Re: [Announce] GnuPG 2.1.5 released
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Am 12.06.2015 um 02:34 schrieb NIIBE Yutaka: And please follow the link OpenPGP Card version 3.0, then you can get the specification. http://www.g10code.com/docs/openpgp-card-3.0.pdf That's all I know of. Thanks for pointing me there. Really interesting. I wonder if RSA 1024 is removed means that they can't be generated on card or also that they can't be transferred from an external device to the card. DK -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBCgAGBQJVe0sjAAoJEA7irlPqaBCOPnUQAJ2L0cKWBttYVChjgHEtuUPx ZP8qa8eZ4sDgqzYKFZboV//Rsm7CpjBNNeeyUhn7GcCdT6pKiXy+0zCvFkX/uQws cWu7Re1q77Su/9rWfIVYD3AsRdvBiHEQgQroKhuef4AWz1JHdn9UFppU3o0cygop q5Ns8xOyMisihMjrujP7zeZ6BfgGD66HS9TALuKRnIHsZAt+12DWSVhRg+UvGg40 E8eiZOznSQAzmAgaGoKgE4Ceb83Esqy885gXE5bDlVL3l65HdMoK0lwFuwKr2D+Z JraOKbTZBuGqKPPq1QtnTcf3rmXDji7vT9zVssOJw03J5lDQGMTBYqvrDvwDEs5f t7Vb9k/eDee63ImUmp7m4w4MXg8lCGl+mUUKvdMJgMHY0JIuKZPdvvhjF61kmbxw 1T/kH9JR+LET5kP6qx0eWsAruBc8ZxbvntxcNy8YoFJLpRvBt4vwakj8A9tHKzk5 rlArhVz2ngsXeEzgM40+eaZuQ8M7/I99543MtZrsCrZm4qkj7dNFd/5XO/7jXKsT fA2v9gbAEH06SKgRCQ1SakWG5pAO4CxeKfQGjZo66lL4JNTHdR65LVWlpO1rL6DQ csnXuKQDtHvSiz6my8Cn5yGuPVpZ0V2Igxf2nkDJeTG0OOHBnZrWaSakxh6TLsvf WBOuXXbMM09PlWCkG0Oz =YSgA -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG 2.1.5 released
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Thanks for the new release, * Support for the forthcoming version 3 OpenPGP smartcard. Is there any further information you can provide regarding version 3 of the smartcard? Searching the web didn't give me any useful results. Thanks DK -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBCgAGBQJVebHNAAoJEA7irlPqaBCO/ZsQAKJgKtEYgsIHU/ClLDAetxZV KwGx4OLFNzdUjGaBUBNHvsfsna9mB1Dor377rAa6BXQ/y2gQxZuDc0qivoNtIjPB 22QwSuqcPalWsXisdotuKNMZrdWHu6EAaujFq9FdkdYwEgtILNxvx1pE5i2E+kkp r1fmw0JwqEorwaXMz1k0iMs1pQ7UVKxGPgCHJIyUoZcKVkpsazH6uaJ8d6doh2Jq orOGgXro4ysuOUC+To3AdQfScJGDrlScFLmrWH1nHIIwtyJ5/vg7mVApPehT2THZ d3XPWta/CVeakToJcCnujCSUVZWTtQUPmZpOjHbUvWAMM+FB4t4d546LgduXEjQl L6riMWRS/NrvivypxorB98W7q2F7x/e3ktqMJ5lCy02vC2FgClHA/hpyVQOWZ4vJ blesqjvZYHrFUunFaikk4MA9RNC4tkoRj6AvwFeoagQaLRFbBjsXL7PxPqt5y+Zb xaz2pNttvDbzd7BbWbR9AL9pwJB2jX6QE7sPg9wti6D+DEJyo3fcrpYujIo9C9b4 T4rUoiAdQTzuICOh2pLTmZK4FMHv2ux7KL2Q3JHe8wwPI15VKYqaeO0nHF33+oPV PP/NJaNFd0L2yuRSNmHay4wVZu3OlVkjuTES2Qedob5nTxAVUAzLvZLRr/EHpDZS KSeubCeR18JUbkIcWFlm =GU5C -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Incorrect general key info, for key on Yubikey NEO
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 This made me notice that my --card-status does the same thing, it shows my signing subkey at General key info (although I thought at some point it used to show the master...). That said, everything works fine and my card is usable (v2.1.3). So maybe it's a red herring. Hi, I just checked this and get the same results with an FSFE Smartcard: Signing Subkey is mentioned under General Key Info.. DK -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBCgAGBQJVSSxWAAoJEA7irlPqaBCOtXkP/jQaW/1EsHiPCb/WH0A+Wdly yOrzvzDr2QNQJrC4nv9P077cjMViiNJfr2QwTDNh8/uX1eDgR7h9FjM/TTABksB0 