From paul.hartman at gmail.com Mon Jan 2 07:55:19 2012 From: paul.hartman at gmail.com (Paul Hartman) Date: Mon, 2 Jan 2012 00:55:19 -0600 Subject: Trying to create auth key on GPF CryptoStick Message-ID: Hi, I got a GPF CryptoStick 1.2 yesterday and have successfully added my new signing and encrypting subkeys to the card using GPG 2.0.18 and using it without trouble so far for those purposes. However, when I tried to create an authentication key it gives this error twice: gpg: key generation failed: Card error gpg: Key generation failed: Card error To get there, I ran "gpg --edit-key ", then "addcardkey" command, chose Authentication key, 4096 keysize, enter the requested PINs and passphrase, but it results in the error above. It is likely I'm doing something wrong, but am not sure what... if someone has any clues, it is appreciated if you can point me in the right direction. Thanks, Paul From gollo at fsfe.org Mon Jan 2 09:01:44 2012 From: gollo at fsfe.org (Martin Gollowitzer) Date: Mon, 2 Jan 2012 09:01:44 +0100 Subject: Trying to create auth key on GPF CryptoStick In-Reply-To: References: Message-ID: <20120102080144.GA17118@wingback.gollo.at> * Paul Hartman [120102 08:52, mID ]: > Hi, > > I got a GPF CryptoStick 1.2 yesterday and have successfully added my > new signing and encrypting subkeys to the card using GPG 2.0.18 and > using it without trouble so far for those purposes. However, when I > tried to create an authentication key it gives this error twice: > gpg: key generation failed: Card error > gpg: Key generation failed: Card error > > To get there, I ran "gpg --edit-key ", then "addcardkey" > command, chose Authentication key, 4096 keysize, enter the requested > PINs and passphrase, but it results in the error above. > > It is likely I'm doing something wrong, but am not sure what... if > someone has any clues, it is appreciated if you can point me in the > right direction. Even v2 cards can't carry 4096 Bit keys. The maximum size is 3072 Bits IIRC. Martin -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 490 bytes Desc: not available URL: From jerry at seibercom.net Mon Jan 2 13:25:23 2012 From: jerry at seibercom.net (Jerry) Date: Mon, 2 Jan 2012 07:25:23 -0500 Subject: What do these warning messages mean Message-ID: <20120102072523.3285da03@scorpio> I periodically run the following commands on a FreeBSD-8.2 amd64 machine: /usr/local/bin/gpg2 --keyserver wwwkeys.us.pgp.net --refresh-keys /usr/local/bin/gpg2 --edit-key clean minimize save These commands produce output that has several of the following messages displayed: gpg: subpacket of type 20 has critical bit set gpg: key 60AE908C: removed multiple subkey binding gpg: key 60AE908C: invalid subkey binding The number of such messages varies according to the signature. The majority of signatures have no warnings whatsoever. Then, I occasionally see this message (name intentionally obscured) gpg: key 36E54C93: invalid self-signature on user ID "User Name Ladies and gentleman, I will be unplugged from my email until the 17th of January. In the mean time here's a video of a bunny opening your mail http://www.youtube.com/watch?v=LMyaRmTwdKs Your mail will not be forwarded and I will contact you when I come back, alternatively you can contact one of the other administrators or email info at astalavista.com Merry christmas and a happy new year! Best regards, Sykadul From paul.hartman at gmail.com Mon Jan 2 18:25:43 2012 From: paul.hartman at gmail.com (Paul Hartman) Date: Mon, 2 Jan 2012 11:25:43 -0600 Subject: Trying to create auth key on GPF CryptoStick In-Reply-To: <20120102080144.GA17118@wingback.gollo.at> References: <20120102080144.GA17118@wingback.gollo.at> Message-ID: On Mon, Jan 2, 2012 at 2:01 AM, Martin Gollowitzer wrote: > * Paul Hartman [120102 08:52, > ?mID ]: > >> Hi, >> >> I got a GPF CryptoStick 1.2 yesterday and have successfully added my >> new signing and encrypting subkeys to the card using GPG 2.0.18 and >> using it without trouble so far for those purposes. However, when I >> tried to create an authentication key it gives this error twice: >> gpg: key generation failed: Card error >> gpg: Key generation failed: Card error >> >> To get there, I ran "gpg --edit-key ", then "addcardkey" >> command, chose Authentication key, 4096 keysize, enter the requested >> PINs and passphrase, but it results in the error above. >> >> It is likely I'm doing something wrong, but am not sure what... if >> someone has any clues, it is appreciated if you can point me in the >> right direction. > > Even v2 cards can't carry 4096 Bit keys. The maximum size is 3072 Bits > IIRC. Hi Martin, Crypto-Stick website states that it supported 4096-bit keys when using gnupg 2.0.18, and my signing and encryption subkeys on the card are in fact already 4096 bits, but they were created with gnupg on my PC and then transferred to the card, whereas the auth key creation is happening on the card itself, so maybe it has different limitations in this scenario (card-generated vs PC-generated). As far as I can tell, creation of the auth key outside of the smartcard is not supported. I just tried 3072 bits and it worked. Thanks! From drfarina at acm.org Tue Jan 3 02:43:57 2012 From: drfarina at acm.org (Daniel Farina) Date: Mon, 2 Jan 2012 17:43:57 -0800 Subject: A usability gap in fingerprint rendering and parsing Message-ID: Hello list, I was recently trying to encrypt a payload using fingerprints in my keyring to most unambiguously identify a key, when I encountered the following confusion. After giving up trying to find resolution via search engine I played with it a bit more I got it to work, but the head-scratching is, I think, unnecessary. Here's what I did: gpg --list-keys --fingerprint In the output is a line like: Key fingerprint = 560D 1AD1 81D9 81C2 D5D1 005F 10CA 1074 B50F 855E However, one cannot paste that string into gpg --encrypt --recipient, getting the "no public key" message, as one might expect. One can after removing the spaces, however. Two of the more obvious solution categories include: * Removing the otherwise helpful padding in the spaces between nibbles and decabytes * Expanding --recipient parsing code to accept this format Stepping back a bit, software and users that want to deal in fingerprints might be very different than software and users who want to deal in short ids and email addresses, and it might be nice to have a restricted --recipient option that only supports safe, unambiguous addressing of keys. I think I'm in the latter category. In any case, I think the output of the program should be, in this case, usable as input. Thoughts? -- fdr From jerome at jeromebaum.com Tue Jan 3 02:49:56 2012 From: jerome at jeromebaum.com (Jerome Baum) Date: Tue, 03 Jan 2012 02:49:56 +0100 Subject: A usability gap in fingerprint rendering and parsing In-Reply-To: References: Message-ID: <4F025EC4.3010003@jeromebaum.com> On 2012-01-03 02:43, Daniel Farina wrote: > Thoughts? --with-colons -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA -- nameserver 217.79.186.148 nameserver 178.63.26.172 http://opennicproject.org/ -- No situation is so dire that panic cannot make it worse. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 878 bytes Desc: OpenPGP digital signature URL: From jerome at jeromebaum.com Tue Jan 3 02:54:09 2012 From: jerome at jeromebaum.com (Jerome Baum) Date: Tue, 03 Jan 2012 02:54:09 +0100 Subject: A usability gap in fingerprint rendering and parsing In-Reply-To: <20120103015248.22276.qmail@cfe1.sui-inter.net> References: <20120103015248.22276.qmail@cfe1.sui-inter.net> Message-ID: <4F025FC1.3010303@jeromebaum.com> On 2012-01-03 02:52, sykadul at astalavista.com wrote: > Ladies and gentleman, I will be unplugged from my email until the 17th of January. > > In the mean time here's a video of a bunny opening your mail http://www.youtube.com/watch?v=LMyaRmTwdKs > > Your mail will not be forwarded and I will contact you when I come back, alternatively you can contact one of the other administrators or email info at astalavista.com > > Merry christmas and a happy new year! > > Best regards, > Sykadul > > Stop spamming me! (But the video is nice.) -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA -- nameserver 217.79.186.148 nameserver 178.63.26.172 http://opennicproject.org/ -- No situation is so dire that panic cannot make it worse. From wk at gnupg.org Tue Jan 3 10:59:20 2012 From: wk at gnupg.org (Werner Koch) Date: Tue, 03 Jan 2012 10:59:20 +0100 Subject: Question regarding unknown certificates In-Reply-To: <87d3dlsza6.fsf@vigenere.g10code.de> (Werner Koch's message of "Tue, 25 Oct 2011 20:27:06 +0200") References: <20111025084852.27c43286@scorpio> <87d3dlsza6.fsf@vigenere.g10code.de> Message-ID: <87boqlksxz.fsf@vigenere.g10code.de> On Tue, 25 Oct 2011 20:27, wk at gnupg.org said: > On Tue, 25 Oct 2011 14:48, gnupg.user at seibercom.net said: >> Since most of these certificates appear to be expired anyway, can I >> just delete that file? I am not sure why they are being listed anyway. > > Yes. I will keep them in the file because these certificates are useful in the "chain" validation model. Usually we use the "shell" model where expiration dates have an obvious meaning. For German qualified signatures the "chain" model is required. Basically, it compares the expiration date to the date given in the signatures. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From jerome at jeromebaum.com Tue Jan 3 14:10:19 2012 From: jerome at jeromebaum.com (Jerome Baum) Date: Tue, 03 Jan 2012 14:10:19 +0100 Subject: Question regarding unknown certificates In-Reply-To: <87boqlksxz.fsf@vigenere.g10code.de> References: <20111025084852.27c43286@scorpio> <87d3dlsza6.fsf@vigenere.g10code.de> <87boqlksxz.fsf@vigenere.g10code.de> Message-ID: <4F02FE3B.1080109@jeromebaum.com> On 2012-01-03 10:59, Werner Koch wrote: > I will keep them in the file because these certificates are useful in > the "chain" validation model. Usually we use the "shell" model where > expiration dates have an obvious meaning. For German qualified > signatures the "chain" model is required. Basically, it compares the > expiration date to the date given in the signatures. I lack the experience to understand how the chain model makes any sense at all. Would anyone care to elaborate? In my understanding, a signing key can be set to expire to help prevent unauthorized use. AFAIK there is no other use in expiring a signing key. The situation is different with an encryption key but let's focus on signing keys because that's what CA keys are. So we need only worry about abuse. Now say I'm a CA and my key is set to expire in 4 weeks. I now make a certification on another key that is set to expire in a year. Now look 5 weeks into the future, my key is stolen. At this point, in the shell model, the key is useless to an attacker -- the point in expiring my key in the first place. But in the chain model, the attacker can just back-date any certification. To protect against this in the chain model, we need qualified timestamps. To protect against this in the shell model, we only need common sense -- I'm pretty sure nobody here emailed a reply to this very message a few weeks ago. Time only moves forward. I do see that we can use qualified timestamps for this. But then the timestamp either needs to be renewed on a regular basis, or the key that signs the timestamp needs to have a long expiration date. If I renew the timestamp regularly, why not just renew the certification directly? If the timestamping key has a long expiration date, all else being equal, it is more vulnerable than the CA key. So we need to make up for that by protecting the timestamping key more carefully. But we need at least as many timestamps as we need CA certifications. Therefore the timestamping key must be as readily available as the CA keys. To make it more well-protected, we therefore need a higher investment, resulting in higher fees. These higher fees, at least by proxy, now apply to CA certifications as well. We might as well have directly protected the CA keys more carefully. What have we gained compared to the shell model? What did I miss? -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA -- nameserver 217.79.186.148 nameserver 178.63.26.172 http://opennicproject.org/ -- No situation is so dire that panic cannot make it worse. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 878 bytes Desc: OpenPGP digital signature URL: From wk at gnupg.org Tue Jan 3 15:32:03 2012 From: wk at gnupg.org (Werner Koch) Date: Tue, 03 Jan 2012 15:32:03 +0100 Subject: Question regarding unknown certificates In-Reply-To: <4F02FE3B.1080109@jeromebaum.com> (Jerome Baum's message of "Tue, 03 Jan 2012 14:10:19 +0100") References: <20111025084852.27c43286@scorpio> <87d3dlsza6.fsf@vigenere.g10code.de> <87boqlksxz.fsf@vigenere.g10code.de> <4F02FE3B.1080109@jeromebaum.com> Message-ID: <87ehvgkgbg.fsf@vigenere.g10code.de> On Tue, 3 Jan 2012 14:10, jerome at jeromebaum.com said: > I lack the experience to understand how the chain model makes any sense > at all. Would anyone care to elaborate? No. There is sufficient information about this available. For example check out the BSI documents pertaining to the qualified signature. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From gollo at fsfe.org Tue Jan 3 21:16:45 2012 From: gollo at fsfe.org (Martin Gollowitzer) Date: Tue, 3 Jan 2012 21:16:45 +0100 Subject: Trying to create auth key on GPF CryptoStick In-Reply-To: References: <20120102080144.GA17118@wingback.gollo.at> Message-ID: <20120103201645.GA8296@wingback.gollo.at> * Paul Hartman [120102 19:35, mID ]: > Crypto-Stick website states that it supported 4096-bit keys when using > gnupg 2.0.18, and my signing and encryption subkeys on the card are in > fact already 4096 bits, but they were created with gnupg on my PC and > then transferred to the card, whereas the auth key creation is > happening on the card itself, so maybe it has different limitations in > this scenario (card-generated vs PC-generated). As far as I can tell, > creation of the auth key outside of the smartcard is not supported. Werner, is that correct? The card you gave me at FSCONS back in 2009 states that 3072 Bits is the maximum key size. I use 2048 Bit keys at the moment since back then I even had problems with 3072 Bit Keys. > I just tried 3072 bits and it worked. Thanks! Hehe, no problem :-) All the best, Martin -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 4052 bytes Desc: not available URL: From kloecker at kde.org Tue Jan 3 21:49:21 2012 From: kloecker at kde.org (Ingo =?iso-8859-15?q?Kl=F6cker?=) Date: Tue, 03 Jan 2012 21:49:21 +0100 Subject: Question regarding unknown certificates In-Reply-To: <4F02FE3B.1080109@jeromebaum.com> References: <20111025084852.27c43286@scorpio> <87boqlksxz.fsf@vigenere.g10code.de> <4F02FE3B.1080109@jeromebaum.com> Message-ID: <201201032149.22120@thufir.ingo-kloecker.de> On Tuesday 03 January 2012, Jerome Baum wrote: > On 2012-01-03 10:59, Werner Koch wrote: > > I will keep them in the file because these certificates are useful > > in the "chain" validation model. Usually we use the "shell" model > > where expiration dates have an obvious meaning. For German > > qualified signatures the "chain" model is required. Basically, it > > compares the expiration date to the date given in the signatures. > > I lack the experience to understand how the chain model makes any > sense at all. Would anyone care to elaborate? > > In my understanding, a signing key can be set to expire to help > prevent unauthorized use. AFAIK there is no other use in expiring a > signing key. The situation is different with an encryption key but > let's focus on signing keys because that's what CA keys are. So we > need only worry about abuse. > > Now say I'm a CA and my key is set to expire in 4 weeks. I now make a > certification on another key that is set to expire in a year. What expires a year from now? Your signature on the other key or the other key itself? I guess you meant the other key. (If you sign a key with a key with expiration date with GnuPG then you will be asked whether the signature shall expire at the same date as your key.) > Now > look 5 weeks into the future, my key is stolen. At this point, in > the shell model, the key is useless to an attacker -- the point in > expiring my key in the first place. If your key is stolen, but not compromised, i.e. the attacker has not cracked your password, then the key is useless to the attacker regardless of any expiration. OTOH, if your key is compromised then the attacker will simply set a new expiration date. The only protection against abuse of a stolen (and potentially compromised) key is the revokation of the key. Regards, Ingo -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: From jerome at jeromebaum.com Tue Jan 3 22:37:34 2012 From: jerome at jeromebaum.com (Jerome Baum) Date: Tue, 03 Jan 2012 22:37:34 +0100 Subject: Question regarding unknown certificates In-Reply-To: <87ehvgkgbg.fsf@vigenere.g10code.de> References: <20111025084852.27c43286@scorpio> <87d3dlsza6.fsf@vigenere.g10code.de> <87boqlksxz.fsf@vigenere.g10code.de> <4F02FE3B.1080109@jeromebaum.com> <87ehvgkgbg.fsf@vigenere.g10code.de> Message-ID: <4F03751E.20408@jeromebaum.com> On 2012-01-03 15:32, Werner Koch wrote: > No. There is sufficient information about this available. For example > check out the BSI documents pertaining to the qualified signature. I have read the three paragraphs (out of 165 pages) that "Grundladen der elektronischen Signatur" spends on this. They say (words to the effect of): The law says so. (I see there could be use-cases for the chain model, as there could be use-cases for any validity model, but I'm asking if anyone knows a practical example. I always took gnupg-users to be a user-friendly list of people happy to help out with general crypto-related questions. In my mind for most cases the chain model is overly risky, no?) -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA -- nameserver 217.79.186.148 nameserver 178.63.26.172 http://opennicproject.org/ -- No situation is so dire that panic cannot make it worse. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 878 bytes Desc: OpenPGP digital signature URL: From jerome at jeromebaum.com Tue Jan 3 22:41:25 2012 From: jerome at jeromebaum.com (Jerome Baum) Date: Tue, 03 Jan 2012 22:41:25 +0100 Subject: Question regarding unknown certificates In-Reply-To: <201201032149.22120@thufir.ingo-kloecker.de> References: <20111025084852.27c43286@scorpio> <87boqlksxz.fsf@vigenere.g10code.de> <4F02FE3B.1080109@jeromebaum.com> <201201032149.22120@thufir.ingo-kloecker.de> Message-ID: <4F037605.70104@jeromebaum.com> On 2012-01-03 21:49, Ingo Kl?cker wrote: > On Tuesday 03 January 2012, Jerome Baum wrote: >> Now say I'm a CA and my key is set to expire in 4 weeks. I now make a >> certification on another key that is set to expire in a year. > > What expires a year from now? Your signature on the other key or the > other key itself? I guess you meant the other key. (If you sign a key > with a key with expiration date with GnuPG then you will be asked > whether the signature shall expire at the same date as your key.) I see the ambiguity in my sentence. In the context of German qualified signatures, it's the other key. That's also what I meant. >> Now >> look 5 weeks into the future, my key is stolen. At this point, in >> the shell model, the key is useless to an attacker -- the point in >> expiring my key in the first place. > > If your key is stolen, but not compromised, i.e. the attacker has not > cracked your password, then the key is useless to the attacker > regardless of any expiration. OTOH, if your key is compromised then the > attacker will simply set a new expiration date. I meant that the attacker got at the raw key material somehow. The attacker can't always set a new expiration date. Consider that the CA key may be confirmed by some master CA which sets the expiration date. So this question wasn't specific to OpenPGP. (I know this list is called "gnupg-users" but so far my experience has been that the list is very friendly for off-topic talk/questions to a reasonable extent.) > The only protection against abuse of a stolen (and potentially > compromised) key is the revokation of the key. There's an example in my email of how an expiration date can be useful: > But in the chain model, the attacker can just > back-date any certification. > > To protect against this in the chain model, we need qualified > timestamps. To protect against this in the shell model, we only need > common sense -- I'm pretty sure nobody here emailed a reply to this very > message a few weeks ago. Time only moves forward. So the shell model certainly offers protection against certain types of abuse that the chain model doesn't offer protection against. Digging deeper into this it appears the hybrid model is an excellent compromise, with better security than the chain model but still with long-term non-repudiation. (I misunderstood the shell model to be the hybrid model. I was surprised to find out that the shell model expires data signatures as soon as any certificate in the chain expires.) Out of those three options, the chain model is the only one in which this scenario is a problem: 1. CA key has expired. 2. Certifications may be back-dated. 3. (Data) signatures may not be (e.g. follow-up to this thread can't be three weeks ago). 4. Attacker has access to secret key material (after expiration). So what is a good reason to use the chain model as opposed to the hybrid model? I see that you can want data signatures to last beyond the CA key, but why would you want that for a certification? (And don't tell me "because SigG says so". :) ) (I'm not at all trying to conclude the chain model is useless. Like I said I haven't dug deep enough into this material to fully understand the implications. That's what I'm trying to do and was hoping someone could share their wisdom. :) People are nicer to interact with than books and PDFs. ) -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA -- nameserver 217.79.186.148 nameserver 178.63.26.172 http://opennicproject.org/ -- No situation is so dire that panic cannot make it worse. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 878 bytes Desc: OpenPGP digital signature URL: From wk at gnupg.org Wed Jan 4 10:33:01 2012 From: wk at gnupg.org (Werner Koch) Date: Wed, 04 Jan 2012 10:33:01 +0100 Subject: Trying to create auth key on GPF CryptoStick In-Reply-To: <20120103201645.GA8296@wingback.gollo.at> (Martin Gollowitzer's message of "Tue, 3 Jan 2012 21:16:45 +0100") References: <20120102080144.GA17118@wingback.gollo.at> <20120103201645.GA8296@wingback.gollo.at> Message-ID: <878vlnhkxe.fsf@vigenere.g10code.de> On Tue, 3 Jan 2012 21:16, gollo at fsfe.org said: > Werner, is that correct? The card you gave me at FSCONS back in 2009 > states that 3072 Bits is the maximum key size. I use 2048 Bit keys at They state 3072 because that is what GnuPG supported at that time; the cards supported 4096, though. Since 2.0.18 GnuPG supports 4096 with those cards. There is still no reason to use it 2048 is more than sufficient. IF you think you need more, you should ask yourself several questions. One of these questions should be, whether you have checked the chip design and the firmware of the card. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Wed Jan 4 10:38:29 2012 From: wk at gnupg.org (Werner Koch) Date: Wed, 04 Jan 2012 10:38:29 +0100 Subject: Question regarding unknown certificates In-Reply-To: <4F03751E.20408@jeromebaum.com> (Jerome Baum's message of "Tue, 03 Jan 2012 22:37:34 +0100") References: <20111025084852.27c43286@scorpio> <87d3dlsza6.fsf@vigenere.g10code.de> <87boqlksxz.fsf@vigenere.g10code.de> <4F02FE3B.1080109@jeromebaum.com> <87ehvgkgbg.fsf@vigenere.g10code.de> <4F03751E.20408@jeromebaum.com> Message-ID: <874nwbhkoa.fsf@vigenere.g10code.de> On Tue, 3 Jan 2012 22:37, jerome at jeromebaum.com said: > of people happy to help out with general crypto-related questions. In my > mind for most cases the chain model is overly risky, no?) Yes. To make it work it requires online revocation checks. That opens yet another can of worms. See also the recent discussion thread on coderpunks about revocations of software signing certificates. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From nicholas.cole at gmail.com Wed Jan 4 11:21:22 2012 From: nicholas.cole at gmail.com (Nicholas Cole) Date: Wed, 4 Jan 2012 10:21:22 +0000 Subject: Trying to create auth key on GPF CryptoStick In-Reply-To: <878vlnhkxe.fsf@vigenere.g10code.de> References: <20120102080144.GA17118@wingback.gollo.at> <20120103201645.GA8296@wingback.gollo.at> <878vlnhkxe.fsf@vigenere.g10code.de> Message-ID: On Wed, Jan 4, 2012 at 9:33 AM, Werner Koch wrote: > On Tue, ?3 Jan 2012 21:16, gollo at fsfe.org said: > >> Werner, is that correct? The card you gave me at FSCONS back in 2009 >> states that 3072 Bits is the maximum key size. I use 2048 Bit keys at > > They state 3072 because that is what GnuPG supported at that time; the > cards supported 4096, though. ?Since 2.0.18 GnuPG supports 4096 with > those cards. > > There is still no reason to use it 2048 is more than sufficient. ?IF you > think you need more, you should ask yourself several questions. ?One of > these questions should be, whether you have checked the chip design and > the firmware of the card. Quite frankly, I don't think most people need anything more than a 512 bit key. :-) But all the same, to be serious, I suppose it is a bit (just a tiny bit) unsettling that NIST is recommending that everyone move to either very long keys for really secure data or else to ECC: http://www.elliptictech.com/applications-suiteb.php (for example) I know that the request for stupidly, idiotically long key sizes is as old as PGP itself, but all the same, I suspect that these sorts of requests will be more and more common until gpg is capable of supporting the latest "state of the art". Even then, it won't satisfy everyone, but at least we'll be able to say "if it's good enough for NIST....." N. From wk at gnupg.org Wed Jan 4 12:22:28 2012 From: wk at gnupg.org (Werner Koch) Date: Wed, 04 Jan 2012 12:22:28 +0100 Subject: Trying to create auth key on GPF CryptoStick In-Reply-To: (Nicholas Cole's message of "Wed, 4 Jan 2012 10:21:22 +0000") References: <20120102080144.GA17118@wingback.gollo.at> <20120103201645.GA8296@wingback.gollo.at> <878vlnhkxe.fsf@vigenere.g10code.de> Message-ID: <87zke3g1aj.fsf@vigenere.g10code.de> On Wed, 4 Jan 2012 11:21, nicholas.cole at gmail.com said: > http://www.elliptictech.com/applications-suiteb.php (for example) > > requests will be more and more common until gpg is capable of > supporting the latest "state of the art". Even then, it won't satisfy > everyone, but at least we'll be able to say "if it's good enough for > NIST....." Well, 2.1 beta supports ECC with the Suite B compliant algorithms. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From nicholas.cole at gmail.com Wed Jan 4 13:37:10 2012 From: nicholas.cole at gmail.com (Nicholas Cole) Date: Wed, 4 Jan 2012 12:37:10 +0000 Subject: Trying to create auth key on GPF CryptoStick In-Reply-To: <87zke3g1aj.fsf@vigenere.g10code.de> References: <20120102080144.GA17118@wingback.gollo.at> <20120103201645.GA8296@wingback.gollo.at> <878vlnhkxe.fsf@vigenere.g10code.de> <87zke3g1aj.fsf@vigenere.g10code.de> Message-ID: On Wed, Jan 4, 2012 at 11:22 AM, Werner Koch wrote: > On Wed, ?4 Jan 2012 11:21, nicholas.cole at gmail.com said: > >> http://www.elliptictech.com/applications-suiteb.php ?(for example) >> >> requests will be more and more common until gpg is capable of >> supporting the latest "state of the art". ?Even then, it won't satisfy >> everyone, but at least we'll be able to say "if it's good enough for >> NIST....." > > Well, 2.1 beta supports ECC with the Suite B compliant algorithms. I know - the gpg team is wonderful. :-) I wasn't criticising them, just suggesting that the pressure for longer/different keys was likely to grow, even if it doesn't really make a lot of sense for most users. Is there any plan to back-port the ECC support? N. From wk at gnupg.org Wed Jan 4 14:01:35 2012 From: wk at gnupg.org (Werner Koch) Date: Wed, 04 Jan 2012 14:01:35 +0100 Subject: Trying to create auth key on GPF CryptoStick In-Reply-To: (Nicholas Cole's message of "Wed, 4 Jan 2012 12:37:10 +0000") References: <20120102080144.GA17118@wingback.gollo.at> <20120103201645.GA8296@wingback.gollo.at> <878vlnhkxe.fsf@vigenere.g10code.de> <87zke3g1aj.fsf@vigenere.g10code.de> Message-ID: <87fwfvfwpc.fsf@vigenere.g10code.de> On Wed, 4 Jan 2012 13:37, nicholas.cole at gmail.com said: > Is there any plan to back-port the ECC support? No. We definitely need to move forward with 2.1 and not keep on updating 2.0. It would be quite some work to integrate that in 1.4 and I see no reason to do that. Remember that this is not a one-time task but requires continues maintenance. We don't have the resources to do that. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From nicholas.cole at gmail.com Wed Jan 4 14:27:45 2012 From: nicholas.cole at gmail.com (Nicholas Cole) Date: Wed, 4 Jan 2012 13:27:45 +0000 Subject: Trying to create auth key on GPF CryptoStick In-Reply-To: <87fwfvfwpc.fsf@vigenere.g10code.de> References: <20120102080144.GA17118@wingback.gollo.at> <20120103201645.GA8296@wingback.gollo.at> <878vlnhkxe.fsf@vigenere.g10code.de> <87zke3g1aj.fsf@vigenere.g10code.de> <87fwfvfwpc.fsf@vigenere.g10code.de> Message-ID: On Wed, Jan 4, 2012 at 1:01 PM, Werner Koch wrote: > On Wed, ?4 Jan 2012 13:37, nicholas.cole at gmail.com said: > >> Is there any plan to back-port the ECC support? > > No. ?We definitely need to move forward with 2.1 and not keep on > updating 2.0. ?It would be quite some work to integrate that in 1.4 and > I see no reason to do that. ?Remember that this is not a one-time task > but requires continues maintenance. ?We don't have the resources to do > that. That is a shame, although I do completely understand the resources problem. Though gpg2.1 has lots of wonderful features, it IS a much bigger, much more complex package. I've always liked the fact that gpg1.4 can be built relatively simply, and the code-base looks relatively easy to understand. It really is a case of simply downloading and building. People using gpg2 often have to rely on third-party packagers. You said earlier that someone wanting really high security ought to be prepared to audit the different elements of the system. I'm no expert, but I'd have thought that would be easier if deploying 1.4. Perhaps that is wrong, and in fact people can have better confidence in the new version. I suppose I'd imagined that once the ECC code was written it would effectively be a module that could be integrated relatively easily into the old code. I do understand if that's not the case, but there are reasons why 1.4 is still so popular. Do you think those reasons are outdated and need to be confronted? N. From wk at gnupg.org Wed Jan 4 16:08:22 2012 From: wk at gnupg.org (Werner Koch) Date: Wed, 04 Jan 2012 16:08:22 +0100 Subject: Trying to create auth key on GPF CryptoStick In-Reply-To: (Nicholas Cole's message of "Wed, 4 Jan 2012 13:27:45 +0000") References: <20120102080144.GA17118@wingback.gollo.at> <20120103201645.GA8296@wingback.gollo.at> <878vlnhkxe.fsf@vigenere.g10code.de> <87zke3g1aj.fsf@vigenere.g10code.de> <87fwfvfwpc.fsf@vigenere.g10code.de> Message-ID: <87boqjfqu1.fsf@vigenere.g10code.de> On Wed, 4 Jan 2012 14:27, nicholas.cole at gmail.com said: > problem. Though gpg2.1 has lots of wonderful features, it IS a much > bigger, much more complex package. I've always liked the fact that Not really. Sure it has some extra features like S/MIME but you can disable them. A benefit is, that it is modularized, This allows us to make changes in one module without affecting the stability of another module. The modules can be separately tested and due to the well-defined interface it is much easier to debug. > gpg1.4 can be built relatively simply, and the code-base looks That is true. But how many of you are using 20 years old Unix versions? Is it really justified to spend so much time on it? > downloading and building. People using gpg2 often have to rely on > third-party packagers. There is a Makefile in gnupg/scripts/gpg-w32-dev which can easily be adjusted for Unix systems. It builds GnuPG 2.x and all libraries. > expert, but I'd have thought that would be easier if deploying 1.4. > Perhaps that is wrong, and in fact people can have better confidence > in the new version. The code in 2.0 is quite better than the cruft we collected of many years in 1.4 ;-). > I suppose I'd imagined that once the ECC code was written it would > effectively be a module that could be integrated relatively easily > into the old code. I do understand if that's not the case, but there > are reasons why 1.4 is still so popular. Do you think those reasons I don't know why 1.4 is so popular. For a server, okay. But for a desktop, I really don't understand it. Even for a server 2.1 will be much better suited than the old 1.4. ECC is not just another plug-in algorithm but requires a lot more code. In Libgcrypt we can easily improve the performance, while doing this in 1.4 can not be justified. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From dpmcgee at gmail.com Thu Jan 5 23:19:42 2012 From: dpmcgee at gmail.com (Dan McGee) Date: Thu, 5 Jan 2012 16:19:42 -0600 Subject: Short ID Collision In-Reply-To: <4EFC223C.70104@enigmail.net> References: <20111228061341.58bbc849@scorpio> <8706BEE8-CB0F-480E-AA41-4AD9AE60A7BC@jabberwocky.com> <20111228155525.2b8c671b@scorpio> <4EFC223C.70104@enigmail.net> Message-ID: On Thu, Dec 29, 2011 at 2:18 AM, John Clizbe wrote: > Jerry wrote: >> >> It would seem, and this is strictly my own opinion, that if the "old >> pksd" servers are dead then there is no logical reason to continue to >> support them. Just my 2?. > > If only all software support decisions were that cut and dried. Oh well... > > David Shaw committed patches to the 1.4, 2.0, & 2.1 branches of GnuPG yesterday > afternoon (28-Dec). The change will be in the next release of each branch. Just discovered keyservers are still totally crappy on this front. Check this out when using a subkey ID to try to fetch a key; the following is a request produced by GPGME gpgme_get_key() that returns no matches (note that this is a subkey ID): Subkey lookup, broken in first URL: http://pgp.mit.edu:11371/pks/lookup?op=index&options=mr&search=0x22AD5874F39D989F&exact=on vs. http://pgp.mit.edu:11371/pks/lookup?op=index&options=mr&search=0xF39D989F&exact=on Public key lookup, both work: http://pgp.mit.edu:11371/pks/lookup?op=index&options=mr&search=0x6D1A9E70E19DAA50&exact=on vs. http://pgp.mit.edu:11371/pks/lookup?op=index&options=mr&search=0xE19DAA50&exact=on This is totally unacceptable in my opinion, why do we have such broken infrastructure that it cannot support a simple lookup like this? -Dan From drfarina at acm.org Fri Jan 6 00:12:22 2012 From: drfarina at acm.org (Daniel Farina) Date: Thu, 5 Jan 2012 15:12:22 -0800 Subject: A usability gap in fingerprint rendering and parsing In-Reply-To: <4F025EC4.3010003@jeromebaum.com> References: <4F025EC4.3010003@jeromebaum.com> Message-ID: On Mon, Jan 2, 2012 at 5:49 PM, Jerome Baum wrote: > On 2012-01-03 02:43, Daniel Farina wrote: >> Thoughts? > > --with-colons Should that become the default? What's the use of nibbles that cannot be parsed by --recipient? I also prefer to read the whitespace, but in that case --recipient can be taught to ignore whitespace when interpreting a stream of hexadecimal. -- fdr From John at enigmail.net Fri Jan 6 00:21:08 2012 From: John at enigmail.net (John Clizbe) Date: Thu, 05 Jan 2012 17:21:08 -0600 Subject: Short ID Collision In-Reply-To: References: <20111228061341.58bbc849@scorpio> <8706BEE8-CB0F-480E-AA41-4AD9AE60A7BC@jabberwocky.com> <20111228155525.2b8c671b@scorpio> <4EFC223C.70104@enigmail.net> Message-ID: <4F063064.2030602@enigmail.net> Dan McGee wrote: > On Thu, Dec 29, 2011 at 2:18 AM, John Clizbe wrote: >> Jerry wrote: >>> >>> It would seem, and this is strictly my own opinion, that if the "old >>> pksd" servers are dead then there is no logical reason to continue to >>> support them. Just my 2?. >> >> If only all software support decisions were that cut and dried. Oh well... >> >> David Shaw committed patches to the 1.4, 2.0, & 2.1 branches of GnuPG yesterday >> afternoon (28-Dec). The change will be in the next release of each branch. > > Just discovered keyservers are still totally crappy on this front. > Check this out when using a subkey ID to try to fetch a key; the > following is a request produced by GPGME gpgme_get_key() that returns > no matches (note that this is a subkey ID): I guess you don't know the degree that SKS from its outset stripped much of the "crappy" from PKSD. The few flecks of fecal implementation were needed at the time for interoperability -- a nasty practicality of which software writers on the Internet have to be mindful. As for being still totally crappy, the problem only came up in discussion about a week ago. Do you expect us to pull a fix out of our behinds and have it magically applied to all existing keyservers in a week? BTW, it's being discussed on the GnuPG-* lists. NO ONE has opened an issue on SKS > > > This is totally unacceptable in my opinion, why do we have such broken > infrastructure that it cannot support a simple lookup like this? I'm sorry, did you mean to attach a patch fixing this to this message? Supply a patch, help test it, and shepherd it into a release, or you're just being part of the problem, IMO. Patches for SKS are accepted at sks-devel at nongnu.org. (subscribe first) SKS source is available from: hg clone https://code.google.com/p/sks-keyserver/ (sub)Keys are indexed on short key ID. This was for historical compatibility with PKSD, as this was the lookup mechanism in place at the time. The patch allowing longer lookup IDs has _just_ been applied to Gnupg's git repository -- it's NOT even in the wild yet and you're screaming about SKS not making the change yet. For most of us, this work we do is an unpaid second job, pay us for support and you can adopt your tone of it it being "Unacceptable IMO". Until then, contribute or, IMNSHO, plug it. You may wish to glance at http://sks-keyservers.net/status/. The frst release that could have this change in it would be 1.1.3. After almost four months, 14 (actually 12 -- two of those are my public facing development machines out of five) out of almost 80 have converted. You may expect to see similar slow adoption rates with this fix (and other things in 1.1.3). -- John P. Clizbe Inet: John (a) GingerBear DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Cowboy Haiku -- Reflections on Rodeo So many Cowboys. / Round Wrangler butts drive me nuts. / Never enough rope. From wk at gnupg.org Fri Jan 6 11:17:54 2012 From: wk at gnupg.org (Werner Koch) Date: Fri, 06 Jan 2012 11:17:54 +0100 Subject: A usability gap in fingerprint rendering and parsing In-Reply-To: (Daniel Farina's message of "Thu, 5 Jan 2012 15:12:22 -0800") References: <4F025EC4.3010003@jeromebaum.com> Message-ID: <87fwft9lt9.fsf@vigenere.g10code.de> On Fri, 6 Jan 2012 00:12, drfarina at acm.org said: > Should that become the default? What's the use of nibbles that cannot No, --with-colons is not for humans. OTOH, humans are not able to properly read and compare 40 digits hex strings without the help of delimiters like spaces. Now, if you want to cut+paste things you need to convert them gpg -er $(echo PASTE-HERE |tr -d ' ') might be a solution. > I also prefer to read the whitespace, but in that case --recipient can > be taught to ignore whitespace when interpreting a stream of We could make this work but you would need to enclose it in quotes. What a bout a new option to display the fingerprint in a consensed format. For example --fpr instead of --with-fingerprint. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From drfarina at acm.org Fri Jan 6 11:25:38 2012 From: drfarina at acm.org (Daniel Farina) Date: Fri, 6 Jan 2012 02:25:38 -0800 Subject: A usability gap in fingerprint rendering and parsing In-Reply-To: <87fwft9lt9.fsf@vigenere.g10code.de> References: <4F025EC4.3010003@jeromebaum.com> <87fwft9lt9.fsf@vigenere.g10code.de> Message-ID: On Fri, Jan 6, 2012 at 2:17 AM, Werner Koch wrote: > On Fri, ?6 Jan 2012 00:12, drfarina at acm.org said: > >> Should that become the default? ?What's the use of nibbles that cannot > > No, --with-colons is not for humans. ?OTOH, humans are not able to > properly read and compare 40 digits hex strings without the help of > delimiters like spaces. ?Now, if you want to cut+paste things you need > to convert them > ? gpg -er $(echo PASTE-HERE |tr -d ' ') > might be a solution. > >> I also prefer to read the whitespace, but in that case --recipient can >> be taught to ignore whitespace when interpreting a stream of > > We could make this work but you would need to enclose it in quotes. > What a bout a new option to display the fingerprint in a consensed > format. ?For example --fpr instead of --with-fingerprint. By quotes, you mean so bash will pass it as one argv? This is actually the very first thing I tried: I think anyone familiar with the command line will immediately see the spaces and quote it, so one passes: gpg -er 'abcd ef12 ...' People are also used to quoting things like URLs, file names, patterns for grep or sed, and so on. So I think that's a totally acceptable thing...in fact, doing it any other way would seem "weird." If that works, it'd be great to avoid any extra options. I also agree that the colon notation is pretty ugly. -- fdr From JPClizbe at tx.rr.com Fri Jan 6 12:36:04 2012 From: JPClizbe at tx.rr.com (John Clizbe) Date: Fri, 06 Jan 2012 05:36:04 -0600 Subject: Short ID Collision In-Reply-To: References: <20111228061341.58bbc849@scorpio> <8706BEE8-CB0F-480E-AA41-4AD9AE60A7BC@jabberwocky.com> <20111228155525.2b8c671b@scorpio> <4EFC223C.70104@enigmail.net> Message-ID: <4F06DCA4.5000306@tx.rr.com> Dan McGee wrote: > > On Thu, Dec 29, 2011 at 2:18 AM, John Clizbe wrote: >> >> Jerry wrote: >>> >>> >>> >>> It would seem, and this is strictly my own opinion, that if the "old >>> >>> pksd" servers are dead then there is no logical reason to continue to >>> >>> support them. Just my 2??. >> >> >> >> If only all software support decisions were that cut and dried. Oh well... >> >> >> >> David Shaw committed patches to the 1.4, 2.0, & 2.1 branches of GnuPG yesterday >> >> afternoon (28-Dec). The change will be in the next release of each branch. > > > > Just discovered keyservers are still totally crappy on this front. > > Check this out when using a subkey ID to try to fetch a key; the > > following is a request produced by GPGME gpgme_get_key() that returns > > no matches (note that this is a subkey ID): > > > > Subkey lookup, broken in first URL: > > http://pgp.mit.edu:11371/pks/lookup?op=index&options=mr&search=0x22AD5874F39D989F&exact=on > > vs. > > http://pgp.mit.edu:11371/pks/lookup?op=index&options=mr&search=0xF39D989F&exact=on > > > > Public key lookup, both work: > > http://pgp.mit.edu:11371/pks/lookup?op=index&options=mr&search=0x6D1A9E70E19DAA50&exact=on > > vs. > > http://pgp.mit.edu:11371/pks/lookup?op=index&options=mr&search=0xE19DAA50&exact=on > > > > This is totally unacceptable in my opinion, why do we have such broken > > infrastructure that it cannot support a simple lookup like this? thread reference: http://lists.gnupg.org/pipermail/gnupg-users/2012-January/043495.html Thanks for the patch, Dan. Tested with short & long key IDs and fpr of my encryption and authentication subkeys on OpenPGP card key 0x435BD034. [Signature key ....: E2B8 43E8 E65E EF41 27AF A222 2313 315C 435B D034 Encryption key....: 8C87 E7D8 63B4 0BA0 CE62 BA8B ABFE 8362 C97A C237 Authentication key: 8841 2F18 79D5 34B8 FA3E CC56 6D59 9CFB B850 79AD] http://keyserver.gingerbear.net:11371/pks/lookup?op=index&options=mr&search=0x8C87E7D863B40BA0CE62BA8BABFE8362C97AC237&exact=on http://keyserver.gingerbear.net:11371/pks/lookup?op=index&options=mr&search=0xABFE8362C97AC237&exact=on http://keyserver.gingerbear.net:11371/pks/lookup?op=index&options=mr&search=0x88412F1879D534B8FA3ECC566D599CFBB85079AD&exact=on http://keyserver.gingerbear.net:11371/pks/lookup?op=index&options=mr&search=0x6D599CFBB85079AD&exact=on Works fine. The patch will be in the next release of SKS and until then the patched source may be pulled from: hg clone https://code.google.com/r/johnclizbe-sks-keyserver/ Thanks again for the patch. -John -- John P. Clizbe Inet: John (a) GingerBear DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Cowboy Haiku -- Reflections on Rodeo So many Cowboys. / Round Wrangler butts drive me nuts. / Never enough rope. From wk at gnupg.org Fri Jan 6 13:41:10 2012 From: wk at gnupg.org (Werner Koch) Date: Fri, 06 Jan 2012 13:41:10 +0100 Subject: A usability gap in fingerprint rendering and parsing In-Reply-To: (Daniel Farina's message of "Fri, 6 Jan 2012 02:25:38 -0800") References: <4F025EC4.3010003@jeromebaum.com> <87fwft9lt9.fsf@vigenere.g10code.de> Message-ID: <87y5tl80m1.fsf@vigenere.g10code.de> On Fri, 6 Jan 2012 11:25, drfarina at acm.org said: > By quotes, you mean so bash will pass it as one argv? This is Yes. > If that works, it'd be great to avoid any extra options. I also agree > that the colon notation is pretty ugly. Just commited the change to master: $ gpg2 -k ' 8061 5870 F5BA D690 3336 86D0 F2AD 85AC 1E42 B367 ' pub 2048D/1E42B367 2007-12-31 [expires: 2018-12-31] uid Werner Koch uid Werner Koch sub 1024D/77F95F95 2011-11-02 sub 2048R/C193565B 2011-11-07 [expires: 2013-12-31] Note that leading and trailing spaces are allowed but the double space in the middle of the fingerprint is required: $ gpg2 -k ' 8061 5870 F5BA D690 3336 86D0 F2AD 85AC 1E42 B367 ' gpg: error reading key: No public key Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From jerome at jeromebaum.com Fri Jan 6 14:18:17 2012 From: jerome at jeromebaum.com (Jerome Baum) Date: Fri, 06 Jan 2012 14:18:17 +0100 Subject: A usability gap in fingerprint rendering and parsing In-Reply-To: <87y5tl80m1.fsf@vigenere.g10code.de> References: <4F025EC4.3010003@jeromebaum.com> <87fwft9lt9.fsf@vigenere.g10code.de> <87y5tl80m1.fsf@vigenere.g10code.de> Message-ID: <4F06F499.7090208@jeromebaum.com> On 2012-01-06 13:41, Werner Koch wrote: > Note that leading and trailing spaces are allowed but the double space > in the middle of the fingerprint is required: > > $ gpg2 -k ' 8061 5870 F5BA D690 3336 86D0 F2AD 85AC 1E42 B367 ' > gpg: error reading key: No public key Is this necessary for a technical reason? I'm just thinking about the scenario where transmits his human-readable fingerprint in a medium that collapses repeated spaces (think e.g. HTML). I know we can say it's their fault (and rightfully so), but I'm just thinking from a usability standpoint, if there is no security benefit and it's not a lot of work to add this, it could be useful. (In fact I think I'd rather see a requirement to not have surrounding whitespace and instead be less sensitive about inner whitespace.) But enough nit-picking, the "complaint to code" time was amazing! :) -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA -- nameserver 217.79.186.148 nameserver 178.63.26.172 http://opennicproject.org/ -- No situation is so dire that panic cannot make it worse. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 878 bytes Desc: OpenPGP digital signature URL: From wk at gnupg.org Fri Jan 6 15:09:17 2012 From: wk at gnupg.org (Werner Koch) Date: Fri, 06 Jan 2012 15:09:17 +0100 Subject: A usability gap in fingerprint rendering and parsing In-Reply-To: <4F06F499.7090208@jeromebaum.com> (Jerome Baum's message of "Fri, 06 Jan 2012 14:18:17 +0100") References: <4F025EC4.3010003@jeromebaum.com> <87fwft9lt9.fsf@vigenere.g10code.de> <87y5tl80m1.fsf@vigenere.g10code.de> <4F06F499.7090208@jeromebaum.com> Message-ID: <8762go9b3m.fsf@vigenere.g10code.de> On Fri, 6 Jan 2012 14:18, jerome at jeromebaum.com said: > Is this necessary for a technical reason? I'm just thinking about the > scenario where transmits his human-readable fingerprint in a medium that > collapses repeated spaces (think e.g. HTML). Hmmm, you have a point here. > (In fact I think I'd rather see a requirement to not have surrounding > whitespace and instead be less sensitive about inner whitespace.) Trimming white space is common practice and used for all kind of user id specifications. Without that you need to be very careful when copying and pasting. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From drfarina at acm.org Fri Jan 6 23:44:04 2012 From: drfarina at acm.org (Daniel Farina) Date: Fri, 6 Jan 2012 14:44:04 -0800 Subject: A usability gap in fingerprint rendering and parsing In-Reply-To: <4F06F499.7090208@jeromebaum.com> References: <4F025EC4.3010003@jeromebaum.com> <87fwft9lt9.fsf@vigenere.g10code.de> <87y5tl80m1.fsf@vigenere.g10code.de> <4F06F499.7090208@jeromebaum.com> Message-ID: On Fri, Jan 6, 2012 at 5:18 AM, Jerome Baum wrote: > Is this necessary for a technical reason? I'm just thinking about the > scenario where transmits his human-readable fingerprint in a medium that > collapses repeated spaces (think e.g. HTML). If there's no security implication (it's hard for me to imagine, but I'm not very imaginative) I think ignoring whitespace in the beginning and middle of the string makes a lot of sense. I could come up with a couple of more fanciful suggestions (for example: requiring at least a single space between nibbles to help users identify input that is truncated by a byte or two in case of a fudged copy-paste), but they're not nearly as large confusion-eliminators. > But enough nit-picking, the "complaint to code" time was amazing! :) I, too, am amazed! -- fdr From Remesh_Chandra at Dell.com Sat Jan 7 01:41:48 2012 From: Remesh_Chandra at Dell.com (Remesh_Chandra at Dell.com) Date: Sat, 7 Jan 2012 00:41:48 +0000 Subject: Encryption with key ID Message-ID: <573AA3C61023ED45AA11CBA16B96445606295D5A@DFWX10HMPTC01.AMER.DELL.COM> We received a public key from one of our vendors, which does not have an email reference. We have imported it to our key ring and it looks like this. pub 1024D/5XXXXX11 2005-08-08 ABC DEF GHI sub 6000g/99999993 2011-01-01 We are used to encrypting by providing the email account reference in the -recipient option. Since this one just has a phrase (ABC DEF GHI), we are unable to do so. The vendor's suggestion is to use their key id (0x5XXXXX11) to do the encryption. Is this possible? If yes, what is the command to do so? Thanks in Advance -------------- next part -------------- An HTML attachment was scrubbed... URL: From mailinglisten at hauke-laging.de Sat Jan 7 03:30:39 2012 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Sat, 7 Jan 2012 03:30:39 +0100 Subject: Encryption with key ID In-Reply-To: <573AA3C61023ED45AA11CBA16B96445606295D5A@DFWX10HMPTC01.AMER.DELL.COM> References: <573AA3C61023ED45AA11CBA16B96445606295D5A@DFWX10HMPTC01.AMER.DELL.COM> Message-ID: <201201070330.44480.mailinglisten@hauke-laging.de> Am Samstag, 7. Januar 2012, 01:41:48 schrieb Remesh_Chandra at dell.com: > pub 1024D/5XXXXX11 2005-08-08 ABC DEF GHI > sub 6000g/99999993 2011-01-01 > > We are used to encrypting by providing the email account reference in the > -recipient option. Since this one just has a phrase (ABC DEF GHI), we are > unable to do so. The vendor's suggestion is to use their key id > (0x5XXXXX11) to do the encryption. Is this possible? If yes, what is the > command to do so? gpg --encrypt --recipient 5XXXXX11 file.txt gpg --encrypt --recipient "ABC DEF GHI" file.txt gpg --encrypt --recipient D44C6A5B71B0427CCED3025CBD7D6D27ECCB5814 file.txt (with the key's fingerprint instead of mine, of course) Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 555 bytes Desc: This is a digitally signed message part. URL: From wk at gnupg.org Sat Jan 7 18:47:47 2012 From: wk at gnupg.org (Werner Koch) Date: Sat, 07 Jan 2012 18:47:47 +0100 Subject: A usability gap in fingerprint rendering and parsing In-Reply-To: (Daniel Farina's message of "Fri, 6 Jan 2012 14:44:04 -0800") References: <4F025EC4.3010003@jeromebaum.com> <87fwft9lt9.fsf@vigenere.g10code.de> <87y5tl80m1.fsf@vigenere.g10code.de> <4F06F499.7090208@jeromebaum.com> Message-ID: <87ipkn76bg.fsf@vigenere.g10code.de> On Fri, 6 Jan 2012 23:44, drfarina at acm.org said: > If there's no security implication (it's hard for me to imagine, but > I'm not very imaginative) I think ignoring whitespace in the beginning > and middle of the string makes a lot of sense. I could come up with a Well, I already did that yesterday. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From dkg at fifthhorseman.net Sun Jan 8 22:56:43 2012 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Sun, 08 Jan 2012 16:56:43 -0500 Subject: Encryption with key ID In-Reply-To: <201201070330.44480.mailinglisten@hauke-laging.de> References: <573AA3C61023ED45AA11CBA16B96445606295D5A@DFWX10HMPTC01.AMER.DELL.COM> <201201070330.44480.mailinglisten@hauke-laging.de> Message-ID: <4F0A111B.9020609@fifthhorseman.net> On 01/06/2012 09:30 PM, Hauke Laging wrote: > Am Samstag, 7. Januar 2012, 01:41:48 schrieb Remesh_Chandra at dell.com: >> pub 1024D/5XXXXX11 2005-08-08 ABC DEF GHI >> sub 6000g/99999993 2011-01-01 >> >> We are used to encrypting by providing the email account reference in the >> -recipient option. Since this one just has a phrase (ABC DEF GHI), we are >> unable to do so. The vendor's suggestion is to use their key id >> (0x5XXXXX11) to do the encryption. Is this possible? If yes, what is the >> command to do so? > > gpg --encrypt --recipient 5XXXXX11 file.txt > gpg --encrypt --recipient "ABC DEF GHI" file.txt > gpg --encrypt --recipient D44C6A5B71B0427CCED3025CBD7D6D27ECCB5814 file.txt > (with the key's fingerprint instead of mine, of course) even better, if you prefix the keyID with 0x gpg will automatically interpret it as such. Read the "HOW TO SPECIFY A USER ID" section in the gpg manpage for more details. Regards, --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1030 bytes Desc: OpenPGP digital signature URL: From Remesh_Chandra at Dell.com Mon Jan 9 19:41:08 2012 From: Remesh_Chandra at Dell.com (Remesh_Chandra at Dell.com) Date: Mon, 9 Jan 2012 18:41:08 +0000 Subject: Encryption with key ID In-Reply-To: <4F0A111B.9020609@fifthhorseman.net> References: <573AA3C61023ED45AA11CBA16B96445606295D5A@DFWX10HMPTC01.AMER.DELL.COM> <201201070330.44480.mailinglisten@hauke-laging.de> <4F0A111B.9020609@fifthhorseman.net> Message-ID: <573AA3C61023ED45AA11CBA16B9644560629AC8B@DFWX10HMPTC01.AMER.DELL.COM> I tried all those options; it generates the below error. gpg: fatal: too many random bits requested; the limit is 4799 secmem usage: 3008/3008 bytes in 5/5 blocks of pool 3200/16384 Any clues? -----Original Message----- From: gnupg-users-bounces at gnupg.org [mailto:gnupg-users-bounces at gnupg.org] On Behalf Of Daniel Kahn Gillmor Sent: Sunday, January 08, 2012 1:57 PM To: gnupg-users at gnupg.org Subject: Re: Encryption with key ID On 01/06/2012 09:30 PM, Hauke Laging wrote: > Am Samstag, 7. Januar 2012, 01:41:48 schrieb Remesh_Chandra at dell.com: >> pub 1024D/5XXXXX11 2005-08-08 ABC DEF GHI sub 6000g/99999993 >> 2011-01-01 >> >> We are used to encrypting by providing the email account reference in >> the -recipient option. Since this one just has a phrase (ABC DEF >> GHI), we are unable to do so. The vendor's suggestion is to use their >> key id >> (0x5XXXXX11) to do the encryption. Is this possible? If yes, what is >> the command to do so? > > gpg --encrypt --recipient 5XXXXX11 file.txt gpg --encrypt --recipient > "ABC DEF GHI" file.txt gpg --encrypt --recipient > D44C6A5B71B0427CCED3025CBD7D6D27ECCB5814 file.txt (with the key's > fingerprint instead of mine, of course) even better, if you prefix the keyID with 0x gpg will automatically interpret it as such. Read the "HOW TO SPECIFY A USER ID" section in the gpg manpage for more details. Regards, --dkg From dkg at fifthhorseman.net Mon Jan 9 23:30:37 2012 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Mon, 09 Jan 2012 17:30:37 -0500 Subject: Encryption with key ID In-Reply-To: <573AA3C61023ED45AA11CBA16B9644560629AC8B@DFWX10HMPTC01.AMER.DELL.COM> References: <573AA3C61023ED45AA11CBA16B96445606295D5A@DFWX10HMPTC01.AMER.DELL.COM> <201201070330.44480.mailinglisten@hauke-laging.de> <4F0A111B.9020609@fifthhorseman.net> <573AA3C61023ED45AA11CBA16B9644560629AC8B@DFWX10HMPTC01.AMER.DELL.COM> Message-ID: <4F0B6A8D.3040002@fifthhorseman.net> On 01/09/2012 01:41 PM, Remesh_Chandra at Dell.com wrote: > I tried all those options; it generates the below error. > > gpg: fatal: too many random bits requested; the limit is 4799 > secmem usage: 3008/3008 bytes in 5/5 blocks of pool 3200/16384 > > Any clues? What operating system are you using? What version of gpg? It looks to me like "the limit is ..." was removed over 10 years ago -- are you using an up-to-date version of gpg? http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=patch;h=0fa9ffe75c210cdc3d0e87744bbac08d1637ac84 --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1030 bytes Desc: OpenPGP digital signature URL: From Remesh_Chandra at Dell.com Mon Jan 9 23:51:31 2012 From: Remesh_Chandra at Dell.com (Remesh_Chandra at Dell.com) Date: Mon, 9 Jan 2012 22:51:31 +0000 Subject: Encryption with key ID In-Reply-To: <4F0B6A8D.3040002@fifthhorseman.net> References: <573AA3C61023ED45AA11CBA16B96445606295D5A@DFWX10HMPTC01.AMER.DELL.COM> <201201070330.44480.mailinglisten@hauke-laging.de> <4F0A111B.9020609@fifthhorseman.net> <573AA3C61023ED45AA11CBA16B9644560629AC8B@DFWX10HMPTC01.AMER.DELL.COM> <4F0B6A8D.3040002@fifthhorseman.net> Message-ID: <573AA3C61023ED45AA11CBA16B9644560629CFB1@DFWX10HMPTC01.AMER.DELL.COM> Windows 2008 GNUPG Version 1.4.9 -----Original Message----- From: Daniel Kahn Gillmor [mailto:dkg at fifthhorseman.net] Sent: Monday, January 09, 2012 2:31 PM To: Chandra, Remesh Cc: gnupg-users at gnupg.org Subject: Re: Encryption with key ID On 01/09/2012 01:41 PM, Remesh_Chandra at Dell.com wrote: > I tried all those options; it generates the below error. > > gpg: fatal: too many random bits requested; the limit is 4799 secmem > usage: 3008/3008 bytes in 5/5 blocks of pool 3200/16384 > > Any clues? What operating system are you using? What version of gpg? It looks to me like "the limit is ..." was removed over 10 years ago -- are you using an up-to-date version of gpg? http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=patch;h=0fa9ffe75c210cdc3d0e87744bbac08d1637ac84 --dkg From bnsmith001 at gmail.com Mon Jan 9 22:55:00 2012 From: bnsmith001 at gmail.com (Barry Smith) Date: Mon, 09 Jan 2012 16:55:00 -0500 Subject: First-time gpg compile - compiling gnupg-1.4.11 for Windows - configure log Message-ID: <4F0B6234.1030007@gmail.com> Environ - Windows 7 (64Bit) SeaMonkey 2.6.1 Enigmail 1.3.4 GnuPG 1.4.9 GPG4Win 2.1.0 GPGShell 3.78 (which is complaining about GPG 1.4.9, but working) Problem -- There is no binary install for gpg1.4.11 or gpg 2.X Goal - I want to build a binary for gpg 1.4.11, and use it from all three tools that I have installed (enigmail,gpg4win,gpgshell). Wrinkle - the only build instructions are written using *nix scripts which do not execute on Windows, so I am picking up new tools and resurrecting aging skills reading build script messages... so be kind while I try to stay kind. :) What I've done so far -- 1) I downloaded and installed MinGW 3.20 with MSYS 1.0. 2) I downloaded and extracted gnupg-1.4.11.tar.bz2 3) I opened MinGW (which put me in the MSYS home directory structure) 4) I ran the configure script. Having some experience on Ubuntu, I wanted to study the configure messages created under MinGW for missing libraries, missing settings, and other missing stuff to compile from a new computer. I attached the configure log file from my execution of configure. My plan is to delete the entire gnupg folder tree, make the changes and additions in MinGW, re-extract and re-config. REQUEST: Please, look, and see if you see any major things wrong, that I should fix, or download (like IDEA?) that should be added to the MinGW environment before trying the config again. -- Barry Smith Secure Computer Services v 980-819-7397 c 704-497-4217 e bnsmith001 at gmail.com w http://bit.ly/l8QJup DUNS 83-099-9384 -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: gpg.configure.log URL: From peter at digitalbrains.com Mon Jan 9 20:27:16 2012 From: peter at digitalbrains.com (Peter Lebbing) Date: Mon, 09 Jan 2012 20:27:16 +0100 Subject: Encryption with key ID In-Reply-To: <573AA3C61023ED45AA11CBA16B9644560629AC8B@DFWX10HMPTC01.AMER.DELL.COM> References: <573AA3C61023ED45AA11CBA16B96445606295D5A@DFWX10HMPTC01.AMER.DELL.COM> <201201070330.44480.mailinglisten@hauke-laging.de> <4F0A111B.9020609@fifthhorseman.net> <573AA3C61023ED45AA11CBA16B9644560629AC8B@DFWX10HMPTC01.AMER.DELL.COM> Message-ID: <4F0B3F94.5090409@digitalbrains.com> Hi, On 09/01/12 19:41, Remesh_Chandra at Dell.com wrote: > I tried all those options; it generates the below error. > > gpg: fatal: too many random bits requested; the limit is 4799 > secmem usage: 3008/3008 bytes in 5/5 blocks of pool 3200/16384 You originally indicated the key was as such: > pub 1024D/5XXXXX11 2005-08-08 ABC DEF GHI > sub 6000g/99999993 2011-01-01 If I read that correctly as an ElGamal encryption subkey with a size of 6000 bits, it might be that GnuPG cannot work with this particular key because it is too large. You could hack the source and compile your own version that does work, but the more logical course of action would be to ask your vendor to create a new key that can normally be used by off-the-shelf OpenPGP implementations. The key is *huge*. >From a more technical standpoint, my limited knowledge of ElGamal tells me that you need ~6000 bits of randomness to encrypt to a key with a 6000-bit prime. GnuPG complains it has a limit set at 4799 bits, so it errors out because it can't generate enough randomness to encrypt the session key. GnuPG offers me the range of 512 to 4096 bits for creation of an ElGamal key. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt From rjh at sixdemonbag.org Tue Jan 10 00:37:16 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 09 Jan 2012 18:37:16 -0500 Subject: First-time gpg compile - compiling gnupg-1.4.11 for Windows - configure log In-Reply-To: <4F0B6234.1030007@gmail.com> References: <4F0B6234.1030007@gmail.com> Message-ID: <4F0B7A2C.4080906@sixdemonbag.org> On 1/9/2012 4:55 PM, Barry Smith wrote: > Problem -- There is no binary install for gpg1.4.11 or gpg 2.X Easiest solution: use the binary installer for GnuPG 1.4.11 available at: ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.4.11.exe From John at enigmail.net Tue Jan 10 01:33:28 2012 From: John at enigmail.net (John Clizbe) Date: Mon, 09 Jan 2012 18:33:28 -0600 Subject: First-time gpg compile - compiling gnupg-1.4.11 for Windows - configure log In-Reply-To: <4F0B6234.1030007@gmail.com> References: <4F0B6234.1030007@gmail.com> Message-ID: <4F0B8758.3080605@enigmail.net> Barry Smith wrote: > Environ - Windows 7 (64Bit) > SeaMonkey 2.6.1 > Enigmail 1.3.4 > GnuPG 1.4.9 > GPG4Win 2.1.0 > GPGShell 3.78 (which is complaining about GPG 1.4.9, > but working) > > Problem -- There is no binary install for gpg1.4.11 or gpg 2.X The binary installer for GnuPG 1.4.11 is available at: ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.4.11.exe The binary installer for GnuPG 2.0.17: http://gpg4win.org/download.html > Goal - I want to build a binary for gpg 1.4.11, and use it from all > three tools > that I have installed (enigmail,gpg4win,gpgshell). There are binary installers available. Do you mean you want to build a 64-bit binary? That is _not_ task for the inexperienced. Use the installer and save yourself the grief. > Wrinkle - the only build instructions are written using *nix scripts > which do > not execute on Windows, so I am picking up new tools and > resurrecting aging skills reading build script messages... > so be kind while I try to stay kind. :) Yes, the canonical supported build environment is to cross-compile from a POSIX (read: *nix) system. On Windows, such an environment may be installed through MSYS/MinGW, Cygwin, SFU, and/or UWin. They each have advantages and disadvantages. > What I've done so far -- > 1) I downloaded and installed MinGW 3.20 with MSYS 1.0. > 2) I downloaded and extracted gnupg-1.4.11.tar.bz2 > 3) I opened MinGW (which put me in the MSYS home directory structure) > 4) I ran the configure script. > Having some experience on Ubuntu, > I wanted to study the configure messages created under MinGW for > missing libraries, missing settings, and other missing stuff to > compile from a new computer. > I attached the configure log file from my execution of configure. > My plan is to delete the entire gnupg folder tree, > make the changes and additions in MinGW, > re-extract and re-config. > > REQUEST: > Please, look, and see if you see any major things wrong, that I should > fix, or download > (like IDEA?) that should be added to the MinGW environment before trying > the config again. http://www.mingw.org/wiki/Getting_Started Please use the mingw-get installer. Not the very outdated monolithic installers The versions you are using are rather old. Do you also plan on building all of the requisite libraries needed by GnuPG? Some are already available from the MinGW project. You're on your own for the others. Unless you are actively communicating with folk using PGP 2.6, you probably do not need IDEA. I don't recommend it, but if you must build GnuPG 1.4.x yourself, see http://clbianco.altervista.org/gnupg/eng/gnupg.html Note: You are just as well off by using the pre-built binary installers for GnuPG 1.1.11 and 2.0.17. The current MinGW toolset still targets a 32-bit architecture. There is a 64-bit MinGW project, but it is a separate endeavor. -- John P. Clizbe Inet: John ( a ) Enigmail DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" From wk at gnupg.org Tue Jan 10 09:08:22 2012 From: wk at gnupg.org (Werner Koch) Date: Tue, 10 Jan 2012 09:08:22 +0100 Subject: Encryption with key ID In-Reply-To: <573AA3C61023ED45AA11CBA16B9644560629CFB1@DFWX10HMPTC01.AMER.DELL.COM> (Remesh Chandra's message of "Mon, 9 Jan 2012 22:51:31 +0000") References: <573AA3C61023ED45AA11CBA16B96445606295D5A@DFWX10HMPTC01.AMER.DELL.COM> <201201070330.44480.mailinglisten@hauke-laging.de> <4F0A111B.9020609@fifthhorseman.net> <573AA3C61023ED45AA11CBA16B9644560629AC8B@DFWX10HMPTC01.AMER.DELL.COM> <4F0B6A8D.3040002@fifthhorseman.net> <573AA3C61023ED45AA11CBA16B9644560629CFB1@DFWX10HMPTC01.AMER.DELL.COM> Message-ID: <87d3as2d55.fsf@vigenere.g10code.de> On Mon, 9 Jan 2012 23:51, Remesh_Chandra at Dell.com said: > Windows 2008 > GNUPG Version 1.4.9 Don't use it. I have no idea on whether the random number generator will work correctly on this new Windows version. Use 2.0.17 which is included in gpg4win.org - the random number generator in that version (of Libgcrypt) is much more modern and thus has a better chance to work correctly on Windows. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From aaron.toponce at gmail.com Tue Jan 10 15:33:12 2012 From: aaron.toponce at gmail.com (Aaron Toponce) Date: Tue, 10 Jan 2012 07:33:12 -0700 Subject: Quieten gpg-agent output? In-Reply-To: <87hb108v9c.fsf@vigenere.g10code.de> References: <87hb108v9c.fsf@vigenere.g10code.de> Message-ID: <20120110143312.GA19727@poseidon.cocyt.us> On Fri, Dec 16, 2011 at 03:07:59PM +0100, Werner Koch wrote: > On Thu, 15 Dec 2011 18:47, lists at chrispoole.com said: > > Is there a better way to get rid of these "errors"? > > Yes, use gpg2. Using gpg and gpg-agent is just a kludge. gpg2 requires > gpg-agent and thus we don't need those messages there anymore. I'm glad this was posted recently, because I'm just not getting bothered by them. I'm using Mutt for my mail, hooked into gpg2 and the gpg-agent. THe agent is running, and the pinentry comes up asking for my passphrase, however, I still see tho following: % gpg2 -qd file.gpg You need a passphrase to unlock the secret key for user: "Aaron Toponce " 1792-bit ELG key, ID E7D41E4B, created 2004-09-18 (main key ID 8086060F) The problem with Mutt, is the fact that when changing folders or accounts, it brefly flashes what is on the terminal "behind" Mutt, and that message appears a lot, seeing as though I'm storing my IMAP and SMTP passwords in an encrypted file, and having Mutt use gpg2 to decrypt them. How can I completely suppress that message? It doesn't appear to be writing to STDOUT (fd 1) or STDERR (fd 2). I guess I should run strace(1) on it, and see what I get. Thought I'd hit the list anyway, for archiving, in case a solution is found, and someone else is searching. -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o . . o o o o . o o o -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 519 bytes Desc: Digital signature URL: From s90 at cdd.com.ua Wed Jan 11 09:48:49 2012 From: s90 at cdd.com.ua (s90) Date: Wed, 11 Jan 2012 10:48:49 +0200 Subject: Mirroring, instructions, links Message-ID: <4F0D4CF1.8010208@cdd.com.ua> Hello, I want to become an official GnuPG mirror in the USA. Can you please direct me to instructions or at least provide rsync url ? Thanks! Maksym Garkavtsev From wk at gnupg.org Wed Jan 11 13:56:58 2012 From: wk at gnupg.org (Werner Koch) Date: Wed, 11 Jan 2012 13:56:58 +0100 Subject: Quieten gpg-agent output? In-Reply-To: <20120110143312.GA19727@poseidon.cocyt.us> (Aaron Toponce's message of "Tue, 10 Jan 2012 07:33:12 -0700") References: <87hb108v9c.fsf@vigenere.g10code.de> <20120110143312.GA19727@poseidon.cocyt.us> Message-ID: <874nw2xuqt.fsf@vigenere.g10code.de> On Tue, 10 Jan 2012 15:33, aaron.toponce at gmail.com said: > The problem with Mutt, is the fact that when changing folders or accounts, > it brefly flashes what is on the terminal "behind" Mutt, and that message > appears a lot, seeing as though I'm storing my IMAP and SMTP passwords in You should use the modern crypto implementaion of mutt. You merely need to add set crypt_use_gpgme to ~/.muttrc. This uses a now also 10 years old mode of mutt which far better integrates crypto than the old command based one. > How can I completely suppress that message? It doesn't appear to be writing > to STDOUT (fd 1) or STDERR (fd 2). I guess I should run strace(1) on it, --no-tty will suppress all TTY output completely. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Wed Jan 11 14:01:44 2012 From: wk at gnupg.org (Werner Koch) Date: Wed, 11 Jan 2012 14:01:44 +0100 Subject: Mirroring, instructions, links In-Reply-To: <4F0D4CF1.8010208@cdd.com.ua> (s90@cdd.com.ua's message of "Wed, 11 Jan 2012 10:48:49 +0200") References: <4F0D4CF1.8010208@cdd.com.ua> Message-ID: <87zkduwfyf.fsf@vigenere.g10code.de> On Wed, 11 Jan 2012 09:48, s90 at cdd.com.ua said: > I want to become an official GnuPG mirror in the USA. Can you please > direct me to instructions or at least provide rsync url ? I think we have enough mirrors meanwhile. GnuPG is a pretty standard tool on all systems and usually comes pre-installed. Further, most requests I have seen in the last year have been from sites who try to boost there page rank by being listed at gnupg.org. However there is something were help is needed: The GnuPG related Gpg4win project has only a few mirrors, and we would like to see more of them. See http://gpg4win.org . Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From aaron.toponce at gmail.com Wed Jan 11 17:27:38 2012 From: aaron.toponce at gmail.com (Aaron Toponce) Date: Wed, 11 Jan 2012 09:27:38 -0700 Subject: Quieten gpg-agent output? In-Reply-To: <874nw2xuqt.fsf@vigenere.g10code.de> References: <87hb108v9c.fsf@vigenere.g10code.de> <20120110143312.GA19727@poseidon.cocyt.us> <874nw2xuqt.fsf@vigenere.g10code.de> Message-ID: <20120111162738.GA3568@poseidon.cocyt.us> On Wed, Jan 11, 2012 at 01:56:58PM +0100, Werner Koch wrote: > You should use the modern crypto implementaion of mutt. You merely need > to add > > set crypt_use_gpgme > > to ~/.muttrc. This uses a now also 10 years old mode of mutt which far > better integrates crypto than the old command based one. How does this differ from "set pgp_use_gpg_agent", if any? > --no-tty > > will suppress all TTY output completely. Perfect. I searched for "STDOUT", "STDERR" and the like in hopes of finding the necessary docs, without reading the full gpg(1) manual. Didn't think of "tty". Thanks. -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o . . o o o o . o o o -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 519 bytes Desc: not available URL: From wk at gnupg.org Wed Jan 11 18:57:26 2012 From: wk at gnupg.org (Werner Koch) Date: Wed, 11 Jan 2012 18:57:26 +0100 Subject: Quieten gpg-agent output? In-Reply-To: <20120111162738.GA3568@poseidon.cocyt.us> (Aaron Toponce's message of "Wed, 11 Jan 2012 09:27:38 -0700") References: <87hb108v9c.fsf@vigenere.g10code.de> <20120110143312.GA19727@poseidon.cocyt.us> <874nw2xuqt.fsf@vigenere.g10code.de> <20120111162738.GA3568@poseidon.cocyt.us> Message-ID: <87fwfmunp5.fsf@vigenere.g10code.de> On Wed, 11 Jan 2012 17:27, aaron.toponce at gmail.com said: > How does this differ from "set pgp_use_gpg_agent", if any? I don't know this. However it has nothing to do with the gpgme mode. The advantage of the gpgme mode is that for example the key selection process is much tighter integrated. There are also a lot of other goodies. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From s90 at cdd.com.ua Thu Jan 12 12:52:38 2012 From: s90 at cdd.com.ua (s90) Date: Thu, 12 Jan 2012 13:52:38 +0200 Subject: Mirroring, instructions, links In-Reply-To: <87zkduwfyf.fsf@vigenere.g10code.de> References: <4F0D4CF1.8010208@cdd.com.ua> <87zkduwfyf.fsf@vigenere.g10code.de> Message-ID: <4F0EC986.3000309@cdd.com.ua> Hello, I'd love to help but can not see the instructions on gpg4win.org about mirror creation. Can you please send me rsync url Regards, Maksym Garkavtsev On 01/11/2012 03:01 PM, Werner Koch wrote: > On Wed, 11 Jan 2012 09:48, s90 at cdd.com.ua said: > >> I want to become an official GnuPG mirror in the USA. Can you please >> direct me to instructions or at least provide rsync url ? > I think we have enough mirrors meanwhile. GnuPG is a pretty standard > tool on all systems and usually comes pre-installed. Further, most > requests I have seen in the last year have been from sites who try to > boost there page rank by being listed at gnupg.org. > > However there is something were help is needed: The GnuPG related > Gpg4win project has only a few mirrors, and we would like to see more of > them. See http://gpg4win.org . > > > Salam-Shalom, > > Werner > From gnupg at lists.grepular.com Sat Jan 14 19:39:16 2012 From: gnupg at lists.grepular.com (gnupg at lists.grepular.com) Date: Sat, 14 Jan 2012 18:39:16 +0000 Subject: ssh and gnupg Message-ID: <4F11CBD4.4050708@lists.grepular.com> Is there a simple howto for getting ssh authentication working with GnuPG v2? I've used gpgkey2ssh to get the public key and added it to authorized_keys, but I don't know what I'm supposed to do on the ssh client end? gpg-agent is running with --enable-ssh-support -- Mike Cardwell https://grepular.com/ http://cardwellit.com/ OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 598 bytes Desc: OpenPGP digital signature URL: From gnupg at lists.grepular.com Sat Jan 14 20:40:19 2012 From: gnupg at lists.grepular.com (gnupg at lists.grepular.com) Date: Sat, 14 Jan 2012 19:40:19 +0000 Subject: ssh and gnupg In-Reply-To: <4F11CBD4.4050708@lists.grepular.com> References: <4F11CBD4.4050708@lists.grepular.com> Message-ID: <4F11DA23.20107@lists.grepular.com> On 14/01/12 18:39, gnupg at lists.grepular.com wrote: > Is there a simple howto for getting ssh authentication working with > GnuPG v2? I've used gpgkey2ssh to get the public key and added it to > authorized_keys, but I don't know what I'm supposed to do on the ssh > client end? gpg-agent is running with --enable-ssh-support Figured out my problem. SSH_AUTH_KEY environment variable was being overwritten. On Ubuntu I went to: System -> Preferences -> Startup Applications Found "SSH Key Agent" which runs the command "/usr/bin/gnome-keyring-daemon --start --components=ssh" and then disabled it. Logged out and back in again, and SSH_AUTH_KEY was set correctly, and "ssh-add -L" started to show my authentication key on the smartcard. ssh works fine now. -- Mike Cardwell https://grepular.com/ http://cardwellit.com/ OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 598 bytes Desc: OpenPGP digital signature URL: From ludovic at hirlimann.net Mon Jan 16 14:57:34 2012 From: ludovic at hirlimann.net (Ludovic Hirlimann) Date: Mon, 16 Jan 2012 14:57:34 +0100 Subject: Best Way to announce a Key Party Message-ID: <4F142CCE.9020306@hirlimann.net> Hi all, I'm trying to get as much possible people to a key party i'll organize in 3 weeks. What are my best options , besides contacting local users via biglumber, posting to upcoming.org and contacting the local LUG (Area I'm targetting in Toronto CA) ? Ludo -- Mes Photos : http://www.flickr.com/photos/lhirlimann/collections/ @lhirlimann sur twitter -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 291 bytes Desc: OpenPGP digital signature URL: From aaron.toponce at gmail.com Mon Jan 16 16:45:22 2012 From: aaron.toponce at gmail.com (Aaron Toponce) Date: Mon, 16 Jan 2012 08:45:22 -0700 Subject: Best Way to announce a Key Party In-Reply-To: <4F142CCE.9020306@hirlimann.net> References: <4F142CCE.9020306@hirlimann.net> Message-ID: <20120116154521.GC15858@poseidon.cocyt.us> On Mon, Jan 16, 2012 at 02:57:34PM +0100, Ludovic Hirlimann wrote: > I'm trying to get as much possible people to a key party i'll organize > in 3 weeks. What are my best options , besides contacting local users > via biglumber, posting to upcoming.org and contacting the local LUG > (Area I'm targetting in Toronto CA) ? That's really about it. Hitting up the local LUG mailing lists will get you the most marketing penetration, seeing as though OpenPGP practices just aren't ubiquitous outside of the Free Software world. If you have a blog, posting there might help, especially if it's on a planet that many pay attention to. You might be able to go to the local colleges and universities, and hang up fliers in the Computer Science, Mathematics and other technical college halls. But really, your largest interest is going to come from LUG mailing lists. -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o . . o o o o . o o o -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 519 bytes Desc: not available URL: From remco at webconquest.com Mon Jan 16 17:08:35 2012 From: remco at webconquest.com (Remco Rijnders) Date: Mon, 16 Jan 2012 17:08:35 +0100 Subject: Best Way to announce a Key Party In-Reply-To: <4F142CCE.9020306@hirlimann.net> References: <4F142CCE.9020306@hirlimann.net> Message-ID: On Mon, Jan 16, 2012 at 02:57:34PM +0100, Ludovic wrote in <4F142CCE.9020306 at hirlimann.net>: >Hi all, > >I'm trying to get as much possible people to a key party i'll organize >in 3 weeks. What are my best options , besides contacting local users >via biglumber, posting to upcoming.org and contacting the local LUG >(Area I'm targetting in Toronto CA) ? Stay closer to home (The Hague area :-) and I'll come, haha! -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 836 bytes Desc: Digital signature URL: From gnupg at lists.grepular.com Mon Jan 16 19:56:26 2012 From: gnupg at lists.grepular.com (gnupg at lists.grepular.com) Date: Mon, 16 Jan 2012 18:56:26 +0000 Subject: G83-6744 keyboard + smart-card reader Message-ID: <4F1472DA.6040804@lists.grepular.com> I'm thinking of buying one of these keyboards with a built in smart card reader: http://www.cherrycorp.com/english/keyboards/Security/Smart_Card_Keyboards/index.htm Which I understand is supported by GnuPG as per: http://www.gnupg.org/howtos/card-howto/en/smartcard-howto-single.html However, the place I'm planning on purchasing from: https://www.keyboardspecialists.co.uk/Shop/KBS/Product/2873/G83-6744/CherryG83-6744SmartBoard.aspx Has two different models: G83-6744LUAGB-2 G83-6744LUZGB-2 And no explanation as to the difference. I've tried to contact their support but haven't heared back yet. Does anyone have any experience of this keyboard? Does anyone know what the slightly differing model numbers mean? Am I right in assuming that they will *both* work fine with GnuPG? -- Mike Cardwell https://grepular.com/ http://cardwellit.com/ OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 598 bytes Desc: OpenPGP digital signature URL: From tux.tsndcb at free.fr Mon Jan 16 20:10:02 2012 From: tux.tsndcb at free.fr (tux.tsndcb at free.fr) Date: Mon, 16 Jan 2012 20:10:02 +0100 (CET) Subject: G83-6744 keyboard + smart-card reader In-Reply-To: <4F1472DA.6040804@lists.grepular.com> Message-ID: <3a305158-4664-440e-a436-ae7941c0c19f@zimbra33-e6.priv.proxad.net> Hello, I can tell you for G83-6744 but gnupg2 work fine with G83-14601, card reader is same. Best Regards ----- Mail original ----- De: gnupg at lists.grepular.com ?: gnupg-users at gnupg.org Envoy?: Lundi 16 Janvier 2012 19:56:26 Objet: G83-6744 keyboard + smart-card reader I'm thinking of buying one of these keyboards with a built in smart card reader: http://www.cherrycorp.com/english/keyboards/Security/Smart_Card_Keyboards/index.htm Which I understand is supported by GnuPG as per: http://www.gnupg.org/howtos/card-howto/en/smartcard-howto-single.html However, the place I'm planning on purchasing from: https://www.keyboardspecialists.co.uk/Shop/KBS/Product/2873/G83-6744/CherryG83-6744SmartBoard.aspx Has two different models: G83-6744LUAGB-2 G83-6744LUZGB-2 And no explanation as to the difference. I've tried to contact their support but haven't heared back yet. Does anyone have any experience of this keyboard? Does anyone know what the slightly differing model numbers mean? Am I right in assuming that they will *both* work fine with GnuPG? -- Mike Cardwell https://grepular.com/ http://cardwellit.com/ OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4 _______________________________________________ Gnupg-users mailing list Gnupg-users at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users From pneukom at gmail.com Mon Jan 16 21:26:59 2012 From: pneukom at gmail.com (Philip Neukom) Date: Mon, 16 Jan 2012 15:26:59 -0500 Subject: Best Way to announce a Key Party In-Reply-To: References: Message-ID: <4F148813.1070808@gmail.com> You might also try to add an announcement in the Toronto Area Security Klatch (TASK) group in LinkedIN. On 16.01.2012 14:07 , gnupg-users-request at gnupg.org wrote: On Mon, Jan 16, 2012 at 02:57:34PM +0100, Ludovic Hirlimann wrote: > I'm trying to get as much possible people to a key party i'll organize > in 3 weeks. What are my best options , besides contacting local users > via biglumber, posting to upcoming.org and contacting the local LUG > (Area I'm targetting in Toronto CA) ? That's really about it. Hitting up the local LUG mailing lists will get you the most marketing penetration, seeing as though OpenPGP practices just aren't ubiquitous outside of the Free Software world. If you have a blog, posting there might help, especially if it's on a planet that many pay attention to. You might be able to go to the local colleges and universities, and hang up fliers in the Computer Science, Mathematics and other technical college halls. But really, your largest interest is going to come from LUG mailing lists. From fladerer at fnb.tu-darmstadt.de Mon Jan 16 21:30:19 2012 From: fladerer at fnb.tu-darmstadt.de (Michael Fladerer) Date: Mon, 16 Jan 2012 21:30:19 +0100 Subject: G83-6744 keyboard + smart-card reader In-Reply-To: <4F1472DA.6040804@lists.grepular.com> References: <4F1472DA.6040804@lists.grepular.com> Message-ID: <20120116203019.GD32086@fnb.tu-darmstadt.de> On Mon Jan 16, 2012 at 18:56:26 +0000, gnupg at lists.grepular.com wrote: > I'm thinking of buying one of these keyboards with a built in smart card > reader: > > http://www.cherrycorp.com/english/keyboards/Security/Smart_Card_Keyboards/index.htm > > Which I understand is supported by GnuPG as per: > > http://www.gnupg.org/howtos/card-howto/en/smartcard-howto-single.html > > However, the place I'm planning on purchasing from: > > https://www.keyboardspecialists.co.uk/Shop/KBS/Product/2873/G83-6744/CherryG83-6744SmartBoard.aspx > > Has two different models: > > G83-6744LUAGB-2 > G83-6744LUZGB-2 > > And no explanation as to the difference. I've tried to contact their > support but haven't heared back yet. Does anyone have any experience of > this keyboard? Does anyone know what the slightly differing model > numbers mean? Am I right in assuming that they will *both* work fine > with GnuPG? > Looks to me like the only difference between both models is in their certifications. Maybe you want to take a look at the product page[1], where the following information is given in the models listing: G83-6744LUAGB-2 -> EMV 2000 Level 1 G83-6744LUZGB-2 -> EMV 2000 Level 1, Common Criteria EAL 3+ HTH. Cheers, Michael [1] http://www.cherry.de/cid/b2b_keyboards_SmartBoard_G83-6744.htm? -- --------------------------------------------------------------------- Michael Fladerer --------------------------------------------------------------------- GPG Key-ID: EE61F443 Key fingerprint: A56F FE73 5FCC 4FF1 2E72 360E ACE6 1874 EE61 F443 --------------------------------------------------------------------- From wk at gnupg.org Tue Jan 17 11:09:42 2012 From: wk at gnupg.org (Werner Koch) Date: Tue, 17 Jan 2012 11:09:42 +0100 Subject: G83-6744 keyboard + smart-card reader In-Reply-To: <4F1472DA.6040804@lists.grepular.com> (gnupg@lists.grepular.com's message of "Mon, 16 Jan 2012 18:56:26 +0000") References: <4F1472DA.6040804@lists.grepular.com> Message-ID: <87wr8qprmh.fsf@vigenere.g10code.de> On Mon, 16 Jan 2012 19:56, gnupg at lists.grepular.com said: > I'm thinking of buying one of these keyboards with a built in smart card > reader: > > http://www.cherrycorp.com/english/keyboards/Security/Smart_Card_Keyboards/index.htm Cherry once sent me a sample and helped me to make the keypad work. That was good at that time. However the keyboards are Omnikey based and thus they won't work with the v2 cards (or any other 2048 bit card) on non-Windows platforms. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From gnupg at lists.grepular.com Tue Jan 17 11:17:54 2012 From: gnupg at lists.grepular.com (gnupg at lists.grepular.com) Date: Tue, 17 Jan 2012 10:17:54 +0000 Subject: G83-6744 keyboard + smart-card reader In-Reply-To: <87wr8qprmh.fsf@vigenere.g10code.de> References: <4F1472DA.6040804@lists.grepular.com> <87wr8qprmh.fsf@vigenere.g10code.de> Message-ID: <4F154AD2.4070501@lists.grepular.com> On 17/01/12 10:09, Werner Koch wrote: >> I'm thinking of buying one of these keyboards with a built in smart card >> reader: >> >> http://www.cherrycorp.com/english/keyboards/Security/Smart_Card_Keyboards/index.htm > > Cherry once sent me a sample and helped me to make the keypad work. > That was good at that time. However the keyboards are Omnikey based and > thus they won't work with the v2 cards (or any other 2048 bit card) on > non-Windows platforms. Is there a keyboard with a built in SmartCard reader which *does* work under Linux with v2 cards? -- Mike Cardwell https://grepular.com/ http://cardwellit.com/ OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 598 bytes Desc: OpenPGP digital signature URL: From wk at gnupg.org Wed Jan 18 14:32:09 2012 From: wk at gnupg.org (Werner Koch) Date: Wed, 18 Jan 2012 14:32:09 +0100 Subject: GnuPG 1.4 for Windows Message-ID: <87haztm90m.fsf@vigenere.g10code.de> An embedded message was scrubbed... From: Werner Koch Subject: GnuPG 1.4 for Windows Date: Tue, 17 Jan 2012 11:39:03 +0100 Size: 3194 URL: -------------- next part -------------- -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From dougb at dougbarton.us Wed Jan 18 20:02:50 2012 From: dougb at dougbarton.us (Doug Barton) Date: Wed, 18 Jan 2012 11:02:50 -0800 Subject: GnuPG 1.4 for Windows In-Reply-To: <87haztm90m.fsf@vigenere.g10code.de> References: <87haztm90m.fsf@vigenere.g10code.de> Message-ID: <4F17175A.6060909@dougbarton.us> I think a beta installer would be a good idea. I'll be glad to test it on 32 bit Windows XP and 64 bit Windows 7. Beyond just normal operations if you want to publish some regression tests I'll be glad to run those too. :) Doug -- It's always a long day; 86400 doesn't fit into a short. Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ From cwal989 at comcast.net Wed Jan 18 22:17:52 2012 From: cwal989 at comcast.net (Christopher J. Walters) Date: Wed, 18 Jan 2012 16:17:52 -0500 Subject: GnuPG 1.4 for Windows In-Reply-To: <4F17175A.6060909@dougbarton.us> References: <87haztm90m.fsf@vigenere.g10code.de> <4F17175A.6060909@dougbarton.us> Message-ID: <4F173700.2050508@comcast.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 1/18/2012 02:02 PM, Doug Barton wrote: > I think a beta installer would be a good idea. I'll be glad to test it on > 32 bit Windows XP and 64 bit Windows 7. Beyond just normal operations if > you want to publish some regression tests I'll be glad to run those too. > :) I'd be happy to test it on 64 bit Windows 7, as well. > > Doug > > -- > > It's always a long day; 86400 doesn't fit into a short. It will if you divide by 10 or 100... Besides, you only need 3 bytes for that number - a short and a half, if you will... -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJPFzb8AAoJEJ6vdel2qM1cm48P/2t0fh9MdE7AkbyA9oZjDKOz ivVkqAm1alWOvNdv4jlknqZ3dOmt0+XL/WNpjUhLLN2TGeea3HhuWoTtk4kV4IKl PtXJYXWWMLX+ylAwVPL+SbK3ssJ21ScTYIJAkJoMhyvfbZW/q6AAdCe7d3Rshoc6 xWpFDLM9LnnmoU/pyIbOE+ToWo0zD+e3Q/f9zZo6UVv2iJIvebvUn4jg4iQDKnGa ColXUAlgz5hrgbFJpCfFv8H7xgPiUP9dcRVORnqNOPq0PZ15HYk46TH8ww9K6/ig 3yR22D9IvsoCgYcrROm3ycJhEaDMsUeL0uycfCA/wxJuWx0AWI8B1sHwYNqMj4OT kj25WilUbG8tOpKHd6Ac5psNIhLILUmyHFifaisgvgnHHsAS3AvqUwT4DArChfCB DwpdgG/iXKdw/Ok7sJdqfkj2E206s6o9/Le+U4oyMe3qXPmckHdfjzBlHzG/FjSZ sv6yuHD7H4Lp5+SdepJZeHHyWEp8YcyKIE90q522Tjd+rvTAah11mQ4EQUVIUH2Y 4S14MlV0LgYuIxvywBxraM+CQIQ5Uew8pE6NhnK9nxeRpTKLYVvmw4STdvecV3W0 tL8e727m/KoaS4O7sUdbrVzxxFfPhKFUIy2b8OQSW+3v4ocyLFzfYi5P5OGM1P9y C1oQXZCyMRMbYQCbd+Ja =UBkw -----END PGP SIGNATURE----- --- avast! Antivirus: Outbound message clean. Virus Database (VPS): 120118-0, 01/18/2012 Tested on: 1/18/2012 4:17:52 PM avast! - copyright (c) 1988-2012 AVAST Software. http://www.avast.com From benchoff at bev.net Thu Jan 19 02:38:37 2012 From: benchoff at bev.net (Phil Benchoff) Date: Wed, 18 Jan 2012 20:38:37 -0500 Subject: Protecting IDs at a key signing party In-Reply-To: <87y67ysxb9.fsf@gnupg.org> References: <201012081420.14986.hankivy@hot.rr.com> <4CFFFE7A.6010704@sixdemonbag.org> <201012082335.11639.mailinglisten@hauke-laging.de> <87y67ysxb9.fsf@gnupg.org> Message-ID: <20120119013837.GC23672@groupw.cns.vt.edu> On Thu, Dec 09, 2010 at 05:52:42PM +0100, Werner Koch wrote: > On Wed, 8 Dec 2010 23:35, mailinglisten at hauke-laging.de said: > > > aren't any IETF notations yet. I suggest a standard for at least these pieces > > of information: > > > > - key owner has been personally known for x years > > - frequent contact with the key owner for x years > [many more] > > It is very unlikely that OpenPGP will ever adopt such standards. There > is an unspoken policy that we don't define policies but merely provide a > framework so others can implement something on top of it. If we would > start to adopt any such policies we would soon end up in the X.509 mud. > The signature classes 0x10 to 0x13 are for a reason not very strictly > defined. > > > Shalom-Salam, > > Werner There is a way for you to put your own signing policy URL in the signature. If you want something more formal, you could join a particular web of trust with a well-defined policy, e.g. Gossamer Spider Web of Trust http://www.gswot.org/. (I don't know much about them.) Your specific items might provide a good start for a standard to document these policies. I think it is particularly important to keep these policies de-coupled from the OpenPGP standard though. I think a lot about what signature classes are appropriate for what situations and similar pedantry, but the current state of practice needs help at a more fundamental level. I just attended my first key-signing party. The participants likely have an above-average technical skill set. Of the 16 signatures I've received so far, all are at the default level. Five signers delivered my signed keys in encrypted form to the individual UIDs. The rest just uploaded them to a keyserver. I can't be critical of anyone who did that. It seems to be the most common practice. We are very lucky to have an open standard (OpenPGP) and a free/open-source implementation (GnuPG) to work with. The really hard problems are trying to get people to use them correctly. Phil From lists at meumonus.com Thu Jan 19 03:49:13 2012 From: lists at meumonus.com (Devin Fisher) Date: Thu, 19 Jan 2012 02:49:13 +0000 Subject: GnuPG 1.4 for Windows Message-ID: <1640370743-1326941354-cardhu_decombobulator_blackberry.rim.net-1226814353-@b3.c27.bise6.blackberry> Thirded ------Original Message------ From: Doug Barton Sender: gnupg-users-bounces at gnupg.org To: gnupg-users at gnupg.org Subject: Re: GnuPG 1.4 for Windows Sent: Jan 18, 2012 11:02 I think a beta installer would be a good idea. I'll be glad to test it on 32 bit Windows XP and 64 bit Windows 7. Beyond just normal operations if you want to publish some regression tests I'll be glad to run those too. :) Doug -- It's always a long day; 86400 doesn't fit into a short. Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ _______________________________________________ Gnupg-users mailing list Gnupg-users at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users From wk at gnupg.org Thu Jan 19 11:45:08 2012 From: wk at gnupg.org (Werner Koch) Date: Thu, 19 Jan 2012 11:45:08 +0100 Subject: GnuPG 1.4 for Windows In-Reply-To: <1640370743-1326941354-cardhu_decombobulator_blackberry.rim.net-1226814353-@b3.c27.bise6.blackberry> (Devin Fisher's message of "Thu, 19 Jan 2012 02:49:13 +0000") References: <1640370743-1326941354-cardhu_decombobulator_blackberry.rim.net-1226814353-@b3.c27.bise6.blackberry> Message-ID: <87boq0j7ij.fsf@vigenere.g10code.de> On Thu, 19 Jan 2012 03:49, lists at meumonus.com said: > Thirded Thanks, I will do one in the next days. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Thu Jan 19 11:47:20 2012 From: wk at gnupg.org (Werner Koch) Date: Thu, 19 Jan 2012 11:47:20 +0100 Subject: GnuPG 1.4 for Windows In-Reply-To: <4F17175A.6060909@dougbarton.us> (Doug Barton's message of "Wed, 18 Jan 2012 11:02:50 -0800") References: <87haztm90m.fsf@vigenere.g10code.de> <4F17175A.6060909@dougbarton.us> Message-ID: <877h0oj7ev.fsf@vigenere.g10code.de> On Wed, 18 Jan 2012 20:02, dougb at dougbarton.us said: > I think a beta installer would be a good idea. I'll be glad to test it > on 32 bit Windows XP and 64 bit Windows 7. Beyond just normal operations > if you want to publish some regression tests I'll be glad to run those > too. :) I don't think that is needed. In fact we don't have working regression tests for Windows. The most important things to test are keyserver access and other standard usages. And well, large files > 4GB and close to 4GB. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From lists at chrispoole.com Fri Jan 20 21:15:29 2012 From: lists at chrispoole.com (Chris Poole) Date: Fri, 20 Jan 2012 20:15:29 +0000 Subject: 1024 key with 2048 subkey: how affected? Message-ID: Hi, I created a gpg keypair a while ago, when the default was still 1024D. This has a 4096g encryption subkey, and a 2048D signing subkey. Since it's now recommended (to my knowledge) to use 2048-bit keys and above, how does having a 1024-bit keypair affect me? The encryption and signing is still being done by the subkeys, so is it simply that they're signed by the parent 1024-bit key, and this key is easier to fake? Thanks, Chris Poole From expires2012 at rocketmail.com Sat Jan 21 14:58:39 2012 From: expires2012 at rocketmail.com (MFPA) Date: Sat, 21 Jan 2012 13:58:39 +0000 Subject: Protecting IDs at a key signing party In-Reply-To: <20120119013837.GC23672@groupw.cns.vt.edu> References: <201012081420.14986.hankivy@hot.rr.com> <4CFFFE7A.6010704@sixdemonbag.org> <201012082335.11639.mailinglisten@hauke-laging.de> <87y67ysxb9.fsf@gnupg.org> <20120119013837.GC23672@groupw.cns.vt.edu> Message-ID: <299056246.20120121135839@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Thursday 19 January 2012 at 1:38:37 AM, in , Phil Benchoff wrote: > I think a lot about what signature classes are > appropriate for what situations and similar pedantry, > but the current state of practice needs help at a more > fundamental level. I just attended my first > key-signing party. The participants likely have an > above-average technical skill set. Of the 16 > signatures I've received so far, all are at the default > level. Five signers delivered my signed keys in > encrypted form to the individual UIDs. The rest just > uploaded them to a keyserver. I can't be critical of > anyone who did that. It seems to be the most common > practice. I *am* pretty critical of that. Those 11 people have denied you the opportunity to see exactly what they are adding to your key before publishing it. (That may generally be seen as trivial, but it matters to me.) More importantly, they are signing UIDs that may well contain email addresses, without actually verifying that you "control" those email addresses. - -- Best regards MFPA mailto:expires2012 at rocketmail.com However beautiful the strategy, you should occasionally look at the results. -----BEGIN PGP SIGNATURE----- iQCVAwUBTxrElaipC46tDG5pAQr9XQP/bgSvw1RIUvgf/asdQTe3DJYoXtvXyqmO VuVPG2ZmJyseJwvw+QNYO+lw+TLbxUoUAaJpTqiP4CtV/k4IMtOKwRRsBLZDGIgD Vj+cd9bGapfx6vOLzegaMKpDSRdaJ4TCBAlVoQSYeLruxIbnuEb/PZ1ITtC3gKLr z8G8mzbao2A= =wbE5 -----END PGP SIGNATURE----- From jerome at jeromebaum.com Sat Jan 21 15:07:35 2012 From: jerome at jeromebaum.com (Jerome Baum) Date: Sat, 21 Jan 2012 15:07:35 +0100 Subject: Protecting IDs at a key signing party In-Reply-To: <299056246.20120121135839@my_localhost> References: <201012081420.14986.hankivy@hot.rr.com> <4CFFFE7A.6010704@sixdemonbag.org> <201012082335.11639.mailinglisten@hauke-laging.de> <87y67ysxb9.fsf@gnupg.org> <20120119013837.GC23672@groupw.cns.vt.edu> <299056246.20120121135839@my_localhost> Message-ID: <4F1AC6A7.8080108@jeromebaum.com> On 2012-01-21 14:58, MFPA wrote: > More importantly, they are signing UIDs that may well contain email > addresses, without actually verifying that you "control" those email > addresses. Rather, that you "can read an email which they sent that was addressed to that" email address. But I do agree it should be the key owner's decision where that signature is uploaded. -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA -- nameserver 217.79.186.148 nameserver 178.63.26.172 http://opennicproject.org/ -- No situation is so dire that panic cannot make it worse. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 878 bytes Desc: OpenPGP digital signature URL: From mailinglisten at hauke-laging.de Sat Jan 21 16:41:29 2012 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Sat, 21 Jan 2012 16:41:29 +0100 Subject: 1024 key with 2048 subkey: how affected? In-Reply-To: References: Message-ID: <201201211641.30596.mailinglisten@hauke-laging.de> Am Freitag, 20. Januar 2012, 21:15:29 schrieb Chris Poole: > The encryption and signing is still being done by the subkeys, so is > it simply that they're signed by the parent 1024-bit key, and this key > is easier to fake? Yes. If the main key is compromised then a) certifications for other keys can be forged (of course, anyone being attacked by that could see that the key whose certification he is going to rely on is that short) b) new subkeys for that key can be created If the attacker is capable of a man-in-the-middle attack then he can send the compromised key when the attacked person makes a keyserver update. This way noone would notice the manipulation (not even the key owner when checking what's on the keyservers). Afterwards data would be encrypted to the wrong key and signatures by the attackers subkey would be accepted. Another attack szenario is that the whole key can be revoked when you need it. People do not send you important, urgent information because they do not have a valid key to encrypt to. Or you have to sign something in time but do not have a key which is accepted be the recipient. Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 555 bytes Desc: This is a digitally signed message part. URL: From aaron.toponce at gmail.com Sat Jan 21 19:12:15 2012 From: aaron.toponce at gmail.com (Aaron Toponce) Date: Sat, 21 Jan 2012 11:12:15 -0700 Subject: Using root CAs as a trusted 3rd party Message-ID: <20120121181214.GS11479@poseidon.cocyt.us> I just signed an OpenPGP key with cert level 0x12 (casual checking) given the following scenario: * A PGP key was signed by an SSL certificate that was signed by a root CA * I verified that the signature was indeed from that root CA. * I striped the signature, and imported the PGP key. * I then signed the key, exported, and sent back. What are your thoughts on using root CAs as a trusted 3rd party for trusting that a key is owned by whom it claims? Of course, this is merely for casual checking, but it seems to be "good enough". Thoughts? -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o . . o o o o . o o o -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 519 bytes Desc: not available URL: From harningt at gmail.com Sat Jan 21 20:47:25 2012 From: harningt at gmail.com (Thomas Harning Jr.) Date: Sat, 21 Jan 2012 14:47:25 -0500 Subject: Using root CAs as a trusted 3rd party In-Reply-To: <20120121181214.GS11479@poseidon.cocyt.us> References: <20120121181214.GS11479@poseidon.cocyt.us> Message-ID: On Jan 21, 2012 1:13 PM, "Aaron Toponce" wrote: > > I just signed an OpenPGP key with cert level 0x12 (casual checking) given > the following scenario: > > * A PGP key was signed by an SSL certificate that was signed by a root > CA > * I verified that the signature was indeed from that root CA. > * I striped the signature, and imported the PGP key. > * I then signed the key, exported, and sent back. > > What are your thoughts on using root CAs as a trusted 3rd party for > trusting that a key is owned by whom it claims? Of course, this is merely > for casual checking, but it seems to be "good enough". > That process seems pretty reasonable, assuming the CA is reputable. Even better if you keep track of the SSL cert to keep track of breaches and the like. It seems akin to the PayPal 3rd party auth, just a different source. I may add this idea to my key signing policy... perhaps adding a flag in the policy URL like the version flag I have. -------------- next part -------------- An HTML attachment was scrubbed... URL: From rjh at sixdemonbag.org Sat Jan 21 23:01:51 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sat, 21 Jan 2012 17:01:51 -0500 Subject: Protecting IDs at a key signing party In-Reply-To: <299056246.20120121135839@my_localhost> References: <201012081420.14986.hankivy@hot.rr.com> <4CFFFE7A.6010704@sixdemonbag.org> <201012082335.11639.mailinglisten@hauke-laging.de> <87y67ysxb9.fsf@gnupg.org> <20120119013837.GC23672@groupw.cns.vt.edu> <299056246.20120121135839@my_localhost> Message-ID: <4F1B35CF.1000008@sixdemonbag.org> On 1/21/2012 8:58 AM, MFPA wrote: > Those 11 people have denied you the opportunity to see exactly what > they are adding to your key before publishing it. (That may generally > be seen as trivial, but it matters to me.) It's less than trivial: it's a complete nonissue. If they want to mess with you, they don't need your permission. As is, you've explicitly asked them, "would you please sign certificate 0xDEADBEEF, fingerprint so-and-so, here's my credentials." Then they're signing it with *their* certificate, backed up by credentials that you yourself checked. How is this a problem? You've been making hay out of this for years and I've yet to see any realistic example of this being a problem. Please present one. > More importantly, they are signing UIDs that may well contain email > addresses, without actually verifying that you "control" those email > addresses. Likewise, regarding making hay and a complete lack of realistic examples. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 187 bytes Desc: OpenPGP digital signature URL: From telegraph at gmx.net Sat Jan 21 22:50:11 2012 From: telegraph at gmx.net (Gregor Zattler) Date: Sat, 21 Jan 2012 22:50:11 +0100 Subject: Using root CAs as a trusted 3rd party In-Reply-To: <20120121181214.GS11479@poseidon.cocyt.us> References: <20120121181214.GS11479@poseidon.cocyt.us> Message-ID: <20120121215011.GC12880@shi.workgroup> Hi Aaron, gnupg users, * Aaron Toponce [21. Jan. 2012]: > I just signed an OpenPGP key with cert level 0x12 (casual checking) given > the following scenario: > > * A PGP key was signed by an SSL certificate that was signed by a root > CA > * I verified that the signature was indeed from that root CA. > * I striped the signature, and imported the PGP key. > * I then signed the key, exported, and sent back. > > What are your thoughts on using root CAs as a trusted 3rd party for > trusting that a key is owned by whom it claims? Of course, this is merely > for casual checking, but it seems to be "good enough". IMHO by signing a key you make a statement about the connection between a person or owner and the user id you sign, saying "I somehow convinced myself that user owns this key". This only makes sense if you have some insight into the matter that a person which is confronted with the key only cannot have. Your signature should add some information. Merely saying I'm convinced that the user is the owner/originator of the key because someone else already signed this key, does not make much sense to me. I think you should have added a notation explaining you reasoning. Ciao, Gregor -- -... --- .-. . -.. ..--.. ...-.