Re: "There's always light..........."

2019-08-16 Thread MFPA via Gnupg-users
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi


On Friday 16 August 2019 at 1:30:44 PM, in
, David wrote:-


> Would the --comment command add it to the private and
> public key??

I think it would maybe add it at the top of an ascii armoured
keyblock, after the "-BEGIN PGP PUBLIC KEY BLOCK-" line.



> There's very little info on the usage of the command
> or what it actually
> does.

Try






- --
Best regards

MFPA  

If you save the world too often, it begins to expect it
-BEGIN PGP SIGNATURE-

iNUEARYKAH0WIQSWDIYo1ZL/jN6LsL/g4t7h1sju+gUCXVbqzV8UgAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0OTYw
Qzg2MjhENTkyRkY4Q0RFOEJCMEJGRTBFMkRFRTFENkM4RUVGQQAKCRDg4t7h1sju
+gciAP9SBUVYCFwnLKNux/Fn+sEcHrpJi/vvhui41NPLBuOj8QD/e8PDHQxMBiW5
R5cPSTrujbsdcvQGFoPyfkMg9seA6AKJApMEAQEKAH0WIQRSX6konxd5jbM7JygT
DfUWES/A/wUCXVbqzV8UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0NTI1RkE5Mjg5RjE3Nzk4REIzM0IyNzI4MTMw
REY1MTYxMTJGQzBGRgAKCRATDfUWES/A/01lD/9+SChFZ1RMtp2J4EmEwOm1kDSt
bvLyNn2XaEcay9ldP93ONtreiA1CExuyXa3YHX5x5WXBLjGcOogEshviihgywFmP
Mdxceu/+ZEUuWXHXCqT4mDRLIrKo1maSCw0yKAIIqGs5yh8nI/dwI7RHDm3pD/83
2Uk4fCC3/uGj4tXz5PcoanMOkmuecg6DJPSICTaJXe6i9F1UtDXZBCRDkievM7DW
LvxyIvGAUGMlqZ/PvS8O/0LDaXuyIWJ2xlU2UVHYDFzc1DmPd2AXyYx0A/jzOZlY
MIyrBvyeSKAFP2urR5ddQN5EHPzSznmHDFybVEZqdHY2cwJP9cLEIBlJmODACtYb
Xg3Ms1xFeCjbOTazK9N8ZWAI/hjti3HSuDXiTXfbntkV7/UbJnLSfL8BzabxSR/1
gFl9qmCEg3zLaKKRQmhJYriQXAK1ItQbgt9MgN2vxTKOpTLnNX+4wRaMuZTadzQ0
Ok5yDoUA+je9mRNNoJ2rM1HgUwDlnsrYzSMtq0HCdMkYAJBo8hX1tBW3cxq/BOJB
Q8uA/jzCK7reZaeRJhtD1HPx+PwKvOBr/wAuuQxSbuAXAmbL3mRWwaFBvnN0Vsqc
XdwiB2IAuo71MCSjhVLs9PaRz9/X3Phh7nGIRxJDM/hhQ/urPopw8X5I/XCoXD+y
4UA0i1yHpq3SpJo4Uw==
=HcKA
-END PGP SIGNATURE-


___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users


Re: "There's always light..........."

2019-08-16 Thread David
On 16/08/2019 11:53, Wiktor Kwapisiewicz via Gnupg-users wrote:
> On 16.08.2019 11:38, john doe wrote:
>> A better comment would be the URL where to download your public key.
> 
> Even better would be using "--sig-keyserver-url" to embed the URL in an
> appropriate packet.
> 
> Details here:
> https://www.gnupg.org/documentation/manuals/gnupg/GPG-Esoteric-Options.html
> 
> Note that unless "honor-keyserver-url" is set in the config explicitly
> this is not used by default by GnuPG (see comments about
> "auto-key-retrieve" here:
> https://www.gnupg.org/documentation/manuals/gnupg/GPG-Configuration-Options.html
> ).
> 
> And, if the key is available via WKD using "--sender $EMAIL" as GnuPG
> can fetch the missing key over WKD (using only --auto-key-retrieve).
> 
> Kind regards,
> Wiktor
> 
> 
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
> 

Thank you Wiktor,

There's no examples how to use the --comment command - I've tried
various options - aall confuse gpg/gpg2 :)

All I want to do is add a comment in site-admin "The captain's (B)log"
open and closed brackets (B)Log confuse gpg/2 even more.

Being a bit "eccentric" da...@gbenet.com "One Flew Over the Cookoo's
Nest" would be good :)

Would the --comment command add it to the private and public key??

There's very little info on the usage of the command or what it actually
does.

Regards

David


-- 
People Should Not Be Afraid Of Their Government - Their Government
Should Be Afraid Of The People - When Injustice Becomes Law, REBELLION
Becomes A DUTY! Join the Rebellion Today! The "Captain's B(L)og"
https://gbenet.com


0x459E3AE3EA13E1A3.asc
Description: application/pgp-keys


signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users


Re: "There's always light..........."

2019-08-16 Thread Wiktor Kwapisiewicz via Gnupg-users

On 16.08.2019 11:38, john doe wrote:

A better comment would be the URL where to download your public key.


Even better would be using "--sig-keyserver-url" to embed the URL in an 
appropriate packet.


Details here:
https://www.gnupg.org/documentation/manuals/gnupg/GPG-Esoteric-Options.html

Note that unless "honor-keyserver-url" is set in the config explicitly 
this is not used by default by GnuPG (see comments about 
"auto-key-retrieve" here: 
https://www.gnupg.org/documentation/manuals/gnupg/GPG-Configuration-Options.html 
).


And, if the key is available via WKD using "--sender $EMAIL" as GnuPG 
can fetch the missing key over WKD (using only --auto-key-retrieve).


Kind regards,
Wiktor



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users


Re: Key poisoning

2019-08-16 Thread Peter Lebbing
Hi MFPA,

> Would the attack work by just concatenating lots of identical
> signature packets onto a copy of the target key and sending the result
> to the keyserver?

I have no knowledge of the workings of the keyservers. But my guess is
that they would all be coalesced into the single signature that they are
(similarly to when a single new signature was uploaded to two different
SKS keyservers and these are coalesced on reconciliation).

It might be possible if you just change some bytes. I dunno.

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 




signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users


Re: "There's always light..........."

2019-08-16 Thread john doe
On 8/16/2019 10:53 AM, David wrote:
> Hi All,
>
> Many moons ago I added the line "there's always light at the end of the
> tunnel" in my postmaster key pair.
>
> But when crating my new keys - I'd completely forgotten how to do this.
> I read the GPG Manual and could find no reference to this.
>
> Am wondering now that I've created the keys - can I add a comment? If so
> what is the command??
>

Have a look here:

https://security.stackexchange.com/questions/67796/adding-a-comment-to-pgp-mail-signature-files


A better comment would be the URL where to download your public key.


If you are talking about the comment in your UID, you would need to
creat a new UID to do that but you are better off without the one that
you want to use or without a comment altogether.

--
John Doe

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users


"There's always light..........."

2019-08-16 Thread David
Hi All,

Many moons ago I added the line "there's always light at the end of the
tunnel" in my postmaster key pair.

But when crating my new keys - I'd completely forgotten how to do this.
I read the GPG Manual and could find no reference to this.

Am wondering now that I've created the keys - can I add a comment? If so
what is the command??

Cheers

David

-- 
People Should Not Be Afraid Of Their Government - Their Government
Should Be Afraid Of The People - When Injustice Becomes Law, REBELLION
Becomes A DUTY! Join the Rebellion Today! The "Captain's B(L)og"
https://gbenet.com



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users