Re: [Announce] A New Future for GnuPG
On 2022-01-03 at 08:19 +0100, Werner Koch wrote: > Hello and a Happy Gnu Year! > > It has been quite some time since my last status report on GnuPG. I > have been quite busy working on the project but unfortunately rarely > active on the usual channels. So, here is a new report telling what > we did over the last two or three years. I can only say... Congratulations! ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] A New Future for GnuPG
Am Tue, Jan 04, 2022 at 04:02:21PM +1100 schrieb raf via Gnupg-users: > > Hello and a Happy Gnu Year! This makes me count the years. Should I really start? I had “used” PGP before I had an Internet-connection and longer even before I had changed careers to become a “software-developer” (of a kind). In the meantime, I have stopped being the latter and am falling foul of the Net. GnuPG is still a constant in my daily life. Do not be too impressed with the numbers, but if it makes you chuckle, I did something useful this morning. ;) I cannot estimate what you did and have never understood much, but you did it looks as if you did it the right way. Sit back, fold your hands on your belly and smile. And Cheerio ! Michael. -- Je ne réponds que avec retard aux messages non-signés ou non-chiffrés (en absence du “Content-Type: signed” ou “encrypted”. Messages publics (listes etc.) sont exemptés de cette règle : http://www.uplawski.eu/div/mailblock GnuPG rsa4096 2020-09-08 [SC] [expire : 2022-09-08] B31591374C4824DE872841D27D857E5045D038F8 sub rsa4096 2020-09-08 [E] [expire : 2022-09-08] signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] A New Future for GnuPG
On Mon, Jan 03, 2022 at 08:19:26AM +0100, Werner Koch via Gnupg-users wrote: > Hello and a Happy Gnu Year! Happy Gnu Year indeed! Congratulations on the marvellous news, and many thanks for all that you do. cheers, raf ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] A New Future for GnuPG
Great! This sounds like a success story that has only just begun. The right solution at the right time! The market for secure communication is huge and IMO still in its infancy. And for a small fish in a big pond there's lots of room to grow. ;) Congratulations! And good luck to you and GnuPG.com! Rainer signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] A New Future for GnuPG
Robert J. Hansen wrote in : |Werner, this is amazing news. Thank you for sharing it! | |For the list: as you may remember, each Christmas I run a fundraiser for |GnuPG. You pledge $X and I match it, that sort of thing. I didn't do |one this year because Werner contacted me earlier asking me not to, |saying he would soon have news that would put GnuPG on much more solid |financial footing. I'm happy the news is finally ready for sharing. :) Congratulations also from me. It is nothing but a shame that major projects that are used by billion dollar companies or state agencies have to struggle for "peanuts" (a famous term in Germany since about hm 25 years), whereas commercial shit products shall this term be allowed here generate unbelievable value. ('Assuming that state has not changed also in the software industry, which i bet on.) --steffen | |Der Kragenbaer,The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] A New Future for GnuPG
I did spend about six months doing a clean-room implementation of RFC2440 in PHP3. It was a vile experience and one I don't recommend. I am simultaneously shocked, impressed, and disgusted. ;-) I rarely talk about that job because it's sort of like saying you made a healthy and tasty meal out of raw sewage. Even if it's true, you still, uh... yeah. Let's just say that although few people could do it, those of us who have actually done it are filled with shame at our 'accomplishment'. :) OpenPGP_signature Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] A New Future for GnuPG
On Mon, 2022-01-03 at 11:31 -0500, Robert J. Hansen via Gnupg-users wrote: > Werner, this is amazing news. Thank you for sharing it! Indeed, many congratulations! > I did spend about six months doing a clean-room implementation of > RFC2440 in PHP3. It was a vile experience and one I don't recommend. I am simultaneously shocked, impressed, and disgusted. ;-) A signature.asc Description: This is a digitally signed message part ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] A New Future for GnuPG
