From jharris at widomaker.com Sun Oct 2 23:12:37 2005 From: jharris at widomaker.com (Jason Harris) Date: Sun Oct 2 23:13:02 2005 Subject: new (2005-10-02) keyanalyze results (+sigcheck) Message-ID: <20051002211237.GB750@wilma.widomaker.com> New keyanalyze results are available at: http://keyserver.kjsl.com/~jharris/ka/2005-10-02/ Signatures are now being checked using keyanalyze+sigcheck: http://dtype.org/~aaronl/ Earlier reports are also available, for comparison: http://keyserver.kjsl.com/~jharris/ka/ Even earlier monthly reports are at: http://dtype.org/keyanalyze/ SHA-1 hashes and sizes for all the "permanent" files: d6e50df1177792614ddbb5e43a15b49310f6f941 12947184 preprocess.keys f666283ecd536cf2d0c5945904c58c39d375d23d 7862191 othersets.txt 8948301e4cacdf503fe44a49f02d6ef71a03fa4a 3200998 msd-sorted.txt a751f9d5477744a4f5e5ce6ebad6a60908e317ee 1372 index.html ade9297d0da50dfcd4c6a6aac95709f311eba893 2291 keyring_stats 69e3aac3abb36fc0a559e0b363f3136dbeae54a2 1257968 msd-sorted.txt.bz2 52fa7027f38d9949a822d2135205123a72ae57db 26 other.txt ff4d2f0c0fa01f7a75cde70f7f7d2e0010c57066 1698198 othersets.txt.bz2 235a7261f3ba4ea875091cde18e2f8c665106cb3 5236059 preprocess.keys.bz2 dcd7d8399a89f69c55cf3bcbf06501db76004b20 13048 status.txt eb38eb05f353370b681cf273fdcac789ab233c66 210116 top1000table.html 53b6f84a522ff51e50ca7aa464560068cbeeb281 30145 top1000table.html.gz a0b818d1dc685c364de317ca2adb4b094529faa6 10778 top50table.html a93b13a379789fde934a552e5be01ea11034b8ff 2514 D3/D39DA0E3 -- Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it? jharris@widomaker.com _|_ web: http://keyserver.kjsl.com/~jharris/ Got photons? (TM), (C) 2004 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 313 bytes Desc: not available Url : /pipermail/attachments/20051002/55e30d57/attachment-0001.pgp From joern at bratzke.info Sun Oct 2 21:26:15 2005 From: joern at bratzke.info (=?ISO-8859-1?Q?J=F6rn_Bratzke?=) Date: Sun Oct 2 23:25:56 2005 Subject: libpam_poldi without entering pin Message-ID: <43403457.1080906@bratzke.info> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I am sucessfully using libpam_poldi with my OpenPGP Smartcard to authenticate myself, but i still have a question, is there a way to authenticate without entering the pin? I allready tried to set the "Force signature pin" Option to no but this didnt work. Greetings J?rn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQCVAwUBQ0A0U9zxKPuH2vgXAQKNiAP/dDxly+/Q74X2uReF27Le7sMFyMaWrwRQ 7wBDE8jXuW1ZcWQ+aYuVgthOxKavdbh5sYEPXRRYNjJlINciR0qri2QumZAsFaW9 nwM3HFjnhh6ksiToEsASjFf57TPV1lDYsRfF/w7DoXVcngobnGWjNWT0uToKNuDf LWPmriPl3sc= =WkXE -----END PGP SIGNATURE----- From dshaw at jabberwocky.com Mon Oct 3 00:08:19 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Mon Oct 3 00:08:56 2005 Subject: Can't check message signature In-Reply-To: <433D8792.90306@gmail.com> References: <433D3C86.8020007@gmail.com> <20050930134602.GC11013@jabberwocky.com> <433D8792.90306@gmail.com> Message-ID: <20051002220819.GA5573@jabberwocky.com> On Fri, Sep 30, 2005 at 10:44:34PM +0400, lusfert wrote: > David Shaw wrote: > > On Fri, Sep 30, 2005 at 05:24:22PM +0400, lusfert wrote: > > > >>Hello. > >> > >>Recently I submitted my key to PGP Global Directory and received a > >>verification request. I can't check it't signature, I see the following: > >> > >>OpenPGP Security Info > >> > >>Unverified signature > >> > >>gpg command line and output: > >>C:\\Program Files\\GNU\\GnuPG\\gpg.exe --charset utf8 --verbose --batch > >>- - --no-tty --status-fd 2 --verify > >>gpg: armor header: Hash: SHA1 > >>gpg: original file name='' > >>gpg: armor header: Version: PGP Universal 2.0.3 > >>gpg: Signature made 09/29/05 19:40:01 using RSA key ID CA57AD7C > >>gpg: WARNING: signature digest conflict in message > >>gpg: Can't check signature: general error > > > > > > Interesting. This means that the signature is malformed in a > > particular way. If there is nothing private in it, could you send me > > the message off-list? > I receive message ([PGP Global Directory] Verify Your Key) with such > "unverified signature" each time after submitting a key to PGP Global > Directory. > > What is "the message off-list"? It means, if you are willing to, to please send me a copy of the message, with the signature intact, so I can examine it. David From ah0k at na.rim.or.jp Mon Oct 3 01:38:14 2005 From: ah0k at na.rim.or.jp (Masashi SAKURADA) Date: Mon Oct 3 02:56:07 2005 Subject: libpam_poldi without entering pin In-Reply-To: <43403457.1080906@bratzke.info> References: <43403457.1080906@bratzke.info> Message-ID: <20051003.083814.193683476.ah0k@na.rim.or.jp> Dear J?rn, Could you please tell me where I can find your public key? ------------------------------------------Masashi SAKURADA/AH0K/JR2GMC E-mail: ah0k@na.rim.or.jp URL: http://www.ah0k.com/ GnuPG-Key: "lynx -source http://www.ah0k.com/ah0k.asc | gpg --import" PGP-fingerprint: 9332 0E9F 78AB E793 0E9F 84C6 FA74 3A11 3235 EC1E From joern at bratzke.info Mon Oct 3 23:27:50 2005 From: joern at bratzke.info (=?ISO-8859-1?Q?J=F6rn_Bratzke?=) Date: Tue Oct 4 00:27:58 2005 Subject: OpenPGP Card in SIM Size. Message-ID: <4341A256.8030905@bratzke.info> Hi, is it possible to cut the OpenPGP Card to the size of a SIM Card without destroying it? I am asking this because i want to use a Kobil KAAN SIM III Reader, its a ccid compatible USB Token which takes Cards in SIM size. I guess it should work ..?! Cheers, J?rn From ceplm at seznam.cz Tue Oct 4 07:30:10 2005 From: ceplm at seznam.cz (Matej Cepl) Date: Tue Oct 4 07:51:21 2005 Subject: Compatibility problems between KMail and Mozilla S/MIME signatures Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I've got a inquiry from Nelson Bolyard (now from Sun taking care for Netscape S/MIME stuff) concerning my bug# 236466 on Mozilla's bugzilla (see attached). Apparently, I still cannot authenticate his message (with gpgsm 1.9.15 on Debian/testing, kleopatra 0.40, dirmngr 0.9.2, and kmail 1.8.1), even though he uses Verisign as his CA and I have imported whole ca-bundle from OpenSSL and Verising root certs . See also output of gpgsm - --list-keys nelson and screenshot of kleopatra's opinion about the Nelson's cert. Any hope to make this work, please? Thanks, Matej - -- Matej Cepl, http://www.ceplovi.cz/matej/blog/ GPG Finger: 89EF 4BC6 288A BF43 1BAB 25C3 E09F EF25 D964 84AC Las cosas claras y el chocolate espreso. (Ideas should be clear and chocolate thick.) -- Spanish proverb % -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDQhNm4J/vJdlkhKwRAv3PAKCEGxBIpXO6MDUAj3PvrQ66w6oD9gCfeFZQ RwzZfddk0Y61mgZNXZMqg8Q= =wCXg -----END PGP SIGNATURE----- -------------- next part -------------- A non-text attachment was scrubbed... Name: message.gz Type: application/x-gzip Size: 6420 bytes Desc: not available Url : /pipermail/attachments/20051004/774dc67c/message.bin -------------- next part -------------- /home/matej/.gnupg/pubring.kbx ------------------------------ Serial number: 73E7 Issuer: /CN=Intranet Certificate Authority/OU=AOL Technologies/O=America Online Inc/L=Mountain View/ST=CA/C=US Subject: /CN=Nelson Bolyard/O=America Online Inc/C=US/EMail=misterssl@aol.com/UID=nelsonb aka: misterssl@aol.com validity: 2004-02-11 01:50:06 through 2004-08-07 23:59:00 key type: 1024 bit RSA key usage: digitalSignature ext key usage: clientAuth (suggested), emailProtection (suggested) fingerprint: 84:97:A6:0A:26:FB:9F:4F:90:6B:1A:77:CA:E4:F4:08:02:09:0A:5D Serial number: 73E6 Issuer: /CN=Intranet Certificate Authority/OU=AOL Technologies/O=America Online Inc/L=Mountain View/ST=CA/C=US Subject: /CN=Nelson Bolyard/O=America Online Inc/C=US/EMail=misterssl@aol.com/UID=nelsonb aka: misterssl@aol.com validity: 2004-02-11 01:50:06 through 2004-08-07 23:59:00 key type: 1024 bit RSA key usage: keyEncipherment ext key usage: clientAuth (suggested), emailProtection (suggested) fingerprint: 5E:1C:BA:5B:3F:E0:4E:91:67:C0:9F:0A:D3:2B:2A:BE:89:4F:71:67 Serial number: 00F921C9EADD4B937CE9528D56F23BDFC7 Issuer: /CN=Comodo Class 3 Security Services CA/OU=(c)2002 Comodo Limited/OU=Terms and Conditions of use: http:\x2f\x2fwww.comodo.net\x2frepository/OU=Comodo Trust Network/O=Comodo Limited/C=GB Subject: /CN=Nelson Bolyard/OU=(c)2003 Comodo Limited/OU=Terms and Conditions of use: http:\x2f\x2fwww.comodo.net\x2frepository/OU=Comodo Trust Network - PERSONA NOT VALIDATED/EMail=misterssl@aol.com aka: misterssl@aol.com validity: 2004-08-09 00:00:00 through 2005-08-09 23:59:59 key type: 1024 bit RSA key usage: digitalSignature keyEncipherment ext key usage: emailProtection (suggested), 1.3.6.1.4.1.6449.1.3.5.2 (suggested) policies: 1.3.6.1.4.1.6449.1.2.1.1.1:N: fingerprint: F6:AA:E9:7C:F0:4C:54:97:58:ED:F9:B4:AD:A6:35:25:5F:27:3B:4E Serial number: 248686BDA6C978AD0E3A31B349077D69 Issuer: /CN=VeriSign Class 1 CA Individual Subscriber-Persona Not Validated/OU=www.verisign.com\x2frepository\x2fRPA Incorp. By Ref.,LIAB.LTD(c)98/OU=VeriSign Trust Network/O=VeriSign, Inc. Subject: /CN=Nelson B Bolyard/OU=Digital ID Class 1 - Netscape Full Service/OU=Persona Not Validated/OU=www.verisign.com\x2frepository\x2fRPA Incorp. by Ref.,LIAB.LTD(c)98/OU=VeriSign Trust Network/O=VeriSign, Inc./EMail=nelson@bolyard.com validity: 2005-04-03 00:00:00 through 2006-04-03 23:59:59 key type: 2048 bit RSA key usage: digitalSignature keyEncipherment ext key usage: emailProtection (suggested), clientAuth (suggested) policies: 2.16.840.1.113733.1.7.23.3:N: fingerprint: 81:FF:F8:12:3D:0D:70:86:E8:FE:DA:87:CC:DA:B8:8C:1D:39:BF:0C From alphasigmax at gmail.com Tue Oct 4 10:57:31 2005 From: alphasigmax at gmail.com (Alphax) Date: Tue Oct 4 11:00:49 2005 Subject: OpenPGP Card in SIM Size. In-Reply-To: <4341A256.8030905@bratzke.info> References: <4341A256.8030905@bratzke.info> Message-ID: <434243FB.4080609@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 J?rn Bratzke wrote: > Hi, > > is it possible to cut the OpenPGP Card to the size of a SIM Card without > destroying it? > I am asking this because i want to use a Kobil KAAN SIM III Reader, its > a ccid compatible > USB Token which takes Cards in SIM size. I guess it should work ..?! > Of course, the problem with a card that small is that you could swallow it (or otherwise lose it) ;) I wonder if someone will start producing SIM-sized OpenPGP cards? How about as SD/XD cards? - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ0JD+7MAAH8MeUlWAQgYrwgAitQAEJPuzwz0UJO8HhIHrDHVh7Wb+R0y 2OYM9s8nJZtx+eZZ7+jpfVhIZpRsLNnIGWMuCYouNHqSeCtFCm0ZQY5ItZiqlfrm sBXqNs1cZBRFOS7eY0MO9K/cf3f7p3NPCm1kDKWbUqRdj0WOw9216/eaTBM4fALb e4MB0Du+UWJkkkEJhAJsOIEV8eLrXeeAAjuiWBYmr040h3p6JpLQotNoNJ5KfAzN SLE/9dnzYqJRV2aHRR/zaZSBf8NvoHPEGMW1ucKK1bgxKY5aAozEM52lc6VtA0Jv iEjx4jmIalRcqVnOP+WkO9pT5PCn51KcI1M0/yXYDhlgHnMUR0bdqw== =bCyO -----END PGP SIGNATURE----- From lnx1 at arcor.de Tue Oct 4 10:40:39 2005 From: lnx1 at arcor.de (Klaus Fuerstberger) Date: Tue Oct 4 11:55:57 2005 Subject: Convert "Sign Only" Primary Key Message-ID: <43424007.8000601@arcor.de> Hi, a time ago I created a "Sign Only" DSA Key with an ElGamal Encrypt Subkey. Now I noticed that it is not possible to encrypt a message with PGP to this Public Key because PGP only sees the "sign only" primary Key and not the encrypting subkey. Ist there a possibility to convert the "Sign Only" primary Key to a "Sign and Encrypt" Key? Any other possibilitys to use this Key, so it is compatible with PGP? Many thanks for Your help! Bye, Klaus From alphasigmax at gmail.com Tue Oct 4 12:04:30 2005 From: alphasigmax at gmail.com (Alphax) Date: Tue Oct 4 12:07:06 2005 Subject: Convert "Sign Only" Primary Key In-Reply-To: <43424007.8000601@arcor.de> References: <43424007.8000601@arcor.de> Message-ID: <434253AE.6000101@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Klaus Fuerstberger wrote: > Hi, > > a time ago I created a "Sign Only" DSA Key with an ElGamal Encrypt > Subkey. Now I noticed that it is not possible to encrypt a message with > PGP to this Public Key because PGP only sees the "sign only" primary Key > and not the encrypting subkey. > Must be a very old version of PGP... > Ist there a possibility to convert the "Sign Only" primary Key to a > "Sign and Encrypt" Key? > It's not possible to use DSA keys for encryption. You can however generate RSA sign & encrypt keys. > Any other possibilitys to use this Key, so it is compatible with PGP? > I'll cc: this to PGP-Basics @ yahoogroups; see what the people over there can dig up. - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ0JTri/ia4ZoBgmdAQg0pQf/TU5I4Frw54QqJTd8EHYYhIBMqb5iCW2Y JUlrXJcSHQ3rOg5PbUlXL8RO1gq7oGIZN+4pm/fnxcFlZ/o+uMx9mKl4QQM9GL3T LXL2xgwPNlcHH9mU5sXZza/OfeXsPTar2axpeAKgrR16dzNYztLdgBCvjLrq6MdG 5XLdKeaGJecCOLrD8utUm4G9cSA5Z2hyqx6oVsF/bI60qQZhqQ5Bnwp/zpAKtNWI 535lFexUVVhNWxho7koakcAXBbrf1hHbZikUwxN68LroXHM3usFOyHB/hPedE9q2 zvuwcCiaky6P2A+fdRAujQUH5BnPe4p+dRITyjrbEh6NMsxU05EUfg== =BDNN -----END PGP SIGNATURE----- From wk at gnupg.org Tue Oct 4 10:47:58 2005 From: wk at gnupg.org (Werner Koch) Date: Tue Oct 4 12:34:52 2005 Subject: Windows Corp Implementations In-Reply-To: (Richard Sperry's message of "Thu, 15 Sep 2005 01:46:37 -0700") References: Message-ID: <87u0fx6535.fsf@wheatstone.g10code.de> On Thu, 15 Sep 2005 01:46:37 -0700, Richard Sperry said: > What I want to do is extend the AD schema possibly with ADAM to incorperate basic keyserver functionality. Any clues, I know ldap > is outdated but it will work well for AD admins. IIRC, David Shaw already replied to this. > Next I was wondering what it would take to make the gpgexch have the ability to do the following: > Rich Text (so I can paste out of word and what not) We will support HTML, AFAICS this should allow you to paste text from Word to Outlook. > Symmetric encryption for mailing lists I have made a note to implement that. I don't think that this is widely used. > Auto key retreveal if it is not in the pub ring (from the perfered key server, perferably ldap) For signatures this can already be done by setting an appropriate option into gpg.conf. For encryption (i.e. no recipient key available) I am proposing a thing called PKA which as a side effect allows auto retrieval of keys. However this requires an widely deployed infrastructure implemented in the DNS. The future will show how this works out. Salam-Shalom, Werner From wk at gnupg.org Tue Oct 4 08:27:21 2005 From: wk at gnupg.org (Werner Koch) Date: Tue Oct 4 12:35:04 2005 Subject: OpenPGP Card in SIM Size. In-Reply-To: <4341A256.8030905@bratzke.info> ( =?utf-8?q?J=C3=B6rn_Bratzke's_message_of?= "Mon, 03 Oct 2005 23:27:50 +0200") References: <4341A256.8030905@bratzke.info> Message-ID: <87oe6594qe.fsf@wheatstone.g10code.de> On Mon, 03 Oct 2005 23:27:50 +0200, J?rn Bratzke said: > is it possible to cut the OpenPGP Card to the size of a SIM Card without > destroying it? Should be possible with a sharp tool. I have no experience, though. Shalom-Salam, Werner From wk at gnupg.org Tue Oct 4 08:25:36 2005 From: wk at gnupg.org (Werner Koch) Date: Tue Oct 4 12:35:52 2005 Subject: libpam_poldi without entering pin In-Reply-To: <43403457.1080906@bratzke.info> ( =?utf-8?q?J=C3=B6rn_Bratzke's_message_of?= "Sun, 02 Oct 2005 21:26:15 +0200") References: <43403457.1080906@bratzke.info> Message-ID: <87slvh94tb.fsf@wheatstone.g10code.de> On Sun, 02 Oct 2005 21:26:15 +0200, J?rn Bratzke said: > I am sucessfully using libpam_poldi with my OpenPGP Smartcard to > authenticate myself, but i still have a question, is there a way to > authenticate without entering the pin? I allready tried to set the > "Force signature pin" Option to no but this didnt work. With force signature pin option the card itself requires that a PIN is presented before each signature creation; i.e. the card does not cache the PIN internally. We have a hack using the login-data to tell the code that the card uses a standard pin. There is parsing code in app-openpg.c but it is not currently used. It is on my todo list. /* GnuPG makes special use of the login-data DO, this function parses the login data to store the flags for later use. It may be called at any time and should be called after changing the login-data DO. Everything up to a LF is considered a mailbox or account name. If the first LF is followed by DC4 (0x14) control sequence are expected up to the next LF. Control sequences are separated by FS (0x28) and consist of key=value pairs. There is one key defined: F= Were FLAGS is a plain hexadecimal number representing flag values. The lsb is here the rightmost bit. Defined flags bits are: Bit 0 = CHV1 and CHV2 are not syncronized Bit 1 = CHV2 has been been set to the default PIN of "123456" (this implies that bit 0 is also set). */ CHV2 is used with the authentication key. Salam-Shalom, Werner From lnx1 at arcor.de Tue Oct 4 12:50:55 2005 From: lnx1 at arcor.de (Klaus Fuerstberger) Date: Tue Oct 4 12:50:58 2005 Subject: Convert "Sign Only" Primary Key In-Reply-To: <434253AE.6000101@gmail.com> References: <43424007.8000601@arcor.de> <434253AE.6000101@gmail.com> Message-ID: <43425E8F.4030703@arcor.de> Alphax said the following on 10/04/05 12:04: >>>a time ago I created a "Sign Only" DSA Key with an ElGamal Encrypt >>>Subkey. Now I noticed that it is not possible to encrypt a message with >>>PGP to this Public Key because PGP only sees the "sign only" primary Key >>>and not the encrypting subkey. > Must be a very old version of PGP... Maybe You missunderstand my procederes: $ gpg --gen-key Please select what kind of key you want: (1) DSA and ElGamal (default) (2) DSA (sign only) (4) RSA (sign only) Here I selected "2". After the key creation I did a: Command> addkey Please select what kind of key you want: (2) DSA (sign only) (3) ElGamal (encrypt only) (4) RSA (sign only) (5) RSA (encrypt only) Here I selected "3". This key does not work with PGP5 for encryption. Only for signing. Bye Klaus From alphasigmax at gmail.com Tue Oct 4 14:56:07 2005 From: alphasigmax at gmail.com (Alphax) Date: Tue Oct 4 14:58:43 2005 Subject: Convert "Sign Only" Primary Key In-Reply-To: <43425E8F.4030703@arcor.de> References: <43424007.8000601@arcor.de> <434253AE.6000101@gmail.com> <43425E8F.4030703@arcor.de> Message-ID: <43427BE7.70404@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Klaus Fuerstberger wrote: > Alphax said the following on 10/04/05 12:04: > > >>>>a time ago I created a "Sign Only" DSA Key with an ElGamal Encrypt >>>>Subkey. Now I noticed that it is not possible to encrypt a message with >>>>PGP to this Public Key because PGP only sees the "sign only" primary Key >>>>and not the encrypting subkey. > > >>Must be a very old version of PGP... > > > Maybe You missunderstand my procederes: > $ gpg --gen-key > Please select what kind of key you want: > (1) DSA and ElGamal (default) > (2) DSA (sign only) > (4) RSA (sign only) > > Here I selected "2". After the key creation I did a: > > Command> addkey > Please select what kind of key you want: > (2) DSA (sign only) > (3) ElGamal (encrypt only) > (4) RSA (sign only) > (5) RSA (encrypt only) > > Here I selected "3". > > This key does not work with PGP5 for encryption. Only for signing. > It may be that PGP 5 doesn't support ElGamal keys. Try adding an RSA subkey. - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ0J757MAAH8MeUlWAQhZlggAjao1fhPEx4AHlDETCAHXAVTqMv6rZhJk PmU5oecEkk/IkS1JLXdacrpNzSl+1FUL3nSVYPdAUSq+ZQ8TEBdHnvhnKW8EjOaQ G7JIAEBW9xn6ctLEGkDGdPQYdsjB6dFuCmnjleQtLEsw6XE2VGDyRLBUPhpKG0Lq 66i2WtNK2T9+bh913jdQHMt2xpf86LAxAySAEZA7jYqh6mL2+SV5/+Lbkg1JRl3D SREiNFWPQENYpnUQ3vY0yrUR96AzbCR1ucRk7b7GtJjxnTaIT7kRpy9bCqXM1zHV x2G7xnDuWk1uiRyJkUlNGsuzOAIw4D/V4ei3EHkA1FMBMMKjmXxmFQ== =Ukir -----END PGP SIGNATURE----- From joern at bratzke.info Tue Oct 4 20:50:48 2005 From: joern at bratzke.info (=?ISO-8859-1?Q?J=F6rn_Bratzke?=) Date: Tue Oct 4 20:50:42 2005 Subject: OpenPGP Card and ssh howto Message-ID: <4342CF08.6010704@bratzke.info> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there i sucessfully used my OpenPGP Card together with ssh and I worte a very very short and rather compact HOWTO for this. You can find it at http://cyphertext.de/ssh-openpgpcard-howto.txt Hope someone finds it usefull. Greetings, J?rn From wk at gnupg.org Tue Oct 4 22:18:43 2005 From: wk at gnupg.org (Werner Koch) Date: Tue Oct 4 22:51:13 2005 Subject: gpa / gpg-agent In-Reply-To: <4329FFC0.5060307@frontiernet.net> (Gary Graham's message of "Thu, 15 Sep 2005 19:12:00 -0400") References: <4329FFC0.5060307@frontiernet.net> Message-ID: <87d5ml3ujg.fsf@wheatstone.g10code.de> On Thu, 15 Sep 2005 19:12:00 -0400, Gary Graham said: > I do not see any notes on how to run gpg-agent. I went thru the The manual describes how to install and use it. ("info gnupg") > Is this the right mailing list to discuss GPA? There are too many > problems to mention before finding out if this is the correct place to > address it. There is a gpa-dev at gnupg.org list which might be buiter suited., BTW, we are currently in the process of cleaning up some GPA bits. Shalom-Salam, Werner From Lukasz.Stelmach at telmark.waw.pl Tue Oct 4 22:48:35 2005 From: Lukasz.Stelmach at telmark.waw.pl (Lukasz Stelmach) Date: Wed Oct 5 00:25:58 2005 Subject: gnome-keyring Message-ID: <20051004204835.GA57503@tygrys.k.telmark.waw.pl> Greetings All. I haven't follwed this list lately but google claims that my question hasn't been asked yet ;) What do you think about using gnome-keyring to store GnuPG passwords? As far as I know it allows one either store a password permanently in an ecrupted file or in a temporary "session" keyring, which is the same what gnupg-agent-does. -- |/ |_, _ .- --, Ju? z ka?dej strony pe?zn?, potworne ??dze |__ |_|. | \ |_|. ._' /_. B?d? uprawia? nierz?d, za pieni?dze -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : /pipermail/attachments/20051004/6f13c27f/attachment-0001.pgp From lnx1 at arcor.de Wed Oct 5 11:55:34 2005 From: lnx1 at arcor.de (Klaus Fuerstberger) Date: Wed Oct 5 11:55:57 2005 Subject: Expiration Date on Subkeys and PGP [was: Re: Convert "Sign Only" Primary Key] In-Reply-To: <43427BE7.70404@gmail.com> References: <43424007.8000601@arcor.de> <434253AE.6000101@gmail.com> <43425E8F.4030703@arcor.de> <43427BE7.70404@gmail.com> Message-ID: <4343A316.4040709@arcor.de> Hi, Alphax said the following on 10/04/05 14:56: >>>>>>a time ago I created a "Sign Only" DSA Key with an ElGamal Encrypt >>>>>>Subkey. Now I noticed that it is not possible to encrypt a message with >>>>>>PGP to this Public Key because PGP only sees the "sign only" primary Key >>>>>>and not the encrypting subkey. > It may be that PGP 5 doesn't support ElGamal keys. Try adding an RSA subkey. Ok, a bit more tries. Meanwhile I could locate the error. It's does not matter what kind of Subkey I use. The expiration Date is the only Problem. When the subkey is created with the addkey command with no expiration Date, the exported public Key can be used with PGP5 for encrypting. But when I afterwards set the expiration Date with the "expire" command, the Key becomes again a "Sign Only" public Key for PGP5. So now the strange thing. When I try to set the expiration Date again to unlimited on the existing Key, export again - the Key is also just a "Sign Only" Key! At least for my pgp5i Version from debian/oldstable. There must be some difference how GnuPG 1.4.1 sets the expiration Date on Subkey creation and the Menu Option "expire". Can someone verify this? Bye, Klaus From johanw at vulcan.xs4all.nl Wed Oct 5 09:58:23 2005 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Wed Oct 5 13:07:08 2005 Subject: gnome-keyring In-Reply-To: <20051004204835.GA57503@tygrys.k.telmark.waw.pl> Message-ID: <200510050758.j957wNhU005016@vulcan.xs4all.nl> Lukasz Stelmach wrote: >What do you think about using gnome-keyring to store GnuPG passwords? It would require users to install many bulky Gnome libs. I don't think that's a good idea. -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From wk at gnupg.org Wed Oct 5 13:23:23 2005 From: wk at gnupg.org (Werner Koch) Date: Wed Oct 5 13:26:40 2005 Subject: Expiration Date on Subkeys and PGP In-Reply-To: <4343A316.4040709@arcor.de> (Klaus Fuerstberger's message of "Wed, 05 Oct 2005 11:55:34 +0200") References: <43424007.8000601@arcor.de> <434253AE.6000101@gmail.com> <43425E8F.4030703@arcor.de> <43427BE7.70404@gmail.com> <4343A316.4040709@arcor.de> Message-ID: <87u0fwfbro.fsf@wheatstone.g10code.de> On Wed, 05 Oct 2005 11:55:34 +0200, Klaus Fuerstberger said: > "expire" command, the Key becomes again a "Sign Only" public Key for > PGP5. So now the strange thing. When I try to set the expiration Date PGP 5 is known to be full of bugs - some of them are severe security bugs. For example it can't handle signing subkeys correclty and IIRC has problems with expiration dates. > again to unlimited on the existing Key, export again - the Key is also > just a "Sign Only" Key! At least for my pgp5i Version from debian/oldstable. pgp5 can't be part of Debian because it is clearly non-free software. Shalom-Salam, Werner From joern at bratzke.info Wed Oct 5 13:31:47 2005 From: joern at bratzke.info (=?ISO-8859-1?Q?J=F6rn_Bratzke?=) Date: Wed Oct 5 13:42:03 2005 Subject: OpenPGP Card and ssh howto In-Reply-To: <20051005091310.GA21631@mail.gasops.co.uk> References: <4342CF08.6010704@bratzke.info> <20051005091310.GA21631@mail.gasops.co.uk> Message-ID: <4343B9A3.2070705@bratzke.info> Shaun Lipscombe wrote: >Seems there is an error in the email you sent. Just thought I'd let you >know that your email wasn't , at least for me, signed correctly. > > > Yepp i know something went wrong with enigmail :-/. Greetings, J?rn From johanw at vulcan.xs4all.nl Wed Oct 5 13:24:37 2005 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Wed Oct 5 14:35:40 2005 Subject: Expiration Date on Subkeys and PGP [was: Re: Convert "Sign Only" In-Reply-To: <4343A316.4040709@arcor.de> Message-ID: <200510051124.j95BObW2007033@vulcan.xs4all.nl> Klaus Fuerstberger wrote: >just a "Sign Only" Key! At least for my pgp5i Version from debian/oldstable. One warning: don't generate production keys with that version. It is known to have a buggy random generator so its keys are weak. -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From johanw at vulcan.xs4all.nl Wed Oct 5 14:42:51 2005 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Wed Oct 5 14:42:26 2005 Subject: Expiration Date on Subkeys and PGP In-Reply-To: <87u0fwfbro.fsf@wheatstone.g10code.de> Message-ID: <200510051242.j95Cgpbf008069@vulcan.xs4all.nl> Werner Koch wrote: >pgp5 can't be part of Debian because it is clearly non-free software. That depends on your definition. But I guess it would be allowed to distribute it with a Linux distribution. From the LICENSE file from a pgp 5.0i source (I still have it, although I never succeeded in compiling it): PGP International Freeware, Version 5.0i (Executable Object Code Version) Copyright ? 1990-1997 Pretty Good Privacy, Inc. All Rights Reserved. For Non-Commercial Distribution and Use Only Terms and Conditions [...] b. Non-Commercial Distribution. You may make exact, unmodified copies of this Software Product and distribute such copies solely by electronic means (for example, posting on Internet sites for others to download), subject to the following (a) that such distribution is solely for non-commercial purposes (see above definition), (b) that the Software Product is distributed unmodified and in its entirety (with its complete user documentation, its readme files, its copyright, trademark, other intellectual property notices, including these terms and conditions, and all of its other components), and (c) that such distribution may occur anywhere in the world, except that Pretty Good Privacy, Inc. expressly forbids the export of this Software Product to any countries embargoed by the U.S. government (currently including, Cuba, Iran, Iraq, Libya, North Korea, Syria and Sudan) or to the United States to the extent the practice in the U.S. of any of the inventions covered by U.S. patent no. 4,405,829 (the "RSA" patent) would require payment to the patent rights holder. -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From wk at gnupg.org Wed Oct 5 14:54:49 2005 From: wk at gnupg.org (Werner Koch) Date: Wed Oct 5 15:09:40 2005 Subject: [Announce] Libgcrypt 1.2.2 released Message-ID: <87br24f7ja.fsf@wheatstone.g10code.de> Skipped content of type multipart/signed-------------- next part -------------- _______________________________________________ Gnupg-announce mailing list Gnupg-announce@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce From wk at gnupg.org Wed Oct 5 15:38:14 2005 From: wk at gnupg.org (Werner Koch) Date: Wed Oct 5 15:41:54 2005 Subject: Expiration Date on Subkeys and PGP In-Reply-To: <200510051242.j95Cgpbf008069@vulcan.xs4all.nl> (Johan Wevers's message of "Wed, 5 Oct 2005 14:42:51 +0200 (MET DST)") References: <200510051242.j95Cgpbf008069@vulcan.xs4all.nl> Message-ID: <871x30f5ix.fsf@wheatstone.g10code.de> On Wed, 5 Oct 2005 14:42:51 +0200 (MET DST), Johan Wevers said: > That depends on your definition. But I guess it would be allowed to > distribute it with a Linux distribution. From the LICENSE file from Debian does not allow this - maybe it was included in the former non-free repository but that has never been part of Debian proper. Salam-Shalom, Werner From lionel at mamane.lu Wed Oct 5 19:34:56 2005 From: lionel at mamane.lu (Lionel Elie Mamane) Date: Wed Oct 5 19:34:53 2005 Subject: Migrating from PGP TO GPG In-Reply-To: References: <20050916090345.GB13300@tofu.mamane.lu> Message-ID: <20051005173456.GA3763@tofu.mamane.lu> On Mon, Oct 03, 2005 at 05:02:52PM -0700, amit bhalerao wrote: > I want to decrypt a gpg encrypted document using a GPG. Is there > any way i can decrypt it in a non -interactive mode so that it > doesn't ask for passphrase.I want to execute the command in shell > script. > Any pointer to this would be of great help. Use the GnuPG agent from GnuPG2 (you can use the agent from GnuPG2 with GnuPG 1.4) or use the --passphrase-fd option. -- Lionel From joerg at schmitz-linneweber.de Wed Oct 5 20:10:22 2005 From: joerg at schmitz-linneweber.de (Joerg Schmitz-Linneweber) Date: Wed Oct 5 20:10:32 2005 Subject: gpg-agent PIN cache Message-ID: <200510052010.28712.joerg@schmitz-linneweber.de> Hi Werner, hi all! I've a problem with "PIN keeping" in gpg-agent (version numbers below). Everythings works fine: I start up gpg-agent: # eval `gpg-agent -v --enable-ssh-support --daemon \ --log-file /home/jsl/ga.log --debug-level expert --default-cache-ttl-ssh\ 20000` and I can see my "new" key on the card: # ssh-add -l 1024 e5:f9:3c:fc:04:0e:b4:b4:75:98:72:cf:d5:df:96:cb cardno:000mynumber (RSA) Now I can "ssh" to any where my pkey is registered. Good. The first time i try to use the key, the pinentry(-qt) comes up and asks for the PIN. But the problem is: The second time and ever on, pinentry comes up and asks for my PIN! Although I said "cache ttl for ssh should be some hours..." Does anyone know why gpg-agent/pinentry does so? Here is a log of two "ssh sessions": --- snip ------------------------------------------ 2005-10-05 19:51:59 gpg-agent[8885] Es wird auf Socket `/tmp/gpg-kvPjWi/S.gpg-agent' geh?rt 2005-10-05 19:51:59 gpg-agent[8885] Es wird auf Socket `/tmp/gpg-RXfxR6/S.gpg-agent.ssh' geh?rt 2005-10-05 19:52:04 gpg-agent[8886] SSH Handhabungsroutine 0x8083b88 f?r fd 0 gestartet 2005-10-05 19:52:04 gpg-agent[8886] ssh request handler for request_identities (11) started 2005-10-05 19:52:04 gpg-agent[8886] no running SCdaemon - starting it 2005-10-05 19:52:04 gpg-agent[8886] DBG: first connection to SCdaemon established 2005-10-05 19:52:04 gpg-agent[8886] DBG: additional connections at `/tmp/gpg-0HjfQH/S.scdaemon' 2005-10-05 19:52:05 gpg-agent[8886] ssh request handler for request_identities (11) ready 2005-10-05 19:52:05 gpg-agent[8886] ssh request handler for sign_request (13) started 2005-10-05 19:52:05 gpg-agent[8886] DBG: detected card with S/N "my number" :-) 2005-10-05 19:52:05 gpg-agent[8886] starting a new PIN Entry 2005-10-05 19:52:05 gpg-agent[8886] DBG: connection to PIN entry established 2005-10-05 19:52:06 gpg-agent[8886] SIGUSR2 received - checking smartcard status 2005-10-05 19:52:09 gpg-agent[8886] ssh request handler for sign_request (13) ready 2005-10-05 19:52:09 gpg-agent[8886] SSH Handhabungsroutine 0x8083b88 f?r fd 0 beendet 2005-10-05 19:52:45 gpg-agent[8886] SSH Handhabungsroutine 0x8083b88 f?r fd 0 gestartet 2005-10-05 19:52:45 gpg-agent[8886] ssh request handler for request_identities (11) started 2005-10-05 19:52:45 gpg-agent[8886] new connection to SCdaemon established (reusing) 2005-10-05 19:52:46 gpg-agent[8886] ssh request handler for request_identities (11) ready 2005-10-05 19:52:46 gpg-agent[8886] ssh request handler for sign_request (13) started 2005-10-05 19:52:46 gpg-agent[8886] DBG: detected card with S/N "again my number" :-) 2005-10-05 19:52:46 gpg-agent[8886] starting a new PIN Entry 2005-10-05 19:52:47 gpg-agent[8886] DBG: connection to PIN entry established 2005-10-05 19:52:50 gpg-agent[8886] ssh request handler for sign_request (13) ready 2005-10-05 19:52:51 gpg-agent[8886] SSH Handhabungsroutine 0x8083b88 f?r fd 0 beendet 2005-10-05 20:02:15 gpg-agent[8886] SSH Handhabungsroutine 0x8083b88 f?r fd 0 gestartet 2005-10-05 20:02:15 gpg-agent[8886] ssh request 1 is not supported 2005-10-05 20:02:15 gpg-agent[8886] ssh request handler for request_identities (11) started 2005-10-05 20:02:15 gpg-agent[8886] new connection to SCdaemon established (reusing) 2005-10-05 20:02:16 gpg-agent[8886] ssh request handler for request_identities (11) ready 2005-10-05 20:02:16 gpg-agent[8886] SSH Handhabungsroutine 0x8083b88 f?r fd 0 beendet --- snip ------------------------------------------ Here are the versions used... # gpg2 --version gpg (GnuPG) 1.9.19 # scdaemon --version scdaemon (GnuPG) 1.9.19 # gpg-agent --version gpg-agent (GnuPG) 1.9.19 # pinentry --version pinentry-qt (pinentry) 0.7.3-cvs # libgcrypt-config --version 1.3.0-cvs # libassuan-config --version 0.6.11-cvs # pth-config --version GNU Pth 2.0.5 (05-Oct-2005) # ksba-config --version 0.9.12 # gpg-error-config --version 1.1 Did I miss something? ;-) Thank you very much in advance! Salut, J?rg -- gpg/pgp key # 0xd7fa4512 fingerprint 4e89 6967 9cb2 f548 a806 ?7e8b fcf4 2053 d7fa 4512 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051005/a6fa6940/attachment.pgp From lionel at mamane.lu Wed Oct 5 20:18:02 2005 From: lionel at mamane.lu (Lionel Elie Mamane) Date: Wed Oct 5 20:17:56 2005 Subject: Migrating from PGP TO GPG In-Reply-To: <42B5B17E-CF58-4C98-8C80-C0DA43BB7F7E@apple.com> References: <20050916090345.GB13300@tofu.mamane.lu> <20051005173456.GA3763@tofu.mamane.lu> <42B5B17E-CF58-4C98-8C80-C0DA43BB7F7E@apple.com> Message-ID: <20051005181802.GC3763@tofu.mamane.lu> On Wed, Oct 05, 2005 at 10:41:17AM -0700, amit bhalerao wrote: > Is there any way i can validate that decryption process has been > successful base on error code? Do you have any document which list > down possible error code and cause of failure. Use --status-fd and read doc/DETAILS in the sources. From Lukasz.Stelmach at telmark.waw.pl Thu Oct 6 00:16:03 2005 From: Lukasz.Stelmach at telmark.waw.pl (Lukasz Stelmach) Date: Thu Oct 6 00:16:52 2005 Subject: gnome-keyring In-Reply-To: <200510050758.j957wNhU005016@vulcan.xs4all.nl> References: <20051004204835.GA57503@tygrys.k.telmark.waw.pl> <200510050758.j957wNhU005016@vulcan.xs4all.nl> Message-ID: <20051005221603.GA69595@tygrys.k.telmark.waw.pl> Byla godzina 09:58:23 w Wednesday 05 October, gdy do autobusu wsiadl kanar i wrzasnal:"Johan Wevers!!! Bilecik do kontroli!!!" A on(a) na to: LS>> What do you think about using gnome-keyring to store GnuPG passwords? JW> It would require users to install many bulky Gnome libs. I don't think JW> that's a good idea. I don't mean gnome-keyring as a replacement for GPA but rather an option for it. I mean, why run two password caching daemons if you can have just one and you already use gnome-keyring. -- |/ |_, _ .- --, Ju? z ka?dej strony pe?zn?, potworne ??dze |__ |_|. | \ |_|. ._' /_. B?d? uprawia? nierz?d, za pieni?dze From wk at gnupg.org Thu Oct 6 10:19:03 2005 From: wk at gnupg.org (Werner Koch) Date: Thu Oct 6 10:21:52 2005 Subject: gpg-agent PIN cache In-Reply-To: <200510052010.28712.joerg@schmitz-linneweber.de> (Joerg Schmitz-Linneweber's message of "Wed, 5 Oct 2005 20:10:22 +0200") References: <200510052010.28712.joerg@schmitz-linneweber.de> Message-ID: <87psqjcb2g.fsf@wheatstone.g10code.de> On Wed, 5 Oct 2005 20:10:22 +0200, Joerg Schmitz-Linneweber said: > But the problem is: The second time and ever on, pinentry comes up and asks > for my PIN! Although I said "cache ttl for ssh should be some hours..." > Does anyone know why gpg-agent/pinentry does so? Yes. We do a reset after each connection which requires entering a new PIN. That reset is actually not required however there is a some other problem where the reset helps. I really really need to look at this. Salam-Shalom, Werner From marcus.brinkmann at ruhr-uni-bochum.de Sun Oct 2 00:53:37 2005 From: marcus.brinkmann at ruhr-uni-bochum.de (Marcus Brinkmann) Date: Thu Oct 6 11:57:19 2005 Subject: [Announce] GPGME 1.1.0 released Message-ID: <877jcwrgr2.wl%marcus.brinkmann@ruhr-uni-bochum.de> We are pleased to announce version 1.0.1 of GnuPG Made Easy, a library designed to make access to GnuPG easier for applications. It may be found in the file (about 818 KB/630 KB compressed) ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.1.0.tar.gz ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.1.0.tar.bz2 The following files are also available: ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.1.0.tar.gz.sig ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.1.0.tar.bz2.sig ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.0.3-1.1.0.diff.gz It should soon appear on the mirrors listed at: http://www.gnupg.org/mirrors.html Bug reports and requests for assistance should be sent to: gnupg-devel@gnupg.org The sha1sum checksums for this distibution are 2b4f6a8eb4bbc3bc8ad049840c8cbe695ad379f9 gpgme-1.1.0.tar.gz be6a3ed597e21245f9132364ab5f7e6039069988 gpgme-1.1.0.tar.bz2 bdbeb96ba64c8c358c0885532b083659339b1258 gpgme-1.1.0.tar.gz.sig 9e074b64aa1755ae9e9dc4d4a2fd8da637711cc0 gpgme-1.1.0.tar.bz2.sig d3b04ab5708d86156f586b8fc34d0958b367e552 gpgme-1.0.3-1.1.0.diff.gz Noteworthy changes in version 1.1.0 (2005-10-01) ------------------------------------------------ * You can now configure the backend engine file name and home directory to be used, as default and per context. * Information about the recipients of an encrypted text is now available at decryption time. * New status GPGME_STATUS_PLAINTEXT. This is analyzed by the decrypt and verify handlers, the information about the plaintext filename, if available is made available in the new field file_name of the respective result structure. * The code for "automagically detecting the thread library" has been removed from libgpgme. It is deprecated since version 0.4.3. Since then, you had to link against libgpgme-pthread for applications using pthread and libgpgme-pth for applications using GNU Pth. The code was removed because it caused compilation problems on systems where the pthread.h header from GNU Pth is available in addition to the system header (FreeBSD 6 and later for example). * "./autogen.sh --build-w32" does now build gpgme.dll. * [W32] The environment variable GPGME_DEBUG now uses a semicolon as delimiter. The standard install directory is used when locating gpg or gpgsm before finally falling back to the hardwired name. * There is a new flag for keys and subkeys, is_qualified, which indicates if a key can be used for qualified signatures according to local government regulations. * You can associate a filename with a data object using the new function gpgme_data_set_file_name(). This filename will be stored in the output when encrypting or signing the data and will be returned when decrypting or verifying the output data. * You can now set notation data at signature creation with the new function gpgme_sig_notation_add(). * Interface changes relative to the 1.0.3 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_set_engine_info NEW gpgme_ctx_get_engine_info NEW gpgme_ctx_set_engine_info NEW gpgme_recipient_t NEW gpgme_decrypt_result_t EXTENDED: New field recipients. gpgme_verify_result_t EXTENDED: New fields pubkey_algo, hash_algo. gpgme_decrypt_result_t EXTENDED: New field plaintext_filename. gpgme_verify_result_t EXTENDED: New field plaintext_filename. GPGME_STATUS_PLAINTEXT NEW gpgme_key_t EXTENDED: New field is_qualified. gpgme_subkey_t EXTENDED: New field is_qualified. gpgme_data_get_file_name NEW gpgme_data_set_file_name NEW gpgme_sig_notation_flags_t NEW GPGME_SIG_NOTATION_HUMAN_READABLE NEW GPGME_SIG_NOTATAION_CRITICAL NEW gpgme_sig_notation_clear NEW gpgme_sig_notation_add NEW gpgme_sig_notation_get NEW ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Marcus Brinkmann mb@g10code.de _______________________________________________ Gnupg-announce mailing list Gnupg-announce@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce _______________________________________________ Gnupg-devel mailing list Gnupg-devel@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-devel _______________________________________________ Gnupg-announce mailing list Gnupg-announce@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce From derek at ximbiot.com Thu Oct 6 21:50:35 2005 From: derek at ximbiot.com (Derek Price) Date: Thu Oct 6 21:52:38 2005 Subject: RFC - CVS Signed Commit & Replay Attacks Message-ID: <4345800B.8010603@ximbiot.com> Hi all, I mentioned on this list a few days ago that I am implementing gpg-signed-commits for CVS. This is somewhat of a new area for me, and I was hoping to trust GPG to solve most of the security issues, but it turns out this doesn't cover the possibility of replay attacks. We've been discussing this for a few days on bug-cvs@nongnu.org, but it feels somewhat like we are stumbling around in the dark and I was hoping for some comments from people more familiar with this sort of thing. The current end of the thread is here: . Probably not more than two messages back in that thread are particularly relevant, unless you want to laugh at our ignorance. For background, the gpg-signed-commits design is Wikied here: . If you would care to comment on any other shortcomings in this design, that would be welcome too. Thanks, Derek -- Derek R. Price CVS Solutions Architect Ximbiot v: +1 717.579.6168 f: +1 717.234.3125 From marcus.brinkmann at ruhr-uni-bochum.de Fri Oct 7 01:03:29 2005 From: marcus.brinkmann at ruhr-uni-bochum.de (Marcus Brinkmann) Date: Fri Oct 7 01:56:05 2005 Subject: gpgme-1.1.0: make check: FAIL: t-sig-notation In-Reply-To: <1128630552l.10050l.1l@roo.localnet> References: <1128630552l.10050l.1l@roo.localnet> Message-ID: <87u0fu6yf2.wl%marcus.brinkmann@ruhr-uni-bochum.de> At Thu, 06 Oct 2005 20:29:04 +0000, "William M. Perkins" wrote: > GnuPG version: 1.4.2, min. 1.2.2 Ah, ok. I only tested it with GnuPG 1.4.1, which worked fine. > The failure happened at: > t-sig-notation.c:108: Missing or duplicate notation data > FAIL: t-sig-notation GnuPG 1.4.2 has a stricter check for critical notation data. Sigh. The below patch is now in CVS Head, and will be part of 1.1.1. If you want, give it a try. Otherwise just ignore the broken test, it has no effect on how GPGME works. 2005-10-07 Marcus Brinkmann * gpg/t-sig-notation.c: Change critical notation to something GnuPG understands. diff -ru gpgme/tests/gpg/t-sig-notation.c gpgme/tests/gpg/t-sig-notation.c --- gpgme/tests/gpg/t-sig-notation.c 2005-10-01 04:06:08.000000000 +0200 +++ gpgme/tests/gpg/t-sig-notation.c 2005-10-07 01:00:02.000000000 +0200 @@ -42,8 +42,8 @@ { "laughing@me", "Just Squeeze Me", GPGME_SIG_NOTATION_HUMAN_READABLE }, - { "leave@home", - "Right Now", + { "preferred-email-encoding@pgp.com", + "pgpmime", GPGME_SIG_NOTATION_HUMAN_READABLE | GPGME_SIG_NOTATION_CRITICAL }, { NULL, "http://www.gnu.org/policy/", Thanks, Marcus From nidhog at gmail.com Fri Oct 7 04:07:44 2005 From: nidhog at gmail.com (nidhog) Date: Fri Oct 7 04:08:13 2005 Subject: partition encryption? Message-ID: Hi, Do you guys have any suggestion as to how to go about encrypting a partition that can be available both to linux and win32? Thanks. -- /nh From erpo41 at hotpop.com Fri Oct 7 10:13:07 2005 From: erpo41 at hotpop.com (Eric) Date: Fri Oct 7 10:14:38 2005 Subject: partition encryption? In-Reply-To: References: Message-ID: <1128672787.6448.40.camel@localhost.localdomain> On Fri, 2005-10-07 at 10:07 +0800, nidhog wrote: > Do you guys have any suggestion as to how to go about encrypting a > partition that can be available both to linux and win32? It's not easy to do this, and I don't think it will get any easier any time soon. The best solution I know of is a product called BestCrypt (www.jetico.com). BestCrypt costs money and AFAIK you can't get the source code so there's no way to be sure it's secure. Eric From abhalerao at apple.com Tue Oct 4 02:02:52 2005 From: abhalerao at apple.com (amit bhalerao) Date: Fri Oct 7 10:32:36 2005 Subject: Migrating from PGP TO GPG In-Reply-To: <20050916090345.GB13300@tofu.mamane.lu> References: <20050916090345.GB13300@tofu.mamane.lu> Message-ID: Hi , I want to decrypt a gpg encrypted document using a GPG. Is there any way i can decrypt it in a non -interactive mode so that it doesn't ask for passphrase.I want to execute the command in shell script. Any pointer to this would be of great help. Thanks, Amit On Sep 16, 2005, at 2:03 AM, Lionel Elie Mamane wrote: > On Tue, Sep 13, 2005 at 02:01:14PM -0700, amit bhalerao wrote: > > >> 1. We are generating a public private key on HOST system using GPG . >> 2. This keys are exported to external vendor system. Vendor will be >> encrypting the file using PGP (not sure about compatibilty) >> 3. Files are then decrypted on host system using GPG mechanism. >> I am not sure whether this is feasible . >> > > Yes, this should work. > > -- > Lionel > From nobody at cypherpunks.to Tue Oct 4 13:00:27 2005 From: nobody at cypherpunks.to (Anonymous via the Cypherpunks Tonga Remailer) Date: Fri Oct 7 10:32:42 2005 Subject: OpenPGP Card in SIM Size. In-Reply-To: <434243FB.4080609@gmail.com> References: <434243FB.4080609@gmail.com> Message-ID: <20051004110027.B2C2117174@mail.cypherpunks.to> > > is it possible to cut the OpenPGP Card to the size of a SIM Card without > > destroying it? > > I am asking this because i want to use a Kobil KAAN SIM III Reader, its > > a ccid compatible > > USB Token which takes Cards in SIM size. I guess it should work ..?! > > > > Of course, the problem with a card that small is that you could swallow > it (or otherwise lose it) ;) Being able to swallow the card is very important if you are captured. > I wonder if someone will start producing SIM-sized OpenPGP cards? How > about as SD/XD cards? Good idea! From abhalerao at apple.com Wed Oct 5 19:41:17 2005 From: abhalerao at apple.com (amit bhalerao) Date: Fri Oct 7 10:32:43 2005 Subject: Migrating from PGP TO GPG In-Reply-To: <20051005173456.GA3763@tofu.mamane.lu> References: <20050916090345.GB13300@tofu.mamane.lu> <20051005173456.GA3763@tofu.mamane.lu> Message-ID: <42B5B17E-CF58-4C98-8C80-C0DA43BB7F7E@apple.com> Hi , Is there any way i can validate that decryption process has been successful base on error code? Do you have any document which list down possible error code and cause of failure. -Amit On Oct 5, 2005, at 10:34 AM, Lionel Elie Mamane wrote: > On Mon, Oct 03, 2005 at 05:02:52PM -0700, amit bhalerao wrote: > > >> I want to decrypt a gpg encrypted document using a GPG. Is there >> any way i can decrypt it in a non -interactive mode so that it >> doesn't ask for passphrase.I want to execute the command in shell >> script. >> Any pointer to this would be of great help. >> > > Use the GnuPG agent from GnuPG2 (you can use the agent from GnuPG2 > with GnuPG 1.4) or use the --passphrase-fd option. > > -- > Lionel > From voncile.mcqueen at jfcom.mil Wed Oct 5 21:01:51 2005 From: voncile.mcqueen at jfcom.mil (Mcqueen, Voncile LT) Date: Fri Oct 7 10:32:45 2005 Subject: Decryption Message-ID: <8B6E546696E2404387794DB6F769B7EFFD50D0@uhqex10.ad.jfcom.mil> Please decrypt the following message for me: jmjmj gsmsg lrjgu csqyj quflr mfajg erdmc cmqlv lqyhg gawgq arpgq sblce jrlrj lnemc cyjqu flrmf ajqer d Thanks, Voncile From wmp at grnwood.net Thu Oct 6 22:29:04 2005 From: wmp at grnwood.net (William M. Perkins) Date: Fri Oct 7 10:32:47 2005 Subject: gpgme-1.1.0: make check: FAIL: t-sig-notation Message-ID: <1128630552l.10050l.1l@roo.localnet> I am trying to update gpgme-1.0.2 to gpgme-1.1.0: "./configure --enable-static" find all of the needed pieces: GPGME v1.1.0 has been configured as follows: GnuPG path: /usr/bin/gpg GnuPG version: 1.4.2, min. 1.2.2 GpgSM path: /usr/bin/gpgsm GpgSM version: 1.9.18, min. 1.9.6 GPGME Pthread: yes GPGME Pth: yes It compiles using "make" with no errors on Fedora Core 4 with the 2.6.13 kernel and gcc-4.0.1-4.fc4 compiler. "make check" finishes with: 1 of 20 tests failed Please report to bug-gpgme@gnupg.org The failure happened at: t-sig-notation.c:108: Missing or duplicate notation data FAIL: t-sig-notation Does anybody know if this might be a system config problem, or is it a real bug in gpgme-1.1.0? What additional information do I need to supply? Bill -- William M. Perkins E-mail - wmp@grnwood.net The Greenwood UNIX Systems Administration Richmond, Virginia (Linux, Solaris, AIX, HP-UX) -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051006/eadc4d4e/attachment.pgp From wolfgang.rosenauer at an-netz.de Fri Oct 7 09:14:35 2005 From: wolfgang.rosenauer at an-netz.de (Wolfgang Rosenauer) Date: Fri Oct 7 10:55:55 2005 Subject: gpg2 vs. gpg and OpenPGP card Message-ID: <4346205B.2040409@an-netz.de> Hi, my OpenPGP card works without problems with gpg (1.4.2) and an OpenPGP card. But if I use gpg2 (1.9.18) I get only the following: stark@t41p:~> gpg2 --card-status gpg: NOTE: THIS IS A DEVELOPMENT VERSION! gpg: It is only intended for test purposes and should NOT be gpg: used in a production environment or with production keys! gpg: WARNING: This version of gpg is not very matured and gpg: WARNING: only intended for testing. Please keep using gpg: WARNING: gpg 1.2.x, 1.3.x or 1.4.x for OpenPGP gpg: DBG: connection to agent established scdaemon[7104]: NOTE: this is a development version! scdaemon[7104]: updating status of slot 0 to 0x0007 scdaemon[7104]: client pid is 7103, sending signal 12 gpg: OpenPGP card not available: Unbekannter Systemfehler Any hints? Wolfgang From wk at gnupg.org Fri Oct 7 11:23:01 2005 From: wk at gnupg.org (Werner Koch) Date: Fri Oct 7 11:26:42 2005 Subject: gpg2 vs. gpg and OpenPGP card In-Reply-To: <4346205B.2040409@an-netz.de> (Wolfgang Rosenauer's message of "Fri, 07 Oct 2005 09:14:35 +0200") References: <4346205B.2040409@an-netz.de> Message-ID: <87mzll65qi.fsf@wheatstone.g10code.de> On Fri, 07 Oct 2005 09:14:35 +0200, Wolfgang Rosenauer said: > my OpenPGP card works without problems with gpg (1.4.2) and an OpenPGP card. > But if I use gpg2 (1.9.18) I get only the following: You shall not use gpg2 - it even does not get build by default. Are the notes > gpg: WARNING: This version of gpg is not very matured and > gpg: WARNING: only intended for testing. Please keep using > gpg: WARNING: gpg 1.2.x, 1.3.x or 1.4.x for OpenPGP still not clear enough? The announcement and the README carries simliar text. Shalom-Salam, Werner From wolfgang.rosenauer at an-netz.de Fri Oct 7 11:29:48 2005 From: wolfgang.rosenauer at an-netz.de (Wolfgang Rosenauer) Date: Fri Oct 7 11:29:45 2005 Subject: gpg2 vs. gpg and OpenPGP card In-Reply-To: <87mzll65qi.fsf@wheatstone.g10code.de> References: <4346205B.2040409@an-netz.de> <87mzll65qi.fsf@wheatstone.g10code.de> Message-ID: <4346400C.8070207@an-netz.de> Hi, Werner Koch wrote: > On Fri, 07 Oct 2005 09:14:35 +0200, Wolfgang Rosenauer said: > >> my OpenPGP card works without problems with gpg (1.4.2) and an OpenPGP card. >> But if I use gpg2 (1.9.18) I get only the following: > > You shall not use gpg2 - it even does not get build by default. Are > the notes > >> gpg: WARNING: This version of gpg is not very matured and >> gpg: WARNING: only intended for testing. Please keep using >> gpg: WARNING: gpg 1.2.x, 1.3.x or 1.4.x for OpenPGP > > still not clear enough? The announcement and the README carries > simliar text. I want to perform SSH authentication the the card and therefore have to use gpg-agent. I just wanted to see if gpg2 - gpg-agent - scdaemon does work at all. It doesn't. Wolfgang From wk at gnupg.org Fri Oct 7 12:03:49 2005 From: wk at gnupg.org (Werner Koch) Date: Fri Oct 7 12:06:42 2005 Subject: Decryption In-Reply-To: <8B6E546696E2404387794DB6F769B7EFFD50D0@uhqex10.ad.jfcom.mil> (Voncile Mcqueen's message of "Wed, 5 Oct 2005 15:01:51 -0400") References: <8B6E546696E2404387794DB6F769B7EFFD50D0@uhqex10.ad.jfcom.mil> Message-ID: <87irw963ui.fsf@wheatstone.g10code.de> On Wed, 5 Oct 2005 15:01:51 -0400, Mcqueen, Voncile LT said: > Please decrypt the following message for me: > jmjmj gsmsg lrjgu csqyj quflr mfajg erdmc cmqlv lqyhg gawgq arpgq sblce > jrlrj lnemc cyjqu flrmf ajqer d Thepi oneer sofaw arles sworl daret heyou ththa trefu semil itary servi cexxx alber teins teinx xxxxx x Salam-Shalom, Werner From johnmoore3rd at joimail.com Fri Oct 7 13:33:56 2005 From: johnmoore3rd at joimail.com (John W. Moore III) Date: Fri Oct 7 13:34:07 2005 Subject: Disk Partition Message-ID: <43465D24.5040002@joimail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Eric wrote: >> On Fri, 2005-10-07 at 10:07 +0800, nidhog wrote: >> > >>>>Do you guys have any suggestion as to how to go about encrypting a >>>>partition that can be available both to linux and win32? > >> >> >> It's not easy to do this, and I don't think it will get any easier any >> time soon. The best solution I know of is a product called BestCrypt >> (www.jetico.com). BestCrypt costs money and AFAIK you can't get the >> source code so there's no way to be sure it's secure. Why not use the partitioning ability available on the Mandrake Linux CD? You do not have to install Mandrake...in fact, after using the CD to partition; I exited and then use the Linux partition to run Knoppix. Running Knoppix from the CD I encrypted the Linux partition and it's virtually invisible. (unless one knows my HD size) I also created a small FAT32 partition as a bridge for Keyrings, etc. and then "linked" items in M$ to the Linux partition for sync purposes. This has worked quite well for me for over a year now. JOHN ;) Timestamp: Fri 07 October 2005, 07:30 AM --400 (Eastern Daylight Time) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: http://www.gswot.org Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEcBAEBCAAGBQJDRl0iAAoJEBCGy9eAtCsPrOEIAIhRe33D2mPiyJSIH/S1D2F3 MuP7VlA0aqjLGNhfIQ+7pkfWhsEvCXUyN3q9s9Ji4XTCZKGIUmr0En1djZdxaEcO pnHyoQliZLrRv9X4FP59rjmVSFDScs578bHfdDuNBFjp8hjETf7G7fd9EehopwGn c0EaaJG/7PO/dzAsCkoFnK72bBf9IZLZM5hGy0J6WlfS9z7Jak6wC18jKhavO15P xrOGM0lH56B5WiQZyRkAIA8TNxr36aCuW6Cclkd1v3Pa8towcrCRkekhzC+G1Pt4 tHhs9RyJft8IrIKv8ZJjcXTGoFp7RCKsOoYEcuJL/WMRSNmcLovlpCPtke9DtWA= =4JCl -----END PGP SIGNATURE----- From wk at gnupg.org Fri Oct 7 14:07:38 2005 From: wk at gnupg.org (Werner Koch) Date: Fri Oct 7 14:11:44 2005 Subject: gpg2 vs. gpg and OpenPGP card In-Reply-To: <4346400C.8070207@an-netz.de> (Wolfgang Rosenauer's message of "Fri, 07 Oct 2005 11:29:48 +0200") References: <4346205B.2040409@an-netz.de> <87mzll65qi.fsf@wheatstone.g10code.de> <4346400C.8070207@an-netz.de> Message-ID: <878xx55y45.fsf@wheatstone.g10code.de> On Fri, 07 Oct 2005 11:29:48 +0200, Wolfgang Rosenauer said: > I want to perform SSH authentication the the card and therefore have to > use gpg-agent. I just wanted to see if gpg2 - gpg-agent - scdaemon does Where is the problem? I am doing this for since early this year. From shatadal at vfemail.net Fri Oct 7 12:44:17 2005 From: shatadal at vfemail.net (Shatadal) Date: Fri Oct 7 14:25:57 2005 Subject: Decryption In-Reply-To: <87irw963ui.fsf@wheatstone.g10code.de> References: <8B6E546696E2404387794DB6F769B7EFFD50D0@uhqex10.ad.jfcom.mil> <87irw963ui.fsf@wheatstone.g10code.de> Message-ID: <43465181.8050201@vfemail.net> Werner Koch wrote: > On Wed, 5 Oct 2005 15:01:51 -0400, Mcqueen, Voncile LT said: > > >>Please decrypt the following message for me: >>jmjmj gsmsg lrjgu csqyj quflr mfajg erdmc cmqlv lqyhg gawgq arpgq sblce >>jrlrj lnemc cyjqu flrmf ajqer d > > > Thepi oneer sofaw arles sworl daret heyou ththa trefu semil itary servi > cexxx alber teins teinx xxxxx x > > > Salam-Shalom, > > Werner > How did you decrypt it? Shatadal. From wolfgang.rosenauer at an-netz.de Fri Oct 7 14:38:11 2005 From: wolfgang.rosenauer at an-netz.de (Wolfgang Rosenauer) Date: Fri Oct 7 14:38:08 2005 Subject: gpg2 vs. gpg and OpenPGP card In-Reply-To: <878xx55y45.fsf@wheatstone.g10code.de> References: <4346205B.2040409@an-netz.de> <87mzll65qi.fsf@wheatstone.g10code.de> <4346400C.8070207@an-netz.de> <878xx55y45.fsf@wheatstone.g10code.de> Message-ID: <43466C33.2060201@an-netz.de> Hi, Werner Koch wrote: > On Fri, 07 Oct 2005 11:29:48 +0200, Wolfgang Rosenauer said: > >> I want to perform SSH authentication the the card and therefore have to >> use gpg-agent. I just wanted to see if gpg2 - gpg-agent - scdaemon does > > Where is the problem? I am doing this for since early this year. OK, maybe I haven't explained detailed enough. I actually have both versions installed. But as using ssh-add -l with running gpg-agent can't find my key on the card: "The agent has no identities." I've thought that this could have something to do with gpg2 --card-status failing. So let me just ask: Why can't my gpg-agent find the key on the card? Or: What information do you need to be able to identify the problem Thanks, Wolfgang From zvrba at globalnet.hr Fri Oct 7 14:51:45 2005 From: zvrba at globalnet.hr (zvrba@globalnet.hr) Date: Fri Oct 7 14:52:17 2005 Subject: partition encryption? In-Reply-To: <1128672787.6448.40.camel@localhost.localdomain> References: <1128672787.6448.40.camel@localhost.localdomain> Message-ID: <20051007125145.GA5423@zax.ifi.uio.no> On Fri, Oct 07, 2005 at 01:13:07AM -0700, Eric wrote: > On Fri, 2005-10-07 at 10:07 +0800, nidhog wrote: > > Do you guys have any suggestion as to how to go about encrypting a > > partition that can be available both to linux and win32? > > It's not easy to do this, and I don't think it will get any easier any > time soon. The best solution I know of is a product called BestCrypt > (www.jetico.com). BestCrypt costs money and AFAIK you can't get the > source code so there's no way to be sure it's secure. > Source code for linux _is_ available. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051007/49542ab5/attachment.pgp From ryan at malayter.com Fri Oct 7 15:01:51 2005 From: ryan at malayter.com (Ryan Malayter) Date: Fri Oct 7 15:02:29 2005 Subject: Disk Partition In-Reply-To: <43465D24.5040002@joimail.com> References: <43465D24.5040002@joimail.com> Message-ID: <5d7f07420510070601q4067951ja691416734cced5c@mail.gmail.com> On Fri, 2005-10-07 at 10:07 +0800, nidhog wrote: >Do you guys have any suggestion as to how to go about encrypting a >partition that can be available both to linux and win32? Why not use a hardware solution, so it sits underneath the OS entirely? Seagate makes a new laptop drive that has built-in encryption functionality. A number of vendors make hardware encryption interfaces that work a the IDE or USB level (the USB devices are usually external enclosures). Regards, -- RPM ========================= All problems can be solved by diplomacy, but violence and treachery are equally effective, and more fun. -Anonymous From wk at gnupg.org Fri Oct 7 16:58:40 2005 From: wk at gnupg.org (Werner Koch) Date: Fri Oct 7 17:01:45 2005 Subject: gpg2 vs. gpg and OpenPGP card In-Reply-To: <43466C33.2060201@an-netz.de> (Wolfgang Rosenauer's message of "Fri, 07 Oct 2005 14:38:11 +0200") References: <4346205B.2040409@an-netz.de> <87mzll65qi.fsf@wheatstone.g10code.de> <4346400C.8070207@an-netz.de> <878xx55y45.fsf@wheatstone.g10code.de> <43466C33.2060201@an-netz.de> Message-ID: <878xx54bmn.fsf@wheatstone.g10code.de> On Fri, 07 Oct 2005 14:38:11 +0200, Wolfgang Rosenauer said: > But as using ssh-add -l with running gpg-agent can't find my key on the > card: > "The agent has no identities." There are a lot of reasons for this. Did you install scdaemon? Doesit work? You might want kill a running scdaemon and test this way: $ scdaemon -v --server then enter learn --force you should see lines with information on the card. If it does not show anything, add --debug 2048 to the invocation and make sure that scdaemon.conf does not redirect the log file. > I've thought that this could have something to do with gpg2 > --card-status failing. Use gpg --card-status. Also try without the agent running. Salam-Shalom, Werner From admin at buddhalinux.org Fri Oct 7 16:29:48 2005 From: admin at buddhalinux.org (Thomas Jones) Date: Fri Oct 7 17:55:56 2005 Subject: Disk Partition In-Reply-To: <43465D24.5040002@joimail.com> References: <43465D24.5040002@joimail.com> Message-ID: <4346865C.6020908@buddhalinux.org> John W. Moore III wrote: > Running Knoppix from the CD I encrypted the Linux partition and it's > virtually invisible. (unless one knows my HD size) What do you mean by this statement? Are you referring to the randomization of the partition by use of /dev/urandom? > I also created a > small FAT32 partition as a bridge for Keyrings, etc. and then "linked" > items in M$ to the Linux partition for sync purposes. This has worked > quite well for me for over a year now. > Is this fat32 partition encrypted? If so, what algorithm was utilized? Thomas From thecivvie at fastmail.fm Fri Oct 7 19:10:58 2005 From: thecivvie at fastmail.fm (Sean Rima) Date: Fri Oct 7 19:11:16 2005 Subject: OpenGPG Card reader Message-ID: <563742397.20051007181058@fastmail.fm> Hello gnupg-users, I am looking for a card reader to use under Linux, Win XP, possible as standalone or on a network. I know that asking for recommendations can open a can of worms but I am keen to look at this Sean -- +---------------------------------------------------+ |VOIP= FreeWorldDial: 689482 VOIPBUSTER: thecivvie | |GPG Key http://thecivvie.fastmail.fm/thecivvie.asc | +---------------------------------------------------+ Strange things happen under the midnight sun when Men and Dogs go hunting for gold -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 1798 bytes Desc: S/MIME Cryptographic Signature Url : /pipermail/attachments/20051007/d932ea8c/smime.bin From ml at bitfalle.org Fri Oct 7 19:58:10 2005 From: ml at bitfalle.org (markus reichelt) Date: Fri Oct 7 21:55:59 2005 Subject: Disk Partition In-Reply-To: <4346865C.6020908@buddhalinux.org> References: <43465D24.5040002@joimail.com> <4346865C.6020908@buddhalinux.org> Message-ID: <20051007175810.GA2486@dantooine> * Thomas Jones wrote: > John W. Moore III wrote: > >Running Knoppix from the CD I encrypted the Linux partition and > >it's virtually invisible. (unless one knows my HD size) > What do you mean by this statement? Are you referring to the > /randomization of the partition by use of dev/urandom? on a sidenote, using /dev/urandom is a bad idea. f.e. the standard slackware install and other distros as well have the following code (or something similar) in /etc/rc.d/rc.S: # Carry an entropy pool between reboots to improve randomness. if [ -f /etc/random-seed ]; then echo "Using /etc/random-seed to initialize /dev/urandom." cat /etc/random-seed > /dev/urandom fi # Use the pool size from /proc, or 512 bytes: if [ -r /proc/sys/kernel/random/poolsize ]; then dd if=/dev/urandom of=/etc/random-seed count=1 bs=$(cat /proc/sys/kernel/random/poolsize) 2> /dev/null else dd if=/dev/urandom of=/etc/random-seed count=1 bs=512 2> /dev/null fi chmod 600 /etc/random-seed Guess where's the rub... -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051007/128bcb8e/attachment-0001.pgp From JPClizbe at comcast.net Fri Oct 7 23:13:23 2005 From: JPClizbe at comcast.net (John Clizbe) Date: Fri Oct 7 23:14:16 2005 Subject: OpenGPG Card reader In-Reply-To: <563742397.20051007181058@fastmail.fm> References: <563742397.20051007181058@fastmail.fm> Message-ID: <4346E4F3.1040000@comcast.net> Sean Rima wrote: > Hello gnupg-users, > > I am looking for a card reader to use under Linux, Win XP, possible > as standalone or on a network. I know that asking for > recommendations can open a can of worms but I am keen to look at this Most readers I've seen are USB devices. I use an SCR335 from SCM Microsystems. Have had no issue with it, works fine. Got it with an OpenPGP card from kernelconcepts.de. Windows Update even updates the driver. SCM also makes units that fit in a 5 inch drive bay. Found them when looking for a PCMCIA flash reader for my Ultra 5's floppy-sized bay. There's a list of tested readers in the SmartCard-Howto on GnuPG.org: http://www.gnupg.org/howtos/card-howto/en/smartcard-howto-single.html -- John P. Clizbe Inet: JPClizbe(a)comcast DOT nyet Golden Bear Networks PGP/GPG KeyID: 0x608D2A10 "Be who you are and say what you feel because those who mind don't matter and those who matter don't mind." - Dr Seuss, "Oh the Places You'll Go" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 667 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051007/6808c122/signature.pgp From admin at buddhalinux.org Fri Oct 7 23:35:02 2005 From: admin at buddhalinux.org (Thomas Jones) Date: Fri Oct 7 23:35:56 2005 Subject: Disk Partition In-Reply-To: <20051007175810.GA2486@dantooine> References: <43465D24.5040002@joimail.com> <4346865C.6020908@buddhalinux.org> <20051007175810.GA2486@dantooine> Message-ID: <4346EA06.2050608@buddhalinux.org> markus reichelt wrote: > * Thomas Jones wrote: > > >> John W. Moore III wrote: >> >>> Running Knoppix from the CD I encrypted the Linux partition and >>> it's virtually invisible. (unless one knows my HD size) >>> >> What do you mean by this statement? Are you referring to the >> /randomization of the partition by use of dev/urandom? >> > > on a sidenote, using /dev/urandom is a bad idea. f.e. the standard > slackware install and other distros as well have the following code > (or something similar) in /etc/rc.d/rc.S: > > The above statement, although worthwhile, is not well founded. I think it would be better to restate that randomization through utilization of SOME pseudo-random generators is not recommended. Or maybe even that some are more recommended than others. For instance, I utilize the GSL for my system(s). Although, it is not truly random; it is significantly better to utilize such rng's rather than default rng's with a cots system.. After all, I don't know anybody who has the resources to acquire hardware rng's. However, if you may have a recommendation on how to obtain the highest amount of sufficiently random number generation; I would be most interested to hear it. I am always looking for more secure methods to perform everyday activities. Cheers, Thomas From eleuteri at myrealbox.com Fri Oct 7 15:23:55 2005 From: eleuteri at myrealbox.com (David Picon Alvarez) Date: Sat Oct 8 00:42:25 2005 Subject: Disk Partition References: <43465D24.5040002@joimail.com> <5d7f07420510070601q4067951ja691416734cced5c@mail.gmail.com> Message-ID: <000e01c5cb42$6a824710$0302a8c0@enterprise> A hardware solution cannot be scrutinized for security. --David. From ml at bitfalle.org Sat Oct 8 01:30:54 2005 From: ml at bitfalle.org (markus reichelt) Date: Sat Oct 8 01:30:53 2005 Subject: Disk Partition In-Reply-To: <4346EA06.2050608@buddhalinux.org> References: <43465D24.5040002@joimail.com> <4346865C.6020908@buddhalinux.org> <20051007175810.GA2486@dantooine> <4346EA06.2050608@buddhalinux.org> Message-ID: <20051007233054.GB2486@dantooine> * Thomas Jones wrote: > >on a sidenote, using /dev/urandom is a bad idea. f.e. the standard > >slackware install and other distros as well have the following code > >(or something similar) in /etc/rc.d/rc.S: > > > The above statement, although worthwhile, is not well founded. I > think it would be better to restate that randomization through > utilization of SOME pseudo-random generators is not recommended. Or > maybe even that some are more recommended than others. The thing is that re-using pseudo-random data after each reboot and calling that improvement of randomness is ... quite amusing at best to me. It's not that it's about the quality of randomness, it's the plain and simple fact that pseudo-random data (of whatever quality) is reused and that should not happen when it comes to crypto stuff. Don't know how well founded you need that, but I'm listening :) -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051008/3408ee08/attachment.pgp From admin at buddhalinux.org Sat Oct 8 02:00:47 2005 From: admin at buddhalinux.org (Thomas Jones) Date: Sat Oct 8 02:01:41 2005 Subject: Disk Partition In-Reply-To: <20051007233054.GB2486@dantooine> References: <43465D24.5040002@joimail.com> <4346865C.6020908@buddhalinux.org> <20051007175810.GA2486@dantooine> <4346EA06.2050608@buddhalinux.org> <20051007233054.GB2486@dantooine> Message-ID: <43470C2F.1020101@buddhalinux.org> markus reichelt wrote: > * Thomas Jones wrote: > > >>> on a sidenote, using /dev/urandom is a bad idea. f.e. the standard >>> slackware install and other distros as well have the following code >>> (or something similar) in /etc/rc.d/rc.S: >>> >>> >> The above statement, although worthwhile, is not well founded. I >> think it would be better to restate that randomization through >> utilization of SOME pseudo-random generators is not recommended. Or >> maybe even that some are more recommended than others. >> > > The thing is that re-using pseudo-random data after each reboot and > calling that improvement of randomness is ... quite amusing at best > to me. It's not that it's about the quality of randomness, it's the > plain and simple fact that pseudo-random data (of whatever quality) > is reused and that should not happen when it comes to crypto stuff. > > Don't know how well founded you need that, but I'm listening :) > The use of prng generated data to seed another prng function is utilized to compute data that is inherently random from the previous generation. Now this is not to say that it is truly random. Only that it is "sufficiently" random to provide for security of a particular resource. For instance, there are such entities such as cryptographically secure prng; also known as csprng. A few instances of these entities are block ciphers such as 3des, aes, and the idea algorithms in cbc mode of operation. Surely, you are not stating that the above are not cryptographically secure even though they utilize prng seeds? ;) Thomas From ml at bitfalle.org Sat Oct 8 03:01:57 2005 From: ml at bitfalle.org (markus reichelt) Date: Sat Oct 8 03:01:59 2005 Subject: Disk Partition In-Reply-To: <43470C2F.1020101@buddhalinux.org> References: <43465D24.5040002@joimail.com> <4346865C.6020908@buddhalinux.org> <20051007175810.GA2486@dantooine> <4346EA06.2050608@buddhalinux.org> <20051007233054.GB2486@dantooine> <43470C2F.1020101@buddhalinux.org> Message-ID: <20051008010157.GC2486@dantooine> * Thomas Jones wrote: > The use of prng generated data to seed another prng function is > utilized to compute data that is inherently random from the > previous generation. That is not my point, tho this might be the case. :) If this generated data is used once, it's ok. If not, then there's a problem. /dev/urandom is not as random as it might seem to the ordinary user, that's what I'm trying to point out by having posted the relevant part of a slackware boot init script. The discrepancy lies in what the comment says and what the shell code actually does. If an attacker gains access to random-seed, which has already been used in cryptographic operations, it is to his advantage. The ordinary user just doesn't want that, and is most likely not aware of this flaw/possibility. The best analogy would be the one-time pad. It's very secure if used once, but if the same one-time pad is used twice, an attacker has a foot in the door (if he intercepts relevant data, etc etc). I believe this is what happened to some Soviet codes during the cold war. One-time pads were reused which allowed American codebreakers to eavesdrop. Anyway, this leads away from the topic at hand, so... > Now this is not to say that it is truly random. Only that it is > "sufficiently" random to provide for security of a particular > resource. Ack on that, and it is sufficient to use this pseudo-random data once. Emphasis lies on once. If need be, just generate some chunk of pseudo-random data again. The ordinary user most likely isn't aware that /dev/urandom is initialized by re-using pseudo-random data. The re-usage is the problematic thing. When reading the init scripts (what even less users actually do...) they believe what the comments say, hence ppl point out not to use /dev/urandom the way it is set up on most systems. If in doubt one should have a close look at the system's init scripts, and don't hesitate to ask. I have been to some computer fairs and conferences, and each and every time the crypto ppl never got tired of telling users about such snares. > For instance, there are such entities such as cryptographically > secure prng; also known as csprng. A few instances of these > entities are block ciphers such as 3des, aes, and the idea > algorithms in cbc mode of operation. Cryptographically secure random numbers are f.e. derived from radioactive decay. John Walker wrote some article about it. But that's not the point, I don't want to split hairs; and I would not call 3des secure by any modern standards, even from aspects of csprng. We most likely are talking at cross-purposes, so I would like to sum up what is really important to me: Concerning crypto stuff, using /dev/urandom is a bad idea, if /dev/urandom has been initialized re-using pseudo-random data. Not the quality of randomness of the data is the main concern, the data's re-usage to initialize at boot a supposedly sufficiently random device, namely /dev/urandom, is. Most linux distributions initialize /dev/urandom in such a way. I merely want to draw attention to this fact, because it often is overlooked. Additionally, it's easily avoidable and the setup of /dev/urandom should be changed in distributions which use the procedure. -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051008/7dbccea9/attachment.pgp From JPRuehmann at web.de Sat Oct 8 11:48:46 2005 From: JPRuehmann at web.de (=?UTF-8?B?SmFuLVBldGVyIFLDvGhtYW5u?