Re: [Announce] GnuPG 2.1.10 released

[MFPA]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi


On Friday 4 December 2015 at 1:06:49 PM, in
, Werner Koch wrote:



>  * gpg: New trust models "tofu" and "tofu+pgp".

>  * gpg: New command --tofu-policy.  New options
>  --tofu-default-policy   and --tofu-db-format.

Should these be available in the Windows version? I get:-

gpg: unknown trust model 'tofu+pgp'
gpg: unknown TOFU policy 'ask'



- --
Best regards

MFPA  

Change is inevitable except from a vending machine
-BEGIN PGP SIGNATURE-

iL4EARYKAGYFAlZkzXhfFIAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl
bnBncC5maWZ0aGhvcnNlbWFuLm5ldDMzQUNFRDRFRTkxMzRFRUJERTZBODUwNjE3
MTJCQzQ2MUFGNzc4RTQACgkQFxK8Rhr3eOShOgD+PS7gpG9jvlZZ+H614lQssEnU
5J21RGZTUFacn6p8SIoBAKQ644pI8D6al175S6TeCyC6bKvDbJbN1oM5gu466KYD
iQF8BAEBCgBmBQJWZM1/XxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2
QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwLjEH+wbJELVCp1tv5KYZaM7w3rzv
BrrTTDzEaz8vIE2ig0+Jc64h1eTQb9Mqvi3nMgfmbCdBJ1IAES0yOdcBDwFUZMu1
l4vkjUaP5qFWIOi+eHCwetFwf98G2NRsJ4AH/tj9mW8a6Z/7ajqb7wlYmHLGp40e
h5qsSVQnhpxh9UaftQYClcY+mXkIlfuF7iMrxO/U4KO0I39zdzUchAxDphA8ExVX
zVgSJ9O/KY0blOtoGFTT+0hrZ97wxlCYcQhwl1V7Lt2olH8jPGHJ0EsfC70EDBlq
hIQcLfGH3QmxxfH81AHW0p3Ce5Yu2nGByRULaAUUnZPw4D2WW933dVY5f23QUkM=
=5blg
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

GPA - unsupported certificate

[Dark Penguin]

I wanted to report a few bugs in GPA that I've been getting on Debian 
Squeeze, but I thought I should check if they still exist in the latest 
version. So, I've installed Debian Jessie and got the latest release 
(0.9.9) to see if there was any improvement since few years ago.


So, I start "gpa". The first thing I see is the Key Manager window and 
an invitation to create a new key. On top of it, an error message 
("Unsupported certificate") pops up immediately; on top of this message, 
"GnuPG is rebuilding the trust database", which "might take a few 
seconds", but takes forever.


I tried to wait, but in the end I just had to close the "trust database" 
popup and the "Unsupported certificate" error message. then I proceeded 
with generating a new key, and made sure all those old bugs are still 
there. And what's more, every time I open the Key Manager window, the 
"Unsupported certificate" error pops up again, and there are no keys in 
the Key Manager. Not even the one I've created.


Are those really bugs or am I doing something wrong?.. I've tried that 
on an Ubuntu 14.04 LTS livecd right after booting it up, to see if it 
works on one of the most popular distributions, but all the problems 
were exactly the same.


So, the problems are there on Debian Jessie with 3.16 kernel, gpa 
0.9.5/0.9.9 and gpg 1.4.18/2.0.26 and Ubuntu 14.04 LTS with 3.19 kernel, 
gpa 0.9.4-1 and gpg 1.4.16/2.0.22. (I didn't upgrade Ubuntu before 
trying. Also, seems like GPA uses the gpg2-branch, but does it really 
call upon gpg2 and not old gpg, which is hardly possible to remove from 
the system without breaking a LOT of dependencies like APT?..) Should I 
go on and submit all those things as bug reports, or am I missing 
something important here?.. Seriously, things don't work out of the box 
and nobody has even noticed?.. I just have a hard time believing it...



