Re: Thunderbird / Enigmail / Autocrypt
If you think about using the current stable version of Thunderbird (version 78), then there is no Enigmail and no Autocrypt. OpenPGP has been implemented directly in Thunderbird, but there is currently no Autocrypt support in Thunderbird. -Patrick Daniel Bossert via Gnupg-users wrote on 20.11.2020 10:23: > Hello all > > How secure is it to use Thundebrird with Autocrypt? I use Sylpheed at the > moment, but it is not that comfortable to use as Thunderbird. > Also, when I send an email, the signature will be shown instead like with > thunderbid just an info that the mail is signed > > Do you have some inputs? > > Regards > Daniel > > > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Ask for passphrase once, but require confirmation each time a key is used?
You could use a Yubikey: correctly configured, it will required you to touch the yubikey capacitor button to allow the use of the gpg key (once the passphrade is cached of course) Franck Le jeudi 19 novembre 2020 à 22:08 +0100, dalz via Gnupg-users a écrit : > The motivation is that I'd like to know when something wants to > decrypt > a file. I could configure gpg-agent to not cache the key and ask for > the > passphrase each time, but that is very annoying with a long > passphrase, > so I was wondering if there was any other way to accomplish that. > What I'm thinking is a popup window that (while gpg-agent has the > key) > replaces pinentry, requiring a simple click of a button to allow the > decryption. Is there any way to do this? > > I'm pretty new to this, so feel free to point out that my idea is > pointless / makes no sense if that is the case! > > -- > dalz > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Ask for passphrase once, but require confirmation each time a key is used?
Thanks, that could be an option - but not a cheap one it seems. I'm also considering writing a pinentry program that does what I want, however the last attempt ended in nothing but frustration... -- dalz ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing decentralized websites
On Fri, 20 Nov 2020 19:13, cqcallaw said: > change the behavior. Is there some implementation issue with running > multiple gpg signing operations in parallel? This is all serialized because the gpg-agent does the actual signing. There is one gpg-agent per GNUPGHOME. Thus the easiest solution for you is to provide copies of the GNUPGHOME and either set this envvar for each process or pass --homedir=decicated-homedir-copy. You can't use links to the same directory because we use lock files. However, it should be possible to sumlink the private-keys-v1.d sub directories. > 2) Are there any tools to verify detached signatures in the browser? > As a user, I'd like my browser to check for a signature file and Mailvelope comes to mind or you write your own thing using gpgme-json as the native messaging server. Mailvelope can use gpgme-json. There is also openpgp.js as a solid Javascript implementation of OpenPGP. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Thunderbird / Enigmail / Autocrypt
On Fri, 20 Nov 2020 10:23, Daniel Bossert said: > How secure is it to use Thundebrird with Autocrypt? I use Sylpheed at > the moment, but it is not that comfortable to use as Thunderbird. Checkout Claws-mail which was forked from Sylpheed many years ago. The OpenPGP and S/MIME integration of both was initially done by me but many others improved it at lot. Claws is like Thunderbird cross-platform. The current TB OpenPGP support is pretty basic after they removed Enigmail. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Signing decentralized websites
‐‐‐ Original Message ‐‐‐ On Saturday, November 21, 2020 9:58 AM, Werner Koch wrote: > On Fri, 20 Nov 2020 19:13, cqcallaw said: > > > change the behavior. Is there some implementation issue with running > > multiple gpg signing operations in parallel? > > This is all serialized because the gpg-agent does the actual signing. > There is one gpg-agent per GNUPGHOME. Thus the easiest solution for you > is to provide copies of the GNUPGHOME and either set this envvar for > each process or pass --homedir=decicated-homedir-copy. You can't use > links to the same directory because we use lock files. However, it > should be possible to sumlink the private-keys-v1.d sub directories. > > > 2. Are there any tools to verify detached signatures in the browser? > > As a user, I'd like my browser to check for a signature file and > > > > Mailvelope comes to mind or you write your own thing using gpgme-json as > the native messaging server. Mailvelope can use gpgme-json. > > There is also openpgp.js as a solid Javascript implementation of > OpenPGP. > > Shalom-Salam, > > Werner > > - > > Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. Many thanks. I've written a Python script (https://github.com/cqcallaw/www/blob/94f0dbb84fa3908acdd698d7b67071bf4f2a723b/sign.py) to handle the parallel signing; I'll look into the browser options shortly. Cheers, -Caleb ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Thunderbird / Enigmail / Autocrypt
Hello Werner I would like to use claws-mail, but it looked quite old-school when I last used it. There was no auto-configure of mail setup (find mail-server by itself). But I will install it again and check it out. Thank you Daniel On Sat, 21 Nov 2020 19:02:33 +0100 Werner Koch wrote: > On Fri, 20 Nov 2020 10:23, Daniel Bossert said: > > > How secure is it to use Thundebrird with Autocrypt? I use Sylpheed at > > the moment, but it is not that comfortable to use as Thunderbird. > > Checkout Claws-mail which was forked from Sylpheed many years ago. The > OpenPGP and S/MIME integration of both was initially done by me but many > others improved it at lot. Claws is like Thunderbird cross-platform. > > The current TB OpenPGP support is pretty basic after they removed > Enigmail. > > > Salam-Shalom, > >Werner > > -- > Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -- PGP: 81A8 1EC7 179C BE5F 02A8 2C01 3FF1 07B6 FC68 F10A pgpthvA1m02zo.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
