mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-02 12:01:32 +01:00
See ChangeLog: Mon Sep 6 19:59:08 CEST 1999 Werner Koch
This commit is contained in:
parent
d49d30d788
commit
4a3291c4db
13
AUTHORS
13
AUTHORS
@ -52,21 +52,22 @@ koch@hsp.de
|
||||
|
||||
|
||||
TRANSLATIONS Gregory Steuck 1998-10-20
|
||||
Disclaimer. [ru?]
|
||||
Disclaimer. [ru]
|
||||
steuck@iname.com
|
||||
|
||||
|
||||
TRANSLATIONS Urko Lusa Okay
|
||||
es_ES.po
|
||||
TRANSLATIONS Urko Lusa
|
||||
Disclaimer. [es_ES]
|
||||
ulusa@lacueva.ddns.org
|
||||
|
||||
|
||||
TRANSLATIONS Thiago Jung Bauermann Okay
|
||||
pt_BR.po
|
||||
TRANSLATIONS Thiago Jung Bauermann
|
||||
Disclaimer. [pt_BR]
|
||||
jungmann@cwb.matrix.com.br
|
||||
|
||||
|
||||
TRANSLATIONS Janusz Aleksander Urbanowicz 1999-01-09
|
||||
pl.po
|
||||
Disclaimer. [po]
|
||||
alex@bofh.torun.pl
|
||||
|
||||
|
||||
|
12
BUGS
12
BUGS
@ -44,4 +44,14 @@ and after about half a day in the rsync snapshots.
|
||||
Solaris make has problems with the generated POTFILES - seems to be a
|
||||
gettext bug. Use GNU gmake as a workaround.
|
||||
|
||||
Next #23
|
||||
[ *] #23 1999-09-03 <todd.brooks@yale.edu> 0.9.11
|
||||
Only the first signature of a cleartext sig seems to be verified.
|
||||
Can't fix it in 1.0 because the code is semi-frozen.
|
||||
|
||||
[ *] #24 1999-09-05 <marcus@yoyo.cc.monash.edu.au> 0.9.11
|
||||
Does not link libc and libz expect when removing all "-lc -lz" except
|
||||
for the last one. This happens on some systems when not using the
|
||||
GNU ld. This need to be fixed in libtool.
|
||||
|
||||
|
||||
Next #25
|
||||
|
@ -1,3 +1,11 @@
|
||||
Mon Sep 6 19:59:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
|
||||
|
||||
|
||||
* configure.in: Create makefile in doc/gph
|
||||
|
||||
* acinclude.m4 (GNUPG_FUNC_MKDIR_TAKES_ONE_ARG): New
|
||||
* configure.in: use the above.
|
||||
|
||||
Thu Sep 2 16:40:55 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
|
||||
|
||||
|
||||
|
14
INSTALL
14
INSTALL
@ -55,6 +55,20 @@ assembler replacements are in C and in mpi/generic; never delete udiv-qrnnd.S
|
||||
in any CPU directory, because there may be no C substitute.
|
||||
Don't forget to delete "config.cache" and run "./config.status --recheck".
|
||||
|
||||
Some make tools are broken - the best solution is to use GNU's make. Try
|
||||
gmake or grab the sources from a GNU archive and install them.
|
||||
|
||||
On some OSF you may get unresolved externals. This is a libtool problem and
|
||||
the workaround is to manually remove all the "-lc -lz" but the last one from
|
||||
the linker line and execute them manually.
|
||||
|
||||
On some architectures you get warnings like:
|
||||
longlong.h:175: warning: function declaration isn't a prototype
|
||||
or
|
||||
http.c:647: warning: cast increases required alignment of target type
|
||||
This doesn't matter and we know about it (actually it is due to the some
|
||||
warning options which we have enabled for gcc)
|
||||
|
||||
|
||||
The Random Device
|
||||
=================
|
||||
|
2
NEWS
2
NEWS
@ -337,7 +337,7 @@ Noteworthy changes in version 0.4.0
|
||||
* detached and armored signatures are now using "PGP SIGNATURE",
|
||||
except when --rfc1991 is used.
|
||||
|
||||
* All times which are not in the yyy-mm-dd format are now printed
|
||||
* All times which are not in the yyyy-mm-dd format are now printed
|
||||
in local time.
|
||||
|
||||
|
||||
|
4
OBUGS
4
OBUGS
@ -25,10 +25,10 @@
|
||||
OOPS in close enum_keyblocks - ignored
|
||||
[gdbm is experimental and will be replaced by the new keybox code]
|
||||
FIX: 1999-07-22 (Fixed the second error, there will be no fix for
|
||||
the first one, becuase GDBM is to be replaced)
|
||||
the first one, because GDBM is to be replaced)
|
||||
|
||||
[ *] #7 1999-02-22 <dwpalmer@dwpalm.jf.intel.com> 0.9.3
|
||||
Conventional encrytion incompatibilty:
|
||||
Conventional encryption incompatibility:
|
||||
$ gpg -c --cipher-algo cast5 --compress-algo 1 --no-comment secrets.txt
|
||||
Creates a file that gpg can decrypt, but PGP 5.5 has problems with it.
|
||||
PGP decrypts 6416k out of 6424k, then complains with "PGP Warning",
|
||||
|
111
README
111
README
@ -2,21 +2,17 @@
|
||||
|
||||
GnuPG - The GNU Privacy Guard
|
||||
-------------------------------
|
||||
Version 0.9.11
|
||||
Version 1.0
|
||||
|
||||
GnuPG is a tool for secure communication and data storage. It
|
||||
can be used to encrypt data and to create digital signatures.
|
||||
GnuPG is GNU's tool for secure communication and data storage.
|
||||
It can be used to encrypt data and to create digital signatures.
|
||||
It includes an advanced key management facility and is compliant
|
||||
to the proposed OpenPGP Internet standard as described in RFC2440.
|
||||
with the proposed OpenPGP Internet standard as described in RFC2440.
|
||||
|
||||
GnuPG is now in Beta test and you should report all bugs to the
|
||||
mailing list (see below). The 0.9.x versions are released mainly
|
||||
to fix all remaining serious bugs. As soon as version 1.0 is out,
|
||||
development will continue with a 1.1 series and bug fixes for the
|
||||
1.0 version as needed.
|
||||
|
||||
GnuPG works best on GNU/Linux or *BSD. Other Unices are
|
||||
also supported but are not as well tested as the Free Unices.
|
||||
GnuPG works best on GNU/Linux or *BSD systems. Most other Unices
|
||||
are also supported but are not as well tested as the Free Unices.
|
||||
See http://www.gnupg.org/gnupg.html#supsys for a list of systems
|
||||
which are known to work.
|
||||
|
||||
See the file COPYING for copyright and warranty information.
|
||||
|
||||
@ -32,7 +28,7 @@
|
||||
algorithms are: 3DES, Blowfish, CAST5 and Twofish (GnuPG does not
|
||||
yet create Twofish encrypted messages because there is no agreement
|
||||
in the OpenPGP WG on how to use it together with a MDC algorithm)
|
||||
Digest algorithms available are MD5, RIPEMD160, SHA1, and TIGER/192.
|
||||
Digest algorithms available are MD5, RIPEMD160 and SHA1.
|
||||
|
||||
|
||||
Installation
|
||||
@ -58,8 +54,8 @@
|
||||
|
||||
7) You end up with a "gpg" binary in /usr/local/bin.
|
||||
Note: Because some old programs rely on the existence of a
|
||||
binary named "gpgm"; you should install a symbolic link
|
||||
from gpgm to gpg:
|
||||
binary named "gpgm" (which was build by some Beta versions
|
||||
of GnuPG); you may want to install a symbolic link to it:
|
||||
"cd /usr/local/bin; ln -s gpg gpgm"
|
||||
|
||||
8) To avoid swapping out of sensitive data, you can install "gpg" as
|
||||
@ -127,7 +123,7 @@
|
||||
|
||||
$ md5sum gnupg-x.y.z.tar.gz.sig
|
||||
|
||||
This should yield an output similar to this:
|
||||
This should yield an output similar_to this:
|
||||
|
||||
fd9351b26b3189c1d577f0970f9dcadc gnupg-x.y.z.tar.gz
|
||||
|
||||
@ -135,18 +131,30 @@
|
||||
published via the announcement list and probably via Usenet.
|
||||
|
||||
|
||||
Introduction
|
||||
------------
|
||||
|
||||
A draft version of the manual is included in the subdirectory doc
|
||||
and some HOWTO documents are available online; dor a listing see:
|
||||
Documentation
|
||||
-------------
|
||||
|
||||
A draft version of the manual is included in the subdirectory doc/gph.
|
||||
The supplied version is rendered in HTML and you may access it with any
|
||||
browser (e.g.: lynx doc/gpg/index.html). The GnuPG webpages have a link
|
||||
to the latest development version and you may want to read those instead.
|
||||
|
||||
A couple of HOWTO documents are available online; for a listing see:
|
||||
|
||||
http://www.gnupg.org/docs.html#howtos
|
||||
|
||||
A man page with a description of all commands and options gets installed
|
||||
along with the program.
|
||||
|
||||
|
||||
Introduction
|
||||
------------
|
||||
|
||||
Here is a brief overview on how to use GnuPG - it is strongly suggested
|
||||
that you read the manual and other information about the use of
|
||||
cryptography. GnuPG is only a tool, secure results require that YOU
|
||||
KNOW WHAT YOU ARE DOING.
|
||||
cryptography. GnuPG is only a tool, secure usage requires that
|
||||
YOU KNOW WHAT YOU ARE DOING.
|
||||
|
||||
If you already have a DSA key from PGP 5 (they call them DH/ElGamal)
|
||||
you can simply copy the pgp keyrings over the GnuPG keyrings after
|
||||
@ -459,41 +467,15 @@
|
||||
detailed information about the errors.
|
||||
|
||||
|
||||
Esoteric commands
|
||||
-----------------
|
||||
How to Get More Information
|
||||
---------------------------
|
||||
|
||||
gpg --list-packets datafile
|
||||
|
||||
Use this to list the contents of a data file. If the file is encrypted
|
||||
you are asked for the passphrase, so that GnuPG is able to look at the
|
||||
inner structure of a encrypted packet. This command should list all
|
||||
kinds of rfc2440 messages.
|
||||
|
||||
gpg --list-trustdb
|
||||
|
||||
List the contents of the trust DB in a human readable format
|
||||
|
||||
gpg --list-trustdb <usernames>
|
||||
|
||||
List the tree of certificates for the given usernames
|
||||
|
||||
gpg --list-trust-path username
|
||||
|
||||
List the possible trust paths for the given username. The length
|
||||
of such a trust path is limited by the option --max-cert-depth
|
||||
which defaults to 5.
|
||||
|
||||
For more options/commands see the man page or use "gpg --help".
|
||||
|
||||
|
||||
Other Notes
|
||||
-----------
|
||||
|
||||
The primary FTP site is "ftp://ftp.gnupg.org/pub/gcrypt/"
|
||||
The primary WWW page is "http://www.gnupg.org"
|
||||
The primary FTP site is "ftp://ftp.gnupg.org/pub/gcrypt/"
|
||||
|
||||
See http://www.gnupg.org/mirrors.html for a list of FTP mirrors
|
||||
and use them if possible.
|
||||
and use them if possible. You may also find GnuPG mirrored on
|
||||
some of the regular GNU mirrors.
|
||||
|
||||
We have some mailing lists dedicated to GnuPG:
|
||||
|
||||
@ -515,19 +497,22 @@
|
||||
|
||||
Please direct bug reports to <gnupg-bugs@gnu.org> or post
|
||||
them direct to the mailing list <gnupg-devel@gnupg.org>.
|
||||
Please direct questions about GnuPG to the users mailing list or
|
||||
one of the pgp newsgroups to give me more time to improve
|
||||
GnuPG. Commercial support for GnuPG is also available; please
|
||||
see the GNU service directory or search other resources.
|
||||
|
||||
Have fun and remember: Echelon is looking at you kid.
|
||||
Please direct questions about GnuPG to the users mailing list or
|
||||
one of the pgp newsgroups; please do not direct questions to one
|
||||
of the authors directly as we are busy working on improvements
|
||||
and bug fixes. Both mailing lists are watched by the authors
|
||||
and we try to answer questions when time allows us to do so.
|
||||
|
||||
Commercial grade support for GnuPG is available; please see
|
||||
the GNU service directory or search other resources.
|
||||
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
Version: GnuPG v0.9.10 (GNU/Linux)
|
||||
Version: GnuPG v0.9.11 (GNU/Linux)
|
||||
Comment: For info see http://www.gnupg.org
|
||||
|
||||
iQB1AwUBN86L1h0Z9MEMmFelAQFQlQL/S5jDPpDFI3wDG/soA/qMTR79YX1IXDz9
|
||||
Izin49GkPHElRCoNbT3r3+T6V+lNtrZpah6JBR30//yo1OGUyoJ88yn3KC0JdtUq
|
||||
NgJzX3yYUXD+Ojer+WHEL+O8D8qkZrAX
|
||||
=wiUu
|
||||
iQB1AwUBN9QAwB0Z9MEMmFelAQG0XwMAqyH3UR0Jk+dm2ZkVoTqckGqmMMt5IdBN
|
||||
MlG4g3dau5De8XXHvbQ45cUpU4CC0MOlEuKDp+CKOc+xbzczdH35qYt/5XKmVWS8
|
||||
JwTvuKKCZ/95JRMk0ZMRueQduH7tSijZ
|
||||
=MefQ
|
||||
-----END PGP SIGNATURE-----
|
||||
|
3
THANKS
3
THANKS
@ -17,6 +17,7 @@ Christian von Roques roques@pond.sub.org
|
||||
Christopher Oliver oliver@fritz.traverse.net
|
||||
Christian Recktenwald chris@citecs.de
|
||||
Daniel Eisenbud eisenbud@cs.swarthmore.edu
|
||||
Daniel Koenig dan@mail.isis.de
|
||||
David Ellement ellement@sdd.hp.com
|
||||
Detlef Lannert lannert@lannert.rz.uni-duesseldorf.de
|
||||
Dirk Lattermann dlatt@t-online.de
|
||||
@ -56,6 +57,7 @@ Mark Adler madler@alumni.caltech.edu
|
||||
Mark Elbrecht snowball3@bigfoot.com
|
||||
Markus Friedl Markus.Friedl@informatik.uni-erlangen.de
|
||||
Martin Kahlert martin.kahlert@provi.de
|
||||
Martin Hamilton
|
||||
Martin Schulte schulte@thp.uni-koeln.de
|
||||
Matthew Skala mskala@ansuz.sooke.bc.ca
|
||||
Max Valianskiy maxcom@maxcom.ml.org
|
||||
@ -66,6 +68,7 @@ NIIBE Yutaka gniibe@chroot.org
|
||||
Niklas Hernaeus
|
||||
Nimrod Zimerman zimerman@forfree.at
|
||||
N J Doye nic@niss.ac.uk
|
||||
Oliver Haakert haakert@hsp.de
|
||||
Oskari Jääskeläinen f33003a@cc.hut.fi
|
||||
Paul D. Smith psmith@baynetworks.com
|
||||
Philippe Laliberte arsphl@oeil.qc.ca
|
||||
|
4
TODO
4
TODO
@ -1,4 +1,8 @@
|
||||
|
||||
Gael has added a LF to helptext.c:185 check other translations.
|
||||
(03.09.99)
|
||||
|
||||
|
||||
Scheduled for 1.1
|
||||
-----------------
|
||||
* With option -i prompt before adding a key to the keyring and show some
|
||||
|
@ -94,6 +94,9 @@
|
||||
|
||||
#undef USE_CAPABILITIES
|
||||
|
||||
/* Some systems have mkdir that takes a single argument. */
|
||||
#undef MKDIR_TAKES_ONE_ARG
|
||||
|
||||
|
||||
@BOTTOM@
|
||||
|
||||
|
21
acinclude.m4
21
acinclude.m4
@ -617,5 +617,26 @@ if test x$ac_cv_sys_symbol_underscore = xyes; then
|
||||
fi
|
||||
])
|
||||
|
||||
dnl Stolen from gcc
|
||||
dnl Define MKDIR_TAKES_ONE_ARG if mkdir accepts only one argument instead
|
||||
dnl of the usual 2.
|
||||
AC_DEFUN(GNUPG_FUNC_MKDIR_TAKES_ONE_ARG,
|
||||
[AC_CACHE_CHECK([if mkdir takes one argument], gnupg_cv_mkdir_takes_one_arg,
|
||||
[AC_TRY_COMPILE([
|
||||
#include <sys/types.h>
|
||||
#ifdef HAVE_SYS_STAT_H
|
||||
# include <sys/stat.h>
|
||||
#endif
|
||||
#ifdef HAVE_UNISTD_H
|
||||
# include <unistd.h>
|
||||
#endif
|
||||
#ifdef HAVE_DIRECT_H
|
||||
# include <direct.h>
|
||||
#endif], [mkdir ("foo", 0);],
|
||||
gnupg_cv_mkdir_takes_one_arg=no, gnupg_cv_mkdir_takes_one_arg=yes)])
|
||||
if test $gnupg_cv_mkdir_takes_one_arg = yes ; then
|
||||
AC_DEFINE(MKDIR_TAKES_ONE_ARG)
|
||||
fi
|
||||
])
|
||||
|
||||
dnl *-*wedit:notab*-* Please keep this as the last line.
|
||||
|
@ -1,3 +1,8 @@
|
||||
Mon Sep 6 19:59:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
|
||||
|
||||
|
||||
* des.c (selftest): Add some testpattern
|
||||
|
||||
Mon Aug 30 20:38:33 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
|
||||
|
||||
|
||||
|
69
cipher/des.c
69
cipher/des.c
@ -826,6 +826,75 @@ selftest (void)
|
||||
return "TRIPLE-DES test failed.";
|
||||
}
|
||||
|
||||
/*
|
||||
* More Triple-DES test. These are testvectors as used by SSLeay,
|
||||
* thanks to Jeroen C. van Gelderen.
|
||||
*/
|
||||
{ struct { byte key[24], byte plain[8], byte cipher[8] } testdata[] = {
|
||||
{ { 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
|
||||
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
|
||||
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01 },
|
||||
{ 0x95,0xF8,0xA5,0xE5,0xDD,0x31,0xD9,0x00 },
|
||||
{ 0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }
|
||||
},
|
||||
|
||||
{ { 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
|
||||
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
|
||||
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01 },
|
||||
{ 0x9D,0x64,0x55,0x5A,0x9A,0x10,0xB8,0x52, },
|
||||
{ 0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00 }
|
||||
},
|
||||
{ { 0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E,
|
||||
0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E,
|
||||
0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E },
|
||||
{ 0x51,0x45,0x4B,0x58,0x2D,0xDF,0x44,0x0A },
|
||||
{ 0x71,0x78,0x87,0x6E,0x01,0xF1,0x9B,0x2A }
|
||||
},
|
||||
{ { 0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6,
|
||||
0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6,
|
||||
0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6 },
|
||||
{ 0x42,0xFD,0x44,0x30,0x59,0x57,0x7F,0xA2 },
|
||||
{ 0xAF,0x37,0xFB,0x42,0x1F,0x8C,0x40,0x95 }
|
||||
},
|
||||
{ { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
|
||||
0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
|
||||
0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF },
|
||||
{ 0x73,0x6F,0x6D,0x65,0x64,0x61,0x74,0x61 },
|
||||
{ 0x3D,0x12,0x4F,0xE2,0x19,0x8B,0xA3,0x18 }
|
||||
},
|
||||
{ { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
|
||||
0x55,0x55,0x55,0x55,0x55,0x55,0x55,0x55,
|
||||
0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF },
|
||||
{ 0x73,0x6F,0x6D,0x65,0x64,0x61,0x74,0x61 },
|
||||
{ 0xFB,0xAB,0xA1,0xFF,0x9D,0x05,0xE9,0xB1 }
|
||||
},
|
||||
{ { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
|
||||
0x55,0x55,0x55,0x55,0x55,0x55,0x55,0x55,
|
||||
0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10 },
|
||||
{ 0x73,0x6F,0x6D,0x65,0x64,0x61,0x74,0x61 },
|
||||
{ 0x18,0xd7,0x48,0xe5,0x63,0x62,0x05,0x72 }
|
||||
},
|
||||
{ { 0x03,0x52,0x02,0x07,0x67,0x20,0x82,0x17,
|
||||
0x86,0x02,0x87,0x66,0x59,0x08,0x21,0x98,
|
||||
0x64,0x05,0x6A,0xBD,0xFE,0xA9,0x34,0x57 },
|
||||
{ 0x73,0x71,0x75,0x69,0x67,0x67,0x6C,0x65 },
|
||||
{ 0xc0,0x7d,0x2a,0x0f,0xa5,0x66,0xfa,0x30 }
|
||||
},
|
||||
{ { 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
|
||||
0x80,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
|
||||
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x02 },
|
||||
{ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },
|
||||
{ 0xe6,0xe6,0xdd,0x5b,0x7e,0x72,0x29,0x74 }
|
||||
},
|
||||
{ { 0x10,0x46,0x10,0x34,0x89,0x98,0x80,0x20,
|
||||
0x91,0x07,0xD0,0x15,0x89,0x19,0x01,0x01,
|
||||
0x19,0x07,0x92,0x10,0x98,0x1A,0x01,0x01 },
|
||||
{ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },
|
||||
{ 0xe1,0xef,0x62,0xc3,0x32,0xfe,0x82,0x5b }
|
||||
}
|
||||
};
|
||||
/* fixme: do the test */
|
||||
}
|
||||
|
||||
/*
|
||||
* Check the weak key detection. We simply assume the table with
|
||||
|
@ -406,6 +406,7 @@ AC_CHECK_FUNCS(memmove gettimeofday getrusage gethrtime setrlimit)
|
||||
AC_CHECK_FUNCS(memicmp atexit raise getpagesize strftime nl_langinfo)
|
||||
|
||||
GNUPG_CHECK_MLOCK
|
||||
GNUPG_FUNC_MKDIR_TAKES_ONE_ARG
|
||||
|
||||
dnl
|
||||
dnl Check whether we can use Linux capabilities as requested
|
||||
@ -706,6 +707,7 @@ mpi/Makefile
|
||||
cipher/Makefile
|
||||
g10/Makefile
|
||||
doc/Makefile
|
||||
doc/gph/Makefile
|
||||
tools/Makefile
|
||||
zlib/Makefile
|
||||
checks/Makefile
|
||||
|
4
debian/changelog
vendored
4
debian/changelog
vendored
@ -141,8 +141,8 @@ gnupg (0.4.0-1) unstable; urgency=high
|
||||
* debian/control: update extended description.
|
||||
* debian/rules (binary-arch): install FAQ and all ChangeLogs.
|
||||
* debian/preinst: new; check for upgrade from (<= 0.3.2-1) and warn about
|
||||
incompatabilites in keyring format and offer to move old copy out of
|
||||
gpg out of the way for transistion strategy and inform the user about
|
||||
incompatibilities in keyring format and offer to move old copy out of
|
||||
gpg out of the way for transition strategy and inform the user about
|
||||
the old copies of gnupg available on my web page.
|
||||
* debian/rules (binary-arch) install preinst.
|
||||
* debian/rules (binary-arch): don't depend on the test target as it is
|
||||
|
@ -1,5 +1,7 @@
|
||||
## Process this file with automake to create Makefile.in
|
||||
|
||||
SUBDIRS = gph
|
||||
|
||||
EXTRA_DIST = DETAILS gpg.sgml gpg.1 FAQ HACKING OpenPGP
|
||||
|
||||
man_MANS = gpg.1
|
||||
@ -15,21 +17,13 @@ else
|
||||
endif
|
||||
|
||||
|
||||
%.txt : %.sgml
|
||||
sgml2txt -c latin $*
|
||||
%.dvi: %.sgml
|
||||
db2dvi $<
|
||||
|
||||
%.html : %.sgml
|
||||
sgml2html -c latin $*
|
||||
%.ps: %.dvi
|
||||
dvips -o $@ $<
|
||||
|
||||
%.dvi : %.sgml
|
||||
-rm $*.sgml.tmp
|
||||
mv $*.sgml $*.sgml.tmp
|
||||
sed -e '/<!entity/ s/"IGNORE">/"INCLUDE">/' $*.sgml.tmp >$*.sgml
|
||||
sgml2latex -b -l deutsch -c latin $* ; mv $*.sgml.tmp $*.sgml
|
||||
%/%.html: %.sgml
|
||||
-db2html $<
|
||||
|
||||
%.ps : %.sgml
|
||||
-rm $*.sgml.tmp
|
||||
mv $*.sgml $*.sgml.tmp
|
||||
sed -e '/<!entity/ s/"IGNORE">/"INCLUDE">/' $*.sgml.tmp >$*.sgml
|
||||
sgml2latex -b -l deutsch -c latin -o ps $* ; mv $*.sgml.tmp $*.sgml
|
||||
|
||||
|
41
doc/credits-1.0
Normal file
41
doc/credits-1.0
Normal file
@ -0,0 +1,41 @@
|
||||
The GNU Privacy Guard has been created by the GnuPG team:
|
||||
Matthew Skala, Michael Roth, Niklas Hernaeus, Rémi Guyomarch
|
||||
and Werner Koch. Gael Queri, Gregory Steuck, Janusz A. Urbanowicz,
|
||||
Marco d'Itri, Thiago Jung Bauermann, Urko Lusa and Walter Koch
|
||||
did the official translations. Mike Ashley is working on the
|
||||
GNU Privacy Handbook.
|
||||
|
||||
The following people helped greatly by suggesting improvements,
|
||||
testing, fixing bugs, providing resources and doing other important
|
||||
tasks: Allan Clark, Anand Kumria, Ariel T Glenn, Bodo Moeller,
|
||||
Bryan Fullerton, Brian Moore, Brian Warner, Caskey L. Dickson,
|
||||
Cees van de Griend, Charles Levert, Christian von Roques,
|
||||
Christopher Oliver, Christian Recktenwald, Daniel Eisenbud,
|
||||
Daniel Koenig, David Ellement, Detlef Lannert, Dirk Lattermann,
|
||||
Ed Boraas, Enzo Michelangeli, Ernst Molitor, Fabio Coatti,
|
||||
Felix von Leitner, Frank Heckenbach, Frank Stajano, Gaël Quéri,
|
||||
Greg Louis, Greg Troxel, Gregory Steuck, Geoff Keating, Harald Denker,
|
||||
Hendrik Buschkamp, Holger Schurig, Hugh Daniel, Ian McKellar,
|
||||
Janusz A. Urbanowicz, James Troup, Jean-loup Gailly, Jens Bachem,
|
||||
Joachim Backes, John A. Martin, Johnny Teveßen, Jörg Schilling,
|
||||
Jun Kuriyama, Karl Fogel, Karsten Thygesen, Katsuhiro Kondou,
|
||||
Kazu Yamamoto, Lars Kellogg-Stedman, Marco d'Itri, Mark Adler,
|
||||
Mark Elbrecht, Markus Friedl, Martin Kahlert, Martin Hamilton,
|
||||
Martin Schulte, Matthew Skala, Max Valianskiy, Michael Roth,
|
||||
Michael Sobolev, Nicolas Graner, NIIBE Yutaka, Niklas Hernaeus,
|
||||
Nimrod Zimerman, N J Doye, Oliver Haakert, Oskari Jääskeläinen,
|
||||
Paul D. Smith, Philippe Laliberte, Peter Gutmann, QingLong,
|
||||
Ralph Gillen, Rat, Reinhard Wobst, Rémi Guyomarch, Reuben Sumner,
|
||||
Roland Rosenfeld, Ross Golder, Serge Munhoven, SL Baur, Stefan Karrmann,
|
||||
Stefan Keller, Steffen Ullrich, Steffen Zahn, Steven Bakker,
|
||||
Susanne Schultz, Thiago Jung Bauermann, Thomas Roessler, Tom Spindler,
|
||||
Tom Zerucha, Tomas Fasth, Thomas Mikkelsen, Ulf Möller, Urko Lusa,
|
||||
Walter Koch, Wim Vandeputte and Gerlinde Klaes.
|
||||
|
||||
This software has been made possible by the previous work of
|
||||
Chris Wedgwood, Jean-loup Gailly, Jon Callas, Mark Adler, Martin Hellmann
|
||||
Paul Kendall, Philip R. Zimmermann, Peter Gutmann, Philip A. Nelson,
|
||||
Taher ElGamal, Torbjorn Granlund, Whitfield Diffie, some unknown NSA
|
||||
mathematicians and all the folks who have worked hard to create complete
|
||||
and free operating systems.
|
||||
|
@ -253,7 +253,7 @@ with -u.</para></listitem></varlistentry>
|
||||
<term>lsign</term>
|
||||
<listitem><para>
|
||||
Same as --sign but the signature is marked as
|
||||
non-exportbale and will therefore never be used
|
||||
non-exportable and will therefore never be used
|
||||
by others. This may be used to make keys valid
|
||||
only in the local environment.</para></listitem></varlistentry>
|
||||
<varlistentry>
|
||||
|
5
doc/gph/ChangeLog
Normal file
5
doc/gph/ChangeLog
Normal file
@ -0,0 +1,5 @@
|
||||
Fri Sep 3 13:24:45 1999 Werner Koch (wk@gnupg.org)
|
||||
|
||||
* Makefile.am: New
|
||||
|
||||
|
38
doc/gph/Makefile.am
Normal file
38
doc/gph/Makefile.am
Normal file
@ -0,0 +1,38 @@
|
||||
# GPH - GNU Privacy Handbook
|
||||
|
||||
PARTS = manual.sgml c1.sgml c2.sgml c3.sgml c4.sgml c5.sgml c6.sgml \
|
||||
signatures.fig
|
||||
|
||||
EXTRA_DIST = $(PARTS) index.html
|
||||
BUILT_SOURCES = index.html
|
||||
|
||||
index.html: $(PARTS) signatures.jpg
|
||||
db2html manual.sgml
|
||||
cp signatures.jpg manual/signatures.jpg
|
||||
echo '<html><body>' >index.html
|
||||
echo '<ul>' >>index.html
|
||||
echo '<li><a href="manual/book1.html">GnuPG User Manual</a>' >>index.html
|
||||
echo '</ul>' >>index.html
|
||||
echo '</body></html>' >>index.html
|
||||
-rm -r manual.junk
|
||||
(cd manual; rm -r stylesheet-images; ls | grep -v distfiles >distfiles)
|
||||
|
||||
%.dvi: %.sgml
|
||||
db2dvi $<
|
||||
|
||||
%.ps: %.dvi
|
||||
dvips -o $@ $<
|
||||
|
||||
%/%.html: %.sgml
|
||||
db2html $<
|
||||
|
||||
|
||||
%.png: %.fig
|
||||
fig2dev -L png $< $@
|
||||
|
||||
%.jpg: %.fig
|
||||
fig2dev -L jpeg $< $@
|
||||
|
||||
%.eps: %.fig
|
||||
fig2dev -L ps $< $@
|
||||
|
627
doc/gph/c1.sgml
Normal file
627
doc/gph/c1.sgml
Normal file
@ -0,0 +1,627 @@
|
||||
<chapter id="intro" xreflabel="1">
|
||||
<docinfo>
|
||||
<date>
|
||||
$Id$
|
||||
</date>
|
||||
</docinfo>
|
||||
<title>
|
||||
Getting Started
|
||||
</title>
|
||||
|
||||
<para>
|
||||
&Gnupg; is a tool for secure communication.
|
||||
This chapter is a quick-start guide that covers the core functionality
|
||||
of &gnupg;.
|
||||
This includes keypair creation, exchanging and verifying keys, encrypting
|
||||
and decrypting documents, and making and verifying signatures.
|
||||
It does not explain in detail the concepts behind public-key cryptography,
|
||||
encryption, and digital signatures.
|
||||
This is covered in Chapter <xref linkend="concepts">.
|
||||
It also does not explain how to use &gnupg; wisely.
|
||||
This is covered in Chapters <xref linkend="management"> and
|
||||
<xref linkend="wise">.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
&Gnupg; uses public-key cryptography so that users may communicate securely.
|
||||
In a public-key system, each user has a public/private keypair.
|
||||
A user's private key is kept secret; it need never be revealed.
|
||||
The public key may be given to anyone with whom the user wants to
|
||||
communicate.
|
||||
&Gnupg; uses a somewhat more sophisticated scheme in which a user has
|
||||
a primary keypair and then zero or more additional subordinate keypairs.
|
||||
The primary and subordinate keypairs are bundled to facilitate key
|
||||
management and the bundle can often be considered simply as one keypair.
|
||||
</para>
|
||||
|
||||
<sect1>
|
||||
<title>
|
||||
Generating a new keypair
|
||||
</title>
|
||||
|
||||
<para>
|
||||
The command-line option <link linkend="gen-key"><option>--gen-key</option></link>
|
||||
is used to create a new primary keypair.
|
||||
|
||||
<screen width="80">
|
||||
<prompt>alice%</prompt> <userinput>gpg --gen-key</userinput>
|
||||
gpg (GnuPG) 0.9.4; Copyright (C) 1999 Free Software Foundation, Inc.
|
||||
This program comes with ABSOLUTELY NO WARRANTY.
|
||||
This is free software, and you are welcome to redistribute it
|
||||
under certain conditions. See the file COPYING for details.
|
||||
|
||||
Please select what kind of key you want:
|
||||
(1) DSA and ElGamal (default)
|
||||
(2) DSA (sign only)
|
||||
(4) ElGamal (sign and encrypt)
|
||||
Your selection?
|
||||
</screen>
|
||||
|
||||
<!--
|
||||
REWRITE
|
||||
From Thomas Zander (zander@microweb.nl):
|
||||
In GPG you can create 3 type of keypairs. A keypair is the combination
|
||||
of a publ ic key and a private key, see chapter X. A DSA keypair can
|
||||
only be used to sign a message. A ElGamal subordinate keypair can be
|
||||
used for encryption as well as s igning, but is not as compatible with
|
||||
former standards.
|
||||
|
||||
Option 1 creates 2 keypairs; a DSA (signing) and a ElGamal (Encryption).
|
||||
Option 2 creates a DSA keypair (Signing)
|
||||
Option 4 creates a ElGemal keypair (Signing & Encryption).
|
||||
|
||||
note: option 3 xxxx
|
||||
|
||||
This doesn't quite work, but I agree the following paragraph is rough.
|
||||
-->
|
||||
|
||||
&Gnupg; is able to create several different types of keypairs, but a primary
|
||||
key must be capable of making signatures.
|
||||
There are therefore only three options.
|
||||
Option 1 actually creates two keypairs.
|
||||
A DSA keypair is the primary keypair usable only for making signatures.
|
||||
An ElGamal subordinate keypair is also created for encryption.
|
||||
Option 2 is similar but creates only a DSA keypair.
|
||||
Option 4<footnote><para>Option 3 is to generate an ElGamal keypair that is
|
||||
not usable for making signatures.</para></footnote> creates a single ElGamal
|
||||
keypair usable for both making signatures and performing encryption.
|
||||
In all cases it is possible to later add additional subkeys for encryption
|
||||
and signing.
|
||||
For most users the default option is fine.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
You must also choose a key size.
|
||||
The size of a DSA key must be between 512 and 1024 bits, and an ElGamal
|
||||
key may be of any size.
|
||||
&Gnupg;, however, requires that keys be no smaller than 768 bits.
|
||||
Therefore, if Option 1 was chosen and you choose a keysize larger than
|
||||
1024 bits, the ElGamal key will have the requested size, but the DSA
|
||||
key will be 1024 bits.
|
||||
|
||||
<screen width="80">
|
||||
About to generate a new ELG-E keypair.
|
||||
minimum keysize is 768 bits
|
||||
default keysize is 1024 bits
|
||||
highest suggested keysize is 2048 bits
|
||||
What keysize do you want? (1024)
|
||||
</screen>
|
||||
|
||||
The longer the key the more secure it is against brute-force attacks,
|
||||
but for almost all purposes the default keysize is adequate since
|
||||
it would be cheaper to circumvent the encryption than try to break it.
|
||||
Also, encryption and decryption will be slower as the
|
||||
key size is increased, and a larger keysize may affect signature length.
|
||||
Once selected, the keysize can never be changed.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Finally, you must choose an expiration date.
|
||||
If Option 1 was chosen, the expiration date will be used for both the
|
||||
ElGamal and DSA keypairs.
|
||||
|
||||
<screen width="80">
|
||||
Please specify how long the key should be valid.
|
||||
0 = key does not expire
|
||||
<n> = key expires in n days
|
||||
<n>w = key expires in n weeks
|
||||
<n>m = key expires in n months
|
||||
<n>y = key expires in n years
|
||||
Key is valid for? (0)
|
||||
</screen>
|
||||
|
||||
For most users a key that does not expire is adequate.
|
||||
The expiration time should be chosen with care, however,
|
||||
since although it is possible to change the expiration date after the key
|
||||
is created, it may be difficult to communicate a change
|
||||
to users who have your public key.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
You must provide a user ID in addition to the key parameters.
|
||||
The user ID is used to associate the key being created with a real
|
||||
person.
|
||||
|
||||
<screen width="80">
|
||||
You need a User-ID to identify your key; the software constructs the user id
|
||||
from Real Name, Comment and Email Address in this form:
|
||||
"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"
|
||||
|
||||
Real name:
|
||||
</screen>
|
||||
|
||||
Only one user ID is created when a key is created, but it is possible
|
||||
to create additional user IDs if you want to use the key in two or
|
||||
more contexts, ⪚, as an employee at work and a political activist
|
||||
on the side.
|
||||
A user ID should be created carefully since it cannot be edited after
|
||||
it is created.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
&Gnupg; needs a passphrase to protect the primary and subordinate
|
||||
private keys that you keep in your possession.
|
||||
|
||||
<screen width="80">
|
||||
You need a Passphrase to protect your private key.
|
||||
|
||||
Enter passphrase:
|
||||
</screen>
|
||||
|
||||
There is no limit on the length of a passphrase, and it should be
|
||||
carefully chosen.
|
||||
From the perspective of security, the passphrase to unlock the private
|
||||
key is one of the weakest points in &gnupg; (and other public-key
|
||||
encryption systems as well) since it is the only protection you
|
||||
have if another individual gets your private key.
|
||||
Ideally, the passphrase should not use words from a dictionary and
|
||||
should mix the case of alphabetic characters as well as use
|
||||
non-alphabetic characters.
|
||||
A good passphrase is crucial to the secure use of &gnupg;.
|
||||
</para>
|
||||
|
||||
<sect2 id="revocation">
|
||||
<title>
|
||||
Generating a revocation certificate
|
||||
</title>
|
||||
|
||||
<para>
|
||||
After your keypair is created you should immediately generate a revocation
|
||||
certificate for the primary public key using the option
|
||||
<link linkend="gen-revoke"><option>--gen-revoke</option></link>.
|
||||
If you forget your passphrase or if your private key is compromised
|
||||
or lost, this revocation certificate may be published to notify others
|
||||
that the public key should no longer be used.
|
||||
A revoked public key can still be used to verify signatures made
|
||||
by you in the past, but it cannot be used to encrypt future messages
|
||||
to you.
|
||||
It also does not affect your ability to decrypt messages sent to
|
||||
you in the past if you still do have access to the private key.
|
||||
|
||||
<screen width="80">
|
||||
<prompt>alice%</prompt> <userinput>gpg --output revoke.asc --gen-revoke mykey</userinput>
|
||||
[...]
|
||||
</screen>
|
||||
|
||||
The argument <userinput>mykey</userinput> must be a <emphasis>key
|
||||
specifier</emphasis>,
|
||||
either the key ID of your primary keypair or any part of a user ID
|
||||
that identifies your keypair.
|
||||
The generated certificate will be left in the file
|
||||
<parameter>revoke.asc</parameter>.
|
||||
If the <link linkend="output"><option>--output</option></link> option is
|
||||
omitted, the result will be placed on standard output.
|
||||
Since the certificate is short, you may wish to print a hardcopy of
|
||||
the certificate to store somewhere safe such as your safe deposit box.
|
||||
The certificate should not be stored where others can access it since
|
||||
anybody can publish the revocation certificate and render the
|
||||
corresponding public key useless.
|
||||
</para>
|
||||
</sect2>
|
||||
</sect1>
|
||||
|
||||
<sect1>
|
||||
<title>
|
||||
Exchanging keys
|
||||
</title>
|
||||
|
||||
<para>
|
||||
To communicate with others you must exchange public keys.
|
||||
To list the keys on your public keyring use the command-line
|
||||
option <link linkend="list-keys"><option>--list-keys</option></link>.
|
||||
</para>
|
||||
|
||||
<screen width="80">
|
||||
<prompt>alice%</prompt> <userinput>gpg --list-keys</userinput>
|
||||
/users/alice/.gnupg/pubring.gpg
|
||||
---------------------------------------
|
||||
pub 1024D/BB7576AC 1999-06-04 Alice (Judge) <alice@cyb.org>
|
||||
sub 1024g/78E9A8FA 1999-06-04
|
||||
</screen>
|
||||
|
||||
<sect2>
|
||||
<title>
|
||||
Exporting a public key
|
||||
</title>
|
||||
|
||||
<para>
|
||||
To send your public key to a correspondent you must first export it.
|
||||
The command-line option <link linkend="export"><option>--export</option></link>
|
||||
is used to do this.
|
||||
It takes an additional argument identifying the public key to export.
|
||||
As with the <option>--gen-revoke</option> option, either the key ID or any part of
|
||||
the user ID may be used to identify the key to export.
|
||||
</para>
|
||||
|
||||
<screen width="80">
|
||||
<prompt>alice%</prompt> <userinput>gpg --output alice.gpg --export alice@cyb.org</userinput>
|
||||
</screen>
|
||||
|
||||
<para>
|
||||
The key is exported in a binary format, but this can be inconvenient
|
||||
when the key is to be sent though email or published on a web page.
|
||||
&Gnupg; therefore supports a command-line option
|
||||
<link linkend="armor"><option>--armor</option></link><footnote>
|
||||
<para>Many
|
||||
command-line options that are frequently used can also be set in a
|
||||
<link linkend="optionsfile">configuration file</link>.
|
||||
</para>
|
||||
</footnote>
|
||||
that that
|
||||
causes output to be generated in an ASCII-armored format similar to
|
||||
uuencoded documents.
|
||||
In general, any output from &gnupg;, ⪚, keys, encrypted documents, and
|
||||
signatures, can be ASCII-armored by adding the <option>--armor</option> option.
|
||||
</para>
|
||||
|
||||
<screen width="80">
|
||||
<prompt>alice%</prompt> <userinput>gpg --armor --export alice@cyb.org</userinput>
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v0.9.7 (GNU/Linux)
|
||||
Comment: For info see http://www.gnupg.org
|
||||
|
||||
[...]