yRUWkUHtPuSpromZUceEsFQ7BnGnP8Foqfm7UPYFGTbwPXQFnWSLPDQ87rBi/Ugd 7WO1HeGx4Vr5geEIlRwcc6Or2n0aIlU6ksKiXcFzHTCtSbbKtElGVqFkNQWY2Diy itmvU66bf6udqL6g++Zh++k7o+UDsdgW5jTCMphe5kqeG17NlFTxICOPvoPV+G89 Pvlvhk3SsTdAHtrxPRprq3RYSjYYSaFWuFitB6vVNiI9apLTpThnI2FG0STGtd/k sdVQZ18cbLkpqFKWHxytTvb+k0H7Wqdhrys4/IYqE9ox2NyPNv2UU5qNsaEzu20T ZMOUzmYjcZRGORmq3h/rjc00UFy55F3g+EPOVRSkYz4ebzGewxz1u1vbj6Subq/T OiSEeMUAj8AvDav5aZ2lZE7Wd8d0wQX+rI+5mi+BKdwFh8IoV8Q1SdEoBCD1V2+u JoORSj7KGmU/vuDnS9ORJJ9mzwcWY/Jnx+FtU41lxJFRysieOSczTCy0HUlGMIgL ch/CzRgIBdpUguWm7TTac5dpU6ZZ2AkAV39Z3j2KDecFGgx40EqjH+/SUwX/dRu6 k2F0B1fjB6wuV4+39gyo =2iTb -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: What is 'CA fingerprint 1' on Smartcard
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Am 03.04.2015 um 13:14 schrieb Werner Koch: Back in 2005 the idea was to setup our own OpenPGP CA and the FSFE prepared the cards for this (this is also one of the the reasons for the PIN letter). However, the folks responsible for the fellowship card never came around to setup a process to actually run such a CA and thus the whole thing got dusty. I still have the CDROM with the private key but I do not think that this expired key is of any use. Salam-Shalom, Werner Hi Werner, sorry for the late replay, somehow I missed your mail... Was this meant to work kind of like the the CA of the ct's crypto campaign? DK -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBCgAGBQJVPgDCAAoJEA7irlPqaBCOigUQAKsAGEJC9KDqt3vUzAxF+mCN cHb30nS3zLYucum95kG3jWknhFwn4fnXoLDrMEHokg41dI9jIOM6nqA1oPqwtxRz oynEx+xrFWNK4X45Sr8eePmjzm5OmD5YumcbOz8cEIdI+BoR6tuf7gJxOQ5rXGWx 93jG3vJuJHg8xLeosPOiu/fvmD+A1LbwZUKfzmJD/ie8eIfwRYvt/+2eFj3AjzjD jZviztbjVtPWZQ1+urIhoufbWyXFrP60I+sMzYeqWhTIMmipxgsKHDWE8+RKRI9L w1Oyl11sPY01VIXNBf3sYkBTCtnze4MvyF723ZFS7XvmtqajPXlRl09rLOrbZZX5 KFl2AQSeUyv0cB7DiDOfUXxi4+nibNeHLb11DagDr+6ReBCDRr4WKeWzpG2YRuul bfiI7wEsP54DaEjiPPvbeC+0Fv6iBsg4gZYXqYe7r30qfOSmdTcVGorcCGsO/1gu RiJz9wRmanZpZNNx8xAA3ccQf5ftLM9/C57ILTeeTU2FTBD9L0gY25leLjpSAWPZ Ub5FGvP1VIFrAvuneF98wQrmmF9aeJqUekg4zvehmQuH32J5qHxR2hNLrgUlB8Gq VEzke5/rKwksN5etvh9o+kt7w4/OzkPgEjiz/qMUHdLyea2jcFTcfUxc0CRx65aT +oSvKnVfn4Ujnm6DbgxR =+Idr -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: What is 'CA fingerprint 1' on Smartcard
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Am 02.04.2015 um 04:40 schrieb NIIBE Yutaka: It seems that it's intended to be hold a fingerprint of OpenPGP, but it is not clear what/how this fingerprint is used for. From a view point of scdaemon developer, I don't have any experience using these data objects. Even, I couldn't imagine valid usage of these data objects. Besides, I don't understand the reason why this data object was filled by a specific value when shipped. Sorry for not useful information, but, those are all I could say. Still, it would make sense to share this info. OK, I will ask on the FSFE mailing list, ask them and post the answer here as soon as i have it. DK -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBCgAGBQJVHVWTAAoJEA7irlPqaBCOf30P/R7OXr6jyTniFeiiv0LYBC9T TyYwvqRyRnvng4VRKdT0Nq3kF/Omj2HIi7KCVZTOgDmmR83IMYyWm4oBFNXrDKzd QO0J8OwUf+/B122vL1yvE3n1/V5rHxTpTl3bvBQG/VgZO9Fiwt1BYwCfF+79VlvR