Werner, this is amazing news. Thank you for sharing it! For the list: as you may remember, each Christmas I run a fundraiser for GnuPG. You pledge $X and I match it, that sort of thing. I didn't do one this year because Werner contacted me earlier asking me not to, saying he would soon have news that would put GnuPG on much more solid financial footing. I'm happy the news is finally ready for sharing. :) I first started using GnuPG in '99, when I was twenty-four years old and hired by a major telecommunications firm to secure their billing back-end. Although the full scope of that project isn't relevant here, I did spend about six months doing a clean-room implementation of RFC2440 in PHP3. It was a vile experience and one I don't recommend. But GnuPG was about to hit 1.0, and I leaned on the 0.99 and 1.0 code very heavily to make sense of the RFC2440 spec. I continued to use it throughout the years since, and once the NDA with the telecommunications firm expired joined the mailing list. I've been here ever since. I hope to be here for some years to come. It's been a pretty good 23 years so far! OpenPGP_signature Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] A New Future for GnuPG
Hi! small but important correction: > Chiasmus: the proprietary GreenBone software from /cryptovision GmbH/ Of course I meant GreenShield and not Greenbone. The latter is a company which provides free software network security scanners. See https://www.greenbone.net/en/ Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[Announce] A New Future for GnuPG
Hello and a Happy Gnu Year! It has been quite some time since my last status report on GnuPG. I have been quite busy working on the project but unfortunately rarely active on the usual channels. So, here is a new report telling what we did over the last two or three years. Please read at least the last section. A web version of this article is available at https://gnupg.org/blog/20220102-a-new-future-for-gnupg.html Some background === In the beginning GnuPG was a fun project I did in my spare time. After a few years this turned out to be a full time job and it was possible to acquire paid projects to maintain and further develop GnuPG. When the BSI (Germany's Federal Office for Information Security) migrated back from Linux to Windows, a need to migrate their end-to-end encryption solution, based on GnuPG and KMail, was needed. A call for bids for an Open Source solution was issued and our company, g10 Code, along with our friends at Intevation and KDAB received the contract. The outcome was Gpg4win, the meanwhile standard distribution of GnuPG for Windows. It turned out that the software used in Germany to protect restricted data at the VS-NfD level, called Chiasmus, showed its age. For example, the block length of 64 bits (like IDEA or 3DES) is not anymore secure for data of more than 150 MiB. Also the secret encryption algorithm has not anymore the confidence people used to have in it and due to lacking hardware support it is quite slow. A new call to bid for a replacement of that software was issued and we also with Intevation were granted the contract. Our solution was to update GnuPG and its frontends Kleopatra and GpgOL. After some thorough evaluation of our software (working title /Gpg4VS-NfD/) and the usual bureaucratic we received a first approval in January 2019. Meet GnuPG.com == I have been working with Andre Heinecke of Intevation GmbH since about 2010 on Gpg4win and some other projects. With the foreseeable approval of /Gpg4VS-NfD/ Andre then left Intevation and took over 40% of the g10 Code shares from my brother (I am holding the other 60%). We started to make a real product out of /Gpg4VS-NfD/. Thus we rented a new office to work desk by desk on this and hired staff for sales and marketing. We introduced the brand /GnuPG.com/ to have a better recognition of our product than by our legal name /g10 Code GmbH/. The software itself was re-branded as /GnuPG VS-Desktop®/ and distributed as an MSI packet for Windows and as an AppImage for Linux. Except for customer specific configuration files /GnuPG VS-Desktop/ is and will always be Open Source under the GNU General Public License. We also keep maintaining /Gpg4win/ as the community version. This is based on the the same source code as /GnuPG VS-Desktop/ but comes with more features due to the