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
</screen>
|
||||
</sect2>
|
||||
|
||||
<sect2>
|
||||
<title>
|
||||
Importing a public key
|
||||
</title>
|
||||
|
||||
<para>
|
||||
A public key may be added to your public keyring with the
|
||||
<link linkend="import"><option>--import</option></link> option.
|
||||
</para>
|
||||
|
||||
<screen width="80">
|
||||
<prompt>alice%</prompt> <userinput>gpg --import blake.gpg</userinput>
|
||||
gpg: key 9E98BC16: public key imported
|
||||
gpg: Total number processed: 1
|
||||
gpg: imported: 1
|
||||
<prompt>alice%</prompt> <userinput>gpg --list-keys</userinput>
|
||||
/users/alice/.gnupg/pubring.gpg
|
||||
---------------------------------------
|
||||
pub 1024D/BB7576AC 1999-06-04 Alice (Judge) <alice@cyb.org>
|
||||
sub 1024g/78E9A8FA 1999-06-04
|
||||
|
||||
pub 1024D/9E98BC16 1999-06-04 Blake (Executioner) <blake@cyb.org>
|
||||
sub 1024g/5C8CBD41 1999-06-04
|
||||
</screen>
|
||||
|
||||
<para>
|
||||
Once a key is imported it should be validated.
|
||||
&Gnupg; uses a powerful and flexible trust model that does not require
|
||||
you to personally validate each key you import.
|
||||
Some keys may need to be personally validated, however.
|
||||
A key is validated by verifying the key's fingerprint and then signing
|
||||
the key to certify it as a valid key.
|
||||
A key's fingerprint can be quickly viewed with the
|
||||
<link linkend="fingerprint"><option>--fingerprint</option></link>
|
||||
command-line option, but in order to certify the key you must edit it.
|
||||
|
||||
<screen width="80">
|
||||
<prompt>alice%</prompt> <userinput>gpg --edit-key blake@cyb.org</userinput>
|
||||
|
||||
pub 1024D/9E98BC16 created: 1999-06-04 expires: never trust: -/q
|
||||
sub 1024g/5C8CBD41 created: 1999-06-04 expires: never
|
||||
(1) Blake (Executioner) <blake@cyb.org>
|
||||
|
||||
<prompt>Command></prompt> <userinput>fpr</userinput>
|
||||
pub 1024D/9E98BC16 1999-06-04 Blake (Executioner) <blake@cyb.org>
|
||||
Fingerprint: 268F 448F CCD7 AF34 183E 52D8 9BDE 1A08 9E98 BC16
|
||||
</screen>
|
||||
|
||||
Key verification is a weak point in public-key cryptography, so you
|
||||
must be sure that the fingerprint is correct.
|
||||
The fingerprint displayed should be checked with the key's owner.
|
||||
This may be done in person or over the phone or through any other means
|
||||
as long as you can guarantee that you are communicating with the key's
|
||||
true owner.
|
||||
Once verified you may sign the key to validate it.
|
||||
</para>
|
||||
|
||||
<screen width="80">
|
||||
<prompt>Command></prompt> <userinput>sign</userinput>
|
||||
|
||||
pub 1024D/9E98BC16 created: 1999-06-04 expires: never trust: -/q
|
||||
Fingerprint: 268F 448F CCD7 AF34 183E 52D8 9BDE 1A08 9E98 BC16
|
||||
|
||||
Blake (Executioner) <blake@cyb.org>
|
||||
|
||||
Are you really sure that you want to sign this key
|
||||
with your key: "Alice (Judge) <alice@cyb.org>"
|
||||
|
||||
Really sign?
|
||||
</screen>
|
||||
|
||||
<para>
|
||||
Once signed you can check the key to list the signatures on it and
|
||||
see the signature that you have added.
|
||||
Every user ID on the key will have one or more self-signatures as well
|
||||
as a signature for each user that has validated the key.
|
||||
</para>
|
||||
|
||||
<screen width="80">
|
||||
<prompt>Command></prompt> <userinput>check</userinput>
|
||||
uid Blake (Executioner) <blake@cyb.org>
|
||||
sig! 9E98BC16 1999-06-04 [self-signature]
|
||||
sig! BB7576AC 1999-06-04 Alice (Judge) <alice@cyb.org>
|
||||
</screen>
|
||||
</sect2>
|
||||
</sect1>
|
||||
|
||||
<sect1>
|
||||
<title>
|
||||
Encrypting and decrypting documents
|
||||
</title>
|
||||
|
||||
<para>
|
||||
To encrypt a document the option
|
||||
<link linkend="encrypt"><option>--encrypt</option></link> is used.
|
||||
You must have the public keys of the intended recipients.
|
||||
The software expects the name of the document to encrypt as input or, if
|
||||
omitted, on standard input.
|
||||
The encrypted result is placed on standard output or as specified using
|
||||
the option <option>--output</option>.
|
||||
The document is compressed for additional security in addition to
|
||||
encrypting it.
|
||||
|
||||
<screen width="80">
|
||||
<prompt>alice%</prompt> <userinput>gpg --output doc.gpg --encrypt --recipient blake@cyb.org doc</userinput>
|
||||
</screen>
|
||||
|
||||
The <link linkend="recipient"><option>--recipient</option></link> option
|
||||
is used once for each recipient and takes an extra argument specifying
|
||||
the public key to which the document should be encrypted.
|
||||
The encrypted document can only be decrypted by someone with a private
|
||||
key that complements one of the recipients' public keys.
|
||||
In particular, you cannot decrypt a document encrypted by you unless
|
||||
you included your own public key in the recipient list.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
To decrypt a message the option
|
||||
<link linkend="decrypt"><option>--decrypt</option></link> is used.
|
||||
You need the private key to which the message was encrypted.
|
||||
Similar to the encryption process, the document to decrypt is
|
||||
input, and the decrypted result is output.
|
||||
</para>
|
||||
|
||||
<screen width="80">
|
||||
<prompt>blake%</prompt> <userinput>gpg --output doc --decrypt doc.gpg</userinput>
|
||||
|
||||
You need a passphrase to unlock the secret key for
|
||||
user: "Blake (Executioner) <blake@cyb.org>"
|
||||
1024-bit ELG-E key, ID 5C8CBD41, created 1999-06-04 (main key ID 9E98BC16)
|
||||
|
||||
Enter passphrase:
|
||||
</screen>
|
||||
|
||||
<para>
|
||||
Documents may also be encrypted without using public-key cryptography.
|
||||
Instead, only a symmetric cipher is used to encrypt the document.
|
||||
The key used to drive the symmetric cipher is derived from a passphrase
|
||||
supplied when the document is encrypted, and for good security, it
|
||||
should not be the same passphrase that you use to protect your private key.
|
||||
Symmetric encryption is useful for securing documents when the
|
||||
passphrase does not need to be communicated to others.
|
||||
A document can be encrypted with a symmetric cipher by using the
|
||||
<link linkend="symmetric"><option>--symmetric</option></link> option.
|
||||
</para>
|
||||
|
||||
<screen width="80">
|
||||
<prompt>alice%</prompt> <userinput>gpg --output doc.gpg --symmetric doc</userinput>
|
||||
Enter passphrase:
|
||||
</screen>
|
||||
</sect1>
|
||||
|
||||
<sect1>
|
||||
<title>
|
||||
Making and verifying signatures
|
||||
</title>
|
||||
|
||||
<para>
|
||||
A digital signature certifies and timestamps a document.
|
||||
If the document is subsequently modified in any way, a verification
|
||||
of the signature will fail.
|
||||
A digital signature can serve the same purpose as a hand-written signature
|
||||
with the additional benefit of being tamper-resistant.
|
||||
The &gnupg; source distribution, for example, is signed so that users can
|
||||
verify that the source code has not been modified since it was packaged.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Creating and verifying signatures uses the public/private keypair
|
||||
in an operation different from encryption and decryption.
|
||||
A signature is created using the private key of the signer.
|
||||
The signature is verified using the corresponding public key.
|
||||
A consequence is that it is difficult to deny that you made a digital
|
||||
signature since that would imply your private key had been compromised.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
The command-line option <link linkend="sign"><option>--sign</option></link> is
|
||||
used to make a digital signature.
|
||||
The document to sign is input, and the signed document is output.
|
||||
|
||||
<screen width="80">
|
||||
<prompt>alice%</prompt> <userinput>gpg --output doc.sig --sign doc</userinput>
|
||||
|
||||
You need a passphrase to unlock the private key for
|
||||
user: "Alice (Judge) <alice@cyb.org>"
|
||||
1024-bit DSA key, ID BB7576AC, created 1999-06-04
|
||||
|
||||
Enter passphrase:
|
||||
</screen>
|
||||
|
||||
The document is compressed before signed, and the output is in binary
|
||||
format.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Given a signed document, you can either check the signature or
|
||||
check the signature and recover the original document.
|
||||
To check the signature use the
|
||||
<link linkend="verify"><option>--verify</option></link> option.
|
||||
To verify the signature and extract the document use the
|
||||
<option>--decrypt</option>
|
||||
option.
|
||||
The signed document to verify and recover is input and the recovered
|
||||
document is output.
|
||||
</para>
|
||||
|
||||
<screen width="80">
|
||||
<prompt>blake%</prompt> <userinput>gpg --output doc --decrypt doc.sig</userinput>
|
||||
gpg: Signature made Fri Jun 4 12:02:38 1999 CDT using DSA key ID BB7576AC
|
||||
gpg: Good signature from "Alice (Judge) <alice@cyb.org>"
|
||||
</screen>
|
||||
|
||||
<sect2>
|
||||
<title>
|
||||
Clearsigned documents
|
||||
</title>
|
||||
|
||||
<para>
|
||||
A common use of digital signatures is to sign usenet postings or
|
||||
email messages.
|
||||
In such situations it is undesirable to compress the document while
|
||||
signing it.
|
||||
The option
|
||||
<link linkend="clearsign"><option>--clearsign</option></link>
|
||||
causes the document to be wrapped in an ASCII-armored signature but
|
||||
otherwise does not modify the document.
|
||||
</para>
|
||||
|
||||
<screen width="80">
|
||||
<prompt>alice%</prompt> <userinput>gpg --clearsign doc</userinput>
|
||||
|
||||
You need a passphrase to unlock the secret key for
|
||||
user: "Alice (Judge) <alice@cyb.org>"
|
||||
1024-bit DSA key, ID BB7576AC, created 1999-06-04
|
||||
|
||||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA1
|
||||
|
||||
[...]
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
Version: GnuPG v0.9.7 (GNU/Linux)
|
||||
Comment: For info see http://www.gnupg.org
|
||||
|
||||
iEYEARECAAYFAjdYCQoACgkQJ9S6ULt1dqz6IwCfQ7wP6i/i8HhbcOSKF4ELyQB1
|
||||
oCoAoOuqpRqEzr4kOkQqHRLE/b8/Rw2k
|
||||
=y6kj
|
||||
-----END PGP SIGNATURE-----
|
||||
</screen>
|
||||
</sect2>
|
||||
|
||||
<sect2>
|
||||
<title>
|
||||
Detached signatures
|
||||
</title>
|
||||
|
||||
<para>
|
||||
A signed document has limited usefulness.
|
||||
Other users must recover the original document from the signed
|
||||
version, and even with clearsigned documents, the signed document
|
||||
must be edited to recover the original.
|
||||
Therefore, there is a third method for signing a document that
|
||||
creates a detached signature.
|
||||
A detached signature is created using the
|
||||
<link linkend="detach-sig"><option>--detach-sig</option></link>
|
||||
option.
|
||||
</para>
|
||||
|
||||
<screen width="80">
|
||||
<prompt>alice%</prompt> <userinput>gpg --output doc.sig --detach-sig doc</userinput>
|
||||
|
||||
You need a passphrase to unlock the secret key for
|
||||
user: "Alice (Judge) <alice@cyb.org>"
|
||||
1024-bit DSA key, ID BB7576AC, created 1999-06-04
|
||||
|
||||
Enter passphrase:
|
||||
</screen>
|
||||
|
||||
<para>
|
||||
Both the document and detached signature are needed to verify
|
||||
the signature.
|
||||
The <option>--verify</option> option can be to check the
|
||||
signature.
|
||||
</para>
|
||||
|
||||
<screen width="80">
|
||||
<prompt>blake%</prompt> <userinput>gpg --verify doc.sig doc</userinput>
|
||||
gpg: Signature made Fri Jun 4 12:38:46 1999 CDT using DSA key ID BB7576AC
|
||||
gpg: Good signature from "Alice (Judge) <alice@cyb.org>"
|
||||
</screen>
|
||||
</sect2>
|
||||
</sect1>
|
||||
</chapter>
|
||||
|
||||
<!--
|
||||
In the "Getting Started" chapter, it would be interesting to provide
|
||||
a checklist of assumptions that the reader can consult to determine
|
||||
whether or not she fits the "most users" profile. Perhaps put this
|
||||
at the end of the chapter (perhaps w/ forward pointer?). You could
|
||||
include cross references for each item on the list. For example:
|
||||
|
||||
23. Your use of public key encryption has property X with attribute Y.
|
||||
(see Section 3.4.1 for a more detailed discussion of other
|
||||
attributes of property X)
|
||||
|
||||
What prompted this was wondering, as I read through the generating keypair
|
||||
section, "under what circumstances would these defaults be inappropriate?"
|
||||
|
||||
The notion of using the same key with different user IDs "as an employee at
|
||||
work and a political activist on the side" is interesting. Knowing one,
|
||||
could you be traced to the other? (Are they separate numeric ids, and is
|
||||
that enough?) (seems someone could just match the public keys)
|
||||
|
||||
It's a very nice touch that you don't cover every single prompt that the
|
||||
system throws at you, but instead treat them functionally. For example,
|
||||
I can imagine other books going through the "Comment:" and "Email Address:"
|
||||
prompts.
|
||||
-->
|
||||
|
||||
<!--
|
||||
"Key verification is a weak point in public-key cryptography ..."
|
||||
Saying "weak point" makes it sound like a slam on public key stuff.
|
||||
Although we've talked about weaknesses of the trust model, I'm guessing
|
||||
the point here is that communication is only secure if you verify the
|
||||
identity of the key's owner.
|
||||
|
||||
Key verification can be done through any means "as long as you can
|
||||
guarantee that you are communicating with the key's true owner".
|
||||
I suspect we'd also like to prevent leaking information that an
|
||||
interceptor could use to pose as us in a key verification step with
|
||||
another party. I suppose the notion of bootstrapping may not be widely
|
||||
appreciated as an analogy.
|
||||
|
||||
I'm almost inclined to want to see a section in the Getting Started
|
||||
guide called "Why you should read the rest of this book". Failing
|
||||
that, or perhaps better yet, maybe it would work to have some margin
|
||||
notes that point to other sections of the book for more information
|
||||
("a discussion of trust models begins on p. 95").
|
||||
-->
|
||||
|
345
doc/gph/c2.sgml
Normal file
345
doc/gph/c2.sgml
Normal file
@ -0,0 +1,345 @@
|
||||
<chapter id="concepts" xreflabel="2">
|
||||
<docinfo>
|
||||
<date>
|
||||
$Id$
|
||||
</date>
|
||||
</docinfo>
|
||||
<title>
|
||||
Concepts
|
||||
</title>
|
||||
|
||||
<para>
|
||||
&Gnupg; makes uses of several cryptographic concepts including
|
||||
<firstterm>symmetric ciphers</firstterm>,
|
||||
<firstterm>public-key ciphers</firstterm>, and
|
||||
<firstterm>one-way hashing</firstterm>.
|
||||
You can make basic use &gnupg; without fully understanding these concepts,
|
||||
but in order to use it wisely some understanding of them is necessary.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
This chapter introduces the basic cryptographic concepts used in GnuPG.
|
||||
Other books cover these topics in much more detail.
|
||||
A good book with which to pursue further study is
|
||||
<ulink url="http://www.counterpane.com/schneier.html">Bruce
|
||||
Schneier</ulink>'s
|
||||
<ulink url="http://www.counterpane.com/applied.html">"Applied
|
||||
Cryptography"</ulink>.
|
||||
</para>
|
||||
|
||||
<sect1>
|
||||
<title>
|
||||
Symmetric ciphers
|
||||
</title>
|
||||
|
||||
<para>
|
||||
A symmetric cipher is a cipher that uses the same key for both encryption
|
||||
and decryption.
|
||||
Two parties communicating using a symmetric cipher must agree on the
|
||||
key beforehand.
|
||||
Once they agree, the sender encrypts a message using the key, sends it
|
||||
to the receiver, and the receiver decrypts the message using the key.
|
||||
As an example, the German Enigma is a symmetric cipher, and daily keys
|
||||
were distributed as code books.
|
||||
Each day, a sending or receiving radio operator would consult his copy
|
||||
of the code book to find the day's key.
|
||||
Radio traffic for that day was then encrypted and decrypted using the
|
||||
day's key.
|
||||
Modern examples of symmetric ciphers include 3DES, Blowfish, and IDEA.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
A good cipher puts all the security in the key and none in the algorithm.
|
||||
In other words, it should be no help to an attacker if he knows which
|
||||
cipher is being used.
|
||||
Only if he obtains the key would knowledge of the algorithm be needed.
|
||||
The ciphers used in &gnupg; have this property.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Since all the security is in the key, then it is important that it be
|
||||
very difficult to guess the key.
|
||||
In other words, the set of possible keys, &ie;, the <emphasis>key
|
||||
space</emphasis>, needs
|
||||
to be large.
|
||||
While at Los Alamos, Richard Feynman was famous for his ability to
|
||||
crack safes.
|
||||
To encourage the mystique he even carried around a set of tools
|
||||
including an old stethoscope.
|
||||
In reality, he used a variety of tricks to reduce the number of
|
||||
combinations he had to try to a small number and then simply guessed
|
||||
until he found the right combination.
|
||||
In other words, he reduced the size of the key space.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Britain used machines to guess keys during World War 2.
|
||||
The German Enigma had a very large key space, but the British built
|
||||
speciailzed computing engines, the Bombes, to mechanically try
|
||||
keys until the day's key was found.
|
||||
This meant that sometimes they found the day's key within hours of
|
||||
the new key's use, but it also meant that on some days they never
|
||||
did find the right key.
|
||||
The Bombes were not general-purpose computers but were precursors
|
||||
to modern-day computers.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Today, computers can guess keys very quickly, and this is why key
|
||||
size is important in modern cryptosystems.
|
||||
The cipher DES uses a 56-bit key, which means that there are
|
||||
<!-- inlineequation -->
|
||||
2<superscript>56</superscript> possible keys.
|
||||
<!-- inlineequation -->
|
||||
2<superscript>56</superscript> is 72,057,594,037,927,936 keys.
|
||||
This is a lot of keys, but a general-purpose computer can check the
|
||||
entire key space in a matter of days.
|
||||
A specialized computer can check it in hours.
|
||||
On the other hand, more recently designed ciphers such as 3DES,
|
||||
Blowfish, and IDEA
|
||||
<!-- inlineequation -->
|
||||
all use 128-bit keys, which means there are 2<superscript>128</superscript>
|
||||
possible keys.
|
||||
This is many, many more keys, and even if all the computers on the
|
||||
planet cooperated, it could still take more time than the age of
|
||||
the universe to find the key.
|
||||
</para>
|
||||
</sect1>
|
||||
|
||||
<sect1>
|
||||
<title>
|
||||
Public-key ciphers
|
||||
</title>
|
||||
|
||||
<para>
|
||||
The primary problem with symmetric ciphers is not their security but
|
||||
with key exchange.
|
||||
Once the sender and receiver have exchanged keys, that key can be
|
||||
used to securely communicate, but what secure communication channel
|
||||
was used to communicate the key itself?
|
||||
In particular, it would probably be much easier for an attacker to work
|
||||
to intercept the key than it is to try all the keys in the key space.
|
||||
Another problem is the number of keys needed.
|
||||
<!-- inlineequation -->
|
||||
If there are <emphasis>n</emphasis> people who need to communicate, then
|
||||
<!-- inlineequation -->
|
||||
<emphasis>n(n-1)/2</emphasis> keys
|
||||
are needed for each pair of people to communicate privately.
|
||||
This may be ok for a small number of people but quickly becomes unwieldly
|
||||
for large groups of people.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Public-key ciphers were invented to avoid the key-exchange problem
|
||||
entirely.
|
||||
A public-key cipher uses a pair of keys for sending messages.
|
||||
The two keys belong to the person receiving the message.
|
||||
One key is a <emphasis>public key</emphasis> and may be given to anybody.
|
||||
The other key is a <emphasis>private key</emphasis> and is kept
|
||||
secret by the owner.
|
||||
A sender encrypts a message using the public key and once encrypted,
|
||||
only the private key may be used to decrypt it.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
This protocol solves the key-exchange problem inherent with symmetric
|
||||
ciphers.
|
||||
There is no need for the sender and receiver to agree
|
||||
upon a key.
|
||||
All that is required is that some time before secret communication the
|
||||
sender gets a copy of the receiver's public key.
|
||||
Furthermore, the one public key can be used by anybody wishing to
|
||||
communicate with the receiver.
|
||||
<!-- inlineequation -->
|
||||
So only <emphasis>n</emphasis> keypairs are needed for <emphasis>n</emphasis>
|
||||
people to communicate secretly
|
||||
with one another,
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Public-key ciphers are based on one-way trapdoor functions.
|
||||
A one-way function is a function that is easy to compute,
|
||||
but the inverse is hard to compute.
|
||||
For example, it is easy to multiply two prime numbers together to get
|
||||
a composite, but it is difficult to factor a composite into its prime
|
||||
components.a
|
||||
A one-way trapdoor function is similar, but it has a trapdoor.
|
||||
That is, if some piece of information is known, it becomes easy
|
||||
to compute the inverse.
|
||||
For example, if you have a number made of two prime factors, then knowing
|
||||
one of the factors makes it easy to compute the second.
|
||||
Given a public-key cipher based on prime factorization, the public
|
||||
key contains a composite number made from two large prime factors, and
|
||||
the encryption algorithm uses that composite to encrypt the
|
||||
message.
|
||||
The algorithm to decrypt the message requires knowing the prime factors,
|
||||
so decryption is easy if you have the private key containing one of the
|
||||
factors but extremely difficult if you do not have it.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
As with good symmetric ciphers, with a good public-key cipher all of the
|
||||
security rests with the key.
|
||||
Therefore, key size is a measure of the system's security, but
|
||||
one cannot compare the size of a symmetric cipher key and a public-key
|
||||
cipher key as a measure of their relative security.
|
||||
In a brute-force attack on a symmetric cipher with a key size of 80 bits,
|
||||
<!-- inlineequation -->
|
||||
the attacker must enumerate up to 2<superscript>81</superscript>-1 keys to
|
||||
find the right key.
|
||||
In a brute-force attack on a public-key cipher with a key size of 512 bits,
|
||||
the attacker must factor a composite number encoded in 512 bits (up to
|
||||
155 decimal digits).
|
||||
The workload for the attacker is fundamentally different depending on
|
||||
the cipher he is attacking.
|
||||
While 128 bits is sufficient for symmetric ciphers, given today's factoring
|
||||
technology public keys with 1024 bits are recommended for most purposes.
|
||||
</para>
|
||||
</sect1>
|
||||
|
||||
<sect1>
|
||||
<title>
|
||||
Hybrid ciphers
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Public-key ciphers are no panacea.
|
||||
Many symmetric ciphers are stronger from a security standpoint,
|
||||
and public-key encryption and decryption are more expensive than the
|
||||
corresponding operations in symmetric systems.
|
||||
Public-key ciphers are nevertheless an effective tool for distributing
|
||||
symmetric cipher keys, and that is how they are used in hybrid cipher
|
||||
systems.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
A hybrid cipher uses both a symmetric cipher and a public-key cipher.
|
||||
It works by using a public-key cipher to share a key for the symmetric
|
||||
cipher.
|
||||
The actual message being sent is then encrypted using the key and sent
|
||||
to the recipient.
|
||||
Since symmetric key sharing is secure, the symmetric key used is different
|
||||
for each message sent.
|
||||
Hence it is sometimes called a session key.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Both PGP and &gnupg; use hybrid ciphers.
|
||||
The session key, encrypted using the public-key cipher, and the message
|
||||
being sent, encrypted with the symmetric cipher, are automatically
|
||||
combined in one package.
|
||||
The recipient uses his private-key to decrypt the session key and the
|
||||
session key is then used to decrypt the message.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
A hybrid cipher is no stronger than the public-key cipher or symmetric
|
||||
cipher it uses, whichever is weaker.
|
||||
In PGP and &gnupg;, the public-key cipher is probably the weaker of
|
||||
the pair.
|
||||
Fortunately, however, if an attacker could decrypt a session key it
|
||||
would only be useful for reading the one message encrypted with that
|
||||
session key.
|
||||
The attacker would have to start over and decrypt another session
|
||||
key in order to read any other message.
|
||||
</para>
|
||||
</sect1>
|
||||
|
||||
<sect1>
|
||||
<title>
|
||||
Digital signatures
|
||||
</title>
|
||||
|
||||
<para>
|
||||
A hash function is a many-to-one function that maps its input to a
|
||||
value in a finite set.
|
||||
Typically this set is a range of natural numbers.
|
||||
<!-- inlineequation -->
|
||||
A simple ehash function is <emphasis>f</emphasis>(<emphasis>x</emphasis>) = 0
|
||||
for all integers <emphasis>x</emphasis>.
|
||||
A more interesting hash function is
|
||||
<emphasis>f</emphasis>(<emphasis>x</emphasis>) = <emphasis>x</emphasis>
|
||||
<emphasis>mod</emphasis> 37, which
|
||||
maps <emphasis>x</emphasis> to the remainder of dividing <emphasis>x</emphasis> by 37.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
A document's digital signature is the result of applying a hash
|
||||
function to the document.
|
||||
To be useful, however, the hash function needs to satisfy two
|
||||
important properties.
|
||||
First, it should be hard to find two documents that hash to the
|
||||
same value.
|
||||
Second, given a hash value it should be hard to recover the document
|
||||
that produced that value.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Some public-key ciphers<footnote><para>
|
||||
The cipher must have the property that the actual public key or private
|
||||
key could be used by the encryption algorithm as the public key.
|
||||
RSA is an example of such an algorithm while ElGamal is not an example.
|
||||
</para>
|
||||
</footnote> could be used to sign documents.
|
||||
The signer encrypts the document with his <emphasis>private</emphasis> key.
|
||||
Anybody wishing to check the signature and see the document simply
|
||||
uses the signer's public key to decrypt the document.
|
||||
This algorithm does satisfy the two properties needed from a good hash
|
||||
function, but in practice, this algorithm is too slow to be useful.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
An alternative is to use hash functions designed to satisfy these
|
||||
two important properties.
|
||||
SHA and MD5 are examples of such algorithms.
|
||||
Using such an algorithm, a document is signed by hashing it, and
|
||||
the hash value is the signature.
|
||||
Another person can check the signature by also hashing their copy of the
|
||||
document and comparing the hash value they get with the hash value of
|
||||
the original document.
|
||||
If they match, it is almost certain that the documents are identical.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Of course, the problem now is using a hash function for digital
|
||||
signatures without permitting an attacker to interfere with signature
|
||||
checking.
|
||||
If the document and signature are sent unencrypted, an attacker could
|
||||
modify the document and generate a corresponding signature without the
|
||||
recipient's knowledge.
|
||||
If only the document is encrypted, an attacker could tamper with the
|
||||
signature and cause a signature check to fail.
|
||||
A third option is to use a hybrid public-key encryption to encrypt both
|
||||
the signature and document.
|
||||
The signer uses his private key, and anybody can use his public key
|
||||
to check the signature and document.
|
||||
This sounds good but is actually nonsense.
|
||||
If this algorithm truly secured the document it would also
|
||||
secure it from tampering and there would be no need for the signature.
|
||||
The more serious problem, however, is that this does not protect either
|
||||
the signature or document from tampering.
|
||||
With this algorithm, only the session key for the symmetric cipher
|
||||
is encrypted using the signer's private key.
|
||||
Anybody can use the public key to recover the session key.
|
||||
Therefore, it is straightforward for an attacker to recover the session
|
||||
key and use it to encrypt substitute documents and signatures to send
|
||||
to others in the sender's name.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
An algorithm that does work is to use a public key algorithm to
|
||||
encrypt only the signature.
|
||||
In particular, the hash value is encrypted using the signer's private
|
||||
key, and anbody can check the signature using the public key.
|
||||
The signed document can be sent using any other encryption algorithm
|
||||
including none if it is a public document.
|
||||
If the document is modified the signature check will fail, but this
|
||||
is precisely what the signature check is supposed to catch.
|
||||
The Digital Signature Standard (DSA) is a public key signature
|
||||
algorithm that works as just described.
|
||||
DSA is the primary signing algorithm used in &Gnupg;.
|
||||
</para>
|
||||
|
||||
</sect1>
|
||||
</chapter>
|
||||
|
885
doc/gph/c3.sgml
Normal file
885
doc/gph/c3.sgml
Normal file
@ -0,0 +1,885 @@
|
||||
<chapter id="management" xreflabel="3">
|
||||
<docinfo>
|
||||
<date>
|
||||
$Id$
|
||||
</date>
|
||||
</docinfo>
|
||||
<title>
|
||||
Key Management
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Key tampering is a major security weakness with public-key cryptography.
|
||||
An eavesdropper may tamper with a user's keyrings or forge a
|
||||
user's public key and post it for others to download and use.
|
||||
For example, suppose Chloe wants to monitor the messages that Alice
|
||||
sends to Blake.
|
||||
She could mount what is called a <firstterm>man in the
|
||||
middle</firstterm> attack.
|
||||
In this attack, Chloe creates a new public/private keypair.
|
||||
She replaces Alice's copy of Blake's public key with the new public key.
|
||||
She then intercepts the messages that Alice sends to Blake.
|
||||
For each intercept, she decrypts it using the new private key, reencrypts
|
||||
it using Blake's true public key, and forwards the reencrypted
|
||||
message to Blake.
|
||||
All messages sent from Alice to Blake can now be read by Chloe.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Good key management is crucial in order to ensure not just the integrity
|
||||
of your keyrings but the integrity of other users' keyrings as well.
|
||||
The core of key management in &gnupg; is the notion of signing keys.
|
||||
Key signing has two main purposes: it permits you to detect tampering
|
||||
on your keyring, and it allows you to certify that a key truly belongs
|
||||
to the person named by a user ID on the key.
|
||||
Key signatures are also used in a scheme known as the <firstterm>web of
|
||||
trust</firstterm> to extend certification to keys not directly signed by you
|
||||
but signed by others you trust.
|
||||
Responsible users who practice good key management can defeat key
|
||||
tampering as a practical attack on secure communication with &gnupg;.
|
||||
</para>
|
||||
|
||||
<sect1>
|
||||
<title>
|
||||
Managing your own keypair
|
||||
</title>
|
||||
|
||||
<para>
|
||||
A keypair has a public key and a private key.
|
||||
A public key consists of
|
||||
the public portion of the master signing key,
|
||||
the public portions of the subordinate signing and encryption subkeys, and
|
||||
a set of user IDs used to associate the public key with a real person.
|
||||
Each piece has data about itself.
|
||||
For a key, this data includes its ID, when it was created, when it
|
||||
will expire, etc.
|
||||
For a user ID, this data includes the name of the real person it identifies,
|
||||
an optional comment, and an email address.
|
||||
The structure of the private key is similar, except that it contains only
|
||||
the private portions of the keys, and there is no user ID information.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
The command-line option
|
||||
<link linkend="edit-key"><option>--edit-key</option></link>
|
||||
may be used to view a keypair.
|
||||
For example,
|
||||
|
||||
<screen width="80">
|
||||
<prompt>chloe%</prompt> <userinput>gpg --edit-key chloe@cyb.org</userinput>
|
||||
Secret key is available.
|
||||
|
||||
pub 1024D/26B6AAE1 created: 1999-06-15 expires: never trust: -/u
|
||||
sub 2048g/0CF8CB7A created: 1999-06-15 expires: never
|
||||
sub 1792G/08224617 created: 1999-06-15 expires: 2002-06-14
|
||||
sub 960D/B1F423E7 created: 1999-06-15 expires: 2002-06-14
|
||||
(1) Chloe (Jester) <chloe@cyb.org>
|
||||
(2) Chloe (Plebian) <chloe@tel.net>
|
||||
<prompt>Command></prompt>
|
||||
</screen>
|
||||
|
||||
The public key is displayed along with an indication of whether
|
||||
or not the private key is available.
|
||||
Information about each component of the public key is then listed.
|
||||
The first column indicates the type of the key.
|
||||
The keyword <literal>pub</literal> identifies the public master signing key,
|
||||
and the keyword <literal>sub</literal> identifies a public subordinate key.
|
||||
The second column indicates the key's bit length, type, and ID.
|
||||
The type is <literal>D</literal> for a DSA key, <literal>g</literal> for an
|
||||
encryption-only
|
||||
ElGamal key, and <literal>G</literal> for an ElGamal key that may be used for
|
||||
both encryption and signing.
|
||||
The creation date and expiration date are given in columns three and four.
|
||||
The user IDs are listed following the keys.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
More information about the key can be obtained with interactive commands.
|
||||
The command <link linkend="toggle"><command>toggle</command></link>
|
||||
switches between the public and private
|
||||
components of a keypair if indeed both components are available.
