werner (Werner Koch)Administrator
Engineering

Projects

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Sunday

  • Clear sailing ahead.

User Details

User Since
Mar 27 2017, 4:48 PM (138 w, 3 d)
Roles
Administrator
Availability
Available

Recent Activity

Yesterday

werner committed rD142f49603f45: misc: Upload g10 Code financial statemet for 2018 (authored by werner).
misc: Upload g10 Code financial statemet for 2018
Thu, Nov 21, 10:34 AM
werner triaged T4751: gpgsm unable to import a PKCS12 file with a NULL password as Normal priority.
Thu, Nov 21, 8:13 AM · gnupg, Feature Request, S/MIME

Wed, Nov 20

werner committed rWb71c9e800571: Fix support page - there are only two companies. (authored by werner).
Fix support page - there are only two companies.
Wed, Nov 20, 11:33 AM
werner committed rC1650004c42d1: doc: Add DCO for Paul Wolneykien (authored by werner).
doc: Add DCO for Paul Wolneykien
Wed, Nov 20, 9:27 AM
werner raised the priority of T4684: Release GnuPG 2.2.18 from Normal to High.
Wed, Nov 20, 9:00 AM · Release Info, gnupg (gpg22)
werner lowered the priority of T4628: new import-clean default for keys from keyservers modifies the local keyring when anything is returned from Normal to Wishlist.
Wed, Nov 20, 8:58 AM · Keyserver, gnupg (gpg22), Bug Report

Tue, Nov 19

werner committed rD0915f3e5c7ab: web: More donation charts. (authored by werner).
web: More donation charts.
Tue, Nov 19, 3:18 PM
werner committed rDd15b67e9406f: web: Add a chart with the individual donations. (authored by werner).
web: Add a chart with the individual donations.
Tue, Nov 19, 2:41 PM
werner committed rD8dcb0be66b95: web: Update the donations stats. (authored by werner).
web: Update the donations stats.
Tue, Nov 19, 12:58 PM

Mon, Nov 18

werner committed rCa3a866f63e7a: ecc: update GOST2012 curves (authored by Paul Wolneykien <manowar@altlinux.org>).
ecc: update GOST2012 curves
Mon, Nov 18, 10:25 PM
werner committed rCafffa9139f59: tests: Fix number of implemented curves. (authored by werner).
tests: Fix number of implemented curves.
Mon, Nov 18, 10:25 PM
werner closed T4750: --log-file usage problem with gpg as Resolved.

Done. Thanks.

Mon, Nov 18, 6:52 PM
werner committed rG499cd4d2ebe4: doc: Clarify how to use --log-file in gpg. (authored by werner).
doc: Clarify how to use --log-file in gpg.
Mon, Nov 18, 6:51 PM
werner committed rGd9c793518848: dirmngr,gpg: Better diagnostic in case of bad TLS certificates. (authored by werner).
dirmngr,gpg: Better diagnostic in case of bad TLS certificates.
Mon, Nov 18, 6:46 PM
werner committed rG3efc94f1eb17: dirmngr,gpg: Better diagnostic in case of bad TLS certificates. (authored by werner).
dirmngr,gpg: Better diagnostic in case of bad TLS certificates.
Mon, Nov 18, 6:46 PM
werner committed rG5967cfcc71e7: dirmngr: Fixed typo in recently added diagnostic. (authored by werner).
dirmngr: Fixed typo in recently added diagnostic.
Mon, Nov 18, 6:46 PM
werner committed rGae9acb8745c1: dirmngr: Forward http redirect warnings to gpg. (authored by werner).
dirmngr: Forward http redirect warnings to gpg.
Mon, Nov 18, 6:46 PM
werner committed rG466bdf7c07f4: dirmngr: Factor some prototypes out to dirmngr-status.h. (authored by werner).
dirmngr: Factor some prototypes out to dirmngr-status.h.
Mon, Nov 18, 6:46 PM
werner committed rG0f37727fcab2: dirmngr: Fixed typo in recently added diagnostic. (authored by werner).
dirmngr: Fixed typo in recently added diagnostic.
Mon, Nov 18, 6:46 PM
werner committed rG4dd509912524: dirmngr: Forward http redirect warnings to gpg. (authored by werner).
dirmngr: Forward http redirect warnings to gpg.
Mon, Nov 18, 6:46 PM
werner committed rD1e7b47bf3cbc: drafts,openpgp-webkey-service: Publish revision -09 (authored by werner).
drafts,openpgp-webkey-service: Publish revision -09
Mon, Nov 18, 11:40 AM
werner added a comment to T4750: --log-file usage problem with gpg.

You may want to use a recent version of GnuPG ;-)

Mon, Nov 18, 11:26 AM

Sat, Nov 16

werner closed T4400: GnuPG fails to parse algorithm preferences (and presumably features) from direct key signatures as Wontfix.

UserIDs are mandatory and do not see any reason to change this except maybe by specialized application in the embedded field.

Sat, Nov 16, 10:22 AM · Bug Report
werner triaged T4726: auto-key-locate only works with raw e-mail addresses (not angle-brackets) as Normal priority.
Sat, Nov 16, 10:18 AM · gnupg (gpg22), wkd, Bug Report
werner added a comment to T4726: auto-key-locate only works with raw e-mail addresses (not angle-brackets).

Given that the the angle brackets are elsewhere used to indicate a search by mail address, it would be okay to allow for them in this case too (that is dkg's second example). The risk of a regression in that case is pretty low.

Sat, Nov 16, 10:18 AM · gnupg (gpg22), wkd, Bug Report

Fri, Nov 15

werner committed rD5743aa49979c: web: Cleaned up the list of GnuPG hacker (authored by werner).
web: Cleaned up the list of GnuPG hacker
Fri, Nov 15, 9:29 AM
werner closed T4725: Dubious filename in literal data packet when encrypting with GPGME/GnuPGv1.4.23 as Wontfix.

it is just that we won't fix that for gpg 1.4.

Fri, Nov 15, 9:18 AM · gpgme, Bug Report
werner added a project to T4738: GpgOL deletes message body in S/Mime signed mails if Outlook is configured for .txt: gpgol.
Fri, Nov 15, 8:50 AM · gpgol, Bug Report

Thu, Nov 14

werner committed rP02a4f2fa0d8c: core: Allow to query info about the emacn integration. (authored by werner).
core: Allow to query info about the emacn integration.
Thu, Nov 14, 12:02 PM
werner committed rP248e1e79231f: gtk: Fix compiler warning. (authored by werner).
gtk: Fix compiler warning.
Thu, Nov 14, 12:02 PM
werner committed rPf4b896ab75ba: emacs: Handle options before trying to conenct to emacs. (authored by werner).
emacs: Handle options before trying to conenct to emacs.
Thu, Nov 14, 12:02 PM
werner triaged T4743: Verify from Signature in Clipboard as Normal priority.
Thu, Nov 14, 10:50 AM · Feature Request, kleopatra
werner closed T4749: --passphrase-fd 0 not working from command line as Invalid.

This is a bug tracker and not a general help line. You are better off asking on the gnupg-uisers mailing list.

Thu, Nov 14, 10:49 AM · FAQ, gnupg

Tue, Nov 12

werner added a comment to T3539: Update gpg4win 2.3.3 -> 3.0.1 leaves DirMngr Unable to Start (Error in Win10 Event Log).

We use "error ..." and "failed to ..." interchangable. The German translation even uses the same term for both.
Thus I think it would be better to keep the old diagnostic but show it only in --verbose mode.

Tue, Nov 12, 8:41 PM · Bug Report, gpg4win
werner committed rG12def3a84e03: dirmngr: Use IPv4 or IPv6 interface only if available. (authored by werner).
dirmngr: Use IPv4 or IPv6 interface only if available.
Tue, Nov 12, 8:38 PM
werner committed rG392e068e9f14: dirmngr: Use IPv4 or IPv6 interface only if available. (authored by werner).
dirmngr: Use IPv4 or IPv6 interface only if available.
Tue, Nov 12, 8:32 PM

Mon, Nov 11

werner committed rG4c295646ba0e: dirmngr: Remove cruft from dirmngr_ldap (authored by werner).
dirmngr: Remove cruft from dirmngr_ldap
Mon, Nov 11, 8:50 PM
werner edited projects for T4447: Fix addition of new GPG keys to LDAP, added: gnupg (gpg23); removed gnupg.
Mon, Nov 11, 6:33 PM · gnupg (gpg23), patch, LDAP, dirmngr, Bug Report
werner added a comment to T4447: Fix addition of new GPG keys to LDAP.

See also D475.

Mon, Nov 11, 6:30 PM · gnupg (gpg23), patch, LDAP, dirmngr, Bug Report
werner committed rG3b1fcf65239d: gpg: Add option --allow-weak-key-signatures. (authored by werner).
gpg: Add option --allow-weak-key-signatures.
Mon, Nov 11, 12:41 PM
werner committed rG754a03f5a279: gpg: Forbid the creation of SHA-1 third-party key signatures. (authored by werner).
gpg: Forbid the creation of SHA-1 third-party key signatures.
Mon, Nov 11, 12:41 PM
werner committed rGdd18be979e13: gpg: Forbid the creation of SHA-1 third-party key signatures. (authored by werner).
gpg: Forbid the creation of SHA-1 third-party key signatures.
Mon, Nov 11, 11:44 AM
werner committed rGeebd43d5b688: dirmngr: Rename an enum value for clarity. (authored by werner).
dirmngr: Rename an enum value for clarity.
Mon, Nov 11, 11:44 AM
werner added a comment to E558: Weekly Standup.

Last week:

  • Bug fixing
  • Allow specification of ldaps.
Mon, Nov 11, 7:38 AM

Sat, Nov 9

werner added a comment to D495: gpg: Fall back on keyid for --auto-key-retrieve..

auto key retrieve using just the key id is dangerous because it can lead to a DoS. It is too easy to flood keyservers with several keys have the same keyid. Let's don't give an incentive to the script kiddies trying to pull down the OpenPGP keyservers.

Sat, Nov 9, 4:44 PM
werner added a comment to T4744: Password is _never_ prompted in an X session but is in a bare tty.

Please add

Sat, Nov 9, 4:39 PM · Bug Report
werner committed rG6e1c99bc3973: gpgsm: Allow sepcification of ldaps servers. (authored by werner).
gpgsm: Allow sepcification of ldaps servers.
Sat, Nov 9, 11:38 AM
werner committed rG2b9d399cf0c7: doc: Document gpgsm's --keyserver option. (authored by werner).
doc: Document gpgsm's --keyserver option.
Sat, Nov 9, 11:38 AM

Fri, Nov 8

werner added a comment to rG6701a38f8e4a: gpg: Fix a potential loss of key sigs during import with self-sigs-only..

As I already stated: Please read the source comments on why we do this

Fri, Nov 8, 9:16 AM

Thu, Nov 7

werner added a comment to T4726: auto-key-locate only works with raw e-mail addresses (not angle-brackets).

does a remote key lookup only if STRING is a valid addr-spec. No extraction of the addr-spec from STRING is done and thus angle brackets inhibit the use of a remote lookup. This was implemented in this way to be as much as possible backward compatible.

Thu, Nov 7, 4:02 PM · gnupg (gpg22), wkd, Bug Report
werner added a project to T4670: Key expiration time ignored for zero creation date keys: patch.
Thu, Nov 7, 3:51 PM · patch, gnupg (gpg22), Bug Report
werner closed T4741: PLAINTEXT_LENGTH is sometimes incorrect as Resolved.
Thu, Nov 7, 3:46 PM · gnupg (gpg22), Bug Report
werner committed rGeae1ea6f39c1: doc: Improved description of status PLAINTEXT_LENGTH. (authored by werner).
doc: Improved description of status PLAINTEXT_LENGTH.
Thu, Nov 7, 3:46 PM
werner committed rG1d83f92fa928: doc: Improved description of status PLAINTEXT_LENGTH. (authored by werner).
doc: Improved description of status PLAINTEXT_LENGTH.
Thu, Nov 7, 3:46 PM
werner added a commit to T4741: PLAINTEXT_LENGTH is sometimes incorrect: rG1d83f92fa928: doc: Improved description of status PLAINTEXT_LENGTH..
Thu, Nov 7, 3:46 PM · gnupg (gpg22), Bug Report
werner added a commit to T4741: PLAINTEXT_LENGTH is sometimes incorrect: rGeae1ea6f39c1: doc: Improved description of status PLAINTEXT_LENGTH..
Thu, Nov 7, 3:46 PM · gnupg (gpg22), Bug Report
werner added a project to T4677: Failure using pinentry-tty or pinentry-curses when GnuPG's standard input is a file: unreproducible.
Thu, Nov 7, 3:38 PM · unreproducible, gnupg (gpg22), Bug Report
werner set the icon for unreproducible to Tag.
Thu, Nov 7, 3:38 PM
werner changed the edit policy for unreproducible.
Thu, Nov 7, 3:36 PM
werner closed T4677: Failure using pinentry-tty or pinentry-curses when GnuPG's standard input is a file as Resolved.

Sorry, we can't replicate this with the current pinentry version.

