GnuPG 2.1 Explained for Everyone Niibe {Yutaka, Hitoe, Hiroshi, - - PowerPoint PPT Presentation

gnupg 2 1 explained for everyone
SMART_READER_LITE
LIVE PREVIEW

GnuPG 2.1 Explained for Everyone Niibe {Yutaka, Hitoe, Hiroshi, - - PowerPoint PPT Presentation

Oct 04, 2023 479 likes •733 views

GnuPG 2.1 Explained for Everyone Niibe {Yutaka, Hitoe, Hiroshi, Ayumi} John Paul Adrian Glaubitz Contents GPG 2.1 is not beta software Everyone relies on GnuPG Debian and GnuPG 3 GPG Branches What's New in 2.1?

slide-1
SLIDE 1

GnuPG 2.1 Explained for Everyone

Niibe {Yutaka, Hitoe, Hiroshi, Ayumi} John Paul Adrian Glaubitz

slide-2
SLIDE 2

Contents

  • GPG 2.1 is not beta software
  • Everyone relies on GnuPG
  • Debian and GnuPG
  • 3 GPG Branches
  • What's New in 2.1?
  • Components: DEMO
slide-3
SLIDE 3

GPG 2.1 is not beta

  • It's new, but more than two years
  • Many people misunderstand it's beta
  • It's stable enough (<= 2.1.22)
  • I'm not sure for 2.1.23???
  • 2.2 will be soonish
slide-4
SLIDE 4

Everyone relies on GnuPG

  • Somehow ... Directly / Indirectly
  • Because:
  • Servers running GNU/Linux
  • In GNU/Linux distro, "release" has integrity check
  • See apt-secure(8)
  • Package upload to archive has integrity check...
  • ... where developers are authenticated by GPG
slide-5
SLIDE 5

Debian and GnuPG (1)

  • Congratulation Debian "Stretch"!
  • Thank you Debian for migration to GPG 2.1!
slide-6
SLIDE 6

Debian and GnuPG (2)

  • Debian community is heavy user of GnuPG
  • Debian is important for GnuPG, too
  • GnuPG migration to 2.1 has been going well
  • Kudos to:
  • Debian GnuPG Maintainers: dkg and eric
  • All Debian Developers
slide-7
SLIDE 7

GPG in Debian Stretch

  • Package gnupg is now GPG 2.1!
  • gpg means GPG 2.1
  • If GPG 1.4 is needed, install gnupg1 package
  • The command is available as gpg1
slide-8
SLIDE 8

3 Branches of GPG

GnuPG evolved:

  • GPG 1.4 "classic"
  • GPG 2.0 "stable"
  • GPG 2.1 "modern"
slide-9
SLIDE 9

GPG 1.4 "classic"

  • Single binary executable
  • v3 (PGP 2) keys are supported
slide-10
SLIDE 10

GPG 2.0 "stable"

  • Executable + Libraries
  • gpg-agent as passphrase cache agent
  • End-of-Life: 2017-12-31
slide-11
SLIDE 11

GPG 2.1 "mordern"

  • Executables + Libraries
  • Private key is under control of gpg-agent
  • dirmngr is now GnuPG proper
slide-12
SLIDE 12

What's New in 2.1? (1)

  • New features
  • ECC support
  • ToFU trust model
  • experimental: WKD, g13
  • Major Changes
  • Keybox format for public key
  • libgcrypt native private key format
slide-13
SLIDE 13

What's New in 2.1? (2)

  • Architectural change
  • gpg-agent does private key operations
  • dirmngr is now part of GnuPG
slide-14
SLIDE 14

Architectural change (1)

slide-15
SLIDE 15

Architectural change (2)

slide-16
SLIDE 16

RECV-KEYS

slide-17
SLIDE 17

RECV-KEYS

slide-18
SLIDE 18

VERIFY

slide-19
SLIDE 19

VERIFY

slide-20
SLIDE 20

SIGN

slide-21
SLIDE 21

SIGN

slide-22
SLIDE 22

Summary

  • Everyone relies on GnuPG
  • GPG 2.1 is for everyone
  • Package gnupg is now GPG 2.1!
  • Components:
  • gpg, gpg-agent, dirmngr, pinentry
  • scdaemon
  • GPG evolved and evolves
slide-23
SLIDE 23

Enjoy GPG!

GnuPG Fundraising Rally: https://www.gnupg.org/donate/

slide-24
SLIDE 24

Questions?

Q1: Which is older Debian or GnuPG?

slide-25
SLIDE 25

Questions?

Q1: Which is older Debian or GnuPG? A1: Debian is older!