Re: GnuPG v2.x?
On Wed, 09 Apr 2008 21:37:12 +0200 Ingo Klöcker [EMAIL PROTECTED] wrote: IMO all Free Software MUAs should use GnuPG's S/MIME instead of rolling their own S/MIME implementation. I couldn't agree more. Anyway, thanks for clearing that up! best regards Paul -- It isn't worth a nickle to two guys like you or me, but to a collector it is worth a fortune ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
On Tue, 08 Apr 2008 22:17:03 +0200 Ingo Klöcker [EMAIL PROTECTED] wrote: The S/MIME implementation in KMail (via gpgme/gpgsm) is the only Free Software implementation of S/MIME that has passed the Sphinx interoperability tests of the Federal Office for Information Security (BSI) And what else did they test besides Kmail? best regards Paul -- It isn't worth a nickle to two guys like you or me, but to a collector it is worth a fortune ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
On Tue, 8 Apr 2008 22:17, [EMAIL PROTECTED] said: project [1]. It is used in KMail and probably also in Mutt (but I'm not sure about the latter). The S/MIME implementation in KMail (via If Mutt has been compiled with the gpgme development package installed, it will have support. It is then just a matter of set crypt_use_gpgme in your .muttrc to switch from the OpenSSL based implementaion to the better integrated gpgme one. Salam-Shalom, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
Paul wrote: And what else did they test besides Kmail? It doesn't really matter if there were a hundred other S/MIME implementations tested by Sphinx, or if GnuPG's S/MIME implementation was the only one. The Sphinx evaluation criteria are what matters--not the competition. If the evaluation criteria are rigorous and demanding, then being the only one to pass is a major accomplishment even if no one else submitted. If the evaluation criteria are easy, then being the best of hundreds to pass the examination really doesn't amount to much at all. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
On Wed, 09 Apr 2008 02:42:08 -0500 Robert J. Hansen [EMAIL PROTECTED] wrote: It doesn't really matter if there were a hundred other S/MIME implementations tested by Sphinx, or if GnuPG's S/MIME implementation was the only one. The Sphinx evaluation criteria are what matters--not the competition. That maybe true, but that is not what the OP said exactly. He didn't say GnuPG's S/MIME implementation passed, he said 'The S/MIME implementation in KMail'. So, I asked what other MUAs were tested. KMail is not the only MUA using GnuPG's S/MIME, Claws Mail does too. It's news to me if Claws Mail was tested - as a member of the dev team I would have expected to hear about it. So, I wondered, if KMail was the only MUA tested, then saying it is the only one that passed seems like a bit of semantic trickery, inferring, as it does, that others failed. best regards Paul -- It isn't worth a nickle to two guys like you or me, but to a collector it is worth a fortune ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
On Wednesday 09 April 2008, Paul wrote: On Wed, 09 Apr 2008 02:42:08 -0500 Robert J. Hansen [EMAIL PROTECTED] wrote: It doesn't really matter if there were a hundred other S/MIME implementations tested by Sphinx, or if GnuPG's S/MIME implementation was the only one. The Sphinx evaluation criteria are what matters--not the competition. That maybe true, but that is not what the OP said exactly. He didn't say GnuPG's S/MIME implementation passed, he said 'The S/MIME implementation in KMail'. So, I asked what other MUAs were tested. Did you follow the link I provided? The PDFs available on this page contain the test reports. They are in German but it shouldn't be a problem to understand which solutions were tested. Anyway, KMail was the only Free Software MUA that was tested because testing costs a lot of money. The other tested solutions were proprietary plugins for Groupwise, Lotus Notes and MS Outlook, and a mail gateway running on Linux. Note that the BSI wasn't interested in testing all available MUAs. They only wanted to make sure that the MUA they have chosen for usage on Linux was interoperable with the other solutions used by them. Obviously, this statement is somewhat simplified (and might even be incorrect). Even though I'm the former maintainer of KMail I was only very marginally involved in the Ägypten project. KMail is not the only MUA using GnuPG's S/MIME, Claws Mail does too. It's news to me if Claws Mail was tested - as a member of the dev team I would have expected to hear about it. So, I wondered, if KMail was the only MUA tested, then saying it is the only one that passed seems like a bit of semantic trickery, inferring, as it does, that others failed. Shoot me for using semantic trickery. :-) I only answered Sven's provocative (as I understood it) question whether GnuPG's S/MIME implementation is actually used somewhere and what its benefits are. I didn't want to belittle other MUAs using GnuPG's S/MIME. Au contraire. IMO all Free Software MUAs should use GnuPG's S/MIME instead of rolling their own S/MIME implementation. I'm pretty sure passing the Sphinx-interoperability test wouldn't be much of a problem for any MUA doing so. Regards, Ingo signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
Paul wrote: So, I wondered, if KMail was the only MUA tested, then saying it is the only one that passed seems like a bit of semantic trickery, inferring, as it does, that others failed. [sigh] If you're going to misquote someone, at least do it accurately. The original poster's exact words were is the only Free Software implementation of S/MIME that has passed the Sphinx interoperability tests. The parse is ambiguous. You can read it as meaning only one Free Software implementation was submitted to Sphinx, and it passed. You can read it as other Free Software implementations were submitted to Sphinx, and only KMail passed. Or you can do what I do, which is recognize that it's an ambiguous parse, and assume that the person speaking is a reasonable human being who is probably not engaging in semantic trickery. Accusing people of malfeasance when there is no clear evidence any occurred is a McCarthyism into which I do not wish to fall. Ingo is a reasonable human being. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
On Wed, 09 Apr 2008 14:44:22 -0500 Robert J. Hansen [EMAIL PROTECTED] wrote: [sigh] [bigger sigh] If you're going to misquote someone, at least do it accurately. The original poster's exact words were is the only Free Software implementation of S/MIME that has passed the Sphinx interoperability tests. Yes, exactly. That's why I asked what else was tested. I don't see any misquoting. As you say... The parse is ambiguous. You can read it as meaning only one Free Software implementation was submitted to Sphinx, and it passed. You can read it as other Free Software implementations were submitted to Sphinx, and only KMail passed. Yes, exactly. That's why I asked what else was tested. Or you can do what I do, which is recognize that it's an ambiguous parse, and assume that the person speaking is a reasonable human being who is probably not engaging in semantic trickery. Accusing people of malfeasance when there is no clear evidence any occurred is a McCarthyism into which I do not wish to fall. 'malfeasance' is a strong word. Alas, it seems that you might be slipping already! :) Ingo is a reasonable human being. I didn't say otherwise. have a banana Paul -- Note to self: do as Robert does. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
On Wed, 9 Apr 2008, Paul wrote: [back to the original, so quotation accuracy is not the issue] On Tue, 08 Apr 2008 22:17:03 +0200 Ingo Kl?cker [EMAIL PROTECTED] wrote: The S/MIME implementation in KMail (via gpgme/gpgsm) is the only Free Software implementation of S/MIME that has passed the Sphinx interoperability tests of the Federal Office for Information Security (BSI) And what else did they test besides Kmail? . . . H The simple logic of that is like questions I often have, including when the topic is new to me or is about some official agency giving attention to someone or thing: him/her: A did B to C. me:Oh, did A do B to anyone/thing else? It's a neutral way to learn more about not just B, but also about A and about C, plus about any D, E, ... which might be mentioned in the answer to my question.___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
Hi! Am Donnerstag, den 03.04.2008, 18:41 +0200 schrieb Werner Koch: The real reason for GnuPG-2 is the support for S/MIME. I'm just curious and do not mean to be offensive or to belittle the effort to implement S/MIME, but is GnuPG's S/MIME implementation actually used somewhere? As far as I see it, the mail clients that offer S/MIME do so far longer than GnuPG2 exists and therefore have their own implementations (or use other libs). Is there any benefit for GnuPG's S/MIME implementation that I am not aware of (like being able to re-use OpenPGP key material 'transparently' in an S/MIME certificate)? cu, Sven ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
On Mon, 7 Apr 2008 16:26, [EMAIL PROTECTED] said: I think that last statement is no longer true. As of Thunderbird 2.0, SeaMonkey 1.1 and Firefox 2.0 all 40 bit algorithms are disabled by default (but the user may still enable them if he knows how to change hidden prefs). We had this problem recently; not longer than half a year ago. I don't know what the current version of thunderbird was at that time. Shalom-Salam, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
