Re: GnuPG 2.2.4 on Windows - problems accessing some HKPS keyservers

2018-01-23 Thread Phil Pennock 
On 2018-01-22 at 20:12 -0500, David Gray via Gnupg-users wrote:
> I'm running GnuPG 2.2.4 on Windows.  I'm able to successfully query the SKS
> keyserver pool via HKPS (hkps://hkps.pool.sks-keyservers.net) with no
> problems.  I'm trying to query the hkps://keys.mailvelope.com keyserver, and
> I'm not having any luck.

Looks to me like a GnuPG bug.  In fact, it looks very much like
https://dev.gnupg.org/T1447 which has been marked resolved.

The hostname there is a CNAME to Amazon DNS, and my dirmngr logfile
records:

2018-01-23 21:28:10 dirmngr[70787.6] TLS verification of peer failed: hostname 
does not match
2018-01-23 21:28:10 dirmngr[70787.6] DBG: expected hostname: 
keyserver-prod.v3jierkpjv.eu-west-1.elasticbeanstalk.com

The untrusted name retrieved from DNS resolution of the CNAME record is
being used as the name for validation.

The patches to address the issue seem to focus on SRV records, so
repaired one way in which the problem manifested, but either didn't fix
the underlying issue, or there's been a regression.

I've opened a new ticket for the maintainers to track this.
https://dev.gnupg.org/T3755

-Phil

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: "best" ed25519/curve25519 setup?

2018-01-23 Thread Guilhem Moulin 
On Tue, 23 Jan 2018 at 09:01:25 +0100, Simon Josefsson wrote:
> Guilhem Moulin  writes:
>> On Mon, 01 Jan 2018 at 14:28:34 +0100, Simon Josefsson wrote:
>>> I want to use ed25519/curve25519, but right now I have an offline
>>> master RSA key with three subkeys.  Does it work well to add new
>>> subkeys for Ed25519/Curve25519?  What is the user experience in
>>> various applications?  I'm thinking MUAs, SSH, git, gpg itself, and
>>> also more exotic approaches like K9Mail.
>>
>> AFAICT multiple Ed25519/Curve25519 subkeys work fine, with the following
>> caveats:
>>
>> * You'll want to sign with both your Ed25519 and non-ECC (sub-)keys,
>>   otherwise non-ECC capable OpenPGP implementations won't be able to
>>   verify your data signatures.  You can do this by adding
>>
>>   local-user $FINGERPRINT!
>>   
>>   for each (sub)key to sign with (note the trailing exclamation mark
>>   to specify the subkey).
> 
> Have you noticed any problem with this approach?  I could imagine some
> software might be equally confused by two signatures, or become confused
> that GnuPG "under the hood" adds another signature.

There are non RFC-compliant implementations for sure, but FWIW RFC 4880
allows multiple signatures on the same data.  That's the last octet of
One-Pass Signature Packets, cf. RFC 4880 Sec. 5.4:

“A one-octet number holding a flag showing whether the signature is
 nested.  A zero value indicates that the next packet is another
 One-Pass Signature packet that describes another signature to be
 applied to the same message data.”
— https://tools.ietf.org/html/rfc4880#section-5.4

That's often used in OpenPGP key transition statements, for instance.

That being said I didn't add a signing-capable Ed25519 subkey along with
my RSA one, and the only OpenPGP implementation I use is GnuPG, so I
don't know how well other implementations support nested signatures.
 
> I wonder if I should re-use the RSA subkeys from my current key into the
> new one...  I suppose for SSH it would be useful, but for anything
> OpenPGP-related it should be based on the master key id, right?

I see no reason to do that for signing and decryption, indeed.

-- 
Guilhem.


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Keys clean of all signatures except those made by others I trust

2018-01-23 Thread Robert J. Hansen 
> From the man page:

Note that this can be done in a bash one-liner:

$ for x in `gpg --list-keys|grep "[A-F0-9]\{40\}"|sed 's/ //g'` ; do gpg
--edit-key $x clean save ; done

Or in Windows Powershell:

> ForEach ($keymatch In  --list-keys|Select-String -Pattern
"[A-F0-9]{40}") {  --edit-key $keymatch.ToString().Trim() clean save;}



... There are undoubtedly half a dozen ways to do this quickly.  But if
you're looking for one, these will do.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Keys clean of all signatures except those made by others I trust

2018-01-23 Thread FuzzyDrawrings via Gnupg-users 
I guess I had stopped reading about ' clean' after the first line:

>clean  Compact (by removing all signatures except  the  selfsig)

...however the rest of the description indicates it does exactly what I need. 
Doh!

Many thanks!___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Why exactly does pinentry fails with gpg-agent and ssh support?

