Page 3 of 3 FirstFirst 123
Results 21 to 26 of 26

Thread: GPG agent and gpg from command line: cannot update my keys over http: HTTP fetch error 7

  1. #21
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: GPG agent and gpg from command line: cannot update my keys over

    On 2011-10-09 13:16, hcvv wrote:
    > And yes, I endorse "I think it is a piece of freedom to have privacy".
    > But most of us are to lazy ;(


    Few people using email understand pgp/gpg and how the "web of trust" works.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 11.4 x86_64 "Celadon" at Telcontar)

  2. #22
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    13,633
    Blog Entries
    3

    Default Re: GPG agent and gpg from command line: cannot update my keys over [SOLVED]

    Quote Originally Posted by stakanov View Post
    For everybody who does not use kgpg or enigmail: you should really consider to create your signature, make it sign by your friends and upload it on a keyserver.
    I have a key, and it is on the keyservers.

    I rarely use it.

    Most of the people that I communicate with do not use PGP (nor S/MIME). I have been unable to persuade them to adopt it.
    openSUSE Leap 15.2 RC; KDE Plasma 5.18.5;

  3. #23
    Join Date
    Jan 2009
    Location
    Somewhere in Fictionland
    Posts
    1,479

    Arrow Re: GPG agent and gpg from command line: cannot update my keys over [SOLVED]

    For years there has been a lobbying against private encryption. Reason was that the states (and I speak here about all the states) where fearing control loss more than the problems generated by the loss of privacy and by abuse. Today this situation has (at least in some countries) changed. The insight that the private life of people is a huge door to the professional one through social engineering has arrived even at governmental level. Now some government promotes publicly the use of GNUPG/PGP



    Now if you are a private citizen and not an IT pro, how come that you might find yourself “lost” when you use KGPG the first time? Lack of awareness (I was quite overwhelmed that people here that use openSUSE for so long did not know what GNUPG is good for). But as @nrickert well said, I made the very same experience, you teach people how to do it (because they do not approach it alone) and soon after they leave the good practice. Why this?



    There are a few points that I think could avoid this and that I found crucial for the “loss” of new users.

    1. KGPG makes a big fuzz in translation.
      I do not know about the English version but for sure in the Italian and for what I recall in the German version there is a translation that is unbelievably bad for the understanding of first time users.Already they are IMO a bit fuzzy all over the net when explaining the private key, public key concept (which could be done much easier). Second when the program imports or updates public keys it says: successfully imported 10 (as an example) secret keys. Now people in the how-to are told that the public key is to be shared and that the private key is to be hold secret. After this, how can they ever expect users to understand.
    2. The meaning and (IMHO) quite crucial importance of the use of encryption is too scarcely promoted by the distributions, e.g. there should be a key signing event in all major venues where openSUSE is present. I recall this point for the last FOSDEM. No visibility at all for the event, to be found between thousand voices, long time beforehand it had to be reserved for participation and the explanations where scarce and thought to be limited only for very little people that “already know”. I did not see any try to motivate users that where not aware of the uses of GNUPG and encryption. But this is my opinion, maybe somebody else is better informed. I find it always extremely difficult to be part of some key signing party and the information is always given only for who has already participated and the events are rare.
    3. There is AFAIK no nice tutorial when you open the first time the client of KGPG. It just takes you through the process but I think we would need a much better (first-time user friendly) approach for first time users. An approach that also explains the reasons and the advantages of the method (like a little animation or ogg?). And it should IMO part of every distribution of Linux that ships GNUPG and clients. Why? Because this was once all about free software in the sense of giving back the user the control over her/his system. So why not give back the control also over her/his email.




    BTW, after all this too long post: OTR encryption in kopete is great......albeit it is again IMO not enough promoted. Sorry for the length, but @nrkickert "triggered" this reflection as it was so similar to my experience.

  4. #24
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: GPG agent and gpg from command line: cannot update my keys over

    On 2011-10-10 09:56, stakanov wrote:
    > - The meaning and (IMHO) quite crucial importance of the use of
    > encryption is too scarcely promoted by the distributions, e.g.
    > there should be a key signing event in all major venues where
    > openSUSE is present.


    I have never seen a signing event.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 11.4 x86_64 "Celadon" at Telcontar)

  5. #25
    Join Date
    Jan 2009
    Location
    Somewhere in Fictionland
    Posts
    1,479

    Default Re: GPG agent and gpg from command line: cannot update my keys over

    Well, call it key signing parties or like the editor Heise (link unfortunately only available in German) through the Cebit presence and the "Krypto-Kampagne". This editor uses the event to constitute a kind of "proxy of a CA" by signing (after a careful check of the identity of the owner) they public key. The modalities of the check and of the handling are transparent and exposed on their site. At the FOSDEM there is also apparently (found out recently) a possibility to get the key signed by a multitude of other users (after a check of your ID). These are the signing events I talked about. I would suspect things like this could take place in Spain at Madrid at the Complutense or at the Carlos III University (just a guess, no clue if they do).



    Quote Originally Posted by robin_listas View Post
    On 2011-10-10 09:56, stakanov wrote:
    > - The meaning and (IMHO) quite crucial importance of the use of
    > encryption is too scarcely promoted by the distributions, e.g.
    > there should be a key signing event in all major venues where
    > openSUSE is present.


    I have never seen a signing event.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 11.4 x86_64 "Celadon" at Telcontar)

  6. #26
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    13,633
    Blog Entries
    3

    Default Re: GPG agent and gpg from command line: cannot update my keys over [SOLVED]

    I'm not sure why people are reluctant to use encryption. However, part of that may be due to the web.

    At one time, I posted a lot in usenet, and I often signed my posts. My ISP cut usenet support. I had already switch most of my online discussion to internet forums (such as this one), so I didn't bother looking for an alternative usenet provider.

    Online forums are not congenial to PGP signatures.
    openSUSE Leap 15.2 RC; KDE Plasma 5.18.5;

Page 3 of 3 FirstFirst 123

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •