Mar 6 2019
Thank you very much for the analysis. I'll forward the info.
Mar 5 2019
The creating software is broken in regard to non-ASCII characters in the UID:
ssh does nut support brainpool curves and thus GnuPG does not know how to map its internal name of the curve to the name as specified by ssh. GnuPG supports these curves:
Jan 15 2019
So the output of this was
Jan 11 2019
Thanks @werner I will do tonight when connecting to my team mates PC.
Btw meanwhile I actually felt like I need to open next issue where I explain all my details
Your home is under /dev/ - really? Please run
Okay I think I got the root of the issue
When I did
brew reinstall gpg2
I saw this today
Jan 10 2019
Nov 20 2018
I'm closing this issues as "Invalid" because it is not an issue of Gpg4win. You can still comment and discuss here.
Nov 9 2018
First let me say that it is never a good Idea to use outdated / unmaintained security software. PGP Messages are external input and you pass that to unmaintained software.
Nov 8 2018
Fair enough. Let's wait and see what others think.
Also consider that it is possible to change the key usage flags. Thus it will never be clear whether one has a fixed or unfixed public key. I'd like to close this bug because it is currently also discussed in the IETF WG.
Nov 2 2018
Oct 30 2018
There is another argument for respecting the usage flags: it trims the admissible key space, if key ID in the PKESK packet is zero ('wild card') and thus all private keys have to be considered for decryption.
Oct 29 2018
I disagree, and you don't have to try to convince me, the decision is with werner. I just want to give my opinion:
Bug compatibility is nothing esoteric or bad especially for a general purpose backend tool like gnupg. Being open to accepting broken input is a good thing because it will mean that we can get people out of a "broken tool vendor lock in".
i agree with @Valodim that it would be better to not have a warning at all for an attempt to decrypt from secret key whose public key has never been marked as valid for encryption. A strict failure there (as with a strict failure for lack of mdc) is a better scenario than a warning. If the user controls the secret key and they decide they want to be able to decrypt with it, they should be able to mark it as decryption-capable (if that's really what they want) and retry. But this is an action only for experts.
The same *cannot* be said for a subkey that is marked specifically for certification or signing, and not for decryption.
I understand the real world requirement for decrypting messages that have been encrypted to a revoked or expired key.
I don't see a problem. If you have the private key you can and will use it. I guess your concern is an oracle?
Apr 17 2018
Aug 3 2017
The platform is illumos, a fork of OpenSolaris.
Jul 18 2017
Jul 17 2017
No. But as of 3.0 GpgOL for Outlook 2003 and 2007 is no longer maintained and the support for this will be removed in some future version. This bug only affects new installations of GpgOL on the unmaintained (by Microsoft) Outlook 2003 and Outlook 2007 Versions. So -> Wontfix.
@aheinecke did you change the default?
werner says it's not a bug.
Jul 13 2017
I am closing this, because this particular change was rejected. Eventually libtool might get updated on its own merits, so no need to track this here.
Jul 7 2017
--with-fingerprint is an option to modify the output of --list-keys and not a command. There are other --with-xxxx options for other purposes. There is no command to list a keyring. This is why gpg meanwhile prints a warning when used without a command.
I don't think anyone is suggesting the use of gpg without a command. However, use WITH the --with-fingerprint command seems to be broken. Thank you for providing a correct way of doing what we want, but please either explain why the use of the --with-fingerprint command isn't working, or put this back as a bug.
The use of gpg without a command is simply wrong. This has never been specified and could actually lead to surprises.
You need to import the key first and then look at it with -k (--list-keys) or --fingerprint.
Jul 1 2017
or am i missing something here?
Jun 28 2017
Jun 23 2017
Solution has been given: Use "gpg.conf-1" for gpg 1.4
Jun 22 2017
Nobody started to hack on it in two years, and buried in this bug report nobody will find it. If this is still a desirable task, a new ticket should be opened.
Jun 14 2017
Jun 13 2017
and the platform is ...
Jun 12 2017
Jun 9 2017
The version of libtool that you ship does not have the necessary patches required to support my platform. Normally this isn't a problem because autogen.sh (or autoreconf) will update it.
You may not run your own version of libtool or libtoolize. Only the maintainer updates the autotools related files including libtool. This is to avoid bugs stemming from different or broken versions of autotools. This makes it much easier to reproduce bugs.