Red Hat DIRECTORY SERVER 8.1 - 11-01-2010 Manual de usuario descargar pdf (Pagina 94)

following path: C:\Program Files\GNU\GnuPG\gpg.exe .

(Depending on your localisation of Windows, your Program Files folder may be

called Programmi, Programmes, or other instead.)

The problem is that Gpg4win creates a wrong entry in the PATH environment

variable. Alternatively, instead of the workaround above, it is also possible to

change the PATH such that \pub is removed from C:\Program Files\GNU\

GnuPG\pub.

11.1.8. Why does Enigmail try to use gpg-agent?

Enigmail will use the gpg-agent for passphrase handling if any of the following

conditions are fulfilled:

• if GnuPG version 2.0 or higher is detected;

• if the environment variable GPG_AGENT_INFO is set;

• if the option Use gpg-agent for passphrase is active (this option is

located in OpenPGP → Preferences → Advanced tab)

If you are using GnuPG version 1.4.x, and call the GnuPG executable with the

parameter --use-agent, the usual cause is that the environment variable

GPG_AGENT_INFO is set.

If the variable is set by your Linux/Unix distribution, but you don't want to use

gpg-agent, you can unset the variable e.g. in the file .xsession or .bashrc,

or you can launch your mailclient through a wrapper shell script like this one:

#!/bin/sh

unset GPG_AGENT_INFO

exec /path/to/your/mailclient "$@"

An alternative solution if you don't want gpg-agent is to correctly install all

helper utilities.

gpg-agent needs the pinentry tool to query for the password; if it's not available,

then you need to install it. For Linux, you have the choice between pinentry-qt

and pinentry-gtk. Install either of them, and create a link from it to pinentry.

11.1.9. Which key type/size should I choose for my key

pair? Which is best?

There is no such thing as “the best key.” All choices have consequences and

trade-offs. You might feel that a 4096-bit RSA key is safer, but the person

you're sending email to might be trying to read it on a PDA which takes over a

minute to decrypt each message. You might decide to use SHA-1 because it's

widely supported in OpenPGP implementations, but SHA-1 has some

mathematical flaw and does not offer long-term security. Finding precisely the

optimal set of consequences and trade-offs is a very subtle thing, and the

perfect set for you will probably not be the same for anyone else.

The IETF OpenPGP Working Group has spent over a decade looking at which

1 2 ... 89 90 91 92 93 94 95 96 97 98 99 ... 105 106

Sin comentarios

Red Hat DIRECTORY SERVER 8.1 - 11-01-2010 Manual de usuario Pagina 94