use of the latest development branch. The benefits for the customer to pay for /GnuPG VS-Desktop/ are: a commercial support contract, the guarantee of a long term maintained and approved version, customization options, community tested new features, and the per-approval required vendor for security updates. Also technically published for longer, it became only last year widely known, that the legacy Chiasmus software may not anymore be used for restricted communication from this year on. For the administration and also for the industry two option exist to migrate away from Chiasmus: the proprietary GreenBone software from /cryptovision GmbH/ and our Open Source software /GnuPG VS-Desktop/. The rush towards GnuPG VS-Desktop = Since summer 2021 the phones of our sales team didn't stop ringing and we could bring in the fruits of our work. We were not aware how many different governmental agencies exist and how many of them have a need to protect data at the VS-NfD (restricted) level. And with those agencies also comes a huge private and corporate sector who also have to handle such communication. Although we support S/MIME, the majority of our customers decided in favor of the OpenPGP protocol, due to its higher flexibility and independence of a centralized public key infrastructure. A minor drawback is that for a quick start and easy migration from Chiasmus, many sites will use symmetric-only encryption (i.e. based on "gpg -c"). However, the now deployed software provides the foundation to move on to a comfortable public-key solution. In particular, our now smooth integration into Active Directory makes working with OpenPGP under Windows really nice. We were also able to partner with Rohde & Schwarz Cybersecurity GmbH for a smooth integration of GnuPG VS-Desktop with their smartcard administration system. We estimate that a quarter million workplaces will be equipped with GnuPG VS-Desktop and provide the users state of the art file
Re: On future of GnuPG
>This ruling is more similar to rules that you are not required to wear >a badge that you spent some time in jail or need to state this in your CV. It is a ruling that gives more power to the government, whatever the "declared goal" actually is. The actual usage of this rule is to hide blatant evidence of corruption of government officials from public sources. Werner Koch via Gnupg-users writes: > On Tue, 5 Jan 2021 17:07, Robert J. Hansen said: > >> I'm doing is sharing true things with my buddy?" Whereas in Europe, >> right-to-be-forgotten laws, enforced by the government, are seen as >> wins for privacy, in America they would be (a) blatantly unlawful and > > I don't think that the right not to be listed prominently in search > results is related to privacy. This ruling is more similar to rules > that you are not required to wear a badge that you spent some time in > jail or need to state this in your CV. > >> In Europe it's a lot different. There, the prevailing culture cares a >> lot more about limiting the ability of businesses to learn things about >> a person than with limiting the ability of governments. The national > > Like all over the world governments work on terminating all rules which > limit their power. It seems to be a never-ending task to counter that. > > Speaking of Germany: There are a lot of barriers between administrative > entities to share data - there is not even a central database of all > citizens. There is no shared access between the databases of the police > and the spooks. The spooks tried to tell us that it is okay to > eavesdrop as long as no German citizen is part of the communication but > courts declared such a workaround as illegal. But yes, all these laws > and rulings wind up faster and faster :-( > > > Shalom-Salam, > >Werner -- Vladimir Nikishkin (MiEr, lockywolf) (Laptop) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: On future of GnuPG
On Tue, 5 Jan 2021 17:07, Robert J. Hansen said: > I'm doing is sharing true things with my buddy?" Whereas in Europe, > right-to-be-forgotten laws, enforced by the government, are seen as > wins for privacy, in America they would be (a) blatantly unlawful and I don't think that the right not to be listed prominently in search results is related to privacy. This ruling is more similar to rules that you are not required to wear a badge that you spent some time in jail or need to state this in your CV. > In Europe it's a lot different. There, the prevailing culture cares a > lot more about limiting the ability of businesses to learn things about > a person than with limiting the ability of governments. The national Like all over the world governments work on terminating all rules which limit their power. It seems to be a never-ending task to counter that. Speaking of Germany: There are a lot of barriers between administrative entities to share data - there is not even a central database of all citizens. There is no shared access between the databases of the police and the spooks. The spooks tried to tell us that it is okay to eavesdrop as long as no German citizen is part of the communication but courts declared such a workaround as illegal. But yes, all these laws and rulings wind up faster and faster :-( Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: On future of GnuPG
On 05-01-2021 23:07, Robert J. Hansen via Gnupg-users wrote: As always, it probably depends on who you have the most to fear from: your government, corporations, or maybe someone else? > In Europe it's a lot different. There, the prevailing culture cares a > lot more about limiting the ability of businesses to learn things about > a person than with limiting the ability of governments. That is changing. Now that governments are ourtsourcing censorship to corporations in their struggle against unwelcome news (these days they call that often "fake news" or "Russian propaganda" and voices are getting stronger to censor unwelcome messages directly, recently enhanced by protests against the covid measures, protection against the government are getting more important in Europe as well. But that is not yet much reflected in actual policies being made, mainly because those policies are made by the very people we need protection against. -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: On future of GnuPG
12021/00/04 08:01.47 ನಲ್ಲಿ, markus.ro...@neverbox.com ಬರೆದರು: > > On 2021-01-05 Stefan Claas via Gnupg-users - gnupg-users@gnupg.org wrote: > > ... but why are then SKS key servers > > still in operation, which allows third parties to look up who signed > > who's key and with what trust level and GnuPG's WoT support, compared > > to sq and Hagrid? > > The landscape has changed dramatically from the times when the > original PGP fundamentals were introduced. Today, for any secure > personal communication system to be of practical use, it must > be designed from the ground up observing the following simple > principle: *anonymity is the necessary condition of privacy*. That depends heavily on your threat model, though. For many people, the goal isn't to keep their identity safe from the people they're talking with. Rather, the goal is to keep the contents of their messages safe from _everyone else_ (including CIA, NSA, shitty governments, etc). In many ways, security and anonymity are at odds, since if I can't easily verify that is the person they claim to be, I have no way of knowing if I'm telling them stuff they shouldn't know. While there are ways to ensure confidentiality and integrity of the *communication channel* while preserving anonymity, there isn't really a way of ensuring the integrity of the *conversation* while preserving anonymity. Pretty much any way of properly resolving this dilemma requires de-anonymizing both participants, and then we're right back where we started. If, instead, we acknowledge that most use cases require integrity of the communication channel *and* the conversation, then we can use common identifiers (like phone numbers) or (mostly) verifiable identities (like GPG keys hosted on WKD) to ensure the integrity of the conversation (I say mostly verifiable because there's always a chance the domain is compromised and the keys are replaced). Once anonymity isn't really as much of a concern, we get things like Signal, which is decidedly *not* anonymous (with the exception of using VOIP numbers to sign up) but is most assuredly private (they don't know what you're saying and neither does anyone else, apart from the people you're messaging). Regards, Chiraag -- ಚಿರಾಗ್ ನಟರಾಜ್ Pronouns: he/him/his publickey - mailinglist@chiraag.me - b0c8d720.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: On future of GnuPG