On Thursday 03 April 2008, Sven Radde wrote: Hi! Am Donnerstag, den 03.04.2008, 18:41 +0200 schrieb Werner Koch: The real reason for GnuPG-2 is the support for S/MIME. I'm just curious and do not mean to be offensive or to belittle the effort to implement S/MIME, but is GnuPG's S/MIME implementation actually used somewhere? Yes. As far as I see it, the mail clients that offer S/MIME do so far longer than GnuPG2 exists and therefore have their own implementations (or use other libs). GnuPG's S/MIME implementation was developed as part of the Aegypten project [1]. It is used in KMail and probably also in Mutt (but I'm not sure about the latter). The S/MIME implementation in KMail (via gpgme/gpgsm) is the only Free Software implementation of S/MIME that has passed the Sphinx interoperability tests of the Federal Office for Information Security (BSI) [2]. Regards, Ingo [1] http://www.gnupg.de/aegypten/ [2] http://www.bsi.bund.de/fachthem/verwpki/interoptests/testberichte.htm (German) signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
Werner Koch wrote: [...] necessary enhancements to their S/MIME implementation. The way Mozilla works is basically: Show a positive result but don't annoy the user if the signature is suspicious. The fact that Mozilla may fall back to 40 bit RC4 encryption may indicate that the developers do not consider privacy a major goal. I think that last statement is no longer true. As of Thunderbird 2.0, SeaMonkey 1.1 and Firefox 2.0 all 40 bit algorithms are disabled by default (but the user may still enable them if he knows how to change hidden prefs). -Patrick ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
Just updated to svn version gpg2 4739 Still have same problems trying to compile gpg2 under cygwin with the gettext error: gcc -I/usr/local/include -I/usr/local/include -g -O2 -Wall -Wcast-align -Wshado w -Wstrict-prototypes -Wformat -Wno-format-y2k -Wformat-security -Wpointer-arith -o gpg2.exe gpg.o server.o build-packet.o compress.o compress-bz2.o free-pack et.o getkey.o keydb.o keyring.o seskey.o kbnode.o mainproc.o armor.o mdfilter.o textfilter.o progress.o misc.o openfile.o keyid.o parse-packet.o cpr.o plaintext .o sig-check.o keylist.o pkglue.o pkclist.o skclist.o pubkey-enc.o passphrase.o seckey-cert.o encr-data.o cipher.o encode.o sign.o verify.o revoke.o decrypt.o k eyedit.o dearmor.o import.o export.o trustdb.o tdbdump.o tdbio.o delkey.o keygen .o helptext.o keyserver.o photoid.o call-agent.o card-util.o exec.o ../common/li bcommon.a ../jnlib/libjnlib.a ../gl/libgnu.a ../common/libgpgrl.a -lz -lbz2 -lr esolv -lreadline /usr/local/lib/libintl.dll.a -liconv -L/usr/local/lib -lgcry pt -lgpg-error -L/usr/local/lib -lassuan -L/usr/local/lib -lgpg-error -liconv /usr/local/lib/libgpg-error.a(libgpg_error_la-strerror.o): In function `gpg_stre rror': /home/klal/temp/gnupg/libgpg-error-1.6/src/strerror.c:50: undefined reference to `_libintl_dgettext' /usr/local/lib/libgpg-error.a(libgpg_error_la-strerror.o): In function `gpg_stre rror_r': /home/klal/temp/gnupg/libgpg-error-1.6/src/strerror.c:161: undefined reference t o `_libintl_dgettext' Info: resolving _rl_attempted_completion_over by linking to __imp__rl_attempted_ completion_over (auto-import) Info: resolving _rl_attempted_completion_function by linking to __imp__rl_attemp ted_completion_function (auto-import) Info: resolving _rl_inhibit_completion by linking to __imp__rl_inhibit_completio n (auto-import) Info: resolving _rl_catch_signals by linking to __imp__rl_catch_signals (auto-im port) Info: resolving _rl_outstream by linking to __imp__rl_outstream (auto-import) Info: resolving _rl_instream by linking to __imp__rl_instream (auto-import) Info: resolving _rl_readline_name by linking to __imp__rl_readline_name (auto-im port) collect2: ld returned 1 exit status make[2]: *** [gpg2.exe] Error 1 make[2]: Leaving directory `/home/klal/temp/gnupg/gpg2/g10' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/home/klal/temp/gnupg/gpg2' make: *** [all] Error 2 I've seen other people complain of a similar error trying to compile other programs, but never found a posted solution. I don't know a lot about playing with the link flags. Are there any suggestions I could try? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
On Fri, 04 Apr 2008 22:45:52 +0200 Werner Koch [EMAIL PROTECTED] wrote: Well, KDE uses it. It is also used by Claws Mail for its S/MIME plugin. best regards Paul -- It isn't worth a nickle to two guys like you or me, but to a collector it is worth a fortune ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
On Sat, 5 Apr 2008 04:21, [EMAIL PROTECTED] said: Does 2.x work in Vista? Yes. GnuPG-2 under Windows is pretty new so you might encounter some problems. A binary distribution is not yet available. The best way to build is to use the SVN trunk of gpg4win.org. Shalom-Salam, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
GnuPG v2.x?
But will it compile using in Vista using cygwin? -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
GnuPG v2.x?
