwviixphbagvulABmaW0JIAux9o7CwnxfvRf2r
SLm5mXQIY3L9f3iX/gqwXiBjrMNk4mOKutAJel2DcKWDa+3kh6mlWHMKxD9uYi6c
E3Hvg26XI2fe+cjJ87nyMGrxGdK/8BEHJKAs02tCK7af3plCcqd+nUhpP8cspM2A
u3pLdGRT4dMI4NdiNSM6
=VeTD
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users