Re: Gnupg-users Digest, Vol 120, Issue 29

On 09/15/2013 05:05 PM, gnupg-users-requ...@gnupg.org wrote: > > On 09/15/2013 03:40 PM, Mike Acker wrote: >> > it is important to understand that the specification i have in MY key is >> > addressed to any party which may be sending to me. > That's not how c

Re: Pgp key

On 09/15/2013 12:54 PM, Jack Szary wrote: > I have someone's PGP key and he said to use that to send him information, how > do I use his key to send him a message? > first off, are you Windows or Linux ? In Linux you should have GPG installed by deafult; in Windows you will need to go download

Preferred block cipher

On 09/07/2013 07:34 PM, gnupg-users-requ...@gnupg.org wrote: > Hi Mike, > > Interesting. Would you care to explain your logic as to why you set > the preferences in that particular order? > > In particular, why did you prioritize 3DES over the three AES > variants? I can understand being skeptical

Setting Preference for Block Cipher

On 09/07/2013 07:34 PM, gnupg-users-requ...@gnupg.org wrote: > Why? Your preference list makes no sense. > >> > TWOFISH CAST5 BLOWFISH 3DES AES AES192 AES256 CAMELLIA128 >> > CAMELLIA192 CAMELLIA256 > GnuPG and PGP will stop as soon as they hit 3DES. They won't even look > at the rest of the ciph

NSA backdoors and Set Preferred Cipher

a lot of information has been reported recently regarding NSA an back-door entries behind digital encryption attached are some notes I offered recently on the MINT forum i have altered my cipher pr

Re: Gnupg-users Digest, Vol 105, Issue 38

On 06/24/2012 09:53, gnupg-users-requ...@gnupg.org wrote: > Has anyone every come across anything like this before? > > I have tried to repeat this several times since the class, and am > unable to. My PC was running very slowly at the time of the demo and I > initially wondered if it was a timing

Re: Gnupg-users Digest, Vol 104, Issue 37

IMHO(FWIW) it is unlikely, at best, that anyone will attack your cipher text. haquers work by getting malware into the endpoint computers hence it is that requiring signatures on software distributions is one of the most critical topics on the table today -- /MIKE _

Re: UBUNTU\Thunderbird\ENIGMAIL\GnuPG

On 04/20/2012 09:18 AM, Mika Suomalainen wrote: > 20.04.2012 15:46, Mike Acker kirjoitti: >> 19.04.2012 14:45, Mike Acker kirjoitti: >> I'm trying to setup Enigmail on an UBUNTU system and it gives me GnuPG: >> Not Found >> override ? ( browse ) >> >>

UBUNTU\Thunderbird\ENIGMAIL\GnuPG

19.04.2012 14:45, Mike Acker kirjoitti: I'm trying to setup Enigmail on an UBUNTU system and it gives me GnuPG: Not Found override ? ( browse ) what do I give it? I found gpg in the /usr directory and I can run GPG commands from the Terminal window so GPG is clearly available. --

Re: Gnupg-users Digest, Vol 103, Issue 11

I'm trying to setup Enigmail on an UBUNTU system and it gives me GnuPG: Not Found override ? ( browse ) what do I give it? I found gpg in the /usr directory and I can run GPG commands from the Terminal window so GPG is clearly available. -- /MIKE __

Re: Understanding --status-fd output

On 08/29/2011 08:17, Werner Koch wrote: > On Sun, 28 Aug 2011 15:29, mike_ac...@charter.net said: > >> > from using GPG4WIN I note: a signature may be marked: >> > >> > valid|not valid >> > Trusted|not Trusted > It should be "valid". However gpg4win is collection of different tools > all w

Re: Understanding --status-fd output

On 14:59, Ben Harris wrote: > As far as I can tell, GOODSIG corresponds to steps 1 and 2 above -- it > indicates that we've found a key in the keyring and the signature > matches it. TRUST_* corresponds to step 3, and obviously it's my job > to deal with step 4. The problem I've got is to underst

a Question about Key Servers

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 given that I have loaded my public key to a key-server ( e.g. keys.gnupg.net ) when i upload information to be merged into my keyblock (e.g. a new user ID, revocate certificate, or new expiration date ) what will cause other GPG users to refres

Re: a Question about Key Servers

given that I have loaded my public key to a key-server ( e.g. keys.gnupg.net ) when i upload information to be merged into my keyblock (e.g. a new user ID, revocate certificate, or new expiration date ) what will cause other GPG users to refresh their copy of my key in their keyring? should I

Re: supersede key on key-server

just clutter on the server. On 22/08/2011 10:39 AM, Mike Acker wrote: > some of us use more than one email address. with GPG it is simple to add > a secondary ID to a key and this seems to work quite well. > > when a change like this is made it is desirable to update the keyserv

supersede key on key-server

some of us use more than one email address. with GPG it is simple to add a secondary ID to a key and this seems to work quite well. when a change like this is made it is desirable to update the keyserver. what happens when you re-upload a key to the keyserver? I hate to think the keyserver get

PGP and "Smart" Cards

The Basic Error is in giving the merchant your credit card number. You are spreading that number all over Boston and the thugs are gonna grab it and help themselves. The only surprising thing is that this doesn't happen more often. All that a thug needs is a Merchant Account with PCI and he can

Re: Re: Keylogers

On 14:59, michaelquig...@theway.org wrote: > "In a properly secured O/S an application program can't do any damage" > > No damage, yes. *But additional alterations can happen*. Software > installations alter the base O/S--especially the Windows registry. > Keep in mind things such as Anti-virus

Re: OFF LIST - Your signed posts.

