2.3.1: compilation result without dirmngr (due to --disable-ldap?)

Steffen Nurpmeso steffen at sdaoden.eu
Mon Aug 2 15:47:03 CEST 2021

Werner Koch wrote in
 <87v94p5zhk.fsf at wheatstone.g10code.de>:
 |On Wed, 28 Jul 2021 17:04, Steffen Nurpmeso said:
 |> and the compilation does not include dirmngr, making the entire
 |> installation useless.  (I personally still use gpg (GnuPG) 1.4.23,
 |I just tried with --disable-ldap and --disable-nls and can't see a
 |problem.  it the current master version though.

Fine this is fixed.

 |> i have not looked at the protocol, but sigh that not
 |> a standardized checksum over the email address was chosen, like
 |SHA-1 is a very standard algorithm and fully sufficient for the purpose
 |here; i.e. mapping a string to a fixed length identifier.  SHA-1 is
 |anyway a required part of OpenPGP and there have been no security
 |weaknesses found its use case as fingerprint algorithms.

Yes, no, my problem is about the the special z-base-32 step, for
which there is no tool around by default.  But i personally still
struggle with the base64 that SSH now uses for fingerprinting,
i find this very hard.  Yes i had seen discussion in the PGP IETF
list about such base'ing, but i _personally_ cannot grasp
z5fuz1m868tz5eeq3y86cnomqztbbyjd.  Now that i have RFC 6189
i could of course take the algorithm of section 5.1.6 and
implement it.  You know.  It is more like .. i did not understand
why so complicated as that is nowhere human anyway, is it?  Well,
unless you plan to use this way of hashing as a default in
a future GnuPG version of course.  (I personally would very much
favour these nice groups of four hexdecimal bytes, as can be
produced with --fingerprint (in 1.4.*), even though it gets very
lengthy with SHA-256 or longer, but people only look at the tail
and the front, and maybe snippets in the middle, i think that was
talked about in the IETF group like this, no? .. i can confirm.
Ok, maybe if grouped by four it would work out anyway, looking at
it.  But nonetheless.  If grouped by four i would _assume_ that
lower/upper would even help differentiating, ie, base64 because it
is in use quite often, with OpenSSH even in user view.  You know,
just doing echo BLA|sha1sum|base64 if you are on a Unix.
Whatever.  Greetings to NRW!)


|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)

More information about the Gnupg-devel mailing list