- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
Jun 3 2020
I bumped up the requirement to 1.25 because we also use error codes defined there. To be on the safe side with older distros I defined the missing error code instead of requiring 1.27.
Thanks for the report.
I now describe the shortcuts as development and 2.2 stable branch.
Jun 2 2020
As of now we doubt that the proposed patch helps and we even fear that it could make things worst. Thus, as long as there is we have no description of an attack we won't do anything about it.
May 29 2020
Although this is a standard behaviour for Unix tools, you are right that it makes sense to tell the user about the problems. And well, the version info should not appear either.
FYIL This is delayed because there are some dependencies to internals of gnupg.
Merged. Thanks.
Ok. However, I don't think that the fingerprint is really important. We can compute it anyway as long as we have the creation date. The keygrip is meanwhile more important but that is also easy to compute.
May 28 2020
Why do you think that we need to care about the attestation key? Where possible I take in new code in account that we will have more OpenPGP keys, but right now I don't think that is makes sense to replace our data structures for that the 3 element arrays we currently use are okay for the 3 standard keys. We can latter see how to replace them. At one place I already introduced something new:
Here is a dump of my token (Yubikey 5.2.6). I used the new apdu command of gpg-card along with "undump | dumpasn1 -", which saves quite some time:
May 27 2020
GnuTLS seems to have some CMS support; see https://gitlab.com/gnutls/gnutls/-/issues/227 .
May 26 2020
May 19 2020
Seems to be fixed now.
Parsing and creating of certs does now work. I was not able to find sample CMS objects so this part is not yet finished.
Finished if an existing key is used. See rG6dc3846d78192e393be73c16c72750734a9174d1 for examples.
See rG6dc3846d78192e393be73c16c72750734a9174d1 for examples on how to create a cert
May 18 2020
Okay, makes sense.
SOURCE_DATE_EPOCH is NixOS specific?
May 17 2020
Looking at the rules I do not understand why we have a problem here, the rule
I think an option to ignore certain files is a better way to do this. I'll give it a try.
May 14 2020
Won't fix because there is no need for it. ASN.1 modules are the formal description of a protocol and as such not copyrightable.
Thanks. Applied. Will go into 1.4.0
May 13 2020
May 12 2020
May 11 2020
Signing using ECDSA does now also work. Tested with 3 in disk keys: nistp256, nistp384 and RSA and verified using gpgsm and Governikus Signer.