Re: GPA - import keys more easily?..

2015-12-11 Thread Dark Penguin

(or not even seeing it, because I think it would normally close
immediately after the program has finished running).


Oh, okay, I misunderstood your request. I thought you wanted to invoke
GPA from the command line, since you called it a command line option.

But I suppose you want a file association so GPA is launched on an .asc
or .gpg file, and subsequently takes the most logical action for the
actual content of the file (show key info with an option to import for
keys, decrypt and verify for encrypted/signed data).


Yes; I can set up a file association myself, but when I open someone's 
.asc public key in GPA, I see a "File manager" window with an option to 
decrypt it, which doesn't make sense. I want either GPA to automatically 
understand that this is a public key (which is not hard at all, because 
there is the PGP header written in plaintext), or at least to be able to 
open keys with GPA with some option to tell it that this is a key, not 
an encrypted message, if it can not see that without my help - maybe 
with a commandline option. Or at the very least, they should just add an 
"Import key" option in that file manager for such cases - that would 
also be fine by me. I just want to be able to import a key I'm already 
looking at without having to look for it again in the "Import key..." 
dialog.


There may be "workarounds" like installing some plugins for some mail 
clients, but I'm happy with GPA, and I want to use GPA, and installing a 
plugin (and probably switching to a compatible email client) and setting 
it up and getting used to it just to be able import keys a couple of 
seconds quicker does not really make sense.


PGP for Windows does that from time immemorial, naturally. I would 
expect at least this much from a frontend for encryption software for an 
operating system which, unlike Windows, is actually concerned about 
security, and I believe our new "converts" from Windows would expect it 
too, and I can't believe it's still not there by now. =/



--
darkpenguin

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users


Re: GPA - import keys more easily?..

2015-12-10 Thread Dark Penguin

Of course, I could use other software if I don't like this one, but the question
is "wouldn't it be convenient to add a simple commandline option to GPA to
import a key".


For commandline usage, you can simply use GnuPG directly:

$ gpg2 --import pubkey.asc

GPA is a GUI frontend to GnuPG. Commandline support is already in GnuPG and
doesn't need to be in a GUI frontend.


I could do that, but I believe for most users it would be much more 
convenient to see a graphical window of a familiar program with the 
user's name and email address and a confirmation dialog, instead of 
seeing a terminal saying "I've already imported it" (or not even seeing 
it, because I think it would normally close immediately after the 
program has finished running).



I know how keys work; I've been using it at work for a long time. And I 
usually import the keys from email attachments, which I know are 
correct, because I've helped them set up PGP and I've created their 
email account. I just want to be able to have them imported with simply 
opening them with GPA and not have to save them somewhere, then look for 
them in the "Import keys..." dialog, and then delete them.



I've submitted this along with other bugs and wishlist items to 
gnupg-devel, but it seems that those have not yet been approved by the 
moderator (though almost a week has passed since the first report). I 
wanted to hear what do they have to say before creating the bug reports, 
but now I've submitted all of the "bugs" I wanted to report on 
bugs.gnupg.org (issues 2178, 2179, and this one - 2180).



--
darkpenguin

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users


Re: GPA - import keys more easily?..

2015-12-09 Thread Dark Penguin

You can import keys (1) direct from personal contact - people give you the key 
id and you
can download from a key server - most people upload their public key to a key 
server (2) you
can get keys when people have included their public key as an attachment in an 
email. If you
have installed Thunderbird - you could install Enigmail - you can do all the 
things with
that that GPA does.


Of course, I could use other software if I don't like this one, but the 
question is "wouldn't it be convenient to add a simple commandline 
option to GPA to import a key". It's not that big of a deal, but the 
idea is so obvious I'm really surprised it's not there yet.


It's not about GNOME Keyring; it's just that I've been using GnuPG and 
GPA since Squeeze, and I would really like to be able to add public keys 
by just "opening" them from anywhere, not only from a Thunderbird mail 
attachment, and with GPA, not with something else.


I just don't want to submit a "wishlist" bug report without consulting 
the users first - maybe it's already there in the newer versions?.. The 
developers seem to be really busy...



--
darkpenguin

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users


Re: GPA - unsupported certificate

2015-12-09 Thread Dark Penguin

I'm not sure if this idea makes sense, but maybe it would be easy to
add a check on the version of said gpg-agent before attempting to use
it?..


I know certain recent versions of GnuPG complain and warn about the
hijacking, but that is during usage on the terminal.


Then this should definitely alert GPA to forward the warning to the 
user! It's already there, but GPA is ignoring this?.. (I don't have a 
"recent" version of GnuPG, so I can't be sure this is not already done.)




maybe it would make sense to disregard GPG_AGENT_INFO if it points to
GNOME Keyring one, or maybe even disregard it always, or maybe even
have GPA use another fixed path to always connect to "our"
gpg-agent?


GnuPG 2.1 already always uses a fixed path and disregards the variable.
And recent GnuPG 2.0 versions already warn about the hijack. The problem
is that two software projects want opposite things; this would lead to
an arms race. But fortunately, it will all go away when distributions
start using recent versions of the software, as the issue has finally
been resolved.


Ok, so now it's only a question of GPA and GnuPG 2.1 being backported to 
Jessie. That's good to know.