|
||||
|
||||
<screen width="80">
|
||||
<prompt>Command></prompt> <userinput>toggle</userinput>
|
||||
|
||||
sec 1024D/26B6AAE1 created: 1999-06-15 expires: never
|
||||
sbb 2048g/0CF8CB7A created: 1999-06-15 expires: never
|
||||
sbb 1792G/08224617 created: 1999-06-15 expires: 2002-06-14
|
||||
sbb 960D/B1F423E7 created: 1999-06-15 expires: 2002-06-14
|
||||
(1) Chloe (Jester) <chloe@cyb.org>
|
||||
(2) Chloe (Plebian) <chloe@tel.net>
|
||||
</screen>
|
||||
|
||||
The information provided is similar to the listing for the public-key
|
||||
component.
|
||||
The keyword <literal>sec</literal> identifies the private master signing key,
|
||||
and the keyword <literal>sbb</literal> identifies the private subordinates keys.
|
||||
The user IDs from the public key are also listed for convenience.
|
||||
</para>
|
||||
|
||||
<sect2>
|
||||
<title id="integrity">
|
||||
Key integrity
|
||||
</title>
|
||||
|
||||
<para>
|
||||
When you distribute your public key, you are distributing the public
|
||||
components of your master and subordinate keys as well as the user IDs.
|
||||
Distributing this material alone, however, is a security risk since
|
||||
it is possible for an attacker to tamper with the key.
|
||||
The public key can be modified by adding or substituting keys, or by
|
||||
adding or changing user IDs.
|
||||
By tampering with a user ID, the attacker could change the user ID's email
|
||||
address to have email redirected to himself.
|
||||
By changing one of the encryption keys, the attacker would
|
||||
also be able to decrypt the messages redirected to him.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Using digital signatures is a solution to this problem.
|
||||
When data is signed by a private key, the corresponding public key
|
||||
is bound to the signed data.
|
||||
In other words, only the corresponding public key can be used to
|
||||
verify the signature and ensure that the data has not been modified.
|
||||
A public key can be protected from tampering by using its corresponding
|
||||
private master key to sign the public key components and user IDs, thus
|
||||
binding the components to the public master key.
|
||||
Signing public key components with the corresponding private master
|
||||
signing key is called <firstterm>self-signing</firstterm>, and a public key that has
|
||||
self-signed user IDs bound to it is called a <firstterm>certificate</firstterm>.
|
||||
</para>
|
||||
|
||||
<!--
|
||||
%\begin{figure}
|
||||
%Blank
|
||||
%\caption{This should depict how self-signatures bind information to
|
||||
%a public key.}\label{fig:selfsignedkey}
|
||||
%\end{figure}
|
||||
%
|
||||
%As an example, Figure~\ref{fig:selfsignedkey} illustrates Chloe's public
|
||||
%key, which has been self-signed to bind the user IDs and public subkeys
|
||||
%to the public master key.
|
||||
%The signatures on the user IDs can be checked with the \texttt{check}
|
||||
%command from the key edit menu.
|
||||
-->
|
||||
|
||||
<para>
|
||||
As an example, Chloe has two user IDs and three subkeys.
|
||||
The signatures on the user IDs can be checked with the command
|
||||
<link linkend="check"><command>check</command></link> from the key edit menu.
|
||||
|
||||
<screen width="80">
|
||||
<prompt>chloe%</prompt> <userinput>gpg --edit-key chloe</userinput>
|
||||
Secret key is available.
|
||||
|
||||
pub 1024D/26B6AAE1 created: 1999-06-15 expires: never trust: -/u
|
||||
sub 2048g/0CF8CB7A created: 1999-06-15 expires: never
|
||||
sub 1792G/08224617 created: 1999-06-15 expires: 2002-06-14
|
||||
sub 960D/B1F423E7 created: 1999-06-15 expires: 2002-06-14
|
||||
(1) Chloe (Jester) <chloe@cyb.org>
|
||||
(2) Chloe (Plebian) <chloe@tel.net>
|
||||
|
||||
<prompt>Command></prompt> <userinput>check</userinput>
|
||||
uid Chloe (Jester) <chloe@cyb.org>
|
||||
sig! 26B6AAE1 1999-06-15 [self-signature]
|
||||
uid Chloe (Plebian) <chloe@tel.net>
|
||||
sig! 26B6AAE1 1999-06-15 [self-signature]
|
||||
</screen>
|
||||
|
||||
As expected, the signing key for each signature is the master signing
|
||||
key with key ID <literal>0x26B6AAE1</literal>.
|
||||
The self-signatures on the subkeys are present in the public key, but
|
||||
they are not shown by the &gnupg; interface.
|
||||
</para>
|
||||
</sect2>
|
||||
|
||||
<sect2>
|
||||
<title>
|
||||
Adding and deleting key components
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Both new subkeys and new user IDs may be added to your keypair after
|
||||
it has been created.
|
||||
A user ID is added using the command
|
||||
<link linkend="adduid"><command>adduid</command></link>.
|
||||
You are prompted for a real name, email address, and comment just
|
||||
as when you create an initial keypair.
|
||||
A subkey is added using the command
|
||||
<link linkend="addkey"><command>addkey</command></link>.
|
||||
The interface is similar to the interface used when creating an initial
|
||||
keypair.
|
||||
The subkey may be a DSA signing key, and encrypt-only ElGamal
|
||||
key, or a sign-and-encrypt ElGamal key.
|
||||
When a subkey or user ID is generated it is self-signed using your
|
||||
master signing key, which is why you must supply your passphrase
|
||||
when the key is generated.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Additional user IDs are useful when you need multiple identities.
|
||||
For example, you may have an identity for your job and an identity
|
||||
for your work as a political activist.
|
||||
Coworkers will know you by your work user ID.
|
||||
Coactivists will know you by your activist user ID.
|
||||
Since those groups of people may not overlap, though, each group
|
||||
may not trust the other user ID.
|
||||
Both user IDs are therefore necessary.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Additional subkeys are also useful.
|
||||
The user IDs associated with your public master key are validated by
|
||||
the people with whom you
|
||||
communicate, and changing the master key therefore requires recertification.
|
||||
This may be difficult and time consuming if you communicate with
|
||||
many people.
|
||||
On the other hand, it is good to periodically change encryption subkeys.
|
||||
If a key is broken, all the data encrypted with that key will be
|
||||
vulnerable.
|
||||
By changing keys, however, only the data encrypted with the one broken
|
||||
key will be revealed.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Subkeys and user IDs may also be deleted.
|
||||
To delete a subkey or user ID you must first select it using the
|
||||
<link linkend="key"><command>key</command></link> or
|
||||
<link linkend="uid"><command>uid</command></link> commands respectively.
|
||||
These commands are toggles.
|
||||
For example, the command <command>key <parameter>2</parameter></command>
|
||||
selects the second subkey,
|
||||
and invoking <command>key <parameter>2</parameter></command> again
|
||||
deselects it.
|
||||
If no extra argument is given, all subkeys or user IDs are deselected.
|
||||
Once the user IDs to be deleted are selected, the command
|
||||
<link linkend="deluid"><command>deluid</command></link>
|
||||
actually deletes the user IDs from your key.
|
||||
Similarly, the command <link linkend="delkey"><command>delkey</command></link>
|
||||
deletes all selected subkeys from both your public and private keys.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
For local keyring management, deleting key components is a good way
|
||||
to trim other people's public keys of unnecessary material.
|
||||
Deleting user IDs and subkeys on your own key, however, is not always
|
||||
wise since it complicates key distribution.
|
||||
By default, when a user imports your updated public key it will be merged
|
||||
with the old copy of your public key on his ring if it exists.
|
||||
The components from both keys are combined in the merge, and this
|
||||
effectively restores any components you deleted.
|
||||
To properly update the key, the user must first delete the old version
|
||||
of your key and then import the new version.
|
||||
This puts an extra burden on the people with whom you communicate.
|
||||
Furthermore, if you send your key to a keyserver, the merge will
|
||||
happen regardless, and anybody who downloads your key from a keyserver
|
||||
will never see your key with components deleted.
|
||||
Consequently, for updating your own key it is better to revoke key
|
||||
components instead of deleting them.
|
||||
</para>
|
||||
</sect2>
|
||||
|
||||
<sect2>
|
||||
<title>
|
||||
Revoking key components
|
||||
</title>
|
||||
|
||||
<para>
|
||||
To revoke a subkey it must be selected.
|
||||
Once selected it may be revoked with the
|
||||
<link linkend="revkey"><command>revkey</command></link> command.
|
||||
The key is revoked by adding a revocation self-signature to the key.
|
||||
Unlike the command-line option <option>--gen-revoke</option>, the effect of
|
||||
revoking a subkey is immediate.
|
||||
</para>
|
||||
|
||||
<screen width="80">
|
||||
<prompt>Command></prompt> <userinput>revkey</userinput>
|
||||
Do you really want to revoke this key? y
|
||||
|
||||
You need a passphrase to unlock the secret key for
|
||||
user: "Chloe (Jester) <chloe@cyb.org>"
|
||||
1024-bit DSA key, ID B87DBA93, created 1999-06-28
|
||||
|
||||
|
||||
pub 1024D/B87DBA93 created: 1999-06-28 expires: never trust: -/u
|
||||
sub 2048g/B7934539 created: 1999-06-28 expires: never
|
||||
sub 1792G/4E3160AD created: 1999-06-29 expires: 2000-06-28
|
||||
rev! subkey has been revoked: 1999-06-29
|
||||
sub 960D/E1F56448 created: 1999-06-29 expires: 2000-06-28
|
||||
(1) Chloe (Jester) <chloe@cyb.org>
|
||||
(2) Chloe (Plebian) <chloe@tel.net>
|
||||
</screen>
|
||||
|
||||
<para>
|
||||
A user ID is revoked differently.
|
||||
Normally, a user ID collects signatures that attest that the user ID
|
||||
describes the person who actually owns the associated key.
|
||||
In theory, a user ID describes a person forever, since that person will
|
||||
never change.
|
||||
In practice, though, elements of the user ID such as the email address
|
||||
and comment may change over time, thus invalidating the user ID.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
The OpenPGP
|
||||
<comment>First reference to OpenPGP</comment>
|
||||
specification does not support user ID revocation, but
|
||||
a user ID can effectively be revoked by revoking the self-signature
|
||||
on the user ID.
|
||||
For the security reasons described
|
||||
<link linkend="integrity">previously</link>,
|
||||
correspondents will not trust a user ID with no valid self-signature.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
A signature is revoked by using the command
|
||||
<link linkend="revsig"><command>revsig</command></link>.
|
||||
Since you may have signed any number of user IDs, the user interface
|
||||
prompts you to decide for each signature whether or not to revoke it.
|
||||
</para>
|
||||
|
||||
<screen width="80">
|
||||
<prompt>Command></prompt> <userinput>revsig</userinput>
|
||||
You have signed these user IDs:
|
||||
Chloe (Jester) <chloe@cyb.org>
|
||||
signed by B87DBA93 at 1999-06-28
|
||||
Chloe (Plebian) <chloe@tel.net>
|
||||
signed by B87DBA93 at 1999-06-28
|
||||
user ID: "Chloe (Jester) <chloe@cyb.org>"
|
||||
signed with your key B87DBA93 at 1999-06-28
|
||||
Create a revocation certificate for this signature? (y/N)n
|
||||
user ID: "Chloe (Plebian) <chloe@tel.net>"
|
||||
signed with your key B87DBA93 at 1999-06-28
|
||||
Create a revocation certificate for this signature? (y/N)y
|
||||
You are about to revoke these signatures:
|
||||
Chloe (Plebian) <chloe@tel.net>
|
||||
signed by B87DBA93 at 1999-06-28
|
||||
Really create the revocation certificates? (y/N)y
|
||||
|
||||
You need a passphrase to unlock the secret key for
|
||||
user: "Chloe (Jester) <chloe@cyb.org>"
|
||||
1024-bit DSA key, ID B87DBA93, created 1999-06-28
|
||||
|
||||
|
||||
pub 1024D/B87DBA93 created: 1999-06-28 expires: never trust: -/u
|
||||
sub 2048g/B7934539 created: 1999-06-28 expires: never
|
||||
sub 1792G/4E3160AD created: 1999-06-29 expires: 2000-06-28
|
||||
rev! subkey has been revoked: 1999-06-29
|
||||
sub 960D/E1F56448 created: 1999-06-29 expires: 2000-06-28
|
||||
(1) Chloe (Jester) <chloe@cyb.org>
|
||||
(2) Chloe (Plebian) <chloe@tel.net>
|
||||
</screen>
|
||||
|
||||
<para>
|
||||
A revoked user ID is indicated by the revocation signature on
|
||||
the ID when the signatures on the key's user IDs are listed.
|
||||
</para>
|
||||
|
||||
<screen width="80">
|
||||
<prompt>Command></prompt> <userinput>check</userinput>
|
||||
uid Chloe (Jester) <chloe@cyb.org>
|
||||
sig! B87DBA93 1999-06-28 [self-signature]
|
||||
uid Chloe (Plebian) <chloe@tel.net>
|
||||
rev! B87DBA93 1999-06-29 [revocation]
|
||||
sig! B87DBA93 1999-06-28 [self-signature]
|
||||
</screen>
|
||||
|
||||
<para>
|
||||
Revoking both subkeys and self-signatures on user IDs adds revocation
|
||||
self-signatures to the key.
|
||||
Since signatures are being added and no material is deleted, a
|
||||
revocation will always be visible to others when your updated public
|
||||
key is distributed and merged with older copies of it.
|
||||
Revocation therefore guarantees that everybody has a consistent
|
||||
copy of your public key.
|
||||
</para>
|
||||
</sect2>
|
||||
|
||||
<sect2>
|
||||
<title>
|
||||
Updating a key's expiration time
|
||||
</title>
|
||||
|
||||
<para>
|
||||
The expiration time of a key may be updated with the command
|
||||
<link linkend="expire"><command>expire</command></link> from the key edit menu.
|
||||
If no key is selected the expiration time of the primary key
|
||||
is updated.
|
||||
Otherwise the expiration time of the selected subordinate key
|
||||
is updated.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
A key's expiration time is associated with the key's self-signature.
|
||||
The expiration time is updated by deleting the old self-signature
|
||||
and adding a new self-signature.
|
||||
Since correspondents will not have deleted the old self-signature, they
|
||||
will see an additional self-signature on the key when they update
|
||||
their copy of your key.
|
||||
The latest self-signature takes precedence, however, so all correspondents
|
||||
will unambiguously know the expiration times of your keys.
|
||||
</para>
|
||||
</sect2>
|
||||
</sect1>
|
||||
|
||||
<sect1>
|
||||
<title>
|
||||
Validating other keys on your public keyring
|
||||
</title>
|
||||
|
||||
<para>
|
||||
In Chapter <xref linkend="intro"> a procedure was given to validate your
|
||||
correspondents' public keys: a correspondent's key is validated by
|
||||
personally checking his key's fingerprint and then signing his public
|
||||
key with your private key.
|
||||
By personally checking the fingerprint you can be sure that the
|
||||
key really does belong to him, and since you have signed they key, you
|
||||
can be sure to detect any tampering with it in the future.
|
||||
Unfortunately, this procedure is awkward when either you must validate
|
||||
a large number of keys or communicate with people whom you do not
|
||||
know personally.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
&Gnupg; addresses this problem with a mechanism popularly known
|
||||
as the <firstterm>web of trust</firstterm>.
|
||||
In the web of trust model, responsibility for validating public
|
||||
keys is delegated to people you trust.
|
||||
For example, suppose
|
||||
<itemizedlist spacing="compact">
|
||||
<listitem>
|
||||
<para>
|
||||
Alice has signed Blake's key, and
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Blake has signed Chloe's key and Dharma's key.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
If Alice trusts Blake to properly validate keys that he signs, then
|
||||
Alice can infer that Chloe's and Dharma's keys are valid without
|
||||
having to personally check them.
|
||||
She simply uses her validated copy of Blake's public key to
|
||||
check that Blake's signatures on Chloe's and Dharma's are good.
|
||||
In general, assuming that Alice fully trusts everybody to properly
|
||||
validate keys they sign, then any key signed by a valid key is also
|
||||
considered valid.
|
||||
The root is Alice's key, which is axiomatically assumed to be valid.
|
||||
</para>
|
||||
|
||||
<sect2>
|
||||
<title>
|
||||
Trust in a key's owner
|
||||
</title>
|
||||
|
||||
<para>
|
||||
In practice trust is subjective.
|
||||
For example, Blake's key is valid to Alice since she signed it, but she
|
||||
may not trust Blake to properly validate keys that he signs.
|
||||
In that case, she would not take Chloe's and Dharma's key as valid
|
||||
based on Blake's signatures alone.
|
||||
The web of trust model accounts for this by associating with each
|
||||
public key on your keyring an indication of how much you trust the
|
||||
key's owner.
|
||||
There are four trust levels.
|
||||
|
||||
<variablelist>
|
||||
<varlistentry>
|
||||
<term>
|
||||
unknown
|
||||
</term>
|
||||
<listitem>
|
||||
<para>
|
||||
Nothing is known about the owner's judgement in key signing.
|
||||
Keys on your public keyring that you do not own initially have
|
||||
this trust level.
|
||||
</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term>
|
||||
none
|
||||
</term>
|
||||
<listitem>
|
||||
<para>
|
||||
The owner is known to improperly sign other keys.
|
||||
</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term>
|
||||
marginal
|
||||
</term>
|
||||
<listitem>
|
||||
<para>
|
||||
The owner understands the implications of key signing and
|
||||
properly validates keys before signing them.
|
||||
</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term>
|
||||
full
|
||||
</term>
|
||||
<listitem>
|
||||
<para>
|
||||
The owner has an excellent understanding of key signing,
|
||||
and his signature on a key would be as good as your own.
|
||||
</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
|
||||
A key's trust level is something that you alone assign to the
|
||||
key, and it is considered private information.
|
||||
It is not packaged with the key when it is exported; it is even
|
||||
stored separately from your keyrings in a separate database.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
The &gnupg; key editor may be used to adjust your trust in a key's owner.
|
||||
The command is <link linkend="trust"><command>trust</command></link>.
|
||||
In this example Alice edits her trust in Blake and then updates
|
||||
the trust database to recompute which keys are valid based on her new
|
||||
trust in Blake.
|
||||
|
||||
<screen width="80">
|
||||
<prompt>alice%</prompt> <userinput>gpg --edit-key blake</userinput>
|
||||
|
||||
pub 1024D/8B927C8A created: 1999-07-02 expires: never trust: q/f
|
||||
sub 1024g/C19EA233 created: 1999-07-02 expires: never
|
||||
(1) Blake (Executioner) <blake@cyb.org>
|
||||
|
||||
<prompt>Command></prompt> <userinput>trust</userinput>
|
||||
pub 1024D/8B927C8A created: 1999-07-02 expires: never trust: q/f
|
||||
sub 1024g/C19EA233 created: 1999-07-02 expires: never
|
||||
(1) Blake (Executioner) <blake@cyb.org>
|
||||
|
||||
Please decide how far you trust this user to correctly
|
||||
verify other users' keys (by looking at passports,
|
||||
checking fingerprints from different sources...)?
|
||||
|
||||
1 = Don't know
|
||||
2 = I do NOT trust
|
||||
3 = I trust marginally
|
||||
4 = I trust fully
|
||||
s = please show me more information
|
||||
m = back to the main menu
|
||||
|
||||
<prompt>Your decision?</prompt> <userinput>3</userinput>
|
||||
|
||||
pub 1024D/8B927C8A created: 1999-07-02 expires: never trust: m/f
|
||||
sub 1024g/C19EA233 created: 1999-07-02 expires: never
|
||||
(1) Blake (Executioner) <blake@cyb.org>
|
||||
|
||||
<prompt>Command></prompt> <userinput>quit</userinput>
|
||||
[...]
|
||||
</screen>
|
||||
|
||||
Trust in the key's owner and the key's validity are indicated to the
|
||||
right when the key is displayed.
|
||||
Trust in the owner is displayed first and the key's validity is
|
||||
<!-- HERE, need to fix quotation marks -->
|
||||
second<footnote>
|
||||
<para>
|
||||
&Gnupg; overloads the word "trust" by using it to mean
|
||||
trust in an owner and trust in a key.
|
||||
This can be confusing.
|
||||
Sometimes trust in an owner is referred to as
|
||||
<firstterm>owner-trust</firstterm> to
|
||||
distinguish it from trust in a key.
|
||||
<!-- HERE, need to fix quotation marks -->
|
||||
Throughout this manual, however, "trust" is used to
|
||||
mean trust in a key's
|
||||
<!-- HERE, need to fix quotation marks -->
|
||||
owner, and "validity" is used to mean trust that a key
|
||||
belongs to the human associated with the key ID.
|
||||
</para>
|
||||
</footnote>.
|
||||
The four trust/validity levels are abbreviated: unknown (<literal>q</literal>),
|
||||
none (<literal>n</literal>), marginal (<literal>m</literal>), and
|
||||
full (<literal>f</literal>).
|
||||
In this case, Blake's key is fully valid since Alice signed it herself.
|
||||
She initially has an unknown trust in Blake to properly sign other keys
|
||||
but decides to trust him marginally.
|
||||
</para>
|
||||
</sect2>
|
||||
|
||||
<sect2>
|
||||
<title>
|
||||
Using trust to validate keys
|
||||
</title>
|
||||
|
||||
<para>
|
||||
The web of trust allows a more elaborate algorithm to be used to
|
||||
validate a key.
|
||||
Formerly, a key was considered valid only if you signed it personally.
|
||||
<!-- HERE, math -->
|
||||
A more flexible algorithm can now be used: a key <emphasis>K</emphasis> is considered valid
|
||||
if it meets two conditions:
|
||||
<orderedlist spacing="compact">
|
||||
<listitem>
|
||||
<para>
|
||||
it is signed by enough valid keys, meaning
|
||||
<itemizedlist spacing="compact">
|
||||
<listitem>
|
||||
<para>
|
||||
you have signed it personally,
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
it has been signed by one fully trusted key, or
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
it has been signed by three marginally trusted keys; and
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<!-- HERE, math -->
|
||||
the path of signed keys leading from <emphasis>K</emphasis> back
|
||||
to your own key is five steps or shorter.
|
||||
</para>
|
||||
</listitem>
|
||||
</orderedlist>
|
||||
|
||||
The path length, number of marginally trusted keys required, and number
|
||||
of fully trusted keys required may be adjusted.
|
||||
The numbers given above are the default values used by &gnupg;.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
<xref linkend="wot-examples"> shows a web of trust rooted at Alice.
|
||||
The graph illustrates who has signed who's keys.
|
||||
The table shows which keys Alice considers valid based on her
|
||||
trust in the other members of the web.
|
||||
<comment>Potential bug: <option>--completes-needed</option> on command
|
||||
line seems to be ignored when combined with <option>--update-trustdb</option>.
|
||||
Value is taken correctly if put in options file, however.</comment>
|
||||
This example assumes that two marginally-trusted keys or one
|
||||
fully-trusted key is needed to validate another key.
|
||||
The maximum path length is three.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
When computing valid keys in the example, Blake and Dharma's are
|
||||
always considered fully valid since they were signed directly
|
||||
by Alice.
|
||||
The validity of the other keys depends on trust.
|
||||
In the first case, Dharma is trusted fully, which implies
|
||||
that Chloe's and Francis's keys will be considered valid.
|
||||
In the second example, Blake and Dharma are trusted marginally.
|
||||
Since two marginally trusted keys are needed to fully validate a
|
||||
key, Chloe's key will be considered fully valid, but Francis's
|
||||
key will be considered only marginally valid.
|
||||
In the case where Chloe and Dharma are marginally trusted,
|
||||
Chloe's key will be marginally valid since Dharma's key is
|
||||
fully valid.
|
||||
Francis's key, however, will also be considered marginally
|
||||
valid since only a fully valid key can be used to validate
|
||||
other keys, and Dharma's key is the only fully valid key
|
||||
that has been used to sign Francis's key.
|
||||
When marginal trust in Blake is added, Chloe's key becomes
|
||||
fully valid and can then be used to fully validate Francis's
|
||||
key and marginally validate Elena's key.
|
||||
Lastly, when Blake, Chloe, and Elena are fully trusted, this is
|
||||
still insufficient to validate Geoff's key since the maximum
|
||||
certification path is three, but the path length from Geoff
|
||||
back to Alice is four.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
The web of trust model is a flexible approach to the problem of safe
|
||||
public key exchange.
|
||||
It permits you to tune &gnupg; to reflect how you use it.
|
||||
At one extreme you may insist on multiple, short paths from your
|
||||
<!-- HERE, math -->
|
||||
key to another key <emphasis>K</emphasis> in order to trust it.
|
||||
On the other hand, you may be satisfied with longer paths and
|
||||
<!-- HERE, math -->
|
||||
perhaps as little as one path from your key to the other
|
||||
key <emphasis>K</emphasis>.
|
||||
<!-- HERE, math -->
|
||||
Requiring multiple, short paths is a strong guarantee
|
||||
that <emphasis>K</emphasis> belongs to whom your think it does.
|
||||
The price, of course, is that it is more difficult to validate keys
|
||||
since you must personally sign more keys than if you accepted fewer
|
||||
and longer paths.
|
||||
</para>
|
||||
|
||||
<figure id="wot-examples" float=1>
|
||||
<title>
|
||||
A hypothetical web of trust
|
||||
</title>
|
||||
<!--
|
||||
The graph indicates who has signed who's keys.
|
||||
The table, in which names have been abbreviated, shows which keys are
|
||||
valid depending on how Alice trusts other members in the web.
|
||||
Alice considers different keys valid depending on how she trusts
|
||||
the members of the web.
|
||||
-->
|
||||
|
||||
<graphic fileref="signatures.jpg"></graphic>
|
||||
|
||||
<informaltable frame="all">
|
||||
<tgroup cols="4" rowsep="1" colsep="1">
|
||||
<colspec colname="one" colnum="1">
|
||||
<colspec colname="two" colnum="2">
|
||||
<colspec colname="three" colnum="3">
|
||||
<colspec colname="four" colnum="4">
|
||||
<spanspec spanname="lefthalf" namest="one" nameend="two" align="center">
|
||||
<spanspec spanname="righthalf" namest="three" nameend="four" align="center">
|
||||
|
||||
<thead>
|
||||
<colspec
|
||||
<row>
|
||||
<entry spanname="lefthalf">trust</entry>
|
||||
<entry spanname="righthalf">validity</entry>
|
||||
</row>
|
||||
<row>
|
||||
<entry align="center">marginal</entry>
|
||||
<entry align="center">full</entry>
|
||||
<entry align="center">marginal</entry>
|
||||
<entry align="center">full</entry>
|
||||
</row>
|
||||
</thead>
|
||||
<tbody>
|
||||
<row>
|
||||
<entry></entry>
|
||||
<entry>Dharma</entry>
|
||||
<entry></entry>
|
||||
<entry>Blake, Chloe, Dharma, Francis</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Blake, Dharma</entry>
|
||||
<entry></entry>
|
||||
<entry>Francis</entry>
|
||||
<entry>Blake, Chloe, Dharma</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Chloe, Dharma</entry>
|
||||
<entry></entry>
|
||||
<entry>Chloe, Francis</entry>
|
||||
<entry>Blake, Dharma</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>Blake, Chloe, Dharma</entry>
|
||||
<entry></entry>
|
||||
<entry>Elena</entry>
|
||||
<entry>Blake, Chloe, Dharma, Francis</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry></entry>
|
||||
<entry>Blake, Chloe, Elena</entry>
|
||||
<entry></entry>
|
||||
<entry>Blake, Chloe, Elena, Francis</entry>
|
||||
</row>
|
||||
</tbody>
|
||||
</tgroup>
|
||||
</informaltable>
|
||||
</figure>
|
||||
</sect2>
|
||||
</sect1>
|
||||
|
||||
<sect1>
|
||||
<title>
|
||||
Distributing keys
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Ideally, you distribute your key by personally giving it to your
|
||||
correspondents.
|
||||
In practice, however, keys are often distributed by email or some
|
||||
other electronic communication medium.
|
||||
Distribution by email is good practice when you have only a few
|
||||
correspondents, and even if you have many correspondents, you can use
|
||||
an alternative means such as posting your public key on your World Wide
|
||||
Web homepage.
|
||||
This is unacceptable, however, if people who need your public key do
|
||||
not know where to find it on the Web.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
To solve this problem public key servers are used to collect
|
||||
and distribute public keys.
|
||||
A public key received by the server is either added to the server's
|
||||
database or merged with the existing key if already present.
|
||||
When a key request comes to the server, the server consults its
|
||||
database and returns the requested public key if found.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
A keyserver is also valuable when many people are frequently signing other
|
||||
people's keys.
|
||||
Without a keyserver, when Blake sign's Alice's key then Blake would send
|
||||
Alice a copy of her public key signed by him so that Alice could
|
||||
add the updated key to her ring as well as distribute it to all of her
|
||||
correspondents.
|
||||
Going through this effort fulfills Alice's and Blake's responsibility
|
||||
to the community at large in building tight webs of trust and thus
|
||||
improving the security of PGP.
|
||||
It is nevertheless a nuisance if key signing is frequent.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Using a keyserver makes the process somewhat easier.
|
||||
When Blake signs Alice's key he sends the signed key to the key server.
|
||||
The key server adds Blake's signature to its copy of Alice's key.
|
||||
Individuals interested in updating their copy of Alice's key then consult
|
||||
the keyserver on their own initiative to retrieve the updated key.
|
||||
Alice need never be involved with distribution and can retrieve signatures
|
||||
on her key simply by querying a keyserver.
|
||||
<comment><option>--keyserver</option> must come before
|
||||
<option>--send-key</option> or <option>--recv-key</option>.
|
||||
This appears to be a bug.</comment>
|
||||
</para>
|
||||
|
||||
<para>
|
||||
One or more keys may be sent to a keyserver using the command-line
|
||||
option <link linkend="send-keys"><option>--send-keys</option></link>.
|
||||
The option takes one or more key specifiers and sends the specified
|
||||
keys to the key server.
|
||||
The key server to which to send the keys is specified with the
|
||||
command-line option <link linkend="keyserver"><option>--keyserver</option></link>.
|
||||
Similarly, the option
|
||||
<link linkend="recv-keys"><option>--recv-keys</option></link> is used
|
||||
to retrieve keys from a keyserver, but the option <option>--recv-keys</option>
|
||||
requires a key ID be used to specify the key.
|
||||
In the following example Alice sends her public key to the keyserver
|
||||
<parameter>certserver.pgp.com</parameter> and then updates her copy
|
||||
of Blake's key from the same keyserver.
|
||||
|
||||
<screen width="80">
|
||||
<prompt>alice%</prompt> <userinput>gpg --keyserver certserver.pgp.com --recv-key 0xBB7576AC</userinput>
|
||||
gpg: requesting key BB7576AC from certserver.pgp.com ...
|
||||
gpg: key BB7576AC: 1 new signature
|
||||
|
||||
gpg: Total number processed: 1
|
||||
gpg: new signatures: 1
|
||||
<prompt>alice%</prompt> <userinput>gpg --keyserver certserver.pgp.com --send-key blake@cyb.org</userinput>
|
||||
gpg: success sending to 'certserver.pgp.com' (status=200)
|
||||
</screen>
|
||||
|
||||
There are several popular keyservers in use around the world.
|
||||
The major keyservers synchronize themselves, so it is fine to
|
||||
pick a keyserver close to you on the Internet and then use it
|
||||
regularly for sending and receiving keys.
|
||||
</para>
|
||||
</sect1>
|
||||
|
||||
</chapter>
|
||||
|
433
doc/gph/c4.sgml
Normal file
433
doc/gph/c4.sgml
Normal file
@ -0,0 +1,433 @@
|
||||
<chapter id="wise" xreflabel="4">
|
||||
<docinfo>
|
||||
<date>
|
||||
$Id$
|
||||
</date>
|
||||
</docinfo>
|
||||
<title>
|
||||
Daily use of &Gnupg;
|
||||
</title>
|
||||
|
||||
<para>
|
||||
&Gnupg; is a complex tool with technical, social, and legal issues
|
||||
surrounding it.
|
||||
Technically, it has been designed to be used in situations having
|
||||
drastically different security needs.
|
||||
This complicates key management.
|
||||
Socially, using &gnupg; is not strictly a personal decision.
|
||||
To use &gnupg effectively both parties communicating must use it.
|
||||
Finally, as of 1999, laws regarding digital encryption, and in particular
|
||||
whether or not using &gnupg; is legal, vary from country to country and
|
||||
is currently being debated by many national governments.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
This chapter addresses these issues.
|
||||
It gives practical advice on how to use &gnupg; to meet your security needs.
|
||||
It also suggests ways to promote the use of &gnupg; for secure
|
||||
communication between yourself and your colleagues when your colleagues
|
||||
are not currently using &gnupg;.
|
||||
Finally, the legal status of &gnupg; is outlined given the current status
|
||||
of encryption laws in the world.
|
||||
</para>
|
||||
|
||||
<sect1>
|
||||
<title>
|
||||
Defining your security needs
|
||||
</title>
|
||||
|
||||
<para>
|
||||
&Gnupg; is a tool you use to protect your privacy.
|
||||
Your privacy is protected if you can correspond with others without
|
||||
eavesdroppers reading those messages.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
How you should use &gnupg; depends on the determination and resourcefulness
|
||||
of those who might want to read your encrypted messages.
|
||||
An eavesdropper may be an unscrupulous system administrator casually
|
||||
scanning your mail, it might be an industrial spy trying to collect
|
||||
your company's secrets, or it might be a law enforcement agency trying
|
||||
to prosecute you.
|
||||
Using &gnupg; to protect against casual eavesdropping is going to be
|
||||
different than using &gnupg; to protect against a determined adversary.
|
||||
Your goal, ultimately, is to make it more expensive to recover the
|
||||
unencrypted data than that data is worth.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Customizing your use of &gnupg; revolves around three issues:
|
||||
<itemizedlist spacing="compact">
|
||||
<listitem>
|
||||
<para>
|
||||
the key size of your public/private keypair,
|
||||
</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>
|
||||
protecting your private key, and
|
||||
</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>
|
||||
managing your web of trust.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
A well-chosen key size protects you against brute-force attacks on
|
||||
encrypted messages.
|
||||
Protecting your private key prevents an attacker from simply using your
|
||||
private key to decrypt encrypted messages and sign messages in your name.
|
||||
Correctly managing your web of trust prevents attackers from masquarading
|
||||
as people with whom you communicate.
|
||||
Ultimately, addressing these issues with respect to your own security
|
||||
needs is how you balance the extra work required to use &gnupg; with
|
||||
the privacy it gives you.
|
||||
</para>
|
||||
|
||||
<sect2>
|
||||
<title>
|
||||
Choosing a key size
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Selecting a key size depends on the key.
|
||||
In OpenPGP, a public/private keypair usually has multiple keys.
|
||||
At the least it has a master signing key, and it probably has one or
|
||||
more additional subkeys for encryption.
|
||||
Using default key generation parameters with &gnupg;, the master
|
||||
key will be a DSA key, and the subkeys will be ElGamal keys.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
DSA allows a key size up to 1024 bits.
|
||||
This is not especially good given today's factoring technology, but
|
||||
that is what the standard specifies.
|
||||
Without question, you should use 1024 bit DSA keys.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
ElGamal keys, on the other hand, may be of any size.
|
||||
Since &gnupg; is a hybrid public-key system, the public key is used
|
||||
to encrypt a 128-bit session key, and the private key is used to
|
||||
decrypt it.
|
||||
Key size nevertheless affects encryption and decryption speed
|
||||
since the cost of these algorithms is exponential in the size of
|
||||
the key.
|
||||
Larger keys also take more time to generate and take more space
|
||||
to store.
|
||||
Ultimately, there are diminishing returns on the extra security
|
||||
a large key provides you.
|
||||
After all, if the key is large enough to resist a brute-force
|
||||
attack, an eavesdropper will merely switch to some other method for
|
||||
obtaining your plaintext data.
|
||||
Examples of other methods include robbing your home or office
|
||||
and mugging you.
|
||||
1024 bits is thus the recommended key size.
|
||||
If you genuinely need a larger key size then you probably already
|
||||
know this and should be consulting an expert in data security.
|
||||
</para>
|
||||
</sect2>
|
||||
|
||||
<sect2>
|
||||
<title>
|
||||
Protecting your private key
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Protecting your private key is the most important job you have to
|
||||
use &gnupg; correctly.
|
||||
If someone obtains your private key, then all data encrypted to
|
||||
the private key can be decrypted and signatures can be made in your name.
|
||||
If you lose your private key, then you will no longer be able to
|
||||
decrypt documents encrypted to you in the future or in the past,
|
||||
and you will not be able to make signatures.
|
||||
Losing sole possession of your private key is catastrophic.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Regardless of how you use &gnupg; you should store the public
|
||||
key's <link linkend="revocation">revocation certificate</link>
|
||||
and a backup of your private key on write-protected media in a safe place.
|
||||
For example, you could burn them on a CD-ROM and store them in your
|
||||
safe deposit box at the bank in a sealed envelope.
|
||||
Alternatively, you could store them on a floppy and hide it in your
|
||||
house.
|
||||
Whatever you do, they should be put on media that is safe to store
|
||||
for as long as you expect to keep the key, and you should store
|
||||
them more carefully than the copy of your private key you use daily.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
To help safeguard your key, &Gnupg; does not store your raw
|
||||
private key on disk.
|
||||
Instead it encrypts it using a symmetric encryption algorithm.
|
||||
That is why you need a passphrase to access the key.
|
||||
Thus there are two barriers an attacker must cross to access your private
|
||||
key: (1) he must actually acquire the key, and (2) he must get past
|
||||
the encryption.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Safely storing your private key is important, but there is a cost.
|
||||
Ideally, you would keep the private key on a removable, write-protected disk
|
||||
such as a floppy disk, and you would use it on a single-user machine
|
||||
not connected to a network.
|
||||
This may be inconvenient or impossible for you to do.
|
||||
For example, you may not own your own machine and must use a computer
|
||||
at work or school, or it may mean you have to physically disconnect
|
||||
your computer from your cable modem every time you want to use &gnupg;
|
||||
</para>
|
||||
|
||||
<para>
|
||||
This does not mean you cannot or should not use &gnupg;.
|
||||
It means only that you have decided that the data you are protecting is
|
||||
important enough to encrypt but not so important as to take extra
|
||||
steps to make the first barrier stronger.
|
||||
It is your choice.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
A good passphrase is absolutely critical when using &gnupg;.
|
||||
Any attacker who gains access to your private key must bypass the
|
||||
encryption on the private key.
|
||||
Instead of brute-force guessing the key, an attacker will almost
|
||||
certainly instead try to guess the passphrase.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
The motivation for trying passphrases is that most people choose
|
||||
a passphrase that is easier to guess than a random 128-bit key.
|
||||
If the passphrase is a word, it is much cheaper to try all the
|
||||
words in the dictionaries of the world's languages.
|
||||
Even if the word is permuted, &eg, k3wldood, it is still easier
|
||||
to try dictionary words with a catalog of permutations.
|
||||
The same problem applies to quotations.
|
||||
In general, passphrases based on natural-language utterances
|
||||
are poor passphrases since there is little randomness and lots
|
||||
of redundancy in natural language.
|
||||
You should avoid natural language passphrases if you can.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
A good passphrase is one that you can remember but is hard for
|
||||
someone to guess.
|
||||
It should include characters from the whole range of printable characters
|
||||
on your keyboard.
|
||||
This includes uppercase alphabetics characters, numbers, and special
|
||||
characters such as <literal>}</literal> and <literal>|</literal>.
|
||||
Be creative and spend a little time considering your passphrase; a
|
||||
good choice is important to ensure your privacy.
|
||||
</para>
|
||||
</sect2>
|
||||
|
||||
<!--
|
||||
<sect2>
|
||||
<title>
|
||||
Reacting to a compromised private key
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Despite your precautions you may lose sole access to your private key.
|
||||
For example, you may forget the passphrase, or someone who you think
|
||||
can bypass the encryption gets access to it.
|
||||
In that case then you need to spread the word that your key is no
|
||||
longer valid.
|
||||
To do that you use the key revocation certificate you should have generated
|
||||
when you created the key.
|
||||
Importing it onto your public keyring will revoke the public key
|
||||
of the keypair you no longer wish to use.
|
||||
It is then up to you to distribute the revoked public key to all
|
||||
those who may encrypt documents to you.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
A revoked public key only prevents future use of the private key.
|
||||
Others will neither be able to encrypt documents to the key nor will
|
||||
they be able to check signatures made with the private key.
|
||||
Documents signed in the past can still be checked, however, and
|
||||
documents encrypted in the past can still be decrypted.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
It is important that you protect the revocation certificate carefully.
|
||||
Anybody can add the certificate to your public key and distribute it,
|
||||
and there is no way to revoke a revocation certificate.
|
||||
Therefore, you should store the revocation certificate in a safe
|
||||
place such as with the backup of your private key.
|
||||
</para>
|
||||
</sect2>
|
||||
-->
|
||||
|
||||
<sect2>
|
||||
<title>
|
||||
Managing your web of trust
|
||||
</title>
|
||||
|
||||
<para>
|
||||
As with protecting your private key, managing your web of trust is
|
||||
another aspect of using &gnupg; that requires balancing security against
|
||||
ease of use.
|
||||
If you are using &gnupg; to protect against casual eavesdropping and
|
||||
forgeries then you can afford to be relatively trusting of other
|
||||
people's signatures.
|
||||
On the other hand, if you are concerned that there may be a determined
|
||||
attacker interested in invading your privacy, then
|
||||
you should be much less trusting of other signatures and spend more time
|
||||
personally verifying signatures.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Regardless of your own security needs, through, you should
|
||||
<emphasis>always be careful</emphasis> when signing other keys.
|
||||
It is selfish to sign a key with just enough confidence in the key's
|
||||
validity to satisfy your own security needs.
|
||||
Others, with more stringent security needs, may want to depend on
|
||||
your signature.
|
||||
If they cannot depend on you then that weakens the web of trust
|
||||
and makes it more difficult for all &gnupg; users to communicate.
|
||||
Use the same care in signing keys that you would like others to use when
|
||||
you depend on their signatures.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
In practice, managing your web of trust reduces to assigning trust to
|
||||
others and tuning the options
|
||||
<link linkend="marginals-needed"><option>--marginals-needed</option></link>
|
||||
and
|
||||
<link linkend="completes-needed"><option>--completes-needed</option></link>.
|
||||
Any key you personally sign will be considered valid, but except for small
|
||||
groups, it will not be practical to personally sign the key of every person
|
||||
with whom you communicate.
|
||||
You will therefore have to assign trust to others.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
It is probably wise to be accurate when assigning trust and then
|
||||
use the options to tune how careful &gnupg; is with key validation.
|
||||
As a concrete example, you may fully trust a few close friends that
|
||||
you know are careful with key signing and then marginally
|
||||
trust all others on your keyring.
|
||||
From there, you may set <option>--completes-needed</option> to
|
||||
<literal>1</literal> and <option>--marginals-needed</option> to
|
||||
<literal>2</literal>.
|
||||
If you are more concerned with security you might choose values of
|
||||
<literal>1</literal> and <literal>3</literal> or <literal>2</literal>
|
||||
and <literal>3</literal> respectively.
|
||||
If you are less concerned with privacy attacks and just want some
|
||||
reasonable confidence about validity, set the values to <literal>1</literal>
|
||||
and <literal>1</literal>.
|
||||
In general, higher numbers for these options imply that more people
|
||||
would be needed to conspire against you in order to have a key validated
|
||||
that does not actually belong to the person whom you think it does.
|
||||
</para>
|
||||
</sect2>
|
||||
</sect1>
|
||||
|
||||
<sect1>
|
||||
<title>
|
||||
Building your web of trust
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Wanting to use &gnupg; yourself is not enough.
|
||||
In order to use to communicate securely with others you must have
|
||||
a web of trust.
|
||||
At first glance, however, building a web of trust is a daunting task.
|
||||
The people with whom you communicate need to use
|
||||
&gnupg;<footnote><para>In this section, &gnupg; refers to the
|
||||
&gnupg; implementation of OpenPGP as well as other implementations
|
||||
such as NAI's PGP product.</para></footnote>, and there needs to be enough
|
||||
key signing so that keys can be considered valid.
|
||||
These are not technical problems; they are social problems.
|
||||
Nevertheless, you must overcome these problems if you want to
|
||||
use &gnupg;.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
When getting started using &gnupg; it is important to realize that you
|
||||
need not securely communicate with every one of your correspondents.
|
||||
Start with a small circle of people, perhaps just yourself and
|
||||
one or two others who also want to exercise their right
|
||||
to privacy.
|
||||
Generate your keys and sign each other's public keys.
|
||||
This is your initial web of trust.
|
||||
By doing this you will appreciate the value of a small, robust
|
||||
web of trust and will be more cautious as you grow your web
|
||||
in the future.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
In addition to those in your initial web of trust, you may want to
|
||||
communicate securely with others who are also using &gnupg;.
|
||||
Doing so, however, can be awkward for two reasons:
|
||||
(1) you do not always know when someone uses or is willing to use
|
||||
&gnupg;, and (2) if you do know of someone who uses it, you may still have
|
||||
trouble validating their key.
|
||||
The first reason occurs because people do not always advertise that
|
||||
they use &gnupg;.
|
||||
The way to change this behavior is to set the example and advertise
|
||||
that you use &gnupg;.
|
||||
There are at least three ways to do this: you can sign messages you mail
|
||||
to others or post to message boards, you can put your public key on your
|
||||
web page, or, if you put your key on a keyserver, you can put your key
|
||||
ID in your email signature.
|
||||
If you advertise your key then you make it that much more acceptable
|
||||
for others to advertise their keys.
|
||||
Furthermore, you make it easier for others to start communicating
|
||||
with you securely since you have taken the initiative and made it clear
|
||||
that you use &gnupg;.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Key validation is more difficult.
|
||||
If you do not personally know the person whose key you want to sign,
|
||||
then it is not possible to sign the key yourself.
|
||||
You must rely on the signatures of others and hope to find a chain
|
||||
of signatures leading from the key in question back to your own.
|
||||
To have any chance of finding a chain, you must take the intitive
|
||||
and get your key signed by others outside of your intitial web of trust.
|
||||
An effective way to accomplish this is to participate in key
|
||||
signing parties.
|
||||
If you are going to a conference look ahead of time for a key
|
||||
signing party, and if you do not see one being held, offer to
|
||||
<ulink url="http://www.herrons.com/kb2nsx/keysign.html">hold one</ulink>.
|
||||
You can also be more passive and carry your fingerprint with you
|
||||
for impromptu key exchanges.
|
||||
In such a situation the person to whom you gave the fingerprint
|
||||
would verify it and sign your public key once he returned home.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Keep in mind, though, that this is optional.
|
||||
You have no obligation to either publically advertise your key or
|
||||
sign other people's keys.
|
||||
The power of &gnupg; is that it is flexible enough to adapt to your
|
||||
security needs whatever they may be.
|
||||
The social reality, however, is that you will need to take the initiative
|
||||
if you want to grow your web of trust and use &gnupg; for as much of
|
||||
your communication as possible.
|
||||
</para>
|
||||
</sect1>
|
||||
|
||||
<sect1>
|
||||
<title>
|
||||
Using &Gnupg; legally
|
||||
</title>
|
||||
|
||||
<para>
|
||||
The legal status of encryption software varies from country to country,
|
||||
and law regarding encryption software is rapidly evolving.
|
||||
<ulink url="http://cwis.kub.nl/~frw/people/koops/bertjaap.htm">Bert-Japp
|
||||
Koops</ulink> has an excellent
|
||||
<ulink url="http://cwis.kub.nl/~frw/people/koops/lawsurvy.htm">Crypto
|
||||
Law Survey</ulink> to which you should refer for the legal status of
|
||||
encryption software in your country.
|
||||
</para>
|
||||
|
||||
</sect1>
|
||||
</chapter>
|
||||
|
38
doc/gph/c5.sgml
Normal file
38
doc/gph/c5.sgml
Normal file
@ -0,0 +1,38 @@
|
||||
<chapter id="Modules" xreflabel="5">
|
||||
<docinfo>
|
||||
<date>
|
||||
$Id$
|
||||
</date>
|
||||
</docinfo>
|
||||
<title>
|
||||
Programming with &Gnupg;
|
||||
</title>
|
||||
|
||||
<para>...</para>
|
||||
|
||||
<sect1>
|
||||
<title>
|
||||
Using &gpg in batch mode
|
||||
</title>
|
||||
|
||||
<para>...</para>
|
||||
|
||||
<sect2>
|
||||
<title>
|
||||
Invoking &gpg from mail clients
|
||||
</title>
|
||||
|
||||
<para>...</para>
|
||||
</sect2>
|
||||
</sect1>
|
||||
|
||||
<sect1>
|
||||
<title>
|
||||
Writing extension modules
|
||||
</title>
|
||||
|
||||
<para>...</para>
|
||||
</sect1>
|
||||
|
||||
</chapter>
|
||||
|
804
doc/gph/c6.sgml
Normal file
804
doc/gph/c6.sgml
Normal file
@ -0,0 +1,804 @@
|
||||
<reference>
|
||||
<docinfo>
|
||||
<date>
|
||||
$Id$
|
||||
</date>
|
||||
</docinfo>
|
||||
<title>
|
||||
Command Reference
|
||||
</title>
|
||||
|
||||
<partintro>
|
||||
<sect1>
|
||||
<title>
|
||||
Key specifiers
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Many commands and options require a <firstterm>key specifier</firstterm>.
|
||||
A key specifier is the key ID or any portion of ther user ID of
|
||||
a key.
|
||||
Consider the following example.
|
||||
|
||||
<screen width="80">
|
||||
<prompt>alice%</prompt> <userinput>gpg --list-keys chloe</userinput>
|
||||
pub 1024D/B87DBA93 1999-06-28 Chloe (Jester) <chloe@cyb.org>
|
||||
uid Chloe (Plebian) <chloe@tel.net>
|
||||
sub 2048g/B7934539 1999-06-28
|
||||
</screen>
|
||||
|
||||
For this key, <literal>0xB87DBA93</literal>,
|
||||
<literal>Chloe</literal>,
|
||||
<literal>Plebian</literal>, and
|
||||
<literal>oe@tel</literal>
|
||||
are all examples of key specifiers that match the above key.
|
||||
</para>
|
||||
</sect1>
|
||||
</partintro>
|
||||
|
||||
<refentry id="send-keys">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
send-keys
|
||||
</refname>
|
||||
<refpurpose>
|
||||
send keys to a key server
|
||||
</refpurpose>
|
||||
|
||||
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
send-keys <replaceable class="parameter">key</replaceable>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
This command sends a public key to a keyserver.
|
||||
The parameter <replaceable class="parameter">key</replaceable> specifies
|
||||
the public key that should be uploaded.
|
||||
The command requires the option
|
||||
<link linkend="keyserver"><option>keyserver</option></link> to specify
|
||||
to which keyserver &gpg; should send the keys.
|
||||
</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
|
||||
<refentry id="recv-keys">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
recv-keys
|
||||
</refname>
|
||||
<refpurpose>
|
||||
retrieve keys from a key server
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
<option>recv-keys</option> <replaceable class="parameter">key-id key-id ...</replaceable>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
This command downloads one or more public keys from a keyserver.
|
||||
Each <replaceable class="parameter">key-id</replaceable> is a key ID.
|
||||
The command requires the option
|
||||
<link linkend="keyserver"><option>keyserver</option></link> to
|
||||
specify from which keyserver &gpg; should download the keys.
|
||||
</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
|
||||
<refentry id="encrypt">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
encrypt
|
||||
</refname>
|
||||
<refpurpose>
|
||||
encrypt a document
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
<option>encrypt</option> <replaceable class="parameter">filename</replaceable>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
This command encrypts the document
|
||||
<replaceable class="parameter">filename</replaceable> to
|
||||
recipients specified using the
|
||||
option <link linkend="recipient"><option>recipient</option></link>.
|
||||
If the parameter <replaceable class="parameter">filename</replaceable>
|
||||
is omitted, then the document to encrypt is taken from standard input.
|
||||
If the option <option>recipient</option> is omitted,
|
||||
&gpg; will prompt for a recipient.
|
||||
If the option <link linkend="output"><option>output</option></link> is used,
|
||||
&gpg; will output the encrypted information to the specified file.
|
||||
</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
|
||||
<refentry id="decrypt">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
decrypt
|
||||
</refname>
|
||||
<refpurpose>
|
||||
decrypt an encrypted document
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
<option>decrypt</option> <replaceable class="parameter">filename</replaceable>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
This command decrypts <replaceable class="parameter">filename</replaceable>
|
||||
and puts the result on standard output.
|
||||
If the parameter <replaceable class="parameter">filename</replaceable>
|
||||
is omitted, then the document to decrypt is taken from standard input.
|
||||
Use the option <link linkend="output"><option>output</option></link>
|
||||
to output the decrypted message to a file instead.
|
||||
</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
|
||||
|
||||
<refentry id="clearsign">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
clearsign
|
||||
</refname>
|
||||
<refpurpose>
|
||||
make a cleartext signature
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
<option>clearsign</option> <replaceable class="parameter">filename</replaceable>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
This command signs a message that can be verified to ensure that the
|
||||
original message has not been changed.
|
||||
Verification of the signed message is done using the command
|
||||
<link linkend="verify"><option>verify</option></link>.
|
||||
|
||||
</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
|
||||
<refentry id="fingerprint">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
fingerprint
|
||||
</refname>
|
||||
<refpurpose>
|
||||
display key fingerprints
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
<option>fingerprint</option> <replaceable class="parameter">name ...</replaceable>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
This command prints the fingerprints of the specified public keys.
|
||||
The parameter <replaceable class="parameter">name</replaceable> is a
|
||||
key specifier.
|
||||
If no parameter <replaceable class="parameter">name</replaceable> is
|
||||
provided, &gpg; will print the fingerprints of all the keys on
|
||||
your public keyring.
|
||||
</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
|
||||
<refentry id="detach-sig">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
detach-sig
|
||||
</refname>
|
||||
<refpurpose>
|
||||
make a detached signature
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
<option>detach-sig</option> <replaceable class="parameter">filename</replaceable>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
This command creates a signature file that can be used
|
||||
to verify that the orginal file
|
||||
<replaceable class="parameter">filename</replaceable> has not
|
||||
been changed.
|
||||
Verification of the file using a detached signature is done using the
|
||||
command <link linkend="verify"><option>verify</option></link>.
|
||||
</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
|
||||
<refentry id="gen-key">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
gen-key
|
||||
</refname>
|
||||
<refpurpose>
|
||||
generate a new keypair
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
<option>gen-key</option>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
This command generates a private/public key pair for use in encrypting,
|
||||
decrypting, and signing of messages.
|
||||
You will br prompted for the kind of key you wish to create, the key
|
||||
size, and the key's expiration date.
|
||||
</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
|
||||
<refentry id="symmetric">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
symmetric
|
||||
</refname>
|
||||
<refpurpose>
|
||||
encrypt a document using only a symmetric encryption algorithm
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
<option>symmetric</option> <replaceable class="parameter">filename</replaceable>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
This command encrypts a document using a symmetric algorithm with
|
||||
a key derived from a passphrase supplied by you during execution.
|
||||
The key should be selected to make it difficult to randomly guess the key.
|
||||
To decrypt a document encrypted in this manner use the command.
|
||||
<link linkend="decrypt"><option>decrypt</option></link>.
|
||||
</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
|
||||
<refentry id="list-keys">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
list-keys
|
||||
</refname>
|
||||
<refpurpose>
|
||||
list information about the specified keys
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
<option>list-keys</option> <replaceable class="parameter">key ...</replaceable>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
This command lists the public key specified by the key specifiers on the
|
||||
command line.
|
||||
If no key specifier is given, &gpg; will print all of the keys on the
|
||||
public keyring.
|
||||
</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
|
||||
<refentry id="import">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
import
|
||||
</refname>
|
||||
<refpurpose>
|
||||
import keys to a local keyring
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
<option>import</option> <replaceable class="parameter">filename</replaceable>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
This command imports one or more public keys onto the user's public
|
||||
keyring from the file <replaceable class="parameter">filename</replaceable>.
|
||||
</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
|
||||
<refentry id="verify">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
verify
|
||||
</refname>
|
||||
<refpurpose>
|
||||
verify a signed document
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
<option>verify</option> <replaceable class="parameter">signature document</replaceable>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
This command verifies a document against a signature
|
||||
to ensure that the document has not been altered since the signature
|
||||
was created.
|
||||
If <replaceable class="parameter">signature</replaceable> is omitted,
|
||||
&gpg; will look in <replaceable class="parameter">document</replaceable>
|
||||
for a clearsign signature.
|
||||
</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
|
||||
<refentry id="gen-revoke">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
gen-revoke
|
||||
</refname>
|
||||
<refpurpose>
|
||||
generate a revocation certificate for a public/private keypair
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
<option>gen-revoke</option> <replaceable class="parameter">key</replaceable>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
This command generates a revocation certificate for a public/private
|
||||
key pair.
|
||||
The parameter <replaceable class="parameter">key</replaceable> is
|
||||
a key specifier.
|
||||
</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
|
||||
<refentry id="export">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
export
|
||||
</refname>
|
||||
<refpurpose>
|
||||
export keys from a local keyring
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
<option>export</option> <replaceable class="parameter">key key ...</replaceable>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
This command exports the public keys components of the keys specified
|
||||
by the key specifiers <replaceable class="parameter">key key ...</replaceable>.
|
||||
The export command by default sends its output to standard output.
|
||||
This key file can later be imported into another keyring using the command
|
||||
<link linkend="import"><option>import</option></link>.
|
||||
</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
|
||||
<refentry id="edit-key">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
edit-key
|
||||
</refname>
|
||||
<refpurpose>
|
||||
presents a menu for operating on keys
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
<option>edit-key</option> <replaceable class="parameter">key</replaceable>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
This command presents a menu which enables you to perform
|
||||
key-related taskes.
|
||||
The key specifier <replaceable class="parameter">key</replaceable>
|
||||
specifies the key pair to be edited.
|
||||
If the specifier matches more than one key pair, &gpg; issues
|
||||
an error and exits.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Key listings displayed during key editing show the key with its
|
||||
secondary keys and all user ids.
|
||||
Selected keys or user ids are indicated by an asterisk.
|
||||
The trust and validity values are displayed with the primary key:
|
||||
the first is the assigned trust and the second is the
|
||||
calculated validity.
|
||||
Letters are used for the values:
|
||||
|
||||
<informaltable>
|
||||
<tgroup cols="2" rowsep="1" colsep="1">
|
||||
<thead>
|
||||
<row>
|
||||
<entry>Letter</entry>
|
||||
<entry>Meaning</entry>
|
||||
</row>
|
||||
</thead>
|
||||
<tbody>
|
||||
<row>
|
||||
<entry>
|
||||
-
|
||||
</entry>
|
||||
<entry>
|
||||
No ownertrust assigned / not yet calculated.
|
||||
</entry>
|
||||
</row>
|
||||
<row>
|
||||
<entry>
|
||||
e
|
||||
</entry>
|
||||
<entry>
|
||||
Trust calculation has failed.
|
||||
</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>
|
||||
q
|
||||
</entry>
|
||||
<entry>
|
||||
Not enough information for calculation.
|
||||
</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>
|
||||
n
|
||||
</entry>
|
||||
<entry>
|
||||
Never trust this key.
|
||||
</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>
|
||||
m
|
||||
</entry>
|
||||
<entry>
|
||||
Marginally trusted.
|
||||
</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>
|
||||
f
|
||||
</entry>
|
||||
<entry>
|
||||
Fully trusted.
|
||||
</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry>
|
||||
u
|
||||
</entry>
|
||||
<entry>
|
||||
Ultimately trusted.
|
||||
</entry>
|
||||
</row>
|
||||
</tbody>
|
||||
</tgroup>
|
||||
</informaltable>
|
||||
</para>
|
||||
|
||||
<para>
|
||||
The following lists each key editing command and a description
|
||||
of its behavior.
|
||||
</para>
|
||||
|
||||
<refsect2 id="sign">
|
||||
<title>
|
||||
sign
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Makes a signature on the current key.
|
||||
If th key is not yet signed by the default user or the user
|
||||
given with the option
|
||||
<link linkend="local-user"><option>local-user</option></link>,
|
||||
the program displays the information of the key again, together with
|
||||
its fingerprint and asks whether it should be signed.
|
||||
This question is repeated for all users specified with the option
|
||||
<option>local-user</option>.
|
||||
</para>
|
||||
</refsect2>
|
||||
|
||||
<refsect2 id="lsign">
|
||||
<title>
|
||||
lsign
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Same as <link linkend="sign">sign</link>, but the signature is
|
||||
marked as non-exportable and will therefore never be used by others.
|
||||
This may be used to make keys valid only in the local environment.
|
||||
</para>
|
||||
</refsect2>
|
||||
|
||||
<refsect2 id="revsig">
|
||||
<title>
|
||||
revsig
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Revoke a signature.
|
||||
Asks for each signature makde by a one of the private keys whether
|
||||
a revocation certificate should be generated.
|
||||
</para>
|
||||
</refsect2>
|
||||
|
||||
<refsect2 id="trust">
|
||||
<title>
|
||||
trust
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Change the owner trust value.
|
||||
This updates the trust database immediately and no save is required.
|
||||
</para>
|
||||
</refsect2>
|
||||
|
||||
<refsect2 id="disable">
|
||||
<title>
|
||||
disable
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Disable the key.
|
||||
A disabled key cannot normally be used for encryption.
|
||||
</para>
|
||||
</refsect2>
|
||||
|
||||
<refsect2 id="enable">
|
||||
<title>
|
||||
enable
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Enable a key that has been previously
|
||||
<link linkend="disable">disabled</link>.
|
||||
</para>
|
||||
</refsect2>
|
||||
|
||||
<refsect2 id="adduid">
|
||||
<title>
|
||||
adduid
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Add a new user id to the current key.
|
||||
</para>
|
||||
</refsect2>
|
||||
|
||||
<refsect2 id="deluid">
|
||||
<title>
|
||||
deluid
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Delete a user id from the current key.
|
||||
</para>
|
||||
</refsect2>
|
||||
|
||||
<refsect2 id="addkey">
|
||||
<title>
|
||||
addkey
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Add a new subkey to the current key.
|
||||
</para>
|
||||
</refsect2>
|
||||
|
||||
<refsect2 id="delkey">
|
||||
<title>
|
||||
delkey
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Delete a subkey from the current key.
|
||||
</para>
|
||||
</refsect2>
|
||||
|
||||
<refsect2 id="revkey">
|
||||
<title>
|
||||
revkey
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Revoke a subkey of the current key.
|
||||
</para>
|
||||
</refsect2>
|
||||
|
||||
<refsect2 id="expire">
|
||||
<title>
|
||||
expire
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Change a key expiration time.
|
||||
If a subkey is selected, the time of that key will be changed.
|
||||
With no selection the expiration time of the current primary key is changed.
|
||||
</para>
|
||||
</refsect2>
|
||||
|
||||
<refsect2 id="key">
|
||||
<title>
|
||||
key n
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Toggle selection of subkey with index n.
|
||||
Use 0 to deselect all.
|
||||
</para>
|
||||
</refsect2>
|
||||
|
||||
<refsect2 id="uid">
|
||||
<title>
|
||||
uid n
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Toggle selection of user id with index n.
|
||||
Use 0 to deselect all.
|
||||
</para>
|
||||
</refsect2>
|
||||
|
||||
<refsect2 id="passwd">
|
||||
<title>
|
||||
toggle
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Change the passphrase of the private key of the selected key pair.
|
||||
</para>
|
||||
</refsect2>
|
||||
|
||||
<refsect2 id="toggle">
|
||||
<title>
|
||||
toggle
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Toggle between public and private key listings.
|
||||
</para>
|
||||
</refsect2>
|
||||
|
||||
<refsect2 id="check">
|
||||
<title>
|
||||
check
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Check all selected user ids.
|
||||
</para>
|
||||
</refsect2>
|
||||
|
||||
<refsect2 id="pref">
|
||||
<title>
|
||||
pref
|
||||
</title>
|
||||
|
||||
<para>
|
||||
List preferences.
|
||||
</para>
|
||||
</refsect2>
|
||||
|
||||
<refsect2 id="save">
|
||||
<title>
|
||||
save
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Save all changes to the current key and quit.
|
||||
</para>
|
||||
</refsect2>
|
||||
|
||||
<refsect2 id="quit">
|
||||
<title>
|
||||
save
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Quit without updating the current key.
|
||||
</para>
|
||||
</refsect2>
|
||||
|
||||
</refsect1>
|
||||
</refentry>
|
||||
</reference>
|
251
doc/gph/c7.sgml
Normal file
251
doc/gph/c7.sgml
Normal file
@ -0,0 +1,251 @@
|
||||
<reference>
|
||||
<docinfo>
|
||||
<date>
|
||||
$Id$
|
||||
</date>
|
||||
</docinfo>
|
||||
<title>
|
||||
Options Reference
|
||||
</title>
|
||||
|
||||
<partintro>
|
||||
<sect1 id="optionsfile">
|
||||
<title>
|
||||
Setting options
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Options may be specified on the command line or in an options file.
|
||||
The default location of the options file is
|
||||
<literal>~/.gnupg/options</literal>.
|
||||
When specifying options in the options file, omit the leading two
|
||||
dashes and instead use simply the option name followed by any
|
||||
arguments.
|
||||
Lines in the file with a hash (<literal>#</literal>) as the
|
||||
first non-white-space character are ignored.
|
||||
</para>
|
||||
</sect1>
|
||||
</partintro>
|
||||
|
||||
<refentry id="keyserver">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
keyserver
|
||||
</refname>
|
||||
<refpurpose>
|
||||
specify the keyserver to use to locate keys
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
<option>keyserver</option> <replaceable class="parameter">server-name</replaceable>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
This option is used in conjunction with either
|
||||
<link linkend="recv-keys"><option>recv-keys</option></link> or
|
||||
<link linkend="send-keys"><option>send-keys</option></link> to specify a
|
||||
keyserver to manage public key distribution.
|
||||
</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
|
||||
<refentry id="output">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
output
|
||||
</refname>
|
||||
<refpurpose>
|
||||
specify the file in which to place output
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
<option>output</option> <replaceable class="parameter">file-name</replaceable>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
This is a description.
|
||||
</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
|
||||
<refentry id="recipient">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
recipient
|
||||
</refname>
|
||||
<refpurpose>
|
||||
specify the recipient of a public-key encrypted document
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
This is a description.
|
||||
</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
|
||||
<refentry id="armor">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
armor
|
||||
</refname>
|
||||
<refpurpose>
|
||||
ASCII-armor encrypted or signed output
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
This is a description.
|
||||
</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
|
||||
<refentry id="no-greeting">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
no-greeting
|
||||
</refname>
|
||||
<refpurpose>
|
||||
suppress the opening copyright notice but do not enter batch mode
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
This is a description.
|
||||
</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
|
||||
<refentry id="local-user">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
local-user
|
||||
</refname>
|
||||
<refpurpose>
|
||||
specifies a user id to use for signing
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
<option>localuser</option> <replaceable class="parameter">name</replaceable>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
Use <replaceable class="parameter">name</replaceable> as the user ID to sign.
|
||||
This option is silently ignored for the list commands, so that it can be
|
||||
used in an options file.
|
||||
</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
|
||||
<refentry id="completes-needed">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
completes-needed
|
||||
</refname>
|
||||
<refpurpose>
|
||||
specifies the number of fully-trusted people needed to validate a new key.
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
<option>completes-needed</option> <replaceable class="parameter">n</replaceable>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
A public key on your keyring is validated using those signatures on
|
||||
the key that were made by other valid keys on your keyring.
|
||||
The option specifies the number of signatures needed if you fully
|
||||
trust the owners of the keys that made the signatures.
|
||||
Your trust in a key's owner is set with the command
|
||||
<link linkend="edit-key"><option>edit-key</option></link>.
|
||||
</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
|
||||
<refentry id="marginals-needed">
|
||||
<refnamediv>
|
||||
<refname>
|
||||
marginals-needed
|
||||
</refname>
|
||||
<refpurpose>
|
||||
specifies the number of marginally-trusted people needed to validate
|
||||
a new key.
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<synopsis>
|
||||
<option>marginals-needed</option> <replaceable class="parameter">n</replaceable>
|
||||
</synopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>
|
||||
Description
|
||||
</title>
|
||||
|
||||
<para>
|
||||
A public key on your keyring is validated using those signatures on
|
||||
the key that were made by other valid keys on your keyring.
|
||||
The option specifies the number of signatures needed if you marginally
|
||||
trust the owners of the keys that made the signatures.
|
||||
Your trust in a key's owner is set with the command
|
||||
<link linkend="edit-key"><option>edit-key</option></link>.
|
||||
</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
</reference>
|
||||
|
71
doc/gph/manual.sgml
Normal file
71
doc/gph/manual.sgml
Normal file
@ -0,0 +1,71 @@
|
||||
<!--
|
||||
ToDo
|
||||
- acknowledge Joergen Grahn for his xfig version of Figure 3.1
|
||||
- 'inlineequation' marks places where formatting is ok now but not
|
||||
semantically correct.
|
||||
- need some story for formatting math
|
||||
From Tom Goulet (tomg@iaw.on.ca):
|
||||
> and the <SUP> tag doesn't seem to do much under Lynx, consider just
|
||||
> using a ^ to show powers.
|
||||
-->
|
||||
|
||||
<!DOCTYPE BOOK PUBLIC "-//Davenport//DTD DocBook V3.0//EN" [
|
||||
<!--ArborText, Inc., 1988-1995, v.4001-->
|
||||
<!NOTATION drw SYSTEM "DRW">
|
||||
<!ENTITY gpg "<application>gpg</application>">
|
||||
<!ENTITY gnupg "GnuPG">
|
||||
<!ENTITY Gnupg "GnuPG">
|
||||
<!ENTITY eg "e.g.">
|
||||
<!ENTITY ie "i.e.">
|
||||
<!ENTITY chapter1 SYSTEM "c1.sgml">
|
||||
<!ENTITY chapter2 SYSTEM "c2.sgml">
|
||||
<!ENTITY chapter3 SYSTEM "c3.sgml">
|
||||
<!ENTITY chapter4 SYSTEM "c4.sgml">
|
||||
<!ENTITY chapter5 SYSTEM "c5.sgml">
|
||||
<!ENTITY chapter6 SYSTEM "c6.sgml">
|
||||
<!ENTITY chapter7 SYSTEM "c7.sgml">
|
||||
]>
|
||||
<book>
|
||||
<bookinfo>
|
||||
<title>The GNU Privacy Handbook</title>
|
||||
<date>
|
||||
August 25, 1999
|
||||
</date>
|
||||
<copyright>
|
||||
<year>1999</year>
|
||||
<holder>Free Software Foundation</holder>
|
||||
</copyright>
|
||||
<abstract>
|
||||
<para>
|
||||
Please direct questions, bug reports, or suggesstions concerning
|
||||
this manual to the maintainer, Mike Ashley (<email>jashley@acm.org</email>).
|
||||
Contributors to this manual also include Matthew Copeland and
|
||||
Joergen Grahn.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
This manual may be redistributed under the terms of the
|
||||
<ulink url="http://www.gnu.org/copyleft/gpl.html">GNU General Public
|
||||
License</ulink>.
|
||||
</para>
|
||||
<para> <!-- I have added this note (wk 06.09.99) -->
|
||||
PLEASE NOTE, THAT THIS IS A DRAFT VERSION OF THE MANUAL AND NOT A COMPLETE
|
||||
AND CORRECT MANUAL. CONSIDER IT AS WORK IN PROGRESS. The latest draft of
|
||||
the manual should be available online;
|
||||
<ulink url="http://www.gnupg.org/docs.html">www.gnupg.org</ulink> has a link
|
||||
to it.
|
||||
</para>
|
||||
</abstract>
|
||||
</bookinfo>
|
||||
|
||||
<toc></toc>
|
||||
|
||||
&chapter1
|
||||
&chapter2
|
||||
&chapter3
|
||||
&chapter4
|
||||
&chapter5
|
||||
&chapter6
|
||||
&chapter7
|
||||
</book>
|
||||
|
44
doc/gph/signatures.fig
Normal file
44
doc/gph/signatures.fig
Normal file
@ -0,0 +1,44 @@
|
||||
#FIG 3.2
|
||||
Landscape
|
||||
Center
|
||||
Inches
|
||||
Letter
|
||||
100.00
|
||||
Single
|
||||
-2
|
||||
1200 2
|
||||
6 600 300 9450 2625
|
||||
6 1500 300 9450 2625
|
||||
2 1 0 3 0 7 100 0 -1 0.000 0 0 -1 1 0 2
|
||||
1 1 3.00 90.00 180.00
|
||||
1575 1050 2475 1950
|
||||
2 1 0 3 0 7 100 0 -1 0.000 0 0 -1 1 0 2
|
||||
1 1 3.00 90.00 180.00
|
||||
3675 1950 4575 1050
|
||||
2 1 0 3 0 7 100 0 -1 0.000 0 0 -1 1 0 2
|
||||
1 1 3.00 90.00 180.00
|
||||
5775 1050 6675 1050
|
||||
2 1 0 3 0 7 100 0 -1 0.000 0 0 -1 1 0 2
|
||||
1 1 3.00 90.00 180.00
|
||||
7875 1050 8475 1050
|
||||
2 1 0 3 0 7 100 0 -1 0.000 0 0 -1 1 0 2
|
||||
1 1 3.00 90.00 180.00
|
||||
3600 525 4500 1050
|
||||
2 1 0 3 0 7 100 0 -1 0.000 0 0 -1 1 0 2
|
||||
1 1 3.00 90.00 180.00
|
||||
3675 1950 5100 2550
|
||||
2 1 0 3 0 7 100 0 -1 0.000 0 0 -1 1 0 2
|
||||
1 1 3.00 90.00 180.00
|
||||
5175 1200 5625 2325
|
||||
4 0 0 100 0 14 18 0.0000 4 180 825 6825 1125 Elena\001
|
||||
4 0 0 100 0 14 18 0.0000 4 180 825 8625 1125 Geoff\001
|
||||
4 0 0 100 0 14 18 0.0000 4 180 825 4725 1125 Chloe\001
|
||||
4 0 0 100 0 14 18 0.0000 4 180 825 2625 525 Blake\001
|
||||
4 0 0 100 0 14 18 0.0000 4 180 990 2550 2025 Dharma\001
|
||||
4 0 0 100 0 14 18 0.0000 4 180 1155 5175 2625 Francis\001
|
||||
-6
|
||||
2 1 0 3 0 7 100 0 -1 0.000 0 0 -1 1 0 2
|
||||
1 1 3.00 90.00 180.00
|
||||
1575 1050 2475 450
|
||||
4 0 0 100 0 14 18 0.0000 4 180 825 600 1125 Alice\001
|
||||
-6
|
101
doc/manual.sgml
101
doc/manual.sgml
@ -1,101 +0,0 @@
|
||||
<!doctype book PUBLIC "-//Davenport//DTD DocBook V3.0//EN" [
|
||||
<!entity gnupg "GnuPG">
|
||||
<!entity wwwgnu "http://www.gnu.org">
|
||||
<!entity wwwgnupg "http://www.gnupg.org">
|
||||
]>
|
||||
<book>
|
||||
<bookinfo>
|
||||
<title>The GNU Privacy Guard Manual</title>
|
||||
<titleabbrev>GnuPG-Man</titleabbrev>
|
||||
<edition>v0.0.0</edition>
|
||||
<authorgroup>
|
||||
<!-- Replace with your name and delete mine -->
|
||||
<author>
|
||||
<firstname>Joe</firstname>
|
||||
<othername>D.</othername>
|
||||
<surname>Foo</surname>
|
||||
<authorblurb>
|
||||
<para><email>joe@somewhere</email></para>
|
||||
</authorblurb>
|
||||
</author>
|
||||
<author>
|
||||
<firstname>Werner</firstname>
|
||||
<surname>Koch</surname>
|
||||
<authorblurb>
|
||||
<para><email>wk@gnupg.org</email></para>
|
||||
</authorblurb>
|
||||
</author>
|
||||
</authorgroup>
|
||||
<!-- note, it is possible to give more than 1 year -->
|
||||
<copyright><year>1999</year>
|
||||
<holder>Free Software Foundation, Inc.</holder>
|
||||
</copyright>
|
||||
<!-- We have to check, whether this is the right wording -->
|
||||
<legalnotice>
|
||||
<para>This manual is free software; you can redistribute
|
||||
it and/or modify it under the terms of the GNU General Public
|
||||
License as published by the Free Software Foundation; either
|
||||
version 2 of the License, or (at your option) any later
|
||||
version.</para>
|
||||
|
||||
<para>This manual is distributed in the hope that it will be
|
||||
useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
PURPOSE. See the GNU General Public License for more
|
||||
details.</para>
|
||||
|
||||
<para>You should have received a copy of the GNU General Public
|
||||
License along with this program; if not, write to the Free
|
||||
Software Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
||||
MA 02111-1307 USA</para>
|
||||
|
||||
<para>For more details see the file COPYING in the source
|
||||
distribution of &gnupg;.</para>
|
||||
</legalnotice>
|
||||
</bookinfo>
|
||||
|
||||
<!-- Insert the table of contents -->
|
||||
<toc></toc>
|
||||
|
||||
<!--*******************************************
|
||||
********* the first chapter *************
|
||||
*******************************************-->
|
||||
<chapter id="intro">
|
||||
<title>Introduction</title>
|
||||
<sect1 id="feedback">
|
||||
<title>Feedback</title>
|
||||
<!-- Hope we can remove this ;-) -->
|
||||
<para>Well, I'm German and I find it hard to express myself in
|
||||
English. So if you find some phrases and/or words that I used
|
||||
in a wrong way (and you will find them :-) ), please send me a
|
||||
mail, to let me correct this. Please send me notes about
|
||||
typos, too.
