Re: [SPAM?] Re: OT: Miro's PGP signature [Was: urlview not l…

Top Page
Attachments:
Message as email
+ (text/plain)
+ signature.asc (application/pgp-signature)
Delete this message
Author: Ben McGinnes
Date:  
To: mutt-users
Subject: Re: [SPAM?] Re: OT: Miro's PGP signature [Was: urlview not listing the links right]
On Wed, Sep 21, 2016 at 04:32:36PM -0500, Derek Martin wrote:
>
> FWIW, for me, every message in this thread that carried a signature
> verified correctly. I'm currently running mutt-1.5.21 with
> gpg-1.4.5. I should really update those... =8^)


Yes, especially GPG. There's nothing wrong with stiking with classic
(except for when people use elliptic curve keys), but there have been
a lot of improvements since 1.4.5, including a bunch of security
fixes. The most recent update was to address a vulnerability quite
recently, but just compiling 1.4.21 should be enough to keep
everything nice and safe.

Though I don't use it by default, I do always keep a copy of 1.4
active as a fallback (and for dealing with old archives when
necessary). Then I just moved the default directory for that to a
version specific directory, made a second one for 2.x and wrote a
couple of shell wrappers to call the different versions correctly
(with ~/.gnupg sym linked to ~/.gnupg2). This is fine on any Linux,
BSD, OS X or other POSIX system ... I'm going to assume Windows users
are less likely to be using Mutt and if that's wrong then they already
know how to "translate" this into their world.

bash-4.3$ gpg1 --version
gpg (GnuPG) 1.4.21
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /Users/ben/.gnupg1
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
bash-4.3$ gpg2 --version
gpg (GnuPG) 2.1.15
libgcrypt 1.7.3
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.


Home: /Users/ben/.gnupg2
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
bash-4.3$ 



Regards,
Ben