a secret key is effectively a public key, with a few more fields of secret
stuff tacked on the end.
Your assumption is correct, for both. When GPG imports a secret key, it
creates a public key and imports it alongside the secret key.
David
___
Gnupg
.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
database as a start. It's not 100%, but should
get you going.
http://www.darwinsys.com/file/
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On 09/10/13 21:42, Jan wrote:
10/9/2013 14:19, Werner Koch wrote :
So what about using that free USB stack for AVR's to implement a flash
device? You would be able to audit about everything; flylogic even has
these nice pictures of the ATmega88 masks...
10/9/2013 16:33, David Smith wrote
message), as an unsigned user ID is not
really meaningful as anyone could add it against the will of the keyholder, and
a locally signed user ID is effectively unsigned.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman
On 09/10/13 15:16, Jan wrote:
I don't understand this, what does AVR etc. mean? Is there a substituion for
USB? I'd be grateful for an explanation.
AVR is a semiconductor manufacturer who make microcontrollers (amongst
other things).
___
Gnupg-users
, and your addressees verify that the public keys they
have really do belong to you, you can be confident that the signature
mechanism is safe.
--
David SmithWork Email: dave.sm...@st.com
STMicroelectronics Home Email: david.sm...@ds-electronics.co.uk
Bristol, England GPG Key
methods.
--
.~. Jean-David Beyer Registered Linux User 85642.
/V\ PGP-Key:166D840A 0C610C8B Registered Machine 1935521.
/( )\ Shrewsbury, New Jerseyhttp://counter.li.org
^^-^^ 16:55:01 up 10 days, 23:40, 3 users, load average: 4.76, 4.43, 4.30
it. The OpenPGP working group
added TWOFISH as a 256-bit cipher (and not incidentally a 128-bit blocksize),
and later AES. There is nothing specifically wrong with CAST6, but given that
OpenPGP has both TWOFISH and AES, there isn't really a pressing reason to
include CAST6 too.
David
On 07/26/13 22:20, Johan Wevers wrote:
Yes, I know the mantra, and I'm sure that obvious backdoors are not
present because they would be found rather quickly. However, more subtle
bugs leading to decipherable messages can take more time to find. The
infamous PRNG bug in pgp 5 on Unix is a
, but it's not a GnuPG extension.
http://www.rfc-editor.org/rfc/rfc5581.txt
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
and paste on top of that. Of course, that's just gives you a
draft document. There are quite a few more steps in producing a RFC.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
release
and that requires the following libraries:
libksba-1.0.5-2.el5
pinentry-0.7.3-3.el5
pth-2.0.7-6.el5.
As Peter asks, why do you want to install 1.2.1?
--
.~. Jean-David Beyer Registered Linux User 85642.
/V\ PGP-Key:166D840A 0C610C8B Registered Machine 1935521
this is, but the only BUG() call in the lookup function is one that fires
if the packet it sees in the secret keyring is not a secret key.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
is calculated is given in RFC-4880, the OpenPGP
specification.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On Aug 9, 2013, at 2:43 AM, Khelben Blackstaff eye.of.the.8ehol...@gmail.com
wrote:
I only replied to Mr. Shaw and not to the list so i send this again.
On Fri, 9 Aug 2013 00:09:29 -0400
David Shaw ds...@jabberwocky.com wrote:
There are two namespaces here. If a tag is defined
preferred-email-encod...@pgp.com=pgpmime.
Shouldn't @pgp.com be changed to the domain of each user ?
In this case, the preferred-email-encoding tag was defined by the pgp.com
people. Thus preferred-email-encod...@pgp.com is the proper string to use.
David
ab...@teamspeakusa.com actually required? I know
postmas...@teamspeakusa.com is required and it must go to a real
person, but is any other?
--
.~. Jean-David Beyer Registered Linux User 85642.
/V\ PGP-Key:166D840A 0C610C8B Registered Machine 1935521.