I think I can answer my own question --- No! I obtained svn sources, but during the make process, it failed with the following: gcc -I/usr/local/include -I/usr/local/include -I/usr/local/include -g -O2 -Wall -Wcast-align -Wshadow -Wstrict-prototypes -Wformat -Wno-format-y2k -Wformat-secu rity -Wpointer-arith -o gpg2.exe gpg.o server.o build-packet.o compress.o comp ress-bz2.o free-packet.o getkey.o keydb.o keyring.o seskey.o kbnode.o mainproc.o armor.o mdfilter.o textfilter.o progress.o misc.o openfile.o keyid.o parse-pack et.o cpr.o plaintext.o sig-check.o keylist.o pkglue.o pkclist.o skclist.o pubkey -enc.o passphrase.o seckey-cert.o encr-data.o cipher.o encode.o sign.o verify.o revoke.o decrypt.o keyedit.o dearmor.o import.o export.o trustdb.o tdbdump.o tdb io.o delkey.o keygen.o helptext.o keyserver.o photoid.o call-agent.o card-util.o exec.o ../common/libcommon.a ../jnlib/libjnlib.a ../gl/libgnu.a ../common/libg pgrl.a -lz -lbz2 -lresolv -lreadline /usr/local/lib/libintl.dll.a -liconv -L/us r/local/lib -L/usr/local/lib -lgcrypt -lgpg-error -L/usr/local/lib -lassuan -L /usr/local/lib -lgpg-error -liconv /usr/local/lib/libgpg-error.a(libgpg_error_la-strerror.o): In function `gpg_stre rror': /home/klal/libgpg-error-1.6/src/strerror.c:50: undefined reference to `_libintl_ dgettext' /usr/local/lib/libgpg-error.a(libgpg_error_la-strerror.o): In function `gpg_stre rror_r': /home/klal/libgpg-error-1.6/src/strerror.c:161: undefined reference to `_libintl _dgettext' /usr/local/lib/libgpg-error.a(libgpg_error_la-strsource.o): In function `gpg_str source': /home/klal/libgpg-error-1.6/src/strsource.c:36: undefined reference to `_libintl _dgettext' /home/klal/libgpg-error-1.6/src/strsource.c:36: undefined reference to `_libintl _dgettext' Info: resolving _rl_attempted_completion_over by linking to __imp__rl_attempted_ completion_over (auto-import) Info: resolving _rl_attempted_completion_function by linking to __imp__rl_attemp ted_completion_function (auto-import) Info: resolving _rl_inhibit_completion by linking to __imp__rl_inhibit_completio n (auto-import) Info: resolving _rl_catch_signals by linking to __imp__rl_catch_signals (auto-im port) Info: resolving _rl_outstream by linking to __imp__rl_outstream (auto-import) Info: resolving _rl_instream by linking to __imp__rl_instream (auto-import) Info: resolving _rl_readline_name by linking to __imp__rl_readline_name (auto-im port) -- Kevin Hilton ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
GnuPG v2.x?
Hmm, thanks for the suggestion. I believe gnupg2 requires gettext 0.17 or greater -- cygwin ships with 0.16, with no higher version available in its mirrors. I downloaded the 0.17 sources from here: ftp://mirrors.kernel.org/gnu/gettext/, compiled and installed. I'm kind of stuck at this point. The intl package is contained within the gettext package correct? For some reason the cvs sources of gettext will not compile. I'm stuck in dependency hell! I'm finding not much luck with the cygwin mailing list either! ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
Kevin Hilton wrote: I think I can answer my own question --- No! If you've gotten that far; ie, all other dependencies built, it's more like --- Maybe! I obtained svn sources, but during the make process, it failed with the following: gcc -I/usr/local/include -I/usr/local/include -I/usr/local/include -g -O2 -Wall -Wcast-align -Wshadow -Wstrict-prototypes -Wformat -Wno-format-y2k -Wformat-secu rity -Wpointer-arith -o gpg2.exe gpg.o server.o build-packet.o compress.o comp ress-bz2.o free-packet.o getkey.o keydb.o keyring.o seskey.o kbnode.o mainproc.o armor.o mdfilter.o textfilter.o progress.o misc.o openfile.o keyid.o parse-pack et.o cpr.o plaintext.o sig-check.o keylist.o pkglue.o pkclist.o skclist.o pubkey -enc.o passphrase.o seckey-cert.o encr-data.o cipher.o encode.o sign.o verify.o revoke.o decrypt.o keyedit.o dearmor.o import.o export.o trustdb.o tdbdump.o tdb io.o delkey.o keygen.o helptext.o keyserver.o photoid.o call-agent.o card-util.o exec.o ../common/libcommon.a ../jnlib/libjnlib.a ../gl/libgnu.a ../common/libg pgrl.a -lz -lbz2 -lresolv -lreadline /usr/local/lib/libintl.dll.a -liconv -L/us r/local/lib -L/usr/local/lib -lgcrypt -lgpg-error -L/usr/local/lib -lassuan -L /usr/local/lib -lgpg-error -liconv /usr/local/lib/libgpg-error.a(libgpg_error_la-strerror.o): In function `gpg_stre rror': /home/klal/libgpg-error-1.6/src/strerror.c:50: undefined reference to `_libintl_ dgettext' /usr/local/lib/libgpg-error.a(libgpg_error_la-strerror.o): In function `gpg_stre rror_r': looks like it can't find one of its dependencies. Rerun Cygwin's setup and make sure you've installed all of them, including any associated devel package. If you have, then you have a problem with your gettext/intl install. -- John P. Clizbe Inet: JPClizbe (a) tx DAWT rr DAHT con Ginger Bear Networks hkp://keyserver.gingerber,net Be who you are and say what you feel because those who mind don't matter and those who matter don't mind. - Dr Seuss, Oh the Places You'll Go signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