|
||||
</sect1>
|
||||
|
||||
|
||||
<sect1 id="whatis">
|
||||
<title>What is &gnupg;</title>
|
||||
<para><ulink url="&wwwgnupg;">&gnupg;</> is a tool for digital
|
||||
encryption and signing;
|
||||
it is part of the <ulink url="&wwwgnu;">GNU Project</>.
|
||||
|
||||
<para>It has these features:
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>Exciting feature 1
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>Exciting feature 2
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<para>How to find out the version of &gnupg;
|
||||
<screen>
|
||||
<prompt/$/ <userinput>gpg --version</>
|
||||
</screen>
|
||||
|
||||
</sect1>
|
||||
|
||||
</chapter>
|
||||
|
||||
</book>
|
@ -1,3 +1,9 @@
|
||||
Mon Sep 6 19:59:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
|
||||
|
||||
|
||||
* tdbio.c (tdbio_set_dbname): Use mkdir macro
|
||||
* ringedit.c (add_keyblock_resource): Ditto.
|
||||
|
||||
Fri Sep 3 10:04:45 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
|
||||
|
||||
|
||||
|
25
g10/OPTIONS
25
g10/OPTIONS
@ -1,35 +1,12 @@
|
||||
# This is a sample option file
|
||||
#
|
||||
# Unless you you specify which option file to use with the
|
||||
# commandline option "--options filename", gpg uses the
|
||||
# file ~/.gnupg/options by default.
|
||||
#
|
||||
# An option file can contain all long options which are
|
||||
# available in GNUPG. If the first non white space character of
|
||||
# a line is a '#', this line is ignored. Empty lines are also
|
||||
# ignored.
|
||||
#
|
||||
# Here is a list of all possible options. Not of all them make
|
||||
# sense in an option file; consider this as a complete option
|
||||
# reference. Before the options you find a list of commands.
|
||||
# Some notes used by the maintainers
|
||||
|
||||
|
||||
#-----------------------------------------------
|
||||
#------------------- Commands ------------------
|
||||
#-----------------------------------------------
|
||||
# With some exceptions, these cannot be combined
|
||||
|
||||
store
|
||||
# simply packs the input data into a rfc1991 packet format
|
||||
|
||||
check-trustdb
|
||||
|
||||
|
||||
|
||||
#-----------------------------------------------
|
||||
#--- options
|
||||
#-----------------------------------------------
|
||||
|
||||
compress-keys
|
||||
# compress exported key, compress level is still set with "-z" and
|
||||
# algorithm with --compress-algo" - Default is to not compress keys, as
|
||||
|
@ -182,7 +182,7 @@ static struct helptexts { const char *key; const char *help; } helptexts[] = {
|
||||
{ "keyedit.delsig.unknown", N_(
|
||||
"This signature can't be checked because you don't have the\n"
|
||||
"corresponding key. You should postpone its deletion until you\n"
|
||||
"know which key was used because this signing key might establish"
|
||||
"know which key was used because this signing key might establish\n"
|
||||
"a trust connection through another already certified key."
|
||||
)},
|
||||
{ "keyedit.delsig.invalid", N_(
|
||||
|
@ -1737,7 +1737,7 @@ menu_revsig( KBNODE keyblock )
|
||||
int rc, any;
|
||||
|
||||
/* FIXME: detect duplicates here */
|
||||
tty_printf("You have signed these user IDs:\n");
|
||||
tty_printf(_("You have signed these user IDs:\n"));
|
||||
for( node = keyblock; node; node = node->next ) {
|
||||
node->flag &= ~(NODFLG_SELSIG | NODFLG_MARK_A);
|
||||
if( node->pkt->pkttype == PKT_USER_ID ) {
|
||||
@ -1751,12 +1751,12 @@ menu_revsig( KBNODE keyblock )
|
||||
&& ((sig = node->pkt->pkt.signature),
|
||||
!seckey_available( sig->keyid ) ) ) {
|
||||
if( (sig->sig_class&~3) == 0x10 ) {
|
||||
tty_printf(" signed by %08lX at %s\n",
|
||||
tty_printf(_(" signed by %08lX at %s\n"),
|
||||
sig->keyid[1], datestr_from_sig(sig) );
|
||||
node->flag |= NODFLG_SELSIG;
|
||||
}
|
||||
else if( sig->sig_class == 0x30 ) {
|
||||
tty_printf(" revoked by %08lX at %s\n",
|
||||
tty_printf(_(" revoked by %08lX at %s\n"),
|
||||
sig->keyid[1], datestr_from_sig(sig) );
|
||||
}
|
||||
}
|
||||
@ -1776,7 +1776,7 @@ menu_revsig( KBNODE keyblock )
|
||||
continue;
|
||||
if( !any ) {
|
||||
any = 1;
|
||||
tty_printf("You are about to revoke these signatures:\n");
|
||||
tty_printf(_("You are about to revoke these signatures:\n"));
|
||||
}
|
||||
if( node->pkt->pkttype == PKT_USER_ID ) {
|
||||
PKT_user_id *uid = node->pkt->pkt.user_id;
|
||||
@ -1786,7 +1786,7 @@ menu_revsig( KBNODE keyblock )
|
||||
}
|
||||
else if( node->pkt->pkttype == PKT_SIGNATURE ) {
|
||||
sig = node->pkt->pkt.signature;
|
||||
tty_printf(" signed by %08lX at %s\n",
|
||||
tty_printf(_(" signed by %08lX at %s\n"),
|
||||
sig->keyid[1], datestr_from_sig(sig) );
|
||||
}
|
||||
}
|
||||
|
@ -63,6 +63,12 @@
|
||||
#include "i18n.h"
|
||||
|
||||
|
||||
#ifdef MKDIR_TAKES_ONE_ARG
|
||||
# undef mkdir
|
||||
# define mkdir(a,b) mkdir(a)
|
||||
#endif
|
||||
|
||||
|
||||
struct resource_table_struct {
|
||||
int used;
|
||||
int secret; /* this is a secret keyring */
|
||||
@ -287,11 +293,7 @@ add_keyblock_resource( const char *url, int force, int secret )
|
||||
if( access(filename, F_OK) ) {
|
||||
if( strlen(filename) >= 7
|
||||
&& !strcmp(filename+strlen(filename)-7, "/.gnupg") ) {
|
||||
#ifdef HAVE_DOSISH_SYSTEM
|
||||
if( mkdir(filename) )
|
||||
#else
|
||||
if( mkdir(filename, S_IRUSR|S_IWUSR|S_IXUSR) )
|
||||
#endif
|
||||
{
|
||||
log_error( _("%s: can't create directory: %s\n"),
|
||||
filename, strerror(errno));
|
||||
|
@ -40,6 +40,11 @@
|
||||
#include "tdbio.h"
|
||||
|
||||
|
||||
#ifdef MKDIR_TAKES_ONE_ARG
|
||||
# undef mkdir
|
||||
# define mkdir(a,b) mkdir(a)
|
||||
#endif
|
||||
|
||||
/****************
|
||||
* Yes, this is a very simple implementation. We should really
|
||||
* use a page aligned buffer and read complete pages.
|
||||
@ -436,11 +441,7 @@ tdbio_set_dbname( const char *new_dbname, int create )
|
||||
if( access( fname, F_OK ) ) {
|
||||
if( strlen(fname) >= 7
|
||||
&& !strcmp(fname+strlen(fname)-7, "/.gnupg" ) ) {
|
||||
#if HAVE_DOSISH_SYSTEM
|
||||
if( mkdir( fname ) )
|
||||
#else
|
||||
if( mkdir( fname, S_IRUSR|S_IWUSR|S_IXUSR ) )
|
||||
#endif
|
||||
log_fatal( _("%s: can't create directory: %s\n"),
|
||||
fname, strerror(errno) );
|
||||
else if( !opt.quiet )
|
||||
|
13
po/ChangeLog
13
po/ChangeLog
@ -1,11 +1,20 @@
|
||||
Wed Sep 1 15:30:44 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
|
||||
Mon Sep 6 19:59:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
|
||||
|
||||
|
||||
* fr.po: Imported and fixed a msgid.
|
||||
* de.po: Ditto.
|
||||
* pt_BR.po: Ditto.
|
||||
|
||||
* POTFILES.in (delkey.c): New.
|
||||
|
||||
* fr.po: Gaël was the first to update it again.
|
||||
|
||||
Wed Sep 1 15:30:44 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
|
||||
|
||||
* de.po: Updated.
|
||||
|
||||
Mon Aug 30 20:38:33 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
|
||||
|
||||
|
||||
* it.po: Updated (Marco).
|
||||
* de.po: Updated (Walter).
|
||||
* pt_BR-po: Update (Thiago).
|
||||
|
201
po/de.po
201
po/de.po
@ -3,8 +3,8 @@
|
||||
# Walter Koch <koch@hsp.de>, 1998.
|
||||
msgid ""
|
||||
msgstr ""
|
||||
"POT-Creation-Date: 1999-09-03 08:52+0200\n"
|
||||
"PO-Revision-Date: 1999-08-31 21:36+0200\n"
|
||||
"POT-Creation-Date: 1999-09-05 19:21+0200\n"
|
||||
"PO-Revision-Date: 1999-09-04 22:36+0200\n"
|
||||
"Last-Translator: Walter Koch <koch@hsp.de>\n"
|
||||
"Language-Team: German <de@li.org>\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
@ -587,7 +587,7 @@ msgstr "|N|Komprimierverfahren N benutzen"
|
||||
|
||||
#: g10/g10.c:282
|
||||
msgid "throw keyid field of encrypted packets"
|
||||
msgstr "Entferne Absender-ID verschlüsselter Pakete"
|
||||
msgstr "Entferne Empfänger-ID verschlüsselter Pakete"
|
||||
|
||||
#: g10/g10.c:283
|
||||
msgid "|NAME=VALUE|use this notation data"
|
||||
@ -1150,18 +1150,18 @@ msgid "No such user ID.\n"
|
||||
msgstr "Keine solche User-ID vorhanden.\n"
|
||||
|
||||
#: g10/pkclist.c:756
|
||||
#, fuzzy
|
||||
msgid "skipped: public key already set as default recipient\n"
|
||||
msgstr "%s: übersprungen: öffentlicher Schlüssel bereits vorhanden\n"
|
||||
msgstr ""
|
||||
"übersprungen: öffentlicher Schlüssel bereits als Standardempfänger gesetzt\n"
|
||||
|
||||
#: g10/pkclist.c:778
|
||||
msgid "Public key is disabled.\n"
|
||||
msgstr "Öffentlicher Schlüssel ist abgeschaltet.\n"
|
||||
|
||||
#: g10/pkclist.c:785
|
||||
#, fuzzy
|
||||
msgid "skipped: public key already set with --encrypt-to\n"
|
||||
msgstr "%s: übersprungen: öffentlicher Schlüssel bereits vorhanden\n"
|
||||
msgstr ""
|
||||
"übersprungen: öffentlicher Schlüssel bereits mittels --encrypt-to gesetzt\n"
|
||||
|
||||
#: g10/pkclist.c:816
|
||||
#, c-format
|
||||
@ -1512,8 +1512,8 @@ msgstr ""
|
||||
msgid "Really create? "
|
||||
msgstr "Wirklich erzeugen? "
|
||||
|
||||
#: g10/encode.c:91 g10/openfile.c:156 g10/openfile.c:246 g10/tdbio.c:467
|
||||
#: g10/tdbio.c:528
|
||||
#: g10/encode.c:91 g10/openfile.c:156 g10/openfile.c:246 g10/tdbio.c:468
|
||||
#: g10/tdbio.c:529
|
||||
#, c-format
|
||||
msgid "%s: can't open: %s\n"
|
||||
msgstr "%s: kann nicht geöffnet werden: %s\n"
|
||||
@ -1570,12 +1570,10 @@ msgid "RSA key cannot be used in this version\n"
|
||||
msgstr "RSA-Schlüssel können in dieser Version nicht verwendet werden\n"
|
||||
|
||||
#: g10/getkey.c:1291 g10/getkey.c:1330
|
||||
#, fuzzy
|
||||
msgid "No key for user ID\n"
|
||||
msgstr "Kein Schlüssel für User-ID\n"
|
||||
|
||||
#: g10/getkey.c:1369 g10/getkey.c:1409
|
||||
#, fuzzy
|
||||
msgid "No user ID for key\n"
|
||||
msgstr "Keine User-ID für Schlüssel\n"
|
||||
|
||||
@ -1661,12 +1659,12 @@ msgid " secret keys unchanged: %lu\n"
|
||||
msgstr " unveränderte geh.Schl.: %lu\n"
|
||||
|
||||
#: g10/import.c:362 g10/import.c:554
|
||||
#, fuzzy, c-format
|
||||
#, c-format
|
||||
msgid "key %08lX: no user ID\n"
|
||||
msgstr "Schlüssel %08lX: Keine User-ID\n"
|
||||
|
||||
#: g10/import.c:376
|
||||
#, fuzzy, c-format
|
||||
#, c-format
|
||||
msgid "key %08lX: no valid user IDs\n"
|
||||
msgstr "Schlüssel %08lX: Keine gültigen User-IDs\n"
|
||||
|
||||
@ -1722,12 +1720,12 @@ msgstr ""
|
||||
"Schlüssel %08lX: Lesefehler im lokalen originalen Schlüsselblocks: %s\n"
|
||||
|
||||
#: g10/import.c:469
|
||||
#, fuzzy, c-format
|
||||
#, c-format
|
||||
msgid "key %08lX: 1 new user ID\n"
|
||||
msgstr "Schlüssel %08lX: 1 neue User-ID\n"
|
||||
|
||||
#: g10/import.c:472
|
||||
#, fuzzy, c-format
|
||||
#, c-format
|
||||
msgid "key %08lX: %d new user IDs\n"
|
||||
msgstr "Schlüssel %08lX: %d neue User-IDs\n"
|
||||
|
||||
@ -1790,7 +1788,7 @@ msgid "key %08lX: revocation certificate imported\n"
|
||||
msgstr "Schlüssel %08lX: Widerrufzertifikat importiert\n"
|
||||
|
||||
#: g10/import.c:711
|
||||
#, fuzzy, c-format
|
||||
#, c-format
|
||||
msgid "key %08lX: no user ID for signature\n"
|
||||
msgstr "Schlüssel %08lX: Keine User-ID für Signatur\n"
|
||||
|
||||
@ -1815,12 +1813,12 @@ msgid "key %08lX: invalid subkey binding\n"
|
||||
msgstr "Schlüssel %08lX: Ungültige Unterschlüssel-Anbindung\n"
|
||||
|
||||
#: g10/import.c:769
|
||||
#, fuzzy, c-format
|
||||
#, c-format
|
||||
msgid "key %08lX: accepted non self-signed user ID '"
|
||||
msgstr "Schlüssel %08lX: Nicht eigenbeglaubigte User-ID übernommen'"
|
||||
|
||||
#: g10/import.c:798
|
||||
#, fuzzy, c-format
|
||||
#, c-format
|
||||
msgid "key %08lX: skipped user ID '"
|
||||
msgstr "Schlüssel %08lX: User-ID übergangen '"
|
||||
|
||||
@ -1863,7 +1861,7 @@ msgstr "Schl
|
||||
msgid "key %08lX: our copy has no self-signature\n"
|
||||
msgstr "Schlüssel %08lX: Unsere Kopie hat keine Eigenbeglaubigung\n"
|
||||
|
||||
#: g10/keyedit.c:93
|
||||
#: g10/delkey.c:64 g10/keyedit.c:93
|
||||
#, c-format
|
||||
msgid "%s: user not found\n"
|
||||
msgstr "%s: Benutzer nicht gefunden\n"
|
||||
@ -1904,12 +1902,11 @@ msgid "%d signatures not checked due to errors\n"
|
||||
msgstr "%d Beglaubigungen aufgrund von Fehlern nicht geprüft\n"
|
||||
|
||||
#: g10/keyedit.c:231
|
||||
#, fuzzy
|
||||
msgid "1 user ID without valid self-signature detected\n"
|
||||
msgstr "Eine User-ID ohne gültige Eigenbeglaubigung entdeckt\n"
|
||||
|
||||
#: g10/keyedit.c:233
|
||||
#, fuzzy, c-format
|
||||
#, c-format
|
||||
msgid "%d user IDs without valid self-signatures detected\n"
|
||||
msgstr "%d User-IDs ohne gültige Eigenbeglaubigung entdeckt\n"
|
||||
|
||||
@ -2024,9 +2021,8 @@ msgid "list"
|
||||
msgstr "Liste der Schlüssel"
|
||||
|
||||
#: g10/keyedit.c:570
|
||||
#, fuzzy
|
||||
msgid "list key and user IDs"
|
||||
msgstr "Schlüssel und User-ID auflisten"
|
||||
msgstr "Schlüssel und User-IDs auflisten"
|
||||
|
||||
#: g10/keyedit.c:571
|
||||
msgid "l"
|
||||
@ -2037,7 +2033,6 @@ msgid "uid"
|
||||
msgstr "uid"
|
||||
|
||||
#: g10/keyedit.c:572
|
||||
#, fuzzy
|
||||
msgid "select user ID N"
|
||||
msgstr "User-ID N auswählen"
|
||||
|
||||
@ -2090,7 +2085,6 @@ msgid "adduid"
|
||||
msgstr "adduid"
|
||||
|
||||
#: g10/keyedit.c:580
|
||||
#, fuzzy
|
||||
msgid "add a user ID"
|
||||
msgstr "Eine User-ID hinzufügen"
|
||||
|
||||
@ -2099,7 +2093,6 @@ msgid "deluid"
|
||||
msgstr "deluid"
|
||||
|
||||
#: g10/keyedit.c:581
|
||||
#, fuzzy
|
||||
msgid "delete user ID"
|
||||
msgstr "User-ID entfernen"
|
||||
|
||||
@ -2203,7 +2196,7 @@ msgstr "enable"
|
||||
msgid "enable a key"
|
||||
msgstr "Schlüssel anschalten"
|
||||
|
||||
#: g10/keyedit.c:614
|
||||
#: g10/delkey.c:107 g10/keyedit.c:614
|
||||
msgid "can't do that in batchmode\n"
|
||||
msgstr "Dies kann im Batchmodus nicht durchgeführt werden.\n"
|
||||
|
||||
@ -2222,14 +2215,12 @@ msgid "Need the secret key to do this.\n"
|
||||
msgstr "Hierzu wird der geheime Schlüssel benötigt.\n"
|
||||
|
||||
#: g10/keyedit.c:758
|
||||
#, fuzzy
|
||||
msgid "Really sign all user IDs? "
|
||||
msgstr "Wirklich alle User-IDs beglaubigen? "
|
||||
|
||||
#: g10/keyedit.c:759
|
||||
#, fuzzy
|
||||
msgid "Hint: Select the user IDs to sign\n"
|
||||
msgstr "Tip: Wählen Sie die User-ID, die beglaubigt werden soll\n"
|
||||
msgstr "Tip: Wählen Sie die User-IDs, die beglaubigt werden sollen\n"
|
||||
|
||||
#: g10/keyedit.c:786 g10/keyedit.c:968
|
||||
#, c-format
|
||||
@ -2237,22 +2228,18 @@ msgid "update of trustdb failed: %s\n"
|
||||
msgstr "Änderung der \"Trust-DB\" fehlgeschlagen: %s\n"
|
||||
|
||||
#: g10/keyedit.c:797 g10/keyedit.c:818
|
||||
#, fuzzy
|
||||
msgid "You must select at least one user ID.\n"
|
||||
msgstr "Zumindestens eine User-ID muß ausgewählt werden.\n"
|
||||
|
||||
#: g10/keyedit.c:799
|
||||
#, fuzzy
|
||||
msgid "You can't delete the last user ID!\n"
|
||||
msgstr "Die letzte User-ID kann nicht gelöscht werden!\n"
|
||||
|
||||
#: g10/keyedit.c:802
|
||||
#, fuzzy
|
||||
msgid "Really remove all selected user IDs? "
|
||||
msgstr "Möchten Sie alle ausgewählten User-IDs wirklich entfernen? "
|
||||
|
||||
#: g10/keyedit.c:803
|
||||
#, fuzzy
|
||||
msgid "Really remove this user ID? "
|
||||
msgstr "Diese User-ID wirklich entfernen? "
|
||||
|
||||
@ -2361,7 +2348,7 @@ msgid "No corresponding signature in secret ring\n"
|
||||
msgstr "Keine entsprechende Signatur im geheimen Schlüsselbund\n"
|
||||
|
||||
#: g10/keyedit.c:1566
|
||||
#, fuzzy, c-format
|
||||
#, c-format
|
||||
msgid "No user ID with index %d\n"
|
||||
msgstr "Keine User-ID mit Index %d\n"
|
||||
|
||||
@ -2387,6 +2374,31 @@ msgstr ""
|
||||
msgid "Create a revocation certificate for this signature? (y/N)"
|
||||
msgstr "Ein Widerrufszertifikat für diese Unterschrift erzeugen (j/N)"
|
||||
|
||||
#. FIXME: detect duplicates here
|
||||
#: g10/keyedit.c:1740
|
||||
#, fuzzy
|
||||
msgid "You have signed these user IDs:\n"
|
||||
msgstr "Die letzte User-ID kann nicht gelöscht werden!\n"
|
||||
|
||||
#: g10/keyedit.c:1754 g10/keyedit.c:1789
|
||||
#, fuzzy, c-format
|
||||
msgid " signed by %08lX at %s\n"
|
||||
msgstr ""
|
||||
"\"\n"
|
||||
"unterschrieben mit Ihrem Schlüssel %08lX um %s\n"
|
||||
|
||||
#: g10/keyedit.c:1759
|
||||
#, fuzzy, c-format
|
||||
msgid " revoked by %08lX at %s\n"
|
||||
msgstr ""
|
||||
"\"\n"
|
||||
"unterschrieben mit Ihrem Schlüssel %08lX um %s\n"
|
||||
|
||||
#: g10/keyedit.c:1779
|
||||
#, fuzzy
|
||||
msgid "You are about to revoke these signatures:\n"
|
||||
msgstr "Möchten Sie einige der ungültigen Signaturen entfernen? "
|
||||
|
||||
#: g10/keyedit.c:1797
|
||||
msgid "Really create the revocation certificates? (y/N)"
|
||||
msgstr "Wirklich ein Unterschrift-Widerrufszertifikat erzeugen? (j/N) "
|
||||
@ -2680,137 +2692,137 @@ msgstr "Textzeilen l
|
||||
msgid "input line longer than %d characters\n"
|
||||
msgstr "Eingabezeile ist länger als %d Zeichen\n"
|
||||
|
||||
#: g10/tdbio.c:116 g10/tdbio.c:1634
|
||||
#: g10/tdbio.c:121 g10/tdbio.c:1635
|
||||
#, c-format
|
||||
msgid "trustdb rec %lu: lseek failed: %s\n"
|
||||
msgstr "trustdb Satz %lu: lseek fehlgeschlagen: %s\n"
|
||||
|
||||
#: g10/tdbio.c:122 g10/tdbio.c:1641
|
||||
#: g10/tdbio.c:127 g10/tdbio.c:1642
|
||||
#, c-format
|
||||
msgid "trustdb rec %lu: write failed (n=%d): %s\n"
|
||||
msgstr "trustdb Satz %lu: write fehlgeschlagen (n=%d): %s\n"
|
||||
|
||||
#: g10/tdbio.c:232
|
||||
#: g10/tdbio.c:237
|
||||
msgid "trustdb transaction too large\n"
|
||||
msgstr "trustdb Transaktion zu groß\n"
|
||||
|
||||
#: g10/tdbio.c:424
|
||||
#: g10/tdbio.c:429
|
||||
#, c-format
|
||||
msgid "%s: can't access: %s\n"
|
||||
msgstr "%s: kann nicht zugegriffen werden: %s\n"
|
||||
|
||||
#: g10/ringedit.c:296 g10/tdbio.c:444
|
||||
#: g10/ringedit.c:298 g10/tdbio.c:445
|
||||
#, c-format
|
||||
msgid "%s: can't create directory: %s\n"
|
||||
msgstr "%s: Verzeichnis kann nicht erzeugt werden: %s\n"
|
||||
|
||||
#: g10/ringedit.c:302 g10/tdbio.c:447
|
||||
#: g10/ringedit.c:304 g10/tdbio.c:448
|
||||
#, c-format
|
||||
msgid "%s: directory created\n"
|
||||
msgstr "%s: Verzeichnis erzeugt\n"
|
||||
|
||||
#: g10/tdbio.c:451
|
||||
#: g10/tdbio.c:452
|
||||
#, c-format
|
||||
msgid "%s: directory does not exist!\n"
|
||||
msgstr "%s: Verzeichnis existiert nicht!\n"
|
||||
|
||||
#: g10/openfile.c:182 g10/openfile.c:253 g10/ringedit.c:1346 g10/tdbio.c:457
|
||||
#: g10/openfile.c:182 g10/openfile.c:253 g10/ringedit.c:1348 g10/tdbio.c:458
|
||||
#, c-format
|
||||
msgid "%s: can't create: %s\n"
|
||||
msgstr "%s: kann nicht erzeugt werden: %s\n"
|
||||
|
||||
#: g10/tdbio.c:472 g10/tdbio.c:521
|
||||
#: g10/tdbio.c:473 g10/tdbio.c:522
|
||||
#, c-format
|
||||
msgid "%s: can't create lock\n"
|
||||
msgstr "%s: Sperre kann nicht erzeugt werden\n"
|
||||
|
||||
#: g10/tdbio.c:486
|
||||
#: g10/tdbio.c:487
|
||||
#, c-format
|
||||
msgid "%s: failed to create version record: %s"
|
||||
msgstr "%s: Fehler beim Erzeugen des Versionsatzes: %s"
|
||||
|
||||
#: g10/tdbio.c:490
|
||||
#: g10/tdbio.c:491
|
||||
#, c-format
|
||||
msgid "%s: invalid trustdb created\n"
|
||||
msgstr "%s: ungültige trust-db erzeugt\n"
|
||||
|
||||
#: g10/tdbio.c:493
|
||||
#: g10/tdbio.c:494
|
||||
#, c-format
|
||||
msgid "%s: trustdb created\n"
|
||||
msgstr "%s: trust-db erzeugt\n"
|
||||
|
||||
#: g10/tdbio.c:530
|
||||
#: g10/tdbio.c:531
|
||||
#, c-format
|
||||
msgid "%s: invalid trustdb\n"
|
||||
msgstr "%s: ungültige 'Trust'-Datenbank\n"
|
||||
|
||||
#: g10/tdbio.c:563
|
||||
#: g10/tdbio.c:564
|
||||
#, c-format
|
||||
msgid "%s: failed to create hashtable: %s\n"
|
||||
msgstr "%s: hashtable kann nicht erzeugt werden: %s\n"
|
||||
|
||||
#: g10/tdbio.c:571
|
||||
#: g10/tdbio.c:572
|
||||
#, c-format
|
||||
msgid "%s: error updating version record: %s\n"
|
||||
msgstr "%s: Fehler beim Ändern des Versionsatzes: %s\n"
|
||||
|
||||
#: g10/tdbio.c:587 g10/tdbio.c:626 g10/tdbio.c:648 g10/tdbio.c:678
|
||||
#: g10/tdbio.c:703 g10/tdbio.c:1567 g10/tdbio.c:1594
|
||||
#: g10/tdbio.c:588 g10/tdbio.c:627 g10/tdbio.c:649 g10/tdbio.c:679
|
||||
#: g10/tdbio.c:704 g10/tdbio.c:1568 g10/tdbio.c:1595
|
||||
#, c-format
|
||||
msgid "%s: error reading version record: %s\n"
|
||||
msgstr "%s: Fehler beim Lesen des Versionsatzes: %s\n"
|
||||
|
||||
#: g10/tdbio.c:600 g10/tdbio.c:659
|
||||
#: g10/tdbio.c:601 g10/tdbio.c:660
|
||||
#, c-format
|
||||
msgid "%s: error writing version record: %s\n"
|
||||
msgstr "%s: Fehler beim Schreiben des Versionsatzes: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1246
|
||||
#: g10/tdbio.c:1247
|
||||
#, c-format
|
||||
msgid "trustdb: lseek failed: %s\n"
|
||||
msgstr "trustdb: lseek fehlgeschlagen: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1254
|
||||
#: g10/tdbio.c:1255
|
||||
#, c-format
|
||||
msgid "trustdb: read failed (n=%d): %s\n"
|
||||
msgstr "trustdb: read failed (n=%d): %s\n"
|
||||
|
||||
#: g10/tdbio.c:1275
|
||||
#: g10/tdbio.c:1276
|
||||
#, c-format
|
||||
msgid "%s: not a trustdb file\n"
|
||||
msgstr "%s: keine trustdb Datei\n"
|
||||
|
||||
#: g10/tdbio.c:1291
|
||||
#: g10/tdbio.c:1292
|
||||
#, c-format
|
||||
msgid "%s: version record with recnum %lu\n"
|
||||
msgstr "%s: version record with recnum %lu\n"
|
||||
|
||||
#: g10/tdbio.c:1296
|
||||
#: g10/tdbio.c:1297
|
||||
#, c-format
|
||||
msgid "%s: invalid file version %d\n"
|
||||
msgstr "%s: invalid file version %d\n"
|
||||
|
||||
#: g10/tdbio.c:1600
|
||||
#: g10/tdbio.c:1601
|
||||
#, c-format
|
||||
msgid "%s: error reading free record: %s\n"
|
||||
msgstr "%s: Fehler beim Lesen eines freien Satzes: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1608
|
||||
#: g10/tdbio.c:1609
|
||||
#, c-format
|
||||
msgid "%s: error writing dir record: %s\n"
|
||||
msgstr "%s: Fehler beim Schreiben eines Verzeichnis-Satzes: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1618
|
||||
#: g10/tdbio.c:1619
|
||||
#, c-format
|
||||
msgid "%s: failed to zero a record: %s\n"
|
||||
msgstr "%s: konnte einen Satz nicht Nullen: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1648
|
||||
#: g10/tdbio.c:1649
|
||||
#, c-format
|
||||
msgid "%s: failed to append a record: %s\n"
|
||||
msgstr "%s: konnte Satz nicht anhängen: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1759
|
||||
#: g10/tdbio.c:1760
|
||||
msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
|
||||
msgstr ""
|
||||
"Die \"Trust\"-Datenbank ist beschädigt; verwenden Sie \"gpg "
|
||||
@ -3041,7 +3053,6 @@ msgid "Ooops, no keys\n"
|
||||
msgstr "Huch, keine Schlüssel\n"
|
||||
|
||||
#: g10/trustdb.c:2061
|
||||
#, fuzzy
|
||||
msgid "Ooops, no user IDs\n"
|
||||
msgstr "Huch, keine User-IDs\n"
|
||||
|
||||
@ -3101,31 +3112,31 @@ msgstr "konnte '%s' nicht in die 'Trust'-Datenbank hineintun: %s\n"
|
||||
msgid "WARNING: can't yet handle long pref records\n"
|
||||
msgstr "WARNUNG: Lange 'Pref'-Records können noch nicht benutzt werden\n"
|
||||
|
||||
#: g10/ringedit.c:316
|
||||
#: g10/ringedit.c:318
|
||||
#, c-format
|
||||
msgid "%s: can't create keyring: %s\n"
|
||||
msgstr "%s: Schlüsselbund kann nicht erzeugt werden: %s\n"
|
||||
|
||||
#: g10/ringedit.c:333 g10/ringedit.c:1351
|
||||
#: g10/ringedit.c:335 g10/ringedit.c:1353
|
||||
#, c-format
|
||||
msgid "%s: keyring created\n"
|
||||
msgstr "%s: Schlüsselbund erstellt\n"
|
||||
|
||||
#: g10/ringedit.c:1528
|
||||
#: g10/ringedit.c:1530
|
||||
msgid "WARNING: 2 files with confidential information exists.\n"
|
||||
msgstr "Warnung: Zwei Dateien mit vertraulichem Inhalt vorhanden.\n"
|
||||
|
||||
#: g10/ringedit.c:1529
|
||||
#: g10/ringedit.c:1531
|
||||
#, c-format
|
||||
msgid "%s is the unchanged one\n"
|
||||
msgstr "%s ist der Unveränderte\n"
|
||||
|
||||
#: g10/ringedit.c:1530
|
||||
#: g10/ringedit.c:1532
|
||||
#, c-format
|
||||
msgid "%s is the new one\n"
|
||||
msgstr "%s ist der Neue\n"
|
||||
|
||||
#: g10/ringedit.c:1531
|
||||
#: g10/ringedit.c:1533
|
||||
msgid "Please fix this possible security flaw\n"
|
||||
msgstr "Bitte diesen potentiellen Sicherheitsmangel beseitigen\n"
|
||||
|
||||
@ -3209,6 +3220,28 @@ msgstr ""
|
||||
"Trotz %d-fachen Versuch konnte die Erzeugung eines unsicheren Schlüssels für "
|
||||
"sym.Verschlüsselung nicht vermieden werden!\n"
|
||||
|
||||
#: g10/delkey.c:93
|
||||
msgid "there is a secret key for this public key!\n"
|
||||
msgstr "Es gibt einen privaten Schlüssel zu diesem öffentlichen Schlüssel!\n"
|
||||
|
||||
#: g10/delkey.c:95
|
||||
msgid "use option \"--delete-secret-key\" to delete it first.\n"
|
||||
msgstr ""
|
||||
"Benutzen Sie das Kommando \"--delete-secret-key\", um ihn vorab zu "
|
||||
"entfernen.\n"
|
||||
|
||||
#: g10/delkey.c:111
|
||||
msgid "can't do that in batchmode without \"--yes\"\n"
|
||||
msgstr "Dies kann im Batchmodus ohne \"--yes\" nicht durchgeführt werden.\n"
|
||||
|
||||
#: g10/delkey.c:133
|
||||
msgid "Delete this key from the keyring? "
|
||||
msgstr "Diesen Schlüssel aus dem Schlüsselbund löschen? "
|
||||
|
||||
#: g10/delkey.c:141
|
||||
msgid "This is a secret key! - really delete? "
|
||||
msgstr "Dies ist ein privater Schlüssel! - Wirklich löschen? "
|
||||
|
||||
#: g10/helptext.c:47
|
||||
msgid ""
|
||||
"It's up to you to assign a value here; this value will never be exported\n"
|
||||
@ -3234,7 +3267,6 @@ msgstr ""
|
||||
"so antworten Sie mit \"ja\"."
|
||||
|
||||
#: g10/helptext.c:61
|
||||
#, fuzzy
|
||||
msgid ""
|
||||
"Enter the user ID of the addressee to whom you want to send the message."
|
||||
msgstr "Geben Sie die User-ID dessen ein, dem Sie die Botschaft senden wollen."
|
||||
@ -3304,7 +3336,6 @@ msgid "Answer \"yes\" or \"no\""
|
||||
msgstr "Geben Sie \"ja\" oder \"nein\" ein"
|
||||
|
||||
#: g10/helptext.c:106
|
||||
#, fuzzy
|
||||
msgid ""
|
||||
"Enter the required value as shown in the prompt.\n"
|
||||
"It is possible to enter a ISO date (YYYY-MM-DD) but you won't\n"
|
||||
@ -3367,7 +3398,6 @@ msgstr ""
|
||||
"Geben Sie \"ja\" (oder nur \"j\") ein, um diesen Unterschlüssel zu löschen"
|
||||
|
||||
#: g10/helptext.c:178
|
||||
#, fuzzy
|
||||
msgid ""
|
||||
"This is a valid signature on the key; you normally don't want\n"
|
||||
"to delete this signature because it may be important to establish a\n"
|
||||
@ -3383,8 +3413,8 @@ msgstr ""
|
||||
msgid ""
|
||||
"This signature can't be checked because you don't have the\n"
|
||||
"corresponding key. You should postpone its deletion until you\n"
|
||||
"know which key was used because this signing key might establisha trust "
|
||||
"connection through another already certified key."
|
||||
"know which key was used because this signing key might establish\n"
|
||||
"a trust connection through another already certified key."