Thu, Nov 7, 3:23 PM · unreproducible, gnupg (gpg22), Bug Report
werner lowered the priority of T4696: Fresh certificate get's pulled into certificate chain with expired root certificate from High to Normal.
Thu, Nov 7, 3:18 PM · gnupg (gpg22), S/MIME, Bug Report
werner moved T4628: new import-clean default for keys from keyservers modifies the local keyring when anything is returned from Backlog to For next release on the gnupg (gpg22) board.
Thu, Nov 7, 3:15 PM · Keyserver, gnupg (gpg22), Bug Report
werner changed the status of T4628: new import-clean default for keys from keyservers modifies the local keyring when anything is returned from Open to Testing.
Thu, Nov 7, 3:14 PM · Keyserver, gnupg (gpg22), Bug Report
werner committed rG2975868ede40: gpg: Fix a potential loss of key sigs during import with self-sigs-only. (authored by werner).
gpg: Fix a potential loss of key sigs during import with self-sigs-only.
Thu, Nov 7, 3:13 PM
werner added a commit to T4628: new import-clean default for keys from keyservers modifies the local keyring when anything is returned: rG2975868ede40: gpg: Fix a potential loss of key sigs during import with self-sigs-only..
Thu, Nov 7, 3:13 PM · Keyserver, gnupg (gpg22), Bug Report
werner committed rG6701a38f8e4a: gpg: Fix a potential loss of key sigs during import with self-sigs-only. (authored by werner).
gpg: Fix a potential loss of key sigs during import with self-sigs-only.
Thu, Nov 7, 3:10 PM
werner added a commit to T4628: new import-clean default for keys from keyservers modifies the local keyring when anything is returned: rG6701a38f8e4a: gpg: Fix a potential loss of key sigs during import with self-sigs-only..
Thu, Nov 7, 3:10 PM · Keyserver, gnupg (gpg22), Bug Report
werner edited projects for T4619: Unable to decrypt symmetric-key encrypted data, added: gnupg (gpg23); removed gnupg (gpg22).
Thu, Nov 7, 2:36 PM · gnupg (gpg23), Bug Report
werner closed T4741: PLAINTEXT_LENGTH is sometimes incorrect as Invalid.
Thu, Nov 7, 2:32 PM · gnupg (gpg22), Bug Report
werner committed rGe624c41dbafd: gpg: Add option --allow-weak-key-signatures. (authored by werner).
gpg: Add option --allow-weak-key-signatures.
Thu, Nov 7, 10:46 AM
werner committed rGf4047f56058c: gpg: Print rfc4880bis note only in verbose mode. (authored by werner).
gpg: Print rfc4880bis note only in verbose mode.
Thu, Nov 7, 9:25 AM
werner committed rGfd88b8847a37: gpg: Remove an unused variable. (authored by werner).
gpg: Remove an unused variable.
Thu, Nov 7, 9:15 AM
werner committed rGa1f8ca7eee9b: doc: Make clear that by default RFC-4880bis features are used. (authored by werner).
doc: Make clear that by default RFC-4880bis features are used.
Thu, Nov 7, 9:15 AM
werner committed rGc6be40725127: doc: Document the --unwrap command. (authored by werner).
doc: Document the --unwrap command.
Thu, Nov 7, 9:15 AM
werner committed rG584b65ad7e93: gpg: Do not require --batch when using --log-file. (authored by werner).
gpg: Do not require --batch when using --log-file.
Thu, Nov 7, 9:15 AM
werner edited projects for T4742: GnuPG, Kleopatra: Update --full-gen-key options for GnuPG-2.3, added: gnupg (gpg23); removed gnupg.
Thu, Nov 7, 8:45 AM · gnupg (gpg23), kleopatra
werner added a comment to T4741: PLAINTEXT_LENGTH is sometimes incorrect.

"PLAINTEXT 75 ..." means UTF-8 encoding (u) which is not not binary (b) or MIME ('m') and thus on Unix the line endings are converted from CR,LF to LF. On Windows you should see a different length. See plaintext.c#handle_plaintext()

Thu, Nov 7, 8:43 AM · gnupg (gpg22), Bug Report

Wed, Nov 6

werner added a project to T4740: GnuPG: Invalid digest algorithm for new certifications made by old keys with GnuPG master: CVE.

That is due to the mitigation for CVE-2019-14855. I need to see how to find a more specific mitigation.

Wed, Nov 6, 4:25 PM · CVE, gnupg

Tue, Nov 5

werner committed rCfbb26c3ac514: Change license of dumpsexp.c to LGPL. (authored by werner).
Change license of dumpsexp.c to LGPL.
Tue, Nov 5, 12:45 PM

Mon, Nov 4

werner committed rG3ae5cefc64a8: po: Fix an accidentally translated keyword in zh_TW. (authored by werner).
po: Fix an accidentally translated keyword in zh_TW.
Mon, Nov 4, 10:19 AM
werner added a commit to T4737: gpg does not ask me again when an incorrect password is provided during `gpg --sign` on Chinese systems: rG3ae5cefc64a8: po: Fix an accidentally translated keyword in zh_TW..
Mon, Nov 4, 10:19 AM · Bug Report
werner closed T4737: gpg does not ask me again when an incorrect password is provided during `gpg --sign` on Chinese systems as Resolved.