OCnoLdepAHn4ZFT74neq5ZCxbG3UxSOr+9RBlf9gFzs+qNOI8TsqIzF4xueQHe6f Jv7YD6aTqh7z3/d67v5j4ChzRxrghe2+I97QJkB98qvxqNxAVwg9hD64VcvtBNjB O+AR+wbqnztfAa3pnQ4RGHIH1NGfy+v0Tps2tuCn/SucIirwbaIk+jhMHaWZB3Tx 0K7ivxRK4tbpAJyFY8r85XSTAEw4c711rkPbIcpolfw/5upXD/UD2YFCFxlnTaxt xc38nKunoXT2B3LB5mRKnDGL69KZPHv5J+gSvZcP1/k8ItV/OryzSCyiJsGG+WIK ipHvTjmyWs3R3Qnm1B0q3qklaoQGVsw1k6W8Ezafu4Vm84PxdmaE5LBfyH2KJN3h CFQQKeo4Tfb8wRAvZj1VrLo3AqLWdOLioAKXy+xzuPbK87fnMx0tfwn2147PGsNr 008q8Wbj5n4cqTmP1Db4woASvHuTFdwmLm3Kr0yqJnTkZUrme7OyxJ0SAA0qNXdv LPNlpdG/WJPn0IJhI1bM =iGUm -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
What is 'CA fingerprint 1' on Smartcard
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, Hope this question is OK on this list. What is the CA fingerprint on FSFE-Smartcard? A gpg2 --car-status gave the information: CA fingerprint 1 .: C485 A6CD 7EC6 6E9E EC33 65F2 70F2 75E4 C32F 6CA5 This is a smartcard issued by the FSFE. After reseting the card this information is gone, so it must be applied by FSFE. I read the openpgp-card-2.0 specification but I'm still not sure what this CA data object is used for and what specific CA it points to. Maybe you can help... DK -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBCgAGBQJVGtBTAAoJEA7irlPqaBCOP50P/2wnYuXxamlMJ6Tyuec93fQ6 6wljqQC+9J6k9VXAciWQyEXH5UL9YyxoGf4cEa0/px/0FZvX6BTtuxmnAPJvJQM8 caY+NzWFBQga6OjkSzcMtIzxDXaFn7/Ex1MnpuHqqXA3NLllmbuLhLL2uWbHI2pO X8/pMkbTJflHF7yT3jOwNXPg0lotzkbBg2v3uLPTzYcpek71N7WP2NbK9mhWqFeA LThTP1Ou0K+7869+VTAr4fymnLp8DxN5eprvX0kthToAlKivF2+0Q3rgF6EYDZDS 1ld8tSLgQC/5yJh3nftM5aSLkfNeIdMeDTk96vdHu3+K2XbTRZQ9JDSt9ZONqVxa sQOuEUXoFZjud4Eqv9C2uTGzd77P8KgUk2PNegepNuDdtsqOeGkt+TQQVHxgdolv K4SgtKFTHmboXA9n7j8fyhrAWDG3gvDoUHP3QGUGRGv/gvr9OLtg/N8ORVWDvUy1 jNyEFA6hHQEhgf5wC5wjjde0OXj83xLfeuLUpy8rMO1pqp8OH3qYtvqVPx8Gt8WE zAZtpW8A8t8KXlp6YG4KxCB2RU94wDvBg4EeuKygMQdvDKgIRbmVvd83B4wmz8TA rdv1KInbF5FWvKfyGYV/Wxa6Ack5iwU+6xGQGv5Sy4NjEX60uCjRew4LPLfzEBw9 lRs45T9WxiF5iCFGA6YF =Orxq -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Analogien um das Prinzip von PGP zu erklären
Am 03.07.2014 16:16, schrieb Werner Koch: Signing is a very different thing than encryption. It has nothing to do with encryption. Using the terms decryption or encryption to describe signature creation and verification leads to confusion (it is actually only partly true for the RSA algorithm). We use two different keys, one for encryption and for signatures. OpenPGP merely puts them together on the same keyring (technically called a keyblock) for convenience. You're right, the more I think about it, the more I like the idea of using the terms key, lock, seal and imprint. They differentiate between signing encryption but are rather intuitive if you are not familiar with the technical details of PKI. -- kind regards daniel krebs ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Analogien um das Prinzip von PGP zu erklären