Maybe this isnt for me. I did manage to get gettext compiled from cvs. Its now 0.18-pre1. However I think Im getting stuck at the same point: gcc -I/usr/local/include -I/usr/local/include -I/usr/local/include -g -O2 -Wall -Wcast-align -Wshadow -Wstrict-prototypes -Wformat -Wno-format-y2k -Wformat-secu rity -Wpointer-arith -o gpg2.exe gpg.o server.o build-packet.o compress.o comp ress-bz2.o free-packet.o getkey.o keydb.o keyring.o seskey.o kbnode.o mainproc.o armor.o mdfilter.o textfilter.o progress.o misc.o openfile.o keyid.o parse-pack et.o cpr.o plaintext.o sig-check.o keylist.o pkglue.o pkclist.o skclist.o pubkey -enc.o passphrase.o seckey-cert.o encr-data.o cipher.o encode.o sign.o verify.o revoke.o decrypt.o keyedit.o dearmor.o import.o export.o trustdb.o tdbdump.o tdb io.o delkey.o keygen.o helptext.o keyserver.o photoid.o call-agent.o card-util.o exec.o ../common/libcommon.a ../jnlib/libjnlib.a ../gl/libgnu.a ../common/libg pgrl.a -lz -lbz2 -lresolv -lreadline /usr/local/lib/libintl.dll.a -liconv -L/us r/local/lib -L/usr/local/lib -lgcrypt -lgpg-error -L/usr/local/lib -lassuan -L /usr/local/lib -lgpg-error -liconv /usr/local/lib/libgpg-error.a(libgpg_error_la-strerror.o): In function `gpg_stre rror': /home/klal/libgpg-error-1.6/src/strerror.c:50: undefined reference to `_libintl_ dgettext' /usr/local/lib/libgpg-error.a(libgpg_error_la-strerror.o): In function `gpg_stre rror_r': /home/klal/libgpg-error-1.6/src/strerror.c:161: undefined reference to `_libintl _dgettext' /usr/local/lib/libgpg-error.a(libgpg_error_la-strsource.o): In function `gpg_str source': /home/klal/libgpg-error-1.6/src/strsource.c:36: undefined reference to `_libintl _dgettext' /home/klal/libgpg-error-1.6/src/strsource.c:36: undefined reference to `_libintl _dgettext' Info: resolving _rl_attempted_completion_over by linking to __imp__rl_attempted_ completion_over (auto-import) Info: resolving _rl_attempted_completion_function by linking to __imp__rl_attemp ted_completion_function (auto-import) Info: resolving _rl_inhibit_completion by linking to __imp__rl_inhibit_completio n (auto-import) Info: resolving _rl_catch_signals by linking to __imp__rl_catch_signals (auto-im port) Info: resolving _rl_outstream by linking to __imp__rl_outstream (auto-import) Info: resolving _rl_instream by linking to __imp__rl_instream (auto-import) Info: resolving _rl_readline_name by linking to __imp__rl_readline_name (auto-im port) collect2: ld returned 1 exit status make[2]: *** [gpg2.exe] Error 1 make[2]: Leaving directory `/home/klal/temp/gnupg/gnupg2/gnupg/g10' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/home/klal/temp/gnupg/gnupg2/gnupg' make: *** [all] Error 2 Still seems like a gettext error. All libs are in /usr/local/libs Thanks for any suggestions or sympathies. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
Clarification, my libraries are in /usr/local/lib Also this link statement seems strange to me. Possibly this is correct?: -lreadline /usr/local/lib/libintl.dll.a ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
On Thu, 3 Apr 2008 19:20, [EMAIL PROTECTED] said: I'm just curious and do not mean to be offensive or to belittle the effort to implement S/MIME, but is GnuPG's S/MIME implementation actually used somewhere? Well, KDE uses it. It is further the only Unix S/MIME application (with KMail) which passed the compatibility checks done by the BSI [1]. Mozilla has been tested too but woth some problems. In fact the Mozilla Foundation rejected our offer to implement a couple of useful and necessary enhancements to their S/MIME implementation. The way Mozilla works is basically: Show a positive result but don't annoy the user if the signature is suspicious. The fact that Mozilla may fall back to 40 bit RC4 encryption may indicate that the developers do not consider privacy a major goal. aware of (like being able to re-use OpenPGP key material 'transparently' in an S/MIME certificate)? You can't do that for technical reasons. An X.509 certificate based on the key material from an OpenPGP key has just the key material in common but nothing else. This would only make sense if you store your private key on a smartcard. GnuPG supports creation of certificates (to be exact, certificate signing requests) using existing key material. Salam-Shalom, Werner [1] e.g. http://www.bsi.de/fachthem/verwpki/dokumente/1_2005.pdf (German) -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
Does 2.x work in Vista? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
On Fri, 28 Mar 2008 16:33, [EMAIL PROTECTED] said: to your question, and one I suspect they will emphatically disagree with. :) Let's see ... exist mostly as rules of thumb and handed-down wisdom. I use 1.4.x only because of the latter kind of reasons: particularly, the Small Tools Principle and the Second System Effect. That is why we promised to keep 1.4 alive. of the Small Tools Principle. When I build my own 1.4.x GnuPG, I typically turn off all the options I don't need. The smaller my trusted codebase, the more reliable the final product will be. Right. However there are so many features in gpg that I have doubts that it is really a small tool. The major problem is that gpg tries to implement the entire OpenPGP standard and quite some extra features. doesn't sit well with me. I don't need the new capabilities of 2.x; why, then, should I migrate to it? For my part, the convenience of the gpg-agent. understand the architecture and design of the system. As GnuPG 1.0 turned into 1.2 and 1.4, I kept track of the changes. I've not yet