From amak at mazda.com.au Tue Nov 13 08:42:24 2018 From: amak at mazda.com.au (Andrew Mak) Date: Tue, 13 Nov 2018 07:42:24 +0000 Subject: [Gpg4win-users-en] Import PGP Keys Message-ID: Hello everyone, I have a question to the list. I generated a key pair on a Unix system using # gpg2 --gen-key We are using this key pair for encryption/decryption, so the key pair is definitely good. I then try to import the key to Windows 10 using Kleopatra. Under GUI, I get the error "EBR error". Under command line, I use the following ..\bin> gpg -verbose -import Gpg: no valid OpenPGP data found. Gpg: Total number Processed: 0 C:\Program Files (x86)\GnuPG\bin>gpg --version gpg (GnuPG) 2.2.10 libgcrypt 1.8.3 Copyright (C) 2018 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: C:/Users/XXXXXX/AppData/Roaming/gnupg Supported algorithms: Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2 C:\Program Files (x86)\GnuPG\bin> Any idea why the key is not being recongised? Thank you in advance. -------------- next part -------------- An HTML attachment was scrubbed... URL: From aheinecke at intevation.de Tue Nov 13 08:56:12 2018 From: aheinecke at intevation.de (Andre Heinecke) Date: Tue, 13 Nov 2018 08:56:12 +0100 Subject: [Gpg4win-users-en] Import PGP Keys In-Reply-To: References: Message-ID: <2994502.1tNDIv77hA@esus> Hi, > I then try to import the key to Windows 10 using Kleopatra. Under GUI, I get the error "EBR error". The only thing I can think of is that the key is somehow corrupted on export or transfer. My recommendation would be to double check that. How did you export it on linux? For the export command I would recomment the "--armor" option. This encodes the Key as ASCII Text which is more robust then the binary output and you can better see if something is corrupted. Regards, Andre -- Andre Heinecke | ++49-541-335083-262 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998 Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: This is a digitally signed message part. URL: From aheinecke at intevation.de Tue Nov 13 09:54:51 2018 From: aheinecke at intevation.de (Andre Heinecke) Date: Tue, 13 Nov 2018 09:54:51 +0100 Subject: [Gpg4win-users-en] Gpg4win 3.1.5 released Message-ID: <2316806.xyizFLeoux@esus> Hello, today Gpg4win version 3.1.5 is released! https://www.gpg4win.org/download.html It is important to us that Gpg4win continues to be available as Free Software which can be downloaded anonymously without costs. Because we know that this is the only way for some people to get a software product which enables them to protect their communication. As Gpg4win maintenance needs to be funded nevertheless, we recommend that you set the price for yourself that shows the value of Gpg4win. Details about Gpg4win 3.1.5: https://files.gpg4win.org/README-3.1.5.en.txt Highlights in Gpg4win Version 3.1.5 (2018-11-13) ------------------------------------------- * GpgOL: Improved stability, especially for S/MIME * GpgOL: Additional bug fixes and improved Outlook integration * GnuPG: Updated to version 2.1.11 More information: https://files.gpg4win.org/README-3.1.5.en.txt We like to thank the authors of the included packages and first of all, our supporters who made this release possible. With best regards your Gpg4win Development Team -- Andre Heinecke | ++49-541-335083-262 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998 Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: This is a digitally signed message part. URL: From aheinecke at intevation.de Tue Nov 13 09:54:51 2018 From: aheinecke at intevation.de (Andre Heinecke) Date: Tue, 13 Nov 2018 09:54:51 +0100 Subject: [Gpg4win-users-en] [Gpg4win-announce] Gpg4win 3.1.5 released Message-ID: <2316806.xyizFLeoux@esus> Hello, today Gpg4win version 3.1.5 is released! https://www.gpg4win.org/download.html It is important to us that Gpg4win continues to be available as Free Software which can be downloaded anonymously without costs. Because we know that this is the only way for some people to get a software product which enables them to protect their communication. As Gpg4win maintenance needs to be funded nevertheless, we recommend that you set the price for yourself that shows the value of Gpg4win. Details about Gpg4win 3.1.5: https://files.gpg4win.org/README-3.1.5.en.txt Highlights in Gpg4win Version 3.1.5 (2018-11-13) ------------------------------------------- * GpgOL: Improved stability, especially for S/MIME * GpgOL: Additional bug fixes and improved Outlook integration * GnuPG: Updated to version 2.1.11 More information: https://files.gpg4win.org/README-3.1.5.en.txt We like to thank the authors of the included packages and first of all, our supporters who made this release possible. With best regards your Gpg4win Development Team -- Andre Heinecke | ++49-541-335083-262 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998 Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: This is a digitally signed message part. URL: -------------- next part -------------- _______________________________________________ Gpg4win-announce mailing list Gpg4win-announce at wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/gpg4win-announce From me at kilosierracharlie.me Thu Nov 22 02:08:10 2018 From: me at kilosierracharlie.me (me at kilosierracharlie.me) Date: Thu, 22 Nov 2018 01:08:10 -0000 Subject: [Gpg4win-users-en] GpgOL - Automatic Key Discovery Message-ID: <000801d481ff$d5e38b90$81aaa2b0$@kilosierracharlie.me> Hi everyone, I’m trying to get a family-friend setup with GpgOL. He’s not very technical, and as of current the only part he’s struggling with is searching and importing public keys (at this point, via Kleopatra!). I understand that GpgOL will make use of WKD / WKS to find keys, but is there any way of automatically discovering and retrieving keys from a key-server in the same way? WKD / WKS requires that the recipient owns, controls and has setup WKD / WKS on their domain – something that can’t be done for most people, who use popular free e-mail clients such as Gmail and Outlook.com. If anyone knows how I could