Re: GnuPG and g10 code

[Werner Koch]

On Mon, 15 Dec 2014 13:02, br...@minton.name said:
> Thanks for the good work! Do you get any income from kernel concepts with
> sale of the OpenPGP smart cards? I prefer to buy products from for-profit
> companies, and donate only to charities / nonprofit organizations.

Initially I distributed few hundreds cards myself; however this is a lot
of work given that my business is not setup for distributing small
physical goods.  Thus I asked Petra of kernelconcepts whether they want
to do take care of it.  They do not make a lot of profit from the cards
and thus I do not ask for a share of it.

g10 Code is not a charity but there have been talks on how to set up a
charitable entity to support crypto projects.  I hope that we can
establish this by next spring.  In the meantime you may donate to the
Wau Holland Stiftung  which
is a charity and will use these donation to pay for development work on
GnuPG.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: GnuPG and g10 code

[Dave Pawson]

Hi Werner.
1. I knew nothing about this smart card.
2 Searched on Google. Found http://shop.kernelconcepts.de/product_info.php

from there I see For more information, please visit this products webpage.

Sadly that page is 404
http://www.hidglobal.de/products/readers/omnikeyindex.php?id=20

Where can I read a user view of this product and software please?

regards


On 16 December 2014 at 09:06, Werner Koch  wrote:
> On Mon, 15 Dec 2014 13:02, br...@minton.name said:
>> Thanks for the good work! Do you get any income from kernel concepts with
>> sale of the OpenPGP smart cards? I prefer to buy products from for-profit
>> companies, and donate only to charities / nonprofit organizations.
>
> Initially I distributed few hundreds cards myself; however this is a lot
> of work given that my business is not setup for distributing small
> physical goods.  Thus I asked Petra of kernelconcepts whether they want
> to do take care of it.  They do not make a lot of profit from the cards
> and thus I do not ask for a share of it.
>
> g10 Code is not a charity but there have been talks on how to set up a
> charitable entity to support crypto projects.  I hope that we can
> establish this by next spring.  In the meantime you may donate to the
> Wau Holland Stiftung  which
> is a charity and will use these donation to pay for development work on
> GnuPG.
>
>
> Salam-Shalom,
>
>Werner
>
> --
> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
>
>
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users



-- 
Dave Pawson
XSLT XSL-FO FAQ.
Docbook FAQ.
http://www.dpawson.co.uk

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

OpenPGP card (Was Re: GnuPG and g10 code)

[MFPA]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512



On Tuesday 16 December 2014 at 10:11:32 AM, in
,
Dave Pawson wrote:


> Hi Werner. 1. I knew nothing about this smart card. 2
> Searched on Google. Found
> http://shop.kernelconcepts.de/product_info.php

> from there I see For more information, please visit
> this products webpage.

> Sadly that page is 404

Try .


- --
Best regards

MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net

People who throw kisses are hopelessly lazy.
-BEGIN PGP SIGNATURE-

iQF8BAEBCgBmBQJUkBgKXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw
MDAwMDAwMDAwMDAwMDAwAAoJEGt8dM6zHyXwdKsH/A2D5cyADfszK5n5c0LRhI/q
EYpWNp8x/6nI9A9Gb0zVteQxRs+/hDu01YjL9Tw7LLY5nCvLxQ8hdoYTzu9a/i5h
grQZT+pQ5P73FrVnSQt9wcVs47ZJgPU4n70OKH8EHiSNu/+6Xg41yocTYAPjXH8e
x+7nif264ZhV4UDtr/gjEBpzns6YDb6mtdu1zloqgMPMJ3V8A9oKZrnJeaz+6jvH
bRP+fLYL8Bx17MxwLo6FJpTHUto3aTmVr3/ioBmZyUQ5r95864xeHIuWYsDybUN4
Nq41HUeY+zJGybs3m2y+NJJm04kBcQe2GAZvEOY3T+W+518qNDz6701YJ93V0A6I
vgQBFgoAZgUCVJAYGV8UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw
MDAwMDAwMDAwMDAwMAAKCRAXErxGGvd45C+mAQC+QN5UjPf7y5K70zoAKCDrf/pD
Yuc7Ux71F4SGLySSAwEAoDFzKR9nwiDBni9wS3K+PytXv3/gtMnW8xIp7ZgxRQw=
=dDPJ
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: OpenPGP card (Was Re: GnuPG and g10 code)

[Dave Pawson]

On 16 December 2014 at 11:31, MFPA
<2014-667rhzu3dc-lists-gro...@riseup.net> wrote:

>> from there I see For more information, please visit
>> this products webpage.
>
>> Sadly that page is 404
>
> Try .

