mastodon.zunda.ninja is one of the many independent Mastodon servers you can use to participate in the fediverse.
Zundon is a single user instance as home of @zundan as well as a test bed for changes of the code.

Administered by:

Server stats:

1
active users

#librepgp

0 posts0 participants0 posts today
GnuPG<p><a href="https://mstdn.social/tags/GnuPG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GnuPG</span></a>'s "public testing release series" has a new version 2.5.7.</p><p><a href="https://lists.gnupg.org/pipermail/gnupg-announce/2025q2/000493.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">lists.gnupg.org/pipermail/gnup</span><span class="invisible">g-announce/2025q2/000493.html</span></a></p><p>Remember: </p><p>* It is for you, if you want to test the new <br>post-quantum cryptography (PQC) features<br>or the 64 Bit Windows support.</p><p>* The series features Kyber (FIPS-203) as PQC encryption algorithm.</p><p>A new Gpg4win 5 Beta is forthcoming in the next days.</p><p>Technical details: <a href="https://dev.gnupg.org/T7671" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">dev.gnupg.org/T7671</span><span class="invisible"></span></a></p><p><a href="https://mstdn.social/tags/LibrePGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LibrePGP</span></a> <a href="https://mstdn.social/tags/OpenPGPv4" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenPGPv4</span></a> <a href="https://mstdn.social/tags/EndtoEndCrypto" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EndtoEndCrypto</span></a></p>
GnuPG<p>The March release for <a href="https://mstdn.social/tags/GnuPG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GnuPG</span></a> in the PQC public testing release series is here: v2.5.5 only has a few fixes, but those seem important ... removing potential "hangs" 🧐 on windows and elsewhere.</p><p><a href="https://dev.gnupg.org/T7530" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">dev.gnupg.org/T7530</span><span class="invisible"></span></a><br><a href="https://lists.gnupg.org/pipermail/gnupg-announce/2025q1/000491.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">lists.gnupg.org/pipermail/gnup</span><span class="invisible">g-announce/2025q1/000491.html</span></a></p><p><a href="https://mstdn.social/tags/FreeSoftware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FreeSoftware</span></a> <a href="https://mstdn.social/tags/EndtoEndSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EndtoEndSecurity</span></a> <a href="https://mstdn.social/tags/LibrePGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LibrePGP</span></a> <a href="https://mstdn.social/tags/OpenPGPv4" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenPGPv4</span></a></p>
GnuPG<p>Better handling of certificates and public keys<br>with <a href="https://mstdn.social/tags/Gpg4win" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Gpg4win</span></a> v4.4.0's improved crypto manager _Kleopatra_.</p><p>It also comes with <a href="https://mstdn.social/tags/GnuPG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GnuPG</span></a> v2.4.7 for Windows. Workflows that profit from several signatures on a file<br>profit as well.</p><p><a href="https://gpg4win.org/version4.4.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">gpg4win.org/version4.4.html</span><span class="invisible"></span></a> &lt;-- see what else is new.</p><p><a href="https://mstdn.social/tags/LibrePGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LibrePGP</span></a> <a href="https://mstdn.social/tags/OpenPGPv4" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenPGPv4</span></a> <a href="https://mstdn.social/tags/EndtoEndCrypto" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EndtoEndCrypto</span></a> <a href="https://mstdn.social/tags/FreeSoftware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FreeSoftware</span></a></p>
GnuPG<p><a href="https://mstdn.social/tags/GnuPG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GnuPG</span></a> 2.4.6 is available. Accumulated fixes and small improvements over the last 7 months. There is even a new tool `gpg-mail-tube` to encrypt an email automatically in a pipe. Give it a try, especially if you use hardware tokens.</p><p><a href="https://lists.gnupg.org/pipermail/gnupg-announce/2024q4/000486.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">lists.gnupg.org/pipermail/gnup</span><span class="invisible">g-announce/2024q4/000486.html</span></a></p><p><a href="https://dev.gnupg.org/T7030" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">dev.gnupg.org/T7030</span><span class="invisible"></span></a></p><p><a href="https://mstdn.social/tags/FreeSoftware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FreeSoftware</span></a> <a href="https://mstdn.social/tags/EndtoEndSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EndtoEndSecurity</span></a> <a href="https://mstdn.social/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenPGP</span></a> <a href="https://mstdn.social/tags/LibrePGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LibrePGP</span></a></p>
PGPkeys EU<p>In recent weeks, a theoretical downgrade attack against the new default encryption mode used by GnuPG 2.5 has been published. This comes two years after a theoretical downgrade attack was announced against GnuPG's new default *signature* format. Both issues have been addressed in the latest update to the official OpenPGP specification, but GnuPG has declared that it will not implement the fixes.</p><p><a href="https://infosec.exchange/tags/gnupg" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gnupg</span></a> <a href="https://infosec.exchange/tags/openpgp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>openpgp</span></a> <a href="https://infosec.exchange/tags/librepgp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>librepgp</span></a> </p><p><a href="https://blog.pgpkeys.eu/security-issues-librepgp-2024-08.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.pgpkeys.eu/security-issue</span><span class="invisible">s-librepgp-2024-08.html</span></a></p>
Kai Engert 🔑✉️ (:KaiE)<p>If you use <a href="https://mastodon.social/tags/GnuPG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GnuPG</span></a> <a href="https://mastodon.social/tags/GPG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GPG</span></a>, and you would like to ensure interoperability with Thunderbird, you might consider to disable the use of <a href="https://mastodon.social/tags/LibrePGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LibrePGP</span></a> features, by using option --rfc4880 in your configuration (e.g. by adding a line with the word "rfc4880" to your gpg.conf file.)<br>At this time it is undecided whether future Thunderbird versions will support LibrePGP or the upcoming refresh of the <a href="https://mastodon.social/tags/IETF" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IETF</span></a> <a href="https://mastodon.social/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenPGP</span></a> specification, or both, or none of them. Hopefully we'll eventually see a new universal standard.</p>
GnuPG<p><a href="https://mstdn.social/tags/LibrePGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LibrePGP</span></a> is an alternative, updated specification of the <a href="https://mstdn.social/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenPGP</span></a> encryption standard. </p><p>Implementations like RNP (used by Thunderbird) and GnuPG (the crypto engine in Gpg4win) have working code in their implementations since 2018.</p><p>Read up on the different focus that <a href="https://librepgp.org/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">librepgp.org/</span><span class="invisible"></span></a> sets for updating <a href="https://mstdn.social/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenPGP</span></a>.</p>