set something like this up (or even just an easier way to help him understand), I’d truly appreciate it! Thank you in advance! -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 834 bytes Desc: not available URL: From david at kronlid.net Thu Nov 22 08:35:22 2018 From: david at kronlid.net (David Kronlid) Date: Thu, 22 Nov 2018 08:35:22 +0100 Subject: [Gpg4win-users-en] GpgOL - Automatic Key Discovery In-Reply-To: <000801d481ff$d5e38b90$81aaa2b0$@kilosierracharlie.me> References: <000801d481ff$d5e38b90$81aaa2b0$@kilosierracharlie.me> Message-ID: There's this project aiming to make it easier for beginners to use gpg: https://www.pep.security/ As most people these days read emails on their phones, it's also possible to switch to chat app based encryption instead of gpg: https://signal.org/ Or: https://wickr.com/ Good luck! David Den tors 22 nov. 2018 02:08 skrev : > Hi everyone, > > > > I’m trying to get a family-friend setup with GpgOL. He’s not very > technical, and as of current the only part he’s struggling with is > searching and importing public keys (at this point, via Kleopatra!). > > > > I understand that GpgOL will make use of WKD / WKS to find keys, but is > there any way of automatically discovering and retrieving keys from a > key-server in the same way? WKD / WKS requires that the recipient owns, > controls and has setup WKD / WKS on their domain – something that can’t be > done for most people, who use popular free e-mail clients such as Gmail and > Outlook.com. > > > > If anyone knows how I could set something like this up (or even just an > easier way to help him understand), I’d truly appreciate it! > > > > Thank you in advance! > > > > > _______________________________________________ > Gpg4win-users-en mailing list > Gpg4win-users-en at wald.intevation.org > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/gpg4win-users-en -------------- next part -------------- An HTML attachment was scrubbed... URL: From aheinecke at intevation.de Thu Nov 22 09:17:23 2018 From: aheinecke at intevation.de (Andre Heinecke) Date: Thu, 22 Nov 2018 09:17:23 +0100 Subject: [Gpg4win-users-en] GpgOL - Automatic Key Discovery In-Reply-To: <000801d481ff$d5e38b90$81aaa2b0$@kilosierracharlie.me> References: <000801d481ff$d5e38b90$81aaa2b0$@kilosierracharlie.me> Message-ID: <2046519.UYqlCStkSR@esus> Hi, On Thursday, November 22, 2018 1:08:10 AM CET me at kilosierracharlie.me wrote: > I’m trying to get a family-friend setup with GpgOL. He’s not very technical, > and as of current the only part he’s struggling with is searching and > importing public keys (at this point, via Kleopatra!). Searching the keyservers via Mail address is a bad idea, you cannot know who uploaded the key and if the key is the right one. > I understand that GpgOL will make use of WKD / WKS to find keys, but is there > any way of automatically discovering and retrieving keys from a key-server > in the same way? As stated above there is no automated way possible for us to get keys for a mail address from the keyservers because anyone can upload keys there and mess with us. > WKD / WKS requires that the recipient owns, controls and has setup WKD / WKS > on their domain – something that can’t be done for most people, who use > popular free e-mail clients such as Gmail and Outlook.com. > If anyone knows how I could set something like this up (or even just an > easier way to help him understand), I’d truly appreciate it! You can add "auto-key-retrieve" into your %APPDATA%\gnupg\gpg.conf that will query the keyservers once a signed mail is received for the key that belongs to the signature (by fingerprint). GpgOL can then use that key. Although it won't use it for "automatically secure" before it has been certified. You could change that by also adding "trust-model tofu+pgp" in your gpg.conf that is still experimental but will be our next step to automate even more. Best Regards, Andre -- Andre Heinecke | ++49-541-335083-262 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998 Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: This is a digitally signed message part. URL: From bernhard at intevation.de Thu Nov 22 12:42:35 2018 From: bernhard at intevation.de (Bernhard Reiter) Date: Thu, 22 Nov 2018 12:42:35 +0100 Subject: [Gpg4win-users-en] Other crypto-solutions (Re: GpgOL - Automatic Key Discovery) In-Reply-To: References: <000801d481ff$d5e38b90$81aaa2b0$@kilosierracharlie.me> Message-ID: <201811221242.43338.bernhard@intevation.de> Hi Me, Am Donnerstag 22 November 2018 08:35:22 schrieb David Kronlid: > There's this project aiming to make it easier for beginners to use gpg: > https://www.pep.security/ German Heise Verlag's ct tested this (in German) last October and was disappointed ("enttäuscht") https://www.heise.de/ct/ausgabe/2018-22-Mail-Verschluesselung-Pretty-Easy-Privacy-Interessant-aber-mit-Schwaechen-in-der-Umsetzung-4183762.html (The security problem they found with pep in Enigmail was fixed within a few days later, https://www.heise.de/security/meldung/pEp-Foundation-hat-Sicherheitsluecke-in-Enigmail-pEp-geschlossen-4191426.html) > As most people these days read emails on their phones, you can do OpenPGP/MIME with K9-Mail on Android or for example Canary Mail for iOS (proprietary). > it's also possible > to switch to chat app based encryption instead of gpg: > https://signal.org/ You'd lose the security properties of decentralisation, stable/understood business model and choice of legal space with Signal. > Or: > https://wickr.com/ Additionally loses the security properties of an open specification and existing Free Software implementations. Alternative to mail, while not losing these security properties would be Matrix (a bit less mature than mail) and XMPP (a bit lacking on user experience because it is hard to chose and configure servers and clients). Best Regards, Bernhard -- www.intevation.de/~bernhard +49 541 33 508 3-3 Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998 Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: This is a digitally signed message part. URL: