!GpMMBTUuJduUZAAKXM:matrix.org

OpenPGP/GPG

235 Members
OpenPGP/GnuPG related questions, discussions and  projects | Sharing your public keys | Key Signing (at own risk) | NO NSFW OR OTHER QUESTIONABLE STUFF 58 Servers

Load older messages


SenderMessageTime
23 May 2024
@andrewg:nitro.chatandrewg
In reply to @Valodim:stratum0.org
but hey, then again if hockeypuck just does it, it's not worse than what koo has been doing for years, the behavior is patched in most distros, and perhaps he'll change his mind to accept the patch
IMO we should specify the desired behaviour in HKP v1, and leave the current behaviour as a legacy mode.
08:16:13
@Valodim:stratum0.orgValodimthat will soon also be standardized behavior :) https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-13.html#section-10.1.308:18:32
@andrewg:nitro.chatandrewgfor v6 only!08:42:41
@Valodim:stratum0.orgValodimit's a MUST there, but it's allowed for v408:44:16
@andrewg:nitro.chatandrewg"allowed" is probably not strong enough08:45:55
@Valodim:stratum0.orgValodim what matters in that regard is that it's not allowed in librepgp 08:46:19
@Valodim:stratum0.orgValodim werner flip flopped on this change a couple of times. it was in the last version of rfc4880bis since it was part of derek atkins' device certificates draft that was merged. but he removed it again later when it became associated with hagrid. I think it was actually in there during most of the T4393 discussion 🤷 08:53:18
@heiko:mtrx.hkos.cloudheiko
In reply to @Valodim:stratum0.org
maybe the time is over to design everything around gnupg
gnupg is certainly going out of its way to declare loudly that it's extremely disinterested in considering anyone else's design ideas or preferences. which is sad.
08:53:41
@Valodim:stratum0.orgValodim andrewg: so what is hockeypuck's position on librepgp and v6 support these days? will you just wait it out? 08:55:07
@Valodim:stratum0.orgValodimglad to see btw that the user deletion and replacement mechanisms are deprecated, they just never made sense in the way it was implemented09:05:44
@andrewg:nitro.chatandrewgI plan to support both, it should be easy enough given that proton already support both in their go-crypto fork. However I may implement v4 PQC first, depending on demand from clients.09:23:48
@andrewg:nitro.chatandrewg * I plan to support both, it should be easy enough given that proton already support both in their go-crypto fork. However I may implement v4 PQC first, depending on demand from client implementations.09:29:03
@vanitasvitae:matrix.orgvanitasvitaeDo you happen to know, whether there are EdDSALegay keys over curve448 floating around? Its not specified in either rfc4880, C-R nor LibrePGP, yet I found some support for this in BC and am now wondering whether completing support for it might be a good/bad idea.09:58:24
@vanitasvitae:matrix.orgvanitasvitaeMeh, ofcooooourse LibrePGP defines such keys -.-11:51:55
@heiko:mtrx.hkos.cloudheikoI'd expect that some versions of gpg could produce them, at least on git main (already half a decade or so ago). It might be interesting to check if any releases can make them, with some combination of "expert" options 🤷12:01:19
@finlaydag33k:finlaydag33k.nlAroop Roelofs
In reply to @heiko:mtrx.hkos.cloud
That's right. Here's a list of keyservers that make up the "main" synced pool: https://spider.pgpkeys.eu/sks-peers
Nice, makes it a lot easier to get my keys out instead of having to tell people to use a specific server. :')
15:11:31
24 May 2024
@Valodim:stratum0.orgValodimyeah, people love to micromanage stuff like that06:55:33
@forevernoob:matrix.orgForeverNoob
In reply to @finlaydag33k:finlaydag33k.nl
I think they wanted to recreate the private key (and from that, then deriving the public keys again).
Seems like they lost their private keys.

Yep. Luckily not all of them. It's amazing how GPG is one of the very few pieces of software (maybe even the only one) that the more I learn about the more confused I get.
I think my error was in thinking that once I exported my privkeys that:

  1. Public keys could have been (easily) derived from them, since that's pretty much the first thing you learn when being introduced to the concept of asymmetric cryptography.
  2. When importing the privkeys, I specified --keyring thinking that the privkeys would be imported into that keyring but they were imported into the ~/.gnupg/ directory. So when I deleted those keys, I thought I was only deleting them from that directory and not from the supposed keyring I had imported them to.

I think from now on I'm just going to make a directory, set $GNUPGHOME to there, and if I want to move that to somewhere else or just back it up, simply backup / tar that entire directory.

23:46:28
25 May 2024
@finlaydag33k:finlaydag33k.nlAroop Roelofs
In reply to @forevernoob:matrix.org

Yep. Luckily not all of them. It's amazing how GPG is one of the very few pieces of software (maybe even the only one) that the more I learn about the more confused I get.
I think my error was in thinking that once I exported my privkeys that:

  1. Public keys could have been (easily) derived from them, since that's pretty much the first thing you learn when being introduced to the concept of asymmetric cryptography.
  2. When importing the privkeys, I specified --keyring thinking that the privkeys would be imported into that keyring but they were imported into the ~/.gnupg/ directory. So when I deleted those keys, I thought I was only deleting them from that directory and not from the supposed keyring I had imported them to.

