From sohailm01 at gmail.com Wed Sep 1 00:35:59 2004 From: sohailm01 at gmail.com (Sohail Mamdani) Date: Wed Sep 1 00:32:42 2004 Subject: question about expired key Message-ID: <38b7866704083115353b28d025@mail.gmail.com> Greetings While creating a new key with GNUPG, I choose to have it expire on August 19, 5 pm (this was obviously a while ago, well before August 19). I even included a comment that states that this key would expire on the aforementioned date. I then uploaded the public key to a keyserver. Problem is, it's been well past Aug 19 and I still don't have any indication that this key has expired. A search on the MIT public key server shows the key itself, but does not indicate that this key has expired. Any ideas? I created this key as a test to learn more about GNUPG and didn't mean to use it on a regular basis... If anyone wants to check it out, the key in question is for the email address sohailm@gmail.com. Thanks, Sohail Mamdani From atom at suspicious.org Wed Sep 1 00:52:34 2004 From: atom at suspicious.org (Atom 'Smasher') Date: Wed Sep 1 00:49:26 2004 Subject: question about expired key In-Reply-To: <38b7866704083115353b28d025@mail.gmail.com> References: <38b7866704083115353b28d025@mail.gmail.com> Message-ID: <20040831185055.X6745@willy_wonka> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Tue, 31 Aug 2004, Sohail Mamdani wrote: > While creating a new key with GNUPG, I choose to have it expire on > August 19, 5 pm (this was obviously a while ago, well before August > 19). I even included a comment that states that this key would expire > on the aforementioned date. I then uploaded the public key to a > keyserver. > > Problem is, it's been well past Aug 19 and I still don't have any > indication that this key has expired. A search on the MIT public key > server shows the key itself, but does not indicate that this key has > expired. > > Any ideas? I created this key as a test to learn more about GNUPG and > didn't mean to use it on a regular basis... > > If anyone wants to check it out, the key in question is for the email > address sohailm@gmail.com. =============== an expired key doesn't go away, but trying to encrypt to it will result in an error message: gpg: NOTE: signature key 0x1EC804F2 expired Thu Aug 19 17:02:13 2004 EDT gpg: 0x1EC804F2: skipped: unusable public key gpg: [stdin]: encryption failed: unusable public key ...atom _________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 ------------------------------------------------- "Thoughtcrime was not a thing that could be concealed forever. You might dodge successfully for a while, even for years, but sooner or later they were bound to get you." -- George Orwell, "1984" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures iQEcBAEBCAAGBQJBNQE4AAoJEAx/d+cTpVciBBMH/j7acUP/AiWxk/BZnYRicjhc w7So2ygFJfSHqhAVGcnrEtnb8+Nrof8GpdO7UU/cJQtwB3y3GThQ9XwmpTQu42VZ g/Pc92x/RyjMwdVJ4ehV9IufVsTMq+PNTXHxcQ4A0zBpTiMBQ4HcQzdlTLf34dPy 28YRqG5bap9QOvBUL2v6P9kF6mjh12z+Wtg1VvgPbKrnQGVI81hv0+UTG87FrG4i MRTDlXku6DiHEm3NUwaDYMK3tD11Et2KjTxlx2tvH7vdLAzgOnTBSOBRfzuMd+Nf sP+xgxUyh5j0/bxEX6/L6b7l3FwYwKFIw6+i2cncjj5YBvUY8Bi1d3CbyGDI5LM= =kCrQ -----END PGP SIGNATURE----- From wk at gnupg.org Wed Sep 1 10:05:53 2004 From: wk at gnupg.org (Werner Koch) Date: Wed Sep 1 10:08:50 2004 Subject: kmail doesn't recognize s/mime support in gpg In-Reply-To: <200408312031.22170.karlandtanya@earthlink.net> (Karl and Tanya Pizzolatto's message of "Tue, 31 Aug 2004 20:31:08 -0400") References: <200408271927.03421.karlandtanya@earthlink.net> <87oekszfn5.fsf@wheatstone.g10code.de> <200408312031.22170.karlandtanya@earthlink.net> Message-ID: <87pt56tnvi.fsf@wheatstone.g10code.de> On Tue, 31 Aug 2004 20:31:08 -0400, Karl and Tanya Pizzolatto said: > but kmail still says gpgme was compiled without s/mime support. You configured and build kmail (kdepim) after installing gpgme; right? Werner From harry_b at mm.st Wed Sep 1 15:38:08 2004 From: harry_b at mm.st (harry_b@mm.st) Date: Wed Sep 1 15:35:01 2004 Subject: initrd missing TTY Message-ID: <00AF38D4A4846F2EF8A55129@[192.168.1.247]> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, I am not sure where to ask this question but I hope this is the right place. I am trying to setup an encrypted root partition where the key is stored gpg-encrypted on an USB memorystick. So far everything works quite nicely but I fail to get a TTY working in the initial RAM disk. All I get is gpg complaining: gpg: cannot open '/dev/tty': No such device or address Any idea what's necessary to get a TTY within the RAM disk? Or is there any other way to pass a passphrase to gpg without displaying it on the screen? (yes, I know about the --no-tty and --passphrase-fd options but when I use /dev/console the passphrase is visible) Any ideas or hints? TIA, Harry - -- 1024D/40F14012 18F3 736A 4080 303C E61E 2E72 7E05 1F6E 40F1 4012 - -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GIT/S dx s: a C++ ULS++++$ P+++ L+++$ !E W++ N+ o? K? !w !O !M V PS+ PE Y? PGP+++ t+ 5-- X+ R+ !tv b++ DI++ D+ G e* h r++ y++ - ------END GEEK CODE BLOCK------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFBNdDJfgUfbkDxQBIRAoYHAJ48xRkcKJvbcnCVUyX7Q1IgrcBhzACfWg68 J/xG8Lf66XHaQRXWf5QGLy8= =j70b -----END PGP SIGNATURE----- From karlandtanya at earthlink.net Wed Sep 1 02:31:08 2004 From: karlandtanya at earthlink.net (Karl and Tanya Pizzolatto) Date: Thu Sep 2 13:22:40 2004 Subject: kmail doesn't recognize s/mime support in gpg In-Reply-To: <87oekszfn5.fsf@wheatstone.g10code.de> References: <200408271927.03421.karlandtanya@earthlink.net> <87oekszfn5.fsf@wheatstone.g10code.de> Message-ID: <200408312031.22170.karlandtanya@earthlink.net> On Monday 30 August 2004 01:42 pm, Werner Koch wrote: > On Fri, 27 Aug 2004 19:27:03 -0400, Karl and Tanya Pizzolatto said: > > gpgme-0.3.16 > > cryptplug-0.3.16 > > > > I am using kde-3.3. > > Cryptplug is only used with old kmails; the latest kmail requires an > up-to-date gpgme (i.e. 0.9.0). Don't know whey kmail does not check > for this. > > Werner I recompiled gpgme 0.9.0, but still no help. When building gpgme, ./configure ends with: config.status: executing depfiles commands GPGME v0.9.0 has been configured as follows: GnuPG version: min. 1.2.2 GnuPG path: /usr/bin/gpg GpgSM version: min. 1.9.6 GpgSM path: /usr/bin/gpgsm which sure sounds like it includes s/mime support... build is fine, with no errors. but kmail still says gpgme was compiled without s/mime support. I'm sure it's something very obvious I'm doing wrong, but I just don't see it... And ideas? How do I get kmail to see s/mime support in gpgme? thanks -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 190 bytes Desc: not available Url : /pipermail/attachments/20040831/b549616a/attachment.bin From karlandtanya at earthlink.net Wed Sep 1 13:21:14 2004 From: karlandtanya at earthlink.net (Karl Pizzolatto) Date: Thu Sep 2 13:22:41 2004 Subject: kmail doesn't recognize s/mime support in gpg Message-ID: <33092629.1094037674351.JavaMail.root@fozzie.psp.pas.earthlink.net> D'oh! Didn't know you had to do that. I will rebuild kdepim. I thought it was a plug-in! I knew it was something silly I was doing. -----Original Message----- From: Werner Koch Sent: Sep 1, 2004 4:05 AM To: Karl and Tanya Pizzolatto Cc: To@null, gnupg-users@gnupg.org, null@null Subject: Re: kmail doesn't recognize s/mime support in gpg On Tue, 31 Aug 2004 20:31:08 -0400, Karl and Tanya Pizzolatto said: > but kmail still says gpgme was compiled without s/mime support. You configured and build kmail (kdepim) after installing gpgme; right? Werner From johanw at vulcan.xs4all.nl Thu Sep 2 17:39:05 2004 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Thu Sep 2 17:36:19 2004 Subject: GnuPG 1.2.6 binary for win32? Message-ID: <200409021539.RAA02725@vulcan.xs4all.nl> Hello, Are there any plans to release a 1.2.6 binary for win32, or does the fixed race condition never occur in 1.2.5? -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From hideki at allcity.net Thu Sep 2 18:52:26 2004 From: hideki at allcity.net (Hideki Saito) Date: Thu Sep 2 18:49:53 2004 Subject: GnuPG 1.2.6 binary for win32? In-Reply-To: <200409021539.RAA02725@vulcan.xs4all.nl> Message-ID: I do have special binary, being distributed in Japanese GnuPG page. http://hp.vector.co.jp/authors/VA019487/gnupg-w32cli-1.2.6-hs.zip http://hp.vector.co.jp/authors/VA019487/gnupg-w32cli-1.2.6-hs.zip.sig THIS IS NOT AN OFFICIAL BINARY > From: Johan Wevers > Date: Thu, 2 Sep 2004 17:39:05 +0200 (MET DST) > To: GnuPG users > Subject: GnuPG 1.2.6 binary for win32? > > Hello, > > Are there any plans to release a 1.2.6 binary for win32, or does the fixed > race condition never occur in 1.2.5? > > -- > ir. J.C.A. Wevers // Physics and science fiction site: > johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html > PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > From wk at gnupg.org Thu Sep 2 19:04:54 2004 From: wk at gnupg.org (Werner Koch) Date: Thu Sep 2 19:03:49 2004 Subject: GnuPG 1.2.6 binary for win32? In-Reply-To: <200409021539.RAA02725@vulcan.xs4all.nl> (Johan Wevers's message of "Thu, 2 Sep 2004 17:39:05 +0200 (MET DST)") References: <200409021539.RAA02725@vulcan.xs4all.nl> Message-ID: <87sma0ppop.fsf@wheatstone.g10code.de> On Thu, 2 Sep 2004 17:39:05 +0200 (MET DST), Johan Wevers said: > Are there any plans to release a 1.2.6 binary for win32, or does the fixed > race condition never occur in 1.2.5? We have nio locking in Windows at all. IIRC, all files are opened in "compatibility" mode, meaning that only one process may have it open. Werner From pt at radvis.nu Fri Sep 3 08:15:55 2004 From: pt at radvis.nu (Per Tunedal Casual) Date: Fri Sep 3 08:11:30 2004 Subject: How to encrypt symmetric to many passphrases? Message-ID: <6.1.2.0.2.20040903081236.0375b5b0@localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I would like to encrypt symmetric to more than one passphrase. How to do it? And further: How to encrypt both to a key and to one ore more passphrases? V?nligen Per Tunedal Civ. ing. Civ. ek. S:t Mickelsgatan 148 129 44 H?gersten Telefon: 08-646 34 83 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (MingW32) iD8DBQFBOAwPaDDfzFT+2PIRAnVFAJ98MU6/RBfh2T8r4IZ2wcQ/ug1/7wCfYOpP Ts8Tx7MhmVCnEbwH91HgDUo= =4zvS -----END PGP SIGNATURE----- From joseph at bluefield.com.hk Fri Sep 3 08:58:11 2004 From: joseph at bluefield.com.hk (Joseph Tseung) Date: Fri Sep 3 08:56:12 2004 Subject: Problem decrypting message using GnuPGWrapper v1.0 Wrapper Message-ID: <0FC7EFC88FDE344B95594425D302CA4B01348D@dc1.bluefield.com.hk> I am using GnuPGWrapper v1.0 wrapper in a MS .NET application. From joseph at bluefield.com.hk Fri Sep 3 09:02:54 2004 From: joseph at bluefield.com.hk (Joseph Tseung) Date: Fri Sep 3 09:00:56 2004 Subject: Problem with decrypting message using GnuPGWrapper v1.0 Message-ID: <0FC7EFC88FDE344B95594425D302CA4B01348F@dc1.bluefield.com.hk> I am using GnuPGWrapper v1.0 in my .NET application. http://www.codeguru.com/Csharp/.NET/net_security/pgp/article.php/c4699/ I am using GnuPG for Windows and PGP 8.0.3. I created a key pair in PGP and imported both public and secret keys into GnuPG. An email was encrypted using that public key by MS Outlook and I am trying to use the wrapper GnuPGWrapper v1.0 to decrypt the message in an .NET application. When running gpg.ExecuteCommand(), I ran into the following error: gpg: malformed CRC\r\ngpg: quoted printable character in armor - probably a buggy MTA has been used\r\n I noticed that my encrypted message text has some special characters like "=20", "\r\n". Is this the problem? How can I resolve it? Do you think this problem can be resolved if I do the key import/export in the opposite direction (i.e. create the key in GnuPG and export it to PGP)? thanks. From atom at suspicious.org Fri Sep 3 09:37:58 2004 From: atom at suspicious.org (Atom 'Smasher') Date: Fri Sep 3 09:35:04 2004 Subject: How to encrypt symmetric to many passphrases? In-Reply-To: <6.1.2.0.2.20040903081236.0375b5b0@localhost> References: <6.1.2.0.2.20040903081236.0375b5b0@localhost> Message-ID: <20040903033459.X6745@willy_wonka> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Fri, 3 Sep 2004, Per Tunedal Casual wrote: > I would like to encrypt symmetric to more than one passphrase. How to do > it? ============= AFAIK, gpg doesn't support it (yet). > And further: How to encrypt both to a key and to one ore more > passphrases? =============== gpg -e -c -r 0x12345678 ...atom _________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 ------------------------------------------------- "The road to the future leads us smack into the wall. We simply ricochet off the alternatives that destiny offers: a demographic explosion that triggers social chaos and spreads death, nuclear delirium and the quasi-annihilation of the species... Our survival is no more than a question of 25, 50 or perhaps 100 years." -- Jacques Cousteau, 1910-1997 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures iQEcBAEBCAAGBQJBOB9cAAoJEAx/d+cTpVci/xQIAKzZwelKpaw/Ba8RL+51uHVn F+6lpqw+BROpD8Q4hALTGY5GIe5g1bkDBYxecpfD8fxrJSRZ1Zgc9t/wGb7T6pq3 7JeOAK2mzF2EJnvA0+5aZHRt/FE4TkPxJ51/CHx6EmGJvLv4fUFT5U+kj2QMoK3+ F0o9iPquCuLMPLzCTSFkcQ0wj+bZegL9vzhlI7NzkrYIzB9kHDMzJw3i2N2nY9m/ zegwkEIUxNgN7dzj1kvUQefIfjGXW0X2rjHZOD5gELZvBmOO+M+CZq4dEr7dVW6u Te0AlL69SfwjTak6LxJeyMqXGPWldO4PBz3HWX17FCB5BCsBE0pNa0CRkp9Equw= =R/V1 -----END PGP SIGNATURE----- From wk at gnupg.org Fri Sep 3 11:35:00 2004 From: wk at gnupg.org (Werner Koch) Date: Fri Sep 3 11:33:51 2004 Subject: How to encrypt symmetric to many passphrases? In-Reply-To: <20040903033459.X6745@willy_wonka> (atom@suspicious.org's message of "Fri, 3 Sep 2004 03:37:58 -0400 (EDT)") References: <6.1.2.0.2.20040903081236.0375b5b0@localhost> <20040903033459.X6745@willy_wonka> Message-ID: <87fz5zpuez.fsf@wheatstone.g10code.de> On Fri, 3 Sep 2004 03:37:58 -0400 (EDT), Atom 'Smasher' said: >> I would like to encrypt symmetric to more than one passphrase. How >> to do it? > ============= > AFAIK, gpg doesn't support it (yet). Correct. It is currently not possible to do this. In theory it should be possible to implement this when running gpg directly but there is no easy way to support frontends. status-fd/command-fd would allow for this but it is not clear what we should do with --passphrase-fd. Werner From pt at radvis.nu Fri Sep 3 12:05:13 2004 From: pt at radvis.nu (Per Tunedal Casual) Date: Fri Sep 3 12:00:37 2004 Subject: How to encrypt symmetric to many passphrases? In-Reply-To: <87fz5zpuez.fsf@wheatstone.g10code.de> References: <6.1.2.0.2.20040903081236.0375b5b0@localhost> <20040903033459.X6745@willy_wonka> <87fz5zpuez.fsf@wheatstone.g10code.de> Message-ID: <6.1.2.0.2.20040903120442.037757a0@localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 11:35 2004-09-03, you wrote: >On Fri, 3 Sep 2004 03:37:58 -0400 (EDT), Atom 'Smasher' said: > >>> I would like to encrypt symmetric to more than one passphrase. How >>> to do it? >> ============= > >> AFAIK, gpg doesn't support it (yet). > >Correct. It is currently not possible to do this. > >In theory it should be possible to implement this when running gpg >directly but there is no easy way to support frontends. >status-fd/command-fd would allow for this but it is not clear what we >should do with --passphrase-fd. > > Werner > > >_______________________________________________ >Gnupg-users mailing list >Gnupg-users@gnupg.org >http://lists.gnupg.org/mailman/listinfo/gnupg-users -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (MingW32) iD8DBQFBOEHUaDDfzFT+2PIRAvKKAJsF3lHlsp2XyDL7KzE1rQvd4j8uGwCggMfJ SWldEgzRmrWQDTZ7ltqYW9Y= =FLTc -----END PGP SIGNATURE----- From maddler at cryptorebels.net Fri Sep 3 14:34:18 2004 From: maddler at cryptorebels.net (william maddler) Date: Fri Sep 3 14:31:41 2004 Subject: kmail doesn't recognize s/mime support in gpg In-Reply-To: <200408312031.22170.karlandtanya@earthlink.net> References: <200408271927.03421.karlandtanya@earthlink.net> <87oekszfn5.fsf@wheatstone.g10code.de> <200408312031.22170.karlandtanya@earthlink.net> Message-ID: <200409031434.18863.maddler@cryptorebels.net> On Wednesday 01 September 2004 02:31, Karl and Tanya Pizzolatto wrote: > On Monday 30 August 2004 01:42 pm, Werner Koch wrote: > > On Fri, 27 Aug 2004 19:27:03 -0400, Karl and Tanya Pizzolatto said: > > > gpgme-0.3.16 > > > cryptplug-0.3.16 > > > > > > I am using kde-3.3. > > [...] > And ideas? How do I get kmail to see s/mime support in gpgme? just recompiled kdepim package and s/mime is working now... -- Hi %1, welcome on %2, press %3 to go to %4 ================================================= || William Maddler http://www.cryptorebels.net || || http://www.maddler.net || || http://cialtronauti.net || gpg --keyserver pgp.mit.edu --recv-key 639C63EF -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 190 bytes Desc: not available Url : /pipermail/attachments/20040903/9ae0e4e7/attachment.bin From svwright+lists at amtp.liv.ac.uk Fri Sep 3 16:17:17 2004 From: svwright+lists at amtp.liv.ac.uk (Stewart V. Wright) Date: Fri Sep 3 16:14:01 2004 Subject: Q: Local keyring security, attacks and lsign Message-ID: <20040903141716.GA15164@amtp.liv.ac.uk> Hi, I've been pondering an attack, or perhaps a lack of my understanding of GnuPG as I was wondering if anyone had any opinions. Take the following example: ~~~~~~~~~~~ I have recently upgraded to the 1.2.6 release. Before installing I verified the .sig associated with the source... gpg --verify gnupg-1.2.6.tar.bz2.sig Fortunately(!) I got a good signature: gpg: Signature made Wed 25 Aug 2004 16:29:58 BST using DSA key ID 57548DCD gpg: Good signature from "Werner Koch (gnupg sig) < HIDDEN ;) >" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 6BD9 050F D8FC 941B 4341 2DCC 68B7 AB89 5754 8DCD So I unpacked the file, compiled it up and installed. ~~~~~~~~~~~ The problem in _my_ usage is that I did not verify that the signing key is the key that I have associated with Werner, i.e. I didn't check that the fingerprint displayed is correct. I saw "Good signature", I saw "Werner Koch" and _assumed_ everything was OK. As I am on a (relatively) public system there is the possibility of someone (for example root) accessing my account and adding another key, with the same details as Werner's to my key ring. Thus the attacker could, in theory, substitute packages with valid signatures (from the impostor key), which I would then think was an untampered version. There are (at least) two obvious solutions. The first is for me to expand my web of trust so that Werner's key is is in my trusted set. The second is for me to verify the fingerprint each time I check a signature, however I am looking for something a little more practical, or more simple maybe. Thus: * Does "lsign"ing Werner's key make sense in this case? I _think_ what I want to achieve is a way to say "this is the key that I have added" (and adding a signature is something that makes the attack harder) without assigning too much trust in the key itself (which seems to be opposite to the lsign)... * Would generating a "lsign"ing key which is itself only partially trusted be the way to go? Any ideas, suggestions, corrections, thoughts, flames, rants? :-) Cheers, S. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 274 bytes Desc: Digital signature Url : /pipermail/attachments/20040903/c4ad73dd/attachment.bin From jas at extundo.com Fri Sep 3 17:05:20 2004 From: jas at extundo.com (Simon Josefsson) Date: Fri Sep 3 17:02:16 2004 Subject: Tutorial for gpgsm? Message-ID: Is there a tutorial on using gpgsm? I find it a tad bit difficult to use. For example, steps I would want described are: * How to mark a CA certificate as trusted. * How to import a key and bind it to some certificate already imported. Alternatively, import key and certificate together, from a pkcs12 blob, or pkcs8 + certificate blobs, or whatever. Alternatively, don't import the key at all, but specify location of key using a parameter when signing. * How to import a CRL I'm trying to replace the S/MIME support in OpenSSL with gpgsm for the MUA Gnus. Perhaps I shouldn't be using gpgsm directly? gpgme didn't seem to have a command line front end. Thanks, Simon From linux at codehelp.co.uk Fri Sep 3 21:14:22 2004 From: linux at codehelp.co.uk (Neil Williams) Date: Fri Sep 3 21:10:47 2004 Subject: Q: Local keyring security, attacks and lsign In-Reply-To: <20040903141716.GA15164@amtp.liv.ac.uk> References: <20040903141716.GA15164@amtp.liv.ac.uk> Message-ID: <200409032014.29029.linux@codehelp.co.uk> On Friday 03 September 2004 3:17, Stewart V. Wright wrote: > I have recently upgraded to the 1.2.6 release. Before installing I > verified the .sig associated with the source... > gpg --verify gnupg-1.2.6.tar.bz2.sig > > Fortunately(!) I got a good signature: As you noted, you got a VALID signature, not a trusted signature. IMHO, a valid signature on the GnuPG code isn't good enough, for exactly the reasons you describe later. Your best solution is your personal trust level, not lsign. Later . . > gpg: WARNING: This key is not certified with a trusted signature! gpg: > There is no indication that the signature belongs to the owner. Primary > key fingerprint: 6BD9 050F D8FC 941B 4341 2DCC 68B7 AB89 5754 8DCD For your peace of mind, my Web of Trust allows me to fully trust Werner's key and I get the same fingerprint. > There are (at least) two obvious solutions. The first is for me to > expand my web of trust so that Werner's key is is in my trusted set. Your key is already in the strong set, courtesy of the signature of Chris Howells. You have a short distance to Werner's key, via Chris: http://webware.lysator.liu.se/jc/wotsap/?top=0xB3334559&bottom=0x57548DCD&size= Only Marc Mutz and/or Ingo Klocker need to be trusted to verify keys correctly when signing for Werner's key to be trusted. Setting the trust value is a personal thing, but sometimes I do bump a key up to marginal or full trust even when I haven't signed it myself. If you can personally trust Ingo and/or Marc to properly validate keys when signing them, you should find Werner becomes trusted too. The quickest way of finding close keys that are trustworthy is to import all the missing signatures on keys that YOU have already signed. Then view each key in something like KGpg or on a keyserver and see if there are enough other signatures on the key that could merit you trusting the keyholder to validate keys properly when they are signing other keys. One or two judicious tweaks can make a lot of difference - just take care and be realistic about whether you can trust the person behind the unsigned key to really validate keys properly. These trust values are personal and local and no lsign or sign is involved. This, to me, would appear to be your best option. If for any reason you change your mind, edit the trust level of the link key and GnuPG will sort out the rest. > The second is for me to verify the fingerprint each time I check a > signature With what? You are verifying an untrusted key against a copy of the same untrusted key. You have a slight protection in that Werner (or someone else) would probably spot a very similar key on the keyservers trying to pretend to be Werner - it's hardly worth considering. > Thus: > * Does "lsign"ing Werner's key make sense in this case? You still have to be sure that the key really belongs to the physical person reliably identifiable as Werner Koch who has sole access to the private key. lsign isn't a cop-out for bad security, it's there for those who don't want a valid signature to show up on keyservers, perhaps because their own key isn't on keyservers. > I _think_ what I want to achieve is a way to say "this is the > key that I have added" (and adding a signature is something that > makes the attack harder) without assigning too much trust in the > key itself (which seems to be opposite to the lsign)... As far as GnuPG is concerned, a lsign is as valid as a sign and it will calculate your web of trust on that basis. You could set the trust value of the lsign'ed key as don't trust (so that none of the keys signed by Werner are affected by your lsign) but it's already getting messy. > * Would generating a "lsign"ing key which is itself only partially > trusted be the way to go? ?? Why does lsign appear to be less trustworthy than sign ?? -- Neil Williams ============= http://www.codehelp.co.uk/ http://www.dclug.org.uk/ http://www.isbn.org.uk/ http://sourceforge.net/projects/isbnsearch/ http://www.biglumber.com/x/web?qs=0x8801094A28BCB3E3 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20040903/1a4ae791/attachment.bin From amit at teldan.com Sat Sep 4 00:14:51 2004 From: amit at teldan.com (Amit Finkler) Date: Fri Sep 3 23:12:07 2004 Subject: Problems compiling gpa-0.7.0 using GCC Message-ID: <4138ECDB.8030408@teldan.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi everyone, I apologize beforehand since I'm a newbie at all that concerns compiling. I downloaded the source code of gpa-0.7.0 and in order to compile it I did the following: 1) Installed Cygwin 2) Installed gtk+ 3) Installed mingw32-gcc and its binutils I ran the ./configure on the Cygwin bash client but was kicked out due to the famous line: "error: C compiler cannot create executables". Looking at the config.log file I found the following line right before the error message: c:\cygwin\bin\..\lib\gcc-lib\mingw32\3.3.1\..\..\..\..\mingw32\bin\ld.exe: cannot open crt2.o: No such file or directory I know this may be a rather vague description of the problem, but I'm hoping, just hoping, that one of you may have run into this problem in the past. Your help will be greatly appreciated!!! Thanks, Amit Finkler -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFBOOzaEzurR/yozRMRAh23AJ48iYSUXxqgZlPMGoVfUdaKpItdMACg+abC LFw3iUODzyW9slW8yW3Fw9E= =rk83 -----END PGP SIGNATURE----- From maddler at cryptorebels.net Sat Sep 4 13:24:53 2004 From: maddler at cryptorebels.net (william maddler) Date: Sat Sep 4 13:22:08 2004 Subject: unable to send keys to keyserver (gpg 1.9.10) Message-ID: <200409041324.53678.maddler@cryptorebels.net> hi all, I was trying to send my key to keyserver but looks like I'm missing something... ============================================================= maddler@yamato:~$ gpg --send-keys maddler gpg: NOTE: THIS IS A DEVELOPMENT VERSION! gpg: It is only intended for test purposes and should NOT be gpg: used in a production environment or with production keys! gpg: unable to execute program "gpgkeys_hkp": No such file or directory gpg: no handler for keyserver scheme "hkp" gpg: keyserver send failed: Keyserver error maddler@yamato:~$ ============================================================= any clue? thx -- "Il primo nemico della creativita` e` il buon senso" - P. Picasso ================================================= || William Maddler http://www.cryptorebels.net || || http://www.maddler.net || || http://cialtronauti.net || gpg --keyserver pgp.mit.edu --recv-key 639C63EF -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 190 bytes Desc: not available Url : /pipermail/attachments/20040904/9094fcb1/attachment-0001.bin From maddler at cryptorebels.net Sat Sep 4 18:27:16 2004 From: maddler at cryptorebels.net (william maddler) Date: Sat Sep 4 18:24:37 2004 Subject: gnupg 1.9.10 + gpg-agent and existing *.sig file Message-ID: <200409041827.21146.maddler@cryptorebels.net> if I try to sign a file with: gpg --sign -b --use-agent file_to_be_signed and file_to_be_signed.sig already exists after saying "yes" when asked to overwrite I get: File `aa.sig' exists. Overwrite (y/N)? y gpg: ath.c:201: _gcry_ath_mutex_unlock: Assertion `*lock == ((ath_mutex_t) 1)' failed. Aborted and out file has 0 size... any clue? thx -- I have a dream! To have a dream! ================================================= || William Maddler http://www.cryptorebels.net || || http://www.maddler.net || || http://cialtronauti.net || gpg --keyserver pgp.mit.edu --recv-key 639C63EF -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 190 bytes Desc: not available Url : /pipermail/attachments/20040904/02c21468/attachment.bin From boldyrev+nospam at cgitftp.uiggm.nsc.ru Sun Sep 5 18:38:32 2004 From: boldyrev+nospam at cgitftp.uiggm.nsc.ru (Ivan Boldyrev) Date: Sun Sep 5 18:50:24 2004 Subject: unable to send keys to keyserver (gpg 1.9.10) References: <200409041324.53678.maddler@cryptorebels.net> Message-ID: On 8857 day of my life william maddler wrote: > hi all, > I was trying to send my key to keyserver but looks like I'm missing > something... > > ============================================================= > maddler@yamato:~$ gpg --send-keys maddler > gpg: NOTE: THIS IS A DEVELOPMENT VERSION! > gpg: It is only intended for test purposes and should NOT be > gpg: used in a production environment or with production keys! > gpg: unable to execute program "gpgkeys_hkp": No such file or directory > gpg: no handler for keyserver scheme "hkp" > gpg: keyserver send failed: Keyserver error > maddler@yamato:~$ > ============================================================= > > any clue? > thx Try to move /usr/lib/gpgkeys_* into /usr/lib/gnupg/gpgkeys_hkp :) I may be wrong. Anyway, some RPM builds installs gpgkeys_* into wrong dir. AFAIR, ./configure && make && make install sometimes install these files incorrectly too. Sorry, can't check now. -- Ivan Boldyrev Your bytes are bitten. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 188 bytes Desc: not available Url : /pipermail/attachments/20040905/1ea1219c/attachment.bin From maddler at cryptorebels.net Sun Sep 5 19:26:33 2004 From: maddler at cryptorebels.net (william maddler) Date: Sun Sep 5 19:23:53 2004 Subject: unable to send keys to keyserver (gpg 1.9.10) In-Reply-To: References: <200409041324.53678.maddler@cryptorebels.net> Message-ID: <200409051926.34120.maddler@cryptorebels.net> On Sunday 05 September 2004 18:38, Ivan Boldyrev wrote: > > Try to move /usr/lib/gpgkeys_* into /usr/lib/gnupg/gpgkeys_hkp :) > > I may be wrong. Anyway, some RPM builds installs gpgkeys_* into > wrong dir. AFAIR, ./configure && make && make install sometimes > install these files incorrectly too. Sorry, can't check now. the point is that gpgkeys_hkp is missing... I tried searching on / but nothing... only gpgkeys_mailto... :| thx -- ================================================= || William Maddler http://www.cryptorebels.net || || http://www.maddler.net || || http://cialtronauti.net || gpg --keyserver pgp.mit.edu --recv-key 639C63EF -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 190 bytes Desc: not available Url : /pipermail/attachments/20040905/fab0bf16/attachment.bin From pt at radvis.nu Sun Sep 5 22:47:22 2004 From: pt at radvis.nu (Per Tunedal Casual) Date: Sun Sep 5 22:42:49 2004 Subject: How to encrypt and mail in Windows XP Message-ID: <6.1.2.0.2.20040905224001.03779040@localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I would like to encrypt a file and mail it with the default e-mail program in Windows. Now my batch-files won't work. I suppose a VBS-script would do the trick. I am not familiar at all with VBS and cannot make a script to encrypt using GPG. Does any one know how to call GPG? Does any one know anything about VBS and MAPIMAIL? Yours, Per Tunedal Manager R?DVIS S:t Mickelsgatan 148 SE-129 44 H?gersten Sweden +46(0)8-88 08 00 www.radvis.nu PGP-key: http://www.radvis.nu/pgp/RADVIS_2003_(casual_key).asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (MingW32) iD8DBQFBO3tOaDDfzFT+2PIRAqejAKCGjTisaqmtuBAh37uIiEga1vilmQCfduM8 z7jxNUMi0ApnvLy4u6YbRY8= =7E1s -----END PGP SIGNATURE----- From pt at radvis.nu Sun Sep 5 22:52:55 2004 From: pt at radvis.nu (Per Tunedal Casual) Date: Sun Sep 5 22:48:16 2004 Subject: How to encrypt symmetric to many passphrases? In-Reply-To: <20040903033459.X6745@willy_wonka> References: <6.1.2.0.2.20040903081236.0375b5b0@localhost> <20040903033459.X6745@willy_wonka> Message-ID: <6.1.2.0.2.20040905225001.037d8ea0@localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 09:37 2004-09-03, you wrote: >> And further: How to encrypt both to a key and to one ore more >> passphrases? >=============== > >gpg -e -c -r 0x12345678 > > > > ...atom > Hi, I tried a batch file like this in Windows XP and it doesn't work: gpg -v --output %1.gpg -c -r xxx -r yyy -e %1 Per Tunedal -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (MingW32) iD8DBQFBO3yZaDDfzFT+2PIRAgZ0AJ9GhdNi9JHJPJs/Jz41/nsPBDFAtQCeIpC3 DbaJyApzQX7JpHj3K3Zku7Q= =vgNH -----END PGP SIGNATURE----- From dshaw at jabberwocky.com Mon Sep 6 01:10:15 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Mon Sep 6 01:07:41 2004 Subject: How to encrypt symmetric to many passphrases? In-Reply-To: <6.1.2.0.2.20040905225001.037d8ea0@localhost> References: <6.1.2.0.2.20040903081236.0375b5b0@localhost> <20040903033459.X6745@willy_wonka> <6.1.2.0.2.20040905225001.037d8ea0@localhost> Message-ID: <20040905231014.GH28262@jabberwocky.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, Sep 05, 2004 at 10:52:55PM +0200, Per Tunedal Casual wrote: > At 09:37 2004-09-03, you wrote: > >> And further: How to encrypt both to a key and to one ore more > >> passphrases? > >=============== > > > >gpg -e -c -r 0x12345678 > > > > > > > > ...atom > > > Hi, > I tried a batch file like this in Windows XP and it doesn't work: > > gpg -v --output %1.gpg -c -r xxx -r yyy -e %1 This only works with GnuPG 1.3.x. David -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.90-cvs (GNU/Linux) iGoEARECACoFAkE7nNYjGGh0dHA6Ly93d3cuamFiYmVyd29ja3kuY29tL2tleS5h c2MACgkQ4mZch0nhy8lWUACgkDM55hbDgvb73yG6danTR2+Bu4oAoIzK9HnwjgPm ZY1jJSQFjVZABZFF =Tr48 -----END PGP SIGNATURE----- From twoaday at freakmail.de Mon Sep 6 09:14:25 2004 From: twoaday at freakmail.de (Timo Schulz) Date: Mon Sep 6 09:11:58 2004 Subject: How to encrypt and mail in Windows XP In-Reply-To: <6.1.2.0.2.20040905224001.03779040@localhost> References: <6.1.2.0.2.20040905224001.03779040@localhost> Message-ID: <20040906071425.GB389@daredevil.joesixpack.net> On Sun Sep 05 2004; 22:47, Per Tunedal Casual wrote: > Now my batch-files won't work. I suppose a VBS-script would do the > trick. Yes, this could work. You could access the W32 API but it would be easier to use a GPG COM+ object or something similar. Then you would just need some lines (if the object implements the needed functions). > I am not familiar at all with VBS and cannot make a script to encrypt > using GPG. Does any one know how to call GPG? I wrote a GPG COM+ object but it's still not finished. But you could use the G-DATA plugin to do this. You could download a OLE32-Viewer to see what functions are available. Timo -- Colt at WinPT.org keyid BF3DF9B4 (http://www.winpt.org) WinPT (http://www.stud.uni-hannover.de/~twoaday/winpt.html) From maddler at cryptorebels.net Mon Sep 6 10:47:21 2004 From: maddler at cryptorebels.net (william maddler) Date: Mon Sep 6 10:44:37 2004 Subject: gpgkeys_hkp missing Message-ID: <200409061047.25806.maddler@cryptorebels.net> whenever I try to send or receive keys to/from a keyserver I get: gpg: unable to execute program "gpgkeys_hkp": No such file or directory gpg: no handler for keyserver scheme "hkp" gpg: keyserver receive failed: Keyserver error I have no clues... :( -- "Mi serviva un vecchio cavo telefonico per fare l'upgrade delle microonde sulla scheda madre" ================================================= || William Maddler http://www.cryptorebels.net || || http://www.maddler.net || || http://cialtronauti.net || gpg --keyserver pgp.mit.edu --recv-key 639C63EF -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 190 bytes Desc: not available Url : /pipermail/attachments/20040906/669b844a/attachment.bin From karlandtanya at earthlink.net Thu Sep 2 17:26:06 2004 From: karlandtanya at earthlink.net (Karl and Tanya Pizzolatto) Date: Mon Sep 6 12:00:40 2004 Subject: kmail & gnupg working now Message-ID: <200409021126.19119.karlandtanya@earthlink.net> Here's how I did it, with much help from all the group: YMMV... First, I built & installed gpg stuff. It took several builds to figure it out, but I think this is the correct sequence (dependancies) if you're going to do it in one shot: libgpg-error-0.7 libgcrypt-1.2.0 libksba-0.9.8 libassuan-0.6.6 pth-2.0.1 pinentry-0.7.1 gnupg-1.9.10 gpgme-0.9.0 Next, I rebuilt kdepim-3.3.0 Next, I put this in my $HOME/.profile (per the gnupg readme) #!/bin/bash if test -f $HOME/.gpg-agent-info && \ kill -0 `cut -d: -f 2 $HOME/.gpg-agent-info` 2>/dev/null; then GPG_AGENT_INFO=`cat $HOME/.gpg-agent-info` export GPG_AGENT_INFO else eval `gpg-agent --daemon` echo $GPG_AGENT_INFO >$HOME/.gpg-agent-info fi either logout & login again, or execute $HOME/.profile & make sure $GPG_AGENT_INFO contains the line pointing to /tmp/.... (where the socket S.gpg-agent is) Everything now works just peachy! I have slackware build scripts if you need them Oh, yeah-- I suid root (chmod 4755) some gnupg executables. This allows secure memory to be used. Understand suid root before you use it, because it can be a security risk. Probably make a "gnupg" group and chgrp those executables. Then add the appropriate users to group "gnupg". Have fun, and thanks to all the group for mucho help and excellent coding!! -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 190 bytes Desc: not available Url : /pipermail/attachments/20040902/a9416a95/attachment.bin From JPClizbe at comcast.net Mon Sep 6 13:21:14 2004 From: JPClizbe at comcast.net (John Clizbe) Date: Mon Sep 6 13:18:37 2004 Subject: gpgkeys_hkp missing In-Reply-To: <200409061047.25806.maddler@cryptorebels.net> References: <200409061047.25806.maddler@cryptorebels.net> Message-ID: <413C482A.5080209@comcast.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 william maddler wrote: > whenever I try to send or receive keys to/from a keyserver I get: > > gpg: unable to execute program "gpgkeys_hkp": No such file or directory > gpg: no handler for keyserver scheme "hkp" > gpg: keyserver receive failed: Keyserver error > > > I have no clues... :( gpgkeys_hkp, along with gpgkeys_ldap and gpgkeys_mailto, are keyserver helper programs. The code is found in the keyserver directory of 1.2.x and 1.3.x. Perhaps you might try building 1.3.6 and copying the gpgkeys_* binaries to the same directory as your gpg 1.9.10 executable. Other than that, I'm as lost as you on this one. No sign of the keyserver handler code in 1.9.10's tarball. - -- John P. Clizbe Inet: JPClizbe(a)comcast DOT nyet Golden Bear Networks PGP/GPG KeyID: 0x608D2A10 "Our enemies are innovative and resourceful, and so are we. They never stop thinking about new ways to harm our country and our people, and neither do we." - Dumbya explaining his administration 5-Aug-2004 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (Windows 2000 SP4) Comment: When cryptography is outlawed, b25seSBvdXRsYXdzIHdpbGwgdXNlIG Comment: Annoy John Asscraft -- Use Strong Encryption. Comment: It's YOUR right - for the time being. Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFBPEgqHQSsSmCNKhARAk1LAJ9UULwfPR09shg1Qo+r9sUespf1zACeN83Z Tbjf7KDpE+f73hf0EPJm1Sg= =hfoc -----END PGP SIGNATURE----- From svwright+lists at amtp.liv.ac.uk Mon Sep 6 13:38:52 2004 From: svwright+lists at amtp.liv.ac.uk (Stewart V. Wright) Date: Mon Sep 6 13:35:35 2004 Subject: Q: Local keyring security, attacks and lsign In-Reply-To: <200409032014.29029.linux@codehelp.co.uk> References: <20040903141716.GA15164@amtp.liv.ac.uk> <200409032014.29029.linux@codehelp.co.uk> Message-ID: <20040906113852.GD18775@amtp.liv.ac.uk> G'day Neil, Forgive me if I am going over ground we've already travelled I really would like to understand this a little better... * Neil Williams [040903 20:40]: > As you noted, you got a VALID signature, not a trusted signature. IMHO, a > valid signature on the GnuPG code isn't good enough, for exactly the reasons > you describe later. > > Your best solution is your personal trust level, not lsign. Later . . The difficulty lies when one is unable (or unwilling) to assign a level of trust to a key other than "I know that this is the key that I chose to import". I guess using Werner's key was a bad example of what I wanted to express. Let me try again at the end of the message... > For your peace of mind, my Web of Trust allows me to fully trust > Werner's key and I get the same fingerprint. *Grin* Now all I need to do is trust that you aren't in the group that's out to "get" me! :-P > These trust values are personal and local and no lsign or sign is involved. > This, to me, would appear to be your best option. If for any reason you > change your mind, edit the trust level of the link key and GnuPG will sort > out the rest. I appreciate the point that you are making here, but surely tweaking my trust level on keys of people I haven't met means that there is a possibility that changing the trust so that the end of Chain (I) is trust worthy might mean that a key in Chain (II) becomes trusted accidentally. (I) Me > PersonA > PersonB > PersonC > PersonD (II) Me > PersonX > PersonB > PersonY (i.e. I tweak PersonB so that there is enough trust to get to PersonD, but then PersonY might become trusted when they wouldn't without the added tweaking to achieve the first chain of trust...) Admittedly I'm not sure if my point above even makes sense...... > > The second is for me to verify the fingerprint each time I check a > > signature > > With what? You are verifying an untrusted key against a copy of the same > untrusted key. Not exactly. Looking at previous posts signed by Werner's key would give me a fingerprint, and _assuming_ that there were no warning messages about an impostor I guess that there is some amount of association I could make. > You still have to be sure that the key really belongs to the physical person > reliably identifiable as Werner Koch who has sole access to the private key. I think this is a different concept to what I am asking. The ownership and association with a particular person of a key is _not_ important. The association of a key with an entity, be it Werner as a person, or with the group of the Fedora Project is the issue. This comes back to the concept that you can trust that all signatures from a certain key are made by someone with control of that key, _without_ knowing anything about the ownership of the key. Someone (a Deep-Throat for example) may wish their identity to remain unknown, but publish verifiable messages. How does one protect a key on your keyring without having a valid WOT to it? Take a new gpg user, Alice, installing Fedora Linux for example. The CDs contain the Fedora (p)gp(g) key. Alice checks that the key not only verifies the packages on the CDs, but that the key has been used historically (via say Google) for signing messages to mailing lists, files, or whatever. There is no indication in any of these sources that the key does not belong to a reputable RedHat/Fedora source. However, Alice has no way of connecting the key to her via the WOT as she's yet to even generate a key of her own. Alice imports the Fedora key into her keyring and then uses it to verify various security patches that have been released... Alice would love to join the WOT, but living at the South Pole, LUG meetings are hard to attend! Alice wants a way to ensure that the key she imported to her key ring is indeed the one she put there and that Eve hasn't replaced it somewhere along the piece. How would she do this? Cheers, S. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 274 bytes Desc: Digital signature Url : /pipermail/attachments/20040906/524858e6/attachment.bin From maddler at cryptorebels.net Mon Sep 6 14:34:17 2004 From: maddler at cryptorebels.net (william maddler) Date: Mon Sep 6 14:31:33 2004 Subject: gpgkeys_hkp missing In-Reply-To: <413C482A.5080209@comcast.net> References: <200409061047.25806.maddler@cryptorebels.net> <413C482A.5080209@comcast.net> Message-ID: <200409061434.17948.maddler@cryptorebels.net> On Monday 06 September 2004 13:21, John Clizbe wrote: [...] > Perhaps you might try building 1.3.6 and copying the gpgkeys_* > binaries to the same directory as your gpg 1.9.10 executable. > done... and copied gpgkeys_hkp to /usr/local/bin (same as gpg) but... _nothing_ changed... gpg still complaining gpgkeys_hkp is not found... :( > Other than that, I'm as lost as you on this one. No sign of the > keyserver handler code in 1.9.10's tarball. eh... noticed that... -- There are only 10 types of people in the world: Those who understand binary, and those who don't ================================================= || William Maddler http://www.cryptorebels.net || || http://www.maddler.net || || http://cialtronauti.net || gpg --keyserver pgp.mit.edu --recv-key 639C63EF -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 190 bytes Desc: not available Url : /pipermail/attachments/20040906/2cadeb5d/attachment.bin From mtjebben at cisco.com Mon Sep 6 14:55:19 2004 From: mtjebben at cisco.com (Michael O. Tjebben) Date: Mon Sep 6 14:52:34 2004 Subject: Share group aliases between GnuPG and PGP? In-Reply-To: References: Message-ID: <413C5E37.1080106@cisco.com> Is there a way to share group aliases between GnuPG and PGP? Most of us in my department use GnuPG, and we've defined group aliases in our gpg.conf file, but there's a few hold-outs who still use PGP. Is there a way to export our group alias definitions and import them into PGP so that we can all "stay-in-sync?" -Mike From ekot at protek.ru Mon Sep 6 15:55:45 2004 From: ekot at protek.ru (Eugene Kotlyarov) Date: Mon Sep 6 15:52:36 2004 Subject: Share group aliases between GnuPG and PGP? In-Reply-To: <413C5E37.1080106@cisco.com> References: <413C5E37.1080106@cisco.com> Message-ID: <413C6C61.6050409@protek.ru> Michael O. Tjebben wrote: > > Is there a way to share group aliases between GnuPG and PGP? > Most of us in my department use GnuPG, and we've defined group aliases > in our gpg.conf file, but there's a few hold-outs who still use PGP. Is > there a way to export our group alias definitions and import them into > PGP so that we can all "stay-in-sync?" > In our organization there is an opposite situation - most of people use PGP, so I made scripts that automatically imports groups/keys from PGP to GnuPG. You can take it here: http://ekot.narod.ru/misc/pgptogpg.zip It is written in JScript for WSH, so it is Windows only. From linux at codehelp.co.uk Mon Sep 6 17:54:35 2004 From: linux at codehelp.co.uk (Neil Williams) Date: Mon Sep 6 17:50:58 2004 Subject: Q: Local keyring security, attacks and lsign In-Reply-To: <20040906113852.GD18775@amtp.liv.ac.uk> References: <20040903141716.GA15164@amtp.liv.ac.uk> <200409032014.29029.linux@codehelp.co.uk> <20040906113852.GD18775@amtp.liv.ac.uk> Message-ID: <200409061654.38616.linux@codehelp.co.uk> On Monday 06 September 2004 12:38, Stewart V. Wright wrote: > This comes back to the concept that you can trust that all signatures > from a certain key are made by someone with control of that key, otherwise the key would have to have been compromised, yes. > _without_ knowing anything about the ownership of the key. True. The GnuPG / PGP signing process tells you that much. However, it doesn't help you trust either key. You can trust that the signatures made from one key to another are valid signatures and you can check for either key being revoked, but without a web of trust, that's all you can do. > Someone (a > Deep-Throat for example) may wish their identity to remain unknown, > but publish verifiable messages. messages cannot be verified without publishing the public key. You could make the public key anonymous - you would then have to go by the fingerprint. > How does one protect a key on your > keyring without having a valid WOT to it? Protect? You protect the secret key, public keys need no protection. If a key is untrusted, it easily cannot be protected from 'man-in-the-middle' attacks - that's why the web of trust is so important - you'd have to verify the fingerprint. > Take a new gpg user, Alice, installing Fedora Linux for example. The > CDs contain the Fedora (p)gp(g) key. Alice checks that the key not > only verifies the packages on the CDs, but that the key has been used > historically (via say Google) for signing messages to mailing lists, > files, or whatever. There is no indication in any of these sources > that the key does not belong to a reputable RedHat/Fedora source. > > However, Alice has no way of connecting the key to her via the WOT as > she's yet to even generate a key of her own. Alice imports the Fedora > key into her keyring and then uses it to verify various security > patches that have been released... Alice would love to join the WOT, > but living at the South Pole, LUG meetings are hard to attend! Alternative protocols can be envisaged. Presumably, there is some method of delivery of other goods and services. Some form of secure communication should be available or could be arranged using physical media conveyed over routine delivery channels. This would be sufficient for the exchange of certain data: 1. Photo ID, as per any keysigning protocol. In this case, verified using external records, maybe from the professional body who sent her out. The veracity of the ID attested by being securely sent alongside the key details. 2. The key fingerprint, ditto 3. some random text token that cannot be guessed or intercepted (random text and digits etc.) ENCRYPTED to the recipient key on read-only media. 4. A return of the same items PLUS a SIGNED (and possibly encrypted) copy of the identical text token on read-only media. As long as she chooses to whom she will send the parcel, using details from the key, she can validate that the person she chose really does have the appropriate secret key. If she has her own key by this time, the token sent in 3. should be signed by her key and the token in the reply should be encrypted to her key. That should allow both keys to be signed. The recipient must have the correct secret key to decrypt the text for the reply, similarly, a signed reply shows that it was not a coincidental discovery of the text token. > Alice wants a way to ensure that the key she imported to her key ring > is indeed the one she put there and that Eve hasn't replaced it > somewhere along the piece. > > > How would she do this? > > > > Cheers, > > S. -- Neil Williams ============= http://www.codehelp.co.uk/ http://www.dclug.org.uk/ http://www.isbn.org.uk/ http://sourceforge.net/projects/isbnsearch/ http://www.biglumber.com/x/web?qs=0x8801094A28BCB3E3 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20040906/4f3db952/attachment.bin From rlaager at wiktel.com Mon Sep 6 19:56:32 2004 From: rlaager at wiktel.com (Richard Laager) Date: Mon Sep 6 19:53:24 2004 Subject: Q: Local keyring security, attacks and lsign In-Reply-To: <20040906113852.GD18775@amtp.liv.ac.uk> References: <20040903141716.GA15164@amtp.liv.ac.uk> <200409032014.29029.linux@codehelp.co.uk> <20040906113852.GD18775@amtp.liv.ac.uk> Message-ID: <1094493392.3440.54.camel@localhost> On Mon, 2004-09-06 at 06:38, Stewart V. Wright wrote: > This comes back to the concept that you can trust that all signatures > from a certain key are made by someone with control of that key, > _without_ knowing anything about the ownership of the key. Someone (a > Deep-Throat for example) may wish their identity to remain unknown, > but publish verifiable messages. There are two sides to this issue: 1. I wish to remain anonymous, but publish verifiable messages. Obviously, I'm going to generate a key pair and sign all of my messages with the private key. I know that as I build up an "integrity" record (with regard to my published messages/articles/whatever), people will begin to find my signatures valuable: They will have the ability to recognize a new message as having been written by the same author as the historical messages they trusted. The OpenPGP format basically requires that some sort of user ID is generated for a given key. What name do I put on the key? Let's start with the easiest. Am I going to use the same real e-mail address for all (or most) of these messages? If so, I'll put the e-mail address on the key. If I'm not using a real e-mail address (or e-mail addresses aren't applicable to these communications), my best bet is to make up a pseudonym and use that on the key and as my signature. 2. I wish to verify the messages from someone else who wishes to remain anonymous and is following the procedures listed in #1. A while back, I was part of a discussion about keysigning practices. I forget which mailing list it was. I held that signing a key is based on the signer's knowledge that the key is held by the person _the signer believes_ is the person represented by the User ID. For example, if PGP existed back when Samuel Clemens was publishing books under the name "Mark Twain", I would've had no problem signing his key with a user ID of "Mark Twain ". According to my signature policy, I would give that key a 0x12 signature. I only issue 0x13 after checking a government identity document. Under this policy, I would be willing to sign (after some sort of verification), the key from #1 with the pseudonym. The point I'm making here is that it's possible for a key to be in WoT that exists to link anonymously published articles together. Slightly off the topic, as an interesting exercise, one could publish a series of articles completely anonymously, signing them with separate signing subkeys. Later, if one wanted to link some/all together, a public key could be released with the appropriate subkeys bound to it. (Back-signatures from the subkeys to the primary key would be required for this to be trustworthy.) > How does one protect a key on your > keyring without having a valid WOT to it? If a key is not in the WoT and you've imported it and wish to "protect" it, the easiest way to do this is to sign it locally and set the owner trust according (which will probably be that you do not trust the owner). This way, GPG will show document signatures as valid, but will not cause other potentially untrusted keys to become valid. In your example, you need to trust that Werner is signing a good copy of the GnuPG source code. However, you may not want to trust him to make key signatures. (This is a purely academic statement, applied to the example of Werner because that's what your posting used. I'm not in any way suggesting he's not trustworthy for signing keys.) Now, why would you want to sign (locally or otherwise) a key which you could not be sure belonged to the owner? If you have not verified the key, you should probably let GPG scream at you about the key being untrusted because it is. You don't want to forget that later. However, local signatures are useful when you've done some verification like 1) checking that the key you have matches the fingerprint of Werner's key in e-mails, etc. 2) you've decided to trust the path from your key to his (when such a path exists). By locally signing the key and setting the trust to nothing, you can avoid having to "tweak" the trust levels of others to make his key valid, thus avoiding the problem you mentioned (other people's keys becoming valid as a side effect). Now, I'd like to caution you in this whole exercise. This sort of "protection" would be very important if you keep your public keyring on a USB key fob, for example. Someone could steal it and change public keys. The key signatures from your key would allow you to detect such a change, provided that your configuration file was not tampered with and specified your key as the only ultimately trusted key. However, in your case, you said that you're using a relatively public machine. You also said that root could tamper with your keyrings. In such a case, there's nothing to stop root from tampering with your GPG executable to do anything he or she wants. Richard Laager -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : /pipermail/attachments/20040906/5f9a5ea2/attachment-0001.bin From boldyrev+nospam at cgitftp.uiggm.nsc.ru Sun Sep 5 22:50:14 2004 From: boldyrev+nospam at cgitftp.uiggm.nsc.ru (Ivan Boldyrev) Date: Mon Sep 6 22:39:53 2004 Subject: unable to send keys to keyserver (gpg 1.9.10) References: <200409041324.53678.maddler@cryptorebels.net> <200409051926.34120.maddler@cryptorebels.net> Message-ID: <9pas02xvkv.ln2@ibhome.cgitftp.uiggm.nsc.ru> On 8859 day of my life william maddler wrote: > the point is that gpgkeys_hkp is missing... > I tried searching on / but nothing... only gpgkeys_mailto... > > :| rebuild gpg then... -- Ivan Boldyrev Is 'morning' a gerund? -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 188 bytes Desc: not available Url : /pipermail/attachments/20040906/6cb40479/attachment.bin From maddler at cryptorebels.net Mon Sep 6 22:51:43 2004 From: maddler at cryptorebels.net (william maddler) Date: Mon Sep 6 22:48:57 2004 Subject: unable to send keys to keyserver (gpg 1.9.10) In-Reply-To: <9pas02xvkv.ln2@ibhome.cgitftp.uiggm.nsc.ru> References: <200409041324.53678.maddler@cryptorebels.net> <200409051926.34120.maddler@cryptorebels.net> <9pas02xvkv.ln2@ibhome.cgitftp.uiggm.nsc.ru> Message-ID: <200409062251.44041.maddler@cryptorebels.net> On Sunday 05 September 2004 22:50, Ivan Boldyrev wrote: > On 8859 day of my life william maddler wrote: > > the point is that gpgkeys_hkp is missing... > > I tried searching on / but nothing... only gpgkeys_mailto... > > rebuild gpg then... ahem... the point is that gpgkeys_* aren't built when compiling 1.9.10 (and 1.9.9 afaik)... they are created by 1.3.6... but 1.9.10 simply ignores them (after copying them to /usr/local/bin along with other gpg* binaries... this is the story so far... -- Hello world! ================================================= || William Maddler http://www.cryptorebels.net || || http://www.maddler.net || || http://cialtronauti.net || gpg --keyserver pgp.mit.edu --recv-key 639C63EF From wk at gnupg.org Tue Sep 7 08:35:45 2004 From: wk at gnupg.org (Werner Koch) Date: Tue Sep 7 08:38:53 2004 Subject: unable to send keys to keyserver (gpg 1.9.10) In-Reply-To: <200409041324.53678.maddler@cryptorebels.net> (william maddler's message of "Sat, 4 Sep 2004 13:24:53 +0200") References: <200409041324.53678.maddler@cryptorebels.net> Message-ID: <87k6v67fi6.fsf@wheatstone.g10code.de> On Sat, 4 Sep 2004 13:24:53 +0200, william maddler said: > I was trying to send my key to keyserver but looks like I'm missing > something... There is no keyserver support in 1.9 yet. I suggest to keep on using the gpg from 1.3 or 1.2 - they should coexist without any problems. We will start merging the code from 1.3 into 1.9 as soon as 1.4 has been released. Werner From maddler at cryptorebels.net Tue Sep 7 09:11:34 2004 From: maddler at cryptorebels.net (william maddler) Date: Tue Sep 7 09:08:49 2004 Subject: unable to send keys to keyserver (gpg 1.9.10) In-Reply-To: <87k6v67fi6.fsf@wheatstone.g10code.de> References: <200409041324.53678.maddler@cryptorebels.net> <87k6v67fi6.fsf@wheatstone.g10code.de> Message-ID: <200409070911.35021.maddler@cryptorebels.net> On Tuesday 07 September 2004 08:35, Werner Koch wrote: > On Sat, 4 Sep 2004 13:24:53 +0200, william maddler said: > > I was trying to send my key to keyserver but looks like I'm missing > > something... > > There is no keyserver support in 1.9 yet. I suggest to keep on using > the gpg from 1.3 or 1.2 - they should coexist without any problems. > doh! :) ok... nice to know... > We will start merging the code from 1.3 into 1.9 as soon as 1.4 has > been released. perfect... thank you for your help... -- ================================================= || William Maddler http://www.cryptorebels.net || || http://www.maddler.net || || http://cialtronauti.net || gpg --keyserver pgp.mit.edu --recv-key 639C63EF From wk at gnupg.org Tue Sep 7 09:49:25 2004 From: wk at gnupg.org (Werner Koch) Date: Tue Sep 7 09:49:00 2004 Subject: Tutorial for gpgsm? In-Reply-To: (Simon Josefsson's message of "Fri, 03 Sep 2004 17:05:20 +0200") References: Message-ID: <87656q7c3e.fsf@wheatstone.g10code.de> On Fri, 03 Sep 2004 17:05:20 +0200, Simon Josefsson said: > * How to mark a CA certificate as trusted. There are two ways: 1. Let gpg-agent do this for you. Since version 1.9.9 you need to add the option --allow-mark-trusted gpg-agent.conf or when invoking gpg-agent. Everytime gpgsm notices an untrusted root certificate gpg-agent will pop up a dialog to ask whether this certificate should be trusted. This is similar to whatmost browsers do. The disadvantage of this method and the reason why --allow-mark-trusted is required is that the list of trusted root certificates will grow, because almost all user will just hit "yes, I trust" and "yes, I verified the fingerprint" without understanding that this is a very serious decision. 