!GpMMBTUuJduUZAAKXM:matrix.org

OpenPGP/GPG

229 Members
OpenPGP/GnuPG related questions, discussions and  projects | Sharing your public keys | Key Signing (at own risk) | NO NSFW OR OTHER QUESTIONABLE STUFF 56 Servers

Load older messages


SenderMessageTime
13 Nov 2022
@cccttt:matrix.orgcyclick thanks Aroop Roelofs 20:21:08
@cccttt:matrix.orgcyclickit seems like that it should become a priority really soon20:21:36
@finlaydag33k:finlaydag33k.nlAroop Roelofs he main problem is also that we have things like XChacha20 which is already used in Wireguard... But there's still things missing (like signature alcorithms) and then we need to implement it...
I don't think the OpenPGP and GnuPG devs are ignoring it, I think the main issue is that well... It's kind of a very complex subject and will be a massive undertaking.
20:33:48
@wiktor:stratum0.orgWiktorActually this is a frequently raised subject on the mailing list, see eg https://mailarchive.ietf.org/arch/msg/openpgp/ZTPCQQ13OookbjmSNeyptR4ItcM/20:34:21
@cccttt:matrix.orgcyclickThat's great, because it seems like it is coming fast... who knows the government might already have it20:46:50
15 Nov 2022
@deknos82:matrix.orgdeknos82the governments do not have pq-cracking, i think, but NIST also now puts out a timetable until they want to have migrated completely til 2035. New software has to integrate pq-safe algorithms by 2025. so... gpg developers have kinda like.. two years to integrate it. i wonder what werner koch will do. just integrate liboqs?08:52:54
@deknos82:matrix.orgdeknos82i hope the sequoia guys also have a plan :(08:59:55
@heiko:mtrx.hkos.cloudheikoThe plan should be that the rfc process defines how pq support looks in openpgp, and then hopefully all implementions build support for it.10:22:33
@liw:matrix.orgLars WirzeniusI hope and expect Sequoia to add pq to its interoperability test suite 10:32:19
@cccttt:matrix.orgcyclickis Sequoia recommended over gpg?12:38:14
@heiko:mtrx.hkos.cloudheikoSequoia is not currently a drop in replacement for GnuPG, so this question is hard to answer.13:42:27
@wiktor:stratum0.orgWiktor
In reply to @liw:matrix.org
I hope and expect Sequoia to add pq to its interoperability test suite
for context: https://tests.sequoia-pgp.org/ (and also because I think this test suite is cool :D )
14:57:30
26 Nov 2022
@flohw:matrix.orgFlorianHello there. First participation here and first participation on a matrix group. I hope to not make mistake with some presentation stuff somewhere. :-) I have some questions about gpg keys where I didn't find clear answer. I have two gpg key pairs, one with personal email addresses and another one for my github account to sign my commits. Recently the expired so I updated the expiration date by one year. As I saved my private, public and subkeys in armored files and my revocation certificate, do I have to export again all that stuff or only some of it? It looks like exporting then importing public key or private subkeys results in the same behavior... Do I miss something? As you may expect, I'm kind of new on using gpg keys but I think I have a good overall comprehension, but one question at a time would ease comprehension for me and on this channel. ;-) Thank you if you can help me to improve my understanding of that. 👍️09:20:01
@wiktor:stratum0.orgWiktor Florian: changing anything on your key (like expiration) in reality creates new data in the key with updated values. When you export data you can choose if you want to export secret keys too (good for backups) or just public info (the default). 11:36:39
27 Nov 2022
@flohw:matrix.orgFlorian Wiktor: as simple as that. Thank you.
Another question I have (not only for you, I try to minimize notifications ;-)). We can generate as many subkeys as we want if I understood correctly. So if I have to communicate one time with one person, is it a good practice to generate a subkey for encryption which expire quickly, cipher a particular message then remove this particular subkey? Or the practice is to have one encryption subkey, share the public one and use this one whenever we need?
After that I think I will have a better comprehension how to use gpg. :-) Thank you!
08:23:03
@liw:matrix.orgLars WirzeniusI don't do that, as it sounds like a very tedious thing to be doing a lot08:24:22
@wiktor:stratum0.orgWiktorYeah, tho sounds like a nice idea but without proper tooling it would be extremely inconvenient. 08:33:17
@flohw:matrix.orgFlorianYes, I just wanted to add a subkey and the primary secret key is required so I can see the inconvenient. Thank you for your answers. 08:35:02
28 Nov 2022
@cccttt:matrix.orgcyclickWhat would be a good way to verify a GPG signature for someone that you can't talk directly to? I.E.: https://freenetproject.org/pages/download.html03:46:44
@liw:matrix.orgLars Wirzeniuswhat is a "good way" depends on what you want to protect against. unless there's a targeted attack against you or the Freenet project, it's probably enough to rely using HTTPS to download their public key from their website.07:15:31
@finlaydag33k:finlaydag33k.nlAroop Roelofs HTTPS is good enough yea. Otherwise, you can probably download the signing keys from a keyserver you do trust and check the web of trust as well.11:47:12
@cccttt:matrix.orgcyclickI think that it is not impossible that Freenet would be a target of attacks... I will try to see if my Linux distribution has them in their web of trust. Thanks13:09:13
@finlaydag33k:finlaydag33k.nlAroop Roelofs
In reply to @cccttt:matrix.org
I think that it is not impossible that Freenet would be a target of attacks... I will try to see if my Linux distribution has them in their web of trust. Thanks
nothing is impossible no
17:46:55
@cccttt:matrix.orgcyclickWhat I meant is that it is more likely for them to be under attack then the common joe17:53:42
@h7x4:nani.wtfh7x4 changed their profile picture.20:08:03
@sfinksi:matrix.orgTanush Topia joined the room.22:11:54
29 Nov 2022
@finlaydag33k:finlaydag33k.nlAroop Roelofs
In reply to @cccttt:matrix.org
What I meant is that it is more likely for them to be under attack then the common joe
ye fair
00:12:45
@whiteneon:matrix.orgwhiteneon joined the room.01:06:46
1 Dec 2022
@sss123next:matrix.org@sss123next:matrix.org left the room.08:01:58
3 Dec 2022
@forevernoob:matrix.orgForeverNoobIs there a way not to use any external pinentry app and just input into the terminal? Similar to how for example sudo asks me for the password.11:13:44

There are no newer messages yet.


Back to Room List