@qbi This comparison seems to be very much promoting the RFC9580 proposal as opposed to the LibrePGP proposal and well established RFC4880 standard. It strikes me as a shot in the war caused by the OpenPGP standards schism[1].
#PGP bzw. genauer #OpenPGP gibt es in verschiedenen Standards:
- RFC 2440
- RFC 4880
- RFC 9580 und
- LibrePGP
Johannes Roth und Falko Strenzke haben die Unterschiede zwischen den wichtigsten Standards herausgearbeitet:
https://github.com/crypto-security-tools/OpenPGP-LibrePGP-comparison
The gnupg_import function that does not import if the keydata string starts with "-----BEGIN PGP MESSAGE-----" but works if the keydata starts with "-----BEGIN PGP PRIVATE KEY BLOCK-----" (I guess that was the same for the ending so I str_replace both) 😂
New blog article: "Using a second #OpenPGP card for my primary key"
https://openpgp.foo/posts/2025-07-a-second-card/
This is a rather niche article, but I hope it will still contain some bits of interest, for at least some readers 🤓.
In it, I import my primary OpenPGP key onto a second OpenPGP card hardware device, and use the device to issue a third-party certification with rsop-oct.
I also outline some background and tradeoffs around different OpenPGP card setup.
I just released version 0.1.3 of rsop-oct, a stateless #OpenPGP ("SOP") CLI tool for use with OpenPGP card hardware devices:
https://crates.io/crates/rsop-oct/
Like its sibling project #rsop, rsop-oct is based on @rpgp
This update adds support for the SOP command 'certify-userid'.
This allows issuing certifications (aka "third-party signatures") over identities in other people's OpenPGP certificates, directly with an OpenPGP card device.
For more on #SOP, see https://datatracker.ietf.org/doc/draft-dkg-openpgp-stateless-cli/
Stimmt doch bitte alle mal diesen Feature Request für #GLPI ab. #OpenPGP-Support innerhalb des Ticketsystems wäre eine wahnsinnig hilfreiche Sache.
https://glpi.userecho.com/communities/1/topics/886-please-add-pgp-support
Hello, it would be very nice if you add pgp/gpg support to sign/crypt/encrypt mails like other tools (eg otrs). Nowadays you don't know if that mail from our (IT)-Support or from somewhere else, so when it signed you know that. The same with encryption, when you write a ticket it is sometimes very helpfull to encrypt the mail (eg for password or tokens). best regards
A new report (commissioned by the German BSI) outlines the recent evolution of the #OpenPGP standard, including the new RFC 9580 and PQC drafts, as well as the spinoff "LibrePGP" draft that the GnuPG project writes.
(Announcement email: https://mailarchive.ietf.org/arch/msg/openpgp/2g_rjYBqwqKZE6OEgjNb0bFo098/)
Note that the document contains a one-page "Executive Summary", which (although quite technical) is worth a read.
[TL;DR: It raises concerns about the GnuPG draft's development process, as well as quality]
Created a FreeBSD port for openpgp-card-tools and put it on my Codeberg:
https://codeberg.org/Larvitz/openpgp-card-tools-freebsd-port
It's a command-line-utility (oct), written in Rust, to manage openpgp smartcards and compatible devices (yubikey, nitrokey etc).
Usage instructions are in the repositories readme file.
Bruce Walzer 🇨🇦
qbi
moulinux
Heiko
Computertruhe e. V.
るみ㌨Да:rumi_fan_mark:
Heals 
Larvitz 