- [1] Especially since there have been several comprises of CAs in the past. From khagler at orange-road.com Sat Jan 21 22:49:20 2012 From: khagler at orange-road.com (Ken Hagler) Date: Sat, 21 Jan 2012 13:49:20 -0800 Subject: Using root CAs as a trusted 3rd party In-Reply-To: <20120121181214.GS11479@poseidon.cocyt.us> References: <20120121181214.GS11479@poseidon.cocyt.us> Message-ID: <169D1BF7-9257-478B-8012-9B54111E199B@orange-road.com> On Jan 21, 2012, at 10:12 AM, Aaron Toponce wrote: > What are your thoughts on using root CAs as a trusted 3rd party for > trusting that a key is owned by whom it claims? Of course, this is merely > for casual checking, but it seems to be "good enough". As far as I can see the only checking CAs do before issuing a certificate is "does the credit card clear." -- Ken Hagler | http://www.orange-road.com/ | | And tho' we are not now that strength which in old days | | Moved earth and heaven, that which we are, we are --Tennyson | -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 841 bytes Desc: Message signed with OpenPGP using GPGMail URL: From mailinglisten at hauke-laging.de Sun Jan 22 00:10:11 2012 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Sun, 22 Jan 2012 00:10:11 +0100 Subject: Using root CAs as a trusted 3rd party In-Reply-To: <20120121181214.GS11479@poseidon.cocyt.us> References: <20120121181214.GS11479@poseidon.cocyt.us> Message-ID: <201201220010.12272.mailinglisten@hauke-laging.de> Am Samstag, 21. Januar 2012, 19:12:15 schrieb Aaron Toponce: > I just signed an OpenPGP key with cert level 0x12 (casual checking) given > the following scenario: > > * A PGP key was signed by an SSL certificate that was signed by a root > CA > * I verified that the signature was indeed from that root CA. > * I striped the signature, and imported the PGP key. > * I then signed the key, exported, and sent back. > > What are your thoughts on using root CAs as a trusted 3rd party for > trusting that a key is owned by whom it claims? Of course, this is merely > for casual checking, but it seems to be "good enough". > > Thoughts? IMHO that does not make sense. In the end you just certify that you trust the CA. Your certification makes a difference just to those who do not trust the root CA (or do not know this certification path because the key servers don't know it). The clear solution would be that you certify the root CA's certificate. Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 555 bytes Desc: This is a digitally signed message part. URL: From jrollins at finestructure.net Sun Jan 22 01:41:30 2012 From: jrollins at finestructure.net (Jameson Graef Rollins) Date: Sat, 21 Jan 2012 16:41:30 -0800 Subject: ssh and gnupg In-Reply-To: <4F11CBD4.4050708@lists.grepular.com> References: <4F11CBD4.4050708@lists.grepular.com> Message-ID: <87ehuslgat.fsf@servo.finestructure.net> On Sat, 14 Jan 2012 18:39:16 +0000, gnupg at lists.grepular.com wrote: > Is there a simple howto for getting ssh authentication working with > GnuPG v2? I've used gpgkey2ssh to get the public key and added it to > authorized_keys, but I don't know what I'm supposed to do on the ssh > client end? gpg-agent is running with --enable-ssh-support Hi. You might also look at the Monkeysphere project, whose goal is to ease the use of OpenPGP/gnupg for ssh authentication: http://web.monkeysphere.info/ jamie. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: not available URL: From aaron.toponce at gmail.com Sun Jan 22 03:49:42 2012 From: aaron.toponce at gmail.com (Aaron Toponce) Date: Sat, 21 Jan 2012 19:49:42 -0700 Subject: Using root CAs as a trusted 3rd party In-Reply-To: References: <20120121181214.GS11479@poseidon.cocyt.us> Message-ID: <20120122024941.GA29598@poseidon.cocyt.us> On Sat, Jan 21, 2012 at 02:47:25PM -0500, Thomas Harning Jr. wrote: > That process seems pretty reasonable, assuming the CA is reputable. Even > better if you keep track of the SSL cert to keep track of breaches and the > like. The idea is only to casually trust that a key belongs to a person. If the key is signed by a root CA certificate, then the person has established a relationship of trust between themselves and the CA. So, if the PGP key is signed by that cert, it seems to follow that the key is indeed owned by the person who claims to own it. > It seems akin to the PayPal 3rd party auth, just a different source. Yes. That's all I'm after. I think the militant "I _absolutely_ won't sign any keys unless I verify their identification, face-to-face" attitude is hindering adoption. There must be a way to build the WOT, while still allowing people to sign keys without meeting. Thus, the reasons for 0x10, 0x11, 0x12 and 0x13 in GnuPG for identifying how carefully you've verified the owner of a key. I'm looking for ways to build the WOT, without hindering adoption, by taking advantage of various means to establish trust of key ownership. This seems to be a method, I just want to make sure I have all my i's jotted and my t's crossed. -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o . . o o o o . o o o -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 519 bytes Desc: not available URL: From aaron.toponce at gmail.com Sun Jan 22 03:54:43 2012 From: aaron.toponce at gmail.com (Aaron Toponce) Date: Sat, 21 Jan 2012 19:54:43 -0700 Subject: Using root CAs as a trusted 3rd party In-Reply-To: <20120121215011.GC12880@shi.workgroup> References: <20120121181214.GS11479@poseidon.cocyt.us> <20120121215011.GC12880@shi.workgroup> Message-ID: <20120122025442.GB29598@poseidon.cocyt.us> On Sat, Jan 21, 2012 at 10:50:11PM +0100, Gregor Zattler wrote: > IMHO by signing a key you make a statement about the connection > between a person or owner and the user id you sign, saying "I > somehow convinced myself that user owns this key". This only > makes sense if you have some insight into the matter that a > person which is confronted with the key only cannot have. Your > signature should add some information. Merely saying I'm > convinced that the user is the owner/originator of the key > because someone else already signed this key, does not make much > sense to me. I think you should have added a notation explaining > you reasoning. I trust the encrypted connection between my browser and my bank, because the certificate they present to by browser is signed by a root CA that is installed in the browser. It seems possible to make a valid corollary with OpenPGP keys. I trust a key belongs to a specific user, because that key is presented to be to be owned by a specific person is signed by a root CA. Esentially, I'm using a CA as a 3rd party to casually establish identity. At this point, I can rest assured that the key this person claims is theirs is actually theirs. -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o . . o o o o . o o o -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 519 bytes Desc: not available URL: From rjh at sixdemonbag.org Sun Jan 22 05:02:52 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sat, 21 Jan 2012 23:02:52 -0500 Subject: 1024 key with 2048 subkey: how affected? In-Reply-To: References: Message-ID: <4F1B8A6C.40401@sixdemonbag.org> On 1/20/2012 3:15 PM, Chris Poole wrote: > Since it's now recommended (to my knowledge) to use 2048-bit keys and > above, how does having a 1024-bit keypair affect me? It depends entirely on what you're doing with it. Breaking a 1024-bit key is within the realm of possibility for a ridiculously well-funded adversary. It hasn't been publicly demonstrated yet, but it's a matter of time. Over a decade ago, the state of the art was to break a 56-bit keyspace in under 24 hours for $250,000. A 1024-bit key has about an 80-bit keyspace, which is a factor of 16 million larger. Given the advances in supercomputing in the last decade it is reasonable to believe 1024-bit keys are either breakable now or will be in the near future, but only at incredible cost. If I was signing nuclear weapon authorization codes, I would not trust 1024-bit DSA. Nor would I trust it if I was signing a 30-year mortgage. On the other hand, for most normal email usage 1024-bit crypto is still plenty enough. From telegraph at gmx.net Sun Jan 22 10:25:31 2012 From: telegraph at gmx.net (Gregor Zattler) Date: Sun, 22 Jan 2012 10:25:31 +0100 Subject: Using root CAs as a trusted 3rd party In-Reply-To: <20120122025442.GB29598@poseidon.cocyt.us> References: <20120121181214.GS11479@poseidon.cocyt.us> <20120121215011.GC12880@shi.workgroup> <20120122025442.GB29598@poseidon.cocyt.us> Message-ID: <20120122092531.GA15215@shi.workgroup> Hi Aaron, gnupg users, * Aaron Toponce [21. Jan. 2012]: > On Sat, Jan 21, 2012 at 10:50:11PM +0100, Gregor Zattler wrote: >> IMHO by signing a key you make a statement about the connection >> between a person or owner and the user id you sign, saying "I >> somehow convinced myself that user owns this key". This only >> makes sense if you have some insight into the matter that a >> person which is confronted with the key only cannot have. Your >> signature should add some information. Merely saying I'm >> convinced that the user is the owner/originator of the key >> because someone else already signed this key, does not make much >> sense to me. I think you should have added a notation explaining >> you reasoning. > > I trust the encrypted connection between my browser and my bank, because > the certificate they present to by browser is signed by a root CA that is > installed in the browser. I do the same since my bank refuses unwaveringly to send me their certificate by snail mail. Yes I actually asked them to send me their certificate but they explicitly refused to do so and told me I am free to quit my account. In this dispute I learned I'm the only customer ever to ask for their certificate. > It seems possible to make a valid corollary with > OpenPGP keys. I trust a key belongs to a specific user, because that key is > presented to be to be owned by a specific person is signed by a root CA. > > Esentially, I'm using a CA as a 3rd party to casually establish identity. > At this point, I can rest assured that the key this person claims is theirs > is actually theirs. Sure. Nothing wrong with that. You look at the key, see it's signed by the CA, you check the signature and decide *for yourself* that this is proof enough, that this is the users key. You take the risk. But don't use this as an argument to sign the key because then you are making a public statement instead of a private reasoning: Next time I use the very same key: I see the signature of the CA. Now there are two possibilities: a) I trust the CA. Then I check their signature, see it's good and I'm convinced it't the valid key of the user. What does your signature help me in this instance? b) I do not trust the CA. Therefore I don't even bother to check their signature. So I can't trust the validity of the key. But stop: There is a signature of Aaron Toponce. For the sake of the argument, let's assume we met at a key signing party, signed our respective keys and had a nice talk then. Now I see the users key is signed with a fully trusted key (yours) and therefore I might consider it valid -- but only because you trust a CA I don't trust. In my opinion that's the wrong outcome. Please sign keys only because of your own judgement on some facts not present with the key alone, not others (the CA). Ciao, Gregor -- -... --- .-. . -.. ..--.. ...-.- From peter at digitalbrains.com Sun Jan 22 10:32:41 2012 From: peter at digitalbrains.com (Peter Lebbing) Date: Sun, 22 Jan 2012 10:32:41 +0100 Subject: Protecting IDs at a key signing party In-Reply-To: <4F1B35CF.1000008@sixdemonbag.org> References: <201012081420.14986.hankivy@hot.rr.com> <4CFFFE7A.6010704@sixdemonbag.org> <201012082335.11639.mailinglisten@hauke-laging.de> <87y67ysxb9.fsf@gnupg.org> <20120119013837.GC23672@groupw.cns.vt.edu> <299056246.20120121135839@my_localhost> <4F1B35CF.1000008@sixdemonbag.org> Message-ID: <4F1BD7B9.9040403@digitalbrains.com> On 21/01/12 23:01, Robert J. Hansen wrote: > Then they're signing it with *their* certificate, backed up by > credentials that you yourself checked. How is this a problem? While I generally agree with you on the rest of your mail, this is not necessarily the case. You met them at a keysigning party. They probably presented you something they thought would prove their identity. If you read "checked" as "you looked at it", then yes, probably that is also true :). But I interpret "checked" here as "verified it was okay", and that is not necessarily the case. By the way, I think it's courtesy to send the signature to the key owner. But it is not a security issue. I have so far attended a keysigning party once. I noticed a few people had not published my signature (don't know why)[1]. This also weakened my own Web of Trust, which was not a big issue, but I still decided to do local signatures on those keys that did not have my exportable signature. Fine. But I also have a laptop, so I needed to export my local signatures, etcetera. A lot of overhead, what with checking fingerprints again for the local signature, all for a bit of courtesy... Peter. [1] I have a slight tremor in the hands, and I noticed sometimes my passport shaked a bit while I was holding it up so the person in front of me could check it. Perhaps they thought I was bloody nervous because I was trying to trick them?? -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt From gnupg at lists.grepular.com Sun Jan 22 16:18:34 2012 From: gnupg at lists.grepular.com (gnupg at lists.grepular.com) Date: Sun, 22 Jan 2012 15:18:34 +0000 Subject: Using root CAs as a trusted 3rd party In-Reply-To: <20120122024941.GA29598@poseidon.cocyt.us> References: <20120121181214.GS11479@poseidon.cocyt.us> <20120122024941.GA29598@poseidon.cocyt.us> Message-ID: <4F1C28CA.9020303@lists.grepular.com> On 22/01/12 02:49, Aaron Toponce wrote: > Yes. That's all I'm after. I think the militant "I _absolutely_ won't sign > any keys unless I verify their identification, face-to-face" attitude is > hindering adoption. There must be a way to build the WOT, while still > allowing people to sign keys without meeting. Thus, the reasons for 0x10, > 0x11, 0x12 and 0x13 in GnuPG for identifying how carefully you've verified > the owner of a key. > > I'm looking for ways to build the WOT, without hindering adoption, by > taking advantage of various means to establish trust of key ownership. This > seems to be a method, I just want to make sure I have all my i's jotted and > my t's crossed. I've taken a different approach. Rather than trying to build up a WOT by getting people to sign my key, I've just made sure that the fingerprint of my master key is spread wide and far over the Internet, and that I sign everything. The front page of my website https://grepular.com/ is signed. It displays my fingerprint, and a Google link next to it: https://encrypted.google.com/search?q=%2235BC+AF1D+3AA2+1F84+3DC3+B0CF+70A5+F512+0018+461F%22&filter=0 You can see my fingerprint mentioned all over the place. I also sign all of my profiles on different sites whenever possible. A couple of examples: http://hackerbuddy.com/users/2670 https://news.ycombinator.com/user?id=mike-cardwell My fingerprint is also stored in a PKA record in the DNS: mike at Fuzzbutt:~$ dig +short txt mike.cardwell._pka.grepular.com "v=pka1\;fpr=35BCAF1D3AA21F843DC3B0CF70A5F5120018461F\;uri=http://grepular.com/0018461F.pub.asc" mike at Fuzzbutt:~$ And the DNS for grepular.com even uses DNSSEC. I don't think you need to meet me in person to be confident that the key you've downloaded is mine. I sometimes wonder if the traditional public web of trust is even a good idea. Are you happy to be associated with everybody you've signed the key of and those who have signed yours? Are you sure that none of these people will do anything in the future which might cause these public associations to become a problem for you? -- Mike Cardwell https://grepular.com/ http://cardwellit.com/ OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 598 bytes Desc: OpenPGP digital signature URL: From stargrave at stargrave.org Sun Jan 22 16:48:28 2012 From: stargrave at stargrave.org (Sergey Matveev) Date: Sun, 22 Jan 2012 19:48:28 +0400 Subject: RSA padding scheme Message-ID: <20120122154828.GA13329@stargrave.org> Greetings everyone! As I understand, such asymmetric ciphers as RSA and/or ElGamal requires strong padding applied before "message" is encrypted. Message is of course the one-time session key, used to encipher the actual data. There are different versions of PKCS#1, NESSIE, OAEP and other schemes exist. How can I get which one is used? Trivial grep-ing through the 1.4.10 source code (which one I am using) does not help me much. Moreover I did not find the way padding can be changed/specified for example for RSA. I will be glad to understand what I am missing. -- Happy hacking, Sergey Matveev . [CYPHERPUNKS.RU][FSF][FSFE][EFF] fellow ..: From holger at alternativefuse.com Sun Jan 22 17:59:49 2012 From: holger at alternativefuse.com (Holger) Date: Sun, 22 Jan 2012 11:59:49 -0500 Subject: Creating a key bearing no user ID Message-ID: <14dca650e8c047342409d58fff5cf16d@> Hello gnupg-users, I intend to use gpg only for receiving encrypted e-mail, not signing my outgoing e-mail. Because I don't want my name or e-mail address out there on the keyservers, I want do create a key without a uid. People who want to send me e-mail, get my e-mail address and keyID/fingerprint with my business card. Will this work or did I miss something? When trying to create a key with an "empty" uid using '--allow-freeform-uid', I get gpg: [internal]: no User-ID specified Do I have to create a regular key first and strip off the uid afterwards? Thanks a lot! Holger From holger at alternativefuse.com Sun Jan 22 17:28:33 2012 From: holger at alternativefuse.com (Holger) Date: Sun, 22 Jan 2012 11:28:33 -0500 Subject: Creating a key bearing no user ID Message-ID: <535bb25de4ce561e1cc7b16885766eef@> Hello list, I intend to use gpg only for receiving encrypted e-mail, not signing my outgoing e-mail. Because I don't want my name or e-mail address out there on the keyservers, I want do create a key without a uid. People who want to send me e-mail, get my e-mail address and keyID/fingerprint with my business card. Will this work or did I miss something? When trying to create a key with an "empty" uid using '--allow-freeform-uid', I get gpg: [internal]: no User-ID specified Do I have to create a regular key first and strip off the uid afterwards? Thanks a lot! Holger From holger at alternativefuse.com Sun Jan 22 19:05:03 2012 From: holger at alternativefuse.com (Holger) Date: Sun, 22 Jan 2012 13:05:03 -0500 Subject: Creating a key bearing no user ID Message-ID: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> Hello gnupg-users, I intend to use gpg only for receiving encrypted e-mail, not signing my outgoing e-mail. Because I don't want my name or e-mail address out there on the keyservers, I want do create a key without a uid. People who want to send me e-mail, get my e-mail address and keyID/fingerprint with my business card. Will this work or did I miss something? When trying to create a key with an "empty" uid using '--allow-freeform-uid', I get gpg: [internal]: no User-ID specified Do I have to create a regular key first and strip off the uid afterwards? Thanks a lot! Holger From holger at alternativefuse.com Sun Jan 22 19:08:07 2012 From: holger at alternativefuse.com (Holger) Date: Sun, 22 Jan 2012 13:08:07 -0500 Subject: Creating a key bearing no user ID In-Reply-To: <535bb25de4ce561e1cc7b16885766eef@> References: <535bb25de4ce561e1cc7b16885766eef@> Message-ID: Mega sorry for the triple post. H From rjh at sixdemonbag.org Sun Jan 22 19:36:44 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sun, 22 Jan 2012 13:36:44 -0500 Subject: Creating a key bearing no user ID In-Reply-To: <14dca650e8c047342409d58fff5cf16d@> References: <14dca650e8c047342409d58fff5cf16d@> Message-ID: <4F1C573C.8080301@sixdemonbag.org> On 1/22/2012 11:59 AM, Holger wrote: > Will this work or did I miss something? The OpenPGP spec (RFC4880) says that a transferable public key (one that can be shared, basically) is required to have one or more user IDs attached (RFC4880 section 11.1). If you don't have a user ID on your certificate, you have no guarantees your certificate will be usable by other people. From sandals at crustytoothpaste.net Sun Jan 22 19:54:22 2012 From: sandals at crustytoothpaste.net (brian m. carlson) Date: Sun, 22 Jan 2012 18:54:22 +0000 Subject: RSA padding scheme In-Reply-To: <20120122154828.GA13329@stargrave.org> References: <20120122154828.GA13329@stargrave.org> Message-ID: <20120122185422.GA10912@crustytoothpaste.ath.cx> On Sun, Jan 22, 2012 at 07:48:28PM +0400, Sergey Matveev wrote: > As I understand, such asymmetric ciphers as RSA and/or ElGamal requires > strong padding applied before "message" is encrypted. Message is of > course the one-time session key, used to encipher the actual data. To use them correctly and securely, yes. > There are different versions of PKCS#1, NESSIE, OAEP and other schemes > exist. How can I get which one is used? Trivial grep-ing through the > 1.4.10 source code (which one I am using) does not help me much. GnuPG uses PKCS #1 v1.5. This is specified in RFC 4880. > Moreover I did not find the way padding can be changed/specified for > example for RSA. You cannot choose a different padding scheme and remain in compliance with the OpenPGP standard. > I will be glad to understand what I am missing. If the standard allowed different padding schemes, then all implementations would have to support multiple padding schemes, which would be burdensome without providing significantly more security. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 836 bytes Desc: Digital signature URL: From stargrave at stargrave.org Sun Jan 22 20:29:54 2012 From: stargrave at stargrave.org (Sergey Matveev) Date: Sun, 22 Jan 2012 23:29:54 +0400 Subject: RSA padding scheme In-Reply-To: <20120122185422.GA10912@crustytoothpaste.ath.cx> References: <20120122154828.GA13329@stargrave.org> <20120122185422.GA10912@crustytoothpaste.ath.cx> Message-ID: <20120122192954.GA22767@stargrave.org> ----- User brian m. carlson on 2012-01-22 18:54:22 wrote: >GnuPG uses PKCS #1 v1.5. This is specified in RFC 4880. >You cannot choose a different padding scheme and remain in compliance >with the OpenPGP standard. Ah! I see. Thank you! Now I understand. >If the standard allowed different padding schemes, then all >implementations would have to support multiple padding schemes, which >would be burdensome without providing significantly more security. Hmm, I see. However does it really won't provide much higher security? Just theoretically very interested in all of that. According to Wikipedia, there are several kind of attacks against plain RSA (just some of them): * sending ciphertext with the same "e" to several recipients * no randomness * problems with the product of two ciphertexts So, padding should close all of those problems. As I can see, PKCS #1 1.5 just adds random pad to satisfy length requirements. Is those randomness sufficient to solve above three issues? OAEP, comparing to PKCS #1 1.5, is much more "mature" and looks really cool with dependent on each other X and Y. If PKCS #1 1.5 is sufficient, then OAEP just brings "all-or-nothing" additionally? Or because of RSA's ciphertext "payload" is always pretty random data (symmetric keys), then (probably) bad padding won't deal any damage? From dshaw at jabberwocky.com Sun Jan 22 21:15:08 2012 From: dshaw at jabberwocky.com (David Shaw) Date: Sun, 22 Jan 2012 15:15:08 -0500 Subject: Creating a key bearing no user ID In-Reply-To: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> Message-ID: On Jan 22, 2012, at 1:05 PM, Holger wrote: > Hello gnupg-users, > > I intend to use gpg only for receiving encrypted e-mail, not signing my outgoing e-mail. Because I don't want my name or e-mail address out there on the keyservers, I want do create a key without a uid. People who want to send me e-mail, get my e-mail address and keyID/fingerprint with my business card. > > Will this work or did I miss something? It won't work. The OpenPGP standard requires at least one user ID on a key. It does not require that it has an email address or even your real name, so you can legally have a user ID of "Anonymous" or similar, but you do need something there. Note that if you are intending to get your key signed by others, most people won't sign a user ID that just reads "Anonymous". David From dougb at dougbarton.us Mon Jan 23 01:11:14 2012 From: dougb at dougbarton.us (Doug Barton) Date: Sun, 22 Jan 2012 16:11:14 -0800 Subject: Creating a key bearing no user ID In-Reply-To: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> Message-ID: <4F1CA5A2.6090903@dougbarton.us> On 01/22/2012 10:05, Holger wrote: > Hello gnupg-users, > > I intend to use gpg only for receiving encrypted e-mail, not signing > my outgoing e-mail. Because I don't want my name or e-mail address > out there on the keyservers, Why not? > I want do create a key without a uid. > People who want to send me e-mail, get my e-mail address and > keyID/fingerprint with my business card. > > Will this work or did I miss something? How will they get your public key? -- It's always a long day; 86400 doesn't fit into a short. Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ From sandals at crustytoothpaste.net Mon Jan 23 01:47:03 2012 From: sandals at crustytoothpaste.net (brian m. carlson) Date: Mon, 23 Jan 2012 00:47:03 +0000 Subject: RSA padding scheme In-Reply-To: <20120122192954.GA22767@stargrave.org> References: <20120122154828.GA13329@stargrave.org> <20120122185422.GA10912@crustytoothpaste.ath.cx> <20120122192954.GA22767@stargrave.org> Message-ID: <20120123004703.GB10912@crustytoothpaste.ath.cx> On Sun, Jan 22, 2012 at 11:29:54PM +0400, Sergey Matveev wrote: > >If the standard allowed different padding schemes, then all > >implementations would have to support multiple padding schemes, which > >would be burdensome without providing significantly more security. > Hmm, I see. However does it really won't provide much higher security? > Just theoretically very interested in all of that. According to > Wikipedia, there are several kind of attacks against plain RSA (just > some of them): > * sending ciphertext with the same "e" to several recipients This depends on a small message. All secure padding schemes avoid this problem because the pad the message so it is not small. > * no randomness All secure padding schemes provide this, as well. > * problems with the product of two ciphertexts This is not a problem with OpenPGP because the attacker never gets to see the value encrypted with RSA because it's the symmetric key. > So, padding should close all of those problems. As I can see, PKCS #1 > 1.5 just adds random pad to satisfy length requirements. Is those > randomness sufficient to solve above three issues? OAEP, comparing to > PKCS #1 1.5, is much more "mature" and looks really cool with dependent > on each other X and Y. The existence of PGP predates the invention of OAEP by at least three years. So it really wasn't an option, and PKCS #1 v1.5 is not insecure, so there's no reason to break backwards compatibility. > If PKCS #1 1.5 is sufficient, then OAEP just brings "all-or-nothing" > additionally? Or because of RSA's ciphertext "payload" is always pretty > random data (symmetric keys), then (probably) bad padding won't deal any > damage? Basically. The issue is that if the padding is incorrect, the message is rejected. So the attacker can't manipulate the message without risking corrupting the structure of the method. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 836 bytes Desc: Digital signature URL: From holger at alternativefuse.com Mon Jan 23 02:47:34 2012 From: holger at alternativefuse.com (Holger) Date: Sun, 22 Jan 2012 20:47:34 -0500 Subject: Creating a key bearing no user ID In-Reply-To: <4F1CA5A2.6090903@dougbarton.us> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> Message-ID: 2012-01-22T16:11:14-08:00, Doug Barton: > On 01/22/2012 10:05, Holger wrote: > > I intend to use gpg only for receiving encrypted e-mail, not signing > > my outgoing e-mail. Because I don't want my name or e-mail address > > out there on the keyservers, > > Why not? One reason is spam, though we haven't seen excessive abuse of the keyserver-data or the keyservers themselves yet. Of course I could simply omit the e-mail address. Another one: My full name is rather unique and I don't want to reveal with whom I communicate i.e. who signed my key. On the other hand, public keys can be easily polluted with bogus signatures ... but I guess the average researcher is not aware of that and the versed is able to filter out the bogus ones. So maybe I should refrain from participating in the web of trust and build my personal "star of trust"?! > > I want do create a key without a uid. > > People who want to send me e-mail, get my e-mail address and > > keyID/fingerprint with my business card. > > > > Will this work or did I miss something? > > How will they get your public key? By keyID/fingerprint from the keyserver-net. From John at enigmail.net Mon Jan 23 06:33:38 2012 From: John at enigmail.net (John Clizbe) Date: Sun, 22 Jan 2012 23:33:38 -0600 Subject: Creating a key bearing no user ID In-Reply-To: References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> Message-ID: <4F1CF132.20301@enigmail.net> Holger wrote: > 2012-01-22T16:11:14-08:00, Doug Barton: >> On 01/22/2012 10:05, Holger wrote: >> > I intend to use gpg only for receiving encrypted e-mail, not signing >> > my outgoing e-mail. Because I don't want my name or e-mail address >> > out there on the keyservers, >> >> Why not? > > One reason is spam, though we haven't seen excessive abuse of the keyserver-data or the keyservers themselves yet. Of course I could simply omit the e-mail address. Another one: My full name is rather unique and I don't want to reveal with whom I communicate i.e. who signed my key. On the other hand, public keys can be easily polluted with bogus signatures ... but I guess the average researcher is not aware of that and the versed is able to filter out the bogus ones. So maybe I should refrain from participating in the web of trust and build my personal "star of trust"?! I have a very unique last name and I'm not afraid of the keyservers. I know of about six "John Clizbe"s. We differ by middle initial and name. BTW, if I represented an entity concerned with whomever you communicated, I would likely not bother with your key. It would be much easier to have a copy of your outgoing mail retained by your ISP. Keyserver SPAM is a straw-man argument. Yes, it's possible for an address to be pulled from the key on a keyserver, in fact, I'm convinced harvesting probably takes place. But testing I did a few years ago found the amount of SPAM attributable to a key on a keyserver was not significantly different from that received as just random SPAM noise from an unused ISP account. I've seen no volume of SPAM since then to challenge that conclusion. >> > I want do create a key without a uid. >> > People who want to send me e-mail, get my e-mail address and >> > keyID/fingerprint with my business card. >> > >> > Will this work or did I miss something? >> >> How will they get your public key? > > By keyID/fingerprint from the keyserver-net. And how, exactly do they first get the KeyID/Fingerprint? Or do you intend to limit encrypted communication to those whom you have first made contact and handed a business card? -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" From stargrave at stargrave.org Mon Jan 23 07:12:14 2012 From: stargrave at stargrave.org (Sergey Matveev) Date: Mon, 23 Jan 2012 10:12:14 +0400 Subject: RSA padding scheme In-Reply-To: <20120123004703.GB10912@crustytoothpaste.ath.cx> References: <20120122154828.GA13329@stargrave.org> <20120122185422.GA10912@crustytoothpaste.ath.cx> <20120122192954.GA22767@stargrave.org> <20120123004703.GB10912@crustytoothpaste.ath.cx> Message-ID: <20120123061214.GA2031@stargrave.org> ----- User brian m. carlson on 2012-01-23 00:47:03 wrote: >> * sending ciphertext with the same "e" to several recipients >This depends on a small message. All secure padding schemes avoid this >problem because the pad the message so it is not small. >> * no randomness >All secure padding schemes provide this, as well. >> * problems with the product of two ciphertexts >This is not a problem with OpenPGP because the attacker never gets to >see the value encrypted with RSA because it's the symmetric key. Hmm, true. Seems really pretty secure in PGP context. >The existence of PGP predates the invention of OAEP by at least three >years. So it really wasn't an option, and PKCS #1 v1.5 is not insecure, >so there's no reason to break backwards compatibility. Yeah, agreed. >Basically. The issue is that if the padding is incorrect, the message >is rejected. So the attacker can't manipulate the message without >risking corrupting the structure of the method. I see. Well, thank you very much for the explanation and information! From rjh at sixdemonbag.org Mon Jan 23 09:09:55 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 23 Jan 2012 03:09:55 -0500 Subject: Creating a key bearing no user ID In-Reply-To: <4F1CF132.20301@enigmail.net> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> Message-ID: <4F1D15D3.8040500@sixdemonbag.org> > Keyserver SPAM is a straw-man argument. Yes, it's possible for an > address to be pulled from the key on a keyserver, in fact, I'm > convinced harvesting probably takes place. As am I. However, it should be pointed out that this is no reason to avoid using the keyservers. One of the best ways to evaluate a defensive mechanism is whether it can recover from a failure. Consider securing your home. A lock on the front door is good, but once the thief is in past your front door the lock is pointless. It can't recover from a failure. Being friends with your neighbor is a much better security mechanism. If your neighbor doesn't see the burglars breaking in, they still might see the burglars leaving, or be able to tell the cops "yes, there were some strange people hanging around that place yesterday, watching it and stuff, they were driving a...". Even if in one particular moment your neighbor fails, your neighbor can still come back to be a useful and effective mechanism. Good neighbors are a better security mechanism than good locks. (This may count as "old as the hills" wisdom: Proverbs 27:10 says something like, "Better a neighbor nearby than a brother far away." I've yet to find any 4,000-year-old proverbs extolling the virtues of locks, much less any that are as true today as when they were first spoken.) The same reasoning explains why keeping your email address hidden is a poor spamfighting technique. You have to *always* keep the email address hidden, and the first time it gets published you have to assume the spammers now have it. All that time, effort, energy, stress and frustration you put into keeping your email address unpublished is now wasted: all you did was delay the inevitable by a few days, a few weeks, maybe a few months. Like the lock which, once bypassed, provides no help whatsoever, your ascetic ways, once bypassed, give no benefit. On the other hand, good spam detectors have wonderful failure recovery modes. If a piece of spam gets through, well, train the spam detector to do a better job: the next time that spam won't get through. From wk at gnupg.org Mon Jan 23 11:26:14 2012 From: wk at gnupg.org (Werner Koch) Date: Mon, 23 Jan 2012 11:26:14 +0100 Subject: 1.4.12 beta installer for Windows Message-ID: <87y5syd8ah.fsf@vigenere.g10code.de> Hi, I created a pre-release of an GnuPG 1.4.12 installer for Windows: ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-w32cli-1.4.12-git51c1e84.exe ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-w32cli-1.4.12-git51c1e84.exe.sig Sources are in the same directory. This version is built using a newer toolchain and thus you might run into problems. If so, please report them to this list. Note: The use of the 1.4 version under Windows is not generally suggested. In almost all cases you are better off with the GnuPG-2 installer provided at gpg4win.org. Thanks, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From karadenizi at gmail.com Mon Jan 23 11:53:20 2012 From: karadenizi at gmail.com (Kara) Date: Mon, 23 Jan 2012 05:53:20 -0500 Subject: Using Root CAs as a Trusted 3rd Party In-Reply-To: <169D1BF7-9257-478B-8012-9B54111E199B@orange-road.com> References: <169D1BF7-9257-478B-8012-9B54111E199B@orange-road.com> Message-ID: <4F1D3C20.8000305@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==== Reference: Subject: Re: Using root CAs as a trusted 3rd party Date: Sat, 21 Jan 2012 13:49:20 -0800 From: Ken Hagler To: Aaron Toponce CC: gnupg-users at gnupg.org > On Jan 21, 2012, at 10:12 AM, Aaron Toponce wrote: > >> What are your thoughts on using root CAs as a trusted 3rd party >> for trusting that a key is owned by whom it claims? Of course, >> this is merely for casual checking, but it seems to be "good >> enough". > > As far as I can see the only checking CAs do before issuing a > certificate is "does the credit card clear." I believe you'll find that CAcert (www.cacert.org) is an exception *if* you are relying on one of their x.509 certificates that includes the individual's name since all CAcert certificates are free *and* If the CAcert certificate includes the owner's name -- and if you're willing to accept that CAcert assurance policies have been followed, you can be confident that a. The owner of the certificate has had a face-to-face meeting with two or more CAcert assurers who have examined (and accepted as valid) Government issued photoID documentation provided by that individual. Based on their assurance experience and their belief that the documents they have reviewed are valid, assurers can grant from 1 to 35 assurance points per individual. An individual must have at least 50 such points on their CAcert account to be considered "trusted" by CAcert. b. If an individual's name is included in their CAcert x.509 certificate *and* if that individual is also listed by location in CAcert's public list of assurers, you can be confident that the individual has had a face- to-face meeting with three or more CAcert assurers who have examined provided Government- issued photoID documentation and accepted them as valid as noted in subpara "a" above and that the individual has at least 100 assurance points on their CAcert account and has met all other CAcert assurer requirements. c. Currently many operating systems do not automatically include the CAcert root certificates (for details see http://wiki.cacert.org/InclusionStatus) but they can be easily obtained from http://www.cacert.org/index.php?id=3 and manually added to your list of root certificates. ==== Just as a matter of information regarding members of the Gossamer Spider Web of Trust (GSWoT) : Among other requirements a GSIntroducer (GSI) must meet is that they are either: d.. A CAcert assurer, or e. Have an x.509 CAcert certificate that includes their name (indicating they've met with at least two CAcert assurers -- see subpara "a" above) *and have* *also* had a face-to-face meeting with at least one GSI who has examined and accepted as valid the Government- issued photoID documentation they've provided, and has trust signed their PGP/GPG key with their GSI key or keys, or f. Had a face-to-face meeting with three GSIs who have examined and accepted as valid the Government- issued photoID documentation they've provided, and has trust signed their PGP/GPG key with their GSI key or keys. Only then -- again assuming all other GSWoT policy requirements have been met and that it's been validated that they control the email addresses associated with each of their key's userIDs -- are their PGP/GPG key or keys userIDs GPG "sig!2 1" trust signed by the 8875BF7F GSWoT "Signing Authority" key validating they are GSIs. ==== Ciao Kara Timestamp: Mon, 23 Jan 2012, 0553 Local (UTC -0500) ==== . -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: For keyID and its URL see the OpenPGP message header iEYEAREIAAYFAk8dPBcACgkQ15k+1L3RO5DfvgCePIFKfynHCmEdGvlbhhWTg/ka QYkAnR+z3BzJSeSiY8SXA/aJ9bvwLmiX =kOMi -----END PGP SIGNATURE----- From holger at alternativefuse.com Mon Jan 23 16:04:45 2012 From: holger at alternativefuse.com (Holger) Date: Mon, 23 Jan 2012 10:04:45 -0500 Subject: Creating a key bearing no user ID In-Reply-To: <4F1CF132.20301@enigmail.net> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> Message-ID: 2012-01-22T23:33:38-06:00, John Clizbe: > Holger wrote: > > 2012-01-22T16:11:14-08:00, Doug Barton: > > > On 01/22/2012 10:05, Holger wrote: > > > > I intend to use gpg only for receiving encrypted e-mail, not signing > > > > my outgoing e-mail. Because I don't want my name or e-mail address > > > > out there on the keyservers, > > > > > > Why not? > > > > One reason is spam, though we haven't seen excessive abuse of the > > keyserver-data or the keyservers themselves yet. Of course I could simply omit > > the e-mail address. Another one: My full name is rather unique and I don't want > > to reveal with whom I communicate i.e. who signed my key. On the other hand, > > public keys can be easily polluted with bogus signatures ... but I guess the > > average researcher is not aware of that and the versed is able to filter out the > > bogus ones. So maybe I should refrain from participating in the web of trust and > > build my personal "star of trust"?! > > I have a very unique last name and I'm not afraid of the keyservers. I know of > about six "John Clizbe"s. We differ by middle initial and name. I'm not afraid of being mistaken for s.b. else. Given my name was unique, anybody could go and see with whom I'm associated. > BTW, if I represented an entity concerned with whomever you communicated, I > would likely not bother with your key. It would be much easier to have a copy of > your outgoing mail retained by your ISP. That's on another level, legally + technically. > Keyserver SPAM is a straw-man argument. Yes, it's possible for an address to be > pulled from the key on a keyserver, in fact, I'm convinced harvesting probably > takes place. But testing I did a few years ago found the amount of SPAM [...] Please simply accept that it's an issue for me as well as many others. Harvesting is supereasy: full keydumps are readily available. > > > > I want do create a key without a uid. > > > > People who want to send me e-mail, get my e-mail address and > > > > keyID/fingerprint with my business card. > > > > > > > > Will this work or did I miss something? > > > > > > How will they get your public key? > > > > By keyID/fingerprint from the keyserver-net. > > And how, exactly do they first get the KeyID/Fingerprint? Or do you intend to > limit encrypted communication to those whom you have first made contact and > handed a business card? Yes, I intend to receive encrypted mail only from those /Holger From mwood at IUPUI.Edu Mon Jan 23 15:24:03 2012 From: mwood at IUPUI.Edu (Mark H. Wood) Date: Mon, 23 Jan 2012 09:24:03 -0500 Subject: Using root CAs as a trusted 3rd party In-Reply-To: <169D1BF7-9257-478B-8012-9B54111E199B@orange-road.com> References: <20120121181214.GS11479@poseidon.cocyt.us> <169D1BF7-9257-478B-8012-9B54111E199B@orange-road.com> Message-ID: <20120123142403.GA15443@IUPUI.Edu> On Sat, Jan 21, 2012 at 01:49:20PM -0800, Ken Hagler wrote: > On Jan 21, 2012, at 10:12 AM, Aaron Toponce wrote: > > > What are your thoughts on using root CAs as a trusted 3rd party for > > trusting that a key is owned by whom it claims? Of course, this is merely > > for casual checking, but it seems to be "good enough". > > As far as I can see the only checking CAs do before issuing a certificate is "does the credit card clear." It seems to depend on the CA. I know that one does a bit more checking because, the first time I sent them a request, I got a call from our corporate security officer to ask if I was really the one who had sent that request, because the CA had asked him the same question. They had wanted some identifying information about us that was not so easy for a mere computer wrangler like me to get, too. That little bit of fussiness won my repeat business, BTW. I figured that being fussy is what we were paying for. I wouldn't spend a dime at one of those CC-clearance-is-good-enough-for-us outfits. I guess that the lesson is: don't assume. Find out for yourself whether a CA is worthy of your trust, before trusting. -- Mark H. Wood, Lead System Programmer mwood at IUPUI.Edu Asking whether markets are efficient is like asking whether people are smart. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: From lists at chrispoole.com Mon Jan 23 15:18:54 2012 From: lists at chrispoole.com (Chris Poole) Date: Mon, 23 Jan 2012 14:18:54 +0000 Subject: 1024 key with 2048 subkey: how affected? In-Reply-To: <4F1B8A6C.40401@sixdemonbag.org> References: <4F1B8A6C.40401@sixdemonbag.org> Message-ID: On Sun, Jan 22, 2012 at 4:02 AM, Robert J. Hansen wrote: > ?A 1024-bit key has about an 80-bit keyspace, which is a factor of 16 million > larger. ?Given the advances in supercomputing in the last decade it is > reasonable to believe 1024-bit keys are either breakable now or will be in the > near future, but only at incredible cost. If the only purpose of the primary key (in my case, where I have subkeys for signing and encryption) is to sign the subkeys, why not simply make it stupidly large? Equivalent to 256 bits with a symmetric cipher, or 512 bits? Then, simply issue 2048 bit keys for encryption or signing as and when required, all signed by this master key. It would not really be used in day to day duties, since the subkeys will be used for this. (I guess, assuming of course that a key strengthening or lengthening algorithm is used for the primary key.) Cheers, Chris From holger at alternativefuse.com Mon Jan 23 16:35:45 2012 From: holger at alternativefuse.com (Holger) Date: Mon, 23 Jan 2012 10:35:45 -0500 Subject: Creating a key bearing no user ID In-Reply-To: <4F1D15D3.8040500@sixdemonbag.org> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <4F1D15D3.8040500@sixdemonbag.org> Message-ID: 2012-01-23T03:09:55-05:00, Robert J. Hansen: > > Keyserver SPAM is a straw-man argument. Yes, it's possible for an > > address to be pulled from the key on a keyserver, in fact, I'm > > convinced harvesting probably takes place. > > As am I. However, it should be pointed out that this is no reason to > avoid using the keyservers. > > One of the best ways to evaluate a defensive mechanism is whether it can > recover from a failure. Consider securing your home. A lock on the > front door is good, but once the thief is in past your front door the > lock is pointless. It can't recover from a failure. I'm not a fan of comparisons at all, but I'd say my e-mail address feels more like my postal address, thus I tend to handle them similarly. But wouldn't you replace or enforce the lock on your front door once s.o. made it in? At least you would still keep locking it, wouldn't you? ; ) /Holger From rjh at sixdemonbag.org Mon Jan 23 16:47:34 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 23 Jan 2012 10:47:34 -0500 Subject: Creating a key bearing no user ID In-Reply-To: References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <4F1D15D3.8040500@sixdemonbag.org> Message-ID: <4F1D8116.6000104@sixdemonbag.org> On 01/23/2012 10:35 AM, Holger wrote: > I'm not a fan of comparisons at all All argument from analogy is intellectual fraud, but they can be useful to illuminate arguments. :) > but I'd say my e-mail address feels more like my postal address, thus > I tend to handle them similarly. So, you keep all your possessions there? And eight hours a day you sleep there, so you're completely oblivious to any danger I might present to you? Email addresses aren't physical addresses. The consequence of one falling into the hands of your enemies is far, far worse than the other. And just like a casual criminal doesn't care that a particular address belongs to you, neither do spammers. > But wouldn't you replace or enforce the lock on your front door once > s.o. made it in? At least you would still keep locking it, wouldn't > you? No. Why would I, when the lock had clearly failed in the role I'd placed it? Once a component shows that it's failure-prone, a smart person revises the plan. For me, a lock is meant to do two things: * Raise the stakes for unlawful entry * Delay unlawful entry "Keep people out" is not one of them. :) From gnupg at oneiroi.net Mon Jan 23 16:44:42 2012 From: gnupg at oneiroi.net (Milo) Date: Mon, 23 Jan 2012 16:44:42 +0100 Subject: Using root CAs as a trusted 3rd party In-Reply-To: <20120123142403.GA15443@IUPUI.Edu> References: <20120121181214.GS11479@poseidon.cocyt.us> <169D1BF7-9257-478B-8012-9B54111E199B@orange-road.com> <20120123142403.GA15443@IUPUI.Edu> Message-ID: <4F1D806A.5040300@oneiroi.net> On 01/23/2012 03:24 PM, Mark H. Wood wrote: > On Sat, Jan 21, 2012 at 01:49:20PM -0800, Ken Hagler wrote: > > (...) > > I guess that the lesson is: don't assume. Find out for yourself > whether a CA is worthy of your trust, before trusting. Well, that could be a big challenge. In addition consider those: http://petsymposium.org/2010/papers/hotpets10-Soghoian.pdf http://googleonlinesecurity.blogspot.com/2011/08/update-on-attempted-man-in-middle.html https://bugzilla.mozilla.org/show_bug.cgi?id=682956 http://www.f-secure.com/weblog/archives/00002128.html https://blog.torproject.org/blog/diginotar-damage-disclosure http://www.links.org/?p=1196 ... And many, many more examples. There were discussions about x509 and CA's credibility or ability to perform their tasks. Not much to add here I think. -- Regards, Milo From hka at qbs.com.pl Mon Jan 23 17:34:46 2012 From: hka at qbs.com.pl (Hubert Kario) Date: Mon, 23 Jan 2012 17:34:46 +0100 Subject: Creating a key bearing no user ID In-Reply-To: References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1D15D3.8040500@sixdemonbag.org> Message-ID: <201201231734.50445.hka@qbs.com.pl> On Monday 23 of January 2012 16:35:45 Holger wrote: > 2012-01-23T03:09:55-05:00, Robert J. Hansen: > > > Keyserver SPAM is a straw-man argument. Yes, it's possible for an > > > address to be pulled from the key on a keyserver, in fact, I'm > > > convinced harvesting probably takes place. > > > > As am I. However, it should be pointed out that this is no reason to > > avoid using the keyservers. > > > > One of the best ways to evaluate a defensive mechanism is whether it can > > recover from a failure. Consider securing your home. A lock on the > > front door is good, but once the thief is in past your front door the > > lock is pointless. It can't recover from a failure. > > I'm not a fan of comparisons at all, but I'd say my e-mail address feels > more like my postal address, thus I tend to handle them similarly. > But wouldn't you replace or enforce the lock on your front door once s.o. > made it in? At least you would still keep locking it, wouldn't you? ; ) And there's a very good reson why you shouldn't be a fan of such comparisions: Unlike physical security, properly implemented cryptography is unbreakable at this time. All key types in wide use are completely broken: tumbler locks, Gerdas, etc. they can be made useless with only a little bit of know-how and few simple tools. The only known working attacks on cryptography use brute force: similar to going through the wall, when the doors with a lock are too big of an obstacle. Regards, -- Hubert Kario QBS - Quality Business Software 02-656 Warszawa, ul. Ksawer?w 30/85 tel. +48 (22) 646-61-51, 646-74-24 www.qbs.com.pl -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2346 bytes Desc: not available URL: From rjh at sixdemonbag.org Mon Jan 23 18:18:35 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 23 Jan 2012 12:18:35 -0500 Subject: Creating a key bearing no user ID In-Reply-To: <201201231734.50445.hka@qbs.com.pl> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1D15D3.8040500@sixdemonbag.org> <201201231734.50445.hka@qbs.com.pl> Message-ID: <4F1D966B.6030109@sixdemonbag.org> On 1/23/12 11:34 AM, Hubert Kario wrote: > And there's a very good reson why you shouldn't be a fan of such > comparisions: Unlike physical security, properly implemented > cryptography is unbreakable at this time. This, of course, handwaves the fact that cryptography more or less *can't* be implemented properly. As long as human beings are in the equation it will be misimplemented. Consider the NSA's VENONA project, which was able to break one-time pads when the KGB had a braino and reused key material. We're not talking about some high school student sharing a Facebook password with someone. This is the KGB, one of the most professional intelligence agencies that's ever existed. KGB agents were highly motivated to practice good tradecraft, because if they didn't they might get shot in the back of the head in the basement of the Lyubyanka. So even with the (substantial) organizational resources of the KGB, with the (significant) communications security training given to KGB field agents, with the (extreme) penalties for transgression, even then somebody was dumb enough to reuse a key pad. The lesson I take from this is that the phrase "properly implemented cryptography" is about as useful as talking about absolute zero. It's useful to show what the limit is, but it can never be reached, and anyone who believes they are immune to this is the lawful prey of those who know otherwise. From sandals at crustytoothpaste.net Mon Jan 23 17:52:17 2012 From: sandals at crustytoothpaste.net (brian m. carlson) Date: Mon, 23 Jan 2012 16:52:17 +0000 Subject: 1024 key with 2048 subkey: how affected? In-Reply-To: References: <4F1B8A6C.40401@sixdemonbag.org> Message-ID: <20120123165217.GC10912@crustytoothpaste.ath.cx> On Mon, Jan 23, 2012 at 02:18:54PM +0000, Chris Poole wrote: > If the only purpose of the primary key (in my case, where I have subkeys for > signing and encryption) is to sign the subkeys, why not simply make it stupidly > large? Equivalent to 256 bits with a symmetric cipher, or 512 bits? Because it's also used to sign other people's keys. Using a very large key (for 256-bit equivalence, ~15kbits) makes verification so slow as to be unusable. You have to not only verify signatures on other keys but also the signatures on the subkeys. This is less of a problem with implementations that verify signatures only once and then cache the results, but most implementations do not do that. Also, there's nothing preventing people from actually signing data with the primary key, so someone who is unfamiliar with your strategy might accidentally use a single, very large key. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 836 bytes Desc: Digital signature URL: From hka at qbs.com.pl Mon Jan 23 18:52:20 2012 From: hka at qbs.com.pl (Hubert Kario) Date: Mon, 23 Jan 2012 18:52:20 +0100 Subject: Creating a key bearing no user ID In-Reply-To: <4F1D966B.6030109@sixdemonbag.org> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <201201231734.50445.hka@qbs.com.pl> <4F1D966B.6030109@sixdemonbag.org> Message-ID: <201201231852.24802.hka@qbs.com.pl> On Monday 23 of January 2012 18:18:35 Robert J. Hansen wrote: > On 1/23/12 11:34 AM, Hubert Kario wrote: > > And there's a very good reson why you shouldn't be a fan of such > > comparisions: Unlike physical security, properly implemented > > cryptography is unbreakable at this time. > > This, of course, handwaves the fact that cryptography more or less > *can't* be implemented properly. As long as human beings are in the > equation it will be misimplemented. Consider the NSA's VENONA project, > which was able to break one-time pads when the KGB had a braino and > reused key material. > > We're not talking about some high school student sharing a Facebook > password with someone. This is the KGB, one of the most professional > intelligence agencies that's ever existed. KGB agents were highly > motivated to practice good tradecraft, because if they didn't they might > get shot in the back of the head in the basement of the Lyubyanka. So > even with the (substantial) organizational resources of the KGB, with > the (significant) communications security training given to KGB field > agents, with the (extreme) penalties for transgression, even then > somebody was dumb enough to reuse a key pad. > > The lesson I take from this is that the phrase "properly implemented > cryptography" is about as useful as talking about absolute zero. It's > useful to show what the limit is, but it can never be reached, and > anyone who believes they are immune to this is the lawful prey of those > who know otherwise. I didn't claim that any crypto is properly implemented. I did claim it is far easier to find unbreakable crypto than it is to create unbreakable physical security. If TLAs are involved, then still the first is only questionable while the second is simply imposible. Also, your example is flawed: any security scheme can be only as good as the key. Regards, -- Hubert Kario QBS - Quality Business Software 02-656 Warszawa, ul. Ksawer?w 30/85 tel. +48 (22) 646-61-51, 646-74-24 www.qbs.com.pl -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2346 bytes Desc: not available URL: From rjh at sixdemonbag.org Mon Jan 23 19:16:34 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 23 Jan 2012 13:16:34 -0500 Subject: 1024 key with 2048 subkey: how affected? In-Reply-To: References: <4F1B8A6C.40401@sixdemonbag.org> Message-ID: <4F1DA402.5040907@sixdemonbag.org> On 1/23/12 9:18 AM, Chris Poole wrote: > If the only purpose of the primary key (in my case, where I have subkeys for > signing and encryption) is to sign the subkeys How do you enforce that? If it is technically possible to sign a document with your primary key, then good luck telling a judge "no, Your Honor, this signature isn't valid, it was made with my primary key and I only use my signing subkey for documents." You may say the only purpose of the primary key is to sign the subkeys, but if it's technically possible for the primary key to sign documents then the purpose of the primary key is to sign documents. This is why I think it's kind of absurd to have a larger signing subkey than the primary key. The weak link in the chain is going to be the primary key. From rjh at sixdemonbag.org Mon Jan 23 20:25:24 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 23 Jan 2012 14:25:24 -0500 Subject: Creating a key bearing no user ID In-Reply-To: <201201231852.24802.hka@qbs.com.pl> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <201201231734.50445.hka@qbs.com.pl> <4F1D966B.6030109@sixdemonbag.org> <201201231852.24802.hka@qbs.com.pl> Message-ID: <4F1DB424.1070202@sixdemonbag.org> On 1/23/12 12:52 PM, Hubert Kario wrote: >>> And there's a very good reson why you shouldn't be a fan of such >>> comparisions: Unlike physical security, properly implemented >>> cryptography is unbreakable at this time. > > I didn't claim that any crypto is properly implemented. This is not what I read from your first statement. > I did claim it is far easier to find unbreakable crypto than it is to > create unbreakable physical security. If TLAs are involved, then > still the first is only questionable while the second is simply > imposible. This claim is false. There is no such thing as unbreakable crypto: it does not exist anywhere. If perfect physical security is impossible and perfect implementations are impossible, then they're both equally unrealistic and there's not a lick of difference between them. > Also, your example is flawed: any security scheme can be only as good > as the key. The example was not flawed. What you're seeing as a flaw is the point I was making, which is that there is no such thing as "properly implemented cryptography." As an example, GnuPG is certainly competently implemented cryptography, but nobody knows whether it is implemented correctly. Some years ago there was a critical bug with Elgamal signing keys (which is why we can no longer generate Elgamal signing keys: the feature was removed). No one considers this bug to be a reflection on the professionalism of the GnuPG developers: the bug was subtle, survived code review by many people, and could have arisen in any software development process. But the fact remains that Elgamal signatures in GnuPG were not implemented properly and the entire security of GnuPG-generated Elgamal signatures was in jeopardy as a result. If you believe GnuPG is "properly implemented," well, all right: but did you also believe that before the Elgamal bug? If you did, then apparently the mechanism by which you come to these conclusions is defective, and perhaps a little skepticism is warranted. The phrase "properly implemented cryptosystem" should never be used except in a context of skepticism that such a beast has ever existed, or could ever exist. From lists at chrispoole.com Mon Jan 23 20:49:04 2012 From: lists at chrispoole.com (Chris Poole) Date: Mon, 23 Jan 2012 19:49:04 +0000 Subject: 1024 key with 2048 subkey: how affected? In-Reply-To: <4F1DA402.5040907@sixdemonbag.org> References: <4F1B8A6C.40401@sixdemonbag.org> <4F1DA402.5040907@sixdemonbag.org> Message-ID: On Mon, Jan 23, 2012 at 6:16 PM, Robert J. Hansen wrote: > You may say the only purpose of the primary key is to sign the subkeys, > but if it's technically possible for the primary key to sign documents > then the purpose of the primary key is to sign documents. > > This is why I think it's kind of absurd to have a larger signing subkey > than the primary key. ?The weak link in the chain is going to be the > primary key. That makes sense, thanks. Chris From lists at chrispoole.com Mon Jan 23 20:50:20 2012 From: lists at chrispoole.com (Chris Poole) Date: Mon, 23 Jan 2012 19:50:20 +0000 Subject: 1024 key with 2048 subkey: how affected? In-Reply-To: <20120123165217.GC10912@crustytoothpaste.ath.cx> References: <4F1B8A6C.40401@sixdemonbag.org> <20120123165217.GC10912@crustytoothpaste.ath.cx> Message-ID: On Mon, Jan 23, 2012 at 4:52 PM, brian m. carlson wrote: > Because it's also used to sign other people's keys. ?Using a very large > key (for 256-bit equivalence, ~15kbits) makes verification so slow as to > be unusable. ?You have to not only verify signatures on other keys but > also the signatures on the subkeys. That was what I hadn't thought about. Thanks for bringing it to my attention. Cheers, Chris From John at enigmail.net Mon Jan 23 22:08:12 2012 From: John at enigmail.net (John Clizbe) Date: Mon, 23 Jan 2012 15:08:12 -0600 Subject: 1024 key with 2048 subkey: how affected? In-Reply-To: References: <4F1B8A6C.40401@sixdemonbag.org> <20120123165217.GC10912@crustytoothpaste.ath.cx> Message-ID: <4F1DCC3C.9050002@enigmail.net> Chris Poole wrote: > On Mon, Jan 23, 2012 at 4:52 PM, brian m. carlson > wrote: > >> Because it's also used to sign other people's keys. Using a very large >> key (for 256-bit equivalence, ~15kbits) makes verification so slow as to >> be unusable. You have to not only verify signatures on other keys but >> also the signatures on the subkeys. > > That was what I hadn't thought about. Thanks for bringing it to my attention. Just to point out an important data point on the key size front. To a degree, larger keys are better. However, 4096-bit RSA keys are never going to be a standard. http://lists.gnupg.org/pipermail/gnupg-users/2010-December/040103.html Depending on the source, a consensus seems to be forming that beyond a 2048 or 3072 bit modulus for DSA2 or RSA, folks need to switch to ECC. Larger and larger RSA keys aren't the solution, ECC is. The balance of power has tipped away from RSA and toward ECC. Feel free to ignore everything I've said. There's no reason you should trust me. But by all means, keep asking questions. But everything I've read agrees larger and larger RSA keys are not the path forward. -John -- John P. Clizbe Inet: John ( a ) Enigmail DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" From rjh at sixdemonbag.org Mon Jan 23 23:11:21 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 23 Jan 2012 17:11:21 -0500 Subject: 1024 key with 2048 subkey: how affected? In-Reply-To: <4F1DCC3C.9050002@enigmail.net> References: <4F1B8A6C.40401@sixdemonbag.org> <20120123165217.GC10912@crustytoothpaste.ath.cx> <4F1DCC3C.9050002@enigmail.net> Message-ID: <4F1DDB09.6040403@sixdemonbag.org> On 1/23/12 4:08 PM, John Clizbe wrote: > Depending on the source, a consensus seems to be forming that beyond > a 2048 or 3072 bit modulus for DSA2 or RSA, folks need to switch to > ECC. Emphatic agreement -- this is clarification, not dispute: A lot of people like to refer to _Applied Cryptography_ or _The Handbook of Applied Cryptography_ for information on algorithms, and for very good reason: they've generally got excellent information. They are also old books. _AC_ is coming up on twenty years old, for instance, and _HoAC_ isn't much younger. At the time these books were written the jury was still out on whether ECC had firm theoretical underpinnings. Nowadays the jury is back, and ECC is generally recognized as being as reputable as RSA, DSA or Elgamal. [1] ECC will be coming to OpenPGP sooner or later, and probably sooner. I'd be astonished if we didn't have ECC by, say, 2017. [1] You can thank Fermat for this. It turns out that proving Fermat's Last Theorem was instrumental in establishing the correctness of ECC. In 1995, Andrew Wiles proved the Taniyama-Shimura conjecture over semi-stable elliptic curves. This in turn proved Fermat's Last Theorem, and directly led to cryptographers having confidence in elliptical curve cryptography. So the next time someone presents Fermat's Theorem as a mathematical curiosity with no practical purpose, tell them the next generation of encryption algorithms begs to differ... From expires2012 at rocketmail.com Tue Jan 24 00:23:10 2012 From: expires2012 at rocketmail.com (MFPA) Date: Mon, 23 Jan 2012 23:23:10 +0000 Subject: Creating a key bearing no user ID In-Reply-To: References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> Message-ID: <1324485835.20120123232310@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Monday 23 January 2012 at 3:04:45 PM, in , Holger wrote: > Please simply accept that it's an issue for me as well > as many others. Harvesting is supereasy: full keydumps > are readily available. It sounds like you value the flavour of privacy that could be afforded by a scheme involving the use of hashes in UIDs to protect names and email addresses. Such a scheme would (for example) allow somebody with one of your email addresses to locate your key, but would not allow somebody to devine your names or email addresses by inspecting your key. An extension would be required to allow GnuPG to locate keys using both the hash and the plaintext string simultaneously. Suggestions like this tend to get lambasted because they do not enhance security, and privacy appears to be seen as unimportant. - -- Best regards MFPA mailto:expires2012 at rocketmail.com Live your life as though every day it was your last. -----BEGIN PGP SIGNATURE----- iQCVAwUBTx3r5aipC46tDG5pAQpDIgQArkukbT5Jgj+eCVudxfuUfOrDDcyI7Dh1 ACn2HFlPDoVXd27AlK7uilmPB/aQEQQqWtK5SJNDe2F5fq06s9Y2Nq4oXR3yEfF5 DpPrFFxC533Sa9mVTpL2xgj/nIezLWvoPrrC3aUCBC1X9qhpY2lYI89MQ9VRZ1wg FBMZ58+QI8I= =Kv7v -----END PGP SIGNATURE----- From expires2012 at rocketmail.com Mon Jan 23 23:52:27 2012 From: expires2012 at rocketmail.com (MFPA) Date: Mon, 23 Jan 2012 22:52:27 +0000 Subject: Protecting IDs at a key signing party In-Reply-To: <4F1B35CF.1000008@sixdemonbag.org> References: <201012081420.14986.hankivy@hot.rr.com> <4CFFFE7A.6010704@sixdemonbag.org> <201012082335.11639.mailinglisten@hauke-laging.de> <87y67ysxb9.fsf@gnupg.org> <20120119013837.GC23672@groupw.cns.vt.edu> <299056246.20120121135839@my_localhost> <4F1B35CF.1000008@sixdemonbag.org> Message-ID: <1688206189.20120123225227@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Saturday 21 January 2012 at 10:01:51 PM, in , Robert J. Hansen wrote: > If they want to mess with you, they don't need your > permission. As is, you've explicitly asked them, > "would you please sign certificate 0xDEADBEEF, > fingerprint so-and-so, here's my credentials." True. > Then > they're signing it with *their* certificate, backed up > by credentials that you yourself checked. Except that you have no way of knowing if the certificate they use to sign the key will contain UIDs related to the credentials you were shown, or something completely different. > How is this a problem? > You've been making hay out of this for years and I've > yet to see any realistic example of this being a > problem. Please present one. People being rude, insensitive, and potentially insulting, *is* a problem. Not related to security but still a problem. If it were possible to enforce the "keyserver-no-modify" flag, this problem might well disappear. >> More importantly, they are signing UIDs that may well >> contain email addresses, without actually verifying >> that you "control" those email addresses. > Likewise, regarding making hay and a complete lack of > realistic examples. Are you suggesting it is sensible to check a person's name against government-issued documents but to attempt any verification of email addresses? - -- Best regards MFPA mailto:expires2012 at rocketmail.com A candle loses nothing by lighting another candle -----BEGIN PGP SIGNATURE----- iQCVAwUBTx3ksqipC46tDG5pAQrAQgQAnDBspHgabHHXQL7/M7ZRBPp8GjSau4Nd uwl4BK5HsS/L0BwOyJ0mE1tYl6vaXYFsx4PjqgIsAtgL+t31NDHwGylo69jWls4q tDCJ3g2TNZjmACdcZ46/sp0SWT6/185SJqK8/TcS4SuUUpuXN5bHYeHZk4malUzB gISjtERTmYk= =8fr3 -----END PGP SIGNATURE----- From rjh at sixdemonbag.org Tue Jan 24 01:22:49 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 23 Jan 2012 19:22:49 -0500 Subject: Creating a key bearing no user ID In-Reply-To: <1324485835.20120123232310@my_localhost> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <1324485835.20120123232310@my_localhost> Message-ID: <4F1DF9D9.8070109@sixdemonbag.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 1/23/12 6:23 PM, MFPA wrote: > Suggestions like this tend to get lambasted because they do not > enhance security, and privacy appears to be seen as unimportant. Not in the slightest. The idea is certainly worthwhile. It's just that there's no implementation of it, nor even a solid idea of how to implement it. If we're going to play a game of "wouldn't it be nice if," I'd like honest politicians, stronger beer, and lower taxes. I am skeptical that such a thing can be done, and for that reason elect to not spend time on it. But please don't misrepresent my position, or that of others who share my position, as believing that "privacy is unimportant." -----BEGIN PGP SIGNATURE----- iFYEAREIAAYFAk8d+dkACgkQI4Br5da5jhDawgDfdL3cOL3u6zHr4plxfmkz+iRa CJ1ATZTP48/uAQDdG9yBhRDtJg+5NLzT+rZ45bmovlO9AmrPlp1yhA== =e6BB -----END PGP SIGNATURE----- From rjh at sixdemonbag.org Tue Jan 24 01:25:53 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 23 Jan 2012 19:25:53 -0500 Subject: Protecting IDs at a key signing party In-Reply-To: <1688206189.20120123225227@my_localhost> References: <201012081420.14986.hankivy@hot.rr.com> <4CFFFE7A.6010704@sixdemonbag.org> <201012082335.11639.mailinglisten@hauke-laging.de> <87y67ysxb9.fsf@gnupg.org> <20120119013837.GC23672@groupw.cns.vt.edu> <299056246.20120121135839@my_localhost> <4F1B35CF.1000008@sixdemonbag.org> <1688206189.20120123225227@my_localhost> Message-ID: <4F1DFA91.5030401@sixdemonbag.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 1/23/12 5:52 PM, MFPA wrote: >> If they want to mess with you, they don't need your permission. >> As is, you've explicitly asked them, "would you please sign >> certificate 0xDEADBEEF, fingerprint so-and-so, here's my >> credentials." > > True. > >> Then they're signing it with *their* certificate, backed up by >> credentials that you yourself checked. > > Except that you have no way of knowing if the certificate they use > to sign the key will contain UIDs related to the credentials you > were shown, or something completely different. If you need to know the certificate they use to sign your certificate contains UIDs related to the credentials you were shown, then you need to stop using OpenPGP. You literally cannot get this level of assurance. Anyone can sign your certificate and share it with someone else, and there's no way to change that. -----BEGIN PGP SIGNATURE----- iFYEAREIAAYFAk8d+pEACgkQI4Br5da5jhALlQDfQMFghC+RO51auWibZaJa4vDd fuMyGblKWjtuXQDgovK6RMgmD5C4TI2DtVV6ocFECwkCNtpNnw0Zgw== =LO82 -----END PGP SIGNATURE----- From dkg at fifthhorseman.net Tue Jan 24 16:21:35 2012 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Tue, 24 Jan 2012 10:21:35 -0500 Subject: Why hashed User IDs is not the solution to User ID enumeration (was: Re: Creating a key bearing no user ID) In-Reply-To: <1324485835.20120123232310@my_localhost> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <1324485835.20120123232310@my_localhost> Message-ID: <4F1ECC7F.6060108@fifthhorseman.net> On 01/23/2012 06:23 PM, MFPA wrote: > It sounds like you value the flavour of privacy that could be afforded > by a scheme involving the use of hashes in UIDs to protect names and > email addresses. Such a scheme would (for example) allow somebody with > one of your email addresses to locate your key, but would not allow > somebody to devine your names or email addresses by inspecting your > key. An extension would be required to allow GnuPG to locate keys > using both the hash and the plaintext string simultaneously. What you're looking to do with this proposed hashed-user-id scheme is to find a way to avoid allowing people to enumerate e-mail addresses or User IDs from the data contained on the keyservers. Right? I'd also like to be able to do that, but i don't think hashed-user-ids is an effective way. Here's why: I worked for a while with a group of people (several of the other monkeysphere devs) to spec something like this out, to try to address this very issue. However, after thinking about the various possible solutions, and reading more, i started to think this all smelled very similar to another problem: DNSSEC zone enumeration. DNSSEC zone enumeration is a byproduct of the way that NXDOMAIN responses must be signed in order to be provable; the original proposal required the signed NXDOMAIN response to indicate the range of names which were excluded. this makes it easy for an attacker to jump from name to name via NXDOMAIN records, and enumerate all records in the zone. So far, this looks very much like the current keyservers, which allow for trivial enumeration of IDs. DNSSEC tried to fix this with NSEC3 records, which work differently; instead of listing the boundaries of the requested NXDOMAIN range, they listed the boundaries in a hashed space. that is, instead of saying "there are no records of any type between bar.example.com and foo.example.com", they say "there are no records of any type whose labels hash to somethng between 8a367d741d7a9a904ef6f92fd99de3d57ded1203 and cb17eb75226ca198afec4ea1170f02fade354e3e". So now, the attacker who wants to enumerate the zone has to reverse the hash to uncover the endpoints. The trouble is that domain names (and e-mail addresses, and human names) are very low-entropy things, and actually are pretty easy to enumerate and test. Dan Bernstein wrote a tool called NSEC3walker that can practically enumerate a DNSSEC-signed zone that uses NSEC3 records, using pretty low-end hardware, and doing few network queries: http://dnscurve.org/nsec3walker.html A comparable tool could be made to attack any sort of hashed-user-ids scheme, which means that anyone who wants to harvest or enumerate addresses this way could probably do it. Certainly, the bar is raised for User ID enumeration, but only slightly. So, as someone who was similarly eager for such a scheme, i have to ask myself: does the marginal gain in address-enumeration-protection outweigh the costs in complexity and confusion that the scheme adds? Certainly, the keyservers will continue to support non-digested User IDs, so now tools will need to be able to handle both of them; we'll also need a policy for end-user agents to answer questions like "when looking up this e-mail address, do i send it only in digested form to the keyservers for lookup? or do i send it in cleartext form as well, thereby leaking the e-mail address to the keyserver operators (and to anyone on the network path)? How do we explain or expose policy questions like that to users who already struggle with the concepts behind OpenPGP? or do we modify the keyservers themselves to index digested forms of cleartext User IDs, and respond to digest lookups with cleartext responses, thereby turning the keyservers into a digest-reversing oracle for those non-hashed User IDs which exist? Ultimately, i don't think the tradeoffs for this scheme are worthwhile for the marginal and limited gain that the proposal provides. I'd love to find a solution to the User ID enumeration problem, but i don't think hashed-user-ids is it. Regards, --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1030 bytes Desc: OpenPGP digital signature URL: From telegraph at gmx.net Tue Jan 24 17:25:17 2012 From: telegraph at gmx.net (Gregor Zattler) Date: Tue, 24 Jan 2012 17:25:17 +0100 Subject: Using root CAs as a trusted 3rd party In-Reply-To: <4F1C28CA.9020303@lists.grepular.com> References: <20120121181214.GS11479@poseidon.cocyt.us> <20120122024941.GA29598@poseidon.cocyt.us> <4F1C28CA.9020303@lists.grepular.com> Message-ID: <20120124162517.GA5054@shi.workgroup> Hi Mike, gnupg users, * gnupg at lists.grepular.com [22. Jan. 2012]: [...] > I sometimes wonder if the traditional public web of trust is even a good > idea. Are you happy to be associated with everybody you've signed the > key of and those who have signed yours? Are you sure that none of these > people will do anything in the future which might cause these public > associations to become a problem for you? When I sign a key a make a statement that I checked somehow that the key "belongs to" a specific person P. I might make further claims via a notation or a policy url but I don't have to. Merely stating that I proved someones identity of P should not mean anything else. But you are right, perhaps in the future P will be known to be a christ|communist|murderer|free software user|... and some government|churches|militia|... may come after me because I had dealings with such a person. But this might also happen because I am neighbour to P1 or was in school with P2 or even more problematic, because this christ|communist|devil|free software user|... might be me. And especially in the later case I would be happy if at least freedom loving free software users stand against inhuman and morally wrong accusations. Signing a key means signing a key. And we should fight for that if anyone gets in trouble because of it. Ciao, Gregor -- -... --- .-. . -.. ..--.. ...-.- From faramir.cl at gmail.com Tue Jan 24 19:13:46 2012 From: faramir.cl at gmail.com (Faramir) Date: Tue, 24 Jan 2012 15:13:46 -0300 Subject: Using root CAs as a trusted 3rd party In-Reply-To: <20120121215011.GC12880@shi.workgroup> References: <20120121181214.GS11479@poseidon.cocyt.us> <20120121215011.GC12880@shi.workgroup> Message-ID: <4F1EF4DA.4020301@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 El 21-01-2012 18:50, Gregor Zattler escribi?: > Hi Aaron, gnupg users, * Aaron Toponce > [21. Jan. 2012]: >> I just signed an OpenPGP key with cert level 0x12 (casual >> checking) given the following scenario: >> >> * A PGP key was signed by an SSL certificate that was signed by a >> root CA * I verified that the signature was indeed from that root >> CA. * I striped the signature, and imported the PGP key. * I then >> signed the key, exported, and sent back. >> >> What are your thoughts on using root CAs as a trusted 3rd party >> for trusting that a key is owned by whom it claims? Of course, >> this is merely for casual checking, but it seems to be "good >> enough". > > IMHO by signing a key you make a statement about the connection > between a person or owner and the user id you sign, saying "I > somehow convinced myself that user owns this key". This only makes > sense if you have some insight into the matter that a person which > is confronted with the key only cannot have. Your signature should > add some information. Merely saying I'm convinced that the user is > the owner/originator of the key because someone else already signed > this key, does not make much sense to me. I think you should have > added a notation explaining you reasoning. Well, if Trent signs Alice key, Bob, who trust Trent, might sign her key too. Charly doesn't know Trent, but he trusts Bob's judgement, so he might accept Alice's key as valid, not because of Trent's signature, but because of Bob's signature. Also, maybe Trent only signs keys if 2 persons have checked it, but he just sign it once, that signature doesn't reflect the amount of people having checked it. Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJPHvTaAAoJEMV4f6PvczxAAjQIAIPfzIApPoR+FWibTqvp6Ijl 7i3YB5lvP7HpsLdpcA9To4XlmBXVuaPH4u+eJr/d8dOIJ/qCEgJnkaPamG/bXOU3 AobiXY0B0/mpF809vpF3+cNY+8PVTPVeWz66BrBzfVg9CVOUo+fhygChfyPTrEDw BL+fjowHmdliUhF8jDvw3Em2Oa+wcugImNnmTKncr3Qj1Kmp3UtVOSLQD5tbia3c SzHQ8nAHFgEbjpE3To+UjcXaBfd3kQnZ2WKKdcJdjxFscd0lvSj0dkj5jAnpWZZH xKoLE8ljvfSZOk73v5vxLENj4xWBOUJopi+bzaN4ZjTEMmUV0DOnh93C0QBTceQ= =gy8V -----END PGP SIGNATURE----- From sandals at crustytoothpaste.net Tue Jan 24 20:26:15 2012 From: sandals at crustytoothpaste.net (brian m. carlson) Date: Tue, 24 Jan 2012 19:26:15 +0000 Subject: Using root CAs as a trusted 3rd party In-Reply-To: <4F1EF4DA.4020301@gmail.com> References: <20120121181214.GS11479@poseidon.cocyt.us> <20120121215011.GC12880@shi.workgroup> <4F1EF4DA.4020301@gmail.com> Message-ID: <20120124192615.GB67490@crustytoothpaste.ath.cx> On Tue, Jan 24, 2012 at 03:13:46PM -0300, Faramir wrote: > Well, if Trent signs Alice key, Bob, who trust Trent, might sign her > key too. Charly doesn't know Trent, but he trusts Bob's judgement, so > he might accept Alice's key as valid, not because of Trent's > signature, but because of Bob's signature. Also, maybe Trent only > signs keys if 2 persons have checked it, but he just sign it once, > that signature doesn't reflect the amount of people having checked it. This is why OpenPGP implementations have trust settings. If Bob trusts Trent's assertions, then he can give Trent full trust and Bob's implementation will believe that Alice's key belongs to Alice. There's no need to sign the key. If I truly believe that a key belongs to someone that I have seen use it for several years and that is trusted by numerous other people, but I have not verified the connection between that person's identity and key myself, I use a local signature. That way I don't have other people rely on my assertion if I haven't done the amount of checking that I would like to before making a public statement. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 836 bytes Desc: Digital signature URL: From faramir.cl at gmail.com Tue Jan 24 22:10:35 2012 From: faramir.cl at gmail.com (Faramir) Date: Tue, 24 Jan 2012 18:10:35 -0300 Subject: Using root CAs as a trusted 3rd party In-Reply-To: <20120124192615.GB67490@crustytoothpaste.ath.cx> References: <20120121181214.GS11479@poseidon.cocyt.us> <20120121215011.GC12880@shi.workgroup> <4F1EF4DA.4020301@gmail.com> <20120124192615.GB67490@crustytoothpaste.ath.cx> Message-ID: <4F1F1E4B.6020700@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 El 24-01-2012 16:26, brian m. carlson escribi?: > On Tue, Jan 24, 2012 at 03:13:46PM -0300, Faramir wrote: >> Well, if Trent signs Alice key, Bob, who trust Trent, might sign >> her key too. Charly doesn't know Trent, but he trusts Bob's >> judgement, so he might accept Alice's key as valid, not because >> of Trent's ... > This is why OpenPGP implementations have trust settings. If Bob > trusts Trent's assertions, then he can give Trent full trust and > Bob's implementation will believe that Alice's key belongs to > Alice. There's no need to sign the key. But Charly doesn't have Trent's key in his keyring, he doesn't even know about Trent. So if Bob doesn't sign Alice's key, Charly won't consider it valid. He will see the signature issued by an unknown key (Trent's), and that is all. Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJPHx5LAAoJEMV4f6PvczxAFh8H/0AQVJ8hDV63a6DTukz/wymT sARdhUsGEufW1VbyNx5nR6luHkXv/omYckM6JzV+om4MYnGS0ZChV9bTyfWWvJAo SAxhuht8Ees4ocK/0U4/gcEJAIzwGJd/RpjPMbyENbvtOofwjzIqU92GixSIu6iT pruCU3y1JhIE5q6LZ7d0jWs6ycdkbj+o0OVcrfHD0aTsoSEFkQkAtsvzVqIxnKy3 y/BY6+yz6BcaYWvE0WnB/fOZb9fobHwTrl1aSMn0WuewU3HlJN3dvtNueB3JYlOM DN9sx5G+h1yY0mJoLRYAZj85RCL7KZ0kLDrcHEby/4ueOKitfN0H4xRVLZbHdYA= =osi/ -----END PGP SIGNATURE----- From gnupg at lists.grepular.com Tue Jan 24 22:45:10 2012 From: gnupg at lists.grepular.com (gnupg at lists.grepular.com) Date: Tue, 24 Jan 2012 21:45:10 +0000 Subject: Forcing use of software pinentry instead of hardware pinpad Message-ID: <4F1F2666.1070201@lists.grepular.com> I've got myself an SPR-532 smart card reader. It's working fine on my Ubuntu laptop with my OpenPGP card. It makes very noisy beeping sound effects when using the pinpad though. I was planning on using it in an office environment, but the noise would draw unwanted attention and annoy people... I haven't been able to find any information on disabling the sound effects it produces. Maybe that's simply not possible. Would it be possible to use this reader and enter the pin in software, using pinentry, instead of the hardware pinpad? The pinpad part of the reader was a bonus, but it's not essential for my purposes... -- Mike Cardwell https://grepular.com/ http://cardwellit.com/ OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 598 bytes Desc: OpenPGP digital signature URL: From mailinglisten at hauke-laging.de Wed Jan 25 01:17:44 2012 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Wed, 25 Jan 2012 01:17:44 +0100 Subject: Forcing use of software pinentry instead of hardware pinpad In-Reply-To: <4F1F2666.1070201@lists.grepular.com> References: <4F1F2666.1070201@lists.grepular.com> Message-ID: <201201250117.45104.mailinglisten@hauke-laging.de> Am Dienstag, 24. Januar 2012, 22:45:10 schrieb gnupg at lists.grepular.com: > Would it be > possible to use this reader and enter the pin in software, using > pinentry, instead of the hardware pinpad? scdaemon knows the option --disable-keypad Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 555 bytes Desc: This is a digitally signed message part. URL: From mailinglisten at hauke-laging.de Wed Jan 25 02:24:16 2012 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Wed, 25 Jan 2012 02:24:16 +0100 Subject: Using root CAs as a trusted 3rd party In-Reply-To: <4F1F1E4B.6020700@gmail.com> References: <20120121181214.GS11479@poseidon.cocyt.us> <20120124192615.GB67490@crustytoothpaste.ath.cx> <4F1F1E4B.6020700@gmail.com> Message-ID: <201201250224.17036.mailinglisten@hauke-laging.de> Am Dienstag, 24. Januar 2012, 22:10:35 schrieb Faramir: > > This is why OpenPGP implementations have trust settings. If Bob > > trusts Trent's assertions, then he can give Trent full trust and > > Bob's implementation will believe that Alice's key belongs to > > Alice. There's no need to sign the key. > > But Charly doesn't have Trent's key in his keyring, he doesn't even > know about Trent. So if Bob doesn't sign Alice's key, Charly won't > consider it valid. He will see the signature issued by an unknown key > (Trent's), and that is all. You completely change the semantics and use of the web of trust. IMHO that cannot be good. Charly can check all keys of the unknown signatures. After downloading Trent's key he finds Bob's signature and can make a decision about the trust path. Network systems like the web of trust can only work of all (or: most) people act in the same way. Do you suggest that every key gets 90 instead of (I guess) today's 10 because everyone signs his (trustedly) indirect contacts? Without any chance to tell direct and indirect signatures apart? What about revocations? Let's assume that Trent revokes his signature for Alice. Is Bob going to check that regularly? Probably not. Then Charly would trust the key due to Bob's signature though Bob himself does not trust it any more! At least not when thinking about it. And as Bob's signature does not even tell a third party which direct(?) signature made him certify the key, the third party cannot check whether the respective certification has been revoked. This behaviour would kill both trust depth and signature counting. A configuration like "Trust the key if it has five maginally trusted certifications" does not make any sense any more if one signature can become five that easily by everyone making indirect certifications. How can Bob know whether Trent has really verified the key or just certified it because he found a signature by Peter? This is neverending. In the end probably every key in the wild would be certified by ALL active keys. Why? Because most OpenPGP users should be connected somehow (no matter how many levels in between) and the result of such behaviour would be a flat signature space. Terrible. The value of a signature would drop to nearly zero (without checking for a policy URL and the policy description there). Is that what you want? This would not be a problem at all if the meaning of a certain signature would be clear. As I mentioned several times in earlier threads I would love to have a standard set of detailed signature notations for explaining the meaning of a certification (because applications could be configured to treat standardized notations differently). One of the notations could be direct vs. indirect. Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 555 bytes Desc: This is a digitally signed message part. URL: From John at enigmail.net Wed Jan 25 05:10:34 2012 From: John at enigmail.net (John Clizbe) Date: Tue, 24 Jan 2012 22:10:34 -0600 Subject: Creating a key bearing no user ID In-Reply-To: <1324485835.20120123232310@my_localhost> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <1324485835.20120123232310@my_localhost> Message-ID: <4F1F80BA.6010108@enigmail.net> MFPA wrote: > On Monday 23 January 2012 at 3:04:45 PM, Holger wrote: > >> Please simply accept that it's an issue for me as well as many others. >> Harvesting is supereasy: full keydumps are readily available. Yep, Full keydumps are readily available. http://www.keysigning.org/sks/ Yep, harvesting is is easy. Anyone with a journeyman knowledge of perl and can Google a regexp to match mail email addresses can do it. While a case can be made that harvesting does occur. Several friends believe it occurs as do I. However, testing I did a few years ago found the amount of SPAM attributable to a key on a keyserver was not significantly different from that received as just random SPAM noise from an unused ISP account. I've seen no volume of SPAM since then to challenge that conclusion. Sending a message to an email list such as this will likely result in at least an order of magnitude more SPAM than that attributable to the, IMO apocryphal, bogeyman of keyserver harvesting. > It sounds like you value the flavour of privacy that could be afforded by a scheme involving the use of hashes in UIDs to protect names and email addresses. Such a scheme would (for example) allow somebody with one of your email addresses to locate your key, but would not allow somebody to devine your names or email addresses by inspecting your key. An extension would be required to allow GnuPG to locate keys using both the hash and the plaintext string simultaneously. I wondered when this regular exercise in sadoequinecrophilia would appear. :-( The same issues remain untouched just like the countless other times you've brought up this idea. What are it specifications? Is there any support from the IETF OpenPGP working group? Is there an implementation of your idea? Endlessly and tirelessly repeating the same "Wouldn't it be nice if...," without addressing the issues posed and the questions asked only marks one as a crank or a bore. While we're at it, I'd like low-priced dark beer, a smart good-looking gingerbear boyfriend, and, of course, whirled peas. > Suggestions like this tend to get lambasted because they do not > enhance security, and privacy appears to be seen as unimportant. The ceaseless implication that those who do not agree with your ideas believe that privacy is unimportant is insulting to those who actively work producing code to enhance individual and corporate privacy. Just stop it. Changes to security software that do not increase security are to be examined under heightened scrutiny -- complicating the codebase allows errors to hide. I don't presently support this idea because the questions I've asked about it have yet to be answered. I'm skeptical that I'm ever going to get the details. The idea may have merit -- but most of us have yet to see that merit. I as others are unconvinced that this idea will work, the interoperability and user impact questions remain unanswered. -John (Replies _ONLY_ to the list, please.) -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" From rjh at sixdemonbag.org Wed Jan 25 05:35:35 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 24 Jan 2012 23:35:35 -0500 Subject: Creating a key bearing no user ID In-Reply-To: <4F1F80BA.6010108@enigmail.net> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> Message-ID: <4F1F8697.8040206@sixdemonbag.org> On 1/24/2012 11:10 PM, John Clizbe wrote: > However, testing I did a few years ago found the amount of SPAM attributable to > a key on a keyserver was not significantly different from that received as just > random SPAM noise from an unused ISP account. My own experience may be worth mentioning. I had (have) an email account that's only ever mentioned in one place, on a certificate of mine. For several weeks it received no spam, and then in the space of a couple of days the spam volume was indistinguishable from any other account. My conclusion from this is once the spammers know they have a hit, they share your email address quickly. The deluge goes from "a trickle" to "a firehose" in the space of a day or two. > The same issues remain untouched just like the countless other times you've > brought up this idea. What are it specifications? Is there any support from the > IETF OpenPGP working group? Is there an implementation of your idea? While these questions are certainly apt, I'd like to see a firm theoretical foundation for the idea. We don't have a solid theory for how to achieve MFPA's desired end. Until we do, I think all discussion about implementation is premature. Without a strong theoretical foundation, talk about blinded hashes of email addresses is sort of like talk about perpetual motion machines: yes, it would be lovely to have them, but we don't have the first clue how to do it. The burden is not on the critics of these ideas to prove they are impossible: the burden is on the advocates of these ideas to show they are possible. Casting aspersions as to the motives of critics puts one in the same ranks as cancer cure quacks who defend themselves against their critics in mainstream oncology by saying, "well, of course they want you to stay sick." From gnupg at lists.grepular.com Wed Jan 25 10:54:22 2012 From: gnupg at lists.grepular.com (gnupg at lists.grepular.com) Date: Wed, 25 Jan 2012 09:54:22 +0000 Subject: Forcing use of software pinentry instead of hardware pinpad In-Reply-To: <201201250117.45104.mailinglisten@hauke-laging.de> References: <4F1F2666.1070201@lists.grepular.com> <201201250117.45104.mailinglisten@hauke-laging.de> Message-ID: <4F1FD14E.8000004@lists.grepular.com> On 25/01/12 00:17, Hauke Laging wrote: >> Would it be >> possible to use this reader and enter the pin in software, using >> pinentry, instead of the hardware pinpad? > > scdaemon knows the option --disable-keypad That works perfectly. Thank you. -- Mike Cardwell https://grepular.com/ http://cardwellit.com/ OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 598 bytes Desc: OpenPGP digital signature URL: From peter at digitalbrains.com Wed Jan 25 11:42:36 2012 From: peter at digitalbrains.com (Peter Lebbing) Date: Wed, 25 Jan 2012 11:42:36 +0100 Subject: Keyserver spam experiment Message-ID: <4F1FDC9C.4010806@digitalbrains.com> Hello list, The topic of keyserver spam came up again. This seemed like a good moment to mention the results of a little experiment. On March the 18th of 2011, a little under a year ago, I created a bogus OpenPGP key and uploaded it to the keyserver. The UID of the key has an e-mail address that is 42 random letters and numbers @digitalbrains.com. I wanted to see how much spam it would attract. Obviously, I could not tell anyone, because someone might disclose the address to spammers for his or her own reasons. The experiment is now, by this mail, tainted :). I have received exactly one(!) spam mail. The headers will follow later. That's only one spam mail in almost a year. I chose 42 random letters and numbers to not get caught by an e-mail address generator that generates likely e-mail addresses to spam. I only wanted it to get picked up by a keyserver harvester. Now somebody might say: that harvester might filter out a weird e-mail address with the local part a string of 42 letters. I don't think so; sending spam is dirt cheap, why filter when you might miss a target for your spam? Obviously I did not filter out spam for this address. But I forgot to turn off two things: - If the SMTP envelope has a FROM address @digitalbrains.com that does not exist (anymore), the mail is denied. - On Jun 16th, I started rejecting mails that had 4 or more recipients in the SMTP envelope that did not exist (anymore). Oh, and I also have no direct control over the backup mail relays for my domain; they filter out spam as well. And I sometimes see spam coming in through a backup mail relay while the primary mail server is online, so some spammers use backup relays even when the main host is not down. I think I addressed the most important things. So here come the headers of the spam message I received on Jul 13th last year. I removed the e-mail address so the experiment can keep running, albeit slightly tainted. Please don't mention the address on the mailing list :). ------------8<--------------------cut here---------------------->8-------------- Return-path: Envelope-to: [...]@digitalbrains.com Delivery-date: Wed, 13 Jul 2011 23:18:09 +0200 Received: from Debian-exim by butters.digitalbrains.com with spam-scanned (Exim 4.75) (envelope-from ) id 1Qh6om-0003sz-15 for [...]@digitalbrains.com; Wed, 13 Jul 2011 23:18:09 +0200 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on butters.digitalbrains.com X-Spam-Flag: YES X-Spam-Level: ******************************************* X-Spam-Status: Yes, score=43.3 required=5.0 tests=ADVANCE_FEE_2_NEW_MONEY, ADVANCE_FEE_3_NEW,ADVANCE_FEE_3_NEW_MONEY,ADVANCE_FEE_4_NEW, ADVANCE_FEE_4_NEW_MONEY,ADVANCE_FEE_5_NEW,ADVANCE_FEE_5_NEW_MONEY,BAYES_50, DATE_IN_FUTURE_12_24,FM_LOTTO_YOU_WON,FORGED_MUA_OUTLOOK, FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,FREEMAIL_REPLYTO,FROM_MISSPACED, FROM_MISSP_EH_MATCH,FROM_MISSP_FREEMAIL,FROM_MISSP_MSFT,FROM_MISSP_REPLYTO, FROM_MISSP_URI,FROM_MISSP_USER,FSL_CTYPE_WIN1251,FSL_NEW_HELO_USER,FSL_UA, FSL_XM_419,HK_LOTTO,LOTS_OF_MONEY,LOTTO_AGENT,MISSING_MID,MONEY_FRAUD_3, MONEY_FRAUD_5,MONEY_FROM_MISSP,MONEY_LOTTERY,NSL_RCVD_FROM_USER,SPF_SOFTFAIL, SUBJ_ALL_CAPS,TO_NO_BRKTS_FROM_MSSP,TO_NO_BRKTS_MSFT,T_TO_NO_BRKTS_FREEMAIL, US_DOLLARS_3 autolearn=spam version=3.3.1 X-Spam-Report: * 0.8 FSL_CTYPE_WIN1251 Content-Type only seen in 419 spam * 0.0 FSL_XM_419 Old OE version in X-Mailer only seen in 419 spam * 2.4 NSL_RCVD_FROM_USER Received from User * 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider * (bexleylotto03[at]yahoo.co.jp) * 0.7 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) * 1.5 SUBJ_ALL_CAPS Subject is all capitals * 3.2 DATE_IN_FUTURE_12_24 Date: is 12 to 24 hours after Received: date * 0.1 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in * digit (bexleylotto03[at]yahoo.co.jp) * 0.0 LOTTO_AGENT BODY: Claims Agent * 1.8 US_DOLLARS_3 BODY: Mentions millions of $ ($NN,NNN,NNN.NN) * 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% * [score: 0.5001] * 0.3 FSL_UA FSL_UA * 0.5 MISSING_MID Missing Message-Id: header * 0.0 LOTS_OF_MONEY Huge... sums of money * 1.5 FROM_MISSP_MSFT From misspaced + supposed Microsoft tool * 3.6 HK_LOTTO HK_LOTTO * 2.0 FSL_NEW_HELO_USER FSL_NEW_HELO_USER * 1.7 FROM_MISSP_USER From misspaced, from "User" * 1.4 FROM_MISSPACED From: missing whitespace * 1.5 MONEY_FROM_MISSP Lots of money and misspaced From * 2.4 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different * freemails * 0.6 FROM_MISSP_REPLYTO From misspaced, has Reply-To * 2.1 TO_NO_BRKTS_FROM_MSSP Multiple formatting errors * 3.2 FROM_MISSP_EH_MATCH From misspaced, matches envelope * 1.4 MONEY_LOTTERY Lots of money from a lottery * 3.3 FM_LOTTO_YOU_WON Talks about lotto and you won! * 0.0 FROM_MISSP_URI From misspaced, has URI * 1.2 TO_NO_BRKTS_MSFT To: misformatted and supposed Microsoft tool * 0.0 ADVANCE_FEE_4_NEW Appears to be advance fee fraud (Nigerian 419) * 0.6 ADVANCE_FEE_5_NEW Appears to be advance fee fraud (Nigerian 419) * 1.9 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook * 0.0 ADVANCE_FEE_3_NEW Appears to be advance fee fraud (Nigerian 419) * 0.0 ADVANCE_FEE_4_NEW_MONEY Advance Fee fraud and lots of money * 0.0 ADVANCE_FEE_5_NEW_MONEY Advance Fee fraud and lots of money * 0.4 ADVANCE_FEE_3_NEW_MONEY Advance Fee fraud and lots of money * 1.5 ADVANCE_FEE_2_NEW_MONEY Advance Fee fraud and lots of money * 0.0 T_TO_NO_BRKTS_FREEMAIL To: misformatted and free email service * 0.0 MONEY_FRAUD_5 Lots of money and many fraud phrases * 0.2 FROM_MISSP_FREEMAIL From misspaced + freemail provider * 0.9 MONEY_FRAUD_3 Lots of money and several fraud phrases Received: from mail.digitalbrains.com ([2001:980:141d::3]) by butters.digitalbrains.com with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.75) (envelope-from ) id 1Qh6ol-0003sw-Ug for [...]@digitalbrains.com; Wed, 13 Jul 2011 23:18:03 +0200 Received: from [118.224.1.233] (helo=entecnet.com) by mail.digitalbrains.com with smtp (Exim 4.72) (envelope-from ) id 1Qh6ol-0001bG-3M for [...]@digitalbrains.com; Wed, 13 Jul 2011 23:18:03 +0200 Received: from User ([46.166.137.117]) (envelope-sender ) by 118.224.1.233 with ESMTP for <[...]@digitalbrains.com>; Thu, 14 Jul 2011 05:17:32 +0800 Reply-To: From: "BEXLEY LOTTERY" To: [...]@digitalbrains.com Subject: AWARD NOTIFICATION. Date: Thu, 14 Jul 2011 05:21:11 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1251" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Message-Id: ------------8<--------------------cut here---------------------->8-------------- I've left in the headers added by SpamAssassin; SpamAssassin still scans this e-mail address, but no action is taken when the message is determined to be spam. Unfortunately, the way SpamAssassin is set up means that Exim gets the messages from SA in "submission mode". This means it fixes up messages to be valid RFC822 messages. It added the Message-Id in the last line. I don't think it changed any other headers. Greetings, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt From mailinglisten at hauke-laging.de Wed Jan 25 13:52:27 2012 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Wed, 25 Jan 2012 13:52:27 +0100 Subject: Creating a key bearing no user ID In-Reply-To: <4F1F80BA.6010108@enigmail.net> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> Message-ID: <201201251352.27764.mailinglisten@hauke-laging.de> Am Mittwoch, 25. Januar 2012, 05:10:34 schrieb John Clizbe: > The same issues remain untouched just like the countless other times you've > brought up this idea. What are it specifications? Is there any support from > the IETF OpenPGP working group? Is there an implementation of your idea? > > Endlessly and tirelessly repeating the same "Wouldn't it be nice if...," I think your description of the situation is not correct. IIRC there is no single technical issue which is regarded as a problem about which it is unclear whether it can be solved. The dispute is mainly about the interpretation whether is makes sense to offer such a feature given the amount of addresses that cannot be protected: This would only work for addresses which cannot be found by enumeration. Such addresses are not "nice". mailinglisten at hauke-laging.de need not be protected that way. This feature would require something like mailinglisten--noenum-yvsYiP9y at hauke-laging.de against spammers, mailinglisten--noenum-zTTgFzNHU3RnkFyAxJuYMbs7 at hauke-laging.de against real threats (government agencies in e.g. China). The technical questions would have to be answered but could be rather easily. But why write specs if noone is willing to implement it, why write code if it would not be accpeted, why point at IETF though the other way round is expected there? You may be right in that it makes little sense to endlessly repeat something. But is it a serious difference whether this refers to an unsolved technical problem or to an opinion. Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 555 bytes Desc: This is a digitally signed message part. URL: From vedaal at nym.hush.com Wed Jan 25 22:31:29 2012 From: vedaal at nym.hush.com (vedaal at nym.hush.com) Date: Wed, 25 Jan 2012 16:31:29 -0500 Subject: Why hashed User IDs is not the solution to User ID enumeration (was: Re: Creating a key bearing no user ID) Message-ID: <20120125213129.E914AE6739@smtp.hushmail.com> Daniel Kahn Gillmor dkg at fifthhorseman.net wrote on Tue Jan 24 16:21:35 CET 2012 : > The trouble is that domain names (and e-mail addresses, and human names) are very low-entropy things, and actually are pretty easy to enumerate and test. ----- Aren't there simple ways around this? Here's a sort-of workaround, (inelegant, but can be tweaked and improved on if it's something desirable) : [1] The person who wants to create a new key, first generates a symmetrically encrypted gnupg message, and decrypts it and gets the session key. [2] Hash the [(preferred key name)+(seesion key)+(e-mail address)] [3] Generate the key with the uid of [(preferred key name)+(session key)+(e-mail address)] [4] Identify the key to the server by the hash. These steps would defeat harvesting tools enumerating the low entropy names and hash ranges. (Am not advocating this, just pointing out a possible approach if you want to take this further. Personally, I agree with David Shaw, that the problem can be avoided by just generating a random UID (maybe a truncated session key) and giving the fingerprint and UID to anyone who wants to look it up on the keyserver, as well as the e-mail address separately to whomever the user wants to correspond with.) fwiw, Have never received any keyserver id related spam on some of my old V3 keys that are used only for remailer list correspondence and have been on keyservers for well over a decade. vedaal From dkg at fifthhorseman.net Wed Jan 25 23:55:12 2012 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Wed, 25 Jan 2012 17:55:12 -0500 Subject: hashed user IDs redux [was: Re: Creating a key bearing no user ID] In-Reply-To: <201201251352.27764.mailinglisten@hauke-laging.de> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> <201201251352.27764.mailinglisten@hauke-laging.de> Message-ID: <4F208850.9060506@fifthhorseman.net> On 01/25/2012 07:52 AM, Hauke Laging wrote: > IIRC there is no single technical issue which is regarded as a problem about > which it is unclear whether it can be solved. i've given a fairly detailed technical writeup of why i've stopped pursuit of this particular goal. > The dispute is mainly about the interpretation whether is makes sense to offer > such a feature given the amount of addresses that cannot be protected: This > would only work for addresses which cannot be found by enumeration. Such > addresses are not "nice". mailinglisten at hauke-laging.de need not be protected > that way. This feature would require something like > mailinglisten--noenum-yvsYiP9y at hauke-laging.de against spammers, > mailinglisten--noenum-zTTgFzNHU3RnkFyAxJuYMbs7 at hauke-laging.de against real > threats (government agencies in e.g. China). If people use e-mail addresses like this, then they could probably just derive the high-entropy-portion of their e-mail address from their key's fingerprint directly, and attach only a User ID like "anonymous". e.g. dkg--noenum-0EE5BE979282D80B9F7540F1CCD2ED94D21739E9 at fifthhorseman.net Then no keysigning would be needed as anyone who knows the e-mail address already knows the key to use, and the key is fetchable from the keyservers by keyid directly. This can all be done with the current toolchain, without modification, afacit. The only problem is that you'd have to adjust your MUA to tell it which key to use explicitly for mailing to addresses like this. If you think this is the way to go, maybe you should talk to MUA developers, or propose a mechanism or heuristic gpg could use to pre-select keys from e-mail addresses like this. > The technical questions would have to be answered but could be rather easily. > But why write specs if noone is willing to implement it, why write code if it > would not be accpeted, why point at IETF though the other way round is > expected there? Clearly people are interested in the idea and have done some work to think about it how it can be done, and what would be the right way to go. No one who implements something someone else suggests is going to want to do it without a concrete, well-discussed spec beforehand. Several of us have had the discussion that resulted in my deciding that the tradeoffs for the scheme we came up with (hashed userids) wasn't worth the extra complications. Please propose an alternate scheme that you think would be an improvement if you think such a scheme exists. Hopefully, it will get critiqued, though there are no guarantees that anyone will implement whatever scheme (if any) finally overcomes the objections raised during discussion. --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1030 bytes Desc: OpenPGP digital signature URL: From expires2012 at rocketmail.com Thu Jan 26 00:11:16 2012 From: expires2012 at rocketmail.com (MFPA) Date: Wed, 25 Jan 2012 23:11:16 +0000 Subject: RSA padding scheme In-Reply-To: <20120123004703.GB10912@crustytoothpaste.ath.cx> References: <20120122154828.GA13329@stargrave.org> <20120122185422.GA10912@crustytoothpaste.ath.cx> <20120122192954.GA22767@stargrave.org> <20120123004703.GB10912@crustytoothpaste.ath.cx> Message-ID: <616629249.20120125231116@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Monday 23 January 2012 at 12:47:03 AM, in , brian m. carlson wrote: > This is not a problem with OpenPGP because the attacker > never gets to see the value encrypted with RSA because > it's the symmetric key. Isn't that the same thing as the session key, which can be viewed using --show-session-key? - -- Best regards MFPA mailto:expires2012 at rocketmail.com Always forgive your enemies; nothing annoys them so much -----BEGIN PGP SIGNATURE----- iQCVAwUBTyCMGqipC46tDG5pAQqJggQAgplRf8NRLM3jRY2i8U9ziL1yZ7e6U+mA fJG0r1wz6fSAzNCznHUBr5Sm/0oLRq5Z7tgV4eMmajZHSZkMW/uVgPtei7tgaiZQ ac7NljDO8Ok2xvX9uShp1/xLkWoqRNonovtwrTsfdlte1iljsOqxdbm82NZDkxgf JWhbkMpjcI8= =KF7z -----END PGP SIGNATURE----- From dkg at fifthhorseman.net Thu Jan 26 00:19:56 2012 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Wed, 25 Jan 2012 18:19:56 -0500 Subject: Why hashed User IDs is not the solution to User ID enumeration (was: Re: Creating a key bearing no user ID) In-Reply-To: <20120125213129.E914AE6739@smtp.hushmail.com> References: <20120125213129.E914AE6739@smtp.hushmail.com> Message-ID: <4F208E1C.6020402@fifthhorseman.net> Hi Vedaal-- i'm confused by your proposal. some clarifying questions follow: On 01/25/2012 04:31 PM, vedaal at nym.hush.com wrote: > [1] The person who wants to create a new key, first generates a > symmetrically encrypted gnupg message, and decrypts it and gets the > session key. This seems like it might just be an elaborate way to ask for a random number, but i'm not sure what the intent is. Is it just trying to get a decent-sized chunk of randomness? or is there another purpose? if it's just about randomness, rephrasing more simply might make this clearer. > [2] Hash the [(preferred key name)+(seesion key)+(e-mail address)] What is the "preferred key name" ? are you expecting users to name their keys? > [3] Generate the key with the uid of > [(preferred key name)+(session key)+(e-mail address)] What happened to the hash here? are you suggesting that the User ID is the digested form or the non-digested form? > [4] Identify the key to the server by the hash. OpenPGP certificates are handed to the keyserver as is; the keyserver chooses how to index them. What do you mean by "identify the key to the server by the hash" ? > These steps would defeat harvesting tools enumerating the low > entropy names and hash ranges. I'm still not sure i follow. Can you explain more? How would these keys be identified by a user searching for them? How would third parties verify the user ID before signing? > Personally, I agree with David Shaw, that the problem can be > avoided by just generating a random UID (maybe a truncated session > key) and giving the fingerprint and UID to anyone who wants to look > it up on the keyserver, as well as the e-mail address separately to > whomever the user wants to correspond with.) how does your proposal above compare to David Shaw's (seemingly simpler) proposal, or to the proposal i outlined elsewhere in this thread? --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1030 bytes Desc: OpenPGP digital signature URL: From expires2012 at rocketmail.com Thu Jan 26 02:02:50 2012 From: expires2012 at rocketmail.com (MFPA) Date: Thu, 26 Jan 2012 01:02:50 +0000 Subject: Why hashed User IDs is not the solution to User ID enumeration (was: Re: Creating a key bearing no user ID) In-Reply-To: <4F1ECC7F.6060108@fifthhorseman.net> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <1324485835.20120123232310@my_localhost> <4F1ECC7F.6060108@fifthhorseman.net> Message-ID: <114943307.20120126010250@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Tuesday 24 January 2012 at 3:21:35 PM, in , Daniel Kahn Gillmor wrote: > What you're looking to do with this proposed > hashed-user-id scheme is to find a way to avoid > allowing people to enumerate e-mail addresses or User > IDs from the data contained on the keyservers. Right? That is basically it, yes. > Certainly, the keyservers will continue to support > non-digested User IDs, so now tools will need to be > able to handle both of them; we'll also need a policy > for end-user agents to answer questions like "when > looking up this e-mail address, do i send it only in > digested form to the keyservers for lookup? That would fail to return keys that had UIDs containing the non-hashed string, unless the keyservers stored hashes for all plaintext UIDs. > or do i > send it in cleartext form as well, thereby leaking the > e-mail address to the keyserver operators Or do I send the hash to one keyserver and the plaintext to another, thereby doubling the number of enquiries. > (and to anyone on the network path)? and use SSL to exclude anyone on the network path? > Ultimately, i don't think the tradeoffs for this scheme > are worthwhile for the marginal and limited gain that > the proposal provides. Definitely limited; I think of it as little more than a privacy-enhancing defence against casual snooping rather than a security measure. But is it really so marginal? > I'd love to find a solution to > the User ID enumeration problem, but i don't think > hashed-user-ids is it. As I see it, you either:- include the UIDs in non-human-readable form (e.g. hashed) in the key that's distributed. or you distribute UIDs separately from their key. or when you download a key the copy you get includes only the UID you requested. - -- Best regards MFPA mailto:expires2012 at rocketmail.com An idealist is a person who helps other people to be prosperous -----BEGIN PGP SIGNATURE----- iQCVAwUBTyCmQKipC46tDG5pAQrsIgQAlAZLfIcxdbI9DjmHwJlzaMAmIeh4SCgj P4ZExLyV1srr4kBypd/UqvmeqQddCeoejuigiFzwh42BCTgTrLWbpbAnzcoJTSnE 1Ps8Mg1B29PUH0cbYSrNVyE1ZzUdpGlvxZneWYjzJwLmq3rsqW9lVodIim/ZMR0f ppmHK42ugr4= =A7ih -----END PGP SIGNATURE----- From dkg at fifthhorseman.net Thu Jan 26 02:35:52 2012 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Wed, 25 Jan 2012 20:35:52 -0500 Subject: Why hashed User IDs is not the solution to User ID enumeration In-Reply-To: <114943307.20120126010250@my_localhost> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <1324485835.20120123232310@my_localhost> <4F1ECC7F.6060108@fifthhorseman.net> <114943307.20120126010250@my_localhost> Message-ID: <4F20ADF8.6080800@fifthhorseman.net> On 01/25/2012 08:02 PM, MFPA wrote: >> Ultimately, i don't think the tradeoffs for this scheme >> are worthwhile for the marginal and limited gain that >> the proposal provides. > > Definitely limited; I think of it as little more than a > privacy-enhancing defence against casual snooping rather than a > security measure. But is it really so marginal? Compared to the complexity and confusion downsides on a protocol that is already complex and confusing, yes, i believe the potential gains here qualify as marginal. It only takes one party to reverse the User IDs and publish the reversal for everyone to be able to trivially enumerate them already. > As I see it, you either:- > > include the UIDs in non-human-readable form (e.g. hashed) in the key > that's distributed. which, as i documented in the earlier message, is no better defense against enumeration than NSEC3. > or you distribute UIDs separately from their key. how? where? via what mechanism? how do you determine that the right key is associated with the relevant User IDs? > or when you download a key the copy you get includes only the UID you > requested. eh? are you talking about modifying the keyserver protocol? are you aware that full keyserver dumps are available for the taking, and that anyone can run a keyserver? I remain unconvinced that this is a serious proposal, unfortunately. --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1030 bytes Desc: OpenPGP digital signature URL: From vedaal at nym.hush.com Thu Jan 26 04:28:21 2012 From: vedaal at nym.hush.com (vedaal at nym.hush.com) Date: Wed, 25 Jan 2012 22:28:21 -0500 Subject: Why hashed User IDs is not the solution to User ID enumeration (was: Re: Creating a key bearing no user ID) Message-ID: <20120126032821.29BCE10E2D6@smtp.hushmail.com> On Wed, 25 Jan 2012 18:19:56 -0500 Daniel Kahn Gillmor wrote: >i'm confused by your proposal. some clarifying questions follow: sorry, upon re-reading it, noticed that I left out mentioning some steps that I thought through, but didn't post ;-( ----- >> [1] The person who wants to create a new key, first generates a >> symmetrically encrypted gnupg message, and decrypts it and gets >the >> session key. And leaves the encrypted message on his own website, so that whoever he decides to give the passphrase to, can easily recover the session key. ----- >This seems like it might just be an elaborate way to ask for a >random >number, but i'm not sure what the intent is. Is it just trying to >get a >decent-sized chunk of randomness? or is there another purpose? >if it's >just about randomness, rephrasing more simply might make this >clearer. It's about randomness that can't be brute forced by today's attack resources, but easily communicatable. ----- >> [2] Hash the [(preferred key name)+(seesion key)+(e-mail >address)] > >What is the "preferred key name" ? are you expecting users to >name >their keys? whatever their preferred e-mail name is, i.e, alice.surname at domainname.com ----- >> [3] Generate the key with the uid of >> [(preferred key name)+(session key)+(e-mail address)] > >What happened to the hash here? are you suggesting that the User >ID is >the digested form or the non-digested form? the actual hash of the [name+sessionkey at domainname.com] i.e. SHA256 of alice.surnameACed72...F at domainnamne.com ----- > >> [4] Identify the key to the server by the hash. > >OpenPGP certificates are handed to the keyserver as is; the >keyserver >chooses how to index them. What do you mean by "identify the key >to the >server by the hash" ? Here there are 2 ways to go (a) create the key with the uid of alice.surnameACed72...F at domainnamne.com and send it to the keyserver, with instructions to index it by its hash as the only search criteria (major headache for backward compatibility, as you rightly pointed out) or (b) create the key with uid as the hash itself i.e. SHA256 of alice.surnameACed72...F at domainnamne.com This poses no backward compatibility problems, and is easily computable by someone who knows Alice's name, e-mail address and passphrase to the symmetrically encrypted message she posted on her site. ----- >> Personally, I agree with David Shaw, that the problem can be >> avoided by just generating a random UID (maybe a truncated >session >> key) and giving the fingerprint and UID to anyone who wants to >look >> it up on the keyserver, as well as the e-mail address separately >to >> whomever the user wants to correspond with.) > >how does your proposal above compare to David Shaw's (seemingly >simpler) >proposal, or to the proposal i outlined elsewhere in this thread? ----- it makes the 'anonymous' key id less likely to be duplicated, i.e. BE452FD9 but is basically the same idea as your's and David's anyway, it seems easier to just give the fingerprint ;-) than to go through all the above, but it's a possible doable approach ... vedaal From John at enigmail.net Thu Jan 26 05:04:17 2012 From: John at enigmail.net (John Clizbe) Date: Wed, 25 Jan 2012 22:04:17 -0600 Subject: Why hashed User IDs is not the solution to User ID enumeration (was: Re: Creating a key bearing no user ID) In-Reply-To: <114943307.20120126010250@my_localhost> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <1324485835.20120123232310@my_localhost> <4F1ECC7F.6060108@fifthhorseman.net> <114943307.20120126010250@my_localhost> Message-ID: <4F20D0C1.6010003@enigmail.net> MFPA wrote: > Hi > On Tuesday 24 January 2012 at 3:21:35 PM, in Daniel Kahn Gillmor wrote: >> Certainly, the keyservers will continue to support non-digested User IDs, >> so now tools will need to be able to handle both of them; we'll also need a >> policy for end-user agents to answer questions like "when looking up this >> e-mail address, do i send it only in digested form to the keyservers for >> lookup? Dan, Enigmail's Per-recipient rules are a perfect way of matching email address to a key without that email address in an UID or when when multiple keys contain UIDs with the same email address. > That would fail to return keys that had UIDs containing the non-hashed > string, unless the keyservers stored hashes for all plaintext UIDs. Huh? Why on Earth would hashes need to be stored for plaintext UIDs? Present day keyservers don't even store the UID as a single element. That's ridiculous. Perhaps an understanding of the workings of keyserver lookup should be gained before trying to modify how OpenPGP UIDs are handled. https://tools.ietf.org/html/draft-shaw-openpgp-hkp-00 Other than the human element, I don't see a reason the keyserver code would need to be changed. Most of my objections to this idea lie in matters of HCI. -- John P. Clizbe Inet: John ( a ) Enigmail DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" From peter at digitalbrains.com Thu Jan 26 12:07:15 2012 From: peter at digitalbrains.com (Peter Lebbing) Date: Thu, 26 Jan 2012 12:07:15 +0100 Subject: hashed user IDs redux [was: Re: Creating a key bearing no user ID] In-Reply-To: <4F208850.9060506@fifthhorseman.net> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> <201201251352.27764.mailinglisten@hauke-laging.de> <4F208850.9060506@fifthhorseman.net> Message-ID: <4F2133E3.6030503@digitalbrains.com> On 25/01/12 23:55, Daniel Kahn Gillmor wrote: > If people use e-mail addresses like this, then they could probably just > derive the high-entropy-portion of their e-mail address from their key's > fingerprint directly, and attach only a User ID like "anonymous". > > e.g. > > dkg--noenum-0EE5BE979282D80B9F7540F1CCD2ED94D21739E9 at fifthhorseman.net > > Then no keysigning would be needed as anyone who knows the e-mail > address already knows the key to use, and the key is fetchable from the > keyservers by keyid directly. > > This can all be done with the current toolchain, without modification, > afacit. The only problem is that you'd have to adjust your MUA to tell > it which key to use explicitly for mailing to addresses like this. If > you think this is the way to go, maybe you should talk to MUA > developers, or propose a mechanism or heuristic gpg could use to > pre-select keys from e-mail addresses like this. I like it. I was thinking along the same lines, but you were a big step ahead of me. I hand't thought of the fingerprint. I think you might have just solved the whole issue with a much better solution! I don't think you can add entropy to an e-mail address and end up with a solution that is more elegant than what you just proposed with the fingerprint. > Please propose an alternate scheme that you think would be an > improvement if you think such a scheme exists. You just did yourself ;D. Eureka! Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt From peter at digitalbrains.com Thu Jan 26 17:22:24 2012 From: peter at digitalbrains.com (Peter Lebbing) Date: Thu, 26 Jan 2012 17:22:24 +0100 Subject: hashed user IDs redux [was: Re: Creating a key bearing no user ID] In-Reply-To: <4F2133E3.6030503@digitalbrains.com> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> <201201251352.27764.mailinglisten@hauke-laging.de> <4F208850.9060506@fifthhorseman.net> <4F2133E3.6030503@digitalbrains.com> Message-ID: <4F217DC0.4080307@digitalbrains.com> On 26/01/12 12:07, Peter Lebbing wrote: > I like it. Maybe I should clarify that this is in no way a feature request; I just like the pragmatic solution in itself. I personally don't see a use case where one would be satisfied with an e-mail address of the form mailinglisten--noenum-zTTgFzNHU3RnkFyAxJuYMbs7 at hauke-laging.de but dissatisfied with just handing the fingerprint for a key to someone. I wouldn't want to spell out that e-mail address to someone. If I'm not going to give it verbally, why not just give the key fingerprint? You could print the fingerprint on your business card, and not enter your e-mail address in the UID of the key. And in e-mails, you have the header OpenPGP: id=8FA94E79AD6AB56EE38CE5CBAC46EFE6DE500B3E Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt From rjh at sixdemonbag.org Thu Jan 26 18:03:14 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 26 Jan 2012 12:03:14 -0500 Subject: hashed user IDs redux [was: Re: Creating a key bearing no user ID] In-Reply-To: <4F217DC0.4080307@digitalbrains.com> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> <201201251352.27764.mailinglisten@hauke-laging.de> <4F208850.9060506@fifthhorseman.net> <4F2133E3.6030503@digitalbrains.com> <4F217DC0.4080307@digitalbrains.com> Message-ID: <4F218752.90300@sixdemonbag.org> On 1/26/12 11:22 AM, Peter Lebbing wrote: > If I'm not going to give it verbally, why not just give the key > fingerprint? Yes. I've not hidden my opinion that I think this is an exercise in quixotry, but still, never let it be said I wasn't willing to make some contribution to an idea. Let's not talk about implementation details: right now we don't have a good enough handle on the problem to talk about how to solve it. So let's see if we can't use a 'Problem', 'Goal', 'Requirements' and 'Constraints' model to focus the conversation a little bit. PROBLEM: * Some people want to make it possible to opt out of their email addresses being harvestable on the keyservers. GOAL: * Give users an optional way to make their user IDs resistant to harvesting. REQUIREMENTS: * The solution must work within the OpenPGP framework without requiring any extensions. * The solution must work with SKS without requiring any extensions. * The User ID must be searchable (otherwise the solution is trivial, create a User ID with a name but no email address). If a user searches the keyserver for exactly a given email address, matching certificates must be returned. CONSTRAINTS: * Key enumeration. There are only roughly 10 million login names five characters or less. Searching those 10 million login names over the top 100 email domains amounts to about a billion queries. Split over a botnet of 100,000 elements, each bot would have to make 10,000 queries. Even if each query took one second (an unreasonable number: it would substantially impact OpenPGP adoption because people would be furious over the slow speed of lookups), that means a spammer network could break any such blinded hashing scheme in about three hours. * Utility. One way to make a blinded hashing scheme enumeration- resistant is to put a large amount of random data in there. However, searching for 'zz78gH1Y==@hotmail.com' is of comparable complexity to searching for a certificate ID. The system must work for all reasonable User IDs, rather than requiring User IDs to be unreasonable. ... Looking over this, I don't think that what MFPA wants is possible. I just don't. The key enumeration issue and the ease of getting past it, *even if we require each search to take one second to execute*, is the gorilla in the center of the room that's threatening to pound to a pulp anyone who seriously tries to take on this problem. If we discard the "must conform to OpenPGP" and "must be compatible with SKS" requirements, then maybe we could make it work. But as is, if I was asked to evaluate this research project, I would call it extreme risk for minimal reward. "Risk", in an engineering management context, usually means "risk of failure and wasting all the resources invested." The risk level seems extreme. Even if you succeed, how many people will join up? How many people will revoke their old User IDs and create new ones? Few, I think, which makes this minimal-reward. Even if you succeed, you'll impact only a very small fraction of OpenPGP users. From sandals at crustytoothpaste.net Thu Jan 26 19:30:43 2012 From: sandals at crustytoothpaste.net (brian m. carlson) Date: Thu, 26 Jan 2012 18:30:43 +0000 Subject: RSA padding scheme In-Reply-To: <616629249.20120125231116@my_localhost> Message-ID: <20120126183043.GE82285@crustytoothpaste.ath.cx> MFPA wrote: > On Monday 23 January 2012 at 12:47:03 AM, in > , brian m. carlson > wrote: > > This is not a problem with OpenPGP because the attacker > > never gets to see the value encrypted with RSA because > > it's the symmetric key. > > Isn't that the same thing as the session key, which can be viewed > using --show-session-key? Yes, it is. However, decrypting a message does not automatically provide the session key to the user (outside of the internal functionality of the OpenPGP implementation). So what I'm saying is that even if you have an oracle that will decrypt messages on demand and provide them to the attacker, that doesn't mean that the oracle is going to provide the session key used to decrypt that message, which you need to conduct the attack. Also, please, please, please don't ever CC me. This resulted in a major delay as I deleted the message which I am now replying to and had to cobble it together based on the archive. Please respect my Mail-Followup-To and post replies only to the list. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 836 bytes Desc: Digital signature URL: From expires2012 at rocketmail.com Fri Jan 27 00:41:21 2012 From: expires2012 at rocketmail.com (MFPA) Date: Thu, 26 Jan 2012 23:41:21 +0000 Subject: hashed user IDs redux [was: Re: Creating a key bearing no user ID] In-Reply-To: <4F218752.90300@sixdemonbag.org> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> <201201251352.27764.mailinglisten@hauke-laging.de> <4F208850.9060506@fifthhorseman.net> <4F2133E3.6030503@digitalbrains.com> <4F217DC0.4080307@digitalbrains.com> <4F218752.90300@sixdemonbag.org> Message-ID: <1221655633.20120126234121@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Thursday 26 January 2012 at 5:03:14 PM, in , Robert J. Hansen wrote: > So let's see if we can't use a 'Problem', > 'Goal', 'Requirements' and 'Constraints' model to focus the conversation > a little bit. > > PROBLEM: > * Some people want to make it possible to opt out of their email > addresses being harvestable on the keyservers. > > GOAL: > * Give users an optional way to make their user IDs resistant to > harvesting. The use of the word "harvesting" in this context suggests to me a concern about spamming rather than about privacy. And I would like the ability to protect my name as well as (or instead of) my email address. > > REQUIREMENTS: > * The solution must work within the OpenPGP framework without > requiring any extensions. > * The solution must work with SKS without requiring any extensions. > * The User ID must be searchable (otherwise the solution is trivial, > create a User ID with a name but no email address). If a user > searches the keyserver for exactly a given email address, matching > certificates must be returned. Is "without requiring any extensions" a necessary requirement? If a solution were feasible that required an extension or a local proxy to handle the keyserver queries, why should it be discarded? > > CONSTRAINTS: > * Key enumeration. There are only roughly 10 million login names > five characters or less. Searching those 10 million login names > over the top 100 email domains amounts to about a billion queries. > Split over a botnet of 100,000 elements, each bot would have to > make 10,000 queries. Even if each query took one second (an > unreasonable number: it would substantially impact OpenPGP adoption > because people would be furious over the slow speed of lookups), > that means a spammer network could break any such blinded hashing > scheme in about three hours. Why would a spammer network bother to generate email addresses and submit them as keyserver queries, rather than just sending spam out to them all? I guess the day *could* arrive when we start receiving spam that is encrypted to the right key(s) for the email address(es) it goes to, but I currently see that more as a possibility than a probability. > ... Looking over this, I don't think that what MFPA wants is possible. > I just don't. The key enumeration issue and the ease of getting past > it, *even if we require each search to take one second to execute*, is > the gorilla in the center of the room that's threatening to pound to a > pulp anyone who seriously tries to take on this problem. I think that what you say is impossible, is more than I am looking for from this scheme. That strength of protection would be brilliant but rather pointless in the context. Lets assume for a moment the goal you have stated above has been reached, including an airtight solution to the key enumeration issue. What do we really have? I have names and email addresses in blinded User IDs on my key and they are believed to be safe for a long time given the current technology. For want of a better analogy, the names and email addresses readable from User IDs on the keyservers are akin to listings in the phone book. The names and email addresses that cannot be read because they are obscured in blinded User IDs are akin to unlisted phone numbers. There is a certain level of protection afforded by choosing not to have your number listed, but you can still tell anybody the number yourself and they might accidentally or deliberately pass it on. > > Even if you succeed, how many people will join up? I don't know. For telephone numbers, as I posted in a thread here in July 2010, the owners of 78% of the non-business landline numbers in my address book at the time had made the effort to not have their numbers listed in the phone books. Mobile phone numbers are unlisted by default; not a single person had arranged a listing for their non-business mobile. Not scientific. Not representative. Just the contents of my address book. - -- Best regards MFPA mailto:expires2012 at rocketmail.com Pain is inevitable, but misery is optional. -----BEGIN PGP SIGNATURE----- iQCVAwUBTyHkqaipC46tDG5pAQpIFAP+Pk6XUci+VVZaGeN7D3nLM3sZuCRhL03O iIAwQR0TnTYIUC8uD07TfrQDsXmEOVa3a4yDSX7AGIFgbqG0oKUioEecpDwbZinm 6LKorTNkxbp2J2WiVdaLW+4/fQ5ytjn0jxDKvmoRb3Bf8hgSjCUy/zxkYCQ2KHxT xoU7IlSeC9g= =a9JS -----END PGP SIGNATURE----- From dougb at dougbarton.us Fri Jan 27 01:48:30 2012 From: dougb at dougbarton.us (Doug Barton) Date: Thu, 26 Jan 2012 16:48:30 -0800 Subject: hashed user IDs redux [was: Re: Creating a key bearing no user ID] In-Reply-To: <1221655633.20120126234121@my_localhost> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> <201201251352.27764.mailinglisten@hauke-laging.de> <4F208850.9060506@fifthhorseman.net> <4F2133E3.6030503@digitalbrains.com> <4F217DC0.4080307@digitalbrains.com> <4F218752.90300@sixdemonbag.org> <1221655633.20120126234121@my_localhost> Message-ID: <4F21F45E.7060308@dougbarton.us> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 01/26/2012 15:41, MFPA wrote: > The use of the word "harvesting" in this context suggests to me a > concern about spamming rather than about privacy. And I would like > the ability to protect my name as well as (or instead of) my email > address. As I said the last time you brought this up .... put whatever you like in the name and e-mail fields, and notify the people you communicate with of what's there, and the fingerprint of the key. They can then set up rules in their e-mail client that when they communicate with you via e-mail address foo that they should use key bar. You're done. There is no software modification needed to accomplish what you want to do. Doug - -- It's always a long day; 86400 doesn't fit into a short. Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iQEcBAEBCAAGBQJPIfReAAoJEFzGhvEaGryEZ+sH/0ePlo1pAS4Y/NLpNfPseN5f lnQM7Fpt8QUsUG7zyxKsk4zG8RNy1YQTqjY38HjUP0u9ykgp2v0kT2UxfyLCMXte iZtoxTqZW0Fa8GAurPrSH7GD7RtCYmtKOOP5q5+Ep2UfIu/Uh+rcGbkpXVszSKnF 9yLQvSKUDvzC/P10YKbuP0p96UuYsStv+bmN8rNGt4BoOgEDeBPlflVUhIco6WKI sylguccRvnvKjMFk6FA9AhsEP/bBKzf0LoaXEczhJOkZ9sUpZXCnAmQZKyzKNvWp Ir0pRyfYcyZsPIBDISAv4egz6eOPNEOgr42WkeqQu8ywg4rv4w97fJl0CJTIUnc= =bPyh -----END PGP SIGNATURE----- From John at enigmail.net Fri Jan 27 02:10:08 2012 From: John at enigmail.net (John Clizbe) Date: Thu, 26 Jan 2012 19:10:08 -0600 Subject: hashed user IDs redux [was: Re: Creating a key bearing no user ID] In-Reply-To: <4F21F45E.7060308@dougbarton.us> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> <201201251352.27764.mailinglisten@hauke-laging.de> <4F208850.9060506@fifthhorseman.net> <4F2133E3.6030503@digitalbrains.com> <4F217DC0.4080307@digitalbrains.com> <4F218752.90300@sixdemonbag.org> <1221655633.20120126234121@my_localhost> <4F21F45E.7060308@dougbarton.us> Message-ID: <4F21F970.2030708@enigmail.net> Doug Barton wrote: > On 01/26/2012 15:41, MFPA wrote: >> The use of the word "harvesting" in this context suggests to me a >> concern about spamming rather than about privacy. And I would like >> the ability to protect my name as well as (or instead of) my email >> address. > > As I said the last time you brought this up .... put whatever you like > in the name and e-mail fields, and notify the people you communicate > with of what's there, and the fingerprint of the key. They can then > set up rules in their e-mail client that when they communicate with > you via e-mail address foo that they should use key bar. You're done. > > There is no software modification needed to accomplish what you want > to do. DING! DING! DING! DING! We have a winner! You do not wish your name or email address in a certificate's UID, THEN DON'T PUT IT IN. Feed whatever text you wish through the hashing algorithm of your choice and use that. Bang! You're done. Just do it. OpenPGP and the software involved do not need any changes. And as Rob pointed out, any changes would have a difficult time getting accepted. -- John P. Clizbe Inet:John ( a ) Enigmail DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" From rjh at sixdemonbag.org Fri Jan 27 02:29:07 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 26 Jan 2012 20:29:07 -0500 Subject: hashed user IDs redux [was: Re: Creating a key bearing no user ID] In-Reply-To: <1221655633.20120126234121@my_localhost> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> <201201251352.27764.mailinglisten@hauke-laging.de> <4F208850.9060506@fifthhorseman.net> <4F2133E3.6030503@digitalbrains.com> <4F217DC0.4080307@digitalbrains.com> <4F218752.90300@sixdemonbag.org> <1221655633.20120126234121@my_localhost> Message-ID: <4F21FDE3.30903@sixdemonbag.org> On 1/26/2012 6:41 PM, MFPA wrote: > The use of the word "harvesting" in this context suggests to me a > concern about spamming rather than about privacy. The use is correct. Spamming is what someone does once they have your private information: harvesting is the act of collecting. > And I would like the ability to protect my name as well as (or > instead of) my email address. One windmill at a time, my ingenious gentleman of La Mancha. > Is "without requiring any extensions" a necessary requirement? "Necessary" is a strong word. The consequence of extending it is you get to be the one to write the extensions (both in RFC and source-code form) and maintain them across a whole raft of other operating systems and hardware configurations. > If a solution were feasible that required an extension or a local > proxy to handle the keyserver queries, why should it be discarded? A local proxy is not an extension. An extension means "we're going to break conformance with the OpenPGP spec" or "we're going to break compatibility with the SKS keyserver network." If you break conformance with the OpenPGP spec, then you get to build the new spec. If you break compatibility with the SKS network, then you get to build a new network to replace it. > Why would a spammer network bother to generate email addresses and > submit them as keyserver queries, rather than just sending spam out > to them all? I have been waiting for you to realize this. *Even if you solve the key enumeration problem, you solve nothing.* It doesn't get you anything, because the email enumeration problem is just as bad. > For want of a better analogy, the names and email addresses readable > from User IDs on the keyservers are akin to listings in the phone > book. The names and email addresses that cannot be read because they > are obscured in blinded User IDs are akin to unlisted phone numbers. And yet, my two unlisted cell phones both routinely get robocalls and telemarketers. They, too, work by enumeration. From wk at gnupg.org Fri Jan 27 10:45:21 2012 From: wk at gnupg.org (Werner Koch) Date: Fri, 27 Jan 2012 10:45:21 +0100 Subject: hashed user IDs redux In-Reply-To: <4F21F45E.7060308@dougbarton.us> (Doug Barton's message of "Thu, 26 Jan 2012 16:48:30 -0800") References: <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> <201201251352.27764.mailinglisten@hauke-laging.de> <4F208850.9060506@fifthhorseman.net> <4F2133E3.6030503@digitalbrains.com> <4F217DC0.4080307@digitalbrains.com> <4F218752.90300@sixdemonbag.org> <1221655633.20120126234121@my_localhost> <4F21F45E.7060308@dougbarton.us> Message-ID: <87fwf14gy6.fsf@vigenere.g10code.de> On Fri, 27 Jan 2012 01:48, dougb at dougbarton.us said: > There is no software modification needed to accomplish what you want > to do. It might be obvious but anyway: To put the fingerprint into the user id first create a key with a dummy user id, then list the fingerprint, create second user id with that fingerprint and finally delete the first dummy user id. --allow-freeform-uid comes handy. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From peter at digitalbrains.com Fri Jan 27 11:49:43 2012 From: peter at digitalbrains.com (Peter Lebbing) Date: Fri, 27 Jan 2012 11:49:43 +0100 Subject: hashed user IDs redux [was: Re: Creating a key bearing no user ID] In-Reply-To: <1221655633.20120126234121@my_localhost> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> <201201251352.27764.mailinglisten@hauke-laging.de> <4F208850.9060506@fifthhorseman.net> <4F2133E3.6030503@digitalbrains.com> <4F217DC0.4080307@digitalbrains.com> <4F218752.90300@sixdemonbag.org> <1221655633.20120126234121@my_localhost> Message-ID: <4F228147.7090401@digitalbrains.com> Hi MFPA, Can I ask what about the dkg--noenum-0EE5BE979282D80B9F7540F1CCD2ED94D21739E9 at fifthhorseman.net form does not satisfy your requirement that the mailinglisten--noenum-zTTgFzNHU3RnkFyAxJuYMbs7 at hauke-laging.de does? Or do you not agree with the latter form either? I'm not sure of your requirements. I thought all that was needed was a way to find a key belonging to an e-mail address without requiring the e-mail address to be in the UID. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt From peter at digitalbrains.com Fri Jan 27 12:38:49 2012 From: peter at digitalbrains.com (Peter Lebbing) Date: Fri, 27 Jan 2012 12:38:49 +0100 Subject: Why hashed User IDs is not the solution to User ID enumeration (was: Re: Creating a key bearing no user ID) In-Reply-To: <114943307.20120126010250@my_localhost> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <1324485835.20120123232310@my_localhost> <4F1ECC7F.6060108@fifthhorseman.net> <114943307.20120126010250@my_localhost> Message-ID: <4F228CC9.3090006@digitalbrains.com> On 26/01/12 02:02, MFPA wrote: > Definitely limited; I think of it as little more than a > privacy-enhancing defence against casual snooping rather than a > security measure. But is it really so marginal? If you don't solve the key enumeration problem, it seems to me you're more enhancing the feeling of privacy people have rather than actually enhancing their privacy. It does not really offer privacy, it just makes people think they have privacy. That's not Pretty Good Privacy. It's more a request "please don't look here". Which by the way makes people curious :). And a curious person with a mean streak might sign a key with an obscured e-mail address with a signature saying "this is the key for expires2012 at rocketmail.com" }:-]. Which is verifiable by hashing the e-mail address. And once "keyserver no-modify" is implemented, he'll create a website with a dump of all the unobscured e-mail addresses, just because he can. He's like that once he sees something that's obscured but not really blinded. On the other hand, I think Hauke Laging's demands are met by the idea Daniel Kahn Gillmor came up with. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt From mwood at IUPUI.Edu Fri Jan 27 15:20:23 2012 From: mwood at IUPUI.Edu (Mark H. Wood) Date: Fri, 27 Jan 2012 09:20:23 -0500 Subject: hashed user IDs redux [was: Re: Creating a key bearing no user ID] In-Reply-To: <4F21FDE3.30903@sixdemonbag.org> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> <201201251352.27764.mailinglisten@hauke-laging.de> <4F208850.9060506@fifthhorseman.net> <4F2133E3.6030503@digitalbrains.com> <4F217DC0.4080307@digitalbrains.com> <4F218752.90300@sixdemonbag.org> <1221655633.20120126234121@my_localhost> <4F21FDE3.30903@sixdemonbag.org> Message-ID: <20120127142023.GC6124@IUPUI.Edu> On Thu, Jan 26, 2012 at 08:29:07PM -0500, Robert J. Hansen wrote: > On 1/26/2012 6:41 PM, MFPA wrote: > > The use of the word "harvesting" in this context suggests to me a > > concern about spamming rather than about privacy. > > The use is correct. Spamming is what someone does once they have your > private information: harvesting is the act of collecting. A difficulty here is that "spamming" is fairly specific, while "privacy" (it seems to me) is huge, amorphous, and defined differently by different people. -- Mark H. Wood, Lead System Programmer mwood at IUPUI.Edu Asking whether markets are efficient is like asking whether people are smart. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: From JPClizbe at tx.rr.com Sat Jan 28 02:52:56 2012 From: JPClizbe at tx.rr.com (John Clizbe) Date: Fri, 27 Jan 2012 19:52:56 -0600 Subject: Why hashed User IDs is not the solution to User ID enumeration (was: Re: Creating a key bearing no user ID) In-Reply-To: <4F228CC9.3090006@digitalbrains.com> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <1324485835.20120123232310@my_localhost> <4F1ECC7F.6060108@fifthhorseman.net> <114943307.20120126010250@my_localhost> <4F228CC9.3090006@digitalbrains.com> Message-ID: <4F2354F8.1020901@tx.rr.com> Peter Lebbing wrote: > And a curious person with a mean streak might sign a key with an obscured e-mail > address with a signature saying "this is the key for expires2012 at rocketmail.com" > }:-]. Which is verifiable by hashing the e-mail address. And once "keyserver > no-modify" is implemented, he'll create a website with a dump of all the > unobscured e-mail addresses, just because he can. He's like that once he sees > something that's obscured but not really blinded. Having keyservers support no-modify requires that they first support crypto. That's a really big step. To my knowledge, no one is working on such an initiative in SKS or any other keyserver. I believe LDAP is the only platform that presently can handle no-modify, but does keyserver.pgp.com even support it? I don't recall that it does. -- John P. Clizbe Inet:John ( a ) Enigmail DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" From rjh at sixdemonbag.org Sat Jan 28 06:14:49 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sat, 28 Jan 2012 00:14:49 -0500 Subject: Why hashed User IDs is not the solution to User ID enumeration In-Reply-To: <4F2354F8.1020901@tx.rr.com> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <1324485835.20120123232310@my_localhost> <4F1ECC7F.6060108@fifthhorseman.net> <114943307.20120126010250@my_localhost> <4F228CC9.3090006@digitalbrains.com> <4F2354F8.1020901@tx.rr.com> Message-ID: <4F238449.2050709@sixdemonbag.org> On 1/27/2012 8:52 PM, John Clizbe wrote: > Having keyservers support no-modify requires that they first support crypto. > That's a really big step. (John undoubtedly knows this, but I suspect a lot of people didn't catch the implications -- so let me elaborate.) SKS is a surprisingly lightweight thing: it requires very little in the way of CPU usage, even when making large updates. (My keyserver is currently running with a load of 0.06.) As soon as keyservers have to do bignum arithmetic on certificates, you're going to see a lot higher CPU loads. This doesn't mean "we should never ever do it," but it does mean before doing such a thing there would have to be broad consensus from the keyserver community to do it. It isn't just that no one's written the code: it's there's no community consensus to deploy such code, even if it were written. It would be a pretty major flag day. After all, if one keyserver enforces it and others don't, then that's going to create a pretty obvious syncing problem. It is, as he said, "a really big step." From jerome at jeromebaum.com Sat Jan 28 06:48:47 2012 From: jerome at jeromebaum.com (Jerome Baum) Date: Sat, 28 Jan 2012 06:48:47 +0100 Subject: Why hashed User IDs is not the solution to User ID enumeration In-Reply-To: <4F238449.2050709@sixdemonbag.org> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <1324485835.20120123232310@my_localhost> <4F1ECC7F.6060108@fifthhorseman.net> <114943307.20120126010250@my_localhost> <4F228CC9.3090006@digitalbrains.com> <4F2354F8.1020901@tx.rr.com> <4F238449.2050709@sixdemonbag.org> Message-ID: <4F238C3F.2020404@jeromebaum.com> On 2012-01-28 06:14, Robert J. Hansen wrote: > It isn't just that no one's written the code: it's there's no community > consensus to deploy such code, even if it were written. It would be a > pretty major flag day. After all, if one keyserver enforces it and > others don't, then that's going to create a pretty obvious syncing problem. What syncing problem is that? Wouldn't the crypto-supporting keyserver simply sync out (provide to other keyservers) it's published packets and sync in everything (yet drop packets without a "publish" signature)? (So in this scenario I'm assuming the key owner adds e.g. a self-signature with a special notation listing the packets that they want to be published on the keyserver.) Or was this more about "old" keys -- that don't have the special self-signature -- dropping out of the network? How about making the publish control optional -- if the self-sig doesn't say "I want to control my published stuff" then just publish all packets? -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA -- nameserver 217.79.186.148 nameserver 178.63.26.172 http://opennicproject.org/ -- No situation is so dire that panic cannot make it worse. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 878 bytes Desc: OpenPGP digital signature URL: From dshaw at jabberwocky.com Sat Jan 28 07:21:25 2012 From: dshaw at jabberwocky.com (David Shaw) Date: Sat, 28 Jan 2012 01:21:25 -0500 Subject: Why hashed User IDs is not the solution to User ID enumeration (was: Re: Creating a key bearing no user ID) In-Reply-To: <4F2354F8.1020901@tx.rr.com> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <1324485835.20120123232310@my_localhost> <4F1ECC7F.6060108@fifthhorseman.net> <114943307.20120126010250@my_localhost> <4F228CC9.3090006@digitalbrains.com> <4F2354F8.1020901@tx.rr.com> Message-ID: On Jan 27, 2012, at 8:52 PM, John Clizbe wrote: > Peter Lebbing wrote: > >> And a curious person with a mean streak might sign a key with an obscured e-mail >> address with a signature saying "this is the key for expires2012 at rocketmail.com" >> }:-]. Which is verifiable by hashing the e-mail address. And once "keyserver >> no-modify" is implemented, he'll create a website with a dump of all the >> unobscured e-mail addresses, just because he can. He's like that once he sees >> something that's obscured but not really blinded. > > Having keyservers support no-modify requires that they first support crypto. > That's a really big step. > > To my knowledge, no one is working on such an initiative in SKS or any other > keyserver. > > I believe LDAP is the only platform that presently can handle no-modify, but > does keyserver.pgp.com even support it? I don't recall that it does. It does not support it. With keyserver.pgp.com, it's sort of as if no-modify is always on, but in a limited sense: the keyserver will only allow new user IDs or a new key from the key owner (though enforced via "who can read email at your address", rather than cryptographically), but it allows anyone whose key is on keyserver.pgp.com to sign a key and send the update to the keyserver. So you can always sign someone else's key if you desire. David From dougb at dougbarton.us Sat Jan 28 07:57:13 2012 From: dougb at dougbarton.us (Doug Barton) Date: Fri, 27 Jan 2012 22:57:13 -0800 Subject: Why hashed User IDs is not the solution to User ID enumeration In-Reply-To: <4F238C3F.2020404@jeromebaum.com> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <1324485835.20120123232310@my_localhost> <4F1ECC7F.6060108@fifthhorseman.net> <114943307.20120126010250@my_localhost> <4F228CC9.3090006@digitalbrains.com> <4F2354F8.1020901@tx.rr.com> <4F238449.2050709@sixdemonbag.org> <4F238C3F.2020404@jeromebaum.com> Message-ID: <4F239C49.6080807@dougbarton.us> On 01/27/2012 21:48, Jerome Baum wrote: > On 2012-01-28 06:14, Robert J. Hansen wrote: >> It isn't just that no one's written the code: it's there's no community >> consensus to deploy such code, even if it were written. It would be a >> pretty major flag day. After all, if one keyserver enforces it and >> others don't, then that's going to create a pretty obvious syncing problem. > > What syncing problem is that? Wouldn't the crypto-supporting keyserver > simply sync out (provide to other keyservers) it's published packets and > sync in everything (yet drop packets without a "publish" signature)? > > (So in this scenario I'm assuming the key owner adds e.g. a > self-signature with a special notation listing the packets that they > want to be published on the keyserver.) > > Or was this more about "old" keys -- that don't have the special > self-signature -- dropping out of the network? How about making the > publish control optional -- if the self-sig doesn't say "I want to > control my published stuff" then just publish all packets? This is the second (third?) time this has come up in the recent past. Maybe instead of talking more about it those who are interested in having this functionality should go create it? Then the community would have something concrete to discuss. If it really is as simple as you describe, I can't see any reason why people wouldn't want to deploy it. :) Doug -- It's always a long day; 86400 doesn't fit into a short. Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ From jerome at jeromebaum.com Sat Jan 28 08:01:32 2012 From: jerome at jeromebaum.com (Jerome Baum) Date: Sat, 28 Jan 2012 08:01:32 +0100 Subject: Why hashed User IDs is not the solution to User ID enumeration In-Reply-To: <4F239C49.6080807@dougbarton.us> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <1324485835.20120123232310@my_localhost> <4F1ECC7F.6060108@fifthhorseman.net> <114943307.20120126010250@my_localhost> <4F228CC9.3090006@digitalbrains.com> <4F2354F8.1020901@tx.rr.com> <4F238449.2050709@sixdemonbag.org> <4F238C3F.2020404@jeromebaum.com> <4F239C49.6080807@dougbarton.us> Message-ID: <4F239D4C.8030301@jeromebaum.com> On 2012-01-28 07:57, Doug Barton wrote: > On 01/27/2012 21:48, Jerome Baum wrote: >> On 2012-01-28 06:14, Robert J. Hansen wrote: > This is the second (third?) time this has come up in the recent past. > Maybe instead of talking more about it those who are interested in > having this functionality should go create it? Then the community would > have something concrete to discuss. > > If it really is as simple as you describe, I can't see any reason why > people wouldn't want to deploy it. :) I'm not interested in having this functionality. I'm just interested in the problem (and only from a theoretical perspective). Personally I don't think it makes sense to support no-modify on keyservers -- if I want to publish a signature I create, I can, and the owner of the key can not stop me. -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA -- nameserver 217.79.186.148 nameserver 178.63.26.172 http://opennicproject.org/ -- No situation is so dire that panic cannot make it worse. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 878 bytes Desc: OpenPGP digital signature URL: From John at enigmail.net Sat Jan 28 08:24:06 2012 From: John at enigmail.net (John Clizbe) Date: Sat, 28 Jan 2012 01:24:06 -0600 Subject: Why hashed User IDs is not the solution to User ID enumeration In-Reply-To: <4F238C3F.2020404@jeromebaum.com> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <1324485835.20120123232310@my_localhost> <4F1ECC7F.6060108@fifthhorseman.net> <114943307.20120126010250@my_localhost> <4F228CC9.3090006@digitalbrains.com> <4F2354F8.1020901@tx.rr.com> <4F238449.2050709@sixdemonbag.org> <4F238C3F.2020404@jeromebaum.com> Message-ID: <4F23A296.4070406@enigmail.net> Jerome Baum wrote: > On 2012-01-28 06:14, Robert J. Hansen wrote: >> It isn't just that no one's written the code: it's there's no community >> consensus to deploy such code, even if it were written. It would be a >> pretty major flag day. After all, if one keyserver enforces it and >> others don't, then that's going to create a pretty obvious syncing problem. > > What syncing problem is that? Wouldn't the crypto-supporting keyserver > simply sync out (provide to other keyservers) it's published packets and > sync in everything (yet drop packets without a "publish" signature)? > > (So in this scenario I'm assuming the key owner adds e.g. a > self-signature with a special notation listing the packets that they > want to be published on the keyserver.) > > Or was this more about "old" keys -- that don't have the special > self-signature -- dropping out of the network? How about making the > publish control optional -- if the self-sig doesn't say "I want to > control my published stuff" then just publish all packets? You've just outlined the problem. The present behavior of all keyservers is to merge packets. If the no-modify behavior is introduced, that server is going to drop or refuse packets. How do you reconcile keys when you have two legal behaviors in place within the network? Differing copies of a key is _NOT_ an option. The thing that makes SKS so fast is its reconciliation scheme which relies on logically identical or near identical copies of the keystore. If two variant copies of the same key are allowed to exist, they will endlessly be exchanged between servers, thus crippling the reconciliation process as more no-modify keys are sent to the keyservers. It has nothing to do with what is or isn't published. You ask for key 0xdecafbad, you get all of the key. What it has to do with is _what_ gets stored and how those decisions are made. Differing algorithms equate to differing keys. I tagged SKS 1.1.2 at the end of September. Currently there are four versions of SKS running in the network: 1.0.10, 1.1.0, 1.1.1, 1.1.2. I think the 1.0.9 servers finally upgraded. Getting all servers on the same release would in itself be a large undertaking and would be required for a no-modify scheme to work. I don't see a way that a rolling-upgrade to a no-modify supporting version could be accomplished without breaking things in the process. The only way I can envision doing this to to form a completely new network and let servers migrate into it as they upgrade to the no-modify supporting version. In a way, that's also undesirable as it divides the widely distributed network in two. There's really no simple way to retrofit no-modify behavior into an existing keyserver network. -- John P. Clizbe Inet:John ( a ) Enigmail DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Cowboy Haiku -- Reflections on Rodeo So many Cowboys. / Round Wrangler butts drive me nuts. / Never enough rope. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 496 bytes Desc: OpenPGP digital signature URL: From rjh at sixdemonbag.org Sat Jan 28 09:05:52 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sat, 28 Jan 2012 03:05:52 -0500 Subject: Why hashed User IDs is not the solution to User ID enumeration In-Reply-To: <4F23A296.4070406@enigmail.net> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <1324485835.20120123232310@my_localhost> <4F1ECC7F.6060108@fifthhorseman.net> <114943307.20120126010250@my_localhost> <4F228CC9.3090006@digitalbrains.com> <4F2354F8.1020901@tx.rr.com> <4F238449.2050709@sixdemonbag.org> <4F238C3F.2020404@jeromebaum.com> <4F23A296.4070406@enigmail.net> Message-ID: <4F23AC60.2000706@sixdemonbag.org> On 1/28/2012 2:24 AM, John Clizbe wrote: > I don't see a way that a rolling-upgrade to a no-modify supporting version could > be accomplished without breaking things in the process. The only way I can > envision doing this to to form a completely new network and let servers migrate > into it as they upgrade to the no-modify supporting version. In a way, that's > also undesirable as it divides the widely distributed network in two. There's also a human factors element, which we're currently handwaving. If I have a copy of 0xDECAFBAD's certificate that has five UIDs, all of which have trusted signatures on them, and a second copy that has seven UIDs, five of which I consider valid due to having trusted signatures on them, well -- which of the two is canonical? The OpenPGP answer is "neither: validity and trust are not the same as canonicity." However, human beings tend to get rather obsessed with canonicity. Look at the kerfuffle over our President's birth certificate record. The original one is on file somewhere in a Hawai'i government office: a differently-formatted copy of the birth certificate was given to the press. Both documents are equally valid. Neither document is canonical. The U.S. public had a hard time wrestling with that: a whole lot of people sincerely believed the presence of two equally-valid but differently-formatted birth certificate records meant something was hinky. Now imagine explaining to new OpenPGP users that "yes, sometimes you'll get a copy that has 5 UIDs and sometimes you'll get one that has 7, depending on which keyserver you query, but both of them are equally valid." Same thing. And before anyone says, "well, yeah, but the huge deal about the President's birth certificate was the product of a whole lot of political paranoia by whackjobs," I will point out that one thing our community has *never* lacked for is paranoid whackjobs. From rjh at sixdemonbag.org Sat Jan 28 09:26:07 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sat, 28 Jan 2012 03:26:07 -0500 Subject: Why hashed User IDs is not the solution to User ID enumeration In-Reply-To: <4F238C3F.2020404@jeromebaum.com> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <1324485835.20120123232310@my_localhost> <4F1ECC7F.6060108@fifthhorseman.net> <114943307.20120126010250@my_localhost> <4F228CC9.3090006@digitalbrains.com> <4F2354F8.1020901@tx.rr.com> <4F238449.2050709@sixdemonbag.org> <4F238C3F.2020404@jeromebaum.com> Message-ID: <4F23B11F.4070309@sixdemonbag.org> On 1/28/2012 12:48 AM, Jerome Baum wrote: >> It isn't just that no one's written the code: it's there's no >> community consensus to deploy such code, even if it were written. >> It would be a pretty major flag day. After all, if one keyserver >> enforces it and others don't, then that's going to create a pretty >> obvious syncing problem. > > What syncing problem is that? Wouldn't the crypto-supporting > keyserver simply sync out (provide to other keyservers) it's > published packets and sync in everything (yet drop packets without a > "publish" signature)? We have two scenarios: either the no-modify keyserver retains all the now-ignored signatures or else it doesn't. For sake of argument, let's call the no-modify keyserver 'Alice', and the old keyserver 'Bob'. Scenario 1: Alice throws away the now-ignored data. Bob: Hi, Alice! Let's sync. Alice: Hi, Bob! I see we have different records for 3,731 certs. Bob: Here you go, Alice! Alice: Thanks. [reads 3,731 certs, strips off now-verboten UIDs] ... five minutes later ... Bob: Hi, Alice! Let's sync. Alice: Hi, Bob! I see we have different records for 3,731 certs. Bob: Here you go, Alice! Alice: Thanks. [reads 3,731 certs, strips off now-verboten UIDs] [24 hours and a few million redundant cert exchanges later] > To: Alice's Administrator From: Bob's Administrator > Subject: FIX YOUR BROKEN KEYSERVER ALREADY > > I've removed you from my peer lists until you can fix your > installation. Scenario 2: Alice retains the now-ignored data, serving to GnuPG clients the version that honors no-modify, and serving to other keyservers the full version Bob: Hi, Alice! Let's sync. Alice: Are you a GnuPG client or a keyserver? Bob: [glazed look in his eye] I'm sorry, Alice, that's not a request I understand. I'm an SKS keyserver, version 1.1.2. Could you repeat? Scenario 2a: As with 2, but now we have an SKS 1.1.3 that somehow identifies itself as being a keyserver and not a GnuPG client. Bob: Hi, Alice! Let's sync. Alice: Are you a GnuPG client or a keyserver? Bob: Why, a keyserver, of course. Alice: Cool! Here, have these certs, complete with the data that you shouldn't distribute outside of the keyserver network. Remember, that stuff is for us to use for ease of sync, not to be given to end-users under any circumstances, or else they'll wonder what the point is in the no-modify flag! Bob: Uh. Sure. Whatever you say, Alice. (Bob, being a 1.1.3 SKS server, has no idea what Alice is talking about: he doesn't support no-modify.) Scenario 2b: As with 2, but now imagine you have a malicious host, Mallory, who wants to get full certificates. Mallory: Hi, Alice! Let's sync. Alice: Are you a GnuPG client or a keyserver? Mallory: [twirls Snidely Whiplash moustache] A keyserver! Alice: Here, have all these certs, complete with the UIDs that shouldn't be distributed outside the keyserver network! ... Short version: for no-modify to work with the existing keyserver network, everyone would have to make the cutover or else the network would drown in sync messages. There's a real possibility that if just a few hosts didn't make the cutover that the keyserver network could go down, DDoSing itself into absolute oblivion as it desperately tried to sync keys infinitely. From dougb at dougbarton.us Sat Jan 28 09:32:26 2012 From: dougb at dougbarton.us (Doug Barton) Date: Sat, 28 Jan 2012 00:32:26 -0800 Subject: Why hashed User IDs is not the solution to User ID enumeration In-Reply-To: <4F23B11F.4070309@sixdemonbag.org> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <1324485835.20120123232310@my_localhost> <4F1ECC7F.6060108@fifthhorseman.net> <114943307.20120126010250@my_localhost> <4F228CC9.3090006@digitalbrains.com> <4F2354F8.1020901@tx.rr.com> <4F238449.2050709@sixdemonbag.org> <4F238C3F.2020404@jeromebaum.com> <4F23B11F.4070309@sixdemonbag.org> Message-ID: <4F23B29A.9070903@dougbarton.us> On 01/28/2012 00:26, Robert J. Hansen wrote: > ... Short version: for no-modify to work with the existing keyserver > network If anyone were inclined to implement this my vote would be for 1. A whole new "no-modify only" network, and 2. Start from zero, and allow users to upload clean versions of their keys. I think you've made the case effectively that adding this to the existing network isn't feasible. Doug -- It's always a long day; 86400 doesn't fit into a short. Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ From jerome at jeromebaum.com Sat Jan 28 10:06:01 2012 From: jerome at jeromebaum.com (Jerome Baum) Date: Sat, 28 Jan 2012 10:06:01 +0100 Subject: Why hashed User IDs is not the solution to User ID enumeration In-Reply-To: <4F23B11F.4070309@sixdemonbag.org> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <1324485835.20120123232310@my_localhost> <4F1ECC7F.6060108@fifthhorseman.net> <114943307.20120126010250@my_localhost> <4F228CC9.3090006@digitalbrains.com> <4F2354F8.1020901@tx.rr.com> <4F238449.2050709@sixdemonbag.org> <4F238C3F.2020404@jeromebaum.com> <4F23B11F.4070309@sixdemonbag.org> Message-ID: <4F23BA79.7030506@jeromebaum.com> On 2012-01-28 09:26, Robert J. Hansen wrote: > ... Short version: for no-modify to work with the existing keyserver > network, everyone would have to make the cutover or else the network > would drown in sync messages. There's a real possibility that if just a > few hosts didn't make the cutover that the keyserver network could go > down, DDoSing itself into absolute oblivion as it desperately tried to > sync keys infinitely. Scenario 2a, until all keyservers are upgraded (even over a period of years). Then just flip the switch to disable sync with old keyservers. But I don't think no-modify makes sense anyway, like I said. Just an interesting problem. -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA -- nameserver 217.79.186.148 nameserver 178.63.26.172 http://opennicproject.org/ -- No situation is so dire that panic cannot make it worse. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 878 bytes Desc: OpenPGP digital signature URL: From wk at gnupg.org Sat Jan 28 12:19:18 2012 From: wk at gnupg.org (Werner Koch) Date: Sat, 28 Jan 2012 12:19:18 +0100 Subject: Why hashed User IDs is not the solution to User ID enumeration In-Reply-To: <4F2354F8.1020901@tx.rr.com> (John Clizbe's message of "Fri, 27 Jan 2012 19:52:56 -0600") References: <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <1324485835.20120123232310@my_localhost> <4F1ECC7F.6060108@fifthhorseman.net> <114943307.20120126010250@my_localhost> <4F228CC9.3090006@digitalbrains.com> <4F2354F8.1020901@tx.rr.com> Message-ID: <87vcnw9irt.fsf@vigenere.g10code.de> On Sat, 28 Jan 2012 02:52, JPClizbe at tx.rr.com said: > Having keyservers support no-modify requires that they first support crypto. > That's a really big step. And a dangerous step. With keyservers doing crypto, beyond a possible TLS connection, they will be very low hanging fruit for DDoS attacks. With today's cheap botnets it will be very easy to flood the keyservers with requests to add new user ids or signatures. Even if they queue the requests they will be unresponsive and worse it will not be possible to upload legitimate key updates (e.g. revocations). Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From expires2012 at rocketmail.com Sat Jan 28 13:25:27 2012 From: expires2012 at rocketmail.com (MFPA) Date: Sat, 28 Jan 2012 12:25:27 +0000 Subject: hashed user IDs redux [was: Re: Creating a key bearing no user ID] In-Reply-To: <4F21F45E.7060308@dougbarton.us> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> <201201251352.27764.mailinglisten@hauke-laging.de> <4F208850.9060506@fifthhorseman.net> <4F2133E3.6030503@digitalbrains.com> <4F217DC0.4080307@digitalbrains.com> <4F218752.90300@sixdemonbag.org> <1221655633.20120126234121@my_localhost> <4F21F45E.7060308@dougbarton.us> Message-ID: <1489393699.20120128122527@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Friday 27 January 2012 at 12:48:30 AM, in , Doug Barton wrote: > put > whatever you like in the name and e-mail fields, and > notify the people you communicate with Which is exactly what I do already, using a key with "MFPA " as its sole User ID. > There is no software modification needed to accomplish what you want > to do. I also want people who already have an email address for me (or potentially a name, if not too common) to be able to use that as a search string to find my key from a server. To achieve the two simultaneously would need some string in the UID that could be found by searching for the email address or name but could not be converted back to that search string. - -- Best regards MFPA mailto:expires2012 at rocketmail.com I don't suffer from insanity I enjoy every minute of it. -----BEGIN PGP SIGNATURE----- iQCVAwUBTyPpTKipC46tDG5pAQoRdQQAmTp5Y5wvBa133VaEOvouavR5uK97hHFT RAkFvZfxIDJvnjO7v+13fS7eoZ8bERQRapi1GWUNyAUVMMeDY0Tgyi/MhhXOH/E+ 6rV/W3G2w119PFhK5HxfCr+Fg0bTFmSKxfQikV808yFMVynuoZptXG0snxEVgura abSGW5bL9RU= =A49c -----END PGP SIGNATURE----- From gerry.lowry at abilitybusinesscomputerservices.com Sat Jan 28 12:49:27 2012 From: gerry.lowry at abilitybusinesscomputerservices.com (gerry lowry +1 705 250-0112 alliston ontario canada) Date: Sat, 28 Jan 2012 06:49:27 -0500 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org Message-ID: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> gnupg-users at gnupg.org This is not directed at any one individual; also, other mailing lists have the same problem imho. Ideally, (my ideal), the generic "one" would simply address e-mails to gnupg-users at gnupg.org as (a) To: gnupg-users at gnupg.org nothing more, nothing less. Such an addressing scheme makes it easy to filter and order gnupg-users at gnupg.org e-mails. Instead, there's substantial variation, examples: (b) To: gnupg-users at gnupg.org Cc: x at y.tld (c) To: x at y.tld Cc: gnupg-users at gnupg.org (d) To: Cc: gnupg-users at gnupg.org (e) To: x at y.tld, gnupg-users at gnupg.org (f) To: gnupg-users at gnupg.org, x at y.tld (b) and (f) are not such a problem for filtering and/or ordering because they are similar to (a). (c), (d), and (e) do not filter/order well. (d) is the worst form imho because e-mails without a To: component are the most likely to end up in one's spam folder; in some cases, depending on one's isp, such e-mails might not even be delivered to one's client pc, i.e., they might be rejected at some mail server's gateway. FWIW, e-mail does not really have a To:, Cc:, or Bcc: field; all three are embellishments added by the e-mail client software. Behind the scenes, To:, Cc:, and Bcc: are ALL simply RCPT-TO. Please, and thank you. Regards, Gerry __________________________________ Gerry Lowry, Partner http://twitter.com/gerryLowry1947 Ability Business Computer Services ~~ Because it's your Business, our Experience Counts! 68 John W. Taylor Avenue Alliston Ontario Canada L9R 0E1 705.250.0112 gerry.lowry at abilitybusinesscomputerservices.com https://www.gerrylowryprogrammer.com http://abilitybusinesscomputerservices.com From remco at webconquest.com Sat Jan 28 13:40:06 2012 From: remco at webconquest.com (Remco Rijnders) Date: Sat, 28 Jan 2012 13:40:06 +0100 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> Message-ID: On Sat, Jan 28, 2012 at 06:49:27AM -0500, gerry wrote in <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com>: > gnupg-users at gnupg.org > >This is not directed at any one individual; >also, other mailing lists have the same problem imho. > >Ideally, (my ideal), the generic "one" would simply address e-mails to gnupg-users at gnupg.org as > >(a) To: gnupg-users at gnupg.org > >nothing more, nothing less. > >Such an addressing scheme makes it easy to filter and order gnupg-users at gnupg.org e-mails. Or filter on the List-Id header perhaps. That one is always set when you receive mail from the mail list. Seems easier to set such a filter than to expect the world to be trained into sending email in your preferred way. (Also, apply such a filter then before any spam blocking on empty To: lines etc.) Cheers, Remco -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 836 bytes Desc: Digital signature URL: From jerome at jeromebaum.com Sat Jan 28 13:44:50 2012 From: jerome at jeromebaum.com (Jerome Baum) Date: Sat, 28 Jan 2012 13:44:50 +0100 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> Message-ID: <4F23EDC2.5050304@jeromebaum.com> On 2012-01-28 12:49, gerry lowry +1 705 250-0112 alliston ontario canada wrote: > FWIW, e-mail does not really have a To:, Cc:, or Bcc: field; > all three are embellishments added by the e-mail client software. > Behind the scenes, To:, Cc:, and Bcc: are ALL simply RCPT-TO. FWIW, (MIME) e-mail does really have a To: and a Cc: field. It also has an implied Bcc: field (not on To: or Cc:). Behind the scenes, To:, Cc:, and Bcc: are ALL simply FIELDS. -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA -- nameserver 217.79.186.148 nameserver 178.63.26.172 http://opennicproject.org/ -- No situation is so dire that panic cannot make it worse. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 878 bytes Desc: OpenPGP digital signature URL: From gerry.lowry at abilitybusinesscomputerservices.com Sat Jan 28 14:21:30 2012 From: gerry.lowry at abilitybusinesscomputerservices.com (gerry lowry +1 705 250-0112 alliston ontario canada) Date: Sat, 28 Jan 2012 08:21:30 -0500 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> Message-ID: <008e01ccddbf$c10f9e20$432eda60$@abilitybusinesscomputerservices.com> Hello Remco and Jerome, FWIW, with Microsoft Outlook Express under WinXP, to view your responses, I must explicitly open (Remco's 666 byte/Jerome's 549 byte) attached body documents in an editor; alternately, I can display the message properties: Alt+Enter ==> display properties Ctrl+Tab ==> move to the details page Alt+M ==> show message source Alt+Space, x ==> maximize Page Down ==> to begin viewing your actual reply. With Microsoft Outlook 2010, you messages appear more easily BUT are also shown as attachments. Thank you both for replying: Remco "Or filter on the List-Id header perhaps. That one is always set when you receive mail from the mail list." {GL} this would work, BUT I already have very many filters for other purposes, plus, if others would address messages as per my suggestion, the filter would be unnecessary; likely many users have no idea as to how to set a filter. Remco "(Also, apply such a filter then before any spam blocking on empty To: lines etc.)" {GL} Remco, you've missed my point ... spam blocking also occurs for many individuals at or before your incoming e-mail ever gets downloaded to their computer. Jerome "FWIW, (MIME) e-mail does really have a To: and a Cc: field. It also has an implied Bcc: field (not on To: or Cc:). Behind the scenes, To:, Cc:, and Bcc: are ALL simply FIELDS." {GL} is that not what, for all intents and purposes, i wrote? > FWIW, e-mail does not really have a To:, Cc:, or Bcc: field; > all three are embellishments added by the e-mail client software. > Behind the scenes, To:, Cc:, and Bcc: are ALL simply RCPT-TO. if the sender's e-mail client did not add the FIELDS, the recipient would see NOTHING for To:, Cc:, Bcc. if the sender is NOT using an e-mail client (i.e., sending manually), she/he would (a) type RCPT-TO xxxxx for each intended recipient. E-mail client software also must insert RCPT-TO. She/he could add the FIELDS to the beginning of the message body; FIELDS do not in the raw data exist outside of the message body. Cheers, Gerry From John at enigmail.net Sat Jan 28 14:37:17 2012 From: John at enigmail.net (John Clizbe) Date: Sat, 28 Jan 2012 07:37:17 -0600 Subject: hashed user IDs redux [was: Re: Creating a key bearing no user ID] In-Reply-To: <1489393699.20120128122527@my_localhost> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> <201201251352.27764.mailinglisten@hauke-laging.de> <4F208850.9060506@fifthhorseman.net> <4F2133E3.6030503@digitalbrains.com> <4F217DC0.4080307@digitalbrains.com> <4F218752.90300@sixdemonbag.org> <1221655633.20120126234121@my_localhost> <4F21F45E.7060308@dougbarton.us> <1489393699.20120128122527@my_localhost> Message-ID: <4F23FA0D.1040603@enigmail.net> MFPA wrote: > On Friday 27 January 2012 at 12:48:30 AM, Doug Barton wrote: >> put whatever you like in the name and e-mail fields, and notify the people >> you communicate with > > Which is exactly what I do already, using a key with "MFPA " as > its sole User ID. > >> There is no software modification needed to accomplish what you want >> to do. > > I also want people who already have an email address for me (or potentially a > name, if not too common) to be able to use that as a search string to find my > key from a server. > > To achieve the two simultaneously would need some string in the UID that > could be found by searching for the email address or name but could not be > converted back to that search string. This is simpler than you're trying to make it. Try this experiment gpg --keyserver pool.sks-keyservers.net --search-keys gswot Note that the search results returns the key and all the UIDs if just one of the UIDs contains your search term. The keyservers break a UID down into words and index each word. If I search for MFPA, I'll get all keys that have an UID containing MFPA along with all the UIDs on those keys. To achieve the two goals, you only need to put each in its own UID. Just remember once they locate the matching key, they will have all the information in all the UIDs. You may need --allow-freeform-uid as Werner pointed out earlier when creating these User IDs. Sorry, but there is no way to only return a single UID matching the search term. Things were never designed that way. (So there's really no reason not to put all three in a single ID.) -- John P. Clizbe Inet:John ( a ) Enigmail DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" From peter at digitalbrains.com Sat Jan 28 14:45:16 2012 From: peter at digitalbrains.com (Peter Lebbing) Date: Sat, 28 Jan 2012 14:45:16 +0100 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> Message-ID: <4F23FBEC.6070106@digitalbrains.com> On 28/01/12 12:49, gerry lowry +1 705 250-0112 alliston ontario canada wrote: > (d) To: > Cc: gnupg-users at gnupg.org > [...] > (d) is the worst form imho because e-mails without a To: component > are the most likely to end up in one's spam folder; in some cases, > depending on one's isp, such e-mails might not even be delivered > to one's client pc, i.e., they might be rejected at some mail > server's gateway. This is a heuristic: RFC2822/RFC5322 do not require the field to be present, but if there isn't one, it increases the probability the mail is spam. Rejecting a mail for not having this field, while the rest doesn't look very spammy, is overly zealous, and I would be upset with the person who installed such a filter on my mailbox. In the default SpamAssassin setup, it seems not having a To:-field is one point towards the 5 points needed to be marked as spam. Note that other aspects might deduct points and you can end up negative (which is a good thing). > FWIW, e-mail does not really have a To:, Cc:, or Bcc: field; > all three are embellishments added by the e-mail client software. > Behind the scenes, To:, Cc:, and Bcc: are ALL simply RCPT-TO. You are confusing different layers. SMTP doesn't care about those fields, but the "Internet Message Format" RFC's, 2822 and 5322 do. You are confusing envelope with letter. Furthermore, SMTP genuinely doesn't care about those fields, they are not mapped to RCPT TO:. RCPT TO: is part of the envelope, and handed to SMTP, it does not deduct them from the fields. The mapping is these days usually performed by the e-mail client software, which you did not consider to be behind the scenes, apparently. Peter. PS: You should look for a better solution to filter/order your mails into their proper locations if your current solution cares about order of addressees. There is no order in those, and any order needed by a filter is IMHO a bug. Personally, I use the Sieve language to tell my IMAP server what to do :). if address ["to", "cc", "bcc", "resent-to"] "gnupg-users.org" { fileinto "GnuPG-Users"; } This is a deliberately suboptimal filter; I just use the List-ID as Remco suggested. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt From rjh at sixdemonbag.org Sat Jan 28 16:00:09 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sat, 28 Jan 2012 10:00:09 -0500 Subject: hashed user IDs redux [was: Re: Creating a key bearing no user ID] In-Reply-To: <1489393699.20120128122527@my_localhost> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> <201201251352.27764.mailinglisten@hauke-laging.de> <4F208850.9060506@fifthhorseman.net> <4F2133E3.6030503@digitalbrains.com> <4F217DC0.4080307@digitalbrains.com> <4F218752.90300@sixdemonbag.org> <1221655633.20120126234121@my_localhost> <4F21F45E.7060308@dougbarton.us> <1489393699.20120128122527@my_localhost> Message-ID: <4F240D79.6070102@sixdemonbag.org> On 1/28/2012 7:25 AM, MFPA wrote: > I also want people who already have an email address for me (or > potentially a name, if not too common) to be able to use that as a > search string to find my key from a server. And, as we've said several times, we run into the key enumeration problem. > To achieve the two simultaneously would need some string in the UID > that could be found by searching for the email address or name but > could not be converted back to that search string. This does not address the key enumeration problem. MFPA, we've already spent much more time on this issue than I think is warranted. Your idea would be nice if it could happen, but it does not appear to me to be possible. There is no theoretical understanding of how to solve the problem and no implementation offered that comes anywhere near to passing my sniff test. I can't speak for anyone else, but I'm done. I will not be addressing this subject again until such time as things change. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 187 bytes Desc: OpenPGP digital signature URL: From gerry.lowry at abilitybusinesscomputerservices.com Sat Jan 28 16:57:05 2012 From: gerry.lowry at abilitybusinesscomputerservices.com (gerry lowry +1 705 250-0112 alliston ontario canada) Date: Sat, 28 Jan 2012 10:57:05 -0500 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: <4F23FBEC.6070106@digitalbrains.com> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> Message-ID: <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> Hi Peter (Lebbing) Depending on one's point of view, the e-mail client UI is either "behind the scenes" or "the scene". My PoV is that everything that is necessary to display the e-mail to my vision, is "behind the scenes". That includes all activity from start to end, including what the e-mail client does to extract raw text (headers/body) and make it look pretty to my eyes. The UI is "the scene" imho. Peter, remember please, most end users are unlikely to have your in depth appreciation of the RFC universe. OTOH, most end users can click on the (date received/From/Subject/To/et cetera) columns to easily, efficiently, and quickly rearrange their inbox in a new order. Compare for example the current "Why hashed ..." thread ... From To Doug Barton Robert J. Hansen Jerome Baum Doug Barton Doug Barton Jerome Baum FWIW, I'm a masochist ... my inbox has several thousand recent messages. If the above messages were scattered through my inbox, but looked like this: From To Doug Barton gnupg-users at gnupg.org Jerome Baum gnupg-users at gnupg.org Doug Barton gnupg-users at gnupg.org I could easily pull them, as well as other gnupg-users at gnupg.org, together simply by clicking on the "To:" column header. Gerry P.S.: FWIW, gnupg-users at gnupg.org is a "list", not zig zag exchanges among individuals. From jerome at jeromebaum.com Sat Jan 28 17:28:24 2012 From: jerome at jeromebaum.com (Jerome Baum) Date: Sat, 28 Jan 2012 17:28:24 +0100 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> Message-ID: <4F242228.5050004@jeromebaum.com> On 2012-01-28 16:57, gerry lowry +1 705 250-0112 alliston ontario canada wrote: [snip a bunch of stuff about how you want us to change our emailing habits so your inbox looks better] It's your inbox. -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA -- nameserver 217.79.186.148 nameserver 178.63.26.172 http://opennicproject.org/ -- No situation is so dire that panic cannot make it worse. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 878 bytes Desc: OpenPGP digital signature URL: From gerry.lowry at abilitybusinesscomputerservices.com Sat Jan 28 18:22:56 2012 From: gerry.lowry at abilitybusinesscomputerservices.com (gerry lowry +1 705 250-0112 alliston ontario canada) Date: Sat, 28 Jan 2012 12:22:56 -0500 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: <4F242228.5050004@jeromebaum.com> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> Message-ID: <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> Jerome, nay, not so my inbox looks better, rather because it's the right thing to do for the greater good, imho. Peace, Gerry __________________________________ Gerry Lowry, Partner http://twitter.com/gerryLowry1947 Ability Business Computer Services ~~ Because it's your Business, our Experience Counts! 68 John W. Taylor Avenue Alliston Ontario Canada L9R 0E1 705.250.0112 gerry.lowry at abilitybusinesscomputerservices.com https://www.gerrylowryprogrammer.com http://abilitybusinesscomputerservices.com From sandals at crustytoothpaste.net Sat Jan 28 18:38:47 2012 From: sandals at crustytoothpaste.net (brian m. carlson) Date: Sat, 28 Jan 2012 17:38:47 +0000 Subject: Why hashed User IDs is not the solution to User ID enumeration (was: Re: Creating a key bearing no user ID) In-Reply-To: <4F2354F8.1020901@tx.rr.com> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <1324485835.20120123232310@my_localhost> <4F1ECC7F.6060108@fifthhorseman.net> <114943307.20120126010250@my_localhost> <4F228CC9.3090006@digitalbrains.com> <4F2354F8.1020901@tx.rr.com> Message-ID: <20120128173847.GC113161@crustytoothpaste.ath.cx> On Fri, Jan 27, 2012 at 07:52:56PM -0600, John Clizbe wrote: > Having keyservers support no-modify requires that they first support crypto. > That's a really big step. > > To my knowledge, no one is working on such an initiative in SKS or any other > keyserver. I'm working on an OpenPGP library which may sprout a keyserver daemon supporting this, but there's no guarantee that that will happen anytime soon, if ever. Don't hold your breath. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 836 bytes Desc: Digital signature URL: From jhs at berklix.com Sat Jan 28 18:19:07 2012 From: jhs at berklix.com (Julian H. Stacey) Date: Sat, 28 Jan 2012 18:19:07 +0100 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: Your message "Sat, 28 Jan 2012 10:57:05 EST." <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> Message-ID: <201201281719.q0SHJ7d5009286@fire.js.berklix.net> > FWIW, I'm a masochist ... my inbox has several thousand recent messages. I suggest trying procmail or similar. cat ~/.forward |/usr/local/bin/procmail cd ~/mail ; ls -1 Inbox| wc -l ; find . -type d | wc -l 117 461 Cheers, Julian -- Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com Reply below not above, cumulative like a play script, & indent with "> ". Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable. @Yahoo.com mail rejected @berklix. Get a non yahoo address. From expires2012 at rocketmail.com Sat Jan 28 19:01:59 2012 From: expires2012 at rocketmail.com (MFPA) Date: Sat, 28 Jan 2012 18:01:59 +0000 Subject: hashed user IDs redux [was: Re: Creating a key bearing no user ID] In-Reply-To: <4F23FA0D.1040603@enigmail.net> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> <201201251352.27764.mailinglisten@hauke-laging.de> <4F208850.9060506@fifthhorseman.net> <4F2133E3.6030503@digitalbrains.com> <4F217DC0.4080307@digitalbrains.com> <4F218752.90300@sixdemonbag.org> <1221655633.20120126234121@my_localhost> <4F21F45E.7060308@dougbarton.us> <1489393699.20120128122527@my_localhost> <4F23FA0D.1040603@enigmail.net> Message-ID: <2510007497.20120128180159@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Saturday 28 January 2012 at 1:37:17 PM, in , John Clizbe wrote: > To achieve the two goals, you only need to put each in > its own UID. Just remember once they locate the > matching key, they will have all the information in all > the UIDs. Which is precisely what I don't want. I'm looking for a means to place searchable information in UIDs in an obscured format. The aim is that locating the matching key does not reveal any extra information - the user would know that one of the UIDs matched, but the other UIDs would remain as useless noise. - -- Best regards MFPA mailto:expires2012 at rocketmail.com Dollar sign - An S that's been double crossed -----BEGIN PGP SIGNATURE----- iQCVAwUBTyQ4HaipC46tDG5pAQrDZgP/eV1QizzF7fwipXQxweeJF3SimiqRU47L USYXqZDfwnSJzjhGCFS43sMACZpwMILyS3806ORIKR9g6lqUrfTHH1u0mphoJrVu NBh+R2/ITnrPY8XXuvx+Vd+2/mR2r49KhGJ5qmUmJMV4AttC2hr4vThvepg6bLkS yt+4ifnNgTQ= =8KLx -----END PGP SIGNATURE----- From JPClizbe at tx.rr.com Sat Jan 28 19:29:10 2012 From: JPClizbe at tx.rr.com (John Clizbe) Date: Sat, 28 Jan 2012 12:29:10 -0600 Subject: hashed user IDs redux [was: Re: Creating a key bearing no user ID] In-Reply-To: <2510007497.20120128180159@my_localhost> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> <201201251352.27764.mailinglisten@hauke-laging.de> <4F208850.9060506@fifthhorseman.net> <4F2133E3.6030503@digitalbrains.com> <4F217DC0.4080307@digitalbrains.com> <4F218752.90300@sixdemonbag.org> <1221655633.20120126234121@my_localhost> <4F21F45E.7060308@dougbarton.us> <1489393699.20120128122527@my_localhost> <4F23FA0D.1040603@enigmail.net> <2510007497.20120128180159@my_localhost> Message-ID: <4F243E76.2090400@tx.rr.com> MFPA wrote: > On Saturday 28 January 2012 at 1:37:17 PM, John Clizbe wrote: > >> To achieve the two goals, you only need to put each in its own UID. Just >> remember once they locate the matching key, they will have all the >> information in all the UIDs. > > Which is precisely what I don't want. I'm looking for a means to place > searchable information in UIDs in an obscured format. The aim is that > locating the matching key does not reveal any extra information - the user > would know that one of the UIDs matched, but the other UIDs would remain as > useless noise. Which is why I also wrote in that message: John Clizbe wrote: > Sorry, but there is no way to only return a single UID matching the search > term. Things were never designed that way. (So there's really no reason not > to put all three in a single ID.) To repeat: OpenPGP and the keyserver network were NEVER designed to operate in the manner you wish. I doubt they ever will operate in that manner. You cannot blind a UID from other UIDs on a certificate. The day keyservers selectively return certificate information is the day the keyservers no longer are trusted. Like Rob, I'm done. There is no more to explain. Adios. Sayonara. Goodbye. I'm going back to work on getting SKS to run on Windows. -John -- John P. Clizbe Inet: John ( a ) Enigmail DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" From expires2012 at rocketmail.com Sat Jan 28 20:34:49 2012 From: expires2012 at rocketmail.com (MFPA) Date: Sat, 28 Jan 2012 19:34:49 +0000 Subject: hashed user IDs redux [was: Re: Creating a key bearing no user ID] In-Reply-To: <4F228147.7090401@digitalbrains.com> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> <201201251352.27764.mailinglisten@hauke-laging.de> <4F208850.9060506@fifthhorseman.net> <4F2133E3.6030503@digitalbrains.com> <4F217DC0.4080307@digitalbrains.com> <4F218752.90300@sixdemonbag.org> <1221655633.20120126234121@my_localhost> <4F228147.7090401@digitalbrains.com> Message-ID: <1119098017.20120128193449@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Friday 27 January 2012 at 10:49:43 AM, in , Peter Lebbing wrote: > Hi MFPA, > Can I ask what about the > dkg--noenum-0EE5BE979282D80B9F7540F1CCD2ED94D21739E9 at fifthhorseman.net > form does not satisfy your requirement that the > mailinglisten--noenum-zTTgFzNHU3RnkFyAxJuYMbs7 at hauke-laging.de > does? Or do you not agree with the latter form either? Is the idea that email addresses in the latter form contain enough entropy to render enumeration infeasible, so they could usefully be hashed and the digest placed in a UID? If so, it is a small enough price to pay. The scheme to use the fingerprint in the email address is interesting because it neatly avoids the need for keysigning. I'm not sure what it adds towards obscuring searchable information in UIDs - does the fact that the fingerprint is known for the specific key mean it doesn't really add much entropy? Or is the point that searching on the email address doesn't find the key, you have to search for the fingerprint (and the UID doesn't contain the email address at all, not even obscured)? > I'm not sure of your requirements. I thought all that > was needed was a way to find a key belonging to an > e-mail address without requiring the e-mail address to > be in the UID. The requirement I stated (or thought I had) was that the email address (or name) could not be determined from the UID but searching a keyserver for the email address (or name) would find the key. Using the fingerprint is an interesting workaround. Would a search for "dkg--noenum-0EE5BE979282D80B9F7540F1CCD2ED94D21739E9 at fifthhorseman.net@fifthhorseman.net" find the key with fingerprint "0EE5BE979282D80B9F7540F1CCD2ED94D21739E9" or would the user need to just search for "0EE5BE979282D80B9F7540F1CCD2ED94D21739E9" to get the key? - -- Best regards MFPA mailto:expires2012 at rocketmail.com If it aint broke, fix it till it is broke! -----BEGIN PGP SIGNATURE----- iQCVAwUBTyRN3qipC46tDG5pAQqX3wP8CjWRi/YDW2Sq13tijKshbevoiwl4OQ9S 3Fv6Vct12qkntTSFGMyteJ+S5M5Usb6mOG/IMy8WmiOEWVN7zdUCcVwORkZ31yKV UtYVl+dq/FG2HCMnLxTTXCfrdR2CqEJgcUaY/71FKM5lJIv8ww7FU3vEI6MiZ4C5 zgb13cWPiwU= =X+Fd -----END PGP SIGNATURE----- From dan at geer.org Sat Jan 28 19:37:05 2012 From: dan at geer.org (dan at geer.org) Date: Sat, 28 Jan 2012 13:37:05 -0500 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: Your message of "Sat, 28 Jan 2012 18:19:07 +0100." <201201281719.q0SHJ7d5009286@fire.js.berklix.net> Message-ID: <20120128183705.5146133D6B@absinthe.tinho.net> I read my mail in plaintext (RAND MH) from the command line, so things like quoted-printable, base64, UNICODE, HTML, etc., are all a fuss and bother. My "ask" is thus for plaintext with line breaks, trimming the quoted material down to the relevant parts, and no top-posting. I'd also vote for the list having a "reply-to" header. The above applies to all mailing lists, including here. I can cope; this is just my ask. Please and thank you, --dan From dougb at dougbarton.us Sun Jan 29 00:31:12 2012 From: dougb at dougbarton.us (Doug Barton) Date: Sat, 28 Jan 2012 15:31:12 -0800 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> Message-ID: <4F248540.5020605@dougbarton.us> On 01/28/2012 04:40, Remco Rijnders wrote: > Or filter on the List-Id header perhaps. That one is always set when you > receive mail from the mail list. > > Seems easier to set such a filter than to expect the world to be trained > into sending email in your preferred way. +1 -- It's always a long day; 86400 doesn't fit into a short. Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ From dougb at dougbarton.us Sun Jan 29 00:37:01 2012 From: dougb at dougbarton.us (Doug Barton) Date: Sat, 28 Jan 2012 15:37:01 -0800 Subject: hashed user IDs redux [was: Re: Creating a key bearing no user ID] In-Reply-To: <1489393699.20120128122527@my_localhost> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> <201201251352.27764.mailinglisten@hauke-laging.de> <4F208850.9060506@fifthhorseman.net> <4F2133E3.6030503@digitalbrains.com> <4F217DC0.4080307@digitalbrains.com> <4F218752.90300@sixdemonbag.org> <1221655633.20120126234121@my_localhost> <4F21F45E.7060308@dougbarton.us> <1489393699.20120128122527@my_localhost> Message-ID: <4F24869D.8040401@dougbarton.us> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 01/28/2012 04:25, MFPA wrote: > Hi > > > On Friday 27 January 2012 at 12:48:30 AM, in > , Doug Barton wrote: > > >> put >> whatever you like in the name and e-mail fields, and >> notify the people you communicate with > > Which is exactly what I do already, using a key with "MFPA " as > its sole User ID. Right. >> There is no software modification needed to accomplish what you want >> to do. > > I also want people who already have an email address for me (or > potentially a name, if not too common) to be able to use that as a > search string to find my key from a server. Assuming that you have to pass your s0uP3r Se3kr!7 e-mail address OOB anyway, just pass them the fingerprint at the same time. - -- It's always a long day; 86400 doesn't fit into a short. Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iQEcBAEBCAAGBQJPJIadAAoJEFzGhvEaGryEK0YIAKJ28yVR94Od2wsbrvUR5She Xr2x3DrQ5GdA5otawKJ+1mWMtOSW1B1zzkfLq9l+L5oNEL3nCQ6geN61urhmDgx8 bmNdWbxE2VRHx/5kIOJKd4qWTWUwQAQOyGPjfZURxY5vgM2x6S5pAw3Yo7tmz+1n mOxKpY7tUZO36ICxfdIddWD7u5kLRXPH5dg70iuxI5YnZ72OfofHJdo55cvUKCEY QJDmarzKLqGLDFXyaPnonj1QccYzgjLpsISDvHz6G2kahIzJNf6B/8jKIkkry6PF svj+aDe7/fXplkHWYsfWYOgTfwNy5/oxlf8e7GLHD37R5EQak1q3c+86hgsgMW8= =LXvM -----END PGP SIGNATURE----- From idmsdba at nycap.rr.com Sat Jan 28 22:12:34 2012 From: idmsdba at nycap.rr.com (Michael A. Yetto) Date: Sat, 28 Jan 2012 16:12:34 -0500 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> Message-ID: <20120128161234.17cb391f@Braetac.lighthouse.yetnet> On Sat, 28 Jan 2012 12:22:56 -0500 "gerry lowry +1 705 250-0112 alliston ontario canada" wrote: > Jerome, nay, not so my inbox looks better, rather because it's > the right thing to do for the greater good, imho. > It isn't for the greater good if the onus to please the few (or the one) is placed on the many. An example of doing the right thing for the greater good would be for you to use a standard sig delimiter (newline dash dash space newline). -- Mike "glad to be of service" Yetto -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: not available URL: From peter at digitalbrains.com Sun Jan 29 10:05:28 2012 From: peter at digitalbrains.com (Peter Lebbing) Date: Sun, 29 Jan 2012 10:05:28 +0100 Subject: hashed user IDs redux [was: Re: Creating a key bearing no user ID] In-Reply-To: <1119098017.20120128193449@my_localhost> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> <201201251352.27764.mailinglisten@hauke-laging.de> <4F208850.9060506@fifthhorseman.net> <4F2133E3.6030503@digitalbrains.com> <4F217DC0.4080307@digitalbrains.com> <4F218752.90300@sixdemonbag.org> <1221655633.20120126234121@my_localhost> <4F228147.7090401@digitalbrains.com> <1119098017.20120128193449@my_localhost> Message-ID: <4F250BD8.5030408@digitalbrains.com> On 28/01/12 20:34, MFPA wrote: > Or is the point that searching on the email address doesn't find the > key, you have to search for the fingerprint (and the UID doesn't contain > the email address at all, not even obscured)? Yes, exactly. The UID just says "Anonymous" or whatever you want it to say. > or would the user need to just search for > "0EE5BE979282D80B9F7540F1CCD2ED94D21739E9" to get the key? Yes. Either the user needs to be this savvy, or his tools (MUA, or GnuPG) needs to recognise the special form e-mail address and do this. To automate it, either the MUA or GnuPG needs to recognise the special form e-mail address, but no other changes are necessary (f.e. the keyserver can stay the same). By the way, the way I see it, the e-mail address really exists. You can mail to dkg--noenum-0EE5BE979282D80B9F7540F1CCD2ED94D21739E9 at fifthhorseman.net and it arrives. Demanding the MUA to automatically strip it and mail dkg at fifthhorseman.net instead really hinders adoption. I assumed Hauke Laging's high-entropy e-mail address variant also needed the e-mail address to actually exist, otherwise I don't see how that variation could meet the requirements, namely that possession of the e-mail address is enough to get someones public key. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt From expires2012 at rocketmail.com Sun Jan 29 16:16:38 2012 From: expires2012 at rocketmail.com (MFPA) Date: Sun, 29 Jan 2012 15:16:38 +0000 Subject: hashed user IDs redux [was: Re: Creating a key bearing no user ID] In-Reply-To: <20120127142023.GC6124@IUPUI.Edu> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> <201201251352.27764.mailinglisten@hauke-laging.de> <4F208850.9060506@fifthhorseman.net> <4F2133E3.6030503@digitalbrains.com> <4F217DC0.4080307@digitalbrains.com> <4F218752.90300@sixdemonbag.org> <1221655633.20120126234121@my_localhost> <4F21FDE3.30903@sixdemonbag.org> <20120127142023.GC6124@IUPUI.Edu> Message-ID: <1772142753.20120129151638@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Friday 27 January 2012 at 2:20:23 PM, in , Mark H. Wood wrote: > A difficulty here is that "spamming" is fairly > specific, while "privacy" (it seems to me) is huge, > amorphous, and defined differently by different people. The aspect of privacy relevant to this discussion is pretty specific too: selective sharing of personal information. - -- Best regards MFPA mailto:expires2012 at rocketmail.com An idealist is a person who helps other people to be prosperous -----BEGIN PGP SIGNATURE----- iQCVAwUBTyVi4aipC46tDG5pAQq3ogQAoUeXkvFFSMvQ3VI7Vz9TwiR9cSACEitt egYSvcePXCzQP3XI3kPxeU2OZ/fw/b14uB7bRvlK+GEeKnBYt4sOeZd9uW64ESIK wcBuy9tYyUj1HxSiYHRN6zjJnUtDMMHXLt3Km4CfFyA5waCcp5iO+G0JqLYYXVJW umqi4Xe00Eo= =PniH -----END PGP SIGNATURE----- From expires2012 at rocketmail.com Sun Jan 29 17:46:13 2012 From: expires2012 at rocketmail.com (MFPA) Date: Sun, 29 Jan 2012 16:46:13 +0000 Subject: hashed user IDs redux [was: Re: Creating a key bearing no user ID] In-Reply-To: <4F21FDE3.30903@sixdemonbag.org> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> <201201251352.27764.mailinglisten@hauke-laging.de> <4F208850.9060506@fifthhorseman.net> <4F2133E3.6030503@digitalbrains.com> <4F217DC0.4080307@digitalbrains.com> <4F218752.90300@sixdemonbag.org> <1221655633.20120126234121@my_localhost> <4F21FDE3.30903@sixdemonbag.org> Message-ID: <1087817786.20120129164613@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Friday 27 January 2012 at 1:29:07 AM, in , Robert J. Hansen wrote: > The use is correct. Spamming is what someone does once > they have your private information: harvesting is the > act of collecting. Far worse things than spamming can happen with your private information. > One windmill at a time, my ingenious gentleman of La > Mancha. I see the two as just one issue: protecting a string of text. > On 1/26/2012 6:41 PM, MFPA wrote: >> Why would a spammer network bother to generate email >> addresses and submit them as keyserver queries, >> rather than just sending spam out to them all? > I have been waiting for you to realize this. > *Even if you solve the key enumeration problem, you > solve nothing.