=) Date: Sat Oct 8 12:21:44 2005 Subject: OpenGPG Card reader In-Reply-To: <4346E4F3.1040000__30596.4350155138$1128719854$gmane$org@comcast.net> References: <563742397.20051007181058@fastmail.fm> <4346E4F3.1040000__30596.4350155138$1128719854$gmane$org@comcast.net> Message-ID: > ----- Original Message ----- > From: John Clizbe > Sent: 07/10/2005 11:13:23 PM +0200 > Subject: OpenGPG Card reader > > Sean Rima wrote: > >>Hello gnupg-users, >> >> I am looking for a card reader to use under Linux, Win XP, possible >> as standalone or on a network. I know that asking for >> recommendations can open a can of worms but I am keen to look at this > > > Most readers I've seen are USB devices. I use an SCR335 from SCM > Microsystems. Have had no issue with it, works fine. Got it with an OpenPGP > card from kernelconcepts.de. Windows Update even updates the driver. > > SCM also makes units that fit in a 5 inch drive bay. Found them when looking > for a PCMCIA flash reader for my Ultra 5's floppy-sized bay. > > There's a list of tested readers in the SmartCard-Howto on GnuPG.org: > http://www.gnupg.org/howtos/card-howto/en/smartcard-howto-single.html > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users is there a Howto for Windows anywhere? I have a USB Reader from SCM to and can?t connect. There is no Program such as scdaemon in my Installation of GnuPG. Thanks, -- -======================Jan-Peter Ruehmann============================- Gubkower Str.7 [ Tel.: +49 (38205) 65484 ] jan-Peter@ruehmann.name 18195 Prangendorf [ FAX: +49 (38205) 65212 ] http://www.ruehmann.name -====================================================================- -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 254 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051008/e570defe/signature-0001.pgp From lusfert at gmail.com Sat Oct 8 14:15:43 2005 From: lusfert at gmail.com (lusfert) Date: Sat Oct 8 14:20:24 2005 Subject: Armor headers Message-ID: <4347B86F.2000800@gmail.com> Hello. How can I change text (not by manually editing) in armor headers (for example, "Version:") or armor headers themselves (add, remove)? Will it affect compatibility with other applications? Can I put custom text into "Version:" in stage of exporting public key, making signatures, encrypting with ASCII output, etc.? Sometimes I do not wish that others will know what exactly OpenPGP implementation and OS I'm currently using. Thanks -- With best regards... Current OpenPGP key ID: 0x500B8987 Fingerprint: E883 045D 36FB 8CA3 8D69 9C79 9E35 3B56 500B 8987 Keyserver to use: sks.keyserver.penguin.de Encrypted mail preferred. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 187 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051008/1db8ce67/signature.pgp From lusfert at gmail.com Sat Oct 8 14:30:41 2005 From: lusfert at gmail.com (lusfert) Date: Sat Oct 8 14:35:13 2005 Subject: Disk Partition In-Reply-To: References: Message-ID: <4347BBF1.5050607@gmail.com> nidhog wrote: > Hi, > > Do you guys have any suggestion as to how to go about encrypting a > partition that can be available both to linux and win32? > > Thanks. > I know 2 cross-platform solutions: CrossCrypt (http://www.scherrer.cc/crypt/) and FreeOTFE (http://www.freeotfe.org/). I haven't tried them and can't give any advice. But be aware: they both are in beta stage of development so you can experience problems. Also I see there will be a Linux version of TrueCrypt (http://www.truecrypt.org/future.php). Now it is available only for Win32. -- With best regards... Current OpenPGP key ID: 0x500B8987 Fingerprint: E883 045D 36FB 8CA3 8D69 9C79 9E35 3B56 500B 8987 Keyserver to use: sks.keyserver.penguin.de Encrypted mail preferred. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 187 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051008/a5470600/signature.pgp From alphasigmax at gmail.com Sat Oct 8 15:50:03 2005 From: alphasigmax at gmail.com (Alphax) Date: Sat Oct 8 15:52:52 2005 Subject: Armor headers In-Reply-To: <4347B86F.2000800@gmail.com> References: <4347B86F.2000800@gmail.com> Message-ID: <4347CE8B.2070706@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 lusfert wrote: > Hello. > > How can I change text (not by manually editing) in armor headers (for > example, "Version:") or armor headers themselves (add, remove)? Will it > affect compatibility with other applications? > > Can I put custom text into "Version:" in stage of exporting public key, > making signatures, encrypting with ASCII output, etc.? > > Sometimes I do not wish that others will know what exactly OpenPGP > implementation and OS I'm currently using. > Well, you can use --no-emit-version and --no-comments... - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ0fOi7MAAH8MeUlWAQgy0gf8CBVH9VNb6dcDvGmmTrUrLn1u+pUShVPx CE32CP2ybfp2i3Rh9J7a6lCZSQQ1rnpjHL8Nk837S5c5ulIrszaZz/hdnl7RxE5w sjOMHbCMjIa0ahXfNGh0qki23wOCcEnFYvFWhBA+CzxDTixMm/EU9Y02Mnhcfn7g Cbaf9gF7nM1HGKpSQL6gRl+5TsUD3izROdbFRfuiq5exEPvarI9GO7i2oQ6aO8dW qehao982/QN0mOKrlcrWUQGS3WOVStJpaa3CTu3CJSVueYiE7Z3XkCIvg2AB11F5 21muISkpvf5TSnyy25rhSgm/MgJTBG+R/pa0Lwk9Hb8njgC8iR7a5w== =ROPu -----END PGP SIGNATURE----- From zvrba at globalnet.hr Sat Oct 8 16:27:43 2005 From: zvrba at globalnet.hr (zvrba@globalnet.hr) Date: Sat Oct 8 16:27:50 2005 Subject: Disk Partition In-Reply-To: <4347BBF1.5050607@gmail.com> References: <4347BBF1.5050607@gmail.com> Message-ID: <20051008142743.GA5735@zax.ifi.uio.no> On Sat, Oct 08, 2005 at 04:30:41PM +0400, lusfert wrote: > > I know 2 cross-platform solutions: CrossCrypt > A quote from the CrossCrypt homepage: "Denaiablity: You will not be able to tell that this file has been encrypted by filedisk as it looks completely random and can have any extension you wish." IMHO, There is a problem in that the data looks TOO MUCH random, i.e. it has much higher entropy than would result by "normal" computer usage. Such high entropy is a strong indication that the data is encrypted. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051008/fc2b7204/attachment.pgp From lusfert at gmail.com Sat Oct 8 18:01:15 2005 From: lusfert at gmail.com (lusfert) Date: Sat Oct 8 18:05:52 2005 Subject: Disk Partition In-Reply-To: <20051008142743.GA5735@zax.ifi.uio.no> References: <4347BBF1.5050607@gmail.com> <20051008142743.GA5735@zax.ifi.uio.no> Message-ID: <4347ED4B.7060302@gmail.com> zvrba@globalnet.hr wrote: > On Sat, Oct 08, 2005 at 04:30:41PM +0400, lusfert wrote: > >>I know 2 cross-platform solutions: CrossCrypt >> > > A quote from the CrossCrypt homepage: "Denaiablity: You will not be able > to tell that this file has been encrypted by filedisk as it looks > completely random and can have any extension you wish." > > IMHO, There is a problem in that the data looks TOO MUCH random, i.e. it has > much higher entropy than would result by "normal" computer usage. Such high > entropy is a strong indication that the data is encrypted. Then you should use stenographic programs together with cryptographic. ;) -- With best regards... Current OpenPGP key ID: 0x500B8987 Fingerprint: E883 045D 36FB 8CA3 8D69 9C79 9E35 3B56 500B 8987 Keyserver to use: sks.keyserver.penguin.de Encrypted mail preferred. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 187 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051008/373fa0b6/signature.pgp From lusfert at gmail.com Sat Oct 8 18:24:40 2005 From: lusfert at gmail.com (lusfert) Date: Sat Oct 8 18:29:18 2005 Subject: Armor headers In-Reply-To: <4347CE8B.2070706@gmail.com> References: <4347B86F.2000800@gmail.com> <4347CE8B.2070706@gmail.com> Message-ID: <4347F2C8.6000606@gmail.com> Alphax wrote: > lusfert wrote: > >>>Hello. >>> >>>How can I change text (not by manually editing) in armor headers (for >>>example, "Version:") or armor headers themselves (add, remove)? Will it >>>affect compatibility with other applications? >>> >>>Can I put custom text into "Version:" in stage of exporting public key, >>>making signatures, encrypting with ASCII output, etc.? >>> >>>Sometimes I do not wish that others will know what exactly OpenPGP >>>implementation and OS I'm currently using. >>> > > > Well, you can use --no-emit-version and --no-comments... > Thanks, these commands are really useful. Albert Reiner wrote: > [lusfert , Sat, 08 Oct 2005 16:15:43 +0400]: > >>How can I change text (not by manually editing) in armor headers (for >>example, "Version:") or armor headers themselves (add, remove)? Will it >>affect compatibility with other applications? > > > Not an expert, but I don't think you can put custom text into the > "Version:" field, but you can omit it and put custom text into a > "Comment:" field: > > $ echo | gpg --armor --encrypt --recip z --trust-model always > --comment 'hi there' --no-emit-version > -----BEGIN PGP MESSAGE----- > Comment: hi there > > hQEOAySceYtaaKyoEAP7BRdkZhUotlFOHtp891NG1aSO0727JKiSE/C8l9P2oKgm > tnwhctB29507aDOqxsA20ZWl7VqmoJ3lMwQpvZ4iKsCzcoi2i7sH8eU1glozqVKv > K0hPYPsKCyHz/Wjn7Yo243CP9ulktwN10MAsGuojQjg9XPcMm3DEgphcHFKk+KID > /RWu7taGDOj+1oYyzPNiElHUoHgS0IDeFE+bDf6VB6M6nysOqwwdVAzSdILi/vts > mz59hZQ1MEDl6PzitDBiID6jKuC7PwB+kP1hJOQKYLfjpkJb+76tjzSdvdHLijve > Upxvgkj///I5lfxOvmk6ypBC8uDBc6wCCFHKwLLAO9Xx0jwBEG+yymDUq5pmVFzd > UxwQlvD7Z/NqJauti9AtvFhDGB3ocGFY9ew7hLkTG6ldLMaaXgRkeQi1G8+v7xg= > =Ntod > -----END PGP MESSAGE----- > > HTH, > > Albert. > But sometimes I see public keys with custom "Version:", for example, http://www.pgpru.com/contacts/keys/0x4D8BB49E.asc Is it possible to change this field only by manually editing? About "Comment:" I already know. BTW, --comment 'hi there' (with apostrophes '') doesn't work, works only with quotation marks "" Thus very paranoid message should be sent via anonymous remailers and encrypted with options: --no-emit-version --no-comments --no-throw-keyids Anything else (except removing BEGIN PGP MESSAGE)? -- With best regards... Current OpenPGP key ID: 0x500B8987 Fingerprint: E883 045D 36FB 8CA3 8D69 9C79 9E35 3B56 500B 8987 Keyserver to use: sks.keyserver.penguin.de Encrypted mail preferred. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 187 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051008/4bc3fdc7/signature.pgp From areiner at tph.tuwien.ac.at Sat Oct 8 16:34:26 2005 From: areiner at tph.tuwien.ac.at (Albert Reiner) Date: Sat Oct 8 18:55:55 2005 Subject: Armor headers In-Reply-To: <4347B86F.2000800@gmail.com> References: <4347B86F.2000800@gmail.com> Message-ID: [lusfert , Sat, 08 Oct 2005 16:15:43 +0400]: > How can I change text (not by manually editing) in armor headers (for > example, "Version:") or armor headers themselves (add, remove)? Will it > affect compatibility with other applications? Not an expert, but I don't think you can put custom text into the "Version:" field, but you can omit it and put custom text into a "Comment:" field: $ echo | gpg --armor --encrypt --recip z --trust-model always --comment 'hi there' --no-emit-version -----BEGIN PGP MESSAGE----- Comment: hi there hQEOAySceYtaaKyoEAP7BRdkZhUotlFOHtp891NG1aSO0727JKiSE/C8l9P2oKgm tnwhctB29507aDOqxsA20ZWl7VqmoJ3lMwQpvZ4iKsCzcoi2i7sH8eU1glozqVKv K0hPYPsKCyHz/Wjn7Yo243CP9ulktwN10MAsGuojQjg9XPcMm3DEgphcHFKk+KID /RWu7taGDOj+1oYyzPNiElHUoHgS0IDeFE+bDf6VB6M6nysOqwwdVAzSdILi/vts mz59hZQ1MEDl6PzitDBiID6jKuC7PwB+kP1hJOQKYLfjpkJb+76tjzSdvdHLijve Upxvgkj///I5lfxOvmk6ypBC8uDBc6wCCFHKwLLAO9Xx0jwBEG+yymDUq5pmVFzd UxwQlvD7Z/NqJauti9AtvFhDGB3ocGFY9ew7hLkTG6ldLMaaXgRkeQi1G8+v7xg= =Ntod -----END PGP MESSAGE----- HTH, Albert. From zvrba at globalnet.hr Sat Oct 8 19:45:33 2005 From: zvrba at globalnet.hr (zvrba@globalnet.hr) Date: Sat Oct 8 19:45:32 2005 Subject: Disk Partition In-Reply-To: <4347ED4B.7060302@gmail.com> References: <4347BBF1.5050607@gmail.com> <20051008142743.GA5735@zax.ifi.uio.no> <4347ED4B.7060302@gmail.com> Message-ID: <20051008174533.GC5735@zax.ifi.uio.no> On Sat, Oct 08, 2005 at 08:01:15PM +0400, lusfert wrote: > zvrba@globalnet.hr wrote: > > On Sat, Oct 08, 2005 at 04:30:41PM +0400, lusfert wrote: > > > >>I know 2 cross-platform solutions: CrossCrypt > >> > > > > A quote from the CrossCrypt homepage: "Denaiablity: You will not be able > > to tell that this file has been encrypted by filedisk as it looks > > completely random and can have any extension you wish." > > > > IMHO, There is a problem in that the data looks TOO MUCH random, i.e. it has > > much higher entropy than would result by "normal" computer usage. Such high > > entropy is a strong indication that the data is encrypted. > > Then you should use stenographic programs together with cryptographic. ;) > The point is that the statement about deniability is misleading (or maybe I I should say, close to false). In some scenarios (when it comes to e.g. court cases, or even blackmails or life threats), the person using this product in good faith (believing that the encryption really _is_ deniable) would be in a very bad position. Explaining a large quantity of high-entropy data in a plausible manner is extremely hard. The presence of such data gives a strong indication of encryption. If you argue that you used some "secure delete program", then you're _again_ in a bad position because it implies that you have to hide something and again raise suspicion. So, instead of teaching me what kind of software should I use, can you please give an example of plausible explanation for large amount of high-entropy data on the disk? And have in mind a very determined, knowledgeable and resourceful adversary while constructing the explanation. Yeah, I see the smiley, but these things should be taken very seriously and not to be joked with. There are cases where people put their freedom (maybe even life!) in the hands (bits?) of some cryptographic SW and if that SW actually fails to deliver what it promises, then it's very bad for the person trusting it. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051008/cdf8b579/attachment-0001.pgp From jdbeyer at exit109.com Sat Oct 8 20:06:31 2005 From: jdbeyer at exit109.com (Jean-David Beyer) Date: Sat Oct 8 20:06:32 2005 Subject: Disk Partition In-Reply-To: <20051008174533.GC5735@zax.ifi.uio.no> References: <4347BBF1.5050607@gmail.com> <20051008142743.GA5735@zax.ifi.uio.no> <4347ED4B.7060302@gmail.com> <20051008174533.GC5735@zax.ifi.uio.no> Message-ID: <43480AA7.4030802@exit109.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 zvrba@globalnet.hr wrote: > On Sat, Oct 08, 2005 at 08:01:15PM +0400, lusfert wrote: > >>zvrba@globalnet.hr wrote: >> >>>On Sat, Oct 08, 2005 at 04:30:41PM +0400, lusfert wrote: >>> >>> >>>>I know 2 cross-platform solutions: CrossCrypt >>>> >>> >>>A quote from the CrossCrypt homepage: "Denaiablity: You will not be able >>>to tell that this file has been encrypted by filedisk as it looks >>>completely random and can have any extension you wish." >>> >>>IMHO, There is a problem in that the data looks TOO MUCH random, i.e. it has >>>much higher entropy than would result by "normal" computer usage. Such high >>>entropy is a strong indication that the data is encrypted. >> >>Then you should use stenographic programs together with cryptographic. ;) >> > > The point is that the statement about deniability is misleading (or maybe I > I should say, close to false). In some scenarios (when it comes to e.g. > court cases, or even blackmails or life threats), the person using this > product in good faith (believing that the encryption really _is_ deniable) > would be in a very bad position. > > Explaining a large quantity of high-entropy data in a plausible manner is > extremely hard. The presence of such data gives a strong indication of > encryption. If you argue that you used some "secure delete program", > then you're _again_ in a bad position because it implies that you have > to hide something and again raise suspicion. > > So, instead of teaching me what kind of software should I use, can you > please give an example of plausible explanation for large amount of > high-entropy data on the disk? And have in mind a very determined, > knowledgeable and resourceful adversary while constructing the explanation. > > Yeah, I see the smiley, but these things should be taken very seriously > and not to be joked with. There are cases where people put their freedom > (maybe even life!) in the hands (bits?) of some cryptographic SW and if > that SW actually fails to deliver what it promises, then it's very bad > for the person trusting it. > I think all e-mails should be encrypted. Even recipies for cookies, personal letters to casual friends, everything. If everyone did that, the presense of high entropy stuff on a computer would not be the attention-getting phenomenon it now is. But most people are ineffectively paranoid. They worry about eavesdropping, snooping, interception of their e-mail, but they absolutely refuse to do anything about it. I know no one personally that uses encrypted e-mail. Surely, no one with that attitude would encrypt the stuff on their computer hard drives, backup tapes, etc. It is like the weather. Many people talk about it, but no one does anything about it. - -- .~. Jean-David Beyer Registered Linux User 85642. /V\ PGP-Key: 9A2FC99A Registered Machine 241939. /( )\ Shrewsbury, New Jersey http://counter.li.org ^^-^^ 14:00:00 up 8 days, 7:02, 4 users, load average: 4.34, 4.70, 4.51 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDSAqmPtu2XpovyZoRAnY0AJ45Z2MXEIwcfHqZ3xuoMeD/s6He/gCcCn9O +TqA3KCPSt2y41+e0ElOJa0= =tR8r -----END PGP SIGNATURE----- From zvrba at globalnet.hr Sat Oct 8 21:05:27 2005 From: zvrba at globalnet.hr (zvrba@globalnet.hr) Date: Sat Oct 8 21:05:23 2005 Subject: Disk Partition In-Reply-To: <43480AA7.4030802@exit109.com> References: <4347BBF1.5050607@gmail.com> <20051008142743.GA5735@zax.ifi.uio.no> <4347ED4B.7060302@gmail.com> <20051008174533.GC5735@zax.ifi.uio.no> <43480AA7.4030802@exit109.com> Message-ID: <20051008190527.GD5735@zax.ifi.uio.no> On Sat, Oct 08, 2005 at 02:06:31PM -0400, Jean-David Beyer wrote: > > But most people are ineffectively paranoid. They worry about eavesdropping, > snooping, interception of their e-mail, but they absolutely refuse to do > anything about it. I know no one personally that uses encrypted e-mail. > encrypted e-mail is.. well.. a problem because it has to be bilateral. while *I* do want to use encrypted email, I can't force anyone to send an encrpyted email to me. most of the people just don't want to bother with it. I think that, in current situation, the best an individual can do is to be consistent: have everything completely encrypted. not just some partitions or files. everything. always. imho, having partially encrypted stuff is the worst situation an individual can put (him|her)self into if (s)he is actually trying to hide something from a known attacker (i.e. not just protecting a laptop from random theft). as for all people encrypting their emails.. i'm laughing at the idea. not because there's something wrong with it, but.. just think of all the lost keys, emails, data and users blaiming the whole world except themselves for their data loss. i mean, people can't learn not to open unannounced binary attachments (therefore the viruses), let alone manage and safeguard their cryptographic keys. BTW, I'm using encrypted email when communicating about confidential stuff related to my past work. I was actually the one that requested secure communications and the other guy was actually quite surprised by the request. I mean, when people "that should know better" get surprised when requested to use encrypted email in confidential communications, imagine an "ordinary" guy thinking "it won't happen to me". add to that the fact that encryption still is (sometimes more, sometimes less of) a hassle to LEARN, set up and use properly - you get the situation as it is now :) > > Surely, no one with that attitude would encrypt the stuff on their computer > hard drives, backup tapes, etc. It is like the weather. Many people talk > about it, but no one does anything about it. > haha, good point :) -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051008/2f2a1c67/attachment.pgp From jdbeyer at exit109.com Sat Oct 8 23:08:47 2005 From: jdbeyer at exit109.com (Jean-David Beyer) Date: Sat Oct 8 23:08:47 2005 Subject: To: Alaric Dailey Message-ID: <4348355F.9030202@exit109.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sorry, Aleric. I cannot click on your link, since it sends to a port my firewall does not allow. I do not wish to reconfigure my firewall just so I can validate myself to your C/R system. Therefore, you will not get my e-mail that said I could not decrypt your e-mail, since you did not use my latest key. It is true that the former key is supposedly good for another week, but the private key disappeared from my private keyring (I have no idea how: everything else is OK there). You will just need to get the one with key: 0x562A3109 which should be good for about another year. - -- .~. Jean-David Beyer Registered Linux User 85642. /V\ PGP-Key: 9A2FC99A Registered Machine 241939. /( )\ Shrewsbury, New Jersey http://counter.li.org ^^-^^ 17:00:00 up 8 days, 10:02, 5 users, load average: 4.31, 4.27, 4.27 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDSDVfPtu2XpovyZoRAuioAJ9Sf4LiDer7s9ct59uzu6HpiHmjMACdHkbW g5wfycUzsQdyXPcNB4zDHwg= =FSaq -----END PGP SIGNATURE----- From admin at buddhalinux.org Sun Oct 9 02:40:15 2005 From: admin at buddhalinux.org (Thomas Jones) Date: Sun Oct 9 02:41:21 2005 Subject: Armor headers In-Reply-To: <4347B86F.2000800@gmail.com> References: <4347B86F.2000800@gmail.com> Message-ID: <434866EF.40506@buddhalinux.org> lusfert wrote: > Hello. > > How can I change text (not by manually editing) in armor headers (for > example, "Version:") or armor headers themselves (add, remove)? Will it > affect compatibility with other applications? > > Can I put custom text into "Version:" in stage of exporting public key, > making signatures, encrypting with ASCII output, etc.? > > Sometimes I do not wish that others will know what exactly OpenPGP > implementation and OS I'm currently using. > > Thanks > I am really not sure that it is a good idea to do such. Some poorly written binaries may fault at an unexpected header; and bring your productivity to a grinding halt. However, all you should have to do is alter the source code. I haven't done alot of research, however, it would be trivial to alter the following lines in the "g10/armor.c" source file to whatever you choose: if( !opt.no_version ) { iobuf_writestr(a, "Version: GnuPG v" VERSION " (" PRINTABLE_OS_NAME ")" ); iobuf_writestr(a,afx->eol); } Then simply recompile the "new" sources. Also I believe from the little bit of code that I did read that the end-user can append to the default version header with the addition of a -(dash) and some printable characters. Search for the DEVELOPMENT_VERSION variable if interested. HTH. Thomas From vedaal at hush.com Sun Oct 9 09:11:17 2005 From: vedaal at hush.com (vedaal@hush.com) Date: Sun Oct 9 09:11:32 2005 Subject: Disk Partition Message-ID: <200510090711.j997BLKp071619@mailserver3.hushmail.com> >Message: 8 >Date: Sat, 8 Oct 2005 19:45:33 +0200 >From: zvrba@globalnet.hr >Subject: Re: Disk Partition >On Sat, Oct 08, 2005 at 08:01:15PM +0400, lusfert wrote: >> zvrba@globalnet.hr wrote: >> > On Sat, Oct 08, 2005 at 04:30:41PM +0400, lusfert wrote: >> > IMHO, There is a problem in that the data looks TOO MUCH >random, i.e. it has >> > much higher entropy than would result by "normal" computer >usage. Such high >> > entropy is a strong indication that the data is encrypted. > In some scenarios (when it comes to >e.g. >court cases, or even blackmails or life threats), the person using >this >product in good faith (believing that the encryption really _is_ >deniable) >would be in a very bad position. > >Explaining a large quantity of high-entropy data in a plausible >manner is >extremely hard. The presence of such data gives a strong >indication of >encryption. If you argue that you used some "secure delete >program", >then you're _again_ in a bad position because it implies that you >have >to hide something and again raise suspicion. > >So, instead of teaching me what kind of software should I use, can >you >please give an example of plausible explanation for large amount >of >high-entropy data on the disk? And have in mind a very determined, >knowledgeable and resourceful adversary while constructing the >explanation. i don't know about cross-crypt, but do have experience with truecrypt, and must say that am surprisingly quite fond of it 'plausible deniability', is explained in the truecrypt faq, and is accomplished by using a 'hidden volume' within the truecrypt container [1] let the hidden volume be less than 10% of the total container volume [2] do not use more than one truecrypt volume (unless you have your own very convincing reasons why you need more than one ;-) ) [3]partially fill the truecrypt volume with mildly personal/private things (not really 'secrets', but things that are plausible to want to have encrypted, and which you would not mind releasing to the authorities, i.e. your medical history [the authorities can get it anyway ;-) ] [4] keep the 'real' secrets in the hidden volume [5] the unused space in the truecrypt volume when the volume is not mounted, has the same level of random data as when there is no hidden volume, so the presence of a hidden volume is plausibly deniable, and the reason for wanting the other things in the truecrypt volume encrypted is satisfactorily explained btw, if the truecrypt developers changed their license conditions to comply with GPL, and only 'requested' that programs that used true-crypt source-code, forwarded a report to them (not an unreasonable courtesy), would that be enough to consider use of true-crypt as part of gnupg ? the only things missing from true-crypt are: smart card support, the ability to encrypt to a key, authentication with a key, this could easily be integrated into a gnupg-truecrypt combination (possibly without using serpent, or multiple encryption sequences) without any changes in the algorithms in gnupg/open pgp vedaal Concerned about your privacy? Follow this link to get secure FREE email: http://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger http://www.hushmail.com/services-messenger?l=434 Promote security and make money with the Hushmail Affiliate Program: http://www.hushmail.com/about-affiliate?l=427 From cedar at 3web.net Sun Oct 9 17:11:56 2005 From: cedar at 3web.net (cdr) Date: Sun Oct 9 17:13:06 2005 Subject: Disk Partition In-Reply-To: <20051008174533.GC5735@zax.ifi.uio.no> References: <4347BBF1.5050607@gmail.com> <20051008142743.GA5735@zax.ifi.uio.no> <4347ED4B.7060302@gmail.com> <20051008174533.GC5735@zax.ifi.uio.no> Message-ID: <4349333C.1080906@3web.net> zvrba@globalnet.hr wrote: > The point is that the statement about deniability is misleading (or maybe I > I should say, close to false). Zeljko, deniability has its place. It could be semantics, but perhaps you are not be making sufficient distinction between deniability and deception. Depending somewhat on the circumstances, with such file in your possession you may not be able to deceive anyone but the most naive attacker. However, you can deny, and, unless broken cryptographically, such file can not be *proven* to be ciphertext. This can help you, but only in instances where there are "rules of the game" which state that you are innocent until proven guilty, that (as in, for instance, traditional 'common law' criminal proceedings) this proof must be "beyond reasonable doubt", and that you can be sanctioned for failing to produce the key if and only if it can be proven that you are in possession of encrypted material. (Note however that your case would be weakened by the presence of strong circumstantial evidence to the contrary - for instance, possession and evidence of previous use of software that produces such ciphertext). In jurisdictions where such rules do not apply (even Canada, for instance, recently suspended habeas corpus, you can be held indefinitely, incommunicado; thus it is reasonable to assume you can also be tortured) deniability is of no particular value in conflagrations with the government, but it will probably be of some value if one is fighting with one's employer. In short, deniability is a valid claim, and can be a useful characteristic of ciphertext in specific, well-defined instances. cdr From cedar at 3web.net Sun Oct 9 17:26:48 2005 From: cedar at 3web.net (cdr) Date: Sun Oct 9 18:17:58 2005 Subject: Disk Partition In-Reply-To: <200510090711.j997BLKp071619@mailserver3.hushmail.com> References: <200510090711.j997BLKp071619@mailserver3.hushmail.com> Message-ID: <434936B8.3080508@3web.net> vedaal@hush.com wrote: > ...things missing from true-crypt: > ...authentication with a key, TrueCrypt is an encrypted filesystem. No other filesystem that I know of implements authentication. cdr From zvrba at globalnet.hr Sun Oct 9 18:56:21 2005 From: zvrba at globalnet.hr (zvrba@globalnet.hr) Date: Sun Oct 9 18:56:20 2005 Subject: Disk Partition In-Reply-To: <4349333C.1080906@3web.net> References: <4347BBF1.5050607@gmail.com> <20051008142743.GA5735@zax.ifi.uio.no> <4347ED4B.7060302@gmail.com> <20051008174533.GC5735@zax.ifi.uio.no> <4349333C.1080906@3web.net> Message-ID: <20051009165621.GA5488@zax.ifi.uio.no> On Sun, Oct 09, 2005 at 03:11:56PM +0000, cdr wrote: > zvrba@globalnet.hr wrote: > >The point is that the statement about deniability is misleading (or maybe I > >I should say, close to false). > > Zeljko, deniability has its place. It could be semantics, but perhaps you > are not be making sufficient distinction between deniability and deception. > You've written some very interesting comments. I'd like to hear your opinion on http://web.archive.org/web/20001206202000/http://www.rubberhose.org/ and especially on http://web.archive.org/web/20001206202000/http://www.rubberhose.org/current/src/doc/beatings.txt This seems to be a recent replacement for rubberhose: http://www.freenet.org.nz/phonebook/manual.html And please comment it in the following aspect: > > In jurisdictions where such rules do not apply (even Canada, for > instance, recently suspended habeas corpus, you can be held indefinitely, > incommunicado; thus it is reasonable to assume you can also be tortured) > deniability is of no particular value in conflagrations with the > government, but it will probably be of some value if one is fighting > with one's employer. > I'm really interested in your opinion. > you may not be able to deceive anyone but the most naive attacker. However, > you can deny, and, unless broken cryptographically, such file can not be > *proven* to be ciphertext. This can help you, but only in instances where > -cut- > > that you can be sanctioned for failing to produce the key if and only if > it can be proven that you are in possession of encrypted material. (Note > this proof actually depends on the software in use. if the software in use 1. complains on "invalid file format" when applied to non-container file, and 2. complains about "invalid password" when pointed to a container file, but wrong password, then: pointing it to the suspicious container AND giving a wrong password is a proof[1] that you have encrypted data on your disk. If either check is removed and the software blindly proceeds with whatever consequences (crashing the kernel, corrupting data, etc..) then nobody can actually prove that there is something encrypted in the file. However, such tool would be very dangerous to use. [1] Minus the very small probability of the file having the "right" header but not being a container file. The probability decreases exponentially with the length of the header. If you don't want to use such a dangerous tool, you can produce many containers having just random junk inside, some of them pseudo-secret data like "love" emails.. Many as in 10s of thousands, and random file names. For some of them you remember passwords, for most of them you don't (nobody reasonable can expect you to remember 10s of thousands passwords). In such setup it really depends how much a person is willing to endure to keep the data secret. > > In short, deniability is a valid claim, and can be a useful characteristic > of ciphertext in specific, well-defined instances. > In any case, IMHO, deceipt and deniability are much more complicated than having a single encrypted container on your disk. Thanks for shedding some light on the subject, but I still think that the following sentence given on TrueCrypt's web site: "Denaiablity: You will not be able to tell that this file has been encrypted by filedisk as it looks completely random and can have any extension you wish." is a gross oversimplification of deniability and deceipt. Thanks for your time. Best regards, Zeljko. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051009/0b50fa08/attachment-0001.pgp From admin at buddhalinux.org Mon Oct 10 04:14:22 2005 From: admin at buddhalinux.org (Thomas Jones) Date: Mon Oct 10 04:15:26 2005 Subject: Disk Partition In-Reply-To: <434936B8.3080508@3web.net> References: <200510090711.j997BLKp071619@mailserver3.hushmail.com> <434936B8.3080508@3web.net> Message-ID: <4349CE7E.6080408@buddhalinux.org> cdr wrote: > vedaal@hush.com wrote: > > ...things missing from true-crypt: >> ...authentication with a key, > I am not sure of the context of this statement. To what are you referring? Identification, and the subsequent authentication is already performed at the system(operating system) level. Is there a specific application-level(?) authentication mechanism that you are aware of? If so, how does this abstraction interface with the filesystem -- which is at a considerably lower level than general user-space applications? Thomas From wolfgang.rosenauer at an-netz.de Mon Oct 10 09:31:51 2005 From: wolfgang.rosenauer at an-netz.de (Wolfgang Rosenauer) Date: Mon Oct 10 09:31:50 2005 Subject: gpg2 vs. gpg and OpenPGP card In-Reply-To: <878xx54bmn.fsf@wheatstone.g10code.de> References: <4346205B.2040409@an-netz.de> <87mzll65qi.fsf@wheatstone.g10code.de> <4346400C.8070207@an-netz.de> <878xx55y45.fsf@wheatstone.g10code.de> <43466C33.2060201@an-netz.de> <878xx54bmn.fsf@wheatstone.g10code.de> Message-ID: <434A18E7.8080308@an-netz.de> Werner Koch wrote: > On Fri, 07 Oct 2005 14:38:11 +0200, Wolfgang Rosenauer said: > >> But as using ssh-add -l with running gpg-agent can't find my key on the >> card: >> "The agent has no identities." > > There are a lot of reasons for this. Did you install scdaemon? > Doesit work? You might want kill a running scdaemon and test this > way: > > $ scdaemon -v --server > > then enter > > learn --force > > you should see lines with information on the card. If it does not > show anything, add --debug 2048 to the invocation and make sure that > scdaemon.conf does not redirect the log file. That works. >> I've thought that this could have something to do with gpg2 >> --card-status failing. > > Use gpg --card-status. Also try without the agent running. gpg --card-status is not my problem. That works. So I'm still not sure how to add the key from the card to the gpg-agent by using ssh-add. ssh-add -l reads from the card (according to the LED) but shows "The agent has no identities" which is true since I haven't added a identity at this point. And ssh-add -s needs a reader-parameter. If this is the correct option which value would be needed here? Thanks, Wolfgang From wk at gnupg.org Mon Oct 10 10:08:27 2005 From: wk at gnupg.org (Werner Koch) Date: Mon Oct 10 10:25:50 2005 Subject: Armor headers In-Reply-To: <4347CE8B.2070706@gmail.com> (alphasigmax@gmail.com's message of "Sat, 08 Oct 2005 23:20:03 +0930") References: <4347B86F.2000800@gmail.com> <4347CE8B.2070706@gmail.com> Message-ID: <87oe5xpzes.fsf@wheatstone.g10code.de> On Sat, 08 Oct 2005 23:20:03 +0930, Alphax said: > Well, you can use --no-emit-version and --no-comments... Or use sed to modify or insert header lines. Shalom-Salam, Werner From wk at gnupg.org Mon Oct 10 10:49:17 2005 From: wk at gnupg.org (Werner Koch) Date: Mon Oct 10 10:51:41 2005 Subject: gpg2 vs. gpg and OpenPGP card In-Reply-To: <434A18E7.8080308@an-netz.de> (Wolfgang Rosenauer's message of "Mon, 10 Oct 2005 09:31:51 +0200") References: <4346205B.2040409@an-netz.de> <87mzll65qi.fsf@wheatstone.g10code.de> <4346400C.8070207@an-netz.de> <878xx55y45.fsf@wheatstone.g10code.de> <43466C33.2060201@an-netz.de> <878xx54bmn.fsf@wheatstone.g10code.de> <434A18E7.8080308@an-netz.de> Message-ID: <87vf05hi42.fsf@wheatstone.g10code.de> On Mon, 10 Oct 2005 09:31:51 +0200, Wolfgang Rosenauer said: > gpg --card-status is not my problem. That works. Does it show an authentication key? > So I'm still not sure how to add the key from the card to the gpg-agent > by using ssh-add. You don't need. If there is a card in the reader it will get displayed. > ssh-add -l reads from the card (according to the LED) but shows "The > agent has no identities" which is true since I haven't added a identity > at this point. Generate a key on the card first. > And ssh-add -s needs a reader-parameter. If this is the correct option > which value would be needed here? Nothing. We don't use this - all card processing is done by gpg-agent. ssh-add does not know that tehre is a card. Salam-Shalom, Werner From wmp at grnwood.net Fri Oct 7 19:32:17 2005 From: wmp at grnwood.net (William M. Perkins) Date: Mon Oct 10 11:10:49 2005 Subject: gpgme-1.1.0: make check: FAIL: t-keylist (was t-sig-notation) In-Reply-To: <873bndlbjj.wl%marcus.brinkmann@ruhr-uni-bochum.de> (from marcus.brinkmann@ruhr-uni-bochum.de on Fri Oct 7 09:08:32 2005) References: <1128630552l.10050l.1l@roo.localnet> <87u0fu6yf2.wl%marcus.brinkmann@ruhr-uni-bochum.de> <1128648439l.10050l.3l@roo.localnet> <873bndlbjj.wl%marcus.brinkmann@ruhr-uni-bochum.de> Message-ID: <1128706346l.10050l.5l@roo.localnet> Skipped content of type multipart/mixed-------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051007/7f76071e/attachment.pgp From wolfgang.rosenauer at an-netz.de Mon Oct 10 11:15:51 2005 From: wolfgang.rosenauer at an-netz.de (Wolfgang Rosenauer) Date: Mon Oct 10 11:16:04 2005 Subject: gpg2 vs. gpg and OpenPGP card In-Reply-To: <87vf05hi42.fsf@wheatstone.g10code.de> References: <4346205B.2040409@an-netz.de> <87mzll65qi.fsf@wheatstone.g10code.de> <4346400C.8070207@an-netz.de> <878xx55y45.fsf@wheatstone.g10code.de> <43466C33.2060201@an-netz.de> <878xx54bmn.fsf@wheatstone.g10code.de> <434A18E7.8080308@an-netz.de> <87vf05hi42.fsf@wheatstone.g10code.de> Message-ID: <434A3147.3020109@an-netz.de> Werner Koch wrote: > On Mon, 10 Oct 2005 09:31:51 +0200, Wolfgang Rosenauer said: > >> gpg --card-status is not my problem. That works. > > Does it show an authentication key? yes Authentication key: C598 483F 4D8C 65CA B6BD 0248 8EBB 3693 A3ED 2695 created ....: 2005-05-03 12:44:34 >> So I'm still not sure how to add the key from the card to the gpg-agent >> by using ssh-add. > > You don't need. If there is a card in the reader it will get displayed. not for me :-( Wolfgang From wk at gnupg.org Mon Oct 10 11:22:45 2005 From: wk at gnupg.org (Werner Koch) Date: Mon Oct 10 11:26:39 2005 Subject: gpg2 vs. gpg and OpenPGP card In-Reply-To: <434A3147.3020109@an-netz.de> (Wolfgang Rosenauer's message of "Mon, 10 Oct 2005 11:15:51 +0200") References: <4346205B.2040409@an-netz.de> <87mzll65qi.fsf@wheatstone.g10code.de> <4346400C.8070207@an-netz.de> <878xx55y45.fsf@wheatstone.g10code.de> <43466C33.2060201@an-netz.de> <878xx54bmn.fsf@wheatstone.g10code.de> <434A18E7.8080308@an-netz.de> <87vf05hi42.fsf@wheatstone.g10code.de> <434A3147.3020109@an-netz.de> Message-ID: <87achhhgka.fsf@wheatstone.g10code.de> On Mon, 10 Oct 2005 11:15:51 +0200, Wolfgang Rosenauer said: >>> So I'm still not sure how to add the key from the card to the gpg-agent >>> by using ssh-add. >> >> You don't need. If there is a card in the reader it will get displayed. > not for me :-( I need to see some more debug output. Please put a debug 2048 debug 1024 log-file /somewhere/scdaemon.log into scdaemon.conf and verbose log-file /somewhere/gpg-agent.log into gpg-agent.conf. You may also use watchgnupg instead of severeal log files. Then try a ssh-add -l with the card inserted and send me the logs by PM. Shalom-Salam, Werner From alphasigmax at gmail.com Mon Oct 10 12:05:14 2005 From: alphasigmax at gmail.com (Alphax) Date: Mon Oct 10 12:07:57 2005 Subject: Disk Partition In-Reply-To: <20051009165621.GA5488@zax.ifi.uio.no> References: <4347BBF1.5050607@gmail.com> <20051008142743.GA5735@zax.ifi.uio.no> <4347ED4B.7060302@gmail.com> <20051008174533.GC5735@zax.ifi.uio.no> <4349333C.1080906@3web.net> <20051009165621.GA5488@zax.ifi.uio.no> Message-ID: <434A3CDA.60409@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 zvrba@globalnet.hr wrote: > If you don't want to use such a dangerous tool, you can produce many > containers having just random junk inside, some of them pseudo-secret > data like "love" emails.. Many as in 10s of thousands, and random file names. > For some of them you remember passwords, for most of them you don't (nobody > reasonable can expect you to remember 10s of thousands passwords). > Finally, something to do with all my Nigerian/pharmaceutical spam! :) - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ0o82bMAAH8MeUlWAQix2QgAsztNqTmwR6d1oDkJGbpH5UtF8vN21Yew tL2rk6v7FOqCFhpmND0TPfqshSGL1x/YK/OtFKEbxS6yfMg+9mINaG013RHBrtQh 2yDSXKhWvCLR7lUp9CanjUfi1FAlDFegzSqkWaLbJQG/2RnfE0+McEnJqsgPdkd+ sRnfOSvyT2BDoz+Pc7MMZSzg20ns1SrqRU2eDi6oKEeXaUFTl3ct3sUPEJf0Vy/B KTF2MHfvRx3N4k2FqyaqzfHqgIM3vZpn2P3WzPpg75jEzQtkvk87gcA4PD2mAjBI l/P6Ky8xoO5VoRNRuKQ1lho5l9itVkbCTiuAQJESO+n61qHiQzpGSQ== =njNe -----END PGP SIGNATURE----- From alphasigmax at gmail.com Mon Oct 10 13:39:59 2005 From: alphasigmax at gmail.com (Alphax) Date: Mon Oct 10 13:42:35 2005 Subject: Lack of backwards compatability? Message-ID: <434A530F.8000601@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Some old versions of GPG (1.0.x?) had support for the TIGER192 hash, but this was later removed when it was dropped/rejected from the OpenPGP standard. However, these versions of GPG (and possibly some versions of PGP as well) are still able to produce signatures using the TIGER192 hash algorithm, with no way to verify them in the current version of GPG. Is it possible to add the capability to verify signatures made with this hash? The fact that prior versions were able to create such signatures but newer versions are not able to verify them really breaks backwards compatability standards. Thanks, - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ0pTD7MAAH8MeUlWAQjEkQf/RFoFJEeDSNOMrg3hEiI2Ge7REzQa8ZZ9 oK9alTSBWZ0dtkJxYs9c6lW6kGd0wW+b7TqVa4b2plpyYZwLxfHLypuuSyd3VnXP ECg/xjxabBEUwZMo8hpREHzgkV9MxaJarLR1LMppqLjdQdd+06Bv6HogAKg3vzJN 2uBcwl6eBEZ0l3AScjZv92ZMmRwD1b9wTASmDYY/iKQJJotvjSZyey0eBmbiCJ7V W1FggX+weNI7BKCWdofhNvlNjtDXBxpfc89i5+sduXNFlhm63FmmMpBRWziPpXJJ 2TA2TuKf6GB0eucVZtAaO9yE0ChphMwTDxg/oLOdOBdmTRYDieu5dw== =tFKF -----END PGP SIGNATURE----- From vedaal at hush.com Mon Oct 10 16:00:21 2005 From: vedaal at hush.com (vedaal@hush.com) Date: Mon Oct 10 16:00:27 2005 Subject: Disk Partition Message-ID: <200510101400.j9AE0Oad001136@mailserver3.hushmail.com> >Message: 1 >Date: Sun, 09 Oct 2005 21:14:22 -0500 >From: Thomas Jones >Subject: Re: Disk Partition >cdr wrote: >> vedaal@hush.com wrote: >> > ...things missing from true-crypt: >>> ...authentication with a key, >> >I am not sure of the context of this statement. To what are you >referring? the ability to sign a truecrypt container with one's own private key and decrypt with a key rather than a password (i.e. a mechanism to sign the hidden volume within a truecrypt container with a key when creating it, verifiable by truecrypt when mounting it, and signing or not signing the truecrypt volume, as circumstances dictate) vedaal Concerned about your privacy? Follow this link to get secure FREE email: http://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger http://www.hushmail.com/services-messenger?l=434 Promote security and make money with the Hushmail Affiliate Program: http://www.hushmail.com/about-affiliate?l=427 From umur at kktc.net Mon Oct 10 13:54:31 2005 From: umur at kktc.net (Umur YILMAZ) Date: Tue Oct 11 17:31:15 2005 Subject: import private key Message-ID: <434A5677.50108@kktc.net> Hi all, In my previous linux installation i exported my keys to privatekey.txt and publickey.txt files. After new installation i want to re-install (re-import) them. Which command should I use, or is there a way to re-import privatekey? THX From oskar at rbgi.net Tue Oct 11 18:42:45 2005 From: oskar at rbgi.net (Oskar L.) Date: Tue Oct 11 18:43:21 2005 Subject: import private key In-Reply-To: <434A5677.50108@kktc.net> References: <434A5677.50108@kktc.net> Message-ID: <1058.213.169.24.118.1129048965.squirrel@mail.rbgi.net> gpg --import filename Oskar > Hi all, > > In my previous linux installation i exported my keys to privatekey.txt > and publickey.txt files. After new installation i want to re-install > (re-import) them. > > Which command should I use, or is there a way to re-import privatekey? > > THX > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > From oskar at rbgi.net Wed Oct 12 11:37:11 2005 From: oskar at rbgi.net (Oskar L.) Date: Wed Oct 12 11:37:49 2005 Subject: How to fix the user ID on an old key? In-Reply-To: References: <200509051540.j85FeQEh010957@vulcan.xs4all.nl> Message-ID: <1066.213.169.31.186.1129109831.squirrel@mail.rbgi.net> Hello, I've got an old keypair, generated in 2003 with the current PGP version at that time. When I import the secret key, I get: gpg: key 75AC881F: no valid user IDs gpg: this may be caused by a missing self-signature I'm able to get the key to work in gpg, but is there any way to fix it, so that I can export it, delete it from the keyring, and re-import it, without getting that message? I've tried --allow-non-selfsigned-uid, but that doesn't seem to change the key, only the way gpg handles it (when exported it's still the same). Included below is the output from pgpdump, in case that's of any help. Oskar Old: Secret Key Packet(tag 5)(481 bytes) Ver 4 - new Public key creation time - Fri Oct 3 06:58:46 EDT 2003 Pub alg - DSA Digital Signature Algorithm(pub 17) DSA p(1024 bits) - ... DSA q(160 bits) - ... DSA g(1022 bits) - ... DSA y(1024 bits) - ... Sym alg - CAST5(sym 3) Iterated and salted string-to-key(s2k 3): Hash alg - SHA1(hash 2) Salt - 3f ac 9a 6c 32 e5 a5 94 Count - 65536(coded count 96) IV - 75 29 8e f0 54 0b 20 5e Encrypted DSA x Encrypted SHA1 hash Old: User ID Packet(tag 13)(43 bytes) User ID - anon0106@yahoo.co.uk Old: Secret Subkey Packet(tag 7)(610 bytes) Ver 4 - new Public key creation time - Fri Oct 3 06:58:46 EDT 2003 Pub alg - ElGamal Encrypt-Only(pub 16) ElGamal p(2048 bits) - ... ElGamal g(2 bits) - ... ElGamal y(2046 bits) - ... Sym alg - CAST5(sym 3) Iterated and salted string-to-key(s2k 3): Hash alg - SHA1(hash 2) Salt - 3f ac 9a 6c 32 e5 a5 94 Count - 65536(coded count 96) IV - 3e 3c 75 2d 2e 2b 86 04 Encrypted ElGamal x Encrypted SHA1 hash From alphasigmax at gmail.com Wed Oct 12 11:57:52 2005 From: alphasigmax at gmail.com (Alphax) Date: Wed Oct 12 12:00:33 2005 Subject: How to fix the user ID on an old key? In-Reply-To: <1066.213.169.31.186.1129109831.squirrel@mail.rbgi.net> References: <200509051540.j85FeQEh010957@vulcan.xs4all.nl> <1066.213.169.31.186.1129109831.squirrel@mail.rbgi.net> Message-ID: <434CDE20.6000507@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Oskar L. wrote: > Hello, > > I've got an old keypair, generated in 2003 with the current PGP version at > that time. When I import the secret key, I get: > > gpg: key 75AC881F: no valid user IDs > gpg: this may be caused by a missing self-signature > > I'm able to get the key to work in gpg, but is there any way to fix it, so > that I can export it, delete it from the keyring, and re-import it, > without getting that message? I've tried --allow-non-selfsigned-uid, but > that doesn't seem to change the key, only the way gpg handles it (when > exported it's still the same). Included below is the output from pgpdump, > in case that's of any help. > Re-import it from a keyserver, the copy on the SKS network has a valid self-sig... If that doesn't work, gpg --sign 0x75AC881F ... - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ0zeH7MAAH8MeUlWAQgaRgf/TQRw/pHUBVBaGrRNN2t1Ch+SnNbwRWeS IvDXXfNErNJGd5B8nMQkB6NdhJZfdGbs/6eP8/0Eq+zK/cvt4x+/amC2YsFzaA1T v28JmOxGaOV+jjimhbPtMdu7bRH3bxr2Trj/Kp/lD2pltTZ076ekvFiRawCWDxaq 7h00VqMvN1pe4VM1+qlyogen911Uh4J3UDqW8L8Lz1vIoEsFktRpV9kEW4ytdiUU Fi/cca1EpaCw9+S3L6lB8ZFJ0P/JRjOOTaANaY9DRP0u+YQJTFTJR1oyh3nhU7OD puugUUlqy87LtCp4mgFXM2TDTudTAQeizrZ7PG1HDX0S5ZsTE0BGOg== =CHyP -----END PGP SIGNATURE----- From canuzzi at gmx.net Thu Oct 13 15:39:09 2005 From: canuzzi at gmx.net (Niels Ringelmann) Date: Thu Oct 13 17:26:17 2005 Subject: Decryption doesn't work anymore Message-ID: <434E637D.6080907@gmx.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi mailinglist members! Until today, I was working fine with GnuPG, but today after experimentaiotn with sub ids (and removing them again). I am no longer able to decrypt with my secret key, as you can see in the following example (unfortunatley, its the german version of gnupg, so I added some English comments in square brackets after the german version): - -------------------------------------- canuzzi@gaia:~> gpg --edit-key canuzzi@gmx.net gpg (GnuPG) 1.4.2; Copyright (C) 2005 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. Geheimer Schl?ssel ist vorhanden. [secret key exists] pub 1024D/98E19C0A created: 2003-11-20 expires: niemals usage: CS trust: uneingeschr?nkt G?ltigkeit: uneingeschr?nkt sub 1024g/A73E22F0 created: 2003-11-20 expires: niemals usage: E [ultimate] (1). Niels Ringelmann (Private Email) [ultimate] (2) Niels Ringelmann (Institut fuer Photogrammetrie und Fernerkundung, TU Wien) [ultimate] (3) [jpeg image of size 5630] Befehl> quit canuzzi@gaia:~> echo foo | gpg -e -r canuzzi@gmx.net | gpg -d -r canuzzi@gmx.net gpg: encrypted with 1024-bit ELG-E key, ID A73E22F0, created 2003-11-20 "Niels Ringelmann (Private Email) " gpg: Entschl?sselung fehlgeschlagen: Geheimer Schl?ssel ist nicht vorhanden [decryption failed: secret key does not exists] - -------------------------------------- I hope, I don't have to abandon that key :( thanks Niels -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDTmN9bVnViJjhnAoRAjG1AJ9b16evOJdmi8yrobL9/lvquj+ZFQCgiFYa sn4gYGgqEYpUMXVcYBcNh7U= =Feq4 -----END PGP SIGNATURE----- From lares.moreau at gmail.com Thu Oct 13 17:30:14 2005 From: lares.moreau at gmail.com (Lares Moreau) Date: Thu Oct 13 19:26:00 2005 Subject: Recommended keyserver Message-ID: <1129217414.6939.5.camel@localhost> Is there a recommended(read Endorsed) Keyserver? I'm looking at the documentation we have here at gentoo.org and it recommends pgp.mit.edu. It has been suggested that this server is old and broken. Is this the case? Please advise. -- Lares Moreau Gentoo x86 Arch Tester Puplic Key: 0D46BB6E @ subkeys.pgp.net Key fingerprint = 0CA3 E40D F897 7709 3628 C5D4 7D94 483E 0D46 BB6E LRU: 400755 http://counter.li.org ::0 Alberta,Canada -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : /pipermail/attachments/20051013/cef72de1/attachment.pgp From lares.moreau at gmail.com Thu Oct 13 17:30:16 2005 From: lares.moreau at gmail.com (Lares Moreau) Date: Thu Oct 13 19:26:05 2005 Subject: Recommended keyserver Message-ID: <1129217414.6939.5.camel@localhost> Is there a recommended(read Endorsed) Keyserver? I'm looking at the documentation we have here at gentoo.org and it recommends pgp.mit.edu. It has been suggested that this server is old and broken. Is this the case? Please advise. -- Lares Moreau Gentoo x86 Arch Tester Puplic Key: 0D46BB6E @ subkeys.pgp.net Key fingerprint = 0CA3 E40D F897 7709 3628 C5D4 7D94 483E 0D46 BB6E LRU: 400755 http://counter.li.org ::0 Alberta,Canada -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : /pipermail/attachments/20051013/cef72de1/attachment-0001.pgp From linux at codehelp.co.uk Thu Oct 13 19:37:15 2005 From: linux at codehelp.co.uk (Neil Williams) Date: Thu Oct 13 19:36:12 2005 Subject: Recommended keyserver In-Reply-To: <1129217414.6939.5.camel@localhost> References: <1129217414.6939.5.camel@localhost> Message-ID: <200510131837.15714.linux@codehelp.co.uk> On Thursday 13 October 2005 4:30 pm, Lares Moreau wrote: > Is there a recommended(read Endorsed) Keyserver? > I'm looking at the documentation we have here at gentoo.org and it > recommends pgp.mit.edu. It has been suggested that this server is old > and broken. Is this the case? Yes, it does not cope well with photo UID's, subkeys that have an expiry date changed and other features. pgp.mit.edu isn't as broken as some others, but it's not as good as the best. > Please advise. Use subkeys.pgp.net It's a DNS round-robin of 3 servers that support the widest range of gnupg keys and features. -- Neil Williams ============= http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051013/6dce1a8c/attachment.pgp From shavital at mac.com Thu Oct 13 18:59:36 2005 From: shavital at mac.com (Charly Avital) Date: Thu Oct 13 19:48:56 2005 Subject: Decryption doesn't work anymore In-Reply-To: <434E637D.6080907@gmx.net> References: <434E637D.6080907@gmx.net> Message-ID: <434E9278.4080308@mac.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Niels, I have sent you directly an encrypted message, using the key you refer to, in your message to the list. I don't know what changes you may have done. But when I downloaded, a few minutes ago, your key from the keyservers, it was identical to the one that was already in my keyring. Therefore I suppose that you have not uploaded your modified (if modified) keyblock to the keyservers. Which means that you can always download that keyblock again. The change I can see, from what you indicate in your message is that you have deleted, in your keyring, the uid: Niels Ringelmann (private email) , where 'email' is spelled with a lower case \e\, and set the uid: Niels Ringelmann (Private Email) , where 'Email' is spelled with an upper case \E\. I can't see how this change may have affected your ability to use the secret key. Have you checked whether the secret key is in your secret keyring? If it is not, can you replace it from your keyrings backup? Charly Niels Ringelmann wrote the following on 10/13/05 9:39 AM: > Hi mailinglist members! > > Until today, I was working fine with GnuPG, but today after > experimentaiotn with sub ids (and removing them again). I am no longer > able to decrypt with my secret key, as you can see in the following > example (unfortunatley, its the german version of gnupg, so I added some > English comments in square brackets after the german version): > -------------------------------------- > canuzzi@gaia:~> gpg --edit-key canuzzi@gmx.net > gpg (GnuPG) 1.4.2; Copyright (C) 2005 Free Software Foundation, Inc. > This program comes with ABSOLUTELY NO WARRANTY. > This is free software, and you are welcome to redistribute it > under certain conditions. See the file COPYING for details. > > Geheimer Schl?ssel ist vorhanden. [secret key exists] > > pub 1024D/98E19C0A created: 2003-11-20 expires: niemals usage: CS > trust: uneingeschr?nkt G?ltigkeit: uneingeschr?nkt > sub 1024g/A73E22F0 created: 2003-11-20 expires: niemals usage: E > [ultimate] (1). Niels Ringelmann (Private Email) > [ultimate] (2) Niels Ringelmann (Institut fuer Photogrammetrie und > Fernerkundung, TU Wien) > [ultimate] (3) [jpeg image of size 5630] > > Befehl> quit > canuzzi@gaia:~> echo foo | gpg -e -r canuzzi@gmx.net | gpg -d -r > canuzzi@gmx.net > gpg: encrypted with 1024-bit ELG-E key, ID A73E22F0, created 2003-11-20 > "Niels Ringelmann (Private Email) " > gpg: Entschl?sselung fehlgeschlagen: Geheimer Schl?ssel ist nicht vorhanden > [decryption failed: secret key does not exists] > -------------------------------------- > I hope, I don't have to abandon that key :( > thanks > Niels _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (Darwin) Comment: GnuPG for Privacy Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBQ06Sc269XHxycyfPAQgGbhAAo5e/33MEuYcncezw+FcHQilj/LQji1ND JPqh+vuh5rsHj1ldup1PTlusDhA+QVjTwEjj0F8wQzPHA3FrPn/F8dKKe/NiA1Ur eBjvjayPkwogfCGhlktSclvyEkZywQ0r40nJU2VRiG0ly2wcpzFlFIfpPwyvkIMW fIWV7ugkWkM8IJtVRTfHT7+bTHUHNXfGQJ/aUUlQWGz4nChC3aMYBnmOBt69EvEJ Jj+Pt9y+mdBsMwpjAPkMD768VfM/wemw8HTpRkOEpCyWl/bbY6zg984ldl5bscv0 RR9gM6j1Q9fPw0h12QrXHXmVra0qaVZ7WJhwt1Tp0StlM2WHNNr8ctWd9BuBbVlc MZy/4K7ZcHvTFmlKp1SpMAHoPV7OvszfQPuIrubsoXe0uJeFI4dvnBpCzxaAGNUl g3XvTLyoIO89JP3UTn4T0bYHL5R9KvIQBX4h7KWYJLgO3utzzArZylclZrcI1ja/ TWc8sNGLR+LYPIV6Vha22iRYNHVfK5Wiy1bv5Ln11/NgojaCDF1RI2vs+GVn2mnw naJvW6SUVoDYB0xRQQAKkwOEx0GQq2oedD6F8RlUaNFsxWGg5Miqg9zflqVLRNFm Y6CKGiCzxMS9LQ7P7qawIHRLETh7MFbIbEBUjmyXSTH+e23uEYl67Z0zWFMRBEEd 6MCSc3W6r+s= =6JFt -----END PGP SIGNATURE----- From blueness at gmx.net Thu Oct 13 21:22:18 2005 From: blueness at gmx.net (Mica Mijatovic) Date: Thu Oct 13 21:25:32 2005 Subject: Recommended keyserver In-Reply-To: <1129217414.6939.5.camel@localhost> References: <1129217414.6939.5.camel@localhost> Message-ID: <933405570.20051013212218@gmx.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Was Thu, 13 Oct 2005, at 09:30:16 -0600, when Lares wrote: > Is there a recommended(read Endorsed) Keyserver? I'm looking at the > documentation we have here at gentoo.org and it recommends > pgp.mit.edu. It has been suggested that this server is old and broken. > Is this the case? > Please advise. If it is broken I never was the victim of this break (down?). I always (several years already) use only this server/address (a short name easily memorized/typed). I don't know what to say about its age...sometimes an age brings this and sometimes that. Well... It's not an advice though, just my experience. - -- Mica PGP keys nestled at: http://bardo.port5.com/pgpkeys/ ~~~ For personal mail please use my address as it is *exactly* given in my "From|Reply To" field(s). ~~~ -----BEGIN PGP SIGNATURE----- iQEVAwUBQ06z6LSpHvHEUtv8AQOh8QgAmODtZvqUk5a4Fdetyn+vYaGF2qEahNCL tFQml+HoVgs1rzC6FfdUkG5/ifT4Pb5tz70LnzretElNwGQ2upoN9qKGIZet0wyD tDjgQ3cQBSS9A0IlpDnfjFev8uw2yAHk4ohPDmIHH/+Z73E9rFdt8T6/jeJxadcu jyYbRx2xun3ljcjwHhAc8ODIV8I9b7FzKp8TZNZiWgq3kUl0fcJlvY+pDEMqaS8v /q7ENvx7oGOxRxQvfLZfuYIATcRYkWEwqhMvQPxraCLzKtP49XcyQg5y2BO+9HB9 mqPUYSE+qDsGeaetg78P7BGx769SmAYbHmjUnvpcSS1FFNC64KJE8g== =PRhZ -----END PGP SIGNATURE----- From canuzzi at gmx.net Thu Oct 13 21:50:28 2005 From: canuzzi at gmx.net (Niels Ringelmann) Date: Thu Oct 13 21:46:29 2005 Subject: Decryption doesn't work anymore In-Reply-To: <434E9278.4080308@mac.com> References: <434E637D.6080907@gmx.net> <434E9278.4080308@mac.com> Message-ID: <434EBA84.1090203@gmx.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thanks Charly, I tested already with a friend, that I also can't decrypt from third party. It didn't work. But I was so far lucky that I had stil an old backup of my key. But still I would be interested, what went wrong to avoid to make the same failure again. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDTrqEbVnViJjhnAoRAp+EAJ0VTDCu64DWGIDYGNYXpy7ZjZlPjQCfU96n UgwdJChON4VuoBdjer6Jxrk= =P3wB -----END PGP SIGNATURE----- From tad at tadland.net Thu Oct 13 20:26:15 2005 From: tad at tadland.net (Tad Marko) Date: Thu Oct 13 21:55:52 2005 Subject: Bogus Key on Keyservers Message-ID: <20051013182615.GA26597@www.tadland.net> If someone creates a key that LOOKS like I created it (my name and email address) and uploads it to the keyservers, how can I either get rid of it or somehow flag my own key in such a way that it is clear which is the real one? Thanks, Tad From lares.moreau at gmail.com Thu Oct 13 22:04:10 2005 From: lares.moreau at gmail.com (Lares Moreau) Date: Thu Oct 13 22:04:09 2005 Subject: Bogus Key on Keyservers In-Reply-To: <20051013182615.GA26597@www.tadland.net> References: <20051013182615.GA26597@www.tadland.net> Message-ID: <1129233850.23348.2.camel@localhost> Key Fingerprint in Signature? (look Down) On Thu, 2005-10-13 at 13:26 -0500, Tad Marko wrote: > If someone creates a key that LOOKS like I created it (my name and > email address) and uploads it to the keyservers, how can I either get > rid of it or somehow flag my own key in such a way that it is clear > which is the real one? > > Thanks, > Tad > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Lares Moreau Gentoo x86 Arch Tester Puplic Key: 0D46BB6E @ subkeys.pgp.net Key fingerprint = 0CA3 E40D F897 7709 3628 C5D4 7D94 483E 0D46 BB6E LRU: 400755 http://counter.li.org ::0 Alberta,Canada -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : /pipermail/attachments/20051013/95801d43/attachment.pgp From linux at codehelp.co.uk Thu Oct 13 22:12:11 2005 From: linux at codehelp.co.uk (Neil Williams) Date: Thu Oct 13 22:11:10 2005 Subject: Bogus Key on Keyservers In-Reply-To: <20051013182615.GA26597@www.tadland.net> References: <20051013182615.GA26597@www.tadland.net> Message-ID: <200510132112.15257.linux@codehelp.co.uk> On Thursday 13 October 2005 7:26 pm, Tad Marko wrote: > If someone creates a key that LOOKS like I created it (my name and > email address) and uploads it to the keyservers, how can I either get > rid of it You can't. You need to rely on the fingerprint - that is the only unique identifier for any key. It's quite unlikely that they would generate a key with the same userid and the same short key ID (8 characters) and most email clients now will display the 16 character ID which makes it even less likely. There are duplicates out there of the last 8 characters (0xDEADBEEF is the most common) but not of the longer 16 character ID. (short keyID is the last 8 characters of the fingerprint, longer the last 16 etc.) > or somehow flag my own key in such a way that it is clear > which is the real one? Any change you make to your key could be mirrored by whoever created the other key. Use the fingerprint, that's what it is for. -- Neil Williams ============= http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051013/f9da24fe/attachment.pgp From mwlucas at blackhelicopters.org Thu Oct 13 22:28:16 2005 From: mwlucas at blackhelicopters.org (Michael W. Lucas) Date: Thu Oct 13 22:28:24 2005 Subject: Bogus Key on Keyservers In-Reply-To: <200510132112.15257.linux@codehelp.co.uk> References: <20051013182615.GA26597@www.tadland.net> <200510132112.15257.linux@codehelp.co.uk> Message-ID: <20051013202816.GA46967@bewilderbeast.blackhelicopters.org> On Thu, Oct 13, 2005 at 09:12:11PM +0100, Neil Williams wrote: > > or somehow flag my own key in such a way that it is clear > > which is the real one? > > Any change you make to your key could be mirrored by whoever created the other > key. Use the fingerprint, that's what it is for. Signatures can help as well. I trust keys more if I can find Web of Trust paths to them. But there's no way to mark the bogus key as bogus. ==ml -- Michael W. Lucas mwlucas@FreeBSD.org, mwlucas@BlackHelicopters.org http://www.BlackHelicopters.org/~mwlucas/ "The cloak of anonymity protects me from the nuisance of caring." -Non Sequitur -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : /pipermail/attachments/20051013/810e95dd/attachment.pgp From dshaw at jabberwocky.com Thu Oct 13 23:13:41 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Thu Oct 13 23:14:29 2005 Subject: Bogus Key on Keyservers In-Reply-To: <20051013182615.GA26597@www.tadland.net> References: <20051013182615.GA26597@www.tadland.net> Message-ID: <20051013211341.GA4287@jabberwocky.com> On Thu, Oct 13, 2005 at 01:26:15PM -0500, Tad Marko wrote: > If someone creates a key that LOOKS like I created it (my name and > email address) and uploads it to the keyservers, how can I either get > rid of it or somehow flag my own key in such a way that it is clear > which is the real one? If you use the PGP global directory (ldap://keyserver.pgp.com) as your keyserver, you can, since it checks the email address by sending mail to it. On other keyservers, you can't do this. This is what the web of trust is for; your real key would have signatures proving that it is yours. David From blueness at gmx.net Mon Oct 10 16:27:07 2005 From: blueness at gmx.net (Mica Mijatovic) Date: Thu Oct 13 23:20:43 2005 Subject: Lack of backwards compatability? In-Reply-To: <434A530F.8000601@gmail.com> References: <434A530F.8000601@gmail.com> Message-ID: <1565068293.20051010162707@gmx.