GPG on iMil.net http://imil.net/blog/tags/gpg/ Recent content in GPG on iMil.net Hugo en-us Wed, 10 Jun 2020 05:36:04 +0200 Testing GPG Keys With Docker... and fail http://imil.net/blog/posts/2020/testing-gpg-keys-with-docker/ Wed, 10 Jun 2020 05:36:04 +0200 http://imil.net/blog/posts/2020/testing-gpg-keys-with-docker/ <p>As a <a href="https://www.passwordstore.org/">password-store</a> user, <a href="https://gnupg.org/">GPG</a> is particularly important and sensitive, I use it for pretty much everything authentication / encryption related. Also, about a year ago I got myself a pair of <a href="https://www.yubico.com/products/">Yubikeys</a>, and they are now involved in <strong>all</strong> of the mentioned workflows.</p> <p>Now on the topic, as my keys are a crucial part of my online life, I wanted to make sure I had those backuped safely, and moreover, that this backup is usable in an empty environment by simply importing the public and private keys. Among the various possibilities, I thought firing up a basic <a href="https://www.docker.com/">docker</a> container with an interactive shell would be my fastest bet. How wrong I was.</p> multipart/encrypted et alpine http://imil.net/blog/posts/2012/multipartencrypted-et-alpine/ Tue, 21 Feb 2012 10:48:21 +0000 http://imil.net/blog/posts/2012/multipartencrypted-et-alpine/ <p>J&rsquo;utilise <a href="http://www.washington.edu/alpine/">Alpine</a> comme client mail depuis hmmm&hellip; 15 ans je pense. J&rsquo;aime bien Alpine. Oh pitié, épargnez-moi le couplet sur sa license, et <a href="http://www.washington.edu/alpine/overview/legal.html">renseignez-vous </a> avant de balancer du <a href="http://fr.wikipedia.org/wiki/Fear,_uncertainty_and_doubt">FUD</a>.</p> <p>J&rsquo;utilise Alpine donc. Je suis, vous vous en doutez, très satisfait de ce logiciel d&rsquo;une stabilité à toute épreuve qui gère mes boites mail fournies de centaines de milliers de mails (1997 - 2012) comme si elles en contenaient 12. Mais Alpine souffre d&rsquo;un problème millénaire: sa -non- gestion des RFC 2015/3156 i.e. les messages <em>multipart/signed et multipart/encrypted</em>. En effet, Alpine, comme nombre d&rsquo;autres <a href="http://en.wikipedia.org/wiki/Mail_user_agent">MUA</a> ne respectant pas cette RFC, signe ou chiffre via PGP/GPG dans le corps du message, par le biais d&rsquo;outils tiers tels que <a href="http://hany.sk/~hany/software/pinepgp/">pinepgp</a> ou <a href="http://dougbarton.us/PGP/ppf/">pine-pgp-filters</a>.</p>