* It doesn't get you anything, because > the email enumeration problem is just as bad. Random spamming is quite another thing from actually knowing an individual's personal contact details: their email addresses, the names they use, which email address is used with which name. > And yet, my two unlisted cell phones both routinely get > robocalls and telemarketers. They, too, work by > enumeration. At least they are calling random numbers rather than specifically targeting you personally. In the UK, these unsolicited calls are massively reduced by registering the number with the telephone preference service. You still get occasional calls from organisations not covered or not complying, and you get some silent calls because some callers' equipment checks the numbers they generate against the list only if the call is answered. I believe you have something similar in the US https://www.donotcall.gov/ - -- Best regards MFPA mailto:expires2012 at rocketmail.com Pain is inevitable, but misery is optional. -----BEGIN PGP SIGNATURE----- iQCVAwUBTyV326ipC46tDG5pAQoFYAP9EkzNgXqmb80MU2VSzb+ryRYvl+uuMq6h 8vkA62zGVOavYNSLXwEKH9oX+psA0pXsncbViCJfHnUh3GFV4/wgmi15W7c9gCy3 TsoYkpCBoDCTQB4yUE538XFjJKGr8qe/TNkTpnP7YOy6cpvKul6soKvu8hlsF8pP 6HJwqvQWIUQ= =yGXG -----END PGP SIGNATURE----- From expires2012 at rocketmail.com Sun Jan 29 17:56:29 2012 From: expires2012 at rocketmail.com (MFPA) Date: Sun, 29 Jan 2012 16:56:29 +0000 Subject: hashed user IDs redux [was: Re: Creating a key bearing no user ID] In-Reply-To: <4F243E76.2090400@tx.rr.com> References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <1324485835.20120123232310@my_localhost> <4F1F80BA.6010108@enigmail.net> <201201251352.27764.mailinglisten@hauke-laging.de> <4F208850.9060506@fifthhorseman.net> <4F2133E3.6030503@digitalbrains.com> <4F217DC0.4080307@digitalbrains.com> <4F218752.90300@sixdemonbag.org> <1221655633.20120126234121@my_localhost> <4F21F45E.7060308@dougbarton.us> <1489393699.20120128122527@my_localhost> <4F23FA0D.1040603@enigmail.net> <2510007497.20120128180159@my_localhost> <4F243E76.2090400@tx.rr.com> Message-ID: <966438336.20120129165629@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Saturday 28 January 2012 at 6:29:10 PM, in , John Clizbe wrote: > To repeat: OpenPGP and the keyserver network were NEVER > designed to operate in the manner you wish. I doubt > they ever will operate in that manner. You cannot blind > a UID from other UIDs on a certificate. The day > keyservers selectively return certificate information > is the day the keyservers no longer are trusted. I was not suggesting the information be selectively returned. The whole key would be returned; any UIDs that contained digests instead of plaintext would reveal no information to the user. > Like Rob, I'm done. There is no more to explain. Adios. > Sayonara. Goodbye. Fair enough. - -- Best regards MFPA mailto:expires2012 at rocketmail.com Dogs look up to us. Cats look down on us. Pigs treat us as equals. -----BEGIN PGP SIGNATURE----- iQCVAwUBTyV6Q6ipC46tDG5pAQr7bgQAjzdGeruaLYZa2HVj1LU3QFaTyC5v3A1h QTvQY8ZYBK0Ca0UKwiIVu3WPodba8zV0GL7Zw10LGlNLQH0dNGK0YHy0kzc7NHxH dMrKNgLghnvt1LYaaOQgzmxs0HKcwuvco5KSQ+v12JeyGWQSrORm3qxkvH0tAjeQ xQHaARhbBT8= =jVJf -----END PGP SIGNATURE----- From expires2012 at rocketmail.com Sun Jan 29 18:01:34 2012 From: expires2012 at rocketmail.com (MFPA) Date: Sun, 29 Jan 2012 17:01:34 +0000 Subject: Why hashed User IDs is not the solution to User ID enumeration (was: Re: Creating a key bearing no user ID) In-Reply-To: References: <9e6159eb6fffe6e3bcc4c556c8d0eca6@> <4F1CA5A2.6090903@dougbarton.us> <4F1CF132.20301@enigmail.net> <1324485835.20120123232310@my_localhost> <4F1ECC7F.6060108@fifthhorseman.net> <114943307.20120126010250@my_localhost> <4F228CC9.3090006@digitalbrains.com> <4F2354F8.1020901@tx.rr.com> Message-ID: <938682522.20120129170134@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Saturday 28 January 2012 at 6:21:25 AM, in , David Shaw wrote: > It does not support it. With keyserver.pgp.com, it's > sort of as if no-modify is always on, but in a limited > sense: the keyserver will only allow new user IDs or a > new key from the key owner (though enforced via "who > can read email at your address", rather than > cryptographically), but it allows anyone whose key is > on keyserver.pgp.com to sign a key and send the update > to the keyserver. So you can always sign someone > else's key if you desire. Does the key you are adding your signature to have to already be on keyserver.pgp.com? - -- Best regards MFPA mailto:expires2012 at rocketmail.com My mind works like lightning... one brilliant flash and it's gone -----BEGIN PGP SIGNATURE----- iQCVAwUBTyV7c6ipC46tDG5pAQqRsQP+KXxe9/EQ0tHDwmRMIdNNF/9zrM3/vtIa Wq/e6VYiXIMoNFfmI+VCr4Gs6f/I5Yi4UYStk9S+TQRxAvK32EzebVVP1gw+MqrV JFFPV5p/cbOdOP+/bNJPuWO9uck07fILpAZhoJ8FNESUVUn2AV3tLAnCTKOoDra6 igVOGjXCwQQ= =TS/Z -----END PGP SIGNATURE----- From klaus.layer at gmx.de Sun Jan 29 19:59:29 2012 From: klaus.layer at gmx.de (Klaus Layer) Date: Sun, 29 Jan 2012 19:59:29 +0100 Subject: OpenPGP card stopped working Message-ID: <201201291959.32005.klaus.layer@gmx.de> Hi, after several years without any issue my openpgp card stopped working today on my Ubuntu Lucid system. gpg --card-status just returns: gpg --card-status gpg: selecting openpgp failed: ec=6.108 gpg: OpenPGP card not available: general error I am using an omnikey cardman 4040 reader. This is what I have done so far: 1.) checked that the kernel driver cm4040_cs for cardman 4040 driver is loaded 2.) checked that gpg-agent is running: 3.) started the pcscd which is normally not required, than started pcsc_scan. pcsc_scan detects openpgp as the inserted smartcard. pcsc_scan detect insert/remove of the openpgp card 4.) inserted a brand new openpgp card, but the error stays the same 5.) replaced the cardman 4040 reader with a new 4040 reader, but the error stays the same I am out of ideas, and google did not help further. Can someone please give me a hint, how I can make my openpgp card working again. Thanks for your help. Regards, Klaus From klaus.layer at gmx.de Sun Jan 29 22:27:02 2012 From: klaus.layer at gmx.de (Klaus Layer) Date: Sun, 29 Jan 2012 22:27:02 +0100 Subject: OpenPGP card stopped working In-Reply-To: <201201291959.32005.klaus.layer@gmx.de> References: <201201291959.32005.klaus.layer@gmx.de> Message-ID: <201201292227.11252.klaus.layer@gmx.de> Klaus Layer wrote on 29.01.2012: > Hi, > > after several years without any issue my openpgp card stopped working today on > my Ubuntu Lucid system. gpg --card-status just returns: > > gpg --card-status > gpg: selecting openpgp failed: ec=6.108 > gpg: OpenPGP card not available: general error > > I am using an omnikey cardman 4040 reader. > > This is what I have done so far: > > 1.) checked that the kernel driver cm4040_cs for cardman 4040 driver is loaded > 2.) checked that gpg-agent is running: > 3.) started the pcscd which is normally not required, than started pcsc_scan. > pcsc_scan detects openpgp as the inserted smartcard. pcsc_scan detect > insert/remove of the openpgp card > 4.) inserted a brand new openpgp card, but the error stays the same > 5.) replaced the cardman 4040 reader with a new 4040 reader, but the error > stays the same > Ok, I resolved the issue. I added verbose debug 1024 debug-ccid-driver log-file /home/user/scdaemon.log to ~/.gnupg/scdaemon.conf and found out that the permissions of /dev/cmx0 did no longer allow others to r/w to the device. Somehow the udev rules to set scard group for /dev/cmx0 vanished from my system. After recreating a rules file /etc/udev/rules.d/40-gnupg.rules with SUBSYSTEM=="cardman_4040", GROUP="scard", MODE="0660" it works again. Regards, Klaus -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 316 bytes Desc: This is a digitally signed message part. URL: From gerry.lowry at abilitybusinesscomputerservices.com Mon Jan 30 02:19:57 2012 From: gerry.lowry at abilitybusinesscomputerservices.com (gerry lowry +1 705 250-0112 alliston ontario canada) Date: Sun, 29 Jan 2012 20:19:57 -0500 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: <20120128161234.17cb391f@Braetac.lighthouse.yetnet> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> Message-ID: <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> Dear Michael (Yetto), M.A.Y.: "It isn't for the greater good if the onus to please the few (or the one) is placed on the many." Michael, if the few care more about being above "the many", than the needs of "the many", does that not lead to disparity? "The many" are not all as knowledgeable as the Yettos of this world ... "the many" get excluded technologically; technologically disparity is akin to economic disparity ... if Warren Buffet can reach out to "the rich", then the techie~~astute can reach out to the techie~~challenged. Henri David Thoreau, paraphrased: "if one person is more right that her/his neighbours, then that person constitutes a majority of one". ----- AFAIK, there is no such thing as a "standard" signature AFAIK. if there were, on would expect to find it more consistently here gnupg-users at gnupg.org. M.A.Y.: "standard sig delimiter (newline dash dash space newline)." I'm assuming that by sig, you mean "signature" and not tagline. The following are recent examples of "non-standard" signatures: ______________________________________________________________________________________ Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ______________________________________________________________________________________ Kind regards, Christian --- . . . common/t-sexputil -- 1.7.8.3 ______________________________________________________________________________________ *** Robert J. Hansen *** { no signature } also: PGP signature ______________________________________________________________________________________ Cheers, Remco ______________________________________________________________________________________ vedaal ______________________________________________________________________________________ --dkg ______________________________________________________________________________________ --dan ______________________________________________________________________________________ /Holger ______________________________________________________________________________________ -- FWIW Gerry (Lowry) From jerome at jeromebaum.com Mon Jan 30 02:26:28 2012 From: jerome at jeromebaum.com (Jerome Baum) Date: Mon, 30 Jan 2012 02:26:28 +0100 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> Message-ID: <4F25F1C4.9010408@jeromebaum.com> On 2012-01-30 02:19, gerry lowry +1 705 250-0112 alliston ontario canada wrote: > Michael, if the few care more about being above "the many", than the needs of "the many", > does that not lead to disparity? "The many" are not all as knowledgeable > as the Yettos of this world ... "the many" get excluded technologically; > technologically disparity is akin to economic disparity ... if Warren Buffet > can reach out to "the rich", then the techie~~astute can reach out to the > techie~~challenged. This part wraps and looks really ugly in my email client. Please fix. -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA -- nameserver 217.79.186.148 nameserver 178.63.26.172 http://opennicproject.org/ -- No situation is so dire that panic cannot make it worse. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 878 bytes Desc: OpenPGP digital signature URL: From rjh at sixdemonbag.org Mon Jan 30 02:41:04 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sun, 29 Jan 2012 20:41:04 -0500 Subject: Netiquette (was RE: Meta) In-Reply-To: <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> Message-ID: <4F25F530.1040301@sixdemonbag.org> On 1/29/2012 8:19 PM, gerry lowry wrote: > [everything snipped] The name of the game, to me, seems to be ensuring the lowest common denominator of communications. If there's no need for HTML, why use HTML? If there's no need for attachments, why use attachments? If there's no need for a long subject line, why use it? The Right Thing To Do appears to me to be UTF-8, plain text whenever feasible, no attachments whenever feasible, coupled with healthy doses of "please," "thank you," and a cheerful acceptance of the fact that ultimately the only communications you control are your own. :) From expires2012 at rocketmail.com Mon Jan 30 02:52:44 2012 From: expires2012 at rocketmail.com (MFPA) Date: Mon, 30 Jan 2012 01:52:44 +0000 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> Message-ID: <774873157.20120130015244@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Monday 30 January 2012 at 1:19:57 AM, in , gerry lowry +1 705 250-0112 alliston ontario canada wrote: > AFAIK, there is no such thing as a "standard" signature > AFAIK. But there is a standard signature delimiter or cut mark. Many mail clients cut the message at that delimiter when replying, so that when trimming quotes you don't need to delete the signature text yourself. > if there were, on would expect to find it more > consistently here gnupg-users at gnupg.org. Looking through recent postings, the signature delimiter seems to appear in about half of the messages on this list. - -- Best regards MFPA mailto:expires2012 at rocketmail.com Raining cats and dogs is better than hailing taxis. -----BEGIN PGP SIGNATURE----- iQCVAwUBTyX38aipC46tDG5pAQoKFQP/c09WEaG9Wwg0+UJ/G2k286gPP7E2WejC aeoKkE7f2Pm4Y+9CM06bzDO6zKbwL89wnmgMilaxbPEFI0UHXYHRhkVj1zDT5j+2 izUPB+RtQgEGVUTsL0WlHk9EAC87OHp6mIJRVOO/44oSOAagvDam0FLMvBv2QkC/ TxsCV3bTPfM= =mtla -----END PGP SIGNATURE----- From jerry at seibercom.net Mon Jan 30 03:13:48 2012 From: jerry at seibercom.net (Jerry) Date: Sun, 29 Jan 2012 21:13:48 -0500 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: <774873157.20120130015244@my_localhost> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> Message-ID: <20120129211348.2b49cc7b@scorpio> On Mon, 30 Jan 2012 01:52:44 +0000 MFPA articulated: > On Monday 30 January 2012 at 1:19:57 AM, in > , > gerry lowry +1 705 250-0112 alliston ontario canada wrote: > > > > > AFAIK, there is no such thing as a "standard" signature > > AFAIK. > > But there is a standard signature delimiter or cut mark. Many mail > clients cut the message at that delimiter when replying, so that when > trimming quotes you don't need to delete the signature text yourself. > > > > if there were, on would expect to find it more > > consistently here gnupg-users at gnupg.org. > > Looking through recent postings, the signature delimiter seems to > appear in about half of the messages on this list. > > > - -- > Best regards > > MFPA mailto:expires2012 at rocketmail.com Interestingly enough, your "Sig Delimiter" is bonked. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From expires2012 at rocketmail.com Mon Jan 30 03:23:04 2012 From: expires2012 at rocketmail.com (MFPA) Date: Mon, 30 Jan 2012 02:23:04 +0000 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: <20120129211348.2b49cc7b@scorpio> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> Message-ID: <1862457322.20120130022304@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Monday 30 January 2012 at 2:13:48 AM, in , Jerry wrote: > On Mon, 30 Jan 2012 01:52:44 +0000 MFPA articulated: >> Looking through recent postings, the signature >> delimiter seems to appear in about half of the >> messages on this list. >> - -- >> Best regards >> MFPA >> mailto:expires2012 at rocketmail.com > Interestingly enough, your "Sig Delimiter" is bonked. That is an unfortunate consequence of signing my message with GnuPG; all lines lose trailing spaces and any line beginning with a dash gets prefixed with a dash and a space. - -- Best regards MFPA mailto:expires2012 at rocketmail.com A wise man once said ..."I don't know." -----BEGIN PGP SIGNATURE----- iQCVAwUBTyX/GKipC46tDG5pAQpVOAP/eJRNC5e+76P46c9WsPUT7HXZXkYdTu2e BSOxN2cSrG9FCkQ3hQ6NMjj70rIpWBHNxCrEKT9N2X3+aecCdOudiVdfwkCreYWl sVYScS6F0L3K9/exfxq7jk+jRKj/RdHKC5uOCeDkur5gSQ5gZ4bnXAgatzy94Ow+ 7yn/B9jogxk= =9K8M -----END PGP SIGNATURE----- From peter at digitalbrains.com Mon Jan 30 10:26:55 2012 From: peter at digitalbrains.com (Peter Lebbing) Date: Mon, 30 Jan 2012 10:26:55 +0100 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: <1862457322.20120130022304@my_localhost> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> Message-ID: <4F26625F.3090701@digitalbrains.com> On 30/01/12 03:23, MFPA wrote: >> Interestingly enough, your "Sig Delimiter" is bonked. > > That is an unfortunate consequence of signing my message with GnuPG; > all lines lose trailing spaces and any line beginning with a dash gets > prefixed with a dash and a space. Or: how a boring off-topic conversation got on-topic. Enigmail still recognises the "bonked" :) sig delimiter and correctly omits the signature when replying. That is, I assume it is Enigmail doing it for me, it seems the most logical conclusion. Could also be Thunderbird itself. Peter. PS: I wouldn't mind if this silly conversation were over. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt From jerry at seibercom.net Mon Jan 30 10:34:59 2012 From: jerry at seibercom.net (Jerry) Date: Mon, 30 Jan 2012 04:34:59 -0500 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: <1862457322.20120130022304@my_localhost> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> Message-ID: <20120130043459.6967f6fe@scorpio> On Mon, 30 Jan 2012 02:23:04 +0000 MFPA articulated: > That is an unfortunate consequence of signing my message with GnuPG; > all lines lose trailing spaces and any line beginning with a dash gets > prefixed with a dash and a space. That is because you are using "inline" rather than "mime" for signing. The "inline"method has been for the most part deprecated. You might want to give serious thought to switching your signing method. By the way, as clearly stated at the bottom of my post, I do not require or want a CC'd copy. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: From dougb at dougbarton.us Mon Jan 30 10:45:01 2012 From: dougb at dougbarton.us (Doug Barton) Date: Mon, 30 Jan 2012 01:45:01 -0800 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: <20120130043459.6967f6fe@scorpio> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> Message-ID: <4F26669D.4000609@dougbarton.us> On 01/30/2012 01:34, Jerry wrote: > On Mon, 30 Jan 2012 02:23:04 +0000 > MFPA articulated: > >> That is an unfortunate consequence of signing my message with GnuPG; >> all lines lose trailing spaces and any line beginning with a dash gets >> prefixed with a dash and a space. > > That is because you are using "inline" rather than "mime" for signing. > The "inline"method has been for the most part deprecated. Jerry, you've been around long enough to know that A) that's not true, and B) bringing it up only leads to the same rathole discussion over and over again. > You might > want to give serious thought to switching your signing method. > > By the way, as clearly stated at the bottom of my post, I do not > require or want a CC'd copy. A) how unfortunate then that your signature gets clipped when I reply :) or B) Yeah, that's a silly rathole too. If you don't want the dupe, you go change your mailman settings to fix it. Meanwhile, including the poster in the reply goes back from before e-mail was a thing, and often helps carry on the conversation when the list is slow. ... and now we've come full circle .... Doug -- It's always a long day; 86400 doesn't fit into a short. Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ From jerry at seibercom.net Mon Jan 30 12:27:41 2012 From: jerry at seibercom.net (Jerry) Date: Mon, 30 Jan 2012 06:27:41 -0500 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: <4F26669D.4000609@dougbarton.us> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <4F26669D.4000609@dougbarton.us> Message-ID: <20120130062741.74086a4c@scorpio> On Mon, 30 Jan 2012 01:45:01 -0800 Doug Barton articulated: > On 01/30/2012 01:34, Jerry wrote: > > On Mon, 30 Jan 2012 02:23:04 +0000 > > MFPA articulated: > > > >> That is an unfortunate consequence of signing my message with > >> GnuPG; all lines lose trailing spaces and any line beginning with > >> a dash gets prefixed with a dash and a space. > > > > That is because you are using "inline" rather than "mime" for > > signing. The "inline"method has been for the most part deprecated. > > Jerry, you've been around long enough to know that A) that's not true, > and B) bringing it up only leads to the same rathole discussion over > and over again. > > > You might > > want to give serious thought to switching your signing method. > > > > By the way, as clearly stated at the bottom of my post, I do not > > require or want a CC'd copy. > > A) how unfortunate then that your signature gets clipped when I > reply :) or > B) Yeah, that's a silly rathole too. If you don't want the dupe, you > go change your mailman settings to fix it. Meanwhile, including the > poster in the reply goes back from before e-mail was a thing, and > often helps carry on the conversation when the list is slow. > > ... and now we've come full circle .... Unfortunately, eliminating dupes, aka "CC'd" mail is not that easy. I use to have a sieve rule that eliminated mail that was both sent to a mailing list and CC'd to me. I even went as far as having the superfluous copy sent to SpamCop thinking that perhaps the sender might get the idea that I didn't not want and specifically requested not to receive multiple copies of the same draft. Unfortunately, over the years I have not keep that rule updated. Now, thanks to you and a few other morons, I now have been sufficiently motivated to update it. Thanks Doug, it is not yet 6:30am and I have all ready added to my day's agenda. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From ccogcj at gmail.com Mon Jan 30 07:57:23 2012 From: ccogcj at gmail.com (Belleraphone) Date: Sun, 29 Jan 2012 22:57:23 -0800 (PST) Subject: Clearsigning on Windows Message-ID: <33227342.post@talk.nabble.com> Title of this says it all. How do I clear sign my stuff in the Windows version of GnuPG? -- View this message in context: http://old.nabble.com/Clearsigning-on-Windows-tp33227342p33227342.html Sent from the GnuPG - User mailing list archive at Nabble.com. From stevebell at gulli.com Mon Jan 30 10:42:09 2012 From: stevebell at gulli.com (Steve) Date: Mon, 30 Jan 2012 10:42:09 +0100 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: <20120130043459.6967f6fe@scorpio> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> Message-ID: <5D9945C8-8116-4357-9602-B9D822A077C4@gulli.com> > That is because you are using "inline" rather than "mime" for signing. > The "inline"method has been for the most part deprecated. You might > want to give serious thought to switching your signing method. Which is, why I don't understand why Enigmail still uses inline as a default setting? Cheers, steve -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 841 bytes Desc: Message signed with OpenPGP using GPGMail URL: From wk at gnupg.org Mon Jan 30 14:59:41 2012 From: wk at gnupg.org (Werner Koch) Date: Mon, 30 Jan 2012 14:59:41 +0100 Subject: Clearsigning on Windows In-Reply-To: <33227342.post@talk.nabble.com> (Belleraphone's message of "Sun, 29 Jan 2012 22:57:23 -0800 (PST)") References: <33227342.post@talk.nabble.com> Message-ID: <871uqh9tpu.fsf@vigenere.g10code.de> On Mon, 30 Jan 2012 07:57, ccogcj at gmail.com said: > Title of this says it all. How do I clear sign my stuff in the Windows > version of GnuPG? gpg --clearsign FILE results in FILE.asc Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From peter at digitalbrains.com Mon Jan 30 15:27:37 2012 From: peter at digitalbrains.com (Peter Lebbing) Date: Mon, 30 Jan 2012 15:27:37 +0100 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: <20120130062741.74086a4c@scorpio> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <4F26669D.4000609@dougbarton.us> <20120130062741.74086a4c@scorpio> Message-ID: <4F26A8D9.4020802@digitalbrains.com> On 30/01/12 12:27, Jerry wrote: > Now, thanks to you and a few other morons, For crying out loud, stop crying out loud. Get over it. People will CC you. Stop bothering us with your complaints every time. We all, including you, have better things to do with our time than repeating this annyoing discussion ad infinitum. While I'm at it, I might point you towards DJB's Mail-Followup-To header. It might help us all to be freed of this endless litany. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt From jerry at seibercom.net Mon Jan 30 15:53:49 2012 From: jerry at seibercom.net (Jerry) Date: Mon, 30 Jan 2012 09:53:49 -0500 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: <4F26A8D9.4020802@digitalbrains.com> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <4F26669D.4000609@dougbarton.us> <20120130062741.74086a4c@scorpio> <4F26A8D9.4020802@digitalbrains.com> Message-ID: <20120130095349.40b05815@scorpio> On Mon, 30 Jan 2012 15:27:37 +0100 Peter Lebbing articulated: > On 30/01/12 12:27, Jerry wrote: > > Now, thanks to you and a few other morons, > > For crying out loud, stop crying out loud. Get over it. People will > CC you. Stop bothering us with your complaints every time. We all, > including you, have better things to do with our time than repeating > this annyoing discussion ad infinitum I have all ready updated my sieve rules to include this forum. I hadn't bothered doing it before because for the most part, the posters on this forum are intelligent enough to know that you need only reply to the group unless specifically requested to do otherwise. Since this is an OPT-IN forum, the need to CC in order to reach a poster is not required. Obviously, some posters prefer to clutter up other readers with superfluous garbage. > While I'm at it, I might point you towards DJB's Mail-Followup-To > header. It might help us all to be freed of this endless litany. There is no such header as Mail-Followup-To. Dan Bernstein does not specify the email standards. RFC 5322 (and earlier, RFC 2822 and RFC 822) does. I thought you would have been aware of that. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From rjh at sixdemonbag.org Mon Jan 30 16:34:32 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 30 Jan 2012 10:34:32 -0500 Subject: Enigmail and PGP/MIME (was Re: META) In-Reply-To: <5D9945C8-8116-4357-9602-B9D822A077C4@gulli.com> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <5D9945C8-8116-4357-9602-B9D822A077C4@gulli.com> Message-ID: <4F26B888.4080107@sixdemonbag.org> On 1/30/12 4:42 AM, Steve wrote: > I don't understand why Enigmail still uses inline as a > default setting... There is no "Enigmail-approved" reason. Everyone on the Enigmail team who's contributed to this decision has their own reasons for their support of PGP/MIME or lack thereof. These are mine. Fact one: we estimate we have a few tens of thousands of casual users, many of whom send us their problems directly rather than going through the mailing list or forums. Fact two: it's easy to find MUAs, MTAs and other software in the chain that don't support (or outright break!) PGP/MIME. Outlook is a good example of this, and until fairly recently Mailman was, too. Over time PGP/MIME support gets better, but today it's still nowhere near perfect. Add those two facts together and you'll see that I advocate defaulting to inline PGP for sake of my own sanity. Speaking for myself, I do not believe PGP/MIME is ready for mass deployment to end-users. The infrastructure isn't there: there are still too many buggy clients. This has been getting better and it will continue to get better. Once I go a solid year without getting a message from a frustrated Enigmail user telling me that Enigmail has a bug because his or her signed posts to a mailing list keep on breaking, then I'll support switching to PGP/MIME by default. The last time I got one of those messages was November. Let's hope... From MichaelQuigley at TheWay.Org Mon Jan 30 16:41:19 2012 From: MichaelQuigley at TheWay.Org (MichaelQuigley at TheWay.Org) Date: Mon, 30 Jan 2012 10:41:19 -0500 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: In-Reply-To: Message-ID: > ----- Message from Jerry on Mon, 30 Jan 2012 > 06:27:41 -0500 ----- > Unfortunately, eliminating dupes, aka "CC'd" mail is not that easy. I believe Doug's reference to MAILMAN settings is suggesting that you log into the mailing list manager (http://lists.gnupg.org/mailman/options/gnupg-users) Once you get in and edit your settings, the last setting is titled "Avoid duplicate copies of messages?" If you change this setting to "Yes", the list won't send you a copy of messages to which you are explicitly addressed ("To:" or "CC:"). -------------- next part -------------- An HTML attachment was scrubbed... URL: From wk at gnupg.org Mon Jan 30 17:36:52 2012 From: wk at gnupg.org (Werner Koch) Date: Mon, 30 Jan 2012 17:36:52 +0100 Subject: [Announce] GnuPG 1.4.12 released Message-ID: <87mx9587vf.fsf@vigenere.g10code.de> Hello! We are pleased to announce the availability of a new stable GnuPG-1 release: Version 1.4.12. The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It is a complete and free replacement of PGP and can be used to encrypt data and to create digital signatures. It includes an advanced key management facility, smartcard support and is compliant with the OpenPGP Internet standard as described by RFC-4880. Note that this version is from the GnuPG-1 series and thus smaller than those from the GnuPG-2 series, easier to build and also better portable to ancient platforms. In contrast to GnuPG-2 (e.g version 2.0.18) it comes with no support for S/MIME, Secure Shell, or other tools useful for desktop environments. Fortunately you may install both versions alongside on the same system without any conflict. What's New =========== * GPG now accepts a space separated fingerprint as a user ID. This allows to copy and paste the fingerprint from the key listing. * Removed support for the original HKP keyserver which is not anymore used by any site. * Rebuild the trustdb after changing the option --min-cert-level. * Improved JPEG detection. * Included more VMS patches * Made it easier to create an installer for Windows. * Supports the 32 bit variant of the mingw-w64 toolchain. * Made file locking more portable. * Minor bug fixes. * Ukrainian translation. Getting the Software ==================== First of all, decide whether you really need GnuPG version 1.4.x - most users are better off with the modern GnuPG 2.0.x version. Thene follow the instructions found at http://www.gnupg.org/download/ or read on: GnuPG 1.4.12 may be downloaded from one of the GnuPG mirror sites or direct from ftp://ftp.gnupg.org/gcrypt/ . The list of mirrors can be found at http://www.gnupg.org/mirrors.html . Note, that GnuPG is not available at ftp.gnu.org. On the mirrors you should find the following files in the *gnupg* directory: gnupg-1.4.12.tar.bz2 (3500k) gnupg-1.4.12.tar.bz2.sig GnuPG source compressed using BZIP2 and OpenPGP signature. gnupg-1.4.12.tar.gz (4823k) gnupg-1.4.12.tar.gz.sig GnuPG source compressed using GZIP and OpenPGP signature. gnupg-1.4.11-1.4.12.diff.bz2 (574k) A patch file to upgrade a 1.4.11 GnuPG source tree. This patch does not include updates of the language files. Select one of them. To shorten the download time, you probably want to get the BZIP2 compressed file. Please try another mirror if exceptional your mirror is not yet up to date. In the *binary* directory, you should find these files: gnupg-w32cli-1.4.12.exe (1557k) gnupg-w32cli-1.4.12.exe.sig GnuPG compiled for Microsoft Windows and OpenPGP signature. This is a command line only version; the source files are the same as given above. Note, that this is a minimal installer and unless you are just in need for the gpg binary, you are better off using the full featured installer at http://www.gpg4win.org . Checking the Integrity ====================== In order to check that the version of GnuPG which you are going to install is an original and unmodified one, you can do it in one of the following ways: * If you already have a trusted version of GnuPG installed, you can simply check the supplied signature. For example to check the signature of the file gnupg-1.4.12.tar.bz2 you would use this command: gpg --verify gnupg-1.4.12.tar.bz2.sig This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by that signing key. Make sure that you have the right key, either by checking the fingerprint of that key with other sources or by checking that the key has been signed by a trustworthy other key. Note, that you can retrieve the signing key using the command finger wk ,at' g10code.com | gpg --import or using a keyserver like gpg --recv-key 4F25E3B6 The distribution key 1CE0C630 is signed by the well known keys 1E42B367. If you get an key expired message, you should retrieve a fresh copy as the expiration date might have been prolonged. NEVER USE A GNUPG VERSION YOU JUST DOWNLOADED TO CHECK THE INTEGRITY OF THE SOURCE - USE AN EXISTING GNUPG INSTALLATION! * If you are not able to use an old version of GnuPG, you have to verify the SHA-1 checksum. Assuming you downloaded the file gnupg-1.4.12.tar.bz2, you would run the sha1sum command like this: sha1sum gnupg-1.4.12.tar.bz2 and check that the output matches the first line from the following list: 9b78e20328d35525af7b8a9c1cf081396910e937 gnupg-1.4.12.tar.bz2 790587e440ec7d429b120db7a96a237badc638fd gnupg-1.4.12.tar.gz 5ce9105ce6b6c9c38638eead87658f4b735a4a68 gnupg-1.4.11-1.4.12.diff.bz2 e7d8e48900d35fe407a8d8308b3a02b8de46b2f2 gnupg-w32cli-1.4.12.exe Internationalization ==================== GnuPG comes with support for 29 languages. Due to a lot of new and changed strings some translations are not entirely complete. The Chinese (Simple and Traditional), Czech, Dutch, French, German, Norwegian, Polish, Romanian, Russian, Spanish, Swedish, Ukrainian and Turkish translations are close to be complete. Support ======= A listing with commercial support offers for GnuPG is available at: http://www.gnupg.org/service.html Improving and maintaining GnuPG is costly, but you can help! g10 Code GmbH (http://g10code.com), a Duesseldorf based company owned and headed by GnuPG's principal author, has been funding GnuPG development for more than 10 years now. They are looking for organizations that find GnuPG useful and wish to contribute back by ordering extensions, sign into a support contract, or employ them for other development projects. Thanks ====== We have to thank all the people who helped with this release, be it testing, coding, translating, suggesting, auditing, donating money, spreading the word, or answering questions on the mailing lists. Happy Hacking, The GnuPG Team (David, Werner and the other contributors) -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 207 bytes Desc: not available URL: -------------- next part -------------- _______________________________________________ Gnupg-announce mailing list Gnupg-announce at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce From wk at gnupg.org Mon Jan 30 18:07:07 2012 From: wk at gnupg.org (Werner Koch) Date: Mon, 30 Jan 2012 18:07:07 +0100 Subject: Enigmail and PGP/MIME In-Reply-To: <4F26B888.4080107@sixdemonbag.org> (Robert J. Hansen's message of "Mon, 30 Jan 2012 10:34:32 -0500") References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <5D9945C8-8116-4357-9602-B9D822A077C4@gulli.com> <4F26B888.4080107@sixdemonbag.org> Message-ID: <87ipjt86h0.fsf@vigenere.g10code.de> On Mon, 30 Jan 2012 16:34, rjh at sixdemonbag.org said: > Fact two: it's easy to find MUAs, MTAs and other software in the chain > that don't support (or outright break!) PGP/MIME. Outlook is a good Outlook has PGP/MIME support via a plugin. Thunderbird has PGP/MIME support via plugin. Both are hampered by decisions of Microsoft and Mozilla, not to help implementing proper MIME handlers. In fact, back in 2000 or so the then new Mozilla mail code had a nice structure and easily allowed to hook in MIME handlers. I wrote a basic PGP/MIME implementation back then; someone else wrote a master theses and enhanced my code to a complete implementation. Mozilla refused the code because they disliked OpenPGP. Enigmail still encounteres the same problem. For the record, PGP/MIME is pretty old - older than (the free) Mozilla: 2015 MIME Security with Pretty Good Privacy (PGP). M. Elkins. October 1996. (Format: TXT=14223 bytes) (Updated by RFC3156) (Status: PROPOSED STANDARD) Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From rjh at sixdemonbag.org Mon Jan 30 18:15:34 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 30 Jan 2012 12:15:34 -0500 Subject: Enigmail and PGP/MIME In-Reply-To: <87ipjt86h0.fsf@vigenere.g10code.de> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <5D9945C8-8116-4357-9602-B9D822A077C4@gulli.com> <4F26B888.4080107@sixdemonbag.org> <87ipjt86h0.fsf@vigenere.g10code.de> Message-ID: <4F26D036.9070503@sixdemonbag.org> On 1/30/12 12:07 PM, Werner Koch wrote: > Outlook has PGP/MIME support via a plugin. Out of the box, Outlook doesn't support PGP/MIME and won't even render the plain text portions -- or, at least, such was the case the last time I checked Outlook, which was some time ago: I try to avoid dealing with Outlook whenever possible. Thunderbird at least will render the plaintext. > Both are hampered by decisions of Microsoft and Mozilla, not to help > implementing proper MIME handlers. [much history omitted] I'm certainly not disagreeing with any of this. From greg at turnstep.com Mon Jan 30 17:27:44 2012 From: greg at turnstep.com (Greg Sabino Mullane) Date: Mon, 30 Jan 2012 16:27:44 -0000 Subject: Using the not-dash-escaped option In-Reply-To: <1862457322.20120130022304@my_localhost> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 NotDashEscaped: You need GnuPG to verify this message >>> - -- >>> Best regards ... >> Interestingly enough, your "Sig Delimiter" is bonked. > That is an unfortunate consequence of signing my message with GnuPG; > all lines lose trailing spaces and any line beginning with a dash gets > prefixed with a dash and a space. That's exactly what the --not-dash-escaped option is for. Granted, it's not portable to some other PGP implemetations, but if there is any mailing list in world in which it would be acceptable, I would think it would be this one! :) -- Greg Sabino Mullane greg at turnstep.com PGP Key: 0x14964AC8 201201301125 http://biglumber.com/x/web?pk=2529DF6AB8F79407E94445B4BC9B906714964AC8 -----BEGIN PGP SIGNATURE----- iEYEAREDAAYFAk8mxLAACgkQvJuQZxSWSsgoDQCg2QifdcDmm9mfQpuD8Lzz8+2C nZAAoOUuDIohAz9OVrZEeqyBDO2dLBFV =VVmM -----END PGP SIGNATURE----- From sandals at crustytoothpaste.net Mon Jan 30 20:06:43 2012 From: sandals at crustytoothpaste.net (brian m. carlson) Date: Mon, 30 Jan 2012 19:06:43 +0000 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: In-Reply-To: References:

Message-ID: <20120130190643.GB184889@crustytoothpaste.ath.cx> On Mon, Jan 30, 2012 at 10:41:19AM -0500, MichaelQuigley at TheWay.Org wrote: > I believe Doug's reference to MAILMAN settings is suggesting that you log > into the mailing list manager > (http://lists.gnupg.org/mailman/options/gnupg-users) Once you get in and > edit your settings, the last setting is titled "Avoid duplicate copies of > messages?" If you change this setting to "Yes", the list won't send you a > copy of messages to which you are explicitly addressed ("To:" or "CC:"). The problem is that unlike regular list messages, the dupes don't come with the list headers, which makes sorting them based on the list headers problematic. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 836 bytes Desc: Digital signature URL: From wk at gnupg.org Mon Jan 30 20:05:35 2012 From: wk at gnupg.org (Werner Koch) Date: Mon, 30 Jan 2012 20:05:35 +0100 Subject: Enigmail and PGP/MIME In-Reply-To: <4F26D036.9070503@sixdemonbag.org> (Robert J. Hansen's message of "Mon, 30 Jan 2012 12:15:34 -0500") References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <5D9945C8-8116-4357-9602-B9D822A077C4@gulli.com> <4F26B888.4080107@sixdemonbag.org> <87ipjt86h0.fsf@vigenere.g10code.de> <4F26D036.9070503@sixdemonbag.org> Message-ID: <87obtl6mf4.fsf@vigenere.g10code.de> On Mon, 30 Jan 2012 18:15, rjh at sixdemonbag.org said: > Out of the box, Outlook doesn't support PGP/MIME and won't even render > the plain text portions -- or, at least, such was the case the last time > I checked Outlook, which was some time ago: I try to avoid dealing with It renders the plain text fine, at least with OL2003 SP2. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From ccogcj at gmail.com Mon Jan 30 21:57:41 2012 From: ccogcj at gmail.com (Belleraphone) Date: Mon, 30 Jan 2012 12:57:41 -0800 (PST) Subject: Clearsigning on Windows In-Reply-To: <871uqh9tpu.fsf@vigenere.g10code.de> References: <33227342.post@talk.nabble.com> <871uqh9tpu.fsf@vigenere.g10code.de> Message-ID: <33232115.post@talk.nabble.com> I'm at the gpg.exe application, which file do I clearsign exactly? Do I need to export my key? I'm a little new at this. Werner Koch wrote: > > On Mon, 30 Jan 2012 07:57, ccogcj at gmail.com said: >> Title of this says it all. How do I clear sign my stuff in the Windows >> version of GnuPG? > > gpg --clearsign FILE > > results in FILE.asc > > > Shalom-Salam, > > Werner > > > -- > Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > -- View this message in context: http://old.nabble.com/Clearsigning-on-Windows-tp33227342p33232115.html Sent from the GnuPG - User mailing list archive at Nabble.com. From mailinglisten at hauke-laging.de Mon Jan 30 22:03:38 2012 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Mon, 30 Jan 2012 22:03:38 +0100 Subject: Clearsigning on Windows In-Reply-To: <33232115.post@talk.nabble.com> References: <33227342.post@talk.nabble.com> <871uqh9tpu.fsf@vigenere.g10code.de> <33232115.post@talk.nabble.com> Message-ID: <201201302203.39005.mailinglisten@hauke-laging.de> Am Montag, 30. Januar 2012, 21:57:41 schrieb Belleraphone: > I'm at the gpg.exe application, which file do I clearsign exactly? You are probably the only one who knows which file(s) you want clearsigned. Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 555 bytes Desc: This is a digitally signed message part. URL: From ccogcj at gmail.com Mon Jan 30 22:12:13 2012 From: ccogcj at gmail.com (Belleraphone) Date: Mon, 30 Jan 2012 13:12:13 -0800 (PST) Subject: Clearsigning on Windows In-Reply-To: <201201302203.39005.mailinglisten@hauke-laging.de> References: <33227342.post@talk.nabble.com> <871uqh9tpu.fsf@vigenere.g10code.de> <33232115.post@talk.nabble.com> <201201302203.39005.mailinglisten@hauke-laging.de> Message-ID: <33232212.post@talk.nabble.com> I realize that, but how do I make it so that my files are fit to be clearsigned? I was given a bunch of information from a website that said what needed to be clearsigned. How do I put this information into a file that gpu.exe can read and clearsign? Hauke Laging wrote: > > Am Montag, 30. Januar 2012, 21:57:41 schrieb Belleraphone: >> I'm at the gpg.exe application, which file do I clearsign exactly? > > You are probably the only one who knows which file(s) you want > clearsigned. > > > Hauke > -- > PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814 > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > -- View this message in context: http://old.nabble.com/Clearsigning-on-Windows-tp33227342p33232212.html Sent from the GnuPG - User mailing list archive at Nabble.com. From dougb at dougbarton.us Mon Jan 30 22:29:55 2012 From: dougb at dougbarton.us (Doug Barton) Date: Mon, 30 Jan 2012 13:29:55 -0800 Subject: Clearsigning on Windows In-Reply-To: <33232212.post@talk.nabble.com> References: <33227342.post@talk.nabble.com> <871uqh9tpu.fsf@vigenere.g10code.de> <33232115.post@talk.nabble.com> <201201302203.39005.mailinglisten@hauke-laging.de> <33232212.post@talk.nabble.com> Message-ID: <4F270BD3.4000808@dougbarton.us> On 01/30/2012 13:12, Belleraphone wrote: > > I realize that, but how do I make it so that my files are fit to be > clearsigned? I was given a bunch of information from a website that said > what needed to be clearsigned. How do I put this information into a file > that gpu.exe can read and clearsign? You're probably overthinking it. Create the file in the manner that is described in your instructions, and then sign it. If that doesn't make sense to you, we need more information about what you're trying to accomplish. Doug -- It's always a long day; 86400 doesn't fit into a short. Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ From mailinglisten at hauke-laging.de Mon Jan 30 22:49:03 2012 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Mon, 30 Jan 2012 22:49:03 +0100 Subject: Clearsigning on Windows In-Reply-To: <33232212.post@talk.nabble.com> References: <33227342.post@talk.nabble.com> <201201302203.39005.mailinglisten@hauke-laging.de> <33232212.post@talk.nabble.com> Message-ID: <201201302249.04131.mailinglisten@hauke-laging.de> Am Montag, 30. Januar 2012, 22:12:13 schrieb Belleraphone: > I realize that, but how do I make it so that my files are fit to be > clearsigned? I am not sure whether I understand what you mean. --clearsign is usable for text files only not for binary files. Those need --sign or --detach-sign. > I was given a bunch of information from a website that said > what needed to be clearsigned. How do I put this information into a file > that gpu.exe can read and clearsign? It seems not to be possible to make a single signature for several files at once whose names are read from STDIN (or a file). But you can give several files on the command line: gpg --armor --output signature.asc --detach-sign file1 file2 file3 The result can be checked by gpg --verify signature.asc file1 file2 file3 In that case you have to check all files simultaneously. If you have a big lot of files to be signed then you can a) either create an archive file (by whatever archieve application you like and which supports reading file names from a file) and sign that single file b) use scripting (which I don't know anything about under Windows) to 1) either create the long command line The Linux (bash) way would be: gpg --armor --output signature.asc --detach-sign $(cat filelist.txt) 2) call gpg for each file (which makes sense only without a passphrase od with passphrase caching (gpg-agent) The Linux (bash) way would be: while read filename do gpg --armor --detach-sign "$filename" done < filelist.txt Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 555 bytes Desc: This is a digitally signed message part. URL: From ccogcj at gmail.com Mon Jan 30 22:53:56 2012 From: ccogcj at gmail.com (Belleraphone) Date: Mon, 30 Jan 2012 13:53:56 -0800 (PST) Subject: Clearsigning on Windows In-Reply-To: <4F270BD3.4000808@dougbarton.us> References: <33227342.post@talk.nabble.com> <871uqh9tpu.fsf@vigenere.g10code.de> <33232115.post@talk.nabble.com> <201201302203.39005.mailinglisten@hauke-laging.de> <33232212.post@talk.nabble.com> <4F270BD3.4000808@dougbarton.us> Message-ID: <33232502.post@talk.nabble.com> My instructions just tell me to clearsign the following and then the paste the results in a box. Here's what i have to clearsign. Keep in mind I'm using GnuPG for windows. mode new_user username XXXXXX fprint XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX FUDForum XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Fossil XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Moin XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Zine XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Now what exactly do I do with this? I put it in a text file and then verify it with gpg.exe? The same gpg.exe thats in the pub folder? So far everytime I try to clearsign the .txt file with the info posted above but it does not work. Doug Barton-2 wrote: > > On 01/30/2012 13:12, Belleraphone wrote: >> >> I realize that, but how do I make it so that my files are fit to be >> clearsigned? I was given a bunch of information from a website that said >> what needed to be clearsigned. How do I put this information into a file >> that gpu.exe can read and clearsign? > > You're probably overthinking it. Create the file in the manner that is > described in your instructions, and then sign it. If that doesn't make > sense to you, we need more information about what you're trying to > accomplish. > > > Doug > > -- > > It's always a long day; 86400 doesn't fit into a short. > > Breadth of IT experience, and depth of knowledge in the DNS. > Yours for the right price. :) http://SupersetSolutions.com/ > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > -- View this message in context: http://old.nabble.com/Clearsigning-on-Windows-tp33227342p33232502.html Sent from the GnuPG - User mailing list archive at Nabble.com. From mailinglisten at hauke-laging.de Mon Jan 30 23:02:55 2012 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Mon, 30 Jan 2012 23:02:55 +0100 Subject: Clearsigning on Windows In-Reply-To: <33232502.post@talk.nabble.com> References: <33227342.post@talk.nabble.com> <4F270BD3.4000808@dougbarton.us> <33232502.post@talk.nabble.com> Message-ID: <201201302302.55818.mailinglisten@hauke-laging.de> Am Montag, 30. Januar 2012, 22:53:56 schrieb Belleraphone: > So far > everytime I try to clearsign the .txt file with the info posted above but > it does not work. "It doesn't work" without any explanation what exactly you have done and what "It doesn't work" means precisely does not make it easier to help you. You have already been told the necessary command by Werner. Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 555 bytes Desc: This is a digitally signed message part. URL: From papillion at gmail.com Mon Jan 30 22:20:07 2012 From: papillion at gmail.com (Anthony Papillion) Date: Mon, 30 Jan 2012 15:20:07 -0600 Subject: Clearsigning on Windows In-Reply-To: <33232212.post@talk.nabble.com> References: <33227342.post@talk.nabble.com> <871uqh9tpu.fsf@vigenere.g10code.de> <33232115.post@talk.nabble.com> <201201302203.39005.mailinglisten@hauke-laging.de> <33232212.post@talk.nabble.com> Message-ID: On Mon, Jan 30, 2012 at 3:12 PM, Belleraphone wrote: > > I realize that, but how do I make it so that my files are fit to be > clearsigned? I was given a bunch of information from a website that said > what needed to be clearsigned. How do I put this information into a file > that gpu.exe can read and clearsign? GPG can read and clearsign any file. Just put the information into a file and then execute the given command against that file. From ccogcj at gmail.com Tue Jan 31 00:06:55 2012 From: ccogcj at gmail.com (Belleraphone) Date: Mon, 30 Jan 2012 15:06:55 -0800 (PST) Subject: Clearsigning on Windows In-Reply-To: <201201302302.55818.mailinglisten@hauke-laging.de> References: <33227342.post@talk.nabble.com> <871uqh9tpu.fsf@vigenere.g10code.de> <33232115.post@talk.nabble.com> <201201302203.39005.mailinglisten@hauke-laging.de> <33232212.post@talk.nabble.com> <4F270BD3.4000808@dougbarton.us> <33232502.post@talk.nabble.com> <201201302302.55818.mailinglisten@hauke-laging.de> Message-ID: <33232991.post@talk.nabble.com> I figured it out, there was a "sign" button on the windows version which was the clear sign. Hauke Laging wrote: > > Am Montag, 30. Januar 2012, 22:53:56 schrieb Belleraphone: > >> So far >> everytime I try to clearsign the .txt file with the info posted above >> but >> it does not work. > > "It doesn't work" without any explanation what exactly you have done and > what > "It doesn't work" means precisely does not make it easier to help you. You > have already been told the necessary command by Werner. > > > Hauke > -- > PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814 > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > -- View this message in context: http://old.nabble.com/Clearsigning-on-Windows-tp33227342p33232991.html Sent from the GnuPG - User mailing list archive at Nabble.com. From John at enigmail.net Tue Jan 31 00:09:34 2012 From: John at enigmail.net (John Clizbe) Date: Mon, 30 Jan 2012 17:09:34 -0600 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: <20120130043459.6967f6fe@scorpio> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> Message-ID: <4F27232E.2060508@enigmail.net> Jerry wrote: > On Mon, 30 Jan 2012 02:23:04 +0000 > MFPA articulated: > >> That is an unfortunate consequence of signing my message with GnuPG; >> all lines lose trailing spaces and any line beginning with a dash gets >> prefixed with a dash and a space. > > That is because you are using "inline" rather than "mime" for signing. > The "inline"method has been for the most part deprecated. You might > want to give serious thought to switching your signing method. I always get a chuckle every time I read someone writing that inline signing is somehow "deprecated." Strangely enough, the only place I can find the origination of such an idea is in the PGP/MIME RFC 3156 itself which strikes me as somewhat self-serving. Deprecation is not mentioned in the OpenPGP standard RFC 4880. I use PGP/MIME when I know a mailing list supports it and inline when I know it doesn't. I use PGP/MIME if I know the recipient's MUA supports it, inline otherwise. On the Netiquette part of this thread, I too set a Reply-To header that seems at least one person regularly ignores. Please don't CC me on list replies. One copy is enough. -- John P. Clizbe Inet: John ( a ) Enigmail DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" From John at enigmail.net Tue Jan 31 00:28:39 2012 From: John at enigmail.net (John Clizbe) Date: Mon, 30 Jan 2012 17:28:39 -0600 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: <1862457322.20120130022304@my_localhost> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> Message-ID: <4F2727A7.9000807@enigmail.net> MFPA wrote: > Hi > On Monday 30 January 2012 at 2:13:48 AM, Jerry wrote: >> On Mon, 30 Jan 2012 01:52:44 +0000 MFPA articulated: >>> Looking through recent postings, the signature >>> delimiter seems to appear in about half of the >>> messages on this list. >>> - -- >>> Best regards >>> MFPA >>> mailto:expires2012 at rocketmail.com > >> Interestingly enough, your "Sig Delimiter" is bonked. > > That is an unfortunate consequence of signing my message with GnuPG; > all lines lose trailing spaces and any line beginning with a dash gets > prefixed with a dash and a space. That is part of the OpenPGP standard RFC 4880. Trailing space removed and line endings canonicalized to CR-LF. Lines beginning with a hyphen/dash are dash-space escaped "- " in order to avoid confusion with OpenPGP message headers. There used to be a bug in the Mozilla mailnews code that left "-- "alone, but stripped the space from "- -- ". I think it was fixed some time ago. -- John P. Clizbe Inet: John ( a ) Enigmail DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP From rjh at sixdemonbag.org Tue Jan 31 00:40:08 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 30 Jan 2012 18:40:08 -0500 Subject: PGP/MIME use (was Re: META) In-Reply-To: <4F27232E.2060508@enigmail.net> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <4F27232E.2060508@enigmail.net> Message-ID: <4F272A58.10708@sixdemonbag.org> On 1/30/12 6:09 PM, John Clizbe wrote: > I always get a chuckle every time I read someone writing that inline signing is > somehow "deprecated." Strangely enough, the only place I can find the > origination of such an idea is in the PGP/MIME RFC 3156 itself which strikes me > as somewhat self-serving. Deprecation is not mentioned in the OpenPGP standard > RFC 4880. Well, in defense of that interpretation, RFC4880 just specifies a packet format and ASCII armoring -- it's deliberately silent on everything from RFCx822 integration to concerns about using it as the basis for disk encryption products. I would favor seeing an "OpenPGP best practices" RFC. 4880 tells us what's legal OpenPGP traffic, but says nothing about what's worthwhile. > I use PGP/MIME when I know a mailing list supports it and inline when I know it > doesn't. I use PGP/MIME if I know the recipient's MUA supports it, inline otherwise. This comes fairly close to my own practices, with one significant exception: since it's almost impossible for me to know whether all the MUAs used on a mailing list support PGP/MIME, I feel it's better for mailing list traffic to be inline. Of course, I really feel it's better for mailing list traffic to not be signed at all, since usually all it gives us is a false sense of security. A signature from an unvalidated key belonging to an unknown person whom we don't know from Adam doesn't mean much, if anything at all. From faramir.cl at gmail.com Tue Jan 31 00:06:15 2012 From: faramir.cl at gmail.com (Faramir) Date: Mon, 30 Jan 2012 20:06:15 -0300 Subject: GnuPG distribution signature Message-ID: <4F272267.7040107@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hello, Is key D869 2123 C406 5DEA 5E0F 3AB5 249B 39D2 4F25 E3B6 ( 0x4F25E3B6 ) the current key used for signing files? I suppose it is, but I'd like to ask before issuing a local signature. Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJPJyJnAAoJEMV4f6PvczxAdT0IAIk+D4P847GCWn3bZbkIqHPI rXZkdov92g25YfOXfZLJAB0J994IEdc+PwwV0T3/UdScxWxCuJpuRffVsxWyxVeO phrV1C/7vQ81OdaUR0Rq2cPb3n2vjj4lbGNTj9KHkJ34LLt5ngPp6wInf1FDoBH0 rcjtBOcjHhVZq7iSFK8No6wwjeRwSrPjcJRtdmcu6kUT0dNK1X+1ke0/Lw2FfQg6 5cJcX+yZ02/u5fNwhOr5ALP5napSsFogu3DGUFm2TD91j3zso3LA5EbRGa1hmQk4 eZeA1VURQOuIKT9VJk8pr7oXJ7yjh0veWH1BIrHf0x6Su0f5uWYSm27zWX2mveA= =XfC7 -----END PGP SIGNATURE----- From olav at enigmail.net Tue Jan 31 07:34:07 2012 From: olav at enigmail.net (Olav Seyfarth) Date: Tue, 31 Jan 2012 07:34:07 +0100 Subject: GnuPG distribution signature In-Reply-To: <4F272267.7040107@gmail.com> References: <4F272267.7040107@gmail.com> Message-ID: <4F278B5F.4090001@enigmail.