I'd personally prefer having a real OpenPGP plugin for gpg,...
Wouldn't that be the real solution?
Cheers,
Chris.
smime.p7s
Description: S/MIME cryptographic signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/l
On Mon, 2010-04-26 at 08:57 +0200, Werner Koch wrote:
> Actually the working group informally agreed on this draft after we
> changed a few US centric things.
Nice to read. I was just about to reply, that it might make sense to
start implementation in gpg even if standardisation has not yet fully
f
On Wed, 2010-04-28 at 19:37 +0200, Joke de Buhr wrote:
> Is there any way of transferring my existing 4096 bit keys to the card.
> Generating new 3072 bit keys worked fine but it would be a lot better if I
> could stick to my 4096 keys.
Obviously not...
Cheers,
Chris.
smime.p7s
Description: S
On Fri, 2010-04-30 at 19:44 -0400, David Shaw wrote:
> Looks very interesting. I'm curious how this differs from the
> SIM-sized card in a SIM-sized USB reader? For example, the regular
> 2.0 OpenPGP card in a SCR3320 USB stick reader
> (http://www.scmmicro.com/security/view_product_en.php?PID=6)
http://www.roguedaemon.net/rephrase/
or google.com
Cheers,
Chris.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Hi.
I've just realised that policy URLs (--set-policy-urls) seem to be not
set on self-sigs (e.g. when resigning the key via changing the prefs or
so).
If that's not a bug,... why have you chosen not to put it on self-sigs?
AFAIU RFC4880 it's just the policy under which a signature was made.
So o
Hi.
Just found out, that a policy _is_ actually set when using
--set-policy-urls when creating a key (--gen-key)
But it seems there is no way of changing that later..
I've looked through the code but could not find the place why it's
ignored when just e.g. changing the keyserver/prefs/etc.
Hi.
That's fairly easy by hacking the code and resigning.
Have a look the the archive, it was mentioned before how it works.
Cheers,
Chris.
smime.p7s
Description: S/MIME cryptographic signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http
On Wed, 2010-11-10 at 14:58 -0500, Daniel Kahn Gillmor wrote:
> hrm, even if i can do this, it probably isn't very convincing for most
> people following gnupg-users :(
It was suggested before, to ad such functionality, but declined IIRC.
> > Have a look the the archive, it was mentioned before h
On Wed, 2011-01-26 at 15:37 -0500, Avi wrote:
> As someone who uses GnuPG on a USB stick under Windows, I sincerely
> hope that elliptical curves get added to the 1.4 trunk.
I know this won't happen,... but I'd rather see a roadmap to phase out
1.x...
Maintaining to branches is not only a big eff
Hi.
This pops up over and over again...
>From a technical point of view that seems to be not only a intended
limitation,... at least it's not enough to change the max size in the
code,... there seem to be several buffers one would need to enlarge in
order to make bigger keys.
Personally I'd pref
On Tue, 2012-05-22 at 17:50 +0200, Peter Lebbing wrote:
> Or bugs only affecting large keys are not found because so few people use it,
> and it becomes an attack vector affecting only those using large keys.
While this could happen, I'd guess it would be rather vice versa
And eventually large
y.
Thanks and best wishes,
Christoph Anton Mitterer.
begin:vcard
fn:Mitterer, Christoph Anton
n:Mitterer;Christoph Anton
org:Munich University of Applied Sciences;Department of Mathematics and Computer Science
adr;quoted-printable;quoted-printable:;;Lothstra=C3=9Fe 34;M=C3=BCnchen;Freistaat
ings in the UID are true (more
questions about the different kinds of signatures from others to my UIDs
later)
Ok,.. I told you I'd use my key as long as possible. But sometimes my
email address changes, so I'll defenitely have more than one UID.
Big problem:
When I change my UID all s
Hi again.
First of all: Sorry for those many writing mistakes I've made in my
initial post,... my English is better indeed, but it was pretty late
when I wrote that mail ;-)
Ok,..
In the meantime I've received several replys,... most of them haven't
been posted to the list. I'll do that as s
John Clizbe wrote:
Well, first it has to make it into the OpenPGP Standard. And usually to do
that, it would likely need to be part of some governmental or business
standard so that large numbers of end-users would want/need it.