Thanks for the report. I fixed this for the next 2.2 release and put a not in the source file to not translate the keyword.

Mon, Nov 4, 9:52 AM · Bug Report
werner committed rM067b1a73d986: doc: Note the need for a base tag. (authored by werner).
doc: Note the need for a base tag.
Mon, Nov 4, 9:22 AM

Thu, Oct 31

werner added a comment to T4735: Please provide an option to make --verify accept only signatures from specific trusted UID.

So you mean we should take the signer's UID (which can be part of the signature) into account when displaying the user id? Right now we display the primary UID followed by _all_ other user IDs so that the verifier has an overview of the associated user ids.

Thu, Oct 31, 9:58 AM · Feature Request
werner added a comment to rW270371dddd46: web: add wiki as explicit support link.

I don't think that pointing to the bug entry form is a good idea: It will make it easier to enter a bug without first checking whether this bug has already been entered. I agree with the other comments.

Thu, Oct 31, 9:52 AM

Tue, Oct 29

werner closed T4732: X.509 cert for openpgpkey.gnupg.org is expired as Resolved.

Dehydrated problem after the last server update: https://github.com/FlorentCoppint/dehydrated/commit/aed6f4ba06858c926042b95f1cef4a7a681ddf88

Tue, Oct 29, 10:39 AM · gpgweb, Bug Report
werner triaged T4733: pinentry-curses reveals pin as Normal priority.

Then better do not use a curses pinentry. It can't guarantee that another process changes the tty properties. For security reasons it is better to run the pinentry in a different window (ie. a GUI based pinentry).

Tue, Oct 29, 10:26 AM · MacOS, pinentry, Bug Report

Mon, Oct 28

werner added a comment to E556: Weekly Standup.

Last week:

  • Vacation
Mon, Oct 28, 7:50 AM
werner is attending E556: Weekly Standup.
Mon, Oct 28, 7:47 AM

Fri, Oct 25

werner closed T4727: GnuPG creates keys that it cannot use, likely related to AEAD as Invalid.

Please no reports for non-released devel versions.

Fri, Oct 25, 5:44 PM · Bug Report
werner triaged T4729: WKD via http_proxy does not work if DNS is broken/unavailable as Normal priority.
Fri, Oct 25, 11:01 AM · dns, gnupg (gpg23), dirmngr
werner triaged T4728: GnuPG fails to connect to 127.0.0.1 when many domains are specified in /etc/hosts as Normal priority.
Fri, Oct 25, 11:00 AM · gnupg (gpg23), dns, dirmngr

Wed, Oct 23

werner added a comment to T4726: auto-key-locate only works with raw e-mail addresses (not angle-brackets).

This is a misunderstanding. The extraction of mail addresses is only doe for key lookups on remote services. Thus the -r case is as intended.

Wed, Oct 23, 11:35 AM · gnupg (gpg22), wkd, Bug Report
werner closed T4725: Dubious filename in literal data packet when encrypting with GPGME/GnuPGv1.4.23 as Wontfix.

That seems to be gpg 1.4 which we do not fully support.

Wed, Oct 23, 11:32 AM · gpgme, Bug Report
werner closed T4722: Gmail by GoogleServer Error We're sorry, but Gmail is temporarily unavailable. We're currently working to fix the problem -- please try logging in to your account in a few minutes. as Spite.
Wed, Oct 23, 11:31 AM · Bug Report
werner closed T4724: https://twitter.com/charleslewisni4/status/1051021429637025792?s=20 as Spite.
Wed, Oct 23, 11:30 AM

Oct 21 2019

werner added a comment to E555: Weekly Standup.

Sorry, won't be able to attend today,

Oct 21 2019, 9:02 AM

Oct 17 2019

werner committed rG76d606d95dc1: doc: Typo fix for gpg.texi in desc of --local-sigs. (authored by werner).
doc: Typo fix for gpg.texi in desc of --local-sigs.
Oct 17 2019, 4:41 PM

Oct 16 2019

werner added a comment to T4713: Bug in get_best_pubkey_byname.

I also think this makes the most sense.

Oct 16 2019, 10:52 AM · Testing, gnupg (gpg23)

Oct 15 2019

werner changed the status of T4713: Bug in get_best_pubkey_byname from Testing to Open.

There are some problems with the definition of --locate-key. Further discussion required.

Oct 15 2019, 2:47 PM · Testing, gnupg (gpg23)