had the time to study GnuPG 2.x. I don't know the architecture and design. The OpenPGP code (gpg2) is identical to the one from GnuPG 1.4. There are some exceptions: All low level crypto code has been moved out to Libgcrypt which in turn was created from the GnuPG 1.x code base. passphrase.c has been modified to use the standard code to access the gpg-agent (gpg1 uses some simplied code). In general we try to keep the code as similar as possible between gpg1 and gpg2 - this make maintenacne much easier. Of course there are plans to better integrate gpg2 into the entire GnuPG-2 framework. For example all secret key processing will eventually be moved to gpg-agent. This is to follow the crypto pronciple of putting all your keys into one basket and watch that basket very carefully. The real reason for GnuPG-2 is the support for S/MIME. This is all plain new code and you can't consider this the second system effect. S/MIME is an orthogonal addition to GnuPG. The code is definitely not as matured as the one for gpg 1.4 but it works reasonable well. I hope that I will eventually find the time to get trapped by the Second System Effect ;-). Salam-Shalom, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
GnuPG v2.x?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi All, I've been on the list for some time but have thus far been a lurker, and this is my first post. I have a very basic question. I have seen for quite some time that GPG v2.x has been available. It seems to offer some significant advantages according to what I read. Yet, no one seems to be using it and it seems to be available only in source code. In particular, I have not seen any Mac binaries. Why does it seem that virtually no one is using it? - -- Scott A. Blystone CAcert.org Assurer Thawte Notary GSWoT Introducer Rochester, New York -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (Darwin) Comment: GSWoT:US61 Gossamer Spider Web of Trust www.gswot.org Comment: Scott Blystone Rochester, NY [EMAIL PROTECTED] Comment: Public key available at http://wwwkeys.pgp.net iEYEARECAAYFAkfry8QACgkQi8a/mTXWPY9cJwCgmF35sNT7DTxi7QNWgXF/He6U HxkAn0a/IIOqNGmjvpFICx3WBUoocnXU =yvAA -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Scott Blystone wrote the following on 3/27/08 12:31 PM: Hi All, I've been on the list for some time but have thus far been a lurker, and this is my first post. I have a very basic question. I have seen for quite some time that GPG v2.x has been available. It seems to offer some significant advantages according to what I read. Yet, no one seems to be using it and it seems to be available only in source code. In particular, I have not seen any Mac binaries. Why does it seem that virtually no one is using it? I am using it currently, and have been using it for some time, with gpg-agent. For a binary installer of 2.0.7, please check: http://www.py-soft.co.uk/~benjamin/download/mac-gpg/ mac-gnupg-2.0.7-TEST1.zip - I have tested it and it is fine. It is not enough to run the installer, please read the information contained in the download page, for required complementary files. In the meantime I have updated to 2.0.9, compiling the source code, but downloading the required libraries, that are statically built in the binary installer. Charly -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.9 (Darwin) Comment: GnuPG for Privacy Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEcBAEBCAAGBQJH7OJ6AAoJEM3GMi2FW4PvGIEH/0S9vxn0dNAmNv9+dPj4NNOt Z1JXG+0/5MYhz/k3W7Y3H994kmdb1gkxehW8C4qFJv0JUmWUIatfrFzONiB5RpO7 yitWidwnsvxu+6YVuu+9JjwsCN8uDN5ZFGMh5JAyYcNKt/J0uXHqAwmaMAeLoy7/ uMQdfr1qbEonBLrcpnWTgYU+zQAmEFPP0c622I0GJ697hrB3z+mG2mS9S/FhpG3k zZH3j0CfZadG2MZlGZxK5+NDGVmVz6Q5inRUCY/UtqrUkPUr+ZUKTHPcvPv+mXdN /T5W2+yJr7MPUb5jGL/5C8srAmbltsxWC/J3MbYoejw8ne+JogY7rwylnin9vV8= =0aPu -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
Scott Blystone wrote: I've been on the list for some time but have thus far been a lurker, and this is my first post. I have a very basic question. Well, you sure did pick an excellent one to start off on. :) I have seen for quite some time that GPG v2.x has been available. It seems to offer some significant advantages according to what I read. ... Why does it seem that virtually no one is using it? You may not get as complete answers as you want here. The GnuPG 2.x authors are on the list, after all, and they are some scarily competent people. Some people who haven't migrated might be afraid to voice their opinions, for fear that people who know more than them will clobber their opinion mercilessly. The GnuPG authors are reasonable human beings. They tend not to do that. In fact, I'm so confident of their willingness to tolerate sincere and reasoned disagreements that I'll give a very complete answer to your question, and one I suspect they will emphatically disagree with. :) * * * * * Computer science, like pretty much any highly technical field, has parts to it that are formally describable in mathematical terms and parts that exist mostly as rules of thumb and handed-down wisdom. I use 1.4.x only because of the latter kind of reasons: particularly, the Small Tools Principle and the Second System Effect. * * * * * The Small Tools Principle: The more things a program does, the greater the chance it will fail. Tools should be small and