I think that should be implemented despite of the way goverments
Hi.
This is perhaps a stupid question but how far are these two standards
interoperable?
I've seen a document that proposes some things in that area
(http://www.imc.org/ietf-openpgp/mail-archive/msg09930.html).
My question now:
Can X.509 certificates be used to sign/certificate OpenPGP UIDs
David Shaw wrote:
That would work if GnuPG stood alone, but it doesn't. New algorithms
or message constructions need to be discussed and worked out as part
of a standard so that all programs can interoperate.
I know that, of course, but I think that perhaps we'll have no ECC the
next 10 yea
Alaric Dailey wrote:
CAcert offers a GPG signature if your persona has been verified, and I
wrote this as well.
http://wiki.cacert.org/wiki/ConvertingCertificateToPgp
Uhm,.. but that way I create a NEW key,... correct?
I was looking for a signature for my EXISTING key.
if this doesn't an
Hi...
This is just a short question,... (I'll ask a lot of other things
regarding signatures as part of "my" "Lots of questions" thread :-) )..
What is the "best type of signautre someone can give to my UIDs?
Ok,.. I think there are the following types:
local, non-revocable, trust, normal
So
David Shaw wrote:
It is not suggested. NR signatures are useful in very specific
circumstances, and regular people signing other people's keys are not
one of those circumstances.
Can you tell me one of these circumstances, I can't imagine one *g*
It's not necessarily a benefit to you
that s
strongest hash)? And/or should I sign others UIDs only with SHA512 (..) ?
Best wishes,
Christoph Anton Mitterer.
begin:vcard
fn:Mitterer, Christoph Anton
n:Mitterer;Christoph Anton
org:Munich University of Applied Sciences;Department of Mathematics and Computer Science
adr;quoted-printable;quoted
Werner Koch wrote:
Can X.509 certificates be used to sign/certificate OpenPGP UIDs?
No. You can add a private extension to do so.
What do you mean by "private extension"?
Chris.
(from now on,.. imply my "best wishes" =) )
begin:vcard
fn:Mitterer, Christoph Anton
n:Mitterer;Christop
Werner Koch wrote:
I know that, of course, but I think that perhaps we'll have no ECC the
next 10 years or so,.. if noone makes the step,...
Uhm,.. I probably have not that detailed knowlegde as you,... but when
I've read the comparisions of cryptographical strength it seemed that
ECC wit
markus reichelt wrote:
* Christoph Anton Mitterer <[EMAIL PROTECTED]> wrote:
What about using that uhm,.. libecc
(http://libecc.sourceforge.net/)?
do you know of an application that uses this lib?
No I don't but that shouldn't be a reason to forget about it,...
i
Alex Mauer wrote:
Christoph Anton Mitterer wrote:
Do you remember when, I think it was BBC, claimed they had a patent in
the US which would cover hyperlinks?
It was British Telecom. google:"british telecom" hyperlink patent
Ah,.. ok *g*
But you see my point? Well,.. I i
markus reichelt wrote:
* Christoph Anton Mitterer <[EMAIL PROTECTED]> wrote:
do you know of an application that uses this lib?
No I don't but that shouldn't be a reason to forget about it,...
Now why is that? I didn't imply anything to such extent.
David Shaw wrote:
If so,... should I (for security/cryptography reasons) ask users to sign
my key only with SHA512 (or whatever is considered as the currently
strongest hash)? And/or should I sign others UIDs only with SHA512 (..) ?
This is up to you, but note that most OpenPGP programs d
David Shaw wrote:
First, read this:
http://download.cryptoex.com/documents/whitepaper/cex2003-pgp-in-unternehmen-en/Tech%20White%20Paper%202002%20-%20Using%20OpenPGP%20in%20Corporations.pdf
Then, read this:
http://lists.gnupg.org/pipermail/gnupg-users/2005-May/025612.html
Thanks :-)
bits /keyIDDate User ID
pub 1024D/6B6EEFC9 2004/03/22 Martin Roll <[EMAIL PROTECTED]>
sig6EF2BDF5 Rainer W. Gerling <[EMAIL PROTECTED]>
sigBE8DC15F Michael Decker <[EMAIL PROTECTED]>
sig 67B82F43 Christoph Ant
Jean-David Beyer wrote:
Is it because you think they have so much computer power at Ft. Meade that
they can use exhaustive search? Or do you think their mathematicians
are so
much better than the general public (including math professors who
specialize in this stuff) that they have discovered
David Shaw wrote:
It's a countermeasure against an attack against signing subkeys.
Basically, the primary key signs all subkeys. With backsigs, the
signing subkey also signs the primary key.
Without this, an attacker can "steal" a signing subkey from someone
else and try and pretend that a sig
David Shaw wrote:
I'm afraid I don't understand what you're asking here. How backsigs
work?
And what is the "theory" behind them,... e.g. how do they improve security?
Best wishes,
Chris.
begin:vcard
fn:Mitterer, Christoph Anton
n:Mitterer;Christoph Anton
org:Munich University of Applied S
Hi.
As you probably know, one can set his prefered algorithms for a OpenPGP
key using setpref.
How is the priority specified? Is it from left to right, meaning that an
algorithm a left from another (b) is preferd in favour of b?
setpref --->--->--->---> ?
Best wishes,
Chr
David Shaw wrote:
How is the priority specified? Is it from left to right, meaning that an
algorithm a left from another (b) is preferd in favour of b?
setpref --->--->--->---> ?
Correct, it's left to right. The algorithm works by eliminating any
algorithm that isn't usable by all reci
Hi folks!
Ok,.. I know that you can set at least the following flags to specify
the purpose of a key:
A - authorsation
C - certification
E - encryption
S - signation
Ok,.. as far as I understood, if a key is C-only that this indicates
that it is used solely for signing other keys, but not for
David Shaw wrote:
So I think it would be better to have the following:
primary: C, RSA-S, 4096 bit
secondary: S, RSA-S, 4096 bit
secondary: E, ElGamal, 4096 bit
Ok...
1) Is it advisable at all?
Yes. Many people do it this way, including myself. It's not actually
an RSA-S key (that's dep
David Shaw wrote:
On Tue, Nov 08, 2005 at 03:29:39PM +0100, Christoph Anton Mitterer wrote:
Yes. Many people do it this way, including myself. It's not actually
an RSA-S key (that's deprecated), but a regular RSA key with the S
flag set. However, you don't actually wan
Alphax wrote:
>What would be the disadvantages?
You could end up with conflicting copies of the same key for one...
What does that mean?
Chris.
begin:vcard
fn:Mitterer, Christoph Anton
n:Mitterer;Christoph Anton
org:Munich University of Applied Sciences;Department of Mathematics and Compute
lusfert wrote:
What does type "A" mean and where is it used?
It means that the key can be used for authentication,... e.g. for ssh or so.
Chris.
begin:vcard
fn:Mitterer, Christoph Anton
n:Mitterer;Christoph Anton
org:Munich University of Applied Sciences;Department of Mathematics and Computer
David Shaw wrote:
If such a feature existed in GnuPG, yes.
David
Uhm,.. I rethought the whole thing,... and I came to the reason that I
gave up too fast ;-)
Ok,.. you told me that the disadvantage of C-only keys would be that you
can't response to challenges. Is this the only reason?
As
Or is there perhaps another software that I could use for chaging the
key usage flags (without damaging my key or changing the format or so).
Of course I'd prefer using GnuPG because I trust this the most :-)
Once again,.. I'm only going to do this,.. if it wouldn't have
disadvantages for the
Alphax wrote:
It means, the "expected" behaviour for what the keyservers/PGP/GPG will
do when it finds that the usage flags have changed on a primary key is
completely undocumented, because they are *not supposed to change*. I
don't think they're protected by the fingerprint/selfsignature (altho
David Shaw wrote:
And what is the "theory" behind them,... e.g. how do they improve security?
Current signing subkeys have a weakness in that they can be moved from
one key to another without the key owner's approval.
This means that if I sign a message with a signing subkey, someone
else
Ok,.. my answer to this is a little bit late but here it is ... ;-)
It's not that I see a desperate need for the feature,
it just seemed an interesting omission, and I wondered
what the reason was.
I'm surprised that compatibility is a problem - I
assumed it would be done by having the self-sig
David Shaw wrote:
No, they have their own type. They are 0x19.
I should have read on before asking,.. sorry ;-)
Chris.
begin:vcard
fn:Mitterer, Christoph Anton
n:Mitterer;Christoph Anton
org:Munich University of Applied Sciences;Department of Mathematics and Computer Science
adr;quoted-pri
Hi.
Took a while but now I've time to answer.
David Shaw wrote:
Ah,... I see,.. but is this problem only limited to signing subkeys? It
should be, right? Because the primary is protected by the selfsigned
user id? Or is there another reason? (just want to check if I'm slowly
understand how
I've just found out that 0x19 is not specified by rfc2440...
Isn't that a dangerous way if gnupg add its own things to it?
Chris.
begin:vcard
fn:Mitterer, Christoph Anton
n:Mitterer;Christoph Anton
org:Munich University of Applied Sciences;Department of Mathematics and Computer Science
adr;quote
Hi.
When I use an USB token instead of a "normal" smartcard reader do I
still need special software (e.g. pcscd and so on) or is gnupg enough.
Best wishes,
Chris.
begin:vcard
fn:Mitterer, Christoph Anton
n:Mitterer;Christoph Anton
org:Munich University of Applied Sciences;Department of Mathema
Ivan Boldyrev wrote:
Which SSH implementation does support it? It seems OpenSSH does not
(at least I can't understand how to do it).
I think you can do it via gpg-agent. Unfortunately I couldn't find any
documentation right now. :-(
Chris.
begin:vcard
fn:Mitterer, Christoph Anton
n:Mitter
Olaf Gellert wrote:
When I generate an RSA key, GPG provides the capabilities
sign, encrypt and authenticate (in expert mode), but
not certification.
Certification is always used automatically for the primary (signing) key.
If you edit your key (gpg --edit-key ) you'll see a "Usage: CS" for
Hi.
Somewhere (unfortunately I've lost the URL) I've read about forging
fingerprints and/keyIDs (not sure)
Meaning that an attacker could create a key (but as far as I remember
with a different keysize onlz) that has the same fingerprint and/or
keyID as another key.
Is that true?
Are the
gt; showpref
pub 4096R/5BB9A53D created: 2005-10-28 expires: never usage: CS
trust: unknown validity: unknown
[ unknown] (1). Christoph Anton Mitterer
Cipher: AES256, AES192, AES, CAST5, 3DES
Digest: SHA1, RIPEMD160
Compression: ZLIB, ZIP, Uncompressed
F
Hi :-)
Ok,.. it took some time,.. but now I came back to that issue ...
David Shaw wrote:
On Wed, Nov 09, 2005 at 12:53:45AM +0100, Christoph Anton Mitterer wrote:
Or is there perhaps another software that I could use for chaging the
key usage flags (without damaging my key or changing
David Shaw wrote:
On Tue, Nov 08, 2005 at 11:41:43PM +0100, Christoph Anton Mitterer wrote:
Ok,.. you told me that the disadvantage of C-only keys would be that you
can't response to challenges. Is this the only reason?
As far as I know a challenge/response is used by some users to v
Ah,.. tanks :-)
So it sould be completely enough to verify Name/eMail and the
Fingerprint when signing another key,... and I don't have to compare
creation date/keysize/algorithm/etc., right?
Best wishes,
Chris.
begin:vcard
fn:Mitterer, Christoph Anton
n:Mitterer;Christoph Anton
org:Munich Uni
Kurt Fitzner wrote:
I know that encrypting a file without signing it is commonly done with
symmetrical encryption. My question is, do people commonly use GnuPG to
encrypt a file without signing it using PK-encryption?
Well that's totally up to your personal taste =)
Personally, I don't t
David Shaw wrote:
Was I wanted to know was: How can I get new subkey binding sigs for my
subkey (new: with more recent creation time, and of course with the
"better" hash algorithm)?
You can't, without hacking GPG to do it. It's easier to just make a
new subkey.
Ah,.. too bad :-/
I'v
Holger Schuettel wrote:
I've any questions. How can i generate a keypair with size more than
4096 bits? I've a RSA key from my friend in my keyring with 16384 bits.
This is not desirable at all.
- First of all you may encounter compatibility problems (although I
haven't found any limit on th
Schl�ssel des rsa 16k sind sehr umfangreich zu verwenden und
liefern * sehr sehr lang * Unterzeichnungen (mich versuchte es
heraus gerade, um zu sehen was geschehen w�rde,; -) aber sehen
keinen Vorteil und haben nicht gest�rt, einen einen anderen
Schl�ssel f�r Sicherheitsgebrauch, nachdem sie
Johan Wevers wrote:
Christoph Anton Mitterer wrote:
- And even from a cryptographic point of view this wouldn't make sense
(as far as I know), as currently hashfunctions are the weak point of the
whole system.
That depends on what you consider important. Hash functions are only
Pawel Shajdo wrote:
Can somebody point me to RFC or IETF draft (or other info) about this special
DNS recodrds?
I'm not sure, but perhaps this utilizes the SIG resrouce record,... have
a look at RFC 2535 about DNSSEC (http://www.ietf.org/rfc/rfc2535.txt).
Perhaps David or Werner could con
[EMAIL PROTECTED] wrote:
might be interesting to see the year 2020 gnupg version,
the max keylength proposed then,
and then link back to this thread ;-)
Perhaps in 2020 gpg uses quantum cryptography,... (of course one would
need a special dongle attached via USB version 42)
RSA/SHA/ElG/EEC
Pawel Shajdo wrote:
>On Dec 28, 2005 at 00:25 +0100, Christoph Anton Mitterer wrote:
>
>
>>I'm not sure, but perhaps this utilizes the SIG resrouce record,... have
>>a look at RFC 2535 about DNSSEC (http://www.ietf.org/rfc/rfc2535.txt).
>>
>>
>Seem
Nicky wrote:
>What does the usage letters mean in the key listing?
> usage: CS
> usage: SEA
>What does SEA stand for? I think S and E stand for Signing and Encryption
>respectively but what about A and C?
>
>
Please have a look at the "Keytypes and changing them" thread
(http://lists.gnupg.o
David Shaw wrote:
>Anyway, do this:
>
>gpg --expert --cert-digest-algo (thehash) -u (thekeyid) --sign-key (thekeyid)
>
>
Is this possible with the selfsigs on subkeys, too?
Chris.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.
David Shaw wrote:
>If an attacker compromises the keyserver or in any way distributes
>your key himself, he can remove the new self-sig, leaving the old one
>behind.
>
>
Isn't it possible to revoke the older selfsig?
Of course, it's still possible for an attacer to compromise the
keyserver and/
Nikolaus Rath wrote:
>Now I wonder why gpg needs random data for symetric encryption. Should
>I care about the message or not? And how can I make it disappear?
>
>
As far as I know, even for symmetric encryption gnupg uses a session key
package, which is than encrypted via s2k-algorithms (your p
Sean Rima wrote:
> I may have the chance to inherit a Gemplus gemPC430 USB card reader
> to use with my PC. I am looking to get an gpg card from kernel
> concepts, but want to know if anyone has used this reader with gpg
I cannot tell you definitely if it works, but at least in Debian there
You may also look at section 5.14 in the standard
(http://www.ietf.org/internet-drafts/draft-ietf-openpgp-rfc2440bis-15.txt).
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Kurt Fitzner wrote:
>My question is, does a secret key actually need to be signed?
>
>
Correct me if I'm wrong, but _secret_ keys are never selfsigned, at
least not under normal circumstances...
Perhaps it is allowed to sign it with a 0x1F but I'd have to look this
up in the standard,...
It wou
>>Does this makes any sense anyways because the own
>>selfsignatures use MD5 which is weak. I could do
>>new self-sigs with another algorithm, correct?
>>
>>
>Yes, but then you can't use the key in PGP 2 any longer.
>
>
Than he should also revoke his old selfsigs, correct?
Chris.
_
David Shaw wrote:
>He can if he wants to. It doesn't actually make a difference either
>way since the new signature overrides the older one.
>
>
Is this only gpg behaviour or does the standard specify to only consider
the most recent sig?
Chris.
___
Jeremiah Foster wrote:
>How do I properly remove the old, unusable public key when I do not
>possess the secret key any longer and without destroying my entire gpg
>installation.
>
>
--delete-key name
Remove key from the public keyring. In batch mode
either
Jeremiah Foster wrote:
>Hey Chris,
>
>Yeah I saw that from the man page and it did not help. Specifically
>because the names are identical and when you issue --delete-key name you
>get prompted to specify the secret key which does not exist in my case.
>So delete-key fails to work for my needs.
>
Hi.
Have there been any advancements in using these cards? (I'm currently
consider to buy one.)
Ullrich Martini wrote:
> I got the root certificate from their web site and an intermediate
> certificate by email. It seems that they changed their policy there.
> However, one has to sign a pretty s
Hi.
I'm writing a support script for using dm-crypt/luks for root-filesystem
encryption, that will be used from an initramfs.
The iniramfs-scripts parse /etc/cryptab which specifies the file that
contains the key. It also allows to specify a so called keyscript, that
is invoked with the keyfile as
... thus the
keyholder can happily change his SELFSIG whenever he wants without
loosing the SIG's.
Best wishes,
--
Dipl.-Inf. (FH) Christoph Anton Mitterer
eMail:
[EMAIL PROTECTED]
[EMAIL PROTECTED]
Jabber/XMPP:
[EMAIL PROTECTED]
Ludwig-Maximilians-Universität München
Lehrstuhl für expe
terer", nor "christoph
mitterer", nor "Chris Mitterer" it is (even from a legal point of view
"Christoph Anton Mitterer".
See my point? I consider missing information as grave as wrong
information.
Each signature on a file or email would not validate if I simpl
Ok, if I modify it,.. and create a 0x1F with key usage, key
> > server-prefs, algorithm prefs, and so on... Will gpg understand this?
> No.
Ah... is this by intention? Or just not yet implemented? To say it
differently,.. which subpacktes or understood on the 0x1F signatures?
Best wishes,
Ok in fact this belongs also to the WG,.. but (apart from the fact that
I'm really unsure if I like the idea of must have algos at all - in each
case they have some very practical use) it would be an idea, to change
them or at least add some other must haves.
As Robert already point
Dear Robert.
On Tue, 2008-04-15 at 20:35 -0500, Robert J. Hansen wrote:
> Christoph Anton Mitterer wrote:
> > But it does not say that it has to contain the must-have algos.
> As has been mentioned here at least twice now, see section 13.2, where
> it explicitly says if the MUSTs
the C
flag a general certification use (not only OpenPGP keys/UIDs) or only
certification of OpenPGP keys/UIDs.
In the later case one should probably stick with "CS"
What do you think?
Greetings,
--
Dipl.-Inf. (FH) Christoph Anton Mitterer
eMail:
[EMAIL PROTECTED]
[EMAIL PROTECTED]
d.
Well,.. I didn't claim that it would do it by default ;)
Regards,
--
Dipl.-Inf. (FH) Christoph Anton Mitterer
eMail:
[EMAIL PROTECTED]
[EMAIL PROTECTED]
Jabber/XMPP:
[EMAIL PROTECTED]
Ludwig-Maximilians-Universität München
Lehrstuhl für experimentelle Physik – Elementarteilchenphysik
r, such attributes could be his name town,
ZIP-code or even his ebay account).
And I would like to see a redesigned standard much more stricter and
definite. The RFC itself says, that it uses a "wishy-washy" style, I
think that could lead to security problems.
> Work with a scalpel,
On Sat, 2008-04-19 at 20:37 -0400, David Shaw wrote:
> Do people find the 1.4.x / 2.0.x thing confusing?
Well,.. partly,... (at least when speaking for myself).
Of course it makes sense to provide security fixes for the 1.x branch,
but I always wonder why you don't switch to the 2.x for the main
de
On Sat, 2008-04-19 at 19:45 -0500, Robert J. Hansen wrote:
> Regular users are taught to think that bigger version numbers are
> better, more recent, more capable, more bug-free, etc.
Well,.. that's what nearly each version naming model implies.
Of course those examples are different, however for a
Dear Robert.
On Sat, 2008-04-19 at 21:41 -0500, Robert J. Hansen wrote:
> Yes: that's the point I was making. Regular users are taught to think
> this. This is generally true. GnuPG is not following the regular
> versioning conventions.
Uhm what I mainly wonder is,... what is the main differenc
On Sun, 2008-04-20 at 10:31 +0200, Sven Radde wrote:
> While it isn't directly true for GnuPG, interpreting the issue in this
> way (i.e. "use 1.4 only if 2.x isn't possible for you") would not do any
> harm, would it?
Yes, that's what I'd prefer.
Chris.
_
On Sun, 2008-04-20 at 11:40 +0200, Ingo Klöcker wrote:
> On Sunday 20 April 2008, Robert J. Hansen wrote:
> > Windows NT 3.51 --> Windows NT 4.0
> > Windows 2000 --> Windows 2003 Server
> > FreeBSD 5.2 --> FreeBSD 6.0
> > Fedora Core 8 --> Fedora Core 9
> > GnuPG 1.4 --> GnuPG 2.0
> One of those is
On Mon, 2008-04-21 at 09:30 -0400, Mark H. Wood wrote:
> So, perhaps 1.4 should be GnuPG and 2.0 should be GnuPG-Plus.
> (Please, no "++"!)
I think that renaming would actually increase the confusion.
It would be better to consider to slowly phase out the 1.4x branch.
Chris-
On Mon, 2008-04-21 at 08:59 -0500, Robert J. Hansen wrote:
> I imagine this idea would get a lot of pushback from 1.4 users. I know
> that I'd be bothered by it.
What's the reason?
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.o
On Mon, 2008-04-21 at 09:43 -0400, David Shaw wrote:
> How about:
>
> 1.4 == GnuPG Classic
> 2.0 == GnuPG Plus
If both should continue to develop (on a long time view) why not:
1.4 == GnuPG Classic
2.0 == GnuPG
Chris.
___
Gnupg-users mailing list
Gnup
On Mon, 2008-04-21 at 09:21 -0500, Robert J. Hansen wrote:
> If GnuPG 1.4.x suddenly gets marked "deprecated" and begins to be phased
> out, a whole lot of people are going to start asking "why? Official
> word on the GnuPG list was that GnuPG 1.4 was still perfectly safe and
> would be maintai
On Mon, 2008-04-21 at 16:33 +0200, Werner Koch wrote:
> This will not happen. 1.4. builds on a wide variety of platforms
> whereas 2.0 requires a decent POSIX or Windows platform.
I've already thought that...
> Frankly, I do not see the problem. The BInd folks are running Bind 8
> and Bind 9 fo
On Wed, 2008-04-23 at 13:41 -0400, reynt0 wrote:
> (This is a late comment, I'm catching up reading email, and
> Herr C.A.M has mentioned his idea a couple of times.)
[snip snap]
Does this contain any question?
Regards,
Chris.
___
Gnupg-users mailing
Quoting reynt0 <[EMAIL PROTECTED]>:
Well, not specially (ignoring the polite grammar using the
form of questions). What it was is a suggestion, stated
in third person and a first person example, why one part
of your suggestions/opinions might not be a good fit
with gpg. IMHO, of course. That's
On Thu, 2008-04-24 at 07:56 +0200, Michel Messerschmidt wrote:
> What about second/third ... names, name changes (e.g. marriage),
> offical pseudonyms (e.g. artist names in Germany), ... ?
Yes of course,.. and lots of other things in other countries and
cultures.
> > The reason: As a mathematicio
On Sat, 2008-04-26 at 02:20 -0500, Robert J. Hansen wrote:
> I'd like to see GPG remain the name for only 1.4.
>
> GnuPG 2.x introduces a lot of new crypto support that is not related
> to
> OpenPGP. The original metonymy is no longer appropriate.
>
> Call it GnuPS, for the GNU Privacy Suite. If
On Wed, 2008-05-14 at 22:58 +0200, gabrix wrote:
> Mine is just a suggestion to improve our dear gnupg.
> What is missing in linux is a killer crypt application .
> I recently used two windows application pgp and bestcrypt . And they both
> have , disk encryption , mail encryption , key generator
1 - 100 of 167 matches
Mail list logo
