Binarus wrote:
> Actually, I currently don't know anybody who I could ask to sign my
> keys, and furthermore, the problem is bigger the other way around. Can I
> trust the key which I found on the key server for the intended
> recipient's email address? Can I at least be sure that the key server
>
On 17.09.2019 17:21, Werner Koch wrote:
> On Tue, 17 Sep 2019 15:08, gnupg-users@gnupg.org said:
>
>> See also dkg's thoughts on the matter on the openpgp-wg mailing list, to
>> align
>> the specification with reality:
>
> OpenPGP has never defined what goes into the User ID except for the
>
Brian Minton wrote:
> On 9/17/19 12:59 PM, Stefan Claas via Gnupg-users wrote:
> > Unfortunately I am no programmer but I was thinking about the following:
> > I assume that in order to decrypt a message the secret key data must be
> > unlocked and loaded for a very short time into the computers R
On 9/17/19 12:59 PM, Stefan Claas via Gnupg-users wrote:
> Unfortunately I am no programmer but I was thinking about the following:
> I assume that in order to decrypt a message the secret key data must be
> unlocked and loaded for a very short time into the computers RAM, in order
> to perform the
On Tue, 17 Sep 2019 17:35, look@my.amazin.horse said:
> convention or otherwise. The spec is factually wrong and misleading for
> implementors in this aspect, and should be updated to reflect reality.
The specs are not wrong if you would read them:
| the name and email address of the key holder
On Tue, Sep 17, 2019 at 06:59:34PM +0200, Stefan Claas via Gnupg-users wrote:
I assume that in order to decrypt a message the secret key data must be
unlocked and loaded for a very short time into the computers RAM, in order
to perform the decryption
No. The secret key data remains on the smart
Damien Goutte-Gattat wrote:
> On Tue, Sep 17, 2019 at 06:59:34PM +0200, Stefan Claas via Gnupg-users wrote:
> >I assume that in order to decrypt a message the secret key data must be
> >unlocked and loaded for a very short time into the computers RAM, in order
> >to perform the decryption
>
> No.
On 17/09/2019 18:59, Stefan Claas via Gnupg-users wrote:
> I assume that in order to decrypt a message the secret key data must be
> unlocked and loaded for a very short time into the computers RAM, in order
> to perform the decryption, or am I wrong with my assumption?
OpenPGP messages encrypted
Werner Koch wrote:
> On Mon, 16 Sep 2019 23:49, gnupg-users@gnupg.org said:
>
> > speak, with a specially crafted software, when using an online computer
> > with a SmardCard? I have read that the secret key can not been copied from
> > the card, but what about the 'bits and pieces' in memory whe
The simple truth is: For the SKS servers, it is not technically possible to
remove keys, and never will be.
People have speculated, postulated, counterargued, rambled on several mailing
lists about how great or terrible a thing that is. But no matter what anyone
tells you or how many mails are w
Daniel Bossert [2019-09-17T15:12:09+02] wrote:
> On the key servers are many old keys lying around which aren't valid
> anymore.
>
> Could you implement a function on the servers which delete keys after
> let's say one year automatically,reminding the user via email one
> month ahead to reupload t
> Thus the current wording is sufficient and has served us well over the last 25
> years
If your statement here includes the "by convention contains an rfc2822
name-addr" part of the wording, please bring this opinion up on the openpgp-wg
thread.
The argument is being made (and I agree) that it
On Tue, 17 Sep 2019 15:08, gnupg-users@gnupg.org said:
> See also dkg's thoughts on the matter on the openpgp-wg mailing list, to align
> the specification with reality:
OpenPGP has never defined what goes into the User ID except for the
encoding which should be UTF-8. Anything else does not bel
On Tue, 17 Sep 2019 14:57, li...@binarus.de said:
> to use only key IDs consisting solely of the actual mail address
> hereafter (with or without the angle brackets - I can live with both
That is actually what I suggest for quite some time. The extra stuff is
not required and may lead only to co
On Tue, 17 Sep 2019 15:12, daniel.boss...@dabo.ch said:
> On the key servers are many old keys lying around which aren't valid anymore.
Old keys are still useful to verify signatures. This is even true for
expired keys. The user then needs to decide what to do with the
verification result.
Sh
On 17.09.2019 15:08, Vincent Breitmoser wrote:
>
>> but as far as I have understood my communication with Vincent, it's such IDs
>> which are a problem for keys.openpgp.org.
>
> Right, that's because we currently use an actual rfc2822 parser on
> keys.openpgp.org. This works fine for *most* us
On 17.09.2019 15:12, Daniel Bossert wrote:
> Hi all
>
> On the key servers are many old keys lying around which aren't valid
> anymore.
>
> Could you implement a function on the servers which delete keys after
> let's say one year automatically,reminding the user via email one month
> ahead to
Hi all
On the key servers are many old keys lying around which aren't valid anymore.
Could you implement a function on the servers which delete keys after let's say
one year automatically,reminding the user via email one month ahead to reupload
the keys?
Me too have some old, useless keys ther
> but as far as I have understood my communication with Vincent, it's such IDs
> which are a problem for keys.openpgp.org.
Right, that's because we currently use an actual rfc2822 parser on
keys.openpgp.org. This works fine for *most* users, but in the end causes more
trouble than it's worth, so
At first, thank you very much for your explanations!
On 17.09.2019 12:17, Werner Koch wrote:
> On Tue, 17 Sep 2019 09:12, li...@binarus.de said:
>
>> I am asking myself why Enigmail doesn't. I am not sure (and can't test
>> at the moment) how GnuPG would behave if given a problematic name when
>>
Werner Koch writes:
> On Tue, 17 Sep 2019 11:09, m...@halfdog.net said:
>
>> Therefore some exports (or copies of old secring.gpg) just
>> do no include the public key, otherwise import would be trivial.
>
> Nope. It is not possible to create an OpenPGP secret keyblok
> without the public key part
On Tue, 17 Sep 2019 11:09, m...@halfdog.net said:
> Therefore some exports (or copies of old secring.gpg) just do
> no include the public key, otherwise import would be trivial.
Nope. It is not possible to create an OpenPGP secret keyblok without
the public key parts.
> As the key causing me pr
Werner Koch writes:
> On Tue, 17 Sep 2019 06:51, m...@halfdog.net said:
>
>> Regenerating private keys is mathematically trivial but tool-wise
>> a little tricky. It seems that quite some people were troubled
>
> What's wrong with
>
> gpg --import backup-of-private-key.gpg
>
> the private key inclu
On Tue, 17 Sep 2019 09:12, li...@binarus.de said:
> I am asking myself why Enigmail doesn't. I am not sure (and can't test
> at the moment) how GnuPG would behave if given a problematic name when
> generating a key; I hope it would give a warning or would add the
gpg generates such a key just fin
On Tue, 17 Sep 2019 06:51, m...@halfdog.net said:
> Regenerating private keys is mathematically trivial but tool-wise
> a little tricky. It seems that quite some people were troubled
What's wrong with
gpg --import backup-of-private-key.gpg
the private key include the entire public key.
Sal
Hello list,
Regenerating private keys is mathematically trivial but tool-wise
a little tricky. It seems that quite some people were troubled
by this problem due to different reasons (I not attempted to
confirm all of these):
* Using (old) backups of keys for decrypting with only private
key ava
On 16.09.2019 12:58, Claus Assmann wrote:
> On Mon, Sep 16, 2019, Binarus wrote:
>
>> Surname, Forename | Company
>
>> Commas are not allowed as part of email addresses. While I knew that, I
>
> unless quoted, e.g.,
> "Surname, Forename | Company"
Thanks, Claus, for the clarification / correc
27 matches
Mail list logo
