dkg (Daniel Kahn Gillmor)
User

Projects

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Wednesday

  • Clear sailing ahead.

User Details

User Since
Mar 27 2017, 4:49 PM (104 w, 5 h)
Availability
Available

Recent Activity

Sat, Mar 23

dkg added a comment to T4418: --with-wkd-hash does not have an effect on --with-colons.

i don't think we need another column without the domain, i agree that it's easy enough to strip.

Sat, Mar 23, 10:40 PM · Bug Report
dkg added a comment to T4418: --with-wkd-hash does not have an effect on --with-colons.

That seems plausible to me. I'm not sure why you'd include the @domain part in the output, since it's all strictly about the localpart. what happens if you provide some upper-case inputs?

Sat, Mar 23, 3:48 AM · Bug Report
dkg created T4424: documentation for --no-keyring seems garbled.
Sat, Mar 23, 3:07 AM · gnupg, Documentation, Bug Report
dkg added a comment to T3389: canonical OpenPGP certificate export.

fwiw, a comment over on T4422 contains a bash script that tries to force GnuPG to do its certificate/signature re-ordering. this doesn't produce anything canonical yet, but it's the closest i've come so far to getting GnuPG to do something repeatable with a certificate after merging (but even that is not quite stable).

Sat, Mar 23, 2:34 AM · gnupg (gpg23), Feature Request
dkg added a comment to T4422: `repair-keys` does not reorder signatures on non-merge imports.

(fwiw, all of this testing is done with GnuPG 2.2.14-1, using the package that is in debian/experimental right now; i'd welcome any corroboration with other versions)

Sat, Mar 23, 1:56 AM · gnupg (gpg22), Bug Report
dkg added a comment to T4422: `repair-keys` does not reorder signatures on non-merge imports.

as i experiment with this, i find an even weirder result with certificate re-ordering: the function above is not idempotent.

Sat, Mar 23, 1:55 AM · gnupg (gpg22), Bug Report
dkg added a comment to T4422: `repair-keys` does not reorder signatures on non-merge imports.

Here is a horrible bash function for doing the kind of stripping and re-importing that *does* cause signature re-ordering:

Sat, Mar 23, 1:51 AM · gnupg (gpg22), Bug Report
dkg created T4422: `repair-keys` does not reorder signatures on non-merge imports.
Sat, Mar 23, 1:28 AM · gnupg (gpg22), Bug Report
dkg created T4421: import-export does not remove duplicated subkeys.
Sat, Mar 23, 12:07 AM · gnupg (gpg22), Bug Report

Fri, Mar 22

dkg committed rGb30528f48780: doc: fix formatting error (authored by dkg).
doc: fix formatting error
Fri, Mar 22, 11:50 PM
dkg committed rG93782de23fe4: doc: fix formatting error (authored by dkg).
doc: fix formatting error
Fri, Mar 22, 11:49 PM

Thu, Mar 21

dkg created T4418: --with-wkd-hash does not have an effect on --with-colons.
Thu, Mar 21, 8:02 PM · Bug Report

Wed, Mar 20

dkg added a comment to T714: Meaningful RETURN values.

werner wrote:

Wed, Mar 20, 11:10 PM · gnupg, Feature Request
dkg committed rC0e2073edf92e: ecc: adjust debugging output (authored by dkg).
ecc: adjust debugging output
Wed, Mar 20, 3:51 AM
dkg added a comment to T4414: please make ecc debugging info from libgcrypt more legible..

for whatever reason, i don't seem to be able to push to the branch on playfair, so i've also pushed the same commit over at https://gitlab.com/dkg/libgcrypt

Wed, Mar 20, 3:10 AM · libgcrypt, Bug Report
dkg created T4414: please make ecc debugging info from libgcrypt more legible..
Wed, Mar 20, 3:08 AM · libgcrypt, Bug Report

Wed, Mar 6

dkg added a comment to T4393: GnuPG should always accept key updates even if the update does not contain UIDs.
  • TPK: transferable public key
  • TPS: Third-party signature
Wed, Mar 6, 7:53 PM · gnupg, Feature Request
dkg added a comment to T4393: GnuPG should always accept key updates even if the update does not contain UIDs.

i don't understand why "import-drop-uids" is useful -- it sounds to me like the functionality you're looking for is something more accurately named "accept-certs-without-uids". is that right?

