re. Moving from PGP to GnuPG and other questions ...
linux at codehelp.co.uk
Wed Apr 28 18:07:44 CEST 2004
On Wednesday 28 April 2004 3:14, Denis Green wrote:
> When I try to encrypt files using GPGtools, I get to
> select the file(to be encrypted), but when the
> " GPG Tools - Encrypt " window opens up, I don't see
> any public keys in the dialog box
That's because no public keys are set as trusted. If you have your own secret
key, import both the secret and public key and then use --edit-key to set
your own key to ultimate trust. GnuPG will check through the other keys in
the keyring and will only let you encrypt to those that can be trusted
(without using command-line options intended for secure environments). These
will be keys that you have already signed or keys that are signed by people
you have signed, etc.
There's no sense allowing encryption of sensitive data to a key that cannot be
trusted! If you override the GnuPG security using '--trust-model always' or
similar, you must still verify the key in some other manner.
Trust begins with the secret keys - those are presumably yours so if you have
the passphrase, these should be set as ultimate trust. I tend to consider
ultimate trust as only for keys with a usable secret key. All other keys then
have their trust calculated as starting from your ultimate keys, fully
trusted (allowing encryption), marginally trusted (needing an override but
still not recommended) or trust unknown (don't encrypt to these unless you
*really* know what you are doing). Other trust factors like revoked and
expired are hopefully clear in their meaning.
BTW. General question: will '--trust-model always' allow encryption to a
revoked key? i.e. after you've imported/refreshed the key with it's
revocation certificate. (I'd guess that it won't but haven't got any revoked
keys to test against.)
> What I've checked so far
If you can list keys then GPG is working. Issues about encryption are actually
> How does one denote "free as in free beer" (i.e.) Software
> not requiring payment, while writing to groups like this ?
shareware, proprietary, demo, trojan (!), virus, (!) . . .
Even shareware is proprietary - you don't generally have access to the source
code and you are not free to redistribute the program with or without
modifications either with or without payments - there are restrictions.
> [and how to distinguish **that** from Free as in Freedom of
> Speech ? -say a version of Linux that needs payment ]
A free software program that requires payment is still free software.
Think of 'free software' as one term, not two words.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Url : /pipermail/attachments/20040428/9d383b45/attachment-0001.bin
More information about the Gnupg-users