Messenger: Delta Chat
Obwohl es mehr als genug Messenger gibt, überzeugt Delta Chat durch Benutzerfreundlichkeit und erprobte Technik.
> apt-listchanges: News
> debian-archive-keyring
> Certificate (keyring) files in /usr/share/keyrings now have the file extension .pgp, rather than .gpg.
Boo 
For years now I’ve had a bit of a bee under my cap: would it be possible to unlock a Vault file with a GnuPG-compatible smart card? And what if the smart card were local and the unlocking had to be triggered remotely?
Forwarding GnuPG agent over SSH
https://jpmens.net/2025/04/04/forwarding-gnupg-agent-over-ssh/
Edit: I have amended the sentence regarding distinct machines. Works fine on two different Linux boxes.
@Xeniax Totally nerdsniped :D I'd love to be a part of the study.
I don't think that #KeyServers are dead. I think they evolved into Verifying Key Servers (VKS), like the one run by a few folks from the OpenPGP ecosystem at https://keys.openpgp.org/about . More generally, I believe that #PGP / #GPG / #OpenPGP retains important use-cases where accountability is prioritized, as contrasted with ecosystems (like #Matrix, #SignalMessenger) where deniability (and Perfect Forward Secrecy generally) is prioritized. Further, PGP can still serve to bootstrap those other ecosystems by way of signature notations (see the #KeyOxide project).
Ultimately, the needs of asynchronous and synchronous cryptographic systems are, at certain design points, mutually exclusive (in my amateur estimation, anyway). I don't think that implies that email encryption is somehow a dead-end or pointless. Email merely, by virtue of being an asynchronous protocol, cannot meaningfully offer PFS (or can it? Some smart people over at crypto.stackexchange.com seem to think there might be papers floating around that can get at it: https://crypto.stackexchange.com/questions/9268/is-asynchronous-perfect-forward-secrecy-possible).
To me, the killer feature of PGP is actually not encryption per se. It's certification, signatures, and authentication/authorization. I'm more concerned with "so-and-so definitely said/attested to this" than "i need to keep what so-and-so said strictly private/confidential forever and ever." What smaller countries like Croatia have done with #PKI leaves me green with envy.
Duuz puääng eli täydet pisteet muuten saksalaisen #Filen-#pilvi-palvelun #asiakaspalvelu'lle. Valitin heille aamupäivällä, että vaikka he tarjoavat #Linux-työpöytäintegraatiota, #RPM-asennuspakettia ei ole #GPG-allekirjoitettu eli se ei ns. voimatoimitta asennu #openSUSE'en tai #Fedora'an. Jo iltapäivästä tuli vastaus: tiedossa on, ja korjataan ensi tilassa. #BoycottUSA #atkjuttuja
“Unless you are using #GPG, email is not end-to-end encrypted, & the contents of a message can be intercepted & read at many points, including on Google’s email servers,” said Eva Galperin, director of #cybersecurity at the Electronic Frontier Foundation.
#NationalSecurity experts have expressed alarm over the #Trump admin’s denial that the leaked #Signal chat contained #classified information.
#porkbun has #email with @protonprivacy, really affordably. So I switched my business mail to that, and I have it all setup in #emacs! :D @daviwil is a goddamned treasure. I would not be able to setup my workflow this well without Systems Crafters! I'm happy! I feel so #secure and #cozy, and I can do #gpg for a little extra. Just don't let crazy Christians on my e-mail chains. I don't want to pull a Hegseth.
#Gwit est un protocole de publication de contenus textuels (sites, documentation, etc) simplissime, pensé pour fonctionner essentiellement hors-ligne. Il est basé sur #Git et #PGP. Il permet de repartager des sites (même hors ligne) sans risque que le contenu ait été modifié
Pour le moment, seuls deux sites existent à ma connaissance ^^. Mais n'importe quel site statique léger peut facilement être "hébergé" sur Gwit.