Wed, Mar 6, 4:37 PM · gnupg, Feature Request

Sun, Mar 3

dkg added a task to rG145987238e7e: gpgv: Improve documentation for keyring choices: T4386: Improve documentation about gpgv keyring selection.
Sun, Mar 3, 4:29 PM
dkg added a commit to T4386: Improve documentation about gpgv keyring selection: rG145987238e7e: gpgv: Improve documentation for keyring choices.
Sun, Mar 3, 4:29 PM · gpgv
dkg created T4386: Improve documentation about gpgv keyring selection.
Sun, Mar 3, 4:28 PM · gpgv
dkg committed rG145987238e7e: gpgv: Improve documentation for keyring choices (authored by dkg).
gpgv: Improve documentation for keyring choices
Sun, Mar 3, 4:27 PM

Feb 14 2019

dkg committed rGb89f1790e0b9: po: Correct a simple typo in the Norwegian translation (authored by ingvarha).
po: Correct a simple typo in the Norwegian translation
Feb 14 2019, 3:48 PM
dkg committed rGa09bba976d2f: po: Correct a simple typo in the Norwegian translation (authored by ingvarha).
po: Correct a simple typo in the Norwegian translation
Feb 14 2019, 3:48 PM

Feb 11 2019

dkg added a comment to T4346: Remove gpg-agent passphrase nags for empty / none passphrase.

I can't tell whether this bug report is about all the ways that we wish that GnuPG's default password process was better, or whether it's about one specific change.

Feb 11 2019, 7:48 AM · gpg4win, gnupg (gpg23), pinentry

Jan 28 2019

dkg added a comment to T4351: gpg --edit-key should improve selection of subkeys or user IDs.

for user ID selection, you could also potentially match on substring, so uid dkg could select/deselect all user IDs that contain "dkg".

Jan 28 2019, 10:12 PM · gnupg, Feature Request
dkg created T4351: gpg --edit-key should improve selection of subkeys or user IDs.
Jan 28 2019, 10:10 PM · gnupg, Feature Request

Dec 5 2018

dkg added a comment to T4276: Context.decrypt() throws an error if *any* signature is bad.

One more semantic question about how folks think Context.decrypt(verify=True) should work: if the decrypted thing has no signature at all, should the function succeed without throwing an exception? it currently does, but the returned verify_result has its signatures member set to the empty list.

Dec 5 2018, 6:30 PM · gpgme, Python, Bug Report
dkg added a comment to T4271: python gpg.Context.decrypt(verify=False) no longer works.

since @aheinecke merged my changes, i think this bug is now resolved. I'll let @BenM close it though :)

Dec 5 2018, 2:06 PM · Python, gpgme, Bug Report
dkg added a comment to T4276: Context.decrypt() throws an error if *any* signature is bad.

@aheinecke thanks for the merge of my other branch! sadly, that branch does *not* address this issue yet. It doesn't even test for it. :( I can work on trying to fix it (and test it) if there's a consensus that we want this particular change in behavior.

Dec 5 2018, 2:04 PM · gpgme, Python, Bug Report
dkg added a comment to T4271: python gpg.Context.decrypt(verify=False) no longer works.

note that the branch also updates the test suite to make sure the verify=False case is tested.

Dec 5 2018, 6:34 AM · Python, gpgme, Bug Report
dkg created T4276: Context.decrypt() throws an error if *any* signature is bad.
Dec 5 2018, 6:18 AM · gpgme, Python, Bug Report
dkg added a task to rMac8d7238dbf1: python: overhaul logic of Context.decrypt(): T4271: python gpg.Context.decrypt(verify=False) no longer works.
Dec 5 2018, 12:51 AM
dkg added a commit to T4271: python gpg.Context.decrypt(verify=False) no longer works: rMac8d7238dbf1: python: overhaul logic of Context.decrypt().
Dec 5 2018, 12:51 AM · Python, gpgme, Bug Report
dkg added a comment to T4271: python gpg.Context.decrypt(verify=False) no longer works.

I've just pushed a branch dkg/fix-T4271 , currently at ac8d7238dbf165950c9844e5cb41da8eb4d37bc0 that resolves this problem.

Dec 5 2018, 12:51 AM · Python, gpgme, Bug Report
dkg committed rMac8d7238dbf1: python: overhaul logic of Context.decrypt() (authored by dkg).
python: overhaul logic of Context.decrypt()
Dec 5 2018, 12:50 AM
dkg committed rM5e21e61cfef8: python: ctx.decrypt() has problematic error handling (authored by dkg).
python: ctx.decrypt() has problematic error handling
Dec 5 2018, 12:50 AM
dkg committed rM30ddb2cabcd6: python: gpg.Context.decrypt verify_sigs and sink_result are bools (authored by dkg).
python: gpg.Context.decrypt verify_sigs and sink_result are bools
Dec 5 2018, 12:50 AM
dkg committed rMfefa46173e50: python: Clarify the meaning of ctx.decrypt(verify=[]) (authored by dkg).
python: Clarify the meaning of ctx.decrypt(verify=[])
Dec 5 2018, 12:50 AM
dkg committed rM827a2f3ad562: python: simplify Context.decrypt() (authored by dkg).
python: simplify Context.decrypt()
Dec 5 2018, 12:50 AM
dkg committed rM9a1903cc4292: python: clarify documentation for verify argument for Context.decrypt() (authored by dkg).
python: clarify documentation for verify argument for Context.decrypt()
Dec 5 2018, 12:50 AM

Dec 1 2018

dkg created T4275: python gpg binding VCS contains generated files (documentation).
Dec 1 2018, 12:53 AM · gpgme, Bug Report

Nov 27 2018

dkg added a comment to T4271: python gpg.Context.decrypt(verify=False) no longer works.

please add a unit to the test suite to make sure something like this doesn't happen in the future!

Nov 27 2018, 10:14 PM · Python, gpgme, Bug Report
dkg created T4271: python gpg.Context.decrypt(verify=False) no longer works.
Nov 27 2018, 10:10 PM · Python, gpgme, Bug Report
dkg created T4270: pinentry-curses should ring the terminal bell.
Nov 27 2018, 3:51 PM · Feature Request, pinentry

Nov 22 2018

dkg added a comment to T4191: gpgme python bindings test t-callbacks.py fails on 32-bit platforms.

i'd be happy to help you set up your own x86 32-bit guest VM for testing
if you like, even if you're running on x86_64 hardware. they're cheap
and easy to run, and have a delightfully small memory footprint :P just
let me know!

Nov 22 2018, 1:44 PM · Python, gpgme, Bug Report

Nov 18 2018

dkg added a comment to T4251: gpg-zip embeds the build-time path for tar instead of finding it at runtime..

hm, adding: --with-tar=tar to my invocation of ./configure appears to leave gpg-zip with:

Nov 18 2018, 7:52 PM · gnupg (gpg22), Bug Report

Nov 14 2018

dkg created T4254: broken link to gpgrelay in website.
Nov 14 2018, 7:02 PM · Bug Report
dkg added a comment to T4251: gpg-zip embeds the build-time path for tar instead of finding it at runtime..

i don't see any active use of it in all of debian: https://codesearch.debian.net/search?q=gpg-zip

Nov 14 2018, 6:48 PM · gnupg (gpg22), Bug Report
dkg created T4251: gpg-zip embeds the build-time path for tar instead of finding it at runtime..
Nov 14 2018, 7:23 AM · gnupg (gpg22), Bug Report

Nov 8 2018

dkg added a comment to T3464: successful decryption with session key reports failure if public key is unknown.

I don't think this answered my question -- i'm asking how adding --no-keyring affects gpgme_op_decrypt_verify -- it seems like verification would fail if no keyring is used, no?

Nov 8 2018, 8:59 AM · gnupg (gpg22), gpgme, Bug Report
dkg added a comment to T3464: successful decryption with session key reports failure if public key is unknown.

I'm fine with this change, but i do note that some people expect --decrypt to mean "decrypt and verify, if possible". In particular, gpg(1) says about --decrypt:

Nov 8 2018, 6:44 AM · gnupg (gpg22), gpgme, Bug Report
dkg committed rM2557d0ae6ff0: spelling: fix misspellings (authored by dkg).
spelling: fix misspellings
Nov 8 2018, 6:37 AM

Oct 29 2018

dkg added a comment to T4235: GnuPG doesn't respect key flags when decrypting.

i agree with @Valodim that it would be better to not have a warning at all for an attempt to decrypt from secret key whose public key has never been marked as valid for encryption. A strict failure there (as with a strict failure for lack of mdc) is a better scenario than a warning. If the user controls the secret key and they decide they want to be able to decrypt with it, they should be able to mark it as decryption-capable (if that's really what they want) and retry. But this is an action only for experts.

Oct 29 2018, 8:04 PM · Not A Bug, OpenPGP, gnupg
dkg added a comment to T4235: GnuPG doesn't respect key flags when decrypting.

I understand the real world requirement for decrypting messages that have been encrypted to a revoked or expired key.

Oct 29 2018, 7:43 PM · Not A Bug, OpenPGP, gnupg

Oct 25 2018

dkg committed rGa7c5d65eb503: all: fix more spelling errors (authored by dkg).
all: fix more spelling errors
Oct 25 2018, 10:53 PM
dkg committed rGb39ece7d3540: headers: fix spelling (authored by dkg).
headers: fix spelling
Oct 25 2018, 10:53 PM

Oct 24 2018

dkg committed rG54eb375ff14e: all: fix spelling and typos (authored by dkg).
all: fix spelling and typos
Oct 24 2018, 9:57 PM
dkg committed rGef540d1af064: doc: fix spelling mistakes (authored by dkg).
doc: fix spelling mistakes
Oct 24 2018, 8:40 PM

Oct 19 2018

dkg added a comment to T3354: gpgme only builds against two versions of python at once.

@werner, thanks for rMff6ff616aea6 -- i've backported it to debian's packaging and it lets us cleanly build against all installed versions of python.

Oct 19 2018, 11:47 PM · Python, gpgme, Bug Report
dkg committed rEe99480affa59: build-aux: use https instead of http (authored by dkg).
build-aux: use https instead of http
Oct 19 2018, 3:12 PM

Oct 18 2018

dkg created T4196: gpgme-json is confused about malformed input.
Oct 18 2018, 6:33 PM · gpgme
dkg added a comment to T4195: Fix time API in gpgme.

what does "not only on Jan 19, 2038" mean here?

Oct 18 2018, 6:21 PM · gpgme, Feature Request
dkg added a comment to T4191: gpgme python bindings test t-callbacks.py fails on 32-bit platforms.

the error i'd seen earlier after reverting the change was an error due to running t-callbacks.py on its own, without the rest of the test suite framework. running it within the test suite framework (with the change reverted), it passes without a problem. I've uploaded 1.12.0-4 to debian with a patch to t-callbacks.py. I can apply it upstream, if you want me to.

Oct 18 2018, 6:20 PM · Python, gpgme, Bug Report
dkg added a comment to T4191: gpgme python bindings test t-callbacks.py fails on 32-bit platforms.

The error might have to do with rM46da79e3de99a7b65748994921d6aab73b9974e7 which looks like it might run afoul of 32-bit time_t (Y2K38 problem?).

Oct 18 2018, 5:33 PM · Python, gpgme, Bug Report
dkg added a comment to T4191: gpgme python bindings test t-callbacks.py fails on 32-bit platforms.

here's me running just the specific test:

Oct 18 2018, 5:20 PM · Python, gpgme, Bug Report
dkg added a comment to T4192: python gpg segfaults when first parameter to gpg.Context().op_genkey() is None or otherwise malformed.

If the swig interface isn't robust, can we replace it with something that will be more robust? Or do we need to wrap it with hand-crafted error checks that describe the API's constraints? It's pretty bad form to segfault python.

Oct 18 2018, 5:01 PM · Python, gpgme
dkg added a comment to T4192: python gpg segfaults when first parameter to gpg.Context().op_genkey() is None or otherwise malformed.

When parms is malformed but not NULL, then the error appears to be a bug in the python bindings in _wrap_gpgme_release. maybe something is going wrong because of the "cannot allocate memory" error? in particular:

Oct 18 2018, 4:52 PM · Python, gpgme
dkg added a comment to T4192: python gpg segfaults when first parameter to gpg.Context().op_genkey() is None or otherwise malformed.

To deal with passing None correctly, it looks to me like the problem is inside get_parameter() in src/genkey.c -- there ought to be a check for parms being NULL, and then returning either GPG_ERR_INV_VALUE or something else. otherwise, the segfault happens inside strstr.