|
||||
msgstr ""
|
||||
"Diese Beglaubigung kann nicht geprüft werden, da Sie den passenden "
|
||||
"Schlüssel\n"
|
||||
@ -3997,24 +4027,3 @@ msgstr "Keine Hilfe f
|
||||
|
||||
#~ msgid "Checking signatures of this public key certificate:\n"
|
||||
#~ msgstr "Die Signaturen dieses Zertifikats werden überprüft:\n"
|
||||
|
||||
#~ msgid "Do you want to remove some of the invalid signatures? "
|
||||
#~ msgstr "Möchten Sie einige der ungültigen Signaturen entfernen? "
|
||||
|
||||
#~ msgid "there is a secret key for this public key!\n"
|
||||
#~ msgstr ""
|
||||
#~ "Es gibt einen privaten Schlüssel zu diesem öffentlichen Schlüssel!\n"
|
||||
|
||||
#~ msgid "use option \"--delete-secret-key\" to delete it first.\n"
|
||||
#~ msgstr ""
|
||||
#~ "Benutzen Sie das Kommando \"--delete-secret-key\", um ihn vorab zu "
|
||||
#~ "entfernen.\n"
|
||||
|
||||
#~ msgid "can't do that in batchmode without \"--yes\"\n"
|
||||
#~ msgstr "Dies kann im Batchmodus ohne \"--yes\" nicht durchgeführt werden.\n"
|
||||
|
||||
#~ msgid "Delete this key from the keyring? "
|
||||
#~ msgstr "Diesen Schlüssel aus dem Schlüsselbund löschen? "
|
||||
|
||||
#~ msgid "This is a secret key! - really delete? "
|
||||
#~ msgstr "Dies ist ein privater Schlüssel! - Wirklich löschen? "
|
||||
|
130
po/es_ES.po
130
po/es_ES.po
@ -7,7 +7,7 @@
|
||||
# GPG version: 0.9.7
|
||||
msgid ""
|
||||
msgstr ""
|
||||
"POT-Creation-Date: 1999-09-03 08:52+0200\n"
|
||||
"POT-Creation-Date: 1999-09-05 19:21+0200\n"
|
||||
"PO-Revision-Date: 1999-06-06 18:33+0200\n"
|
||||
"Content-Type: text/plain; charset=iso-8859-1\n"
|
||||
"Date: 1998-11-13 10:49:25+0100\n"
|
||||
@ -1519,8 +1519,8 @@ msgstr ""
|
||||
msgid "Really create? "
|
||||
msgstr "¿Crear de verdad? "
|
||||
|
||||
#: g10/encode.c:91 g10/openfile.c:156 g10/openfile.c:246 g10/tdbio.c:467
|
||||
#: g10/tdbio.c:528
|
||||
#: g10/encode.c:91 g10/openfile.c:156 g10/openfile.c:246 g10/tdbio.c:468
|
||||
#: g10/tdbio.c:529
|
||||
#, c-format
|
||||
msgid "%s: can't open: %s\n"
|
||||
msgstr "%s: no puede abrirse: %s\n"
|
||||
@ -1867,7 +1867,7 @@ msgstr "clave %08lX: certificado de revocaci
|
||||
msgid "key %08lX: our copy has no self-signature\n"
|
||||
msgstr "clave %08lX: nuestra copia no tiene autofirma\n"
|
||||
|
||||
#: g10/keyedit.c:93
|
||||
#: g10/delkey.c:64 g10/keyedit.c:93
|
||||
#, c-format
|
||||
msgid "%s: user not found\n"
|
||||
msgstr "%s: usuario no encontrado\n"
|
||||
@ -2212,7 +2212,7 @@ msgstr ""
|
||||
msgid "enable a key"
|
||||
msgstr "Clave incorrecta"
|
||||
|
||||
#: g10/keyedit.c:614
|
||||
#: g10/delkey.c:107 g10/keyedit.c:614
|
||||
msgid "can't do that in batchmode\n"
|
||||
msgstr "imposible hacer esto en modo de proceso por lotes\n"
|
||||
|
||||
@ -2401,6 +2401,31 @@ msgstr ""
|
||||
msgid "Create a revocation certificate for this signature? (y/N)"
|
||||
msgstr "¿Crear un certificado de revocación para esta clave (s/N)?"
|
||||
|
||||
#. FIXME: detect duplicates here
|
||||
#: g10/keyedit.c:1740
|
||||
#, fuzzy
|
||||
msgid "You have signed these user IDs:\n"
|
||||
msgstr "¡No puede borrar el último identificativo de usuario!\n"
|
||||
|
||||
#: g10/keyedit.c:1754 g10/keyedit.c:1789
|
||||
#, fuzzy, c-format
|
||||
msgid " signed by %08lX at %s\n"
|
||||
msgstr ""
|
||||
"\"\n"
|
||||
"firmada con su clave %08lX el %s\n"
|
||||
|
||||
#: g10/keyedit.c:1759
|
||||
#, fuzzy, c-format
|
||||
msgid " revoked by %08lX at %s\n"
|
||||
msgstr ""
|
||||
"\"\n"
|
||||
"firmada con su clave %08lX el %s\n"
|
||||
|
||||
#: g10/keyedit.c:1779
|
||||
#, fuzzy
|
||||
msgid "You are about to revoke these signatures:\n"
|
||||
msgstr "¿Revocar realmente las claves seleccionadas? "
|
||||
|
||||
#: g10/keyedit.c:1797
|
||||
msgid "Really create the revocation certificates? (y/N)"
|
||||
msgstr "¿Crear los certificados de revocación realmente? (s/N)"
|
||||
@ -2685,138 +2710,138 @@ msgstr "no se pueden manejar l
|
||||
msgid "input line longer than %d characters\n"
|
||||
msgstr "línea de longitud superior a %d caracteres\n"
|
||||
|
||||
#: g10/tdbio.c:116 g10/tdbio.c:1634
|
||||
#: g10/tdbio.c:121 g10/tdbio.c:1635
|
||||
#, c-format
|
||||
msgid "trustdb rec %lu: lseek failed: %s\n"
|
||||
msgstr "registro base de datos de confianza %lu: lseek fallido: %s\n"
|
||||
|
||||
#: g10/tdbio.c:122 g10/tdbio.c:1641
|
||||
#: g10/tdbio.c:127 g10/tdbio.c:1642
|
||||
#, c-format
|
||||
msgid "trustdb rec %lu: write failed (n=%d): %s\n"
|
||||
msgstr ""
|
||||
"resgisto base de datos de confianza %lu: escritura fallida (n=%d): %s\n"
|
||||
|
||||
#: g10/tdbio.c:232
|
||||
#: g10/tdbio.c:237
|
||||
msgid "trustdb transaction too large\n"
|
||||
msgstr "transacción en la base de datos de confianza demasiado grande\n"
|
||||
|
||||
#: g10/tdbio.c:424
|
||||
#: g10/tdbio.c:429
|
||||
#, c-format
|
||||
msgid "%s: can't access: %s\n"
|
||||
msgstr "%s: no puede abrirse: %s\n"
|
||||
|
||||
#: g10/ringedit.c:296 g10/tdbio.c:444
|
||||
#: g10/ringedit.c:298 g10/tdbio.c:445
|
||||
#, c-format
|
||||
msgid "%s: can't create directory: %s\n"
|
||||
msgstr "%s: no puede crearse el directorio: %s\n"
|
||||
|
||||
#: g10/ringedit.c:302 g10/tdbio.c:447
|
||||
#: g10/ringedit.c:304 g10/tdbio.c:448
|
||||
#, c-format
|
||||
msgid "%s: directory created\n"
|
||||
msgstr "%s: directorio creado\n"
|
||||
|
||||
#: g10/tdbio.c:451
|
||||
#: g10/tdbio.c:452
|
||||
#, c-format
|
||||
msgid "%s: directory does not exist!\n"
|
||||
msgstr "%s: ¡el directorio no existe!\n"
|
||||
|
||||
#: g10/openfile.c:182 g10/openfile.c:253 g10/ringedit.c:1346 g10/tdbio.c:457
|
||||
#: g10/openfile.c:182 g10/openfile.c:253 g10/ringedit.c:1348 g10/tdbio.c:458
|
||||
#, c-format
|
||||
msgid "%s: can't create: %s\n"
|
||||
msgstr "%s: no puede crearse: %s\n"
|
||||
|
||||
#: g10/tdbio.c:472 g10/tdbio.c:521
|
||||
#: g10/tdbio.c:473 g10/tdbio.c:522
|
||||
#, c-format
|
||||
msgid "%s: can't create lock\n"
|
||||
msgstr "%s: no puede crearse bloqueo\n"
|
||||
|
||||
#: g10/tdbio.c:486
|
||||
#: g10/tdbio.c:487
|
||||
#, c-format
|
||||
msgid "%s: failed to create version record: %s"
|
||||
msgstr "%s: fallo en la creación del registro de versión: %s"
|
||||
|
||||
#: g10/tdbio.c:490
|
||||
#: g10/tdbio.c:491
|
||||
#, c-format
|
||||
msgid "%s: invalid trustdb created\n"
|
||||
msgstr "%s: se ha creado base de datos de confianza no válida\n"
|
||||
|
||||
#: g10/tdbio.c:493
|
||||
#: g10/tdbio.c:494
|
||||
#, c-format
|
||||
msgid "%s: trustdb created\n"
|
||||
msgstr "%s: se ha creado base de datos de confianza\n"
|
||||
|
||||
#: g10/tdbio.c:530
|
||||
#: g10/tdbio.c:531
|
||||
#, c-format
|
||||
msgid "%s: invalid trustdb\n"
|
||||
msgstr "%s: base de datos de confianza no válida\n"
|
||||
|
||||
#: g10/tdbio.c:563
|
||||
#: g10/tdbio.c:564
|
||||
#, c-format
|
||||
msgid "%s: failed to create hashtable: %s\n"
|
||||
msgstr "%s: fallo en la creación de la tabla hash: %s\n"
|
||||
|
||||
#: g10/tdbio.c:571
|
||||
#: g10/tdbio.c:572
|
||||
#, c-format
|
||||
msgid "%s: error updating version record: %s\n"
|
||||
msgstr "%s: error actualizando el registro de versión: %s\n"
|
||||
|
||||
#: g10/tdbio.c:587 g10/tdbio.c:626 g10/tdbio.c:648 g10/tdbio.c:678
|
||||
#: g10/tdbio.c:703 g10/tdbio.c:1567 g10/tdbio.c:1594
|
||||
#: g10/tdbio.c:588 g10/tdbio.c:627 g10/tdbio.c:649 g10/tdbio.c:679
|
||||
#: g10/tdbio.c:704 g10/tdbio.c:1568 g10/tdbio.c:1595
|
||||
#, c-format
|
||||
msgid "%s: error reading version record: %s\n"
|
||||
msgstr "%s: error leyendo registro de versión: %s\n"
|
||||
|
||||
#: g10/tdbio.c:600 g10/tdbio.c:659
|
||||
#: g10/tdbio.c:601 g10/tdbio.c:660
|
||||
#, c-format
|
||||
msgid "%s: error writing version record: %s\n"
|
||||
msgstr "%s: error escribiendo registro de versión: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1246
|
||||
#: g10/tdbio.c:1247
|
||||
#, c-format
|
||||
msgid "trustdb: lseek failed: %s\n"
|
||||
msgstr "base de datos de confianza: fallo lseek: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1254
|
||||
#: g10/tdbio.c:1255
|
||||
#, c-format
|
||||
msgid "trustdb: read failed (n=%d): %s\n"
|
||||
msgstr "base de datos de confianza: error lectura (n=%d): %s\n"
|
||||
|
||||
#: g10/tdbio.c:1275
|
||||
#: g10/tdbio.c:1276
|
||||
#, c-format
|
||||
msgid "%s: not a trustdb file\n"
|
||||
msgstr "%s: no es una base de datos de confianza\n"
|
||||
|
||||
#: g10/tdbio.c:1291
|
||||
#: g10/tdbio.c:1292
|
||||
#, c-format
|
||||
msgid "%s: version record with recnum %lu\n"
|
||||
msgstr "%s: registro de versión con número de registro %lu\n"
|
||||
|
||||
#: g10/tdbio.c:1296
|
||||
#: g10/tdbio.c:1297
|
||||
#, c-format
|
||||
msgid "%s: invalid file version %d\n"
|
||||
msgstr "%s: versión del fichero %d no válida\n"
|
||||
|
||||
#: g10/tdbio.c:1600
|
||||
#: g10/tdbio.c:1601
|
||||
#, c-format
|
||||
msgid "%s: error reading free record: %s\n"
|
||||
msgstr "%s: error leyendo registro libre: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1608
|
||||
#: g10/tdbio.c:1609
|
||||
#, c-format
|
||||
msgid "%s: error writing dir record: %s\n"
|
||||
msgstr "%s: error escribiendo registro de directorio: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1618
|
||||
#: g10/tdbio.c:1619
|
||||
#, c-format
|
||||
msgid "%s: failed to zero a record: %s\n"
|
||||
msgstr "%s: fallo en poner a cero un registro: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1648
|
||||
#: g10/tdbio.c:1649
|
||||
#, c-format
|
||||
msgid "%s: failed to append a record: %s\n"
|
||||
msgstr "%s: fallo al añadir un registro: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1759
|
||||
#: g10/tdbio.c:1760
|
||||
#, fuzzy
|
||||
msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
|
||||
msgstr ""
|
||||
@ -3107,31 +3132,31 @@ msgstr "fallo al poner '%s' en la tabla de confianza: %s\n"
|
||||
msgid "WARNING: can't yet handle long pref records\n"
|
||||
msgstr "ATENCÍON: todavía no puedo tratar registros de preferencias largos\n"
|
||||
|
||||
#: g10/ringedit.c:316
|
||||
#: g10/ringedit.c:318
|
||||
#, c-format
|
||||
msgid "%s: can't create keyring: %s\n"
|
||||
msgstr "%s: no se puede crear el anillo: %s\n"
|
||||
|
||||
#: g10/ringedit.c:333 g10/ringedit.c:1351
|
||||
#: g10/ringedit.c:335 g10/ringedit.c:1353
|
||||
#, c-format
|
||||
msgid "%s: keyring created\n"
|
||||
msgstr "%s: anillo creado\n"
|
||||
|
||||
#: g10/ringedit.c:1528
|
||||
#: g10/ringedit.c:1530
|
||||
msgid "WARNING: 2 files with confidential information exists.\n"
|
||||
msgstr "ATENCIÓN: existen 2 ficheros con información confidencial.\n"
|
||||
|
||||
#: g10/ringedit.c:1529
|
||||
#: g10/ringedit.c:1531
|
||||
#, c-format
|
||||
msgid "%s is the unchanged one\n"
|
||||
msgstr "%s es el que no se ha modificado\n"
|
||||
|
||||
#: g10/ringedit.c:1530
|
||||
#: g10/ringedit.c:1532
|
||||
#, c-format
|
||||
msgid "%s is the new one\n"
|
||||
msgstr "%s es el nuevo\n"
|
||||
|
||||
#: g10/ringedit.c:1531
|
||||
#: g10/ringedit.c:1533
|
||||
msgid "Please fix this possible security flaw\n"
|
||||
msgstr "Por favor arregle este posible fallo de seguridad\n"
|
||||
|
||||
@ -3214,6 +3239,29 @@ msgstr ""
|
||||
"¡imposible evitar clave débil para cifrado simétrico después de %d "
|
||||
"intentos!\n"
|
||||
|
||||
#: g10/delkey.c:93
|
||||
#, fuzzy
|
||||
msgid "there is a secret key for this public key!\n"
|
||||
msgstr "elimina la clave del anillo público"
|
||||
|
||||
#: g10/delkey.c:95
|
||||
msgid "use option \"--delete-secret-key\" to delete it first.\n"
|
||||
msgstr ""
|
||||
|
||||
#: g10/delkey.c:111
|
||||
#, fuzzy
|
||||
msgid "can't do that in batchmode without \"--yes\"\n"
|
||||
msgstr "imposible hacer esto en modo de proceso por lotes\n"
|
||||
|
||||
#: g10/delkey.c:133
|
||||
#, fuzzy
|
||||
msgid "Delete this key from the keyring? "
|
||||
msgstr "elimina la clave del anillo público"
|
||||
|
||||
#: g10/delkey.c:141
|
||||
msgid "This is a secret key! - really delete? "
|
||||
msgstr ""
|
||||
|
||||
#: g10/helptext.c:47
|
||||
msgid ""
|
||||
"It's up to you to assign a value here; this value will never be exported\n"
|
||||
@ -3331,8 +3379,8 @@ msgstr ""
|
||||
msgid ""
|
||||
"This signature can't be checked because you don't have the\n"
|
||||
"corresponding key. You should postpone its deletion until you\n"
|
||||
"know which key was used because this signing key might establisha trust "
|
||||
"connection through another already certified key."
|
||||
"know which key was used because this signing key might establish\n"
|
||||
"a trust connection through another already certified key."
|
||||
msgstr ""
|
||||
|
||||
#: g10/helptext.c:189
|
||||
|
420
po/fr.po
420
po/fr.po
@ -5,8 +5,8 @@
|
||||
msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: gnupg 1.0\n"
|
||||
"POT-Creation-Date: 1999-09-03 08:52+0200\n"
|
||||
"PO-Revision-Date: 1999-08-08 04:01+02:00\n"
|
||||
"POT-Creation-Date: 1999-09-05 19:21+0200\n"
|
||||
"PO-Revision-Date: 1999-09-03 18:07+0200\n"
|
||||
"Last-Translator: Gaël Quéri <gqueri@mail.dotcom.fr>\n"
|
||||
"Language-Team: French <traduc@traduc.org>\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
@ -37,11 +37,11 @@ msgstr "oO"
|
||||
|
||||
#: util/miscutil.c:279 util/miscutil.c:307
|
||||
msgid "no"
|
||||
msgstr ""
|
||||
msgstr "non"
|
||||
|
||||
#: util/miscutil.c:280 util/miscutil.c:310
|
||||
msgid "nN"
|
||||
msgstr ""
|
||||
msgstr "nN"
|
||||
|
||||
#: g10/keyedit.c:564 util/miscutil.c:308
|
||||
msgid "quit"
|
||||
@ -560,10 +560,9 @@ msgstr "imiter le mode d
|
||||
msgid "set all packet, cipher and digest options to OpenPGP behavior"
|
||||
msgstr "utiliser le comportement défini par OpenPGP"
|
||||
|
||||
# FIXMOI : faudra trouver mieux ...
|
||||
#: g10/g10.c:274
|
||||
msgid "|N|use passphrase mode N"
|
||||
msgstr "|N|utiliser le mode de codage des mots de passe N"
|
||||
msgstr "|N|coder les mots de passe suivant le mode N"
|
||||
|
||||
#: g10/g10.c:276
|
||||
msgid "|NAME|use message digest algorithm NAME for passphrases"
|
||||
@ -1042,9 +1041,8 @@ msgid ""
|
||||
"%08lX: It is not sure that this key really belongs to the owner\n"
|
||||
"but it is accepted anyway\n"
|
||||
msgstr ""
|
||||
"%08lX : Il n'est pas sûr que cette clé appartient vraiment à son "
|
||||
"propriétaire\n"
|
||||
"mais elle est quand même acceptée\n"
|
||||
"%08lX : Il n'est pas sûr que cette clé appartient vraiment à son\n"
|
||||
"propriétaire mais elle est quand même acceptée\n"
|
||||
|
||||
#: g10/pkclist.c:422
|
||||
msgid "This key probably belongs to the owner\n"
|
||||
@ -1144,18 +1142,16 @@ msgid "No such user ID.\n"
|
||||
msgstr "Pas de tel utilisateur.\n"
|
||||
|
||||
#: g10/pkclist.c:756
|
||||
#, fuzzy
|
||||
msgid "skipped: public key already set as default recipient\n"
|
||||
msgstr "%s : ignoré : clé publique déjà présente\n"
|
||||
msgstr "ignoré : la clé publique est déjà le récipient par défaut\n"
|
||||
|
||||
#: g10/pkclist.c:778
|
||||
msgid "Public key is disabled.\n"
|
||||
msgstr "La clé publique est désactivée.\n"
|
||||
|
||||
#: g10/pkclist.c:785
|
||||
#, fuzzy
|
||||
msgid "skipped: public key already set with --encrypt-to\n"
|
||||
msgstr "%s : ignoré : clé publique déjà présente\n"
|
||||
msgstr "ignoré : clé publique configurée par --encrypt-to\n"
|
||||
|
||||
#: g10/pkclist.c:816
|
||||
#, c-format
|
||||
@ -1506,8 +1502,8 @@ msgstr ""
|
||||
msgid "Really create? "
|
||||
msgstr "Créer vraiment ? "
|
||||
|
||||
#: g10/encode.c:91 g10/openfile.c:156 g10/openfile.c:246 g10/tdbio.c:467
|
||||
#: g10/tdbio.c:528
|
||||
#: g10/encode.c:91 g10/openfile.c:156 g10/openfile.c:246 g10/tdbio.c:468
|
||||
#: g10/tdbio.c:529
|
||||
#, c-format
|
||||
msgid "%s: can't open: %s\n"
|
||||
msgstr "%s : ne peut ouvrir : %s\n"
|
||||
@ -1564,14 +1560,12 @@ msgid "RSA key cannot be used in this version\n"
|
||||
msgstr "les clés RSA ne peuvent être utilisées dans cette version\n"
|
||||
|
||||
#: g10/getkey.c:1291 g10/getkey.c:1330
|
||||
#, fuzzy
|
||||
msgid "No key for user ID\n"
|
||||
msgstr "Pas de clé pour cet utilisateur\n"
|
||||
msgstr "Pas de clé pour l'utilisateur\n"
|
||||
|
||||
#: g10/getkey.c:1369 g10/getkey.c:1409
|
||||
#, fuzzy
|
||||
msgid "No user ID for key\n"
|
||||
msgstr "Pas d'utilisateur pour cette clé\n"
|
||||
msgstr "Pas d'utilisateur pour la clé\n"
|
||||
|
||||
#: g10/getkey.c:1565 g10/getkey.c:1621
|
||||
#, c-format
|
||||
@ -1656,12 +1650,12 @@ msgid " secret keys unchanged: %lu\n"
|
||||
msgstr " clés secrètes inchangées : %lu\n"
|
||||
|
||||
#: g10/import.c:362 g10/import.c:554
|
||||
#, fuzzy, c-format
|
||||
#, c-format
|
||||
msgid "key %08lX: no user ID\n"
|
||||
msgstr "clé %08lX : pas de nom d'utilisateur\n"
|
||||
|
||||
#: g10/import.c:376
|
||||
#, fuzzy, c-format
|
||||
#, c-format
|
||||
msgid "key %08lX: no valid user IDs\n"
|
||||
msgstr "clé %08lX : pas de nom d'utilisateur valide\n"
|
||||
|
||||
@ -1714,12 +1708,12 @@ msgid "key %08lX: can't read original keyblock: %s\n"
|
||||
msgstr "clé %08lX : ne peut lire le bloc de clés original : %s\n"
|
||||
|
||||
#: g10/import.c:469
|
||||
#, fuzzy, c-format
|
||||
#, c-format
|
||||
msgid "key %08lX: 1 new user ID\n"
|
||||
msgstr "clé %08lX : un nouvel utilisateur\n"
|
||||
|
||||
#: g10/import.c:472
|
||||
#, fuzzy, c-format
|
||||
#, c-format
|
||||
msgid "key %08lX: %d new user IDs\n"
|
||||
msgstr "clé %08lX : %d nouveaux utilisateurs\n"
|
||||
|
||||
@ -1782,7 +1776,7 @@ msgid "key %08lX: revocation certificate imported\n"
|
||||
msgstr "clé %08lX : certificat de révocation importé\n"
|
||||
|
||||
#: g10/import.c:711
|
||||
#, fuzzy, c-format
|
||||
#, c-format
|
||||
msgid "key %08lX: no user ID for signature\n"
|
||||
msgstr "clé %08lX : pas d'utilisateur pour la signature\n"
|
||||
|
||||
@ -1807,12 +1801,12 @@ msgid "key %08lX: invalid subkey binding\n"
|
||||
msgstr "clé %08lX : liaison avec la sous-clé invalide\n"
|
||||
|
||||
#: g10/import.c:769
|
||||
#, fuzzy, c-format
|
||||
#, c-format
|
||||
msgid "key %08lX: accepted non self-signed user ID '"
|
||||
msgstr "clé %08lX : utilisateur non signé par lui-même accepté : '"
|
||||
|
||||
#: g10/import.c:798
|
||||
#, fuzzy, c-format
|
||||
#, c-format
|
||||
msgid "key %08lX: skipped user ID '"
|
||||
msgstr "clé %08lX : utilisateur non pris en compte : '"
|
||||
|
||||
@ -1855,7 +1849,7 @@ msgstr "cl
|
||||
msgid "key %08lX: our copy has no self-signature\n"
|
||||
msgstr "clé %08lX : notre copie n'a pas d'auto-signature\n"
|
||||
|
||||
#: g10/keyedit.c:93
|
||||
#: g10/delkey.c:64 g10/keyedit.c:93
|
||||
#, c-format
|
||||
msgid "%s: user not found\n"
|
||||
msgstr "%s : utilisateur non trouvé\n"
|
||||
@ -1896,12 +1890,11 @@ msgid "%d signatures not checked due to errors\n"
|
||||
msgstr "%d signatures non vérifiées à cause d'erreurs\n"
|
||||
|
||||
#: g10/keyedit.c:231
|
||||
#, fuzzy
|
||||
msgid "1 user ID without valid self-signature detected\n"
|
||||
msgstr "un nom d'utilisateur sans auto-signature valide détecté\n"
|
||||
|
||||
#: g10/keyedit.c:233
|
||||
#, fuzzy, c-format
|
||||
#, c-format
|
||||
msgid "%d user IDs without valid self-signatures detected\n"
|
||||
msgstr "%d nom d'utilisateurs sans auto-signature valide détecté\n"
|
||||
|
||||
@ -2017,7 +2010,6 @@ msgid "list"
|
||||
msgstr "lister"
|
||||
|
||||
#: g10/keyedit.c:570
|
||||
#, fuzzy
|
||||
msgid "list key and user IDs"
|
||||
msgstr "lister la clé et les noms d'utilisateurs"
|
||||
|
||||
@ -2030,7 +2022,6 @@ msgid "uid"
|
||||
msgstr "uid"
|
||||
|
||||
#: g10/keyedit.c:572
|
||||
#, fuzzy
|
||||
msgid "select user ID N"
|
||||
msgstr "sélectionner le nom d'utilisateur N"
|
||||
|
||||
@ -2083,7 +2074,6 @@ msgid "adduid"
|
||||
msgstr "aj.ut"
|
||||
|
||||
#: g10/keyedit.c:580
|
||||
#, fuzzy
|
||||
msgid "add a user ID"
|
||||
msgstr "ajouter un utilisateur"
|
||||
|
||||
@ -2092,7 +2082,6 @@ msgid "deluid"
|
||||
msgstr "suppr.ut"
|
||||
|
||||
#: g10/keyedit.c:581
|
||||
#, fuzzy
|
||||
msgid "delete user ID"
|
||||
msgstr "enlever un utilisateur"
|
||||
|
||||
@ -2197,7 +2186,7 @@ msgstr "activer"
|
||||
msgid "enable a key"
|
||||
msgstr "activer une clé"
|
||||
|
||||
#: g10/keyedit.c:614
|
||||
#: g10/delkey.c:107 g10/keyedit.c:614
|
||||
msgid "can't do that in batchmode\n"
|
||||
msgstr "impossible de faire cela en mode automatique\n"
|
||||
|
||||
@ -2216,12 +2205,10 @@ msgid "Need the secret key to do this.\n"
|
||||
msgstr "Il faut la clé secrète pour faire cela.\n"
|
||||
|
||||
#: g10/keyedit.c:758
|
||||
#, fuzzy
|
||||
msgid "Really sign all user IDs? "
|
||||
msgstr "Signer vraiment tous les utilisateurs ? "
|
||||
|
||||
#: g10/keyedit.c:759
|
||||
#, fuzzy
|
||||
msgid "Hint: Select the user IDs to sign\n"
|
||||
msgstr "Aide : Sélectionner les utilisateurs à signer\n"
|
||||
|
||||
@ -2231,22 +2218,18 @@ msgid "update of trustdb failed: %s\n"
|
||||
msgstr "la mise à jour de la base de confiance a échoué : %s\n"
|
||||
|
||||
#: g10/keyedit.c:797 g10/keyedit.c:818
|
||||
#, fuzzy
|
||||
msgid "You must select at least one user ID.\n"
|
||||
msgstr "Vous devez sélectionner au moins un utilisateur.\n"
|
||||
|
||||
#: g10/keyedit.c:799
|
||||
#, fuzzy
|
||||
msgid "You can't delete the last user ID!\n"
|
||||
msgstr "Vous ne pouvez pas supprimer le dernier utilisateur !\n"
|
||||
|
||||
#: g10/keyedit.c:802
|
||||
#, fuzzy
|
||||
msgid "Really remove all selected user IDs? "
|
||||
msgstr "Enlever réellement tous les utilisateurs sélectionnés ? "
|
||||
|
||||
#: g10/keyedit.c:803
|
||||
#, fuzzy
|
||||
msgid "Really remove this user ID? "
|
||||
msgstr "Enlever réellement cet utilisateur ? "
|
||||
|
||||
@ -2355,7 +2338,7 @@ msgid "No corresponding signature in secret ring\n"
|
||||
msgstr "Pas de signature correspondante dans le porte-clés secret\n"
|
||||
|
||||
#: g10/keyedit.c:1566
|
||||
#, fuzzy, c-format
|
||||
#, c-format
|
||||
msgid "No user ID with index %d\n"
|
||||
msgstr "Pas d'utilisateur avec l'index %d\n"
|
||||
|
||||
@ -2381,6 +2364,31 @@ msgstr ""
|
||||
msgid "Create a revocation certificate for this signature? (y/N)"
|
||||
msgstr "Générer un certificat de révocation pour cette signature ? (o/N)"
|
||||
|
||||
#. FIXME: detect duplicates here
|
||||
#: g10/keyedit.c:1740
|
||||
#, fuzzy
|
||||
msgid "You have signed these user IDs:\n"
|
||||
msgstr "Vous ne pouvez pas supprimer le dernier utilisateur !\n"
|
||||
|
||||
#: g10/keyedit.c:1754 g10/keyedit.c:1789
|
||||
#, fuzzy, c-format
|
||||
msgid " signed by %08lX at %s\n"
|
||||
msgstr ""
|
||||
" »\n"
|
||||
"signé avec votre clé %08lX à %s\n"
|
||||
|
||||
#: g10/keyedit.c:1759
|
||||
#, fuzzy, c-format
|
||||
msgid " revoked by %08lX at %s\n"
|
||||
msgstr ""
|
||||
" »\n"
|
||||
"signé avec votre clé %08lX à %s\n"
|
||||
|
||||
#: g10/keyedit.c:1779
|
||||
#, fuzzy
|
||||
msgid "You are about to revoke these signatures:\n"
|
||||
msgstr "Voulez-vous vraiment révoquer les clés sélectionnées ? "
|
||||
|
||||
#: g10/keyedit.c:1797
|
||||
msgid "Really create the revocation certificates? (y/N)"
|
||||
msgstr "Faut-il vraiment générer les certificats de révocation ? (o/N)"
|
||||
@ -2668,142 +2676,142 @@ msgstr "ne peut pas traiter les ligne plus longues que %d caract
|
||||
msgid "input line longer than %d characters\n"
|
||||
msgstr "la ligne d'entrée est plus longue que %d caractères\n"
|
||||
|
||||
#: g10/tdbio.c:116 g10/tdbio.c:1634
|
||||
#: g10/tdbio.c:121 g10/tdbio.c:1635
|
||||
#, c-format
|
||||
msgid "trustdb rec %lu: lseek failed: %s\n"
|
||||
msgstr "enregistrement de base de confiance %lu : lseek a échoué : %s\n"
|
||||
|
||||
#: g10/tdbio.c:122 g10/tdbio.c:1641
|
||||
#: g10/tdbio.c:127 g10/tdbio.c:1642
|
||||
#, c-format
|
||||
msgid "trustdb rec %lu: write failed (n=%d): %s\n"
|
||||
msgstr ""
|
||||
"enregistrement de la base de confiance %lu : l'écriture a échoué (n=%d) : "
|
||||
"%s\n"
|
||||
|
||||
#: g10/tdbio.c:232
|
||||
#: g10/tdbio.c:237
|
||||
msgid "trustdb transaction too large\n"
|
||||
msgstr "transaction de base de confiance trop volumineuse\n"
|
||||
|
||||
#: g10/tdbio.c:424
|
||||
#: g10/tdbio.c:429
|
||||
#, c-format
|
||||
msgid "%s: can't access: %s\n"
|
||||
msgstr "%s : ne peut accéder : %s\n"
|
||||
|
||||
#: g10/ringedit.c:296 g10/tdbio.c:444
|
||||
#: g10/ringedit.c:298 g10/tdbio.c:445
|
||||
#, c-format
|
||||
msgid "%s: can't create directory: %s\n"
|
||||
msgstr "%s : ne peut créer le répertoire : %s\n"
|
||||
|
||||
#: g10/ringedit.c:302 g10/tdbio.c:447
|
||||
#: g10/ringedit.c:304 g10/tdbio.c:448
|
||||
#, c-format
|
||||
msgid "%s: directory created\n"
|
||||
msgstr "%s : répertoire créé\n"
|
||||
|
||||
#: g10/tdbio.c:451
|
||||
#: g10/tdbio.c:452
|
||||
#, c-format
|
||||
msgid "%s: directory does not exist!\n"
|
||||
msgstr "%s : le répertoire n'existe pas !\n"
|
||||
|
||||
#: g10/openfile.c:182 g10/openfile.c:253 g10/ringedit.c:1346 g10/tdbio.c:457
|
||||
#: g10/openfile.c:182 g10/openfile.c:253 g10/ringedit.c:1348 g10/tdbio.c:458
|
||||
#, c-format
|
||||
msgid "%s: can't create: %s\n"
|
||||
msgstr "%s : ne peut créer : %s\n"
|
||||
|
||||
#: g10/tdbio.c:472 g10/tdbio.c:521
|
||||
#: g10/tdbio.c:473 g10/tdbio.c:522
|
||||
#, c-format
|
||||
msgid "%s: can't create lock\n"
|
||||
msgstr "%s : ne peut créer de verrouillage\n"
|
||||
|
||||
#: g10/tdbio.c:486
|
||||
#: g10/tdbio.c:487
|
||||
#, c-format
|
||||
msgid "%s: failed to create version record: %s"
|
||||
msgstr "%s : n'a pas pu créer un enregistrement de version : %s"
|
||||
|
||||
#: g10/tdbio.c:490
|
||||
#: g10/tdbio.c:491
|
||||
#, c-format
|
||||
msgid "%s: invalid trustdb created\n"
|
||||
msgstr "%s : base de confiance invalide créée\n"
|
||||
|
||||
#: g10/tdbio.c:493
|
||||
#: g10/tdbio.c:494
|
||||
#, c-format
|
||||
msgid "%s: trustdb created\n"
|
||||
msgstr "%s : base de confiance créée\n"
|
||||
|
||||
#: g10/tdbio.c:530
|
||||
#: g10/tdbio.c:531
|
||||
#, c-format
|
||||
msgid "%s: invalid trustdb\n"
|
||||
msgstr "%s : base de confiance invalide\n"
|
||||
|
||||
#: g10/tdbio.c:563
|
||||
#: g10/tdbio.c:564
|
||||
#, c-format
|
||||
msgid "%s: failed to create hashtable: %s\n"
|
||||
msgstr "%s : la création de la table de hachage a échoué : %s\n"
|
||||
|
||||
#: g10/tdbio.c:571
|
||||
#: g10/tdbio.c:572
|
||||
#, c-format
|
||||
msgid "%s: error updating version record: %s\n"
|
||||
msgstr ""
|
||||
"%s : erreur pendant la mise à jour de l'enregistrement de version : %s\n"
|
||||
|
||||
#: g10/tdbio.c:587 g10/tdbio.c:626 g10/tdbio.c:648 g10/tdbio.c:678
|
||||
#: g10/tdbio.c:703 g10/tdbio.c:1567 g10/tdbio.c:1594
|
||||
#: g10/tdbio.c:588 g10/tdbio.c:627 g10/tdbio.c:649 g10/tdbio.c:679
|
||||
#: g10/tdbio.c:704 g10/tdbio.c:1568 g10/tdbio.c:1595
|
||||
#, c-format
|
||||
msgid "%s: error reading version record: %s\n"
|
||||
msgstr "%s : erreur pendant la lecture de l'enregistrement de version : %s\n"
|
||||
|
||||
#: g10/tdbio.c:600 g10/tdbio.c:659
|
||||
#: g10/tdbio.c:601 g10/tdbio.c:660
|
||||
#, c-format
|
||||
msgid "%s: error writing version record: %s\n"
|
||||
msgstr "%s : erreur pendant l'écriture de l'enregistrement de version : %s\n"
|
||||
|
||||
#: g10/tdbio.c:1246
|
||||
#: g10/tdbio.c:1247
|
||||
#, c-format
|
||||
msgid "trustdb: lseek failed: %s\n"
|
||||
msgstr "base de confiance : « lseek() » a échoué : %s\n"
|
||||
|
||||
#: g10/tdbio.c:1254
|
||||
#: g10/tdbio.c:1255
|
||||
#, c-format
|
||||
msgid "trustdb: read failed (n=%d): %s\n"
|
||||
msgstr "base de confiance : la lecture a échoué (n=%d) : %s\n"
|
||||
|
||||
#: g10/tdbio.c:1275
|
||||
#: g10/tdbio.c:1276
|
||||
#, c-format
|
||||
msgid "%s: not a trustdb file\n"
|
||||
msgstr "%s : ce n'est pas un fichier de base de confiance\n"
|
||||
|
||||
#: g10/tdbio.c:1291
|
||||
#: g10/tdbio.c:1292
|
||||
#, c-format
|
||||
msgid "%s: version record with recnum %lu\n"
|
||||
msgstr "%s : enregistrement de version avec un numéro %lu\n"
|
||||
|
||||
#: g10/tdbio.c:1296
|
||||
#: g10/tdbio.c:1297
|
||||
#, c-format
|
||||
msgid "%s: invalid file version %d\n"
|
||||
msgstr "%s : version %d du fichier invalide\n"
|
||||
|
||||
#: g10/tdbio.c:1600
|
||||
#: g10/tdbio.c:1601
|
||||
#, c-format
|
||||
msgid "%s: error reading free record: %s\n"
|
||||
msgstr "%s : erreur pendant la lecture de l'enregistrement libre : %s\n"
|
||||
|
||||
#: g10/tdbio.c:1608
|
||||
#: g10/tdbio.c:1609
|
||||
#, c-format
|
||||
msgid "%s: error writing dir record: %s\n"
|
||||
msgstr ""
|
||||
"%s : erreur pendant l'écriture de l'enregistrement de\n"
|
||||
"répertoire : %s\n"
|
||||
|
||||
#: g10/tdbio.c:1618
|
||||
#: g10/tdbio.c:1619
|
||||
#, c-format
|
||||
msgid "%s: failed to zero a record: %s\n"
|
||||
msgstr "%s : n'a pu mettre un enregistrement à zéro : %s\n"
|
||||
|
||||
#: g10/tdbio.c:1648
|
||||
#: g10/tdbio.c:1649
|
||||
#, c-format
|
||||
msgid "%s: failed to append a record: %s\n"
|
||||
msgstr "%s : n'a pas pu ajouter un enregistrement : %s\n"
|
||||
|
||||
#: g10/tdbio.c:1759
|
||||
#: g10/tdbio.c:1760
|
||||
msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
|
||||
msgstr "la base de confiance est corrompue ; exécutez « gpg --fix-trustdb ».\n"
|
||||
|
||||
@ -3035,7 +3043,6 @@ msgid "Ooops, no keys\n"
|
||||
msgstr "Ooops, pas de clé\n"
|
||||
|
||||
#: g10/trustdb.c:2061
|
||||
#, fuzzy
|
||||
msgid "Ooops, no user IDs\n"
|
||||
msgstr "Ooops, pas de nom d'utilisateur\n"
|
||||
|
||||
@ -3098,32 +3105,32 @@ msgstr ""
|
||||
"ATTENTION : les enregistrements de préférences longs ne sont pas encore\n"
|
||||
"supportés\n"
|
||||
|
||||
#: g10/ringedit.c:316
|
||||
#: g10/ringedit.c:318
|
||||
#, c-format
|
||||
msgid "%s: can't create keyring: %s\n"
|
||||
msgstr "%s : ne peut créer le porte-clés : %s\n"
|
||||
|
||||
#: g10/ringedit.c:333 g10/ringedit.c:1351
|
||||
#: g10/ringedit.c:335 g10/ringedit.c:1353
|
||||
#, c-format
|
||||
msgid "%s: keyring created\n"
|
||||
msgstr "%s : porte-clés créé\n"
|
||||
|
||||
#: g10/ringedit.c:1528
|
||||
#: g10/ringedit.c:1530
|
||||
msgid "WARNING: 2 files with confidential information exists.\n"
|
||||
msgstr ""
|
||||
"ATTENTION : 2 fichiers avec des informations confidentielles existent.\n"
|
||||
|
||||
#: g10/ringedit.c:1529
|
||||
#: g10/ringedit.c:1531
|
||||
#, c-format
|
||||
msgid "%s is the unchanged one\n"
|
||||
msgstr "%s est le fichier original\n"
|
||||
|
||||
#: g10/ringedit.c:1530
|
||||
#: g10/ringedit.c:1532
|
||||
#, c-format
|
||||
msgid "%s is the new one\n"
|
||||
msgstr "%s est le nouveau\n"
|
||||
|
||||
#: g10/ringedit.c:1531
|
||||
#: g10/ringedit.c:1533
|
||||
msgid "Please fix this possible security flaw\n"
|
||||
msgstr "Réparez ce problème de sécurité possible\n"
|
||||
|
||||
@ -3208,25 +3215,56 @@ msgstr ""
|
||||
"ne peut éviter une clé faible pour le chiffrement symétrique :\n"
|
||||
"%d essais ont eu lieu !\n"
|
||||
|
||||
#: g10/delkey.c:93
|
||||
#, fuzzy
|
||||
msgid "there is a secret key for this public key!\n"
|
||||
msgstr "enlever la clé du porte-clés public"
|
||||
|
||||
#: g10/delkey.c:95
|
||||
msgid "use option \"--delete-secret-key\" to delete it first.\n"
|
||||
msgstr ""
|
||||
|
||||
#: g10/delkey.c:111
|
||||
#, fuzzy
|
||||
msgid "can't do that in batchmode without \"--yes\"\n"
|
||||
msgstr "impossible de faire cela en mode automatique\n"
|
||||
|
||||
#: g10/delkey.c:133
|
||||
#, fuzzy
|
||||
msgid "Delete this key from the keyring? "
|
||||
msgstr "enlever la clé du porte-clés public"
|
||||
|
||||
#: g10/delkey.c:141
|
||||
msgid "This is a secret key! - really delete? "
|
||||
msgstr ""
|
||||
|
||||
#: g10/helptext.c:47
|
||||
msgid ""
|
||||
"It's up to you to assign a value here; this value will never be exported\n"
|
||||
"to any 3rd party. We need it to implement the web-of-trust; it has nothing\n"
|
||||
"to do with the (implicitly created) web-of-certificates."
