- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
Nov 2 2021
Tehre has never been an option "shared-access" in GnuPG. At least not in upstream. In general we suggest the use of the interal ccid driver, but if you want PC/SC you need to use disable-ccid-driver. This is because 2.3 does not feature an automatic fallback to PC/SC anymore. Using pcsc-shared with OpenPGP cards can lead to surprising effects. You may want to try Scute as PCKSC#11 access module.
Actually we do not really support the systemd thing and it is likeley that the support in GnuPG will eventually be removed again. You may want to contact the Debian maintainer, who took responsibility for all systemd things.
Oct 31 2021
Oct 29 2021
Does the key have a passsphrase or somehow the empty string as passphrase?
If you don't use lookback mode: does the pinentry pop up?
(I edited the report to make it readable, but did not yet looked at it in detail)
I wonder why you are using a decent libgcrypt but a 3 years old GnuPG version?
Oct 27 2021
Sure there are logs, see the options log-file and debug in the man pages.
To sign using specific subkey or the main key, use the fingerprint of the key and append an exclamation mark.
For example
I think we can close this bug. The warning will now only be printed as part of the the regression test and after all it is just a warning.
Will go into 2.3.4 which will also silence the noise of not being able to read it. The major reason for this code is to allow building an AppImage.
Thanks for the patch. That is sufficent. I added you to the Contributor group, though.
Oct 25 2021
The thing is that any n.m.k-something version should behave versionwise the same as n.m.k. That is okay, because beta versions etc are not considered to be released. This is required to allow testing beta version _before_ doing the release.
We are currently using "implict" service indicators but eventually we may change Libgcrypt to support explicit indicators.
Oct 22 2021
Thanks.
@Reiner: Any news; were you able to run the the command with redirection to some file?
Oct 20 2021
So what is your bug report? Note that the NOTATION_FLAGS are only printed for human readable or critical notations.
Lets downgrade the priority and keep it open in case we get reports from customers. The other option would be to replicate this here using our AD demo network. But that is a bit time consuming.
Yes, but it is more complicated to do because you need to download a binary version of the keys and check that they are authentic. Most users don't known it. Anyway, I meanwhile created a Brainpool release sign key and new VSD releases are signed with that. The override option does not really harm, but we can close this bug due to the new release key.
Okay, any thing else missing in nPth?
Oct 19 2021
Yeah, that will be helpful. Thanks. FWIW GnuPG 2.2.32 also lists PC/SC readers and not just the Linux default of CCID readers.
Version check is a data leak anyway and thus often disabled. Thus I don't see a risk for high value targets.
Just to be sure: Can you c+p the strings?
Hello @gniibe, you did the last work on nPTh. Would you be so kind and look into this?
Oct 18 2021
I would prefer to store legacy manuals on the web server. That is the easier solution.
Cool. Thanks.
( No need to certify the DSA things)
Oct 17 2021
Urgs, I already implemented this:
On macOS _NSGetExecutablePath could be used, but iiuc this requires linking against dyld. For other OSes we would also need more code. I doubt that this makes a lot of sense these days; but we should come up with a solution, even if that means we need an envvar to specify the location of that open gpgconf.ctl file.
Oct 16 2021
That looks like a support question. Please ask on a mailing list for help. Sorry, we can't do individual support here.
Oct 15 2021
Oct 14 2021
Even better. Thanks,
A way to get the output of "gpgconf --show-versions" might also be useful. Actually this command could be used to get the versions.
dots are not allowed in hostnames.
Oct 13 2021
We now require a way to get the actual image of a process. For macOS the BSD method is used and we obviously need to find another way for macOS.
Oct 12 2021
The new bugs have been fixed in 2.3.3; see T5565.
I won't anymore follow the path of first doing a test install. That is way to hairy in respect to "make distcheck". Change is already in my working directory.
Is that really required? Should we wait what the conlusion of the WG will be?
Bison used to be the de-facto standard yacc ;-)
On my new Windows 10 laptop I see a "Windows Hello for Business 1". Thus put everything with "Windows Hello" at the end of the list or skip unless a reader-port is set. IIRC there are device with "virtual" or "Virtual" in their name, they don't make sense for us either. I would also put devices with "SCM" or "Identiv" to the top of the list. In particular the substrings "SPR532" seems to identify the Identiv SPR332 which is what we use here and actualay a suggested reader for GnUPG VS-Desktop.
Oct 11 2021
Thanks for your findings. I recall that I read this in the announcement and cursed about this new tendency in GNU to break long standing APIs.
OpenPGP requires the P < U property and gpg does also. In some parts of the GnuPG we re-calculate the CRT parameters but not in these code paths. Right, a better error message would be appropriate. I'll turn this into a feature request.
Please ask on a mailing list etc. This is a bug tracker and pnly very few people are reading your report.
Oct 10 2021
As long as we can't replicate this, it does not make sense to keep this bug open. Please re-open it if you run into it again in a replicatable way.
Fixed in gpgex 1.0.8
Sure they don't get created - they are optional.