-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi folks,
Context: I am trying to figure out how much visible metadata I
can remove from an encrypted e-mail before it becomes completely
unusable.
Step one: stripping stuff from the message headers is relatively
easy; minimal messages with all recip
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Daniel Kahn Gillmor wrote:
>
> You don't get the luxury to decide on this transition yourself,
> i'm afraid. Mailpile has to deal with *other* MUAs doing
> throw-keyids, just like those other MUAs have to deal with it
> if/when Mailpile starts doing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hello GnuPG-users!
We had some really interesting discussions about WKD at the
OpenPGP e-mail summit. One of the recurring themes at many
sessions was WKD: it's becoming more and more important and
people are both deploying and relying on it.
Howev
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hello!
Thanks for the comments, guys!
Daniel Kahn Gillmor wrote:
> >
> > I thing gnupg-devel@ gnupg.org would be an appropriate place for
> > discussing such topics.
>
...
> If we want general e-mail discussion about WKD concerns, i'd
> suggest u
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hello GnuPG users!
Background: I'm working a bit on Mailpile's Autocrypt support
these days. Mailpile creates OpenPGP keys for its users, which
are protected by a strong passphrase, but generally manages those
passphrases on the user's behalf to gua
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Mikhail,
What follows is an educated guess, but only a guess...
Mikhail Morfikov via Gnupg-users wrote:
> gpg wants to connect to the network, but it looks like it wants
> also TCP/993 (IMAPS). This happens when I use Thunderbird as a
> mail cl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hello!
Mikhail Morfikov wrote:
> Let's assume you are right, and it's because of the way the
> linux works.
>
> When I clear the conntrack table, the following messages appear
[...]
> So it's an ACK packet (possibly one per already opened
> connec
Hello gnupg-users!
I am the lead dev on Mailpile, a free software e-mail client where we're
doing our best to improve the usability of PGP-encrypted e-mail. I have
been pondering for quite some time the relative merits of various ways
of formatting otugoing encrypted mail, and this weekend I took
Hi Bernhard,
Bernhard Reiter wrote:
>
> thanks for working on Free Software and for discussing questions
> like this in the open!
And thank you for the friendly reply. :-)
> The short answer (from someone that was in the project team of S/MIME
> implementations for mutt and kmail and support
Hi Werner!
Werner Koch wrote:
> Hi Bjarni,
>
> On Sun, 23 Nov 2014 14:12, b...@pagekite.net said:
>
> > https://www.mailpile.is/blog/2014-11-21_To_PGP_MIME_Or_Not.html
>
> Not read (yet).
>
> > The "tl;dr" is that it might be worth dropping PGP/MIME for outgoing
> > encrypted mail and instead
Hi Simon, thanks for the comments.
Simon Ward wrote:
>
> I currently use Thunderbird and Mutt, both of which can open "emails
> within emails" as MIME parts, but I'm fairly certain Outlook from Office
> 2002 coped with them too. Granted, it's still an extra step with those
> MUAs, but all they n
Hello!
I just couldn't resist the chance to play devil's advocate some more...
;-)
(Werner: Sorry about the duplicate, I fat-fingered the reply-all)
Werner Koch wrote:
> > It would be far, far more useful to have a signature for each part so
> > instead of a binary pass/fail, you get a more g
Hello GnuPG users!
I just published a follow-up to Smári's blog post about the Mailpile
team's frustration while working with GnuPG. The post is here:
https://www.mailpile.is/blog/2015-02-26_Revisiting_the_GnuPG_discussion.html
As it's rather long, I won't paste the whole thing in here, but I
Hey Werner,
Yes, please do take your time.
I'm happy to hear you consider automation an important thing. I assume
that means the current limitations on that front are largely due to a
lack of developer resources - which I don't intend to badger you about,
my project suffers from the same.
Relate
Hi Hans-Christoph!
Hans-Christoph Steiner wrote:
> With all the recent attention to GnuPG and Werner's work, I have begun to
> think about things differently. GnuPG has an amazing security track record.
> It has had few serious security bugs, nothing even close to heartbleed that I
> know of, an
Peter Lebbing wrote:
> On 28/02/15 14:06, Ralph Seichter wrote:
> > but PGP does not work for mass e-mail protection
>
> Let me stress again that the proper course might be to replace SMTP (e-mail)
> and
> then work from that. If you have a sieve and wish for something to hold
> liquids,
> you
Jonathan Schleifer wrote:
> > Let me stress again that the proper course might be to replace SMTP
> > (e-mail) and
> > then work from that. If you have a sieve and wish for something to hold
> > liquids,
> > you could plug up all the holes or say "Blow this for a lark" and get a pan.
>
> You me
Werner Koch wrote:
>
> > I think that one solution would be to have mailpile use a per-session
> > gpg home dir.
>
> That is an architectural decision.
>
> BTW, gpg-agent has this --extra-socket feature which distinguishes
> between remote and local use (modulo some discussed changes). It woul
Thanks for the write-up, Werner! :-)
Werner Koch wrote:
> I do not want end these notes without remarking that I am a bit
> disappointed that many of the participants favored this closed
> invitation-only style summit and want the next meeting to happen the
> same way.
I was unable to at
Hello GnuPG-users!
I am (still) working on Mailpile, and it was brought to my
attention that if I send encrypted mail with folks in the BCC
line, the fact that they got a copy is leaked unless:
a) I use --hidden-recipient
b) I send them their own separate copy of the mail, encrypted only to the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thanks for the replies everyone. I think it's pretty clear what I
need to do!
All the best,
- Bjarni
- --
PageKite.net lets your personal computer be part of the web.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQEcBAEBAgAGBQJWrmFUAAoJEI4ANxY
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello!
Werner Koch wrote:
> On Wed, 23 Mar 2016 18:48, d...@fifthhorseman.net said:
>
> > I'm entirely open to packaging gpgme-tool separately from the -dev
> > package, if there is a clear and compelling argument for it.
>
> As of now it is not re
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi Werner,
Thanks for the reply!
Werner Koch wrote:
> > This is one of the complaints/wishes us Mailpile folks had, for
> > some sort of stable socket/stdio-based programmatic API for
> > talking to GnuPG. This sort of interface would make it much m
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hello again!
Since GnuPG appears to be designed not to handle this use-case, I
wrote a tool (a Python 2/3 library) to solve my problem:
https://github.com/BjarniRunar/python-pgp_passtool
It's also in PyPI, so `pip install pgp_passtool` should
24 matches
Mail list logo