This is a short writeup about a new feature in the rsop CLI tool: Since version 0.8.0, rsop can decrypt a GnuPG-proprietary message encryption format. GnuPG sometimes produces non-standard encrypted messages # Unfortunately, under some circumstances, GnuPG produces encrypted messages that are not compatible with the OpenPGP standard. This issue started in its 2.4.x series. GnuPG calls its proprietary format “OCB encrypted data”. However, note that practically all big Linux distributions d...| OpenPGP.foo
This article outlines using the new rpgp CLI tool to inspect OpenPGP certificates (aka “public keys”)1. The rpgp tool is available as part of the rpgpie crate. This article describes the tool as of rpgpie version 0.6.6. rpgp can be installed with the Rust cargo tool like this: cargo install rpgpie --features=cli). Different views of OpenPGP certificate internals # The rpgp tool can show information about OpenPGP certificates in two different modes:| Blog on OpenPGP.foo
Personal blog: One more OpenPGP card # This is a writeup about my OpenPGP card setup. It’s a mix of general observations about OpenPGP card devices and a report about setting up a secondary OpenPGP card for myself. Disclaimer # This article describes a relatively involved setup consisting of two OpenPGP card hardware security devices. I’m describing this setup merely because it is what I currently use, not because I think anyone should mimic it. If you’d rather not use hardware cryptogr...| OpenPGP.foo
Post-quantum cryptography (PQC) # Post-quantum cryptography (PQC) is a branch of cryptography that develops algorithms which are thought to be secure against attacks using hypothetical quantum computers (which don’t exist right now, but may be developed in the future). Development and deployment of such algorithms defends against potential future attacks (in case relevant quantum computers materialize). Defense against potential future attacks with quantum computers is of particular interes...| OpenPGP.foo
