PGP is a proprietary Broadcom product (Was: Can't synchronize keys using Seahorse)
Am Donnerstag 17 Februar 2022 17:18:58 schrieb Robert J. Hansen via Gnupg-users: > or whichever corporate entity owned the PGP intellectual property at the > time. Network Associates gave way to PGP Security gave way to Symantec > gave way to... As far as I know, it is Broadcom since a few years https://techdocs.broadcom.com/us/en/symantec-security-software/information-security/pgp-solutions/1-0.html A reminder again to use "OpenPGP" when refering to the open crypto standard. Regards, Bernhard -- www.intevation.de/~bernhard +49 541 33 508 3-3 Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998 Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Can't synchronize keys using Seahorse
How can I fix this? Specify a different keyserver. keyserver.pgp.com was a commercial keyserver run by PGP Corporation, or whichever corporate entity owned the PGP intellectual property at the time. Network Associates gave way to PGP Security gave way to Symantec gave way to... The PGP intellectual property is for all intents and purposes dead at this point. Symantec has even stopped using the PGP trademarks: they may still sell the software, but they've stopped issuing new releases and they've rebranded it to something as bland as cottage cheese. keyserver.pgp.com is still operational today, but nobody knows for how long. It would be wise to assume that it will go away at some point, and start migrating to another keyserver. OpenPGP_0x1E7A94D4E87F91D5_and_old_rev.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Can't synchronize keys using Seahorse
I can't synchronize my keys using Seahorse. The error message reads; Couldn't communicate with keyserver.pgp.com: Server is unwilling to perform. How can I fix this? Thanks, Craig ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Enigmail] Enigmail is not using seahorse
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, On 07.12.14 21:36, Lucas Verney wrote: Le 07/12/2014 21:25, Ludwig Hügelschäfer a écrit : Hi, On 07.12.14 21:09, Lucas Verney wrote: In Arch, with Thunderbird 31.2 and Enigmail 1.7.2, I can't get Enigmail to use Seahorse instead of prompting me for my passphrase. When using gnupg 2.x, it's not Enigmail asking for the passphrase, it's gpg-agent. Is there some hidden configuration option ? Please search for gpg-agent and gnome keyring, you'll get lots of hits and all telling the same story: they cannot coexist peacefully. Gnome keyring tries to hijack the gpg-agent, but is not very successful in doing this. Thanks for pointing me in the right direction, this is due to an update in gpg and not in Enigmail, contrary to what I was thinking… For the record, here is the explanation : https://wiki.archlinux.org/index.php/GnuPG#GPG_AGENT_INFO Then, does this mean I have to enter my passphrase at least once per session, or is there still some alternatives to Seahorse that could handle this ? Taking this discussion from Enigmail to gnupg-users. I think there might be more and good advice :-) Ludwig -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCgAGBQJUiKsLAAoJEA52XAUJWdLjuSwIALVmfyOcYzsqslFoSXlZ9dDb 7qyeu9YbdkeOvTlUnkhHo5N2yAeC29MtZMAUP/rZ1fwgA+AoVJVl4K6rxkiwO/N5 X3blTDbIZC4xlhHcSniPkS69nw3Qjooj2XKQINLTlvDIEPJst9RjyvtAGJk77IcR r7ZCSuWisJa98cDbCszoRo5q18RKgQEy8/WRYcfguuDcdAXMrXse9t/Mi3PuhDJL IXKkRDMRVbiJE4l0JGzf319O10SWxig6wrWTvpHLOHaT5n85nr8WZgU4ug7T5cYf tlkwfyhycM3uJqSFJA82D98Eqa5kGmIVOMEBySW1163SyrSZIsD6KclDGR1N6Eo= =9c4Y -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Seahorse
On 10/26/2010 10:25 PM, reynt0 wrote: Unless of course the old-timer is flexible and up to speed? And maybe related, was the research upon which that Human-Computer Interface class was based maybe done before the new era of users (ie the era which started a couple of years ago :-) ), and maybe its applicability to the modern world needs to be re-evaluated? Conjecture is nice. Evidence is better. Put together a study testing the continued validity of the hypothesis. If it turns out the hypothesis is false, I and many others will certainly sit up and pay attention. As for me, though -- I have enough on my plate without taking on this task. I'm going to believe the question is settled, on the basis of existing evidence, until such time as new contradicting evidence is presented. smime.p7s Description: S/MIME Cryptographic Signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Seahorse
On 10/8/2010 10:16 AM, Mark H. Wood wrote: If you ever decide to promote that alternate interface, the approach I would try is to sneak it in by actually making it an alternative This is one of the things we were specifically warned against in HCI. Give people two interfaces and the new interface will never supplant the old. When new users encounter problems and ask for help, the first thing the old-timer will do is say, well, first, go back to the old interface, that's the one I know the best. The newcomer will do so and won't switch back afterwards, both out of a spirit of all the experts use the old interface and nobody can help me with this new interface, so I'd better use the old. If you want people to use a new interface, you have to start by getting rid of the old... and the PGP 5.0-style UI is simply never going to be gotten rid of. Kind of sad, really. smime.p7s Description: S/MIME Cryptographic Signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Seahorse
If you ever decide to promote that alternate interface, the approach I would try is to sneak it in by actually making it an alternative: put the traditional interface on one tab and the simplified interface on another, and let users live with them for a while. People may start out conservative, but some of them will become curious and try the alternative. Cost, from the user's point of view: a small dab of complexity (the tab panel) and a small slice of screen real-estate (the tabs). -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Balance your desire for bells and whistles with the reality that only a little more than 2 percent of world population has broadband. -- Ledford and Tyler, _Google Analytics 2.0_ pgpEY4xhxLobi.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Seahorse
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
El 07-10-2010 12:36, Robert J. Hansen escribió:
On 10/6/2010 11:21 PM, drpartha wrote:
Why cant interface designers make things a little less enigmatic :{
I think GPGShell interface is awesome, BUT it is not opensource (it's
free as beer, not as freedom), and only runs on windows... there should
be something like that for linux... maybe there is.
Best Regards
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJMr4tZAAoJEMV4f6PvczxAvyEIAK5owWm6Odj/I76gGPg20SPH
unxn/S49nVPE1C6W6zp1fLnjklInB3uMsbdk8BXpKXZMwUWehyzEj6c96hmNtXx0
2H6OSR5C8DswtLtC+vHMJoZkIO8p6bdBdkMCRS7kuH/9e4jN1yiieKbgtk2ozKBA
wKyOPKhrPu840ammZBaL184FHQetkMy6Z+R7aMPh49VRVn/M21/4+8X7S+py2Tg8
JWHkMGM5qajXU8ORSrlX8QLWW8CbHnWIsYwOOGA2wgz00KrheNrbO7b5S1oGH7M5
lJE8miZszWblOHKi6VhUoHmhDx4jUA6OiK6IqNrQySaJ1XPugyjR1RYP/QdRDN8=
=VHnT
-END PGP SIGNATURE-
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Seahorse
I am a regular user of KDE and KGPG. I tried to ride seahorse, but I find
the interface very confusing. I found out how to encrypt/decrypt, after some
struggle and experimentation. I am still not able to sign/verify a file. How
do I do that ? Why cant interface designers make things a little less
enigmatic :{ ?
partha
--
View this message in context:
http://old.nabble.com/Seahorse-tp29902685p29902685.html
Sent from the GnuPG - User mailing list archive at Nabble.com.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Seahorse
On 10/6/2010 11:21 PM, drpartha wrote:
Why cant interface designers make things a little less enigmatic :{
During grad school I did a few semesters of human-computer interface
(HCI) design, particularly with respect to OpenPGP user interfaces.
It's a fascinating subject but ultimately left me very, very cynical.
Here's why.
[sets the rant switch to ENGAGED]
The reason why user interfaces suck: crypto is hard, making good user
interfaces is hard, the OpenPGP spec is human-unfriendly, and there is
an enormous resistance in the community to newer and better interfaces.
Consider signatures on a user ID. A signature issued by someone you
don't trust is utterly meaningless. It's noise. There are a couple of
possible use cases (e.g., trying to find ways to connect two disjoint
webs of trust, or mapping out a target's social network), but those are
pretty niche when compared to average users and their needs.
So, already, one way to make interfaces simpler: omit all untrusted
signatures. If a signature doesn't contribute to the overall trust
calculation on a key, don't display it -- reduce the cognitive spam.
Another culprit: we've now got about 15 years of experience with a
really awful user interface that should have never been fielded.
Unfortunately, that interface has now become standard, and any attempt
to change it will get pushback from users.
Table-oriented data is principally useful in two conditions:
non-interactive interfaces and contextual views.
In non-interactive interfaces (like printed almanacs), all the data has
to be visible all the time. If I want to look up the population of
Zimbabwe, well, the almanac can't interactively ask me the country I'm
looking for. It has no option but to present all countries, and give me
a user interface that makes it possible to find what I'm looking for.
In contextual views (like Excel spreadsheets), the data in one area is
contextualized with information from another area. When looking at a
business's profit-and-loss statement, it's useful to be able to
immediately see how much each business unit contributed to the bottom
line. Or, in your email client, it's useful to be able to see your
emails in chronological order: the sequence in which they arrived is
contextual information relevant to each email.
So... consider the traditional OpenPGP certificate management interface.
It presents all these certificates in an enormously complex tabular
format. Click on a certificate and it reveals user IDs and subkeys.
Click on a user ID or a subkey and it reveals signatures. Etc., etc., etc.
This interface is user-hostile. There are two compelling reasons to use
tabular data -- noninteractive interfaces and contextual data -- and
neither of them applies to OpenPGP certificates. The key manager is an
interactive interface, and if I'm looking at certificate 0xDEADBEEF I
really don't give half a damn about 0xDECAFBAD, 0xBADD00D5, or
0xBADF00D5... so why am I getting cognitively spammed with information
about them?
Unfortunately, PGP 5.0 presented all certificates to the user in this
tabular format -- and ever since, that's what users have demanded. It's
what they know, it's what they want, and if you seriously suggest
getting rid of a table view people will refuse to use your interface.
At the end of the HCI course I had a prototype key manager that avoided
the table widget and ruthlessly suppressed useless data. It consisted
of pretty much just a search box into which you could type an email
address, a certificate ID, a user name, a comment, whatever. Once you'd
narrowed your certificates under a dozen, a list would pop up showing a
certificate ID, the best-matching user ID on the certificate, and its
trust level. Double-click on an element in the list and bang, a
certificate editor appeared, with helpful wizards to walk you through
the process of validating a key, uploading it to a key server, etc., etc.
Ultimately it was just a prototype: it was never a fully functional
certificate manager. Two things convinced me to let this project die
and not pursue it further. One was there was a strange problem
involving GnuPG refusing to communicate via a pipe with Java. The
problem strongly appeared to be in GnuPG. Ultimately, that's a minor
problem.
The real downer came when I showed long-time GnuPG users this interface.
Opinions ran about five to one, hey, this is a really sweet interface,
and I like it -- but it'd be even better if there was a big table widget
with all my certificates there. I'd use that instead. I'm familiar
with that user interface!
... I should point out, BTW, that although being told don't make a
better interface, make it just like the interfaces we know is a downer,
I'm not faulting people one bit for it. People have invested a lot of
time and effort in learning these bad, broken, user-hostile interfaces.
It is *absolutely* reasonable for them to want to use an interface they
know, rather than learn yet another
Strange problem with seahorse (and consequently enigmail).
[Note: I posted this to the Ubuntu-users list recently too. Apologies to those who have already seen it.] I have a strange problem with seahorse not working on only one of two Ubuntu computers. The gpg-agent works in the curses-like way when I call gpg in xterm, but seahorse doesn't. (Because seahorse isn't working but Thunderbird enigmail detects the agent running, Enigmail doesn't work either.) The output 'ps aux OT' after logging into GNOME includes these commands (with the same start time, owned by my userid): /usr/bin/gpg-agent --daemon --sh --write-env-file=/home/adam/.gnupg/gpg-agent-info-beetle /usr/bin/seahorse-agent --execute /usr/bin/gnome-session [seahorse-agent] defunct (On the computer that isn't giving me this problem, the first line is the same except for the hostname, but the next line says /usr/bin/seahorse-agent --execute /usr/bin/gnome-session and everything works.) When I try to run 'seahorse-preferences' from a command-line, I get the following errors: ** (seahorse-preferences:11283): CRITICAL **: init_gpgme: assertion `GPG_IS_OK (err)' failed ** (seahorse-preferences:11283): CRITICAL **: seahorse_pgp_source_init: assertion `GPG_IS_OK (err)' failed Segmentation fault I'd be grateful for any suggestions or debugging tips. I'm using gnupg 1.4.8 and the additional packages listed below. I've tried purging and reinstalling most of them. ii gnupg-agent 2.0.7-1 GNU privacy guard - password agent ii gnupg-doc 2003.04.06-6 GNU Privacy Guard documentation ii gnupg2 2.0.7-1 GNU privacy guard - a free PGP replacement ii gpgsm 2.0.7-1 GNU privacy guard - S/MIME version ii gpgv1.4.6-2ubuntu5 GNU privacy guard - signature verification tool ii libgpg-error0 1.4-2ubuntu7 library for common error values and messages in GnuPG components ii libgpgme11 1.1.5-2ubuntu1 GPGME - GnuPG Made Easy ii pgpgpg 0.13-9 Wrapper for using GnuPG in programs designed for PGP ii python-gnupginterface 0.3.2-9ubuntu1 Python interface to GnuPG (GPG) ii seahorse2.22.2-0ubuntu1 A Gnome front end for GnuPG ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Strange problem with seahorse (and consequently enigmail).
I have a strange problem with seahorse not working on only one of two Ubuntu computers. The gpg-agent works in the curses-like way when I call gpg in xterm, but seahorse doesn't. (Because seahorse isn't working but Thunderbird enigmail detects the agent running, Enigmail doesn't work either.) The output 'ps aux OT' after logging into GNOME includes these commands (with the same start time, owned by my userid): /usr/bin/gpg-agent --daemon --sh --write-env-file=/home/adam/.gnupg/gpg-agent-info-beetle /usr/bin/seahorse-agent --execute /usr/bin/gnome-session [seahorse-agent] defunct (On the computer that isn't giving me this problem, the first line is the same except for the hostname, but the next line says /usr/bin/seahorse-agent --execute /usr/bin/gnome-session and everything works.) When I try to run 'seahorse-preferences' from a command-line, I get the following errors: ** (seahorse-preferences:11283): CRITICAL **: init_gpgme: assertion `GPG_IS_OK (err)' failed ** (seahorse-preferences:11283): CRITICAL **: seahorse_pgp_source_init: assertion `GPG_IS_OK (err)' failed Segmentation fault I'd be grateful for any suggestions or debugging tips. I'm using gnupg 1.4.8 and the additional packages listed below. I've tried purging and reinstalling most of them. ii gnupg-agent 2.0.7-1 GNU privacy guard - password agent ii gnupg-doc 2003.04.06-6 GNU Privacy Guard documentation ii gnupg2 2.0.7-1 GNU privacy guard - a free PGP replacement ii gpgsm 2.0.7-1 GNU privacy guard - S/MIME version ii gpgv1.4.6-2ubuntu5 GNU privacy guard - signature verification tool ii libgpg-error0 1.4-2ubuntu7 library for common error values and messages in GnuPG components ii libgpgme11 1.1.5-2ubuntu1 GPGME - GnuPG Made Easy ii pgpgpg 0.13-9 Wrapper for using GnuPG in programs designed for PGP ii python-gnupginterface 0.3.2-9ubuntu1 Python interface to GnuPG (GPG) ii seahorse2.22.2-0ubuntu1 A Gnome front end for GnuPG ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
can't connect to .gnome2/seahorse-sJsP3M/S.gpg-agent
What is it? when I encrypt a message (for me to test) and then decrypt it gpg tell me can't connect to .gnome2/seahorse-sJsP3M/S.gpg-agent but the message is decrypted. What's happened? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
