tag:gpgtools.tenderapp.com,2011-11-04:/discussions/feedback/2266-when-will-you-start-using-gnupg-21xGPGTools: Discussion 2017-09-11T14:31:53Ztag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-02-20T16:26:54Z2017-02-20T16:26:54ZWhen will you start using GnuPG 2.1.x<div><p>Hey Bob,</p>
<p>no we can not. At the moment the priority is to stabilize
GPGMail on macOS 10.12. So GnuPG 2.1 is something we will look into
once GPG Suite reaches stable on 10.12.</p>
<p>Kindly,<br>
steve</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-02-21T20:30:20Z2017-02-21T20:30:20ZWhen will you start using GnuPG 2.1.x<div><p>Really looking forward using 2.1.x.<br>
Considering the 2.0.x branch will reach end-of-life in 12/2017, I
hope you “stabilise” soon and we have 2.1.x running by
then.</p>
<p>Nevertheless,<br>
thx for your reply and<br>
thank you to all of you for your work!</p></div>Bobtag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-02-22T15:15:47Z2017-02-22T15:15:47ZWhen will you start using GnuPG 2.1.x<div><p>Bob, we have a ticket for this problem. I connected this
discussion with the existing ticket. That means, should this
discussion get closed, it will be re-opened as soon as the ticket
is closed. That way you'll stay in the loop and get notified as
soon as we have news. Feel free to open a new discussions should
you run into further problems or need assistance.</p>
<p>And thanks a lot for your kind words.</p>
<p>Kindly,<br>
steve</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-06-13T21:04:40Z2017-06-13T21:04:40ZWhen will you start using GnuPG 2.1.x<div><p>Hi Bob,</p>
<p>we have a first <a href="https://releases.gpgtools.org/nightlies/GPG_Suite-gnupg2.1-3n.dmg">GPG Suite</a> test build which integrates gpg 2.1. Here is the <a href="https://releases.gpgtools.org/nightlies/GPG_Suite-gnupg2.1-3n.dmg.sig">signature file</a> for that release.</p>
<p>It would be great if you could test this build and let us know if run into any trouble. Please note, that downgrading to the current beta release will require additional steps in case new keys were created using this test build. Depending on the test results, gpg 2.1 may soon land in the beta branch.</p>
<p>All the best,<br>
steve</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-06-14T04:55:16Z2017-06-14T04:55:16ZWhen will you start using GnuPG 2.1.x<div><p>Hi Steve,</p>
<p>thanks for the update. I will try and keep you posted.</p></div>Bobtag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-06-14T06:48:01Z2017-06-14T06:48:01ZWhen will you start using GnuPG 2.1.x<div><p>Cool. Looking forward to your feedback.</p>
<p>Have a great day,<br>
steve</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-06-16T15:38:05Z2017-06-16T15:38:07ZWhen will you start using GnuPG 2.1.x<div><p>Hi Steve!</p>
<p>today I gave version 2.1 (3n) a try:<br>
- Installation was flawless. - All keys (public and private) of my previous 2.1.30 installation are all recognised.</p>
<p>A minor issue in System Preferences / Settings:<br>
- my previously set keyserver (‘hkps://hkps.pool.sks-keyservers.net’) seems not to work</p>
<p>Some major issues in Apple Mail:<br>
I have multiple keys (multiple email addresses and on RSA and EC per address)<br>
1) all combinations of email addresses and private keys are available in the “sender field” -- that's cool (in 2.0.30 I used only one key per address, so I didn't realise this feature if it has been there already)<br>
2) when sending a signed email, I will always be asked to enter the password of the same key, no matter what the default key (in System Preferences / ‘gpg.conf’) is, or which address/key combination I have chosen to send -- bad<br>
3) if the recipients also has multiple keys for the same email address I have no possibility to chose the encryption key -- not so good<br>
4) can we set a recipients default key?</p>
<p>If I find any further issues, I keep you posted.<br>
If you have a new version, please let me know.</p>
<p>Thx so far ...</p></div>Bobtag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-06-16T16:46:36Z2017-06-16T16:46:38ZWhen will you start using GnuPG 2.1.x<div><p>More news.</p>
<p>I sent a signed email (sender address “A”, key “A2” EC) to myself (recipient address “B”, key “B1” RSA):<br>
- when selecting the message in the inbox message list (not sent!) I will be prompted to enter the passphrase for key “A2” - Why not for “B1”? - Shouldn't it be “A2” when selecting the message in the sent message list? - if no passphrase is entered (clicked the “cancel” button), the message will be shown decrypted anyway (obviously the passphrase is still in cache), but the padlock symbol is closed/locked - I will try after a reboot (so the cache should be empty, I didn't store the passphrase in my macOS keychain)</p></div>Bobtag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-06-16T17:17:53Z2017-06-16T17:17:54ZWhen will you start using GnuPG 2.1.x<div><p>I just found out that what I observed (and described in #2 of my post from Jun 16, 2017 @ 05:38 PM) is obviously already known: <a href="https://gpgtools.tenderapp.com/discussions/beta/1857-mail-signing-uses-wrong-key">https://gpgtools.tenderapp.com/discussions/beta/1857-mail-signing-u...</a></p>
<p>keep up the good work -- looking forward to your solution</p></div>Bobtag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-06-18T17:09:19Z2017-06-18T17:09:19ZWhen will you start using GnuPG 2.1.x<div><p>Hi Bob,</p>
<p>thanks very much for your feedback.</p>
<ol>
<li>System Preferences > GPG Suite</li>
</ol>
<p>We were able to reproduce issues when trying to switch to any of the hkp key servers. But the default hkps key server is actually working as expected. Can you confirm this observation? If not, what issues are you seeing using the default hkps key server?</p>
<p>We have a ticket for the problem regarding the hkp: key servers. I connected this discussion with the existing ticket. That means, should this discussion get closed, it will be re-opened as soon as the ticket is closed. That way you'll stay in the loop and get notified as soon as we have news. Feel free to open a new discussions should you run into further problems or need assistance.</p>
<ol>
<li>Random key selection</li>
</ol>
<p>This is actually a known issue with the 10.12 beta. I also connected this discussion with the according ticket for that, so we can update you, once a fix is available. That problem is not connected to the gpg 2.1 update but is a bug in GPGMail beta.</p>
<p>Again, thanks for taking the time to test and providing feedback.</p>
<p>Kind regards,<br>
steve</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-06-19T09:05:45Z2017-06-19T09:05:45ZWhen will you start using GnuPG 2.1.x<div><p>Regarding the key server issue:</p>
<ul>
<li>open new finder window</li>
<li>press ⇧⌘G and paste the following <code>~/.gnupg</code></li>
</ul>
<p>Then check if a file called 'dirmngr.conf' exists in that folder.</p>
<p>If that file does not exist at that location, please do the following:</p>
<ul>
<li>open new finder window</li>
<li>press ⇧⌘G and paste the following <code>/usr/local/MacGPG2/share/ca-certs.crt</code></li>
</ul>
<p>And attach that file to this discussion by visiting it in your browser.</p>
<p>I'm setting this discussion to "private". That means only our core-team and the company hosting this support platform are able to access this discussion.</p>
<p>All the best,<br>
steve</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-06-19T20:22:49Z2017-06-19T20:22:53ZWhen will you start using GnuPG 2.1.x<div><p>Hi Steve,</p>
<p>I experienced problems with earlier installations of 2.1.x (since .16 or 17 if i recall correctly). I also have a ‘ca-cert’ from a pervious install of “GnuPG for OS X” (<a href="https://sourceforge.net/p/gpgosx/docu/Download/">https://sourceforge.net/p/gpgosx/docu/Download/</a>)<br>
<em>-rw-r--r-- 1 root wheel 270213 May 27 13:13 ca-certs.crt</em> which differs from the one of your 3n version (at least in size):<br>
<em>-rw-r--r-- 1 root wheel 272197 Jun 16 16:44 ca-certs.crt</em> I'm attaching both of them (your server didn't want them -- see screendump, so I renamed them to ‘...txt’)</p>
<p>I also have a certificate (‘sks-keyservers.netCA.pem’) which I do not exactly where I downloaded from, but I was pretty sure that the source was trustable. It is referenced in my ‘dirmngr.conf’ but is currently deactivated for obvious reasons.</p>
<p>After all, I have to confess my ‘.gnupg’ directory (for version 2.1.21) already existed, so it can easily be, that there is a little file-fuss which I would happily correct if provided with good instructions.</p>
<p>BTW: there is also a remnant of 2.0.30 in ‘.gnupg/gpg.conf’ regarding keyservers:<br>
<em>keyserver hkps://hkps.pool.sks-keyservers.net</em> which might be eliminated after all?</p>
<p>PS.: I'm sorry I didn't do exactly as you requested but I thought in my situation it was better this way.</p></div>Bobtag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-06-20T10:39:48Z2017-06-20T11:28:58ZWhen will you start using GnuPG 2.1.x<div><p>Hey Bob,</p>