Which links on to the GNU pgp page?

all written by techies, for techies?

Nothing to explain what it's all about, how it might be used,
why it is useful etc?

IMHO that class of  information would help to raise interest.
My first question was, can I install a reader and use 'my' card
to log on to my computer? No idea.
Next? What else can I use a card/card reader for? Not answered.

regards



-- 
Dave Pawson
XSLT XSL-FO FAQ.
Docbook FAQ.
http://www.dpawson.co.uk

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: GnuPG and g10 code

[Werner Koch]

On Tue, 16 Dec 2014 11:11, dave.paw...@gmail.com said:

> 1. I knew nothing about this smart card.
> 2 Searched on Google. Found http://shop.kernelconcepts.de/product_info.php

What about:

  https://en.wikipedia.org/wiki/OpenPGP_card

and the second section of 

  https://gnupg.org/documentation/howtos.html



Shalom-Salam,

   Werner


-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: card is permanently locked!

[Werner Koch]

Hi, 

while testing the forthcoming 2.1 cards (only minor changes) I found out
that the old instructions on how to reset the card didn't worked always.

The corrected script is

--8<---cut here---start->8---
   scd reset
   scd serialno undefined
   scd apdu 00 A4 04 00 06 D2 76 00 01 24 01
   scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
   scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
   scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
   scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
   scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
   scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
   scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
   scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
   scd apdu 00 e6 00 00
   scd reset
   scd serialno undefined
   scd apdu 00 A4 04 00 06 D2 76 00 01 24 01
   scd apdu 00 44 00 00
   /echo Card has been reset to factory defaults
   /bye
--8<---cut here---end--->8---

Put this into a file, say, "resetcard.scd" and run

  gpg-connect-agent --hex --run resetcard.scd

This should reset all cards unless you are using the secure-messaging
feature, which is not used by GnuPG.

GnuPG 2.1.1 will have a "factory-reset" command for the --edit-card
menu.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: GnuPG and g10 code

[Dave Pawson]

On 16 December 2014 at 12:16, Werner Koch  wrote:
> On Tue, 16 Dec 2014 11:11, dave.paw...@gmail.com said:
>
>> 1. I knew nothing about this smart card.
>> 2 Searched on Google. Found http://shop.kernelconcepts.de/product_info.php
>
> What about:
>
>   https://en.wikipedia.org/wiki/OpenPGP_card

(IMHO) pure geekery copied from one of the other pages?


>
> and the second section of
>
>   https://gnupg.org/documentation/howtos.html

https://gnupg.org/howtos/card-howto/en/smartcard-howto-single.html#id2456468

Note how quickly it gets into using GPG? Then into software installation?
Missing, the layer above this, the marketing 'spiel'.

OK, it could be me (I don't think it is).

Simple question, WTF is thing all about? I have lots of credit cards
(are they smart? No idea).
I know what to do with them. I think this thing is different, so my
first question is what is it for?
Why should I be interested, what can it do (especially as it
costs?80 Euro with reader?)

As if you are talking to your little sister (big sister, anyone one
non-geek :-) tell me (us)
what it offers?

I'll shut up now 

regards




>
>
>
> Shalom-Salam,
>
>Werner
>
>
> --
> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
>



-- 
Dave Pawson
XSLT XSL-FO FAQ.
Docbook FAQ.
http://www.dpawson.co.uk

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

[Announce] GnuPG 2.1.1 released

[Werner Koch]

Hello!

The GnuPG Project is pleased to announce the availability of the
second release of GnuPG modern: Version 2.1.1.

The GNU Privacy Guard (GnuPG) is a complete and free implementation of
the OpenPGP standard as defined by RFC-4880 and better known as PGP.

GnuPG, also known as GPG, allows to encrypt and sign data and
communication, features a versatile key management system as well as
access modules for public key directories.  GnuPG itself is a command
line tool with features for easy integration with other applications.
A wealth of frontend applications and libraries making use of GnuPG
are available.  Since version 2 GnuPG provides support for S/MIME and
Secure Shell in addition to OpenPGP.