do one thing extremely well. GnuPG 1.4.x is purely an OpenPGP application. I didn't like it when it started integrating smartcard functionality, since it seems likely the vast majority of users will not need it, and it seemed like a violation of the Small Tools Principle. When I build my own 1.4.x GnuPG, I typically turn off all the options I don't need. The smaller my trusted codebase, the more reliable the final product will be. GnuPG 2.x is... well, I guess the better question is what is there GnuPG 2.x doesn't do? Its capabilities have expanded significantly. This doesn't sit well with me. I don't need the new capabilities of 2.x; why, then, should I migrate to it? * * * * * The Second System Effect: When designing the successor to a relatively small, elegant and successful system, there is a tendency to become grandiose in one's success and design an elephantine feature-laden monstrosity. This is a general rule and may not apply to GnuPG 2.x. I don't know if it does. I also don't know if it doesn't. This is not a state of affairs you want in security software. I know wk has said that he was aware of this general rule during 2.x's development, but I don't trust Werner to evaluate the quality of his own code. This is no slight against him. I don't trust _anyone_ to evaluate the quality of his or her own code. When GnuPG 1.0 came out, the very first thing I did was sit down and spend a week going over the code. I wasn't bughunting; I was trying to understand the architecture and design of the system. As GnuPG 1.0 turned into 1.2 and 1.4, I kept track of the changes. I've not yet had the time to study GnuPG 2.x. I don't know the architecture and design. Since I've seen no independent evaluations of 2.x and had no time to personally inspect the code for myself, I feel that I need to consider the possibility that 2.x is an example of the second-system effect. * * * * * ... So what you get to, then, is this. I know GnuPG 1.4.x. It is trusted code and I have given it the looking-at I feel it deserves. I have come to the belief that it (a) obeys the Small Tools Principle and (b) does not suffer from the Second System Effect. I don't know GnuPG 2.x. It's trusted code but I haven't yet been able to give it the looking-at I feel it deserves. I have a nagging doubt about whether it obeys the Small Tools Principle. I do not know whether it's developing the Second System Effect. If I had a couple of weeks to study the 2.x code, these concerns might very well get assuaged, but given I have comps coming up... well, first I have comps, after that I have a nervous breakdown penciled in, and after that... Finally, GnuPG 1.4.x does everything I need it to do and does it quite well. Why should I change? * * * * * ... As two last (and hopefully unnecessary!) words of warning: first, do not interpret any of this as an attack on 2.x. It's not. I have exactly _zero_ evidence of any problems with 2.x. I have questions, sure, but a question is not the same as a problem, and people should not interpret my questions as anything other than what they are. Second, just because I'm this paranoid doesn't mean you should be. Only you get to decide your own security policy. I don't get a vote in what your policy should be, and if you were to give me one, the first thing I'd do after
Re: GnuPG v2.x?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Thank-you to all who responded to my questions about v2.x. There were many excellent points made. I need to stay on the v1.x branch as I am using a Mac and would not be able to integrate v2.x with either Apple Mail or Thunderbird. But I'm more content now! :-) - -- Scott Blystone Rochester, NY -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (Darwin) Comment: GSWoT:US61 Gossamer Spider Web of Trust www.gswot.org Comment: Scott Blystone Rochester, NY [EMAIL PROTECTED] Comment: Public key available at http://wwwkeys.pgp.net iEYEARECAAYFAkftEmcACgkQi8a/mTXWPY9INwCfdUe+VXhD9vqYyyVM7NFEKuQ0 ApcAn2T1aKQa9eeyaUqVszIw31EPlYg2 =GTrT -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
Scott Blystone wrote: I need to stay on the v1.x branch as I am using a Mac and would not be able to integrate v2.x with either Apple Mail or Thunderbird. But I'm more content now! :-) 2.x can be used on the Mac, and can be integrated with Thunderbird. If you want to use 1.4.x, by all means go right ahead, let me be the last to complain--but use it because it's what you want to use, not because you think you have to use it. :) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
On Fri March 28 2008, Werner Koch wrote: source code. In particular, I have not seen any Mac binaries. Why does it seem that virtually no one is using it? I don't know about the Mac. However, all KMail users are more or less required to use it and all modern distros come with GnuPG-2. I have 1.4.9 only because I downloaded the source and installed it via checkisntall: $ dpkg --list|grep gnupg ii gnupg 1.4.9-1 Package created with checkinstall 1.6.1 I am running Debian Etch, with KDE 3.5.8 and Kmail 1.9.7 is there an easy upgrade path to GnuPG-2 ? -- Paul Cartwright Registered Linux user # 367800 Registered Ubuntu User #12459 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
