Re: [Announce] GnuPG 2.1.10 released

2015-12-07 Thread Neal H. Walfield 
On Mon, 07 Dec 2015 01:05:51 +0100,
MFPA wrote:
> >  * gpg: New trust models "tofu" and "tofu+pgp".
> 
> >  * gpg: New command --tofu-policy.  New options
> >  --tofu-default-policy   and --tofu-db-format.
> 
> Should these be available in the Windows version? I get:-
> 
> gpg: unknown trust model 'tofu+pgp'
> gpg: unknown TOFU policy 'ask'

TOFU depends on libsqlite, which you are probably missing.  If GnuPG
doesn't find it, then it disables TOFU.  Can you check whether this is
the case?

Thanks!

:) Neal


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Cannot revoke a certificate

2015-12-07 Thread Daniel Kahn Gillmor 
On Wed 2015-12-02 18:18:46 -0500, David wrote:
> I am trying to revoke a very old certificate that may be compromised.  I
> generated a revocation certificate using the following gpg command with
> no errors.  I did get a warning about MD5 being deprecated.
>
> C:\Users\David> gpg --output kill7827.asc --gen-revoke 80942C8D
>  
> However, I cannot use it.  Here is the output:
>
> C:\Users\David> gpg --import .\kill7827.asc
> gpg: Note: signatures using the MD5 algorithm are rejected
> gpg: key 80942C8D: invalid revocation certificate: Invalid digest
> algorithm - rejected
> gpg: error reading `.\\kill7827.asc': Invalid digest algorithm
> gpg: import from `.\\kill7827.asc' failed: Invalid digest algorithm
> gpg: Total number processed: 0
> C:\Users\David>

You should try adding "--cert-digest-algo sha1" arguments before the
--gen-revoke command to make a SHA1-based certificate revocation.

 --dkg

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: [Announce] GnuPG 2.1.10 released

2015-12-07 Thread MFPA 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi


On Monday 7 December 2015 at 10:06:49 AM, in
, Werner Koch wrote:



> Have a look into the announcement:

>   The source used to build the Windows installer can be
>   found in the same directory with a ".tar.xz" suffix.
>   This Windows installer is missing translations, it
>   has no TOFU support and no HKPS support.  However, it
>   ^^^ fully supports
>   Tor and the Tor browser.


Oops! I missed that bit. Sorry.



> The reason for the missing Tofu support is that we need
> to package Sqlite in a way to make it easy to
> cross-compile for Windows.  It is just a bit of work
> but other things have higher priority for now than
> Windows.

Thanks for the explanation.

- --
Best regards

MFPA  

Colourless green ideas sleep furiously (Noam Chomsky)
-BEGIN PGP SIGNATURE-

iL4EARYKAGYFAlZmBKlfFIAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl
bnBncC5maWZ0aGhvcnNlbWFuLm5ldDMzQUNFRDRFRTkxMzRFRUJERTZBODUwNjE3
MTJCQzQ2MUFGNzc4RTQACgkQFxK8Rhr3eORn5QD9EhcV419z4t0hM/I2nfgaeFLf
mfMlkM7qMwCsKp1/FWYA/3ZW/Y3M8gu6NVYGq1/qry2bFaUGHf7+PXyLmLKadqEH
iQF8BAEBCgBmBQJWZgSuXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2
QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwqkAIAJEiH684AJNY2phReHsBJ/WH
SfGTFXeqNrvvverpbgb3EaJfvgrZIklI2BykdjT28DCzYC63CW5IizERuIskbZBT
elhzEEtSuQh7twJofaORX9n1vC+rcGyUMUUuUToxGZXsWGXWiVnyUQ8e6LgjGO5Z
jtkuUb/jaBigivnTq2iFgIq0/JToA2ajlxAP/zt+WjIecIF+hznqaqmsPCkIz579
ptxZiQ8Z4wcx/xMj1rNT/t2gw6HstqmUkqNeJWRo/5Pd1JsQJMNy2pcvJABkfa5O
bZDIgojc1h8vgNFPjjihEHmpUokVu1z1pedlOPiSv71vMeon4iFl47FDee1M4D4=
=Es3b
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Error message "gpg: Can't check signature: Broken public key"

2015-12-07 Thread MFPA 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512



What does the error message "gpg: Can't check signature: Broken public
key" mean?

One of the members of PGPNET reports getting that error
message when verifying the signatures on my signed and encrypted
messages to the group. He gets it for the signatures from my EDDSA subkey
0x1712BC461AF778E4, and says he uses GnuGP 2.1.8.


The only references I can find (eg [0]) say:-

  592 GPG_ERR_BROKEN_PUBKEY Broken public key
  593
  594 The public key was mathematically not correctly generated.



[0]



- --
Best regards

MFPA  

Why is the universe here? Well, where else would it be?
-BEGIN PGP SIGNATURE-

iL4EARYKAGYFAlZmG4xfFIAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl
bnBncC5maWZ0aGhvcnNlbWFuLm5ldDMzQUNFRDRFRTkxMzRFRUJERTZBODUwNjE3
MTJCQzQ2MUFGNzc4RTQACgkQFxK8Rhr3eORUAAD/XZQqwtz7Q1+Lem/ev5EwrE9O
BJCWG/6+dlyAvQSogR0BANsB14r4s6s+Udhd35Zhj/m4q3cOZ84thFqB5hNT3lkK
iQF8BAEBCgBmBQJWZhuZXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2
QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwpS0H/ipta+E5Dq7f3+aDnpDbAJJS
4XFUM6tmJY2AdAzRqhxjSsCRmCkyekZX9R9CPGT2RlqYRJfqFLSSODka8VIMA4kk
XYuJo+AK9+LnDSVh0/G4DKjPRb67CZCT9Fx4UH+6uFrtQTsTWcACb2xzQE62fkxr
ntMNwROqo90D4mbEemUTvv33rSl/00KysbJC3eg9ybbIjNpn1hO/VtIAK9ipF3iU
3NPwXHgmJk5sJ6esyS1Eqtm0QkckZa/sHAV1GrRtKC91k9d4/4qzdK96MKkKLbdo
rUClB8SF3YsO1KwxxbOT0RiUUAa5MUMvwm1oPmEKtw9XymImQDZ7IaR3VoE8ko4=
=td+o
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users