gwit : https://sr.ht/~ivilata/gwit/
1/2
admin email public key #GPG
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEZ9LrwxYJKwYBBAHaRw8BAQdAR0WzceV3yBHwzyj0bgA4HxO5GXFjawU0+pfC
bbT2fD60L0J5emFudGluZSBOZXh1cyBBZG1pbiA8YWRtaW5AYnl6YW50aW5lbmV4
dXMuaW8+iJkEExYKAEEWIQTgTgBQhrPwCwUm6F+1hI+KU0bXdAUCZ9LrwwIbAwUJ
BaUBPQULCQgHAgIiAgYVCgkICwIEFgIDAQIeBwIXgAAKCRC1hI+KU0bXdIneAP0c
o0oLZOm61kn/CTdB2Yzq70oJbY8MGSBiBS2UiAwQ9QEA5L68kYOr+C2m9pxUhzCa
So+MO3NTBhai2hfDyrw2LQq4OARn0uvDEgorBgEEAZdVAQUBAQdAn0f8K1jCFlXj
G7q1dJ1gmjJbslyxROW5epwul+lUOx8DAQgHiH4EGBYKACYWIQTgTgBQhrPwCwUm
6F+1hI+KU0bXdAUCZ9LrwwIbDAUJBaUBPQAKCRC1hI+KU0bXdMwIAP94/es2lb+1
6SXryet+HOmpY+U41/v9o8aLF7KAhCIA6QD/cGDfdFBBg1mEWEZdI+7tCEieaAgS
0qrnFZJeDgt/7AA=
=y1x/
-----END PGP PUBLIC KEY BLOCK-----
Has anyone here on #fedi figured out the correct recipe for dealing with #OpenPGP, #DMARC and #mailman ?
The problem, by default mailman will modify messages and this will break the dkim signature.
https://gitlab.com/mailman/mailman/-/issues/1079
Mailman provides two DMARC mitigation options (other option is reject or discard which is not useful in this case).
1. Replace the from address with list address
2. Wrap original message in an envelope
thunderbird flags 1 and fails 2.
#askfedi #gnupg #gpg #thunderbird
@lns sorry, but no. gnupgp UX sucks so hard that even I don't get it without extensive internet searching.
And I heard horrible stuff about integration into programs, like that they need to kill the #gpg daemon regularly to make it work.
Let's rather invest our efforts into making modern alternatives like #rpgp and #rsop
https://crates.io/crates/rsop/ great.
Everybody should learn how to use GPG.
I made a guide, it's clumsy and sloppy but it's something.
This is for setting up GPG on Android for people who need secure communication that can't be shut down and doesn't rely on government services, especially trackable services.
foggyminds.com/extra/OpenKeyCh…
Tagging trans community because I think we need these networks for when things get worse.
Dringend nötig für die ganzen Telegram- und Insta-Fans in #Bremen 
IT-Sicherheit für #Aktivisti: Eine umfassende Einführung
Samstag, 01.03. 12:00-18:30, Infoladen Bremen
https://fomobremen.info/events/fffd9f3e-e864-4e5a-b7dc-d5487eed992a
To those still concerned with #Proton #ProtonMail: I've been trying out Lacre (https://lacre.io), which encrypts incoming #email with your #GPG key, on #Disroot. So far it has worked fairly well! If you have an account with them, see https://disroot.org/en/blog/disnews-24.11 for enrollment, though the admin had a backlog when I requested it... And if you don't, consider trying it out! (Custom domains are available: https://disroot.org/en/perks, which I have for my main email right now.)
#gpg is really annoying and hard to understand...
@jbz what I'd like to know is if I can run #ArcaOS in a VM or get a container version. I tried installing #eComStation from CD's in #VirtualBox, based on someone's video, but utterly failed.
All I really want to do is run an old version of #PGP so I can extract my keys and use them as the basis for new #GPG keys. Apparently GPG's backward compatibility only goes so far 
12.02.2025: GnuPG announces release of 2.5.4 for public testing, finalized PQC algorithms are supported.
Source: https://lists.gnupg.org/pipermail/gnupg-announce/2025q1/000490.html
PQC: https://wikipedia.org/wiki/Post-quantum_cryptography
GnuPG: https://mastodon.online/@blueghost/111974048270035570
Harvest now, decrypt later: https://mastodon.online/@blueghost/111357939714657018
#FOSDEM 2025 - anyone interested into #GPG key signing?
If you're interested:
* Provide a printed snippet of your fingerprint (gpg-key2ps)
* I will send you the signing to your email (instead of uploading them to key servers [gpg-mailkeys])
* You can find my key at https://gpg.gyptazy.com and you're allowed to upload them to key servers.
* Have you passport / ID card with you to validate your identity
* I'll probably be mostly in the #BSDDevroom but you can also ping me on Matrix
Happy key signing!