|
||||
msgstr ""
|
||||
"C'est à vous d'assigner une valeur ici ; cette valeur ne sera jamais\n"
|
||||
"envoyée à une tierce personne. Nous en avons besoin pour créer le réseau\n"
|
||||
"de confiance (web-of-trust) ; cela n'a rien à voir avec le réseau des\n"
|
||||
"certificats (créé implicitement)"
|
||||
|
||||
#: g10/helptext.c:53
|
||||
msgid "If you want to use this revoked key anyway, answer \"yes\"."
|
||||
msgstr ""
|
||||
"Si vous voulez utiliser cette clé révoquée quand-même, répondez « oui »."
|
||||
|
||||
#: g10/helptext.c:57
|
||||
msgid "If you want to use this untrusted key anyway, answer \"yes\"."
|
||||
msgstr ""
|
||||
"Si vous voulez utiliser cette clé peu sûre quand-même, répondez « oui »."
|
||||
|
||||
#: g10/helptext.c:61
|
||||
msgid ""
|
||||
"Enter the user ID of the addressee to whom you want to send the message."
|
||||
msgstr ""
|
||||
"Entrez le nom d'utilisateur de la personne à qui vous voulez envoyer\n"
|
||||
"le message."
|
||||
|
||||
#: g10/helptext.c:65
|
||||
msgid ""
|
||||
@ -3248,6 +3286,23 @@ msgid ""
|
||||
"this is the reason why the encryption only ElGamal key is not available in\n"
|
||||
"this menu."
|
||||
msgstr ""
|
||||
"Sélectionnez l'algorithme à utiliser.\n"
|
||||
"DSA (alias DSS) est l'algorithme de signatures électroniques qui ne peut\n"
|
||||
"être utilisé que pour les signatures. C'est l'algorithme recommandé car\n"
|
||||
"la vérification des signatures DSA est beaucoup plus rapide que celle des\n"
|
||||
"signatures ElGamal.\n"
|
||||
"\n"
|
||||
"ElGamal est un algorithme pouvant à la fois être utilisé pour les\n"
|
||||
"signatures et le chiffrement. OpenPGP en distingue deux sortes :\n"
|
||||
"l'une destinée uniquement au chiffrement et l'autre pouvant aussi bien\n"
|
||||
"servir aux signatures ; elles sont en fait identiques mais certains\n"
|
||||
"paramètres doivent être spécialement choisis pour que la clé génère des\n"
|
||||
"signatures sûres : ce programme est capable de le faire mais les autres\n"
|
||||
"implémentations de OpenPGP ne sont pas obligées d'accepter cette forme de\n"
|
||||
"clé.\n"
|
||||
"\n"
|
||||
"La première clé (clé principale) doit toujours être capable de signer ;\n"
|
||||
"c'est pourquoi la clé ElGamal de chiffrement seul est alors désactivée."
|
||||
|
||||
#: g10/helptext.c:85
|
||||
msgid ""
|
||||
@ -3255,16 +3310,18 @@ msgid ""
|
||||
"because they are not supported by all programs and signatures created\n"
|
||||
"with them are quite large and very slow to verify."
|
||||
msgstr ""
|
||||
"Bien que ces clés soient définies dans la RFC2440 elles ne sont pas\n"
|
||||
"conseillées car tous les programmes ne les supportent pas et les\n"
|
||||
"signatures créées avec elles sont plutôt longues et très lentes à vérifier."
|
||||
|
||||
#: g10/helptext.c:92
|
||||
#, fuzzy
|
||||
msgid "Enter the size of the key"
|
||||
msgstr "Entrez le nom d'utilisateur : "
|
||||
msgstr "Entrez la taille de la clé"
|
||||
|
||||
#: g10/helptext.c:96 g10/helptext.c:101 g10/helptext.c:113 g10/helptext.c:145
|
||||
#: g10/helptext.c:150 g10/helptext.c:155 g10/helptext.c:160
|
||||
msgid "Answer \"yes\" or \"no\""
|
||||
msgstr ""
|
||||
msgstr "Répondez « oui » ou « non »"
|
||||
|
||||
#: g10/helptext.c:106
|
||||
msgid ""
|
||||
@ -3273,19 +3330,22 @@ msgid ""
|
||||
"get a good error response - instead the system tries to interpret\n"
|
||||
"the given value as an interval."
|
||||
msgstr ""
|
||||
"Entrez la valeur demandée comme indiqué dans la ligne de commande.\n"
|
||||
"On peut entrer une date ISO (AAAA-MM-JJ) mais le résultat d'erreur sera\n"
|
||||
"mauvais - le système essaierait d'interpréter la valeur donnée comme un\n"
|
||||
"intervalle."
|
||||
|
||||
#: g10/helptext.c:118
|
||||
msgid "Enter the name of the key holder"
|
||||
msgstr ""
|
||||
msgstr "Entrez le nom du propriétaire de la clé"
|
||||
|
||||
#: g10/helptext.c:123
|
||||
msgid "please enter an optional but highly suggested email address"
|
||||
msgstr ""
|
||||
msgstr "entrez une adresse e-mail optionnelle mais hautement recommandée"
|
||||
|
||||
#: g10/helptext.c:127
|
||||
#, fuzzy
|
||||
msgid "Please enter an optional comment"
|
||||
msgstr "Entrez le nom d'un fichier de données : "
|
||||
msgstr "Entrez un commentaire optionnel"
|
||||
|
||||
#: g10/helptext.c:132
|
||||
msgid ""
|
||||
@ -3295,24 +3355,31 @@ msgid ""
|
||||
"O to continue with key generation.\n"
|
||||
"Q to to quit the key generation."
|
||||
msgstr ""
|
||||
"N pour changer le nom.\n"
|
||||
"C pour changer le commentaire.\n"
|
||||
"E pour changer l'adresse e-mail.\n"
|
||||
"O pour continuer à générer la clé.\n"
|
||||
"Q pour arrêter de générer de clé."
|
||||
|
||||
#: g10/helptext.c:141
|
||||
msgid "Answer \"yes\" (or just \"y\") if it is okay to generate the sub key."
|
||||
msgstr ""
|
||||
msgstr "Répondez « oui » (ou simplement « o ») pour générer la sous-clé"
|
||||
|
||||
#: g10/helptext.c:164
|
||||
msgid "Answer \"yes\" is you want to sign ALL the user IDs"
|
||||
msgstr ""
|
||||
msgstr "Répondez « oui » si vous voulez signer TOUS les noms d'utilisateurs"
|
||||
|
||||
#: g10/helptext.c:168
|
||||
msgid ""
|
||||
"Answer \"yes\" if you really want to delete this user ID.\n"
|
||||
"All certificates are then also lost!"
|
||||
msgstr ""
|
||||
"Répondez « oui » si vous voulez vraiment supprimer ce nom\n"
|
||||
"d'utilisateur. Tous les certificats seront alors perdus en même temps !"
|
||||
|
||||
#: g10/helptext.c:173
|
||||
msgid "Answer \"yes\" if it is okay to delete the subkey"
|
||||
msgstr ""
|
||||
msgstr "Répondez « oui » s'il faut vraiment supprimer la sous-clé"
|
||||
|
||||
#: g10/helptext.c:178
|
||||
msgid ""
|
||||
@ -3320,20 +3387,30 @@ msgid ""
|
||||
"to delete this signature because it may be important to establish a\n"
|
||||
"trust connection to the key or another key certified by this key."
|
||||
msgstr ""
|
||||
"C'est une signature valide dans la clé ; vous n'avez pas normalement\n"
|
||||
"intérêt à supprimer cette signature car elle peut être importante pour\n"
|
||||
"établir une connection de confiance vers la clé ou une autre clé certifiée\n"
|
||||
"par celle-là."
|
||||
|
||||
#: g10/helptext.c:183
|
||||
msgid ""
|
||||
"This signature can't be checked because you don't have the\n"
|
||||
"corresponding key. You should postpone its deletion until you\n"
|
||||
"know which key was used because this signing key might establisha trust "
|
||||
"connection through another already certified key."
|
||||
"know which key was used because this signing key might establish\n"
|
||||
"a trust connection through another already certified key."
|
||||
msgstr ""
|
||||
"Cette signature ne peut pas être vérifiée parce que vous n'avez pas la\n"
|
||||
"clé correspondante. Vous devriez remettre sa supression jusqu'à ce que\n"
|
||||
"vous soyez sûr de quelle clé a été utilisée car cette clé de signature\n"
|
||||
"peut établir une connection de confiance vers une autre clé déjà certifiée."
|
||||
|
||||
#: g10/helptext.c:189
|
||||
msgid ""
|
||||
"The signature is not valid. It does make sense to remove it from\n"
|
||||
"your keyring."
|
||||
msgstr ""
|
||||
"Cette signature n'est pas valide. Vous devriez la supprimer de votre\n"
|
||||
"porte-clés."
|
||||
|
||||
#: g10/helptext.c:193
|
||||
msgid ""
|
||||
@ -3343,30 +3420,40 @@ msgid ""
|
||||
"only if this self-signature is for some reason not valid and\n"
|
||||
"a second one is available."
|
||||
msgstr ""
|
||||
"Cette signature relie le nom d'utilisateur à la clé. Habituellement\n"
|
||||
"enlever une telle signature n'est pas une bonne idée. En fait GnuPG peut\n"
|
||||
"ne plus être capable d'utiliser cette clé. Donc faites ceci uniquement si\n"
|
||||
"cette auto-signature est invalide pour une certaine raison et si une autre\n"
|
||||
"est disponible."
|
||||
|
||||
#: g10/helptext.c:202
|
||||
msgid ""
|
||||
"Please enter the passhrase; this is a secret sentence \n"
|
||||
" Blurb, blurb,.... "
|
||||
msgstr ""
|
||||
"Entrez le mot de passe ; c'est une phrase secrète \n"
|
||||
" Blurb, blurb,.... "
|
||||
|
||||
#: g10/helptext.c:209
|
||||
msgid "Please repeat the last passphrase, so you are sure what you typed in."
|
||||
msgstr ""
|
||||
"Répétez le dernier mot de passe pour être sûr de ce que vous avez tapé."
|
||||
|
||||
#: g10/helptext.c:213
|
||||
msgid "Give the name fo the file to which the signature applies"
|
||||
msgstr ""
|
||||
msgstr "Donnez le nom du fichier auquel la signature se rapporte"
|
||||
|
||||
#: g10/helptext.c:218
|
||||
msgid "Answer \"yes\" if it is okay to overwrite the file"
|
||||
msgstr ""
|
||||
msgstr "Répondez « oui » s'il faut vraiment réécrire le fichier"
|
||||
|
||||
#: g10/helptext.c:223
|
||||
msgid ""
|
||||
"Please enter a new filename. If you just hit RETURN the default\n"
|
||||
"file (which is shown in brackets) will be used."
|
||||
msgstr ""
|
||||
"Entrez le nouveau nom de fichier. Si vous tapez simplement ENTRÉE lefichier "
|
||||
"par défaut (indiqué entre crochets) sera utilisé."
|
||||
|
||||
#: g10/helptext.c:237
|
||||
msgid "No help available"
|
||||
@ -3376,156 +3463,3 @@ msgstr "Pas d'aide disponible"
|
||||
#, c-format
|
||||
msgid "No help available for `%s'"
|
||||
msgstr "Pas d'aide disponible pour `%s'"
|
||||
|
||||
#~ msgid "edit_ownertrust.value"
|
||||
#~ msgstr ""
|
||||
#~ "C'est à vous d'assigner une valeur ici ; cette valeur ne sera jamais\n"
|
||||
#~ "envoyée à une tierce personne. Nous en avons besoin pour créer le réseau de\n"
|
||||
#~ "confiance (web-of-trust) ; cela n'a rien à voir avec le réseau des\n"
|
||||
#~ "certificats (créé implicitement)"
|
||||
|
||||
#~ msgid "revoked_key.override"
|
||||
#~ msgstr ""
|
||||
#~ "Si vous voulez utiliser cette clé révoquée quand-même, répondez « oui »."
|
||||
|
||||
#~ msgid "untrusted_key.override"
|
||||
#~ msgstr ""
|
||||
#~ "Si vous voulez utiliser cette clé peu sûre quand-même, répondez « oui »."
|
||||
|
||||
#~ msgid "pklist.user_id.enter"
|
||||
#~ msgstr ""
|
||||
#~ "Entrez l'adresse de la personne à qui vous voulez envoyer le message."
|
||||
|
||||
#~ msgid "keygen.algo"
|
||||
#~ msgstr ""
|
||||
#~ "Sélectionnez l'algorithme à utiliser.\n"
|
||||
#~ "DSA (alias DSS) est l'algorithme de signatures électroniques qui ne peut\n"
|
||||
#~ "être utilisé que pour les signatures. C'est l'algorithme recommandé car\n"
|
||||
#~ "la vérification des signatures DSA est beaucoup plus rapide que celle des\n"
|
||||
#~ "signatures ElGamal.\n"
|
||||
#~ "ElGamal est un algorithme pouvant à la fois être utilisé pour les\n"
|
||||
#~ "signatures et le chiffrement. OpenPGP en distingue deux sortes :\n"
|
||||
#~ "l'une destinée uniquement au chiffrement et l'autre pouvant aussi bien\n"
|
||||
#~ "servir aux signatures ; elles sont en fait identiques mais certains\n"
|
||||
#~ "paramètres doivent être spécialement choisis pour que la clé génère des\n"
|
||||
#~ "signatures sures : ce programme est capable de le faire mais les autres\n"
|
||||
#~ "implémentaions de OpenPGP ne sont pas obligées d'accepter cette forme de\n"
|
||||
#~ "clé.\n"
|
||||
#~ "La première clé (clé principale) doit toujours être capable de signer ;\n"
|
||||
#~ "c'est pourquoi la clé ElGamal de chiffrement seul est alors désactivée."
|
||||
|
||||
#~ msgid "keygen.algo.elg_se"
|
||||
#~ msgstr ""
|
||||
#~ "Bien que ces clés soient définies dans la RFC2440 elles ne sont pas\n"
|
||||
#~ "conseillées car tous les programmes ne les supportent pas et les signatures\n"
|
||||
#~ "créées avec elles sont plutôt longues et très lentes à vérifier."
|
||||
|
||||
#~ msgid "keygen.size"
|
||||
#~ msgstr "Entrez la taille de la clé"
|
||||
|
||||
#~ msgid "keygen.size.huge.okay"
|
||||
#~ msgstr "Répondez « oui » ou « non »"
|
||||
|
||||
#~ msgid "keygen.size.large.okay"
|
||||
#~ msgstr "Répondez « oui » ou « non »"
|
||||
|
||||
#~ msgid "keygen.valid"
|
||||
#~ msgstr ""
|
||||
#~ "Entrez la valeur demandée comme indiqué dans le prompteur.\n"
|
||||
#~ "On peut entrer une date ISO (AAAA-MM-JJ) mais le résultat d'erreur sera\n"
|
||||
#~ "mauvais - le système essaie d'interpréter la valeur donnée comme un\n"
|
||||
#~ "intervalle."
|
||||
|
||||
#~ msgid "keygen.valid.okay"
|
||||
#~ msgstr "Répondez « oui » ou « non »"
|
||||
|
||||
#~ msgid "keygen.name"
|
||||
#~ msgstr "Entrez le nom du propriétaire de la clé"
|
||||
|
||||
#~ msgid "keygen.email"
|
||||
#~ msgstr "Entrez une adresse e-mail optionnelle mais hautement recommandée"
|
||||
|
||||
#~ msgid "keygen.comment"
|
||||
#~ msgstr "Entrez un commentaire optionnel"
|
||||
|
||||
#~ msgid "keygen.userid.cmd"
|
||||
#~ msgstr ""
|
||||
#~ "N pour changer le nom.\n"
|
||||
#~ "C pour changer le commentaire.\n"
|
||||
#~ "E pour changer l'adresse e-mail.\n"
|
||||
#~ "O pour continuer à générer la clé.\n"
|
||||
#~ "Q pour arrêter de générer de clé."
|
||||
|
||||
#~ msgid "keygen.sub.okay"
|
||||
#~ msgstr "Répondez « oui » (ou simplement « o ») pour générer la sous-clé"
|
||||
|
||||
#~ msgid "sign_uid.okay"
|
||||
#~ msgstr "Répondez « oui » ou « non »"
|
||||
|
||||
#~ msgid "change_passwd.empty.okay"
|
||||
#~ msgstr "Répondez « oui » ou « non »"
|
||||
|
||||
#~ msgid "keyedit.save.okay"
|
||||
#~ msgstr "Répondez « oui » ou « non »"
|
||||
|
||||
#~ msgid "keyedit.cancel.okay"
|
||||
#~ msgstr "Répondez « oui » ou « non »"
|
||||
|
||||
#~ msgid "keyedit.sign_all.okay"
|
||||
#~ msgstr "Répondez « oui » si vous voulez signer TOUS les noms d'utilisateurs"
|
||||
|
||||
#~ msgid "keyedit.remove.uid.okay"
|
||||
#~ msgstr ""
|
||||
#~ "Répondez « oui » si vous voulez vraiment supprimer ce nom\n"
|
||||
#~ "d'utilisateur. Tous les certificats seront alors perdus en même temps !"
|
||||
|
||||
#~ msgid "keyedit.remove.subkey.okay"
|
||||
#~ msgstr "Entrez « oui » s'il faut vraiment supprimer la sous-clé"
|
||||
|
||||
#~ msgid "keyedit.delsig.valid"
|
||||
#~ msgstr ""
|
||||
#~ "C'est une signature valide dans la clé ; vous n'avez pas normalement\n"
|
||||
#~ "intérêt à supprimer cette signature car elle peut être importante pour\n"
|
||||
#~ "établir une connection de confiance vers la clé ou une autre clé certifiée\n"
|
||||
#~ "par celle-là."
|
||||
|
||||
#~ msgid "keyedit.delsig.unknown"
|
||||
#~ msgstr ""
|
||||
#~ "Cette signature ne peut pas être vérifiée parce que vous n'avez pas la\n"
|
||||
#~ "clé correspondante. Vous devriez remettre sa supression jusqu'à ce que\n"
|
||||
#~ "vous soyez sûr de quelle clé a été utilisée car cette clé de signature\n"
|
||||
#~ "peut établir une connection de confiance vers une autre clé déjà certifiée."
|
||||
|
||||
#~ msgid "keyedit.delsig.invalid"
|
||||
#~ msgstr ""
|
||||
#~ "Cette signature n'est pas valide. Vous devriez la supprimer de votre\n"
|
||||
#~ "porte-clés."
|
||||
|
||||
#~ msgid "keyedit.delsig.selfsig"
|
||||
#~ msgstr ""
|
||||
#~ "Cette signature relie le nom d'utilisateur à la clé. Habituellement\n"
|
||||
#~ "enlever une telle signature n'est pas une bonne idée. En fait GnuPG peut\n"
|
||||
#~ "ne plus être capable d'utiliser cette clé. Donc faites ceci uniquement si\n"
|
||||
#~ "cette auto-signature est invalide pour une certaine raison et si une autre\n"
|
||||
#~ "est disponible."
|
||||
|
||||
#~ msgid "passphrase.enter"
|
||||
#~ msgstr ""
|
||||
#~ "Entrez le mot de passe ; c'est une phrase secrète \n"
|
||||
#~ " Blurb, blurb,.... "
|
||||
|
||||
#~ msgid "passphrase.repeat"
|
||||
#~ msgstr ""
|
||||
#~ "Répétez le dernier mot de passe pour être sûr de ce que vous avez tapé."
|
||||
|
||||
#~ msgid "detached_signature.filename"
|
||||
#~ msgstr "Donnez le nom du fichier auquel la signature se rapporte"
|
||||
|
||||
#~ msgid "openfile.overwrite.okay"
|
||||
#~ msgstr "Entrez « oui » s'il faut vraiment réécrire le fichier"
|
||||
|
||||
#~ msgid "openfile.askoutname"
|
||||
#~ msgstr ""
|
||||
#~ "Entrez le nouveau nom de fichier. Si vous tapez simplement ENTRÉE le "
|
||||
#~ "fichier\n"
|
||||
#~ "par défaut (indiqué entre crochets) sera utilisé."
|
||||
|
132
po/it.po
132
po/it.po
@ -5,7 +5,7 @@
|
||||
msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: gnupg-0.9.7\n"
|
||||
"POT-Creation-Date: 1999-09-03 08:52+0200\n"
|
||||
"POT-Creation-Date: 1999-09-05 19:21+0200\n"
|
||||
"PO-Revision-Date: 1999-08-17 23:04+02:00\n"
|
||||
"Last-Translator: Marco d'Itri <md@linux.it>\n"
|
||||
"Language-Team: Italian <it@li.org>\n"
|
||||
@ -1492,8 +1492,8 @@ msgstr ""
|
||||
msgid "Really create? "
|
||||
msgstr "Crea davvero? "
|
||||
|
||||
#: g10/encode.c:91 g10/openfile.c:156 g10/openfile.c:246 g10/tdbio.c:467
|
||||
#: g10/tdbio.c:528
|
||||
#: g10/encode.c:91 g10/openfile.c:156 g10/openfile.c:246 g10/tdbio.c:468
|
||||
#: g10/tdbio.c:529
|
||||
#, c-format
|
||||
msgid "%s: can't open: %s\n"
|
||||
msgstr "%s: impossibile aprire: %s\n"
|
||||
@ -1839,7 +1839,7 @@ msgstr "chiave %08lX: certificato di revoca aggiunto\n"
|
||||
msgid "key %08lX: our copy has no self-signature\n"
|
||||
msgstr "chiave %08lX: la nostra copia non ha autofirma\n"
|
||||
|
||||
#: g10/keyedit.c:93
|
||||
#: g10/delkey.c:64 g10/keyedit.c:93
|
||||
#, c-format
|
||||
msgid "%s: user not found\n"
|
||||
msgstr "%s: utente non trovato\n"
|
||||
@ -2179,7 +2179,7 @@ msgstr "abilita"
|
||||
msgid "enable a key"
|
||||
msgstr "abilita una chiave"
|
||||
|
||||
#: g10/keyedit.c:614
|
||||
#: g10/delkey.c:107 g10/keyedit.c:614
|
||||
msgid "can't do that in batchmode\n"
|
||||
msgstr "impossibile fare questo in modo batch\n"
|
||||
|
||||
@ -2364,6 +2364,33 @@ msgstr ""
|
||||
msgid "Create a revocation certificate for this signature? (y/N)"
|
||||
msgstr "Creare un certificato di revoca per questa firma? (s/N)"
|
||||
|
||||
#. FIXME: detect duplicates here
|
||||
#: g10/keyedit.c:1740
|
||||
#, fuzzy
|
||||
msgid "You have signed these user IDs:\n"
|
||||
msgstr "Non puoi cancellare l'ultimo user id!\n"
|
||||
|
||||
#: g10/keyedit.c:1754 g10/keyedit.c:1789
|
||||
#, fuzzy, c-format
|
||||
msgid " signed by %08lX at %s\n"
|
||||
msgstr ""
|
||||
"\"\n"
|
||||
"firmata con la tua chiave %08lX a %s\n"
|
||||
"\n"
|
||||
|
||||
#: g10/keyedit.c:1759
|
||||
#, fuzzy, c-format
|
||||
msgid " revoked by %08lX at %s\n"
|
||||
msgstr ""
|
||||
"\"\n"
|
||||
"firmata con la tua chiave %08lX a %s\n"
|
||||
"\n"
|
||||
|
||||
#: g10/keyedit.c:1779
|
||||
#, fuzzy
|
||||
msgid "You are about to revoke these signatures:\n"
|
||||
msgstr "Vuoi davvero revocare le chiavi selezionate? "
|
||||
|
||||
#: g10/keyedit.c:1797
|
||||
msgid "Really create the revocation certificates? (y/N)"
|
||||
msgstr "Creare davvero i certificati di revoca? (s/N)"
|
||||
@ -2648,137 +2675,137 @@ msgstr "impossibile gestire linee di testo pi
|
||||
msgid "input line longer than %d characters\n"
|
||||
msgstr "linea di input più lunga di %d caratteri\n"
|
||||
|
||||
#: g10/tdbio.c:116 g10/tdbio.c:1634
|
||||
#: g10/tdbio.c:121 g10/tdbio.c:1635
|
||||
#, c-format
|
||||
msgid "trustdb rec %lu: lseek failed: %s\n"
|
||||
msgstr "trustdb rec %lu: lseek fallita: %s\n"
|
||||
|
||||
#: g10/tdbio.c:122 g10/tdbio.c:1641
|
||||
#: g10/tdbio.c:127 g10/tdbio.c:1642
|
||||
#, c-format
|
||||
msgid "trustdb rec %lu: write failed (n=%d): %s\n"
|
||||
msgstr "trustdb rec %lu: scrittura fallita (n=%d): %s\n"
|
||||
|
||||
#: g10/tdbio.c:232
|
||||
#: g10/tdbio.c:237
|
||||
msgid "trustdb transaction too large\n"
|
||||
msgstr "transazione del trustdb troppo grande\n"
|
||||
|
||||
#: g10/tdbio.c:424
|
||||
#: g10/tdbio.c:429
|
||||
#, c-format
|
||||
msgid "%s: can't access: %s\n"
|
||||
msgstr "%s: impossibile acedere a: %s\n"
|
||||
|
||||
#: g10/ringedit.c:296 g10/tdbio.c:444
|
||||
#: g10/ringedit.c:298 g10/tdbio.c:445
|
||||
#, c-format
|
||||
msgid "%s: can't create directory: %s\n"
|
||||
msgstr "%s: impossibile creare la directory: %s\n"
|
||||
|
||||
#: g10/ringedit.c:302 g10/tdbio.c:447
|
||||
#: g10/ringedit.c:304 g10/tdbio.c:448
|
||||
#, c-format
|
||||
msgid "%s: directory created\n"
|
||||
msgstr "%s: directory creata\n"
|
||||
|
||||
#: g10/tdbio.c:451
|
||||
#: g10/tdbio.c:452
|
||||
#, c-format
|
||||
msgid "%s: directory does not exist!\n"
|
||||
msgstr "%s: la directory non esiste!\n"
|
||||
|
||||
#: g10/openfile.c:182 g10/openfile.c:253 g10/ringedit.c:1346 g10/tdbio.c:457
|
||||
#: g10/openfile.c:182 g10/openfile.c:253 g10/ringedit.c:1348 g10/tdbio.c:458
|
||||
#, c-format
|
||||
msgid "%s: can't create: %s\n"
|
||||
msgstr "%s: impossibile creare: %s\n"
|
||||
|
||||
#: g10/tdbio.c:472 g10/tdbio.c:521
|
||||
#: g10/tdbio.c:473 g10/tdbio.c:522
|
||||
#, c-format
|
||||
msgid "%s: can't create lock\n"
|
||||
msgstr "%s: impossibile creare il lock\n"
|
||||
|
||||
#: g10/tdbio.c:486
|
||||
#: g10/tdbio.c:487
|
||||
#, c-format
|
||||
msgid "%s: failed to create version record: %s"
|
||||
msgstr "%s: creazione del record della versione fallita: %s"
|
||||
|
||||
#: g10/tdbio.c:490
|
||||
#: g10/tdbio.c:491
|
||||
#, c-format
|
||||
msgid "%s: invalid trustdb created\n"
|
||||
msgstr "%s: è stato creato un trustdb non valido\n"
|
||||
|
||||
#: g10/tdbio.c:493
|
||||
#: g10/tdbio.c:494
|
||||
#, c-format
|
||||
msgid "%s: trustdb created\n"
|
||||
msgstr "%s: creato il trustdb\n"
|
||||
|
||||
#: g10/tdbio.c:530
|
||||
#: g10/tdbio.c:531
|
||||
#, c-format
|
||||
msgid "%s: invalid trustdb\n"
|
||||
msgstr "%s: trustdb non valido\n"
|
||||
|
||||
#: g10/tdbio.c:563
|
||||
#: g10/tdbio.c:564
|
||||
#, c-format
|
||||
msgid "%s: failed to create hashtable: %s\n"
|
||||
msgstr "%s: creazione della tabella hash fallita: %s\n"
|
||||
|
||||
#: g10/tdbio.c:571
|
||||
#: g10/tdbio.c:572
|
||||
#, c-format
|
||||
msgid "%s: error updating version record: %s\n"
|
||||
msgstr "%s: errore durante l'aggiornamento del record di versione: %s\n"
|
||||
|
||||
#: g10/tdbio.c:587 g10/tdbio.c:626 g10/tdbio.c:648 g10/tdbio.c:678
|
||||
#: g10/tdbio.c:703 g10/tdbio.c:1567 g10/tdbio.c:1594
|
||||
#: g10/tdbio.c:588 g10/tdbio.c:627 g10/tdbio.c:649 g10/tdbio.c:679
|
||||
#: g10/tdbio.c:704 g10/tdbio.c:1568 g10/tdbio.c:1595
|
||||
#, c-format
|
||||
msgid "%s: error reading version record: %s\n"
|
||||
msgstr "%s: errore durante la lettura del record di versione: %s\n"
|
||||
|
||||
#: g10/tdbio.c:600 g10/tdbio.c:659
|
||||
#: g10/tdbio.c:601 g10/tdbio.c:660
|
||||
#, c-format
|
||||
msgid "%s: error writing version record: %s\n"
|
||||
msgstr "%s: errore durante la scrittura del record di versione: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1246
|
||||
#: g10/tdbio.c:1247
|
||||
#, c-format
|
||||
msgid "trustdb: lseek failed: %s\n"
|
||||
msgstr "trustdb: lseek fallita: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1254
|
||||
#: g10/tdbio.c:1255
|
||||
#, c-format
|
||||
msgid "trustdb: read failed (n=%d): %s\n"
|
||||
msgstr "trustdb: read fallita (n=%d): %s\n"
|
||||
|
||||
#: g10/tdbio.c:1275
|
||||
#: g10/tdbio.c:1276
|
||||
#, c-format
|
||||
msgid "%s: not a trustdb file\n"
|
||||
msgstr "%s: non è un file di trustdb\n"
|
||||
|
||||
#: g10/tdbio.c:1291
|
||||
#: g10/tdbio.c:1292
|
||||
#, c-format
|
||||
msgid "%s: version record with recnum %lu\n"
|
||||
msgstr "%s: record di versione con recnum %lu\n"
|
||||
|
||||
#: g10/tdbio.c:1296
|
||||
#: g10/tdbio.c:1297
|
||||
#, c-format
|
||||
msgid "%s: invalid file version %d\n"
|
||||
msgstr "%s: versione %d del file non valida\n"
|
||||
|
||||
#: g10/tdbio.c:1600
|
||||
#: g10/tdbio.c:1601
|
||||
#, c-format
|
||||
msgid "%s: error reading free record: %s\n"
|
||||
msgstr "%s: errore durante la lettura del record libero: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1608
|
||||
#: g10/tdbio.c:1609
|
||||
#, c-format
|
||||
msgid "%s: error writing dir record: %s\n"
|
||||
msgstr "%s: errore durante la scrittura del dir record: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1618
|
||||
#: g10/tdbio.c:1619
|
||||
#, c-format
|
||||
msgid "%s: failed to zero a record: %s\n"
|
||||
msgstr "%s: azzeramento di un record fallito: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1648
|
||||
#: g10/tdbio.c:1649
|
||||
#, c-format
|
||||
msgid "%s: failed to append a record: %s\n"
|
||||
msgstr "%s: accodatura a un record fallita: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1759
|
||||
#: g10/tdbio.c:1760
|
||||
msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
|
||||
msgstr "Il trustdb è danneggiato; eseguire \"gpg --fix-trust-db\".\n"
|
||||
|
||||
@ -3065,31 +3092,31 @@ msgstr "impossibile mettere `%s' nel trustdb: %s\n"
|
||||
msgid "WARNING: can't yet handle long pref records\n"
|
||||
msgstr "ATTENZIONE: non è ancora possibile gestire record pref lunghi\n"
|
||||
|
||||
#: g10/ringedit.c:316
|
||||
#: g10/ringedit.c:318
|
||||
#, c-format
|
||||
msgid "%s: can't create keyring: %s\n"
|
||||
msgstr "%s: impossibile creare il portachiavi: %s\n"
|
||||
|
||||
#: g10/ringedit.c:333 g10/ringedit.c:1351
|
||||
#: g10/ringedit.c:335 g10/ringedit.c:1353
|
||||
#, c-format
|
||||
msgid "%s: keyring created\n"
|
||||
msgstr "%s: portachiavi creato\n"
|
||||
|
||||
#: g10/ringedit.c:1528
|
||||
#: g10/ringedit.c:1530
|
||||
msgid "WARNING: 2 files with confidential information exists.\n"
|
||||
msgstr "ATTENZIONE: esistono due file con informazioni confidenziali.\n"
|
||||
|
||||
#: g10/ringedit.c:1529
|
||||
#: g10/ringedit.c:1531
|
||||
#, c-format
|
||||
msgid "%s is the unchanged one\n"
|
||||
msgstr "%s è quello non modificato\n"
|
||||
|
||||
#: g10/ringedit.c:1530
|
||||
#: g10/ringedit.c:1532
|
||||
#, c-format
|
||||
msgid "%s is the new one\n"
|
||||
msgstr "%s è quello nuovo\n"
|
||||
|
||||
#: g10/ringedit.c:1531
|
||||
#: g10/ringedit.c:1533
|
||||
msgid "Please fix this possible security flaw\n"
|
||||
msgstr "Per favore risolvete questo possibile problema di sicurezza\n"
|
||||
|
||||
@ -3174,6 +3201,29 @@ msgstr ""
|
||||
"Impossibile evitare una chiave debole per il cifrario simmetrico;\n"
|
||||
"ho provato %d volte!\n"
|
||||
|
||||
#: g10/delkey.c:93
|
||||
#, fuzzy
|
||||
msgid "there is a secret key for this public key!\n"
|
||||
msgstr "rimuove una chiave dal portachiavi pubblico"
|
||||
|
||||
#: g10/delkey.c:95
|
||||
msgid "use option \"--delete-secret-key\" to delete it first.\n"
|
||||
msgstr ""
|
||||
|
||||
#: g10/delkey.c:111
|
||||
#, fuzzy
|
||||
msgid "can't do that in batchmode without \"--yes\"\n"
|
||||
msgstr "impossibile fare questo in modo batch\n"
|
||||
|
||||
#: g10/delkey.c:133
|
||||
#, fuzzy
|
||||
msgid "Delete this key from the keyring? "
|
||||
msgstr "rimuove una chiave dal portachiavi pubblico"
|
||||
|
||||
#: g10/delkey.c:141
|
||||
msgid "This is a secret key! - really delete? "
|
||||
msgstr ""
|
||||
|
||||
#: g10/helptext.c:47
|
||||
msgid ""
|
||||
"It's up to you to assign a value here; this value will never be exported\n"
|
||||
@ -3291,8 +3341,8 @@ msgstr ""
|
||||
msgid ""
|
||||
"This signature can't be checked because you don't have the\n"
|
||||
"corresponding key. You should postpone its deletion until you\n"
|
||||
"know which key was used because this signing key might establisha trust "
|
||||
"connection through another already certified key."