2. Use your editor. Edit the file ~/.gnupg/trustlist.txt and add the fingerprints of the trusted root certificates. There are comments on the top explaining the simple format. The current CVS version allows for colons in the fingerprint, so you can easily cut and paste it from whereever you know that this is the correct fingerprint. An example for an entry in the trustlist.txt is: # CN=PCA-1-Verwaltung,O=PKI-1-Verwaltung,C=de 3EEE3D8BB7F0FE5C9F5804A3A7E51BCE98209DF9 S This is in fact one that probably made its way into the file using the first method. As usual a # indicates a comment. The trailing S means that this is to be used for (X.509). It is not possible to trust intermediate CA certificates; gpgsm always checks the entire chain of certificates. > * How to import a key and bind it to some certificate already > imported. Alternatively, import key and certificate together, from > a pkcs12 blob, or pkcs8 + certificate blobs, or whatever. > Alternatively, don't import the key at all, but specify location of > key using a parameter when signing. You always need to import the key; there is something similar to a keyring (here called a keybox: ~/.gnupg/pubring.kbx). Importing a key either from a binary or ascii armored (PEM) certificate file or from a cert-only signature file is done using gpg --import FILE or gpg --import < FILE In general you should first import the root certificates and then down to the end user certificate. You may put all into one file and gpgsm will do the right thing in this case independend of the order. While verifying a signature, all included certificates are automagically imported. To import from a pkcs#12 file you may use the same command; if a private key is contained in that file, you will be asked for the transport passphrases as well as for the new passphrase used to protect it in gpg-agent's private key storage (~/.gnupg/private-keys-v1.d/). Note that the pkcs#12 support is very basic but sufficient for certificates exported from Mozilla, OpenSSL and MS Outlook. Background info on private keys: If you want to look at the private key you first need to know the name of the keyfile. Run the command "gpgsm -K --with-key-data [KEYID]" and you get an output like: crs::1024:1:CF8[..]6D:20040105T184908:2006[...]:09::CN=ZS[....]::esES: fpr:::::::::3B50BF2BDAF2[...]1AE6796D:::2812[...]508F21F065E65E44: grp:::::::::C92DB9CFD588ADE846BE3AC4E7A2E1B11A4A2ADB: uid:::::::::CN=Werner Koch,OU=test,O=g10 Code,C=de:: uid::::::::::: This should be familar to advanced gpg-users; see doc/DETAILS in gpg 1.3 (CVS HEAD) for a description of the records. The value in the "grp" tagged record is the so called keygrip and you should find a file ~/.gnupg/private-keys-v1.d/C92DB9CFD588ADE846BE3AC4E7A2E1B11A4A2ADB.key with the private and public key in an S-expression like format. The gpg-protect-tool may be used to display it in a human readable format: $ gpgsm --call-protect-tool ~/.gnupg/private-keys-v1.d/C9[...]B.key (protected-private-key (rsa (n #00C16B6E807C47BB[...]10487#) (e #010001#) (protected openpgp-s2k3-sha1-aes-cbc ( (sha1 "Hv?9Qt^?" "96") #2B17DC766AEA2568EE0C688E18F9757E#) #65A4FF9F30750A1300[...]7#) ) ) The current CVS version of gpgsm has a command --dump-keys which lists more details of a key including the keygrip so you don't need to use the colon format if you want to manually debug things. $ gpgsm --dump-keys Serial number: 01 Issuer: CN=Trust Anchor,O=Test Certificates,C=US Subject: CN=Trust Anchor,O=Test Certificates,C=US sha1_fpr: 66:8A:47:56:A2:DC:88:FF:DA:B8:95:E1:3C:63:37:55:5F:0A:F7:BF md5_fpr: 03:01:3B:BB:EC:6C:5D:48:88:4C:95:63:99:84:ED:C0 keygrip: 6A082B3063F6DA6D68B2994AB11B4328FD6206D2 notBefore: 2001-04-19 14:57:20 notAfter: 2011-04-19 14:57:20 hashAlgo: 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) keyType: 1024 bit RSA authKeyId: [none] keyUsage: certSign crlSign extKeyUsage: [none] policies: [none] chainLength: unlimited crlDP: [none] authInfo: [none] subjInfo: [none] extn: 2.5.29.14 (subjectKeyIdentifier) [22 octets] > * How to import a CRL CRLs are managed by the dirmngr which is a separate package. The idea is to eventaully turn it into a system daemon, so that on a multi-user machine CRLs are handled more efficiently. As of now the dirmngr needs service from gpgsm thus it is best to call it through gpgsm: gpgsm --call-dirmngr LOAD /absolute/filename/to/a/CRL/file See the dirmngr README and manual for further details. If you don't want to check CRLs, use the option --diable-crl-checks with gpgsm. > I'm trying to replace the S/MIME support in OpenSSL with gpgsm for the > MUA Gnus. Great; I'd love it. > Perhaps I shouldn't be using gpgsm directly? gpgme didn't seem to > have a command line front end. For Gnus it makes sense to use gpgsm directly. Enhancing pgg to support gpgsm should not be that hard. Things you need to take care off are: Warn if GPG_AGENT_INFO has not been set, because this will call gpg-agent for each operation and obviously does not cache the passphrase them. If GPG_AGENT_INFO has been set, also disable the passphrase code for gpg and pass --use-agent to gpg - this way gpg benefits from the passphrase caching and the pinentry. You may want to look at gpgconf (tools/README.gpgconf) to provide a customization interface for gpgsm, gpg-agent and dirmngr. Salam-Shalom, Werner From jharris at widomaker.com Tue Sep 7 19:31:37 2004 From: jharris at widomaker.com (Jason Harris) Date: Fri Sep 10 13:07:03 2004 Subject: new (2004-09-05) keyanalyze results (+sigcheck) Message-ID: <20040907173137.GA438@wilma.widomaker.com> New keyanalyze results are available at: http://keyserver.kjsl.com/~jharris/ka/2004-09-05/ Signatures are now being checked using keyanalyze+sigcheck: http://dtype.org/~aaronl/ Earlier reports are also available, for comparison: http://keyserver.kjsl.com/~jharris/ka/ Even earlier monthly reports are at: http://dtype.org/keyanalyze/ SHA-1 hashes and sizes for all the "permanent" files: f45be5101f8513b9d7c1d2fa28b742a414ab1c87 10340082 preprocess.keys a27d6bc5600a27c0f705f727815ef82633b29957 6802411 othersets.txt 27c1e66052207e5d87586cf9dcff40021b27d533 2673692 msd-sorted.txt b0f152cbac2bff77aeed70a933fec6d7ac3e7b71 1484 index.html b61a0a1a62db1c0f9c8a742378f61b815a25c6d8 2289 keyring_stats e514acc64437e4d3b3ffc3449cc523fc904c1471 1051496 msd-sorted.txt.bz2 e1cfe9b054411038cfc1064db2cb0b3adab03d6a 26 other.txt d9b7debdfdb7ec039a31aee5036a29170fc74e2c 1452742 othersets.txt.bz2 ee9cfb4202f58b230e8a85e328e7062699e29f11 4195529 preprocess.keys.bz2 948b110d4caa3830f79bf18787c8897665707584 10304 status.txt b3e2181bc8ab2aa91d4df040bfe8d57fcbe3094a 211564 top1000table.html 39fc1a36c6e2dda81d8e03e08a028f9b92dda247 30482 top1000table.html.gz 75c1417f088cb7ffa55ce819f79c2417e6495e96 10999 top50table.html 56f907737acfd4691387e242897c583dc544a807 2579 D3/D39DA0E3 -- Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it? jharris@widomaker.com _|_ web: http://keyserver.kjsl.com/~jharris/ Got photons? (TM), (C) 2004 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : /pipermail/attachments/20040907/7fd5f55c/attachment.bin From boldyrev+nospam at cgitftp.uiggm.nsc.ru Tue Sep 7 06:52:44 2004 From: boldyrev+nospam at cgitftp.uiggm.nsc.ru (Ivan Boldyrev) Date: Fri Sep 10 13:07:09 2004 Subject: gpgkeys_hkp missing References: <200409061047.25806.maddler@cryptorebels.net> <413C482A.5080209@comcast.net> <200409061434.17948.maddler@cryptorebels.net> Message-ID: <0erv02x888.ln2@ibhome.cgitftp.uiggm.nsc.ru> On 8859 day of my life william maddler wrote: > On Monday 06 September 2004 13:21, John Clizbe wrote: > [...] > >> Perhaps you might try building 1.3.6 and copying the gpgkeys_* >> binaries to the same directory as your gpg 1.9.10 executable. >> > > done... and copied gpgkeys_hkp to /usr/local/bin (same as gpg) but... > _nothing_ changed... gpg still complaining gpgkeys_hkp is not > found... :( Try this: put gpgkeys_hkp in /usr/local/lib or /usr/local/lib/gnupg Ultimeate solution: try strace with -f option to trace calls. You should notice something like $ strace -f gpg --send-keys gentoo 2>&1 | grep gpgkeys ... execve("/usr/lib/gnupg/gpgkeys_hkp" ... -- Ivan Boldyrev Onions have layers. Unix has layers too. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 188 bytes Desc: not available Url : /pipermail/attachments/20040907/b35959bf/attachment.bin From jas at extundo.com Wed Sep 8 10:04:16 2004 From: jas at extundo.com (Simon Josefsson) Date: Fri Sep 10 13:07:44 2004 Subject: Tutorial for gpgsm? In-Reply-To: <87656q7c3e.fsf@wheatstone.g10code.de> (Werner Koch's message of "Tue, 07 Sep 2004 09:49:25 +0200") References: <87656q7c3e.fsf@wheatstone.g10code.de> Message-ID: Werner Koch writes: >> * How to import a key and bind it to some certificate already >> imported. Alternatively, import key and certificate together, from >> a pkcs12 blob, or pkcs8 + certificate blobs, or whatever. >> Alternatively, don't import the key at all, but specify location of >> key using a parameter when signing. > > You always need to import the key; there is something similar to a > keyring (here called a keybox: ~/.gnupg/pubring.kbx). > > Importing a key either from a binary or ascii armored (PEM) certificate > file or from a cert-only signature file is done using > > gpg --import FILE > > or > > gpg --import < FILE > > In general you should first import the root certificates and then down > to the end user certificate. You may put all into one file and gpgsm > will do the right thing in this case independend of the order. > > While verifying a signature, all included certificates are > automagically imported. > > To import from a pkcs#12 file you may use the same command; if a > private key is contained in that file, you will be asked for the > transport passphrases as well as for the new passphrase used to > protect it in gpg-agent's private key storage > (~/.gnupg/private-keys-v1.d/). Note that the pkcs#12 support is very > basic but sufficient for certificates exported from Mozilla, OpenSSL > and MS Outlook. I'm afraid I can't get this part to work. Here's what I'm trying to do and what happens: 0. rm ~/.gnupg/pubring.kbx 1. Import CA certificate, seems to work. jas@latte:~$ gpgsm --import cacert.crt Secure memory is not locked into core gpgsm: NOTE: THIS IS A DEVELOPMENT VERSION! gpgsm: It is only intended for test purposes and should NOT be gpgsm: used in a production environment or with production keys! gpgsm: keybox `/home/jas/.gnupg/pubring.kbx' created gpgsm: total number processed: 1 gpgsm: imported: 1 jas@latte:~$ gpgsm --list-keys Secure memory is not locked into core gpgsm: NOTE: THIS IS A DEVELOPMENT VERSION! gpgsm: It is only intended for test purposes and should NOT be gpgsm: used in a production environment or with production keys! /home/jas/.gnupg/pubring.kbx ---------------------------- Serial number: 00 Issuer: /CN=CA Cert Signing Authority/OU=http:\x2f\x2fwww.cacert.org/O=Root CA/EMail=support@cacert.org Subject: /CN=CA Cert Signing Authority/OU=http:\x2f\x2fwww.cacert.org/O=Root CA/EMail=support@cacert.org validity: 2003-03-30 12:29:49 through 2033-03-29 12:29:49 key type: 4096 bit RSA chain length: unlimited fingerprint: 13:5C:EC:36:F4:9C:B8:E9:3B:1A:B2:70:CD:80:88:46:76:CE:8F:33 jas@latte:~$ echo '135CEC36F49CB8E93B1AB270CD80884676CE8F33 S' >> ~/.gnupg/trustlist.txt 2. Import key and user certificate. jas@latte:~$ gpgsm --import cacert.user.key Secure memory is not locked into core gpgsm: NOTE: THIS IS A DEVELOPMENT VERSION! gpgsm: It is only intended for test purposes and should NOT be gpgsm: used in a production environment or with production keys! gpgsm: no issuer found in certificate gpgsm: basic certificate checks failed - not imported gpgsm: total number processed: 1 gpgsm: not imported: 1 jas@latte:~$ The cacert.crt and cacert.user.key files attached below. (I know I'm sending my private key. It should be revoked when my testing is completed..) Thanks, Simon -------------- next part -------------- A non-text attachment was scrubbed... Name: cacert.crt Type: application/x-x509-ca-cert Size: 2569 bytes Desc: not available Url : /pipermail/attachments/20040908/1f5bf2fc/cacert-0001.bin -------------- next part -------------- A non-text attachment was scrubbed... Name: cacert.user.key Type: application/x-x509-user-cert Size: 2526 bytes Desc: not available Url : /pipermail/attachments/20040908/1f5bf2fc/cacert.user-0001.bin From jas at extundo.com Wed Sep 8 10:42:21 2004 From: jas at extundo.com (Simon Josefsson) Date: Fri Sep 10 13:07:58 2004 Subject: Tutorial for gpgsm? References: <87656q7c3e.fsf__21430.8325703771$1094543760$gmane$org@wheatstone.g10code.de> Message-ID: Here's another problem, gpgsm --verify doesn't seem to like my S/MIME messages. Shouldn't the input be on e-mail format? jas@latte:~$ gpgsm --verify msg.txt Secure memory is not locked into core gpgsm: NOTE: THIS IS A DEVELOPMENT VERSION! gpgsm: It is only intended for test purposes and should NOT be gpgsm: used in a production environment or with production keys! gpgsm: ksba_cms_parse failed: End of file jas@latte:~$ Thanks. -------------- next part -------------- An embedded message was scrubbed... From: Simon Josefsson Subject: test Date: Wed, 08 Sep 2004 09:52:10 +0200 Size: 3997 Url: /pipermail/attachments/20040908/7591bba9/msg.txt From joseph at bluefield.com.hk Thu Sep 9 12:04:16 2004 From: joseph at bluefield.com.hk (Joseph Tseung) Date: Fri Sep 10 13:09:08 2004 Subject: Problem with decrypting message using GnuPGWrapper v1.0 Message-ID: <0FC7EFC88FDE344B95594425D302CA4B013527@dc1.bluefield.com.hk> I resolved this problem by replacing every instance of "=3D" by "=" in the encrypted message before decrypting it using the wrapper. Joseph > -----Original Message----- > From: gnupg-users-bounces@gnupg.org > [mailto:gnupg-users-bounces@gnupg.org] On Behalf Of Joseph Tseung > Sent: 03 September 2004 15:03 > To: gnupg-users@gnupg.org > Subject: Problem with decrypting message using GnuPGWrapper v1.0 > > I am using GnuPGWrapper v1.0 in my .NET application. > > http://www.codeguru.com/Csharp/.NET/net_security/pgp/article.p > hp/c4699/ > > I am using GnuPG for Windows and PGP 8.0.3. I created a key > pair in PGP and imported both public and secret keys into > GnuPG. An email was encrypted using that public key by MS > Outlook and I am trying to use the wrapper GnuPGWrapper v1.0 > to decrypt the message in an .NET application. > > > When running gpg.ExecuteCommand(), I ran into the following error: > > gpg: malformed CRC\r\ngpg: quoted printable character in > armor - probably a buggy MTA has been used\r\n > > I noticed that my encrypted message text has some special > characters like "=20", "\r\n". Is this the problem? How can I > resolve it? > > Do you think this problem can be resolved if I do the key > import/export in the opposite direction (i.e. create the key > in GnuPG and export it to PGP)? > > thanks. > > > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > From dshaw at jabberwocky.com Sat Sep 11 06:07:03 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Mon Sep 13 18:36:15 2004 Subject: Share group aliases between GnuPG and PGP? In-Reply-To: <413C5E37.1080106@cisco.com> References: <413C5E37.1080106@cisco.com> Message-ID: <20040911040703.GH26744@jabberwocky.com> On Mon, Sep 06, 2004 at 08:55:19AM -0400, Michael O. Tjebben wrote: > > Is there a way to share group aliases between GnuPG and PGP? > Most of us in my department use GnuPG, and we've defined group aliases > in our gpg.conf file, but there's a few hold-outs who still use PGP. Is > there a way to export our group alias definitions and import them into > PGP so that we can all "stay-in-sync?" Yes and no. If you have a command line version of pgp, you can grep the group lines out of gpg.conf and do some magic to convert them to pgp -ga commands. If you don't have a command line version that supports groups (note that the new PGP 8 command line doesn't) then there isn't any really good way to do it. The PGP "PGPgroup.pgr" files have a private format, and while I suppose they could be reverse engineered, there hasn't been much need for interchangeable group files yet. David -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 251 bytes Desc: not available Url : /pipermail/attachments/20040911/0dc045c6/attachment.bin From anthony at griffith.edu.au Mon Sep 13 05:37:50 2004 From: anthony at griffith.edu.au (Anthony Thyssen) Date: Mon Sep 13 18:36:45 2004 Subject: GPG and simple file encryption Message-ID: <200409130337.i8D3bo9c024344@wumpus.itc.gu.edu.au> For a long time I have encrypted some plain text files using PGP as follows... (using v2) pgp -c file (using v5) pgpe -c file to decrypt (using v2) pgp file.pgp (using v5) pgpv file.pgp I also have filter commands for use in my vim editor. However I am now trying to find GPG equivelents, but when I try to encrypt it wants to use a public key, not just a pass-phase. I just want a basic file encryption on any machine using a password I provided. PGP does this, can GPG do it to, without having to generate a keys pairing that is dissasociated with the file? NOTE: GPG also complains about the use of IDEA when tring to decrypt files encrypted with PGP. I don't mind, switching, if I can get GPG to do the encryption instead, whatever method it decides on. Anthony Thyssen ( System Programmer ) http://www.cit.gu.edu.au/~anthony/ ----------------------------------------------------------------------------- Millions long for immortality who do not know what to do with themselves on a rainy Sunday afternoon. --- Susan Ertz ----------------------------------------------------------------------------- Anthony's Home is his Castle http://www.cit.gu.edu.au/~anthony/ From mroth at nessie.de Tue Sep 14 00:15:58 2004 From: mroth at nessie.de (Michael Roth) Date: Tue Sep 14 00:12:50 2004 Subject: GPG and simple file encryption In-Reply-To: <200409130337.i8D3bo9c024344@wumpus.itc.gu.edu.au> References: <200409130337.i8D3bo9c024344@wumpus.itc.gu.edu.au> Message-ID: <41461C1E.30105@nessie.de> Anthony Thyssen wrote: > For a long time I have encrypted some plain text files using PGP > as follows... > > (using v2) pgp -c file > (using v5) pgpe -c file > > to decrypt > (using v2) pgp file.pgp > (using v5) pgpv file.pgp > I also have filter commands for use in my vim editor. > > However I am now trying to find GPG equivelents, but when I try to > encrypt it wants to use a public key, not just a pass-phase. "man gpg": -c, --symmetric Encrypt with a symmetric cipher using a passphrase. The default symmetric cipher used is CAST5, but may be chosen with the --cipher- algo option. So the solution is: (encrypt) gpg -c file (decrypt) gpg file.gpg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 222 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20040914/ca7accdb/signature.bin From servie_tech at yahoo.com Wed Sep 15 21:54:42 2004 From: servie_tech at yahoo.com (Servie Platon) Date: Wed Sep 15 21:51:52 2004 Subject: Compiled gnupg-1.2.6 Successful??? Message-ID: <20040915195442.13142.qmail@web52509.mail.yahoo.com> Hi folks, My apologies if this scenario may have been asked before. I'm not sure though whether I should just revoke my key or just delete them and create a new one? I have gnupg-1.2.4-2.1 pre-installed with my FC2. I printed a copy of the Gnu Privacy Handbook which comes in very handy and used the instructions here to generate a DSA/ElGamal 2048 bit key which turned out fine. Since the GNU Privacy Handbook has instructions on how to compile gnupg from source, I thought why not give it a try and compile gnupg from source and do an upgrade. Now, I compiled gnupg-1.2.6 source and was successful. And I generated another set of keys, this time RSA sign only which didn't give me problem. I issued the command gpg --list-keys and my terminal gave me a listing of the generated public keys, I copied the preferred public key hexadecimal value to my MUA (Ximian Evolution) so that everytime I compose a new mail message, the email gets automatically signed. The problem is this, after creating a new mail message and after I click the send button on evolution, it asks me for the pass phrase. I type in the passpharse for that particular key but evolution does not accept. I tried using the other key's pass phrase and not much use either. Here are my questions: 1. Do I have to download and install a plugin for evolution to work with gnupg? Or would you say the reason for this error is I have two public keys with the same name (my name and email address), so it doesn't know which one to use? 2. I wanted to remove all keys and start from the very beginning by deleting both private and public keys and create another one, would this be alright? 3. What is the most ideal setup or conf that I should do for my laptop? Compile the latest source first, then gen a key and sign or encryp as required and finally create a revocation key? Slowly but surely, I am trying to switch from windows to linux for desktop environment using Gnome or KDE and gnupg is just one of the things that I should straighten out first before I migrate totally to FC2. Thank you very much in advance. Sincerely, Servie _______________________________ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com From johanw at vulcan.xs4all.nl Wed Sep 15 22:48:18 2004 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Wed Sep 15 23:01:50 2004 Subject: Compiled gnupg-1.2.6 Successful???[B In-Reply-To: <20040915195442.13142.qmail@web52509.mail.yahoo.com> from Servie Platon at "Sep 15, 2004 12:54:42 pm" Message-ID: <200409152048.WAA00493@vulcan.xs4all.nl> Servie Platon wrote: >The problem is this, after creating a new mail message > and after I click the send button on evolution, it >asks me for the pass phrase. I type in the passpharse >for that particular key but evolution does not accept. Perhaps a V3 key that is encrypted with IDEA? Did you install IDEA? When you compile GnuPG from source, make sure idea.c is located in the cipher dir, then it gets automatically included. >Slowly but surely, I am trying to switch from windows Windows versions have some peculiarities when compiled with different compilers. I once compiled a windows version with Cygwin, and (after some makefile problems) that worked. But it used different techniques for interprocess communication, so it didn't work with software that expected a MingW compiled version. -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From servie_tech at yahoo.com Thu Sep 16 00:28:19 2004 From: servie_tech at yahoo.com (Servie Platon) Date: Thu Sep 16 00:25:28 2004 Subject: Compiled gnupg-1.2.6 Successful??? In-Reply-To: <200409152048.WAA00493@vulcan.xs4all.nl> Message-ID: <20040915222819.36375.qmail@web52501.mail.yahoo.com> Hi Johan, --- Johan Wevers wrote: > > Perhaps a V3 key that is encrypted with IDEA? Did > you install > IDEA? When you compile GnuPG from source, make sure > idea.c > is located in the cipher dir, then it gets > automatically > included. > So far, I only find these two in the cipher dir. idea-stub.c pubkey.o idea-stub.o Does this mean that it couldn't be done automatically? Any suggestions as to how am I going to solve this problem? Thanks in advance. Sincerely, Servie __________________________________ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail From patrick.marquetecken at pandora.be Thu Sep 16 09:41:41 2004 From: patrick.marquetecken at pandora.be (Patrick Marquetecken) Date: Thu Sep 16 09:38:19 2004 Subject: s/mine on windows Message-ID: Hi, We have a client who whishes to send s/mine encrypted messages, i have exported our publickey but it seems not compatible with their system. Is it possible to create s/mine with gnupg on windows ? I'm waiting what the other persoon is using but i supose digitalID with ootlook 2002 TIA Patrick From johanw at vulcan.xs4all.nl Thu Sep 16 10:07:26 2004 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Thu Sep 16 12:17:32 2004 Subject: Compiled gnupg-1.2.6 Successful??? In-Reply-To: <20040915222819.36375.qmail@web52501.mail.yahoo.com> from Servie Platon at "Sep 15, 2004 03:28:19 pm" Message-ID: <200409160807.KAA00990@vulcan.xs4all.nl> Servie Platon wrote: >So far, I only find these two in the cipher dir. >idea-stub.c pubkey.o idea-stub.o Yes, idea.c isn't distributed with the default ditribution due to patent problems. The file can be downloaded from the net. I have placed it on http://www.xs4all.nl/~johanw/idea.c.gz . The signature file from Werner for this file is http://www.xs4all.nl/~johanw/idea.c.gz.sig . >Does this mean that it couldn't be done automatically? You'll have to place the file there by hand. Then I think a make distclean and a recompile are needed, -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From servie_tech at yahoo.com Thu Sep 16 16:39:59 2004 From: servie_tech at yahoo.com (Servie Platon) Date: Thu Sep 16 16:37:11 2004 Subject: Compiled gnupg-1.2.6 Successful??? In-Reply-To: <200409160807.KAA00990@vulcan.xs4all.nl> Message-ID: <20040916143959.98244.qmail@web52508.mail.yahoo.com> Thanks a lot Johan, Will do as advised from here on and let you guys know what happens next. Thank you very much. Sincerely, Servie --- Johan Wevers wrote: > Servie Platon wrote: > > >So far, I only find these two in the cipher dir. > >idea-stub.c pubkey.o idea-stub.o > > Yes, idea.c isn't distributed with the default > ditribution due to patent > problems. The file can be downloaded from the net. I > have placed it on > http://www.xs4all.nl/~johanw/idea.c.gz . The > signature file from > Werner for this file is > http://www.xs4all.nl/~johanw/idea.c.gz.sig . > > >Does this mean that it couldn't be done > automatically? > > You'll have to place the file there by hand. Then I > think a make distclean > and a recompile are needed, > > -- > ir. J.C.A. Wevers // Physics and science > fiction site: > johanw@vulcan.xs4all.nl // > http://www.xs4all.nl/~johanw/index.html > PGP/GPG public keys at > http://www.xs4all.nl/~johanw/pgpkeys.html > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com From amilivojevic at pbl.ca Thu Sep 16 16:53:31 2004 From: amilivojevic at pbl.ca (Aleksandar Milivojevic) Date: Thu Sep 16 16:48:17 2004 Subject: Compiled gnupg-1.2.6 Successful???[B In-Reply-To: <200409152048.WAA00493@vulcan.xs4all.nl> References: <200409152048.WAA00493@vulcan.xs4all.nl> Message-ID: <4149A8EB.8030301@pbl.ca> Johan Wevers wrote: > Perhaps a V3 key that is encrypted with IDEA? Did you install > IDEA? When you compile GnuPG from source, make sure idea.c > is located in the cipher dir, then it gets automatically > included. Or he can compile idea.c as module, place it in GnuPG's lib directory (usually /usr/lib/gnupg or /usr/local/lib/gnupg, or something similar, depending on compilation options) and load it from gpg.conf (load-extension idea). That way he doesn't need to recompile GnuPG, or think about it when upgrading GnuPG to newer version. Instructions on how to compile it as module are included in idea.c source file. -- Aleksandar Milivojevic Pollard Banknote Limited Systems Administrator 1499 Buffalo Place Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7 From dshaw at jabberwocky.com Thu Sep 16 17:50:13 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Thu Sep 16 17:47:24 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <4141B6FE.1000003@pbl.ca> References: <4141B6FE.1000003@pbl.ca> Message-ID: <20040916155013.GA9802@jabberwocky.com> On Fri, Sep 10, 2004 at 09:15:26AM -0500, Aleksandar Milivojevic wrote: > I'm writing a shell script wrapper around gpg. I need a way to detect > if the recipient's public key was generated by PGP 2.6.x so that I can > use appropriate options (in order for the recipient to be able to > decrypt the message). > > I know that gpg is able to detect this type of key internally (for > example showpref run on such a key will result in appropriate error > message). But there doesn't seem to be any option for listing the > keys that will include in the output that this is old PGP 2.6.x key. > I've tryied using --with-key-data, but there doesn't seem to be > documentation on output format, and the parts that I managed to > decode what they could be are not usefull for this purpose... There is no way to see the version of a key directly. You can infer some information by noting that the V3 keys are sign+encrypt RSA, which is uncommon in the V4 world, but that doesn't guarantee a V3 key. Even so, this is a can of worms: there are V3 keys with V4 signatures, or V4 self-signatures. Those are likely being used on a modern OpenPGP application, so beware using PGP 2.x parameters which might make the message not readable. > BTW, it would be nice if gpg was able to handle this automatically > (when PGP 2.6.x style public key is detected, just use appropriate > cipher (if IDEA is available), hash, and compression, printing > appropriate warning message or such). Something like newer versions > of PGP are doing. New stuff is great (OpenPGP, new standards, open > source, patent free software and such). Backward compatibility > without having to use mile long command line options is even better > ;-) "--pgp2" is hardly a mile long. Perfect backwards compatibility is not possible since a PGP 2.x key doesn't mean that the user is using PGP 2.x. It just means they generated their keys a long time ago. Forcing PGP 2.x options for a mix of keys (old & new) can cause the owner of new key to not be able to decrypt the message. GnuPG tries to be compatible with the old PGP 2.x stuff, but never at the cost of hurting compatibiltity with the current stuff. Right about now is usually when I get a lot of email complaining about this comment, and how PGP 2 is the only good version, etc, etc, etc. People seem to get *really* angry on this topic. At the risk of enflaming passions, note that OpenPGP is hardly "new" any longer. V4 keys date from 1997, and are over 90% of the keys on the keyservers. If you take into account keys that are actually used, as opposed to old forgotten keys, then I suspect the percentage of OpenPGP keys would be even higher. David -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 251 bytes Desc: not available Url : /pipermail/attachments/20040916/f14df515/attachment.bin From dshaw at jabberwocky.com Thu Sep 16 17:57:50 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Thu Sep 16 17:54:56 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <20040916155013.GA9802@jabberwocky.com> References: <4141B6FE.1000003@pbl.ca> <20040916155013.GA9802@jabberwocky.com> Message-ID: <20040916155750.GB9802@jabberwocky.com> On Thu, Sep 16, 2004 at 11:50:13AM -0400, David Shaw wrote: > On Fri, Sep 10, 2004 at 09:15:26AM -0500, Aleksandar Milivojevic wrote: > > I'm writing a shell script wrapper around gpg. I need a way to detect > > if the recipient's public key was generated by PGP 2.6.x so that I can > > use appropriate options (in order for the recipient to be able to > > decrypt the message). > > > > I know that gpg is able to detect this type of key internally (for > > example showpref run on such a key will result in appropriate error > > message). But there doesn't seem to be any option for listing the > > keys that will include in the output that this is old PGP 2.6.x key. > > I've tryied using --with-key-data, but there doesn't seem to be > > documentation on output format, and the parts that I managed to > > decode what they could be are not usefull for this purpose... > > There is no way to see the version of a key directly. You can infer > some information by noting that the V3 keys are sign+encrypt RSA, > which is uncommon in the V4 world, but that doesn't guarantee a V3 > key. Although, I should add that if you really want to see a key version, you can do 'gpg --export key | gpg --list-packets' and pipe that through something to parse out the key version. That's not a supported interface though, and may change in the future. David -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 251 bytes Desc: not available Url : /pipermail/attachments/20040916/adf4f7a2/attachment.bin From wk at gnupg.org Thu Sep 16 18:33:26 2004 From: wk at gnupg.org (Werner Koch) Date: Thu Sep 16 18:34:05 2004 Subject: s/mine on windows In-Reply-To: (Patrick Marquetecken's message of "Thu, 16 Sep 2004 09:41:41 +0200") References: Message-ID: <874qlyb2cp.fsf@wheatstone.g10code.de> On Thu, 16 Sep 2004 09:41:41 +0200, Patrick Marquetecken said: > We have a client who whishes to send s/mine encrypted messages, i have > exported our publickey but it seems not compatible with their system. > Is it possible to create s/mine with gnupg on windows ? Outlook comes with S/MIME support which works well between MS products and in some cases also with other products. There is a GnuPG version with S/MIME (i.e. X.509/CMS) support but not for Windows. Werner From servie_tech at yahoo.com Thu Sep 16 19:09:06 2004 From: servie_tech at yahoo.com (Servie Platon) Date: Thu Sep 16 19:28:01 2004 Subject: Compiled gnupg-1.2.6 Successful???[B In-Reply-To: <4149A8EB.8030301@pbl.ca> Message-ID: <20040916170906.48310.qmail@web52504.mail.yahoo.com> --- Aleksandar Milivojevic wrote: > Johan Wevers wrote: > > Perhaps a V3 key that is encrypted with IDEA? Did > you install > > IDEA? When you compile GnuPG from source, make > sure idea.c > > is located in the cipher dir, then it gets > automatically > > included. > > Or he can compile idea.c as module, place it in > GnuPG's lib directory > (usually /usr/lib/gnupg or /usr/local/lib/gnupg, or > something similar, > depending on compilation options) and load it from > gpg.conf > (load-extension idea). That way he doesn't need to > recompile GnuPG, or > think about it when upgrading GnuPG to newer > version. Instructions on > how to compile it as module are included in idea.c > source file. > > -- > Aleksandar Milivojevic > Pollard Banknote Limited > Systems Administrator 1499 > Buffalo Place > Tel: (204) 474-2323 ext 276 > Winnipeg, MB R3T 1L7 > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > _______________________________ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com From amilivojevic at pbl.ca Thu Sep 16 20:49:58 2004 From: amilivojevic at pbl.ca (Aleksandar Milivojevic) Date: Thu Sep 16 20:44:43 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <20040916155750.GB9802@jabberwocky.com> References: <4141B6FE.1000003@pbl.ca> <20040916155013.GA9802@jabberwocky.com> <20040916155750.GB9802@jabberwocky.com> Message-ID: <4149E056.2030207@pbl.ca> David Shaw wrote: > Although, I should add that if you really want to see a key version, > you can do 'gpg --export key | gpg --list-packets' and pipe that > through something to parse out the key version. That's not a > supported interface though, and may change in the future. Thanks for your help. I believe that this will be usable for what I need it (althoug it would be nice if there was a more direct way of doing it). I'll just parse the output searching for "version 2, algo 1" lines. For what I need it, I can assure that everybody with PGP 2.6 style key is actually using PGP 2.6. Anyhow, even in general case, if somebody is using PGP 2.6 style key, than he probably has idea code compiled in or as a module. Otherwise, he would loose access to all his previously encrypted data. BTW, completely off topic. When somebody migrates from PGP 2.x to say GnuPG, can he migrate his old RSA key and signatures into new V4 format (effectively getting V4 key that has same key data as his old key)? Or the only way is to create new V4 key, get all people to sign it again, and so on... -- Aleksandar Milivojevic Pollard Banknote Limited Systems Administrator 1499 Buffalo Place Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7 From dshaw at jabberwocky.com Thu Sep 16 21:30:34 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Thu Sep 16 21:27:47 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <4149E056.2030207@pbl.ca> References: <4141B6FE.1000003@pbl.ca> <20040916155013.GA9802@jabberwocky.com> <20040916155750.GB9802@jabberwocky.com> <4149E056.2030207@pbl.ca> Message-ID: <20040916193034.GC9802@jabberwocky.com> On Thu, Sep 16, 2004 at 01:49:58PM -0500, Aleksandar Milivojevic wrote: > David Shaw wrote: > >Although, I should add that if you really want to see a key version, > >you can do 'gpg --export key | gpg --list-packets' and pipe that > >through something to parse out the key version. That's not a > >supported interface though, and may change in the future. > > Thanks for your help. I believe that this will be usable for what I > need it (althoug it would be nice if there was a more direct way of > doing it). I'll just parse the output searching for "version 2, algo 1" > lines. > > For what I need it, I can assure that everybody with PGP 2.6 style key > is actually using PGP 2.6. Anyhow, even in general case, if somebody is > using PGP 2.6 style key, than he probably has idea code compiled in or > as a module. Otherwise, he would loose access to all his previously > encrypted data. It's not just that the person with the PGP 2.x key must have IDEA - it's that people with OpenPGP might not. Take this case: User A has a PGP 2.x key. User B has an OpenPGP key. In an effort to accomodate user A, you encrypt using IDEA. However, user B does not have IDEA. By trying to be backwards compatible with user A, you accomplish locking out the modern user B. The only really safe way to handle PGP 2.x users is to encrypt twice - once for the PGP 2.x people, and once for everyone else. > BTW, completely off topic. When somebody migrates from PGP 2.x to say > GnuPG, can he migrate his old RSA key and signatures into new V4 format > (effectively getting V4 key that has same key data as his old key)? Or > the only way is to create new V4 key, get all people to sign it again, > and so on... Yes and no. Yes, you can convert a V3 key to a V4 one, and such a key would be mathematically able to decrypt the messages sent to, and verify sigs from, the old V3 key. However, the key ID of the new key would be different, which makes this somewhat pointless since in practical terms, the encryption program would not know to use the new key. Plus, signatures on the old V3 key would not transfer to the new V4 key. There is really no benefit in converting a key this way. It is also possible to convert an old V3 key into a subkey on a V4 key. This is somewhat less pointless, but still not that useful in practice. David -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 251 bytes Desc: not available Url : /pipermail/attachments/20040916/e05d48bb/attachment.bin From servie_tech at yahoo.com Thu Sep 16 22:19:30 2004 From: servie_tech at yahoo.com (Servie Platon) Date: Thu Sep 16 22:16:41 2004 Subject: Compiled gnupg-1.2.6 Successful???[B In-Reply-To: <20040916170906.48310.qmail@web52504.mail.yahoo.com> Message-ID: <20040916201930.24547.qmail@web52504.mail.yahoo.com> Hi Aleksandar, Sorry for this messed up.blank email. My apologies to you and this group. Anyways, thank you very much on your suggestion. Will definitely look into your solution and will advise if successful. Again, thanks a lot to you and this group. Sincerely, Servie --- Servie Platon wrote: > > --- Aleksandar Milivojevic > wrote: > > > Johan Wevers wrote: > > > Perhaps a V3 key that is encrypted with IDEA? > Did > > you install > > > IDEA? When you compile GnuPG from source, make > > sure idea.c > > > is located in the cipher dir, then it gets > > automatically > > > included. > > > > Or he can compile idea.c as module, place it in > > GnuPG's lib directory > > (usually /usr/lib/gnupg or /usr/local/lib/gnupg, > or > > something similar, > > depending on compilation options) and load it from > > gpg.conf > > (load-extension idea). That way he doesn't need > to > > recompile GnuPG, or > > think about it when upgrading GnuPG to newer > > version. Instructions on > > how to compile it as module are included in idea.c > > source file. > > > > -- > > Aleksandar Milivojevic > > Pollard Banknote Limited > > Systems Administrator > 1499 > > Buffalo Place > > Tel: (204) 474-2323 ext 276 > > Winnipeg, MB R3T 1L7 > > > > _______________________________________________ > > Gnupg-users mailing list > > Gnupg-users@gnupg.org > > > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > > > > > > _______________________________ > Do you Yahoo!? > Declare Yourself - Register online to vote today! > http://vote.yahoo.com > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > _______________________________ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com From amilivojevic at pbl.ca Thu Sep 16 22:56:14 2004 From: amilivojevic at pbl.ca (Aleksandar Milivojevic) Date: Thu Sep 16 22:50:53 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <20040916193034.GC9802@jabberwocky.com> References: <4141B6FE.1000003@pbl.ca> <20040916155013.GA9802@jabberwocky.com> <20040916155750.GB9802@jabberwocky.com> <4149E056.2030207@pbl.ca> <20040916193034.GC9802@jabberwocky.com> Message-ID: <4149FDEE.6000907@pbl.ca> David Shaw wrote: > It's not just that the person with the PGP 2.x key must have IDEA - > it's that people with OpenPGP might not. Take this case: User A has a > PGP 2.x key. User B has an OpenPGP key. In an effort to accomodate > user A, you encrypt using IDEA. However, user B does not have IDEA. > By trying to be backwards compatible with user A, you accomplish > locking out the modern user B. The only really safe way to handle PGP > 2.x users is to encrypt twice - once for the PGP 2.x people, and once > for everyone else. Let say somebody implements option in GnuPG so that user can choose to have GnuPG go into PGP 2.x compatible mode automatically if PGP 2.x key is used. And let say option would be turned off by default, so for all current GnuPG users there is no change in how GnuPG behaves. In this case, if I turn that option on (in my gpg.conf file for example), and try to encrypt to users A and B from your example, GnuPG could bark that it can't find set of compatible ciphers to accomodate both user A and user B, and that I should encrypt to them separately. When I get such an error from GnuPG, it would be my problem, since I was warned what might happen if I use option like that. Same thing if my correspondent (who uses his old PGP 2.x key with GnuPG) barks at me that he no longer can use IDEA, and that I should upgrade from PGP 2.x to GnuPG ;-) Having options in GnuPG to make it compatible with PGP 2.x (eihter short --pgp2 or mile long one specifying cipher, compresison, etc separately) is great. But for somebody who has lots of PGP 2.x correspondents, option that will have GnuPG automatically turn those on would be much more usable (with appropriate warnings in the documentation, of course). -- Aleksandar Milivojevic Pollard Banknote Limited Systems Administrator 1499 Buffalo Place Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7 From dshaw at jabberwocky.com Fri Sep 17 00:11:02 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Fri Sep 17 00:08:03 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <4149FDEE.6000907@pbl.ca> References: <4141B6FE.1000003@pbl.ca> <20040916155013.GA9802@jabberwocky.com> <20040916155750.GB9802@jabberwocky.com> <4149E056.2030207@pbl.ca> <20040916193034.GC9802@jabberwocky.com> <4149FDEE.6000907@pbl.ca> Message-ID: <20040916221101.GA22509@jabberwocky.com> On Thu, Sep 16, 2004 at 03:56:14PM -0500, Aleksandar Milivojevic wrote: > David Shaw wrote: > >It's not just that the person with the PGP 2.x key must have IDEA - > >it's that people with OpenPGP might not. Take this case: User A has a > >PGP 2.x key. User B has an OpenPGP key. In an effort to accomodate > >user A, you encrypt using IDEA. However, user B does not have IDEA. > >By trying to be backwards compatible with user A, you accomplish > >locking out the modern user B. The only really safe way to handle PGP > >2.x users is to encrypt twice - once for the PGP 2.x people, and once > >for everyone else. > > Let say somebody implements option in GnuPG so that user can choose to > have GnuPG go into PGP 2.x compatible mode automatically if PGP 2.x key > is used. And let say option would be turned off by default, so for all > current GnuPG users there is no change in how GnuPG behaves. It is always possible to add yet another feature to try and work around the fundamental incompatibilities between PGP 2 and OpenPGP. The problem with this is where does it stop, and how many people does this benefit? Given that the overwhelming majority of people don't use PGP 2, this is a simple calculation. Better to spend that valuable development time on something that is usable by more people. David -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 251 bytes Desc: not available Url : /pipermail/attachments/20040916/c0698833/attachment.bin From johanw at vulcan.xs4all.nl Fri Sep 17 00:00:02 2004 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Fri Sep 17 02:02:01 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <20040916193034.GC9802@jabberwocky.com> from David Shaw at "Sep 16, 2004 03:30:34 pm" Message-ID: <200409162200.AAA00647@vulcan.xs4all.nl> David Shaw wrote: >It's not just that the person with the PGP 2.x key must have IDEA - >it's that people with OpenPGP might not. Take this case: User A has a >PGP 2.x key. User B has an OpenPGP key. In an effort to accomodate >user A, you encrypt using IDEA. However, user B does not have IDEA. >By trying to be backwards compatible with user A, you accomplish >locking out the modern user B. Well, modern user B should then find an IDEA module or compile it in. -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From dshaw at jabberwocky.com Fri Sep 17 02:34:56 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Fri Sep 17 02:31:58 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <200409162200.AAA00647@vulcan.xs4all.nl> References: <20040916193034.GC9802@jabberwocky.com> <200409162200.AAA00647@vulcan.xs4all.nl> Message-ID: <20040917003456.GB22509@jabberwocky.com> On Fri, Sep 17, 2004 at 12:00:02AM +0200, Johan Wevers wrote: > David Shaw wrote: > > >It's not just that the person with the PGP 2.x key must have IDEA - > >it's that people with OpenPGP might not. Take this case: User A has a > >PGP 2.x key. User B has an OpenPGP key. In an effort to accomodate > >user A, you encrypt using IDEA. However, user B does not have IDEA. > >By trying to be backwards compatible with user A, you accomplish > >locking out the modern user B. > > Well, modern user B should then find an IDEA module or compile it in. Why should he? In most of the world he can't even use IDEA legally without a licence. This isn't his problem (over 90% of the userbase). This is user A's problem (less than 10% of the userbase). In any event, this is not a useful suggestion. When working on GnuPG, I have to follow the OpenPGP standard. There is absolutely no requirement in OpenPGP that a client supports IDEA, and therefore I cannot assume that a client supports it either. David -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 251 bytes Desc: not available Url : /pipermail/attachments/20040916/8a9db36d/attachment.bin From servie_tech at yahoo.com Fri Sep 17 04:51:13 2004 From: servie_tech at yahoo.com (Servie Platon) Date: Fri Sep 17 05:44:03 2004 Subject: Compiled gnupg-1.2.6 Successful??? - Indeed In-Reply-To: <200409160807.KAA00990@vulcan.xs4all.nl> Message-ID: <20040917025113.91882.qmail@web52505.mail.yahoo.com> Hi folks, Just to give an update on the issue of idea.c. I am happy that by following the instructions of Johan below made my gnupg signing work. Thanks a lot Johan and Aleksandar on your help guys. BTW, I have some follow-up questions to you folks. Since I created, 2 or 3 public key signatures which shouldn't be the case. I wanted to get rid of the other two public keys that I won't use? Would it be appropriate to just delete the files straight up or simply revoke the keys first then delete both private and public keys? And final question, since I can now automatically sign using gnupg for my private email address. Would it be possible for me to do this too on my yahoo account? I have a notion since this is a public email or webmail, one can only do as much by editing yahoo's account and manually copying your pub id to it? Is there a way that we can train, firefox or mozilla to do that automatically? Thanks in advance. Sincerely, Servie --- Johan Wevers wrote: > Servie Platon wrote: > > >So far, I only find these two in the cipher dir. > >idea-stub.c pubkey.o idea-stub.o > > Yes, idea.c isn't distributed with the default > ditribution due to patent > problems. The file can be downloaded from the net. I > have placed it on > http://www.xs4all.nl/~johanw/idea.c.gz . The > signature file from > Werner for this file is > http://www.xs4all.nl/~johanw/idea.c.gz.sig . > > >Does this mean that it couldn't be done > automatically? > > You'll have to place the file there by hand. Then I > think a make distclean > and a recompile are needed, > > -- > ir. J.C.A. Wevers // Physics and science > fiction site: > johanw@vulcan.xs4all.nl // > http://www.xs4all.nl/~johanw/index.html > PGP/GPG public keys at > http://www.xs4all.nl/~johanw/pgpkeys.html > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > _______________________________ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com From johanw at vulcan.xs4all.nl Fri Sep 17 08:54:45 2004 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Fri Sep 17 08:51:32 2004 Subject: Compiled gnupg-1.2.6 Successful??? - Indeed In-Reply-To: <20040917025113.91882.qmail@web52505.mail.yahoo.com> from Servie Platon at "Sep 16, 2004 07:51:13 pm" Message-ID: <200409170654.IAA00987@vulcan.xs4all.nl> Servie Platon wrote: >Since I created, 2 or 3 public key signatures which >shouldn't be the case. I wanted to get rid of the >other two public keys that I won't use? Are you talking about keys of signatures? In both cases holds: if you didn't upload them to a keyserver, you can simply delete the key/signature. If they are already on a keyserver, there's no way of getting them off and you'll have to revoke them. >And final question, since I can now automatically sign >using gnupg for my private email address. Would it be >possible for me to do this too on my yahoo account? I don't know how this works from a Yahoo account. For webmail, I usually paste the signed and/or encrypted text in the edit window, and prepare it in a xterm and I'm happy with that procedure. Now I admit I only use GnuPG for encryption of mails (I usually also sign my encrypted mails but not always) and this doesn't happen too often. -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From johanw at vulcan.xs4all.nl Fri Sep 17 08:48:21 2004 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Fri Sep 17 08:51:42 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <20040917003456.GB22509@jabberwocky.com> from David Shaw at "Sep 16, 2004 08:34:56 pm" Message-ID: <200409170648.IAA00978@vulcan.xs4all.nl> David Shaw wrote: >Why should he? In most of the world he can't even use IDEA legally >without a licence. In most cases use will be non-commercial so there shouldn't be a problem. In other cases I wouldn't care. I've never heard of Ascom-Tech suing anyone for breach of the IDEA patent. >This isn't his problem (over 90% of the userbase). >This is user A's problem (less than 10% of the userbase). You wrote these 90-10% numbers come from counting keys on a keyserver. But I disagree with your assesment of the number of abandoned keys: considering the use of pgp 2.x among people who are more knowledgeable about encryption, I think there are relatively less abandoned keys among those 10% than among the 90% v3 keys. Especially among the keys created with all default parameters among those 90%. >In any event, this is not a useful suggestion. When working on GnuPG, >I have to follow the OpenPGP standard. But that doesn't prevent decrypting pgp 2.x messages. And I hope it stays that way (since you fixed the error in 1.3.6 I hope it still is). >There is absolutely no requirement in OpenPGP that a client supports IDEA, >and therefore I cannot assume that a client supports it either. That is a very formal way of reasoning. Anything except 3DES is not required, but that doesn't mean it can't be used. Now, if I were advertising some obscure module noone uses except for testing (like the Skipjack module), I would agree. But not in this case. IDEA is too much used in the field to be simply ignored (and the GnuPG developers do acknowledge that, otherwise there wouldn't be an IDEA module and all this discussion). -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From servie_tech at yahoo.com Fri Sep 17 13:02:10 2004 From: servie_tech at yahoo.com (Servie Platon) Date: Fri Sep 17 13:26:20 2004 Subject: Compiled gnupg-1.2.6 Successful??? - Indeed In-Reply-To: <200409170654.IAA00987@vulcan.xs4all.nl> Message-ID: <20040917110210.566.qmail@web52509.mail.yahoo.com> -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.2.6 (GNU/Linux) Thank you so much Johan for the reply. --- Johan Wevers wrote: > Servie Platon wrote: > > >Since I created, 2 or 3 public key signatures which > >shouldn't be the case. I wanted to get rid of the > >other two public keys that I won't use? > > Are you talking about keys of signatures? In both > cases > holds: if you didn't upload them to a keyserver, you > can > simply delete the key/signature. If they are already > on a > keyserver, there's no way of getting them off and > you'll > have to revoke them. 1. Yes, I have created a several key signatures in the process and testing gnupg and following the instructions on the manual. I'm not sure though if simply deleting them off from my home directory would solve the problem. 2. How do I put my key on a keyserver like that of verisign or other key servers out there? 3. This is somewhat related to number 2, from school, our instructor mentioned that we can setup to be our own private key server, hosting our own public keys, just like what you have right now. But we never got to do this exercise in the first place. Is this true? If so, can I safely do this setup and coincide with my apache server project of mine which is for hosting my personal/family site? The thing is, we were strongly told from school that limiting services running on your host box would definitely limit the chances of getting compromised. Do I have to allocate one box for this purpose or just simply pasting my public keys on a public key server would do the job? Or just sign up for one? > >And final question, since I can now automatically > sign > >using gnupg for my private email address. Would it > be > >possible for me to do this too on my yahoo account? > > I don't know how this works from a Yahoo account. > For webmail, > I usually paste the signed and/or encrypted text in > the edit > window, and prepare it in a xterm and I'm happy with > that > procedure. Now I admit I only use GnuPG for > encryption of mails > (I usually also sign my encrypted mails but not > always) and this > doesn't happen too often. > 4. And finally, I tried doing this command from the terminal: $ gpg -armor --export servie_tech@yahoo.com. Then I copy paste on this email message which gave me a public key block. Is this the right way to do this? Or is there another way to do this? > -- > ir. J.C.A. Wevers // Physics and science > fiction site: > johanw@vulcan.xs4all.nl // > http://www.xs4all.nl/~johanw/index.html > PGP/GPG public keys at > http://www.xs4all.nl/~johanw/pgpkeys.html > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > Thanks again to all of you guys in this group. You definitely have been very helpful and have made my intended transition to linux a lot easier. My worries now would be how to enable my created labs web cam on linux which is of course not part of the groups topic. Nevertheless, again thanks a lot guys! This user group is simply one of the best!!! Sincerely, Servie mQGiBEESTE4RBACmN9zZn6jgFrksrVXcTEbi5FQQnteknLrzb6FygmjmLGQrDMev bFm/YUx3jghNg4dlNu9dlTwaoJLiF4aCv+iH4dfXm6cDQ3oIo1MmkXov+VbOiGRh AXW8wEDwdKNAdE4J/WDS89ZZl8vl4UkNKI9rWw9uf764XyrNy79OuvgAPwCgt57c dLuWT4l8K+TRKzzK9IUhGa0D/2SiTKPIaZfcreccGsr+to1gQDl8tjyHS8lebDGA bRFbQyZtlq7IWVA2yDM72jbJCoJOghMh4vifmv85RgzzNPzOz9WoItInL5Awf0JL Bi80SIO8VYKzG8YqpdeoBOXPbtnwBzcXa0f4uKHNswqncWCzYbtaeaMBSO8LrUds K/w6A/9ilkqIlawpy+nyzL1iibUfcka7I6gskv26H1IPd+cWLIf6uJzYwfdtIc3r gdcK3iMsf0FG7dpc3fdrz7suXPBTu/cy4BecmStCzEvurJkA2VUC3b+dVo13wT5S iPgBMSr50RR3vblV+0rRskuR7Uun2D7sGE60qZmcnH6CABty+7QvU2VydmlsaWFu byBTLiBQbGF0b24gSVYgPHNlcnZpZV90ZWNoQHlhaG9vLmNvbT6IXgQTEQIAHgUC QRJMTgIbAwYLCQgHAwIDFQIDAxYCAQIeAQIXgAAKCRAMhvzkdfhNm82KAKClT2lT XCwl1cfzGnJplQrCo1eYcQCgnE5zj+zmLAeCaWWY5s9Fbqi0PyO5Ag0EQRJMYhAI ALlxv5a81HKIzE+w26A96DWEXR+f4IjeEgmVO4zVN1uSXzhrddIFAGh0eStaCYXA lIHpWgcG9lcjyefOg8GERTShk+JNT0NJjqPNuhogvut7E8TTlqSZtkwM4olh1lbW TtFIcqnnrj2fXP0ou+zY2iyyONHkTEDYNnL/mDiec6ZQe1YzzEggGVArcl10dmAK LXpYglkwlql9koW5+mfbhd+8nXRSKMKZnygBUgI3jNsU1+IwEg5k6wW0JNMz4siy av44xyfz9Q2A7ZQH14Q9THSrHSSKcCAQZtVDIkOIt00jg7FGIYBk8wfCdGfca7Uu TKmToVTkT7WCJlJB/n2Rf4sAAwYH/3Qvp660Hz38+PIIN8ERuvNoJWg4xpxmmvgH LyhiCpyRnBCFW7FaVqoRdrArAr+gnE+c8pno+k6vHsCftgh/NrbM87NiiC3tRJaz 7CJh8/s9oUauJI7fV7J7rPCet6XP93emAQ33Kq9cPDp1s7GuZ60eBbLGAroPtqp6 7/fPPhUVwSGMhyMlcsV77zC/hqEQIMlvI19pDllc3QXRJGyPEtoMZodfXnxXNBRf kSVVhWNWoA0Nb+0a8VgIO6J0VAJJHRENsAbijTBDvaeCMkkA8Xu5HIfBIVzmF7C/ pGL1Jng5+FCGrgTeBwlVmPMXkFEKnZNazHhFR8TbF2aFo/tZNomISQQYEQIACQUC QRJMYgIbDAAKCRAMhvzkdfhNm47MAKCpWFoPGRvXUR+TuI+KZrH0rWDrBQCfW8lR TX1wkGuZ1wwd4DG01fnTjJU= =ehyI -----END PGP PUBLIC KEY BLOCK----- __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com From dshaw at jabberwocky.com Fri Sep 17 14:24:40 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Fri Sep 17 14:21:40 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <200409170648.IAA00978@vulcan.xs4all.nl> References: <20040917003456.GB22509@jabberwocky.com> <200409170648.IAA00978@vulcan.xs4all.nl> Message-ID: <20040917122439.GC22509@jabberwocky.com> On Fri, Sep 17, 2004 at 08:48:21AM +0200, Johan Wevers wrote: > David Shaw wrote: > > >Why should he? In most of the world he can't even use IDEA legally > >without a licence. > > In most cases use will be non-commercial so there shouldn't be a problem. > In other cases I wouldn't care. I've never heard of Ascom-Tech suing > anyone for breach of the IDEA patent. Using something legally and using it hoping (or even expecting) not to be sued are not the same thing. ;) > >This isn't his problem (over 90% of the userbase). > >This is user A's problem (less than 10% of the userbase). > > You wrote these 90-10% numbers come from counting keys on a keyserver. > But I disagree with your assesment of the number of abandoned keys: > considering the use of pgp 2.x among people who are more knowledgeable > about encryption, I think there are relatively less abandoned keys among > those 10% than among the 90% v3 keys. Especially among the keys created > with all default parameters among those 90%. I would expect that the use of pgp 2.x would be less among those knowledgeable about encryption, given the list of problems (using MD5, small key sizes, fingerprint forgery, keyid forgery, etc), plus that it doesn't interoperate well with the rest of the world (encryption is great, but not if you can't actually use it to communicate) There are certainly a number of 2.x die-hards who simply will never change over, and that's fine for them, but that should not stop progress for everyone else. In any event, let's play with the numbers a bit. I misremembered the statistics when I wrote that email. It's actually *worse* for V3 keys: slightly over 95% for V4 keys and slightly under 5% for V3. Stats as of May 2002 (as per http://lists.alt.org/pipermail/pgp-keyserver-folk/2002-May/001853.html): V2 keys 18159 V3 keys 143068 V4 keys 3055126 These are stats from 2002, but I'd be pretty shocked to see that V3 keys grew at a faster rate than V4 between then and now. For the sake of argument, let's pretend the V2 keys are V3 keys. What percentage of the V3 keys do you think are still in use and not abandoned? What percentage of the V4 keys? It would have to be a pretty large percentage of V3 and a pretty small percentage of V4 to justify making rather significant changes to GnuPG. > >In any event, this is not a useful suggestion. When working on GnuPG, > >I have to follow the OpenPGP standard. > > But that doesn't prevent decrypting pgp 2.x messages. And I hope it stays > that way (since you fixed the error in 1.3.6 I hope it still is). IDEA often prevents decrypting a PGP 2.x message, but in any event, my comment was in regards to generating a message to more than one user. Decryption is not usually a problem (either it works or it doesn't - it does not harm other users in the process). My comment was that given a case of user A with PGP 2.x, and user B with anything else, there is effectively no way to encrypt that will definitely work for them both. The problem is this: PGP 2.x breaks on anything it doesn't understand. This includes an encrypted session key. Thus, given the case if user A has PGP 2.x and user B has anything else, if user B has an RSA encryption key, AND it is less than 2048 bits long, AND they have IDEA, then it is possible to encrypt to both. Anything else will break PGP 2.x. If all the OpenPGP users would agree to using <=2048 bit RSA keys and either buy IDEA, use it non-commercially, or use it illegally, then we'd be set. ;) Since there is (effectively) no way to generate a message that is usable for both users, this pretty much demands using two different messages, and encrypting twice, once for each user, and that is something that really belongs outside of GnuPG. > >There is absolutely no requirement in OpenPGP that a client supports IDEA, > >and therefore I cannot assume that a client supports it either. > > That is a very formal way of reasoning. Anything except 3DES is not > required, but that doesn't mean it can't be used. Now, if I were > advertising some obscure module noone uses except for testing (like the > Skipjack module), I would agree. But not in this case. IDEA is too much > used in the field to be simply ignored (and the GnuPG developers do > acknowledge that, otherwise there wouldn't be an IDEA module and all > this discussion). There are certainly other ciphers there, but OpenPGP has a preferences system to give guidance as to what ciphers are usable for a given key. This prevents one user from encrypting something in a way that the recipient cannot handle. Using a cipher (IDEA or otherwise) in violation of the preferences violates OpenPGP ("An implementation MUST NOT use a symmetric algorithm that is not in the recipient's preference list"). In any event, like I said, it's not just IDEA. It's RSA, it's key size, etc. David From amilivojevic at pbl.ca Fri Sep 17 16:05:13 2004 From: amilivojevic at pbl.ca (Aleksandar Milivojevic) Date: Fri Sep 17 15:59:49 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <20040917003456.GB22509@jabberwocky.com> References: <20040916193034.GC9802@jabberwocky.com> <200409162200.AAA00647@vulcan.xs4all.nl> <20040917003456.GB22509@jabberwocky.com> Message-ID: <414AEF19.7070900@pbl.ca> David Shaw wrote: > Why should he? In most of the world he can't even use IDEA legally > without a licence. This isn't his problem (over 90% of the userbase). > This is user A's problem (less than 10% of the userbase). Errr... You have a bug there. Consider following patch: --- foobar.orig 2004-09-17 09:01:37.513404000 -0500 +++ foobar 2004-09-17 09:01:20.946162000 -0500 @@ -1 +1 @@ -most_of_the_world == USA +most_of_the_world != USA -- Aleksandar Milivojevic Pollard Banknote Limited Systems Administrator 1499 Buffalo Place Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7 From amilivojevic at pbl.ca Fri Sep 17 18:54:12 2004 From: amilivojevic at pbl.ca (Aleksandar Milivojevic) Date: Fri Sep 17 18:48:51 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <20040917003456.GB22509@jabberwocky.com> References: <20040916193034.GC9802@jabberwocky.com> <200409162200.AAA00647@vulcan.xs4all.nl> <20040917003456.GB22509@jabberwocky.com> Message-ID: <414B16B4.7010308@pbl.ca> David Shaw wrote: > Why should he? In most of the world he can't even use IDEA legally > without a licence. This isn't his problem (over 90% of the userbase). > This is user A's problem (less than 10% of the userbase). My previous reply was kind of joke (to put a bit of humor into the discussion). However on the serious side, even if 90/10% figures are correct (let assume they are for the sake of discussion), percentage of users that have problem and might have use of such an option is higher. Since the option would be needed by users not using 2.x (as you named them "modern users"), statistically on average anybody who has 10 public keys (from 10 correspondents) on his keyring, should have one 2.x style key (one correspondent who belongs to "non-modern users"). Which means that (statistically) fair amount of those 90% modern users, will have at least one correspondent that belongs to 10% group, and his life would be much easier with such an option (having not to have to think should he just encrypt, or should he use special options to encrypt, it would just be done automatically for him, like in PGP 7.x or whatever is current version). Of course this is just my (biased) opinion, and if I'm the only one who thinks this way, its fine by me. > In any event, this is not a useful suggestion. When working on GnuPG, > I have to follow the OpenPGP standard. There is absolutely no > requirement in OpenPGP that a client supports IDEA, and therefore I > cannot assume that a client supports it either. It also says that implementation can support IDEA. So there's no requirement not to support it, or to assume that client doesn't support it if there are hints that it might support it. Something like approach commercial PGP took. But OK, GnuPG supports it by the means of an add-on module, so this is a bit of no relevance. I guess one day IDEA petent expires, it will become standard part of GnuPG (just like it happened with RSA). One additional argument might be that vast majority of people that are still using PGP 2.x generated keys, are using them to be able to communicate with people who still use PGP 2.x binaries. In which case they must have IDEA module for GnuPG installed. I've never revoked my PGP 2.x key because of this reason, but I prefer if people use my new V4 key. I would guess (and would be suprised if I'm wrong) that vast majority of people who don't have need for this backward compatibility with PGP 2.x have already generated (and are using) new V4 keys. If nothing else, they created new keys because back in 2.x days 768 bit was considered commercial grade, and 1024 was considered military grade, and (some) people were looking at folks using 2048 bit keys as they look today on those using 4096 bit keys. And remember, one of the menu options was 512 bit key (nobody is using those anymore, hopefully). They probably wouldn't mind if little inconvinience would force their correspondents to finally start using newer keys ;-) -- Aleksandar Milivojevic Pollard Banknote Limited Systems Administrator 1499 Buffalo Place Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7 From dshaw at jabberwocky.com Fri Sep 17 19:47:12 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Fri Sep 17 20:08:52 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <414AEF19.7070900@pbl.ca> References: <20040916193034.GC9802@jabberwocky.com> <200409162200.AAA00647@vulcan.xs4all.nl> <20040917003456.GB22509@jabberwocky.com> <414AEF19.7070900@pbl.ca> Message-ID: <20040917174712.GD22509@jabberwocky.com> On Fri, Sep 17, 2004 at 09:05:13AM -0500, Aleksandar Milivojevic wrote: > David Shaw wrote: > >Why should he? In most of the world he can't even use IDEA legally > >without a licence. This isn't his problem (over 90% of the userbase). > >This is user A's problem (less than 10% of the userbase). > > Errr... You have a bug there. Consider following patch: > > --- foobar.orig 2004-09-17 09:01:37.513404000 -0500 > +++ foobar 2004-09-17 09:01:20.946162000 -0500 > @@ -1 +1 @@ > -most_of_the_world == USA > +most_of_the_world != USA Actually, no. IDEA is patented in Austria, France, Germany, Italy, the Netherlands, Spain, Sweden, Switzerland, United Kingdom, Japan, and the USA. http://www.mediacrypt.com/_contents/10_idea/101030_ea_pi.asp David From jharris at widomaker.com Fri Sep 17 20:26:10 2004 From: jharris at widomaker.com (Jason Harris) Date: Fri Sep 17 20:22:59 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <20040917122439.GC22509@jabberwocky.com> References: <20040917003456.GB22509@jabberwocky.com> <200409170648.IAA00978@vulcan.xs4all.nl> <20040917122439.GC22509@jabberwocky.com> Message-ID: <20040917182610.GA11773@wilma.widomaker.com> On Fri, Sep 17, 2004 at 08:24:40AM -0400, David Shaw wrote: > In any event, let's play with the numbers a bit. I misremembered the > statistics when I wrote that email. It's actually *worse* for V3 > keys: slightly over 95% for V4 keys and slightly under 5% for V3. > > Stats as of May 2002 (as per > http://lists.alt.org/pipermail/pgp-keyserver-folk/2002-May/001853.html): > > V2 keys 18159 > V3 keys 143068 > V4 keys 3055126 > > These are stats from 2002, but I'd be pretty shocked to see that V3 > keys grew at a faster rate than V4 between then and now. I posted newer numbers to this list with these subjects: key count, 2004-03-01 key count, 2004-03-31 key count, 2004-07-06 (+ duplicates by short keyid) The 2004-07-06 numbers were 172293 v2/v3 pubkeys and 1856928 v4 pubkeys (with 1870716 subkeys) or 11066 new v2/v3 pubkeys v. 672518 new v4 keys (pubkeys and subkeys) from 2002-05-2x to 2004-07-06. -- Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it? jharris@widomaker.com _|_ web: http://keyserver.kjsl.com/~jharris/ Got photons? (TM), (C) 2004 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : /pipermail/attachments/20040917/4e027d6f/attachment.bin From amilivojevic at pbl.ca Fri Sep 17 21:01:53 2004 From: amilivojevic at pbl.ca (Aleksandar Milivojevic) Date: Fri Sep 17 20:56:28 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <20040917174712.GD22509@jabberwocky.com> References: <20040916193034.GC9802@jabberwocky.com> <200409162200.AAA00647@vulcan.xs4all.nl> <20040917003456.GB22509@jabberwocky.com> <414AEF19.7070900@pbl.ca> <20040917174712.GD22509@jabberwocky.com> Message-ID: <414B34A1.1000200@pbl.ca> David Shaw wrote: > On Fri, Sep 17, 2004 at 09:05:13AM -0500, Aleksandar Milivojevic wrote: > >>David Shaw wrote: >> >>>Why should he? In most of the world he can't even use IDEA legally >>>without a licence. This isn't his problem (over 90% of the userbase). >>>This is user A's problem (less than 10% of the userbase). >> >>Errr... You have a bug there. Consider following patch: >> >>--- foobar.orig 2004-09-17 09:01:37.513404000 -0500 >>+++ foobar 2004-09-17 09:01:20.946162000 -0500 >>@@ -1 +1 @@ >>-most_of_the_world == USA >>+most_of_the_world != USA > > > Actually, no. > > IDEA is patented in Austria, France, Germany, Italy, the Netherlands, > Spain, Sweden, Switzerland, United Kingdom, Japan, and the USA. > > http://www.mediacrypt.com/_contents/10_idea/101030_ea_pi.asp Than I guess the patch needs to be modified slightly. However it still doesn't account for most of the world. Good portion of Europe is not covered by patent, Japan is the only Asian country, and USA is the only country in both Americas. Africa and Australia are totaly unafected. And we should not forget Antarctica ;-) Haven't checked statistical data in a while (and my high school knowledge either faded away or become obsolete), but from back of my head, at least 5/6 of Earth's population is unaffected by IDEA patent. Hip hip hooray :-) -- Aleksandar Milivojevic Pollard Banknote Limited Systems Administrator 1499 Buffalo Place Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7 From dshaw at jabberwocky.com Fri Sep 17 21:13:21 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Fri Sep 17 21:10:21 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <20040917182610.GA11773@wilma.widomaker.com> References: <20040917003456.GB22509@jabberwocky.com> <200409170648.IAA00978@vulcan.xs4all.nl> <20040917122439.GC22509@jabberwocky.com> <20040917182610.GA11773@wilma.widomaker.com> Message-ID: <20040917191321.GE22509@jabberwocky.com> On Fri, Sep 17, 2004 at 02:26:10PM -0400, Jason Harris wrote: > On Fri, Sep 17, 2004 at 08:24:40AM -0400, David Shaw wrote: > > > In any event, let's play with the numbers a bit. I misremembered the > > statistics when I wrote that email. It's actually *worse* for V3 > > keys: slightly over 95% for V4 keys and slightly under 5% for V3. > > > > Stats as of May 2002 (as per > > http://lists.alt.org/pipermail/pgp-keyserver-folk/2002-May/001853.html): > > > > V2 keys 18159 > > V3 keys 143068 > > V4 keys 3055126 > > > > These are stats from 2002, but I'd be pretty shocked to see that V3 > > keys grew at a faster rate than V4 between then and now. > > I posted newer numbers to this list with these subjects: > > key count, 2004-03-01 > key count, 2004-03-31 > key count, 2004-07-06 (+ duplicates by short keyid) > > The 2004-07-06 numbers were 172293 v2/v3 pubkeys and 1856928 v4 pubkeys > (with 1870716 subkeys) or 11066 new v2/v3 pubkeys v. 672518 new v4 keys > (pubkeys and subkeys) from 2002-05-2x to 2004-07-06. Thanks Jason. This brings up a very good point. To be a completely fair comparison, we should compare V3 keys against V4 pubkeys (and not subkeys). Since V4 keys are usually 2 or more V4 keys together, this unfairly elevates the number of V4 keys. So, using Jason's numbers for 2004-07-06, 9% of the keys are v2/v3 and 91% of the keys are v4. David -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 251 bytes Desc: not available Url : /pipermail/attachments/20040917/50feb82c/attachment-0001.bin From a_moothedath at hotmail.com Fri Sep 17 23:56:11 2004 From: a_moothedath at hotmail.com (Arun Kumar Moothedath) Date: Sat Sep 18 00:03:32 2004 Subject: subsscribe Message-ID: From a_moothedath at hotmail.com Sat Sep 18 00:12:27 2004 From: a_moothedath at hotmail.com (Arun Kumar Moothedath) Date: Sat Sep 18 00:10:31 2004 Subject: Decrypt issue: Please enter name of data file ? Message-ID: I am trying to decrypt an encrypted file with following statement. gpg -o "D:\test\out\Test.xml" --passphrase-fd 2 2<"D:\test\passtest.txt" --decrypt "D:\VZ\test\Test.xml" It works fine for most of the files. Yesterday onwards I am getting an issue with some of the files. The message is Detached signature. Please enter name of data file: And it expects the file name as a user input. Why is it happening and what is the solution. Thanks Arun. From johanw at vulcan.xs4all.nl Mon Sep 20 00:31:09 2004 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Mon Sep 20 01:37:40 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <20040917174712.GD22509@jabberwocky.com> from David Shaw at "Sep 17, 2004 01:47:12 pm" Message-ID: <200409192231.AAA06652@vulcan.xs4all.nl> David Shaw wrote: >IDEA is patented in Austria, France, Germany, Italy, the Netherlands, >Spain, Sweden, Switzerland, United Kingdom, Japan, and the USA. That's strange, since you can't patent algorithms in The Netherlands unless they are part of a physical device, in which case the whole device is patented. I can only assume that noone even questioned that patent because noone here was ever sued for using IDEA. -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From johanw at vulcan.xs4all.nl Mon Sep 20 00:20:58 2004 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Mon Sep 20 01:37:45 2004 Subject: Compiled gnupg-1.2.6 Successful??? - Indeed In-Reply-To: <20040917110210.566.qmail@web52509.mail.yahoo.com> from Servie Platon at "Sep 17, 2004 04:02:10 am" Message-ID: <200409192220.AAA06598@vulcan.xs4all.nl> You, Servie Platon, wrote: >1. Yes, I have created a several key signatures in the >process and testing gnupg and following the >instructions on the manual. I'm not sure though if >simply deleting them off from my home directory would >solve the problem. If they are not on the keyserver it would. Then you can edit the key and delete those signatures. >2. How do I put my key on a keyserver like that of >verisign or other key servers out there? RTFM: gpg --send-keys, when you have a keyserver defined in gpg.conf. >3. This is somewhat related to number 2, from school, >our instructor mentioned that we can setup to be our >own private key server, hosting our own public keys, That's true. You can find the keyserver software somewhere (I don't have the URL ready at hand now), install it and run it. This does require a machine with permanent internet access to be usefull. >just like what you have right now. I don't run a keyserver. I just put those keys on my website as ASCII exported textfiles. >Is this true? If so, can I safely do this setup and >coincide with my apache server project of mine which >is for hosting my personal/family site? You can export the public keys and put them on a website. >we were strongly told from school that limiting >services running on your host box would definitely >limit the chances of getting compromised. That's true. If you run Apache on an always-on machine, I would check the securety patches for it frequently if I were you. >Do I have to allocate one box for this purpose or just >simply pasting my public keys on a public key server >would do the job? It would, that's what the keyservers are for. >$ gpg -armor --export servie_tech@yahoo.com. Then I >copy paste on this email message which gave me a >public key block. This will give you all keys with email servie_tech@yahoo.com in one block. If there are more keys with this email and you want to separate them you'll have to specify the keyID of fingerprint instead of the email address. -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From servie_tech at yahoo.com Mon Sep 20 02:04:00 2004 From: servie_tech at yahoo.com (Servie Platon) Date: Mon Sep 20 02:01:16 2004 Subject: Compiled gnupg-1.2.6 Successful??? - Indeed In-Reply-To: <200409192220.AAA06598@vulcan.xs4all.nl> Message-ID: <20040920000400.99021.qmail@web52504.mail.yahoo.com> Hi Mr. Wevers, Thanks a lot on enlightening me on certain issues about gnupg and its features. Again, thank you Sir. Sincerely, Servie --- Johan Wevers wrote: > You, Servie Platon, wrote: > > >1. Yes, I have created a several key signatures in > the > >process and testing gnupg and following the > >instructions on the manual. I'm not sure though if > >simply deleting them off from my home directory > would > >solve the problem. > > If they are not on the keyserver it would. Then you > can edit the > key and delete those signatures. > > >2. How do I put my key on a keyserver like that of > >verisign or other key servers out there? > > RTFM: gpg --send-keys, when you have a keyserver > defined > in gpg.conf. > > >3. This is somewhat related to number 2, from > school, > >our instructor mentioned that we can setup to be > our > >own private key server, hosting our own public > keys, > > That's true. You can find the keyserver software > somewhere (I don't > have the URL ready at hand now), install it and run > it. This does > require a machine with permanent internet access to > be usefull. > > >just like what you have right now. > > I don't run a keyserver. I just put those keys on my > website > as ASCII exported textfiles. > > >Is this true? If so, can I safely do this setup and > >coincide with my apache server project of mine > which > >is for hosting my personal/family site? > > You can export the public keys and put them on a > website. > > >we were strongly told from school that limiting > >services running on your host box would definitely > >limit the chances of getting compromised. > > That's true. If you run Apache on an always-on > machine, I would > check the securety patches for it frequently if I > were you. > > >Do I have to allocate one box for this purpose or > just > >simply pasting my public keys on a public key > server > >would do the job? > > It would, that's what the keyservers are for. > > >$ gpg -armor --export servie_tech@yahoo.com. Then I > >copy paste on this email message which gave me a > >public key block. > > This will give you all keys with email > servie_tech@yahoo.com in > one block. If there are more keys with this email > and you want > to separate them you'll have to specify the keyID of > fingerprint > instead of the email address. > > -- > ir. J.C.A. Wevers // Physics and science > fiction site: > johanw@vulcan.xs4all.nl // > http://www.xs4all.nl/~johanw/index.html > PGP/GPG public keys at > http://www.xs4all.nl/~johanw/pgpkeys.html > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > __________________________________ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail From dshaw at jabberwocky.com Mon Sep 20 03:52:05 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Mon Sep 20 03:49:02 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <200409192231.AAA06652@vulcan.xs4all.nl> References: <20040917174712.GD22509@jabberwocky.com> <200409192231.AAA06652@vulcan.xs4all.nl> Message-ID: <20040920015205.GA30135@jabberwocky.com> On Mon, Sep 20, 2004 at 12:31:09AM +0200, Johan Wevers wrote: > David Shaw wrote: > > >IDEA is patented in Austria, France, Germany, Italy, the Netherlands, > >Spain, Sweden, Switzerland, United Kingdom, Japan, and the USA. > > That's strange, since you can't patent algorithms in The Netherlands > unless they are part of a physical device, in which case the whole device > is patented. I can only assume that noone even questioned that patent > because noone here was ever sued for using IDEA. I don't know. I got the patent list from http://www.mediacrypt.com/_contents/10_idea/101030_ea_pi.asp I assume they are claiming something that is true, but I'm certainly not a patent lawyer. The FAQ on that site is interesting though. It's a little misleading with regards to GnuPG. David -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 251 bytes Desc: not available Url : /pipermail/attachments/20040919/541846c4/attachment.bin From m at tthias.net Mon Sep 20 09:06:18 2004 From: m at tthias.net (Matthias Wimmer) Date: Mon Sep 20 09:02:58 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <200409192231.AAA06652@vulcan.xs4all.nl> References: <20040917174712.GD22509@jabberwocky.com> <200409192231.AAA06652@vulcan.xs4all.nl> Message-ID: <20040920070617.GA811@herbert.nsu.wimmer.be> Hi Johan! Johan Wevers schrieb am 2004-09-20 00:31:09: > >IDEA is patented in Austria, France, Germany, Italy, the Netherlands, > >Spain, Sweden, Switzerland, United Kingdom, Japan, and the USA. > That's strange, since you can't patent algorithms in The Netherlands > unless they are part of a physical device, in which case the whole device > is patented. I can only assume that noone even questioned that patent > because noone here was ever sued for using IDEA. Same for Germany ... software patents are not (yet?) introduced in Germany, but still the patent office is accepting software patents. Tot kijk Matthias -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : /pipermail/attachments/20040920/e6264b3e/attachment.bin From wk at gnupg.org Mon Sep 20 10:50:03 2004 From: wk at gnupg.org (Werner Koch) Date: Mon Sep 20 10:49:02 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <200409192231.AAA06652@vulcan.xs4all.nl> (Johan Wevers's message of "Mon, 20 Sep 2004 00:31:09 +0200 (MET DST)") References: <200409192231.AAA06652@vulcan.xs4all.nl> Message-ID: <873c1d729w.fsf@wheatstone.g10code.de> On Mon, 20 Sep 2004 00:31:09 +0200 (MET DST), Johan Wevers said: > That's strange, since you can't patent algorithms in The Netherlands > unless they are part of a physical device, in which case the whole device Despite the fact that patents on software are still illegal in the EU, a lot of them have been granted and it is not easy to overturn them because the lower patent courts are more or less departments of the PO. Then there seems to be some special agreement between Switzerland and the EU for cross-acknowledging their patents which further complicates the thing. Anyway, Ascom/Mediacrypt spreaded enough FUD so that anyone considering the use the PGP 2 mostly kept on working in the clear. OpenPGP solved this problem 6 years ago. BTW, when requiring full PGP2 compatibility you are also bound to the MD5 hash algorithm which shows more an more weaknesses. Its really time to say goodbye to MD5 and PGP2. Werner From Bernhard.Walle at gmx.de Mon Sep 20 10:59:55 2004 From: Bernhard.Walle at gmx.de (Bernhard Walle) Date: Mon Sep 20 10:56:36 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <200409192231.AAA06652@vulcan.xs4all.nl> References: <20040917174712.GD22509@jabberwocky.com> <200409192231.AAA06652@vulcan.xs4all.nl> Message-ID: <20040920085955.GA2336@mail1.bwalle.de> * Johan Wevers [2004-09-20 00:31]: > David Shaw wrote: > > >IDEA is patented in Austria, France, Germany, Italy, the Netherlands, > >Spain, Sweden, Switzerland, United Kingdom, Japan, and the USA. > > That's strange, since you can't patent algorithms in The Netherlands > unless they are part of a physical device, in which case the whole device > is patented. I can only assume that noone even questioned that patent > because noone here was ever sued for using IDEA. same in Germany, the reason is following: IDEA is patended in Switzerland as European patent, so it's valid in Germany and the Netherlands, too. Gru?, Bernhard -- Es gibt viel zu tun - schnell weg! -- Peter E. Schumacher -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20040920/766f8706/attachment.bin From amilivojevic at pbl.ca Mon Sep 20 16:01:21 2004 From: amilivojevic at pbl.ca (Aleksandar Milivojevic) Date: Mon Sep 20 15:55:41 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <873c1d729w.fsf@wheatstone.g10code.de> References: <200409192231.AAA06652@vulcan.xs4all.nl> <873c1d729w.fsf@wheatstone.g10code.de> Message-ID: <414EE2B1.7080207@pbl.ca> Werner Koch wrote: > BTW, when requiring full PGP2 compatibility you are also bound to > the MD5 hash algorithm which shows more an more weaknesses. Its > really time to say goodbye to MD5 and PGP2. I totally agree. But I can't influence what others are using. -- Aleksandar Milivojevic Pollard Banknote Limited Systems Administrator 1499 Buffalo Place Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7 From amilivojevic at pbl.ca Mon Sep 20 16:14:45 2004 From: amilivojevic at pbl.ca (Aleksandar Milivojevic) Date: Mon Sep 20 16:09:02 2004 Subject: Detecting PGP 2.6.x keys In-Reply-To: <200409192231.AAA06652@vulcan.xs4all.nl> References: <200409192231.AAA06652@vulcan.xs4all.nl> Message-ID: <414EE5D5.90408@pbl.ca> Johan Wevers wrote: > That's strange, since you can't patent algorithms in The Netherlands > unless they are part of a physical device, in which case the whole device > is patented. I can only assume that noone even questioned that patent > because noone here was ever sued for using IDEA. It's the same as with all other questionable patents. Nobody is going to court to sue you as long as there is (much) more to loose than to gain. Translated, until there's a big corporation somewhere in affected European countries starting to use IDEA without paying patent rights, Mediacrypt will be quiet. -- Aleksandar Milivojevic Pollard Banknote Limited Systems Administrator 1499 Buffalo Place Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7 From jharris at widomaker.com Tue Sep 21 02:26:16 2004 From: jharris at widomaker.com (Jason Harris) Date: Tue Sep 21 02:23:10 2004 Subject: new (2004-09-19) keyanalyze results (+sigcheck) Message-ID: <20040921002615.GA1723@wilma.widomaker.com> New keyanalyze results are available at: http://keyserver.kjsl.com/~jharris/ka/2004-09-19/ Signatures are now being checked using keyanalyze+sigcheck: http://dtype.org/~aaronl/ Earlier reports are also available, for comparison: http://keyserver.kjsl.com/~jharris/ka/ Even earlier monthly reports are at: http://dtype.org/keyanalyze/ SHA-1 hashes and sizes for all the "permanent" files: fc9a6a57184f34e953712b221c80441dfeb4d653 10394766 preprocess.keys e75f86dfa23c82b0d099643320ea56e23e291e00 6830489 othersets.txt e6b7ddf6d1ccb2b0dfd83e163135d5d68a385b59 2687802 msd-sorted.txt b0f152cbac2bff77aeed70a933fec6d7ac3e7b71 1484 index.html 1fdb85d4bd7c50f5abdba3487159a85b1d60b1d7 2289 keyring_stats 53e950f86269496542c7f0e847455c2b602ed391 1056211 msd-sorted.txt.bz2 932c6871bc24a973ee6d312320f21012c96ae661 26 other.txt 5d02b7452f3bb0606827da00245362488bb2dde3 1458861 othersets.txt.bz2 7231244a4f38c4fceb5444578fea2a805b228f31 4218228 preprocess.keys.bz2 b3b40518de0508d6d799167d1e1a2cb0d9bf3d0d 10286 status.txt a5933b66fa4e723e0a93558ccffde7179e8dbbe2 211460 top1000table.html b1902feb2471500730e0813c9b2ea99792e790d9 30439 top1000table.html.gz f0c1420e732514f863211382d166ed9a4ddf7a8e 10985 top50table.html b640cfc7de23a0b42b5068b749f8fbbc3c0a80e0 2579 D3/D39DA0E3 -- Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it? jharris@widomaker.com _|_ web: http://keyserver.kjsl.com/~jharris/ Got photons? (TM), (C) 2004 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : /pipermail/attachments/20040920/c6c78ada/attachment.bin From pt at radvis.nu Tue Sep 21 21:38:26 2004 From: pt at radvis.nu (Per Tunedal Casual) Date: Tue Sep 21 21:33:42 2004 Subject: Weaknesses in SHA-1 Message-ID: <6.1.2.0.2.20040921212812.0381ad20@localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, Bruce Schneier anounced in the latest CRYPTOGRM, September 15, 2004 that: " At the CRYPTO conference in Santa Barbara, CA, last month, researchers announced several weaknesses in common hash functions. - --- snipped __ this year, Eli Biham and Rafi Chen, and separately Antoine Joux, announced some pretty impressive cryptographic results against MD5 and SHA. Collisions have been demonstrated in SHA. And there are rumors, unconfirmed at this writing, of results against SHA-1." He advices people to use the longer SHA-hashes until a new better hash is invented. He suggests a HASH-contest like the AES-process to get a new hash. Per Tunedal Keyid: 0xAE053BE0 Fingerprint: D70D 9057 A985 4944 2191 995A 2D74 F09D AE05 3BE0 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (MingW32) iD8DBQFBUIMaaDDfzFT+2PIRAnxSAJ0ZRBEy72L7EGk3tcvotM5stoE6jACgjHj7 IQCEex+y9npAtEuX5jLNjek= =9Yw+ -----END PGP SIGNATURE----- From dlc at sevenroot.org Tue Sep 21 22:06:47 2004 From: dlc at sevenroot.org (Darren Chamberlain) Date: Tue Sep 21 22:04:04 2004 Subject: Weaknesses in SHA-1 In-Reply-To: <6.1.2.0.2.20040921212812.0381ad20@localhost> References: <6.1.2.0.2.20040921212812.0381ad20@localhost> Message-ID: <5a253182-0c04-4798-9926-80d24246d189@dulcinea.boston.com> * Per Tunedal Casual [2004/09/21 21:38]: > Bruce Schneier anounced in the latest CRYPTOGRM, September 15, 2004 > that: , for those who don't read CRYPTOGRAM. > He advices people to use the longer SHA-hashes until a new better hash > is invented. He suggests a HASH-contest like the AES-process to get a > new hash. This might be a good time for someone to point to a handy guide showing which hash functions are supported by GnuPG and PGP. Does anyone have one lying around? (darren) -- When it is dark enough, you can see the stars. -- Ralph Waldo Emerson -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20040921/ff5d727a/attachment.bin From dshaw at jabberwocky.com Tue Sep 21 23:58:17 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Tue Sep 21 23:55:16 2004 Subject: Weaknesses in SHA-1 In-Reply-To: <5a253182-0c04-4798-9926-80d24246d189@dulcinea.boston.com> References: <6.1.2.0.2.20040921212812.0381ad20@localhost> <5a253182-0c04-4798-9926-80d24246d189@dulcinea.boston.com> Message-ID: <20040921215817.GF16846@jabberwocky.com> On Tue, Sep 21, 2004 at 04:06:47PM -0400, Darren Chamberlain wrote: > * Per Tunedal Casual [2004/09/21 21:38]: > > Bruce Schneier anounced in the latest CRYPTOGRM, September 15, 2004 > > that: > > , for those who don't > read CRYPTOGRAM. > > > He advices people to use the longer SHA-hashes until a new better hash > > is invented. He suggests a HASH-contest like the AES-process to get a > > new hash. > > This might be a good time for someone to point to a handy guide showing > which hash functions are supported by GnuPG and PGP. Does anyone have > one lying around? gpg --version In 1.2.x, GnuPG supports MD5, SHA1, and RIPEMD160. It also supports SHA256 read-only (you can verify existing signatures made with SHA256, but not make new ones). If you compile it with the right options, you can get SHA384 and SHA512 read-only. TIGER192 is allowed, but discouraged. In 1.4, GnuPG will suppports MD5, SHA1, RIPEMD160, and SHA256. It will support SHA384 and SHA512 read-only. TIGER192 is removed. David From atom at suspicious.org Wed Sep 22 01:25:20 2004 From: atom at suspicious.org (Atom 'Smasher') Date: Wed Sep 22 01:22:16 2004 Subject: Weaknesses in SHA-1 In-Reply-To: <20040921215817.GF16846@jabberwocky.com> References: <6.1.2.0.2.20040921212812.0381ad20@localhost> <5a253182-0c04-4798-9926-80d24246d189@dulcinea.boston.com> <20040921215817.GF16846@jabberwocky.com> Message-ID: <20040921190639.I344@willy_wonka> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 it's unfortunate that this thread is "Weaknesses in SHA-1". it really should be "rumored Weaknesses in SHA-1". (never mind that i sign with SHA-256) SHA-1 has been subject to much more critical analysis than the larger SHA variants, and for that reason it can be considered more secure. since most people are using DSA (really DSS) signatures, most people are stuck with a 160 bit hash for signatures. the only common 160 bit hash that's generally considered to be comparable to SHA-1's security is RIPEMD-160. gpg 1.2 fully supports RIPEMD-160 and i don't think it's going away anytime soon... and it works with DSA (DSS) signatures. if you're concerned about SHA-1, just add this to your gpg.Cong: ## this creates RIPEMD-160 data signatures digest-algo RIPEMD160 ## this creates RIPEMD-160 key signatures cert-digest-algo RIPEMD160 ...atom _________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 ------------------------------------------------- "Generally, news reporting and punditry are respectful of the rich and disdainful of the poor." -- Syndicated columnist Norman Solomon -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures iQEcBAEBCAAGBQJBULhmAAoJEAx/d+cTpVcixhgIAJ+2q3m89vT/8xAG2wv7QUah 8tkIaAeiFvrp+oZBti58loh5PMUyZCedNg8NPK8sz49D1vdiYJPzigoAal9sfw9H NvkTJw2FxcvQ1K4c0ffBdlqVRU5/edAvsi8Y2BLliBCN/cxbsKUbLk0pduKsL1SL bfoiWIsasNwtruDNYWktIAHvGnbPhCwFgIPB8bMQycoVix3jpWlX3eh4zHwSfFHH GlaN7djKPj2U+efRzWV3IgXBao5NZDUM2cikJSOyFv/WrrSy1p7BGLZJg73PWvYL I1oh16K1OGPkeKVCQvEXO1UlWWW4Uv7xOsdGCOkwTPUqJ8H+ucHc7Xu5BLVgeUU= =LPq2 -----END PGP SIGNATURE----- From dshaw at jabberwocky.com Wed Sep 22 04:14:46 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Wed Sep 22 04:11:44 2004 Subject: Weaknesses in SHA-1 In-Reply-To: <20040921190639.I344@willy_wonka> References: <6.1.2.0.2.20040921212812.0381ad20@localhost> <5a253182-0c04-4798-9926-80d24246d189@dulcinea.boston.com> <20040921215817.GF16846@jabberwocky.com> <20040921190639.I344@willy_wonka> Message-ID: <20040922021446.GA20646@jabberwocky.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, Sep 21, 2004 at 07:25:20PM -0400, Atom 'Smasher' wrote: > it's unfortunate that this thread is "Weaknesses in SHA-1". it really > should be "rumored Weaknesses in SHA-1". > > (never mind that i sign with SHA-256) SHA-1 has been subject to much more > critical analysis than the larger SHA variants, and for that reason it can > be considered more secure. > > since most people are using DSA (really DSS) signatures, most people are > stuck with a 160 bit hash for signatures. the only common 160 bit hash > that's generally considered to be comparable to SHA-1's security is > RIPEMD-160. gpg 1.2 fully supports RIPEMD-160 and i don't think it's going > away anytime soon... and it works with DSA (DSS) signatures. if you're > concerned about SHA-1, just add this to your gpg.Cong: Keep in mind that the argument against SHA256 that it hasn't been analyzed as much as SHA-1 also applies to RIPEMD-160 (though to less of a degree than SHA256). > ## this creates RIPEMD-160 data signatures > digest-algo RIPEMD160 > > ## this creates RIPEMD-160 key signatures > cert-digest-algo RIPEMD160 I recommend against this. SHA-1 is not, repeat, not broken. We should not run around switching hashes willy-nilly because of a rumor. If someone manages to make actual progress against SHA-1, it'll be major news. Avoiding the use of SHA-1 in OpenPGP is somewhat silly since many major parts of the standard (like fingerprints) use SHA-1 only. David -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.90-cvs (GNU/Linux) iGoEARECACoFAkFQ4BYjGGh0dHA6Ly93d3cuamFiYmVyd29ja3kuY29tL2tleS5h c2MACgkQ4mZch0nhy8kApgCePcHQH0FnjqxQHfWXm4vAOMIDXIcAoJT+XYaOz7ja uJj7X+aA+S9sBkoe =w/Sg -----END PGP SIGNATURE----- From estafford at pixelengineers.com Tue Sep 21 03:08:38 2004 From: estafford at pixelengineers.com (Ed Stafford) Date: Wed Sep 22 20:05:22 2004 Subject: having trouble with encrypted mail - thunderbird, enigmail, gnupg Message-ID: <414F7F16.1040501@pixelengineers.com> I am new to PGP and GNUPG. Can anyone tell me how to decrypt/read encrypted email messages. I have two mail addresses that I am experimenting with on seperate computers. I have created a key for each address and exported public keys that were then exchanged, imported and signed. Then I tried sending signed mail using the recipients pub key...That worked fine But if I encrypt it with the recipients pub key, I cannot read or decrypt it using the recipient email account on the other computer. I can read signed mail with success, but trying to decrypt encrypted mail returns an error that there is no secret key available. I have not found any information on the web to help me. From asj at ipa.net Wed Sep 22 05:01:05 2004 From: asj at ipa.net (Alan S. Jones) Date: Wed Sep 22 20:05:30 2004 Subject: Weaknesses in SHA-1 Message-ID: <3.0.5.32.20040921220105.01a10f40@popc.ipa.net> I would be curious if anyone knows what the commercial PGP app supports also for a good comparison. I think it would be helpful not just for rumored weaknesses, but for over all compatibility knowledge. Maybe an ongoing table we could keep current. I know t hat SHA-1 has been analyzed more then SHA256, SHA384, or SHA512 thus could actually be stronger. However why not let people create keys with those algorithms also in 1.4? On a side note I know that the 1.3.x series will become the new stable 1.4. However I was wondering when we would see the first builds that actually said 1.4 come along? I figure we will see a much more use of that build series when it actually says 1.4. Alan > >gpg --version > >In 1.2.x, GnuPG supports MD5, SHA1, and RIPEMD160. It also supports >SHA256 read-only (you can verify existing signatures made with SHA256, >but not make new ones). If you compile it with the right options, you >can get SHA384 and SHA512 read-only. TIGER192 is allowed, but >discouraged. > >In 1.4, GnuPG will suppports MD5, SHA1, RIPEMD160, and SHA256. It >will support SHA384 and SHA512 read-only. TIGER192 is removed. > >David -- Alan S. Jones asj@ipa.net http://users.ipa.net/~asj From linux at codehelp.co.uk Wed Sep 22 20:46:20 2004 From: linux at codehelp.co.uk (Neil Williams) Date: Wed Sep 22 20:42:27 2004 Subject: having trouble with encrypted mail - thunderbird, enigmail, gnupg In-Reply-To: <414F7F16.1040501@pixelengineers.com> References: <414F7F16.1040501@pixelengineers.com> Message-ID: <200409221946.27825.linux@codehelp.co.uk> On Tuesday 21 September 2004 2:08 am, Ed Stafford wrote: > Can anyone tell me how to decrypt/read encrypted email messages. You need the secret key on the same machine - not just the public key. http://www.dclug.org.uk/linux_doc/startgnupg.html#twokeys > I have two mail addresses that I am experimenting with on seperate > computers. > I have created a key for each address and exported public keys that > were then exchanged, imported and signed. Both computers (in your case) need at least one secret key and BOTH public keys. gpg --export-secret-keys gpg --export only exports the public key, therefore there's only the public key to import. Did you generate both keys on the same computer? > Then I tried sending signed mail using the recipients pub key...That > worked fine > But if I encrypt it with the recipients pub key, I cannot read or > decrypt it using the recipient email account on the other computer. > > I can read signed mail with success, but trying to decrypt encrypted Reading signed email only needs the public key. Decryption always requires the secret key. > mail returns an error that there is no secret key available. Probably because it's on the other machine. Run this on both machines: gpg --list-secret-keys > I have not found any information on the web to help me. It's there, you just didn't realise it. Also, make sure you really are encrypting to the correct key - try it on the command line by specifying the other key using -r 'man gpg' should sort out the rest of your queries. -- Neil Williams ============= http://www.codehelp.co.uk/ http://www.dclug.org.uk/ http://www.isbn.org.uk/ http://sourceforge.net/projects/isbnsearch/ http://www.biglumber.com/x/web?qs=0x8801094A28BCB3E3 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20040922/3848206d/attachment.bin From ajgpgml at tesla.inka.de Wed Sep 22 21:08:06 2004 From: ajgpgml at tesla.inka.de (Andreas John) Date: Wed Sep 22 21:20:25 2004 Subject: Ignore use of "--keyring" in options-file Message-ID: <000201c4a0d9$cf4b9140$5dace4d9@tesla> Hi! I have a setup with multiple keyrings, all added automatically by my standard options-file "gpg.conf". Now I've looked for something similar to "--no-default-keyring" which also ignores the other "default"-Keyrings of my options-file, but there seems to be nothing like this. Any chance this will be implemented? (Or have I overseen it? And no, I'd dislike to use a modified gpg.conf in parallel, or remember what was important and use --no-options). Bye! From dshaw at jabberwocky.com Wed Sep 22 21:30:58 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Wed Sep 22 21:27:46 2004 Subject: Ignore use of "--keyring" in options-file In-Reply-To: <000201c4a0d9$cf4b9140$5dace4d9@tesla> References: <000201c4a0d9$cf4b9140$5dace4d9@tesla> Message-ID: <20040922193058.GA31315@jabberwocky.com> On Wed, Sep 22, 2004 at 09:08:06PM +0200, Andreas John wrote: > Hi! > > I have a setup with multiple keyrings, all added automatically by my > standard options-file "gpg.conf". Now I've looked for something > similar to "--no-default-keyring" which also ignores the other > "default"-Keyrings of my options-file, but there seems to be nothing > like this. A possibly silly question - if you don't want all those keyrings defined, why add them in the first place? David From JPClizbe at comcast.net Wed Sep 22 23:44:09 2004 From: JPClizbe at comcast.net (John Clizbe) Date: Wed Sep 22 23:41:20 2004 Subject: having trouble with encrypted mail - thunderbird, enigmail, gnupg In-Reply-To: <414F7F16.1040501@pixelengineers.com> References: <414F7F16.1040501@pixelengineers.com> Message-ID: <4151F229.1010503@comcast.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ed Stafford wrote: > I am new to PGP and GNUPG. > Can anyone tell me how to decrypt/read encrypted email messages. > I have two mail addresses that I am experimenting with on seperate > computers. > I have created a key for each address and exported public keys that > were then exchanged, imported and signed. > > Then I tried sending signed mail using the recipients pub key...That > worked fine Signing uses YOUR private key. Just like decrypting messagess sent to you. > But if I encrypt it with the recipients pub key, I cannot read or > decrypt it using the recipient email account on the other computer. > > I can read signed mail with success, but trying to decrypt encrypted > mail returns an error that there is no secret key available. > I have not found any information on the web to help me. When you exported keys, did you export the secret keys also? Are the trust settings correct on all the secret keys? This sounds like a problem with your GnuPG keyrings rather than anything dealing with Enigmail and Thunderbird. But there is also an Enigmail list, Enigmail@mozdev.org. Subscription info @ http://mozdev.org/mailman/listinfo/enigmail - -- John P. Clizbe Inet: JPClizbe(a)comcast DOT nyet Golden Bear Networks PGP/GPG KeyID: 0x608D2A10 "Our enemies are innovative and resourceful, and so are we. They never stop thinking about new ways to harm our country and our people, and neither do we." - Dumbya explaining his administration 5-Aug-2004 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (Windows 2000 SP4) Comment: When cryptography is outlawed, b25seSBvdXRsYXdzIHdpbGwgdXNlIG Comment: Annoy John Asscraft -- Use Strong Encryption. Comment: It's YOUR right - for the time being. Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFBUfInHQSsSmCNKhARAnKXAKDrpfS2mFRgVRsKDXFjI3jUcyv8twCdEwxl 4xICbrZ9+GYJ5LXudTr450M= =h+1h -----END PGP SIGNATURE----- From amilivojevic at pbl.ca Thu Sep 23 15:59:40 2004 From: amilivojevic at pbl.ca (Aleksandar Milivojevic) Date: Thu Sep 23 15:53:40 2004 Subject: having trouble with encrypted mail - thunderbird, enigmail, gnupg In-Reply-To: <414F7F16.1040501@pixelengineers.com> References: <414F7F16.1040501@pixelengineers.com> Message-ID: <4152D6CC.7090007@pbl.ca> Ed Stafford wrote: > I can read signed mail with success, but trying to decrypt encrypted > mail returns an error that there is no secret key available. > I have not found any information on the web to help me. Have you checked that you have correct secret keys installed on both computers? Have you checked that you encrypted with correct public key? You need public keys A and B on both computers, secret key A on coputer A, and secret key B on computer B. Than on computer A you encrypt with public key B, and on computer B you decrypt with secret key B. You can check what secret keys are installed with gpg --list-secret-keys. You might also want to check trust relationships. If you were exporting/importing keys, you might need to set trust manually using gpg --edit-key keyid, you usually want to set your private/secret keypair to be ultimately trusted. Trust is not exported/imported with a key. -- Aleksandar Milivojevic Pollard Banknote Limited Systems Administrator 1499 Buffalo Place Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7 From jharris at widomaker.com Thu Sep 23 19:52:36 2004 From: jharris at widomaker.com (Jason Harris) Date: Thu Sep 23 19:49:39 2004 Subject: GnuPG error message when connecting keyserver In-Reply-To: <20040923144918.GA8114@jabberwocky.com> References: <0950403.20040923154900@compuserve.com> <20040923144918.GA8114@jabberwocky.com> Message-ID: <20040923175235.GE1723@wilma.widomaker.com> On Thu, Sep 23, 2004 at 10:49:18AM -0400, David Shaw wrote: > On Thu, Sep 23, 2004 at 03:49:00PM +0200, Martin Schoch wrote: > > keyserver ldap://pgp.surfnet.nl:11370 > > Getting key(s) 0xCFED3275 from server ldap://pgp.surfnet.nl:11370 . . . > > > > gpgkeys: internal LDAP bind error: Nicht verf?gbar > > gpg: no valid OpenPGP data found. > > gpg: Total number processed: 0 > > > > Or is this keyserver down? > > Yep. ["No, Elvis isn't dead..." :)] This wasn't announced anywhere (that I'm aware of), unfortunately, but pgp.surfnet.nl now points to minsky.surfnet.nl, the site of the new SKS keyserver, instead of horowitz.surfnet.nl, the site of the well-known pks and LDAP keyservers. Also, everyone who uses/prefers LDAP, please make it a point to submit your keys to ldap://horowitz.surfnet.nl:11370, which is synchronized with other public keyservers. ldap://keyserver.pgp.com has not shared keys with other keyservers for a long time now. -- Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it? jharris@widomaker.com _|_ web: http://keyserver.kjsl.com/~jharris/ Got photons? (TM), (C) 2004 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : /pipermail/attachments/20040923/804edc87/attachment.bin From pt at radvis.nu Fri Sep 24 06:55:24 2004 From: pt at radvis.nu (Per Tunedal Casual) Date: Fri Sep 24 06:50:33 2004 Subject: Weaknesses in SHA-1 In-Reply-To: <20040922021446.GA20646@jabberwocky.com> References: <6.1.2.0.2.20040921212812.0381ad20@localhost> <5a253182-0c04-4798-9926-80d24246d189@dulcinea.boston.com> <20040921215817.GF16846@jabberwocky.com> <20040921190639.I344@willy_wonka> <20040922021446.GA20646@jabberwocky.com> Message-ID: <6.1.2.0.2.20040924064158.02d0fd98@localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 04:14 2004-09-22, you wrote: > >On Tue, Sep 21, 2004 at 07:25:20PM -0400, Atom 'Smasher' wrote: >> it's unfortunate that this thread is "Weaknesses in SHA-1". it >> really >> should be "rumored Weaknesses in SHA-1". >> >> (never mind that i sign with SHA-256) SHA-1 has been subject to >> much more >> critical analysis than the larger SHA variants, and for that reason >> it can >> be considered more secure. >> - --- snip > >Keep in mind that the argument against SHA256 that it hasn't been >analyzed as much as SHA-1 also applies to RIPEMD-160 (though to less >of a degree than SHA256). > - ---- snip > > ... SHA-1 is not, repeat, not broken. We >should not run around switching hashes willy-nilly because of a >rumor. >If someone manages to make actual progress against SHA-1, it'll be >major news. > >Avoiding the use of SHA-1 in OpenPGP is somewhat silly since many >major parts of the standard (like fingerprints) use SHA-1 only. > >David I started this thread because I recalled that someone had written that the longer SHA-variants was new hashes, rather than just longer SHA-1 and thus not well studied. It surprised me that Bruce Schneier recommended the new variants without any comments. I read somewhere that the longer variants even differ in design mutually: the SHA256 is different from the longer variants. Someone with some encryption knowledge would better send Bruce Schneier a comment to his article. Per Tunedal -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (MingW32) iD8DBQFBU6iraDDfzFT+2PIRAhYRAJ9A3MaAVc+bxg+mAb4rrCjTyxbXpgCeMcqQ SQ7mPUhNPRNQC4RN/PF77a0= =V2uk -----END PGP SIGNATURE----- From jleejj at yahoo.com Fri Sep 24 09:47:42 2004 From: jleejj at yahoo.com (Lee Johnson) Date: Fri Sep 24 09:44:48 2004 Subject: gpg 1.2.6 fails to create ~/.gnupg on Solaris Message-ID: <20040924074742.10424.qmail@web51407.mail.yahoo.com> Hello: I have just installed GPG 1.2.6 in a Solaris (5.8) environment using GCC 2.95.3. I ran into only one problem during the compile (a "Bus Error" message on every invocation that went away when I took out the --enable-m-guard option). However, gpg fails to create a ~/.gnupg directory for users. It lists off a few errors about failing to create temporary files and then terminates on any command that would write to the directory (like gen-key). If I create the directory manually everything seems to be fine. Now, I know GPG creates the directory automatically in Linux, so why the difference? Is this a known issue with GPG on Solaris, or could other things also be wrong with my install? (Creating ~/.gnupg is not the issue ... the issue is that I now do not trust my install to function properly.) Thanks _______________________________ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com From nouak at zeitform.de Fri Sep 24 10:39:31 2004 From: nouak at zeitform.de (Alexander Nouak) Date: Fri Sep 24 10:36:16 2004 Subject: gpg 1.2.6 fails to create ~/.gnupg on Solaris In-Reply-To: <20040924074742.10424.qmail@web51407.mail.yahoo.com> References: <20040924074742.10424.qmail@web51407.mail.yahoo.com> Message-ID: <416675E6-0E05-11D9-BBD9-000A959B30CC@zeitform.de> Hi, this is IMHO a serious bug I reported weeks ago but never got confirmation from the developers whether They see this as a bug and whether or not they are working on a fix. Meanwhile you need to create the ~/.gnupg directory yourself. Then change to the directory of the source and copy g10/options.skel to ~/.gnupg/gpg.conf You might want to delete the first three lines of the gpg.conf, so open the file in a text editor and remove them. Now you're done. At the next start of gpg the necessary keyfiles should be created. Servus Alexander Project admin of MacGPG see http://macgpg.sf.net Am 24.09.2004 um 9:47 Uhr schrieb Lee Johnson: > Hello: > > I have just installed GPG 1.2.6 in a Solaris (5.8) environment using > GCC > 2.95.3. I ran into only one problem during the compile (a "Bus Error" > message on every invocation that went away when I took out the > --enable-m-guard option). > > However, gpg fails to create a ~/.gnupg directory for users. It lists > off > a few errors about failing to create temporary files and then > terminates > on any command that would write to the directory (like gen-key). If I > create the directory manually everything seems to be fine. Now, I know > GPG creates the directory automatically in Linux, so why the > difference? > Is this a known issue with GPG on Solaris, or could other things also > be > wrong with my install? > > (Creating ~/.gnupg is not the issue ... the issue is that I now do not > trust my install to function properly.) > > Thanks > > > > _______________________________ > Do you Yahoo!? > Declare Yourself - Register online to vote today! > http://vote.yahoo.com > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > -------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 241 bytes Desc: Signierter Teil der Nachricht Url : /pipermail/attachments/20040924/1c6858f0/PGP-0001.bin From ml at bitfalle.org Fri Sep 24 11:21:16 2004 From: ml at bitfalle.org (markus reichelt) Date: Fri Sep 24 11:15:47 2004 Subject: Weaknesses in SHA-1 In-Reply-To: <6.1.2.0.2.20040924064158.02d0fd98@localhost> References: <6.1.2.0.2.20040921212812.0381ad20@localhost> <5a253182-0c04-4798-9926-80d24246d189@dulcinea.boston.com> <20040921215817.GF16846@jabberwocky.com> <20040921190639.I344@willy_wonka> <20040922021446.GA20646@jabberwocky.com> <6.1.2.0.2.20040924064158.02d0fd98@localhost> Message-ID: <20040924092116.GA2574@dantooine> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Per Tunedal Casual wrote: > Someone with some encryption knowledge would better send Bruce > Schneier a comment to his article. why? he states: "To a user of cryptographic systems -- as I assume most readers are -- this news is important, but not particularly worrisome. MD5 and SHA aren't suddenly insecure. No one is going to be breaking digital signatures or reading encrypted messages anytime soon with these techniques. The electronic world is no less secure after these announcements than it was before." - -- Bastard Administrator in $hell -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFBU+cMLMyTO8Kj/uQRAgcXAJ9NoW672/65nPNzL0LDJvFzJ06jSwCfQMlk M7XSsCfN2+KiIYkGd187AD8= =g1q5 -----END PGP SIGNATURE----- From wk at gnupg.org Fri Sep 24 13:19:59 2004 From: wk at gnupg.org (Werner Koch) Date: Fri Sep 24 13:19:04 2004 Subject: gpg 1.2.6 fails to create ~/.gnupg on Solaris In-Reply-To: <20040924074742.10424.qmail@web51407.mail.yahoo.com> (Lee Johnson's message of "Fri, 24 Sep 2004 00:47:42 -0700 (PDT)") References: <20040924074742.10424.qmail@web51407.mail.yahoo.com> Message-ID: <87r7orrk0w.fsf@wheatstone.g10code.de> On Fri, 24 Sep 2004 00:47:42 -0700 (PDT), Lee Johnson said: > Hello: > I have just installed GPG 1.2.6 in a Solaris (5.8) environment using GCC > 2.95.3. I ran into only one problem during the compile (a "Bus Error" > message on every invocation that went away when I took out the > --enable-m-guard option). > However, gpg fails to create a ~/.gnupg directory for users. It lists off > a few errors about failing to create temporary files and then terminates This is a known problem. 2004-08-31 Werner Koch * keydb.c (maybe_create_keyring): Try to create the home directory before acquiring a lock for the keyring. We don't think that it is serious enough to justify a new release. The workaround (mkdir ~/.gnupg) is simple enough. > (Creating ~/.gnupg is not the issue ... the issue is that I now do not > trust my install to function properly.) Don't worry; it happens on all systems. Werner From johanw at vulcan.xs4all.nl Fri Sep 24 16:15:23 2004 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Fri Sep 24 16:12:05 2004 Subject: Weaknesses in SHA-1 In-Reply-To: <20040924092116.GA2574@dantooine> from markus reichelt at "Sep 24, 2004 11:21:16 am" Message-ID: <200409241415.QAA00812@vulcan.xs4all.nl> markus reichelt wrote: >why? he states: > >"To a user of cryptographic systems -- as I assume most readers are -- >this news is important, but not particularly worrisome. MD5 and SHA >aren't suddenly insecure. No one is going to be breaking digital >signatures or reading encrypted messages anytime soon with these >techniques. The electronic world is no less secure after these >announcements than it was before." However, this argument is often used against v3 keys, because they use MD5. It apears that MD5 and SHA1 may be vulnerable to the same kind of attack. In practice, I don't worry about either hashes being broken. -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From johanw at vulcan.xs4all.nl Fri Sep 24 16:12:23 2004 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Fri Sep 24 16:12:16 2004 Subject: gpg 1.2.6 fails to create ~/.gnupg on Solaris In-Reply-To: <87r7orrk0w.fsf@wheatstone.g10code.de> from Werner Koch at "Sep 24, 2004 01:19:59 pm" Message-ID: <200409241412.QAA00790@vulcan.xs4all.nl> Werner Koch wrote: >This is a known problem. This has happened before. Seems some change broke that code again. -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From grnbrg at gmail.com Fri Sep 24 16:36:09 2004 From: grnbrg at gmail.com (Brian Greenberg) Date: Fri Sep 24 16:32:50 2004 Subject: gpg 1.2.6 fails to create ~/.gnupg on Solaris In-Reply-To: <87r7orrk0w.fsf@wheatstone.g10code.de> References: <20040924074742.10424.qmail@web51407.mail.yahoo.com> <87r7orrk0w.fsf@wheatstone.g10code.de> Message-ID: <2f30f3450409240736fdec72d@mail.gmail.com> On Fri, 24 Sep 2004 13:19:59 +0200, Werner Koch wrote: > On Fri, 24 Sep 2004 00:47:42 -0700 (PDT), Lee Johnson said: > > > Hello: > > I have just installed GPG 1.2.6 in a Solaris (5.8) environment using GCC > > 2.95.3. I ran into only one problem during the compile (a "Bus Error" > > message on every invocation that went away when I took out the > > --enable-m-guard option). > > > However, gpg fails to create a ~/.gnupg directory for users. It lists off > > a few errors about failing to create temporary files and then terminates > > This is a known problem. > > 2004-08-31 Werner Koch > > * keydb.c (maybe_create_keyring): Try to create the home directory > before acquiring a lock for the keyring. The fix can be downloaded from the CVS: http://cvs.gnupg.org/cgi-bin/viewcvs.cgi/*checkout*/gnupg/g10/keydb.c?rev=1.4.2.6&only_with_tag=STABLE-BRANCH-1-2&content-type=text/plain BTW: Is there any good reason *not* to use a lockfile when creating the gpg home dir? The comment at the top of the patch implies that this is because the application calling gpg should do so, but if this code is running, it obviously *hasn't*.... Brian. -- Brian Greenberg grnbrg@gmail.com From nico-linux-gnupg at schottelius.org Thu Sep 23 16:12:17 2004 From: nico-linux-gnupg at schottelius.org (Nico Schottelius) Date: Fri Sep 24 17:07:13 2004 Subject: Decrypting without designing? Message-ID: <20040923141217.GA4750@schottelius.org> Hello! I am programming an encrypted mailing list and want to use gpg directly. Now I am a bit stuck, as I want only to decrypt a file, but not remove the signature. Is that somehow possible? The background: I have the following workplan for the part of the mailing list manager, which handles the mail: --- --- --- --- --- --- 1. Check if it is adressed to us. If not, bounce. [ok] 2. Check if the sender is subscribed. [ok] no: Check if ml is open for everyone (open_list) no: bounce yes: add bfw: Sender_unknown 3. Check whether message is encrypted for us [ok] no: bounce with bfw (BIG FAT WARNING) yes: decrypt 4. subscribed only: Check whether sig is ok no: bounce 5. Remove signature / Add own signature (really??) [???] 