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Hi Faramir, > Is key 0x4F25E3B6 the current key used for signing files? according to the website, it is: In the 3rd text paragraph on http://gnupg.org/download/integrity_check.en.html "signing key" links to http://gnupg.org/signature_key.en.html which lists | pub 2048R/4F25E3B6 2011-01-12 [expires: 2019-12-31] | Key fingerprint = D869 2123 C406 5DEA 5E0F 3AB5 249B 39D2 4F25 E3B6 | uid Werner Koch (dist sig) | sub 2048R/AC87C71A 2011-01-12 [expires: 2019-12-31] | | Releases done in the years 1996 to 2010 are signed by this key: | [older key summyries and ascii-armored key follows] That new key 4F25E3B6 is signed by the older signing key 1CE0C630. Olav - -- The Enigmail Project - OpenPGP Email Security For Mozilla Applications -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Dies ist eine elektronische Signatur - http://enigmail.mozdev.org/ iQGcBAEBAwAGBQJPJ4tUAAoJEKGX32tq4e9W94kL/jypq3l1Zwmi+N4Rjkokzuaw hyx/yxU/hOqb1qE+v7sL8FdvD+jN0s+2QBOdjyya3ij1bz0s/zmNnbC64qpo818h DxW8h73gvCX9bzAfrIk6WDvpOziBPi9z0BNOlFN7Q4dcqKmOCWRmugjp2/mU/uo5 eG4UMF9dM3cIy/5DLfOBC+Dq+xAJgc6c7XIR8NL/ifp6rFYyDRrEVLHKAtZ6s8/N XNF99r0DuXIm4xmnhRJjx1nevg90SnotzLn3UbMmjFvrEOTFhk0QDXDlYybCauVd pswvHdi8m+4uUgLjtQydR5BLwzBxCITdFqGI2ac8UsCk0KocAlrtzk8XrsirjA/I sSBYdBNfEL0aVmrn2XZGHyPhUs+JSKAFOPQQ+96cJAk4uCf2/QhOCtCYfDpC9GuG gKdhEFnkecZEwoCF+kRHtQSdZ/Uexr1NxZ45EHVrDTVSTC6rbWZWQ/pYllKL+L7u kUvCdCuv33VPb0IscuLFFP0rMaSfrQ7JSWQGAfKihw== =LmkF -----END PGP SIGNATURE----- From wk at gnupg.org Tue Jan 31 09:15:26 2012 From: wk at gnupg.org (Werner Koch) Date: Tue, 31 Jan 2012 09:15:26 +0100 Subject: GnuPG distribution signature In-Reply-To: <4F272267.7040107@gmail.com> (Faramir's message of "Mon, 30 Jan 2012 20:06:15 -0300") References: <4F272267.7040107@gmail.com> Message-ID: <87bopk70f5.fsf@vigenere.g10code.de> On Tue, 31 Jan 2012 00:06, faramir.cl at gmail.com said: > Hello, > Is key D869 2123 C406 5DEA 5E0F 3AB5 249B 39D2 4F25 E3B6 ( > 0x4F25E3B6 ) the current key used for signing files? I suppose it is, Yes, it is. See my OpenPGP mail header for a list of all my keys and their descriptions. There is a small error in the announcement: gpg --recv-key 4F25E3B6 The distribution key 1CE0C630 is signed by the well known keys It should say gpg --recv-key 4F25E3B6 The distribution key 4F25E3B6 is signed by the well known keys Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From laurent.jumet at skynet.be Tue Jan 31 08:45:24 2012 From: laurent.jumet at skynet.be (Laurent Jumet) Date: Tue, 31 Jan 2012 08:45:24 +0100 Subject: GnuPG distribution signature In-Reply-To: <4F272267.7040107@gmail.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Hello Faramir ! Faramir wrote: > Is key D869 2123 C406 5DEA 5E0F 3AB5 249B 39D2 4F25 E3B6 ( > 0x4F25E3B6 ) the current key used for signing files? I suppose it is, > but I'd like to ask before issuing a local signature. This is what I get; seems you are using another key? === Begin Windows Clipboard === gpg: Signature made 01/31/12 00:06:15 gpg: using RSA key 0xEF733C40 gpg: Good signature from "Faramir.cl (It's a nickname, of course) " gpg: aka "Faramir " gpg: aka "Javier Fern?ndez Almirall (aka Faramir.cl)" gpg: aka "Javier Fern?ndez Almirall (GSWoT:CL68) " gpg: aka "Javier Fern?ndez Almirall (CAcert Assurer) " gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 388C 1FBD BE98 35D7 BD02 253B 8212 1A45 4319 410E Subkey fingerprint: 16B1 A455 916E AF30 0623 CA51 C578 7FA3 EF73 3C40 === End Windows Clipboard === - -- Laurent Jumet KeyID: 0xCFAF704C -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (MingW32) iHEEAREDADEFAk8nnHkqGGh0dHA6Ly93d3cucG9pbnRkZWNoYXQubmV0LzB4Q0ZB RjcwNEMuYXNjAAoJEPUdbaDPr3BMZBEAn1KG41qySnF/YKFKbRK/GBy6NLmyAJ9l DITkg1T1miUtiMo9XPQ6WyY+Ew== =ue/T -----END PGP SIGNATURE----- From themuslimagorist at gmail.com Tue Jan 31 06:03:59 2012 From: themuslimagorist at gmail.com (Davi Barker) Date: Mon, 30 Jan 2012 21:03:59 -0800 Subject: Compiling GnuPG problem Message-ID: GnuPG crew, Thank you in advance for your patience. I am new to Linux, new to Ubuntu, and new the GnuPG and this is the first time I am trying to do any of this. I successfully downloaded a package named gnupg-2.0.18.tar.bz2 from gnupg.org. Following the instructions, I successfully configured the package using the "./configure" command, but when I attempted to compile he package using the "make" command I received the error message, "make: *** No targets specified and no makefile found. Stop." yet I can see two makefiles in the folder: Makefile.am and Makefile.in. Am I doing something wrong? Did apply the commands in the wrong directory? What do you recommend? Peace Davi -- The San Francisco Muslim Examiner National Libertarian Examiner Graphic Artist at Eccentric Circle Propagandist at Vote 4 Nobody -------------- next part -------------- An HTML attachment was scrubbed... URL: From remco at webconquest.com Tue Jan 31 12:27:14 2012 From: remco at webconquest.com (Remco Rijnders) Date: Tue, 31 Jan 2012 12:27:14 +0100 Subject: Compiling GnuPG problem In-Reply-To: References: Message-ID: On Mon, Jan 30, 2012 at 09:03:59PM -0800, Davi wrote in : >GnuPG crew, > >Thank you in advance for your patience. I am new to Linux, new to Ubuntu, >and new the GnuPG and this is the first time I am trying to do any of this. >I successfully downloaded a package named gnupg-2.0.18.tar.bz2 from >gnupg.org. Following the instructions, I successfully configured the >package using the "./configure" command, but when I attempted to compile he >package using the "make" command I received the error message, "make: *** >No targets specified and no makefile found. Stop." yet I can see two >makefiles in the folder: Makefile.am and Makefile.in. Am I doing something >wrong? Did apply the commands in the wrong directory? What do you recommend? Hi Davi, What is your intended goal? Is it to compile (this specific version) of gnupg from source, or just to use gnupg? If the latter, as root doing: apt-get install gnupg should download and install a working gnupg version on your computer. Cheers, Remco -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 836 bytes Desc: Digital signature URL: From jerry at seibercom.net Tue Jan 31 12:59:18 2012 From: jerry at seibercom.net (Jerry) Date: Tue, 31 Jan 2012 06:59:18 -0500 Subject: PGP/MIME use (was Re: META) In-Reply-To: <4F272A58.10708@sixdemonbag.org> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <4F27232E.2060508@enigmail.net> <4F272A58.10708@sixdemonbag.org> Message-ID: <20120131065918.5cd15ffb@scorpio> On Mon, 30 Jan 2012 18:40:08 -0500 Robert J. Hansen articulated: > This comes fairly close to my own practices, with one significant > exception: since it's almost impossible for me to know whether all the > MUAs used on a mailing list support PGP/MIME, I feel it's better for > mailing list traffic to be inline. I take the opposite approach. Due to the way "inline" messes up the format of a message, and obviously renders the "sig-delimiter" useless, I prefer to use "PGP/MIME". Plus, so many morons, I could use "intellectually challenged" if you prefer, fail to trim a replied to messaged; ie, they leave all of the superfluous "inline" garbage plus other parts of the replied to message intact rather than strip it out, just adds to the annoyance factor. Supporting the "inline" method is like supporting a grown child. If you keep supporting him/her, they will never leave home. Stop supporting them and they will leave. The same is true for "inline" PGP. If support for it were to cease, it would also. > Of course, I really feel it's better for mailing list traffic to not > be signed at all, since usually all it gives us is a false sense of > security. A signature from an unvalidated key belonging to an unknown > person whom we don't know from Adam doesn't mean much, if anything at > all. I totally agree. I have never seen or heard any logical excuse for the signing of list traffic. What am I going to do, attempt to use the identity of another poster? What purpose would that serve anyway? As you so eloquently pointed out, "A signature from an unvalidated key belonging to an unknown person whom we don't know from Adam doesn't mean much, if anything at all." By the way, "unvalidated" is probably not a word; at least accord to Merriam Webster . -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ Never forget: 2 + 2 = 5 for extremely large values of 2. From jerry at seibercom.net Tue Jan 31 13:03:36 2012 From: jerry at seibercom.net (Jerry) Date: Tue, 31 Jan 2012 07:03:36 -0500 Subject: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org In-Reply-To: <4F2727A7.9000807@enigmail.net> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <4F2727A7.9000807@enigmail.net> Message-ID: <20120131070336.0a6d72ac@scorpio> On Mon, 30 Jan 2012 17:28:39 -0600 John Clizbe articulated: > >> Interestingly enough, your "Sig Delimiter" is bonked. > > > > That is an unfortunate consequence of signing my message with GnuPG; > > all lines lose trailing spaces and any line beginning with a dash > > gets prefixed with a dash and a space. > > That is part of the OpenPGP standard RFC 4880. Trailing space removed > and line endings canonicalized to CR-LF. Lines beginning with a > hyphen/dash are dash-space escaped "- " in order to avoid confusion > with OpenPGP message headers. > > There used to be a bug in the Mozilla mailnews code that left "-- > "alone, but stripped the space from "- -- ". I think it was fixed > some time ago. Thanks, I thought that, that behavior was specified somewhere, but I was not sure of the RFC the specified it. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From markoran at eunet.rs Tue Jan 31 13:12:37 2012 From: markoran at eunet.rs (Marko Randjelovic) Date: Tue, 31 Jan 2012 13:12:37 +0100 Subject: Revoke a key 0E84608B Message-ID: <4F27DAB5.5030301@eunet.rs> I tried to revoke this key since after changing a passphrase on 2012-01-28 and using it with new passphrase immediately after, after a few hours I could not again be successfull (bad passphrase). But revkey also askes for a passphrase. Is there any way to revoke this key? Best regards -------------- next part -------------- A non-text attachment was scrubbed... Name: 0x0E84608B.asc Type: application/pgp-keys Size: 6501 bytes Desc: not available URL: From markoran at eunet.rs Tue Jan 31 12:16:56 2012 From: markoran at eunet.rs (Marko Randjelovic) Date: Tue, 31 Jan 2012 12:16:56 +0100 Subject: Revoke a key 0E84608B Message-ID: <4F27CDA8.7060000@eunet.rs> I tried to revoke this key since after changing a passphrase on 2012-01-28 and using it with new passphrase imidiately after, after a few hours I could not again be successfull (bad passphrase). But revkey also askes for a passphrase. Is there any way to revoke this key? Best regards -------------- next part -------------- A non-text attachment was scrubbed... Name: 0x0E84608B.asc Type: application/pgp-keys Size: 6501 bytes Desc: not available URL: From peter at digitalbrains.com Tue Jan 31 13:22:43 2012 From: peter at digitalbrains.com (Peter Lebbing) Date: Tue, 31 Jan 2012 13:22:43 +0100 Subject: Reply-to netiquette (was [META] please start To: with gnupg-users@gnupg.org...) In-Reply-To: <4F27232E.2060508@enigmail.net> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <4F27232E.2060508@enigmail.net> Message-ID: <4F27DD13.1070905@digitalbrains.com> On 31/01/12 00:09, John Clizbe wrote: > On the Netiquette part of this thread, I too set a Reply-To header that seems at > least one person regularly ignores. Please don't CC me on list replies. One copy > is enough. Well, I don't know if you refer to me, my apologies if so. I know how that comes about when /I/ reply to a mail you write. Thunderbird doesn't show me your Reply-To: header. Not even if I press "View->Headers->All"! It took me some time to find the circumstances under which this happens. It turns out that if To: and Reply-To: have the same e-mail address, Reply-To: is silently dropped. And this is exactly the case with your messages. I just press the button "reply all", and Thunderbird addresses a CC: to you. Remember I haven't seen your Reply-To header, so I can't take a decision on what it means myself, only Thunderbird gets to do that. If this dropping of Reply-To: is a bug, and fixed, then hopefully I'll notice it and remove a CC: if the person I'm responding to has "Reply-To: gnupg-users..." set. But it's still something that can easily be overlooked. If I press "reply to list", even people who would want a CC: when I reply to their message will not get one. I was under the impression "reply to all" was the convention here on gnupg-users. Isn't it? I read Dan J Bernsteins words on Reply-To and his propositions, Mail-Followup-To etcetera. I'm going to be blunt here: it's a pity DJB came up with these, because I think a less controversial person would have much more chance of getting it into an RFC. I don't want to spark a pro- and contra-DJB discussion here, so please take a few breaths before you reply. There should be mail headers for: - List customs: reply all/reply list - Personal preferences overriding list customs: do you want CC:'s? Either that, or we should all exclusively use Usenet ;). Do away with the concept of mailing list altogether. Peter. PS: I'm running Mozilla/5.0 (X11; U; Linux x86_64; en-GB; rv:1.9.2.24) Gecko/20111114 Icedove/3.1.16, as you can see in the headers ;). On Debian wheezy. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt From wk at gnupg.org Tue Jan 31 13:58:50 2012 From: wk at gnupg.org (Werner Koch) Date: Tue, 31 Jan 2012 13:58:50 +0100 Subject: Revoke a key 0E84608B In-Reply-To: <4F27CDA8.7060000@eunet.rs> (Marko Randjelovic's message of "Tue, 31 Jan 2012 12:16:56 +0100") References: <4F27CDA8.7060000@eunet.rs> Message-ID: <87k4483u5x.fsf@vigenere.g10code.de> On Tue, 31 Jan 2012 12:16, markoran at eunet.rs said: > Is there any way to revoke this key? No. That is way we suggest to create and print out a revocation certificate right after key creation. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Tue Jan 31 13:56:44 2012 From: wk at gnupg.org (Werner Koch) Date: Tue, 31 Jan 2012 13:56:44 +0100 Subject: Compiling GnuPG problem In-Reply-To: (Davi Barker's message of "Mon, 30 Jan 2012 21:03:59 -0800") References: Message-ID: <87obtk3u9f.fsf@vigenere.g10code.de> On Tue, 31 Jan 2012 06:03, themuslimagorist at gmail.com said: > I successfully downloaded a package named gnupg-2.0.18.tar.bz2 from > gnupg.org. Following the instructions, I successfully configured the > package using the "./configure" command, but when I attempted to compile he Are you sure that the configure run was successfully? Read the error messages closely. At the end of a successful run you should see a list of configure options active for the build (platform: xxxx, etc.). Most likely you missed to install or build a required dependency Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From jerry at seibercom.net Tue Jan 31 14:05:09 2012 From: jerry at seibercom.net (Jerry) Date: Tue, 31 Jan 2012 08:05:09 -0500 Subject: Reply-to netiquette (was [META] please start To: with gnupg-users@gnupg.org...) In-Reply-To: <4F27DD13.1070905@digitalbrains.com> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <4F27232E.2060508@enigmail.net> <4F27DD13.1070905@digitalbrains.com> Message-ID: <20120131080509.07f7602e@scorpio> On Tue, 31 Jan 2012 13:22:43 +0100 Peter Lebbing articulated: > On 31/01/12 00:09, John Clizbe wrote: > > On the Netiquette part of this thread, I too set a Reply-To header > > that seems at least one person regularly ignores. Please don't CC > > me on list replies. One copy is enough. > > Well, I don't know if you refer to me, my apologies if so. I know how > that comes about when /I/ reply to a mail you write. > > Thunderbird doesn't show me your Reply-To: header. Not even if I > press "View->Headers->All"! It took me some time to find the > circumstances under which this happens. It turns out that if To: and > Reply-To: have the same e-mail address, Reply-To: is silently > dropped. And this is exactly the case with your messages. > > I just press the button "reply all", and Thunderbird addresses a CC: > to you. Remember I haven't seen your Reply-To header, so I can't take > a decision on what it means myself, only Thunderbird gets to do that. > > If this dropping of Reply-To: is a bug, and fixed, then hopefully > I'll notice it and remove a CC: if the person I'm responding to has > "Reply-To: gnupg-users..." set. But it's still something that can > easily be overlooked. The Thunderbird bug was fixed I thought awhile ago. I did not notice the version of Thunderbird that you are employing. You could try the latest version, V.9.0.1 and see if that corrects the problem. > If I press "reply to list", even people who would want a CC: when I > reply to their message will not get one. I was under the impression > "reply to all" was the convention here on gnupg-users. Isn't it? This is an "OPT-IN"list. Some lists, like FreeBSD are open, but not this one. Therefore, the use of a CC is neither required, nor in many instances, appreciate. In actuality, it serves no purpose at all on an "OPT-IN" mailing list. > I read Dan J Bernsteins words on Reply-To and his propositions, > Mail-Followup-To etcetera. I'm going to be blunt here: it's a pity > DJB came up with these, because I think a less controversial person > would have much more chance of getting it into an RFC. I don't want > to spark a pro- and contra-DJB discussion here, so please take a few > breaths before you reply. > There should be mail headers for: > - List customs: reply all/reply list > - Personal preferences overriding list customs: do you want CC:'s? The net is littered with ideas from people who were well liked and respected whose ideas never made it into an RFC. The "Reply-To" works well for those who use it. Unfortunately, some MUA's have just never gotten their head around the concept. Filing BUG reports and basically making yourself a "pain in the ass" to the developers of those applications can work wonders. > Either that, or we should all exclusively use Usenet ;). Do away with > the concept of mailing list altogether. I have used Usenet for many years. Like any other form of communications, it has its advantages and drawbacks. > PS: I'm running Mozilla/5.0 (X11; U; Linux x86_64; en-GB; > rv:1.9.2.24) Gecko/20111114 Icedove/3.1.16, as you can see in the > headers ;). On Debian wheezy. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From olav at enigmail.net Tue Jan 31 15:46:42 2012 From: olav at enigmail.net (Olav Seyfarth) Date: Tue, 31 Jan 2012 15:46:42 +0100 Subject: Revoke a key 0E84608B In-Reply-To: <4F27CDA8.7060000@eunet.rs> References: <4F27CDA8.7060000@eunet.rs> Message-ID: <4F27FED2.1070403@enigmail.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Hi Marko, how I understood your issue: you have a key, changed it's passphrase and used it successfully after that. Then, after some time, you could no longer use it since GnuPG said you entered a "bad passphrase". If that's correct, here are my thoughts: - - There is no known passphrase mingling issue with GnuPG, so a passphrase you once set should still work, but - - It could be that you entered it with a different keyboard/lang/codepage setting. If you have several locales installed (e.g. in Gnome), please figure out which characters could be different. - - Your key worked for some time and then no more after a while. That might be due to gpg-agent that still had your key cached. After cache expiration, it reasked for the passphrase. - - To CREATE a rev cert, you need your secret key and your passphrase. To IMPORT an existing rev cert, you don't need a passphrase. That is why you should create a rev cert directly after generating a key pair. - - If your broken key was uploaded on a keyserver and you cannot revoke, it will stay "valid" there forever - just add a newer key and live with it. If you successfully imported it, mind to upload the revoked public key. Olav - -- The Enigmail Project - OpenPGP Email Security For Mozilla Applications -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Dies ist eine elektronische Signatur - http://enigmail.mozdev.org/ iQGcBAEBAwAGBQJPJ/7QAAoJEKGX32tq4e9WuC0L/ifx7TIzHPCucWXjYO9mbYtr TvHcf4b3ec8Eom4zAX0YEeGluj3bCxru84Z3O1ALYpCd1EnKN2w1HwHBGgS+lu6I YzxQwvM/JrhFQ/7rQ5z6wknPay4FtIRQ6hz9JuYhA70LBMN4lxfdRPMJ9LZNX2by OzvMOKyApNw6ZnYgeH6haUPBlZIP2a7N3s4S1mz2mt8N5Mz+D6s5OaZvGW5TVn73 y19mN35wnCEv8QYHySazr+IwWV41dxfYN/p0d//h0VSQdDlAbmL8Rle1O+hLrHEk P4hAGCKrORZRO1PN+gbb0pUy5HbL6wPhaK42HfEjrEyMgAY1dP4weVOqi9m0hIsc vFWY1x0gcZguhmehNdnksM9JciQTUbDlTsN2Bpp80znYhLJ6cZ87ZNVYdgiXe0v+ jDqNYuvNM4AU09TLWM85T7kkE9EQ80rFDyD2auf/uqfrSTE80zpKGZfVEXchlqsd rNgR4QHEKXD4lbWHm7M4JBJbkCdt1td9jzpkeajO7Q== =ChPo -----END PGP SIGNATURE----- From steve at gpgtools.org Tue Jan 31 17:23:59 2012 From: steve at gpgtools.org (Steve) Date: Tue, 31 Jan 2012 17:23:59 +0100 Subject: PGP/MIME use (was Re: META) In-Reply-To: <20120131065918.5cd15ffb@scorpio> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <4F27232E.2060508@enigmail.net> <4F272A58.10708@sixdemonbag.org> <20120131065918.5cd15ffb@scorpio> Message-ID: <946FFFC5-A191-4073-9D69-FC7FDC6950B7@gpgtools.org> > Supporting the "inline" method is like supporting a grown child. If you > keep supporting him/her, they will never leave home. Stop supporting > them and they will leave. The same is true for "inline" PGP. If support > for it were to cease, it would also. That was the idea behind the question I posed about Enigmail inline default setting. I understand the replies but it's similar to iOS-devices and flash support. Only since adobe got some pressure from the market, flash is under development and has become a little more effective (and also superfluous, since HTML5 is working just fine). Sometimes if the right parties decide to no longer support an old standard the software that does not support the new (better) standard will die or get improved but I'm not sure I wanna wait for Microsoft to properly program their mail-client. They obviously have enough money to through at that problem but decide not to. >> Of course, I really feel it's better for mailing list traffic to not >> be signed at all, since usually all it gives us is a false sense of >> security. A signature from an unvalidated key belonging to an unknown >> person whom we don't know from Adam doesn't mean much, if anything at >> all. You at least know that the person with that key is the author. That is some information. Should I still stop signing list mails? So far, I used to do that, because I though people then could check and if my key is signed by someone they know it's a lot of important information, right? all the best, steve -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 841 bytes Desc: Message signed with OpenPGP using GPGMail URL: From gnupg at lists.grepular.com Tue Jan 31 19:02:27 2012 From: gnupg at lists.grepular.com (gnupg at lists.grepular.com) Date: Tue, 31 Jan 2012 18:02:27 +0000 Subject: PGP/MIME use (was Re: META) In-Reply-To: <946FFFC5-A191-4073-9D69-FC7FDC6950B7@gpgtools.org> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <4F27232E.2060508@enigmail.net> <4F272A58.10708@sixdemonbag.org> <20120131065918.5cd15ffb@scorpio> <946FFFC5-A191-4073-9D69-FC7FDC6950B7@gpgtools.org> Message-ID: <4F282CB3.3040106@lists.grepular.com> On 31/01/12 16:23, Steve wrote: > You at least know that the person with that key is the author. That is some information. Should I still stop signing list mails? So far, I used to do that, because I though people then could check and if my key is signed by someone they know it's a lot of important information, right? Unless there is an official policy against signing list mail I'd suggest you continue doing whatever you want. I myself intend to. IMO, if there's one place you should be able to sign email, it's the GnuPG users mailing list. It's called dogfooding. -- Mike Cardwell https://grepular.com/ http://cardwellit.com/ OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 598 bytes Desc: OpenPGP digital signature URL: From remco at webconquest.com Tue Jan 31 19:11:14 2012 From: remco at webconquest.com (Remco Rijnders) Date: Tue, 31 Jan 2012 19:11:14 +0100 Subject: PGP/MIME use (was Re: META) In-Reply-To: <946FFFC5-A191-4073-9D69-FC7FDC6950B7@gpgtools.org> References: <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <4F27232E.2060508@enigmail.net> <4F272A58.10708@sixdemonbag.org> <20120131065918.5cd15ffb@scorpio> <946FFFC5-A191-4073-9D69-FC7FDC6950B7@gpgtools.org> Message-ID: On Tue, Jan 31, 2012 at 05:23:59PM +0100, Steve wrote in <946FFFC5-A191-4073-9D69-FC7FDC6950B7 at gpgtools.org>: >>> Of course, I really feel it's better for mailing list traffic to not >>> be signed at all, since usually all it gives us is a false sense of >>> security. A signature from an unvalidated key belonging to an unknown >>> person whom we don't know from Adam doesn't mean much, if anything at >>> all. > >You at least know that the person with that key is the author. That is >some information. Should I still stop signing list mails? So far, I used >to do that, because I though people then could check and if my key is >signed by someone they know it's a lot of important information, right? I appreciate signed mails on this list (and any other lists). Most problems these days on the internet are, in my opinion, related to people being completely anonymous. If you stand behind your words, show so by signing your posts. Cheers, Remco -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 836 bytes Desc: Digital signature URL: From cwal989 at comcast.net Tue Jan 31 18:26:07 2012 From: cwal989 at comcast.net (Christopher J. Walters) Date: Tue, 31 Jan 2012 12:26:07 -0500 Subject: [META] The issue of the unwelcome CC (please email me if you receive a CC from me) In-Reply-To: <4F27232E.2060508@enigmail.net> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <4F27232E.2060508@enigmail.net> Message-ID: <4F28242F.20700@comcast.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 1/30/2012 06:09 PM, John Clizbe wrote: > I always get a chuckle every time I read someone writing that inline signing is > somehow "deprecated." Strangely enough, the only place I can find the > origination of such an idea is in the PGP/MIME RFC 3156 itself which strikes me > as somewhat self-serving. Deprecation is not mentioned in the OpenPGP standard > RFC 4880. > > I use PGP/MIME when I know a mailing list supports it and inline when I know it > doesn't. I use PGP/MIME if I know the recipient's MUA supports it, inline otherwise. > > On the Netiquette part of this thread, I too set a Reply-To header that seems at > least one person regularly ignores. Please don't CC me on list replies. One copy > is enough. I will not comment on the inline signing issue. I am using the latest version of Mozilla Thunderbird (9.0.1) for my platform. I see your Reply-To header in the message source. In this message window I do NOT see a CC to you. If you do receive a CC of this message, please be so kind as to inform me - I will file a bug report and change email clients in that case. It was my understanding that this bug had been fixed in Thunderbird, but I may be mistaken. I know that in a GNU/Linux user mailing list I have long been signed up for, I will occasionally receive CC's not for replies to my own messages, but for replies where the poster's To: line is to the person to whom they are replying and the message is CC'ed to the list. Chris -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJPKCQqAAoJEJ6vdel2qM1c+wAP+gN+noRnZdDMJ55QQsZtXIZe wn8z3/rthcBc/pPX60CePRgdJNNqLkP5NQ47qos66uJuRBXJB1+N1INBFf0djtVy qcsKZ9KbVfEpnwngKXJCRgLk4pP1qvLXl+or078GKcE7ASmoe0MaYIlU/o8bLCMR imyUxt8nUseCKZlTYXXY8++uoV10wo3/qBbADKL19EARJ8ogdx2H92E3OEPvm8N9 CSHL6MursG/Mz7Xip6Mi+mQhElDxYfIHcjnAsqQrcop+1SyZYpxTvlYBAQmhjrdE lH6RbcnLO+p0Cj2Q4UYCxSpL8t00aI6pF4adwVAuFLhKhXh4YHHKy5yC7XRN6hXf cylXV9cNHOtFCy12vmmPyDU7M09DbqSfyFEm4YJqF2pYvsz61Kxc6y9gAle0LhMU AFfdqYaFlQBujarSnchTaKFmn4XebrsTTuiiHcOQ4nZGcMXK0ASj+1WZtohV5esY Lr1WFIJTxYZkcvBlm0YAKK72DzMA/QG2rEWjmxzZ7Kcw43LkSzi8YQPsQhYbbovG Gw+rCdPkqbWc3hrq5jI3NkX6m2R9EvLtM/5zQspfpW3ACbpKNInQqhFq/uU/Md3E FBTINrQFjKz4vYu1WEb8qWKMqIwC4mDVK22uxjAsZj2y+0PPiyF/PJUAG8PPdrYH jTQ4JjA7qHM9B9Khr0ir =BqN0 -----END PGP SIGNATURE----- --- avast! Antivirus: Outbound message clean. Virus Database (VPS): 120131-0, 01/31/2012 Tested on: 1/31/2012 12:26:08 PM avast! - copyright (c) 1988-2012 AVAST Software. http://www.avast.com From rjh at sixdemonbag.org Tue Jan 31 19:46:05 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 31 Jan 2012 13:46:05 -0500 Subject: PGP/MIME use (was Re: META) In-Reply-To: <946FFFC5-A191-4073-9D69-FC7FDC6950B7@gpgtools.org> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <4F27232E.2060508@enigmail.net> <4F272A58.10708@sixdemonbag.org> <20120131065918.5cd15ffb@scorpio> <946FFFC5-A191-4073-9D69-FC7FDC6950B7@gpgtools.org> Message-ID: <4F2836ED.5030705@sixdemonbag.org> On 01/31/2012 11:23 AM, Steve wrote: > Sometimes if the right parties decide to no longer support an old > standard the software that does not support the new (better) > standard will die or get improved... This works if and only if the "right parties" are a large enough market to push implementations around like that. Enigmail isn't. Assume we have 50,000 installations. (This sounds like a lot, but it's a pale shadow compared to GnuPG installations.) Of those, maybe 5,000 are serious users and the rest are casual ones, people who saw it on Mozdev and got intrigued and installed it and never really did anything with it. Those 5,000 users don't represent a single bloc, though: they're spread out through a whole lot of different communities, where they represent extremely small minorities within those communities. As a for-instance, on my old high school class's mailing list I'm pretty sure I'm the only person who's even heard of Enigmail. If I were to tell the list maintainers, "you need to upgrade your version of Mailman, it's breaking my PGP/MIME signatures," the response I'd get would probably be, "what's PGP/MIME, and why is it important, and why do all your messages have those weird attachment things on them, anyway?" > You at least know that the person with that key is the author. That > is some information. No, you don't. A few years ago on PGP-Basics one user threw a screaming fit over how many users were not signing our posts to the list. He insisted that signatures were meaningful, that they proved the person with that certificate is the author, and so on. John Clizbe, John Moore and I conducted a little experiment. We created a single certificate. All three of us used the exact same certificate to sign our posts to PGP-Basics. The person who was most up in arms about our lack of signing was placated, and thanked us for seeing the light. It was another few months before anyone realized we were all using the same certificate. Honestly, up until that point I thought that maybe there was some utility to mailing list signatures. Maybe. That experiment changed my mind: I now see no utility to them for the vast majority of uses. From mailinglisten at hauke-laging.de Tue Jan 31 20:25:44 2012 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Tue, 31 Jan 2012 20:25:44 +0100 Subject: PGP/MIME use In-Reply-To: <4F2836ED.5030705@sixdemonbag.org> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <946FFFC5-A191-4073-9D69-FC7FDC6950B7@gpgtools.org> <4F2836ED.5030705@sixdemonbag.org> Message-ID: <201201312025.45335.mailinglisten@hauke-laging.de> Am Dienstag, 31. Januar 2012, 19:46:05 schrieb Robert J. Hansen: > Enigmail isn't. Assume we > have 50,000 installations. (This sounds like a lot, but it's a pale > shadow compared to GnuPG installations.) Do you mean "hidden" installations (used unnoticedly by a distribution's update tool in the background) or actively planned instattations ("I need GnuPG.")? It is hard for me to believe that a serious user of GnuPG does not use it for email. I use it at work for administration purposes (so without email) but for most people I know it's the other way round: They use it for email only. I admit that I do not use Thunderbird but is it's share among GnuPG users so much smaller that among all users altogether? > I now see no utility to them for the vast majority of uses. But you admit that this depends on the current situation (described by: hardly anyone uses it)? I hope that the law will pledge big companies in the near future to sign their emails and offer encryption at no additional cost. Then most normal users will encounter cryptography regularly and thus the number of people who use it should increase a lot. Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 555 bytes Desc: This is a digitally signed message part. URL: From jerry at seibercom.net Tue Jan 31 20:35:32 2012 From: jerry at seibercom.net (Jerry) Date: Tue, 31 Jan 2012 14:35:32 -0500 Subject: [META] The issue of the unwelcome CC (please email me if you receive a CC from me) In-Reply-To: <4F28242F.20700@comcast.net> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <4F27232E.2060508@enigmail.net> <4F28242F.20700@comcast.net> Message-ID: <20120131143532.459370f5@scorpio> On Tue, 31 Jan 2012 12:26:07 -0500 Christopher J. Walters articulated: > It was my understanding that this bug had been fixed in Thunderbird, > but I may be mistaken. I know that in a GNU/Linux user mailing list > I have long been signed up for, I will occasionally receive CC's not > for replies to my own messages, but for replies where the poster's > To: line is to the person to whom they are replying and the message > is CC'ed to the list. I have encounter two individuals, not on this list, who also think it is cute to mail a response directly to the OP and then CC the list. Honestly, some people are alive only because it seems cruel to kill a retard. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ Never forget: 2 + 2 = 5 for extremely large values of 2. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: From faramir.cl at gmail.com Tue Jan 31 20:57:30 2012 From: faramir.cl at gmail.com (Faramir) Date: Tue, 31 Jan 2012 16:57:30 -0300 Subject: Revoke a key 0E84608B In-Reply-To: <4F27DAB5.5030301@eunet.rs> References: <4F27DAB5.5030301@eunet.rs> Message-ID: <4F2847AA.2060501@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 El 31-01-2012 9:12, Marko Randjelovic escribi?: > I tried to revoke this key since after changing a passphrase on > 2012-01-28 and using it with new passphrase immediately after, > after a few hours I could not again be successfull (bad > passphrase). Since you know the old and new passphrase, maybe you can bruteforce it, using passphrases as a guide and looking for characters that could have been mistyped. I don't know about tools to do it, but there should be some. > But revkey also askes for a passphrase. To generate a revocation certificate you need the private key, so you need the passphrase. If you have an already generated revocation certificate, importing it doesn't require passphrase. > Is there any way to revoke this key? No. If you uploaded your key to keyservers, the only thing you can do is to ask people that signed that key to revoke the signatures on it, that way, it would be easier to chose the right key in future (I mean, once you get a new key, and it gets signed, people will find 2 keys, one signed, and new, and another with revoked signatures, and older). Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJPKEeqAAoJEMV4f6PvczxAv2EIAI8wTLWn2tv89Nw8T9TozIT0 MvTp++8cmMUbn3HjzG6Q6T8bxWu9lQGy55MeP1Qx2wAw6A5m4PT/0Ys1Qc8Cdnqt ffcia/SroyS/knm/jnzQfht3oNocHU1X/OSYzJqEZ6E1CCTLs4c0TeNlRleF9UCZ V/IVQSZcxd25pl7GRl0tFbSdDihrwG6b6FFgZ6e/Rw02hus+sFUv2jv7ZWn5hdI5 KKJgdCC4KgBbXrSuGV9i7heSAEDvRbL0On0ysqLMRO43DlLet65hsmA09u527RgK fDn9mpCI82jNuD/AmeJcVP1uaI1bgoowUkr8w3RYJ4fvtS6iQjnT5pKjbmO2bKk= =9bNi -----END PGP SIGNATURE----- From jeandavid8 at verizon.net Tue Jan 31 20:02:07 2012 From: jeandavid8 at verizon.net (Jean-David Beyer) Date: Tue, 31 Jan 2012 14:02:07 -0500 Subject: PGP/MIME use (was Re: META) In-Reply-To: <20120131065918.5cd15ffb@scorpio> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <4F27232E.2060508@enigmail.net> <4F272A58.10708@sixdemonbag.org> <20120131065918.5cd15ffb@scorpio> Message-ID: <4F283AAF.2080000@verizon.net> Jerry wrote: > I totally agree. I have never seen or heard any logical excuse for the > signing of list traffic. I almost never sign anything unless I suspect the destination can at least ignore the signature. The people with whom I send e-mail (a diminishing population because most have moved to texting on cell phones, or twitter or Facebook) have no interest in security, though they sometimes act in a paranoid fashion about eavesdropping. But they refuse to do anything about it. They cannot deal with MIME signatures (at least those still using AOL), and cannot ignore them either. They hate the inline signatures too. When I do sign, it is just to draw attention to the fact I have a public key and can accept signed and encrypted e-mail. And so far, other than complaints about extraneous text in my emails, that is about it. I really get no use from it. So signing to this list, and an occasional test that my stuff is still working is the only use I get from gnupg and enigmail. The stuff I would really prefer to send encrypted I cannot send that way because those to whom I would send it could not read it (they have no software and no public keys). And if they could, they would probably save it in clear text somewhere, forward it, or whatnot. I think PGP and gnupg are really great ideas, whose time has not yet come. And by the time people realize its usefulness, the snooping community will have made it impossible to use it anymore. People sending encrypted e-mail will be disappeared. The time for that has not yet come. I hope it is postponed until after I can no longer use a computer. -- .~. Jean-David Beyer Registered Linux User 85642. /V\ PGP-Key: 9A2FC99A Registered Machine 241939. /( )\ Shrewsbury, New Jersey http://counter.li.org ^^-^^ 13:45:01 up 20 days, 21:11, 3 users, load average: 4.78, 4.89, 4.99 From faramir.cl at gmail.com Tue Jan 31 21:03:14 2012 From: faramir.cl at gmail.com (Faramir) Date: Tue, 31 Jan 2012 17:03:14 -0300 Subject: Revoke a key 0E84608B In-Reply-To: <4F27DAB5.5030301@eunet.rs> References: <4F27DAB5.5030301@eunet.rs> Message-ID: <4F284902.90503@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 El 31-01-2012 9:12, Marko Randjelovic escribi?: > I tried to revoke this key since after changing a passphrase on > 2012-01-28 and using it with new passphrase immediately after, > after a few hours I could not again be successfull (bad > passphrase). I searched your key, and it will expire in about one and half year, so, if everything fails, at least it won't haunt you until the end of time. Best Regards, and good luck with the attempt to recover it. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJPKEkCAAoJEMV4f6PvczxA7osH/1oX7AO8v12MfZh1B73LXr9j AicqVp33L632dZYNez/oB0w1htDGPcIH0AqTXai4OdRN9wm3qldgDQycMhDRpLyP BImc6psM0IY8eaOyJ2FpEe0LTCjomlmnYetdt67P1H1s23iAn4jgwJbIYZ7m4v9e KiKmCtme+//tvFehiA7R7L/z69MPglZghoJdqEnoXGQaM1t7zvGQX2NOIVCRzDf8 e+oFrOzYf5sk212+g+ZwMs/N5ncZMUgVVNAy96PqcB2aJV0L+krs2+9Bj4nJ3Ocu /bHSh0BrN47muakvAjOIBLJiKJPFRqintPx6YV/wcJ697jXDxofDIoVa7aElpNs= =p5tD -----END PGP SIGNATURE----- From jeandavid8 at verizon.net Tue Jan 31 20:08:26 2012 From: jeandavid8 at verizon.net (Jean-David Beyer) Date: Tue, 31 Jan 2012 14:08:26 -0500 Subject: PGP/MIME use (was Re: META) In-Reply-To: References: <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <4F27232E.2060508@enigmail.net> <4F272A58.10708@sixdemonbag.org> <20120131065918.5cd15ffb@scorpio> <946FFFC5-A191-4073-9D69-FC7FDC6950B7@gpgtools.org> Message-ID: <4F283C2A.6070102@verizon.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Remco Rijnders wrote: > I appreciate signed mails on this list (and any other lists). Most > problems these days on the internet are, in my opinion, related to > people being completely anonymous. If you stand behind your words, > show so by signing your posts. > OK. I stand behind this post. But other than amusing myself, does it really make any difference? - -- .~. Jean-David Beyer Registered Linux User 85642. /V\ PGP-Key: 9A2FC99A Registered Machine 241939. /( )\ Shrewsbury, New Jersey http://counter.li.org ^^-^^ 14:05:01 up 20 days, 21:31, 3 users, load average: 4.52, 4.76, 4.84 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org/ iD8DBQFPKDwqPtu2XpovyZoRAlfyAJ4k3TxXHBy8hSHorl6xowjoUl9vrwCbBuUr ZU51SVdnmQg12VS77wVOpcc= =7Cba -----END PGP SIGNATURE----- From zenobiuszbiedrzycki at poczta.onet.pl Tue Jan 31 20:20:12 2012 From: zenobiuszbiedrzycki at poczta.onet.pl (Zenon Biedrzycki) Date: Tue, 31 Jan 2012 20:20:12 +0100 Subject: GnuPG asp net on web server Message-ID: <918D83BFC95948C09FD14356374188F3@ZuziakPC> Dear I would like to use GnuPG in my asp net application. I'm using bellow code and it is working correctly on localhost, but after publishing on webserwer (Windows server 2008 64 bits) encription not start, also with admin rights. Could you tell me if is possible to use GnuPG 1.4.7 in asp net (2.0 and higher) application, and if yes what I should chaneg in bellow code to use this on web server? Maybe any addictional configuration should be done on IIS or web server? I tried all posibilities which I found on MSDN. Thanks for your help Dim writer As New StreamWriter(sciezka & "MyLog.log", True, System.Text.Encoding.ASCII) Try Dim szyfrowanie As New Process() szyfrowanie.StartInfo.UseShellExecute = False szyfrowanie.StartInfo.RedirectStandardOutput = True szyfrowanie.StartInfo.CreateNoWindow = True szyfrowanie.StartInfo.RedirectStandardError = True szyfrowanie.StartInfo.WorkingDirectory = ConfigurationManager.AppSettings("GnuPGExeLoc") szyfrowanie.StartInfo.FileName() = "gpg.exe" szyfrowanie.StartInfo.Arguments() = "--recipient " & mail & " --armor --encrypt " & sciezka & nazwa_pliku writer.WriteLine(Now() & " " & winlogin.Text & " " & "Szyfrowanie.Start") szyfrowanie.Start() szyfrowanie.WaitForExit() writer.WriteLine(Now() & " " & winlogin.Text & " " & "Szyfrowanie.Koniec") Catch ex As Exception writer.WriteLine(Now() & " " & winlogin.Text & " " & ex.Message) End Try -------------- next part -------------- An HTML attachment was scrubbed... URL: From dougb at dougbarton.us Tue Jan 31 21:26:05 2012 From: dougb at dougbarton.us (Doug Barton) Date: Tue, 31 Jan 2012 12:26:05 -0800 Subject: Reply-to netiquette (was [META] please start To: with gnupg-users@gnupg.org...) In-Reply-To: <20120131080509.07f7602e@scorpio> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <4F27232E.2060508@enigmail.net> <4F27DD13.1070905@digitalbrains.com> <20120131080509.07f7602e@scorpio> Message-ID: <4F284E5D.4070901@dougbarton.us> On 01/31/2012 05:05, Jerry wrote: > This is an "OPT-IN"list. Some lists, like FreeBSD are open, but not > this one. I don't understand the distinction you're trying to make. Both this list and all of the FreeBSD lists require you to subscribe. In fact FreeBSD lists also use mailman. -- It's always a long day; 86400 doesn't fit into a short. Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ From markoran at eunet.rs Tue Jan 31 22:08:02 2012 From: markoran at eunet.rs (Marko Randjelovic) Date: Tue, 31 Jan 2012 22:08:02 +0100 Subject: Revoke a key 0E84608B In-Reply-To: <87k4483u5x.fsf@vigenere.g10code.de> References: <4F27CDA8.7060000@eunet.rs> <87k4483u5x.fsf@vigenere.g10code.de> Message-ID: <4F285832.60405@eunet.rs> On 01/31/2012 01:58 PM, Werner Koch wrote: > No. That is way we suggest to create and print out a revocation > certificate right after key creation. Thanks all to your suggestions. I just got one idea. I have a backup. Can I unpack my secret ring file backup and use it to generate revocation certificate, since in that file it's still old passphrase that I typed many times? Best regards -------------- next part -------------- A non-text attachment was scrubbed... Name: 0x0E84608B.asc Type: application/pgp-keys Size: 6501 bytes Desc: not available URL: From avi.wiki at gmail.com Tue Jan 31 21:07:49 2012 From: avi.wiki at gmail.com (Avi) Date: Tue, 31 Jan 2012 15:07:49 -0500 Subject: PGP/MIME use Message-ID: > From:?"Robert J. Hansen" > To:?gnupg-users at gnupg.org > Cc: > Date:?Tue, 31 Jan 2012 13:46:05 -0500 > Subject:?Re: PGP/MIME use (was Re: META) > I now see no utility to them for the vast majority of uses. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 One, albeit rather unimportant, use is to help people with whom you would like to regularly communicate access and check your key a bit more easily, especially for people with multiple keys. Given the fingerprint (often in the e-mail signature), the GPG key can be downloaded and immediately tested against the GPG signature. Granted, very little utility, but still greater than zero 8-). - --Avi -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (MingW32) - GPGshell v3.78 Comment: Most recent key: Click show in box @ http://is.gd/4xJrs iL4EAREKAGYFAk8oSc1fGGh0dHA6Ly9rZXlzZXJ2ZXIudWJ1bnR1LmNvbS9wa3Mv bG9va3VwP29wPWdldCZoYXNoPW9uJmZpbmdlcnByaW50PW9uJnNlYXJjaD0weDBE NjJCMDE5RjgwRTI5RjkACgkQDWKwGfgOKfm6YAD/XdrMCwcMNPXAML/ybu6fN8im yMvIfJ4uPW2ekdzC14wA/RVAh0f1Mwpz2okn9uY2sv9E0Be5+ULY5GKLxcRtb0qQ =DRzx -----END PGP SIGNATURE----- ---- User:Avraham pub 3072D/F80E29F9 1/30/2009 Avi (Wikimedia-related key) ?? Primary key fingerprint: 167C 063F 7981 A1F6 71EC? ABAA 0D62 B019 F80E 29F9 From reynt0 at cs.albany.edu Tue Jan 31 21:27:45 2012 From: reynt0 at cs.albany.edu (reynt0) Date: Tue, 31 Jan 2012 15:27:45 -0500 (EST) Subject: PGP/MIME use (was Re: META) In-Reply-To: <4F283C2A.6070102@verizon.net> References: <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <4F27232E.2060508@enigmail.net> <4F272A58.10708@sixdemonbag.org> <20120131065918.5cd15ffb@scorpio> <946FFFC5-A191-4073-9D69-FC7FDC6950B7@gpgtools.org> <4F283C2A.6070102@verizon.net> Message-ID: On Tue, 31 Jan 2012, remco at webconquest.com wrote: > Most problems these days on the internet are, > in my opinion, related to people being completely > anonymous. If you stand behind your words, show > so by signing your posts. If the idea is more important than who said it, signing (in both the non-technical literary sense and the crypto sense) is extra. After all, not everything is a contest. Alternatively, if a comment is likely to be seen as a contest (whether by some person or some Big Brother), again signing is extra. And in any case there is always the virtue of modesty. From dougb at dougbarton.us Tue Jan 31 22:26:58 2012 From: dougb at dougbarton.us (Doug Barton) Date: Tue, 31 Jan 2012 13:26:58 -0800 Subject: Revoke a key 0E84608B In-Reply-To: <4F285832.60405@eunet.rs> References: <4F27CDA8.7060000@eunet.rs> <87k4483u5x.fsf@vigenere.g10code.de> <4F285832.60405@eunet.rs> Message-ID: <4F285CA2.9030401@dougbarton.us> On 01/31/2012 13:08, Marko Randjelovic wrote: > On 01/31/2012 01:58 PM, Werner Koch wrote: >> No. That is way we suggest to create and print out a revocation >> certificate right after key creation. > > Thanks all to your suggestions. > > I just got one idea. I have a backup. Can I unpack my secret ring file > backup and use it to generate revocation certificate, since in that file > it's still old passphrase that I typed many times? If you have access to a valid copy of your secret key there is no reason to revoke it ... unless of course you have reason to believe that it's been compromised in some way. Doug -- It's always a long day; 86400 doesn't fit into a short. Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ From expires2012 at rocketmail.com Tue Jan 31 22:41:16 2012 From: expires2012 at rocketmail.com (MFPA) Date: Tue, 31 Jan 2012 21:41:16 +0000 Subject: Using the not-dash-escaped option In-Reply-To: References: <1862457322.20120130022304@my_localhost> Message-ID: <516876184.20120131214116@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 NotDashEscaped: You need GnuPG to verify this message Hi On Monday 30 January 2012 at 4:27:44 PM, in , Greg Sabino Mullane wrote: > That's exactly what the --not-dash-escaped option is > for. Granted, it's not portable to some other PGP > implemetations, but if there is any mailing list in > world in which it would be acceptable, I would think > it would be this one! :) I'm guessing that's what you did, and the cut mark was not munged. Trying the same right back at ya. Are you sure this is what the option is for? The man page says it is to enable cleartext signatures to be used with patch files. -- Best regards MFPA mailto:expires2012 at rocketmail.com When it comes to humility, I'm the greatest. -----BEGIN PGP SIGNATURE----- iQCVAwUBTyhgAqipC46tDG5pAQpg9AP9HYu/PsjgNo2oPoQ0d+bvj0gFCSfptqNT qgnhF70S6RJltww/RPPmylKFPSQBCRgFz3RFMnBkNKWUjjYwpfN6WwvCmYjtixIE JSALrRUmOnsK9hQPJJEipjNMM9a9s5zmiIuJlv1QAX4eqIfVqvwGYiDUPjYjO8tb bm5ih9IOivc= =37wl -----END PGP SIGNATURE----- From expires2012 at rocketmail.com Tue Jan 31 23:37:57 2012 From: expires2012 at rocketmail.com (MFPA) Date: Tue, 31 Jan 2012 22:37:57 +0000 Subject: PGP/MIME use (was Re: META) In-Reply-To: <4F282CB3.3040106@lists.grepular.com> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <4F27232E.2060508@enigmail.net> <4F272A58.10708@sixdemonbag.org> <20120131065918.5cd15ffb@scorpio> <946FFFC5-A191-4073-9D69-FC7FDC6950B7@gpgtools.org> <4F282CB3.3040106@lists.grepular.com> Message-ID: <1186694156.20120131223757@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Tuesday 31 January 2012 at 6:02:27 PM, in , gnupg at lists.grepular.com wrote: > IMO, if there's one place you should be able to sign > email, it's the GnuPG users mailing list. It's called > dogfooding. OK, but should we *clearsign* our messages to the list? - -- Best regards MFPA mailto:expires2012 at rocketmail.com After all is said and done, a lot more will be said than done. -----BEGIN PGP SIGNATURE----- iQCVAwUBTyhtUKipC46tDG5pAQrVygP8DzWjMR6H/Qo+FKhUaONQjz8GKiWs5dX4 jBccVhN+1UbVhADvIYcq4Ws1wM0ZmrBFHxxGBvkWvqprV7piwYdv4QCTD3cihqM8 SA0ScsbzFizBoMGf4WRttoUDzsfDlaobkJQuTTFVW3L3gXfxtL2PSB7uv01IGKzI qBZE5Xw+duI= =CHkV -----END PGP SIGNATURE----- From richard at r-selected.de Tue Jan 31 22:48:03 2012 From: richard at r-selected.de (Richard) Date: Wed, 1 Feb 2012 08:48:03 +1100 Subject: [META] The issue of the unwelcome CC (please email me if you receive a CC from me) In-Reply-To: <20120131143532.459370f5@scorpio> References: <005801ccddb3$30d9b400$928d1c00$@abilitybusinesscomputerservices.com> <4F23FBEC.6070106@digitalbrains.com> <00c101ccddd5$7e861230$7b923690$@abilitybusinesscomputerservices.com> <4F242228.5050004@jeromebaum.com> <00db01ccdde1$7b5c2c00$72148400$@abilitybusinesscomputerservices.com> <20120128161234.17cb391f@Braetac.lighthouse.yetnet> <00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com> <774873157.20120130015244@my_localhost> <20120129211348.2b49cc7b@scorpio> <1862457322.20120130022304@my_localhost> <20120130043459.6967f6fe@scorpio> <4F27232E.2060508@enigmail.net> <4F28242F.20700@comcast.net> <20120131143532.459370f5@scorpio> Message-ID: On Wed, Feb 1, 2012 at 06:35, Jerry wrote: > I have encounter two individuals, not on this list, who also think it > is cute to mail a response directly to the OP and then CC the list. > Honestly, some people are alive only because it seems cruel to kill a > retard. I've done this before (on this list), but only because I had the impression "almost everyone else here" did it, so I just wanted to go with what I assumed to be expected. I don't think this makes me look like a retard, but rather considerate, since I tried to figure out what appeared to be the netiquette on this very list before posting anything. But thanks for the clarification anyway. Richard From rjh at sixdemonbag.org Tue Jan 31 23:54:32 2012 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 31 Jan 2012 17:54:32 -0500 Subject: PGP/MIME use In-Reply-To: References: Message-ID: <4F287128.50001@sixdemonbag.org> > One, albeit rather unimportant, use is to help people with whom you > would like to regularly communicate access and check your key a bit > more easily, especially for people with multiple keys. Putting a kludge in email headers or a "OpenPGP Key ID: 0xD6B98E10" in the sigblock seems to be a more efficient method of achieving this end. Given this is an awful heavyweight way to achieve an end that's just as correctly achieved via lightweight means, I don't see this as a reason to sign messages. To add a sigblock, sure. :) From paul.hartman at gmail.com Tue Jan 31 23:29:53 2012 From: paul.hartman at gmail.com (Paul Hartman) Date: Tue, 31 Jan 2012 16:29:53 -0600 Subject: Using the not-dash-escaped option In-Reply-To: <516876184.20120131214116@my_localhost> References: <1862457322.20120130022304@my_localhost> <516876184.20120131214116@my_localhost> Message-ID: On Tue, Jan 31, 2012 at 3:41 PM, MFPA wrote: > On Monday 30 January 2012 at 4:27:44 PM, in > , Greg Sabino > Mullane wrote: >> That's exactly what the --not-dash-escaped option is >> for. Granted, ?it's not portable to some other PGP >> implemetations, but if there is ?any mailing list in >> world in which it would be acceptable, I ?would think >> it would be this one! :) > > I'm guessing that's what you did, and the cut mark was not munged. > Trying the same right back at ya. > > Are you sure this is what the option is for? The man page says it is > to enable cleartext signatures to be used with patch files. > > > -- It's still missing the trailing space, assuming you put one there in the first place... many people don't realize it's supposed to be there.