--
darkpenguin

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: GPA - unsupported certificate

[da...@gbenet.com]

On 05/12/15 19:33, Dark Penguin wrote:
> I wanted to report a few bugs in GPA that I've been getting on Debian 
> Squeeze, but I thought
> I should check if they still exist in the latest version. So, I've installed 
> Debian Jessie
> and got the latest release (0.9.9) to see if there was any improvement since 
> few years ago.
> 
> So, I start "gpa". The first thing I see is the Key Manager window and an 
> invitation to
> create a new key. On top of it, an error message ("Unsupported certificate") 
> pops up
> immediately; on top of this message, "GnuPG is rebuilding the trust 
> database", which "might
> take a few seconds", but takes forever.
> 
> I tried to wait, but in the end I just had to close the "trust database" 
> popup and the
> "Unsupported certificate" error message. then I proceeded with generating a 
> new key, and
> made sure all those old bugs are still there. And what's more, every time I 
> open the Key
> Manager window, the "Unsupported certificate" error pops up again, and there 
> are no keys in
> the Key Manager. Not even the one I've created.
> 
> Are those really bugs or am I doing something wrong?.. I've tried that on an 
> Ubuntu 14.04
> LTS livecd right after booting it up, to see if it works on one of the most 
> popular
> distributions, but all the problems were exactly the same.
> 
> So, the problems are there on Debian Jessie with 3.16 kernel, gpa 0.9.5/0.9.9 
> and gpg
> 1.4.18/2.0.26 and Ubuntu 14.04 LTS with 3.19 kernel, gpa 0.9.4-1 and gpg 
> 1.4.16/2.0.22. (I
> didn't upgrade Ubuntu before trying. Also, seems like GPA uses the 
> gpg2-branch, but does it
> really call upon gpg2 and not old gpg, which is hardly possible to remove 
> from the system
> without breaking a LOT of dependencies like APT?..) Should I go on and submit 
> all those
> things as bug reports, or am I missing something important here?.. Seriously, 
> things don't
> work out of the box and nobody has even noticed?.. I just have a hard time 
> believing it...
> 
> 
Hi Dark Penguin,

The first thing to say is - when installing any Linux distro you need to ensure 
that the
distro has installed every software update every security fix first. This is 
important when
installing GPA Kleopatra and KGPG.

Every Linux distro has gnupg installed - so at a terminal just type gpg - this 
will create
ALL the folders and files needed (.gnupg) it's pointless installing GPA without 
running gpg
first - I think it's pretty silly.

Then you may wish to install gpgv2 via the package manager. Only then install 
GPA Kleopatra
or KGPG. And only after installing all the updates and security fixes.

Once you have done this you can use any of the packages to create a set of keys 
- GPA
Kleopatra or Kgpg.

There are no bugs in GPA - all these programmes expect to find a valid existing 
.gnupg

David


There are no bugs in GPA

-- 
“See the sanity of the man! No gods, no angels, no demons, no body. Nothing of 
the
kind.Stern, sane,every brain-cell perfect and complete even at the moment of 
death. No
delusion.” https://linuxcounter.net/user/512854.html - http://gbenet.com



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Why gpg 2.1.9 cannot export secret key without passphrase?

[Andrey Utkin]

Just for note.
This can be worked around the following way (works in both 1.4 and 2.1,
didn't test in 2.0).
1. Export key, giving any non-empty passphrase.
2. Import key on new location supposed for automated key usage.
3. `gpg --edit-key `, there type "passwd", enter old passphrase,
enter empty line twice, strike Ctrl+D, confirm changes saving. This
works identically in both 1.4 and 2.1.

If importing location has no capability of passphrase changing
(--edit-key) - e.g. Android Open Keychain - import it to 1.4 keychain,
then export it, it will let you export it without passphrase (won't even
ask for it).

Thank you Peter for pointing out that this is solvable without fixing
the issue in code, but your suggested solution wasn't enough, so I had
to go a few steps further :)

I'd like to state this explicitly (due to rational point made by Peter)
that the link to my private GnuPG git fork with a patch is not supposed
a working solution - it is an experimental work in progress which is not
assured for being interoperable. It is a fruit of uneducated reckless
tinkering with original code.

-- 
OpenPGP usage is appreciated (it also helps your letter to bypass spam
filters). To email me with encryption easily, go
https://encrypt.to/0xC6FCDB11



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users