|
||||
"know which key was used because this signing key might establish\n"
|
||||
"a trust connection through another already certified key."
|
||||
msgstr ""
|
||||
|
||||
#: g10/helptext.c:189
|
||||
|
130
po/pl.po
130
po/pl.po
@ -6,7 +6,7 @@
|
||||
msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: gnupg-0.9.7\n"
|
||||
"POT-Creation-Date: 1999-09-03 08:52+0200\n"
|
||||
"POT-Creation-Date: 1999-09-05 19:21+0200\n"
|
||||
"PO-Revision-Date: 1999-05-30 19:08+02:00\n"
|
||||
"Last-Translator: Janusz A. Urbanowicz <alex@bofh.net.pl>\n"
|
||||
"Language-Team: Polish <pl@li.org>\n"
|
||||
@ -1521,8 +1521,8 @@ msgstr ""
|
||||
msgid "Really create? "
|
||||
msgstr "Na pewno generowaæ? "
|
||||
|
||||
#: g10/encode.c:91 g10/openfile.c:156 g10/openfile.c:246 g10/tdbio.c:467
|
||||
#: g10/tdbio.c:528
|
||||
#: g10/encode.c:91 g10/openfile.c:156 g10/openfile.c:246 g10/tdbio.c:468
|
||||
#: g10/tdbio.c:529
|
||||
#, c-format
|
||||
msgid "%s: can't open: %s\n"
|
||||
msgstr "%s: nie mogê otworzyæ: %s\n"
|
||||
@ -1873,7 +1873,7 @@ msgstr "klucz %08lX: dodany certyfikat uniewa
|
||||
msgid "key %08lX: our copy has no self-signature\n"
|
||||
msgstr "klucz %08lX: dostêpna kopia nie jest podpisana ni± sam±\n"
|
||||
|
||||
#: g10/keyedit.c:93
|
||||
#: g10/delkey.c:64 g10/keyedit.c:93
|
||||
#, c-format
|
||||
msgid "%s: user not found\n"
|
||||
msgstr "%s: nie znaleziono u¿ytkownika\n"
|
||||
@ -2218,7 +2218,7 @@ msgstr ""
|
||||
msgid "enable a key"
|
||||
msgstr "klucz niepoprawny"
|
||||
|
||||
#: g10/keyedit.c:614
|
||||
#: g10/delkey.c:107 g10/keyedit.c:614
|
||||
msgid "can't do that in batchmode\n"
|
||||
msgstr "nie dzia³a w trybie wsadowym\n"
|
||||
|
||||
@ -2409,6 +2409,31 @@ msgstr ""
|
||||
msgid "Create a revocation certificate for this signature? (y/N)"
|
||||
msgstr "Stworzyæ certyfikat uniewa¿nienia tego podpisu? (t/N)"
|
||||
|
||||
#. FIXME: detect duplicates here
|
||||
#: g10/keyedit.c:1740
|
||||
#, fuzzy
|
||||
msgid "You have signed these user IDs:\n"
|
||||
msgstr "Nie mo¿esz usun±æ ostatniego identyfikatora u¿ytkownika!\n"
|
||||
|
||||
#: g10/keyedit.c:1754 g10/keyedit.c:1789
|
||||
#, fuzzy, c-format
|
||||
msgid " signed by %08lX at %s\n"
|
||||
msgstr ""
|
||||
"\"\n"
|
||||
"podpisano Twoim kluczem %08lX w %s\n"
|
||||
|
||||
#: g10/keyedit.c:1759
|
||||
#, fuzzy, c-format
|
||||
msgid " revoked by %08lX at %s\n"
|
||||
msgstr ""
|
||||
"\"\n"
|
||||
"podpisano Twoim kluczem %08lX w %s\n"
|
||||
|
||||
#: g10/keyedit.c:1779
|
||||
#, fuzzy
|
||||
msgid "You are about to revoke these signatures:\n"
|
||||
msgstr "Czy na pewno chcesz uniewa¿niæ wybrane klucze? "
|
||||
|
||||
#: g10/keyedit.c:1797
|
||||
msgid "Really create the revocation certificates? (y/N)"
|
||||
msgstr "Na pewno utworzyæ certyfikaty uniewa¿nienia ? (t/N)"
|
||||
@ -2703,137 +2728,137 @@ msgstr "nie mog
|
||||
msgid "input line longer than %d characters\n"
|
||||
msgstr "linia d³u¿sza ni¿ %d znaków\n"
|
||||
|
||||
#: g10/tdbio.c:116 g10/tdbio.c:1634
|
||||
#: g10/tdbio.c:121 g10/tdbio.c:1635
|
||||
#, c-format
|
||||
msgid "trustdb rec %lu: lseek failed: %s\n"
|
||||
msgstr "baza zaufania, wpis %lu: lseek() nie powiod³a siê: %s\n"
|
||||
|
||||
#: g10/tdbio.c:122 g10/tdbio.c:1641
|
||||
#: g10/tdbio.c:127 g10/tdbio.c:1642
|
||||
#, c-format
|
||||
msgid "trustdb rec %lu: write failed (n=%d): %s\n"
|
||||
msgstr "baza zaufania, wpis %lu: zapis nie powiód³ siê (n=%d): %s\n"
|
||||
|
||||
#: g10/tdbio.c:232
|
||||
#: g10/tdbio.c:237
|
||||
msgid "trustdb transaction too large\n"
|
||||
msgstr "zbyt du¿e zlecenie dla bazy zaufania\n"
|
||||
|
||||
#: g10/tdbio.c:424
|
||||
#: g10/tdbio.c:429
|
||||
#, c-format
|
||||
msgid "%s: can't access: %s\n"
|
||||
msgstr "%s: dostêp niemo¿liwy: %s\n"
|
||||
|
||||
#: g10/ringedit.c:296 g10/tdbio.c:444
|
||||
#: g10/ringedit.c:298 g10/tdbio.c:445
|
||||
#, c-format
|
||||
msgid "%s: can't create directory: %s\n"
|
||||
msgstr "%s: nie mogê utworzyæ katalogu: %s\n"
|
||||
|
||||
#: g10/ringedit.c:302 g10/tdbio.c:447
|
||||
#: g10/ringedit.c:304 g10/tdbio.c:448
|
||||
#, c-format
|
||||
msgid "%s: directory created\n"
|
||||
msgstr "%s: katalog utworzony\n"
|
||||
|
||||
#: g10/tdbio.c:451
|
||||
#: g10/tdbio.c:452
|
||||
#, c-format
|
||||
msgid "%s: directory does not exist!\n"
|
||||
msgstr "%s: katalog nie istnieje!\n"
|
||||
|
||||
#: g10/openfile.c:182 g10/openfile.c:253 g10/ringedit.c:1346 g10/tdbio.c:457
|
||||
#: g10/openfile.c:182 g10/openfile.c:253 g10/ringedit.c:1348 g10/tdbio.c:458
|
||||
#, c-format
|
||||
msgid "%s: can't create: %s\n"
|
||||
msgstr "%s: nie mogê utworzyæ: %s\n"
|
||||
|
||||
#: g10/tdbio.c:472 g10/tdbio.c:521
|
||||
#: g10/tdbio.c:473 g10/tdbio.c:522
|
||||
#, c-format
|
||||
msgid "%s: can't create lock\n"
|
||||
msgstr "%s: nie mogê utworzyæ blokady\n"
|
||||
|
||||
#: g10/tdbio.c:486
|
||||
#: g10/tdbio.c:487
|
||||
#, c-format
|
||||
msgid "%s: failed to create version record: %s"
|
||||
msgstr "%s: stworzenie zapisu o wersji nie powiod³o siê: %s"
|
||||
|
||||
#: g10/tdbio.c:490
|
||||
#: g10/tdbio.c:491
|
||||
#, c-format
|
||||
msgid "%s: invalid trustdb created\n"
|
||||
msgstr "%s: stworzony niepoprawny plik bazy zaufania\n"
|
||||
|
||||
#: g10/tdbio.c:493
|
||||
#: g10/tdbio.c:494
|
||||
#, c-format
|
||||
msgid "%s: trustdb created\n"
|
||||
msgstr "%s: baza zaufania utworzona\n"
|
||||
|
||||
#: g10/tdbio.c:530
|
||||
#: g10/tdbio.c:531
|
||||
#, c-format
|
||||
msgid "%s: invalid trustdb\n"
|
||||
msgstr "%s: niepoprawny plik bazy zaufania\n"
|
||||
|
||||
#: g10/tdbio.c:563
|
||||
#: g10/tdbio.c:564
|
||||
#, c-format
|
||||
msgid "%s: failed to create hashtable: %s\n"
|
||||
msgstr "%s: tworzenie tablicy skrótów nie powiod³o siê: %s\n"
|
||||
|
||||
#: g10/tdbio.c:571
|
||||
#: g10/tdbio.c:572
|
||||
#, c-format
|
||||
msgid "%s: error updating version record: %s\n"
|
||||
msgstr "%s: b³±d przy uaktualnianiu numeru wersji: %s\n"
|
||||
|
||||
#: g10/tdbio.c:587 g10/tdbio.c:626 g10/tdbio.c:648 g10/tdbio.c:678
|
||||
#: g10/tdbio.c:703 g10/tdbio.c:1567 g10/tdbio.c:1594
|
||||
#: g10/tdbio.c:588 g10/tdbio.c:627 g10/tdbio.c:649 g10/tdbio.c:679
|
||||
#: g10/tdbio.c:704 g10/tdbio.c:1568 g10/tdbio.c:1595
|
||||
#, c-format
|
||||
msgid "%s: error reading version record: %s\n"
|
||||
msgstr "%s: b³±d odczytu numeru wersji: %s\n"
|
||||
|
||||
#: g10/tdbio.c:600 g10/tdbio.c:659
|
||||
#: g10/tdbio.c:601 g10/tdbio.c:660
|
||||
#, c-format
|
||||
msgid "%s: error writing version record: %s\n"
|
||||
msgstr "%s: b³±d zapisu numeru wersji: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1246
|
||||
#: g10/tdbio.c:1247
|
||||
#, c-format
|
||||
msgid "trustdb: lseek failed: %s\n"
|
||||
msgstr "baza zaufania: procedura lseek() zawiod³a: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1254
|
||||
#: g10/tdbio.c:1255
|
||||
#, c-format
|
||||
msgid "trustdb: read failed (n=%d): %s\n"
|
||||
msgstr "baza zaufania: procedura read() (n=%d) zawiod³a: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1275
|
||||
#: g10/tdbio.c:1276
|
||||
#, c-format
|
||||
msgid "%s: not a trustdb file\n"
|
||||
msgstr "%s: to nie jest plik bazy zaufania\n"
|
||||
|
||||
#: g10/tdbio.c:1291
|
||||
#: g10/tdbio.c:1292
|
||||
#, c-format
|
||||
msgid "%s: version record with recnum %lu\n"
|
||||
msgstr "%s: wpis wersji z numerem %lu\n"
|
||||
|
||||
#: g10/tdbio.c:1296
|
||||
#: g10/tdbio.c:1297
|
||||
#, c-format
|
||||
msgid "%s: invalid file version %d\n"
|
||||
msgstr "%s: niew³a¶ciwa wersja pliku %d\n"
|
||||
|
||||
#: g10/tdbio.c:1600
|
||||
#: g10/tdbio.c:1601
|
||||
#, c-format
|
||||
msgid "%s: error reading free record: %s\n"
|
||||
msgstr "%s: b³±d odczytu pustego wpisu: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1608
|
||||
#: g10/tdbio.c:1609
|
||||
#, c-format
|
||||
msgid "%s: error writing dir record: %s\n"
|
||||
msgstr "%s: b³±d zapisu wpisu katalogowego: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1618
|
||||
#: g10/tdbio.c:1619
|
||||
#, c-format
|
||||
msgid "%s: failed to zero a record: %s\n"
|
||||
msgstr "%s: zerowanie rekordu nie powiod³o siê: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1648
|
||||
#: g10/tdbio.c:1649
|
||||
#, c-format
|
||||
msgid "%s: failed to append a record: %s\n"
|
||||
msgstr "%s: dopisanie rekordu nie powiod³o siê: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1759
|
||||
#: g10/tdbio.c:1760
|
||||
#, fuzzy
|
||||
msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
|
||||
msgstr ""
|
||||
@ -3123,31 +3148,31 @@ msgstr "umieszczenie '%s' w Bazie Zaufania nie powiod
|
||||
msgid "WARNING: can't yet handle long pref records\n"
|
||||
msgstr "OSTRZE¯ENIE: d³ugie wpisy ustawieñ jeszcze nie s± obs³ugiwane.\n"
|
||||
|
||||
#: g10/ringedit.c:316
|
||||
#: g10/ringedit.c:318
|
||||
#, c-format
|
||||
msgid "%s: can't create keyring: %s\n"
|
||||
msgstr "%s: stworzenie zbioru kluczy jest niemo¿liwe: %s\n"
|
||||
|
||||
#: g10/ringedit.c:333 g10/ringedit.c:1351
|
||||
#: g10/ringedit.c:335 g10/ringedit.c:1353
|
||||
#, c-format
|
||||
msgid "%s: keyring created\n"
|
||||
msgstr "%s: zbiór kluczy utworzony\n"
|
||||
|
||||
#: g10/ringedit.c:1528
|
||||
#: g10/ringedit.c:1530
|
||||
msgid "WARNING: 2 files with confidential information exists.\n"
|
||||
msgstr "OSTRZE¯ENIE: Istniej± dwa pliki z poufnymi informacjami.\n"
|
||||
|
||||
#: g10/ringedit.c:1529
|
||||
#: g10/ringedit.c:1531
|
||||
#, c-format
|
||||
msgid "%s is the unchanged one\n"
|
||||
msgstr "%s pozosta³ bez zmian\n"
|
||||
|
||||
#: g10/ringedit.c:1530
|
||||
#: g10/ringedit.c:1532
|
||||
#, c-format
|
||||
msgid "%s is the new one\n"
|
||||
msgstr "%s zosta³ utworzony\n"
|
||||
|
||||
#: g10/ringedit.c:1531
|
||||
#: g10/ringedit.c:1533
|
||||
msgid "Please fix this possible security flaw\n"
|
||||
msgstr "Proszê usun±æ to naruszenie zasad bezpieczeñstwa\n"
|
||||
|
||||
@ -3232,6 +3257,29 @@ msgstr ""
|
||||
"brak mo¿liwo¶ci generacji dobrego klucza dla szyfru symetrycznego;\n"
|
||||
"operacja by³a powtarzana %d razy!\n"
|
||||
|
||||
#: g10/delkey.c:93
|
||||
#, fuzzy
|
||||
msgid "there is a secret key for this public key!\n"
|
||||
msgstr "usuniêcie klucza ze zbioru kluczy publicznych"
|
||||
|
||||
#: g10/delkey.c:95
|
||||
msgid "use option \"--delete-secret-key\" to delete it first.\n"
|
||||
msgstr ""
|
||||
|
||||
#: g10/delkey.c:111
|
||||
#, fuzzy
|
||||
msgid "can't do that in batchmode without \"--yes\"\n"
|
||||
msgstr "nie dzia³a w trybie wsadowym\n"
|
||||
|
||||
#: g10/delkey.c:133
|
||||
#, fuzzy
|
||||
msgid "Delete this key from the keyring? "
|
||||
msgstr "usuniêcie klucza ze zbioru kluczy publicznych"
|
||||
|
||||
#: g10/delkey.c:141
|
||||
msgid "This is a secret key! - really delete? "
|
||||
msgstr ""
|
||||
|
||||
#: g10/helptext.c:47
|
||||
msgid ""
|
||||
"It's up to you to assign a value here; this value will never be exported\n"
|
||||
@ -3349,8 +3397,8 @@ msgstr ""
|
||||
msgid ""
|
||||
"This signature can't be checked because you don't have the\n"
|
||||
"corresponding key. You should postpone its deletion until you\n"
|
||||
"know which key was used because this signing key might establisha trust "
|
||||
"connection through another already certified key."
|
||||
"know which key was used because this signing key might establish\n"
|
||||
"a trust connection through another already certified key."
|
||||
msgstr ""
|
||||
|
||||
#: g10/helptext.c:189
|
||||
|
389
po/pt_BR.po
389
po/pt_BR.po
File diff suppressed because it is too large
Load Diff
145
po/ru.po
145
po/ru.po
@ -9,7 +9,7 @@
|
||||
# QingLong <qinglong@Bolizm> (couldn't send an email to let you know)
|
||||
msgid ""
|
||||
msgstr ""
|
||||
"POT-Creation-Date: 1999-09-03 08:52+0200\n"
|
||||
"POT-Creation-Date: 1999-09-05 19:21+0200\n"
|
||||
"Content-Type: text/plain; charset=\n"
|
||||
"Date: 1998-01-26 22:08:36+0100\n"
|
||||
"From: Gregory Steuck <steuck@iname.com>\n"
|
||||
@ -1578,8 +1578,8 @@ msgstr ""
|
||||
msgid "Really create? "
|
||||
msgstr "äÅÊÓÔ×ÉÔÅÌØÎÏ ÓÏÚÄÁÔØ? "
|
||||
|
||||
#: g10/encode.c:91 g10/openfile.c:156 g10/openfile.c:246 g10/tdbio.c:467
|
||||
#: g10/tdbio.c:528
|
||||
#: g10/encode.c:91 g10/openfile.c:156 g10/openfile.c:246 g10/tdbio.c:468
|
||||
#: g10/tdbio.c:529
|
||||
#, c-format
|
||||
msgid "%s: can't open: %s\n"
|
||||
msgstr "%s: ÎÅ×ÏÚÍÏÖÎÏ ÏÔËÒÙÔØ: %s\n"
|
||||
@ -1926,7 +1926,7 @@ msgstr "
|
||||
msgid "key %08lX: our copy has no self-signature\n"
|
||||
msgstr "ËÌÀÞ %08lX: ÎÁÛÁ ËÏÐÉÑ ÎÅ ÉÍÅÅÔ ÓÁÍÏ-ÐÏÄÐÉÓÉ\n"
|
||||
|
||||
#: g10/keyedit.c:93
|
||||
#: g10/delkey.c:64 g10/keyedit.c:93
|
||||
#, c-format
|
||||
msgid "%s: user not found\n"
|
||||
msgstr "%s: ÐÏÌØÚÏ×ÁÔÅÌØ ÎÅ ÎÁÊÄÅÎ\n"
|
||||
@ -2285,7 +2285,7 @@ msgstr ""
|
||||
msgid "enable a key"
|
||||
msgstr "ðÌÏÈÏÊ ËÌÀÞ"
|
||||
|
||||
#: g10/keyedit.c:614
|
||||
#: g10/delkey.c:107 g10/keyedit.c:614
|
||||
msgid "can't do that in batchmode\n"
|
||||
msgstr "ÎÅ×ÏÚÍÏÖÎÏ ÓÄÅÌÁÔØ ÜÔÏ × ÐÁËÅÔÎÏÍ ÒÅÖÉÍÅ.\n"
|
||||
|
||||
@ -2482,6 +2482,27 @@ msgstr "
|
||||
msgid "Create a revocation certificate for this signature? (y/N)"
|
||||
msgstr "ÓÇÅÎÅÒÉÒÏ×ÁÔØ ÏÔÚÙ×ÁÀÝÉÊ ÓÅÒÔÉÆÉËÁÔ"
|
||||
|
||||
#. FIXME: detect duplicates here
|
||||
#: g10/keyedit.c:1740
|
||||
#, fuzzy
|
||||
msgid "You have signed these user IDs:\n"
|
||||
msgstr "÷Ù ÎÅ ÍÏÖÅÔÅ ÕÄÁÌÉÔØ ÐÏÓÌÅÄÎÉÊ ÉÄÅÎÔÉÆÉËÁÔÏÒ ÐÏÌØÚÏ×ÁÔÅÌÑ!\n"
|
||||
|
||||
#: g10/keyedit.c:1754 g10/keyedit.c:1789
|
||||
#, fuzzy, c-format
|
||||
msgid " signed by %08lX at %s\n"
|
||||
msgstr "îÅÞÅÇÏ ÐÏÄÐÉÓÙ×ÁÔØ ËÌÀÞÁÍ %08lX\n"
|
||||
|
||||
#: g10/keyedit.c:1759
|
||||
#, fuzzy, c-format
|
||||
msgid " revoked by %08lX at %s\n"
|
||||
msgstr "îÅÞÅÇÏ ÐÏÄÐÉÓÙ×ÁÔØ ËÌÀÞÁÍ %08lX\n"
|
||||
|
||||
#: g10/keyedit.c:1779
|
||||
#, fuzzy
|
||||
msgid "You are about to revoke these signatures:\n"
|
||||
msgstr "Möchten Sie einige der ungültigen Signaturen entfernen? "
|
||||
|
||||
#: g10/keyedit.c:1797
|
||||
#, fuzzy
|
||||
msgid "Really create the revocation certificates? (y/N)"
|
||||
@ -2773,137 +2794,137 @@ msgstr ""
|
||||
msgid "input line longer than %d characters\n"
|
||||
msgstr ""
|
||||
|
||||
#: g10/tdbio.c:116 g10/tdbio.c:1634
|
||||
#: g10/tdbio.c:121 g10/tdbio.c:1635
|
||||
#, fuzzy, c-format
|
||||
msgid "trustdb rec %lu: lseek failed: %s\n"
|
||||
msgstr "ÏÂÎÏ×ÌÅÎÉÅ ÓÅËÒÅÔÁ ÎÅ ÕÄÁÌÏÓØ: %s\n"
|
||||
|
||||
#: g10/tdbio.c:122 g10/tdbio.c:1641
|
||||
#: g10/tdbio.c:127 g10/tdbio.c:1642
|
||||
#, c-format
|
||||
msgid "trustdb rec %lu: write failed (n=%d): %s\n"
|
||||
msgstr ""
|
||||
|
||||
#: g10/tdbio.c:232
|
||||
#: g10/tdbio.c:237
|
||||
msgid "trustdb transaction too large\n"
|
||||
msgstr ""
|
||||
|
||||
#: g10/tdbio.c:424
|
||||
#: g10/tdbio.c:429
|
||||
#, fuzzy, c-format
|
||||
msgid "%s: can't access: %s\n"
|
||||
msgstr "%s: ÎÅ×ÏÚÍÏÖÎÏ ÏÔËÒÙÔØ: %s\n"
|
||||
|
||||
#: g10/ringedit.c:296 g10/tdbio.c:444
|
||||
#: g10/ringedit.c:298 g10/tdbio.c:445
|
||||
#, fuzzy, c-format
|
||||
msgid "%s: can't create directory: %s\n"
|
||||
msgstr "%s: ÎÅ×ÏÚÍÏÖÎÏ ÏÔËÒÙÔØ: %s\n"
|
||||
|
||||
#: g10/ringedit.c:302 g10/tdbio.c:447
|
||||
#: g10/ringedit.c:304 g10/tdbio.c:448
|
||||
#, fuzzy, c-format
|
||||
msgid "%s: directory created\n"
|
||||
msgstr "%s: ÎÅ×ÏÚÍÏÖÎÏ ÏÔËÒÙÔØ: %s\n"
|
||||
|
||||
#: g10/tdbio.c:451
|
||||
#: g10/tdbio.c:452
|
||||
#, c-format
|
||||
msgid "%s: directory does not exist!\n"
|
||||
msgstr ""
|
||||
|
||||
#: g10/openfile.c:182 g10/openfile.c:253 g10/ringedit.c:1346 g10/tdbio.c:457
|
||||
#: g10/openfile.c:182 g10/openfile.c:253 g10/ringedit.c:1348 g10/tdbio.c:458
|
||||
#, fuzzy, c-format
|
||||
msgid "%s: can't create: %s\n"
|
||||
msgstr "%s: ÎÅ×ÏÚÍÏÖÎÏ ÏÔËÒÙÔØ: %s\n"
|
||||
|
||||
#: g10/tdbio.c:472 g10/tdbio.c:521
|
||||
#: g10/tdbio.c:473 g10/tdbio.c:522
|
||||
#, fuzzy, c-format
|
||||
msgid "%s: can't create lock\n"
|
||||
msgstr "%s: ÎÅ×ÏÚÍÏÖÎÏ ÏÔËÒÙÔØ: %s\n"
|
||||
|
||||
#: g10/tdbio.c:486
|
||||
#: g10/tdbio.c:487
|
||||
#, c-format
|
||||
msgid "%s: failed to create version record: %s"
|
||||
msgstr ""
|
||||
|
||||
#: g10/tdbio.c:490
|
||||
#: g10/tdbio.c:491
|
||||
#, fuzzy, c-format
|
||||
msgid "%s: invalid trustdb created\n"
|
||||
msgstr "%s: ÎÅ×ÏÚÍÏÖÎÏ ÏÔËÒÙÔØ: %s\n"
|
||||
|
||||
#: g10/tdbio.c:493
|
||||
#: g10/tdbio.c:494
|
||||
#, fuzzy, c-format
|
||||
msgid "%s: trustdb created\n"
|
||||
msgstr "%s: ÎÅ×ÏÚÍÏÖÎÏ ÏÔËÒÙÔØ: %s\n"
|
||||
|
||||
#: g10/tdbio.c:530
|
||||
#: g10/tdbio.c:531
|
||||
#, fuzzy, c-format
|
||||
msgid "%s: invalid trustdb\n"
|
||||
msgstr "ÏÂÎÏ×ÌÅÎÉÅ ÂÁÚÙ ÄÁÎÎÙÈ ÄÏ×ÅÒÉÑ ÎÅ ÕÄÁÌÏÓØ: %s\n"
|
||||
|
||||
#: g10/tdbio.c:563
|
||||
#: g10/tdbio.c:564
|
||||
#, fuzzy, c-format
|
||||
msgid "%s: failed to create hashtable: %s\n"
|
||||
msgstr "%s: ÎÅ×ÏÚÍÏÖÎÏ ÏÔËÒÙÔØ: %s\n"
|
||||
|
||||
#: g10/tdbio.c:571
|
||||
#: g10/tdbio.c:572
|
||||
#, fuzzy, c-format
|
||||
msgid "%s: error updating version record: %s\n"
|
||||
msgstr "Fehler beim Erzeugen der \"Passphrase\": %s\n"
|
||||
|
||||
#: g10/tdbio.c:587 g10/tdbio.c:626 g10/tdbio.c:648 g10/tdbio.c:678
|
||||
#: g10/tdbio.c:703 g10/tdbio.c:1567 g10/tdbio.c:1594
|
||||
#: g10/tdbio.c:588 g10/tdbio.c:627 g10/tdbio.c:649 g10/tdbio.c:679
|
||||
#: g10/tdbio.c:704 g10/tdbio.c:1568 g10/tdbio.c:1595
|
||||
#, fuzzy, c-format
|
||||
msgid "%s: error reading version record: %s\n"
|
||||
msgstr "Fehler beim Erzeugen der \"Passphrase\": %s\n"
|
||||
|
||||
#: g10/tdbio.c:600 g10/tdbio.c:659
|
||||
#: g10/tdbio.c:601 g10/tdbio.c:660
|
||||
#, fuzzy, c-format
|
||||
msgid "%s: error writing version record: %s\n"
|
||||
msgstr "Fehler beim Erzeugen der \"Passphrase\": %s\n"
|
||||
|
||||
#: g10/tdbio.c:1246
|
||||
#: g10/tdbio.c:1247
|
||||
#, fuzzy, c-format
|
||||
msgid "trustdb: lseek failed: %s\n"
|
||||
msgstr "ÏÂÎÏ×ÌÅÎÉÅ ÓÅËÒÅÔÁ ÎÅ ÕÄÁÌÏÓØ: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1254
|
||||
#: g10/tdbio.c:1255
|
||||
#, fuzzy, c-format
|
||||
msgid "trustdb: read failed (n=%d): %s\n"
|
||||
msgstr "ÏÂÎÏ×ÌÅÎÉÅ ÂÁÚÙ ÄÁÎÎÙÈ ÄÏ×ÅÒÉÑ ÎÅ ÕÄÁÌÏÓØ: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1275
|
||||
#: g10/tdbio.c:1276
|
||||
#, fuzzy, c-format
|
||||
msgid "%s: not a trustdb file\n"
|
||||
msgstr "ÏÂÎÏ×ÌÅÎÉÅ ÂÁÚÙ ÄÁÎÎÙÈ ÄÏ×ÅÒÉÑ ÎÅ ÕÄÁÌÏÓØ: %s\n"
|
||||
|
||||
#: g10/tdbio.c:1291
|
||||
#: g10/tdbio.c:1292
|
||||
#, c-format
|
||||
msgid "%s: version record with recnum %lu\n"
|
||||
msgstr ""
|
||||
|
||||
#: g10/tdbio.c:1296
|
||||
#: g10/tdbio.c:1297
|
||||
#, fuzzy, c-format
|
||||
msgid "%s: invalid file version %d\n"
|
||||
msgstr "ÎÅÄÏÐÕÓÔÉÍÏÅ ÎÁÞÁÌÏ ÔÅËÓÔÏ×ÏÊ ÐÏÄÐÉÓÉ\n"
|
||||
|
||||
#: g10/tdbio.c:1600
|
||||
#: g10/tdbio.c:1601
|
||||
#, fuzzy, c-format
|
||||
msgid "%s: error reading free record: %s\n"
|
||||
msgstr "Fehler beim Erzeugen der \"Passphrase\": %s\n"
|
||||
|
||||
#: g10/tdbio.c:1608
|
||||
#: g10/tdbio.c:1609
|
||||
#, fuzzy, c-format
|
||||
msgid "%s: error writing dir record: %s\n"
|
||||
msgstr "Fehler beim Erzeugen der \"Passphrase\": %s\n"
|
||||
|
||||
#: g10/tdbio.c:1618
|
||||
#: g10/tdbio.c:1619
|
||||
#, c-format
|
||||
msgid "%s: failed to zero a record: %s\n"
|
||||
msgstr ""
|
||||
|
||||
#: g10/tdbio.c:1648
|
||||
#: g10/tdbio.c:1649
|
||||
#, c-format
|
||||
msgid "%s: failed to append a record: %s\n"
|
||||
msgstr ""
|
||||
|
||||
#: g10/tdbio.c:1759
|
||||
#: g10/tdbio.c:1760
|
||||
#, fuzzy
|
||||
msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
|
||||
msgstr "âÁÚÁ ÄÁÎÎÙÈ ÄÏ×ÅÒÉÑ ÒÁÚÒÕÛÅÎÁ: ÚÁÐÕÓÔÉÔÅ \"gpgm --fix-trust-db\".\n"
|
||||
@ -3196,31 +3217,31 @@ msgstr "
|
||||
msgid "WARNING: can't yet handle long pref records\n"
|
||||
msgstr ""
|
||||
|
||||
#: g10/ringedit.c:316
|
||||
#: g10/ringedit.c:318
|
||||
#, fuzzy, c-format
|
||||
msgid "%s: can't create keyring: %s\n"
|
||||
msgstr "%s: ÎÅ×ÏÚÍÏÖÎÏ ÏÔËÒÙÔØ: %s\n"
|
||||
|
||||
#: g10/ringedit.c:333 g10/ringedit.c:1351
|
||||
#: g10/ringedit.c:335 g10/ringedit.c:1353
|
||||
#, fuzzy, c-format
|
||||
msgid "%s: keyring created\n"
|
||||
msgstr "%s: ÎÅ×ÏÚÍÏÖÎÏ ÏÔËÒÙÔØ: %s\n"
|
||||
|
||||
#: g10/ringedit.c:1528
|
||||
#: g10/ringedit.c:1530
|
||||
msgid "WARNING: 2 files with confidential information exists.\n"
|
||||
msgstr ""
|
||||
|
||||
#: g10/ringedit.c:1529
|
||||
#: g10/ringedit.c:1531
|
||||
#, fuzzy, c-format
|
||||
msgid "%s is the unchanged one\n"
|
||||
msgstr "éÓÐÏÌØÚÏ×ÁÎ ÎÅÐÒÁ×ÉÌØÎÙÊ ÓÅËÒÅÔÎÙÊ ËÌÀÞ"
|
||||
|
||||
#: g10/ringedit.c:1530
|
||||
#: g10/ringedit.c:1532
|
||||
#, c-format
|
||||
msgid "%s is the new one\n"
|
||||
msgstr ""
|
||||
|
||||
#: g10/ringedit.c:1531
|
||||
#: g10/ringedit.c:1533
|
||||
msgid "Please fix this possible security flaw\n"
|
||||
msgstr ""
|
||||
|
||||
@ -3304,6 +3325,28 @@ msgstr ""
|
||||
"ÎÅ ÐÏÌÕÞÁÅÔÓÑ ÉÚÂÅÖÁÔØ ÓÌÁÂÏÇÏ ËÌÀÞÁ × ÓÉÍÍÅÔÒÉÞÎÏÍ ÁÌÇÏÒÉÔÍÅ; ÐÒÏÂÏ×ÁÌÉ %d "
|
||||
"ÒÁÚ!\n"
|
||||
|
||||
#: g10/delkey.c:93
|
||||
msgid "there is a secret key for this public key!\n"
|
||||
msgstr "Es gibt einen privaten ËÌÀÞ zu diesem öffentlichen ËÌÀÞ!\n"
|
||||
|
||||
#: g10/delkey.c:95
|
||||
msgid "use option \"--delete-secret-key\" to delete it first.\n"
|
||||
msgstr ""
|
||||
"Benutzen Sie das Kommando \"--delete-secret-key\", um ihn vorab zu "
|
||||
"entfernen.\n"
|
||||
|
||||
#: g10/delkey.c:111
|
||||
msgid "can't do that in batchmode without \"--yes\"\n"
|
||||
msgstr "Dies kann im Batchmodus ohne \"--yes\" nicht durchgeführt werden.\n"
|
||||
|
||||
#: g10/delkey.c:133
|
||||
msgid "Delete this key from the keyring? "
|
||||
msgstr "Diesen ËÌÀÞ aus dem ËÌÀÞring löschen? "
|
||||
|
||||
#: g10/delkey.c:141
|
||||
msgid "This is a secret key! - really delete? "
|
||||
msgstr "Dies ist ein privater ËÌÀÞ! - Wirklich löschen? "
|
||||
|
||||
#: g10/helptext.c:47
|
||||
#, fuzzy
|
||||
msgid ""
|
||||
@ -3427,8 +3470,8 @@ msgstr ""
|
||||
msgid ""
|
||||
"This signature can't be checked because you don't have the\n"
|
||||
"corresponding key. You should postpone its deletion until you\n"
|
||||
"know which key was used because this signing key might establisha trust "
|
||||
"connection through another already certified key."
|
||||
"know which key was used because this signing key might establish\n"
|
||||
"a trust connection through another already certified key."
|
||||
msgstr ""
|
||||
|
||||
#: g10/helptext.c:189
|
||||
@ -3708,23 +3751,3 @@ msgstr "
|
||||
|
||||
#~ msgid "Checking signatures of this public key certificate:\n"
|
||||
#~ msgstr "Die Signaturen dieses Zertifikats werden überprüft:\n"
|
||||
|
||||
#~ msgid "Do you want to remove some of the invalid signatures? "
|
||||
#~ msgstr "Möchten Sie einige der ungültigen Signaturen entfernen? "
|
||||
|
||||
#~ msgid "there is a secret key for this public key!\n"
|
||||
#~ msgstr "Es gibt einen privaten ËÌÀÞ zu diesem öffentlichen ËÌÀÞ!\n"
|
||||
|
||||
#~ msgid "use option \"--delete-secret-key\" to delete it first.\n"
|
||||
#~ msgstr ""
|
||||
#~ "Benutzen Sie das Kommando \"--delete-secret-key\", um ihn vorab zu "
|
||||
#~ "entfernen.\n"
|
||||
|
||||
#~ msgid "can't do that in batchmode without \"--yes\"\n"
|
||||
#~ msgstr "Dies kann im Batchmodus ohne \"--yes\" nicht durchgeführt werden.\n"
|
||||
|
||||
#~ msgid "Delete this key from the keyring? "
|
||||
#~ msgstr "Diesen ËÌÀÞ aus dem ËÌÀÞring löschen? "
|
||||
|
||||
#~ msgid "This is a secret key! - really delete? "
|
||||
#~ msgstr "Dies ist ein privater ËÌÀÞ! - Wirklich löschen? "
|
||||
|
Loading…
x
Reference in New Issue
Block a user