2018-01-23 Thread Doron Behar 
I'm glad to hear your comments guys. I've posted a bug report on ssh'
bug tracker: https://bugzilla.mindrot.org/show_bug.cgi?id=2824

On Mon, Jan 22, 2018 at 08:43:41AM +0100, Werner Koch wrote:
> On Sun, 21 Jan 2018 17:41, doron.be...@gmail.com said:
> 
> > As far as I understand, because I use `systemd`'s user service, whenever
> > I want to unlock an authentication key I need to run the command
> > `gpg-connect-agent updatestartuptty /bye`.
> 
> Although I have no experience with the peculiarities of the --supervised
> mode, there is no need to run the updatestartuptty command.  That command
> is only used to switch gpg-agent's default $DISPLAY and tty to the one
> active in the shell you run this command.  This is required because the
> ssh-agent protocol has no way to tell gpg-agent (or ssh-agent) the
> DISPLAY/tty which shall be used to pop-up the Pinentry.
> 
> Another problem with ssh is that ssh can't start gpg-agent on the the
> fly.  Thus you need to make sure that gpg-agent has already been started
> when you use ssh.  A way to ensure this is to run 
> 
>   gpg -K
> 
> which lists all your private keys and as a side-effects starts
> gpg-agent.  You can also do
> 
>   gpg-connect-agent /bye
> 
> because it exhibits the same side-effect.  The suggested way to start
> gpg-agent for ssh is to use
> 
>   gpgconf --launch gpg-agent
> 
> 
> Salam-Shalom,
> 
>Werner
> 
> 
> p.s.
> And the best solution would be to extended the ssh-agent protocol
> and openssh to allow starting of an arbitrary process and conveying some
> environment variables.
> 
> -- 
> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.



> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users



signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Keys clean of all signatures except those made by others I trust

2018-01-23 Thread Teemu Likonen 
FuzzyDrawrings via Gnupg-users [2018-01-23 02:41:45-05] wrote:

> Say I import Bob's key with "--recv-key" from some keyserver. Bob's
> public key has been signed by a lot of non-serious User ID's and spam.
> However Bob's key may have been signed by Alice (whose public-key I
> have in my keyring).
>
> I would like to clean the key of the spam signatures while preserving
> any signatures made by Alice (or anyone else I have trusted on my
> keyring). Does there exist a command/option to accomplish this in
> gpg2?

For one key: "--edit-key" and "clean". To make it automatic for all
import operations you can use options in gpg.conf file:

import-options import-clean
keyserver-options import-clean

I like clean export too, so:

import-options import-clean
export-options export-clean
keyserver-options import-clean,export-clean

-- 
/// Teemu Likonen   - .-..    //
// PGP: 4E10 55DC 84E9 DFF6 13D7 8557 719D 69D3 2453 9450 ///


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Keys clean of all signatures except those made by others I trust

2018-01-23 Thread Peter Lebbing 
On 23/01/18 08:41, FuzzyDrawrings via Gnupg-users wrote:
> Title says it all.

From the man page:

>--edit-key
>   Present a menu which enables you to do most of the  key  manage‐
>   ment  related  tasks.   It expects the specification of a key on
>   the command line.
> [...]
>   clean  Compact  (by  removing all signatures except the selfsig)
>  any user ID that is no longer usable  (e.g.  revoked,  or
>  expired). Then, remove any signatures that are not usable
>  by the trust calculations.   Specifically,  this  removes
>  any  signature that does not validate, any signature that
>  is superseded by a later signature,  revoked  signatures,
>  and signatures issued by keys that are not present on the
>  keyring.

(Apparently you agree on the name for the concept, a "clean" key :-)

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Keys clean of all signatures except those made by others I trust

2018-01-23 Thread FuzzyDrawrings via Gnupg-users 
Title says it all.

Say I import Bob's key with "--recv-key" from some keyserver. Bob's public key 
has been signed by a lot of non-serious User ID's and spam. However Bob's key 
may have been signed by Alice (whose public-key I have in my keyring).

I would like to clean the key of the spam signatures while preserving any 
signatures made by Alice (or anyone else I have trusted on my keyring). Does 
there exist a command/option to accomplish this in gpg2?___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

GnuPG 2.2.4 on Windows - problems accessing some HKPS keyservers

2018-01-23 Thread David Gray via Gnupg-users 
Good Evening -

 

I'm running GnuPG 2.2.4 on Windows.  I'm able to successfully query the SKS
keyserver pool via HKPS (hkps://hkps.pool.sks-keyservers.net) with no
problems.  I'm trying to query the hkps://keys.mailvelope.com keyserver, and
I'm not having any luck.  I suspect I don't have the appropriate hkp-cacert
referenced in the dirmngr, but I got the certificate by browsing to
https://keys.mailserver.com, exporting the root cert in the certification
path as a Base-64 encoded X.509 file (with .pem extension) and copying it to
my gnupg home directory, and the hkp-cacert line in dirmngr.conf references
that .PEM file.  The cert thumbprint shows:
ad7e1c28b064ef8f6003402014c3d0e3370eb58a in windows certmgr, and the full
contents of that .pem file appear at the bottom of this message for
reference.