/( )\ Shrewsbury, New Jersey
.
--
.~. Jean-David Beyer Registered Linux User 85642.
/V\ PGP-Key:166D840A 0C610C8B Registered Machine 1935521.
/( )\ Shrewsbury, New Jerseyhttp://counter.li.org
^^-^^ 06:50:01 up 2 days, 22:15, 2 users, load average: 4.22, 4.39, 4.43
is private.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
is
referred to by its primary key ID and fingerprint. The subkeys are effectively
along for the ride. Some programs make a point of telling you which subkey is
in use at a particular time. Some do not.
David
___
Gnupg-users mailing list
Gnupg-users
to do this, and I would not live long
enough to do it even were I motivated to do it. Maybe Ken Thompson or
Dennis Ritchie could do it, but I bet he would not.
--
.~. Jean-David Beyer Registered Linux User 85642.
/V\ PGP-Key:166D840A 0C610C8B Registered Machine 1935521
On 08/05/2013 09:23 AM, TeamSpeak Piracy wrote:
Jean-David Beyer,
Thank you for contacting us. This is an automated response confirming
the receipt of your ticket. One of our agents will get back to you as
soon as possible. For your records, the details of the ticket are listed
below. When
that it
isn't using for trust calculations (so, revoked signatures are removed, runs of
multiple signatures are collapsed down to the most recent, and so on).
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo
add/change
UIDs without the fingerprint changing.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
an encrypted e-mail to a friend of mine who
then forwards it unencrypted to someone else.
The developers of GPG cannot do anything to protect against these threats.
--
.~. Jean-David Beyer Registered Linux User 85642.
/V\ PGP-Key:166D840A 0C610C8B Registered Machine 1935521
, so the receiving program doesn't have to read to the end, find
out what hash is in use, then jump back to the beginning to actually hash the
document.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo
On 06/12/13 10:49, Nils Faerber wrote:
Am 12.06.2013 07:24, schrieb Navin:
Since GnuPG comes under the GPL, I would like to clarify if a person's
proprietary software makes use of GnuPG purely by invocation of the
commandline commands, and the GnuPG exe's and DLL's are bundled
unmodified with
On 06/11/2013 12:23 AM, Robert J. Hansen wrote:
On 6/10/2013 11:37 PM, Jean-David Beyer wrote:
Of course he did not seriously propose the idea as a real course of
action. But it is interesting to think about.
I drive a Mustang GT with enough engine work to make it genuinely
dangerous
On 06/11/2013 12:23 AM, Robert J. Hansen wrote:
On 6/10/2013 11:37 PM, Jean-David Beyer wrote:
Of course he did not seriously propose the idea as a real course of
action. But it is interesting to think about.
I drive a Mustang GT with enough engine work to make it genuinely
dangerous
Sorry, I sent it privately by mistake...
Original Message
Subject: Re: Why OpenPGP is not wanted - stupid is in vogue right now
Date: Mon, 10 Jun 2013 06:59:59 -0400
From: Jean-David Beyer jeandav...@verizon.net
Organization: Institute for Regimented Whimsey
To: Johan Wevers joh
On 06/10/2013 03:39 PM, Mark Rousell wrote:
I just wanted to say that you have neatly encapsulated my feelings
on the subject: Stupid is in vogue.
My concern is that it will be for a long time to come. It is
ironic that technology is, to a considerable extent, what has made
it possible. So
On 06/04/2013 03:22 PM, ira.kirsch...@sungard.com wrote:
I am running on Red Hat Linux 6.4.6
What release is that?
I have support from Red Hat that is up to date as of today, and it
claims to be:
$ cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.4 (Santiago)
Nothing about a
On 05/28/2013 03:28 PM, Werner Koch wrote:
On Tue, 28 May 2013 18:17, forlasa...@gmail.com said:
crazy and doesn't function correctly, the house is half wood and half
brick, and/Jack forgot to put locks on the doors./
Well, the mailbox at my door has no lock either and it suffers from the
On 05/26/2013 06:50 AM, Zece Anonimescu wrote:
Zece Anonimescu:
Robert J. Hansen:
Email is dying and has been for years. Ask a college student today[...]
I don't like the mass media estimates: the next big thing, the yesterday
thing, the dying thing. I thought for a good ten minutes and I
On 05/22/13 09:59, Zece Anonimescu wrote:
Hey fellas!
For the sake of portability I was reading about keeping the keyring on a
removable drive. I searched online but I get other things. Is it
possible to have the keys some other place? How do I tell GnuPG on some
other computer that it
On 05/03/13 12:58, Lema KB wrote:
Hi Werner
let's say, user_1 created public-private-key_1. then senders should
encrypt it with public-key_1 but for all user_1, user_2, etc.
with which private key will user_2, user_3,.. decrypt this file.csv,
which is encrypted with public-key_1?
No.
On 05/03/13 15:02, Lema KB wrote:
can a symmetric cipher be/use also public-private-keys?
No. The whole point of public/private cryptography is to use asymmetric
ciphers.
(caveat: actually, this is an over-simplification. In reality, gpg DOES
use symmetric ciphers, but in a way that makes it
the
document you were referencing is:
gpg --export-options export-minimal --export keyid | gpg --list-packets
|grep -A 2 signature|grep 'digest algo 2,'
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg
,
David
On Wed, Apr 24, 2013 at 12:40 PM, Werner Koch w...@gnupg.org wrote:
Hi,
it is now more than a year since we released 2.0.19. Thus it is really
time to get 2.0.20 out of the door. If you want to quickly try a beta
you may use:
ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-2.0.20
key) as it would give a better
path to the work key in the web of trust. At the same time, though, if I made
a key for a particular community where I wasn't directly known as David Shaw,
I'd probably not cross sign for the reason you imply - I wouldn't want the two
identities linked.
David
On 04/06/2013 01:10 PM, Ryan Sawhill wrote:
I wouldn't have to work at Red Hat to find your imagining of all this
hilarious. No offense meant.
I am not offended; just ignorant of some of the details of this.
What makes the most sense: that all packages are built on a handful of
central
On 04/05/2013 11:39 AM, Stan Tobias wrote:
The problem we're trying to solve here is how to ascertain originality
of a software development line, IOW how to authenticate it.
What I do is get my OS (a Linux distribution from Red Hat) on a DVD
directly from them. It contains, along with
On 04/05/2013 04:27 PM, Peter Lebbing wrote:
I have no idea how Red Hat does this, but it seems unlikely to me. It's
not connected to the internet, but signs the whole repository, and each
individual security update etcetera. Is there a guy who keeps going back
and forth with a USB stick
and then you only need to unlock the GPG keys...
--
David Tomaschik
OpenPGP: 0x5DEA789B
http://systemoverlord.com
da...@systemoverlord.com
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
?
The longevity of any public key cryptosystem should probably be
estimated in years or decades at the longest if you want any confidence
in your answer.
Regards,
--dkg
--
David Tomaschik
OpenPGP: 0x5DEA789B
http://systemoverlord.com
da...@systemoverlord.com
On Mon, Apr 1, 2013 at 3:38 PM, Melvin Carvalho melvincarva...@gmail.comwrote:
On 1 April 2013 22:50, David Tomaschik da...@systemoverlord.com wrote:
On Mon, Apr 1, 2013 at 10:46 AM, Daniel Kahn Gillmor
d...@fifthhorseman.net wrote:
On 04/01/2013 12:24 PM, adrelanos wrote:
gpg uses
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/30/2013 10:46 PM, Hauke Laging wrote:
[snip]
gpg uses /dev/random. That's why key generation usually blocks due
to lack of entropy if you do it right and boot a secure medium for
key generation.
The kernel fills /dev/random from e.g. key
On 03/25/13 20:05, Jan Chaloupecky wrote:
On Monday, March 25, 2013 at 8:36 PM, Werner Koch wrote:
On Mon, 25 Mar 2013 16:00, chal...@gmail.com
so the question is .. can I ship the idea shared object with my software?
The idea.c contains the following comments. So if I understand it
You need
On 03/26/13 10:30, Jan Chaloupecky wrote:
Sorry, I sent the last mail only to Hubert.
I was saying that Squeeze does not have in any of its repositories the
versions that support IDEA:
Max version of GnuPG is 1.4.12
child, which is when the scam was
blown open. So in short, these agencies do not find it difficult to do
anything that they need or want to do
regards
David
On 26/03/2013 17:36, Johnicholas Hines wrote:
The question is how to distinguish yourself from a nation-state's covert
agency purporting
On 03/05/13 16:45, BassToGo123 wrote:
I apologize for my inpatients. I have scoured the internet for a
discussion board or some other way of finding support for this program,
and this board is the only one I could find. Not that it matters to
anyone here, but not resolving this problem in a
foo.pub / foo.sec as a single key (while the pubring.gpg,
pubring.pgp, or pubring.pkr) is the keyring, but that's just convention.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Disable all checks on the form of the user ID while generating a
new one. This option should only be used in very special envi‐
ronments as it does not ensure the de-facto standard format of
user IDs.
David
a
stream of localization-safe string tags that can tell you the exact status of a
signature. See the DETAILS file from the GnuPG distribution for the specific
tags.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman
it, is
probably one you want to skip :)
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
is most likely that the
customer's PGP doesn't support MDC. Since you probably can't upgrade the
customer, you can use the --no-mdc-warning on your side. This doesn't change
the fact that the message you got isn't protected, but does prevent the warning
from being printed.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
--
David Tomaschik
OpenPGP: 0x5DEA789B
http://systemoverlord.com
da...@systemoverlord.com
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
in this way.
Even better would be a new smart card with a form factor similar to the
Yubikey Nano (https://www.yubico.com/products/yubikey-hardware/yubikey-nano/)
but that might be a pipe dream.
--
David Tomaschik
OpenPGP: 0x5DEA789B
http://systemoverlord.com
da...@systemoverlord.com
On 01/21/2013 11:56 AM, Rita wrote:
Hello,
Here is what I am trying to do in my environment.
I have 6 users: maseruser and user{A,B,C,D,E}
Masteruser will be generating data and I would like userA and userC be
able to decypt the data and others not to. However, in the future I
On Jan 7, 2013, at 11:05 AM, David Smith dave.sm...@st.com wrote:
On 01/04/13 17:31, David Shaw wrote:
Sure, paperkey supports piping the output into whatever code generator you
like:
gpg --export-secret-key mykey | paperkey --output-format raw |
your-bar-code-generator
However, 2D
On 01/04/13 17:31, David Shaw wrote:
Sure, paperkey supports piping the output into whatever code generator you
like:
gpg --export-secret-key mykey | paperkey --output-format raw |
your-bar-code-generator
However, 2D bar codes have some of the problems that paperkey is intended
need to at least
upgrade GnuPG.
Go to http://www.gnupg.org/download/ and grab the latest 1.4 version of GnuPG
(at the moment, it's 1.4.13). That is the easiest replacement for 1.2.6, and
will handle that DSA2 key just fine.
David
___
Gnupg-users
On Jan 4, 2013, at 9:39 AM, Stephen Paul Weber singpol...@singpolyma.net
wrote:
Somebody claiming to be David Shaw wrote:
On Jan 3, 2013, at 9:53 PM, Stephen Paul Weber singpol...@singpolyma.net
wrote:
tell gpg or gpg2 to produce new packet length headers for output?
No. GPG
On Jan 4, 2013, at 4:01 AM, Branko Majic bra...@majic.rs wrote:
On Thu, 3 Jan 2013 23:42:07 -0500
David Shaw ds...@jabberwocky.com wrote:
Paperkey 1.3 is released. This adds ECC key support (both ECDH and
ECDSA) as well as a few more minor tweaks.