I think from now on I'm just going to make a directory, set $GNUPGHOME to there, and if I want to move that to somewhere else or just back it up, simply backup / tar that entire directory.

Public keys can be derived from them again (in theory), just not easily.
It's still a deterministic derivation but getting the correct parameters to feed into it is a pain.
The private key itself is probably lost though...

Personally, I'd call upon the might revocation certificate (if you made one) and start with a new key pair, having learned your lessons about backups. :')

00:01:16
@forevernoob:matrix.orgForeverNoob
In reply to @finlaydag33k:finlaydag33k.nl

Public keys can be derived from them again (in theory), just not easily.
It's still a deterministic derivation but getting the correct parameters to feed into it is a pain.
The private key itself is probably lost though...

Personally, I'd call upon the might revocation certificate (if you made one) and start with a new key pair, having learned your lessons about backups. :')

But if one of the inputs is literally a timestamp, then how can one possibly derive a pubkey unless you exactly know the timestamp or are fine with brute-forcing it?
I haven't had to use those revocation certs yet but if I'm not mistaken the revocation certs are also inside the relevant $GNUPGHOME, right?
00:08:52
@finlaydag33k:finlaydag33k.nlAroop Roelofs
In reply to @forevernoob:matrix.org
But if one of the inputs is literally a timestamp, then how can one possibly derive a pubkey unless you exactly know the timestamp or are fine with brute-forcing it?
I haven't had to use those revocation certs yet but if I'm not mistaken the revocation certs are also inside the relevant $GNUPGHOME, right?

I do not know where revocation certs are stored.
Mine is ASCII-armored and put mirrored on a few locations that I'm not disclosing. :p

regarding the timestamp bit: That's why I said in theory. XD
Practically infeasible but they can be derived from them. :')
Tho I generally just upload them to a keyserver or my Git repo to have a backup.

Basically I treat my $GNUPGHOME as "disposable".
I should be able to nuke my entire PC then throw it into the Mariana's Trench without my GPG infra being really affected.

00:12:29
@finlaydag33k:finlaydag33k.nlAroop Roelofs
In reply to @forevernoob:matrix.org
But if one of the inputs is literally a timestamp, then how can one possibly derive a pubkey unless you exactly know the timestamp or are fine with brute-forcing it?
I haven't had to use those revocation certs yet but if I'm not mistaken the revocation certs are also inside the relevant $GNUPGHOME, right?
*

I do not know where revocation certs are stored.
Mine is ASCII-armored and put mirrored on a few locations that I'm not disclosing. :p

regarding the timestamp bit: That's why I said in theory. XD
Practically infeasible but they can be derived from them in theory. :')
Tho I generally just upload them to a keyserver or my Git repo to have a backup.

Basically I treat my $GNUPGHOME as "disposable".
I should be able to nuke my entire PC then throw it into the Mariana's Trench without my GPG infra being really affected.

00:12:48
@forevernoob:matrix.orgForeverNoob
In reply to @finlaydag33k:finlaydag33k.nl

I do not know where revocation certs are stored.
Mine is ASCII-armored and put mirrored on a few locations that I'm not disclosing. :p

regarding the timestamp bit: That's why I said in theory. XD
Practically infeasible but they can be derived from them in theory. :')
Tho I generally just upload them to a keyserver or my Git repo to have a backup.

Basically I treat my $GNUPGHOME as "disposable".
I should be able to nuke my entire PC then throw it into the Mariana's Trench without my GPG infra being really affected.

Heh ok that kind of makes sense.
But instead of backing the privkey, pubkey and revocert separately, wouldn't backing up the entire $GNUPGHOME also just work?
00:15:17
@finlaydag33k:finlaydag33k.nlAroop Roelofs

According to the documentation:

  • pubring.gpg (legacy) and pubring.kbx is where the public keys are stored.
  • secring.gpg (legacy) and private-keys-v1.d is your private keys
  • ropenpgp-revocs.d is your pre-generated revocation certs.

It should in theory be enough to backup these (hint: Have someone more knowledgeable confirm or deny my statement) but I just like to do things manually that way because that way, I can be sure I didn't screw up.

00:22:10
@forevernoob:matrix.orgForeverNoobThat's an odd thing to make legacy. AFAIK the .kbx isn't even ASCII armored. Almost all of the tutorials I've come across so far refer to those legacy files :/00:25:35
@andrewg:nitro.chatandrewgAscii armor and traditional binary keyring files scale very badly; they’re OK as a transfer format but not as an on-disk database because they aren’t efficiently searchable00:29:37
@forevernoob:matrix.orgForeverNoobAh I see, I guess that make sense. So if scalability is the only issue, would that mean that the legacy ASCII armored .gpg systems still exist in the future or will they be obsoleted and phased out?00:35:13
@forevernoob:matrix.orgForeverNoob * Ah I see, I guess that make sense. So if scalability is the only issue, would that mean that the legacy ASCII armored .gpg systems will still exist in the future or will they be obsoleted and phased out?00:35:28
@andrewg:nitro.chatandrewg No, they won’t because they’re the only ones with an official specification. 00:36:50
@forevernoob:matrix.orgForeverNoobOh that's good to hear. That means those tutorials would still be valid in the future 👍️00:45:06

Show newer messages


Back to Room ListRoom Version: 1