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: TIGER192 Was Mon, 10 Oct 2005, at 21:09:59 +0930, when Alphax wrote: > Some old versions of GPG (1.0.x?) had support for the TIGER192 hash, but > this was later removed when it was dropped/rejected from the OpenPGP > standard. > However, these versions of GPG (and possibly some versions of PGP as > well) are still able to produce signatures using the TIGER192 hash > algorithm, with no way to verify them in the current version of GPG. > Is it possible to add the capability to verify signatures made with this > hash? The fact that prior versions were able to create such signatures > but newer versions are not able to verify them really breaks backwards > compatability standards. Ah, lo the mellow suggestion! I'm about to join with too. It would be quite handy, especially for some of us who were using the TIGER _a lot_ in the past, and are using it _a lot_ in the present, and shall use it, with the sweet permission of providence _a lot_ in the future. Meantime, though, this is how I solve this problem, so it perhaps could help others too... I have both .exe versions 1.4x and 1.2.3 in folder "There" which is sub-folder of the folder "GPG" (with GPG installed in and with the working current gpg.exe). Via a .bat file I copy/rename one of the versions I need into GPG folder, so it becomes gpg.exe. I call the .bat file with just Win+R (yep, we talk about a Windows now), then typing in "14" (for version 1.4x) or "12" (for version 1.2.3) and then hitting the . It's a pretty quick switch and not very inconvenient. I use similar "strategy" for a switch between diverse .conf files of mine. If this is not clear enough I might send copies of my .bat files with more instructions. It's easy to do in Linux too, using simple shell scripts, instead the batch ones. And, in honor of TIGER192, I'll out of courtesy sign this missive using this fancy and noble algo. (-: (I switch now to "conf2" .bat.) - -- Mica PGP keys nestled at: http://bardo.port5.com/pgpkeys/ ~~~ For personal mail please use my address as it is *exactly* given in my "From|Reply To" field(s). ~~~ OK, so you're a Ph.D. Just don't touch anything. -----BEGIN PGP SIGNATURE----- iQEVAwUBQ0p6KrSpHvHEUtv8AQaJsAf8Dpezm+HTRoWW68umfo3YE/EDiQjSEAKa J12KYVNcAkE8gvtzfLuCpSoZin4WDVFnHqrJmclIE9LbOKpkZvqvAwACGABxvQSd 8nmvn80dfF7GaGIXUfUAHW7idsvvv1J5zfgZw5vYjED1KMQsQOFGnRaSJm/ZE5F/ pb4IB8EBon14ermBg0REkwe1WIsQ7RPTdoFJAM4gtlaHpXPuc7rt80OAPUG0g9pD 2CwtwGjXOUNde1+MJzzu5ZgDY6cC/HU8R9JenNmAUeiT9D6nfMxyn/oY/0u4TSOR xIQfvquqBOhq2c1jie/E+MHtBijPpL1q6Wc28Bb7umW4be4Dbx2lpA== =9OXZ -----END PGP SIGNATURE----- From dshaw at jabberwocky.com Fri Oct 14 00:14:01 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Fri Oct 14 00:14:33 2005 Subject: Lack of backwards compatability? In-Reply-To: <434A530F.8000601@gmail.com> References: <434A530F.8000601@gmail.com> Message-ID: <20051013221401.GB4287@jabberwocky.com> On Mon, Oct 10, 2005 at 09:09:59PM +0930, Alphax wrote: > Some old versions of GPG (1.0.x?) had support for the TIGER192 hash, but > this was later removed when it was dropped/rejected from the OpenPGP > standard. > > However, these versions of GPG (and possibly some versions of PGP as > well) are still able to produce signatures using the TIGER192 hash > algorithm, with no way to verify them in the current version of GPG. > > Is it possible to add the capability to verify signatures made with this > hash? The fact that prior versions were able to create such signatures > but newer versions are not able to verify them really breaks backwards > compatability standards. TIGER192 is not part of OpenPGP. Sometimes it's less painful to rip the bandage off all at once than it is to pull. it. off. really. really. slowly. GnuPG dropped TIGER192 in 2003. Re-adding it now would be a step backwards in pulling that bandage off. David From johnmoore3rd at joimail.com Fri Oct 14 00:51:33 2005 From: johnmoore3rd at joimail.com (John W. Moore III) Date: Fri Oct 14 00:51:38 2005 Subject: Lack of backwards compatability? In-Reply-To: <1565068293.20051010162707@gmx.net> References: <434A530F.8000601@gmail.com> <1565068293.20051010162707@gmx.net> Message-ID: <434EE4F5.6020907@joimail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 It would be easier to confirm the sig if one had the Key or ability to Import it. JOHN :) Timestamp: Thursday 13 Oct 2005, 06:50 PM --400 (Eastern Daylight Time) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: http://www.gswot.org Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEcBAEBCAAGBQJDTuTyAAoJEBCGy9eAtCsPlfwH/AjpPbWEUXMXDGRkhkLyv8oi XAN5mEcueIfVX6oyQ1q9K7+y2cGPXm7hHjMSrN1FP+2NJuV2jodcDg02eI6vaI1+ 31Pj9u1yfiE+IqrSqXN9NF+MnmtjWhmSDNPKrsl++4pu3NBXV5rZ++APsqD1GNm/ H9gDSLMtauA6VqDWSkjShycH3UmY9p/MdXhY0AtA7mQ1ugVrBNZZ9YLJ5rpF2VNv GuFBYMdCSEWcV+7/gK7PdTitfMaqXRfryokNOdxskmtGHkMGs8RjYR6NRbbsocwt cQ0lQIKbxsjNBanUULqPVmznDDm36RDS1ua7833zHfCN1Ydd+n95LVnL65BjNdk= =bRsx -----END PGP SIGNATURE----- From blueness at gmx.net Fri Oct 14 02:14:35 2005 From: blueness at gmx.net (Mica Mijatovic) Date: Fri Oct 14 02:15:40 2005 Subject: Lack of backwards compatability? In-Reply-To: <434EE4F5.6020907@joimail.com> References: <434A530F.8000601@gmail.com> <1565068293.20051010162707@gmx.net> <434EE4F5.6020907@joimail.com> Message-ID: <1284272621.20051014021435@gmx.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Was Thu, 13 Oct 2005, at 18:51:33 -0400, when John wrote: > It would be easier to confirm the sig if one had the Key or ability to > Import it. Agree wholeheartedly. If someone would ask me if I could agree More I couldn't say I could. Anyone who has ability to handle a web browser May do that and is welcome To. The URL to my keys is Present in each of my messages. - -- Mica PGP keys nestled at: http://bardo.port5.com/pgpkeys/ ~~~ For personal mail please use my address as it is *exactly* given in my "From|Reply To" field(s). ~~~ "Cough-cough..." - Chopin -----BEGIN PGP SIGNATURE----- iQEVAwUBQ074aLSpHvHEUtv8AQPgQwf/QuzZqtnHvEFf53I8cn8csCW+Hr8+vM1g o7J3BlLBIKZ3e8l+HGt3cPEBuUh+8VErMIBn1r+BV29gXw6imzVY3QGvcctKdRq8 WuMKluHHAPXtrdm2ZRk4vDGhA6X+RkA2rbvePehavcFv4k91E86rISxnWoXbvGIC mmRWfbkGmZzJ2gy4PsiEyhOGvRm4uwobKp5Y6Mmz/xvVqclsrr5He/SBq5SHyBUV VXfEAfeWRzFjJHU4mYDoKn9jVDL6y3K4EEKAX3vgPGdxz3/7HRFR7xiJTkOuCcmg Zf7WIJ938DZbNBeSbenbX94DDVIzUU5aN0h7+x+/XDWXbQt6JWR7xA== =ahEp -----END PGP SIGNATURE----- From JPClizbe at comcast.net Fri Oct 14 04:11:04 2005 From: JPClizbe at comcast.net (John Clizbe) Date: Fri Oct 14 04:14:02 2005 Subject: Recommended keyserver In-Reply-To: <1129217414.6939.5.camel@localhost> References: <1129217414.6939.5.camel@localhost> Message-ID: <434F13B8.5070701@comcast.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Lares Moreau wrote: > Is there a recommended(read Endorsed) Keyserver? There is NO officially recommended or endorsed key server. > I'm looking at the documentation we have here at gentoo.org and it > recommends pgp.mit.edu. It has been suggested that this server is old > and broken. Is this the case? pgp.mit.edu works fine for older keys. It runs the PGP Key Server (pks). PKS does not handle V4 key features well. Notable examples of mangled features are multiple subkeys, a revoked subkey (tag 0x28), duplicate keyids, direct key signatures (tag 0x1F), revocation signatures on userids (tag 0x30), or photo IDs. There is also no development or maintenance being done on the pks platform. One exception to the pks servers is keyserver.kjsl.com, which has been patched to not mangle keys; however, it drops photo IDs. The one PKS server at kjsl.com, the LDAP keyservers (only one is still on the 'net and it's unsynchronized, ldap://keyserver-legacy.pgp.com), and the SKS servers handle v4 keys correctly. The current platform of choice is known as the Synchronizing Key Server (SKS). It is written to fully comply with OpenPGP specifications. subkeys.pgp.net is a round-robin DNS lookup of four servers. Three SKS servers and the server at keyserver.kjsl.com. The address some of my correspondents and myself and refer to most users is x-hkp://random.sks.keyserver.penguin.de. It's a round-robin alias that is updated daily with the operational servers in SKS' universe. For my own use, I use minsky.surfnet.nl. It's easy for me to remember (Yaron Minsky wrote SKS and its Gossip protocol.) It's also short to type. - -- John P. Clizbe Inet: JPClizbe(a)comcast DOT nyet Golden Bear Networks PGP/GPG KeyID: 0x608D2A10 "Be who you are and say what you feel because those who mind don't matter and those who matter don't mind." - Dr Seuss, "Oh the Places You'll Go" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3-cvs-3909-2005-10-12 (MingW32) Comment: When cryptography is outlawed, b25seSBvdXRsYXdzIHdpbGwgdXNlIG Comment: Be part of the ?33t ECHELON -- Use Strong Encryption. Comment: It's YOUR right - for the time being. Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQCVAwUBQ08Tsr4fmBEYuzc6AQJ9gAP/VoBrVdi/76JIAzug/hkfIPSGVVyH8XZx EQdc6J3TZsM0ayorw4pJ3WDcjh9FQADvLqXl+Ew1mhQSMN8KXNFTlHTAMufn0bB6 HMpLAcXy9X/pcEMC969fs3pBe+Kir/wMvYVpw4DKYcqRc8FvMVt/y9hklqo6U+tt m1r5pWHUgmmIPwMFAUNPE7YdBKxKYI0qEBECfPEAoIlabmHAk0bu7o8hryfD9Afu P7n3AKCLtM0qM/5FUB2e6oiRE3h7gOSElg== =9SWo -----END PGP SIGNATURE----- From erpo41 at hotpop.com Fri Oct 14 06:39:00 2005 From: erpo41 at hotpop.com (Eric) Date: Fri Oct 14 06:43:19 2005 Subject: Bogus Key on Keyservers In-Reply-To: <20051013182615.GA26597@www.tadland.net> References: <20051013182615.GA26597@www.tadland.net> Message-ID: <1129264740.7898.16.camel@localhost.localdomain> On Thu, 2005-10-13 at 13:26 -0500, Tad Marko wrote: > If someone creates a key that LOOKS like I created it (my name and > email address) and uploads it to the keyservers, how can I either get > rid of it or somehow flag my own key in such a way that it is clear > which is the real one? You can't. That's like asking how you can stop other people from printing out badges that say "I am Tad Marko" and pinning them to their shirts. Besides, if you could do that, what would stop someone else from deleting YOUR key off of the keyserver or flagging THEIR key as the real Tad Marko? It sounds like your real concern is how you can stop your friends from inadventently getting the wrong key and accidentally encrypting messages to someone pretending to be you. GPG and PGP don't care about names -- they only care about public keys. If you want someone to be able to send a message to the right person, you need to make sure they're encrypting it with the right public key. You do this by telling them your key's signature before they go looking on the keyserver. Eric From tad at tadland.net Fri Oct 14 16:51:22 2005 From: tad at tadland.net (Tad Marko) Date: Fri Oct 14 16:51:27 2005 Subject: Bogus Key on Keyservers In-Reply-To: <1129264740.7898.16.camel@localhost.localdomain> References: <20051013182615.GA26597@www.tadland.net> <1129264740.7898.16.camel@localhost.localdomain> Message-ID: <20051014145122.GA1786@www.tadland.net> On Thu, Oct 13, 2005 at 09:39:00PM -0700, Eric wrote: > On Thu, 2005-10-13 at 13:26 -0500, Tad Marko wrote: > > If someone creates a key that LOOKS like I created it (my name and > > email address) and uploads it to the keyservers, how can I either get > > rid of it or somehow flag my own key in such a way that it is clear > > which is the real one? > > You can't. That's like asking how you can stop other people from > printing out badges that say "I am Tad Marko" and pinning them to their > shirts. I'm not asking for that. I want them to not say that a given key goes to tad@tadland.net. > Besides, if you could do that, what would stop someone else from > deleting YOUR key off of the keyserver or flagging THEIR key as the real > Tad Marko? An email verification step? > It sounds like your real concern is how you can stop your friends from > inadventently getting the wrong key and accidentally encrypting messages > to someone pretending to be you. Close...I simply want to minimize confusion. > GPG and PGP don't care about names -- they only care about public keys. > If you want someone to be able to send a message to the right person, > you need to make sure they're encrypting it with the right public key. > > You do this by telling them your key's signature before they go looking > on the keyserver. Right. But, an email verified mechanism for removing keys stamped with an email address seems like an important omission from the key server system. Tad From dshaw at jabberwocky.com Fri Oct 14 17:02:34 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Fri Oct 14 17:02:59 2005 Subject: Bogus Key on Keyservers In-Reply-To: <20051014145122.GA1786@www.tadland.net> References: <20051013182615.GA26597@www.tadland.net> <1129264740.7898.16.camel@localhost.localdomain> <20051014145122.GA1786@www.tadland.net> Message-ID: <20051014150234.GA30610@jabberwocky.com> On Fri, Oct 14, 2005 at 09:51:22AM -0500, Tad Marko wrote: > > GPG and PGP don't care about names -- they only care about public keys. > > If you want someone to be able to send a message to the right person, > > you need to make sure they're encrypting it with the right public key. > > > > You do this by telling them your key's signature before they go looking > > on the keyserver. > > Right. But, an email verified mechanism for removing keys stamped with > an email address seems like an important omission from the key server system. Use ldap://keyserver.pgp.com. It does email verification. However, it does not (for obvious reasons) sync with the other keyservers. David From JPClizbe at comcast.net Sat Oct 15 01:42:59 2005 From: JPClizbe at comcast.net (John Clizbe) Date: Sat Oct 15 01:49:29 2005 Subject: OpenGPG Card reader In-Reply-To: References: <563742397.20051007181058@fastmail.fm> <4346E4F3.1040000__30596.4350155138$1128719854$gmane$org@comcast.net> Message-ID: <43504283.9070607@comcast.net> Jan-Peter R?hmann wrote: >> ----- Original Message ----- >> From: John Clizbe >> Sent: 07/10/2005 11:13:23 PM +0200 >> Subject: OpenGPG Card reader >> >> There's a list of tested readers in the SmartCard-Howto on GnuPG.org: >> http://www.gnupg.org/howtos/card-howto/en/smartcard-howto-single.html > is there a Howto for Windows anywhere? > > I have a USB Reader from SCM to and can?t connect. There is no Program > such as scdaemon in my Installation of GnuPG. Jan, Sorry I've not responded sooner. It's just been /that kind of week./ On the SCM Microsystems site (http://www.scmmicro.com/support/pcs_product_drivers.html), the download page for the driver for my reader has a note at the bottom: If the host is running Windows 98, Windows 98 SE or Windows Me, ensure that Microsoft Smart Card Base Components are installed on the host before attempting to install the drivers. The English page for the Smart Card Base Components is located at: http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=ECBB6433-DF44-44F8-A439-E4262D049C1C This package installs the Smart Card Resource Management Service (SCardSvc.exe) which handles the card. This piece and the SCM driver should be all that you need. scdaemon is part of GnuPG 1.9. I didn't need it to get my OpenPGP card working. -- John P. Clizbe Inet: John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. PGP/GPG KeyID: 0x608D2A10/0x18BB373A "what's the key to success?" / "two words: good decisions." "what's the key to good decisions?" / "one word: experience." "how do i get experience?" / "two words: bad decisions." "Just how do the residents of Haiku, Hawai'i hold conversations?" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 667 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051014/8358815e/signature.pgp From JPClizbe at comcast.net Sat Oct 15 02:30:19 2005 From: JPClizbe at comcast.net (John Clizbe) Date: Sat Oct 15 02:36:41 2005 Subject: Armor headers In-Reply-To: <434866EF.40506@buddhalinux.org> References: <4347B86F.2000800@gmail.com> <434866EF.40506@buddhalinux.org> Message-ID: <43504D9B.9020701@comcast.net> Thomas Jones wrote: > lusfert wrote: >> Hello. >> >> How can I change text (not by manually editing) in armor headers (for >> example, "Version:") or armor headers themselves (add, remove)? Will it >> affect compatibility with other applications? >> >> Can I put custom text into "Version:" in stage of exporting public key, >> making signatures, encrypting with ASCII output, etc.? >> >> Sometimes I do not wish that others will know what exactly OpenPGP >> implementation and OS I'm currently using. >> The simplest method is to not output anything. Using the options --no-emit-version and --no-comments would take care of that. You could edit the message or use sed to replace the build OS and GnuPG version strings with your choice, but you ruled that out already. So, the final option is to build your own binaries. (see below) > > Then simply recompile the "new" sources. Also I believe from the little > bit of code that I did read that the end-user can append to the default > version header with the addition of a -(dash) and some printable > characters. Search for the DEVELOPMENT_VERSION variable if interested. It's much easier to edit config.h after ./configure and before make and change the define of PRINTABLE_OS_VERSION to whatever you'd like it to be. As your User-Agent string says you're on Windows, you'd most likely want to consult Carlo Bianco's "Building GnuPG for Win32 using MinGW" page (http://clbianco.altervista.org/gnupg/eng/gnupg.html). -- John P. Clizbe Inet: John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. PGP/GPG KeyID: 0x608D2A10/0x18BB373A "what's the key to success?" / "two words: good decisions." "what's the key to good decisions?" / "one word: experience." "how do i get experience?" / "two words: bad decisions." "Just how do the residents of Haiku, Hawai'i hold conversations?" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 667 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051014/f0a78997/signature.pgp From nidhog at gmail.com Sat Oct 15 03:40:27 2005 From: nidhog at gmail.com (nidhog) Date: Sat Oct 15 03:40:55 2005 Subject: security measures? Message-ID: Hi guys, Some of this is quite OT -- apologies in advance. Do you have any suggestions as to what security measures can be implemented in the following conditions: 1. key management - how, where to keep keyrings - how to backup (encrypt backup?) - would it be safer to make separate keys to be used for different purposes (one for email and one for local file encryption, signing, etc) 2. frequency of changing passphrases - in a user who accesses emails via net cafes (think keyloggers) A link of good/reliable secure computing practices would be much appreciated. Thanks much, -n -- /nh From ah0k at na.rim.or.jp Sat Oct 15 04:15:36 2005 From: ah0k at na.rim.or.jp (Masashi SAKURADA) Date: Sat Oct 15 05:21:24 2005 Subject: Armor headers In-Reply-To: <43504D9B.9020701@comcast.net> References: <4347B86F.2000800@gmail.com> <434866EF.40506@buddhalinux.org> <43504D9B.9020701@comcast.net> Message-ID: <20051015.111536.133205514.ah0k@na.rim.or.jp> Hello, As I saw X-Mew: <1> BAD PGP sign "John P. Clizbe " COMPLETE, I tried this -- [sakurada@romeo sakurada]$ wget http://home.comcast.net/~jpclizbe/0x18BB373A.asc --11:07:36-- http://home.comcast.net/%7Ejpclizbe/0x18BB373A.asc => `0x18BB373A.asc' Resolving home.comcast.net... done. Connecting to home.comcast.net[204.127.198.24]:80... connected. HTTP request sent, awaiting response... 404 Not found 11:07:38 ERROR 404: Not found. -- Would you resolve this problem, please? Regards, ------------------------------------------Masashi SAKURADA/AH0K/JR2GMC E-mail: ah0k@na.rim.or.jp URL: http://www.ah0k.com/ GnuPG Key: "lynx -source http://www.ah0k.com/ah0k.asc | gpg --import" PGP-fingerprint: 9332 0E9F 78AB E793 0E9F 84C6 FA74 3A11 3235 EC1E From blueness at gmx.net Sun Oct 16 03:15:21 2005 From: blueness at gmx.net (Mica Mijatovic) Date: Sat Oct 15 15:23:55 2005 Subject: security measures? In-Reply-To: References: Message-ID: <5810071589.20051016031521@gmx.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Was Sat, 15 Oct 2005, at 09:40:27 +0800, when nidhog wrote: > Do you have any suggestions as to what security measures can be > implemented in the following conditions: I'll give few ideas, if nothing else than to improve my "karma" for the next week. (-: There are plenty actually. > 1. key management > - how, where to keep keyrings Encrypted "removable/mobile media" (diskette, CD-RW...) are quite fine. Perhaps encrypted "containers" on them. (I have one small container of 1.44 MB for key rings.) > - how to backup (encrypt backup?) You can keep a backup in another container? Encrypted (.zip or other) file and similar. It's important for it to be "locked up" somehow. > - would it be safer to make separate keys to be used for different > purposes (one for email and one for local file encryption, signing, > etc) That's quite good idea. Even for local (not circulating on Internet) files is good to use some other algorithm, not the "popular" one. (But about this one opinions vary/diverge.) > 2. frequency of changing passphrases > - in a user who accesses emails via net cafes (think keyloggers) Also good idea. Let's say after each use via net cafes, as soon as possible. Well, would be "ideally". > A link of good/reliable secure computing practices would be much > appreciated. Uh, it's a wide area... It might go from specific/particular piece of software to anthropology. I don't know if there is something like that at one place... We have to know... + the machine (hardware) + the OS + particular software ...and then... + how the Internet/a Network works (TCP/IP, specific software / "utilities" used...) ...so I'll give just few titles, coming in mind now, for instance "Securing & Optimizing Linux 2.0" (quite interesting book; file name for the download/Google is "Securing-Optimizing v2.0.pdf"; there is chapter dedicated to GnuPG too), then "Teach Yourself TCP/IP in 14 Days" at , or "Learn TCP IP from professionals" at , then the Funny Manuals related to particular OS (those for Linux are good, very good, and those for...hm, Windows...I don't know, people often visit , although I remember that the site was abounding with "WinDOwS Tricks ? Secrets ? Bugs ? Fixes". Well, basically all depends on your personal "model" of "security / safety" you estimate you need/want. Then according to this you choose what you will learn and how much. I personally like to tend to be within some "reasonable" limits, that is I choose the "middle path" between a "paranoia" and a "boobynoia". It is because always will be someone around knowing more ("technicalities") than you do, in general or in particular moment, and all your _technical_ defence will...well, suck in no time, if you have no some other ways, for instance to avoid an attack or a pestilent situation _before_ it becomes actual. It relates, then, to this "anthropologic" dimension, when our own _personal behavior_ (independently of any software and technical knowledge) defines the situations we'll be involved in. Once we are clear as to this behavior, it will define what software and knowledge we'll (choose to) use. - -- Mica PGP keys nestled at: http://blueness.port5.com/pgpkeys/ ~~~ For personal mail please use my address as it is *exactly* given in my "From|Reply To" field(s). ~~~ Consultants are mystical people who ask a company for a number and then give it back to them. -----BEGIN PGP SIGNATURE----- iQEVAwUBQ1Gpp7SpHvHEUtv8AQNXRwgArl0pHruliVNInNXV+H6RiL9FRGtWDow+ P5ml3R8oVAIwT5+HUOn6OZSxel+B5ARQHzNvltAX3T1gHZLc3vEE6D0iAeWB8Blb Iahb4H1VvLOMe00R2T4tpZNUkf9RCHZiXBxYr7meieNCtkCmW2YCTkgLeJqXehhr vKRE4sB3H+IgVMHRDDul8yoHvAlsG2OxmbabsOwhzQ+q3XDo6kDRAaR1BViMEBdO N7amDBj6MBQpJD6QiqT3sxGLiiuIxuvMaVX2xl50M4pZ8hxoL7BfH/XMlfgkwKk1 IqeZq+MYxGZlqMrDuRodpPobUe7j2qe7Zzs2huGnilFRUZYKMh2g+g== =T7DS -----END PGP SIGNATURE----- From johnmoore3rd at joimail.com Sat Oct 15 17:35:54 2005 From: johnmoore3rd at joimail.com (John W. Moore III) Date: Sat Oct 15 17:36:01 2005 Subject: security measures? In-Reply-To: <5810071589.20051016031521@gmx.net> References: <5810071589.20051016031521@gmx.net> Message-ID: <435121DA.7060504@joimail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Mica Mijatovic wrote: >>>2. frequency of changing passphrases >>> - in a user who accesses emails via net cafes (think keyloggers) > > > Also good idea. Let's say after each use via net cafes, as soon as > possible. Well, would be "ideally". However, keep in mind this: If a keylogger/spyware ensnares one's Key & operable passphrase, then merely changing the passphrase once you get home will not eliminate the "intruder" from now having a matching combination for later use. The "best/paranoid" practice would be to have a Key used only on one's portable/Public PC device coupled with a "codeword" for each correspondent to be inserted within each missive to confirm authenticity. JOHN :) Timestamp: Saturday 15 Oct 2005, 11:34 AM --400 (Eastern Daylight Time) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: http://www.gswot.org Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEcBAEBCAAGBQJDUSHVAAoJEBCGy9eAtCsPK2UH/R7Z0jvfkEkFgAE6hCi95ivb fumRcg4IJzxIlueEc6kKVL2UppBPYjNIX8tCcTV31IsErDYN8ioijoci2fb15Sdl qjSbVmkZ63SkePbfOeN9VvP4GhfSWEnOAOTV+T0b2xp8SsKFPomb12nmcnSKiWGJ ouKPVBqNPLW5tTyfg54dHFl128JypRnvMwmLkEwvnNCfklTl1JVZso3sMZ0CtFCX iYiMeKKpuMYqyoRUp6a9s34bJBQJhAL5L54hVEUI6xLSWQfM/9cwSRTZj7tqH52T PnidQ9/UqSDFGM8xWnTdv2v4SekX4TI97N1G5zAX5ixctJ9toE5LfzKTiYd9eP0= =u4a9 -----END PGP SIGNATURE----- From mrwchandler84 at yahoo.com Sat Oct 15 18:53:25 2005 From: mrwchandler84 at yahoo.com (Wayne Chandler) Date: Sat Oct 15 20:55:53 2005 Subject: Explain it again, Sam Message-ID: <43513405.9060506@yahoo.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I would appreciate a few recommendations for online PGP primers. PGP for dummies, I guess. I have OpenPGP on Thunderbird, and I would like to understand purpose, usage, and best practices. Again, I'm going for learning and understanding, not just having another application on my machine that isn't used. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: GnuPT 2.7.2 Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDUTQFQyXBb+FvrgoRAoiSAJ0Q/13CM88FuK5+vonWWaN2oSdvlACggDRi H15V0zES+8cADgZufz9/Gek= =tep6 -----END PGP SIGNATURE----- From JPClizbe at comcast.net Sat Oct 15 21:33:02 2005 From: JPClizbe at comcast.net (John Clizbe) Date: Sat Oct 15 21:33:51 2005 Subject: Explain it again, Sam In-Reply-To: <43513405.9060506@yahoo.com> References: <43513405.9060506@yahoo.com> Message-ID: <4351596E.9000300@comcast.net> Wayne Chandler wrote: > I would appreciate a few recommendations for online PGP primers. PGP > for dummies, I guess. I have OpenPGP on Thunderbird, and I would like > to understand purpose, usage, and best practices. Again, I'm going > for learning and understanding, not just having another application on > my machine that isn't used. Since you're using Thunderbird, I guess it's a safe assumption you're also using Enigmail. There is a list of Useful Resources at the bottom of each of the Monthly Newsletters. (most recent: http://enigmail.mozdev.org/newsletters/2005-09.html) Here is some of the one's that may be most useful. OPENPGP CONCEPTS AND TUTORIALS The GNU Privacy Handbook: http://www.gnupg.org/gph/en/manual.html Michael Diagle's Web of Trust page: http://home.cogeco.ca/~mdaigle/trust/wot.html USEFUL SITES Tom McCune's PGP Page: http://www.mccune.cc/PGP.htm Jim Willingham's PGP Site: http://www.cooke.net/~jwillingham/pgppg.htm David S. Jackson's PGP Resources Page: http://www.dsj.net/pgp/resources.html Rubin.ch PGP Page: http://www.rubin.ch/pgp/pgp.en.html Gnu Privacy Guard (GnuPG) Mini Howto: http://webber.dewinter.com/gnupg_howto/english/GPGMiniHowto.html German/Deutsche Pages: Anleitungen und Einf?hrungen: http://kai.iks-jena.de/misc/anleitung.html Eric Howes Privacy & Security Page: https://netfiles.uiuc.edu/ehowes/www/main.htm OTHER MAILING LISTS Enigmail mailing list Enigmail@mozdev.org http://mozdev.org/mailman/listinfo/enigmail PGP-Basics mailing list: PGP-Basics@yahoogroups.com http://groups.yahoo.com/group/PGP-Basics/ -- John P. Clizbe Inet: John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. PGP/GPG KeyID: 0x608D2A10/0x18BB373A "what's the key to success?" / "two words: good decisions." "what's the key to good decisions?" / "one word: experience." "how do i get experience?" / "two words: bad decisions." "Just how do the residents of Haiku, Hawai'i hold conversations?" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 667 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051015/576ab346/signature.pgp From boldyrev+nospam at cgitftp.uiggm.nsc.ru Sat Oct 15 10:33:23 2005 From: boldyrev+nospam at cgitftp.uiggm.nsc.ru (Ivan Boldyrev) Date: Sat Oct 15 22:40:54 2005 Subject: Bogus Key on Keyservers References: <20051013182615.GA26597@www.tadland.net> <1129264740.7898.16.camel@localhost.localdomain> <20051014145122.GA1786__36351.2866701514$1129302090$gmane$org@www.tadland.net> Message-ID: On 9262 day of my life Tad Marko wrote: >> You can't. That's like asking how you can stop other people from >> printing out badges that say "I am Tad Marko" and pinning them to their >> shirts. > > I'm not asking for that. I want them to not say that a given key goes > to tad@tadland.net. It is not keyserver-related, but you can sign your key with various bots like or . -- Ivan Boldyrev XML -- new language of ML family. From zmuwqyh02 at sneakemail.com Sun Oct 16 03:02:18 2005 From: zmuwqyh02 at sneakemail.com (Michael Daigle) Date: Sun Oct 16 03:21:05 2005 Subject: Explain it again, Sam In-Reply-To: <4351596E.9000300@comcast.net> References: <43513405.9060506@yahoo.com> <4351596E.9000300@comcast.net> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 In reply to John Clizbe's message sent 2005-10-15 15:33: > Wayne Chandler wrote: > >>I would appreciate a few recommendations for online PGP primers. PGP >>for dummies, I guess. I have OpenPGP on Thunderbird, and I would like >>to understand purpose, usage, and best practices. Again, I'm going >>for learning and understanding, not just having another application on >>my machine that isn't used. > Here is some of the one's that may be most useful. > Michael Diagle's Web of Trust page: > http://home.cogeco.ca/~mdaigle/trust/wot.html I have had a recent change (Oct-01-2005) of service providers. That location no longer exists. I have published that realm on my hosting account. It needs some updating, but it is accessible. http://www.mikedaigle.ca/trust/index.html - -- Mike Daigle http://www.mikedaigle.ca My PGP Key mailto:pgpkey@mikedaigle.ca Gossamer Spider Web of Trust http://www.gswot.org -----BEGIN PGP SIGNATURE----- Comment: GSWoT - Gossamer Spider Web of Trust - www.gswot.org iD8DBQFDUaaYrKiX3qpn5j8RA5grAKDLxIcQ00HgLhdOwHA7BflJm2F0xACgiii8 LXldoo1bPRwTg3UtePsBayU= =iRWk -----END PGP SIGNATURE----- From alphasigmax at gmail.com Sun Oct 16 05:09:30 2005 From: alphasigmax at gmail.com (Alphax) Date: Sun Oct 16 05:13:02 2005 Subject: security measures? In-Reply-To: <435121DA.7060504@joimail.com> References: <5810071589.20051016031521@gmx.net> <435121DA.7060504@joimail.com> Message-ID: <4351C46A.1020704@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 John W. Moore III wrote: > Mica Mijatovic wrote: > > >>>>2. frequency of changing passphrases >>>> - in a user who accesses emails via net cafes (think keyloggers) >> >> >>Also good idea. Let's say after each use via net cafes, as soon as >>possible. Well, would be "ideally". > > > However, keep in mind this: If a keylogger/spyware ensnares one's Key & > operable passphrase, then merely changing the passphrase once you get > home will not eliminate the "intruder" from now having a matching > combination for later use. > > The "best/paranoid" practice would be to have a Key used only on one's > portable/Public PC device coupled with a "codeword" for each > correspondent to be inserted within each missive to confirm authenticity. > Create a seperate signing and encryption subkeys and export them, disabling the secret part of the primary key when you do so. A good tutorial on this is available at http://fortytwo.ch/gpg/subkeys - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ1HEarMAAH8MeUlWAQgTVgf8CLHColEuJSIq+iweje1t/P1josJ5QoaK fUgTAZkN/mTgNnHiiiRHqxwjU+eKvpwZyuyFntgkE3K0a2IpED+vuXZJ12BOQSfu bKmERwmI3X6SWefndl8yqg7Wl3trX789mEzHVKEJYFDf7M2O+XyiwMiiHx6lXaWE JibeefRXbheks558sKKi4QcmVMKWIItpxB0rBNMm9Rk0NVwK8npdLrVkPVpg9FVZ Y8XGtCY3wyrPCBA5fApybMdw4CW9QY+SO21bVLBayehdx758+kJ98GIyFZGq/h6x RT3UdnaYcY9CJjcBt269NHR+Rg0rPkTjwBRFsXpDXrxJWe1WkfWVTw== =P85/ -----END PGP SIGNATURE----- From nidhog at gmail.com Sun Oct 16 09:52:41 2005 From: nidhog at gmail.com (nidhog) Date: Sun Oct 16 09:53:08 2005 Subject: security measures? In-Reply-To: <5810071589.20051016031521@gmx.net> References: <5810071589.20051016031521@gmx.net> Message-ID: Thank you so much for your gracious reply to my post From npcole at yahoo.co.uk Sun Oct 16 19:09:27 2005 From: npcole at yahoo.co.uk (Nicholas Cole) Date: Sun Oct 16 19:09:53 2005 Subject: Bogus Key on Keyservers In-Reply-To: <20051014145122.GA1786@www.tadland.net> Message-ID: <20051016170927.17322.qmail@web25407.mail.ukl.yahoo.com> --- Tad Marko wrote: > > You can't. That's like asking how you can stop > other people from > > printing out badges that say "I am Tad Marko" and > pinning them to their > > shirts. > > I'm not asking for that. I want them to not say that > a given key goes > to tad@tadland.net. > > > Besides, if you could do that, what would stop > someone else from > > deleting YOUR key off of the keyserver or flagging > THEIR key as the real > > Tad Marko? > > An email verification step? The problem is, that IF the email infrastructure was secure enough to be trusted, there would be no need for pgp/gpg/smime at all. An email verification step is not, and cannot be, 100% secure. Of course, in many cases, email is not re-routed, server admins can be trusted, email systems are not broken in to - to the extent that email without additional security is largely trusted as "good enough". But, in fact, if someone is willing to forge a key with your name on, it is probably one of those times that email may well not be "good enough". Hence the need to rely on key fingerprints, not on the email system. Best, Nicholas ___________________________________________________________ To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com From tad at tadland.net Sun Oct 16 22:25:50 2005 From: tad at tadland.net (Tad Marko) Date: Sun Oct 16 22:25:53 2005 Subject: Bogus Key on Keyservers In-Reply-To: <20051016170927.17322.qmail@web25407.mail.ukl.yahoo.com> References: <20051014145122.GA1786@www.tadland.net> <20051016170927.17322.qmail@web25407.mail.ukl.yahoo.com> Message-ID: <20051016202550.GA23826@www.tadland.net> On Sun, Oct 16, 2005 at 06:09:27PM +0100, Nicholas Cole wrote: > > --- Tad Marko wrote: > > An email verification step? > > > The problem is, that IF the email infrastructure was > secure enough to be trusted, there would be no need > for pgp/gpg/smime at all. An email verification step > is not, and cannot be, 100% secure. > > Of course, in many cases, email is not re-routed, > server admins can be trusted, email systems are not > broken in to - to the extent that email without > additional security is largely trusted as "good > enough". > > But, in fact, if someone is willing to forge a key > with your name on, it is probably one of those times > that email may well not be "good enough". Hence the > need to rely on key fingerprints, not on the email > system. > > Best, > > Nicholas Right, which is the reason for the continued need to let people know your key signature via a trusted means. But, if someone was wanting to hassle you by creating scads of bogus keys on keyservers, it still makes it that much more difficult for people to obtain the correct key. If someone were more sophisticated, as you suggest, it seems that it is even more imperative for someone to be able to get the bogus keys out of view. Tad From johnmoore3rd at joimail.com Sun Oct 16 22:37:09 2005 From: johnmoore3rd at joimail.com (John W. Moore III) Date: Sun Oct 16 22:37:09 2005 Subject: Bogus Key on Keyservers In-Reply-To: <20051016202550.GA23826@www.tadland.net> References: <20051014145122.GA1786@www.tadland.net> <20051016170927.17322.qmail@web25407.mail.ukl.yahoo.com> <20051016202550.GA23826@www.tadland.net> Message-ID: <4352B9F5.2090309@joimail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Tad Marko wrote: > Right, which is the reason for the continued need to let people know > your key signature via a trusted means. But, if someone was wanting to > hassle you by creating scads of bogus keys on keyservers, it still > makes it that much more difficult for people to obtain the correct > key. > > If someone were more sophisticated, as you suggest, it seems that it > is even more imperative for someone to be able to get the bogus keys > out of view. Why not just list your Key on Big Lumber and direct folks there to retrieve your Key? You can place the link to "your" Key in a Comment Line and then they will only be directed to your "official" Key. This way, only You can make alterations to your Key. JOHN :) Timestamp: Sunday 16 Oct 2005, 04:36 PM --400 (Eastern Daylight Time) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: http://www.gswot.org Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEcBAEBCAAGBQJDUrnyAAoJEBCGy9eAtCsPHhUH/2OuqveAO+c3mAtyOE/tE6Mt DJVhozjAmX7AvbIAk3WnyLXoRDzoCZM+ixllFkumgtVGYLTLRNt9OlGyXhNNYqZr Nvj8So4qresXlxMsAafyhaz8wFTRWvNNDeH0IBw6sWwVIxqJv5A0q7ZafLMKXBoZ vysRUN2DJqBGGkqFATMuE4v6IbjYTQI+3Nv0IE51awWR8LvimosWBOuhvRZaRJf/ Q4Cmva5AFEcZX0otSGHo3DLwG7Z8l84U21+q74XqgGd7UKgDepunpa3gRVGQYmk0 uZFhSyUQsgxCmH/dpnWickJsYMcgvXoINqvMgbclPVi+6KCp4W1GqI3OQIRksZY= =fbXd -----END PGP SIGNATURE----- From jharris at widomaker.com Mon Oct 17 00:54:33 2005 From: jharris at widomaker.com (Jason Harris) Date: Mon Oct 17 00:55:00 2005 Subject: new (2005-10-16) keyanalyze results (+sigcheck) Message-ID: <20051016225433.GA1686@wilma.widomaker.com> New keyanalyze results are available at: http://keyserver.kjsl.com/~jharris/ka/2005-10-16/ Signatures are now being checked using keyanalyze+sigcheck: http://dtype.org/~aaronl/ Earlier reports are also available, for comparison: http://keyserver.kjsl.com/~jharris/ka/ Even earlier monthly reports are at: http://dtype.org/keyanalyze/ SHA-1 hashes and sizes for all the "permanent" files: 0c24fc1a8f0460a684adead03c4a7d75f6ab05d6 12961044 preprocess.keys a81756c80b2e8e1ca4707cae5ec1cb110e766a6a 7879988 othersets.txt 471a94cc551df864f336f07f7f9302b11bf47480 3209328 msd-sorted.txt a751f9d5477744a4f5e5ce6ebad6a60908e317ee 1372 index.html dd753055135324a3a3e3a044f90cd5086a161855 2291 keyring_stats 04c604743a47b6df1a86993007d73e4bc65aa25c 1261656 msd-sorted.txt.bz2 3af077d39605ed6104ca445d9f4e4dcf8ba68662 26 other.txt e427f66b822bda6ef2ee0e096bbd965a14901726 1703033 othersets.txt.bz2 9f3af8a41d66cd99749fd5791dab4336af6e255e 5242735 preprocess.keys.bz2 e08590542b279056a050a76e2a1db66b14e6f9ee 13357 status.txt 6c554b4ed39106b25fe6e88defff550ed1db7e08 210178 top1000table.html d52e1c405cb167e970f4475a4b9b9a9babd5b0ef 30228 top1000table.html.gz a54f6dd2ea497b7a0b5bad758c1e0a8a1d762e76 10778 top50table.html 40b84290946d44d87126d31075da13027fe72b80 2534 D3/D39DA0E3 -- Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it? jharris@widomaker.com _|_ web: http://keyserver.kjsl.com/~jharris/ Got photons? (TM), (C) 2004 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 313 bytes Desc: not available Url : /pipermail/attachments/20051016/992cb840/attachment.pgp From S.Krishna at ge.com Mon Oct 17 07:04:13 2005 From: S.Krishna at ge.com (Kanakadandila, Sivaramakrishna (GE Consumer & Industrial)) Date: Mon Oct 17 07:53:50 2005 Subject: gpg not running in shell script. Need Help Message-ID: Hi I need help in running gpg command through shell script in Informatica. This is what I tried I have a shell script which will decrypt the file. It is running fine when I ran the same script from $ prompt in Unix. The same is not running when I ran through Informatica as a command. I also initialized the PATH session in the script. But nothing is working. Am I missing any thing? Appreciate any help. Siva Shell Script content #!/bin/ksh . /home/apinf/.profile PATH=$PATH:/pwrctr/siva/ ; export PATH DIR=/pwrctr/siva/ cd $DIR echo "Decrypt Started" echo "Password" | gpg -v --passphrase-fd 0 /pwrctr/siva/GEINDSYS.cyc.pgp echo "Decrypt Successful" From ismaeval at free.fr Mon Oct 17 15:47:11 2005 From: ismaeval at free.fr (Ismael Valladolid Torres) Date: Mon Oct 17 17:09:34 2005 Subject: Make GnuPG create files with .pgp extension Message-ID: <4353AB5F.2090509@free.fr> Most often, recipients of my encrypted files are users of legacy PGP versions. So I use to rename my .gpg files to .pgp so they can access them directly with their PGP shell extensions. Is there any way to make GnuPG to create files directly with the .pgp extension without specifying the complete expected file name using the -o option? Cordially, Ismael -- http://lamediahostia.blogspot.com/ From ismaeval at free.fr Mon Oct 17 16:27:42 2005 From: ismaeval at free.fr (Ismael Valladolid Torres) Date: Mon Oct 17 18:26:01 2005 Subject: Modifying an uid, can it be done? Message-ID: <4353B4DE.8050707@free.fr> I edit my own public key: $ gpg --edit-key ismael gpg (GnuPG) 1.4.1; Copyright (C) 2005 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. Secret key is available. pub 1024D/DE721AF4 created: 2005-06-20 expires: never usage: CS trust: ultimate validity: ultimate sub 2048g/689908B7 created: 2005-06-20 expires: never usage: E [ultimate] (1). Ismael Valladolid I'd like to edit my uid, adding my second surname and setting the company I work for as a comment. However I don't know how to modify an existing uid. Can it be done? If so, how? If not posible, why not? Of course I can add new uids using the adduid command: [ultimate] (1) Ismael Valladolid [ unknown] (2) Ismael Valladolid Torres (Oberthur Card Systems) [ unknown] (3). Ismael Valladolid Torres Looks like it would be enough deleting uid 1 and setting uid 2 and primary, then it would "look like" I had edited the first uid. However in that case I lose the "ultimate" tag to the left of the primary key. What does this tag mean here? Which way to have this tag for the new uids created? Cordially, Ismael -- http://lamediahostia.blogspot.com/ From erwan at rail.eu.org Mon Oct 17 20:09:25 2005 From: erwan at rail.eu.org (Erwan David) Date: Mon Oct 17 20:09:38 2005 Subject: Modifying an uid, can it be done? In-Reply-To: <4353B4DE.8050707@free.fr> References: <4353B4DE.8050707@free.fr> Message-ID: <20051017180925.GB3969@ratagaz.local> Le Mon 17/10/2005, Ismael Valladolid Torres disait > Looks like it would be enough deleting uid 1 and setting uid 2 and > primary, then it would "look like" I had edited the first uid. However > in that case I lose the "ultimate" tag to the left of the primary key. > What does this tag mean here? Which way to have this tag for the new > uids created? You cannot modify uids (they are signed, if you change them, you break them). However you can add the new uid, revoke the old one and change the "default" uid with gpg --edit-key -- Erwan From patrik at ucolick.org Mon Oct 17 23:11:36 2005 From: patrik at ucolick.org (Patrik Jonsson) Date: Tue Oct 18 01:55:55 2005 Subject: Emacs interface to gpg Message-ID: <43541388.4050606@ucolick.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all, I just started using gpg and was looking around for an emacs mode to encrypt/decrypt files during load and save. There are a few vague references to crypt++, but they are all stale web sites and messages from years ago. I finally managed to locate something that looked like the crypt++ web site, which had a notice that development on crypt++ had ceased and that instead crypt.el from xemacs should be used. However, I downloaded the current version of xemacs and found no crypt.el. Can anyone tell me what's going on with this? It seems like such an OBVIOUS thing that I'm really surprised, given that people have written emacs modes for every conceivable and inconceivable need, it's so hard to find information. Thanks, /Patrik Jonsson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDVBOIT+KvsdUW5p8RAgE6AJ0QaJlAjpwP1tw354zVPiCUaz+zhgCgg8f0 n7b+7xz9edesbIK6z/90KU4= =0fQV -----END PGP SIGNATURE----- From stevel at bluetuna.com Tue Oct 18 06:55:57 2005 From: stevel at bluetuna.com (Steve Leibel) Date: Tue Oct 18 08:55:55 2005 Subject: Encrypt from memory to disc? Message-ID: I have an application where I have data in memory that needs to be encrypted without ever being written to disc, even temporarily. Using PGP I can run "pgp -feat" and then pipe the data to the pgp process. That works very well. I have to do the same thing for GPG, but I can't figure out how to send data to GPG directly from memory. Any suggestions greatly appreciated. From nega at exmachinae.net Tue Oct 18 07:07:16 2005 From: nega at exmachinae.net (nega@exmachinae.net) Date: Tue Oct 18 08:56:08 2005 Subject: Emacs interface to gpg In-Reply-To: <43541388.4050606@ucolick.org> References: <43541388.4050606@ucolick.org> Message-ID: <17236.33540.567814.642488@deperdo.exmachinae.net> Patrik Jonsson writes: > I just started using gpg and was looking around for an emacs mode to > encrypt/decrypt files during load and save. There are a few vague > references to crypt++, but they are all stale web sites and messages > from years ago. I finally managed to locate something that looked like > the crypt++ web site, which had a notice that development on crypt++ had > ceased and that instead crypt.el from xemacs should be used. However, I > downloaded the current version of xemacs and found no crypt.el. > The latest version (via Google) is at http://freefriends.org/~karl/crypt++/crypt++.el Be sure and read the notes, as setup is slightly different if you're using Emacs or XEmacs. XEmacs's crypt.el is part of the os-utils package (or xemacs-sumo package if you go that route.) XEmacs also has a "encrypto" package, though I couldn't tell you anything about it. You can get those packages from the "packages" subdirectory at any XEmacs mirror site. While we're at it, use mailcrypt (http://mailcrypt.sf.net/) or gpg.el for encrypting email (in most of the emacs mail readers). You can use mailcrypt with Gnus, but I believe the Gnus folks recommend using their included functionality. Since I use mailcrypt I can't tell you anything about gpg.el (or even where to get it) except that if I remember right, it is gpg specific (ie: it doesn't support pgp) and it might do S/MIME, where mailcrypt doesn't. From xht2 at isw.uni-stuttgart.de Tue Oct 18 09:08:07 2005 From: xht2 at isw.uni-stuttgart.de (Realos) Date: Tue Oct 18 09:07:08 2005 Subject: Subkey revocation means losing signatures? Message-ID: <20051018070807.GA30767@isw.uni-stuttgart.de> I am a bit confused about the gnupg behaviour in case of revoking a subkey or uid. Since uids are actually signed by others in combination my public key. Does it mean revoking a subkey or uid rsults in loss of signatures I have collected over the time? How to proceed in such a case? -- Luqman Munawar Mail: xht2@isw.uni-stuttgart.de From alphasigmax at gmail.com Tue Oct 18 09:05:31 2005 From: alphasigmax at gmail.com (Alphax) Date: Tue Oct 18 09:08:57 2005 Subject: Modifying an uid, can it be done? In-Reply-To: <4353B4DE.8050707@free.fr> References: <4353B4DE.8050707@free.fr> Message-ID: <43549EBB.2050304@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Ismael Valladolid Torres wrote: > I edit my own public key: > > Of course I can add new uids using the adduid command: > > [ultimate] (1) Ismael Valladolid > [ unknown] (2) Ismael Valladolid Torres (Oberthur Card Systems) > > [ unknown] (3). Ismael Valladolid Torres > > Looks like it would be enough deleting uid 1 and setting uid 2 and > primary, then it would "look like" I had edited the first uid. However > in that case I lose the "ultimate" tag to the left of the primary key. > What does this tag mean here? Which way to have this tag for the new > uids created? > UIDs *should* be self-signed upon creation. Trying signing your key with itself and updating the trust database. - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ1SeurMAAH8MeUlWAQgZsQgAmIpcUfYSh0WL9ZnMqGHoZkBsuL2s23eD Ti1e7Btt1N0vjNZgBwzES+kFTqw4XlzQ8zSFSdaaa8bijhGtoJxTOGyQG12NUP9N 2tpb21p0F9J9C3zK6hJAkylcmagBjatAW4RcmHwjhHDIl0fAjvjVnHSwXUcv8wER bzzJLCptVHaahAADmwR6i9KDLlwIPBNtwHkMZ+3Z7idcLaEbBD2GObmp4tsjfrBa ZE9WgZSRQLgwwmHuOG5WSeEI0my1qefqy0NoMuj1T3DDCD2j5pbisrVTtrwUrASa l1Ix1FkhHWgyPuNp+LZHjK1ctHpLsVk58N+A0KhULSzkm44VtkTKPQ== =mVzT -----END PGP SIGNATURE----- From roam at ringlet.net Tue Oct 18 09:47:18 2005 From: roam at ringlet.net (Peter Pentchev) Date: Tue Oct 18 09:47:44 2005 Subject: Encrypt from memory to disc? In-Reply-To: References: Message-ID: <20051018074718.GA974@straylight.m.ringlet.net> On Mon, Oct 17, 2005 at 09:55:57PM -0700, Steve Leibel wrote: > I have an application where I have data in memory that needs to be > encrypted without ever being written to disc, even temporarily. > > Using PGP I can run "pgp -feat" and then pipe the data to the pgp > process. That works very well. > > I have to do the same thing for GPG, but I can't figure out how to > send data to GPG directly from memory. > > Any suggestions greatly appreciated. Pipe the data to "gpg -r recipient -e -o outfile.gpg" The recipient may be specified as either a key ID or an e-mail address (if it is unique in the public keyring). G'luck, Peter -- Peter Pentchev roam@ringlet.net roam@cnsys.bg roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 If there were no counterfactuals, this sentence would not have been paradoxical. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : /pipermail/attachments/20051018/dd04e80c/attachment.pgp From ismaeval at free.fr Tue Oct 18 10:49:22 2005 From: ismaeval at free.fr (Ismael Valladolid Torres) Date: Tue Oct 18 10:50:25 2005 Subject: Keyserver communications errors on Cygwin's GnuPG Message-ID: <4354B712.4040704@free.fr> $ gpg --send-keys DE721AF4 7 [main] gpg 1908 fixup_mmaps_after_fork: WARNING: VirtualProtectEx to return to previous state in parent failed for MAP_PRIVATE address 0x930000, Win32 error 87 6921 [main] gpg 1908 fixup_mmaps_after_fork: WARNING: VirtualProtect to copy protection to child failed forMAP_PRIVATE address 0x930000, Win32 error 87 18071 [main] gpg 1908 fixup_mmaps_after_fork: ReadProcessMemory (2nd try) failed for MAP_PRIVATE address 0x930000, Win32 error 87 C:\cygwin\bin\gpg.exe (1908): *** recreate_mmaps_after_fork_failed 5 [main] gpg 1576 fork_parent: child 1908 died waiting for dll loading gpg: keyserver communications error: general error gpg: keyserver send failed: general error Is this to be reported to GnuPG developers or to Cygwin developers? Cordially, Ismael -- http://lamediahostia.blogspot.com/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 249 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051018/b2da76fa/signature.pgp From wk at gnupg.org Tue Oct 18 11:12:26 2005 From: wk at gnupg.org (Werner Koch) Date: Tue Oct 18 11:16:36 2005 Subject: Emacs interface to gpg In-Reply-To: <43541388.4050606@ucolick.org> (Patrik Jonsson's message of "Mon, 17 Oct 2005 14:11:36 -0700") References: <43541388.4050606@ucolick.org> Message-ID: <87br1nnq85.fsf@wheatstone.g10code.de> On Mon, 17 Oct 2005 14:11:36 -0700, Patrik Jonsson said: > I just started using gpg and was looking around for an emacs mode to > encrypt/decrypt files during load and save. There are a few vague > references to crypt++, but they are all stale web sites and messages The standard these days is pgg.el. It has been used with Gnus for a long time and IIRC is now part of the standard GNU Emacs. Shalom-Salam, Werner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 199 bytes Desc: not available Url : /pipermail/attachments/20051018/30a5789e/attachment.pgp From wk at gnupg.org Tue Oct 18 11:14:04 2005 From: wk at gnupg.org (Werner Koch) Date: Tue Oct 18 11:16:47 2005 Subject: Keyserver communications errors on Cygwin's GnuPG In-Reply-To: <4354B712.4040704@free.fr> (Ismael Valladolid Torres's message of "Tue, 18 Oct 2005 10:49:22 +0200") References: <4354B712.4040704@free.fr> Message-ID: <877jcbnq5f.fsf@wheatstone.g10code.de> On Tue, 18 Oct 2005 10:49:22 +0200, Ismael Valladolid Torres said: > Is this to be reported to GnuPG developers or to Cygwin developers? That seems to be a Cygwin problem. Salam-Shalom, Werner From patrik at ucolick.org Tue Oct 18 11:15:03 2005 From: patrik at ucolick.org (Patrik Jonsson) Date: Tue Oct 18 12:22:09 2005 Subject: Emacs interface to gpg In-Reply-To: <17236.33540.567814.642488@deperdo.exmachinae.net> References: <43541388.4050606@ucolick.org> <17236.33540.567814.642488@deperdo.exmachinae.net> Message-ID: <4354BD17.6090805@ucolick.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 nega@exmachinae.net wrote: > Patrik Jonsson writes: > > > I just started using gpg and was looking around for an emacs mode to > > encrypt/decrypt files during load and save. There are a few vague > > references to crypt++, but they are all stale web sites and messages > > from years ago. I finally managed to locate something that looked like > > the crypt++ web site, which had a notice that development on crypt++ had > > ceased and that instead crypt.el from xemacs should be used. However, I > > downloaded the current version of xemacs and found no crypt.el. > > > > The latest version (via Google) is at > http://freefriends.org/~karl/crypt++/crypt++.el > > Be sure and read the notes, as setup is slightly different if you're > using Emacs or XEmacs. Yeah, this is what I looked at. It doesn't seem to understand public-key encryption using gpg. I've been trying to hack the gpg arguments to allow public-key encoding. So far, I've got: *** c:/Documents and Settings/Patrik/My Documents/crypt++.el Tue Oct 18 02:11:38 2005 - --- c:/software/emacs-20.7/site-lisp/crypt++.el Tue Oct 18 02:11:46 2005 *************** *** 955,962 **** crypt-encryption-magic-regexp crypt-encryption-magic-regexp-inverse (or crypt-encryption-file-extension "\\(\\.gpg\\)$") "gpg" "gpg" ! '("--batch" "--quiet" "-c" "-o" "-" "--passphrase-fd" "0") ! '("--batch" "--quiet" "-o" "-" "--passphrase-fd" "0") "GPG" nil t - --- 955,964 ---- crypt-encryption-magic-regexp crypt-encryption-magic-regexp-inverse (or crypt-encryption-file-extension "\\(\\.gpg\\)$") "gpg" "gpg" ! '("--batch" "--quiet" "-a" "-e" "-o" "-" "-r" "d516e69f" "--passphrase-fd" "0") ! '("--batch" "--quiet" "-d" "--passphrase-fd" "0") "GPG" nil t This almost works. I can find a new file test.gpg, write it and save. It (unnecessarily) asks for a passphrase and produces an encrypted file. I'm then able to find that file, give the passphrase and get a decrypted file in the buffer. However, if I try to save again I get the question "save as a plain file?". The correct answer to this question appears to be yes, this saves the file encrypted again. However, if you think that an encrypted file is not plain and answer no you'd get an error saying "encoding failed!" and from that point on further saves would fail. There appears to be some hacking done to get the public-key stuff working correctly with PGP and I haven't been able to figure it out. Does anyone have any further insights? Regards, /Patrik -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDVL0XT+KvsdUW5p8RAoKTAKCXs+EYgJExUJaxbTaCT23gqqQ4JgCgn48Y 1gdHJRMO2/Ium9os3zQqGEg= =Gjpa -----END PGP SIGNATURE----- From wilde at sha-bang.de Tue Oct 18 14:57:45 2005 From: wilde at sha-bang.de (Sascha Wilde) Date: Tue Oct 18 16:25:55 2005 Subject: Emacs interface to gpg In-Reply-To: <87br1nnq85.fsf@wheatstone.g10code.de> References: <43541388.4050606@ucolick.org> <87br1nnq85.fsf@wheatstone.g10code.de> Message-ID: <20051018125745.GB6927@kenny.sha-bang.local> On Tue, Oct 18, 2005 at 11:12:26AM +0200, Werner Koch wrote: > On Mon, 17 Oct 2005 14:11:36 -0700, Patrik Jonsson said: > > > I just started using gpg and was looking around for an emacs mode to > > encrypt/decrypt files during load and save. There are a few vague > > references to crypt++, but they are all stale web sites and messages > > The standard these days is pgg.el. It has been used with Gnus for a > long time and IIRC is now part of the standard GNU Emacs. It isn't part of the standard GNU Emacs distribution yet, but it is part of GNU Emacs CVS, and will be part of GNU Emacs 22. cheers sascha -- Parents strongly cautioned -- this posting is intended for mature audiences over 18. It may contain some material that many parents would not find suitable for children and may include intense violence, sexual situations, coarse language and suggestive dialogue. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051018/876adbd9/attachment.pgp From Stas.Rirak at Ipsos-NA.com Wed Oct 12 16:04:53 2005 From: Stas.Rirak at Ipsos-NA.com (Stas Rirak) Date: Tue Oct 18 17:08:42 2005 Subject: Automation of GPG processing Message-ID: Hello, I need to automate an encryption process. When I execute the command below to process the encryption I am getting the prompt from GPG asking if I really sure that this key belong to the recipient. gpg --output [output.gpg] --recipient [public_key_name --encrypt [file_to_encrypt.txt] After that I need to enter "Y" in order to continue. But, it should be a fully automated process. What should I do, so it will not ask me any quesions? Thank you in advance, Stas From S.Krishna at ge.com Sun Oct 16 09:32:23 2005 From: S.Krishna at ge.com (Kanakadandila, Sivaramakrishna (GE Consumer & Industrial)) Date: Tue Oct 18 17:08:56 2005 Subject: gpg not running in shell script. Need Help Message-ID: Hi I need help in running gpg command through shell script in Informatica. This is what I tried I have a shell script which will decrypt the file. It is running fine when I ran the same script from $ prompt. The same is not running when I ran through Informatica as a command. I also initialized the PATH session in the script. But nothing is working. Am I missing any thing? Appreciate any help. Siva Shell Script content #!/bin/ksh . /home/apinf/.profile PATH=$PATH:/pwrctr/siva/ ; export PATH DIR=/pwrctr/siva/ cd $DIR echo "Decrypt Started" echo "Password" | gpg -v --passphrase-fd 0 /pwrctr/siva/GEINDSYS.cyc.pgp echo "Decrypt Successful" From lynchbags at hotmail.com Mon Oct 17 23:39:04 2005 From: lynchbags at hotmail.com (Joe Lynch) Date: Tue Oct 18 17:09:00 2005 Subject: PGP Zip with a single file? Message-ID: I'm using GNUPG to decrypt files that were created as PGP Zip archives using PGP Desktop. If there are multiple files in the archive then GNUPG extracts a TAR file, and I have no problem processing it from there. The problem is when there is only one file in the PGP Zip archive it can have a filename completely different than the filename of the archive file, which would be just fine if it were still stored in a TAR file, but when GNUPG decrypts the archive it outputs the original file, not a TAR file. PGP Desktop still displays the original file name when you open the archive, is there any way to get this file name using GNUPG? Thanks, Joe _________________________________________________________________ FREE pop-up blocking with the new MSN Toolbar – get it now! http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/ From dshaw at jabberwocky.com Tue Oct 18 17:18:41 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Tue Oct 18 17:19:15 2005 Subject: PGP Zip with a single file? In-Reply-To: References: Message-ID: <20051018151841.GA20901@jabberwocky.com> On Mon, Oct 17, 2005 at 04:39:04PM -0500, Joe Lynch wrote: > I'm using GNUPG to decrypt files that were created as PGP Zip archives > using PGP Desktop. If there are multiple files in the archive then GNUPG > extracts a TAR file, and I have no problem processing it from there. The > problem is when there is only one file in the PGP Zip archive it can have a > filename completely different than the filename of the archive file, which > would be just fine if it were still stored in a TAR file, but when GNUPG > decrypts the archive it outputs the original file, not a TAR file. PGP > Desktop still displays the original file name when you open the archive, is > there any way to get this file name using GNUPG? I'm having an awful problem understanding exactly what the problem is here. When you make a PGP Zip archive with one file in it it is not tarred up? If so, then it's just the file itself, no? David From dshaw at jabberwocky.com Tue Oct 18 17:37:31 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Tue Oct 18 17:43:25 2005 Subject: Subkey revocation means losing signatures? In-Reply-To: <20051018070807.GA30767@isw.uni-stuttgart.de> References: <20051018070807.GA30767@isw.uni-stuttgart.de> Message-ID: <20051018153731.GB20901@jabberwocky.com> On Tue, Oct 18, 2005 at 09:08:07AM +0200, Realos wrote: > I am a bit confused about the gnupg behaviour in case of revoking a > subkey or uid. Since uids are actually signed by others in combination > my public key. > > Does it mean revoking a subkey or uid rsults in loss of signatures I > have collected over the time? How to proceed in such a case? Revoking a subkey loses nothing (except the subkey). Revoking a user ID loses any signatures on that user ID - after all, those people signed that user ID, and by revoking it you say that you, the owner, does not treat the user ID as valid any longer. If you don't treat it as valid, why should anyone else? David From erwan at rail.eu.org Tue Oct 18 19:21:30 2005 From: erwan at rail.eu.org (Erwan David) Date: Tue Oct 18 19:21:25 2005 Subject: Subkey revocation means losing signatures? In-Reply-To: <20051018153731.GB20901@jabberwocky.com> References: <20051018070807.GA30767@isw.uni-stuttgart.de> <20051018153731.GB20901@jabberwocky.com> Message-ID: <20051018172130.GA5069@ratagaz.depot.rail.eu.org> Le Tue 18/10/2005, David Shaw disait > On Tue, Oct 18, 2005 at 09:08:07AM +0200, Realos wrote: > > I am a bit confused about the gnupg behaviour in case of revoking a > > subkey or uid. Since uids are actually signed by others in combination > > my public key. > > > > Does it mean revoking a subkey or uid rsults in loss of signatures I > > have collected over the time? How to proceed in such a case? > > Revoking a subkey loses nothing (except the subkey). Revoking a user > ID loses any signatures on that user ID - after all, those people > signed that user ID, and by revoking it you say that you, the owner, > does not treat the user ID as valid any longer. If you don't treat it > as valid, why should anyone else? But you can sign the new user Id with the old one saying "yes I'm the same person, only with a different address". -- Erwan From dshaw at jabberwocky.com Tue Oct 18 20:29:59 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Tue Oct 18 20:30:33 2005 Subject: Subkey revocation means losing signatures? In-Reply-To: <20051018172130.GA5069@ratagaz.depot.rail.eu.org> References: <20051018070807.GA30767@isw.uni-stuttgart.de> <20051018153731.GB20901@jabberwocky.com> <20051018172130.GA5069@ratagaz.depot.rail.eu.org> Message-ID: <20051018182959.GC20901@jabberwocky.com> On Tue, Oct 18, 2005 at 07:21:30PM +0200, Erwan David wrote: > Le Tue 18/10/2005, David Shaw disait > > On Tue, Oct 18, 2005 at 09:08:07AM +0200, Realos wrote: > > > I am a bit confused about the gnupg behaviour in case of revoking a > > > subkey or uid. Since uids are actually signed by others in combination > > > my public key. > > > > > > Does it mean revoking a subkey or uid rsults in loss of signatures I > > > have collected over the time? How to proceed in such a case? > > > > Revoking a subkey loses nothing (except the subkey). Revoking a user > > ID loses any signatures on that user ID - after all, those people > > signed that user ID, and by revoking it you say that you, the owner, > > does not treat the user ID as valid any longer. If you don't treat it > > as valid, why should anyone else? > > But you can sign the new user Id with the old one saying "yes I'm > the same person, only with a different address". You're talking about adding a new user ID. The original question was regarding revoking an existing user ID. David From erwan at rail.eu.org Tue Oct 18 20:49:47 2005 From: erwan at rail.eu.org (Erwan David) Date: Tue Oct 18 20:49:39 2005 Subject: Subkey revocation means losing signatures? In-Reply-To: <20051018182959.GC20901@jabberwocky.com> References: <20051018070807.GA30767@isw.uni-stuttgart.de> <20051018153731.GB20901@jabberwocky.com> <20051018172130.GA5069@ratagaz.depot.rail.eu.org> <20051018182959.GC20901@jabberwocky.com> Message-ID: <20051018184947.GE5069@ratagaz.depot.rail.eu.org> Le Tue 18/10/2005, David Shaw disait > On Tue, Oct 18, 2005 at 07:21:30PM +0200, Erwan David wrote: > > > > But you can sign the new user Id with the old one saying "yes I'm > > the same person, only with a different address". > > You're talking about adding a new user ID. The original question was > regarding revoking an existing user ID. yes adding a new one and revoking the old one. The original question was about modifyuing the uid. -- Erwan From sithtracy at yahoo.com Tue Oct 18 19:52:31 2005 From: sithtracy at yahoo.com (Tracy D. Bossong) Date: Tue Oct 18 20:52:56 2005 Subject: Automation of GPG processing In-Reply-To: Message-ID: <20051018175231.11441.qmail@web51712.mail.yahoo.com> You need to set the trust model to what works for your needs in the gpg.conf file and sign and trust the recipients key. --- Stas Rirak wrote: > > Hello, > > I need to automate an encryption process. When I > execute the command > below to process the encryption I am getting the > prompt from GPG asking > if I really sure that this key belong to the > recipient. > > gpg --output [output.gpg] --recipient > [public_key_name --encrypt > [file_to_encrypt.txt] > > After that I need to enter "Y" in order to continue. > But, it should be a > fully automated process. What should I do, so it > will not ask me any > quesions? > > Thank you in advance, > Stas > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > From erwan at rail.eu.org Tue Oct 18 20:56:05 2005 From: erwan at rail.eu.org (Erwan David) Date: Tue Oct 18 20:55:58 2005 Subject: Subkey revocation means losing signatures? In-Reply-To: <20051018184947.GE5069@ratagaz.depot.rail.eu.org> References: <20051018070807.GA30767@isw.uni-stuttgart.de> <20051018153731.GB20901@jabberwocky.com> <20051018172130.GA5069@ratagaz.depot.rail.eu.org> <20051018182959.GC20901@jabberwocky.com> <20051018184947.GE5069@ratagaz.depot.rail.eu.org> Message-ID: <20051018185604.GF5069@ratagaz.depot.rail.eu.org> Le Tue 18/10/2005, Erwan David disait > Le Tue 18/10/2005, David Shaw disait > > On Tue, Oct 18, 2005 at 07:21:30PM +0200, Erwan David wrote: > > > > > > But you can sign the new user Id with the old one saying "yes I'm > > > the same person, only with a different address". > > > > You're talking about adding a new user ID. The original question was > > regarding revoking an existing user ID. > > yes adding a new one and revoking the old one. The original question was > about modifyuing the uid. Sorry it seems I mixed two different discussions. -- Erwan From MZhou at usg.com Tue Oct 18 16:33:11 2005 From: MZhou at usg.com (Zhou, Mike) Date: Tue Oct 18 21:25:57 2005 Subject: Gnupg-users Digest, Vol 25, Issue 16 Message-ID: <651CF02D0F85C6428E95470651A7C3323AA2EF@CERO-EXBE-03.USG.NET> Can GnuPG import X.509 certificate/pubkey ? Thanks Mike Zhou -----Original Message----- From: gnupg-users-bounces+mzhou=usg.com@gnupg.org [mailto:gnupg-users-bounces+mzhou=usg.com@gnupg.org] On Behalf Of gnupg-users-request@gnupg.org Sent: Tuesday, October 18, 2005 2:55 AM To: gnupg-users@gnupg.org Subject: Gnupg-users Digest, Vol 25, Issue 16 Send Gnupg-users mailing list submissions to gnupg-users@gnupg.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.gnupg.org/mailman/listinfo/gnupg-users or, via email, send a message with subject or body 'help' to gnupg-users-request@gnupg.org You can reach the person managing the list at gnupg-users-owner@gnupg.org When replying, please edit your Subject line so it is more specific than "Re: Contents of Gnupg-users digest..." Today's Topics: 1. Re: Bogus Key on Keyservers (Nicholas Cole) 2. Re: Bogus Key on Keyservers (Tad Marko) 3. Re: Bogus Key on Keyservers (John W. Moore III) 4. new (2005-10-16) keyanalyze results (+sigcheck) (Jason Harris) 5. gpg not running in shell script. Need Help (Kanakadandila, Sivaramakrishna (GE Consumer & Industrial)) 6. Make GnuPG create files with .pgp extension (Ismael Valladolid Torres) 7. Modifying an uid, can it be done? (Ismael Valladolid Torres) 8. Re: Modifying an uid, can it be done? (Erwan David) 9. Emacs interface to gpg (Patrik Jonsson) 10. Encrypt from memory to disc? (Steve Leibel) ---------------------------------------------------------------------- Message: 1 Date: Sun, 16 Oct 2005 18:09:27 +0100 (BST) From: Nicholas Cole Subject: Re: Bogus Key on Keyservers To: gnupg-users@gnupg.org Message-ID: <20051016170927.17322.qmail@web25407.mail.ukl.yahoo.com> Content-Type: text/plain; charset=iso-8859-1 --- Tad Marko wrote: > > You can't. That's like asking how you can stop > other people from > > printing out badges that say "I am Tad Marko" and > pinning them to their > > shirts. > > I'm not asking for that. I want them to not say that > a given key goes > to tad@tadland.net. > > > Besides, if you could do that, what would stop > someone else from > > deleting YOUR key off of the keyserver or flagging > THEIR key as the real > > Tad Marko? > > An email verification step? The problem is, that IF the email infrastructure was secure enough to be trusted, there would be no need for pgp/gpg/smime at all. An email verification step is not, and cannot be, 100% secure. Of course, in many cases, email is not re-routed, server admins can be trusted, email systems are not broken in to - to the extent that email without additional security is largely trusted as "good enough". But, in fact, if someone is willing to forge a key with your name on, it is probably one of those times that email may well not be "good enough". Hence the need to rely on key fingerprints, not on the email system. Best, Nicholas ___________________________________________________________ To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com ------------------------------ Message: 2 Date: Sun, 16 Oct 2005 15:25:50 -0500 From: Tad Marko Subject: Re: Bogus Key on Keyservers To: gnupg-users@gnupg.org Message-ID: <20051016202550.GA23826@www.tadland.net> Content-Type: text/plain; charset=us-ascii On Sun, Oct 16, 2005 at 06:09:27PM +0100, Nicholas Cole wrote: > > --- Tad Marko wrote: > > An email verification step? > > > The problem is, that IF the email infrastructure was > secure enough to be trusted, there would be no need > for pgp/gpg/smime at all. An email verification step > is not, and cannot be, 100% secure. > > Of course, in many cases, email is not re-routed, > server admins can be trusted, email systems are not > broken in to - to the extent that email without > additional security is largely trusted as "good > enough". > > But, in fact, if someone is willing to forge a key > with your name on, it is probably one of those times > that email may well not be "good enough". Hence the > need to rely on key fingerprints, not on the email > system. > > Best, > > Nicholas Right, which is the reason for the continued need to let people know your key signature via a trusted means. But, if someone was wanting to hassle you by creating scads of bogus keys on keyservers, it still makes it that much more difficult for people to obtain the correct key. If someone were more sophisticated, as you suggest, it seems that it is even more imperative for someone to be able to get the bogus keys out of view. Tad ------------------------------ Message: 3 Date: Sun, 16 Oct 2005 16:37:09 -0400 From: "John W. Moore III" Subject: Re: Bogus Key on Keyservers To: Tad Marko Cc: GnuPG Users List Message-ID: <4352B9F5.2090309@joimail.com> Content-Type: text/plain; charset=ISO-8859-1 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Tad Marko wrote: > Right, which is the reason for the continued need to let people know > your key signature via a trusted means. But, if someone was wanting to > hassle you by creating scads of bogus keys on keyservers, it still > makes it that much more difficult for people to obtain the correct > key. > > If someone were more sophisticated, as you suggest, it seems that it > is even more imperative for someone to be able to get the bogus keys > out of view. Why not just list your Key on Big Lumber and direct folks there to retrieve your Key? You can place the link to "your" Key in a Comment Line and then they will only be directed to your "official" Key. This way, only You can make alterations to your Key. JOHN :) Timestamp: Sunday 16 Oct 2005, 04:36 PM --400 (Eastern Daylight Time) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: http://www.gswot.org Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEcBAEBCAAGBQJDUrnyAAoJEBCGy9eAtCsPHhUH/2OuqveAO+c3mAtyOE/tE6Mt DJVhozjAmX7AvbIAk3WnyLXoRDzoCZM+ixllFkumgtVGYLTLRNt9OlGyXhNNYqZr Nvj8So4qresXlxMsAafyhaz8wFTRWvNNDeH0IBw6sWwVIxqJv5A0q7ZafLMKXBoZ vysRUN2DJqBGGkqFATMuE4v6IbjYTQI+3Nv0IE51awWR8LvimosWBOuhvRZaRJf/ Q4Cmva5AFEcZX0otSGHo3DLwG7Z8l84U21+q74XqgGd7UKgDepunpa3gRVGQYmk0 uZFhSyUQsgxCmH/dpnWickJsYMcgvXoINqvMgbclPVi+6KCp4W1GqI3OQIRksZY= =fbXd -----END PGP SIGNATURE----- ------------------------------ Message: 4 Date: Sun, 16 Oct 2005 18:54:33 -0400 From: Jason Harris Subject: new (2005-10-16) keyanalyze results (+sigcheck) To: keyanalyze-discuss@dtype.org, keysignings@alt.org, pgp-keyserver-folk@kjsl.com, gnupg-users@gnupg.org, biglumber-news@biglumber.com Cc: Jason Harris Message-ID: <20051016225433.GA1686@wilma.widomaker.com> Content-Type: text/plain; charset="us-ascii" New keyanalyze results are available at: http://keyserver.kjsl.com/~jharris/ka/2005-10-16/ Signatures are now being checked using keyanalyze+sigcheck: http://dtype.org/~aaronl/ Earlier reports are also available, for comparison: http://keyserver.kjsl.com/~jharris/ka/ Even earlier monthly reports are at: http://dtype.org/keyanalyze/ SHA-1 hashes and sizes for all the "permanent" files: 0c24fc1a8f0460a684adead03c4a7d75f6ab05d6 12961044 preprocess.keys a81756c80b2e8e1ca4707cae5ec1cb110e766a6a 7879988 othersets.txt 471a94cc551df864f336f07f7f9302b11bf47480 3209328 msd-sorted.txt a751f9d5477744a4f5e5ce6ebad6a60908e317ee 1372 index.html dd753055135324a3a3e3a044f90cd5086a161855 2291 keyring_stats 04c604743a47b6df1a86993007d73e4bc65aa25c 1261656 msd-sorted.txt.bz2 3af077d39605ed6104ca445d9f4e4dcf8ba68662 26 other.txt e427f66b822bda6ef2ee0e096bbd965a14901726 1703033 othersets.txt.bz2 9f3af8a41d66cd99749fd5791dab4336af6e255e 5242735 preprocess.keys.bz2 e08590542b279056a050a76e2a1db66b14e6f9ee 13357 status.txt 6c554b4ed39106b25fe6e88defff550ed1db7e08 210178 top1000table.html d52e1c405cb167e970f4475a4b9b9a9babd5b0ef 30228 top1000table.html.gz a54f6dd2ea497b7a0b5bad758c1e0a8a1d762e76 10778 top50table.html 40b84290946d44d87126d31075da13027fe72b80 2534 D3/D39DA0E3 -- Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it? jharris@widomaker.com _|_ web: http://keyserver.kjsl.com/~jharris/ Got photons? (TM), (C) 2004 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 313 bytes Desc: not available Url : /pipermail/attachments/20051016/992cb840/attachment-0001.pgp ------------------------------ Message: 5 Date: Mon, 17 Oct 2005 10:34:13 +0530 From: "Kanakadandila, Sivaramakrishna \(GE Consumer & Industrial\)" Subject: gpg not running in shell script. Need Help To: Message-ID: Content-Type: text/plain; charset="iso-8859-1" Hi I need help in running gpg command through shell script in Informatica. This is what I tried I have a shell script which will decrypt the file. It is running fine when I ran the same script from $ prompt in Unix. The same is not running when I ran through Informatica as a command. I also initialized the PATH session in the script. But nothing is working. Am I missing any thing? Appreciate any help. Siva Shell Script content #!/bin/ksh . /home/apinf/.profile PATH=$PATH:/pwrctr/siva/ ; export PATH DIR=/pwrctr/siva/ cd $DIR echo "Decrypt Started" echo "Password" | gpg -v --passphrase-fd 0 /pwrctr/siva/GEINDSYS.cyc.pgp echo "Decrypt Successful" ------------------------------ Message: 6 Date: Mon, 17 Oct 2005 15:47:11 +0200 From: Ismael Valladolid Torres Subject: Make GnuPG create files with .pgp extension To: gnupg-users@gnupg.org Message-ID: <4353AB5F.2090509@free.fr> Content-Type: text/plain; charset=us-ascii Most often, recipients of my encrypted files are users of legacy PGP versions. So I use to rename my .gpg files to .pgp so they can access them directly with their PGP shell extensions. Is there any way to make GnuPG to create files directly with the .pgp extension without specifying the complete expected file name using the -o option? Cordially, Ismael -- http://lamediahostia.blogspot.com/ ------------------------------ Message: 7 Date: Mon, 17 Oct 2005 16:27:42 +0200 From: Ismael Valladolid Torres Subject: Modifying an uid, can it be done? To: gnupg-users@gnupg.org Message-ID: <4353B4DE.8050707@free.fr> Content-Type: text/plain; charset=us-ascii I edit my own public key: $ gpg --edit-key ismael gpg (GnuPG) 1.4.1; Copyright (C) 2005 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. Secret key is available. pub 1024D/DE721AF4 created: 2005-06-20 expires: never usage: CS trust: ultimate validity: ultimate sub 2048g/689908B7 created: 2005-06-20 expires: never usage: E [ultimate] (1). Ismael Valladolid I'd like to edit my uid, adding my second surname and setting the company I work for as a comment. However I don't know how to modify an existing uid. Can it be done? If so, how? If not posible, why not? Of course I can add new uids using the adduid command: [ultimate] (1) Ismael Valladolid [ unknown] (2) Ismael Valladolid Torres (Oberthur Card Systems) [ unknown] (3). Ismael Valladolid Torres Looks like it would be enough deleting uid 1 and setting uid 2 and primary, then it would "look like" I had edited the first uid. However in that case I lose the "ultimate" tag to the left of the primary key. What does this tag mean here? Which way to have this tag for the new uids created? Cordially, Ismael -- http://lamediahostia.blogspot.com/ ------------------------------ Message: 8 Date: Mon, 17 Oct 2005 20:09:25 +0200 From: Erwan David Subject: Re: Modifying an uid, can it be done? To: gnupg-users@gnupg.org Message-ID: <20051017180925.GB3969@ratagaz.local> Content-Type: text/plain; charset=us-ascii Le Mon 17/10/2005, Ismael Valladolid Torres disait > Looks like it would be enough deleting uid 1 and setting uid 2 and > primary, then it would "look like" I had edited the first uid. However > in that case I lose the "ultimate" tag to the left of the primary key. > What does this tag mean here? Which way to have this tag for the new > uids created? You cannot modify uids (they are signed, if you change them, you break them). However you can add the new uid, revoke the old one and change the "default" uid with gpg --edit-key -- Erwan ------------------------------ Message: 9 Date: Mon, 17 Oct 2005 14:11:36 -0700 From: Patrik Jonsson Subject: Emacs interface to gpg To: gnupg-users@gnupg.org Message-ID: <43541388.4050606@ucolick.org> Content-Type: text/plain; charset=ISO-8859-1 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all, I just started using gpg and was looking around for an emacs mode to encrypt/decrypt files during load and save. There are a few vague references to crypt++, but they are all stale web sites and messages from years ago. I finally managed to locate something that looked like the crypt++ web site, which had a notice that development on crypt++ had ceased and that instead crypt.el from xemacs should be used. However, I downloaded the current version of xemacs and found no crypt.el. Can anyone tell me what's going on with this? It seems like such an OBVIOUS thing that I'm really surprised, given that people have written emacs modes for every conceivable and inconceivable need, it's so hard to find information. Thanks, /Patrik Jonsson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDVBOIT+KvsdUW5p8RAgE6AJ0QaJlAjpwP1tw354zVPiCUaz+zhgCgg8f0 n7b+7xz9edesbIK6z/90KU4= =0fQV -----END PGP SIGNATURE----- ------------------------------ Message: 10 Date: Mon, 17 Oct 2005 21:55:57 -0700 From: Steve Leibel Subject: Encrypt from memory to disc? To: gnupg-users@gnupg.org Message-ID: Content-Type: text/plain; charset="us-ascii" ; format="flowed" I have an application where I have data in memory that needs to be encrypted without ever being written to disc, even temporarily. Using PGP I can run "pgp -feat" and then pipe the data to the pgp process. That works very well. I have to do the same thing for GPG, but I can't figure out how to send data to GPG directly from memory. Any suggestions greatly appreciated. ------------------------------ _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users End of Gnupg-users Digest, Vol 25, Issue 16 ******************************************* From nferrier at tapsellferrier.co.uk Tue Oct 18 20:41:34 2005 From: nferrier at tapsellferrier.co.uk (Nic Ferrier) Date: Tue Oct 18 22:25:50 2005 Subject: Emacs interface to gpg In-Reply-To: <43541388.4050606@ucolick.org> (Patrik Jonsson's message of "Mon, 17 Oct 2005 14:11:36 -0700") References: <43541388.4050606@ucolick.org> Message-ID: <87fyqy6529.fsf@kanga.tapsellferrier.co.uk> Patrik Jonsson writes: > I just started using gpg and was looking around for an emacs mode to > encrypt/decrypt files during load and save. There are a few vague > references to crypt++, but they are all stale web sites and messages > from years ago. I finally managed to locate something that looked like > the crypt++ web site, which had a notice that development on crypt++ had > ceased and that instead crypt.el from xemacs should be used. However, I > downloaded the current version of xemacs and found no crypt.el. > > Can anyone tell me what's going on with this? It seems like such an > OBVIOUS thing that I'm really surprised, given that people have written > emacs modes for every conceivable and inconceivable need, it's so hard > to find information. I had a hard time finding information as well. mailcrypt works with GNU Emacs. Nic Ferrier From wk at gnupg.org Wed Oct 19 09:23:34 2005 From: wk at gnupg.org (Werner Koch) Date: Wed Oct 19 09:26:45 2005 Subject: Gnupg-users Digest, Vol 25, Issue 16 In-Reply-To: <651CF02D0F85C6428E95470651A7C3323AA2EF@CERO-EXBE-03.USG.NET> (Mike Zhou's message of "Tue, 18 Oct 2005 09:33:11 -0500") References: <651CF02D0F85C6428E95470651A7C3323AA2EF@CERO-EXBE-03.USG.NET> Message-ID: <87oe5mkm15.fsf@wheatstone.g10code.de> On Tue, 18 Oct 2005 09:33:11 -0500, Zhou, Mike said: > Can GnuPG import X.509 certificate/pubkey ? Only the 1.9 branch of GnuPG supports S/MIME. You need to use gpgsm and not gpg then. Shalom-Salam, Werner From realos at loftmail.com Wed Oct 19 14:30:31 2005 From: realos at loftmail.com (Realos) Date: Wed Oct 19 14:30:03 2005 Subject: Subkey revocation means losing signatures? In-Reply-To: <20051018184947.GE5069@ratagaz.depot.rail.eu.org> References: <20051018070807.GA30767@isw.uni-stuttgart.de> <20051018153731.GB20901@jabberwocky.com> <20051018172130.GA5069@ratagaz.depot.rail.eu.org> <20051018182959.GC20901@jabberwocky.com> <20051018184947.GE5069@ratagaz.depot.rail.eu.org> Message-ID: <20051019123031.GA9291@isw.uni-stuttgart.de> hi, > >yes adding a new one and revoking the old one. The original question was about modifyuing the uid. I think I got the point. Deleting a UID results in loss of signatures while revkong a UID doesn't if it signs the new UID prior to being deleted. What about creating an empty uid, i.e. without any email address and requesting people to sign that uid in addition to respective UIDs with email address? -- Realos From dshaw at jabberwocky.com Wed Oct 19 14:39:57 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Wed Oct 19 14:40:42 2005 Subject: Subkey revocation means losing signatures? In-Reply-To: <20051019123031.GA9291@isw.uni-stuttgart.de> References: <20051018070807.GA30767@isw.uni-stuttgart.de> <20051018153731.GB20901@jabberwocky.com> <20051018172130.GA5069@ratagaz.depot.rail.eu.org> <20051018182959.GC20901@jabberwocky.com> <20051018184947.GE5069@ratagaz.depot.rail.eu.org> <20051019123031.GA9291@isw.uni-stuttgart.de> Message-ID: <20051019123957.GC22372@jabberwocky.com> On Wed, Oct 19, 2005 at 02:30:31PM +0200, Realos wrote: > hi, > > > > >yes adding a new one and revoking the old one. The original question was about modifyuing the uid. > > I think I got the point. Deleting a UID results in loss of signatures > while revkong a UID doesn't if it signs the new UID prior to being deleted. No. Deleting a UID results in loss of signatures on that UID (deleting a UID actually removes the signatures completely so they're really lost). Revoking a UID also results in loss of signatures on that UID. They're not deleted, but they are ignored from then on. Signing a UID with another UID is not a meaningful statement. UIDs don't sign. > What about creating an empty uid, i.e. without any email address and > requesting people to sign that uid in addition to respective UIDs with > email address? Some people do this, and it can be useful in certain places (signing keys), but it does not resolve the "this key is untrusted - use it anyway?" question unless people select the key using the empty UID. David From oskar at rbgi.net Wed Oct 19 20:25:27 2005 From: oskar at rbgi.net (Oskar L.) Date: Wed Oct 19 20:27:03 2005 Subject: How to fix the user ID on an old key? In-Reply-To: <434CDE20.6000507@gmail.com> References: <200509051540.j85FeQEh010957@vulcan.xs4all.nl> <1066.213.169.31.186.1129109831.squirrel@mail.rbgi.net> <434CDE20.6000507@gmail.com> Message-ID: <1066.213.169.29.151.1129746327.squirrel@mail.rbgi.net> "Alphax" wrote: > If that doesn't work, gpg --sign 0x75AC881F ... Re-signing the key was the first thing that came to my mind when I saw the "this may be caused by a missing self-signature" message, but it doesn't help (see below). As you can see, deleting the self-signature and then re-signing the key, only changes the public key (sha1sums match for the old and new secret keys). And it's the secret key that gpg has a problem with, because I don't get this message when importing only the public key, but it appears when importing only the secret key. The message reads "this MAY be caused...", but can anyone confirm that this actualy is an issue about the self-signature (or lack of) on the secret key? I suspect that there is something else wrong with the key (why would the self-signature have disappeared?). Any ideas? Oskar oskar@MM2:/mnt/hda3$ rm -f /home/oskar/.gnupg/* oskar@MM2:/mnt/hda3$ gpg --import 75AC881F-public.asc 75AC881F-secret.asc gpg: keyring `/home/oskar/.gnupg/secring.gpg' created gpg: keyring `/home/oskar/.gnupg/pubring.gpg' created gpg: /home/oskar/.gnupg/trustdb.gpg: trustdb created gpg: key 75AC881F: public key "anon0106@yahoo.co.uk " imported gpg: key 75AC881F: secret key imported gpg: key 75AC881F: no valid user IDs gpg: this may be caused by a missing self-signature gpg: Total number processed: 2 gpg: w/o user IDs: 1 gpg: imported: 1 gpg: secret keys read: 1 gpg: secret keys imported: 1 oskar@MM2:/mnt/hda3$ gpg --edit-key 75AC881F gpg (GnuPG) 1.4.2; Copyright (C) 2005 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. Secret key is available. pub 1024D/75AC881F created: 2003-10-03 expires: never usage: CS trust: unknown validity: unknown sub 2048g/250C6794 created: 2003-10-03 expires: never usage: E [ unknown] (1). anon0106@yahoo.co.uk Command> sign "anon0106@yahoo.co.uk " was already signed by key 75AC881F Nothing to sign with key 75AC881F Command> uid 1 pub 1024D/75AC881F created: 2003-10-03 expires: never usage: CS trust: unknown validity: unknown sub 2048g/250C6794 created: 2003-10-03 expires: never usage: E [ unknown] (1)* anon0106@yahoo.co.uk Command> sign "anon0106@yahoo.co.uk " was already signed by key 75AC881F Nothing to sign with key 75AC881F Command> delsig uid anon0106@yahoo.co.uk sig! 75AC881F 2005-06-04 [self-signature] Delete this good signature? (y/N/q)y Really delete this self-signature? (y/N)y Deleted 1 signature. Command> sign pub 1024D/75AC881F created: 2003-10-03 expires: never usage: CS trust: unknown validity: unknown Primary key fingerprint: 4284 0353 BAAC 7A03 034D 2FFE A1D2 BB59 75AC 881F anon0106@yahoo.co.uk Are you sure that you want to sign this key with your key "anon0106@yahoo.co.uk " (75AC881F) This will be a self-signature. Really sign? (y/N) y You need a passphrase to unlock the secret key for user: "anon0106@yahoo.co.uk " 1024-bit DSA key, ID 75AC881F, created 2003-10-03 Command> save oskar@MM2:/mnt/hda3$ gpg --export-secret-key -a -o 75AC881F-secret-test.asc oskar@MM2:/mnt/hda3$ gpg --export -a -o 75AC881F-public-test.asc oskar@MM2:/mnt/hda3$ rm -f /home/oskar/.gnupg/* oskar@MM2:/mnt/hda3$ gpg --import 75AC881F-public-test.asc 75AC881F-secret-test.asc gpg: keyring `/home/oskar/.gnupg/secring.gpg' created gpg: keyring `/home/oskar/.gnupg/pubring.gpg' created gpg: /home/oskar/.gnupg/trustdb.gpg: trustdb created gpg: key 75AC881F: public key "anon0106@yahoo.co.uk " imported gpg: key 75AC881F: secret key imported gpg: key 75AC881F: no valid user IDs gpg: this may be caused by a missing self-signature gpg: Total number processed: 2 gpg: w/o user IDs: 1 gpg: imported: 1 gpg: secret keys read: 1 gpg: secret keys imported: 1 oskar@MM2:/mnt/hda3$ sha1sum 75AC881F* d1c614e37994ef312468616bb4d948a007c98f1a 75AC881F-public-test.asc 3183087b880c9bffc1834fe2059ab8316081d31a 75AC881F-public.asc fcd85f0b6f35e1262a230b79ab583c8bc459042a 75AC881F-secret-test.asc fcd85f0b6f35e1262a230b79ab583c8bc459042a 75AC881F-secret.asc From timemaster at sillydog.org Wed Oct 19 21:03:14 2005 From: timemaster at sillydog.org (David Vallier) Date: Wed Oct 19 21:03:36 2005 Subject: Homedir command Message-ID: <43569872.7070806@sillydog.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I am trying to get gnupg to "live" on a USB key and would like to know the prober usage of the homedir command, can it be put in the cfg file, and if so does it need to be "escaped" IE "--homedir x/yz" or what. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: TANSTAAFL iEYEARECAAYFAkNWmHIACgkQCT6ogSjnGK/X9wCePpwE60aAS/qpa6RMkUFb+7Zh CFgAn0N/4Ad0PrY6WRHmDdGMae9dQ/xB =ff8Y -----END PGP SIGNATURE----- -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3663 bytes Desc: S/MIME Cryptographic Signature Url : /pipermail/attachments/20051019/4360d5f3/smime.bin From johnmoore3rd at joimail.com Thu Oct 20 00:53:34 2005 From: johnmoore3rd at joimail.com (John W. Moore III) Date: Thu Oct 20 00:53:38 2005 Subject: How to fix the user ID on an old key? In-Reply-To: <1066.213.169.29.151.1129746327.squirrel@mail.rbgi.net> References: <200509051540.j85FeQEh010957@vulcan.xs4all.nl> <1066.213.169.31.186.1129109831.squirrel@mail.rbgi.net> <434CDE20.6000507@gmail.com> <1066.213.169.29.151.1129746327.squirrel@mail.rbgi.net> Message-ID: <4356CE6E.5060400@joimail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Oskar L. wrote: >> Any ideas? >> Well, my first "attempt to repair" would be to "open" the Key with the Edit function in GPGshell and re-set the prefs (even if you keep them the same) and then use the "save" Command. Whenever one "tinkers" with their Key a new self-signature is generated showing the date the "edit" was performed. JOHN :) Timestamp: Wednesday 19 Oct 2005, 06:51 PM --400 (Eastern Daylight Time) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: http://www.gswot.org Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEcBAEBCAAGBQJDVs5tAAoJEBCGy9eAtCsP0LkH/0+8AzauinkJ3ONWgnw7LCIs 5VH9MZi3f9Mu02gX+VGb9iFmm4n5QD+u05lQTRSd6C3UAekdsCeJ/7SloBsNAIcf OBgP20WSo/529eBhoA+n6MZwPygFex/CEoFaJHgOa1fIrfkJhENlSjpeaQoCIRP/ 7soOr0dZwwPjK88Z0uw8LH+pQ2Cjr86xXqzE6+FJcfVGJIYO6vx5zt8JxXPkyGaz zVhKARrbO+NUwjwPShvObfdxPob3Gpr7ieSH9N69b4XWIzZQa9WN0QuPwUPyL/dZ mpiaoKYXuAi5ZJOTvtj8OpZ2gSjL7L9X4JMFHv+9WA17owUKcCxhO/h1yPvQEr8= =k25v -----END PGP SIGNATURE----- From JPClizbe at comcast.net Thu Oct 20 07:16:48 2005 From: JPClizbe at comcast.net (John Clizbe) Date: Thu Oct 20 07:33:11 2005 Subject: Homedir command In-Reply-To: <43569872.7070806@sillydog.org> References: <43569872.7070806@sillydog.org> Message-ID: <43572840.4000205@comcast.net> David Vallier wrote: > I am trying to get gnupg to "live" on a USB key and would like to know > the prober usage of the homedir command, can it be put in the cfg > file, and if so does it need to be "escaped" IE "--homedir x/yz" or what. > Ummm that won't work. GnuPG looks in the homedir for the conf file, so putting the homedir option in gpg.conf is rather pointless. This is also stated in the man page. You read that, right? ;-} --homedir directory Set the name of the home directory to directory If this option is not used it defaults to "~/.gnupg". It does not make sense to use this in a options file. This also overrides the environment variable $GNUPGHOME. It sounds like you're trying to recreate the work the GPG2GO folks did on your own. There are essentially two ways to so this. 1) If you're always moving between the same systems: Use the default GnuPG HomeDir (~/.gnupg on *nix; %APPDATA%\GnuPG on Windows) and set gpg.conf to point to the files on the removable media; e.g. no-default-keyring keyring O:\GnuPG\pubring.gpg primary-keyring O:\GnuPG\pubring.gpg secret-keyring O:\GnuPG\secring.gpg trustdb-name O:\GnuPG\trustdb.gpg 2) The other approach is to set the environment variable GNUPGHOME to point to where ever gpg.conf and the keyring files are stored. This is the approach the GPG2GO folks use, IIRC. Can give better answers if we know what sort of environment you're targeting. -- John P. Clizbe Inet: JPClizbe(a)comcast DOT nyet Golden Bear Networks PGP/GPG KeyID: 0x608D2A10 "Be who you are and say what you feel because those who mind don't matter and those who matter don't mind." - Dr Seuss, "Oh the Places You'll Go" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 667 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051020/4b88def6/signature-0001.pgp From realos at loftmail.com Wed Oct 19 16:46:23 2005 From: realos at loftmail.com (Realos) Date: Thu Oct 20 10:26:43 2005 Subject: Subkey revocation means losing signatures? In-Reply-To: <20051018184947.GE5069@ratagaz.depot.rail.eu.org> References: <20051018070807.GA30767@isw.uni-stuttgart.de> <20051018153731.GB20901@jabberwocky.com> <20051018172130.GA5069@ratagaz.depot.rail.eu.org> <20051018182959.GC20901@jabberwocky.com> <20051018184947.GE5069@ratagaz.depot.rail.eu.org> Message-ID: <20051019144622.GD9291@isw.uni-stuttgart.de> >Some people do this, and it can be useful in certain places (signing >keys), but it does not resolve the "this key is untrusted - use it >anyway?" question unless people select the key using the empty UID. I also thought of using the free-form UID for collecting signatures and the using it to sign my new UID. What do you mean by: >but it does not resolve the "this key is untrusted - use it >anyway?" question unless people select the key using the empty UID. If i use that UID to sign my other IDs doesn't it make sense?? cheers, -- Realos -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : /pipermail/attachments/20051019/9feb3b5c/attachment.pgp From realos at loftmail.com Thu Oct 20 11:19:21 2005 From: realos at loftmail.com (Realos) Date: Thu Oct 20 11:18:26 2005 Subject: Subkey revocation means losing signatures? In-Reply-To: <20051019144622.GD9291@isw.uni-stuttgart.de> References: <20051018070807.GA30767@isw.uni-stuttgart.de> <20051018153731.GB20901@jabberwocky.com> <20051018172130.GA5069@ratagaz.depot.rail.eu.org> <20051018182959.GC20901@jabberwocky.com> <20051018184947.GE5069@ratagaz.depot.rail.eu.org> <20051019144622.GD9291@isw.uni-stuttgart.de> Message-ID: <20051020091921.GA4774@isw.uni-stuttgart.de> >>but it does not resolve the "this key is untrusted - use it >>anyway?" question unless people select the key using the empty UID. Did not get your point. My idea was: Having a signed free-form uid puts more trust in my key that revoked uid. > >If i use that UID to sign my other IDs doesn't it make sense?? Ok, this was a mistake. A key signs other keys/UIDs; a UID does not sign other UIDs. regards, : -- Realos From realos at loftmail.com Thu Oct 20 12:15:24 2005 From: realos at loftmail.com (Realos) Date: Thu Oct 20 12:14:28 2005 Subject: allowed commands on keys that keyservers handle correctly Message-ID: <20051020101524.GA6026@isw.uni-stuttgart.de> I did not spot any comprehensive documentation on the web about what kind of key-update different keyservers allow. If I like to remove my signature from a certain key and/or uid, what is the best approach to that? Does it make sense to revoke the signature or just delete it? I find both of these commands in "gpg" software but am unclear what to use. Generally, I expect keyservers to handle revocation of any key components better than just deletion for obvious reasons. Is there a *goog* documentation about what keyserver can handle and what not? merci, -- Realos From wk at gnupg.org Thu Oct 20 12:11:08 2005 From: wk at gnupg.org (Werner Koch) Date: Thu Oct 20 12:16:35 2005 Subject: Subkey revocation means losing signatures? In-Reply-To: <20051019144622.GD9291@isw.uni-stuttgart.de> (realos@loftmail.com's message of "Wed, 19 Oct 2005 16:46:23 +0200") References: <20051018070807.GA30767@isw.uni-stuttgart.de> <20051018153731.GB20901@jabberwocky.com> <20051018172130.GA5069@ratagaz.depot.rail.eu.org> <20051018182959.GC20901@jabberwocky.com> <20051018184947.GE5069@ratagaz.depot.rail.eu.org> <20051019144622.GD9291@isw.uni-stuttgart.de> Message-ID: <877jc8h51f.fsf@wheatstone.g10code.de> On Wed, 19 Oct 2005 16:46:23 +0200, Realos said: > I also thought of using the free-form UID for collecting signatures and > the using it to sign my new UID. Please consider that many folks run an email challenge response for each user ID they are going to sign. Thus, you won't get a signature on that UID. Shalom-Salam, Werner From cam at mathematica.scientia.net Thu Oct 20 10:24:04 2005 From: cam at mathematica.scientia.net (Christoph Anton Mitterer) Date: Thu Oct 20 12:55:53 2005 Subject: Questions about the use with GnuPG and SmartCards Message-ID: <43575424.80303@mathematica.scientia.net> Hi. I'd have some questions about using smartcards with together with GnuPG and would be grateful if you could help me. 1) Are there any security drawbacks when using smartcards compared with the "normal" store key on disc procedure? 2) Any knowledge if the Omnikey (www.omnikey.com) readers (especially those from the RFID series) work together with Linux and GnuPG? 3) Does GnuPG work only with special cards or is every smartcard or contactless (RFID) card ok? 4) Are there any restrictions, e.g. can the keys still be only 1024 large, can't I use Keys with Photo on the card, etc. Or does this solely depend on the memory of the card. If so, how much have the biggest cards about? 5) Are there any, from a security point of view, differences between readers and between cards? For exmple I know that some readers have integratet keypad for the PIN entry. Thanks and best wishes, Christoph Anton Mitterer. -------------- next part -------------- A non-text attachment was scrubbed... Name: cam.vcf Type: text/x-vcard Size: 449 bytes Desc: not available Url : /pipermail/attachments/20051020/c97f44d7/cam.vcf From wk at gnupg.org Thu Oct 20 13:36:55 2005 From: wk at gnupg.org (Werner Koch) Date: Thu Oct 20 13:41:34 2005 Subject: allowed commands on keys that keyservers handle correctly In-Reply-To: <20051020101524.GA6026@isw.uni-stuttgart.de> (realos@loftmail.com's message of "Thu, 20 Oct 2005 12:15:24 +0200") References: <20051020101524.GA6026@isw.uni-stuttgart.de> Message-ID: <87u0fcfmi0.fsf@wheatstone.g10code.de> On Thu, 20 Oct 2005 12:15:24 +0200, Realos said: > I did not spot any comprehensive documentation on the web about what > kind of key-update different keyservers allow. They always merge keys. > If I like to remove my signature from a certain key and/or uid, what is > the best approach to that? Does it make sense to revoke the signature or > just delete it? I find both of these commands in "gpg" software but am > unclear what to use. You need to revoke the signature once you have lost full control over the public key (i.e. uploaded it to a keyserver). Deleting a signature/uid or key makes only sense if you can replace all copies with the updated one. Shalom-Salam, Werner From wk at gnupg.org Thu Oct 20 13:47:31 2005 From: wk at gnupg.org (Werner Koch) Date: Thu Oct 20 13:51:36 2005 Subject: Questions about the use with GnuPG and SmartCards In-Reply-To: <43575424.80303@mathematica.scientia.net> (Christoph Anton Mitterer's message of "Thu, 20 Oct 2005 10:24:04 +0200") References: <43575424.80303@mathematica.scientia.net> Message-ID: <87psq0fm0c.fsf@wheatstone.g10code.de> On Thu, 20 Oct 2005 10:24:04 +0200, Christoph Anton Mitterer said: > 1) Are there any security drawbacks when using smartcards compared with > the "normal" store key on disc procedure? Depends on you needs. In general a smart card is better than a on-disk key. Some people claim that the 1024 bit RSA keys on smartcards is not secure anymore. There is however no evidence for that claim. Almost all attacks on crypto systems bypass the cryptography and explot other weaknesses (aka bugs) of the system Another drawback is that you can't look into the chip and it might implement side channels to leak the key. You have to trust the vendor here. As said, it all depends on your threat model. > 2) Any knowledge if the Omnikey (www.omnikey.com) readers (especially > those from the RFID series) work together with Linux and GnuPG? The Omnikey 2010 used to work, however libpcsc sometimes has problems with it when generating keys. > 3) Does GnuPG work only with special cards or is every smartcard or > contactless (RFID) card ok? GnuPG 1.4 and thus the OpenPGP part does only work with cards according to the OpenPGP card specs. GnuPG 1.9 works with more cards when used for S/MIME or ssh > 4) Are there any restrictions, e.g. can the keys still be only 1024 > large, can't I use Keys with Photo on the card, etc. > Or does this solely depend on the memory of the card. If so, how much > have the biggest cards about? We don't save attributes of the key on the card; there is just the key and its fngerprint. The attributes (user IDs and signatures) are expected on an external medium. > 5) Are there any, from a security point of view, differences between > readers and between cards? > For exmple I know that some readers have integratet keypad for the PIN > entry. It is often claimed that entering the PIN on an external keypad is more secure than doing so on the regualar keyboard. To some degree this is correct. However, it is trivial possible to ask the user to enter the PIN for a signature and in fact have the software (through a trojan) sign another file than the one the user things he is signing. It just needs a very little bit of social engineering. I worked yesterday on the keypad code but it turns out to be much more work than I expected (need to implement an asynchronous pinentry call). Expect working code for the SPR532 by next week. Salam-Shalom, Werner From rdieter at math.unl.edu Thu Oct 20 15:03:36 2005 From: rdieter at math.unl.edu (Rex Dieter) Date: Thu Oct 20 15:06:44 2005 Subject: dirmngr info patch Message-ID: Here's a patch to dirmngr's .info file so that one can cleanly remove it from %_infodir/dir. -- Rex -------------- next part -------------- --- dirmngr-0.9.0/doc/dirmngr.info.fixinfo 2004-12-17 04:36:29.000000000 -0600 +++ dirmngr-0.9.0/doc/dirmngr.info 2005-01-07 08:25:26.000000000 -0600 @@ -3,8 +3,8 @@ INFO-DIR-SECTION GNU Utilities START-INFO-DIR-ENTRY -* dirmngr: (gnupg). X.509 CRL and OCSP server. -* dirmngr-client: (gnupg). X.509 CRL and OCSP client. +* dirmngr: (dirmngr). X.509 CRL and OCSP server. +* dirmngr-client: (dirmngr). X.509 CRL and OCSP client. END-INFO-DIR-ENTRY This file documents the use of dirmngr. --- dirmngr-0.9.0/doc/dirmngr.texi.fixinfo 2004-12-13 08:25:00.000000000 -0600 +++ dirmngr-0.9.0/doc/dirmngr.texi 2005-01-07 08:25:14.000000000 -0600 @@ -65,8 +65,8 @@ @ifnottex @dircategory GNU Utilities @direntry -* dirmngr: (gnupg). X.509 CRL and OCSP server. -* dirmngr-client: (gnupg). X.509 CRL and OCSP client. +* dirmngr: (dirmngr). X.509 CRL and OCSP server. +* dirmngr-client: (dirmngr). X.509 CRL and OCSP client. @end direntry This file documents the use of dirmngr. From ismaeval at free.fr Thu Oct 20 15:45:21 2005 From: ismaeval at free.fr (Ismael Valladolid Torres) Date: Thu Oct 20 15:46:29 2005 Subject: Questions about the use with GnuPG and SmartCards In-Reply-To: <87psq0fm0c.fsf@wheatstone.g10code.de> References: <43575424.80303@mathematica.scientia.net> <87psq0fm0c.fsf@wheatstone.g10code.de> Message-ID: <43579F71.60100@free.fr> Werner Koch wrote: > We don't save attributes of the key on the card; there is just the key > and its fngerprint. The attributes (user IDs and signatures) are > expected on an external medium. Any pointer to a complete spec on what data's expected to be on the card and on a external medium? I have access to personalise a smartcard with any dedicated or elementary file needed and I'd like to give it a try. Cordially, Ismael -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 250 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051020/fc55beb4/signature.pgp From cedar at 3web.net Thu Oct 20 16:53:57 2005 From: cedar at 3web.net (cdr) Date: Thu Oct 20 16:55:21 2005 Subject: Questions about the use with GnuPG and SmartCards In-Reply-To: <87psq0fm0c.fsf@wheatstone.g10code.de> References: <43575424.80303@mathematica.scientia.net> <87psq0fm0c.fsf@wheatstone.g10code.de> Message-ID: <4357AF85.9060300@3web.net> Use of smatrcards presents a sociological phenomenon, deserving further research: unexpectedly large number of computer security practitioners who don't trust closed source crypto on open hardware but apparently do trust closed source crypto on closed hardware. cdr From oskar at rbgi.net Thu Oct 20 17:33:08 2005 From: oskar at rbgi.net (Oskar L.) Date: Thu Oct 20 17:33:35 2005 Subject: How to fix the user ID on an old (secret) key? In-Reply-To: <4356CE6E.5060400@joimail.com> References: <200509051540.j85FeQEh010957@vulcan.xs4all.nl> <1066.213.169.31.186.1129109831.squirrel@mail.rbgi.net> <434CDE20.6000507@gmail.com><1066.213.169.29.151.1129746327.squirrel@mail.rbgi.net> <4356CE6E.5060400@joimail.com> Message-ID: <1143.213.169.2.198.1129822388.squirrel@mail.rbgi.net> johnmoore3rd@joimail.com wrote: > Well, my first "attempt to repair" would be to "open" the Key with the > Edit function in GPGshell and re-set the prefs (even if you keep them > the same) and then use the "save" Command. Whenever one "tinkers" with > their Key a new self-signature is generated showing the date the "edit" > was performed. That does not help, because it only modifies the public key, and it's the secret key that's causing this message. Here's the output for the secret key from pgpdump again, can anyone tell me what's causing the "no valid user IDs" message? Is there any way to remove the self-signature from the secret key, and add a new one? Oskar Old: Secret Key Packet(tag 5)(481 bytes) Ver 4 - new Public key creation time - Fri Oct 3 06:58:46 EDT 2003 Pub alg - DSA Digital Signature Algorithm(pub 17) DSA p(1024 bits) - ... DSA q(160 bits) - ... DSA g(1022 bits) - ... DSA y(1024 bits) - ... Sym alg - CAST5(sym 3) Iterated and salted string-to-key(s2k 3): Hash alg - SHA1(hash 2) Salt - 3f ac 9a 6c 32 e5 a5 94 Count - 65536(coded count 96) IV - 75 29 8e f0 54 0b 20 5e Encrypted DSA x Encrypted SHA1 hash Old: User ID Packet(tag 13)(43 bytes) User ID - anon0106 at yahoo.co.uk Old: Secret Subkey Packet(tag 7)(610 bytes) Ver 4 - new Public key creation time - Fri Oct 3 06:58:46 EDT 2003 Pub alg - ElGamal Encrypt-Only(pub 16) ElGamal p(2048 bits) - ... ElGamal g(2 bits) - ... ElGamal y(2046 bits) - ... Sym alg - CAST5(sym 3) Iterated and salted string-to-key(s2k 3): Hash alg - SHA1(hash 2) Salt - 3f ac 9a 6c 32 e5 a5 94 Count - 65536(coded count 96) IV - 3e 3c 75 2d 2e 2b 86 04 Encrypted ElGamal x Encrypted SHA1 hash From wk at gnupg.org Thu Oct 20 20:41:14 2005 From: wk at gnupg.org (Werner Koch) Date: Thu Oct 20 20:46:36 2005 Subject: Questions about the use with GnuPG and SmartCards In-Reply-To: <43579F71.60100@free.fr> (Ismael Valladolid Torres's message of "Thu, 20 Oct 2005 15:45:21 +0200") References: <43575424.80303@mathematica.scientia.net> <87psq0fm0c.fsf@wheatstone.g10code.de> <43579F71.60100@free.fr> Message-ID: <87psq0doad.fsf@wheatstone.g10code.de> On Thu, 20 Oct 2005 15:45:21 +0200, Ismael Valladolid Torres said: > Any pointer to a complete spec on what data's expected to be on the card > and on a external medium? I have access to personalise a smartcard with > any dedicated or elementary file needed and I'd like to give it a try. http://g10code.conm/docs/openpgp-card-1.1.pdf Note, that we use PUT/GET and not the file abstraction commands. Salam-Shalom, Werner From wk at gnupg.org Thu Oct 20 20:44:31 2005 From: wk at gnupg.org (Werner Koch) Date: Thu Oct 20 20:46:46 2005 Subject: Questions about the use with GnuPG and SmartCards In-Reply-To: <4357AF85.9060300@3web.net> (cedar@3web.net's message of "Thu, 20 Oct 2005 14:53:57 +0000") References: <43575424.80303@mathematica.scientia.net> <87psq0fm0c.fsf@wheatstone.g10code.de> <4357AF85.9060300@3web.net> Message-ID: <87ll0odo4w.fsf@wheatstone.g10code.de> On Thu, 20 Oct 2005 14:53:57 +0000, cdr said: > Use of smatrcards presents a sociological phenomenon, deserving > further research: unexpectedly large number of computer security > practitioners who don't trust closed source crypto on open hardware > but apparently do trust closed source crypto on closed hardware. Well, your CPU is also closed source. I am pretty sure than one can do nifty things with a Transmeta CPU for example. The problem with the smartcards is that it is very hard to get a plain chip without signing an NDA. Thanks to the commercial pay TV crackers. Shalom-Salam, Werner From dshaw at jabberwocky.com Thu Oct 20 21:39:20 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Thu Oct 20 21:39:50 2005 Subject: Subkey revocation means losing signatures? In-Reply-To: <20051020091921.GA4774@isw.uni-stuttgart.de> References: <20051018070807.GA30767@isw.uni-stuttgart.de> <20051018153731.GB20901@jabberwocky.com> <20051018172130.GA5069@ratagaz.depot.rail.eu.org> <20051018182959.GC20901@jabberwocky.com> <20051018184947.GE5069@ratagaz.depot.rail.eu.org> <20051019144622.GD9291@isw.uni-stuttgart.de> <20051020091921.GA4774@isw.uni-stuttgart.de> Message-ID: <20051020193920.GA27947@jabberwocky.com> On Thu, Oct 20, 2005 at 11:19:21AM +0200, Realos wrote: > >>but it does not resolve the "this key is untrusted - use it > >>anyway?" question unless people select the key using the empty UID. > Did not get your point. > My idea was: Having a signed free-form uid puts more trust in > my key that revoked uid. Sort of. The problem is that there is not really such a thing as trust to a key: it's trust to a user ID. So people actually get different trust values for each different user ID on their key. A free-form user ID can certainly be signed, and certainly carries trust, but is not generally used by programs (which like email addresses), so it doesn't really help you. David From kage at vego.no Fri Oct 21 09:36:27 2005 From: kage at vego.no (kage@vego.no) Date: Fri Oct 21 11:26:01 2005 Subject: invalid packet - ignore errors? Message-ID: <20051021093627.gef30jxhuexog0cs@www.vego.no> *Is it possible to make gnupg ignore errors when decrypting files?* I'm trying to decrypt a symmetrically encrypted file, but get the following error message(s): C:\gpg\gpg>gpg -v -o c:\out.bkf -d d:\data.bkf.gpg gpg: CAST5 encrypted data gpg: encrypted with 1 passphrase gpg: original file name='data.bkf' gpg: [don't know]: invalid packet (ctb=63) gpg: [don't know]: invalid packet (ctb=66) gpg: WARNING: message was not integrity protected gpg: [don't know]: invalid packet (ctb=37) The outfile is written, but only partially. Does this simply mean that the .gpg file is corrupt and that the archive can not be recovered? It has been burned on a dvdrom, and I had some issues getting a 3GB+ file burned. This is gnupg 1.4.0 running on Windows XP The error messages aren't all that informative, not even in verbose mode. Note: I sent this earlier, but got no response. If someone could help, or point me to any resources of help, I'd be grateful! KG From seh at panix.com Fri Oct 21 19:45:14 2005 From: seh at panix.com (Steven E. Harris) Date: Fri Oct 21 20:14:18 2005 Subject: Keyserver communications errors on Cygwin's GnuPG References: <4354B712.4040704@free.fr> Message-ID: Ismael Valladolid Torres writes: > gpg: keyserver send failed: general error Are you running a virus scanner on this computer? If so, try disabling it temporarily and running the send-keys operation again. -- Steven E. Harris From lusfert at gmail.com Fri Oct 21 22:58:08 2005 From: lusfert at gmail.com (lusfert) Date: Fri Oct 21 22:58:49 2005 Subject: Large file issues again (win32) Message-ID: <43595660.2000902@gmail.com> Hi all. I recently encrypted (for testing purposes) 4,36 GB file using my public key. I used official debian 3.1r0a DVD ISO image #1 as initial file. The command was: gpg -e -r [recipient] -v [file] Then I unsuccessfully tried to decrypt file using the same way, after this I use method which was decribed here: http://lists.gnupg.org/pipermail/gnupg-users/2005-September/026966.html http://lists.gnupg.org/pipermail/gnupg-users/2005-September/026661.html Now I'm trying to decrypt file and receive the following: --------------------------------------------- C:\folder>gpg -d -v < file.gpg > file gpg: public key is 0xBF3D3DC2 gpg: using subkey 0xBF3D3DC2 instead of primary key 0x500B8987 gpg: encrypted with 4096-bit ELG-E key, ID 0xBF3D3DC2, created 2005-08-06 "lusfert " gpg: TWOFISH encrypted data gpg: original file name='debian-dvd-1.iso' gpg: buffer shorter than attribute subpacket gpg: [don't know]: invalid packet (ctb=45) node 00B1A160 00/00 type=gpg-control ctrl=3 len=0 node 00B1A028 00/00 type=user-id "[bad attribute packet of size 135]" .... gpg: invalid root packet detected in proc_tree() node 00B1A028 00/00 type=user-id "[bad attribute packet of size 135]" .... gpg: [don't know]: invalid packet (ctb=10) gpg: WARNING: encrypted message has been manipulated! gpg: [don't know]: invalid packet (ctb=30) ---------------------------------------------------- Every time only 391 739 392 bytes of output file were written before error occurs. Thus it seems workaround described in previous messages doesn't help. GnuPG 1.4.2 official build, Windows XP SP2 Pro, standard cmd.exe Is it possible to solve this problem? -- With best regards, Current OpenPGP key ID: 0x500B8987 Fingerprint: E883 045D 36FB 8CA3 8D69 9C79 9E35 3B56 500B 8987 Encrypted e-mail preferred. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 155 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051022/c1f71409/signature.pgp From JPClizbe at comcast.net Sat Oct 22 01:38:19 2005 From: JPClizbe at comcast.net (John Clizbe) Date: Sat Oct 22 01:39:30 2005 Subject: Keyserver communications errors on Cygwin's GnuPG In-Reply-To: <877jcbnq5f.fsf@wheatstone.g10code.de> References: <4354B712.4040704@free.fr> <877jcbnq5f.fsf@wheatstone.g10code.de> Message-ID: <43597BEB.3040506@comcast.net> Werner Koch wrote: > On Tue, 18 Oct 2005 10:49:22 +0200, Ismael Valladolid Torres said: > >> Is this to be reported to GnuPG developers or to Cygwin developers? > > That seems to be a Cygwin problem. I'll agree on it being a problem with Cygwin. Most likely something in your installation. Works fine on Cygwin for me. jpclizbe@Yogi ~ $ uname -a CYGWIN_NT-5.0 Yogi 1.5.18(0.132/4/2) 2005-07-02 20:30 i686 unknown unknown Cygwin jpclizbe@Yogi ~ $ gpg --version gpg (GnuPG) 1.4.3-cvs-3913-2005-10-19 Copyright (C) 2005 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. Home: ~/.gnupg Supported algorithms: Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512 Compression: Uncompressed, ZIP, ZLIB, BZIP2 jpclizbe@Yogi ~ $ gpg --send-keys 0x608d2a10 gpg: sending key 608D2A10 to hkp server minsky.surfnet.nl jpclizbe@Yogi ~ $ -- John P. Clizbe Inet: John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. PGP/GPG KeyID: 0x608D2A10/0x18BB373A "what's the key to success?" / "two words: good decisions." "what's the key to good decisions?" / "one word: experience." "how do i get experience?" / "two words: bad decisions." "Just how do the residents of Haiku, Hawai'i hold conversations?" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 667 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051021/64f17ce5/signature.pgp From kuestner at macnews.de Fri Oct 21 23:47:06 2005 From: kuestner at macnews.de (B. Kuestner) Date: Sat Oct 22 01:55:49 2005 Subject: Delete key from keyserver Message-ID: I'm still in the process of learning how to use GPG for signing and encrypting messages. I use MacGPG on, you guessed it, OS X. The interface of the GPG Keychain app makes it really easy to do some powerful stuff. And you know how it is, if powerful stuff is put in the hands of ignorant people: Now I'm stuck with what you never want to get stuck with: I have keys on the keyserver that I don't want to be there and I don't want have the private key anymore. The keys are of unlimited validity. I have the passphrase, though, and I thought that this must be the key (no pun intended) to everything. Unfortunately, the more I read about it, the more I learn how wrong I am. I understand that technically there is no software command that I could send off anywhere that could fix the situation, right? But somebody must be owning and administrating the keyserver subkeys.pgp.net. How can I get to this person? And how can I prove that I am the rightful fool to request deletion of those keys from the server? I cannot believe that minutes of stupidity will leave the servers running with in a sense corrupt entries for the rest of the lifetime of gpg/pgp technologies. Surely this whole scheme must have a method, maybe manual and not-free support, for such a scenario? Any help? Thanks, Bj?rn From dshaw at jabberwocky.com Sat Oct 22 04:21:19 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Sat Oct 22 04:35:45 2005 Subject: Delete key from keyserver In-Reply-To: References: Message-ID: <20051022022119.GB31455@jabberwocky.com> On Fri, Oct 21, 2005 at 11:47:06PM +0200, B. Kuestner wrote: > I'm still in the process of learning how to use GPG for signing and > encrypting messages. I use MacGPG on, you guessed it, OS X. > > The interface of the GPG Keychain app makes it really easy to do some > powerful stuff. And you know how it is, if powerful stuff is put in > the hands of ignorant people: > > Now I'm stuck with what you never want to get stuck with: I have keys > on the keyserver that I don't want to be there and I don't want have > the private key anymore. The keys are of unlimited validity. > > I have the passphrase, though, and I thought that this must be the > key (no pun intended) to everything. Unfortunately, the more I read > about it, the more I learn how wrong I am. > > I understand that technically there is no software command that I > could send off anywhere that could fix the situation, right? If you don't have the private key, then yes, right. There is nothing you can do about it. > But somebody must be owning and administrating the keyserver > subkeys.pgp.net. How can I get to this person? And how can I prove > that I am the rightful fool to request deletion of those keys from > the server? You really can't. Even if one operator did remove the key, keyservers synchronize with each other, so the others could just put it back later. You'd have to remove it from all keyservers... and even then if someone accidentally resubmitted it, you'd have to go through this again. > I cannot believe that minutes of stupidity will leave the servers > running with in a sense corrupt entries for the rest of the lifetime > of gpg/pgp technologies. Surely this whole scheme must have a method, > maybe manual and not-free support, for such a scenario? Nope. It's an inherent scaling problem of the keyserver net. I've seen estimates that the majority of the keys on the keyserver net are not used for one reason or another, but can't be deleted. Even with the garbage keys, the keyserver database isn't too large to be served though. The PGP company is running a different sort of keyserver at http://keyserver.pgp.com. This type of keyserver allows you to remove keys if you can prove (by answering an email challenge) that you have access to the email address on the key. This keyserver obviously does not synchronize with the others, however. David From J.E.vanBaal+gnupg-users at uvt.nl Fri Oct 21 15:03:46 2005 From: J.E.vanBaal+gnupg-users at uvt.nl (Joost van Baal) Date: Sat Oct 22 12:25:54 2005 Subject: handling S/MIME messages with gpgsm Message-ID: <20051021130346.GB4335@banach.uvt.nl> Hi, [Please honor Mail-Followup-To and Cc me on replies: I am not subscribed to this list.] Summary: please tell me how to handle S/MIME decryption and verification with gpgsm. I am working on integrating PGP and S/MIME with the Mailman mailing list manager, see http://non-gnu.uvt.nl/pub/mailman/ . I am considering using GPGME for this, with the pyme python interface. I am having troubles getting S/MIME emails (or CMS blobs) processed by GPGME. (Since GPGME uses libksba, it _should_ be able to handle these, I guess). For instance, when creating a detached-signed S/MIME email message, splitting the body off, and de-base64-ing the signature with recode /Base64 < sig.base64 > sig.CMS , calling gpgsm gives: gpgsm --verify sig.CMS body.txt gpgsm: Signature made 2005-10-21 11:40:54 using certificate ID 090E2BFC gpgsm: invalid signature: message digest attribute does not match calculated one . Feeding the complete message to openssl leads to a fine verification: openssl smime -verify -CAfile CA/ca-cert.pem mail.msg Verification successful Decrypting a de-base64-ed S/MIME message fails too: gpgsm --decrypt < encrypt.CMS gpgsm: unsupported algorithm `1.2.840.113549.3.2' gpgsm: (this is the RC2 algorithm) gpgsm: message decryption failed: Unsupported algorithm Unfortunately I can't check this operation with openssl, since I have no way to export the private key from the keystore to a .pem-file, suitable for import to openssl... My setup allows me to encrypt and decrypt .pem files, using pyme's op_encrypt() and op_decrypt() routines. Any pointers or clues are very welcome. If more information about my setup is needed, I gladly supply these. Thanks, Bye, Joost -- Joost van Baal http://abramowitz.uvt.nl/ Tilburg University j.e.vanbaal@uvt.nl The Netherlands -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: Digital signature Url : /pipermail/attachments/20051021/c9a819f0/attachment.pgp From J.E.vanBaal+gnupg-users at uvt.nl Fri Oct 21 15:03:46 2005 From: J.E.vanBaal+gnupg-users at uvt.nl (Joost van Baal) Date: Sat Oct 22 14:04:56 2005 Subject: handling S/MIME messages with gpgsm Message-ID: <20051021130346.GB4335@banach.uvt.nl> Hi, [Please honor Mail-Followup-To and Cc me on replies: I am not subscribed to this list.] Summary: please tell me how to handle S/MIME decryption and verification with gpgsm. I am working on integrating PGP and S/MIME with the Mailman mailing list manager, see http://non-gnu.uvt.nl/pub/mailman/ . I am considering using GPGME for this, with the pyme python interface. I am having troubles getting S/MIME emails (or CMS blobs) processed by GPGME. (Since GPGME uses libksba, it _should_ be able to handle these, I guess). For instance, when creating a detached-signed S/MIME email message, splitting the body off, and de-base64-ing the signature with recode /Base64 < sig.base64 > sig.CMS , calling gpgsm gives: gpgsm --verify sig.CMS body.txt gpgsm: Signature made 2005-10-21 11:40:54 using certificate ID 090E2BFC gpgsm: invalid signature: message digest attribute does not match calculated one . Feeding the complete message to openssl leads to a fine verification: openssl smime -verify -CAfile CA/ca-cert.pem mail.msg Verification successful Decrypting a de-base64-ed S/MIME message fails too: gpgsm --decrypt < encrypt.CMS gpgsm: unsupported algorithm `1.2.840.113549.3.2' gpgsm: (this is the RC2 algorithm) gpgsm: message decryption failed: Unsupported algorithm Unfortunately I can't check this operation with openssl, since I have no way to export the private key from the keystore to a .pem-file, suitable for import to openssl... My setup allows me to encrypt and decrypt .pem files, using pyme's op_encrypt() and op_decrypt() routines. Any pointers or clues are very welcome. If more information about my setup is needed, I gladly supply these. Thanks, Bye, Joost -- Joost van Baal http://abramowitz.uvt.nl/ Tilburg University j.e.vanbaal@uvt.nl The Netherlands -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: Digital signature Url : /pipermail/attachments/20051021/c9a819f0/attachment-0001.pgp From kuestner at macnews.de Sat Oct 22 18:26:51 2005 From: kuestner at macnews.de (B. Kuestner) Date: Sat Oct 22 18:26:50 2005 Subject: Delete key from keyserver In-Reply-To: <20051022022119.GB31455@jabberwocky.com> References: <20051022022119.GB31455@jabberwocky.com> Message-ID: <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> Thanks David. >> I understand that technically there is no software command that I >> could send off anywhere that could fix the situation, right? > > If you don't have the private key, then yes, right. There is nothing > you can do about it. I feared so after I read up on all this stuff. Wow, is it just me or does anybody else consider this a major design flaw of the whole setup? For two reasons: - After decades of IT, how can one still design software that is absolutely unforgiving to people's stupidity in a critical area. That's like being able to close a window of unsaved work without being prompted to save. - It is so easy to make life miserable for somebody else. What would prevent me from picking any e-mail address that isn't mine and upload dozens of keys to the key servers, maybe even give them misleading comments like "current" etc.. If anybody were then looking for the public key to joesmith@hisdomain.com, there would be a useless mess of keys without telling which one is correct to use. And worst of all: Joe Smith has no way of fixing the situation, even if he is legitimate owner of the joesmith@hisdomain.com e-mail address. It strikes me, that GNU-supporters would bash MS (or for that reason any vendor of proprietary software) for dishing out once more a thoughtless, immature and insecure software design. I understand it must not be simple to revoke or disable keys. But it shouldn't be impossible either, especially in the light of anybody's capability to put public keys under my name on the server. Am I missing something? > It's an inherent scaling problem of the keyserver net. I've > seen estimates that the majority of the keys on the keyserver net are > not used for one reason or another, but can't be deleted. Even with > the garbage keys, the keyserver database isn't too large to be served > though. Well, my issue is not so much with the keyservers. I guess with faster and more hardware this scheme could be maintained for decades. But if the keyservers are not directories to look up public keys, then what are they? And if they are meant as directories, how good are they if they are flooded with garbage keys. > The PGP company is running a different sort of keyserver at > http://keyserver.pgp.com. This type of keyserver allows you to remove > keys if you can prove (by answering an email challenge) that you have > access to the email address on the key. This keyserver obviously does > not synchronize with the others, however. Can gpg use this keyserver? It is listed in the settings of my MacPG. Is using this server recommendable for everybody? Thanks for your answers, David. I'll do some more reading how to deal with this. This page has a suggestion to work as good as possible with the situation: I'll have to think through it when I'm less tired. All this key stuff is still very foreign to me. Bj?rn From kuestner at macnews.de Sat Oct 22 18:26:51 2005 From: kuestner at macnews.de (B. Kuestner) Date: Sat Oct 22 18:27:10 2005 Subject: Delete key from keyserver In-Reply-To: <20051022022119.GB31455@jabberwocky.com> References: <20051022022119.GB31455@jabberwocky.com> Message-ID: <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> Thanks David. >> I understand that technically there is no software command that I >> could send off anywhere that could fix the situation, right? > > If you don't have the private key, then yes, right. There is nothing > you can do about it. I feared so after I read up on all this stuff. Wow, is it just me or does anybody else consider this a major design flaw of the whole setup? For two reasons: - After decades of IT, how can one still design software that is absolutely unforgiving to people's stupidity in a critical area. That's like being able to close a window of unsaved work without being prompted to save. - It is so easy to make life miserable for somebody else. What would prevent me from picking any e-mail address that isn't mine and upload dozens of keys to the key servers, maybe even give them misleading comments like "current" etc.. If anybody were then looking for the public key to joesmith@hisdomain.com, there would be a useless mess of keys without telling which one is correct to use. And worst of all: Joe Smith has no way of fixing the situation, even if he is legitimate owner of the joesmith@hisdomain.com e-mail address. It strikes me, that GNU-supporters would bash MS (or for that reason any vendor of proprietary software) for dishing out once more a thoughtless, immature and insecure software design. I understand it must not be simple to revoke or disable keys. But it shouldn't be impossible either, especially in the light of anybody's capability to put public keys under my name on the server. Am I missing something? > It's an inherent scaling problem of the keyserver net. I've > seen estimates that the majority of the keys on the keyserver net are > not used for one reason or another, but can't be deleted. Even with > the garbage keys, the keyserver database isn't too large to be served > though. Well, my issue is not so much with the keyservers. I guess with faster and more hardware this scheme could be maintained for decades. But if the keyservers are not directories to look up public keys, then what are they? And if they are meant as directories, how good are they if they are flooded with garbage keys. > The PGP company is running a different sort of keyserver at > http://keyserver.pgp.com. This type of keyserver allows you to remove > keys if you can prove (by answering an email challenge) that you have > access to the email address on the key. This keyserver obviously does > not synchronize with the others, however. Can gpg use this keyserver? It is listed in the settings of my MacPG. Is using this server recommendable for everybody? Thanks for your answers, David. I'll do some more reading how to deal with this. This page has a suggestion to work as good as possible with the situation: I'll have to think through it when I'm less tired. All this key stuff is still very foreign to me. Bj?rn From areiner at tph.tuwien.ac.at Sat Oct 22 18:44:56 2005 From: areiner at tph.tuwien.ac.at (Albert Reiner) Date: Sat Oct 22 18:45:01 2005 Subject: Delete key from keyserver In-Reply-To: <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> Message-ID: ["B. Kuestner" , Sat, 22 Oct 2005 18:26:51 +0200]: > Am I missing something? The web of trust. (And the documentation, apparently.) Either you personally verify the key with your recipient (in which case you know which key is the right one), or (slightly simplifying) you choose the people you trust with knowing what they are doing when they sign a key; and when you find a key they have signed, you believe their assurance that it is the correct one. Regards, Albert. P.S.: A slightly less inflammatory tone would not have harmed either. From linux at codehelp.co.uk Sat Oct 22 20:31:54 2005 From: linux at codehelp.co.uk (Neil Williams) Date: Sat Oct 22 20:30:53 2005 Subject: Delete key from keyserver In-Reply-To: <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> Message-ID: <200510221931.57964.linux@codehelp.co.uk> On Saturday 22 October 2005 5:26 pm, B. Kuestner wrote: > Wow, is it just me or does anybody else consider this a major design > flaw of the whole setup? It is actually a component of one of the major strengths - the web of trust. 1. It is made perfectly clear that you are the sole protector of your private key and if you still had your private key you could revoke the unused keys. 2. Revoked keys are valuable and should not be deleted from keyservers - the fact that a key has been revoked can be critically important. 3. Having lots of keys for (apparently) the same person is a GOOD thing as it explains, reinforces and encourages usage of the web of trust. It makes it less likely that anyone will be dumb enough to trust a key simply on the UID alone. 4. It is up to the user to decide when it is appropriate to send their key to a keyserver. If anything needs to change it is that the documentation should more strongly encourage users to test locally and only upload keys that they are proposing to use regularly - not test keys. One thing I have considered is that if a keyserver receives a new key (rather than an updated one) it might be possible for a protocol change to ask the user if this key really should be uploaded. The keyserver might use such a change in the protocol to pass an error/result code to the gnupg program submitting the key, raising the warning and asking for confirmation. No idea how workable this might be. 5. These unused keys typically don't clutter up the web of trust either - again because they usually only have self-signatures so they can be excluded at the first step of the calculations. Only signatures made by someone else on your key are counted to the web of trust. > - After decades of IT, how can one still design software that is > absolutely unforgiving to people's stupidity in a critical area. It is the fault of the users that there are so many unused keys on keyservers. However, this is NOT a critical area. The capacity of keyservers is not a problem - critical or otherwise. These unused keys are v.small because they rarely have more than a self-signature and one UID. > That's like being able to close a window of unsaved work without > being prompted to save. No, it is more like not being reminded to not send junk to your website. It's not about "losing" anything, it is about the point at which your local data (the key) becomes public. You have simply copied a file to a remote location - you lose nothing by doing so. > - It is so easy to make life miserable for somebody else. What would > prevent me from picking any e-mail address that isn't mine and upload > dozens of keys to the key servers, maybe even give them misleading > comments like "current" etc.. If anybody were then looking for the > public key to joesmith@hisdomain.com, there would be a useless mess > of keys without telling which one is correct to use. And worst of > all: Joe Smith has no way of fixing the situation, even if he is > legitimate owner of the joesmith@hisdomain.com e-mail address. That is exactly my point, NOBODY should rely on ANY of that information to identify a key. The only identifier for a key is the fingerprint. You MUST verify the fingerprint with the person and only then can you be sure that the key is for that person. The web of trust enables such verification - if you can't meet me in person, you can verify my key by having your key signed by someone who has met me (there are lots). Until that happens, you have no way of trusting that this key belongs to the named person. None. The signature simply means that the message has not been tampered since being signed. > It strikes me, that GNU-supporters would bash MS (or for that reason > any vendor of proprietary software) for dishing out once more a > thoughtless, immature and insecure software design. You've got the wrong end of the problem. This is about enhancing security by preventing people making wrong assumptions about key ownership simply from the public data on the key that can be so easily duplicated. You can only trust the fingerprint - which cannot be duplicated. > I understand it must not be simple to revoke or disable keys. It must be impossible for anyone but the key owner (or their appointed representative) to revoke a key. Any user can, however, mark a key in their keyring as disabled - it has no effect whatsoever on the keyserver copy, neither do you need the private key of that key to disable it locally. > But it > shouldn't be impossible either, especially in the light of anybody's > capability to put public keys under my name on the server. It isn't. I could generate a key under your name at any time. The only way anyone can identify YOUR key is by getting the fingerprint identification from you. Do NOT trust the UID until you can trust the fingerprint. If you don't have verification of the fingerprint, you cannot trust the key - at all. Zip. Zero. > Am I missing something? Yes, the web of trust and the benefits of keysigning. -- Neil Williams ============= http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051022/92c55ef3/attachment-0001.pgp From zvrba at globalnet.hr Sat Oct 22 22:20:10 2005 From: zvrba at globalnet.hr (zvrba@globalnet.hr) Date: Sat Oct 22 22:20:05 2005 Subject: Delete key from keyserver In-Reply-To: <200510221931.57964.linux@codehelp.co.uk> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <200510221931.57964.linux@codehelp.co.uk> Message-ID: <20051022202010.GA7575@zax.ifi.uio.no> On Sat, Oct 22, 2005 at 07:31:54PM +0100, Neil Williams wrote: > > That is exactly my point, NOBODY should rely on ANY of that information to > identify a key. The only identifier for a key is the fingerprint. You MUST > verify the fingerprint with the person and only then can you be sure that the > key is for that person. > > The web of trust enables such verification - if you can't meet me in person, > you can verify my key by having your key signed by someone who has met me > (there are lots). > > Until that happens, you have no way of trusting that this key belongs to the > named person. None. The signature simply means that the message has not been > tampered since being signed. > I have few objections to this. 1. meeting in person is not scalable. having to meet in person (or even hear each other over the phone) everyone that I want to communicate with is a hassle. 2. WoT is problematic in that it is very sparse. For example, try to find a path from my key by which I've signed this mail to somebody you trust. My problem is that I can't find another GPG user whom I can meet in person and arrange key signing. And the final 'objection' is more of a philosophical one: what is IDENTITY? If I know a person only by email, then that email *is* the person to me. And I know many people just by email and we are probably never going to meet IRL, except for some strange coincidence. Imagine a situation like this: suppose that, hypothetically, I find two different keys on the key server named to "Neil Williams ", each with some number of signatures (let's say almost equal). If none of these keys has a path of signatures that leads to some person that I personally trust to sign keys properly.. how am I to decide WHICH of these keys is the "real" one? And most of the time I'm not really that concerned about communicating with "the real" Neil Williams, but more with the fact that some set of mails came from the *same person* that happens to (rightfully, or not) claim that his name is Neil Williams. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051022/8eb61b88/attachment.pgp From ml at bitfalle.org Sat Oct 22 23:12:01 2005 From: ml at bitfalle.org (markus reichelt) Date: Sat Oct 22 23:12:04 2005 Subject: Delete key from keyserver In-Reply-To: <20051022202010.GA7575@zax.ifi.uio.no> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575@zax.ifi.uio.no> Message-ID: <20051022211201.GA3348@dantooine> * zvrba@globalnet.hr wrote: > On Sat, Oct 22, 2005 at 07:31:54PM +0100, Neil Williams wrote: > > > > That is exactly my point, NOBODY should rely on ANY of that information to > > identify a key. The only identifier for a key is the fingerprint. You MUST > > verify the fingerprint with the person and only then can you be sure that the > > key is for that person. > > > > The web of trust enables such verification - if you can't meet me in person, > > you can verify my key by having your key signed by someone who has met me > > (there are lots). > > > > Until that happens, you have no way of trusting that this key belongs to the > > named person. None. The signature simply means that the message has not been > > tampered since being signed. > > > > I have few objections to this. > > 1. meeting in person is not scalable. having to meet in person (or even > hear each other over the phone) everyone that I want to communicate > with is a hassle. of course it's not scalable. the web of trust exists for a reason :) everything comes at a price. that's why there are key signing parties, to meet and exchange signatures; that would not have happened under normal circumstances. after having been on some key signing parties, that all follow the same basic procedures (check key ID & the identity of its owner), i can only recommend to attend one. > 2. WoT is problematic in that it is very sparse. For example, try to > find a path from my key by which I've signed this mail to somebody > you trust. My problem is that I can't find another GPG user whom I can > meet in person and arrange key signing. well, the WoT clearly indicates that one should not trust a key until one can resonably sure by means that oneself deems fit. one just does not have to find a complete link; to some extend, one just has to lay emphasis on "trust". the level of signature, in my point of view, emphasises this issue. f.e. real life people use key signing robots. i don't, cos i only sign keys of real people. i distinguish between having met in real life, having verified one's identitiy in best possible terms (resulting in level 3 sigs) and level 2 sigs that sufficiently match my criteria for signing. http://bitfalle.org/keys/gpg-key-signing-policy.php level 2 signatures don't require having met in person. there are schemes to sufficiently prove the signee's identity. > And the final 'objection' is more of a philosophical one: what is > IDENTITY? If I know a person only by email, then that email *is* > the person to me. And I know many people just by email and we are > probably never going to meet IRL, except for some strange > coincidence. well, to some extent one has to make a compromise. for that reason key signing policies exist. check the web and create your own. i'm sure there you can exchange key fingerprints over the telephone :) and i encourage you to use that feature. keep in mind that it's totally up to yourself with which level of signature you sign a key. however, i strongly suggest cross-signing. > Imagine a situation like this: suppose that, hypothetically, I find > two different keys on the key server named to "Neil Williams > ", each with some number of signatures (let's > say almost equal). If none of these keys has a path of signatures > that leads to some person that I personally trust to sign keys > properly.. how am I to decide WHICH of these keys is the "real" > one? imagine you would find two telephone numbers listed in a directory under the very same name. how are you to decide which one of these numbers is the correct one? the number of ppl also listing one number in a commercial directory, e.g. "having conducted successfull business with" is equal. again, what would you do? you can't solely rely on email. period. one just has to resort to some sort of instant communication. be it classical telephone, instant messanger, whatever. even snail mail might do the trick for you.... you chose. you sign. it's your call. > And most of the time I'm not really that concerned about > communicating with "the real" Neil Williams, but more with the fact > that some set of mails came from the *same person* that happens to > (rightfully, or not) claim that his name is Neil Williams. geez... well, let's ignore this one for the sake of key signatures, will you? a good sense of paranoia is good, but it really can be distracting sometimes... -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051022/265c9fa6/attachment.pgp From linux at codehelp.co.uk Sat Oct 22 23:14:58 2005 From: linux at codehelp.co.uk (Neil Williams) Date: Sat Oct 22 23:13:51 2005 Subject: Delete key from keyserver In-Reply-To: <20051022202010.GA7575@zax.ifi.uio.no> References: <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575@zax.ifi.uio.no> Message-ID: <200510222215.02476.linux@codehelp.co.uk> On Saturday 22 October 2005 9:20 pm, zvrba@globalnet.hr wrote: > > The web of trust enables such verification - if you can't meet me in > > person, you can verify my key by having your key signed by someone who > > has met me (there are lots). > > > > Until that happens, you have no way of trusting that this key belongs to > > the named person. None. The signature simply means that the message has > > not been tampered since being signed. > > I have few objections to this. Objections don't change the reality. No-one but you can trust your key. > 1. meeting in person is not scalable. having to meet in person (or even > hear each other over the phone) everyone that I want to communicate > with is a hassle. As I said, you can verify my key via someone else. Once your key is in the "strong set" this becomes a lot easier. I regularly come across keys used on this list that are instantly verified by the web of trust. The web of trust is scalable - you just need the opportunity to get signatures. This is an area where we largely make our own opportunities. I have not met everyone I can trust via the web of trust. From David's stats, I have 20 or so signatures that link within the main set and I can trust some 1400 keys that way. > 2. WoT is problematic in that it is very sparse. In certain areas, maybe. The only solution to that is to get more keysigning done. > For example, try to > find a path from my key by which I've signed this mail to somebody > you trust. ? That key has NO signatures other than yourself! There's no way anyone can trust it. There are NO paths. Instead, try looking for a path from Werner to me, or Jason Harris or some of the Debian developer keys. http://www.cs.uu.nl/people/henkp/henkp/pgp/pathfinder/ http://www.lysator.liu.se/~jc/wotsap/search.html See also these images of my keyrings: http://www.dcglug.org.uk/linux_uk/dclugkeyring.png http://gnupg.neil.williamsleesmill.me.uk/personal.png > My problem is that I can't find another GPG user whom I can > meet in person and arrange key signing. Sorry to hear that but how hard have you tried? Have you travelled to somewhere that other key users might be expected to gather, like exhibitions or Linux meetings? Do you have a LUG in your area and have you joined? You aren't listed on biglumber so that's one avenue you haven't tried. "Sorry, no matches were found. That key has not been added to biglumber yet. Below is a list of user IDs from their key: you may wish to contact them and ask that they add themselves. Zeljko Vrba (UNIST-OSS) " http://www.biglumber.com/x/web?mp=1 The way the web of trust works is that small, local, groups (like a LUG) sign each other's keys. At some point, one LUG member travels outside the local area and meets other key users at an exhibition etc. That keysigning links the small, isolated, ring into the main keyring. As this repeats, more and more strands are added to link the local group more and more tightly to the main "strong set". The strong set represents the keys that are closest to each other across the entire keyring and is populated by lots of package maintainers for the various distributions like Debian (because we use keys to authenticate uploads) and leading lights in the GnuPG/PGP and GNU world - like Werner, Peter Palfrader, Martin Michlmayr and Richard Stallman > And the final 'objection' is more of a philosophical one: what is IDENTITY? For keysigning, that is: 1. Verify the physical person by a method of photographic ID that is widely accepted, e.g. passport. 2. Verify the fingerprint of the key using a print out given to you by that person face to face. 3. Verify the email address (possibly using tools like cabot). > If I know a person only by email, then that email *is* the person to me. No. It's just an email address - there could be any number of people with access to that email inbox. What you need to verify is the person with access to the private key. > And I know many people just by email and we are probably never going to > meet IRL, except for some strange coincidence. Same here, it hasn't stopped me getting lots of signatures. > Imagine a situation like this: suppose that, hypothetically, I find two > different keys on the key server named to "Neil Williams > ", each with some number of signatures (let's say > almost equal). That's not hard, I have a second key with similar signatures. See 0xA897FD02. > If none of these keys has a path of signatures that leads to > some person that I personally trust to sign keys properly.. how am I to > decide WHICH of these keys is the "real" one? You cannot. You need to verify the person behind the key, either directly or via someone who HAS signed your key. > And most of the time I'm not really that concerned about communicating > with "the real" Neil Williams, The point is that verification is important for encryption and verification of package uploads. Email signatures are often just tamper-evidence. Keysigning is testifying to the world that you have verified the person, the fingerprint and the email. > but more with the fact that some set of > mails came from the *same person* that happens to (rightfully, or not) > claim that his name is Neil Williams. That is all you can judge with your key as is. If you want a formalised external method of identity verification, consider using x.509 and people like Thawte will provide an alternative to GnuPG's personal (face-to-face) methods. -- Neil Williams ============= http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051022/e7fe1d52/attachment.pgp From linux at codehelp.co.uk Sat Oct 22 23:42:30 2005 From: linux at codehelp.co.uk (Neil Williams) Date: Sat Oct 22 23:41:18 2005 Subject: Delete key from keyserver In-Reply-To: <200510222215.02476.linux@codehelp.co.uk> References: <20051022202010.GA7575@zax.ifi.uio.no> <200510222215.02476.linux@codehelp.co.uk> Message-ID: <200510222242.33766.linux@codehelp.co.uk> On Saturday 22 October 2005 10:14 pm, Neil Williams wrote: > I have not met everyone I can trust via the web of trust. From David's > stats, I have 20 or so signatures that link within the main set and I can > trust some 1400 keys that way. Sorry, that should be Jason's stats, not David's. Look for this message from Jason Harris for more info: new (2005-10-16) keyanalyze results (+sigcheck) 16/10/2005 11:54 pm -- Neil Williams ============= http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051022/56645a38/attachment.pgp From alphasigmax at gmail.com Sun Oct 23 06:49:53 2005 From: alphasigmax at gmail.com (Alphax) Date: Sun Oct 23 06:52:53 2005 Subject: Delete key from keyserver In-Reply-To: <200510222215.02476.linux@codehelp.co.uk> References: <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575@zax.ifi.uio.no> <200510222215.02476.linux@codehelp.co.uk> Message-ID: <435B1671.6070800@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Neil Williams wrote: > On Saturday 22 October 2005 9:20 pm, zvrba@globalnet.hr wrote: > >>2. WoT is problematic in that it is very sparse. > > > In certain areas, maybe. The only solution to that is to get more keysigning > done. > And to get more people using OpenPGP. Does anyone have a document called (eg.) "Why you should use OpenPGP" or similar? I've read the GNU Privacy Handbook and it's more of a HOWTO than a WHYTO. > >> My problem is that I can't find another GPG user whom I can >> meet in person and arrange key signing. > > > Sorry to hear that but how hard have you tried? Have you travelled to > somewhere that other key users might be expected to gather, like exhibitions > or Linux meetings? Do you have a LUG in your area and have you joined? You > aren't listed on biglumber so that's one avenue you haven't tried. > Do you have to be a Linux user to join a LUG? > If you want a formalised external method of identity verification, consider > using x.509 and people like Thawte will provide an alternative to GnuPG's > personal (face-to-face) methods. > Several people who I've tried to get using OpenPGP just "don't get it" because it's "too hard to integrate with (email client, usually Mail.app)" and have gone for Thawte X.509 certificates instead. And then they never use them. - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ1sWcLMAAH8MeUlWAQgMPQf/X95j8y150Mywibv57CozFL8ECuEXAiMr NjYbhLIsbAC3hDeJcCCT13/QVdEALbx9jrqZqUyPfoXcm8NnBPQ3HaJQYiq3srtb 9piGASaFt4YMB3RqOKsLDSv2dJrTrpr7IyTt3irDoVKq5bipynMGy709JaUwZlpt hpcD4WJyUbbNq5Vra4uiEj+UGzZ+WA7w8Lv1JVP7+BJALHsKIJ3N+WO4avsSp/DS hs96WqK2GM1cAAFsuYDBPkMOoqtNublc0nmAkeRJmfr2LknkIbrUxEjWpASJnyoV /jKOHYNq6usNQBUDrj1t66q6Xm72KNE371eIUeFoZq5G3IGdsbqHKQ== =pZ6A -----END PGP SIGNATURE----- From johnmoore3rd at joimail.com Sun Oct 23 06:10:52 2005 From: johnmoore3rd at joimail.com (John W. Moore III) Date: Sun Oct 23 08:36:14 2005 Subject: Delete key from keyserver In-Reply-To: <200510222215.02476.linux@codehelp.co.uk> References: <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575@zax.ifi.uio.no> <200510222215.02476.linux@codehelp.co.uk> Message-ID: <435B0D4C.3090801@joimail.com> Neil Williams wrote: > As I said, you can verify my key via someone else. Once your key is in the > "strong set" this becomes a lot easier. I regularly come across keys used on > this list that are instantly verified by the web of trust. > > The web of trust is scalable - you just need the opportunity to get > signatures. This is an area where we largely make our own opportunities. > > I have not met everyone I can trust via the web of trust. From David's stats, > I have 20 or so signatures that link within the main set and I can trust some > 1400 keys that way. Ergo, from Neil I show a "Green" stripe, indicating that our Keys have "bumped into each other" since upon checking, I see no sig from Neil on my Key. JOHN :) From johnmoore3rd at joimail.com Sun Oct 23 05:48:26 2005 From: johnmoore3rd at joimail.com (John W. Moore III) Date: Sun Oct 23 08:36:35 2005 Subject: Delete key from keyserver In-Reply-To: <20051022211201.GA3348@dantooine> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575@zax.ifi.uio.no> <20051022211201.GA3348@dantooine> Message-ID: <435B080A.60001@joimail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 And, of course I read this with Enigmail telling me that I received an "UNTRUSTED, Good Signature" from you. Of course, I could slap a "Local Sig" on your Key, but I prefer letting the Blue stripes remind me that we haven't met, nor have our Keys "bumped into each other" via the WoT. JOHN :) - -- My Homepage: http://tinyurl.com/9ubue Gossamer Spider Web of Trust: http://www.gswot.org Open PGP Key: http://tinyurl.com/8cpho Encrypted Email is a Courtesy & Appreciated!! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: http://www.gswot.org Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEcBAEBCAAGBQJDWwgIAAoJEBCGy9eAtCsPj4EIAJOxiUrS8NHSVme8Fngwvr0Z 7JHCfYsAoP2bpx/cvw40sRVN8he6qz9Jhn8nBvfX9G9AERdZ9q9l1/XBU7ubna+b 4MvUOxNdLHCG/8ygR8mw96BdjX2FlIQh+paxj+8EU5+eRpXcG/d5wh/mfxdhJvg9 LggZdY9rzBOxIu6QkJNMgHnubYkU9jd6XP0qxGVBxe71htTcrrj/dwj2l+GaxJHX DTNeT9AchZ+THGvouuBPoHwYbGh6ZTF5yQsOvvxvYGTHOSYGxUrUjyFI4XfKOqPS WXqE62kkQZ+GVr+J1vJv7lCQ9ysAF7eeNVct0+Y+1cSs/YfM58DU9htIaFdqaEQ= =kZ5K -----END PGP SIGNATURE----- From johnmoore3rd at joimail.com Sun Oct 23 05:54:37 2005 From: johnmoore3rd at joimail.com (John W. Moore III) Date: Sun Oct 23 08:37:03 2005 Subject: Delete key from keyserver In-Reply-To: <200510222215.02476.linux@codehelp.co.uk> References: <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575@zax.ifi.uio.no> <200510222215.02476.linux@codehelp.co.uk> Message-ID: <435B097D.2030709@joimail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Neil Williams wrote: > As I said, you can verify my key via someone else. Once your key is in the > "strong set" this becomes a lot easier. I regularly come across keys used on > this list that are instantly verified by the web of trust. > > The web of trust is scalable - you just need the opportunity to get > signatures. This is an area where we largely make our own opportunities. > > I have not met everyone I can trust via the web of trust. From David's stats, > I have 20 or so signatures that link within the main set and I can trust some > 1400 keys that way. Ergo, from Neil I show a "Green" stripe, indicating that our Keys have "bumped into each other" since upon checking, I see no sig from Neil on my Key. JOHN :) - -- Technology....is a queer thing. It brings you great gifts with one hand, and stabs you in the back with the other. --C.P. Snow -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: http://www.gswot.org Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEcBAEBCAAGBQJDWwl7AAoJEBCGy9eAtCsPKNAH+wc28yAz26idk/KAWmT2t37f dcBA7GozR+N9Gv3VJs7EbSippdGOJRxW9AdcEFd0q4oDmLZ0uVQeaNga3ttFaVC1 QTZVlSTwqnKvRdsasI4jJKct4c4C5nDANm11sRO/W4aQYNci4tNutKSEVICL//ZL nsK44CQwb+fzXVrc7G7daunszvrKDICfBzpJQ4KzUFDcUvrys1Gx+vuV7+ujF7fS wCDe0NVJQGYFo7Ivq2vhtDnuHdvbFD+2jf5kqtNrNw0Op86m6AE/ThnwlQuMTp3x 1xKRh0GjH+aGdYwLibNLGLYR77zzpYGFPkz2HCDVShaPYcLBTngyx7i59nDGplk= =sgOX -----END PGP SIGNATURE----- From zvrba at globalnet.hr Sun Oct 23 09:15:51 2005 From: zvrba at globalnet.hr (zvrba@globalnet.hr) Date: Sun Oct 23 09:15:37 2005 Subject: Delete key from keyserver In-Reply-To: <200510222215.02476.linux@codehelp.co.uk> References: <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575@zax.ifi.uio.no> <200510222215.02476.linux@codehelp.co.uk> Message-ID: <20051023071551.GA5441@zax.ifi.uio.no> On Sat, Oct 22, 2005 at 10:14:58PM +0100, Neil Williams wrote: > > ? That key has NO signatures other than yourself! There's no way anyone can > trust it. There are NO paths. > It does, look at: http://pks.aaiedu.hr:11371/pks/lookup?op=vindex&search=0x16DA1F1690887E13 http://pks.aaiedu.hr:11371/pks/lookup?op=vindex&search=0x5081D08A1DC7E994 Both are signed by my master key which in turn is signed by a friend. My scheme is having one "master key" and then I get people to sign that master key, which I in turn use to sign my other ad-hoc keys. To avoid further confusion, the key is signed by zeljko.vrba at gmail.com > > Sorry to hear that but how hard have you tried? Have you travelled to > Now I'm going to hide.. in fact, not. I tried finding someone while writing the previous mail and.. well, I've succeeded. > > Keysigning is testifying to the world that you have verified the person, the > fingerprint and the email. > I'm aware of that. > > If you want a formalised external method of identity verification, consider > using x.509 and people like Thawte will provide an alternative to GnuPG's > personal (face-to-face) methods. > Actually, at one point in time I did think about getting myself a "real" X.509 certificate and use it as "my own CA" certificate by which I sign my other ad-hoce keys as I see fit. The thing I don't like about commercial X.509 certificates is their short lifetime. It's a pure ripoff and no-work money generator for the CA, after you get your 1st certificate. I have yet to play a bit with gpgsm and see how well can you mix PGP and X.509 keys. I.e. can I use my X.509 cert to sign other people OpenPGP keys? Can I at least re-use the X.509 private key for my own OpenPGP key? -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051023/19a26881/attachment.pgp From zvrba at globalnet.hr Sun Oct 23 09:27:41 2005 From: zvrba at globalnet.hr (zvrba@globalnet.hr) Date: Sun Oct 23 09:27:33 2005 Subject: Delete key from keyserver In-Reply-To: <20051022211201.GA3348@dantooine> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575@zax.ifi.uio.no> <20051022211201.GA3348@dantooine> Message-ID: <20051023072741.GB5441@zax.ifi.uio.no> On Sat, Oct 22, 2005 at 11:12:01PM +0200, markus reichelt wrote: > > http://bitfalle.org/keys/gpg-key-signing-policy.php > I don't feel like reading the GNU documentation license, so a short question: may I reuse and adapt this text to my own needs? [I'll give you a proper credit] > > imagine you would find two telephone numbers listed in a directory > under the very same name. how are you to decide which one of these > numbers is the correct one? the number of ppl also listing one number > in a commercial directory, e.g. "having conducted successfull > business with" is equal. again, what would you do? > heh, nice analogy. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051023/fe005e6f/attachment.pgp From alphasigmax at gmail.com Sun Oct 23 11:01:13 2005 From: alphasigmax at gmail.com (Alphax) Date: Sun Oct 23 11:04:04 2005 Subject: GFDL (was: delete key from server) In-Reply-To: <20051023072741.GB5441@zax.ifi.uio.no> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575@zax.ifi.uio.no> <20051022211201.GA3348@dantooine> <20051023072741.GB5441@zax.ifi.uio.no> Message-ID: <435B5159.6030809@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 zvrba@globalnet.hr wrote: > On Sat, Oct 22, 2005 at 11:12:01PM +0200, markus reichelt wrote: > >>http://bitfalle.org/keys/gpg-key-signing-policy.php >> > > I don't feel like reading the GNU documentation license, so a short > question: may I reuse and adapt this text to my own needs? [I'll give > you a proper credit] > > The GFDL says you can modify it so long as the work you produce is also under the GFDL, and gives attribution to the original authors. In practical terms online, it's best to link back to the original source when doing so. Basically you just need to say "this keysigning policy is derived from the keysigning policy of markus reichelt (link), and is licensed under the GNU Free Documentation License (link)". It might also be good to state (and link) the sources that his policy was derived from. Oh, one other thing: You need to make the source of the document (a "transparent copy" in legalese) available. Plain HTML is pretty OK for that. HTH, - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ1tRWLMAAH8MeUlWAQhQjAf9GSvlGM5fgzrpHbfuKQNt2vGUcZPcC9Zi PCzRMM7EzT7qs+kOQMizftq2eNgHkH6Uwp8eNhl5Y77PWoW0abvNncaS1jeCDD1n h7qqsbWK+brgg+IVv/sOP8Emn38IbTY5bG9pvcMZumlR0UWWULTwkUcF/sCx3E+g zrgKAQYCQ0xDimHhiVVi4RQa1vlefmGBvRYHyD2cZrFxOw0OBpwcNKrXrgoB8i9G cmK0fqI2GdaBz0dFpOVr4z6wHQy5wITKpns9Bs/5QjCx3AfTVIheEn/R0qwXxAJ3 nWpm7y3Ka0axxgunZUxfjC4U9RDV0jCBy8usH1K/pmUqSe2xNyJTPA== =CZEf -----END PGP SIGNATURE----- From bob.henson at galen.org.uk Sun Oct 23 11:06:02 2005 From: bob.henson at galen.org.uk (Bob Henson) Date: Sun Oct 23 11:05:59 2005 Subject: Delete key from keyserver In-Reply-To: <20051023071551.GA5441@zax.ifi.uio.no> References: <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575@zax.ifi.uio.no> <200510222215.02476.linux@codehelp.co.uk> <20051023071551.GA5441@zax.ifi.uio.no> Message-ID: <435B527A.1080209@galen.org.uk> zvrba@globalnet.hr wrote: >> If you want a formalised external method of identity verification, consider >> using x.509 and people like Thawte will provide an alternative to GnuPG's >> personal (face-to-face) methods. >> > Actually, at one point in time I did think about getting myself a "real" > X.509 certificate and use it as "my own CA" certificate by which I sign > my other ad-hoce keys as I see fit. The thing I don't like about commercial > X.509 certificates is their short lifetime. It's a pure ripoff and no-work > money generator for the CA, after you get your 1st certificate. You don't have to pay for X.509 certificates, not for personal use any way. Thawtes issue free personal certificates, and so do CAcert. http://www.cacert.org/ The latter publish their Root Authority PGP key on their website, which you can import to your keyring and use as a partial "bridge" across the two types of verification. For example, with their PGP key on my keyring, if I sign (locally, I cannot credit it with sufficient trust to sign with an exportable signature, since I cannot meet with them and fully verify it) their key it assigns a degree of trust to John W Moore III's key, since his key has been signed by their key already. One of my keys has been signed by Thawtes (they don't do this any more - I guess for commercial reasons) so there is a partial bridge there to another system. However, the only key on my keyring which is fully trusted is Neil's, since we have met up and correctly verified our keys. > I have yet to play a bit with gpgsm and see how well can you mix PGP and > X.509 keys. I.e. can I use my X.509 cert to sign other people OpenPGP keys? > Can I at least re-use the X.509 private key for my own OpenPGP key? I haven't used gpgsm, but I have fully functional X.509 key pairs on my key ring and can sign OpenPGP keys with them. If you have a running copy of PGP on your system you can import X.509 certificates to PGP and then export them as armoured ASCII files, which you can then import straight into OpenPGP. BTW, do you live anywhere near Pula? If so, and you can wait for another year till I make my annual visit to my friends there, we might be able to solve part of your problem with not being able to meet people to countersign any keys. The downside is, I haven't got many signatures on mine either, so it's no big deal :-( Regards, Bob -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 254 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051023/7bb119ee/signature.pgp From linux at codehelp.co.uk Sun Oct 23 12:06:29 2005 From: linux at codehelp.co.uk (Neil Williams) Date: Sun Oct 23 12:05:18 2005 Subject: Delete key from keyserver In-Reply-To: <20051023071551.GA5441@zax.ifi.uio.no> References: <200510222215.02476.linux@codehelp.co.uk> <20051023071551.GA5441@zax.ifi.uio.no> Message-ID: <200510231106.32957.linux@codehelp.co.uk> On Sunday 23 October 2005 8:15 am, zvrba@globalnet.hr wrote: > On Sat, Oct 22, 2005 at 10:14:58PM +0100, Neil Williams wrote: > > ? That key has NO signatures other than yourself! There's no way anyone > > can trust it. There are NO paths. > > It does, look at: > http://pks.aaiedu.hr:11371/pks/lookup?op=vindex&search=0x16DA1F1690887E13 > http://pks.aaiedu.hr:11371/pks/lookup?op=vindex&search=0x5081D08A1DC7E994 That path is circular - it leads to your "master" key, to one signature and then back to you. It doesn't lead to any keys in the strong set. > Both are signed by my master key which in turn is signed by a friend. My > scheme is having one "master key" and then I get people to sign that > master key, which I in turn use to sign my other ad-hoc keys. There is still no way the web of trust can help your key become trusted without a signature that links you into the main key sets - preferably the strong set. Compare with some of the paths from my key (including the path (v.short path) from me to Bob Henson who also replied to your query). (Hi Bob!). :-) Bob wrote: > The downside is, I haven't got many signatures on mine either, so > it's no big deal :-( You have enough for your key to be in the strong set: http://www.cs.uu.nl/people/henkp/henkp/pgp/pathfinder/stats/31C737BD.html The most useful thing to do for anyone seeking signatures is to join biglumber.com - it's linked into the keyserver at kjsl.com (http://keyserver.kjsl.com:11371/) which makes it very useful for following paths and working out who could be available for keysigning if you are travelling. With a biglumber listing, Bob wouldn't have had to ask on the list, he could have simply looked up the details from the keyserver output. -- Neil Williams ============= http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051023/c47e5b27/attachment.pgp From cedar at 3web.net Sun Oct 23 15:48:39 2005 From: cedar at 3web.net (cdr) Date: Sun Oct 23 15:50:00 2005 Subject: Delete key from keyserver In-Reply-To: References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> Message-ID: <435B94B7.7000706@3web.net> Albert Reiner wrote: > P.S.: A slightly less inflammatory tone would not have harmed either. The tone of "How come King's bum is bare!?" was, no doubt, considered inflammatory by the Court. cdr From dshaw at jabberwocky.com Sun Oct 23 16:11:59 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Sun Oct 23 16:12:59 2005 Subject: Delete key from keyserver In-Reply-To: <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> Message-ID: <20051023141159.GA9745@jabberwocky.com> On Sat, Oct 22, 2005 at 06:26:51PM +0200, B. Kuestner wrote: > all: Joe Smith has no way of fixing the situation, even if he is > legitimate owner of the joesmith@hisdomain.com e-mail address. > > It strikes me, that GNU-supporters would bash MS (or for that reason > any vendor of proprietary software) for dishing out once more a > thoughtless, immature and insecure software design. > > I understand it must not be simple to revoke or disable keys. But it > shouldn't be impossible either, especially in the light of anybody's > capability to put public keys under my name on the server. > > Am I missing something? > > >It's an inherent scaling problem of the keyserver net. I've > >seen estimates that the majority of the keys on the keyserver net are > >not used for one reason or another, but can't be deleted. Even with > >the garbage keys, the keyserver database isn't too large to be served > >though. > > Well, my issue is not so much with the keyservers. I guess with > faster and more hardware this scheme could be maintained for decades. > > But if the keyservers are not directories to look up public keys, > then what are they? And if they are meant as directories, how good > are they if they are flooded with garbage keys. > > >The PGP company is running a different sort of keyserver at > >http://keyserver.pgp.com. This type of keyserver allows you to remove > >keys if you can prove (by answering an email challenge) that you have > >access to the email address on the key. This keyserver obviously does > >not synchronize with the others, however. > > Can gpg use this keyserver? It is listed in the settings of my MacPG. GPG can use this keyserver. Just set: keyserver ldap://keyserver.pgp.com in your gpg.conf file (or whatever GUI you happen to be using). > Is using this server recommendable for everybody? This is a harder question. I would unhesitatingly recommend it for beginning users. It's also useful for any level user who wants to simplify the whole key selection process - it guarantees there is only one key per email address. If you want to mail to a particular address, there is no question which is the "right" key, as there is only the one key there. I believe it is also the default keyserver for PGP users. Some people do not like this server as it does email address verification (via sending a mail to the email address on the key, if any), and then signs the key. These signatures are reissued every 2 weeks or so if people keep requesting the key. The list of signatures can get long. Both PGP and GPG have features to delete the expired ones. David From linux at codehelp.co.uk Sun Oct 23 11:53:50 2005 From: linux at codehelp.co.uk (Neil Williams) Date: Sun Oct 23 18:03:04 2005 Subject: Delete key from keyserver In-Reply-To: <435B1671.6070800@gmail.com> References: <200510222215.02476.linux@codehelp.co.uk> <435B1671.6070800@gmail.com> Message-ID: <200510231053.50906.linux@codehelp.co.uk> On Sunday 23 October 2005 5:49 am, Alphax wrote: > Neil Williams wrote: > > The only solution to that is to get more > > keysigning done. > > And to get more people using OpenPGP. Does anyone have a document called > (eg.) "Why you should use OpenPGP" or similar? I've read the GNU Privacy > Handbook and it's more of a HOWTO than a WHYTO. I've got a v.v.brief one: http://gnupg.neil.williamsleesmill.me.uk/#attachments It's just why I use gnupg rather than a treatise on why someone else should use it. It is GFDL. There's also general stuff here: http://www.dclug.org.uk/linux_adm/gnupg.html Elements of each could be combined - the FAQ isn't expressly GFDL but if it's used for GFDL material I would have no objection. If that work is sent back to me, I would also be v.happy to publish it as part of the first site, under the GFDL. :-) Don't worry about the HTML, a plain text version crafted from these and other sources would be fine - as long as it can go under the GFDL. > Do you have to be a Linux user to join a LUG? No, you just have to be interested in GNU type stuff - and in most LUG's GnuPG qualifies as relevant. > Several people who I've tried to get using OpenPGP just "don't get it" > because it's "too hard to integrate with (email client, usually > Mail.app)" and have gone for Thawte X.509 certificates instead. And then > they never use them. Bad choice of email client! :-) There are plenty of email clients that integrate gpg/pgp very easily. The resistance is not against gnupg itself but against the change of email client / problems with the existing client. -- Neil Williams ============= http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051023/7640f32b/attachment.pgp From bob.henson at galen.org.uk Sun Oct 23 18:16:43 2005 From: bob.henson at galen.org.uk (Bob Henson) Date: Sun Oct 23 18:16:55 2005 Subject: Delete key from keyserver In-Reply-To: <20051023141159.GA9745@jabberwocky.com> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <20051023141159.GA9745@jabberwocky.com> Message-ID: <435BB76B.9090208@galen.org.uk> David Shaw wrote: > On Sat, Oct 22, 2005 at 06:26:51PM +0200, B. Kuestner wrote: > >> all: Joe Smith has no way of fixing the situation, even if he is >> legitimate owner of the joesmith@hisdomain.com e-mail address. >> >> It strikes me, that GNU-supporters would bash MS (or for that reason >> any vendor of proprietary software) for dishing out once more a >> thoughtless, immature and insecure software design. >> >> I understand it must not be simple to revoke or disable keys. But it >> shouldn't be impossible either, especially in the light of anybody's >> capability to put public keys under my name on the server. >> >> Am I missing something? >> >> >It's an inherent scaling problem of the keyserver net. I've >> >seen estimates that the majority of the keys on the keyserver net are >> >not used for one reason or another, but can't be deleted. Even with >> >the garbage keys, the keyserver database isn't too large to be served >> >though. >> >> Well, my issue is not so much with the keyservers. I guess with >> faster and more hardware this scheme could be maintained for decades. >> >> But if the keyservers are not directories to look up public keys, >> then what are they? And if they are meant as directories, how good >> are they if they are flooded with garbage keys. >> >> >The PGP company is running a different sort of keyserver at >> >http://keyserver.pgp.com. This type of keyserver allows you to remove >> >keys if you can prove (by answering an email challenge) that you have >> >access to the email address on the key. This keyserver obviously does >> >not synchronize with the others, however. >> >> Can gpg use this keyserver? It is listed in the settings of my MacPG. > > GPG can use this keyserver. Just set: > > keyserver ldap://keyserver.pgp.com > > in your gpg.conf file (or whatever GUI you happen to be using). > >> Is using this server recommendable for everybody? > > This is a harder question. I would unhesitatingly recommend it for > beginning users. It's also useful for any level user who wants to > simplify the whole key selection process - it guarantees there is only > one key per email address. If you want to mail to a particular > address, there is no question which is the "right" key, as there is > only the one key there. > > I believe it is also the default keyserver for PGP users. > > Some people do not like this server as it does email address > verification (via sending a mail to the email address on the key, if > any), and then signs the key. These signatures are reissued every 2 > weeks or so if people keep requesting the key. The list of signatures > can get long. Both PGP and GPG have features to delete the expired > ones. > > David That's not the only reason though. The PGP Global Keyserver is dangerous, as well as a nuisance, for a number of reasons. As it only shows one key on a search for a users name, it might cause people to miss a revoked key and continue using it. Similarly, because it doesn't synchronise with other servers, such a key could be missed. My key was on there because I tried PGP 9.x and it puts it there without asking - most undesirable in itself - but at least by ignoring the requests to repeat the e-mail verification it should have been removed by now. The "verification" is dangerous in itself, since people may rely on the server signature for trust - which is not a good idea for obvious reasons - anyone could upload a key from a particular address, and e-mail verification *alone* is of little value. If anyone *does* use it, whatever you do *don't* sign the PGP verification key, as it will impart an unwarranted trust to other keys signed with the same key. My advice (shared by many more knowledgeable than I) would be to steer clear of it at all costs. Regards, Bob -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 254 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051023/1b8c38d7/signature.pgp From dshaw at jabberwocky.com Sun Oct 23 19:27:05 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Sun Oct 23 19:27:29 2005 Subject: The never-ending GD discussion, part 74 (was Re: Delete key from keyserver) In-Reply-To: <435BB76B.9090208@galen.org.uk> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <20051023141159.GA9745@jabberwocky.com> <435BB76B.9090208@galen.org.uk> Message-ID: <20051023172705.GB9745@jabberwocky.com> On Sun, Oct 23, 2005 at 05:16:43PM +0100, Bob Henson wrote: > > Some people do not like this server as it does email address > > verification (via sending a mail to the email address on the key, if > > any), and then signs the key. These signatures are reissued every 2 > > weeks or so if people keep requesting the key. The list of signatures > > can get long. Both PGP and GPG have features to delete the expired > > ones. > That's not the only reason though. The PGP Global Keyserver is dangerous, as > well as a nuisance, for a number of reasons. As it only shows one key on a > search for a users name, it might cause people to miss a revoked key and > continue using it. This is a misunderstanding about the Global Directory. It does not, is not designed to, and should not give more than one key for a given email address. The GD says "This is the key. Period. There is no other key. Take this key and use it. Have A Nice Day.". The goal of the GD is specifically NOT to say, "This is the key. Here are a few more keys. Well, here's another one that the person may or may not have lost the passphrase for. Oops, found another one. And this one too. Now figure out which one, if any, you should use!" It always amuses me that people complain bitterly about the GD storing one key per email address, but don't complain, for example, about people putting their key up on a web page. After all, they may contain only one key, and might cause people to miss a revoked key. ;) > The "verification" is dangerous in itself, since people may rely on > the server signature for trust - which is not a good idea for > obvious reasons - anyone could upload a key from a particular > address, and e-mail verification *alone* is of little value. Completely untrue. For the huge majority of users, email verification is sufficient. The GD is one-stop shopping for them: they get a single key that points to an email address that has been checked. Sure beats 3-4 keys on the keyserver and having to parse out the web of trust to see which one to use... only to find that more than one was in the web of trust, pick one anyway, and then hope the key owner didn't lose the passphrase or just stopped using encryption. Remember that the people who subscribe to this mailing list and have any knowledge of the web of trust are not in any way the huge majority of users. We're a miniscule blip on top of a near nothingness. You assert that e-mail verification alone is of little value. I disagree. I challenge you to make a key with my email address and get the GD to accept it. Let me know when you succeed. David From dougb at dougbarton.net Sun Oct 23 21:41:45 2005 From: dougb at dougbarton.net (Doug Barton) Date: Sun Oct 23 21:41:51 2005 Subject: The never-ending GD discussion, part 74 (was Re: Delete key from keyserver) In-Reply-To: <20051023172705.GB9745@jabberwocky.com> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <20051023141159.GA9745@jabberwocky.com> <435BB76B.9090208@galen.org.uk> <20051023172705.GB9745@jabberwocky.com> Message-ID: <435BE779.2040507@dougbarton.net> David Shaw wrote: > On Sun, Oct 23, 2005 at 05:16:43PM +0100, Bob Henson wrote: >>That's not the only reason though. The PGP Global Keyserver is dangerous, as >>well as a nuisance, for a number of reasons. As it only shows one key on a >>search for a users name, it might cause people to miss a revoked key and >>continue using it. > > > This is a misunderstanding about the Global Directory. It does not, > is not designed to, and should not give more than one key for a given > email address. He didn't say e-mail address, he said name. :) I just checked this for myself, and if I type in "Doug Barton" I get the key that is tied to this e-mail address, but not the other key that I have uploaded to that server. This actually explains a common complaint that I hear from PGP users about not being able to find that other key. So, this turns out to be very useful information, as I now know to tell them to search for my other key by e-mail address (which works, btw). I can see a lot of value in the model you described David, and I agree that at least having a key where the e-mail address has been verified, on a server where users actually have the ability to remove keys, is a good thing. On the other hand, I can see that every other "Doug Barton" in the world is at a significant disadvantage here, since I got there first. :) hth, Doug -- If you're never wrong, you're not trying hard enough From blueness at gmx.net Sun Oct 23 21:47:18 2005 From: blueness at gmx.net (Mica Mijatovic) Date: Sun Oct 23 21:50:34 2005 Subject: The never-ending GD discussion,part 74 In-Reply-To: <20051023172705.GB9745@jabberwocky.com> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <20051023141159.GA9745@jabberwocky.com> <435BB76B.9090208@galen.org.uk> <20051023172705.GB9745@jabberwocky.com> Message-ID: <31178237.20051023214718@gmx.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Was Sun, 23 Oct 2005, at 13:27:05 -0400, when David wrote: > It always amuses me that people complain bitterly about the GD storing > one key per email address, but don't complain, for example, about > people putting their key up on a web page. After all, they may > contain only one key, and might cause people to miss a revoked key. ;) Well, obviously there is no a "perfect" "key carrier" around. (-; If the key could be uploaded (it's as for the "key servers") in an _authorized_ fashion (which is an elementary thing for a server dealing with security/privacy), we wouldn't have to face all these problems and annoyances around. If someone wants a _public_ key serv{er|ice}, then such a service should provide a decent standards first. GD cannot store more than one key per e-mail address (which is a sort of authorization) and this is in the same time a weakness and a good thing. What if I use several keys with the same address (and the name of mine of course) but with different "info" parts denoting the various purposes of the keys? As for the keeping a key on a web page, there is no chance that we could miss a revoked key, if we are into reasons why someone is keeping them this way: the very first thing will be that we'll go to this web page to check for any updates, and not to the public key servers. It turns out that this way is even the best one (so far; and in the "category" of the worldwide scattering of the keys): you can't upload any key without authorization, and you can upload as much of them as you want/need. No reason to complain. As to the other key serv{er|ant}s. Aside from this, though, you can't know who has your key(s). Different categories of keys I suppose have different methods of de|livery. - -- Mica PGP keys nestled at: http://blueness.port5.com/pgpkeys/ ~~~ For personal mail please use my address as it is *exactly* given in my "From|Reply To" field(s). ~~~ Never eat more than you can lift. (Miss Piggy) -----BEGIN PGP SIGNATURE----- iQEVAwUBQ1voxbSpHvHEUtv8AQOdRgf9EN8AaVe0n1DGPIuRZiki/0O6AGA7lsiU RAiPqJb9DDteDAXF+Sf9OSJTKEn5iF56eipQAACuHm+L2jwWznirnXWNNhSTptz/ a7+q037hw/sk5tvn6O+tquecM/VSIHvntnaux9TUaEpwk1bfedir3IlWvIK4JB55 DmfHD13NbrQfhd4Q2nXKU7Rt72iE+bKnv18ncrG4i4c8Ou//PzBR7+dOJqTXt16C sAFJsyoPUumgsYx8gcfUTAI20UwvRDV2eOz6Wt/9mt9RwPZneVHcY9ryfqr1OrKh QsirZfBEZBSA8DsS7XYyhOEpNqFnH4eoArJ/euozTAFRgK5SsRstmQ== =IRyM -----END PGP SIGNATURE----- From dshaw at jabberwocky.com Sun Oct 23 22:29:21 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Sun Oct 23 22:30:22 2005 Subject: The never-ending GD discussion, part 74 (was Re: Delete key from keyserver) In-Reply-To: <435BE779.2040507@dougbarton.net> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <20051023141159.GA9745@jabberwocky.com> <435BB76B.9090208@galen.org.uk> <20051023172705.GB9745@jabberwocky.com> <435BE779.2040507@dougbarton.net> Message-ID: <20051023202921.GA12088@jabberwocky.com> On Sun, Oct 23, 2005 at 12:41:45PM -0700, Doug Barton wrote: > David Shaw wrote: > > On Sun, Oct 23, 2005 at 05:16:43PM +0100, Bob Henson wrote: > > >>That's not the only reason though. The PGP Global Keyserver is dangerous, as > >>well as a nuisance, for a number of reasons. As it only shows one key on a > >>search for a users name, it might cause people to miss a revoked key and > >>continue using it. > > > > > > This is a misunderstanding about the Global Directory. It does not, > > is not designed to, and should not give more than one key for a given > > email address. > > He didn't say e-mail address, he said name. :) I just checked this > for myself, and if I type in "Doug Barton" I get the key that is > tied to this e-mail address, but not the other key that I have > uploaded to that server. This actually explains a common complaint > that I hear from PGP users about not being able to find that other > key. So, this turns out to be very useful information, as I now know > to tell them to search for my other key by e-mail address (which > works, btw). You always need to search the GD by email address. Name searches don't make sense there, as the GD only verifies the email address. The name on the key is essentially a comment, with no more meaning than any other comment. It's a consequence of the design to handle automated encryption - in that case, an email address may be all you have to work with. In any event, name or email address, the concern with missing a revoked key is sort of a non sequitur as the GD doesn't store revoked keys in the first place. > I can see a lot of value in the model you described David, and I agree that > at least having a key where the e-mail address has been verified, on a > server where users actually have the ability to remove keys, is a good > thing. On the other hand, I can see that every other "Doug Barton" in the > world is at a significant disadvantage here, since I got there first. :) Not necessarily. If another Doug Barton comes along, he could just as easily bump you out. David From kuestner at macnews.de Sun Oct 23 21:48:36 2005 From: kuestner at macnews.de (B. Kuestner) Date: Mon Oct 24 05:51:38 2005 Subject: Delete key from keyserver Message-ID: >> Am I missing something? >> > > The web of trust. (And the documentation, apparently.) > Okay. I got that by now. I think the problem was that MacGPG makes it really easy to get started with GPG: There's a plug-in that integrates nicely with Apple's Mail. And the Keychain Assistant let's you do all the key creation and uploading things easily. That's great. That's a start to get people actually using GPG. But then unlike the command line tools the software does not recommend to make a backup copy of your private key. It does not recommend to make a hard copy of your key. It does not recommend to create a revocation certificate. It also does not explain that downloading a public server means that this key can be trusted. That of course is a not so good start to get people actually using GPG. In my case, there was also a bug: When I tried to delete a key I didn't want, up came a cryptic error message. So after a while since I had just been playing around after all, I thought I just delete my keychain and start from scratch. Did that twice actually for the same reason. And that's how I lost those private keys. Anyway, regarding MacGPG, it's a great software even at 0.3.x. I can only commend the creators for the effort they have put into it so far. Now to prevent that others get bitten like I was I will suggest to the authors that they will build recommended practices into the software. So after creating a key it could prompt the user to export a copy, print a hard copy and create a revocation certificate. The deletion error could be fixed, and before deleting a key, the software could warn of the implications and advice to create a backup copy first somewhere else. Before uploading to a server it could explain the implications of that. And before downloading a key it could again explain some more of the meaning. > P.S.: A slightly less inflammatory tone would not have harmed either. > You're absolutely right. It wasn't meant to be inflammatory, nor was I in an angry mood or something. I was trying to be straight-forward with my reasoning. But after rereading my post when it came back I bit my lip and felt offended by my own words. Ouch! So, please, if somebody took offense at my post, it really was not meant like that. My apologies. Bj?rn From kuestner at macnews.de Sun Oct 23 21:48:36 2005 From: kuestner at macnews.de (B. Kuestner) Date: Mon Oct 24 05:51:52 2005 Subject: Delete key from keyserver Message-ID: <042C78C7-427E-49DB-9B5D-A267F77B6F74@macnews.de> >> Am I missing something? >> >> > > The web of trust. (And the documentation, apparently.) > > Okay. I got that by now. I think the problem was that MacGPG makes it really easy to get started with GPG: There's a plug-in that integrates nicely with Apple's Mail. And the Keychain Assistant let's you do all the key creation and uploading things easily. That's great. That's a start to get people actually using GPG. But then unlike the command line tools the software does not recommend to make a backup copy of your private key. It does not recommend to make a hard copy of your key. It does not recommend to create a revocation certificate. It also does not explain that downloading a public server means that this key can be trusted. That of course is a not so good start to get people actually using GPG. In my case, there was also a bug: When I tried to delete a key I didn't want, up came a cryptic error message. So after a while since I had just been playing around after all, I thought I just delete my keychain and start from scratch. Did that twice actually for the same reason. And that's how I lost those private keys. Anyway, regarding MacGPG, it's a great software even at 0.3.x. I can only commend the creators for the effort they have put into it so far. Now to prevent that others get bitten like I was I will suggest to the authors that they will build recommended practices into the software. So after creating a key it could prompt the user to export a copy, print a hard copy and create a revocation certificate. The deletion error could be fixed, and before deleting a key, the software could warn of the implications and advice to create a backup copy first somewhere else. Before uploading to a server it could explain the implications of that. And before downloading a key it could again explain some more of the meaning. > P.S.: A slightly less inflammatory tone would not have harmed either. > > You're absolutely right. It wasn't meant to be inflammatory, nor was I in an angry mood or something. I was trying to be straight-forward with my reasoning. But after rereading my post when it came back I bit my lip and felt offended by my own words. Ouch! So, please, if somebody took offense at my post, it really was not meant like that. My apologies. Bj?rn From kuestner at macnews.de Sun Oct 23 22:00:06 2005 From: kuestner at macnews.de (B. Kuestner) Date: Mon Oct 24 05:52:18 2005 Subject: Delete key from keyserver Message-ID: > I suggest that you seriously check our Big Lumber at www.biglumber.com > Thanks John. I will. Regarding my personal web of trust: I get a clearer picture now and for starter I'll exchange keys directly with my friends. As for the "unwanted keys" for my e-mail address. At least for now I know that I was the one who put them there. So if somebody uses them to encrypt messages (because he or she thinks like I did that any public key with the right e-mail address assigned to it is good enough), it's not like someone unauthorized would be able to read these messages. Nobody can read them. That's only semi-bad, not really bad, if you know what I mean. (c: Coming as a newbie to all of this, I'd say there's a long way to go until this whole thing is ready for my Mom to use it. And I think that's what we eventually want to do, right? That encrypted messaging becomes the norm, not the exception. Bj?rn From wk at gnupg.org Mon Oct 24 09:13:51 2005 From: wk at gnupg.org (Werner Koch) Date: Mon Oct 24 09:16:44 2005 Subject: handling S/MIME messages with gpgsm In-Reply-To: <20051021130346.GB4335@banach.uvt.nl> (Joost van Baal's message of "Fri, 21 Oct 2005 15:03:46 +0200") References: <20051021130346.GB4335@banach.uvt.nl> Message-ID: <8764rnbd5c.fsf@wheatstone.g10code.de> On Fri, 21 Oct 2005 15:03:46 +0200, Joost van Baal said: > I am having troubles getting S/MIME emails (or CMS blobs) processed by > GPGME. (Since GPGME uses libksba, it _should_ be able to handle these, > I guess). Yes, it does. > For instance, when creating a detached-signed S/MIME email message, > splitting the body off, and de-base64-ing the signature with > recode /Base64 < sig.base64 > sig.CMS I don't know what kind of recode this is. I usually use mimencode -u, > , calling gpgsm gives: > gpgsm --verify sig.CMS body.txt > gpgsm: Signature made 2005-10-21 11:40:54 using certificate ID 090E2BFC > gpgsm: invalid signature: message digest attribute does not match calculated one You did something wrong when parsing the orginal message. For example, you need to make sure that CR,LF are used. Use gpgsm's option --debug 512 to create dump files with the actual data hashed (i.e. signed). Check them. > gpgsm: unsupported algorithm `1.2.840.113549.3.2' > gpgsm: (this is the RC2 algorithm) > gpgsm: message decryption failed: Unsupported algorithm Well, unsupported. > Unfortunately I can't check this operation with openssl, since I have no > way to export the private key from the keystore to a .pem-file, suitable > for import to openssl... gpgsm --export-secret-key-p12 (you better get the latest gpgsm versions because we fixed a couple of bugs recently. > Any pointers or clues are very welcome. If more information about my > setup is needed, I gladly supply these. Check out how Mutt does it. In particular the file crypt-gpgme.c from the 1.5.x series or the CVS head. There is also a tool named tools/gpgparsemail.c in GnuPG 1.9 - it does S/MIME verification. Shalom-Salam, Werner From J.E.vanBaal+gnupg-users at uvt.nl Mon Oct 24 09:40:37 2005 From: J.E.vanBaal+gnupg-users at uvt.nl (Joost van Baal) Date: Mon Oct 24 09:40:29 2005 Subject: handling S/MIME messages with gpgsm In-Reply-To: <8764rnbd5c.fsf@wheatstone.g10code.de> References: <20051021130346.GB4335@banach.uvt.nl> <8764rnbd5c.fsf@wheatstone.g10code.de> Message-ID: <20051024074037.GS16117@banach.uvt.nl> On Mon, Oct 24, 2005 at 09:13:51AM +0200, Werner Koch wrote: > On Fri, 21 Oct 2005 15:03:46 +0200, Joost van Baal said: > > > I am having troubles getting S/MIME emails (or CMS blobs) processed by > > GPGME. > Check out how Mutt does it. In particular the file crypt-gpgme.c from > the 1.5.x series or the CVS head. There is also a tool named > tools/gpgparsemail.c in GnuPG 1.9 - it does S/MIME verification. Thanks a lot, this will surely get me going! Bye, Joost -- Joost van Baal http://abramowitz.uvt.nl/ Tilburg University j.e.vanbaal@uvt.nl The Netherlands -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: Digital signature Url : /pipermail/attachments/20051024/30d1bc2c/attachment.pgp From cedar at 3web.net Mon Oct 24 17:40:30 2005 From: cedar at 3web.net (cdr) Date: Mon Oct 24 17:42:20 2005 Subject: Delete key from keyserver In-Reply-To: References: Message-ID: <435D006E.1020104@3web.net> B. Kuestner wrote: > > Coming as a newbie to all of this, I'd say there's a long way to go > until this whole thing is ready for my Mom to use it. And I think > that's what we eventually want to do, right? That encrypted messaging > becomes the norm, not the exception. Public key systems that attempt to provide a tightly inegrated solution to the key authentication problem require, no matter what, very good understanding of the concepts behind their "automated shell", and are consequently ill-suited for the adoption by the general user population. The sad reality of a decade of their (at best) marginal adoption, restricted almost entirely to computer professionals, demonstrates that beyond a trace of doubt. Encrypted e-mail will become the norm, if and when, one of the following two things happens: a) There is a public key system which leaves key authentication outside of its scope, to be performed by separate means and procedures, by the tiny minority that actually needs it. If that was the case, the system could be made simple enough for effective use by those that have neither the time nor the inclination to develop the ability to use the current system. or: b) There is a general acceptance of the fact that the needs of a vast majority of e-mail users would be adequately served by a simple symmetric system. cdr From kuestner at macnews.de Mon Oct 24 20:41:02 2005 From: kuestner at macnews.de (B. Kuestner) Date: Mon Oct 24 20:40:47 2005 Subject: Delete key from keyserver References: <9B2C777E-6882-4D0D-BF41-7E969236B498@web.de> Message-ID: <7A0CF970-E5A1-4255-80EF-981DCD81FD66@macnews.de> > If anything needs to change it is that the documentation I can more and more see that thanks to everybody's willingness on this list to explain. > That is exactly my point, NOBODY should rely on ANY of that > information to > identify a key. The only identifier for a key is the fingerprint. And documentation should be part of the whole process. There is so much to understand about private and public and passphrase and UID and e-mail access and fingerprint and web of trust and delete/revoke/ disable and ... It will take some serious effort to make this practical for average Joe. By the way, I do work in IT with a bunch of Sun boxes and databases, just never dove into mail encryption until recently. Now if I mess up so badly, then average Joe will, too. Or maybe not, because he or she will give up before that. And he wouldn't look for hidden config directories to delete them from the command line. > Do NOT trust the UID until you can trust the fingerprint. If you > don't have > verification of the fingerprint, you cannot trust the key - at all. > Zip. > Zero. I will suggest to the MacGPG team, that such clear information is also added into the software process, not just a help file. Again, it is great software and there's plenty room from 0.3 to 1.0 for such usability fixes. Bj?rn From hawke at hawkesnest.net Mon Oct 24 23:21:32 2005 From: hawke at hawkesnest.net (Alex Mauer) Date: Mon Oct 24 23:25:09 2005 Subject: Delete key from keyserver In-Reply-To: <20051022202010.GA7575__36061.0443553471$1130012606$gmane$org@zax.ifi.uio.no> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575__36061.0443553471$1130012606$gmane$org@zax.ifi.uio.no> Message-ID: zvrba@globalnet.hr wrote: > > And the final 'objection' is more of a philosophical one: what is IDENTITY? > If I know a person only by email, then that email *is* the person to me. > And I know many people just by email and we are probably never going to > meet IRL, except for some strange coincidence. I find this point to be an important one. The focus of all the GPG documentation and recommendations and so forth is far too much on "real world" identity, i.e. physical documents, passports/drivers license/national ID/etc. But it is not intended, or at least not primarily used, in situations where that matters. It gets the most use in Internet communications, protecting things that are unlikely to get anyone sued or such where tracing a person to their physical identity is useful. For this sort of reason, I was disappointed that GnuPG 1.4.x de-emphasized the "certification levels". It's helpful to be able to state what you're willing to certify ... e.g. a level 3 sig indicates confidence in the name, while a level 1 sig indicates confidence in the email (or whatever someone may use) The UID format is also problematic IMO. GPG (OpenPGP?) strongly "wants" to have a Name and an email address for each UID. I think that this puts emphasis in a bad place, leading people to be signing the fact that e.g. "Alex Mauer belongs with hawke@hawkesnest.net", rather than "Alex Mauer belongs with key 0x51192ff2" and "hawke@hawkesnest.net belongs with key 0x51192ff2". The photo UID type fits much better, being a statement that "this is a photo of the person who uses 0x51192ff2". But it is comparatively easy to verify that the email goes with the key (I'll [locally] trust robots such as keyserver.pgp.com to do this); it is /much/ harder to verify that the name goes with either the key or the email address ... or even the physical person with ID when you meet them. (twins are not sufficiently uncommon) I'd even go so far as to say that it's entirely impossible to be 100% sure. Fortunately the situations where it matters are few and far between, particularly for email over the internet. -- Bad - You get pulled over for doing 90 in a school zone and you're drunk off your ass again at three in the afternoon. Worse - The cop is drunk too, and he's a mean drunk. FUCK! - A mean drunk that's actually a swarm of semi-sentient flesh-eating beetles. OpenPGP key id: 0x51192FF2 @ subkeys.pgp.net -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 382 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051024/caba6b85/signature-0001.pgp From Mark.R.Faine at nasa.gov Mon Oct 24 21:50:02 2005 From: Mark.R.Faine at nasa.gov (Faine, Mark) Date: Mon Oct 24 23:25:50 2005 Subject: Automatically encrypt and sign outgoing mail Message-ID: I've configured system account mail (root, postmaster, etc) to be sent to a user account and then that user account is using a .forward file to send the mail to my workstation where I can review it. I would like to do the same but include an encrypt/sign step into the process. I have created my key on the workstation (Windows using Outlook 2003 and the Outlook MUA plugin. I've created a key for the user who will send the system's mail. I've imported the key into the keyring of this user, signed it and set the trust. I've searched all day for a procmail recipe that would encrypt/sign the message upon arrival in the user mailbox but I've not found anything. I'd like to set it up so that the mail is encrypted and signed to my workstation gnupg key and then the mail is forwarded to my workstation email account. This way all the mail I receive from the system will always be encrypted. Any help would be appreciated. Thanks, -Mark From dshaw at jabberwocky.com Mon Oct 24 23:38:10 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Tue Oct 25 00:06:49 2005 Subject: Delete key from keyserver In-Reply-To: References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575__36061.0443553471$1130012606$gmane$org@zax.ifi.uio.no> Message-ID: <20051024213810.GB14582@jabberwocky.com> On Mon, Oct 24, 2005 at 04:21:32PM -0500, Alex Mauer wrote: > The UID format is also problematic IMO. GPG (OpenPGP?) strongly > "wants" to have a Name and an email address for each UID. I think > that this puts emphasis in a bad place, leading people to be signing > the fact that e.g. "Alex Mauer belongs with hawke@hawkesnest.net", > rather than "Alex Mauer belongs with key 0x51192ff2" and > "hawke@hawkesnest.net belongs with key 0x51192ff2". The photo UID > type fits much better, being a statement that "this is a photo of > the person who uses 0x51192ff2". I don't agree with this. The user ID system in all OpenPGP products gives a regular UTF-8 string. Signatures simply bind that string to the primary key. The system says exactly "Alex Mauer belongs with key 0x51192ff2" and "hawke@hawkesnest.net belongs with key 0x51192ff2". You cannot sign a user ID without binding it to a key. David From JPClizbe at comcast.net Tue Oct 25 00:50:16 2005 From: JPClizbe at comcast.net (John Clizbe) Date: Tue Oct 25 01:01:34 2005 Subject: Automatically encrypt and sign outgoing mail In-Reply-To: References: Message-ID: <435D6528.8060100@comcast.net> Faine, Mark wrote: > I've configured system account mail (root, postmaster, etc) to be sent > to a user account and then that user account is using a .forward file to > send the mail to my workstation where I can review it. I would like to > do the same but include an encrypt/sign step into the process. > > I have created my key on the workstation (Windows using Outlook 2003 and > the Outlook MUA plugin. > > I've created a key for the user who will send the system's mail. > > I've imported the key into the keyring of this user, signed it and set > the trust. > > I've searched all day for a procmail recipe that would encrypt/sign the > message upon arrival in the user mailbox but I've not found anything. > I'd like to set it up so that the mail is encrypted and signed to my > workstation gnupg key and then the mail is forwarded to my workstation > email account. This way all the mail I receive from the system will > always be encrypted. > > Any help would be appreciated. Look into GPGrelay: http://sites.inka.de/tesla/gpgrelay.html I believe it should meet your requirements. -- John P. Clizbe Inet: John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. PGP/GPG KeyID: 0x608D2A10/0x18BB373A "what's the key to success?" / "two words: good decisions." "what's the key to good decisions?" / "one word: experience." "how do i get experience?" / "two words: bad decisions." "Just how do the residents of Haiku, Hawai'i hold conversations?" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 667 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051024/0fdc34ab/signature.pgp From sithtracy at yahoo.com Tue Oct 25 05:57:02 2005 From: sithtracy at yahoo.com (Tracy D. Bossong) Date: Tue Oct 25 05:57:38 2005 Subject: Make GnuPG create files with .pgp extension In-Reply-To: <4353AB5F.2090509@free.fr> Message-ID: <20051025035702.46730.qmail@web51703.mail.yahoo.com> Perhaps the best approach to this is a simple script. gpg --encrypt --recipient %2 --output %1.pgp %1 You could expand on it. Shouldn't be a problem for any environment. --- Ismael Valladolid Torres wrote: > Most often, recipients of my encrypted files are > users of legacy PGP > versions. So I use to rename my .gpg files to .pgp > so they can access > them directly with their PGP shell extensions. > > Is there any way to make GnuPG to create files > directly with the .pgp > extension without specifying the complete expected > file name using the > -o option? > > Cordially, Ismael > -- > http://lamediahostia.blogspot.com/ > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > From Mark.R.Faine at nasa.gov Tue Oct 25 14:39:35 2005 From: Mark.R.Faine at nasa.gov (Faine, Mark) Date: Tue Oct 25 14:39:46 2005 Subject: Automatically encrypt and sign outgoing mail Message-ID: This looks good but it is a windows program. I'm trying to achieve the same goal as GPGrelay provides but on Linux. Basically I'm trying to ensure that all the mail sent out from the Linux box (admin mail) that is sent over an insecure mail server is sent to me encrypted. I had thought to use procmail and gpg together somehow but I haven't had any luck finding any information on how to configure either. Thanks, -Mark -----Original Message----- From: gnupg-users-bounces@gnupg.org [mailto:gnupg-users-bounces@gnupg.org] On Behalf Of John Clizbe Sent: Monday, October 24, 2005 5:50 PM To: gnupg-users@gnupg.org Subject: Re: Automatically encrypt and sign outgoing mail _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users From alphasigmax at gmail.com Tue Oct 25 16:23:51 2005 From: alphasigmax at gmail.com (Alphax) Date: Tue Oct 25 16:27:18 2005 Subject: Signature packets without (whatever) Message-ID: <435E3FF7.90001@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Recently, when checking my trustb I get the following appearing: gpg: buffer shorter than subpacket gpg: signature packet without keyid gpg: buffer shorter than subpacket gpg: buffer shorter than subpacket gpg: signature packet without timestamp gpg: buffer shorter than subpacket gpg: signature packet without keyid gpg: buffer shorter than subpacket Now, I figured that cleaning the keys would probably fix this, but the question is: how do I find the offending keys? Or should I just batch-clean the lot? - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ14/9rMAAH8MeUlWAQgsPQf/RtAXvT6o2PDGO/SvmrNHAol3WFAC1+KH fSx/EfxCzglJU3oAjX0Q4XOx4we/JfFUm5+jp8S4A4u5cJXwa94clCTr8pENmKrz NX272+FfxvvRd9OhkCocdvKJ5ESiAhfG/VghjSh8vKidzCRQ/FM7N0yucvE/SeO4 MuCi8RJO7A+OG7HPs2Mz0MOlvmPAGqyMCgJm/Ff7E+tvhFVZGfr2iSHHN38bmmVC +ULD4RrRhLtdv8rnGO4eL7q0X4wZYi5ohYi6vm+TtBPAYk+D3esqULEZiuQlrjcn Wl2xAfe6rd0h79u+qoCtEmQJ/ld8BSKI8uUJRR2PZVkIpqg6FWlc+Q== =PU3W -----END PGP SIGNATURE----- From dshaw at jabberwocky.com Tue Oct 25 16:35:49 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Tue Oct 25 16:36:16 2005 Subject: Signature packets without (whatever) In-Reply-To: <435E3FF7.90001@gmail.com> References: <435E3FF7.90001@gmail.com> Message-ID: <20051025143549.GA19648@jabberwocky.com> On Tue, Oct 25, 2005 at 11:53:51PM +0930, Alphax wrote: > Recently, when checking my trustb I get the following appearing: > > gpg: buffer shorter than subpacket > gpg: signature packet without keyid > gpg: buffer shorter than subpacket > gpg: buffer shorter than subpacket > gpg: signature packet without timestamp > gpg: buffer shorter than subpacket > gpg: signature packet without keyid > gpg: buffer shorter than subpacket > > Now, I figured that cleaning the keys would probably fix this, but the > question is: how do I find the offending keys? Given that one of the errors is a signature packet without a keyid... it's hard to locate the signature :) You could do trickery with gpgsplit and such, but I'd wait until 1.4.3 is out. It doesn't error on such signatures any longer. David From erwan at rail.eu.org Tue Oct 25 16:39:16 2005 From: erwan at rail.eu.org (Erwan David) Date: Tue Oct 25 16:39:22 2005 Subject: Signature packets without (whatever) In-Reply-To: <435E3FF7.90001@gmail.com> References: <435E3FF7.90001@gmail.com> Message-ID: <20051025143915.GH23147@brehat.trusted-logic.fr> Le Tue 25/10/2005, Alphax disait > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Recently, when checking my trustb I get the following appearing: > > gpg: buffer shorter than subpacket > gpg: signature packet without keyid > gpg: buffer shorter than subpacket > gpg: buffer shorter than subpacket > gpg: signature packet without timestamp > gpg: buffer shorter than subpacket > gpg: signature packet without keyid > gpg: buffer shorter than subpacket > > Now, I figured that cleaning the keys would probably fix this, but the > question is: how do I find the offending keys? > > Or should I just batch-clean the lot? I got this when I retrieved the PGP GD key via hkp. REmoving this key from my keyring was enough to suppress those messages. -- Erwan David ========================================================== Trusted Logic Tel: +33 1 30 97 25 03 5 rue du Bailliage Std: +33 1 30 97 25 00 78000 Versailles Fax: +33 1 30 97 25 19 France From alphasigmax at gmail.com Tue Oct 25 16:38:55 2005 From: alphasigmax at gmail.com (Alphax) Date: Tue Oct 25 16:42:14 2005 Subject: Signature packets without (whatever) In-Reply-To: <20051025143549.GA19648@jabberwocky.com> References: <435E3FF7.90001@gmail.com> <20051025143549.GA19648@jabberwocky.com> Message-ID: <435E437F.1080606@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 David Shaw wrote: > On Tue, Oct 25, 2005 at 11:53:51PM +0930, Alphax wrote: > >>Recently, when checking my trustb I get the following appearing: >> >>gpg: buffer shorter than subpacket >>gpg: signature packet without keyid >>gpg: buffer shorter than subpacket >>gpg: buffer shorter than subpacket >>gpg: signature packet without timestamp >>gpg: buffer shorter than subpacket >>gpg: signature packet without keyid >>gpg: buffer shorter than subpacket >> >>Now, I figured that cleaning the keys would probably fix this, but the >>question is: how do I find the offending keys? > > > Given that one of the errors is a signature packet without a > keyid... it's hard to locate the signature :) > > You could do trickery with gpgsplit and such, but I'd wait until 1.4.3 > is out. It doesn't error on such signatures any longer. > It's not dying, just warning me... however, I think they might be responsible for my trustb becoming corrupt last week. Will 1.4.3 automatically remove such signatures or merely ignore them? - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ15DfrMAAH8MeUlWAQhrgggAhRQTRxQlrRpEcbyQnDwVhMJ2RYF3se+L 5Ei5QtvTxBMIVbYQDMzsMSyV9hMqH1p5uI6rhxusNBhvcRtDIfF8WEnuF8gEoN9k aGqgTV7/3fyldCy6kkRSPnPDYjz802swX+iDutB0SaA5nwXTBLl0yoTDRIS5eJYo lE4tyn4xq1YgNBkZyJY2rMdK55AIeIDukYqpX8Df1l20dKu1sYIjhkLx79SzL0e+ ibGGcbO8p4ox/8FkfbB0ClIPhV82ClOHc21zMH9d6VczJFA7wxJe/HKE6kE1RBzw T5D63gwyhI7cMJ9qxAJ/CWspOaD1Y1k0ZriIu+/5FO2UWn1vZHiMAA== =ILQ2 -----END PGP SIGNATURE----- From dshaw at jabberwocky.com Tue Oct 25 16:50:40 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Tue Oct 25 16:51:35 2005 Subject: Signature packets without (whatever) In-Reply-To: <435E437F.1080606@gmail.com> References: <435E3FF7.90001@gmail.com> <20051025143549.GA19648@jabberwocky.com> <435E437F.1080606@gmail.com> Message-ID: <20051025145040.GB19648@jabberwocky.com> On Wed, Oct 26, 2005 at 12:08:55AM +0930, Alphax wrote: > David Shaw wrote: > > On Tue, Oct 25, 2005 at 11:53:51PM +0930, Alphax wrote: > > > >>Recently, when checking my trustb I get the following appearing: > >> > >>gpg: buffer shorter than subpacket > >>gpg: signature packet without keyid > >>gpg: buffer shorter than subpacket > >>gpg: buffer shorter than subpacket > >>gpg: signature packet without timestamp > >>gpg: buffer shorter than subpacket > >>gpg: signature packet without keyid > >>gpg: buffer shorter than subpacket > >> > >>Now, I figured that cleaning the keys would probably fix this, but the > >>question is: how do I find the offending keys? > > > > > > Given that one of the errors is a signature packet without a > > keyid... it's hard to locate the signature :) > > > > You could do trickery with gpgsplit and such, but I'd wait until 1.4.3 > > is out. It doesn't error on such signatures any longer. > > > > It's not dying, just warning me... however, I think they might be > responsible for my trustb becoming corrupt last week. Will 1.4.3 > automatically remove such signatures or merely ignore them? I doubt this is involved in any trustdb problems. All versions of GPG ignore such signatures. 1.4.3 just ignores them quietly. David From dougb at dougbarton.net Tue Oct 25 20:49:12 2005 From: dougb at dougbarton.net (Doug Barton) Date: Tue Oct 25 20:49:32 2005 Subject: Signature packets without (whatever) In-Reply-To: <20051025143915.GH23147@brehat.trusted-logic.fr> References: <435E3FF7.90001@gmail.com> <20051025143915.GH23147@brehat.trusted-logic.fr> Message-ID: <435E7E28.2050602@dougbarton.net> Erwan David wrote: > Le Tue 25/10/2005, Alphax disait > >>-----BEGIN PGP SIGNED MESSAGE----- >>Hash: SHA256 >> >>Recently, when checking my trustb I get the following appearing: >> >>gpg: buffer shorter than subpacket >>gpg: signature packet without keyid >>gpg: buffer shorter than subpacket >>gpg: buffer shorter than subpacket >>gpg: signature packet without timestamp >>gpg: buffer shorter than subpacket >>gpg: signature packet without keyid >>gpg: buffer shorter than subpacket >> >>Now, I figured that cleaning the keys would probably fix this, but the >>question is: how do I find the offending keys? >> >>Or should I just batch-clean the lot? > > > I got this when I retrieved the PGP GD key via hkp. > REmoving this key from my keyring was enough to suppress those > messages. I had a similar problem with the version of the key that I received from hkp. I downloaded the key from http://keyserver.pgp.com/ and imported it by hand, and didn't have these problems any more. hth, Doug -- If you're never wrong, you're not trying hard enough From mail at peterengel.com Tue Oct 25 21:37:06 2005 From: mail at peterengel.com (Peter Engel) Date: Tue Oct 25 23:25:53 2005 Subject: Using a Smartcard with a class2 cardreader: Can I use the keypad? Message-ID: <435E8962.7070206@peterengel.com> Skipped content of type multipart/mixed-------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 372 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051025/a5fd70da/signature.pgp From dshaw at jabberwocky.com Tue Oct 25 23:56:05 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Tue Oct 25 23:56:31 2005 Subject: Signature packets without (whatever) In-Reply-To: <435E7E28.2050602@dougbarton.net> References: <435E3FF7.90001@gmail.com> <20051025143915.GH23147@brehat.trusted-logic.fr> <435E7E28.2050602@dougbarton.net> Message-ID: <20051025215605.GF19648@jabberwocky.com> On Tue, Oct 25, 2005 at 11:49:12AM -0700, Doug Barton wrote: > > I got this when I retrieved the PGP GD key via hkp. > > REmoving this key from my keyring was enough to suppress those > > messages. > > I had a similar problem with the version of the key that I received from > hkp. I downloaded the key from http://keyserver.pgp.com/ and imported it by > hand, and didn't have these problems any more. Yes. The PGP GD key that's on the HKP network is riddled with garbage. Getting it from ldap://keyserver.pgp.com (or manually via HTTP as you did) is the right thing to do. It actually revealing interesting key use data: the copy on keyserver.pgp.com is the "real" copy, with only the signatures that the PGP company put there. The copy on the HKP net has a few hundred other signatures... some, no doubt, in error. You could probably regard most of the difference between the two sets as people who didn't use local signatures, but should have. Judging by the number of signature revocations attached to that key, some people did realize their error, but too late. David From hawke at hawkesnest.net Wed Oct 26 01:22:10 2005 From: hawke at hawkesnest.net (Alex Mauer) Date: Wed Oct 26 01:28:51 2005 Subject: Delete key from keyserver In-Reply-To: <20051024213810.GB14582__6709.16447784311$1130191869$gmane$org@jabberwocky.com> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575__36061.0443553471$1130012606$gmane$org@zax.ifi.uio.no> <20051024213810.GB14582__6709.16447784311$1130191869$gmane$org@jabberwocky.com> Message-ID: David Shaw wrote: > On Mon, Oct 24, 2005 at 04:21:32PM -0500, Alex Mauer wrote: > > > I don't agree with this. The user ID system in all OpenPGP products > gives a regular UTF-8 string. Signatures simply bind that string to > the primary key. The system says exactly "Alex Mauer belongs with key > 0x51192ff2" and "hawke@hawkesnest.net belongs with key 0x51192ff2". > You cannot sign a user ID without binding it to a key. When the string "Alex Mauer " is bound to 0x51192ff2, there's also an association made between the two parts of the string. The system does /not/ say "Alex Mauer belongs with key 0x51192ff2" and "hawke@hawkesnest.net belongs with key 0x51192ff2". It says "Alex Mauer and email hawke@hawkesnest.net belong with 0x51192ff2" as one statement. It's a subtle, but important, distinction. I should be able to affirm that hawke@hawkesnest.net uses 0x51192ff2 without being forced to also affirm that "Alex Mauer" uses 0x51192ff2, or vice versa. Obviously, with these examples I'm happy to affirm both, since hey .. it's me. But [hopefully] you get my point. -- Bad - You get pulled over for doing 90 in a school zone and you're drunk off your ass again at three in the afternoon. Worse - The cop is drunk too, and he's a mean drunk. FUCK! - A mean drunk that's actually a swarm of semi-sentient flesh-eating beetles. OpenPGP key id: 0x51192FF2 @ subkeys.pgp.net -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 382 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051025/554c9668/signature.pgp From dshaw at jabberwocky.com Wed Oct 26 01:39:51 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Wed Oct 26 01:41:01 2005 Subject: Delete key from keyserver In-Reply-To: References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575__36061.0443553471$1130012606$gmane$org@zax.ifi.uio.no> <20051024213810.GB14582__6709.16447784311$1130191869$gmane$org@jabberwocky.com> Message-ID: <20051025233951.GA20427@jabberwocky.com> On Tue, Oct 25, 2005 at 06:22:10PM -0500, Alex Mauer wrote: > David Shaw wrote: > > On Mon, Oct 24, 2005 at 04:21:32PM -0500, Alex Mauer wrote: > > > > > > I don't agree with this. The user ID system in all OpenPGP products > > gives a regular UTF-8 string. Signatures simply bind that string to > > the primary key. The system says exactly "Alex Mauer belongs with key > > 0x51192ff2" and "hawke@hawkesnest.net belongs with key 0x51192ff2". > > You cannot sign a user ID without binding it to a key. > > When the string "Alex Mauer " is bound to > 0x51192ff2, there's also an association made between the two parts of > the string. The system does /not/ say "Alex Mauer belongs with key > 0x51192ff2" and "hawke@hawkesnest.net belongs with key 0x51192ff2". It > says "Alex Mauer and email hawke@hawkesnest.net belong with 0x51192ff2" > as one statement. It's a subtle, but important, distinction. > > I should be able to affirm that hawke@hawkesnest.net uses 0x51192ff2 > without being forced to also affirm that "Alex Mauer" uses 0x51192ff2, > or vice versa. > > Obviously, with these examples I'm happy to affirm both, since hey .. > it's me. But [hopefully] you get my point. Some people (myself included) check both before signing. The name via some sort of formal ID, and the email via a mail challenge. Still, if you don't want to bind both tokens together, just create an user ID of without the name attached or a user ID of "Alex Maurer" without the email address attached. Some people will not sign such a user ID though, and at least the name-only one is of questionable usefulness in practice. David From hawke at hawkesnest.net Wed Oct 26 03:50:11 2005 From: hawke at hawkesnest.net (Alex Mauer) Date: Wed Oct 26 03:55:41 2005 Subject: Delete key from keyserver In-Reply-To: <20051025233951.GA20427__10535.051013767$1130283920$gmane$org@jabberwocky.com> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575__36061.0443553471$1130012606$gmane$org@zax.ifi.uio.no> <20051024213810.GB14582__6709.16447784311$1130191869$gmane$org@jabberwocky.com> <20051025233951.GA20427__10535.051013767$1130283920$gmane$org@jabberwocky.com> Message-ID: David Shaw wrote: > Some people (myself included) check both before signing. The name via > some sort of formal ID, and the email via a mail challenge. As do I, at least for a level 3 signature. > Still, if you don't want to bind both tokens together, just create an > user ID of without the name attached or a user > ID of "Alex Maurer" without the email address attached. I understand that it's possible to do this. I was just lamenting the fact that it is very strongly discouraged by GnuPG: Real name: Name must be at least 5 characters long > Some people > will not sign such a user ID though, I don't understand why. If you trust the association of the Name and key, how/why would having an email address in there as well improve the trust? > and at least the name-only one is > of questionable usefulness in practice. If it's of questionable usefulness, then having the name there at all is of questionable usefulness, and so is the verification of documents. Theoretically, the point of a physical meeting is: * Physical person linked by photo ID to name. * Name linked to key by the key field "Real Name" ? Possibly Physical person linked to photo uid by appearance. Any verification of the email is a totally independent operation, linking the email address and the key, but not the name with the email address. Why should the signature connect them? I could make a conventionally-UIDed new key with a friend's name and a new email address, and he could meet with you and you could verify all his official documents, but it would prove nothing about the email address. Then you could verify the email address with your challenge method of choice, and it would confirm that the recipient of the mail could use the key. The end result would be a key that had an invalid association between the name and the email address. Not that this cannot be done even if the name and email address are separate entities, but at least it becomes more obvious. And UIDs wouldn't have to contain every combination of name and email address. Anyway, the point of this rather long-winded bit is that it should be possible to only sign the email if that's all that has been verified, or only sign the name if that's all that's been verified. -Alex Mauer "hawke" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 254 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051025/f645b6a3/signature.pgp From dshaw at jabberwocky.com Wed Oct 26 05:38:49 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Wed Oct 26 05:39:21 2005 Subject: Delete key from keyserver In-Reply-To: References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575__36061.0443553471$1130012606$gmane$org@zax.ifi.uio.no> <20051024213810.GB14582__6709.16447784311$1130191869$gmane$org@jabberwocky.com> <20051025233951.GA20427__10535.051013767$1130283920$gmane$org@jabberwocky.com> Message-ID: <20051026033849.GE20427@jabberwocky.com> On Tue, Oct 25, 2005 at 08:50:11PM -0500, Alex Mauer wrote: > David Shaw wrote: > >Some people (myself included) check both before signing. The name via > >some sort of formal ID, and the email via a mail challenge. > > As do I, at least for a level 3 signature. > > >Still, if you don't want to bind both tokens together, just create an > >user ID of without the name attached or a user > >ID of "Alex Maurer" without the email address attached. > > I understand that it's possible to do this. I was just lamenting the > fact that it is very strongly discouraged by GnuPG: > > Real name: > Name must be at least 5 characters long > > >Some people > >will not sign such a user ID though, > > I don't understand why. If you trust the association of the Name and > key, how/why would having an email address in there as well improve the > trust? It's not an issue of improving the trust, it's an issue of disambiguation. In my case, there are many different David Shaws out there, including a furniture designer in New Zealand, a Pulitzer prize winning journalist in the US, and a former MP for Dover in the UK. I'm none of these. There are at least 19 David Shaws on the keyserver net as well, not including me. My email address globally indicates which David Shaw I am. > >and at least the name-only one is > >of questionable usefulness in practice. > > If it's of questionable usefulness, then having the name there at all is > of questionable usefulness, and so is the verification of documents. Questionable usefulness *in practice*, I said. In practice, one of the major uses for GPG is email, and mail clients tend to look for keys by email address. It's a email client design issue, not a cryptographic issue. > Theoretically, the point of a physical meeting is: > * Physical person linked by photo ID to name. > * Name linked to key by the key field "Real Name" > ? Possibly Physical person linked to photo uid by appearance. > Any verification of the email is a totally independent operation, > linking the email address and the key, but not the name with the email > address. Why should the signature connect them? Because the keyholder elected to put them together. OpenPGP puts the keyholder in charge of what is signable. If the keyholder wants to be able to have an email-only or name-only user ID, that's up to them. The signer can't override what the keyholder decides (which makes sense, as it's the keyholder's key). My key has both my name and email address, and I don't want people signing just one. > I could make a conventionally-UIDed new key with a friend's name and a > new email address, and he could meet with you and you could verify all > his official documents, but it would prove nothing about the email > address. Then you could verify the email address with your challenge > method of choice, and it would confirm that the recipient of the mail > could use the key. The end result would be a key that had an invalid > association between the name and the email address. Give a challenge cookie to the person when you meet them, and ask them for it in the email challenge. It proves that the person who is responding to your mail is either the physical person you met, or is at least in communication with them. David From j.e.vanbaal+gnupg-users at uvt.nl Wed Oct 26 09:25:05 2005 From: j.e.vanbaal+gnupg-users at uvt.nl (Joost van Baal) Date: Wed Oct 26 09:24:58 2005 Subject: Delete key from keyserver In-Reply-To: <20051026033849.GE20427@jabberwocky.com> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575__36061.0443553471$1130012606$gmane$org@zax.ifi.uio.no> <20051024213810.GB14582__6709.16447784311$1130191869$gmane$org@jabberwocky.com> <20051025233951.GA20427__10535.051013767$1130283920$gmane$org@jabberwocky.com> <20051026033849.GE20427@jabberwocky.com> Message-ID: <20051026072505.GD6519@banach.uvt.nl> On Tue, Oct 25, 2005 at 11:38:49PM -0400, David Shaw wrote: > On Tue, Oct 25, 2005 at 08:50:11PM -0500, Alex Mauer wrote: > > David Shaw wrote: > > >Some people (myself included) check both before signing. The name via > > >some sort of formal ID, and the email via a mail challenge. > > > > As do I, at least for a level 3 signature. > > > > >Still, if you don't want to bind both tokens together, just create an > > >user ID of without the name attached or a user > > >ID of "Alex Maurer" without the email address attached. > > > > I understand that it's possible to do this. I was just lamenting the > > fact that it is very strongly discouraged by GnuPG: > > > > Real name: > > Name must be at least 5 characters long > > > > >Some people > > >will not sign such a user ID though, > > > > I don't understand why. If you trust the association of the Name and > > key, how/why would having an email address in there as well improve the > > trust? > > It's not an issue of improving the trust, it's an issue of > disambiguation. In my case, there are many different David Shaws out > there, including a furniture designer in New Zealand, a Pulitzer prize > winning journalist in the US, and a former MP for Dover in the UK. > I'm none of these. There are at least 19 David Shaws on the keyserver > net as well, not including me. My email address globally indicates > which David Shaw I am. Isn't this why some people use UIDs like "John Doe (Amsterdam, The Netherlands, 1970-01-01)" next to the email-ones? Bye, Joost -- Joost van Baal http://abramowitz.uvt.nl/ Tilburg University j.e.vanbaal@uvt.nl The Netherlands -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: Digital signature Url : /pipermail/attachments/20051026/8cdc1481/attachment.pgp From dirk.traulsen at lypso.de Wed Oct 26 10:24:38 2005 From: dirk.traulsen at lypso.de (Dirk Traulsen) Date: Wed Oct 26 10:24:25 2005 Subject: clean sigs In-Reply-To: <20050912030122.GA10058@jabberwocky.com> References: <4321A369.1000705@comcast.net> Message-ID: <435F5966.22554.2D7B546@localhost> Am 11 Sep 2005 um 23:01 hat David Shaw geschrieben: > On Fri, Sep 09, 2005 at 09:59:53AM -0500, John Clizbe wrote: > > David Shaw wrote: > > > There is perhaps an argument to be made for a > > > "super clean" that does clean and also removes any > > > signature where the signing key is > > > not present (in fact, an early version of clean did that), > > > but that's a different thing than clean. > > > > Perhaps --scrub ? --sanitize ? --disinfect ? > > I rather like "minimize", but this isn't really a minimal key > (as it has signatures other than selfsigs). I gave the naming some thought. Witty and funny names aside, I think there are so many commands and options, that it would be better to expand the name and not take a new one. . I suggest following solution: a new option 'clean [total]'. This could be the new part in the man-page: =======Proposal================== clean Cleans keys by removing unusable pieces. This com- mand can be used to keep keys neat and clean, and it has no effect aside from that. sigs Remove any signatures that are not usable by the trust calculations. For example, this removes any signature that does not validate. It also removes any signature that is superceded by a later signature, or signatures that were revoked. uids Compact (by removing all signatures except the selfsig) any user ID that is no longer usable (e.g. revoked, or expired). total Remove like above any unusable signature and UID, but also remove any signature for which the signing key is not present. If invoked with no arguments, both `sigs' and `uids' are cleaned. If invoked without `total', only signatures for which the signing key is present can be evaluted. =======Proposal================== What do you think about that, David? I would really appreciate such a function and I'm sure, that I'm not the only one. Please consider to implement it. As I cannot do it myself, maybe I can help with this proposal. Dirk From ismaeval at free.fr Wed Oct 26 11:31:02 2005 From: ismaeval at free.fr (Ismael Valladolid Torres) Date: Wed Oct 26 11:30:55 2005 Subject: Delete key from keyserver In-Reply-To: <20051026072505.GD6519@banach.uvt.nl> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575__36061.0443553471$1130012606$gmane$org@zax.ifi.uio.no> <20051024213810.GB14582__6709.16447784311$1130191869$gmane$org@jabberwocky.com> <20051025233951.GA20427__10535.051013767$1130283920$gmane$org@jabberwocky.com> <20051026033849.GE20427@jabberwocky.com> <20051026072505.GD6519@banach.uvt.nl> Message-ID: <435F4CD6.7050900@free.fr> Joost van Baal wrote: > On Tue, Oct 25, 2005 at 11:38:49PM -0400, David Shaw wrote: >>It's not an issue of improving the trust, it's an issue of >>disambiguation. In my case, there are many different David Shaws out >>there, including a furniture designer in New Zealand, a Pulitzer prize >>winning journalist in the US, and a former MP for Dover in the UK. >>I'm none of these. There are at least 19 David Shaws on the keyserver >>net as well, not including me. My email address globally indicates >>which David Shaw I am. > > > Isn't this why some people use UIDs like "John Doe (Amsterdam, The > Netherlands, 1970-01-01)" next to the email-ones? I don't get the point. Why they do? Cordially, Ismael -- Dropping science like when Galileo dropped his orange From wk at gnupg.org Wed Oct 26 16:47:50 2005 From: wk at gnupg.org (Werner Koch) Date: Wed Oct 26 16:51:41 2005 Subject: Using a Smartcard with a class2 cardreader: Can I use the keypad? In-Reply-To: <435E8962.7070206@peterengel.com> (Peter Engel's message of "Tue, 25 Oct 2005 21:37:06 +0200") References: <435E8962.7070206@peterengel.com> Message-ID: <87br1c5o89.fsf@wheatstone.g10code.de> On Tue, 25 Oct 2005 21:37:06 +0200, Peter Engel said: > I have a class-2 cardreader (meaning: with integreated keypad for > entering the PIN). I found no clue yet wether GnuPG supports the > integrated keypad for entering the PIN. (using GnuPG v.1.4.2) I am working on this. It has turned out to require more changes in the UI than expected. There will only be support for CCID readers. For testing I use an SPR532 as well as a Cherry XX44. Salam-Shalom, Werner From hawke at hawkesnest.net Wed Oct 26 19:26:31 2005 From: hawke at hawkesnest.net (Alex Mauer) Date: Wed Oct 26 19:41:23 2005 Subject: Delete key from keyserver In-Reply-To: <20051026033849.GE20427__13187.1989848607$1130298495$gmane$org@jabberwocky.com> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575__36061.0443553471$1130012606$gmane$org@zax.ifi.uio.no> <20051024213810.GB14582__6709.16447784311$1130191869$gmane$org@jabberwocky.com> <20051025233951.GA20427__10535.051013767$1130283920$gmane$org@jabberwocky.com> <20051026033849.GE20427__13187.1989848607$1130298495$gmane$org@jabberwocky.com> Message-ID: David Shaw wrote: >>>Some people >>>will not sign such a user ID though, > > It's not an issue of improving the trust, it's an issue of > disambiguation. Right, so why is it any better to have a key with: 0x99242560 David Shaw than to have 0x99242560 David Shaw 0x99242560 dshaw@jabberwocky.com (two UIDs) You still have the same level of disambiguation. Why would someone be unwilling to sign the one, but willing to sign the other? > Questionable usefulness *in practice*, I said. In practice, one of > the major uses for GPG is email, and mail clients tend to look for > keys by email address. It's a email client design issue, not a > cryptographic issue. Yes, a key without any UID containing an email address is of questionable usefulness. Agreed. > My key has both my name and > email address, and I don't want people signing just one. But if they can only prove one part of the data to their satisfaction, why should they not sign only that part? > Give a challenge cookie to the person when you meet them, and ask them > for it in the email challenge. It proves that the person who is > responding to your mail is either the physical person you met, or is > at least in communication with them. "In communication with them" is not good enough for the level of trust that these checks imply. Besides, the scenario I described already implies that they must be in communication. But it's really irrelevant to the original point, which is that in many cases, the real name doesn't matter; only the email address/key does. "If I know a person only by email, then that email *is* the person to me." In that case, if the email is trusted, then the name on the UID is irrelevant. I might be willing to trust that key ID 0x99242560 really is used by the holder of email dshaw@jabberwocky.com, but not that the person in question really is named David Shaw. ... and in most cases, I probably don't really care about the real name of the keyholder, only about the email address. So why should I have to sign both in order to declare this trust? -- Bad - You get pulled over for doing 90 in a school zone and you're drunk off your ass again at three in the afternoon. Worse - The cop is drunk too, and he's a mean drunk. FUCK! - A mean drunk that's actually a swarm of semi-sentient flesh-eating beetles. OpenPGP key id: 0x51192FF2 @ subkeys.pgp.net -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 382 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051026/84e6165d/signature.pgp From rjensen at progress.com Wed Oct 26 18:46:20 2005 From: rjensen at progress.com (Richard Jensen) Date: Wed Oct 26 20:25:53 2005 Subject: [gpgol] A few questions... Message-ID: <418590005AFDB04DA77890F448295D43016621D4@MAIL01.bedford.progress.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 I have the gpgol-0.9.3 plug-in installed in Outlook 2003 running on Windows XP Pro. It resolved the 'crash on signing' issues I was having with the older plug-in, thanks! Now I have a couple of questions: Is there a way to set the default key to use for signing? In Enigmail it uses the email address to choose the key, but in gpgol I always get a dialog and need to select the key from a list. For some reason it is not finding the key for encrypting a message in my keyring based on the email address. It brings up a window that lets me select the key, and that works fine. But, why isn't it finding the key automatically? It appears I cannot verify a PGP/MIME message, any plans for that or is Outlook just not a good PGP/MIME platform? What should I use for the 'Key Manager' executable? I tried pointing it to the WinPT executable, but that didn't seem to work. This isn't a big issue for me because I can use either the WinPT Key Manager or the Key Management from Enigmail. Again, comparing to Enigmail. When I choose to encrypt a message that has attachments, Enigmail gives me three options: Just encrypt/sign the message text, but not the attachments Encrypt each attachment separately and send the message using inline PGP Encrypt/sing the message as a whole and send it using PGP/MIME. It seems that with gpgol, encrypting the message causes the attachments to also be encrypted. Is there an option to NOT encrypt attachments if you are encrypting the message? TIA. - -- Richard Jensen mailto:rjensen@progress.com Fingerprint: 27E2 9649 89E9 1676 98A4 5656 696A BB00 8022 99DE -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: GnuPG 1.4.2 iD8DBQFDX7LcaWq7AIAimd4RAzppAKCeb1VD05QbdQ4i9H6AorR857QYbwCgnJQl o76ZDDMaV8C7r/vzR4FaVpc= =9TQB -----END PGP SIGNATURE----- From linux at codehelp.co.uk Wed Oct 26 21:01:15 2005 From: linux at codehelp.co.uk (Neil Williams) Date: Wed Oct 26 21:00:06 2005 Subject: Delete key from keyserver In-Reply-To: References: <20051026033849.GE20427__13187.1989848607$1130298495$gmane$org@jabberwocky.com> Message-ID: <200510262001.19729.linux@codehelp.co.uk> On Wednesday 26 October 2005 6:26 pm, Alex Mauer wrote: > Right, so why is it any better to have a key with: > 0x99242560 David Shaw > > than to have > 0x99242560 David Shaw > 0x99242560 dshaw@jabberwocky.com > (two UIDs) > > You still have the same level of disambiguation. No, because you've separated the two - there has to be a reason to do this and therefore you are implying that there is a difference between the two UID's. > Why would someone be > unwilling to sign the one, but willing to sign the other? I wouldn't sign the email only one because an email address can be accessible to more than one person. If I'm encrypting to this key, I want to know to WHOM I am writing. I wouldn't sign the name-only one either - I cannot contact the person with that name because I have no idea if the email address is solely for the person named in the other UID. A UID should reflect how I know a person. I've got several UID's and if you know me as webmaster, you sign that one, if you know me from the LUG you sign that one, if you know me professionally, you sign that one. Without an email address and a name, a UID is rather useless. > Yes, a key without any UID containing an email address is of > questionable usefulness. Agreed. But when signing a key, I'm signing a specific UID. It is bad practice to sign all UID's belonging to any one key. "Sign only the ones you can verify" is my advice at keysigning events. If there's no email I cannot verify that UID. If there's no name, I cannot verify that UID. > But if they can only prove one part of the data to their satisfaction, > why should they not sign only that part? IMHO, they should not sign at all. A signature is a *public* testimony that you have verified this person. You do not sign for your own benefit but to assist others. It is other people's perceptions of the act of signing that are important. Sign locally - you get the benefits and the rest of us do not get more untrustworthy signatures on otherwise trusted keys. > "In communication with them" is not good enough for the level of trust > that these checks imply. Besides, the scenario I described already > implies that they must be in communication. The challenge token is sufficient because it is used to show that the person you met and verified personally also has access to the private key at the address indicated. One form of challenge is explained here: http://www.dcglug.org.uk/linux_doc/gnupgsign.html#transfer A verification challenge would use a modified procedure that nevertheless ensures that the person I met is the person with access to both the email account and the private key. > But it's really irrelevant to the original point, which is that in many > cases, the real name doesn't matter; only the email address/key does. The real name always matters. email-only verification is pointless - it doesn't strengthen the web of trust. > "If I know a person only by email, then that email *is* the person to > me." So sign it locally. By signing it with an exportable signature, you are trying to indicate to ME that you have verified the identity of that person, not just the email account. > In that case, if the email is trusted, then the name on the UID is > irrelevant. Not true. By all means sign that locally, but do not lead others to believe you have verified more than you have. > I might be willing to trust that key ID 0x99242560 really > is used by the holder of email dshaw@jabberwocky.com, but not that the > person in question really is named David Shaw. ... and in most cases, I > probably don't really care about the real name of the keyholder, only > about the email address. So why should I have to sign both in order to > declare this trust? You don't if you sign locally. You do if other people are going to be using that signature in their web of trust. You should advertise this policy and then people like me could set your trust level to "Do NOT trust" so that none of your signatures ever count towards my trust calculations. I cannot trust your signatures if you refuse to verify the *person*. That's what it comes down to - your exportable signatures impact on MY web of trust and if you are not going to complete the full verification, others cannot trust your signatures. I would recommend you only sign keys locally until you are willing to accept how other people would be affected by your incomplete verification policy. BTW. Knowing this in advance, I would not sign your key even if I could verify your physical identity, fingerprint and email address. It would send the wrong signal to those who already know me. -- Neil Williams ============= http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051026/7d82814c/attachment-0001.pgp From zvrba at globalnet.hr Wed Oct 26 23:04:16 2005 From: zvrba at globalnet.hr (zvrba@globalnet.hr) Date: Wed Oct 26 23:04:04 2005 Subject: Delete key from keyserver In-Reply-To: <200510262001.19729.linux@codehelp.co.uk> References: <20051026033849.GE20427__13187.1989848607$1130298495$gmane$org@jabberwocky.com> <200510262001.19729.linux@codehelp.co.uk> Message-ID: <20051026210416.GB5492@zax.ifi.uio.no> On Wed, Oct 26, 2005 at 08:01:15PM +0100, Neil Williams wrote: > > I wouldn't sign the email only one because an email address can be accessible > to more than one person. If I'm encrypting to this key, I want to know to > WHOM I am writing. > In some cases you can't to WHOM you are writing. What if you are writing to e.g. some company's helpdesk? They use a generic email address like helpdesk@some.company.com, and all employees (possibly more than one) share the same key? What purpose has the "real name" in such case? > > You do not sign for your own benefit but to assist others. It is other > people's perceptions of the act of signing that are important. > I argue then that the current perception is flawed [I dare not say wrong.] Apart from legal business, I really do not care whether you are "the real" Neil Williams. Take for example another figure: Werner Koch. I do not know and do not care whether he's "the real" WK when checking GPG releases. What is important to me that the new GPG release is signed with the same key as some old release. In this case my trust into the new release is not based upon the "real" identity of the key owner, but on the reputation of the GPG software itself.. To put more clearly my idea of "trust": certain email addresses[1] build some sort of "reputation" in my view (e.g. as WK is with GPG). What the signature tells me is that I'm dealing with the same entity behind the email that already has built up some reputation. "Reputation" can be applied not to individual persons but also to more general entities like helpdesks, etc. [1] I deliberately do not say persons > > The real name always matters. email-only verification is pointless - it > doesn't strengthen the web of trust. > On the contrary, I think that the real name almost never matters, except in legal cases where at least one party is concerned about possible future litigation. I don't see GPG either designed for such a purpose or any country's laws acknowledging GPG signature as legally valid. > > So sign it locally. By signing it with an exportable signature, you are trying > to indicate to ME that you have verified the identity of that person, not > just the email account. > I'm curious why is everyone so obsessed with "face to face" verification? I mean, the only useful case for face-to-face verification is: 1. you have somehow learned my real name ("Zeljko Vrba") 2. you don't know my email address, or you have perhaps found it on the same place as my real name 3. you want to send some encrypted data to me Key signing in this case helps only if someone is actively trying to impersonate me. But.. : how do I know that the current WoT and keyservers are not totally fake? Given almost any key, I can't find a path that leads to some person that I trust. What gives..? I rearranged a bit this mail... > > A signature is a *public* testimony that you have verified this person. > > BTW. Knowing this in advance, I would not sign your key even if I could verify > your physical identity, fingerprint and email address. It would send the > wrong signal to those who already know me. > Aren't these two statements a bit contradictory? What "wrong signal"? It's the other people's decision whether to trust Alex's key signatures based on what he has said up to now.. Uf, it's late, probably I can elaborate more clearly on this tomorrow. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051026/2fdfe0d3/attachment.pgp From wespvp at syntegra.com Wed Oct 26 22:55:22 2005 From: wespvp at syntegra.com (Wes) Date: Wed Oct 26 23:25:46 2005 Subject: Encrypted file filename In-Reply-To: <87u0iz9cao.fsf@wheatstone.g10code.de> Message-ID: Sorry, I earlier posted this with an old thread in the subject. PGP 9 stores the file name in the encrypted data. You can take a file xyz.pgp, decrypt it, and return it to the original "My Word Doc.DOC". There is nothing externally visible, either in a PGP Partitioned message, nor in a hex dump of the PGP data, to indicate the original file name. I don't see any way in GPG to read the original file name, or to write the output to a file of the original name (or conversely to set the file name). Is this possible? I'm using GPG 1.4.1. Wes From wespvp at syntegra.com Wed Oct 26 21:50:30 2005 From: wespvp at syntegra.com (Wes) Date: Wed Oct 26 23:25:57 2005 Subject: Direct LDAP access In-Reply-To: <87u0iz9cao.fsf@wheatstone.g10code.de> Message-ID: I hope this isn't something already discussed that I overlooked in the list.. PGP 9 stores the file name in the encrypted data. You can take a file xyz.pgp, decrypt it, and return it to the original "My Word Doc.DOC". There is nothing externally visible, either in a PGP Partitioned message, nor in a hex dump of the PGP data, to indicate the original file name. I don't see any way in GPG to read the original file name, or to write the output to a file of the original name (or conversely to set the file name). Is this possible? I'm using GPG 1.4.1. Wes From dshaw at jabberwocky.com Wed Oct 26 23:35:47 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Wed Oct 26 23:37:09 2005 Subject: Direct LDAP access In-Reply-To: References: <87u0iz9cao.fsf@wheatstone.g10code.de> Message-ID: <20051026213547.GC5796@jabberwocky.com> On Wed, Oct 26, 2005 at 02:50:30PM -0500, Wes wrote: > I hope this isn't something already discussed that I overlooked in the > list.. > > PGP 9 stores the file name in the encrypted data. You can take a file > xyz.pgp, decrypt it, and return it to the original "My Word Doc.DOC". There > is nothing externally visible, either in a PGP Partitioned message, nor in a > hex dump of the PGP data, to indicate the original file name. > > I don't see any way in GPG to read the original file name, or to write the > output to a file of the original name (or conversely to set the file name). > Is this possible? I'm using GPG 1.4.1. --use-embedded-filename David From sithtracy at yahoo.com Wed Oct 26 23:40:49 2005 From: sithtracy at yahoo.com (Tracy D. Bossong) Date: Wed Oct 26 23:41:40 2005 Subject: Encrypted file filename In-Reply-To: Message-ID: <20051026214049.22117.qmail@web51715.mail.yahoo.com> Instead of --decrypt, use gpg --use-embedded-filename myfile.pgp --- Wes wrote: > Sorry, I earlier posted this with an old thread in > the subject. > > PGP 9 stores the file name in the encrypted data. > You can take a file > xyz.pgp, decrypt it, and return it to the original > "My Word Doc.DOC". There > is nothing externally visible, either in a PGP > Partitioned message, nor in a > hex dump of the PGP data, to indicate the original > file name. > > I don't see any way in GPG to read the original file > name, or to write the > output to a file of the original name (or conversely > to set the file name). > Is this possible? I'm using GPG 1.4.1. > > Wes > > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > From cam at mathematica.scientia.net Thu Oct 27 01:29:27 2005 From: cam at mathematica.scientia.net (Christoph Anton Mitterer) Date: Thu Oct 27 01:29:36 2005 Subject: Lots of questions Message-ID: <43601157.7090803@mathematica.scientia.net> Hi everybody. (First of all sorry for crossposting to *devel and *users,.. I supposed users list would be the appropriate,.. but Werner supposed *devel,.. so I took both) I have lots of general and specific questions about OpenPGP/GnuPG. First of all I'd like to say that I've already read most of the available material on the GnuPG website and even other resources on the Internet. I've also searced the GnuPG mailing list, so if I ask a question that had been asked before, I do this because I think the status might have changed in the meantime. Until now I've always used a plain DSA/ElG key... for about some years now, but recently I've revoked it and I'm going to set up a new key and create new keyrings and a new personal web of trust. Ok,.. for all questions: I want the most possible security and it wouldn't matter if an algorithm is patented or if computation takes very long or so ;-) I also assume that my system itself is perfectly secure,... so please don't tell me that this or that security consideration or key size is stupid because everyone could much easier break in my house and steal my harddisk (btw: the disc is encryptet with AES ;-) ). (btw: I'm using solely Linux so I don't have those fancy GUIs f?r GnuPG) Of I think I'm going to have three kinds of questions: I) Questions about GnuPG itself II) Questions about the OpenPGP standard, i.e. the key format, weboftrust, etc III Questions about the used algorithms I'd be glad if you could give me exact answers, but also answers that I understand,... ok I study computer science but my last cryptography lecture is some years ago ;-) ------------------------------------------------------------------------ I) GnuPG specific questions: 1) There are two development brances stable (1.4.x) and experimental (1.9.x). a) Are there any differences in these two brances, for example in the key format, the key generation, security or so, expect the main difference: S/MIME support and more card reader support? b) When creating a new key, that I want to use at least the next 10 years or so (expect somone breaks asymmetric-key-algorithms): Should I create it with 1.4.x or 1.9.x? For security reasons an so on? 2) GnuPG (and I think OpenPGP specifies that, too?) uses hybrid algortihm, meaning that when encrypting data, it's first encryptet using a symmetric algorithm (e.g. AES) with a random sessions key and then the session key is encryptet using the asymmetric algorithm. Same thing with signatures: The data is first hashed and then the hash (and not the data itself) is encrypted with the private key, correct? Are there ways to change this behavior? I mean can I use GnuPG to only use the asymmetric algortihms? That should be more secure, shouldn't it? Of course I'd be probably no longer compatible to OpenPGP (RFC 2440). 3) When GnuPG does encryption and signing. Does it encrypt first or sign first? If it would sign first, no one could use the signature to find out who it signed... 4) When using GnuPG with the standard compliance settings ( --gnupg). Are my keys and messages/signatures fully compatible to OpenPGP/RFC2440? If not: Is this only the case when communicating with non-OpenPGP-compatible users? 5) When creating a new key. What is the best random number source I can use,.. and are there ways to tune the configuration of random number generation? 6) In the GnuPG interface there is that "usage" field: "E" is for encryption only keys, "S" for signing only. What does "CS" and "CSA" mean? 7) Why doesn't GnuPG larger keys than 4096 bit (please don't answer nobody would need that ;-P )? 8) Does it make any difference wheter creating keys with 32-bit OS or 64-bit OS? 9) What is that "--set-notation" option? ------------------------------------------------------------------------ ------------------------------------------------------------------------ II) OpenPGP/Key specific questions: Ok, as told above I'd like to use as much security as possible, and I'd like to keep my key as long as possible =) So I'll try to explain how keysystem work as far as I understood it and ask my questions on the fly. If I miss something please correct me!! -First, you allways have one primary key (which is always a signing-only key) (this might be an DSA or RSA-S key, only) -Then, you have several subkeys, used for signing only (RSA-S, DSA) or encrypting only (ElGamal, RSA-E) -Then, there are one or more User ID's So you can make the following Key types: Primary: DSA // Secondary: ElGamal (and perhaps other RSA-x or DSA or ElGamal-E keys) or Primary: RSA // Secondary: and perhaps other RSA-x or DSA or ElGamal-E keys 1) What is about RSA and ElGamal keys that can both, sign and encrypt? Why can't I use them? Any security reasons? 2) Is ElGamal the same as Diffie/Hellman? -Each public key connected to it's secret key? How? -The keys (primary and secondary) are signed with a self-signature. This ensures that no one modified the key, correct? Does it also assure that a subkey belongs to a primary key and thus to the UIDs? If so: How (e.g. contains the sub-key-self-signature the fingerprint of the primary key or so)? -The keys (primary and secondary) self are only signed with the self-signature, not with signatures from other users. -The key signatures don't contain information like preferred algorithms or user identifiers and so. -Are there other reasons for primary/secondary key signatures? -The User IDs are self-signed to. This assures that the signed UID(s) is from the user that has the private key (from that specific public key) and that nobody changed the UID, correct? Any other reasons? -All self signatures (to my keys and UIDs) and signatures to other UIDs (I think I can't sign other users primary/subkeys at all) are generated using the primary (sign-only) key. 3) Why can't I use a (signing) subkey for self-signatures or signing other UIDs? Would this make sense at all? 4) How are my secondary keys connected to the primary? I know that the UID are connected by something like the fingerprint in the UID. And the UID is self-signed so nobody can change this (expect the owner of course) 5) All signatures (those that I make and that I receive) are ONLY connected to the Key-ID of the signing key and NOT to (one of) the UID of signing key, correct? a) Thus when I change my primary UID from e.g. old@email.example to new@email.example all signatures that I made to other keys automatically show the new UID (new@email.example), correct? The same thing sould apply to the things on keyservers, correct? The same thing sould apply of course when others change ther UIDs. 6) Is this (that keyservers and software know which UID they should show on signatures) the only reason for making on UID the "default-UID"? -Ok, as far as I understood there should be three types of signatures: a) Signatures to "normal" data like an email. This should consist solely of the encrypted hash (by the private key) the used hashing algorithm and the KeyID of the signing key, correct? b) Self-Signatures to primary/secondary keys. This should consist solely of the encrypted hash (by the private PRIMARY key) the used hashing algorithm and the KeyID of the signing key, correct? c) Signatures to UIDs ... ok now it gets complicated? 7) Is there a difference between self-signatures to UIDs and Signatures to other UIDs? Which? 8) What is stored in a UID-signature? a) It should contain the used hash-algorithm and the hash itself (of course) and the KeyID of the signing key (think that should be always primary keys), too? b) It contains also name, email and comment, correct? (btw: Would RFC2440 allow other fields like address, phone, etc.?) c) Prefered algorithms (symmetric, hash, compression). Only with self-signatures or with signatures to other UIDs, too? d) The features "MDC" or "Keyserver no-modify". Are there other such features? Where can I find a documentation to these features? Which should I select for maximum security? Are those (for maximum security) compliant with RFC2440? e) Other things stored in the UIDs? f) What is about things like policy URL or photo or so? Ok,.. now it gets even worse, I think: When other people "sign my key" they do not sign my key, but rather one (or all) of my UIDs, correct? Thus they tell everybody, that this UID belongs to the key AND that the settings in the UID are true (more questions about the different kinds of signatures from others to my UIDs later) Ok,.. I told you I'd use my key as long as possible. But sometimes my email address changes, so I'll defenitely have more than one UID. Big problem: When I change my UID all signatures that I received until that would not count for the new ID and thus other people wouldn't recognise my new UID as true, correct.? I think the best solution would be that my default UID is always "Christoph Anton Mitterer" without an email at all. So I could ask other people to sign only my default UID and (solely) because I sign my other UIDs with a self-signature, they would trust those UIDs, too. Correct? Or can you think of a better model for my needs? btw: The same thing should work with new subkeys: Only primary keys can be used to sign other UIDs (I asked that above). So when someone signed (one of) my UIDs he trusts them and also the key that is specified in the UID (should be always the primary key). So if I add a subkey (and self-sign it) that someone should also trust my subkey, correct? 9) Another big problem: There are those things like prefered algorithms or features or signing policy or . What is if I change these things in one of my UIDs? Are oll signatures (by other people) on that UID invaildated? (If not: why not?) If so: I should from the beginning set these things to final values,.. so perhaps once againg the question: What are the most secure settings? :-D 10) Ok I know they secret key itself is encrypted (symetricallay) with a passphrase... What do those s2k-x options have to do with that,.. an most important,.. if I decide later to change them,.. would I loose my signatures (from other people) 11) Are there any other options you can think of,.. that are stored in the key/UID that I might change later and that would lead to loosing signatures? 12) When creating more that one encryption subkey... What could be a reason for doing so? 13) Same question with signing subkeys? 14) Ok,... I've got also a lot of questions to revokation, trust, validity the different kinds of signatures that I can make to other UIDs (like non-revokable and so on) but I'll ask them in a seperate email. ------------------------------------------------------------------------ ------------------------------------------------------------------------ III) Algortihm specific questions: Ok these questions are probably asked very often, but I risk flaming and ask again ;-) 1) Asymmetric algorithms: GnuPG only supports RSA-E, RSA-S, ElGamal-E and DSA, correct? (I'd love to see ECC =P~ btw: is ECC only used for encryption or for (primary) signing keys too?) Ok,.. I've read lots of sources,.. e.g. http://www.scramdisk.clara.net/pgpfaq.html What should I use? *G* ok,.. uhm I think DSA has one big problem,.. it's limited to 1024 bit (please don't say that is enough,.. I'm paranoid ;-) ) and even NIST seems to think about a reimplementation of DSS... So I'd say,... for primary (signature only) key RSA-S would be the best, correct? Secondary (encryption, I think at first I won't need additiona encryption or signing keys) key,.. in reference to the URL above,... they said that ElGamal is a very tiny little bit more secure than RSA-S.... So should I use the following: Primary RSA-S,... secondary ElGamal?????? I know that the default is DSA/ElGamal,.. so that RSA-S/ElGamal sounds a bit strange to me *g* btw: I've read that one can create RSA keys with any fingerprint the attacker wants to have (but different key-size),.. does this only work with RSA-E or also with RSA-S,.. I mean is this a reason not to use RSA-S as primary key? Does it work with ElGamal, too? 2) Symmetric algorithms GnuPG supports: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH I think the best preference order should be the following (from the best to the worst): a) AES256 b) AES192 c) AES d) TWOFISH e) BLOWFISH f) CAST5 g) 3DES Correct? 3) Hashing algorithms GnuPG supports: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512 I think the best preference order should be the following (from the best to the worst): a) SHA512 b) SHA384 c) SHA256 d) RIPEMD160 (no sure if SHA-1 should be before this because of that chinese team that found collisions and so on) e) SHA1 f) MD5 Correct? 3) Compression algorithms GnuPG supports: Uncompressed, ZIP, ZLIB, BZIP2 I think the best preference order should be the following (from the best to the worst): a) BZIP2 (I don't bother if there are Windows users or so that "can't" support bzip2 *g* ) b) ZLIB c) ZIP d) Uncompressed Correct? ------------------------------------------------------------------------ ------------------------------------------------------------------------ IV) How to create my new key the best way? Ok these days the "Systems" is in Munich and there's the c't Magazine that signs keys and so on.... :-D So I'd like to make a new key asap.... and have it signed,.. ;-) Ok,.. now I wonder how I should do this the best and cleanest way. I suppose my assumtions above are correct and RSA-R/ElGamal would be the best and that the algorithm preference is also the best, if one could say so... And I suppose that the default random settings in Linux (normally I use debian, but I think I'll boot from a Knoppix CD to create the key,.. hope the include the latest version of GnuPG) are already the best, correct? My ~/.gnupg looks: ------------------------------------------------------------------------ openpgp #to be fully compliant to OpenPGP/RFC2440 AND to create v4 keys no-force-v3-sigs #do I need this when I've already "openpgp" charset utf-8 #yes my terminal uses UTF-8 :-D // or is the option display-charset ??? keyserver hkp://subkeys.pgp.net #not important for key generation list-options show-photos # " " " " verify-options show-photos # " " " " verbose verbose verbose z 9 #9 should be the value for best compression compress-level 9 # " " " " " " bzip2-compress-level 9 # " " " " " " #sig-notation #shoudl I set one of these for better security of my new keys? #cert-notation # " " " " " " " " #sig-policy-url #Will add this later ot my UIDs (hope it doens't invalidate all sigantures) #cert-policy-url # " " " " " " " " " " #set-policy-url # " " " " " " " " " " #sig-keyserver-url # " " " " " " " " " " #s2k-cipher-algo #What is the best here? AES256? #s2k-digest-algo #What is the best here? SHA384? #s2k-mode #What is the best here? 3? #simple-sk-checksum #Shouldn't be used I think,.. ? force-mdc personal-cipher-preferences S9 S8 S7 S10 S4 S3 S2 S1 #Do these also set my prefered settings in my key? personal-digest-preferences H10 H9 H8 H3 H2 H1 #Do these also set my prefered settings in my key? personal-compress-preferences Z3 Z2 Z1 Z0 #Do these also set my prefered settings in my key? #cipher-algo #Should be already set via personal-XXX, correct? #digest-algo # " " " " " " #compress-algo # " " " " " " #cert-digest-algo # " " " " " " ------------------------------------------------------------------------ $ gpg --gen-key $ gpg --edit-key adduid (Add user id "Christoph Anton Mitterer ") showpref (verify if preferences from config file are correct) store $ Ok the following should now apply: -Having a default UID "Christoph Anton Mitterer" -Havin a secondary UID "Christoph Anton Mitterer " -private key encryptet with ??? algorithm? (Can I change this later, without loosing signatures?) -all UIDs have the following settings: S9 S8 S7 S10 S4 S3 S2 S1 H10 H9 H8 H3 H2 H1 Z3 Z2 Z1 Z0 [mdc] [no-ks-modify] -The key have newest format (v4)? Can I change that "sig-policy-url", "cert-policy-url", "set-policy-url" and "sig-keyserver-url" later without loosing signatures on the UID? Ok,.. later I'm going to play with Smartcards, too :-) ------------------------------------------------------------------------ Ok,.. that's it for the moment,... *puhh* Lots of thanks and hugs for any help. :-) Best wishes, Chris. From hawke at hawkesnest.net Thu Oct 27 05:09:51 2005 From: hawke at hawkesnest.net (Alex Mauer) Date: Thu Oct 27 05:12:06 2005 Subject: Delete key from keyserver In-Reply-To: <200510262001.19729.linux__46495.2495102354$1130353658$gmane$org@codehelp.co.uk> References: <20051026033849.GE20427__13187.1989848607$1130298495$gmane$org@jabberwocky.com> <200510262001.19729.linux__46495.2495102354$1130353658$gmane$org@codehelp.co.uk> Message-ID: Neil Williams wrote: > No, because you've separated the two - there has to be a reason to do this and > therefore you are implying that there is a difference between the two UID's. There is. It is nearly impossible to verify with complete certainty that the person you meet is in fact able to access the email account/key. It is completely impossible to verify that they are the only person with access to the mailbox or key. If you sign both UIDs, it is equivalent to signing one traditional UID. > I wouldn't sign the email only one because an email address can be accessible > to more than one person. If I'm encrypting to this key, I want to know to > WHOM I am writing. But you don't know that any more with two UIDs than with one. The name being part of the UID does not say anything at all about the email. > I wouldn't sign the name-only one either - I cannot contact the person with > that name because I have no idea if the email address is solely for the > person named in the other UID. But you have no idea if the email address part of the single UID is solely for the person named in the name part of the single UID. Same problem. On this basis, you should not sign any UID at all, since you can't send a mail to the email address and be sure of contacting the person with the real name listed, and you can't meet a real person and be sure that it is the same person who receives mail at the address. > A UID should reflect how I know a person. I've got several UID's and if you > know me as webmaster, you sign that one, if you know me from the LUG you sign > that one, if you know me professionally, you sign that one. Exactly. So if you had separate UIDs, someone knowing you as webmaster would sign both that email address UID and the real name UID, from the LUG would sign that one and the real name, etc. Someone (like me) knowing you only by email address could sign only the relevant email UID, and be making no statement about your real name. > But when signing a key, I'm signing a specific UID. It is bad practice to sign > all UID's belonging to any one key. "Sign only the ones you can verify" is > my advice at keysigning events. If there's no email I cannot verify that UID. > If there's no name, I cannot verify that UID. ...how do you make the connection between the email part of the UID and the real name part of the UID? I assert that you cannot. >>But if they can only prove one part of the data to their satisfaction, >>why should they not sign only that part? > IMHO, they should not sign at all. I agree, for cases where a UID contains both a real name and an email, and both parts cannot be verified. > The challenge token is sufficient because it is used to show that the person > you met and verified personally also has access to the private key at the > address indicated. No it doesn't. Nothing prevents the person you met from giving the challenge token to someone else who does have access to the private key at the address indicated. > So sign it locally. By signing it with an exportable signature, you are trying > to indicate to ME that you have verified the identity of that person, not > just the email account. If it is a UID containing only an email address, I am not trying to indicate that I have verified the identity of that person. I am only indicating that I have verified the email account. If it contains both an email address and a real name, then by signing it I am trying to indicate that I have verified both. >>In that case, if the email is trusted, then the name on the UID is >>irrelevant. > > Not true. By all means sign that locally, but do not lead others to believe > you have verified more than you have. Given. I am speaking of relevance to me, not relevance to others. If I trust the association between the email address and the key, and I only interact with that person by email, then the name on the UID is of no importance to me. That is not to say that I am willing to sign it, only that I am willing to trust its veracity for my purposes. > why should I have to sign both in order to >>declare this trust? > > You don't if you sign locally. Actually, I would, even with an lsign. My local signature would indicate "Dave Shaw, email address dshaw@jabberwocky.com, uses key ID 0x99242560". If the UIDs were separate, then I could sign (or lsign) the one part that I had verified. > You should advertise this policy http://web.hawkesnest.net/~hawke/gpgsigningpolicy.html > I would recommend you only sign keys locally until you are willing to accept > how other people would be affected by your incomplete verification policy. Please, take care to note that it is not my policy to sign a key without verifying all parts of it. (except for the few keys that I will sign with a level 1 sig, as described in my key signing policy. It is simple enough to configure gpg to ignore level 1 signatures if you feel that they weaken the web of trust.) I wrote a comment on the usefulness of UIDs which only contain one piece of data; this does not reflect on my key signing policy in any way. I also wrote in largely hypothetical terms, "If I *wanted* to advertise my trust in the email portion of a traditional UID, I *would* have to sign the whole thing". That is not the same as "When I want to advertise my complete trust in the email portion of a traditional UID I just go ahead and sign it with no verification whatsoever." In point of fact I *do* use a challenge method as you described for email, I *do* indicate the level of verification I have done, and I *do not* claim to have verified all information in a UID if I haven't. > BTW. Knowing this in advance, I would not sign your key even if I could verify > your physical identity, fingerprint and email address. It would send the > wrong signal to those who already know me. ...k, go ahead. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 254 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051026/10c67a03/signature.pgp From dgolub at gdg.perm.cbr.ru Thu Oct 27 06:44:22 2005 From: dgolub at gdg.perm.cbr.ru (Dmitry =?UTF-8?B?Ry4=?