Oct 18 2018, 4:06 PM · Python, gpgme
dkg added a comment to T4192: python gpg segfaults when first parameter to gpg.Context().op_genkey() is None or otherwise malformed.

It the first error (first param = None) is a segfault in versions 1.11.1-2 (debian unstable i386) and 1.8.0-3+b2 (debian stretch amd64).

Oct 18 2018, 1:15 PM · Python, gpgme
dkg renamed T4192: python gpg segfaults when first parameter to gpg.Context().op_genkey() is None or otherwise malformed from python gpg segfaults when first parameter to gpg.Context().op_genkey() is None to python gpg segfaults when first parameter to gpg.Context().op_genkey() is None or otherwise malformed.
Oct 18 2018, 8:14 AM · Python, gpgme
dkg created T4192: python gpg segfaults when first parameter to gpg.Context().op_genkey() is None or otherwise malformed.
Oct 18 2018, 8:05 AM · Python, gpgme
dkg updated the task description for T4191: gpgme python bindings test t-callbacks.py fails on 32-bit platforms.
Oct 18 2018, 6:38 AM · Python, gpgme, Bug Report
dkg created T4191: gpgme python bindings test t-callbacks.py fails on 32-bit platforms.
Oct 18 2018, 6:38 AM · Python, gpgme, Bug Report
dkg committed rM9de1c96ac3cf: python: do not export HAVE_CXX11 definition (authored by dkg).
python: do not export HAVE_CXX11 definition
Oct 18 2018, 6:31 AM
dkg committed rM12b0b5c8941b: doc: convert more links to equivalent https:// URLs (authored by dkg).
doc: convert more links to equivalent https:// URLs
Oct 18 2018, 6:29 AM
dkg committed rMa81534fed8ff: doc: convert more http:// links to https:// (authored by dkg).
doc: convert more http:// links to https://
Oct 18 2018, 6:29 AM
dkg committed rM2f12427e416a: doc: use https:// for www.gnu.org (authored by dkg).
doc: use https:// for www.gnu.org
Oct 18 2018, 6:29 AM
dkg created T4190: https://git.gnupg.org/ is out of date.
Oct 18 2018, 6:15 AM · gpgweb, Bug Report

Oct 17 2018

dkg added a comment to T3354: gpgme only builds against two versions of python at once.

what's the status on this? i'd love to be able to build binaries for both python3.6 and 3.7 for debian. as it stands right now, the python3.7 continuous integration test for debian is failing.

Oct 17 2018, 12:53 AM · Python, gpgme, Bug Report

Oct 12 2018

dkg committed rEa3f4e8838036: syscfg: Add support for arm64ilp32 (authored by Wookey <wookey@debian.org>).
syscfg: Add support for arm64ilp32
Oct 12 2018, 4:49 PM

Oct 9 2018

dkg added a comment to T3894: re-evaluate default randomness choices during key generation on GNU/Linux platforms.

What are the next steps here? i confess i'm a little tired of doing regular checkins on this issue, and i'm sure other people are tired of me nagging. What can we do to move this along?

Oct 9 2018, 6:39 PM · libgcrypt, gnupg

Oct 8 2018

dkg added a comment to T4014: when verifying signatures, gpg and gpgv should ensure signing capabilities.

what does "back signature's usage tool" mean? can we make an addition to the test suite that ensures that bad signatures will be rejected?

Oct 8 2018, 5:07 PM · gpgv, gnupg, Bug Report

Oct 7 2018

dkg added a comment to T4154: allow setting passphrase from an environment variable.

ok, feel free to close this ticket then. It's disappointing that there
seems to be no sane, simple, private multi-channel communication
mechanism avaiable cross-platform that GnuPG can rely on.

Oct 7 2018, 6:45 AM · Feature Request, gnupg (gpg23)

Sep 28 2018

dkg added a comment to T3398: fingerprint-based import screener is no defense against malice.

This was additionally reported as https://bugs.debian.org/909755 -- it would be great to get a clear statement from the GnuPG project about handling the curated keyring use case.