6. encrypt for each recipent and send --- --- --- --- --- --- Ponts 1-3 are problemsless. But when the message is decrypted, gpg -d also removes the signature. The ML software also checks whether the key used to sign fits to the address subscribed. If I have an encrypted, but not signed message and I pipe it through "gpg -u "$PGPID" -q --no-verbose --batch -d" it returns 0 (as expected). The problem is, gpg returns the same, if I have an encrypted and signed message. Can anyone give me a hint how to see the difference? Sincerly, Nico P.S.: Here's how it looks like: bruehe% cat mail.crypted.signed.ecml | SENDER=nico-confirmtest@schottelius.org ./ecml-manage ./testml/ gpg-return: 0 bruehe% cat mail.only.crypted.not.signed | SENDER=nico-confirmtest@schottelius.org ./ecml-manage ./testml/ gpg-return: 0 -- Keep it simple & stupid, use what's available. Please use pgp encryption: 8D0E 27A4 is my id. http://nico.schotteli.us | http://linux.schottelius.org -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 827 bytes Desc: not available Url : /pipermail/attachments/20040923/edb7064e/attachment.bin From dshaw at jabberwocky.com Fri Sep 24 17:54:16 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Fri Sep 24 17:51:04 2004 Subject: Weaknesses in SHA-1 In-Reply-To: <200409241415.QAA00812@vulcan.xs4all.nl> References: <20040924092116.GA2574@dantooine> <200409241415.QAA00812@vulcan.xs4all.nl> Message-ID: <20040924155416.GA12084@jabberwocky.com> On Fri, Sep 24, 2004 at 04:15:23PM +0200, Johan Wevers wrote: > markus reichelt wrote: > > >why? he states: > > > >"To a user of cryptographic systems -- as I assume most readers are -- > >this news is important, but not particularly worrisome. MD5 and SHA > >aren't suddenly insecure. No one is going to be breaking digital > >signatures or reading encrypted messages anytime soon with these > >techniques. The electronic world is no less secure after these > >announcements than it was before." > > However, this argument is often used against v3 keys, because they use > MD5. It apears that MD5 and SHA1 may be vulnerable to the same kind of > attack. In practice, I don't worry about either hashes being broken. While this isn't a practical break of MD5, it is still prudent to stop using it. In the context of OpenPGP, stopping using MD5 means stopping using v3 keys. If we stop using MD5 today, we can gracefully migrate to something better. If we wait until there IS a practical break, then we are forced into a frantic repair mode that can cause other harm. The very next paragraph in Bruce Schneier's essay is: But there's an old saying inside the NSA: "Attacks always get better; they never get worse." These techniques will continue to improve, and probably someday there will be practical attacks based on these techniques. He's arguing to start the slow transition away from SHA-1. If there is a rational argument for starting a transition away from SHA-1, then we sure as heck should have been off MD5 for a long time now. David From mujyo at comcast.net Fri Sep 24 21:16:11 2004 From: mujyo at comcast.net (mujyo@comcast.net) Date: Fri Sep 24 21:13:19 2004 Subject: Question about FAQ section 7.1 Message-ID: <1191732911.20040924121611@comcast.net> Hello List :^) In section 7.1 of the FAQ the last paragraph states: "There is a small security glitch in the OpenPGP (and therefore GnuPG) system; to avoid this you should always sign and encrypt a message instead of only encrypting it." ( http://www.gnupg.org/(en)/documentation/faqs.html#q7.1 ) I am wondering if this is still the case, and if this means that one should also not use 'conventional' encryption, as the language appears to possibly be saying that as well. And has this 'glitch' been fixed? I apologize if this has already been discussed a few times, if that bothers anyone, I did look over a bit of the message archives and didn't see this question, or the answer ;) Also, does anyone see any basic problems in encrypting =<700MB files using --recipient (My-Name) --encrypt (File), i.e. encrypting to one's self for files only for yourself. Is it better to encrypt with say TWOFISH, or a Key-pair even though you are only encrypting to yourself. Or I if I take the section in the FAQ above correctly I should add --sign to the commands, right? Okay, thanks for reading, and thanks in advance for answering, I hope! By the way I am presently using GnuPG 1.2.4 on an MS-Windows system. yours, Joseph From dshaw at jabberwocky.com Fri Sep 24 21:56:17 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Fri Sep 24 21:53:16 2004 Subject: Question about FAQ section 7.1 In-Reply-To: <1191732911.20040924121611@comcast.net> References: <1191732911.20040924121611@comcast.net> Message-ID: <20040924195617.GB13073@jabberwocky.com> On Fri, Sep 24, 2004 at 12:16:11PM -0700, mujyo@comcast.net wrote: > Hello List :^) > > In section 7.1 of the FAQ the last paragraph states: > > "There is a small security glitch in the OpenPGP (and therefore GnuPG) > system; to avoid this you should always sign and encrypt a message > instead of only encrypting it." > ( http://www.gnupg.org/(en)/documentation/faqs.html#q7.1 ) > > I am wondering if this is still the case, and if this means that one > should also not use 'conventional' encryption, as the language appears > to possibly be saying that as well. And has this 'glitch' been fixed? This isn't true any longer. OpenPGP now has the MDC protection. Both GnuPG and PGP support it. MDC can be turned off manually, or if you encrypt to a key that doesn't support it, it is switched off automatically, but in general it is on. GnuPG tries pretty hard to use MDC whenever possible. MDC works for conventional encryption also. > Also, does anyone see any basic problems in encrypting =<700MB files > using --recipient (My-Name) --encrypt (File), i.e. encrypting to one's > self for files only for yourself. Is it better to encrypt with say > TWOFISH, or a Key-pair even though you are only encrypting to > yourself. No basic problem. Some people like to use --symmetric when encrypting to themselves, and some people like to use their public key. It's really a matter of taste. I prefer to use my public key so I don't have one more passphrase to remember ;) David From atom at suspicious.org Fri Sep 24 22:10:43 2004 From: atom at suspicious.org (Atom 'Smasher') Date: Fri Sep 24 22:07:40 2004 Subject: Question about FAQ section 7.1 In-Reply-To: <20040924195617.GB13073@jabberwocky.com> References: <1191732911.20040924121611@comcast.net> <20040924195617.GB13073@jabberwocky.com> Message-ID: <20040924160719.E344@willy_wonka> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Fri, 24 Sep 2004, David Shaw wrote: >> Also, does anyone see any basic problems in encrypting =<700MB files >> using --recipient (My-Name) --encrypt (File), i.e. encrypting to one's >> self for files only for yourself. Is it better to encrypt with say >> TWOFISH, or a Key-pair even though you are only encrypting to yourself. > > No basic problem. Some people like to use --symmetric when encrypting > to themselves, and some people like to use their public key. It's > really a matter of taste. I prefer to use my public key so I don't have > one more passphrase to remember ;) ====================== if i'm making an encrypted backup of my HD i use a symmetric passphrase (in addition to my public key), because if i lose my HD it will be inconvenient to recover my secret key from the backup, if the backup is only encrypted with my secret key. ...atom _________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 ------------------------------------------------- "If young people don't turn on to politics, politics will turn on them." -- Ralph Nader -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures iQEcBAEBCAAGBQJBVH9IAAoJEAx/d+cTpVciu7gIAJWJvr6jq5XiXEo7CIsF6cNn bYXUtGlGirG1NsVzxsNY0LFbYxTiL4sDSKKA96i15tCW5ghmSY5jgbpGZJ06gZRI xxWDEf0Bj3/XtBDKS2QfIoFWxHH/FYpcUHHNCk4h2Qt8BVCfXTj1MSEjG15vV7XA hYQdDq5PerJk5UaWG2Re8H5UzYxBsOVxtJz+sQ8nI8YzKbm6sw3E5amwVdix3SEq dJKfMFonSVVJJAu5VrdalLsFcVdK7Jqbm8ncAmMDMFohSeXVNyHcmhSmAG0rMRIT GWYFLPg6LGy9D2mXF8ivbepFEduMaT5A1efYMiRC1AsrsyuzyCGRtqSq4txjLt8= =T1Ej -----END PGP SIGNATURE----- From dshaw at jabberwocky.com Fri Sep 24 23:41:29 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Fri Sep 24 23:38:20 2004 Subject: Question about FAQ section 7.1 In-Reply-To: <20040924160719.E344@willy_wonka> References: <1191732911.20040924121611@comcast.net> <20040924195617.GB13073@jabberwocky.com> <20040924160719.E344@willy_wonka> Message-ID: <20040924214129.GC15199@jabberwocky.com> On Fri, Sep 24, 2004 at 04:10:43PM -0400, Atom 'Smasher' wrote: > On Fri, 24 Sep 2004, David Shaw wrote: > > >> Also, does anyone see any basic problems in encrypting =<700MB files > >> using --recipient (My-Name) --encrypt (File), i.e. encrypting to one's > >> self for files only for yourself. Is it better to encrypt with say > >> TWOFISH, or a Key-pair even though you are only encrypting to yourself. > > > > No basic problem. Some people like to use --symmetric when encrypting > > to themselves, and some people like to use their public key. It's > > really a matter of taste. I prefer to use my public key so I don't have > > one more passphrase to remember ;) > ====================== > > if i'm making an encrypted backup of my HD i use a symmetric passphrase > (in addition to my public key), because if i lose my HD it will be > inconvenient to recover my secret key from the backup, if the backup is > only encrypted with my secret key. I have backups of my secret key off of my HD, burned onto a CD and stored in a secure place. Don't forget one of the best backup methods: export the secret key packet with ASCII armor and print it out. Paper generally is the safest thing out there in terms of media decay. If all else fails, I can re-type the thing in. David From linux at codehelp.co.uk Sat Sep 25 00:24:17 2004 From: linux at codehelp.co.uk (Neil Williams) Date: Sat Sep 25 00:20:15 2004 Subject: Question about FAQ section 7.1 In-Reply-To: <20040924214129.GC15199@jabberwocky.com> References: <1191732911.20040924121611@comcast.net> <20040924160719.E344@willy_wonka> <20040924214129.GC15199@jabberwocky.com> Message-ID: <200409242324.18204.linux@codehelp.co.uk> On Friday 24 September 2004 10:41 pm, David Shaw wrote: > I have backups of my secret key off of my HD, burned onto a CD and > stored in a secure place. Don't forget one of the best backup > methods: export the secret key packet with ASCII armor and print it > out. Paper generally is the safest thing out there in terms of media > decay. If all else fails, I can re-type the thing in. Ouch! > David (Which kind of legislates against large key sizes!!) I keep print outs of revocation certificates because they are truly short - 3 or 4 lines. My secret key is more like 50 lines. I would have to be truly desperate to type, check and re-check all those characters. I'm generally a good typist, but I wouldn't like to try that little exercise! I think I'd find it easier to recreate the more important signatures on a new key. :-( -- Neil Williams ============= http://www.codehelp.co.uk/ http://www.dclug.org.uk/ http://www.isbn.org.uk/ http://sourceforge.net/projects/isbnsearch/ http://www.biglumber.com/x/web?qs=0x8801094A28BCB3E3 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20040924/5b087c96/attachment.bin From dshaw at jabberwocky.com Sat Sep 25 01:02:51 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Sat Sep 25 00:59:46 2004 Subject: Question about FAQ section 7.1 In-Reply-To: <200409242324.18204.linux@codehelp.co.uk> References: <1191732911.20040924121611@comcast.net> <20040924160719.E344@willy_wonka> <20040924214129.GC15199@jabberwocky.com> <200409242324.18204.linux@codehelp.co.uk> Message-ID: <20040924230251.GB12439@jabberwocky.com> On Fri, Sep 24, 2004 at 11:24:17PM +0100, Neil Williams wrote: > On Friday 24 September 2004 10:41 pm, David Shaw wrote: > > I have backups of my secret key off of my HD, burned onto a CD and > > stored in a secure place. Don't forget one of the best backup > > methods: export the secret key packet with ASCII armor and print it > > out. Paper generally is the safest thing out there in terms of media > > decay. If all else fails, I can re-type the thing in. > > Ouch! > > > David > > (Which kind of legislates against large key sizes!!) > > I keep print outs of revocation certificates because they are truly > short - 3 or 4 lines. My secret key is more like 50 lines. I would > have to be truly desperate to type, check and re-check all those > characters. I'm generally a good typist, but I wouldn't like to try > that little exercise! I think I'd find it easier to recreate the > more important signatures on a new key. Not the whole secret key. Just the secret key packet itself. The logic is that I don't need to do anything special to back up my public key and signatures since if all else fails I can just get it from any of a number of keyservers. The self-sigs are on the public key as well. My secret key is backed up in the usual way (CD-R). The paper copy is a "if all else fails" backup, and it's not large at all: The only truly secret part of the secret key is the key data itself, and the common 1024-bit DSA key is only 11 lines long. I'd rather type in 11 lines than make a new key. It's not something I want to do regularly, but if my CD-R backups fail for whatever reason, I can spend 30 minutes typing it back in again, and not lose access to my encrypted data. People often see CD-Rs fail after 3-4 years... paper will last longer than I will. David -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 251 bytes Desc: not available Url : /pipermail/attachments/20040924/e29b8c7d/attachment.bin From holtzm at sonic.net Sat Sep 25 09:47:07 2004 From: holtzm at sonic.net (Bob Holtzman) Date: Sat Sep 25 09:36:07 2004 Subject: pgp4pine problem Message-ID: After playing with a few mail programs I installed pine-4.58-1 and pgp4pine-1.76-1. I had run this combination before with success. I am also running gnupg-1.0.6-5 and RH7.3. I know they are old versions but they work well and I intend keeping them if I can. So much for background. The Problem I'm having is that when I send a test message to myself I get this error: ------------------------------------------------------------------------------ Loading profiles: gpg, done. Checking recipients ... holtzm@sonic.net... - no key found Your recipient list has unknown keys. You may: a) Sign the message b) Send it unmodified c) Ask the Keyserver for unknown keys and start over d) Open a shell to add their key manually, q) Abort and Quit Make your choice [a]: ------------------------------------------------------------------------- The results are the same with and without the display and sending filters in $HOME/.pinerc and "gpg --list-keys" verifies the existance of my keys on my machine. I stress that this combination, set up the same way, worked before unless something changed that I'm not aware of. -- Bob Holtzman "If you think you're getting free lunch, ......check the price of the beer!" From atom at suspicious.org Sat Sep 25 09:53:38 2004 From: atom at suspicious.org (Atom 'Smasher') Date: Sat Sep 25 09:50:30 2004 Subject: pgp4pine problem In-Reply-To: References: Message-ID: <20040925034840.A344@willy_wonka> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Sat, 25 Sep 2004, Bob Holtzman wrote: > After playing with a few mail programs I installed pine-4.58-1 and > pgp4pine-1.76-1. I had run this combination before with success. I am also > running gnupg-1.0.6-5 and RH7.3. I know they are old versions but they > work well and I intend keeping them if I can. So much for background. ================== first step in troubleshooting is UPGRADE to a current version. you're using gpg 1.0.6?!?! why? when you upgrade, check out the "--rebuild-keydb-caches" option. give ez-pine-gpg v0.4f a try - http://business-php.com/opensource/ez-pine-gpg/ see what happens... ...atom _________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 ------------------------------------------------- "What sane person could live in this world and not be crazy?" -- Ursula K. LeGuin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures iQEcBAEBCAAGBQJBVSQIAAoJEAx/d+cTpVcimqwIALioicfehad/o98xC2KvUT3p oxB10p3W8FSQvxAn8qpWHDjFkOqXXeq6gDI8QTuouQ7j0u4Cw4Po5nBwbgu90qyc boAEnbcnoVfg7rEWIhaPPThMB3F+1TGHKXsjRCmthKYvS7kxur77xcC+953Vj4T5 j3RiUUE1s3IR57DanfMR7IiJXw1fxy2zWLeXoelxf6a3FzfKrK4ByYZmGGC7mNha CWvAVe/yZyxHoDjwYFZO99xKISSloiUKYg73KnQOr+hy5iZpwNKaXiFsNYweY274 dNhG19WPkUu1+7m+LLsxseUdCOsLFeT5tb8I1bhUqVaSGHOBgQ8RZ3sd2j8yRfk= =8UKy -----END PGP SIGNATURE----- From nico-linux-gnupg at schottelius.org Sat Sep 25 15:35:27 2004 From: nico-linux-gnupg at schottelius.org (Nico Schottelius) Date: Sat Sep 25 15:28:56 2004 Subject: Decrypting without designing? In-Reply-To: <20040923141217.GA4750@schottelius.org> References: <20040923141217.GA4750@schottelius.org> Message-ID: <20040925133527.GC1120@schottelius.org> Was that the wrong list to ask the question? If so, can someone redirect me to the right list? Greetings, Nico Nico Schottelius [Thu, Sep 23, 2004 at 04:12:17PM +0200]: > Hello! > > I am programming an encrypted mailing list and want to use gpg > directly. > > Now I am a bit stuck, as I want only to decrypt a file, but not remove > the signature. Is that somehow possible? > > The background: > > I have the following workplan for the part of the mailing list manager, > which handles the mail: > > --- --- --- --- --- --- > 1. Check if it is adressed to us. If not, bounce. [ok] > 2. Check if the sender is subscribed. [ok] > no: Check if ml is open for everyone (open_list) > no: bounce > yes: add bfw: Sender_unknown > 3. Check whether message is encrypted for us [ok] > no: bounce with bfw (BIG FAT WARNING) > yes: decrypt > 4. subscribed only: Check whether sig is ok > no: bounce > 5. Remove signature / Add own signature (really??) [???] > 6. encrypt for each recipent and send > --- --- --- --- --- --- > > Ponts 1-3 are problemsless. But when the message is decrypted, > gpg -d also removes the signature. The ML software also checks > whether the key used to sign fits to the address subscribed. > > If I have an encrypted, but not signed message and I pipe it > through "gpg -u "$PGPID" -q --no-verbose --batch -d" it > returns 0 (as expected). The problem is, gpg returns the same, > if I have an encrypted and signed message. > > Can anyone give me a hint how to see the difference? > > Sincerly, > > Nico > > P.S.: Here's how it looks like: > > bruehe% cat mail.crypted.signed.ecml | SENDER=nico-confirmtest@schottelius.org ./ecml-manage ./testml/ > gpg-return: 0 > > bruehe% cat mail.only.crypted.not.signed | SENDER=nico-confirmtest@schottelius.org ./ecml-manage ./testml/ > gpg-return: 0 > > -- > Keep it simple & stupid, use what's available. > Please use pgp encryption: 8D0E 27A4 is my id. > http://nico.schotteli.us | http://linux.schottelius.org > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Keep it simple & stupid, use what's available. Please use pgp encryption: 8D0E 27A4 is my id. http://nico.schotteli.us | http://linux.schottelius.org -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 827 bytes Desc: not available Url : /pipermail/attachments/20040925/4fb88b9c/attachment.bin From dshaw at jabberwocky.com Sat Sep 25 16:25:20 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Sat Sep 25 16:22:08 2004 Subject: Decrypting without designing? In-Reply-To: <20040923141217.GA4750@schottelius.org> References: <20040923141217.GA4750@schottelius.org> Message-ID: <20040925142520.GE25691@jabberwocky.com> On Thu, Sep 23, 2004 at 04:12:17PM +0200, Nico Schottelius wrote: > If I have an encrypted, but not signed message and I pipe it through > "gpg -u "$PGPID" -q --no-verbose --batch -d" it returns 0 (as > expected). The problem is, gpg returns the same, if I have an > encrypted and signed message. > > Can anyone give me a hint how to see the difference? Check the manual for the --status-fd option and read the file DETAILS (in the doc/ directory). This shows how you can get the information you want. Looking at the exit code is not enough. David -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 251 bytes Desc: not available Url : /pipermail/attachments/20040925/652353c6/attachment-0001.bin From jleejj at yahoo.com Sun Sep 26 05:57:16 2004 From: jleejj at yahoo.com (Lee Johnson) Date: Sun Sep 26 05:54:26 2004 Subject: gpg 1.2.6 fails to create ~/.gnupg on Solaris In-Reply-To: Message-ID: <20040926035716.55815.qmail@web51403.mail.yahoo.com> > This is a known problem. > > Thanks for all the quick replies to ~/.gnupg creation issue. I actually dug around in the code enough to figure out the problem, but I thought it was working properly on my Gentoo Linux install. Now I find that I am using GPG 1.2.4 in Linux and installing GPG 1.2.6 in Solaris. Instead of using the fix in CVS I just added a few more lines to the user setup script for now: if [[ ! -d ~/.gnupg ]]; then mkdir ~/.gnupg chmod 700 ~/.gnupg cat /usr/share/gnupg/options.skel | awk '{if (NR > 3) {print;}}' > ~/.gnupg/gpg.conf fi ... along with a call to a script which will perform FIPS140-1 randomness tests on the locally running EGD. _Lee _______________________________ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com From vedaal at hush.com Sun Sep 26 06:41:08 2004 From: vedaal at hush.com (vedaal@hush.com) Date: Sun Sep 26 06:37:46 2004 Subject: Weakness in SHA-1 Message-ID: <200409260441.i8Q4f8tj099947@mailserver2.hushmail.com> Fri Sep 24 17:54:16 CEST 2004 David Shaw wrote: ]While this isn't a practical break of MD5, it is still prudent to stop ]using it. In the context of OpenPGP, stopping using MD5 means ]stopping using v3 keys. If we stop using MD5 today, we can gracefully ]migrate to something better. If we wait until there IS a practical ]break, then we are forced into a frantic repair mode that can cause ]other harm. .. ]If there ]is a rational argument for starting a transition away from SHA-1, then ]we sure as heck should have been off MD5 for a long time now. md5 is not necessary for signing with a v3 key, and certainly not for encrypting v3 keys can sign with 'any' hash, but practically, for the purposes under discussion, v3's can use sha256 dh/dsa cannot use anything higher than 160 (and, as i actually 'do' have a dh/dsa key, even if i don't use it much ;-) , i am just as concerned with the sha weakness for my dh/dsa key, as with md5 for my v3 key) if dh/dsa can be modified to accept greater than 160 size and use sha 256, great, if not, then it might be prudent to look into a new hash design that would be non md5/non sha-1 based that would still allow dh/dsa signing at the 160 level it is important to provide input into such a 'design contest' now, that it provide backward compatibility, and allow for an sha 160 length so that dh/dsa will still be used by those that prefer them, when the attacks 'do' get better. without such input, the design contests may just take an easier way out by using a 'bigger' hash, but not necessarily a more secure design, and, even those candidates that do focus on the design, may want to present the larger hash to make it the same as the competitors. in the interests of compatiblitly, it would be helpful if the respected people in gnupg and open-pgp try to suggest that all entires for the hash be compatible with dh/dsa 160 length, 'before' any such contest begins. vedaal Concerned about your privacy? Follow this link to get secure FREE email: http://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger http://www.hushmail.com/services-messenger?l=434 Promote security and make money with the Hushmail Affiliate Program: http://www.hushmail.com/about-affiliate?l=427 From atom at suspicious.org Sun Sep 26 07:11:54 2004 From: atom at suspicious.org (Atom 'Smasher') Date: Sun Sep 26 07:08:51 2004 Subject: Weakness in SHA-1 In-Reply-To: <200409260441.i8Q4f8tj099947@mailserver2.hushmail.com> References: <200409260441.i8Q4f8tj099947@mailserver2.hushmail.com> Message-ID: <20040926010546.L94659@willy_wonka> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Sat, 25 Sep 2004 vedaal@hush.com wrote: > if dh/dsa can be modified to accept greater than 160 size and use sha > 256, great, if not, then it might be prudent to look into a new hash > design that would be non md5/non sha-1 based that would still allow > dh/dsa signing at the 160 level ============== how about RIPEMD-160? 100% compatible with DSS (DSA), already part of GnuPG and it's neither SHA nor MD5 based. even without a weakness in any flavors of SHA i'd like to see DSA (the scalable algorithm) formally adopted into larger varieties of DSS (the current standard) to allow larger hashes and larger keys. i guess if/when that happens DSS will become DSS-0 and larger variants will become DSS-1, DSS-2, etc. ...atom _________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 ------------------------------------------------- "Think of the press as a great keyboard on which the government can play." -- Joseph Goebbels, Nazi Propaganda Minister. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures iQEcBAEBCAAGBQJBVk+fAAoJEAx/d+cTpVciGJkH/2SBA6aQOpOD1+zS4yxlS/4/ U9bOk2PGiS+7ipQfcq3h37eGha/5774FcwaVRCmrIE8HSIcvBY4SMqbPwm40nvkc fR6YGN3lXFgTSh0wB/MAYoRAnzClLxv0yp8cuOu4EtZ4/QnRmYRlWVNFynv+41UP 27pcH4dHg2cKZ1w90mbXvYSdH4dUYAlT18FOOoSKRoVC9ZpfczV4czv8wxRGAigx rJmnMsXmwX4C0Hnq6WVHU18rlrh+QWc7Ld9FJa8J4O4cqGRB3IGt90qbGto829ng 169Sj38VLdyVwn3a9aT4UeFqPujc04IFnDEdW7UifGKoTN791bqKGIbQABIdGX0= =FW5W -----END PGP SIGNATURE----- From vedaal at hush.com Sun Sep 26 08:14:58 2004 From: vedaal at hush.com (vedaal@hush.com) Date: Sun Sep 26 08:11:36 2004 Subject: weakness in sha 1 Message-ID: <200409260614.i8Q6EwEt015651@mailserver2.hushmail.com> Atom 'Smasher' atom at suspicious.org, on Sun Sep 26 07:11:54 CEST 2004, wrote: > if dh/dsa can be modified to accept greater than 160 size and use sha > 256, great, if not, then it might be prudent to look into a new hash > design that would be non md5/non sha-1 based that would still allow > dh/dsa signing at the 160 level ============== ] how about RIPEMD-160? ]100% compatible with DSS (DSA), already part of GnuPG and it's neither ]SHA ]nor MD5 based. but is ripemd based, ;-) for which a weakness is already demonstrated see http://eprint.iacr.org/2004/199.pdf ] even without a weakness in any flavors of SHA i'd like to see DSA ] (the scalable algorithm) formally adopted into larger varieties of ] DSS (the current standard) to allow larger hashes and larger keys. i ] guess if]/when that happens DSS will become DSS-0 and larger ] variants will become DSS-1, agree 100% vedaal Concerned about your privacy? Follow this link to get secure FREE email: http://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger http://www.hushmail.com/services-messenger?l=434 Promote security and make money with the Hushmail Affiliate Program: http://www.hushmail.com/about-affiliate?l=427 From dshaw at jabberwocky.com Sun Sep 26 14:40:27 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Sun Sep 26 14:37:20 2004 Subject: Weakness in SHA-1 In-Reply-To: <200409260441.i8Q4f8tj099947@mailserver2.hushmail.com> References: <200409260441.i8Q4f8tj099947@mailserver2.hushmail.com> Message-ID: <20040926124027.GF25691@jabberwocky.com> On Sat, Sep 25, 2004 at 09:41:08PM -0700, vedaal@hush.com wrote: > Fri Sep 24 17:54:16 CEST 2004 David Shaw wrote: > > ]While this isn't a practical break of MD5, it is still prudent to stop > ]using it. In the context of OpenPGP, stopping using MD5 means > ]stopping using v3 keys. If we stop using MD5 today, we can gracefully > ]migrate to something better. If we wait until there IS a practical > ]break, then we are forced into a frantic repair mode that can cause > ]other harm. > .. > ]If there > ]is a rational argument for starting a transition away from SHA-1, then > ]we sure as heck should have been off MD5 for a long time now. > > md5 is not necessary for signing with a v3 key, > and certainly not for encrypting ... but it is required for calculating v3 fingerprints. I'm so tired of this endless argument. People, just let v3 go already. It was time for it to go years ago. Now it's just silly. David From wk at gnupg.org Mon Sep 27 10:24:19 2004 From: wk at gnupg.org (Werner Koch) Date: Mon Sep 27 10:24:24 2004 Subject: gpg 1.2.6 fails to create ~/.gnupg on Solaris In-Reply-To: <20040926035716.55815.qmail@web51403.mail.yahoo.com> (Lee Johnson's message of "Sat, 25 Sep 2004 20:57:16 -0700 (PDT)") References: <20040926035716.55815.qmail@web51403.mail.yahoo.com> Message-ID: <873c14p1ak.fsf@wheatstone.g10code.de> On Sat, 25 Sep 2004 20:57:16 -0700 (PDT), Lee Johnson said: > ... along with a call to a script which will perform FIPS140-1 randomness > tests on the locally running EGD. IIRC, the output of EGD has passed a hashing function and thus any randomness tests are meanigless. Werner From eperez at it.uc3m.es Mon Sep 27 11:25:51 2004 From: eperez at it.uc3m.es (Eduardo =?iso-8859-1?Q?P=E9rez?=) Date: Mon Sep 27 11:23:11 2004 Subject: Creating a ssl socket using OpenPGP keys Message-ID: <20040927092551.GA18225@localhost.localdomain> I'd like to create a simple app to chat securely. Requisites: Use OpenPGP keys on both ends (because lots of users already have OpenPGP keys) Procedure: User selects a public key to communicate He or the system finds the IP/TCP address The other end sees who is trying to contact him The other end accepts or refuses the connection. Both chat securely. Is there an easy way to create a SSL socket using OpenPGP keys? Any suggestion or alternative scheme would be appreciated. From asj at ipa.net Thu Sep 23 03:48:43 2004 From: asj at ipa.net (Alan S. Jones) Date: Mon Sep 27 11:45:04 2004 Subject: Weaknesses in SHA-1 Message-ID: <3.0.5.32.20040922204843.012ffbe8@popc.ipa.net> >> I know t hat SHA-1 has been analyzed more then SHA256, SHA384, or SHA512 >> thus could actually be stronger. However why not let people create keys >> with those algorithms also in 1.4? > >I'm not sure what you mean here - these are hash algorithms. You >don't create a key using them. Sorry, wrong wording on the hash/key thing.... let me restate. Previously you stated that 1.2.x supports MD5, SHA1, and RIPEMD160 and read-only support for SHA256 Also 1.4 will supports MD5, SHA1, RIPEMD160, and SHA256, but only have read only support for SHA384 and SHA512. Why not allow for full support of SHA384 and SHA512 and not just read-only support in GnuPG 1.4? -- Alan S. Jones asj@ipa.net http://users.ipa.net/~asj From nico-linux-gnupg at schottelius.org Thu Sep 23 16:12:17 2004 From: nico-linux-gnupg at schottelius.org (Nico Schottelius) Date: Mon Sep 27 11:45:12 2004 Subject: Decrypting without designing? Message-ID: <20040923141217.GA4750@schottelius.org> Hello! I am programming an encrypted mailing list and want to use gpg directly. Now I am a bit stuck, as I want only to decrypt a file, but not remove the signature. Is that somehow possible? The background: I have the following workplan for the part of the mailing list manager, which handles the mail: --- --- --- --- --- --- 1. Check if it is adressed to us. If not, bounce. [ok] 2. Check if the sender is subscribed. [ok] no: Check if ml is open for everyone (open_list) no: bounce yes: add bfw: Sender_unknown 3. Check whether message is encrypted for us [ok] no: bounce with bfw (BIG FAT WARNING) yes: decrypt 4. subscribed only: Check whether sig is ok no: bounce 5. Remove signature / Add own signature (really??) [???] 6. encrypt for each recipent and send --- --- --- --- --- --- Ponts 1-3 are problemsless. But when the message is decrypted, gpg -d also removes the signature. The ML software also checks whether the key used to sign fits to the address subscribed. If I have an encrypted, but not signed message and I pipe it through "gpg -u "$PGPID" -q --no-verbose --batch -d" it returns 0 (as expected). The problem is, gpg returns the same, if I have an encrypted and signed message. Can anyone give me a hint how to see the difference? Sincerly, Nico P.S.: Here's how it looks like: bruehe% cat mail.crypted.signed.ecml | SENDER=nico-confirmtest@schottelius.org ./ecml-manage ./testml/ gpg-return: 0 bruehe% cat mail.only.crypted.not.signed | SENDER=nico-confirmtest@schottelius.org ./ecml-manage ./testml/ gpg-return: 0 -- Keep it simple & stupid, use what's available. Please use pgp encryption: 8D0E 27A4 is my id. http://nico.schotteli.us | http://linux.schottelius.org -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 827 bytes Desc: not available Url : /pipermail/attachments/20040923/edb7064e/attachment-0003.bin From estafford at pixelengineers.com Fri Sep 24 01:33:06 2004 From: estafford at pixelengineers.com (Ed Stafford) Date: Mon Sep 27 11:45:18 2004 Subject: having trouble with encrypted mail - thunderbird, enigmail, gnupg In-Reply-To: <4152D6CC.7090007@pbl.ca> References: <414F7F16.1040501@pixelengineers.com> <4152D6CC.7090007@pbl.ca> Message-ID: <41535D32.7010503@pixelengineers.com> Well, I think I solved this one. After I exchanged keys, apparently the secure ring for one of the accounts dissapeared, [????] I have no idea how. I did a --list-secret-keys and it said there were none. I recreated the keys, exchanged them again, and now it is working. Thanks for all the suggestion.. Aleksandar Milivojevic wrote: > Ed Stafford wrote: > >> I can read signed mail with success, but trying to decrypt >> encrypted mail returns an error that there is no secret key >> available. I have not found any information on the web to help >> me. > > > Have you checked that you have correct secret keys installed on > both computers? Have you checked that you encrypted with correct > public key? You need public keys A and B on both computers, secret > key A on coputer A, and secret key B on computer B. Than on > computer A you encrypt with public key B, and on computer B you > decrypt with secret key B. You can check what secret keys are > installed with gpg --list-secret-keys. You might also want to > check trust relationships. If you were exporting/importing keys, > you might need to set trust manually using gpg --edit-key keyid, > you usually want to set your private/secret keypair to be > ultimately trusted. Trust is not exported/imported with a key. > From kairaven at arcor.de Mon Sep 27 11:58:22 2004 From: kairaven at arcor.de (Kai Raven) Date: Mon Sep 27 11:58:21 2004 Subject: Creating a ssl socket using OpenPGP keys In-Reply-To: <20040927092551.GA18225@localhost.localdomain> References: <20040927092551.GA18225@localhost.localdomain> Message-ID: <20040927115822.344695ed@matrix.localdomain.intern> Hi Eduardo, On Mon, 27 Sep 2004 09:25:51 +0000 you wrote: > I'd like to create a simple app to chat securely. > Requisites: > Use OpenPGP keys on both ends (because lots of users already have > OpenPGP keys) > Any suggestion or alternative scheme would be appreciated. Perhaps, one of the Jabber clients with OpenPGP/GPG support like Kopete, SIM, Gabber, Ayttm, Tkabber or Psi is something for you. The channels to the Jabber servers are secured with SSL/TLS links and the communication is additionally encrypted with GnuPG keys. I personally prefer Psi :) http://psi.affinix.com/ -- Ciao Kai WWW: http://kai.iks-jena.de/ Blog: http://rabenhorst.blogg.de/ GnuPG-Key: 0xD6E995A0 Jabber: kraven@jabber.ccc.de -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 827 bytes Desc: not available Url : /pipermail/attachments/20040927/8aeb3aca/attachment.bin From eperez at it.uc3m.es Mon Sep 27 12:38:34 2004 From: eperez at it.uc3m.es (Eduardo =?iso-8859-1?Q?P=E9rez?