On Wed, Jan 6, 2021 at 12:09 AM Stefan Claas wrote: > What you say would fit more for a cross-platform OpenSource app > like Bitmessage, compared to PGP's or GnuPG's privacy philosophy. Regarding Bitmessage and OpenPGP. There was an announcement made last year about an Bitmessage OpenPGP chan, where people can discuss all things around OpenPGP anonymously and globally. I am a bit out of the loop regarding Bitmessage but here is the address for interested parties: OpenPGP BM-2cU9MZTNKThqH9nDPycVaPGAduisN6Nnm1 Regards Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: On future of GnuPG
On Tue, Jan 5, 2021 at 9:05 PM wrote: > > On 2021-01-05 Stefan Claas via Gnupg-users - gnupg-users@gnupg.org wrote: > > ... but why are then SKS key servers > > still in operation, which allows third parties to look up who signed > > who's key and with what trust level and GnuPG's WoT support, compared > > to sq and Hagrid? > > The landscape has changed dramatically from the times when the > original PGP fundamentals were introduced. Today, for any secure > personal communication system to be of practical use, it must > be designed from the ground up observing the following simple > principle: *anonymity is the necessary condition of privacy*. That the landscape has changed dramatically everyone will (hopefully) agree and your phrase is perfectly fine, but I do not consider GnuPG or OpenPGP apps as tools giving users anonymity. What you say would fit more for a cross-platform OpenSource app like Bitmessage, compared to PGP's or GnuPG's privacy philosophy. Regards Stefan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: On future of GnuPG
> The landscape has changed dramatically from the times when the > original PGP fundamentals were introduced. Today, for any secure > personal communication system to be of practical use, it must > be designed from the ground up observing the following simple > principle: *anonymity is the necessary condition of privacy*. This borders on ridiculous. One of the problems we have in privacy discussions is there is no single agreed-upon definition of privacy. Privacy is defined by culture, and unless we share a culture we're very unlikely to share a privacy definition. In the United States, the prevailing culture cares a lot more about government's ability to learn things about me without a warrant than it does about the ability of corporations or businesses. And we also believe that government limiting our ability to speak infringes on our privacy: "why the hell is the government getting in my business if all I'm doing is sharing true things with my buddy?" Whereas in Europe, right-to-be-forgotten laws, enforced by the government, are seen as wins for privacy, in America they would be (a) blatantly unlawful and (b) considered massive invasions of our privacy by the government. In Europe it's a lot different. There, the prevailing culture cares a lot more about limiting the ability of businesses to learn things about a person than with limiting the ability of governments. The national security exemption in the GDPR is big enough to drive a truck through: it is so all-encompassing that I, as an American, look at the GDPR and think it's a nightmare for privacy rights. And, you know, *this is okay*. Privacy is culturally defined. Enjoy your culture, accept or reject its definition of privacy as you like. Just don't think that your culture's definition is somehow the only one, or universally agreed-upon, or... If there is no agreed-upon universal definition of privacy (and there isn't), then any attempt to make sweeping statements like "anonymity is a necessary condition of privacy" is just a bunch of freshman Philosophy 101 crap that's entirely disconnected from the real world. signature.asc Description: This is a digitally signed message part ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
On future of GnuPG
On 2021-01-05 Stefan Claas via Gnupg-users - gnupg-users@gnupg.org wrote: ... but why are then SKS key servers still in operation, which allows third parties to look up who signed who's key and with what trust level and GnuPG's WoT support, compared to sq and Hagrid? The landscape has changed dramatically from the times when the original PGP fundamentals were introduced. Today, for any secure personal communication system to be of practical use, it must be designed from the ground up observing the following simple principle: *anonymity is the necessary condition of privacy*. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Securing the future of GnuPG with BitCoin
