I’m delighted to announce that the OpenPGP implementation in #Conversations_im will see some love over the next ~6 months. Simultaneously, we will be laying the groundwork for OMEMO2 by implementing Stanza Content Encryption.

Thanks to funding from @nlnet and the European Commission.

https://nlnet.nl/project/Conversations-OpenPGP-refresh/

#XMPP #Jabber #OMEMO #OpenPGP

Установке и настройке Delta Chat

Delta Chat — мессенджер, работающий поверх стандартной электронной почты через протоколы IMAP/SMTP.

https://enep-home.ru/2026/04/09/%d1%83%d1%81%d1%82%d0%b0%d0%bd%d0%be%d0%b2%d0%ba%d0%b5-%d0%b8-%d0%bd%d0%b0%d1%81%d1%82%d1%80%d0%be%d0%b9%d0%ba%d0%b5-delta-chat/

#android #google #IMAP #iOS #linux #macOS #mail.ru #OpenPGP #rambler #SMTP #Windows #yandex #безопасность #белыйсписок #мессенджер# общениепочта #Роскомнадзор #установка

He leído por aquí varias veces que el cifrado de #Proton Mail solo funciona con Proton y NO es cierto:

- Proton utiliza #WebKeyDirectory para intentar localizar la clave pública del destinatario. (https://wiki.gnupg.org/WKD). De forma resumida: #WKD comprueba el dominio del destinatario por si tiene una web y esta tiene un directorio ".well-known/openpgpkey".

-- Si encuentra una clave pública que tenga la dirección de correo del destinatario asociada con su identidad, cifra el correo con ella.

- Si tienes un dominio propio pero no apunta a ninguna web, puedes apuntar al servidor de claves públicas de #OpenPGP.
(consulta "wkd as a service" https://keys.openpgp.org/about/usage/).

- Y sí, esto también funciona si usas un cliente de correo electrónico compatible con AutoCrypt. (Mozilla Thunderbird, FairEmail…).

Por estas cosas, pese a que Proton obviamente ha abusado del marketing, voy a seguir recomendándolo al público general.

#PGP

The road to post-quantum cryptography (PQC) has been long, but the end is nigh.

For the past nine months we’ve been working on technical debt issues in hockeypuck, resulting in the 2.3.x series of releases. This has included a major postgres schema redesign, in-place reloading, reindexing threads, configurable keyword search, and significant refactoring of hockeypuck’s internals. v2.3.3 is in final testing with the last of these improvements, and will be released soon.

But this is all just prep.

The goal is version 2.4, which will distribute v6 PGP keys, which support post-quantum algorithms for both encryption and signing. 2026 is the year of PQC in PGP, and the hockeypuck keyservers will be ready.

To enable the safe distribution of v6/PQC keys without breaking legacy software, we have developed an updated version of the venerable HKP API (for which HocKeyPuck is named). v1 and v2 HKP will be supported in parallel, but v6/PQC keys will only be distributed over v2.

HKPv2 is specified in https://datatracker.ietf.org/doc/html/draft-gallagher-openpgp-hkp and server implementation is underway in https://github.com/hockeypuck/hockeypuck/tree/feature/hkpv2 .

If you maintain PGP client software and wish to be PQC ready, now is the time to check out HKPv2 and what it means for your users. Join the discussion at https://groups.google.com/g/hockeypuck-devel

Hockeypuck v2.4 development is kindly supported by @NGIZero Core.

#openpgp #pgp #gnupg #pqc

I just released version 0.1.7 of rsop-oct, a stateless #OpenPGP ("SOP") CLI tool for use with OpenPGP card hardware devices:

https://crates.io/crates/rsop-oct/

Like its sibling project #rsop, rsop-oct is based on @rpgp

This update adds (initial) support for the SOP command 'update-key'.

This command allows extending the expiration times of components of an OpenPGP certificate using a primary key that is stored on an OpenPGP card device.

For more on #SOP, see https://datatracker.ietf.org/doc/draft-dkg-openpgp-stateless-cli/

#PGP #GnuPG

If you're using #gnupg with a keyserver for "gpg --refresh-keys" and you're running into the bug of getting aborted with "No data", this script is a good workaround for updating your keys of a single email domain using a (organization) key server:

https://codeberg.org/publicvoit/my-domain-gpg-refresh-keys.sh

Background: gnupg fetches keys in chunks (batches) and if a single chunk doesn't contain a single address found on the key server (because you got the keys elsewhere), the whole update process is aborted. 🤦‍♂️

#gpg #OpenPGP