- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Jun 12 2018
I note that --import-options show-only --import has the same effect as --show-keys -- that is, the revocation cert is imported. so the error is in the import-options code itself. I'll push a fix-T4017 branch shortly with a proposed correction.
Jun 11 2018
I just noticed, that a tag for Libgcrypt 1.8.3 seems to be missing: https://dev.gnupg.org/source/libgcrypt/tags/LIBGCRYPT-1.8-BRANCH/
Thanks for the writeup. Maybe this could be the base for a gnupg.org/blog article.
Here is what we have now. We decided explictly not to offer a "yes I want to do something less secure" button as we think that using Unsigned S/MIME Mails is avoidable. Also we want to be more secure by default then Outlook. From a User Experience standpoint a "Yes more convenient but less secure" button basically educates users to always select that button.
Yes, closing.
I'm having the same issue. I read somewhere that it's likely caused by using an online Windows account to login with. So I converted to local log in. Issue persists. As a test, I've just set up a VM with a local account set up at install, and GPG4Win works perfectly fine. So I'm guessing that there may be an issue which stays in the files system caused by online account users. I'm not a programmer and have no idea how or where to look to see what's causing it and how to fix it though.
Jun 10 2018
Jun 9 2018
So we had two releases with the fist. Can we set this bug to resolved?
I've heard no critique of the logic above. could we get this fix landed? it is concretely useful for doing key generation on modern GNU/Linux systems.
Jun 8 2018
fwiw, i agree that if there's any security vulnerability here, it is in the verification side, not the creation side.
I was not aware that you could do this at all. You are right in that to start supporting this we first need to update libksba.
Unfortunately 2.2.8 does not build with older libgpg-error versions. Commit rG18274db32b5dea7fe8db67043a787578c975de4d should fix this.
Apologies for the delay, been working on GSoC stuff.
Here's what I've got as of right now:
2.2.8. with a fix has been released. Announcement
Yep. ?
[Better use the gnupg tag. Specific versions end up on the workboard and there may only be one.]
@dkg can you please take this up with Debian and other distros? See the commit for a brief description.
Fixed in 1.4, 2.2 and master. New releases will be done soon. Note that there is no need for a new gpg4win release because GPGME is not affected.
Okay. Thanks for looking into this.