=) Date: Mon Sep 27 12:36:03 2004 Subject: Creating a ssl socket using OpenPGP keys In-Reply-To: <20040927115822.344695ed@matrix.localdomain.intern> References: <20040927092551.GA18225@localhost.localdomain> <20040927115822.344695ed@matrix.localdomain.intern> Message-ID: <20040927103834.GA18578@localhost.localdomain> On 2004-09-27 11:58:22 +0200, Kai Raven wrote: > On Mon, 27 Sep 2004 09:25:51 +0000 you wrote: > > I'd like to create a simple app to chat securely. > > Requisites: > > Use OpenPGP keys on both ends (because lots of users already have > > OpenPGP keys) > > Any suggestion or alternative scheme would be appreciated. > > Perhaps, one of the Jabber clients with OpenPGP/GPG support like Kopete, > SIM, Gabber, Ayttm, Tkabber or Psi is something for you. The channels to > the Jabber servers are secured with SSL/TLS links and the communication > is additionally encrypted with GnuPG keys. > I personally prefer Psi :) > http://psi.affinix.com/ Can an untrusted server remove messages and the receiver not noticing it when using the protocol & app you suggested? I'm looking into using SSL because I'm planning a decentralized network and I don't want to lose messages because someone in the middle of the network wants to. From johanw at vulcan.xs4all.nl Mon Sep 27 13:56:25 2004 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Mon Sep 27 14:17:34 2004 Subject: Weaknesses in SHA-1 In-Reply-To: <3.0.5.32.20040922204843.012ffbe8@popc.ipa.net> from "Alan S. Jones" at "Sep 22, 2004 08:48:43 pm" Message-ID: <200409271156.NAA02621@vulcan.xs4all.nl> Alan S. Jones wrote: >Why not allow for full support of SHA384 and SHA512 and not just read-only >support in GnuPG 1.4? And not to forget Tiger192. Why remove support for it in the light of these developments? -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From dshaw at jabberwocky.com Mon Sep 27 16:47:35 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Mon Sep 27 16:44:17 2004 Subject: Weaknesses in SHA-1 In-Reply-To: <3.0.5.32.20040922204843.012ffbe8@popc.ipa.net> References: <3.0.5.32.20040922204843.012ffbe8@popc.ipa.net> Message-ID: <20040927144735.GA5523@jabberwocky.com> On Wed, Sep 22, 2004 at 08:48:43PM -0500, Alan S. Jones wrote: > >> I know t hat SHA-1 has been analyzed more then SHA256, SHA384, or SHA512 > >> thus could actually be stronger. However why not let people create keys > >> with those algorithms also in 1.4? > > > >I'm not sure what you mean here - these are hash algorithms. You > >don't create a key using them. > > Sorry, wrong wording on the hash/key thing.... let me restate. > > Previously you stated that 1.2.x supports MD5, SHA1, and RIPEMD160 and > read-only support for SHA256 Also 1.4 will supports MD5, SHA1, RIPEMD160, > and SHA256, but only have read only support for SHA384 and SHA512. > > Why not allow for full support of SHA384 and SHA512 and not just read-only > support in GnuPG 1.4? It's a good question. Basically, nobody (PGP or GnuPG) officially supports 384/512 yet. It is prudent to get a code base out that understands a new feature before a code base is released that actually enables a new feature. Since 1.2.x does not support 384/512 at all unless it is specifically compiled in by the user (which the majority do not), the first release of GnuPG that can (almost always) understand 384/512 is going to be 1.4. Once 1.4 has been out for a while, 384/512 can be enabled for read/write. OpenPGP has a sometimes justified reputation as being difficult to get different versions to interoperate. Just look at the many web sites with huge compatibility charts. This is not good for anyone, and holding back on a new feature until it can be used safely is an attempt to dispel this reputation. Incidentally, 384 is sort of pointless for OpenPGP. It's mostly the same algorithm as 512 truncated to 384 bytes. Unless you need to save 16 bytes, there is little benefit. David From dshaw at jabberwocky.com Mon Sep 27 16:49:30 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Mon Sep 27 16:46:10 2004 Subject: Weaknesses in SHA-1 In-Reply-To: <200409271156.NAA02621@vulcan.xs4all.nl> References: <3.0.5.32.20040922204843.012ffbe8@popc.ipa.net> <200409271156.NAA02621@vulcan.xs4all.nl> Message-ID: <20040927144930.GB5523@jabberwocky.com> On Mon, Sep 27, 2004 at 01:56:25PM +0200, Johan Wevers wrote: > Alan S. Jones wrote: > > >Why not allow for full support of SHA384 and SHA512 and not just read-only > >support in GnuPG 1.4? > > And not to forget Tiger192. Why remove support for it in the light of these > developments? Why would you use Tiger192 when SHA256 is available? I imagine SHA256 is getting a lot more attention by people trying to break it than Tiger192 is. In any event, Tiger192 was removed from the OpenPGP standard (not because it was thought weak, but because nobody really used it and there were longer hashes available). David From jgentil at sebistar.net Mon Sep 27 19:12:35 2004 From: jgentil at sebistar.net (Jon-Pierre Gentil) Date: Mon Sep 27 19:09:26 2004 Subject: Creating a ssl socket using OpenPGP keys In-Reply-To: <20040927103834.GA18578@localhost.localdomain> References: <20040927092551.GA18225@localhost.localdomain> <20040927115822.344695ed@matrix.localdomain.intern> <20040927103834.GA18578@localhost.localdomain> Message-ID: <41584A03.3020307@sebistar.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Eduardo P?rez wrote: > Can an untrusted server remove messages and the receiver not > noticing it when using the protocol & app you suggested? > > I'm looking into using SSL because I'm planning a decentralized network > and I don't want to lose messages because someone in the middle of the > network wants to. You can run you own Jabber server. - -- _________________________________________________________ Jon-Pierre Gentil PGP: 0xA21BC30E jabber: jgentil@jabber.org web: www.sebistar.net "If you think education is expensive, try ignorance." _________________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iEYEARECAAYFAkFYSgMACgkQOrVFmaIbww48gACfS++URqotAzSWKWkZcaObVqog z0YAoJOSVf5F00Hl4VsRQpW/u/Y5qH+7 =ClSH -----END PGP SIGNATURE----- From vedaal at hush.com Mon Sep 27 21:19:13 2004 From: vedaal at hush.com (vedaal@hush.com) Date: Mon Sep 27 21:15:57 2004 Subject: Weaknesses in SHA-1 Message-ID: <200409271919.i8RJJG5H022222@mailserver3.hushmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 David Shaw dshaw at jabberwocky.com Mon Sep 27 16:49:30 CEST 2004 wrote: ] Why would you use Tiger192 when SHA256 is available? ] I imagine SHA256 is getting a lot more attention by people ] trying to break it than Tiger192 is. to be able to use it with dh/dsa tiger is available as tiger 160 and is independent of md 'x', sha, and ripemd in design, http://www.nullify.org/docs/tiger.pdf if it 'was' already accepted in open-pgp, without any 'deprecation' remarks, the it should be able to be considered secure, and in light of recent events, it may be looked at more carefully, as it is the only design type that has not yet had a weakness demonstrated, and more people might move to use it now, if it were still available. in an effort to 'move away' from v3 keys ;-) , and introduce my new v4 rsa keys, am signing with both my old v3 key, and the v4 rsa key, and will try to use the v4 key except for pgp2.x users. vedaal [any 'bad' sig is because of hushmail mangling ;-(( ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (MingW32) Comment: Acts of Kindness better the World, and protect the Soul iQEVAwUBQVhnAGoFoLeFMG0lAQi0ZwgAi3OxIpMxe6ic9dDFs79u0yvFMqBsXaGd bqVpZQGnNmjIkUr4trYo/Z5iSUHeZtkfRPwU0BbmbwVCjn4fdalU6/Ri2SKqjtmH 0GN7uifVOomKUpTDbcHr2RILZByl6mJf1O/ZPqWVBkPuj29JtFoxddZQs6tqzoNI KJc1GvyIu3GFSnAQi4JxvindxgZ3HO3b7JAT5txyLO56T+dZCN6qxMz9/Sz9Frly ZOCr3ibPQZMLHhGqIZBDQcrWY1UTWbmpc5DmTlNewMzbsWMLk6oAGDSqETp1jSBL Ap8j3r9YuB2wghIw0jN99qCUsJTmTdyP/NHl1bbdl1cN34b/0CyoYokCFQMFAUFY ZwBaogyGalialwEItGcP/3LzJEiG3fE2GIcnQIcQGeNT4O77XmSZo9sibNUf3hI2 8trf/6bcWhq5XEoBHJ5J9wnId6TJnT6gI7yFrKO/TnxdZRCeJqBKPcp/xdxgmHNs 2ZEl5zZ4TcWBtHQIFLdFogxbBoQ6uYVL3Dtlj3XWbYs9sC6H/EbnEZlNh+mfkJ85 6np/IJAfOw5pglV+cNfuD443sAr+73oSB+S2DyFV+BoQsPXA2lFiiLRpPrKHdgks 0YOipp/qPZVuA7nIwnI1sHOj62vElxUdJF1Ipd+WEaT8Yn5BD/ZzcwuWd/yOU2Ba 63eEXgpHvFWI+ViTjmBOlKQ+Uo5ljdKsVR7VN2QWXxVpmfThpSYXftEnpgmxXeGG IQY7KOpTx4eSz9TiiJ17uc/7LL5eHVZx2Chhcu+ClatLd+jYti6Pt2f/XAgslkhL MQaVaiVhnTnBIDCaZTd5wvk4ur0XgzVsPQEXd/HLk6Ud/tRgNZ6v/qhAxInEANe8 erZYAbxTWBgPxu8XeAcw9qNXC1AeekWhNQRNavsmVu/WyABaV9vE4EnVqbPUAeoJ /DU8oTvzfaDbfpPmplaidQwuhYM5dx7aNskbbH62taYfwzvg2jYK3ppvHl+lwWu/ Mv1+GYwF+prCxzdJWi9COKcy2n1mW3C6R8DZlQHqxDRXOAh/pjD1EXoPKtZnj4Se =fTpi -----END PGP SIGNATURE----- Concerned about your privacy? Follow this link to get secure FREE email: http://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger http://www.hushmail.com/services-messenger?l=434 Promote security and make money with the Hushmail Affiliate Program: http://www.hushmail.com/about-affiliate?l=427 From jas at extundo.com Mon Sep 27 21:33:29 2004 From: jas at extundo.com (Simon Josefsson) Date: Mon Sep 27 21:30:32 2004 Subject: Weaknesses in SHA-1 References: <3.0.5.32.20040922204843.012ffbe8@popc.ipa.net> <200409271156.NAA02621@vulcan.xs4all.nl> <20040927144930.GB5523__7534.50141423873$1096297653$gmane$org@jabberwocky.com> Message-ID: David Shaw writes: > On Mon, Sep 27, 2004 at 01:56:25PM +0200, Johan Wevers wrote: >> Alan S. Jones wrote: >> >> >Why not allow for full support of SHA384 and SHA512 and not just read-only >> >support in GnuPG 1.4? >> >> And not to forget Tiger192. Why remove support for it in the light of these >> developments? > > Why would you use Tiger192 when SHA256 is available? I imagine SHA256 > is getting a lot more attention by people trying to break it than > Tiger192 is. I don't have an opinion personally, but there's always the argument that if SHA256 is getting a lot of attention, you could end up in the situation where SHA256 has been broken, but Tiger192 hasn't. Read-only support could be a useful for a safety fallback mechanism. The problem is when people start to use Tiger192 without good reasons... From dshaw at jabberwocky.com Mon Sep 27 22:07:00 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Mon Sep 27 22:03:56 2004 Subject: Weaknesses in SHA-1 In-Reply-To: References: <3.0.5.32.20040922204843.012ffbe8@popc.ipa.net> <200409271156.NAA02621@vulcan.xs4all.nl> <20040927144930.GB5523__7534.50141423873$1096297653$gmane$org@jabberwocky.com> Message-ID: <20040927200700.GA8139@jabberwocky.com> On Mon, Sep 27, 2004 at 09:33:29PM +0200, Simon Josefsson wrote: > David Shaw writes: > > > On Mon, Sep 27, 2004 at 01:56:25PM +0200, Johan Wevers wrote: > >> Alan S. Jones wrote: > >> > >> >Why not allow for full support of SHA384 and SHA512 and not just read-only > >> >support in GnuPG 1.4? > >> > >> And not to forget Tiger192. Why remove support for it in the light of these > >> developments? > > > > Why would you use Tiger192 when SHA256 is available? I imagine SHA256 > > is getting a lot more attention by people trying to break it than > > Tiger192 is. > > I don't have an opinion personally, but there's always the argument > that if SHA256 is getting a lot of attention, you could end up in the > situation where SHA256 has been broken, but Tiger192 hasn't. > Read-only support could be a useful for a safety fallback mechanism. > The problem is when people start to use Tiger192 without good > reasons... I think history shows that any uncommon algorithm is going to be used simply because it's there... David From jas at extundo.com Mon Sep 27 22:38:21 2004 From: jas at extundo.com (Simon Josefsson) Date: Mon Sep 27 22:35:21 2004 Subject: Weaknesses in SHA-1 References: <3.0.5.32.20040922204843.012ffbe8@popc.ipa.net> <200409271156.NAA02621@vulcan.xs4all.nl> <20040927144930.GB5523__7534.50141423873$1096297653$gmane$org@jabberwocky.com> <20040927200700.GA8139__40965.5465315611$1096315808$gmane$org@jabberwocky.com> Message-ID: David Shaw writes: > On Mon, Sep 27, 2004 at 09:33:29PM +0200, Simon Josefsson wrote: >> David Shaw writes: >> >> > On Mon, Sep 27, 2004 at 01:56:25PM +0200, Johan Wevers wrote: >> >> Alan S. Jones wrote: >> >> >> >> >Why not allow for full support of SHA384 and SHA512 and not just read-only >> >> >support in GnuPG 1.4? >> >> >> >> And not to forget Tiger192. Why remove support for it in the light of these >> >> developments? >> > >> > Why would you use Tiger192 when SHA256 is available? I imagine SHA256 >> > is getting a lot more attention by people trying to break it than >> > Tiger192 is. >> >> I don't have an opinion personally, but there's always the argument >> that if SHA256 is getting a lot of attention, you could end up in the >> situation where SHA256 has been broken, but Tiger192 hasn't. >> Read-only support could be a useful for a safety fallback mechanism. >> The problem is when people start to use Tiger192 without good >> reasons... > > I think history shows that any uncommon algorithm is going to be used > simply because it's there... And that's bad. Maybe we can penalize such users somehow? Only enable Tiger192 read-only support if a certain token is in the config file? Then there is an escape mechanism if all but Tiger192 is broken. OTOH, you might take the stand that if SHA256 is broken, you have a lot of other problems. So any solution that would work for other applications (that is, release a new version with support for SHA3) would work for GnuPG as well. Personally, I would rather have to upgrade once in a while due to cryptographic advances, than have even more dead code to review in security critical applications. And if I were a maintainer, I wouldn't want to maintain practically useless code, nor maintain an escape mechanisms that might not ever be used, nor take on the support cost of a niche market. Just my $.2... From dshaw at jabberwocky.com Mon Sep 27 23:01:18 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Mon Sep 27 22:58:02 2004 Subject: Weaknesses in SHA-1 In-Reply-To: <200409271919.i8RJJG5H022222@mailserver3.hushmail.com> References: <200409271919.i8RJJG5H022222@mailserver3.hushmail.com> Message-ID: <20040927210118.GB8139@jabberwocky.com> On Mon, Sep 27, 2004 at 12:19:13PM -0700, vedaal@hush.com wrote: > David Shaw dshaw at jabberwocky.com > Mon Sep 27 16:49:30 CEST 2004 wrote: > > ] Why would you use Tiger192 when SHA256 is available? > ] I imagine SHA256 is getting a lot more attention by people > ] trying to break it than Tiger192 is. > > > to be able to use it with dh/dsa > > tiger is available as tiger 160 > and is independent of md 'x', sha, and ripemd in design, Tiger does not have a 160 bit variant. You can truncate the 192 bits to 160, but it's the same algorithm (somewhat similar to SHA256 and SHA224). > if it 'was' already accepted in open-pgp, > without any 'deprecation' remarks, > > the it should be able to be considered secure, This does not follow. Just because someone includes an algorithm in the OpenPGP specification does not in any way mean that algorithm can be considered secure. All it means is that enough people wanted to use the algorithm so it was assigned an algorithm number. David From johanw at vulcan.xs4all.nl Mon Sep 27 23:19:39 2004 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Mon Sep 27 23:20:32 2004 Subject: Weaknesses in SHA-1 In-Reply-To: <20040927144930.GB5523@jabberwocky.com> from David Shaw at "Sep 27, 2004 10:49:30 am" Message-ID: <200409272119.XAA00766@vulcan.xs4all.nl> David Shaw wrote: >Why would you use Tiger192 when SHA256 is available? Not at the moment, but Tiger has a completely different design than the SHA hashes, who are basically based on MD4/5. Thus, Tiger might be able to withstand attacks that SHA-x is vulnerable to. I understand that SHA-512 also has a completely different design, but that's will still be readonly in most 1.4 setups (I assume that in 1.4 I still only have to comment out that if(...) return statement in md.c to enable read-write). >I imagine SHA256 is getting a lot more attention by people trying to break >it than Tiger192 is. Probably. But it still has no proven weaknesses I know of. -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From atom at suspicious.org Mon Sep 27 23:44:11 2004 From: atom at suspicious.org (Atom 'Smasher') Date: Mon Sep 27 23:41:07 2004 Subject: Weaknesses in SHA-1 In-Reply-To: <20040927200700.GA8139@jabberwocky.com> References: <3.0.5.32.20040922204843.012ffbe8@popc.ipa.net> <200409271156.NAA02621@vulcan.xs4all.nl> <20040927144930.GB5523__7534.50141423873$1096297653$gmane$org@jabberwocky.com> <20040927200700.GA8139@jabberwocky.com> Message-ID: <20040927160851.C94659@willy_wonka> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Mon, 27 Sep 2004, David Shaw wrote: > I think history shows that any uncommon algorithm is going to be used > simply because it's there... =========== history also shows that a weakness in an encryption primitive is more likely to be discovered ~after~ it becomes popular and widely used. unless it's discovered earlier ;) ...atom _________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 ------------------------------------------------- "States of war are also understood to require the opposition in the legislature to moderate its otherwise essential functions of criticism. Calls are issued to stand behind the political leadership and to display unity, with the implication that the enemy is watching and that failure to unite is tantamount to treason. These are not healthy conditions for a democracy; indeed, they are the opposite of democracy." -- Philip E. Agre, Department of Information Studies, University of California, Los Angeles -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures iQEcBAEBCAAGBQJBWImwAAoJEAx/d+cTpVciWbQIAIdnoNTlGFYn3NI56a/ltNro YT7Jaujhd9ZWuYsoiE6AWmMj9TqwrN6ni1L8NmBqaWY3iwHXJBwOBd4APhybKxeD M6KalFX8lNruOvAiTs1U2yjOrqNc9euuoJ0ueTnhd4UVn7NzpRI4JqLcy4OX7eCH CYSqI1VilTvwq1tbJ0quglHKLXFvoC7pc9jesz7GtBu9Rpwv6ZOPixB+Hvx5n3Hs OX2VXcxJS8Z5yGWlsl/1yP5eEvhziLQs08f8XakDDBKQgdRuy9dMKUMyVkkEm6h+ matD3HJlYtHoGTqi+SJ2unGOt29nXZ5xmZBBuVM9Nxec1YH0NIKxAaKh3oAfZoo= =EXcD -----END PGP SIGNATURE----- From holtzm at sonic.net Tue Sep 28 01:10:37 2004 From: holtzm at sonic.net (Bob Holtzman) Date: Tue Sep 28 00:59:19 2004 Subject: pgp4pine problem In-Reply-To: <20040925034840.A344@willy_wonka> References: <20040925034840.A344@willy_wonka> Message-ID: On Sat, 25 Sep 2004, Atom 'Smasher' wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On Sat, 25 Sep 2004, Bob Holtzman wrote: > > > After playing with a few mail programs I installed pine-4.58-1 and > > pgp4pine-1.76-1. I had run this combination before with success. I am also > > running gnupg-1.0.6-5 and RH7.3. I know they are old versions but they > > work well and I intend keeping them if I can. So much for background. > ================== > > first step in troubleshooting is UPGRADE to a current version. you're > using gpg 1.0.6?!?! why? As I said: "I know they are old versions but they work well and I intend keeping them if I can" at least they worked in the past. Also I try to use only RPM packages for ease of installation and uninstallation and the later versions of the gpg packages get me into dependency hell. If I can't get the present set up to work I might build a package from a later souce rpm and see what happens. -- Bob Holtzman "If you think you're getting free lunch, ......check the price of the beer!" From dshaw at jabberwocky.com Tue Sep 28 06:28:27 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Tue Sep 28 06:25:15 2004 Subject: Weaknesses in SHA-1 In-Reply-To: <200409272119.XAA00766@vulcan.xs4all.nl> References: <20040927144930.GB5523@jabberwocky.com> <200409272119.XAA00766@vulcan.xs4all.nl> Message-ID: <20040928042827.GA9810@jabberwocky.com> On Mon, Sep 27, 2004 at 11:19:39PM +0200, Johan Wevers wrote: > >I imagine SHA256 is getting a lot more attention by people trying > >to break it than Tiger192 is. > > Probably. But it still has no proven weaknesses I know of. Probably a direct function of it not being used anywhere. If you were a cryptographer wanting to publish a paper, would you spend time attacking SHA-x and get famous, or Tiger192 and get a big shrug from the media? By the way, I don't have anything against the algorithm or design of Tiger192. My reasons to argue against it is more logistics - it hasn't had much use in the field, and it's not part of OpenPGP any longer. Since GnuPG is an OpenPGP client, using Tiger would be nonstandard, and nonstandard is exactly what you don't want when it comes time to interoperate with the rest of the world. David From dshaw at jabberwocky.com Tue Sep 28 06:30:22 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Tue Sep 28 06:27:12 2004 Subject: Weaknesses in SHA-1 In-Reply-To: <20040927160851.C94659@willy_wonka> References: <3.0.5.32.20040922204843.012ffbe8@popc.ipa.net> <200409271156.NAA02621@vulcan.xs4all.nl> <20040927144930.GB5523__7534.50141423873$1096297653$gmane$org@jabberwocky.com> <20040927200700.GA8139@jabberwocky.com> <20040927160851.C94659@willy_wonka> Message-ID: <20040928043022.GB9810@jabberwocky.com> On Mon, Sep 27, 2004 at 05:44:11PM -0400, Atom 'Smasher' wrote: > On Mon, 27 Sep 2004, David Shaw wrote: > > > I think history shows that any uncommon algorithm is going to be used > > simply because it's there... > =========== > > history also shows that a weakness in an encryption primitive is more > likely to be discovered ~after~ it becomes popular and widely used. Absolutely. Breaking a widely used algorithm gets you interviewed. Breaking an algorithm that barely anyone uses get you nothing. Thus, we can guarantee that Tiger is never cracked by not using it. ;) David From dshaw at jabberwocky.com Tue Sep 28 06:34:12 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Tue Sep 28 06:30:55 2004 Subject: Weaknesses in SHA-1 In-Reply-To: References: <3.0.5.32.20040922204843.012ffbe8@popc.ipa.net> <200409271156.NAA02621@vulcan.xs4all.nl> <20040927144930.GB5523__7534.50141423873$1096297653$gmane$org@jabberwocky.com> <20040927200700.GA8139__40965.5465315611$1096315808$gmane$org@jabberwocky.com> Message-ID: <20040928043412.GC9810@jabberwocky.com> On Mon, Sep 27, 2004 at 10:38:21PM +0200, Simon Josefsson wrote: > > I think history shows that any uncommon algorithm is going to be used > > simply because it's there... > > And that's bad. Maybe we can penalize such users somehow? Only > enable Tiger192 read-only support if a certain token is in the config > file? Then there is an escape mechanism if all but Tiger192 is > broken. That's effectively what SHA512 is now. It's read-only unless you modify the code. > OTOH, you might take the stand that if SHA256 is broken, you have a > lot of other problems. So any solution that would work for other > applications (that is, release a new version with support for SHA3) > would work for GnuPG as well. > > Personally, I would rather have to upgrade once in a while due to > cryptographic advances, than have even more dead code to review in > security critical applications. And if I were a maintainer, I > wouldn't want to maintain practically useless code, nor maintain an > escape mechanisms that might not ever be used, nor take on the support > cost of a niche market. Exactly. GnuPG already supports MD5, SHA1, RIPEMD160, SHA256, SHA384, and SHA512. If all of them are broken at the same time, I'll eat my hat. To say nothing of the fact that if SHA1 is broken, OpenPGP as a whole needs to be revised. David From amilivojevic at pbl.ca Tue Sep 28 16:42:47 2004 From: amilivojevic at pbl.ca (Aleksandar Milivojevic) Date: Tue Sep 28 16:36:18 2004 Subject: pgp4pine problem In-Reply-To: References: <20040925034840.A344@willy_wonka> Message-ID: <41597867.4090406@pbl.ca> Bob Holtzman wrote: > As I said: "I know they are old versions but they work well and I intend > keeping them if I can" at least they worked in the past. Also I try to > use only RPM packages for ease of installation and uninstallation and the > later versions of the gpg packages get me into dependency hell. If I can't > get the present set up to work I might build a package from a later souce > rpm and see what happens. Considering that simple "rpmbuild --rebuild src_rpm" will most likely do the job in about minute or two without need to edit anything (for simple package such as GnuPG), I'd say it pays to do it anyhow. -- Aleksandar Milivojevic Pollard Banknote Limited Systems Administrator 1499 Buffalo Place Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7 From mtjebben at cisco.com Thu Sep 30 16:53:56 2004 From: mtjebben at cisco.com (Michael O. Tjebben) Date: Thu Sep 30 16:51:07 2004 Subject: Enigmail having troubles with EOF? Message-ID: <415C1E04.1000306@cisco.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello gnupg-users- We are noticing problems where enigmail (v. *0.86.1.0*, but it could be other versions too), in Thunderbird (v0.8, but it could be other versions) (note that we match enigmail version to Thunderbird version as instructed), sometimes will not decrypt an email. But, if we happen to run PGP on the the window ("Current Window - Decrypt and Verify"), it is decrypted and displayed okay. Interestingly enough, if we start to reply to one of these emails in Thunderbird, the reply window shows the text decrypted! It seems to be some sort of EOF problem. Has anyone else seen this problem and know how to eliminate it? Sincerely, Michael Tjebben -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iEYEARECAAYFAkFcHgQACgkQm9hjB1PpUrH14ACfT8yKO/Et7+0AxzV2eqktEoUO RhQAoKGr9vyqPIojwq5yRl4fLTxdmc6n =2DJI -----END PGP SIGNATURE----- From mroth at nessie.de Thu Sep 30 20:03:01 2004 From: mroth at nessie.de (Michael Roth) Date: Thu Sep 30 20:00:02 2004 Subject: Enigmail having troubles with EOF? In-Reply-To: <415C1E04.1000306@cisco.com> References: <415C1E04.1000306@cisco.com> Message-ID: <415C4A55.3030603@nessie.de> Michael O. Tjebben wrote: > Has anyone else seen this problem and know how to eliminate it? Same problem seen here. But I don't verified the source of these problems nor I know any solution. Maybe it's a bug and somebody should check bugzilla if it is already reported... -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 222 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20040930/9e003ab6/signature.bin From oleksiy.muzalyev at bluewin.ch Thu Sep 30 23:25:33 2004 From: oleksiy.muzalyev at bluewin.ch (Oleksiy Muzalyev) Date: Thu Sep 30 23:22:34 2004 Subject: Is it possible to encrypt file symmetrically with 1 (one) command line? Message-ID: <415C79CD.6000702@bluewin.ch> Hi, When I enter: gpg -a -c data.php gpg asks for the password, I enter it, and it asks to repeat. Is there something like: gpg -a -c data.php --password MyPassword I call from VB2005: Shell("c:\gnupg\gpg.exe -a -c " & fileToEncrypt, AppWinStyle.NormalFocus) And console window opens and asks twice for the password. I would prefer to send the file path and password in one command. I can not use GPGME library because the program, which I write is for Windows, bur GPGME seems to be for Linux. Or is there the GPFME version for Windows XP? I need for the moment only the symmetrical encryption. Thanks. brgds O.M. From marcus.brinkmann at ruhr-uni-bochum.de Thu Sep 30 18:07:54 2004 From: marcus.brinkmann at ruhr-uni-bochum.de (Marcus Brinkmann) Date: Fri Oct 1 16:02:28 2004 Subject: [Announce] GPGME 1.0.0 released Message-ID: <87d603agf9.wl@ulysses.g10code.de> We are pleased to announce version 1.0.0 of GnuPG Made Easy, a library designed to make access to GnuPG easier for applications. It may be found in the file (about 791 KB compressed) ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.0.0.tar.gz The following files are also available: ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.0.0.tar.gz.sig ftp://ftp.gnupg.org/gcrypt/alpha/gpgme/gpgme-0.9.0-1.0.0.diff.gz It should soon appear on the mirrors listed at: http://www.gnupg.org/mirrors.html Bug reports and requests for assistance should be sent to: gnupg-devel@gnupg.org The md5sum checksums for this distibution are 6b6847d1fb58ee3ac613019a44a58a0e gpgme-0.9.0-1.0.0.diff.gz 1abf7accd905c435da567d0852c080af gpgme-1.0.0.tar.gz f489a46c0047a11e6563821fb22504e3 gpgme-1.0.0.tar.gz.sig Noteworthy changes in version 1.0.0 (2004-09-30) ------------------------------------------------ * Version 1.0.0! We are proud to present you with a thoroughly tested and stable version of the GPGME library. A big Thank You! to all the people who made this possible. The development will be branched into a stable 1.x.y series and the head. * The gpgme.m4 macro supports checking the API version. Just prepend it to the required version string, separated by a colon. For example, this release has the version "1:1.0.0". The last release to which this version is (mostly) ABI compatible is "1:0.4.2", which is the default required version. Marcus Brinkmann mb@g10code.de _______________________________________________ Gnupg-announce mailing list Gnupg-announce@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce