Jack via Gnupg-users wrote:
> I may follow up on this later, but are you saying that if there is no
> password on the key, then gpg/gpg-agent/pinentry will not even prompt
> for it? So, if I did have a key without a password, then "gpg --passwd
> that-key" would not prompt for the original
It seems that GPA can only verify detached signatures when it has a suffix of
.sig .sign or .asc. When a detached signature has a different suffix (for
example .gpg like all of the sha256sum.txt.gpg files for verifying Linux Mint
downloads) GPA will always display a signature status of "Bad"
On Sunday, October 3rd, 2021 at 7:54 AM, Jack via Gnupg-users
wrote:
> The key was created many years ago with gpg
> version 1 and was definitely created without a passphrase.
One of many problems with having no password protection for a key is there is
nothing to stop someone who has access
luis wrote:
To: gnupg-users
Subject: generating revocation certs non-interactively
ECHO Y\n0\n\nY\n|GPG --command-fd 0 --gen-revoke 0xDEADBEEF
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
On Wed, 22 May 2013 11:59:37 +0200
Werner Koch w...@gnupg.org wrote:
On Tue, 21 May 2013 23:55, mixmas...@remailer.privacy.at said:
I would like to sign all my messages and have it appear to be
signed on the Epoch date 1970...unless there is some other default
way gnupg
Don't do
Hello,
Is there a way to make a signature cleartext or detached, with the date
modified, erased, or otherwise different then system date?
I would like to sign all my messages and have it appear to be signed on
the Epoch date 1970...unless there is some other default way gnupg
handles signing
hello,
I would like to decrypt messages stored in a folder:
folder
1 2 3 4 5...n
All messages are encrypted to hidden recipients. I have only one key
which I want to be trying to use.
How can I try to decrypt all the files in the folder trying my
specified secret key?
For instance
for each
On 02/25/2013 03:20 PM, Anonymous Remailer (austria) wrote:
Where does this idea that a business case must be recognized by all
suppliers for an entire industry in a whole country before it works?
No one, but your statement seemed to be a severe overgeneralization.
You're the one that said
Figuring out how to install an app is not the problem. Figuring out
how to *use OpenPGP* is the problem. The app is not the same as the
amount of specialized knowledge required to use the app successfully.
The installation problem takes care of the other. Hushmail users need
not know any more
On Wed, 27 Feb 2013 12:03:22 +0100
Josef Schneider jo...@netpage.dk wrote:
Hello,
with the current version of GPG 2 you can import 4096bit keys to a
OpenPGP smartcard version 2.0.
There is a bug in GPG2 that prevents it from decrypting data with a
key longer than 3072bit on a OpenPGP
Hello,
I am able to use the gpg2 --edit-card to generate a 2048 bit secret key
on the card and the stub in the local key ring. Encrypt/Decrypt
functionality seems to be working.
I read two other old posts on this list that seem to indicate that this
is all gnupg supports:
* You cannot
Why does the business case work in Germany?
It doesn't. It works for one particular bank. It doesn't work for
Germany as a whole.
Where does this idea that a business case must be recognized by all
suppliers for an entire industry in a whole country before it works?
A business case can be
OpenPGP, no, because there's no business case for them to do so.
OpenPGP users represent a phenomenally small fraction of their userbase
(probably 1%) and would account for a large fraction of their tech
support questions.
You seem to imply that Americans are less capable or less interested
in
Have any consumer banks in the US figured out how to use PGP, so
monthly statements can be trully *delivered*?
(as opposed to getting a plaintext message troubling clients to login
via some GUI and point-click-point-click-point-click)
___
Gnupg-users
Hi,
One of my email accounts is unusable so I deleted the UID from my key
and uploaded it to the keyserver. That accomplished nothing so now I
figured out I should of invalidated the UID and then uploaded it. I
can't do that now because I deleted the UID from my key.
I have to get rid of this
Having the secret key on my USB drive?
Having the key on a USB drive is probably secure enough if you do not
take into account malicious software on the system you want to use it
on. If you must assume that there could be keyloggers/etc. be
installed on the system (by other users or
Since RFC4880 is now including symmetric ciphers with 256 bit key
lengths like TWOFISH and CAMELLIA, is it time to change the limits in
gnupg for pubkey sizes? According to some sources (RSA for example) the
equivalent assymetric key size would be 15360 bits compared to a
symmetric cipher using
Do anyone have links to comparisons of the ciphers traditionally used in
PGP (IDEA, CAST5, 3DES). Thank you.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Hi,
I occasionally receive messages encrypted by older PGP versions that are
not being decrypted by GNUPG 1.4.7
[scrubbed] gpg filename
gpg: assuming IDEA encrypted data
Enter passphrase: [scrubbed]
gpg: [don't know]: invalid packet (ctb=67)
gpg: WARNING: message was not integrity protected
Is there a way to force users to encrypt to a corporate key, in
addition to the receipient's key?
Use a wrapper around 'gpg' which adds '-r corporate_key' to the
user-supplied options (only when encrpypting, obviously) and then
exec()'s the original 'gpg' with the modified options.
Zach Himsel [08/11/2006]:
I think there was a program I heard about somewhere that enabled the
clipboard to be read from the console.
Could that be Kim Saunders' xclip?
It's available at
http://people.debian.org/~kims/xclip
___
Gnupg-users
is it possible to cut the OpenPGP Card to the size of a SIM Card without
destroying it?
I am asking this because i want to use a Kobil KAAN SIM III Reader, its
a ccid compatible
USB Token which takes Cards in SIM size. I guess it should work ..?!
Of course, the problem with a card
Is there any difference between the effects of following commands?
gpg -e -R alice -R bob file
gpg -e -r alice -r bob --throw-keyid file
Since you are using -R (which does a per-recipient --throw-keyid) for
both recipients, there is no difference between the two commands.
I
Does anyone know the legal status of GnuPG in China?
The only information I found was
http://rechten.uvt.nl/koops/cryptolaw/cls2.htm#prc
But I am unsure if that actually applies, as GnuPG is neither a
commercial application nor is the intended use commecial.
Regards,
Anyone
If I create a keypair in the normal way, the mails, files, etc.,
encrypted with it are protected by the passphrase as well as the
private key.
But access to my hard drive would easily reveal
$ gpg --list-secret-keys
my secret identity that I want to use for pseudonymous publishing.
Any
IIRC, the source to PGP is available, but only for peer review
purposes. The license prohibits compiling your own PGP binaries. I might
be wrong. It's been a long time since I've read the license.
You are almost right. you may make binaries, but not for use, only for
testing PGP for exploits. For
26 matches
Mail list logo