GnuPG is Free Software (meaning that it respects your freedom). It can
be freely used, modified and distributed under the terms of the GNU
General Public License.

Three different versions of GnuPG are actively maintained:

- GnuPG "modern" (2.1) is the latest development with a lot of new
  features.  This announcement is about the first release of this
  version.

- GnuPG "stable" (2.0) is the current stable version for general use.
  This is what most users are currently using.

- GnuPG "classic" (1.4) is the old standalone version which is most
  suitable for older or embedded platforms.

You may not install "modern" (2.1) and "stable" (2.0) at the same
time.  However, it is possible to install "classic" (1.4) along with
any of the other versions.


What's New in GnuPG-2.1
===

 * gpg: Detect faulty use of --verify on detached signatures.

 * gpg: New import option "keep-ownertrust".

 * gpg: New sub-command "factory-reset" for --card-edit.

 * gpg: A stub key for smartcards is now created by --card-status.

 * gpg: Fixed regression in --refresh-keys.

 * gpg: Fixed regresion in %g and %p codes for --sig-notation.

 * gpg: Fixed best matching hash algo detection for ECDSA and EdDSA.

 * gpg: Improved perceived speed of secret key listisngs.

 * gpg: Print number of skipped PGP-2 keys on import.

 * gpg: Removed the option aliases --throw-keyid and --notation-data;
   use --throw-keyids and --set-notation instead.

 * gpg: New import option "keep-ownertrust".

 * gpg: Skip too large keys during import.

 * gpg,gpgsm: New option --no-autostart to avoid starting gpg-agent or
   dirmngr.

 * gpg-agent: New option --extra-socket to provide a restricted
   command set for use with remote clients.

 * gpgconf --kill does not anymore start a service only to kill it.

 * gpg-pconnect-agent: Add convenience option --uiserver.

 * Fixed keyserver access for Windows.

 * Fixed build problems on Mac OS X

 * The Windows installer does now install development files

 * More translations (but most of them are not complete).

 * To support remotely mounted home directories, the IPC sockets may
   now be redirected.  This feature requires Libassuan 2.2.0.

 * Improved portability and the usual bunch of bug fixes.

A detailed description of the changes found in 2.1 can be found at
https://gnupg.org/faq/whats-new-in-2.1.html .


Getting the Software


Please follow the instructions found at https://gnupg.org/download/ or
read on:

GnuPG 2.1.1 may be downloaded from one of the GnuPG mirror sites or
direct from its primary FTP server.  The list of mirrors can be found
at https://gnupg.org/mirrors.html .  Note that GnuPG is not available
at ftp.gnu.org.

On ftp.gnupg.org you find these files:

 ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.1.1.tar.bz2  (4689k)
 ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.1.1.tar.bz2.sig

This is the GnuPG 2.1 source code compressed using BZIP2 and its
OpenPGP signature.

 ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.1_20141216.exe  (6364k)
 ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.1_20141216.exe.sig

This is an *experimental* installer for Windows including GPA as
graphical key manager and GpgEX as an Explorer extension.  Please
de-install an already installed Gpg4win version before trying this
installer.  This binary version has not been tested very well, thus it
is likely that you will run into problems.  The complete source code
for the software included in this installer is in the same directory
with ".exe" replaced by ".tar.xz".

This version fixes a lot of bugs found after the release of 2.1.0 but
there are still known bugs which we are working on.  Please check the
mailing list archives and https://wiki.gnupg.org for known problems
and workaround.


Checking the Integrity
==

In order to check that the version of GnuPG which you are going to
install is an original and unmodified one, you can do it in one of
the following ways:

 * If you already have a version of GnuPG installed, you can simply
   verify the supplied signature.  For example to verify the signature
   of the file gnupg-2.1.1.tar.bz2 you would use this command:

 gpg --verify gnupg-2.1.1.tar.bz2.sig gnupg-2.1.1.tar.bz2

   This checks whether the signature fi

Re: GnuPG and g10 code

[Peter Lebbing]

On 16/12/14 13:26, Dave Pawson wrote:
>> What about:
>>
>>   https://en.wikipedia.org/wiki/OpenPGP_card
> 
> (IMHO) pure geekery copied from one of the other pages?

Hmmm, that article seems lacking. If you would have asked nicely, I might have
bothered to improve it. Now, I don't feel inclined to do it. I'll get around to
it one day.

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users