Hallo, da ich das gerade mit Matthias von der FSFE im Rahmen von #EmailSelfDefense diskutiere, mal eine Frage: Welche Analogien benutzt ihr, wenn ihr Menschen das Prinzip von PGP/GPG erklärt? Ich verwende ich meistens folgende Version: Es gibt ein Schloss mit zwei Schlüssellöchern. Jeder Schlüssel funktioniert nur in eine Richtung, also entweder Geöffnetes schließen oder Geschlossenes öffnen. Daran kann man dann auch das signieren erklären, was ja bei der klassischen Metapher (öff. Schlüssel = Schloss, priv. Schlüssel = Schlüssel) nicht funktioniert. Also: Verschlüsseln: Jemand verschließt mit meinem öffentlichen Schlüssel, ich öffne mit meinem geheimen. Signieren: Ich signiere mit meinem privaten Schlüssel, jemand anders überprüft mit meinem öffentlichen. Anregungen, Meinungen? -- kind regards daniel krebs ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
This time in English: How to explain the principles of PGP, looking for metaphors
Sorry! I picked the wrong language / list last time... So in English: What metaphors do you use when explaining people PGP? Two examples: 1. A lock with two keys? 2. A lock (public) and a key (private) Something completely different? Problems with both: 1. Seems to be kind of hard to understand for most people, because a lock with one key to open and one key to close is rather special. 2. Signing emails is hard to explain this way. Signining by putting a lock on it? Any ideas are appreciated. An Interesting approach (Thanks Neal for the link): Using 4 items: key, lock, seal and imprint. https://freedom-to-tinker.com/blog/randomwalker/why-king-george-iii-can-encrypt/ -- kind regards daniel krebs ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Analogies to explain the basic principles of encryption as used by OpenPGP
Hi Olav, Am 03.07.2014 14:00, schrieb Olav Seyfarth: I'd also rather use the analogy of a padlock without key to be distributed by the receipient of a message. That way you're able to explain the prerequisite for asymmetric crypto as we use it in OpenPGP: the receipent must do something BEFORE anyone can send anything (secured by that means) to him. Everyone knows what happens if you snap the lever into the lock - you're only able to unlock it if you have the key (or a big tool, OK). But how would you explain signing from that point of view? -- kind regards daniel krebs ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Mascot_p
Am 17.06.2014 21:48, schrieb Mark Rousell: Maybe a mask of some sort Unfortunately I think people associate masks with having something (negative) to hide. Perhaps people shouldn't see it that way but they seem to do so. I think as a mascot some kind of animal is better, because it might be more attracting to new users that a rather 'cold' robot. unless you can crate a really cute robot of course! something like wall-e from that disney (?) picture. -- kind regards daniel krebs ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Docs central, with 'Email Self-Defence'
Am 10.06.2014 16:38, schrieb Bernhard Reiter: Thus I've started http://wiki.gnupg.org/documentation and did a first entry for the new CC-BY-(SA) short guide from the FSF. I could use more critical review, so if you read it or other documents, please add a link or a comment. Does the column language imply, that you are also looking for links to non-english sites? -- kind regards daniel krebs ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users