On 04/28/2011 11:12, Charly Avital wrote: > Hi, > > signature verifies in all your signed posts composed in plain text. > > Signature does not verify in all your signed posts composed (apparently, > as shown in the raw source) in HTML. > > Best regards, > Charly > > MacOS 10.6.7-MacBook Intel C2Duo

Re: Re: Keylogers

On 14:59, Robert J. Hansen wrote: > On Wed, 27 Apr 2011 12:56:19 -0400, Mike Acker > wrote: > >> > This is why we need the Software Audit Tool I've discussed at times on >> > various boards. The Software Audit Tool will need to be on a separate, >> > rea

HTTPS as well

On 14:59, Robert J. Hansen wrote: >> yep. Phil Zimmerman noted that in his original essay on PGP. If you >> > have a malware infection you can no longer speak to what your computer >> > is or is not doing. > In fact, it's quite a bit worse than that. Your traffic is secure only so > long as both

Re: Keylogers

On 04/27/2011 09:10, Robert J. Hansen wrote: >> yep. Phil Zimmerman noted that in his original essay on PGP. If you >> > have a malware infection you can no longer speak to what your computer >> > is or is not doing. > In fact, it's quite a bit worse than that. Your traffic is secure only so > l

Keylogers

On 14:59, Faramir wrote: > If there are key loggers involved, then you are toasted, even if the > passwords are kept inside your mind instead of a password database. At > the moment you type them, they would be captured. Of course, we might > say it is better to lose one password at a time, and n

Re: Gnupg-users Digest, Vol 91, Issue 30

On 04/19/2011 14:35, gnupg-users-requ...@gnupg.org wrote: > Maybe because, since this is the support list for GnuPG, we are all > thinking more about how to protect an encrypted file than about how to > protect a server account. relevance? what difference does it make if I am discussing a server

Preventing Brute Force Attacks

On 04/19/2011 04:13, gnupg-users-requ...@gnupg.org wrote: > GnuPG Users > (1) apply the Strike 3, you're out rule. any password gate should apply this rule: if the requester does not know the password and submits repeated bad answers DISABLE ACCESS. Game over. (2) Controlling Help Desk Problems

How to set passphrase timeout

has anyone figured out how to set the passphrase time-out value in a GPG4WIN environment? I think there may be a registry entry for it,~ HKEY_CURRENT_USER|Software|GNU|GnuPG ~? ideally there should be a gpg --passphrase-timeout command to set this with but I don't mind editing the registry if tha

Re: Problem with migration from 1.2.4 to 2.0.9

On 14:59, Michel Mansens wrote: > Im having problems migrating from version 1.2.4 to 2.0.9 > > I have transfered all my keys from the old envirmoment to the new > enviroment. Now our applications can't use the api in the software to > decrypt a file anymore. The passphrase does not work any more. I

Re: Group Membership Keyring

I really liked the idea of having the Membership Secretary sign a Public Keyring for the Group Members and then to circulate that keyring to the membership. How to implement though, as members will need an additional keyring for each group they have a membership with. Ideally the keyring would be

4096 bit keys

with chip makers playing with chips having 64 cores printed in silicon... someplace i read the ratios on this,-- if you make the key a little longer the key gets much harder to break. in public key encryption though you have to factor the product of the two large prime numbers -- which i'm told i

Re: Controlling Group Membership with PGP Keys

On 03/22/2011 11:41, Jerome Baum wrote: > Actually thinking about this, use gpgv and maintain a trusted > keyring. Sign the keyring with the admin key and mail out updates. Say > it's called ~/.gnupg-members.gpg, this is the update procedure: > > curl -o ~/.gnupg-updated-members-gpg.gp

Re: Controlling Group Membership with PGP Keys

On 03/22/2011 11:01, Jerome Baum wrote: > You'd still have to manually check _who_ signed my member uid, to make > sure it's a group administrator, and timely revocation is an issue. Quick and Dirty solution: If I have each member of the group set up an address book for the group then it will be

Re: Controlling Group Membership with PGP Keys

On 03/22/2011 11:01, Jerome Baum wrote: > Mike Acker writes: > >> > Clearly the design of the PGP key and its trust model does not >> > apprehend indicating Group membership > How about adding an identity: "Member of group X"? >

usin g GnuPG to encrypt before FTP

Hi,="We are intending to use GNUPG to encrypt a file before we FTP it to an external party. Is it possible to use GNUPG as a standalone client without having to install in on our servers? Appreciate your replies. Thanks." ===> use S/FTP it makes it much less likely for someone to have an accide