<p>can you please rename your .gnupg folder (to have a backup you can then later use again). Then restart your system and see if the key servers are working as expected.</p>
<p>Currently gpg.conf is used for key server options. dirmngr.conf should not exist when using our MacGPG 2.1.</p>
<p>/usr/local/MacGPG2/share/ca-certs.crt is created when installting MacGPG2.1, it contains the root-certs from macOS. MacGPG 2.1 uses that file as a default.</p>
<p>/usr/local/MacGPG2/share/gnupg/sks-keyservers.netCA.pem is part of MacGPG 2.1 and also added to ca-certs.crt .</p>
<p>Let us know how that goes.</p>
<p>All the best,<br>
steve</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-06-20T10:46:10Z2017-06-20T10:46:12ZWhen will you start using GnuPG 2.1.x<div><p>Hi Steve,</p>
<p>I'll do as you wrote and start with a clean setup of GPGTools (3n). Will check how everything works before I merge my own files and settings.</p>
<p>I can give you my feedback later this day.</p></div>Bobtag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-06-20T11:25:38Z2017-06-20T11:25:38ZWhen will you start using GnuPG 2.1.x<div><p>Please do not use the 3n build. That was the very first test build for 2.1. Instead use the latest nightly build which now uses gpg 2.1 from here:<br>
<a href="https://releases.gpgtools.org/nightlies/">https://releases.gpgtools.org/nightlies/</a></p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-06-20T19:45:45Z2017-06-20T19:45:47ZWhen will you start using GnuPG 2.1.x<div><p>Hi Steve!</p>
<p>I did a clean install with 1922n.</p>
<p>As for the keyserver thing:<br>
- After a clean install with default, everything worked fine and as expected. - After restoring my ‘.gnupg’ directory and a little bit of cleanup (removing broken pipes ‘S.*’ and file ‘dirmngr.conf’, setting the keyserver “hkps://hkps.pool.sks-keyservers.net” in my ‘gpg.conf’), no problems either.</p>
<p>Thanks for clarification.<br>
Sorry for the confusion with my messed-up settings.</p></div>Bobtag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-06-20T19:47:33Z2017-06-20T19:47:33ZWhen will you start using GnuPG 2.1.x<div><p>Thanks for the feedback. So we're down to the remaining known issue of random key selection when more then one key exists for the same email address.</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-06-20T19:50:02Z2017-06-20T19:50:02ZWhen will you start using GnuPG 2.1.x<div><p>To workaround that, you may want to temporarily disable all but one key for that email address. That way you can make sure the correct key is used. You can do that in GPG Keychain by double clicking the key and then tick the disable option on the first tab.</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-06-20T21:28:22Z2017-06-20T21:28:23ZWhen will you start using GnuPG 2.1.x<div><p>Didn't realise that this option exists. I had temporarily removed my additional private keys (which is much easier with version 2.1.x than before due to the new storage format).</p>
<p>Thanks and looking forward for your next “output”.</p></div>Bobtag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-06-21T08:18:55Z2017-06-21T08:18:55ZWhen will you start using GnuPG 2.1.x<div><p>Great, I'm closing this discussion for now. It will be re-opened once the key selection bug has been fixed.</p>
<p>You can re-open or file a new discussion anytime.</p>
<p>Have a great day,<br>
steve</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-08-25T20:59:05Z2017-08-25T20:59:05ZWhen will you start using GnuPG 2.1.x<div><p>Hi Bob,</p>
<p>good news - the issue where key selection in the From: field was ignored when more than one secret key existed for the same email address, has been fixed. If you want to test the fix, please download our <a href="https://releases.gpgtools.org/nightlies/">latest nightly GPG Suite</a>. That page also has sig and SHA1 to verify the download.</p>
<p>Best, steve</p>
<p>Disclaimer: This is a development version which has not been thoroughly tested yet, so bugs or crashes are to be expected. Thanks for helping us test this fix.</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-08-26T11:21:45Z2017-08-26T11:21:47ZWhen will you start using GnuPG 2.1.x<div><p>Hi Steve!</p>
<p>Mail does now respect the default key selection from System Preferences.</p></div>Bobtag:gpgtools.tenderapp.com,2011-11-04:Comment/418140982017-08-26T12:46:39Z2017-08-26T12:46:39ZWhen will you start using GnuPG 2.1.x<div><p>Thanks for your feedback. That is good news.</p>
<p>I'm closing this discussion. Should you need further assistance or have questions you can re-open this discussion here or open a new one any time.</p>
<p>Best, steve</p></div>Steve