Sep 28 2018, 5:45 PM · gnupg (gpg23), Feature Request

Sep 23 2018

dkg added a comment to T4154: allow setting passphrase from an environment variable.

i note that my patch doesn't include an addition to the test suite, which it probably should, though i'm not fluent in gpgscm. if someone could update it to include a test, i'd appreciate that, and would probably learn from the commit. I imagine the test would do something like:

Sep 23 2018, 9:31 PM · Feature Request, gnupg (gpg23)
dkg committed rG07c19981da06: gpg: add --passphrase-env VARNAME to read passphrase from environment (authored by dkg).
gpg: add --passphrase-env VARNAME to read passphrase from environment
Sep 23 2018, 8:58 PM
dkg added a comment to T4154: allow setting passphrase from an environment variable.

I tried to push commit 07c19981da0607dc442fadc4079b1d71fbef8f83 to branch dkg/passphrase-env on playfair, but i got this complaint:

Sep 23 2018, 8:36 PM · Feature Request, gnupg (gpg23)
dkg created T4154: allow setting passphrase from an environment variable in the S1 Public space.
Sep 23 2018, 8:32 PM · Feature Request, gnupg (gpg23)

Sep 12 2018

dkg added a comment to T3464: successful decryption with session key reports failure if public key is unknown.

sorry, i haven't had time to test gpgme with those changes myself. i hope someone can do so.

Sep 12 2018, 4:53 PM · gnupg (gpg22), gpgme, Bug Report
dkg added a comment to T3464: successful decryption with session key reports failure if public key is unknown.

if gpgme doesn't rely on the return value, but instead on parsing the --status-fd for errors, then there will still be an ERROR printed:

Sep 12 2018, 4:12 PM · gnupg (gpg22), gpgme, Bug Report
dkg removed a project from T3464: successful decryption with session key reports failure if public key is unknown: Info Needed.

yes, it looks like using --no-keyring does change the return code from 2 to 0 for me.

Sep 12 2018, 6:13 AM · gnupg (gpg22), gpgme, Bug Report

Sep 7 2018

dkg added a comment to T3894: re-evaluate default randomness choices during key generation on GNU/Linux platforms.

@aheinecke -- @smueller_chronox.de (author of the comment above) is Stephan Müller from atsec. Glad to see he seems ok with the proposal :)

Sep 7 2018, 9:49 PM · libgcrypt, gnupg

Sep 5 2018

dkg committed rC842ff5f60cfa: random: use getrandom() on Linux where available (authored by dkg).
random: use getrandom() on Linux where available
Sep 5 2018, 9:19 PM
dkg added a comment to T3894: re-evaluate default randomness choices during key generation on GNU/Linux platforms.

well, i tried to push, anyway, but it looks like playfair is rejecting my pushes:

Sep 5 2018, 4:54 PM · libgcrypt, gnupg
dkg added a comment to T3894: re-evaluate default randomness choices during key generation on GNU/Linux platforms.

@werner -- yes, i am asking for a change that is specific to the way that gcrypt interacts with the Linux kernel. The minor patch i've proposed only affects a codeblock within #if defined(__linux__), so i don't believe it would have an effect on other Unices. I hope that people working with other kernels will propose any necessary fixes for them.

Sep 5 2018, 4:46 PM · libgcrypt, gnupg

Aug 23 2018

dkg added a comment to T3894: re-evaluate default randomness choices during key generation on GNU/Linux platforms.

@aheinecke thanks for the followup!

Aug 23 2018, 5:59 PM · libgcrypt, gnupg

Aug 2 2018

dkg added a comment to T3894: re-evaluate default randomness choices during key generation on GNU/Linux platforms.

This bug report has been around for several months now. it has a simple patch, a clear explanation, a report of running code, and examples of problems it solves.

Aug 2 2018, 7:34 PM · libgcrypt, gnupg

Jul 22 2018

dkg added a comment to T3894: re-evaluate default randomness choices during key generation on GNU/Linux platforms.

I've now run the proposed patch on a GNU/Linux system where the kernel's RNG is initialized but /proc/sys/kernel/random/entropy_avail shows numbers below 100, and i can confirm that 3072-bit RSA key generation takes roughly 0.8 seconds: 20 sequential default --quick-keygen operations (each creating two secret keys) took ~32s.

Jul 22 2018, 7:54 AM · libgcrypt, gnupg
dkg added a comment to T3894: re-evaluate default randomness choices during key generation on GNU/Linux platforms.

Here is another example of users doing sketchy things to try to "fix" this process:

Jul 22 2018, 5:28 AM · libgcrypt, gnupg