 

I'm hoping someone may be able to point me in the right direction to
troubleshoot this a bit further - I suspect I've done something wrong but
I'm not sure how to identify exactly what it is.

 

Details below - Thanks!

 

Dave

 

This is what I get when I attempt to lookup the key for patr...@enigmail.com
  at hkps://keys.mailvelope.com:

 

C:\Users\dave>gpg --debug-all -vvv --search-keys patr...@enigmail.com

gpg: reading options from 'C:/Users/dave/AppData/Roaming/gnupg/gpg.conf'

gpg: using character set 'CP437'

gpg: enabled debug flags: packet mpi crypto filter iobuf memory cache
memstat trust hashing ipc clock lookup extprog

gpg: DBG: [not enabled in the source] start

gpg: DBG: chan_0x0180 <- # Home: C:/Users/dave/AppData/Roaming/gnupg

gpg: DBG: chan_0x0180 <- # Config:
C:/Users/dave/AppData/Roaming/gnupg/dirmngr.conf

gpg: DBG: chan_0x0180 <- OK Dirmngr 2.2.4 at your service

gpg: DBG: connection to the dirmngr established

gpg: DBG: chan_0x0180 -> GETINFO version

gpg: DBG: chan_0x0180 <- D 2.2.4

gpg: DBG: chan_0x0180 <- OK

gpg: DBG: chan_0x0180 -> KEYSERVER --clear hkps://keys.mailvelope.com/

gpg: DBG: chan_0x0180 <- OK

gpg: DBG: chan_0x0180 -> KS_SEARCH -- patr...@enigmail.com

gpg: DBG: chan_0x0180 <- ERR 285212985 Wrong name 

gpg: error searching keyserver: Wrong name

gpg: keyserver search failed: Wrong name

gpg: DBG: chan_0x0180 -> BYE

gpg: DBG: [not enabled in the source] stop

gpg: keydb: handles=0 locks=0 parse=0 get=0

gpg:build=0 update=0 insert=0 delete=0

gpg:reset=0 found=0 not=0 cache=0 not=0

gpg: kid_not_found_cache: count=0 peak=0 flushes=0

gpg: sig_cache: total=0 cached=0 good=0 bad=0

gpg: random usage: poolsize=600 mixed=0 polls=0/0 added=0/0

  outmix=0 getlvl1=0/0 getlvl2=0/0

gpg: rndjent stat: collector=0x calls=0 bytes=0

gpg: secmem usage: 0/32768 bytes in 0 blocks

 

The corresponding logs from dirmngr show:

 

2018-01-22 19:40:43 dirmngr[1664] handler for fd 864 started

2018-01-22 19:40:43 dirmngr[1664] DBG: chan_0x0360 -> # Home:
C:/Users/dave/AppData/Roaming/gnupg

2018-01-22 19:40:43 dirmngr[1664] DBG: chan_0x0360 -> # Config:
C:/Users/dave/AppData/Roaming/gnupg/dirmngr.conf

2018-01-22 19:40:43 dirmngr[1664] DBG: chan_0x0360 -> OK Dirmngr 2.2.4
at your service

2018-01-22 19:40:43 dirmngr[1664] DBG: chan_0x0360 <- GETINFO version

2018-01-22 19:40:43 dirmngr[1664] DBG: chan_0x0360 -> D 2.2.4

2018-01-22 19:40:43 dirmngr[1664] DBG: chan_0x0360 -> OK

2018-01-22 19:40:43 dirmngr[1664] DBG: chan_0x0360 <- KEYSERVER --clear
hkps://keys.mailvelope.com/

2018-01-22 19:40:43 dirmngr[1664] DBG: chan_0x0360 -> OK

2018-01-22 19:40:43 dirmngr[1664] DBG: chan_0x0360 <- KS_SEARCH --
patr...@enigmail.com

2018-01-22 19:40:43 dirmngr[1664] TLS handshake failed: Wrong name 

2018-01-22 19:40:43 dirmngr[1664] error connecting to
'https://52.50.100.145:443': Wrong name

2018-01-22 19:40:43 dirmngr[1664] command 'KS_SEARCH' failed: Wrong name


2018-01-22 19:40:43 dirmngr[1664] DBG: chan_0x0360 -> ERR 285212985
Wrong name 

2018-01-22 19:40:43 dirmngr[1664] DBG: chan_0x0360 <- BYE

2018-01-22 19:40:43 dirmngr[1664] DBG: chan_0x0360 -> OK closing
connection

2018-01-22 19:40:43 dirmngr[1664] handler for fd 864 terminated

 

 

By contrast, this is what I get when I query the SKS pool for the same key
via HKPS:

 

C:\Users\dave>gpg --debug-all -vvv --keyserver
hkps://hkps.pool.sks-keyservers.net --search-keys patr...@enigmail.com

gpg: reading options from 'C:/Users/dave/AppData/Roaming/gnupg/gpg.conf'

gpg: using character set 'CP437'

gpg: enabled debug flags: packet mpi crypto filter iobuf memory cache
memstat trust hashing ipc clock lookup extprog

gpg: DBG: [not enabled in the source] start

gpg: DBG: chan_0x0190 <- # Home: C:/Users/dave/AppData/Roaming/gnupg

gpg: DBG: chan_0x0190 <- # Config:
C:/Users/dave/AppData/Roaming/gnupg/dirmngr.conf

gpg: DBG: chan_0x0190 <- OK Dirmngr 2.2.4 at your service

gpg: DBG: connection to the dirmngr established

gpg: DBG: chan_0x0190 -> GETINFO version

Re: "best" ed25519/curve25519 setup?

2018-01-23 Thread Simon Josefsson 
Guilhem Moulin  writes:

> Hi Simon,
>
> On Mon, 01 Jan 2018 at 14:28:34 +0100, Simon Josefsson wrote:
>> I want to use ed25519/curve25519, but right now I have an offline
>> master RSA key with three subkeys.  Does it work well to add new
>> subkeys for Ed25519/Curve25519?  What is the user experience in
>> various applications?  I'm thinking MUAs, SSH, git, gpg itself, and
>> also more exotic approaches like K9Mail.
>
> AFAICT multiple Ed25519/Curve25519 subkeys work fine, with the following
> caveats:
>
>   * You'll want to sign with both your Ed25519 and non-ECC (sub-)keys,
> otherwise non-ECC capable OpenPGP implementations won't be able to
> verify your data signatures.  You can do this by adding
>
> local-user $FINGERPRINT!
> 
> for each (sub)key to sign with (note the trailing exclamation mark
> to specify the subkey).

Have you noticed any problem with this approach?  I could imagine some
software might be equally confused by two signatures, or become confused
that GnuPG "under the hood" adds another signature.

>   * You'll want to create your Curve25519 encryption subkey *after* the
> non-ECC one, as `gpg --encrypt --recipient $KEYID` only uses the
> most recent valid encryption-capable subkey, I think.  So if you
> have an older non-ECC encryption subkey, older gpg(1) will encrypt
> to it while ≥2.1 will use the Curve25519 encryption subkey.

That is an important aspect, thank you!

>> The alternative for me of course is to create a brand new key, with an
>> offline Ed25519 master key, plus some subkeys.  Has anyone done this,
>> and can share their experience?
>
> IMHO it's too early to use an Ed25519 master key in production, because
> there are still a lot of legacy systems out there and that will make the
> whole key unusable for encryption and verification.  It's fine to start
> bring such key to KSPs to improve its reputation and have a less painful
> key rollover later, though :-)

I already have a good RSA-based master key setup:

  RSA offline master key
 RSA subkey for signature
 RSA subkey for decryption
 RSA subkey for authentication

So I'm thinking that my new setup should be 25519-based.

Would you want to use separate Curve25519 keys for authentication and
signatures?

So I guess the "perfect" setup for me would then be to add the following
new key:

  Ed25519 offline master key
 Ed25519 subkey for signature
 Curve25519 subkey for authentication
 Curve25519 subkey for decryption

?

I could adopt the middle way and continue to use my current RSA-based
key and a new Ed25519-based key, and have both algorithms available as
subkeys.

  RSA offline master key
 RSA subkey for signature
 RSA subkey for decryption
 RSA subkey for authentication
 Ed25519 subkey for signature
 Curve25519 subkey for authentication
 Curve25519 subkey for decryption

  Ed25519 offline master key
 RSA subkey for signature
 RSA subkey for decryption
 RSA subkey for authentication
 Ed25519 subkey for signature
 Curve25519 subkey for authentication
 Curve25519 subkey for decryption

I wonder if I should re-use the RSA subkeys from my current key into the
new one...  I suppose for SSH it would be useful, but for anything
OpenPGP-related it should be based on the master key id, right?

Algorithm migration is really tricky...

/Simon


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users