= Golub) Date: Thu Oct 27 08:25:57 2005 Subject: Automatically encrypt and sign outgoing mail References: Message-ID: Faine, Mark writes: > > I've configured system account mail (root, postmaster, etc) to be sent > to a user account and then that user account is using a .forward file to > send the mail to my workstation where I can review it. I would like to > do the same but include an encrypt/sign step into the process. > > I've created a key for the user who will send the system's mail. > > I've imported the key into the keyring of this user, signed it and set > the trust. > > I've searched all day for a procmail recipe that would encrypt/sign the > message upon arrival in the user mailbox but I've not found anything. > I'd like to set it up so that the mail is encrypted and signed to my > workstation gnupg key and then the mail is forwarded to my workstation > email account. This way all the mail I receive from the system will > always be encrypted. > There is a good program called email (http://email.cleancode.org) that encrypts and sends mail in batch mode. So, you can make procmail receipt to re-send this mail to your main account. By the way, you can use it in crontabs, and you will have an additional value: when the program has empty STDIN, it does not produce any mail. I'm using it in crontabs of some system users. License is GPL. -- Dmitry -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051027/e6fb3724/attachment.pgp From realos at loftmail.com Thu Oct 27 10:23:30 2005 From: realos at loftmail.com (Realos) Date: Thu Oct 27 10:22:59 2005 Subject: documentation about gpg.conf file? Message-ID: <20051027082330.GB8701@isw302> I was wondering if there is a good documentation about how to edit gpg.conf file. Over the last weeks I have gained quite an acceptable understanding of gpg but still need to go a log way before feeling realy comfortable with advanced options. I would like to define my own policy for WoT and thus need to override default settings for marginals-needed, completes-needed, max-cert-depth, default-cert-level etc. Could not find any good documentation. Closest I came across was http://kai.iks-jena.de/pgp/gpg/gpg5.html (German). Manpage only describes how to enter these option on command line but no special not about configuration file is give. Any help/hint is much appreciated. Regards. -- Realos From realos at loftmail.com Thu Oct 27 10:51:22 2005 From: realos at loftmail.com (Realos) Date: Thu Oct 27 10:50:33 2005 Subject: The never-ending GD discussion,part 74 In-Reply-To: <31178237.20051023214718@gmx.net> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <20051023141159.GA9745@jabberwocky.com> <435BB76B.9090208@galen.org.uk> <20051023172705.GB9745@jabberwocky.com> <31178237.20051023214718@gmx.net> Message-ID: <20051027085122.GD8701@isw302> >It turns out that this way is even the best one (so far; and in the >"category" of the worldwide scattering of the keys): you can't upload >any key without authorization, and you can upload as much of them as you >want/need. Yes this may be the best of both types of servers. It seems to be a very small change in protocol. Verification of identity by challenge/response and allowing more than one keys attached to same email address. Why have this found it's way into server protocol implementations? Are there any hidden problems at first sight? -- Realos From wk at gnupg.org Thu Oct 27 10:49:12 2005 From: wk at gnupg.org (Werner Koch) Date: Thu Oct 27 10:51:41 2005 Subject: Encrypted file filename In-Reply-To: <20051026214049.22117.qmail@web51715.mail.yahoo.com> (Tracy D. Bossong's message of "Wed, 26 Oct 2005 14:40:49 -0700 (PDT)") References: <20051026214049.22117.qmail@web51715.mail.yahoo.com> Message-ID: <87acgv4a5z.fsf@wheatstone.g10code.de> On Wed, 26 Oct 2005 14:40:49 -0700 (PDT), Tracy D Bossong said: > Instead of --decrypt, use > gpg --use-embedded-filename myfile.pgp Well, not instead but in addition to --decrypt. --use-embedded-filename is an option. Shalom-Salam, Werner From wk at gnupg.org Thu Oct 27 10:57:00 2005 From: wk at gnupg.org (Werner Koch) Date: Thu Oct 27 11:01:41 2005 Subject: documentation about gpg.conf file? In-Reply-To: <20051027082330.GB8701@isw302> (realos@loftmail.com's message of "Thu, 27 Oct 2005 10:23:30 +0200") References: <20051027082330.GB8701@isw302> Message-ID: <8764rj49sz.fsf@wheatstone.g10code.de> On Thu, 27 Oct 2005 10:23:30 +0200, Realos said: > http://kai.iks-jena.de/pgp/gpg/gpg5.html (German). Manpage only > describes how to enter these option on command line but no special not > about configuration file is give. Hmmm, from the man page: OPTIONS Long options can be put in an options file (default "~/.gnupg/gpg.conf"). Short option names will not work - for exam- ple, "armor" is a valid option for the options file, while "a" is not. Do not write the 2 dashes, but simply the name of the option and any required arguments. Lines with a hash ('#') as the first non-white-space character are ignored. Commands may be put in this file too, but that is not generally useful as the command will execute automatically with every execution of gpg. Let me add that you may not use an abbreviated option name as you can do on the command line. Salam-Shalom, Werner From wk at gnupg.org Thu Oct 27 11:09:50 2005 From: wk at gnupg.org (Werner Koch) Date: Thu Oct 27 11:11:41 2005 Subject: [gpgol] A few questions... In-Reply-To: <418590005AFDB04DA77890F448295D43016621D4@MAIL01.bedford.progress.com> (Richard Jensen's message of "Wed, 26 Oct 2005 12:46:20 -0400") References: <418590005AFDB04DA77890F448295D43016621D4@MAIL01.bedford.progress.com> Message-ID: <871x27497l.fsf@wheatstone.g10code.de> On Wed, 26 Oct 2005 12:46:20 -0400, Richard Jensen said: > Is there a way to set the default key to use for signing? > In Enigmail it uses the email address to choose the key, but > in gpgol I always get a dialog and need to select the key from > a list. That is a missing feature. You may add default-key 5B0358A2 to your gpg.conf - this should solve it. > For some reason it is not finding the key for encrypting a message > in my keyring based on the email address. It brings up a window > that lets me select the key, and that works fine. But, why isn't > it finding the key automatically? I have to check. > It appears I cannot verify a PGP/MIME message, any plans for that > or is Outlook just not a good PGP/MIME platform? I plan to support this but it is not easy because MAPI seems to translate quoted-printable to 8-bit at a very early stage. Thus we would need to emply some heuristics to revert this. Further the MIME headers are not available as they have need sent; some more heuristic is required to fix this. Verification of signed and encrypted messages work because fortunately Outlook can't look into the encrypted part ;-) > What should I use for the 'Key Manager' executable? I tried pointing > it to the WinPT executable, but that didn't seem to work. > This isn't a big issue for me because I can use either the WinPT > Key Manager or the Key Management from Enigmail. Whatever you like. We are working on WinPT to smooth the integration. We are also working on a updated of GPA. Enigmail's key manager is pretty nice; you may as well use that one. > It seems that with gpgol, encrypting the message causes the > attachments > to also be encrypted. Is there an option to NOT encrypt attachments if > you are encrypting the message? I have removed this option because I don't think it makes any sense and because it is actually dangerous: Usually the more sensitive information is is an attachment (e.g. a PDF) and not in the body ("please find attached the current plan as agreed upon on 11/11/05"). Shalom-Salam, Werner From realos at loftmail.com Thu Oct 27 11:27:11 2005 From: realos at loftmail.com (Realos) Date: Thu Oct 27 11:26:25 2005 Subject: Delete key from keyserver In-Reply-To: <435F4CD6.7050900@free.fr> References: <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575__36061.0443553471$1130012606$gmane$org@zax.ifi.uio.no> <20051024213810.GB14582__6709.16447784311$1130191869$gmane$org@jabberwocky.com> <20051025233951.GA20427__10535.051013767$1130283920$gmane$org@jabberwocky.com> <20051026033849.GE20427@jabberwocky.com> <20051026072505.GD6519@banach.uvt.nl> <435F4CD6.7050900@free.fr> Message-ID: <20051027092711.GF8701@isw302> Ismael Valladolid Torres wanted us to know: >Joost van Baal wrote: > >>On Tue, Oct 25, 2005 at 11:38:49PM -0400, David Shaw wrote: >>>It's not an issue of improving the trust, it's an issue of >>>disambiguation. In my case, there are many different David Shaws out >>>there, including a furniture designer in New Zealand, a Pulitzer prize >>>winning journalist in the US, and a former MP for Dover in the UK. >>>I'm none of these. There are at least 19 David Shaws on the keyserver >>>net as well, not including me. My email address globally indicates >>>which David Shaw I am. >> >> >>Isn't this why some people use UIDs like "John Doe (Amsterdam, The >>Netherlands, 1970-01-01)" next to the email-ones? > >I don't get the point. Why they do? To avoid ambiguity, ofcourse. you would not mix up that John Doe with the one from New Zeeland. cheers, -- Realos From realos at loftmail.com Thu Oct 27 11:42:43 2005 From: realos at loftmail.com (Realos) Date: Thu Oct 27 11:41:53 2005 Subject: Delete key from keyserver In-Reply-To: <20051026033849.GE20427@jabberwocky.com> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575__36061.0443553471$1130012606$gmane$org@zax.ifi.uio.no> <20051024213810.GB14582__6709.16447784311$1130191869$gmane$org@jabberwocky.com> <20051025233951.GA20427__10535.051013767$1130283920$gmane$org@jabberwocky.com> <20051026033849.GE20427@jabberwocky.com> Message-ID: <20051027094243.GA14128@isw302> >> >> I don't understand why. If you trust the association of the Name and >> key, how/why would having an email address in there as well improve >> the >> trust? > >It's not an issue of improving the trust, it's an issue of >disambiguation. In my case, there are many different David Shaws out >there, including a furniture designer in New Zealand, a Pulitzer prize >winning journalist in the US, and a former MP for Dover in the UK. >I'm none of these. There are at least 19 David Shaws on the keyserver >net as well, not including me. My email address globally indicates >which David Shaw I am. > Well, it still may make sense using a free-form UID. Imagine a David Shaw from London has created a free-form UID which is signed by Jack upon checking his personal ID card. Now this Davin Shaw adds a new UID with email address to it, Jackcould now also challenge/response the listed email address. After such a successful check he can successfully associate that email address with David Shaw from London as only he possesses the private key and could have decrypted the message. I think it does not matter whether there are 10 or only 1 David Shaws listen of server if you know which key you have verfied. But as far as I know this concept is not taken into consideration in current gpg implementations. -- Realos From dirk.traulsen at lypso.de Thu Oct 27 12:06:36 2005 From: dirk.traulsen at lypso.de (Dirk Traulsen) Date: Thu Oct 27 12:05:55 2005 Subject: Feature request: expand 'clean' to 'clean total' Message-ID: <4360C2CC.25322.85B6D3C@localhost> Hi! I first posted this under an old (but fitting) thread and got no response. Sorry, if you already read it. Nowadays there are quite some keys, which have several hundred signatures on their UIDs. This is a good thing for the WoT, but it clutters the local keyrings, as normally you don't have most of these signing keys. If the keys on your keyring are completely trusted, you don't need the additional signatures. Until now there is the option 'clean sigs' under '--edit KEY', but it does only delete sigs, which can be verified by gpg through comparison with the corresponding signing key. So here is my feature request: Please make an option to delete signatures, for which there is no corresponding signing key on the local keyring. David Shaw wrote: > There is perhaps an argument to be made for a > "super clean" that does clean and also removes any > signature where the signing key is > not present (in fact, an early version of clean did that), > but that's a different thing than clean. I think there are so many commands and options, that it would be better to expand the name and not take a new one. I suggest following solution: add a new option 'clean total' to the known options 'clean sigs' and 'clean uids'. This could be the new part in the man-page: ===========Proposal for the man-page============== clean Cleans keys by removing unusable pieces. This com- mand can be used to keep keys neat and clean, and it has no effect aside from that. sigs Remove any signatures that are not usable by the trust calculations. For example, this removes any signature that does not validate. It also removes any signature that is superceded by a later signature, or signatures that were revoked. uids Compact (by removing all signatures except the selfsig) any user ID that is no longer usable (e.g. revoked, or expired). total Remove like above any unusable signature and UID, but also remove any signature for which the signing key is not present. If invoked with no arguments, both `sigs' and `uids' are cleaned. If invoked without `total', only signatures for which the signing key is present can be evaluted. ===========Proposal for the man-page============== What do you think about that, David? I would really appreciate such a function and I think (hope), that I'm not the only one. Please consider to implement it. As I cannot do it myself, maybe I can help with this proposal. Dirk From realos at loftmail.com Thu Oct 27 12:08:15 2005 From: realos at loftmail.com (Realos) Date: Thu Oct 27 12:07:25 2005 Subject: documentation about gpg.conf file? In-Reply-To: <8764rj49sz.fsf@wheatstone.g10code.de> References: <20051027082330.GB8701@isw302> <8764rj49sz.fsf@wheatstone.g10code.de> Message-ID: <20051027100815.GB14451@isw302> > >OPTIONS > > Long options can be put in an options file (default > "~/.gnupg/gpg.conf"). Short option names will not work - for > exam- ple, "armor" is a valid option for the options file, > while "a" is not. Do not write the 2 dashes, but simply the > name of the option and any required arguments. Lines with a > hash ('#') as the first non-white-space character are ignored. > Commands may be put in this file too, but that is not generally > useful as the command will execute automatically with every > execution of gpg. > >Let me add that you may not use an abbreviated option name as you can >do on the command line. I did try marginals-needed 2 completes-needed 1 before posting to this list and gpg invocation did not complain but adding a few more options was not working so I thought they might have to be preceeded by some "set " or something like that. Now after your email, I checked again and there was a typing mistake :) Thanks and Salam/Shalom ;) -- Realos From realos at loftmail.com Thu Oct 27 12:13:27 2005 From: realos at loftmail.com (Realos) Date: Thu Oct 27 12:12:40 2005 Subject: allowed commands on keys that keyservers handle correctly In-Reply-To: <87u0fcfmi0.fsf@wheatstone.g10code.de> References: <20051020101524.GA6026@isw.uni-stuttgart.de> <87u0fcfmi0.fsf@wheatstone.g10code.de> Message-ID: <20051027101327.GC14451@isw302> >> If I like to remove my signature from a certain key and/or uid, what is >> the best approach to that? Does it make sense to revoke the signature or >> just delete it? I find both of these commands in "gpg" software but am >> unclear what to use. > >You need to revoke the signature once you have lost full control over >the public key (i.e. uploaded it to a keyserver). Deleting a >signature/uid or key makes only sense if you can replace all copies >with the updated one. Replacing an old key with updated one seems to be possible with biglumber and such other servers. Such servers have the disadvatage of not syncing with other public servers and only allowing one public key per email address. Are there any other drawbacks of Biglumber? -- Realos From topas.org at web.de Wed Oct 26 18:33:37 2005 From: topas.org at web.de (Topas) Date: Thu Oct 27 12:38:31 2005 Subject: ECC Message-ID: <435FAFE1.6080802@web.de> Hi. When are we going to have ECC support in GnuPG? Regards, topas. From radde at fmi.uni-passau.de Thu Oct 27 07:19:11 2005 From: radde at fmi.uni-passau.de (Sven Radde) Date: Thu Oct 27 12:38:42 2005 Subject: Lots of questions In-Reply-To: <43601157.7090803@mathematica.scientia.net> References: <43601157.7090803@mathematica.scientia.net> Message-ID: <4360634F.4030608@fmi.uni-passau.de> Hello! I can't answer all your questions, but I will go for those that I can. Christoph Anton Mitterer schrieb: > 2) GnuPG (and I think OpenPGP specifies that, too?) uses hybrid > algortihm, meaning that when encrypting data, it's first encryptet > using a symmetric algorithm (e.g. AES) with a random sessions key and > then the session key is encryptet using the asymmetric algorithm. Same > thing with signatures: The data is first hashed and then the hash (and > not the data itself) is encrypted with the private key, correct? Correct. > Are there ways to change this behavior? I mean can I use GnuPG to only > use the asymmetric algortihms? That should be more secure, shouldn't > it? Of course I'd be probably no longer compatible to OpenPGP (RFC 2440). AFAIK, it is actually *less* secure to conduct purely asymmetric operations on large amounts of data. Think of it so that encrypting/signing only hash-values exposes your private key much less as there is less data available to analyze. And using purely asymmetric encryption would be much (and I mean *really* much) slower. > 3) When GnuPG does encryption and signing. Does it encrypt first or > sign first? If it would sign first, no one could use the signature to > find out who it signed... I think it signs first. After all, no one who can't decrypt a message should know whether it's signed or not. You could use detached signatures on encrypted files, though. > 4) When using GnuPG with the standard compliance settings ( --gnupg). > Are my keys and messages/signatures fully compatible to > OpenPGP/RFC2440? If not: Is this only the case when communicating with > non-OpenPGP-compatible users? As there are prefenrences embedded in the keys regarding the available algorithms, GnuPG in general does a good job to find a compatible way of handling things. There are some more subtle issues, though, so if you know what software your communication partner uses, you should go for the appropriate --pgp# option. > 7) Why doesn't GnuPG larger keys than 4096 bit (please don't answer > nobody would need that ;-P )? It is already the case with 4096bit keys that the asymmetric operations aren't the weakest link of the whole process any longer. It's more the hash functions and maybe even the symmetric algorithms under these circumstances. In other words: It doesn't gain you anything while only making the whole thing go much slower (4096 bit signing/decrypting already takes a noticeable amount of time on my PC and it scales badly). > Ok, as told above I'd like to use as much security as possible, and > I'd like to keep my key as long as possible =) > So I'll try to explain how keysystem work as far as I understood it > and ask my questions on the fly. If I miss something please correct me!! > -First, you allways have one primary key (which is always a > signing-only key) (this might be an DSA or RSA-S key, only) > -Then, you have several subkeys, used for signing only (RSA-S, DSA) or > encrypting only (ElGamal, RSA-E) > -Then, there are one or more User ID's Right. > 1) What is about RSA and ElGamal keys that can both, sign and encrypt? > Why can't I use them? Any security reasons? ElGamal signing keys were found to be fatally insecure and therefore have been removed from GnuPG with version 1.2.3 (or so). You *can* create a RSA sign+encrypt key with "gpg --gen-key --expert". > 2) Is ElGamal the same as Diffie/Hellman? Yes. Two names for essentially the same thing. > -Each public key connected to it's secret key? How? Simplified, the public key is derived via a mathematical computation from the secret key. The computation is designed in a way that can not easily be reversed (such as factoring the product of two very large prime numbers). The logical connection would simply be that only the fitting secret key can decrypt anything from the respective public key. > -The keys (primary and secondary) are signed with a self-signature. > This ensures that no one modified the key, correct? Does it also > assure that a subkey belongs to a primary key and thus to the UIDs? If > so: How (e.g. contains the sub-key-self-signature the fingerprint of > the primary key or so)? The primary is used to "self-sign" itself and all subkeys and user-ids on your key. Think of the key as being separated in several parts that are all treated as separate documents signed with the usual procedure to sign any kind of data. > -The keys (primary and secondary) self are only signed with the > self-signature, not with signatures from other users. Yes. Other users would sign user-ids associated with the key. Thereby they state that they are convinced that the signed user-id actually belongs to the user with the given id. The connection between the user-id and the cryptographic key itself is accompliched via the self-signature. > -The key signatures don't contain information like preferred > algorithms or user identifiers and so. I don't know where exactly it is stored, but a key (as a whole) contains algorithm preferences. user-ids are only stored in user-ids. > -Are there other reasons for primary/secondary key signatures? > > -The User IDs are self-signed to. This assures that the signed UID(s) > is from the user that has the private key (from that specific public > key) and that nobody changed the UID, correct? Any other reasons? Right. This makes the connection between the key and the user-ids. > 4) How are my secondary keys connected to the primary? I know that the > UID are connected by something like the fingerprint in the UID. And > the UID is self-signed so nobody can change this (expect the owner of > course) The secondary keys are signed with the private key. > 5) All signatures (those that I make and that I receive) are ONLY > connected to the Key-ID of the signing key and NOT to (one of) the UID > of signing key, correct? > a) Thus when I change my primary UID from e.g. old@email.example to > new@email.example all signatures that I made to other keys > automatically show the new UID (new@email.example), correct? The same > thing sould apply to the things on keyservers, correct? The same thing > sould apply of course when others change ther UIDs. Yes, if the others update their key. > 6) Is this (that keyservers and software know which UID they should > show on signatures) the only reason for making on UID the "default-UID"? I think so. You simply choose which of you UIDs will be displayed first. > Ok,.. now it gets even worse, I think: > When other people "sign my key" they do not sign my key, but rather > one (or all) of my UIDs, correct? Thus they tell everybody, that this > UID belongs to the key AND that the settings in the UID are true (more > questions about the different kinds of signatures from others to my > UIDs later) > Ok,.. I told you I'd use my key as long as possible. But sometimes my > email address changes, so I'll defenitely have more than one UID. > Big problem: > When I change my UID all signatures that I received until that would > not count for the new ID and thus other people wouldn't recognise my > new UID as true, correct.? Yes. That's actually the whole point with signing UIDs. > I think the best solution would be that my default UID is always > "Christoph Anton Mitterer" without an email at all. So I could ask > other people to sign only my default UID and (solely) because I sign > my other UIDs with a self-signature, they would trust those UIDs, too. > Correct? > Or can you think of a better model for my needs? See the discussion currently going in the "Delete key from keyserver" thread. People are argumenting about this very issue. > btw: The same thing should work with new subkeys: > Only primary keys can be used to sign other UIDs (I asked that above). > So when someone signed (one of) my UIDs he trusts them and also the > key that is specified in the UID (should be always the primary key). > So if I add a subkey (and self-sign it) that someone should also trust > my subkey, correct? This is correct. > 9) Another big problem: There are those things like prefered > algorithms or features or signing policy or . What is if I change > these things in one of my UIDs? Are oll signatures (by other people) > on that UID invaildated? (If not: why not?) At least the algorithm-preferences can be changed without invalidating anything as they are IMHO not tied to an UID but rather to your primary key. > 1) Asymmetric algorithms: > GnuPG only supports RSA-E, RSA-S, ElGamal-E and DSA, correct? (I'd > love to see ECC =P~ btw: is ECC only used for encryption or for > (primary) signing keys too?) Correct. > What should I use? *G* > ok,.. uhm I think DSA has one big problem,.. it's limited to 1024 bit > (please don't say that is enough,.. I'm paranoid ;-) ) and even NIST > seems to think about a reimplementation of DSS... > So I'd say,... for primary (signature only) key RSA-S would be the > best, correct? In your case, I would simply go for 4096 bit RSA. > 2) Symmetric algorithms > GnuPG supports: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH > I think the best preference order should be the following (from the > best to the worst): > a) AES256 > b) AES192 > c) AES > d) TWOFISH > e) BLOWFISH > f) CAST5 > g) 3DES > Correct? I don't like CAST, but this is a personal opinion. > 3) Hashing algorithms > GnuPG supports: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512 > I think the best preference order should be the following (from the > best to the worst): > a) SHA512 > b) SHA384 > c) SHA256 > d) RIPEMD160 (no sure if SHA-1 should be before this because of that > chinese team that found collisions and so on) > e) SHA1 > f) MD5 > Correct? You may want to deactivate MD5 altogether. (Just leave its number out of your preferences-list.) > 3) Compression algorithms > GnuPG supports: Uncompressed, ZIP, ZLIB, BZIP2 > I think the best preference order should be the following (from the > best to the worst): > a) BZIP2 (I don't bother if there are Windows users or so that "can't" > support bzip2 *g* ) > b) ZLIB > c) ZIP > d) Uncompressed > Correct? There is no need to bother: If you encrypt to a windows user, his key will indicate that it doesn't understand bzip2 and your GnuPG will automatically choose a mutually supported algorithm. That's what I can answer. cu, Sven From hhhobbit at securemecca.net Thu Oct 27 10:56:45 2005 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Thu Oct 27 12:38:47 2005 Subject: invalid packet - ignore errors? Message-ID: <1130403405.6379.6.camel@gandalf.hydrathink.org> On 21 Oct 2005 09:36:27 +0200 kage@vego.no said: > *Is it possible to make gnupg ignore errors when decrypting > files?* > > I'm trying to decrypt a symmetrically encrypted file, but get > the following error message(s): > > C:\gpg\gpg>gpg -v -o c:\out.bkf -d d:\data.bkf.gpg > gpg: CAST5 encrypted data > gpg: encrypted with 1 passphrase > gpg: original file name='data.bkf' > gpg: [don't know]: invalid packet (ctb=63) > gpg: [don't know]: invalid packet (ctb=66) > gpg: WARNING: message was not integrity protected > gpg: [don't know]: invalid packet (ctb=37) > > The outfile is written, but only partially. > > Does this simply mean that the .gpg file is corrupt and that > the archive can not be recovered? It has been burned on a > dvdrom, and I had some issues getting a 3GB+ file burned. > > This is gnupg 1.4.0 running on Windows XP > > The error messages aren't all that informative, not even in > verbose mode. > > Note: I sent this earlier, but got no response. If someone > could help, or point me to any resources of help, I'd be > grateful! Well, KG, we just went through this less than a month ago. Microsoft Windows has some strange things going on when you start getting huge files, and the behavior is ANYTHING but standard, and many more programs besides GnuPG have problem handling the huge files. For starters, you didn't say HOW you encrypted the file in the first place, but I assume it was like this: C:\gpg\gpg>gpg -o C:\data.bkf.gpg -c C:\input.bkf If you didn't do it this way, please let me know (I am just assuming the name "input.bkf" in the absence of what ever you had). Because of the problem with large files on Windows, it should have been done like this using the piping mechanism: C:\gpg\gpg>gpg -c < C:\input.bkf > C:\data.bkf.gpg Similarly, your decryption should also pipe both input and output to gpg as follows: C:\gpg\gpg>gpg -d < d:\data.bkf.gpg > c:\out.bkf I imagine they won't post this to the group. That is why I Bcc:'d the reply to you. You should have searched the archives. It won't handle the problem you will have writing to the DVD. I would like to say it is a separate issue, but it isn't. Large files can cause a lot of problems on Microsoft Windows. Ciao HHH -- Key Name: "Henry Hertz Hobbit" pub 1024D/E1FA6C62 2005-04-11 [expires: 2006-04-11] Key fingerprint = ACA0 B65B E20A 552E DFE2 EE1D 75B9 D818 E1FA 6C62 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : /pipermail/attachments/20051027/b4de9f00/attachment-0001.pgp From alphasigmax at gmail.com Thu Oct 27 12:49:52 2005 From: alphasigmax at gmail.com (Alphax) Date: Thu Oct 27 12:52:55 2005 Subject: Lots of questions In-Reply-To: <43601157.7090803@mathematica.scientia.net> References: <43601157.7090803@mathematica.scientia.net> Message-ID: <4360B0D0.1030902@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Disclaimer: I'm not a developer, hence I haven't crossposted to -devel. Any answers given here are my own opinions and might be completely wrong. You have been warned. Christoph Anton Mitterer wrote: > (btw: I'm using solely Linux so I don't have those fancy GUIs f?r GnuPG) > KGPG is available for KDE and SeaHorse is available for GNOME. > I) GnuPG specific questions: > > 1) There are two development brances stable (1.4.x) and experimental > (1.9.x). > a) Are there any differences in these two brances, for example in the > key format, the key generation, security or so, expect the main > difference: S/MIME support and more card reader support? There shouldn't be. > b) When creating a new key, that I want to use at least the next 10 > years or so (expect somone breaks asymmetric-key-algorithms): Should I > create it with 1.4.x or 1.9.x? For security reasons an so on? > Either; they should be the same. > 2) GnuPG (and I think OpenPGP specifies that, too?) uses hybrid > algortihm, meaning that when encrypting data, it's first encryptet using > a symmetric algorithm (e.g. AES) with a random sessions key and then the > session key is encryptet using the asymmetric algorithm. Same thing with > signatures: The data is first hashed and then the hash (and not the data > itself) is encrypted with the private key, correct? > Are there ways to change this behavior? I mean can I use GnuPG to only > use the asymmetric algortihms? That should be more secure, shouldn't it? > Of course I'd be probably no longer compatible to OpenPGP (RFC 2440). > You /can/ encrypt thing symmetrically only using the --symmetric option; keep in mind that this requires you and the recipients to have somehow securely agreed on a passphrase to be used for such purposes. I suggest Diceware (http://world.std.com/~reinhold/diceware.html) be used to generate such passphrases. Signing with a symmetric algorithm is useless, because in order to verify the signature you would need to have the key used to sign the message digest (hash); however, if you have the key, you can generate your own signature! Public Key crytography relies on asymmetric algorithms, with a public half and a secret half. If you have the public half, you can communicate with (encrypt messages to and decrypt (verify) messages from) the secret half; if you have the secret half, you can communicate with (encrypt messages to (sign) and decrypt messages from) the public half. But if you only have the public half, you cannot read what someone else has encrypted using the public half. > 3) When GnuPG does encryption and signing. Does it encrypt first or sign > first? If it would sign first, no one could use the signature to find > out who it signed... > Not entirely sure. I think it might actually do both, depending on your settings. > 4) When using GnuPG with the standard compliance settings ( --gnupg). > Are my keys and messages/signatures fully compatible to OpenPGP/RFC2440? > If not: Is this only the case when communicating with > non-OpenPGP-compatible users? > Well, they /should/ be. The best answer I can give is the manpage entry: > --gnupg Use standard GnuPG behavior. This is essentially > OpenPGP behavior (see --openpgp), but with some > additional workarounds for common compatibility > problems in different versions of PGP. This is the > default option, so it is not generally needed, but > it may be useful to override a different compliance > option in the gpg.conf file. > > --openpgp Reset all packet, cipher and digest options to > strict OpenPGP behavior. Use this option to reset > all previous options like --rfc1991, --force-v3-sigs, > --s2k-*, --cipher-algo, --digest-algo and > --compress-algo to OpenPGP compliant values. All > PGP workarounds are disabled. You can use --openpgp to be sure. > 5) When creating a new key. What is the best random number source I can > use,.. and are there ways to tune the configuration of random number > generation? > A radiation source. Failing that, HotBits (http://www.fourmilab.ch/hotbits/). Failing that, dice. Failing that, the Entropy Gathering Daemon (http://egd.sourceforge.net/), which was designed for use with GPG. The EGD homepage has instructions on how to configure GPG to use it. EGD is the most practical of all these suggestions. > 6) In the GnuPG interface there is that "usage" field: "E" is for > encryption only keys, "S" for signing only. What does "CS" and "CSA" mean? > C is "certification" - I believe this means that you can sign other keys with it (not entirely sure). A is "authentication" which I think means you can use it for eg. SSH authentication, unlocking your computer - authentication keys are probably most useful when on a smartcard. > 7) Why doesn't GnuPG larger keys than 4096 bit (please don't answer > nobody would need that ;-P )? > Because not everyone has the internet bandwidth or processer/memory requirements to encrypt/decrypt with anything much bigger. It's also believed that at present, such keys are "sufficiently large" to prevent all known attacks for the forseeable future. Again, no guarantees. > 8) Does it make any difference wheter creating keys with 32-bit OS or > 64-bit OS? > It shouldn't... > 9) What is that "--set-notation" option? No idea. Probably for future uses. > II) OpenPGP/Key specific questions: > > -First, you allways have one primary key (which is always a signing-only > key) (this might be an DSA or RSA-S key, only) Yes, although this can be disabled. The reasons for why you might want are far too long to detail here. > -Then, you have several subkeys, used for signing only (RSA-S, DSA) or > encrypting only (ElGamal, RSA-E) It's also possible to generate RSA keys which do any combination of signing, encryption and authentication, and DSA keys can any signing and/or authentication (I think). Note that ElGamal keys can NOT be used for signing, only encryption. I believe that ElGamal signing keys leak the secret key. > -Then, there are one or more User ID's > Yes. I have no idea what the actual key structure is though. > 1) What is about RSA and ElGamal keys that can both, sign and encrypt? > Why can't I use them? Any security reasons? If a sign+encrypt key is compromised, you stand to lose far more than if only a signing or only an encryption key is compromised. As I stated above, ElGamal can *NOT* be used for signing. > 2) Is ElGamal the same as Diffie/Hellman? > No. I have no idea what Diffie/Hellman keys are or how they work. Note that Diffie/Hellman can also refer to the key exchange protocol or DSA (DSS?) keys; it's possibly the most ambiguous term in public key cryptography - "trust" comes a very close second. > -Each public key connected to it's secret key? How? > The simplest (most understood) system is that which RSA uses. Wikipedia has a fairly detailed article on it, available in: - English (http://en.wikipedia.org/wiki/RSA) - German (http://de.wikipedia.org/wiki/RSA-Kryptosystem) - French (http://fr.wikipedia.org/wiki/Rivest_Shamir_Adleman) - Italian (http://it.wikipedia.org/wiki/RSA) - Dutch (http://nl.wikipedia.org/wiki/RSA_%28Cryptografie%29) and several other languages. > -The keys (primary and secondary) are signed with a self-signature. This > ensures that no one modified the key, correct? Does it also assure that > a subkey belongs to a primary key and thus to the UIDs? If so: How (e.g. > contains the sub-key-self-signature the fingerprint of the primary key > or so)? Yes, the selfsigs bind UIDs and subkeys to the primary key. All UIDs and subkeys are signed with the secret part of the primary key. If the selfsig on a subkey was the the selfsigned fingerprint of the primary, I could attach my subkey to anyone else's primary key. > -The keys (primary and secondary) self are only signed with the > self-signature, not with signatures from other users. I believe so. > -The key signatures don't contain information like preferred algorithms > or user identifiers and so. No. > -Are there other reasons for primary/secondary key signatures? > Apart from to ensure that the secret part of the primary key exists and that the subkey does indeed belong to the primary it is attached to, I don't think so. > -The User IDs are self-signed to. This assures that the signed UID(s) is > from the user that has the private key (from that specific public key) > and that nobody changed the UID, correct? Any other reasons? > That the owner of the key is making a claim that they are who the UID says they are? > -All self signatures (to my keys and UIDs) and signatures to other UIDs > (I think I can't sign other users primary/subkeys at all) are generated > using the primary (sign-only) key. > Yes. > 3) Why can't I use a (signing) subkey for self-signatures or signing > other UIDs? Would this make sense at all? Because subkeys are a relatively new thing; many keyservers (and probably much software) cannot correctly deal with subkeys. Apart from that, it makes no sense. I can't tell you exactly why; I just know that it doesn't make sense. > 4) How are my secondary keys connected to the primary? I know that the > UID are connected by something like the fingerprint in the UID. And the > UID is self-signed so nobody can change this (expect the owner of course) > The UIDs are connected the primary by 1) being attached to the primary key, 2) being (self-)signed with the secret part of the primary key. GPG (or any other OpenPGP program that I know of) won't allow you to change a UID once it's been created; you can only add, delete and revoke UIDs. > > 5) All signatures (those that I make and that I receive) are ONLY > connected to the Key-ID of the signing key and NOT to (one of) the UID > of signing key, correct? Signatures are made with the keyid; hence you can have signing subkeys. > a) Thus when I change my primary UID from e.g. old@email.example to > new@email.example all signatures that I made to other keys automatically > show the new UID (new@email.example), correct? The same thing sould > apply to the things on keyservers, correct? The same thing sould apply > of course when others change ther UIDs. Yes. However, this *does* affect how trust calculations are done, since signatures are made *to* the UIDs. > 6) Is this (that keyservers and software know which UID they should show > on signatures) the only reason for making on UID the "default-UID"? > You might use the "primary" flag on a UID to indicate "I check this email address every day; the others I only check once a week" or whatever. > -Ok, as far as I understood there should be three types of signatures: > a) Signatures to "normal" data like an email. This should consist solely > of the encrypted hash (by the private key) the used hashing algorithm > and the KeyID of the signing key, correct? Yes, although the last 2 are extractable from the signature itself, depending on the particular software, keytype and such. > b) Self-Signatures to primary/secondary keys. This should consist solely > of the encrypted hash (by the private PRIMARY key) the used hashing > algorithm and the KeyID of the signing key, correct? I think so. > c) Signatures to UIDs ... ok now it gets complicated? > The encrypted hash using (I have no idea what hash algorithm) of the UID as a UTF-8 string. I think. > 7) Is there a difference between self-signatures to UIDs and Signatures > to other UIDs? Which? I believe that they are functionaly equivalent. > 8) What is stored in a UID-signature? > a) It should contain the used hash-algorithm and the hash itself (of > course) and the KeyID of the signing key (think that should be always > primary keys), too? And the timestamp, verification level, expiry date, revocation status, and notation data (eg. policy URL). > b) It contains also name, email and comment, correct? (btw: Would > RFC2440 allow other fields like address, phone, etc.?) It contains whatever the UID says it contains. There are also PhotoIDs and "freeform" UIDs, with the possibility of expansion in the "user attribute packet" area (currently used for PhotoIDs). > c) Prefered algorithms (symmetric, hash, compression). Only with > self-signatures or with signatures to other UIDs, too? Not entirely sure how these are stored; I believe as a packet attached to the UID, with the selfsig timestamp updated whenever prefs are changed. > d) The features "MDC" or "Keyserver no-modify". Are there other such > features? Where can I find a documentation to these features? Which > should I select for maximum security? Are those (for maximum security) > compliant with RFC2440? The GPG man pages. MDC lets you know when an encrypted message has been tampered with; I have no idea what keyserver no-modify does and cannot find it in the man page. > e) Other things stored in the UIDs? Notation data? Not entirely sure. > f) What is about things like policy URL or photo or so? > Policy URL is stored in signatures; to communicate a policy URL via a UID, self-sign your key while specifying the policy URL. Photos get their own UIDs. > > Ok,.. now it gets even worse, I think: > When other people "sign my key" they do not sign my key, but rather one > (or all) of my UIDs, correct? Thus they tell everybody, that this UID > belongs to the key AND that the settings in the UID are true (more > questions about the different kinds of signatures from others to my UIDs > later) I don't think the anything but the selfsig makes any claim about the prefs on the key. Hrm. Maybe selfsigs *are* different. > Ok,.. I told you I'd use my key as long as possible. But sometimes my > email address changes, so I'll defenitely have more than one UID. > Big problem: > When I change my UID all signatures that I received until that would not > count for the new ID and thus other people wouldn't recognise my new UID > as true, correct.? > I think the best solution would be that my default UID is always > "Christoph Anton Mitterer" without an email at all. So I could ask other > people to sign only my default UID and (solely) because I sign my other > UIDs with a self-signature, they would trust those UIDs, too. Correct? > Or can you think of a better model for my needs? > There have been many suggestions on this. Read and ask around some more, lots of people will tell you what they think. I have no personal opinion on the matter (that I'm aware of). > btw: The same thing should work with new subkeys: > Only primary keys can be used to sign other UIDs (I asked that above). > So when someone signed (one of) my UIDs he trusts them and also the key > that is specified in the UID (should be always the primary key). So if I > add a subkey (and self-sign it) that someone should also trust my > subkey, correct? > Yes. > 9) Another big problem: There are those things like prefered algorithms > or features or signing policy or . What is if I change these things in > one of my UIDs? Are oll signatures (by other people) on that UID > invaildated? (If not: why not?) No. It sounds more and more like selfsigs are indeed "special". > If so: I should from the beginning set these things to final values,.. > so perhaps once againg the question: What are the most secure settings? :-D Whatever meets your security needs and keytype... > 10) Ok I know they secret key itself is encrypted (symetricallay) with a > passphrase... What do those s2k-x options have to do with that,.. an > most important,.. if I decide later to change them,.. would I loose my > signatures (from other people) No. The s2k-* options determine how your secret key is stored locally (or how it is exported, if you export it). Changing it does *not* change the secret key, only how it is stored. Note that if you change any s2k-* options, you need to change your passphrase (even to the same thing) before the changes take effect. > 11) Are there any other options you can think of,.. that are stored in > the key/UID that I might change later and that would lead to loosing > signatures? > What you put in your UID is up to you, but the contents will determine who will/won't sign/trust your key. > 12) When creating more that one encryption subkey... What could be a > reason for doing so? If you planned to expire or revoke one... again, not entirely sure. > 13) Same question with signing subkeys? > Aha! It lets you send signed email from an "insecure" environment without exposing the secret part of the primary key. An excellent subkeys tutorial: http://fortytwo.ch/gpg/subkeys > > 14) Ok,... I've got also a lot of questions to revokation, trust, > validity the different kinds of signatures that I can make to other UIDs > (like non-revokable and so on) but I'll ask them in a seperate email. Good idea, this one is pretty long :) > III) Algortihm specific questions: > Ok these questions are probably asked very often, but I risk flaming and > ask again ;-) > > 1) Asymmetric algorithms: > GnuPG only supports RSA-E, RSA-S, ElGamal-E and DSA, correct? (I'd love > to see ECC =P~ btw: is ECC only used for encryption or for (primary) > signing keys too?) > ECC is (apparantly) on it's way in a future version of OpenPGP; I believe that there is a keytype reserved for it. The same goes for Diffie/Hellman. ElGamal primary keys existed very briefly, but were found to be incredibly insecure. I believe that they have been dropped from OpenPGP. > Ok,.. I've read lots of sources,.. e.g. > http://www.scramdisk.clara.net/pgpfaq.html > Wow, that's old :) Try the GNU Privacy Guard Handbook: http://www.gnupg.org/gph/en/manual.html > What should I use? *G* > ok,.. uhm I think DSA has one big problem,.. it's limited to 1024 bit > (please don't say that is enough,.. I'm paranoid ;-) ) and even NIST > seems to think about a reimplementation of DSS... > So I'd say,... for primary (signature only) key RSA-S would be the best, > correct? > Yes. Earlier this year new timing attacks were published against SHA1 which have severely weakened the value of DSA keys, due to the fact that current DSA signatures don't actually say in the signature block itself which has was used. At present, RSA is "recommended" by various people, myself included. Again, I'm not an expert - I haven't even properly studied cryptography. > Secondary (encryption, I think at first I won't need additiona > encryption or signing keys) key,.. in reference to the URL above,... > they said that ElGamal is a very tiny little bit more secure than RSA-S.... > So should I use the following: Primary RSA-S,... secondary ElGamal?????? > I know that the default is DSA/ElGamal,.. so that RSA-S/ElGamal sounds a > bit strange to me *g* > Bit-for-bit, ElGamal is believed to be "marginally" more secure. Several people I have spoken to have done exactly this; generate an RSA sign-only primary key, and add ElGamal encryption subkeys. It's even possible to add extra RSA signing keys - I did this to "fix" my current DSA key in the short-term. > btw: I've read that one can create RSA keys with any fingerprint the > attacker wants to have (but different key-size),.. does this only work > with RSA-E or also with RSA-S,.. I mean is this a reason not to use > RSA-S as primary key? Does it work with ElGamal, too? > Not exactly... It's possible to fake the last 32 bits of a key, ie. the shortid. The most common example of this is 0xDEADBEEF. However, I believe that the other half (usually secret) of such a key is impossible to produce. Not entirely sure though. Forging key fingerprints is (as yet) not possible. > > 2) Symmetric algorithms > GnuPG supports: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH > I think the best preference order should be the following (from the best > to the worst): > a) AES256 > b) AES192 > c) AES > d) TWOFISH > e) BLOWFISH > f) CAST5 > g) 3DES > Correct? > No guarantees of "correctness", EVER, but it's a reaonsable choice. > > 3) Hashing algorithms > GnuPG supports: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512 > I think the best preference order should be the following (from the best > to the worst): > a) SHA512 > b) SHA384 > c) SHA256 > d) RIPEMD160 (no sure if SHA-1 should be before this because of that > chinese team that found collisions and so on) > e) SHA1 > f) MD5 > Correct? > SHA384 is /useless/. It's just a truncuated version of SHA512. In my mind (and remember, I'm just some guy answering your email), it's a security risk. RIPEMD160 is currently the best choice for a 160-bit hash algorithm, provided you use an RSA key. SHA1 is not completely broken *yet*, but it's a lot less secure than it was before Februrary. MD5 is completly and utter broken, in real time. > > 3) Compression algorithms > GnuPG supports: Uncompressed, ZIP, ZLIB, BZIP2 > I think the best preference order should be the following (from the best > to the worst): > a) BZIP2 (I don't bother if there are Windows users or so that "can't" > support bzip2 *g* ) > b) ZLIB > c) ZIP > d) Uncompressed > Correct? Since you "don't care" about Windows users, bzip2 is fine. GPG is pretty good though; I use Windows and don't have any problems with bzip2. > IV) How to create my new key the best way? > > Ok these days the "Systems" is in Munich and there's the c't Magazine > that signs keys and so on.... :-D > So I'd like to make a new key asap.... and have it signed,.. ;-) > Join a Linux User's Group, put your key on Biglumber, and attend keysignings. > Ok,.. now I wonder how I should do this the best and cleanest way. > I suppose my assumtions above are correct and RSA-R/ElGamal would be the > best and that the algorithm preference is also the best, if one could > say so... > RSA-S/ElGamal-E with your prefs should be OK; prefs can always be changed. > And I suppose that the default random settings in Linux (normally I use > debian, but I think I'll boot from a Knoppix CD to create the key,.. > hope the include the latest version of GnuPG) are already the best, > correct? > Set your s2k-* options as strong as you can and use the best RNG you can. > My ~/.gnupg looks: A lot fuller than mine :) > Can I change that "sig-policy-url", "cert-policy-url", "set-policy-url" > and "sig-keyserver-url" later without loosing signatures on the UID? > These are settings in gpg.conf and are only applied when making signatures. > Ok,.. later I'm going to play with Smartcards, too :-) > Keep in mind that you will be "called on" to help debug new them if you get one :) - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ2Cw0LMAAH8MeUlWAQh8MggAiYkxFPaB+y75tXWI52nvCYgKI1C9bYgV nPyiOPjTl32Hywa4f1C2KmZ/bTLr7FWTN7kcZdu7Ws/ZrmgqRkL7/vPpLNNi6+K3 jNDsMeM7+m7IlYKf7VQeuJiqhGCT9guvSKLBcC648joayUxJjUHIU/G1oYaQhWTC cpzVJsmFOhli2pUxAv6G4/01jcqmdDeJv0yfvpUHMrWLctpQv/kPcR7UyI7QVT1T n9HFE2FBBqz63c4uDkJZGodNlgRjk7bZWL5dI3cjCrinHutoNTkfN8lzWhdNtVyJ 0K5zMVukB44nHodCiSVWdNk1h9nhvi71q1VbDMubb0+r7wxlDNfDBA== =EzW3 -----END PGP SIGNATURE----- From alphasigmax at gmail.com Thu Oct 27 12:51:14 2005 From: alphasigmax at gmail.com (Alphax) Date: Thu Oct 27 12:53:55 2005 Subject: ECC In-Reply-To: <435FAFE1.6080802@web.de> References: <435FAFE1.6080802@web.de> Message-ID: <4360B122.5060402@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Topas wrote: > Hi. > > When are we going to have ECC support in GnuPG? > Is it in OpenPGP yet? - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ2CxIbMAAH8MeUlWAQhNDQf/R4GFn6bEX6DSMPqY2AOFWhp7mIzJDFvz IctXHWjLyw22L7m/0s+1h6eIowP9l6FvW5wU9V/377NkRWGALhhWgWS3jpydqhfX NggbYqIZ8xp5/1hNjvpi1JJUp1WEOYRx5CBN7kBXtRB51+P/ms9DbgCtazBen8pO l5zIC54+/ffUlwbwBE6cOybI0Dz65tnCtbes+4KjURBdXl6m5Xcwu9yQy2Phkb6v gWL3jKAxcYeYtwWZMdHPJXaHZIe9IONMVgBtvvWxUspNP1CJ2yQioZJDPM/mX5jV r0wArNDI6VSBFkaBACby9YDFPiT/R7vqdAJiHQXaymKidSmSUrTRlw== =S6ns -----END PGP SIGNATURE----- From alphasigmax at gmail.com Thu Oct 27 12:53:53 2005 From: alphasigmax at gmail.com (Alphax) Date: Thu Oct 27 12:56:43 2005 Subject: allowed commands on keys that keyservers handle correctly In-Reply-To: <20051027101327.GC14451@isw302> References: <20051020101524.GA6026@isw.uni-stuttgart.de> <87u0fcfmi0.fsf@wheatstone.g10code.de> <20051027101327.GC14451@isw302> Message-ID: <4360B1C1.4020703@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Realos wrote: >>>If I like to remove my signature from a certain key and/or uid, what is >>>the best approach to that? Does it make sense to revoke the signature or >>>just delete it? I find both of these commands in "gpg" software but am >>>unclear what to use. >> >>You need to revoke the signature once you have lost full control over >>the public key (i.e. uploaded it to a keyserver). Deleting a >>signature/uid or key makes only sense if you can replace all copies >>with the updated one. > > > Replacing an old key with updated one seems to be possible with > biglumber and such other servers. Such servers have the disadvatage of > not syncing with other public servers and only allowing one public key > per email address. > > Are there any other drawbacks of Biglumber? > Biglumber *does* (AFAIK) allow multiple keys per email address. That's one of the reasons it's better than the GD. - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ2CxwbMAAH8MeUlWAQi5sggAqE32MzcjtcvqEIJ83m1rQ2D39C9krvg3 PyCx0KRJ1T31GvV1rVVKRbHozEw5aCHR7BgtJflDugCR3rfe079wXrB5Tui1erzQ esg6kr1UBTsfwxgUArfHXBc/4hnevO/AsKZtwI5VuM/epUnW0nrHPbQC5VP6nMQ5 j4YW4Of4w7IatjU5OUognJgbVUwIYj76SswnCyrhW42re6xq/Ak1kwqD6L5LoKM/ JftWVBfu85ypRIaKAWX+Bqu9l3r1OE4i7JfAoAwHb7ZhSNVXoFEiYcOferUA8iA/ S6rPrpVyTaj4bAQFpFMKpCgog7BcWqer4YyzNEnKwPnMXjqLMO5PLw== =h9bI -----END PGP SIGNATURE----- From alphasigmax at gmail.com Thu Oct 27 12:56:15 2005 From: alphasigmax at gmail.com (Alphax) Date: Thu Oct 27 12:59:03 2005 Subject: The never-ending GD discussion,part 74 In-Reply-To: <20051027085122.GD8701@isw302> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <20051023141159.GA9745@jabberwocky.com> <435BB76B.9090208@galen.org.uk> <20051023172705.GB9745@jabberwocky.com> <31178237.20051023214718@gmx.net> <20051027085122.GD8701@isw302> Message-ID: <4360B24F.7070201@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Realos wrote: >>It turns out that this way is even the best one (so far; and in the >>"category" of the worldwide scattering of the keys): you can't upload >>any key without authorization, and you can upload as much of them as you >>want/need. > > > Yes this may be the best of both types of servers. It seems to be a very > small change in protocol. Verification of identity by challenge/response > and allowing more than one keys attached to same email address. > > Why have this found it's way into server protocol implementations? > Are there any hidden problems at first sight? > It would disallow freeform UIDs. - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ2CyT7MAAH8MeUlWAQjfiAf8DV5zUrtrlkMkhkU5Qsn2O20P7nwkikYr 3N+ONi9EoFyynm//eqIaRBah/1syogtc0HRTdowY1iN1y76XofXFXNQyrgbmgnnc fEkB2Yd63wwqqSP532zDVZuAmjgUCI07jHNW1KyvCwydk6yf0rC1HDDwLowbjQIw 3bSeh1ssrQXEPyyMFNSI5/pcDt48BZ4FDKT7rd4PiGsRcPMHErTcEQApYpBsZazM wuafu03hzTb1DuskC6F2jhwFheaITer8Jl/HbKy5/MJM7DBBaW8Wvu6utTl1D/BU Px0ZSeYi2NjOD2ZnxJUi9UrAJwsJYbCuV27BGXv+pWP+fWsAzcms/Q== =Czk1 -----END PGP SIGNATURE----- From dshaw at jabberwocky.com Thu Oct 27 14:11:08 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Thu Oct 27 14:11:42 2005 Subject: ECC In-Reply-To: <435FAFE1.6080802@web.de> References: <435FAFE1.6080802@web.de> Message-ID: <20051027121108.GB6101@jabberwocky.com> On Wed, Oct 26, 2005 at 06:33:37PM +0200, Topas wrote: > Hi. > > When are we going to have ECC support in GnuPG? There is an experimental patch at http://alumnes.eps.udl.es/~d4372211/index.en.html However, there will not be official support in GnuPG until the OpenPGP standard gets ECC support. There are no particular plans to do that at this time. David From johnmoore3rd at joimail.com Thu Oct 27 14:20:48 2005 From: johnmoore3rd at joimail.com (John W. Moore III) Date: Thu Oct 27 14:20:49 2005 Subject: allowed commands on keys that keyservers handle correctly In-Reply-To: <20051027101327.GC14451@isw302> References: <20051020101524.GA6026@isw.uni-stuttgart.de> <87u0fcfmi0.fsf@wheatstone.g10code.de> <20051027101327.GC14451@isw302> Message-ID: <4360C620.3040102@joimail.com> Realos wrote: > > Replacing an old key with updated one seems to be possible with > biglumber and such other servers. Such servers have the disadvatage of > not syncing with other public servers and only allowing one public key > per email address. > > Are there any other drawbacks of Biglumber? > Not TRUE, I have 2 Keys listed on BL with the same email address. However they have different BL assigned passwords, so they are Separate Listings! JOHN :) Timestamp: Thursday 27 Oct 2005, 08:20 AM --400 (Eastern Daylight Time) From realos at loftmail.com Thu Oct 27 14:47:03 2005 From: realos at loftmail.com (Realos) Date: Thu Oct 27 14:46:16 2005 Subject: allowed commands on keys that keyservers handle correctly In-Reply-To: <4360C620.3040102@joimail.com> References: <20051020101524.GA6026@isw.uni-stuttgart.de> <87u0fcfmi0.fsf@wheatstone.g10code.de> <20051027101327.GC14451@isw302> <4360C620.3040102@joimail.com> Message-ID: <20051027124703.GA18841@isw302> >Not TRUE, I have 2 Keys listed on BL with the same email address. >However they have different BL assigned passwords, so they are Separate >Listings! So, you have some difference on uids for these 2 keys? Like different entry in name or description? -- Realos From wespvp at SYNTEGRA.COM Thu Oct 27 16:18:50 2005 From: wespvp at SYNTEGRA.COM (Wes) Date: Thu Oct 27 16:19:12 2005 Subject: Encrypted file filename In-Reply-To: <20051026214049.22117.qmail@web51715.mail.yahoo.com> Message-ID: On 10/26/05 4:40 PM, "Tracy D. Bossong" wrote: > Instead of --decrypt, use > > gpg --use-embedded-filename myfile.pgp > Well, not instead but in addition to --decrypt. > --use-embedded-filename is an option. Ok, I see that now in the man page, just not in the command line usage. Thanks. Guess I'm blind... I also see --set-filename. However, I don't see any way to read the embedded file name. I have a server process that is decrypting messages and needs the original file name to rebuild some headers before sending the file on. It needs to decrypt the message to a known file, then build the headers with the original file name. I guess the file could be decrypted into an empty temp directory, then use opendir/readdir to find whatever filename shows up there. That seems a bit kludgy, though. Also, is the embedded file name guaranteed to be just a file name, or could it be a full path, which would present a rather significant problem? Wes From JPClizbe at comcast.net Thu Oct 27 16:21:51 2005 From: JPClizbe at comcast.net (John Clizbe) Date: Thu Oct 27 16:22:42 2005 Subject: ECC In-Reply-To: <435FAFE1.6080802@web.de> References: <435FAFE1.6080802@web.de> Message-ID: <4360E27F.6010508@comcast.net> Topas wrote: > Hi. > > When are we going to have ECC support in GnuPG? > Well, first it has to make it into the OpenPGP Standard. And usually to do that, it would likely need to be part of some governmental or business standard so that large numbers of end-users would want/need it. Second, most public ECC algorithms I've seen also seem to be patent-encumbered. This alone would most likely keep ECC out of GnuPG. -- John P. Clizbe Inet: JPClizbe(a)comcast DOT nyet Golden Bear Networks PGP/GPG KeyID: 0x608D2A10 "Be who you are and say what you feel because those who mind don't matter and those who matter don't mind." - Dr Seuss, "Oh the Places You'll Go" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 667 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051027/0487da61/signature.pgp From wespvp at SYNTEGRA.COM Thu Oct 27 17:42:30 2005 From: wespvp at SYNTEGRA.COM (Wes) Date: Thu Oct 27 17:42:50 2005 Subject: Encrypted file filename In-Reply-To: <87u0iz9cao.fsf@wheatstone.g10code.de> Message-ID: I found the answer I was looking for by enabling status-fd [GNUPG:] BEGIN_DECRYPTION [GNUPG:] PLAINTEXT 62 167772160 small.doc [GNUPG:] PLAINTEXT_LENGTH 19456 [GNUPG:] DECRYPTION_OKAY Wes From dshaw at jabberwocky.com Thu Oct 27 18:00:15 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Thu Oct 27 18:00:42 2005 Subject: Delete key from keyserver In-Reply-To: References: <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575__36061.0443553471$1130012606$gmane$org@zax.ifi.uio.no> <20051024213810.GB14582__6709.16447784311$1130191869$gmane$org@jabberwocky.com> <20051025233951.GA20427__10535.051013767$1130283920$gmane$org@jabberwocky.com> <20051026033849.GE20427__13187.1989848607$1130298495$gmane$org@jabberwocky.com> Message-ID: <20051027160015.GC7941@jabberwocky.com> On Wed, Oct 26, 2005 at 12:26:31PM -0500, Alex Mauer wrote: > David Shaw wrote: > > >>>Some people > >>>will not sign such a user ID though, > > > > It's not an issue of improving the trust, it's an issue of > > disambiguation. > > Right, so why is it any better to have a key with: > 0x99242560 David Shaw > > than to have > 0x99242560 David Shaw > 0x99242560 dshaw@jabberwocky.com > (two UIDs) > > You still have the same level of disambiguation. Why would someone be > unwilling to sign the one, but willing to sign the other? Because they're not joined together it is not a real disambiguation. With two UIDs, it is possible for someone to remove one without affecting the other. We've established that people are sometimes unwilling to sign "David Shaw" (with no email). Having two UIDs, each requiring their own signature, is much the same case since the email address UID can be removed. > But it's really irrelevant to the original point, which is that in many > cases, the real name doesn't matter; only the email address/key does. > "If I know a person only by email, then that email *is* the person to > me." In that case, if the email is trusted, then the name on the UID is > irrelevant. I might be willing to trust that key ID 0x99242560 really > is used by the holder of email dshaw@jabberwocky.com, but not that the > person in question really is named David Shaw. ... and in most cases, I > probably don't really care about the real name of the keyholder, only > about the email address. So why should I have to sign both in order to > declare this trust? You don't. But it's not up to you as the signer - it's up to the key holder to say how he wants to be known. David From dshaw at jabberwocky.com Thu Oct 27 18:09:19 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Thu Oct 27 18:09:40 2005 Subject: allowed commands on keys that keyservers handle correctly In-Reply-To: <20051027101327.GC14451@isw302> References: <20051020101524.GA6026@isw.uni-stuttgart.de> <87u0fcfmi0.fsf@wheatstone.g10code.de> <20051027101327.GC14451@isw302> Message-ID: <20051027160919.GD7941@jabberwocky.com> On Thu, Oct 27, 2005 at 12:13:27PM +0200, Realos wrote: > > >> If I like to remove my signature from a certain key and/or uid, what is > >> the best approach to that? Does it make sense to revoke the signature or > >> just delete it? I find both of these commands in "gpg" software but am > >> unclear what to use. > > > >You need to revoke the signature once you have lost full control over > >the public key (i.e. uploaded it to a keyserver). Deleting a > >signature/uid or key makes only sense if you can replace all copies > >with the updated one. > > Replacing an old key with updated one seems to be possible with > biglumber and such other servers. Such servers have the disadvatage of > not syncing with other public servers and only allowing one public key > per email address. Note that the ability to replace an old key with an updated one and not syncing with other public servers go together. You can't have key replacement if you sync, since the old key can come back from a server that hasn't done the replacement. > Are there any other drawbacks of Biglumber? Biglumber is not really a keyserver. Well, it's a keyserver in the sense that it is a server, and it stores keys that people can retrieve from it. It's not a keyserver in the sense that it has no automated interface that can be used via something like: gpg --keyserver biglumber.com --search-keys xxxx Biglumber is more of a "find people to sign keys" service, though some people do use it as a sort-of keyserver. David From wk at gnupg.org Thu Oct 27 18:24:51 2005 From: wk at gnupg.org (Werner Koch) Date: Thu Oct 27 18:26:50 2005 Subject: Encrypted file filename In-Reply-To: (wespvp@SYNTEGRA.COM's message of "Thu, 27 Oct 2005 09:18:50 -0500") References: Message-ID: <87ll0f0vxo.fsf@wheatstone.g10code.de> On Thu, 27 Oct 2005 09:18:50 -0500, Wes said: > I also see --set-filename. However, I don't see any way to read the > embedded file name. [GNUPG:] BEGIN_DECRYPTION [GNUPG:] PLAINTEXT 62 1130429959 x # mode timestamp filename [GNUPG:] PLAINTEXT_LENGTH 63 [GNUPG:] DECRYPTION_OKAY [GNUPG:] GOODMDC [GNUPG:] END_DECRYPTION > file name to rebuild some headers before sending the file on. It needs to > decrypt the message to a known file, then build the headers with the > original file name. That is the way PGP does it. We now have support in gpgme for reading the orginal filename. Note that the filename is optional, in particular you won't see one if you pipe data into gpg. > I guess the file could be decrypted into an empty temp directory, then use > opendir/readdir to find whatever filename shows up there. That seems a bit > kludgy, though. Or well, rename it after having saved it under a temporary name. > Also, is the embedded file name guaranteed to be just a file name, or could > it be a full path, which would present a rather significant problem? It is just an utf-8 string without any restrictions. In fact it might even contain 0x00 (GnuPG can't create such a message) Shalom-Salam, Werner From hawke at hawkesnest.net Thu Oct 27 18:45:09 2005 From: hawke at hawkesnest.net (Alex Mauer) Date: Thu Oct 27 18:51:37 2005 Subject: Delete key from keyserver In-Reply-To: <20051027160015.GC7941__9927.43668980456$1130429312$gmane$org@jabberwocky.com> References: <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <200510221931.57964.linux@codehelp.co.uk> <20051022202010.GA7575__36061.0443553471$1130012606$gmane$org@zax.ifi.uio.no> <20051024213810.GB14582__6709.16447784311$1130191869$gmane$org@jabberwocky.com> <20051025233951.GA20427__10535.051013767$1130283920$gmane$org@jabberwocky.com> <20051026033849.GE20427__13187.1989848607$1130298495$gmane$org@jabberwocky.com> <20051027160015.GC7941__9927.43668980456$1130429312$gmane$org@jabberwocky.com> Message-ID: David Shaw wrote: > Because they're not joined together it is not a real disambiguation. > With two UIDs, it is possible for someone to remove one without > affecting the other. OK ... and what would that gain them? > We've established that people are sometimes > unwilling to sign "David Shaw" (with no email). Yes, we've established that ... but not the rationale behind it. > Having two UIDs, each > requiring their own signature, is much the same case since the email > address UID can be removed. OK, so it makes sense for those who care about the email address to not trust the key if there is no signed UID containing the email with which they wish to communicate. > You don't. But it's not up to you as the signer - it's up to the key > holder to say how he wants to be known. Not really. It's up to me as the signer to affirm how I know the key holder. Or not sign at all if I can't verify all data. -- Bad - You get pulled over for doing 90 in a school zone and you're drunk off your ass again at three in the afternoon. Worse - The cop is drunk too, and he's a mean drunk. FUCK! - A mean drunk that's actually a swarm of semi-sentient flesh-eating beetles. OpenPGP key id: 0x51192FF2 @ subkeys.pgp.net -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 382 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051027/1563b9b2/signature.pgp From dshaw at jabberwocky.com Thu Oct 27 19:01:44 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Thu Oct 27 19:02:13 2005 Subject: Delete key from keyserver In-Reply-To: References: <20051022202010.GA7575__36061.0443553471$1130012606$gmane$org@zax.ifi.uio.no> <20051024213810.GB14582__6709.16447784311$1130191869$gmane$org@jabberwocky.com> <20051025233951.GA20427__10535.051013767$1130283920$gmane$org@jabberwocky.com> <20051026033849.GE20427__13187.1989848607$1130298495$gmane$org@jabberwocky.com> <20051027160015.GC7941__9927.43668980456$1130429312$gmane$org@jabberwocky.com> Message-ID: <20051027170144.GE7941@jabberwocky.com> On Thu, Oct 27, 2005 at 11:45:09AM -0500, Alex Mauer wrote: > > You don't. But it's not up to you as the signer - it's up to the key > > holder to say how he wants to be known. > > Not really. It's up to me as the signer to affirm how I know the key > holder. Or not sign at all if I can't verify all data. You always have the option to not sign, of course. But you don't get to tell the keyholder what information he puts in his user ID string. You don't create that, and it must be signed completely or not signed at all. David From hawke at hawkesnest.net Thu Oct 27 20:10:35 2005 From: hawke at hawkesnest.net (Alex Mauer) Date: Thu Oct 27 20:14:04 2005 Subject: Delete key from keyserver In-Reply-To: <20051027170144.GE7941__30868.9005360522$1130432847$gmane$org@jabberwocky.com> References: <20051022202010.GA7575__36061.0443553471$1130012606$gmane$org@zax.ifi.uio.no> <20051024213810.GB14582__6709.16447784311$1130191869$gmane$org@jabberwocky.com> <20051025233951.GA20427__10535.051013767$1130283920$gmane$org@jabberwocky.com> <20051026033849.GE20427__13187.1989848607$1130298495$gmane$org@jabberwocky.com> <20051027160015.GC7941__9927.43668980456$1130429312$gmane$org@jabberwocky.com> <20051027170144.GE7941__30868.9005360522$1130432847$gmane$org@jabberwocky.com> Message-ID: David Shaw wrote: > You always have the option to not sign, of course. But you don't get > to tell the keyholder what information he puts in his user ID string. > You don't create that, and it must be signed completely or not signed > at all. Of course it is not possible to tell the key holder what information they type in. My original statement was that it would be better for GnuPG to not discourage split UIDs, and that there is no reason to be signing two pieces of data (real name and email) with one signature. Else, why not include the photo in there as well, so you have to sign "Real Name (Comment) [photo]", and each key has to include the photo /n/ times. After all, why should the signer get to decide to sign only the name and email, and not the photo!? If it's somehow more secure to combine name and email into one string, then why doesn't that argument apply to photo UIDs as well? (I realize that there are technical reasons for treating the photo as a separate ID, since it's a distinct data type. But the security implications are the same.) -- Bad - You get pulled over for doing 90 in a school zone and you're drunk off your ass again at three in the afternoon. Worse - The cop is drunk too, and he's a mean drunk. FUCK! - A mean drunk that's actually a swarm of semi-sentient flesh-eating beetles. OpenPGP key id: 0x51192FF2 @ subkeys.pgp.net -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 382 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051027/db0ad33d/signature.pgp From blueness at gmx.net Thu Oct 27 21:44:37 2005 From: blueness at gmx.net (Mica Mijatovic) Date: Thu Oct 27 21:54:34 2005 Subject: The never-ending GD discussion,part 74 In-Reply-To: <20051027085122.GD8701@isw302> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <20051023141159.GA9745@jabberwocky.com> <435BB76B.9090208@galen.org.uk> <20051023172705.GB9745@jabberwocky.com> <31178237.20051023214718@gmx.net> <20051027085122.GD8701@isw302> Message-ID: <1442216101.20051027214437@gmx.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Was Thu, 27 Oct 2005, at 10:51:22 +0200, when Realos wrote: [about the personal web pages for public PGP keys] > Yes this may be the best of both types of servers. It seems to be a > very small change in protocol. Well, the protocols are of a secondary relevance in relation to _purpose_ they should have to obey/abide to ultimately. The purpose of a key server is to make possible a public access to the key(s), and very desirable, in the form/condition the very owner wants them, the keys, to be. Now, if the owner is not in the position to maintain the _own_ keys in a way only s/he is, or should be, allowed to be (once the keys are uploaded on some server without an authorization mechanism; or if they, the servers, are limited/dysfunctional in some other way), then is quite natural and normal to dismiss/revamp such protocols, and to replace them with more efficient ones, which will serve the very _purpose_ better. It is so because the protocols (and in the quite same way this what we call "standards") are here to serve _me_, "the user", not vice versa. Because, _I_ am the one who designs them, after _my_ needs, and I am the one who assigns them a purpose. Once this basic fact, the origin of the purpose, is "forgotten", we get standards and protocols which are tending to "design" the user, which absolutely puts into disorder the entire "system"; it becomes dysfunctional. One of such badly considered attempts (to "design" the user after the unleashed, `grown wild/mad', "standards/protocols") is the recommendation, encouragement, and even sort of a pressure(?!) now and then, addressed to the "users" to upload their keys on those badly maintained/designed servers. It actually _ruins_ the standards/protocols, simply because a _habit_ is presented under the name "standard/protocol", not the real quality. But this is already a _behavior_ which is much more a matter of a psychology, a "social engineering", than of a _software design_. We shouldn't have them mixed (up) overly. One thing are "technicalities" of a software, and something pretty different is _how_ you'll use them. The design of the software shouldn't "home" you which "standards" you'll implement in your usage, but to allow you to _choose_ them yourself. Well, as I said, once the _purpose_ is "forgotten" the "project" enters confusion. Like the Earth which would decide someday to leave its orbit, and to roam across the space on its own. (-: This is the reason why is good to follow "the seed", the primary motive, the purpose which defines all the rest, including protocols, "standards" etc., or otherwise, if you would nurture what is called the seed of apple, and then would see a banana growing from it, you would find yourself in a state not very clear to you. (: The seed of PGP, the Pretty Good Privacy (the Privacy!) is still in the work of Phil Zimmermann. It's good to read _why_ he had made the PGP, and to recall his advices and recommendations. Some of that might be found in the 2nd chapter of "Intro To Crypto", titled "Phil Zimmermann on PGP", and beginning with "Why I wrote PGP". And, if we catch the essence, we can see that we can (and sometimes _have to_) change and modify all sorts of protocols and standards, as long and much as we are still "on the course", that is following the _purpose_. This what is made bad, shouldn't be used, absolutely regardless what "authority" "recommends" it or even insists on. One of the very first instructions I give to those "beginners" who "dare" to ask me for a help as to PGP, is "don't upload the key(s) on any key server around". Except perhaps, if you are willing just to experiment or similar. The _valuable_ ("serious") key(s) should be maintained in a _valuable_ fashion. The personal PGP web pages are one of pretty fine choices, while actually there are plenty others, depending on the scenario _you_ write. If you find that burying a public key in the ground, and giving the map just to one or few other persons is what you find good/handy for you (and them), then it is a valid protocol. (-: Various keys need various protocols. In one thing just everyone should be absolutely sure: using PGP without (enough) _thinking_ of it, is not good. Acceptance of unclear, shallow or otherwise not functional answers/explanations, is not good. All the things in PGP might and can be quite clear; and hence the explanations. - -- Mica PGP keys nestled at: http://blueness.port5.com/pgpkeys/ ~~~ For personal mail please use my address as it is *exactly* given in my "From|Reply To" field(s). ~~~ "See ya" - Ray Charles -----BEGIN PGP SIGNATURE----- iQEVAwUBQ2EuI7SpHvHEUtv8AQNanQf/bH0AGZrDi0TT/UHnMpZQ7lp5kJFFsoiq z42MDGYMbb+lXTwdFUGhq4IRbsqsz/SQGXj5IktRZWoxt+zQ52PRe+kb/rReFz/n faFgTOB7hHEBPEpldkq2cicsTB1dMOygElbb5YNyngEO+ZadjN8V//0hd3Z2JgFy VoVY8OCr18nirXG2wmXHaKsaEw7qMIWP87CBXGpNXv6mt8Hl7tWK0zrdbTV3iUOn nKf0ZY/S4bmHoA+gBd35qqsUqGuFfixAEzkinyCR5bd163jyxsQbKyhODyCQVjyf G57k0hMixgsbzVyOIn4zTZN4rGlevD0MHv5D96fewKzubduHJODPRw== =g7+H -----END PGP SIGNATURE----- From realos at loftmail.com Fri Oct 28 12:04:16 2005 From: realos at loftmail.com (Realos) Date: Fri Oct 28 12:03:33 2005 Subject: allowed commands on keys that keyservers handle correctly In-Reply-To: <20051027160919.GD7941@jabberwocky.com> References: <20051020101524.GA6026@isw.uni-stuttgart.de> <87u0fcfmi0.fsf@wheatstone.g10code.de> <20051027101327.GC14451@isw302> <20051027160919.GD7941@jabberwocky.com> Message-ID: <20051028100416.GK18841@isw302> >Note that the ability to replace an old key with an updated one and >not syncing with other public servers go together. You can't have key >replacement if you sync, since the old key can come back from a server >that hasn't done the replacement. I am a bit cautious about key uploading on servers, at least until I feel more comfortable and competent with gpg commands and concepts. I once created a key with some PGP program which automatically was uploaded to some keyserver. I lost the private key part and this key is doomed on keyserver for eternity. For such reasons, I like to experiment with BL which does not sync with other public servers. > >> Are there any other drawbacks of Biglumber? > >Biglumber is not really a keyserver. Well, it's a keyserver in the >sense that it is a server, and it stores keys that people can retrieve >from it. It's not a keyserver in the sense that it has no automated >interface that can be used via something like: > > gpg --keyserver biglumber.com --search-keys xxxx > >Biglumber is more of a "find people to sign keys" service, though some >people do use it as a sort-of keyserver. Yeah, it does not support hkp protocol but that is not an issue for me at the moment. I just see some advatages of BL like key signing announcements and key replacements as a big plus for me in the beginning. Some time in future I will move on to public servers. But now it seems biglumber is my choice. cheers. -- Realos From realos at loftmail.com Fri Oct 28 12:13:27 2005 From: realos at loftmail.com (Realos) Date: Fri Oct 28 12:12:41 2005 Subject: The never-ending GD discussion,part 74 In-Reply-To: <4360B24F.7070201@gmail.com> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <20051023141159.GA9745@jabberwocky.com> <435BB76B.9090208@galen.org.uk> <20051023172705.GB9745@jabberwocky.com> <31178237.20051023214718@gmx.net> <20051027085122.GD8701@isw302> <4360B24F.7070201@gmail.com> Message-ID: <20051028101327.GA17578@isw302> >It would disallow freeform UIDs. I think free-form UIDs carry no importance in the current implementations of gpg/pgp. Signatures on them do not contribute to WoT so this would not be a big loss, I suppose. The big advantage would more clean keys and advantage of removing keys once challenge/response fails. -- Realos From dshaw at jabberwocky.com Fri Oct 28 14:49:25 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Fri Oct 28 14:49:48 2005 Subject: The never-ending GD discussion,part 74 In-Reply-To: <20051028101327.GA17578@isw302> References: <20051022022119.GB31455@jabberwocky.com> <7D7D5AB7-E320-44B5-B44F-FADAD35ED4B3@macnews.de> <20051023141159.GA9745@jabberwocky.com> <435BB76B.9090208@galen.org.uk> <20051023172705.GB9745@jabberwocky.com> <31178237.20051023214718@gmx.net> <20051027085122.GD8701@isw302> <4360B24F.7070201@gmail.com> <20051028101327.GA17578@isw302> Message-ID: <20051028124925.GC23403@jabberwocky.com> On Fri, Oct 28, 2005 at 12:13:27PM +0200, Realos wrote: > > >It would disallow freeform UIDs. > > I think free-form UIDs carry no importance in the current implementations of > gpg/pgp. Signatures on them do not contribute to WoT so this would not > be a big loss, I suppose. No, free-form UIDs are the same as any other UID in the web of trust. David From alphasigmax at gmail.com Sat Oct 29 11:59:19 2005 From: alphasigmax at gmail.com (Alphax) Date: Sat Oct 29 12:02:20 2005 Subject: Signature packets without (whatever) In-Reply-To: <20051025145040.GB19648@jabberwocky.com> References: <435E3FF7.90001@gmail.com> <20051025143549.GA19648@jabberwocky.com> <435E437F.1080606@gmail.com> <20051025145040.GB19648@jabberwocky.com> Message-ID: <436347F7.3060900@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 David Shaw wrote: > On Wed, Oct 26, 2005 at 12:08:55AM +0930, Alphax wrote: > >>David Shaw wrote: >> >>>On Tue, Oct 25, 2005 at 11:53:51PM +0930, Alphax wrote: >>> >>> >>>>Recently, when checking my trustb I get the following appearing: >>>> >>>>gpg: buffer shorter than subpacket >>>>gpg: signature packet without keyid >>>>gpg: buffer shorter than subpacket >>>>gpg: buffer shorter than subpacket >>>>gpg: signature packet without timestamp >>>>gpg: buffer shorter than subpacket >>>>gpg: signature packet without keyid >>>>gpg: buffer shorter than subpacket >>>> >>>>Now, I figured that cleaning the keys would probably fix this, but the >>>>question is: how do I find the offending keys? >>> >>> >>>Given that one of the errors is a signature packet without a >>>keyid... it's hard to locate the signature :) >>> >>>You could do trickery with gpgsplit and such, but I'd wait until 1.4.3 >>>is out. It doesn't error on such signatures any longer. >>> >> >>It's not dying, just warning me... however, I think they might be >>responsible for my trustb becoming corrupt last week. Will 1.4.3 >>automatically remove such signatures or merely ignore them? > > > I doubt this is involved in any trustdb problems. All versions of GPG > ignore such signatures. 1.4.3 just ignores them quietly. > Is there a way to actually GET RID OF THEM? I tried batch-cleaning my entire keyring but it didn't help. - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ2NH97MAAH8MeUlWAQi5Pwf/dTeEdRTVIisZa+b3UyyKSci7nW652bh9 zMxH63351zL5gvD31RgU4ShWOQWMfIra/tbJarIhce2M2vFFZ8l5AKRHciBJ3/gg 2Ian5NHsiyeLYcUaJ1xWDy1MD5sLcdDZYnQJurFu0mOW/58UXbi3EgeC0NvgT02W Sbagx+33mof89dhPUHZiQW0wpcVY1TGXuW6+0e+JwFXzwfstuaLMAB7rmi5V8GxX wpVM0wulhH93o04S8WjxsCh8UYrjWU3veY+XTC2mulpFVccQHaZxmo7mXvzgg0d5 IeG0RIh/ihmB+DMreefTj4sVUW7jShK047qiLgvRa8ki0GMdsFtXnw== =rYRK -----END PGP SIGNATURE----- From dirk.traulsen at lypso.de Sun Oct 30 07:05:58 2005 From: dirk.traulsen at lypso.de (Dirk Traulsen) Date: Sun Oct 30 07:05:21 2005 Subject: Feature request: expand 'clean' to 'clean total' In-Reply-To: <1130574322.13813.16.camel@sirius.brigham.net> Message-ID: <436470D6.3664.72B321E@localhost> Am 29 Oct 2005 um 2:25 hat Henry Hertz Hobbit geschrieben: > On 27 Oct 2005 Dirk Traulsen wrote: > ----snip---- > > So here is my feature request: Please make an option to delete > > signatures, for which there is no corresponding signing key on > > the local keyring. ----snip---- > > I hope I am misunderstanding this. I think I am. > > I have a little bit of a problem with this. First, I am NOT part of > the WOT and never will be (look at my name and you will see why). > Second, I have precious few public keys on my key ring, and Werner is > one of them. You should all of those pretty "[User ID not found]" > after all of those sigs. Thank goodness I am NOT part of the WOT. If > I was (part of the WOT) and cleaned out all of those signatures on his > key, signed it, and uploaded it to one of the keyservers so it > reflected he had another signee, what would happen to the ones that > were cleaned out? I am sure that most if not all of them are > legitimate signatures. > > Like I said, I am pretty sure I am misunderstanding what you are > doing. Yes, you do! This does not effect the keys on the keyservers! The keyservers always only add or merge the keys they are sent. This means, if there is already a key with that ID, they take the sent key apart and add the new parts (if there are any). 'clean total' would have absolutely no effect on the keyservers or the WoT. The proposal is about all those [User ID not found] in the keys in your LOCAL keyring. My proposal would only have an effect on the keyringsize on your storage media. Even in my really small keyring, there are several thousand of unused signatures. Can you imaging the effect on local keyrings with hundreds of keys? Because you don't have the corresponding signing key in your local keyring, gpg cannot verify them, so these signatures are not useful for you. (With the exception, that you have a visual hint that there are more signatures on the keyservers.) This cleaning effect only lasts until the next '--refresh-keys', where you always get the complete keys with all signatures from the keyserver. If you had put the proposed option 'clean total' in your keyserver-options or import-options, then like 'clean' today, gpg would first import the complete key and after checking which signatures are still not usable, automatically clean the keys again. I obviously think this to be a good thing to have, but I'm a little discouraged by the nearly total lack of interest of the list. I would really appreciate a discussion of the proposed feature and change of the man-page. Please write if you think that it's a waste of time or preferably that you would like to have this feature. Dirk From gpg-0 at ml.turing-complete.org Sun Oct 30 07:40:12 2005 From: gpg-0 at ml.turing-complete.org (Nicolas Rachinsky) Date: Sun Oct 30 07:40:07 2005 Subject: Feature request: expand 'clean' to 'clean total' In-Reply-To: <436470D6.3664.72B321E@localhost> References: <1130574322.13813.16.camel@sirius.brigham.net> <436470D6.3664.72B321E@localhost> Message-ID: <20051030064012.GA6174@mid.pc5.i.0x5.de> * Dirk Traulsen [2005-10-30 07:05 +0100]: > I obviously think this to be a good thing to have, but I'm a little > discouraged by the nearly total lack of interest of the list. > I would really appreciate a discussion of the proposed feature and > change of the man-page. Please write if you think that it's a waste > of time or preferably that you would like to have this feature. Your idea sounds good. I would like this feature. Nicolas -- http://www.rachinsky.de/nicolas From alphasigmax at gmail.com Sun Oct 30 08:25:49 2005 From: alphasigmax at gmail.com (Alphax) Date: Sun Oct 30 08:28:41 2005 Subject: Feature request: expand 'clean' to 'clean total' In-Reply-To: <436470D6.3664.72B321E@localhost> References: <436470D6.3664.72B321E@localhost> Message-ID: <4364757D.30304@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Dirk Traulsen wrote: > Am 29 Oct 2005 um 2:25 hat Henry Hertz Hobbit geschrieben: > > >>On 27 Oct 2005 Dirk Traulsen wrote: >> > > ----snip---- > >>>So here is my feature request: Please make an option to delete >>>signatures, for which there is no corresponding signing key on >>>the local keyring. > > ----snip---- > >>I hope I am misunderstanding this. I think I am. >> >>I have a little bit of a problem with this. First, I am NOT part > > of > >>the WOT and never will be (look at my name and you will see why). >>Second, I have precious few public keys on my key ring, and Werner > > is > >>one of them. You should all of those pretty "[User ID not found]" >>after all of those sigs. Thank goodness I am NOT part of the WOT. > > If > >>I was (part of the WOT) and cleaned out all of those signatures on > > his > >>key, signed it, and uploaded it to one of the keyservers so it >>reflected he had another signee, what would happen to the ones that >>were cleaned out? I am sure that most if not all of them are >>legitimate signatures. >> >>Like I said, I am pretty sure I am misunderstanding what you are >>doing. > > > Yes, you do! > This does not effect the keys on the keyservers! The keyservers > always only add or merge the keys they are sent. This means, if there > is already a key with that ID, they take the sent key apart and add > the new parts (if there are any). 'clean total' would have absolutely > no effect on the keyservers or the WoT. > > The proposal is about all those [User ID not found] in the keys in > your LOCAL keyring. My proposal would only have an effect on the > keyringsize on your storage media. > Even in my really small keyring, there are several thousand of unused > signatures. Can you imaging the effect on local keyrings with > hundreds of keys? Because you don't have the corresponding signing > key in your local keyring, gpg cannot verify them, so these > signatures are not useful for you. (With the exception, that you have > a visual hint that there are more signatures on the keyservers.) > I have a keyring with 1600 keys on it which has a physical size of almost 30MB. I would appreciate this feature very much. - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ2R1fbMAAH8MeUlWAQh57Qf+Oo50sxbj/lqTXbEW2BjuIsTyluRUpp3k xNlH9NVELW4cStE3nKowbGkG29KytYotaERGzi3hn0O6l2ZyXnaiPmfEaT0ZIA9v xC2XUfCrgueSXrTufB8oDtj2YS8qrWvwkOcgkdPJQTaK+yorpWtwJOHVkHN1V+E1 xwGnTzJC5HQa86CF8PsHAAmtnPsEe/q0tRsSel6/RzGCUhfBR7sOC4oTgRtypgn9 6eeVUBolrZe+bP/s9FR6YrxPo5T7Up/bVQkna6fglclWYAa+q07enw79jli4/20U ghzMgcd5rIwPm0xg8tkqw41h/YYPZTqcj66UE+y0v6DjnNr2etnq4g== =rkns -----END PGP SIGNATURE----- From ml at bitfalle.org Sun Oct 30 12:32:44 2005 From: ml at bitfalle.org (markus reichelt) Date: Sun Oct 30 12:34:05 2005 Subject: Feature request: expand 'clean' to 'clean total' In-Reply-To: <436470D6.3664.72B321E@localhost> References: <1130574322.13813.16.camel@sirius.brigham.net> <436470D6.3664.72B321E@localhost> Message-ID: <20051030113244.GA2434@dantooine> * Dirk Traulsen wrote: > I obviously think this to be a good thing to have, but I'm a little > discouraged by the nearly total lack of interest of the list. I > would really appreciate a discussion of the proposed feature and > change of the man-page. Please write if you think that it's a waste > of time or preferably that you would like to have this feature. I'm interested too. -- "How many Minbari does it take to screw in a light bulb?" 'I don't know, sir. How many Minbari does it take to screw in a light bulb?' "None. They always surrender right before they finish the job and they never tell you why." -- Sheridan and Ivanova, "A Race Through Dark Places" -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051030/11a35093/attachment.pgp From cam at mathematica.scientia.net Sun Oct 30 14:46:21 2005 From: cam at mathematica.scientia.net (Christoph Anton Mitterer) Date: Sun Oct 30 14:46:19 2005 Subject: Lots of questions In-Reply-To: <43601157.7090803@mathematica.scientia.net> References: <43601157.7090803@mathematica.scientia.net> Message-ID: <4364CEAD.5000302@mathematica.scientia.net> Hi again. First of all: Sorry for those many writing mistakes I've made in my initial post,... my English is better indeed, but it was pretty late when I wrote that mail ;-) Ok,.. In the meantime I've received several replys,... most of them haven't been posted to the list. I'll do that as soon as I got permission from the authors. I'll also post everything to "gnupg-users" only. Everybody at gnupg-devel who wants to follow that topics and/or continue in helping me should have look there. But it could take some time until I'll continue that topics,.. because first of all I think I should read RFC2440, and I'm also planning a Keysigning party at my university; so I've a lot to do next week. Still, if anybody has good answers to my questions from my initial post,... do not hesitate to help me. Regards, Chris. From cam at mathematica.scientia.net Sun Oct 30 15:51:08 2005 From: cam at mathematica.scientia.net (Christoph Anton Mitterer) Date: Sun Oct 30 15:50:58 2005 Subject: ECC In-Reply-To: <4360E27F.6010508@comcast.net> References: <435FAFE1.6080802@web.de> <4360E27F.6010508@comcast.net> Message-ID: <4364DDDC.5070502@mathematica.scientia.net> John Clizbe wrote: >Well, first it has to make it into the OpenPGP Standard. And usually to do >that, it would likely need to be part of some governmental or business >standard so that large numbers of end-users would want/need it. > > I think that should be implemented despite of the way goverments are going,.. Goverments are often trying to restrict cryptography (see US) and also here in Germany (using X.509 only which is in my opinion less secure than OpenPGP as its using a hierarchical certificate system). So why not just implementing ECC for GnuPG and making the first step for a (new) OpenPGP standard? Regards, Chris. -------------- next part -------------- A non-text attachment was scrubbed... Name: cam.vcf Type: text/x-vcard Size: 449 bytes Desc: not available Url : /pipermail/attachments/20051030/71659df6/cam.vcf From dshaw at jabberwocky.com Sun Oct 30 15:59:07 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Sun Oct 30 15:59:32 2005 Subject: ECC In-Reply-To: <4364DDDC.5070502@mathematica.scientia.net> References: <435FAFE1.6080802@web.de> <4360E27F.6010508@comcast.net> <4364DDDC.5070502@mathematica.scientia.net> Message-ID: <20051030145907.GB30195@jabberwocky.com> On Sun, Oct 30, 2005 at 03:51:08PM +0100, Christoph Anton Mitterer wrote: > John Clizbe wrote: > > >Well, first it has to make it into the OpenPGP Standard. And usually to do > >that, it would likely need to be part of some governmental or business > >standard so that large numbers of end-users would want/need it. > > > > > I think that should be implemented despite of the way goverments are > going,.. > Goverments are often trying to restrict cryptography (see US) and also > here in Germany (using X.509 only which is in my opinion less secure > than OpenPGP as its using a hierarchical certificate system). > > So why not just implementing ECC for GnuPG and making the first step for > a (new) OpenPGP standard? That would work if GnuPG stood alone, but it doesn't. New algorithms or message constructions need to be discussed and worked out as part of a standard so that all programs can interoperate. This isn't to say that nobody can add new algorithms: see http://alumnes.eps.udl.es/~d4372211/index.en.html for one. It does mean that without standardization, only their experimental modified GnuPG can read these messages. David From thecivvie at fastmail.fm Sun Oct 30 23:27:52 2005 From: thecivvie at fastmail.fm (Sean Rima) Date: Sun Oct 30 23:28:01 2005 Subject: Gemplus PC430 USB card reader Message-ID: <199060266.20051030222752@fastmail.fm> Hello gnupg-users, Has anyone any experience of this card reader looking to use it with GnuPG smartcard setup Sean -- +---------------------------------------------------+ |VOIP= FreeWorldDial: 689482 VOIPBUSTER: thecivvie | |GPG Key http://thecivvie.fastmail.fm/thecivvie.asc | +---------------------------------------------------+ Strange things happen under the midnight sun when Men and Dogs go hunting for gold -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 1798 bytes Desc: S/MIME Cryptographic Signature Url : /pipermail/attachments/20051030/2a787b93/smime.bin From cam at mathematica.scientia.net Mon Oct 31 00:36:13 2005 From: cam at mathematica.scientia.net (Christoph Anton Mitterer) Date: Mon Oct 31 00:36:02 2005 Subject: OpenPG/X.509 interoperability Message-ID: <436558ED.2040800@mathematica.scientia.net> Hi. This is perhaps a stupid question but how far are these two standards interoperable? I've seen a document that proposes some things in that area (http://www.imc.org/ietf-openpgp/mail-archive/msg09930.html). My question now: Can X.509 certificates be used to sign/certificate OpenPGP UIDs? Or can I import the keys as subkeys? Or are there any other interoperability issues? What about the two big "free" X.509" suppliers (CACert and Thawte) do they sign OpenPGP keys? Regards, Christoph. From cam at mathematica.scientia.net Mon Oct 31 00:51:50 2005 From: cam at mathematica.scientia.net (Christoph Anton Mitterer) Date: Mon Oct 31 00:51:37 2005 Subject: ECC In-Reply-To: <20051030145907.GB30195@jabberwocky.com> References: <435FAFE1.6080802@web.de> <4360E27F.6010508@comcast.net> <4364DDDC.5070502@mathematica.scientia.net> <20051030145907.GB30195@jabberwocky.com> Message-ID: <43655C96.20600@mathematica.scientia.net> David Shaw wrote: >That would work if GnuPG stood alone, but it doesn't. New algorithms >or message constructions need to be discussed and worked out as part >of a standard so that all programs can interoperate. > > I know that, of course, but I think that perhaps we'll have no ECC the next 10 years or so,.. if noone makes the step,... btw: If GnuPG would implement ECC and add it unofficially to OpenPGP it could be done in such a way, that it is compatible with the ideas and conventions of RFC2440.... thus it would not "break" the standard. After that,.. it could be even added to it... As you can see, lots of todays standards startet as one-man-application, e.g. OpenPGP (from PGP/RSA Inc.), JavaScript->ECMAScript (from Netscape), et cetera. And in my opinion,... the algorithm/system of ECC is fixed,... of course each standard may define things like headers or other small details differently but that could be adopted easily, couldn't it? So if GnuPG would (pseudo-officially) implement that now,.. it could be the first compliant application later :-) Just my two (Euro) cents, Chris. -------------- next part -------------- A non-text attachment was scrubbed... Name: cam.vcf Type: text/x-vcard Size: 449 bytes Desc: not available Url : /pipermail/attachments/20051031/bccfdd51/cam.vcf From cam at mathematica.scientia.net Mon Oct 31 00:57:58 2005 From: cam at mathematica.scientia.net (Christoph Anton Mitterer) Date: Mon Oct 31 00:57:44 2005 Subject: the best signature type someone can give me Message-ID: <43655E06.9050200@mathematica.scientia.net> Hi... This is just a short question,... (I'll ask a lot of other things regarding signatures as part of "my" "Lots of questions" thread :-) ).. What is the "best type of signautre someone can give to my UIDs? Ok,.. I think there are the following types: local, non-revocable, trust, normal So I he/she gave me a non-revocable signature he/she can't revoke the signature later (thus take it away from me ;) ). Is it suggested using NR signatures? Why should one do so, or why not? (I mean what are the advanteages/disadvantages)? Than the signature level (0, 1, 2 ,3) => of course 3 is the best,.. he/she checkt my UID very carefully or so Trust signatures,... What is the difference between a normal and a trust signature. I don't understand that concept *g* Best wishes, Chris. -------------- next part -------------- A non-text attachment was scrubbed... Name: cam.vcf Type: text/x-vcard Size: 449 bytes Desc: not available Url : /pipermail/attachments/20051031/67bdcb1e/cam.vcf From cam at mathematica.scientia.net Mon Oct 31 01:01:38 2005 From: cam at mathematica.scientia.net (Christoph Anton Mitterer) Date: Mon Oct 31 01:01:27 2005 Subject: OpenPG/X.509 interoperability In-Reply-To: <43655D19.3040301@pengdows.com> References: <436558ED.2040800@mathematica.scientia.net> <43655D19.3040301@pengdows.com> Message-ID: <43655EE2.6050104@mathematica.scientia.net> Alaric Dailey wrote: > CAcert offers a GPG signature if your persona has been verified, and I > wrote this as well. > > http://wiki.cacert.org/wiki/ConvertingCertificateToPgp Uhm,.. but that way I create a NEW key,... correct? I was looking for a signature for my EXISTING key. > if this doesn't answer your questions feel free to contact me. I do so ;-) Is there a comparable thing in Thawte? Best wishes, Christoph. -------------- next part -------------- A non-text attachment was scrubbed... Name: cam.vcf Type: text/x-vcard Size: 449 bytes Desc: not available Url : /pipermail/attachments/20051031/5ec8e876/cam.vcf From dshaw at jabberwocky.com Mon Oct 31 01:34:31 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Mon Oct 31 01:35:09 2005 Subject: the best signature type someone can give me In-Reply-To: <43655E06.9050200@mathematica.scientia.net> References: <43655E06.9050200@mathematica.scientia.net> Message-ID: <20051031003431.GC30195@jabberwocky.com> On Mon, Oct 31, 2005 at 12:57:58AM +0100, Christoph Anton Mitterer wrote: > Hi... > > This is just a short question,... (I'll ask a lot of other things > regarding signatures as part of "my" "Lots of questions" thread :-) ).. > > What is the "best type of signautre someone can give to my UIDs? > > Ok,.. I think there are the following types: > local, non-revocable, trust, normal > > So I he/she gave me a non-revocable signature he/she can't revoke the > signature later (thus take it away from me ;) ). > Is it suggested using NR signatures? Why should one do so, or why not? > (I mean what are the advanteages/disadvantages)? It is not suggested. NR signatures are useful in very specific circumstances, and regular people signing other people's keys are not one of those circumstances. It's not necessarily a benefit to you that someone can't revoke a signature - if you lose your key and can't revoke it, you'd want your signers to revoke their signatures. > Than the signature level (0, 1, 2 ,3) => of course 3 is the best,.. > he/she checkt my UID very carefully or so Remember that the numbers don't actually mean anything - a "2" for one person may be the same as a "3" for someone else. The web of trust does not look at these numbers at all, except that signature level 1 is ignored by default. You don't get any more validity from a 3 than you get from a 2 or a 0. > Trust signatures,... > What is the difference between a normal and a trust signature. I don't > understand that concept *g* Trust signatures are not generally useful outside of hierarchal company-type environments. David From jharris at widomaker.com Mon Oct 31 03:45:33 2005 From: jharris at widomaker.com (Jason Harris) Date: Mon Oct 31 03:45:48 2005 Subject: new (2005-10-30) keyanalyze results (+sigcheck) Message-ID: <20051031024533.GA3282@wilma.widomaker.com> New keyanalyze results are available at: http://keyserver.kjsl.com/~jharris/ka/2005-10-30/ Signatures are now being checked using keyanalyze+sigcheck: http://dtype.org/~aaronl/ Earlier reports are also available, for comparison: http://keyserver.kjsl.com/~jharris/ka/ Even earlier monthly reports are at: http://dtype.org/keyanalyze/ SHA-1 hashes and sizes for all the "permanent" files: 3e6c4374c518fe0e4f1ab7d5ad0cf202f32a4d9a 12995802 preprocess.keys e323678ff209a753ccfc63bd44a0685fa9043a2c 7897075 othersets.txt c83c98916d680e683fe874901ad4215945f160e3 3213544 msd-sorted.txt a751f9d5477744a4f5e5ce6ebad6a60908e317ee 1372 index.html 48aa6eeba917566a7dbae33d38dad03139f501eb 2289 keyring_stats 9051ff0295caf5c5007aad15ff2c88994368e2a2 1263611 msd-sorted.txt.bz2 74db707dc86ddf09fccbb2c6d676dbb7998c9fc0 26 other.txt 311f02a3873639b1e876caac3f498450d15b8c41 1707295 othersets.txt.bz2 215ceff9a147a4f0594bf00f446872d4d38620a8 5258841 preprocess.keys.bz2 9556f667b247069ae7bff58a5514ccf708a03061 13167 status.txt ed6cb190d7b62fd8d998aec99e6147845502f127 210163 top1000table.html b337b7ed2195bcd6c0747ea19ac4032efc983481 30190 top1000table.html.gz f0255b1e1a0aef19b925b0cba8d2c9c8ba375514 10789 top50table.html 3480e6c8561f512c476eb74f2d78d47701b2edb8 2554 D3/D39DA0E3 -- Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it? jharris@widomaker.com _|_ web: http://keyserver.kjsl.com/~jharris/ Got photons? (TM), (C) 2004 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 313 bytes Desc: not available Url : /pipermail/attachments/20051030/085805e6/attachment.pgp From alphasigmax at gmail.com Mon Oct 31 07:31:59 2005 From: alphasigmax at gmail.com (Alphax) Date: Mon Oct 31 07:34:54 2005 Subject: Signature packets without (whatever) In-Reply-To: <20051025143549.GA19648@jabberwocky.com> References: <435E3FF7.90001@gmail.com> <20051025143549.GA19648@jabberwocky.com> Message-ID: <4365BA5F.3070200@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 David Shaw wrote: > On Tue, Oct 25, 2005 at 11:53:51PM +0930, Alphax wrote: > >>Recently, when checking my trustb I get the following appearing: >> >>gpg: buffer shorter than subpacket >>gpg: signature packet without keyid >>gpg: buffer shorter than subpacket >>gpg: buffer shorter than subpacket >>gpg: signature packet without timestamp >>gpg: buffer shorter than subpacket >>gpg: signature packet without keyid >>gpg: buffer shorter than subpacket >> >>Now, I figured that cleaning the keys would probably fix this, but the >>question is: how do I find the offending keys? > > > Given that one of the errors is a signature packet without a > keyid... it's hard to locate the signature :) > > You could do trickery with gpgsplit and such, but I'd wait until 1.4.3 > is out. It doesn't error on such signatures any longer. > Um... *bump* on 1.4.3, I just discovered that this (like all error messages) is killing Enigmail. Any way of finding the offending keys and cleaning them manually? Oh yeah, "clean total" would be good for fixing this too... - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ2W6X7MAAH8MeUlWAQheeAgAlii/xIcQmw2B1km/1b/mSWBlRaoojBoZ HbEF0K21YHr/WcPS4WfLZmgG6JlVEr8on+ksQsxbRabWGfRfBbx4rRIyLgYJAZZ6 m2gAQ5iIAm+0dnDHYt4xPxfN6KAAuYveh64cMad6ebISwucrzq3ivsS/fgzKbEUK 3VyK8X0a2XecGn2iXL7uht1/RsoYgUF+fTq8Lt1iSmiVLb16chm62ZuxLK6TQDnb SnX9wTaz/lavu8BBFRXa6mqyvSgqTz5FkCA48FOyHVDzA9JOSjKHFwVu1AfVRb56 e04BmoKXJgG1LzbGFLE9LlOm0YWIpRGu3NF5OPKQXvAjRssaW3V0IQ== =lj5X -----END PGP SIGNATURE----- From cam at mathematica.scientia.net Mon Oct 31 10:16:55 2005 From: cam at mathematica.scientia.net (Christoph Anton Mitterer) Date: Mon Oct 31 10:16:46 2005 Subject: the best signature type someone can give me In-Reply-To: <20051031003431.GC30195@jabberwocky.com> References: <43655E06.9050200@mathematica.scientia.net> <20051031003431.GC30195@jabberwocky.com> Message-ID: <4365E107.40901@mathematica.scientia.net> David Shaw wrote: >It is not suggested. NR signatures are useful in very specific >circumstances, and regular people signing other people's keys are not >one of those circumstances. > Can you tell me one of these circumstances, I can't imagine one *g* >It's not necessarily a benefit to you >that someone can't revoke a signature - if you lose your key and can't >revoke it, you'd want your signers to revoke their signatures. > > Of course, but I have a printed revokation certificate below my bed,.... uhm ah,.. no it's not under my bed,.. but,.. uhm somewhere else ;-) >>Than the signature level (0, 1, 2 ,3) => of course 3 is the best,.. >>he/she checkt my UID very carefully or so >> >> > >Remember that the numbers don't actually mean anything - a "2" for one >person may be the same as a "3" for someone else. The web of trust >does not look at these numbers at all, except that signature level 1 >is ignored by default. You don't get any more validity from a 3 than >you get from a 2 or a 0. > > Ah, yes :-) >>Trust signatures,... >>What is the difference between a normal and a trust signature. I don't >>understand that concept *g* >> >> > >Trust signatures are not generally useful outside of hierarchal >company-type environments. > > Same as above,.. what would be an example where someone could use this? How does it work at all, I mean what does a trust signature tell the WoT? And what does the level of it mean? Best wishes, Christoph. -------------- next part -------------- A non-text attachment was scrubbed... Name: cam.vcf Type: text/x-vcard Size: 449 bytes Desc: not available Url : /pipermail/attachments/20051031/d084e656/cam.vcf From cam at mathematica.scientia.net Mon Oct 31 10:25:26 2005 From: cam at mathematica.scientia.net (Christoph Anton Mitterer) Date: Mon Oct 31 10:25:13 2005 Subject: the best signature type someone can give me In-Reply-To: <20051031003431.GC30195@jabberwocky.com> References: <43655E06.9050200@mathematica.scientia.net> <20051031003431.GC30195@jabberwocky.com> Message-ID: <4365E306.3070406@mathematica.scientia.net> Ah,.. an I forgot the following: I know you can change the has-alorithm that is used for making signatures. Does this applay for UID-signatures, too? If so,... should I (for security/cryptography reasons) ask users to sign my key only with SHA512 (or whatever is considered as the currently strongest hash)? And/or should I sign others UIDs only with SHA512 (..) ? Best wishes, Christoph Anton Mitterer. -------------- next part -------------- A non-text attachment was scrubbed... Name: cam.vcf Type: text/x-vcard Size: 449 bytes Desc: not available Url : /pipermail/attachments/20051031/57fabdd9/cam.vcf From wk at gnupg.org Mon Oct 31 11:09:48 2005 From: wk at gnupg.org (Werner Koch) Date: Mon Oct 31 11:11:47 2005 Subject: ECC In-Reply-To: <43655C96.20600@mathematica.scientia.net> (Christoph Anton Mitterer's message of "Mon, 31 Oct 2005 00:51:50 +0100") References: <435FAFE1.6080802@web.de> <4360E27F.6010508@comcast.net> <4364DDDC.5070502@mathematica.scientia.net> <20051030145907.GB30195@jabberwocky.com> <43655C96.20600@mathematica.scientia.net> Message-ID: <8764reuheb.fsf@wheatstone.g10code.de> On Mon, 31 Oct 2005 00:51:50 +0100, Christoph Anton Mitterer said: > I know that, of course, but I think that perhaps we'll have no ECC the > next 10 years or so,.. if noone makes the step,... There is no reason for ECC. Even chip cards are getting powerful enough not to need ECC for cost reasons. There is also the problem with US patents on many curves and essential implementation details. OTOH, there seems to be a move in the NSIS to go for ECC for longer DSA key sizes; this is due to decision on the new DSA key sizes. So there might be a change in some time. > btw: If GnuPG would implement ECC and add it unofficially to OpenPGP it > could be done in such a way, that it is compatible with the ideas and Standards are a Good Thing and it is the politic of the GNU project to comply with reasonable standards as long as there are no technical reasons to to some thin else. Proliferation of algorithms is actual a Bad Thing. We have seen that in the past: It hinders compatibility because not all implementations will go for a certain optional feature of a standard. OpenPGP is a good standard and we don't want to play evil by adding something outside of the standard. If the WG agrees on adding certain EC based algorithms we will support it. There is no rush for it and all tries in the past to add ECC have not been agreed upon. > As you can see, lots of todays standards startet as one-man-application, > e.g. OpenPGP (from PGP/RSA Inc.), JavaScript->ECMAScript (from OpenPGP has nothing to do with RSA Inc. Try asking Phil about RSA Inc. and you will soon see why. The OpenPGP WG has been founded out of an initiative by Phil Zimmermann and Jon Callas at the 1997 Munich IETF with the aim to keep PGP alive even if their new company would fail. > And in my opinion,... the algorithm/system of ECC is fixed,... of course > each standard may define things like headers or other small details No it is not. There a many things one need to agree upon. However there are some EC based algorithms which have a lot of support. > So if GnuPG would (pseudo-officially) implement that now,.. it could be > the first compliant application later :-) No, we will however add some ECC support into Libgcrypt as time permits. Shalom-Salam, Werner From wk at gnupg.org Mon Oct 31 11:14:26 2005 From: wk at gnupg.org (Werner Koch) Date: Mon Oct 31 11:16:45 2005 Subject: ECC In-Reply-To: <4364DDDC.5070502@mathematica.scientia.net> (Christoph Anton Mitterer's message of "Sun, 30 Oct 2005 15:51:08 +0100") References: <435FAFE1.6080802@web.de> <4360E27F.6010508@comcast.net> <4364DDDC.5070502@mathematica.scientia.net> Message-ID: <871x22uh6l.fsf@wheatstone.g10code.de> On Sun, 30 Oct 2005 15:51:08 +0100, Christoph Anton Mitterer said: > Goverments are often trying to restrict cryptography (see US) and also > here in Germany (using X.509 only which is in my opinion less secure There is no restriction to X.509 in Germany. It just a matter of fact that the very few signature law conforming CAs do X.509. If some CA decides to go for OpenPGP, they would just need to convince the Bundesnetzagentur to setup the required infrastructure and Mircosoft to support OpenPGP (the latter is the far more problematic thing). > than OpenPGP as its using a hierarchical certificate system). There is no indication at all that OpenPGP is stronger than X.509/CMS. OpenPGP allows very well for a hierarchical certificate system. Salam-Shalom, Werner From wk at gnupg.org Mon Oct 31 11:18:15 2005 From: wk at gnupg.org (Werner Koch) Date: Mon Oct 31 11:21:45 2005 Subject: OpenPG/X.509 interoperability In-Reply-To: <436558ED.2040800@mathematica.scientia.net> (Christoph Anton Mitterer's message of "Mon, 31 Oct 2005 00:36:13 +0100") References: <436558ED.2040800@mathematica.scientia.net> Message-ID: <87wtjut2fs.fsf@wheatstone.g10code.de> On Mon, 31 Oct 2005 00:36:13 +0100, Christoph Anton Mitterer said: > This is perhaps a stupid question but how far are these two standards > interoperable? They are not interoperable. > Can X.509 certificates be used to sign/certificate OpenPGP UIDs? No. You can add a private extension to do so. > Or can I import the keys as subkeys? No. > Or are there any other interoperability issues? Yes. > What about the two big "free" X.509" suppliers (CACert and Thawte) do > they sign OpenPGP keys? Don't know. Shalom-Salam, Werner From cam at mathematica.scientia.net Mon Oct 31 16:36:52 2005 From: cam at mathematica.scientia.net (Christoph Anton Mitterer) Date: Mon Oct 31 16:36:53 2005 Subject: ECC In-Reply-To: <8764reuheb.fsf@wheatstone.g10code.de> References: <435FAFE1.6080802@web.de> <4360E27F.6010508@comcast.net> <4364DDDC.5070502@mathematica.scientia.net> <20051030145907.GB30195@jabberwocky.com> <43655C96.20600@mathematica.scientia.net> <8764reuheb.fsf@wheatstone.g10code.de> Message-ID: <43663A14.7010003@mathematica.scientia.net> Werner Koch wrote: >>I know that, of course, but I think that perhaps we'll have no ECC the >>next 10 years or so,.. if noone makes the step,... >> >> Uhm,.. I probably have not that detailed knowlegde as you,... but when I've read the comparisions of cryptographical strength it seemed that ECC with very smaller key sizes is as strong as RSA/ElGamal with bigger key sizes,... doesn't this lead to the conclusion that ECC is an superior algorithm and should be used in favour? >There is no reason for ECC. Even chip cards are getting powerful >enough not to need ECC for cost reasons. There is also the problem >with US patents on many curves and essential implementation details. > > Uhm,... yes patents are always a big problem,... Do you remember when, I think it was BBC, claimed they had a patent in the US which would cover hyperlinks? Should the the world stop using knowledge just because someone in the US patented it? >OTOH, there seems to be a move in the NSIS to go for ECC for longer >DSA key sizes; this is due to decision on the new DSA key sizes. So >there might be a change in some time. > > Yes,.. I've read about that. And my new key is a RSA-S/ElGamal key,.. so I probably won't have that DSA/DSS problem :-) . >>btw: If GnuPG would implement ECC and add it unofficially to OpenPGP it >>could be done in such a way, that it is compatible with the ideas and >> >> >Standards are a Good Thing and it is the politic of the GNU project >to comply with reasonable standards as long as there are no technical >reasons to to some thin else. > Yes of course, I indeed love standards,.. but I meant the OpenSource community around GnuPG could _create_ such a standard. Look at XMPP (jabber),.. it works... :-) >>As you can see, lots of todays standards startet as one-man-application, >>e.g. OpenPGP (from PGP/RSA Inc.), JavaScript->ECMAScript (from >> >> >OpenPGP has nothing to do with RSA Inc. > Uhm sorry,.. *g* I meant PKCS 1 to somewhere. >Try asking Phil about RSA >Inc. and you will soon see why. The OpenPGP WG has been founded out >of an initiative by Phil Zimmermann and Jon Callas at the 1997 Munich >IETF with the aim to keep PGP alive even if their new company would >fail. > > It was in "my" city?? I didn't know that :-) >>So if GnuPG would (pseudo-officially) implement that now,.. it could be >>the first compliant application later :-) >> >> >No, we will however add some ECC support into Libgcrypt as time >permits. > > What about using that uhm,.. libecc (http://libecc.sourceforge.net/)? Best wishes, Chris. -------------- next part -------------- A non-text attachment was scrubbed... Name: cam.vcf Type: text/x-vcard Size: 449 bytes Desc: not available Url : /pipermail/attachments/20051031/da9cc2aa/cam.vcf From cam at mathematica.scientia.net Mon Oct 31 16:42:48 2005 From: cam at mathematica.scientia.net (Christoph Anton Mitterer) Date: Mon Oct 31 16:42:39 2005 Subject: OpenPG/X.509 interoperability In-Reply-To: <87wtjut2fs.fsf@wheatstone.g10code.de> References: <436558ED.2040800@mathematica.scientia.net> <87wtjut2fs.fsf@wheatstone.g10code.de> Message-ID: <43663B78.9070903@mathematica.scientia.net> Werner Koch wrote: >>Can X.509 certificates be used to sign/certificate OpenPGP UIDs? >> >> >No. You can add a private extension to do so. > > What do you mean by "private extension"? Chris. (from now on,.. imply my "best wishes" =) ) -------------- next part -------------- A non-text attachment was scrubbed... Name: cam.vcf Type: text/x-vcard Size: 449 bytes Desc: not available Url : /pipermail/attachments/20051031/567a8e62/cam.vcf From dshaw at jabberwocky.com Mon Oct 31 19:44:53 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Mon Oct 31 19:45:35 2005 Subject: the best signature type someone can give me In-Reply-To: <4365E107.40901@mathematica.scientia.net> References: <43655E06.9050200@mathematica.scientia.net> <20051031003431.GC30195@jabberwocky.com> <4365E107.40901@mathematica.scientia.net> Message-ID: <20051031184453.GA32013@jabberwocky.com> On Mon, Oct 31, 2005 at 10:16:55AM +0100, Christoph Anton Mitterer wrote: > David Shaw wrote: > > >It is not suggested. NR signatures are useful in very specific > >circumstances, and regular people signing other people's keys are not > >one of those circumstances. > > > Can you tell me one of these circumstances, I can't imagine one *g* Well, aside from this one: > >It's not necessarily a benefit to you > >that someone can't revoke a signature - if you lose your key and can't > >revoke it, you'd want your signers to revoke their signatures. It also doesn't take into account the very human possibility of mistake. If you sign by accident, you really don't want it to be a NR signature. > >Trust signatures are not generally useful outside of hierarchal > >company-type environments. > > > > > Same as above,.. what would be an example where someone could use this? > How does it work at all, I mean what does a trust signature tell the > WoT? And what does the level of it mean? First, read this: http://download.cryptoex.com/documents/whitepaper/cex2003-pgp-in-unternehmen-en/Tech%20White%20Paper%202002%20-%20Using%20OpenPGP%20in%20Corporations.pdf Then, read this: http://lists.gnupg.org/pipermail/gnupg-users/2005-May/025612.html David From dshaw at jabberwocky.com Mon Oct 31 19:46:28 2005 From: dshaw at jabberwocky.com (David Shaw) Date: Mon Oct 31 19:55:54 2005 Subject: the best signature type someone can give me In-Reply-To: <4365E306.3070406@mathematica.scientia.net> References: <43655E06.9050200@mathematica.scientia.net> <20051031003431.GC30195@jabberwocky.com> <4365E306.3070406@mathematica.scientia.net> Message-ID: <20051031184628.GB32013@jabberwocky.com> On Mon, Oct 31, 2005 at 10:25:26AM +0100, Christoph Anton Mitterer wrote: > Ah,.. an I forgot the following: > > I know you can change the has-alorithm that is used for making > signatures. Does this applay for UID-signatures, too? > > If so,... should I (for security/cryptography reasons) ask users to sign > my key only with SHA512 (or whatever is considered as the currently > strongest hash)? And/or should I sign others UIDs only with SHA512 (..) ? This is up to you, but note that most OpenPGP programs don't support SHA512 yet. Also note that most people have a DSA primary key and thus can't use any hash larger than 160 bits. David From ml at bitfalle.org Mon Oct 31 20:18:16 2005 From: ml at bitfalle.org (markus reichelt) Date: Mon Oct 31 20:18:12 2005 Subject: ECC In-Reply-To: <43663A14.7010003@mathematica.scientia.net> References: <435FAFE1.6080802@web.de> <4360E27F.6010508@comcast.net> <4364DDDC.5070502@mathematica.scientia.net> <20051030145907.GB30195@jabberwocky.com> <43655C96.20600@mathematica.scientia.net> <8764reuheb.fsf@wheatstone.g10code.de> <43663A14.7010003@mathematica.scientia.net> Message-ID: <20051031191816.GA4606@dantooine> * Christoph Anton Mitterer wrote: > >No, we will however add some ECC support into Libgcrypt as time > >permits. > > > What about using that uhm,.. libecc > (http://libecc.sourceforge.net/)? do you know of an application that uses this lib? it seems to be on hold. mailinglists are turned off, last release in 12/2004... -- left blank, right bald -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051031/886d2267/attachment.pgp From hawke at hawkesnest.net Mon Oct 31 22:01:38 2005 From: hawke at hawkesnest.net (Alex Mauer) Date: Mon Oct 31 22:05:04 2005 Subject: ECC In-Reply-To: <43663A14.7010003__39059.3502707363$1130773516$gmane$org@mathematica.scientia.net> References: <435FAFE1.6080802@web.de> <4360E27F.6010508@comcast.net> <4364DDDC.5070502@mathematica.scientia.net> <20051030145907.GB30195@jabberwocky.com> <43655C96.20600@mathematica.scientia.net> <8764reuheb.fsf@wheatstone.g10code.de> <43663A14.7010003__39059.3502707363$1130773516$gmane$org@mathematica.scientia.net> Message-ID: Christoph Anton Mitterer wrote: > Do you remember when, I think it was BBC, claimed they had a patent in > the US which would cover hyperlinks? It was British Telecom. google:"british telecom" hyperlink patent -- Bad - You get pulled over for doing 90 in a school zone and you're drunk off your ass again at three in the afternoon. Worse - The cop is drunk too, and he's a mean drunk. FUCK! - A mean drunk that's actually a swarm of semi-sentient flesh-eating beetles. OpenPGP key id: 0x51192FF2 @ subkeys.pgp.net -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 382 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20051031/f4628076/signature.pgp From cam at mathematica.scientia.net Mon Oct 31 23:08:53 2005 From: cam at mathematica.scientia.net (Christoph Anton Mitterer) Date: Mon Oct 31 23:08:43 2005 Subject: ECC In-Reply-To: <20051031191816.GA4606@dantooine> References: <435FAFE1.6080802@web.de> <4360E27F.6010508@comcast.net> <4364DDDC.5070502@mathematica.scientia.net> <20051030145907.GB30195@jabberwocky.com> <43655C96.20600@mathematica.scientia.net> <8764reuheb.fsf@wheatstone.g10code.de> <43663A14.7010003@mathematica.scientia.net> <20051031191816.GA4606@dantooine> Message-ID: <436695F5.5020706@mathematica.scientia.net> markus reichelt wrote: >* Christoph Anton Mitterer wrote: > > >>What about using that uhm,.. libecc >>(http://libecc.sourceforge.net/)? >> >> >do you know of an application that uses this lib? > No I don't but that shouldn't be a reason to forget about it,... >it seems to be on hold. mailinglists are turned off, last release in 12/2004... > Same thing,.. that shouldn't be a reason for others to reuse the code and continue its development, should it? :) Best wishes, Chris. -------------- next part -------------- A non-text attachment was scrubbed... Name: cam.vcf Type: text/x-vcard Size: 449 bytes Desc: not available Url : /pipermail/attachments/20051031/387df956/cam.vcf From cam at mathematica.scientia.net Mon Oct 31 23:15:49 2005 From: cam at mathematica.scientia.net (Christoph Anton Mitterer) Date: Mon Oct 31 23:15:36 2005 Subject: ECC In-Reply-To: References: <435FAFE1.6080802@web.de> <4360E27F.6010508@comcast.net> <4364DDDC.5070502@mathematica.scientia.net> <20051030145907.GB30195@jabberwocky.com> <43655C96.20600@mathematica.scientia.net> <8764reuheb.fsf@wheatstone.g10code.de> <43663A14.7010003__39059.3502707363$1130773516$gmane$org@mathematica.scientia.net> Message-ID: <43669795.9090408@mathematica.scientia.net> Alex Mauer wrote: >Christoph Anton Mitterer wrote: > > >>Do you remember when, I think it was BBC, claimed they had a patent in >>the US which would cover hyperlinks? >> >> >It was British Telecom. google:"british telecom" hyperlink patent > Ah,.. ok *g* But you see my point? Well,.. I indeed have nothing agains Americans,... some of my very best friends are Americans,... and I love the countrey,... But should the OS community ignore the the knowledge of the world because of stupid patents? If it would go after the US Patent Office,.. nearly each trivial thing would be patented,.. like cliking on a button to finish shopping in an online store or so. In my opinion the time of patents (no only software) should be over at all (but that's another discussion) as the historical reason why patents were introduced is no longer given.... But for our issues here: Of course the US is a big "market" and of course it would be sad to develop software that our friends in the US (or similar countries) could not use (due to patent issues)... BUT should the people in other nations renounce such things? In my opinion not,.... And keep in mind,.. with these statements I DON'T want to offend anyone neither being rude or so :-) Regards, Chris. -------------- next part -------------- A non-text attachment was scrubbed... Name: cam.vcf Type: text/x-vcard Size: 449 bytes Desc: not available Url : /pipermail/attachments/20051031/159c6cf7/cam.vcf From ml at bitfalle.org Mon Oct 31 23:52:41 2005 From: ml at bitfalle.org (markus reichelt) Date: Mon Oct 31 23:52:30 2005 Subject: ECC In-Reply-To: <436695F5.5020706@mathematica.scientia.net> References: <435FAFE1.6080802@web.de> <4360E27F.6010508@comcast.net> <4364DDDC.5070502@mathematica.scientia.net> <20051030145907.GB30195@jabberwocky.com> <43655C96.20600@mathematica.scientia.net> <8764reuheb.fsf@wheatstone.g10code.de> <43663A14.7010003@mathematica.scientia.net> <20051031191816.GA4606@dantooine> <436695F5.5020706@mathematica.scientia.net> Message-ID: <20051031225240.GC4606@dantooine> * Christoph Anton Mitterer wrote: > >>What about using that uhm,.. libecc > >>(http://libecc.sourceforge.net/)? > >> > >do you know of an application that uses this lib? > No I don't but that shouldn't be a reason to forget about it,... Now why is that? I didn't imply anything to such extent. I was merely curious about applications, that's all. Why do you think one should (not) forget about libecc? > >it seems to be on hold. mailinglists are turned off, last release > >in 12/2004... > Same thing,.. that shouldn't be a reason for others to reuse the > code and continue its development, should it? :) Rhetoric is fine, when used wisely ;) -- left blank, bald right -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20051031/6c9950d4/attachment.pgp From satya_b at hotmail.com Fri Oct 28 12:50:56 2005 From: satya_b at hotmail.com (bingumalla satyanarayana) Date: Tue Nov 1 11:43:16 2005 Subject: Character set and File exists Message-ID: Hello, I am new to GnuPG. If I run any command from gpg, I am getting the following message: gpg: conversion from `utf-8' to `roman8' not available I am using HP Unix 11.0. Is there any way to avoid the above message? Secondly, I am giving -o option in the command line and if the file already exists, I am prompted with the following message: File `b.txt' exists. Overwrite? (y/N) Is there any option to avoid the above message? Thanks in advance for your help. Thanks, Satya From ModuZ at qca.org.uk Fri Oct 28 14:15:37 2005 From: ModuZ at qca.org.uk (Modu, Zuky) Date: Tue Nov 1 11:43:30 2005 Subject: [Announce] GnuPG 1.3.91 released (development) Message-ID: <764804CFEDB271428F317BA030D478E8010C88DD@QCAEXCHANGE.QCA.CO.UK> Hi Zuky, I'm sorry this has nothing to do with your website. Its just that my Name is Zuky and i am on a quest to find out what it means and where it originates from, when i saw you web link on the net i thought you could help me. If you have any information that may help in my quest, i would be most grateful. thanks, Zuky ______________________________________________________________________ Qualifications and Curriculum Authority 83 Piccadilly London W1J 8QA Telephone: 020 7509 5555 Minicom: 020 7509 6546 Email: info@qca.org.uk www.qca.org.uk VAT registration number 706 7645 21 QCA is an exempt charity under the Charities Act 1993 DISCLAIMER This e-mail and any files transmitted with it, including replies and forwarded copies (which may contain alterations) subsequently transmitted from QCA, are confidential and solely for the use of the intended recipient. If you are not the intended recipient or the person responsible for delivering it to the intended recipient, you have received this e-mail in error and any use of its content is strictly prohibited. If you have received this e-mail in error please notify the IT network manager by e-mail to administrator@qca.org.uk and include a copy of this message. Please then delete this e-mail and destroy any copies of it. Opinions, conclusions and other information contained in this message that do not relate to the official business of QCA shall not be understood as endorsed or given by it. ______________________________________________________________________ From topas.org at web.de Sat Oct 29 00:10:56 2005 From: topas.org at web.de (Topas) Date: Tue Nov 1 11:43:37 2005 Subject: ECC In-Reply-To: <4360B122.5060402@gmail.com> References: <435FAFE1.6080802@web.de> <4360B122.5060402@gmail.com> Message-ID: <4362A1F0.4020202@web.de> Alphax wrote: > Is it in OpenPGP yet? I think there are IDs reserved for it,... but not sure if the whole algorithm/system is contained in RFC2440... Regards, Topas. From hhhobbit at securemecca.net Sat Oct 29 10:25:22 2005 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Tue Nov 1 11:43:46 2005 Subject: Feature request: expand 'clean' to 'clean total' Message-ID: <1130574322.13813.16.camel@sirius.brigham.net> On 27 Oct 2005 Dirk Traulsen wrote: > I first posted this under an old (but fitting) thread and got > no response. Sorry, if you already read it. > > Nowadays there are quite some keys, which have several hundred > signatures on their UIDs. This is a good thing for the WoT, > but it clutters the local keyrings, as normally you don't have > most of these signing keys. If the keys on your keyring are > completely trusted, you don't need the additional signatures. > Until now there is the option 'clean sigs' under '--edit KEY', > but it does only delete sigs, which can be verified by gpg > through comparison with the corresponding signing key. > > So here is my feature request: Please make an option to delete > signatures, for which there is no corresponding signing key on > the local keyring. > > David Shaw wrote: > > There is perhaps an argument to be made for a > > "super clean" that does clean and also removes any > > signature where the signing key is > > not present (in fact, an early version of clean did that), > > but that's a different thing than clean. > > I think there are so many commands and options, that it would > be better to expand the name and not take a new one. > > I suggest following solution: add a new option 'clean total' > to the known options 'clean sigs' and 'clean uids'. > > This could be the new part in the man-page: > > ===========Proposal for the man-page============== > clean Cleans keys by removing unusable pieces. This com- > mand can be used to keep keys neat and clean, and > it has no effect aside from that. > > sigs Remove any signatures that are not usable > by the trust calculations. For example, > this removes any signature that does not > validate. It also removes any signature > that is superceded by a later signature, > or signatures that were revoked. > > uids Compact (by removing all signatures > except the selfsig) any user ID that is > no longer usable (e.g. revoked, or > expired). > > total Remove like above any unusable signature > and UID, but also remove any signature > for which the signing key is not present. > > If invoked with no arguments, both `sigs' and `uids' are > cleaned. > If invoked without `total', only signatures for which the > signing key is present can be evaluted. > ===========Proposal for the man-page============== > > What do you think about that, David? > > I would really appreciate such a function and I think (hope), > that I'm not the only one. Please consider to implement it. As > I cannot do it myself, maybe I can help with this proposal. > > Dirk I hope I am misunderstanding this. I think I am. I have a little bit of a problem with this. First, I am NOT part of the WOT and never will be (look at my name and you will see why). Second, I have precious few public keys on my key ring, and Werner is one of them. You should all of those pretty "[User ID not found]" after all of those sigs. Thank goodness I am NOT part of the WOT. If I was (part of the WOT) and cleaned out all of those signatures on his key, signed it, and uploaded it to one of the keyservers so it reflected he had another signee, what would happen to the ones that were cleaned out? I am sure that most if not all of them are legitimate signatures. Like I said, I am pretty sure I am misunderstanding what you are doing. HHH -- Key Name: "Henry Hertz Hobbit" pub 1024D/E1FA6C62 2005-04-11 [expires: 2006-04-11] Key fingerprint = ACA0 B65B E20A 552E DFE2 EE1D 75B9 D818 E1FA 6C62 From hhhobbit at securemecca.net Sat Oct 29 10:52:05 2005 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Tue Nov 1 11:43:52 2005 Subject: Lots of questions Message-ID: <1130575925.13923.11.camel@sirius.brigham.net> On 27 Oct 2005, Christoph Anton Mitterer wrote: Rather than quoting what you have, I will just go through what your points and make comments. If I don't comment, I leave it to OTHERS to make the comments or you to hash it out alone. For the others, reply to his questions, not my comments (unless I am totally wrong). Whew, you asked a lot of questions. I GnuPG specific questions =============================== 1. Differences between 1.4.x & 1.9.x - OTHERS 2. symmetric + asymmetric - > total asymmetric I leave this for OTHERS, but generally speaking, from a historical perspective, the reason it was encrypted with symmetric, and only the session key was done assymetrically was because it would have taken FOREVER to do it with the just asymmetric. If you finally are able to do it all with asymmetric, don't we have a problem that now the algorithms themselves (and / or bit sizes) are susceptible to attack? What I am carefully leading you towards is that the ever increasing power of CPUs changes the game. What we can crack today wasn't even feasible ten years ago. The game changes as CPU power increases. 3. encrypt & sign - look at the souce code (I may be wrong here) 4. --gnupg totally compliant with OpenPGP / RFC 2440? OTHERS. However, according to the man pages, strictly speaking no. For that you use --openpgp or --rfc2440 which for now are equivalent. 5. The best random number source (for generating new keys) are engines that are not purely deterministic. For now those are ones that roll your mouse movements, key strokes and other stuff into the works for generating the numbers. Most versions of Linux are good because they do this, but older Unix Systems (Solaris, AIX, HPUX) can be bad which is why you use the Entropy Gathering Daemon or some other entropy adding method with them. 6. E, S, CS, & CSA meanings - OTHERS. 7. 4096 bit limit - well first, there are some algorithms that have hard limits built into them. Even if they don't, a 4096 bit key right now (29 Oct 2004) is HUGE. I can remember us thrashing out being able to use more than 96 bits 15+ years ago with the NSA. When you generate a 4096 bit key (and use it), be prepared for some awfully long times for things to be done. I have a 2+ GHz Athlon chip and it still took 4-5 minutes to generate the keys (I played Mahjongg tiles while it was working away on it). 8. Diff between 32 bit OS and 64 bit OS in creating keys - OTHERS. 9. --set-notation - see the man page. Since it seems entirely clear to me I don't understand what you are missing. They are primarily to store key values or other items when signing if that is what you are after. If it isn't, be more precise why you are asking it. Are you saying that it doesn't work? I have never used it so I don't know. II OpenPGP specific questions ================================= 1. Why can't you use RSA and ElGamal? You can. ElGamal is primarily used for encryption, NOT signing. For GnuPG, DSA is the primary signing method. RSA has been included since version 1.0.3. IDEA is not included because there is a patent that will not expire until 2007. 2. Is ElGamal the same as Diffie/Hellman? No, and yes. It is not EXACTLY the same. It is just based on the Diffie-Hellman key agreement: http://en.wikipedia.org/wiki/Elgamal For the rest of it you are now starting to sound like that professor in Back to School who had just one question in multiple parts. I leave it to OTHERS to answer these questions. I am getting a head ache just looking at all of them. 3. Why would you use a signing subkey for self-signatures? I am afraid I live in a minimalist universe and see no reason, but OTHERS may have a very good reason. 4. How are my secondary keys connected to the primary? Good queston! I am waiting for OTHERS to make it intelligible. In reality, the UID (I prefer the term KEY ID) and the fingerprint are bound tightly together and one does not exist in absence of the other. 5. I am not quite sure what you are saying here. Signing a message is not exactly the same thing as signing somebody else's key. You seem to be mixing the two things together. I like to think that when you sign somebody else's key, in a sense they got married. The signer key and the signee key are now bound together with a certain level of trust, and it is announced to the world. That is what the Web Of Trust (WOT) is all about. When you sign a message you use that other agreement (the WOT) to determine how much you can trust the message. I was debating on whether or not to write an entire missive on this to the group. The ad-hoc rules for the WOT need to be replaced with an extremely formalized methodology, but before you put the rules in place you need to hammer out what you are verifying. OTHERS - don't reply to my statements here, reply to his original questions. 6. How are you going to handle things if there is NO default UID? I think some of the OTHERS need to explain where they are going here. Even I am getting confused, e.g (portion of --list-keys): pub 1024D/985A444B 2002-06-03 uid Tomasz Kojm uid Tomasz Kojm uid Tomasz Kojm sub 1280g/08C827F9 2002-06-03 In case you are wondering, he is one of the top developers at ClamAV. Now, will the default UID please stand up? What I am trying to say is that as it is listed here, there is NO default UID, just a sequence of them tied to key 985A444, and a sub key 08C827F9. They are all bound together. In essence, they are a single entity with ties to other keys based on the signing of his key. 7. Of COURSE there is a difference between self-signatures to UIDs and signatures to other UIDs. Unless your name is DX, and you have a split personality where there is the bad DX, the good DX, and the objective DX, nobody knows you better than yourself. This is not hypothetical - I really knew somebody like this with bad DX saying they should rob the bank, good DX saying that was wrong, and objective DX saying they shouldn't do it because they would get caught and be put in jail. All three voices came from the same physical body, but the sounds of the voices and the personalities were entirely different! With that caveat, who knows you better than yourself? The signature to your own ID has the highest level of trust. 8. What is stored in a UID-signature? OTHERS. Go look in the source code. Concerning the "it get's worse", if you add a new UID, in effect your key has changed, just as it has changed if somebody has signed your key. I think all of this wasn't thought out well enough and is too complicated. However let's ask a semantic question. Going back to number 6 here (hypothetical), you knew Tomasz Kojm at school with the email address . You signed his key. Then he got a new address . Do you still trust him, and more to the point the new address? Since he is saying he is the same guy you knew at school, you fire off a message to his school address and ask if he has added this new email address to the key. He says that he has. The only thing that has changed is an extra UID. Your trust is exactly the same as it was before, BUT this should be noted by downloading (importing) his key again and asserting that it is the same entity (in this case person) by signing it again. What you are signing are HIS / HER records (or maybe an organization but the way it is now you seem to need a PERSON for signing), and if they change, it is your responsibility to re-sign the changes. 9. Signatures of other people shouldn't be invalidated unless you alter your UIDs (add / remove), or add / delete subkeys. OTHERS may disagree with me. I could care less how you change your default ciphers, compression, etc. I might think you are foolish doing it if it makes it impossible for you to communicate with others. Signing policy is more a function of the possessor of the key, than of the key itself. 10. OTHERS. If the encryption engines change to the point that your secret keys can't be read you have to start over with a new set of keys. Interoperability with older PGP software is legendary in not working. 11. Options for losing signatures? I can't think of any technical reasons. OTHERS? 12. When creating more than one encryption subkey ... There are as many reasons for this as there are people and their needs. For example, do you need the same bit size for emailing to somebody else a message that you don't care whether it is broken two weeks later as that document you want to squirrel away for years and years? That is just ONE reason for doing it. Personally, I don't have that type of need. 13. I don't understand the question. What do you mean when you are asking: "why you would want to create multiple sub keys and have each and every one of them signed." I think that is what you are saying. Look at this example: pub 1024D/AE053BE0 2004-03-10 [expires: 2014-03-08] uid RADVIS (Per Tunedal Casual) uid Info RADVIS uid Jobb RADVIS sub 1024D/DB6C057F 2004-03-10 [expires: 2006-03-10] sub 2048g/983AB16A 2005-02-01 [expires: 2006-04-07] Are you asking is there a reason for signing sub key DB6C057F but not signing 983AB16A? That doesn't even make sense to me. Do OTHERS know what he is asking here? I don't. III Algorithm Specific Questions =================================== 1. Asymmetric Algorithms: Any asymmetric algorithms do not depend solely on GnuPG. They need to be part of the OpenPGP standard. Your PGP cousins will need to be able to decrypt your messages, and you need to decrypt there messages. Nuff said. And before you dump on PGP, I can see that businesses really may want to go with PGP over GnuPG. It isn't that their staff are dumb. THEY ARE SWAMPED and out-sourcing the configuration of encryption may be money very well spent. Before the advent of spies and worms, a lot of people didn't use to believe that encryption had general purpose use. Well, it does have general purpose use now. 2. Symmetric Algorithms: When it comes to Symmetric algorithms, I would NEVER order them in terms of preference. For example you put CAST5 next to the last in order of preference, yet it is the default for GnuPG. Is that because you have the idea that using something other than the default is a good idea, or an inherent dislike of CAST5? Personally, I like TWOFISH: http://www.schneier.com/twofish.html It is unpatented, the source code is uncopyrighted, and it was one of the five AES finalists. I don't have a strong religious BIAS here. Now what if TWOFISH isn't in PGP and I communincate with somebody using PGP? Back to CAST5...or what ever they can handle. But if you are saying what you want to use for your own personal files, then use the strongest one you think will last as long as your need for the file you just encrypted. 3. Hashing Algorithms: Do not make the assumption that it is just the number of bits that makes the difference here. You have to be able to inter-operate with others using PGP. Let's say you pick SHA512, and PGP cousins don't have it (or even somebody using an older version of GnuPG). The message will be unreadable by the recipient. Be careful what you you pick. If you get a clear text message back saying "Duh, what did you say?" you will know you picked the wrong thing. In other words, there is a usability factor here, and you can be sitting there safe and sound and unable to communicate with others! What good does that do? 4. Compression Algorithms: Nuts. I should leave it at that. Generally speaking, the best compression to worst is in the order you have given, but I have seen cases where it doesn't turn out that way. Files like PDF, EXE, JPEG and others like them benefit very little from compression. Why don't we throw in the proprietary Lev-Zimpel "compress" program from 'nix boxes from years ago? Now having said all that drivel, the default to look at the recipient's key, use their preference, or if they don't have a preference to use ZIP sounds fine with me. Almost everybody has ZIP, and it is NOT a security question (unless you want them to be totally unable to uncompress it in which case I wonder why you sent the message to them in the first place). IV How to create my new key the best way? ============================================== That is totally up to you. I do need to add one statement. bzip2 doesn't have compression levels per-se. Yeah they are there, but the faster doesn't make it go all that much faster, nor does the best make it any better because that is the default. I would just take the default unless you want it to go faster. And then it doesn't go faster. But bzip2 is a wonderful compression algorithm for mainly ASCII text files. HHH -- Key Name: "Henry Hertz Hobbit" pub 1024D/E1FA6C62 2005-04-11 [expires: 2006-04-11] Key fingerprint = ACA0 B65B E20A 552E DFE2 EE1D 75B9 D818 E1FA 6C62