Source and Win32 binaries are available
On Jan 4, 2013, at 9:27 AM, Johan Wevers joh...@vulcan.xs4all.nl wrote:
On 04-01-2013 5:42, David Shaw wrote:
Paperkey 1.3 is released.
You might want to update the website, it reads a bit outdated.
CD/DVD-ROMs are going the way of the floppy disc; flash memory is much
more reliable than
which is not found on any server that I use.
0xA1BC4FA4 is a subkey on 0x99242560. It should be available on the keyserver
network.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On Jan 4, 2013, at 12:34 PM, Anilkumar Padmaraju apadmar...@prounlimited.com
wrote:
Thank you very much, David.
Our other server is having 1.4.5 and to be consistent want to go from 1.2.6
to 1.4.5.
Can I go ahead and update gnupg from 1.2.6 to 1.4.5 on Red Hat Enterprise
Linux
to forge data, but in this case the data being
forged is just the secret parts of a secret key. What are the attack vectors
there?
http://eprint.iacr.org/2002/076.pdf
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org
line
so you can easily tell which line got the glitch. I suspect a OCR font would
have done better.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi folks,
Paperkey 1.3 is released. This adds ECC key support (both ECDH and
ECDSA) as well as a few more minor tweaks.
Source and Win32 binaries are available at:
http://www.jabberwocky.com/software/paperkey/
Enjoy!
David
-BEGIN PGP
for those packets that can
be described that way (i.e. packets numbered less than 16) and new packet
headers for all other packets (16 and up).
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg
On Dec 7, 2012, at 2:40 AM, Phil Pennock sks-devel-p...@spodhuis.org wrote:
On 2012-12-05 at 23:32 -0500, David Shaw wrote:
It's working, it's just misleading since the SRV replacement happens
after the debug logging so the actual URL that is hit is not the one
that is being logged. If you
On Dec 3, 2012, at 2:00 AM, Phil Pennock sks-devel-p...@spodhuis.org wrote:
On 2012-12-02 at 23:46 -0500, David Shaw wrote:
Hmm. Were you intending to test with the internal HTTP support or
with libcurl? You're currently built with internal support:
Ah. I couldn't tell, since the helper
)?
David
bug1446.patch
Description: Binary data
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Source + Win32 binary:
http://www.jabberwocky.com/software/paperkey/paperkey-1.3-devel-win32.zip
Thanks!
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
, it does seem like overkill. How much of a problem is this in
practice?
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
in GPG is:
encrypt ( compress ( sign ( data ) ) )
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On Nov 5, 2012, at 9:47 AM, Hauke Laging mailinglis...@hauke-laging.de wrote:
Am Mo 05.11.2012, 09:39:52 schrieb David Shaw:
I would like to know if when I send an encrypted and signed message the
signature is also encrypted or not ?
It is. You can manually construct other arrangements
On Nov 5, 2012, at 10:29 AM, Hauke Laging mailinglis...@hauke-laging.de wrote:
Am Mo 05.11.2012, 10:01:02 schrieb David Shaw:
Virtually always you *want* your signature to be encrypted.
Why? What critical information is exposed by the signature, assuming I do not
forge the from address
On Nov 5, 2012, at 11:44 AM, ved...@nym.hush.com wrote:
On Monday, November 05, 2012 at 9:44 AM, David Shaw ds...@jabberwocky.com
wrote:
the built in --sign --encrypt in GPG is:
encrypt ( compress ( sign ( data ) ) )
=
Then, is there any way to tell if it is signed
pole
regards
David
On 29/10/2012 20:41, Robert J. Hansen wrote:
On 10/29/2012 04:28 PM, User wrote:
It is free and it says Freeware right on the page where the
reference to downloading it was shown:
It is not Free Software.
http://www.gnu.org/philosophy/free-sw.html
'Free software' means
Have you tried --passphrase myPassword or --passphrase-fd 0 (with the pipe)?