Paul Cartwright wrote: is there an easy upgrade path to GnuPG-2 ? Beyond sudo apt-get install gnupg2? (The above works on Ubuntu 7.10, which is generally very comparable to Debian. I have no Debian Etch systems available for testing.) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
Robert, I am currently grabbing Mac compiled binaries for the TEST1 version of 2.0.7. How would one integrate v2.x into Thunderbird, though? I think the Enigmail version supports only GPG v1.x. Also, I'm absolutely certain that the Apple Mail plugin for Leopard only supports v1.x. And even it is in mid to late beta status. -- Scott Blystone Rochester, New York On Mar 28, 2008, at 11:51 AM, Robert J. Hansen wrote: Scott Blystone wrote: I need to stay on the v1.x branch as I am using a Mac and would not be able to integrate v2.x with either Apple Mail or Thunderbird. But I'm more content now! :-) 2.x can be used on the Mac, and can be integrated with Thunderbird. If you want to use 1.4.x, by all means go right ahead, let me be the last to complain--but use it because it's what you want to use, not because you think you have to use it. :) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
Scott Blystone wrote: I am currently grabbing Mac compiled binaries for the TEST1 version of 2.0.7. How would one integrate v2.x into Thunderbird, though? I think the Enigmail version supports only GPG v1.x. Well, given that I'm part of the Enigmail team... :) http://enigmail.mozdev.org/documentation/index.php In order to provide the crypto-features, Enigmail requires GnuPG to be installed. We currently recommend GnuPG version 1.4.8 and/or 2.0.8. The Quick Start Guide leads people through the process of installing GnuPG 1.4.x, mostly because we've discovered that to be an easier process than GnuPG 2. However, Enigmail works fine with GnuPG 2, and we have several people who can assist you in getting set up with it. Why not join the Enigmail list? We're a pretty friendly bunch over there. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
On Thu, 27 Mar 2008 17:31, [EMAIL PROTECTED] said: source code. In particular, I have not seen any Mac binaries. Why does it seem that virtually no one is using it? I don't know about the Mac. However, all KMail users are more or less required to use it and all modern distros come with GnuPG-2. Shalom-Salam, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Scott Blystone wrote the following on 3/28/08 11:44 AM: Thank-you to all who responded to my questions about v2.x. There were many excellent points made. I need to stay on the v1.x branch as I am using a Mac and would not be able to integrate v2.x with either Apple Mail or Thunderbird. But I'm more content now! :-) I am using gpg 2.0.9 integrated with Thunderbird and with Apple Mail, on a Macbook Intel Core 2 Duo. In Thunderbird+Enigmail, the user can switch from v1.4.9 to v2.0.9 on the fly, by changing the gpg path. Which I do when required. This e-mail is signed using gpg 2.0.9. In GPGMail, it requires a CLI. Using a Mac does not prevent you to use gpg v2.* Charly -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.9 (Darwin) Comment: GnuPG for Privacy Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEcBAEBCAAGBQJH7RvtAAoJEM3GMi2FW4Pv+ggIAMApyN+uC4uK+6LBbEr0JIo5 F7KJ8YwnfKvJrKBeAv8KHfhdT1D+RMoyT20LUx7bNkPRBfYAavwdUSHh1v53F1VV necUFTz0MWc3OkNQlPVIF5UGZ7XM+CBfuBh0OL4egnftMx2XY+cMIT1KAbzVFBxN pqiTgThmeKq89UJ1ZvA+3KwuASWiPBPtWjq2kwzuT1G8m616fcw6ZLsjVLM6wwkF snfe0gP6lj2x1bKubDw0CUKKhh4VMIaS8TQ1c/pXXuZ6sGlFcQgIyHilC9voHL9q oFceRXHb+sQDM/zwTcGcqn4e58lyBYLgVkVKuUhghDD7npiO00uFHzs7pM2+iEs= =pQn+ -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
Scott Blystone wrote: Robert, I am currently grabbing Mac compiled binaries for the TEST1 version of 2.0.7. How would one integrate v2.x into Thunderbird, though? I think the Enigmail version supports only GPG v1.x. Also, I'm absolutely certain that the Apple Mail plugin for Leopard only supports v1.x. And even it is in mid to late beta status. OpenPGP -- Preferences. Top box, Files and Directories. Change the full path to gpg to the full path to gpg2. Click OK. -- John P. Clizbe Inet: John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. PGP/GPG KeyID: 0x608D2A10/0x18BB373A what's the key to success?/ two words: good decisions. what's the key to good decisions? / one word: experience. how do i get experience? / two words: bad decisions. Just how do the residents of Haiku, Hawai'i hold conversations? signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GnuPG v2.x?
On Mar 28, 2008, at 12:18 PM, Scott Blystone wrote: Robert, I am currently grabbing Mac compiled binaries for the TEST1 version of 2.0.7. How would one integrate v2.x into Thunderbird, though? As I already indicated in a previous e-mail, you change the path of Enigmail accordingly to use gpg2, on the fly. There's a mailing list for Enigmail users, [EMAIL PROTECTED] I think the Enigmail version supports only GPG v1.x. No. Also, I'm absolutely certain that the Apple Mail plugin for Leopard only supports v1.x Why are you sure? This e-mail is written in Apple Mail with the GPGMail mailbundle, and it is using gpg2, as you will see in the footers of the signature. . And even it is in mid to late beta status. It is in beta and it works. Charly PGP.sig Description: This is a digitally signed message part ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users