Oh, by the way, the functionality that GNOME Keyring is providing is
that it offers the option of unlocking your GnuPG keys when you log in.
I've never understood why this is so darn important. Without GNOME
Keyring, you would type two passphrases per login session: once to
login, and for the second time when you use your GnuPG key for the first
time. The gpg-agent can then keep the key unlocked for the rest of the
time if you want it to. With GNOME Keyring, it is reduced to one
passphrase: your login passphrase. Some might say that's a 50% gain, I
say it is the smallest possible gain: you gain one less
passphrase-entering moment per session. Whooptie-friggin'-doo. I don't
get it.


I just wanted to say that "the GNOME guys must have some reason to do 
that, though I seriously doubt their reasoning since GNOME3". Now I see 
I was actually right. %)



--
darkpenguin

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users


GPA - import keys more easily?..

2015-12-08 Thread Dark Penguin
Is it possible to import public keys into GPA by "opening them with GPA" 
instead of using "Keys - Import"?.. That would sure be convenient, but 
simply opening an .asc key with GPA did not do that, and I couldn't find 
anything mentioning such thing in the man gpa.


If this functionality is indeed not there, may I suggest we file a 
"wishlist" bug for this issue?.. It seems quite natural to expect this 
kind of thing. If it is there, I suggest we put it into the manual page, 
because it's not there.


If it's there in the latest version, do rebuke me, for I am not 
upgrading from 0.9.5 (from Debian Jessie repo) to 0.9.9 just to confirm 
this behaviour; and I couldn't find a changelog for the last versions 
anywhere on the site... It took me quite a while to even find a download 
link, even though I do remember that it's hosted on the same site!.. 
Shouldn't it be put in the "Downloads" section, at least as a short link 
in the bottom - "Also, see GPA, which aims to be the default GUI 
frontend and is hosted on this site as well"?..



--
darkpenguin

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users


Re: GPA - unsupported certificate

2015-12-08 Thread Dark Penguin
I am sure I've installed all updates and security-updates. I wanted to 
confirm the existence of another bug, so I've upgraded everything.


Debian has gpg installed by default; I did not run it before installing 
GPA - naturally, I would expect GPA to run it itself if it needs it. 
Also, in Debian, GPA depends on GPGv2, so it got installed as well. I 
believe this means GPA is using GPGv2, but I have no way to confirm it.


I am running MATE, not KDE, as some might have expected (judging by the 
abundance of "K"'s in the names "KGPG" and "Kleopatra") or GNOME3 
(judging by the mention of "GNOME Keyring"). I don't think I've seen any 
mentions of "Kleopatra" in my GPA, either the one from the repo, or the 
one from the website...


Erm... sorry, I am still not very good with understanding the bug report 
flow; I would have checked the Debian GPA bug page before writing here 
if I knew about its existence. ^_^' And yes, here it is, my "Unsupported 
certificate" bug!..


Seems like MATE uses GNOME Keyring, too. Unchecking it did not help... 
This did: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790737#25


Indeed, this is a problem with GNOME Keyring, though fixing it now 
apparently requires more than just disabling the GNOME Keyring; but, 
this is a better solution, since you can keep the GNOME Keyring and have 
GPA work.


I'm not sure if this idea makes sense, but maybe it would be easy to add 
a check on the version of said gpg-agent before attempting to use it?.. 
On one side, GPA is probably supposed to work with whatever 
GPG_AGENT_INFO is set to; on the other side, if all the other software 
is fine working with GNOME Keyring and only GPA needs "only its own" 
gpg-agent, maybe it would make sense to disregard GPG_AGENT_INFO if it 
points to GNOME Keyring one, or maybe even disregard it always, or maybe 
even have GPA use another fixed path to always connect to "our" 
gpg-agent?.. This is not really "our problem", but a workaround would 
probably help...



--
darkpenguin

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users


GPA - unsupported certificate

2015-12-06 Thread Dark Penguin
I wanted to report a few bugs in GPA that I've been getting on Debian 
Squeeze, but I thought I should check if they still exist in the latest 
version. So, I've installed Debian Jessie and got the latest release 
(0.9.9) to see if there was any improvement since few years ago.


So, I start "gpa". The first thing I see is the Key Manager window and 
an invitation to create a new key. On top of it, an error message 
("Unsupported certificate") pops up immediately; on top of this message, 
"GnuPG is rebuilding the trust database", which "might take a few 
seconds", but takes forever.


I tried to wait, but in the end I just had to close the "trust database" 
popup and the "Unsupported certificate" error message. then I proceeded 
with generating a new key, and made sure all those old bugs are still 
there. And what's more, every time I open the Key Manager window, the 
"Unsupported certificate" error pops up again, and there are no keys in 
the Key Manager. Not even the one I've created.


Are those really bugs or am I doing something wrong?.. I've tried that 
on an Ubuntu 14.04 LTS livecd right after booting it up, to see if it 
works on one of the most popular distributions, but all the problems 
were exactly the same.


So, the problems are there on Debian Jessie with 3.16 kernel, gpa 
0.9.5/0.9.9 and gpg 1.4.18/2.0.26 and Ubuntu 14.04 LTS with 3.19 kernel, 
gpa 0.9.4-1 and gpg 1.4.16/2.0.22. (I didn't upgrade Ubuntu before 
trying. Also, seems like GPA uses the gpg2-branch, but does it really 
call upon gpg2 and not old gpg, which is hardly possible to remove from 
the system without breaking a LOT of dependencies like APT?..) Should I 
go on and submit all those things as bug reports, or am I missing 
something important here?.. Seriously, things don't work out of the box 
and nobody has even noticed?.. I just have a hard time believing it...



--
darkpenguin

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users