(Standard statement about how storing the passphrase in a scheduled
task is a bad idea, etc.)
David
On Wed, Oct 17, 2012 at 5:56 AM, Gabi g...@idieikon.com wrote:
We want to automate the decrypt process in some file
On Oct 8, 2012, at 6:20 PM, Christoph Anton Mitterer
christoph.anton.mitte...@physik.uni-muenchen.de wrote:
Hi David.
Long time ago, the following[0] ;)
I recently stumbled across that question again,... when I deployed
haveged on our faculty's HPC cluster...
So I've asked[1] around
On 09/13/12 16:47, ved...@nym.hush.com wrote:
The discussion about 'safe' text editors brings about an
interesting question:
Is an editor needed at all?
Why not just input text into gnupg and then encrypt the inputted
txt without saving it as file at all ?
example:
$ printf just a
such exploits available to governments (Flame, Duqu and
more fun from the Olympic Games come to mind)
regards
David
Best Regards
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (MingW32)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net
Probably from the IDF or similar organisation
David
On 27/08/2012 14:13, Julian H. Stacey wrote:
Is No such Client nosuchcli...@gmail.com a troll to block ?
Cheers,
Julian
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http
Another paper is
Identifying and Overcoming Obstacles to PKI Deployment and Usage
by Steve Hanna, available from
middleware.internet2.edu/pki04/proceedings/action_plan.pdf
regards
David
On 25/08/2012 00:13, John Clizbe wrote:
Robert J. Hansen wrote:
On 08/24/2012 08:24 AM, peter.segm
the signature of
this email should be OK.
Hey!
OpenPGP Security Info
UNTRUSTED Good signature from Hauke Laging mailinglis...@hauke-laging.de
Key ID: 0x3A403251 / Signed on: 08/17/2012 10:24 PM
Key fingerprint: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
- --
.~. Jean-David Beyer
, I am personally
convinced that a smartcard with a good pin provides more than enough
security.
(Take my response with a grain of salt -- I'm just a user, not a developer.)
David
On Wed, Aug 15, 2012 at 9:53 AM, Heinz Diehl h...@fritha.org wrote:
Hi,
if someone gets physical access
that they don’t accept them. This avoids
accidental uploads of the revocation certificate.
We may want to display a warning if a user tries to upload a bare
revocation certificate.
That's a good point. There is no easy way to undo an accidental revocation
once it hits a keyserver.
David
.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
decryption.
Anything real about the 'oracle' action in any of this ?
It's only an oracle if you return this output to the attacker, or in some other
way allow the attacker to see differences (timing, for example) in the
responses to what he submits to you.
Don't do that ;)
David
On Jul 29, 2012, at 9:29 AM, Johan Wevers wrote:
On 29-07-2012 6:48, David Shaw wrote:
To combat this, OpenPGP has two quick check bytes in the encrypted data
packet.
Basically, they're a repetition of two random bytes from earlier in
the message.
Does this not lead to a possible known
/2005/033.pdf
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
no passphrase
needed.
Note that to revoke (rather than delete) a UID involves making a signature as
well, and will also require a signature.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
it as desired. Note that you can only override
with an algorithm that works for the key you are making the certification with.
For example, you can't use RIPEMD-160 with a DSA-2048 key.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http
own key, so if you make a subkey or add
a user ID, the binding signature will also use that digest. For #2, you do
understand correctly.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
can make a message that can't be verified.
David
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
relaxed a bit later, to allow for a 160-bit hash *or* a larger hash truncated
to fit. To enable that, you can use --enable-dsa2, and you should be able to
get SHA256 - but note it's SHA256 truncated down to 160 bits. You can't use
more than 160 bits without a larger DSA key.
David
201 - 300 of 1823 matches
Mail list logo