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I'm agree ! -BEGIN PGP SIGNATURE- Version: OpenPGP.js v0.7.2 Comment: http://openpgpjs.org wsBcBAEBCAAQBQJUlFRQCRAQ6tJMY0nl4AAABucH/ihJ17qnQtttqYVPlkCy jK81sUXF2k69mzRxiW5JwHsiwboKtaeWTCY/V4qjKnZXV4MpwqHxj0WGk1j5 44ZA0yy0y+aMLcXoJQpAGdUFLLHI2oUi/xr+PoIBKA4aMeOMAjfYgpGG36DG Y1CVMsJV46wComkFQTceRcKiAgkUoQ93qarpeCWiW/dDxRJ5/vv8INUXexg2 r7PCkoSoJEVHeTSAEabbvMCVCj9ylS13NT4WktmcNPW6ZIq1mmtDDrpAjwvR bqKEEEBN1/wonWWktfoTCf3h+nm0kXLHv7NgqQfm9Jpc0F2bgEEhTbJPgN15 vAYi4FzqXyv1Q9OniowmmL0= =9SWz -END PGP SIGNATURE- 2014-12-19 16:32 GMT+01:00 Richard Ulrich ricu...@gmail.com: https://gnupg.org/donate/index.html Pay using BitCoin is missing Rgds Richard ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Antoine Michard ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Future of GnuPG 1.x.x?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hello everyone, Sorry I haven't responed earlier, summer, life and all that, but thank you for all your input. Haven't completely solved the thing about ANSI vs UTF-8 / OpenPGP/Enigmail/commandline etc signing, but we who use UTF-8 as default usually manage to verify each others' signatures without problems. As for the future about GnuPG 1.4.x, again, thanks for all the input and you've made me wiser. :) Bests, Sin T. Comment: Old key 0x3B708D7C revoked (1024D) Comment: New key is 0x88515CE5 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (MingW32) iQIcBAEBCAAGBQJQK6fGAAoJEMIzFpSIUVzlSZwQAIrIF5opXGKGNNIo73VZb5X+ TPnkshdhXpH1jQVPJfv+w0qZYy9mqv9CwNZpCiFJ+HgqEJUeYmkyDa0bLLcr3XQK CFaVayYPNHlB/F/DiiWjOkjEL1lJUgNFp44aqjjJKv0IPb2ltoUKSAYObpS0cpoZ WW5znLd+9pBBVJed/JEy11YDgr8tyqL0bdUcZbnPoszi58APL00i26kqiTOt35Rc w0cgrfQPpGxr5gKLSCDnB+PWYLDttovtvM1mA/xVHolT5Bri0VvESHWW/ePNAy/f z7TsUz4rRtP2A0xQM/kQnggsONQP1g2+Of6OVZpYoOAcWidJCZFvGbx9NLJgK5A/ 8TpCIhKtpHsPHcfpNcCPPnskdPbCnm8yuS3+hz6Y3w+OksAv5phiE4EVJHKez/lB nG2KsJxRv8EYyPtv6N0CrLp+mU5c4gFgL8R5O56BqPvgTZuz3YWssW+cFpoCWAwP V2RVsl7+1FjScUyigk1M5yAMbbANSig2rySdiP8knepmUaNGOPj2z0N7MwPaQrVg /t53rhrq13TNry3oo0gJb7H/zb6CKDctzjGVbNrKC7N0ol8CrKlAcbRoPuM7Hs5m IrOR2OSI6/hjS2RAl2WEEu6G6BYBzcybJuTZfAQBXV+tKgLI2T5YD5t7U7FHJako +P3Q7897dfSTkkTviP7e =7QvE -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Future of GnuPG 1.x.x?
On Sat, 4 Aug 2012 21:26, biggles.tren...@gmail.com said: Is the plan to retire 1.x sometime in a not too distant future (I'm not saying that I assume an actual time plan being set)? We have not really discussed such a plan. I don't see a technical reason to stop 1.4 maintenance in the near future. However, I doubt that it makes sense to port new feature (e.g. ECC support) back to 1.4, or work on performance improvements (e.g. AES hardware support). The reason I ask is I have tried 2.x and even with various utf-8 settings, signed mail fail verification approx 50% of the time for others as my client does with theirs. English works fine, but it seems mail containing Swedish/Danish/Czech letters (æ, ø, å, ä, ?, ?, ?, etc) get mucked up. I doubt that this has do do anything with GnuPG. In fact, I can't remember any code changes pertaining to data I/O between 1.4 and 2.x. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [gnupg-users] Re: Future of GnuPG 1.x.x?
On Sun, 5 Aug 2012 09:33, d...@prime.gushi.org said: The 1.4 model still works better for certain things. I've never successfully managed to make pinentry work in a shell/screen session using my mailer, and I've never heard back from the GPG developers If you use curses, one problem is that you may need to redraw your screen after a pinentry popped up. The usual workaround is to schedule a redraw after decryption or signing. Given that we don't use 9600 terminals anymore, there should be no visible impact. about allowing the main gnupg process to prompt for a pin directly, without needing the socket/window of pinentry. As you should known this is by design. A wrapper and the PINENTRY_USER_DATA envvar is always an option to control the passphrase entry yourself. The GnuPG 2.1 gpg-agent has a way to tunnel pinentry requests back to the calling application - as of now gpg does not support this. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [gnupg-users] Re: Future of GnuPG 1.x.x?
On Sat, 4 Aug 2012, Robert J. Hansen wrote: On 08/04/2012 03:26 PM, Sin Trenton wrote: Is the plan to retire 1.x sometime in a not too distant future (I'm not saying that I assume an actual time plan being set)? I am not a GnuPG developer. My information is not definitive. Take it with a grain of salt. That said, my understanding is the GnuPG developers wish to end 1.4 support as soon as possible. This is reasonable, given that 2.0 has been out for a decade. When 2.0 first came out I was not a big fan, but it's become much more stable and useful over the past few years. However, ending GnuPG 1.4 support 'as soon as possible' is not the same as 'ending it now.' They want to minimize impact on end-users as much as possible. The 1.4 model still works better for certain things. I've never successfully managed to make pinentry work in a shell/screen session using my mailer, and I've never heard back from the GPG developers about allowing the main gnupg process to prompt for a pin directly, without needing the socket/window of pinentry. Both myself and Doug Barton have commented on this list to this effect. I consider this a blocking factor for moving to 2.0. When 1.4 support ends, expect an EOL date to be announced far in advance and a lot of help given to people who need to migrate to 2.0. See above. -Dan -- Dan Mahoney Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org --- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Future of GnuPG 1.x.x?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 05.08.2012 07:59, Laurent Jumet wrote: Hello Sin ! Sin Trenton biggles.tren...@gmail.com wrote: The reason I ask is I have tried 2.x and even with various utf-8 settings, signed mail fail verification approx 50% of the time for others as my client does with theirs. English works fine, but it seems mail containing Swedish/Danish/Czech letters (æ, ø, å, ä, ?, ?, ?, etc) get mucked up. I had some problems with non english characters too, but seems it depends on text translations on my own board. With your special characters above, my signature looks good here. Laurent, Enigmail says ``` gpg -komento ja -tuloste: /usr/bin/gpg2 gpg: malformed CRC gpg: quoted printable character in armor - probably a buggy MTA has been used ``` for your email and fails to verify your signature. I think that the problem is spaces before your KeyID. gpg2 directly gives same error. - -- Mika Suomalainen -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Public key: http://mkaysi.github.com/PGP/key.txt Comment: gpg --keyserver pool.sks-keyservers.net --recv-keys 0x82A46728 Comment: Fingerprint = 24BC 1573 B8EE D666 D10A AA65 4DB5 3CFE 82A4 6728 Comment: Why do I (clear)sign emails? http://git.io/6FLzWg Comment: Please remove PGP lines in replies. http://git.io/nvHrDg Comment: Charset of this message should be UTF-8. Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCgAGBQJQHiFKAAoJEE21PP6CpGcoZckP/37iZQc6MfHYkUsQ92zMRtw4 XT9r/PviHwj6jVQ6ReQ2JHDFmXHaUu1s+b8lsBxV7MHce1upwR65IL9i38ezzEAU 0ySwWaIxn5CvGv95ltMlb3edBL2rb1Jn71tN3BJmc4Yqywvry7r+wrBhGAPV2w14 pt/xY3hMfkJDelDcfsurMbJ8JtKoxCAkv8mvVgNnDt0/Wym80g7ai3XMUKuDNqMy JfjwTWztLOKhD2quWEXeLnuZ/GiKqNyCsdOPr+2gqnff8KxyREozkg1cl6YkUbGs DvNaFuVpmNR4rUBdHueszRkZpUDKYpssR6vf1Epe9iGf3gDWSJ8De5fXtWmmKyIm jTQgUI/DJR8gRd2I8zKKemKjnxEaQbeCJ1KrJwXLvYjC4c0nOlkOzN/ewZb9yCh0 2wx1EM/VHBAqtZudjj7XBOqql1ibTWAz2g42jzC8BYX0YyYBOt4nsxJq0d26kj9E CZOOagaMJUHPONJTR6EqfBODFjYNaWZNNIsorOD7DL5jt9R8A/2nb+qzIB3lxm99 xpZtNU4aOr/3eXdZwnVbDW6apqxJJb/3YCEksyQt7jdRbZe01ZxaZshDD0pqoPRi KnvEXmNSnxTAns1+Es8lYwxNLXP6+cwsUz+dTfjvUJs1Y+NOh2PcWnLSX3Pjy17s YDXPS+MQOBNKPmKBEFwW =J3n2 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Future of GnuPG 1.x.x?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 04.08.2012 22:26, Sin Trenton wrote: The reason I ask is I have tried 2.x and even with various utf-8 settings, signed mail fail verification approx 50% of the time for others as my client does with theirs. English works fine, but it seems mail containing Swedish/Danish/Czech letters (æ, ø, å, ä, ?, ?, ?, etc) get mucked up. Have you set the charset to use in Thunderbird? charset UTF-8 in gpg.conf doesn't affect emails, which you send, but I am still using it in addition to Icedove charset. Edit -- Preferences -- Display -- Advanced (on right of Default font) -- Character encodings. Set both outgoing and incoming to UTF-8 and select When possible, use the default character encoding in replies. I am using Icedove (Debian version of Thunderbird) and as far as I can know, my emails can be verified and they are written with UTF-8. Also my ÄÖÅ should work (they are also Finnish chars, not only Swedish/Danish/Czech). - -- Mika Suomalainen -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Public key: http://mkaysi.github.com/PGP/key.txt Comment: gpg --keyserver pool.sks-keyservers.net --recv-keys 0x82A46728 Comment: Fingerprint = 24BC 1573 B8EE D666 D10A AA65 4DB5 3CFE 82A4 6728 Comment: Why do I (clear)sign emails? http://git.io/6FLzWg Comment: Please remove PGP lines in replies. http://git.io/nvHrDg Comment: Charset of this message should be UTF-8. Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCgAGBQJQHh1/AAoJEE21PP6CpGcoWe8P/iTtZEp3g+8ozjewa6etDB1Q g9ZHMsPYnJovN0A9fdX8494GFnz3Xr+AeRVpTym85xwi2Y6Lt9ahjPf8FHD45Yss 4IbDRXAi2GUW0uafRZnX7NVNs1U91oRB15KRaGppnMK1l/6Qa3S0KW8DbKKZQVog So475KjiqSo8IXrlSvcqz9IZxPS5LFemR52soITiJlaSFAGwIlobvOymf5S1jBoM 7TaCChLUcQFTGyjta74d8ztcwvZpfkh+bamOFu7n2cFfe8hBWcBfwXCuxiktkZbl 8Mvq86hW2hjOzuWQwU5FBVXYLDnO+UergTtrZw4BXApb4t+kCH+lEkkxH93qPP3T VzFQ/rCqZwGhGf4QefAEaiRiqdn5QqzcZGqbr1NutLIq4fngZhJ057mX/HLvIAU2 kBz+0p4jjgE3lT3IZmi511PejSROdNExuB482uq9MYC0dn+GlDTRwvKb08Nc+FWC KlIj9vUfeBW+jGuDffItZ5J6hd7BrkkcYkhyjI+VO6D2Az8VRMlB4rA7f0nEan0b 6iICciCALOXpYPVfk4aHsVoIvG+T+H2T1F+rSbdk1OSXu7wzrqdR6z0sqHKIb0Va biY1m26vnfFQNf/2JeE/qvcm8tdL4zj9ZkHjR1GT5I7EQjKGEtJ7w3Ftk1pDl7jS 83//Ii0x8fduzENrjlWc =Tasb -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Future of GnuPG 1.x.x?
On 08/04/2012 03:26 PM, Sin Trenton wrote: Is the plan to retire 1.x sometime in a not too distant future (I'm not saying that I assume an actual time plan being set)? I am not a GnuPG developer. My information is not definitive. Take it with a grain of salt. That said, my understanding is the GnuPG developers wish to end 1.4 support as soon as possible. This is reasonable, given that 2.0 has been out for a decade. When 2.0 first came out I was not a big fan, but it's become much more stable and useful over the past few years. However, ending GnuPG 1.4 support 'as soon as possible' is not the same as 'ending it now.' They want to minimize impact on end-users as much as possible. When 1.4 support ends, expect an EOL date to be announced far in advance and a lot of help given to people who need to migrate to 2.0. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Future of GnuPG 1.x.x?
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Hello Sin ! Sin Trenton biggles.tren...@gmail.com wrote: The reason I ask is I have tried 2.x and even with various utf-8 settings, signed mail fail verification approx 50% of the time for others as my client does with theirs. English works fine, but it seems mail containing Swedish/Danish/Czech letters (æ, ø, å, ä, ?, ?, ?, etc) get mucked up. I had some problems with non english characters too, but seems it depends on text translations on my own board. With your special characters above, my signature looks good here. - -- Laurent Jumet KeyID: 0xCFAF704C -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (MingW32) iHEEAREDADEFAlAd/qkqGGh0dHA6Ly93d3cucG9pbnRkZWNoYXQubmV0LzB4Q0ZB RjcwNEMuYXNjAAoJEPUdbaDPr3BMnfQAoNGVy7Y9SptPTkxPPJL9ut6O6WP0AKCO 6hmiZptSPGev3mViipbtB/yafg== =6a+y -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users