Controlling Group Membership with PGP Keys

VM Anyone? Clearly the design of the PGP key and its trust model does not apprehend indicating Group membership it occurs to me that controlling group membership is going to need: 1. a Group Keyserver under the control of the Group Administrator 2. Option to use the Group Keyserver exclusi

Group Signing

="While the common usage for regular users is to sign based on checking identity, signatures can be just as well used as a token to indicate membership." ="You forgot gpg --send-keys (newguyskey) and the fact that signatures on a key are actually meant as a statement that the signer has checked t

Revoke signature from key

Scenario thus far: * Tom Newguy joined my group * Tom created a keypair and sent his PUBLIC key to me * I have approved his membership in the group * I have signed his key and sent his public key with my signature to other members of the group * now Tom has left the group

Re: KEYSERVER; Trust Model

On 03/21/2011 11:51, Jonathan Ely wrote: > I notice the difference. That is something how manipulating one's key > trust influences another. > > On 21/03/2011 11:41 AM, Mike Acker wrote: >> > On 03/21/2011 09:08, Jonathan Ely wrote: >>> >> Ah OK, now I unde

Re: KEYSERVER; Trust Model

On 03/21/2011 08:36, Jonathan Ely wrote: > So I trust Tom Nuguy's key, marginally or fully? Very good question. If you apply trust to Tom Newguy's key you are indicating whether you trus him to sign for other keys. That's now what we want to do in this scenario: Tom Newguy is the new person in th

Re: KEYSERVER; Trust Model

On 03/21/2011 07:37, Jonathan Ely wrote: > I meant to not say automatic because you are right. I went inside the > details and activate the import option. Now it says ‘untrusted good > signature’ as it should. That is much easier than searching for a key > and saves time. > > Why upload a revocatio

Re: KEYSERVER; Trust Model

On 03/20/2011 18:05, Jonathan Ely wrote: > I thought it would automatically download your key, but I guess that is > only for decrypting a message. I might be wrong on that too. I have > never tried wownloading and importing your key but there is no harm in > trying. > > The trust thing is really c

Re: KEYSERVER

On 03/20/2011 17:19, Jonathan Ely wrote: > It can be complicated; it is for me since I am still new to this. I only > ‘trust fully’ those keys who come from people who I think would not fake > identity, or have no reason not to be trusted fully. Is it unwise to > trust anybody's key fully even if y

KEYSERVER

On 03/20/2011 15:50, Jonathan Ely wrote: > Just to let you know, your signature failed to validate and thus says > 'bad'. Hope this helps. added note: when i received your message THUNDERBIRD reported "Unverified signature". I selected the option to load your key from the server ( hkp://keys.gnupg

Re: 2.0.17

On 03/20/2011 15:50, Jonathan Ely wrote: > Just to let you know, your signature failed to validate and thus says > ‘bad’. Hope this helps. YES!! Thanks x 100!! ==> I have UPLOADED my Public key to the hkp://keys.gnupg.net server let's see if this one goes OK!! I really appreciate the come-back we

2.0.17

we are supposed to be on 2.0.17 if the user sent data and didn't click the PGP/MIME option this could be trouble if you don't have the key for the sender this will be trouble check in Kleo/config, make sure you have the right keyserver. i think it should be hkp://keys.gnupg.net if you had

what are the sub keys

what are the 'sub keys' that are listed with each RSA key? Also which type of key is preferred RSA or DSA? signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/

compatible with PGP/Desktop

Is PGP/ENIGMAIL compatible with folks using Outlook or Microsoft Mail with PGP Desktop? I've tried searching for this but no luck,-- :-( ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

PGPFW658Win32

I had used the above -- obsolete/MIT distribution of PGP for some time. It is unfortunately, obsolete: it had a much better GUI than GnuPG, especially when you wanted to examine a key. I think though that PGP has an assortment of different levels of support; the above being only valid through Lev

Computer tools and Human Intelligence

Authentication "Mechanism" I'm not so sure about this. Public Key Signatures are tools which enable us to test identities against our known references. The Important Things are that we see to the validity of those Known References and that we effect Due Diligence in running the tests when approp

validating signatures

I think one of the things that is generally missed in the public internet environment is the need to validate signatures this would apply to x.509 certificates but working with PGP or GnuPG is a very good way to learn about digital signatures and I try to encourage my computer friends to do this

Default GPG Encryption Algorithm (symmetric cipher) is?

Many Thanks to Tiago Faria Date:Sun, 2 Jan 2011 05:57:00 + for excellent notes on editing GPG Keys. I had found neither GPA nor Kleo to have all of the edit capability that should be available for a key and in particular on the User ID and preferences for symetric ciphers the key to this is