From wk at gnupg.org Thu Aug 1 09:44:50 2013 From: wk at gnupg.org (Werner Koch) Date: Thu, 01 Aug 2013 09:44:50 +0200 Subject: gpg use in Debian popcon In-Reply-To: <20130731115117.GD25355@yellowpig> (Bill Allombert's message of "Wed, 31 Jul 2013 13:51:17 +0200") References: <20130731115117.GD25355@yellowpig> Message-ID: <87y58lrh1p.fsf@vigenere.g10code.de> On Wed, 31 Jul 2013 13:51, Bill.Allombert at math.u-bordeaux1.fr said: > gpg --no-default-keyring --keyring debian-popcon.gpg --trust-model=always \ > --armor -o "$POPCONGPG" -r "$POPCONKEY" --encrypt "$POPCON" You better add the option "--batch" and because you are using "-o" you should also use "--yes" so that an existing output file will be overwritten. > 1) This creates spurious empty files in /root/.gnupg Well it should at least create a random_seed file. This is in general a good idea. If you don't want it use "--no-random-seed-file". As Daniel already mentioned, using "--no-options" inhinit the creation of the standard ~/.gnupg directory. What other files you don't want are created? What is the problem with these files? After all root is using gpg and thus it needs to keep some state. Agreed, your application is quite special in that you only need one key and thus it seems to be superfluous. But what if a script needs to verify a signature - root will need a .gnupg as well. > 2) I was told --keyring will be removed in gpg2, and obviously I cannot > use gpgv. No, that is not the case. I talked about removing the support for multiple keyrings, because that has a lot of problems. The option to specify a keyring for the public keys will not go away. The option --secret-keyring will have no more effect in 2.1. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Thu Aug 1 09:54:18 2013 From: wk at gnupg.org (Werner Koch) Date: Thu, 01 Aug 2013 09:54:18 +0200 Subject: Successful experiment boosting the number of users using OpenPGP verification for file download In-Reply-To: <51F949B5.1030902@riseup.net> (adrelanos@riseup.net's message of "Wed, 31 Jul 2013 17:30:29 +0000") References: <51F949B5.1030902@riseup.net> Message-ID: <87txj9rglx.fsf@vigenere.g10code.de> On Wed, 31 Jul 2013 19:30, adrelanos at riseup.net said: > verification is the least secure method, to the download page? (You can > see the design here: [3]) > > A: 1 in ~11 users. Actually [3] is the same URL as [1]. > standards. However, while the number of downloads didn't decrease, the > number of signature downloads significantly increased. Which is a good Well, that sample is actually a bit too small for any conclusion. However, I am interested in the change you made. However, 10% is the the number I remember from the times I kept and analyzed download logs. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From htd at fritha.org Thu Aug 1 16:33:11 2013 From: htd at fritha.org (Heinz Diehl) Date: Thu, 1 Aug 2013 16:33:11 +0200 Subject: Successful experiment boosting the number of users using OpenPGP verification for file download In-Reply-To: <51F949B5.1030902@riseup.net> References: <51F949B5.1030902@riseup.net> Message-ID: <20130801143311.GA2534@fritha.org> On 31.07.2013, adrelanos wrote: > Downloading a signature doesn't imply, the user > successfully managed to use OpenPGP verification or that the user > couldn't be tricked or just ignored an invalid signature error message. And therefore, these numbers are without meaning. While there is evidence that reminders can have a slight impact on quality improvement, it would be a lot more effective to explain to the downloader what could happen if he/she does NOT check the signature before using the downloaded software (*). This should come with an easy instruction how to do that. I'm quite shure that would boost the number of downloaders who actually check the signature. (*) This has been used i a variety of different quality improvement strategies, with moderate to great effect (e.g. the health belief model, social marketing..). From adrelanos at riseup.net Thu Aug 1 17:47:15 2013 From: adrelanos at riseup.net (adrelanos) Date: Thu, 01 Aug 2013 15:47:15 +0000 Subject: Successful experiment boosting the number of users using OpenPGP verification for file download In-Reply-To: <87txj9rglx.fsf@vigenere.g10code.de> References: <51F949B5.1030902@riseup.net> <87txj9rglx.fsf@vigenere.g10code.de> Message-ID: <51FA8303.4080602@riseup.net> Werner Koch: > On Wed, 31 Jul 2013 19:30, adrelanos at riseup.net said: > >> verification is the least secure method, to the download page? >> (You can see the design here: [3]) >> >> A: 1 in ~11 users. > > Actually [3] is the same URL as [1]. Sorry about that. [1]: www.webcitation.org/6IWk5h4E9 [3]: www.webcitation.org/6IX5bl92D >> standards. However, while the number of downloads didn't >> decrease, the number of signature downloads significantly >> increased. Which is a good > > Well, that sample is actually a bit too small for any conclusion. You can argue the results away pointing out many violations in scientific methods. Just check the different page designs and imagine if that could work, if the answer is yes and you are up for an experiment yourself, try. :) > However, I am interested in the change you made. However, 10% is > the the number I remember from the times I kept and analyzed > download logs. Old [1]: www.webcitation.org/6IWk5h4E9 New [3]: www.webcitation.org/6IX5bl92D From dougb at dougbarton.us Thu Aug 1 21:40:04 2013 From: dougb at dougbarton.us (Doug Barton) Date: Thu, 01 Aug 2013 12:40:04 -0700 Subject: Successful experiment boosting the number of users using OpenPGP verification for file download In-Reply-To: <20130801143311.GA2534@fritha.org> References: <51F949B5.1030902@riseup.net> <20130801143311.GA2534@fritha.org> Message-ID: <51FAB994.6040900@dougbarton.us> Responding to a message at random ... There is a much simpler way to encourage downloading the signature files. Bundle the exe and signature in a zip file, and make that the only download available. However, what you really want to encourage is the verification of the signature (ignoring the bootstrapping problem for the moment), and even forcing people to download the signature file won't do that. In fact I would argue that the only folks interested in verifying the signature already do that, and that any increase in downloads of the signature files is statistically meaningless. Doug From Bill.Allombert at math.u-bordeaux1.fr Thu Aug 1 20:40:31 2013 From: Bill.Allombert at math.u-bordeaux1.fr (Bill Allombert) Date: Thu, 1 Aug 2013 20:40:31 +0200 Subject: gpg use in Debian popcon In-Reply-To: <87y58lrh1p.fsf@vigenere.g10code.de> References: <20130731115117.GD25355@yellowpig> <87y58lrh1p.fsf@vigenere.g10code.de> Message-ID: <20130801184031.GA2014@yellowpig> > On Wed, 31 Jul 2013 13:51, Bill.Allombert at math.u-bordeaux1.fr said: > > > gpg --no-default-keyring --keyring debian-popcon.gpg --trust-model=always \ > > --armor -o "$POPCONGPG" -r "$POPCONKEY" --encrypt "$POPCON" > > You better add the option "--batch" and because you are using "-o" you > should also use "--yes" so that an existing output file will be > overwritten. > > > 1) This creates spurious empty files in /root/.gnupg > > Well it should at least create a random_seed file. This is in general a > good idea. If you don't want it use "--no-random-seed-file". > > As Daniel already mentioned, using "--no-options" inhinit the creation > of the standard ~/.gnupg directory. Maybe this due to the version of gpg I use (1.4.12 from Debian sid) but I get an error $ gpg --batch --no-options --no-default-keyring --trust-model=always \ --keyring "$KEYRING" \ --armor -o "$POPCONGPG" -r "$POPCONKEY" --encrypt "$POPCON" gpg: keyblock resource `/root/.gnupg/secring.gpg': file open error gpg: fatal: /root/.gnupg: directory does not exist! secmem usage: 1408/1408 bytes in 2/2 blocks of pool 1408/32768 Cheers, Bill From m4rtntns at gmail.com Fri Aug 2 00:58:06 2013 From: m4rtntns at gmail.com (Martin T) Date: Thu, 1 Aug 2013 22:58:06 +0000 Subject: How to detect fingerprint and type of the key from pubring.gpg(public keyring file)? Message-ID: Hi, RIPE(RIR in European region) database allows one to upload ASCII armored PGP public keys: http://www.ripe.net/data-tools/support/security/pgp Server-side software is able to generate some "key-cert" object attributes automatically. For example "method", "owner" and "fingerpr": noc at T42 ~ $ whois -h whois.ripe.net -t key-cert | grep gene method: [generated] [single] [ ] owner: [generated] [multiple] [ ] fingerpr: [generated] [single] [inverse key] noc at T42 ~ $ Example "key-cert" object provided by RIPE: key-cert: PGPKEY-4B8AE00D method: PGP owner: Joe User fingerpr: 9D 82 4B B8 38 56 AE 12 BD 88 73 F7 EF D3 7A 92 certif: ---BEGIN PGP PUBLIC KEY BLOCK--- certif: Version: 2.6.3ia certif: certif: mQA9AzZizeQAAAEBgJsq2YfoInVOWlLxalmR14GlUzEd0WgrUH9iXjZ certif: a/uqWiLnvN59S4rgDQAFEbQeSm9lIFRoZSBVc2VyIDxqb2VAZXhhbXB certif: iQBFAwUQNmLN5ee83n1LiuANAQFOFQGAmowlUYtF+xnWBdMNDKBiOSy certif: YvpKr05Aycn8Rb55E1onZL5KhNMYU/gd certif: =nfno certif: ---END PGP PUBLIC KEY BLOCK--- mnt-by: EXAMPLE-MNT changed: joe at example.net 19981117 source: TEST How are those fields automatically detected/generated? "Owner"(UID in gpg terminology) is written to public key- one can verify this with analyzing the public key with hex editor. However: 1) is "method" also built into public key? At least "hexdump -C pubring.gpg | grep -i pgp" does not indicate this.. Or has "PGP" some sort of special fingerprint which is understood by server-side software? Last but not least, are there any other types besides "PGP"? I guess it is as pgpdump is even able to dump the timestamp when the key itself was generated. 2) is fingerprint automatically hashed based on the UID? regards, Martin -------------- next part -------------- An HTML attachment was scrubbed... URL: From dshaw at jabberwocky.com Fri Aug 2 04:11:53 2013 From: dshaw at jabberwocky.com (David Shaw) Date: Thu, 1 Aug 2013 22:11:53 -0400 Subject: How to detect fingerprint and type of the key from pubring.gpg(public keyring file)? In-Reply-To: References: Message-ID: <1D917D2B-083C-4445-8912-00AE1D207D2F@jabberwocky.com> On Aug 1, 2013, at 6:58 PM, Martin T wrote: > Hi, > > RIPE(RIR in European region) database allows one to upload ASCII armored PGP public keys: http://www.ripe.net/data-tools/support/security/pgp Server-side software is able to generate some "key-cert" object attributes automatically. For example "method", "owner" and "fingerpr": > > noc at T42 ~ $ whois -h whois.ripe.net -t key-cert | grep gene > method: [generated] [single] [ ] > owner: [generated] [multiple] [ ] > fingerpr: [generated] [single] [inverse key] > noc at T42 ~ $ > > > Example "key-cert" object provided by RIPE: > > key-cert: PGPKEY-4B8AE00D > method: PGP > owner: Joe User > fingerpr: 9D 82 4B B8 38 56 AE 12 BD 88 73 F7 EF D3 7A 92 > certif: ---BEGIN PGP PUBLIC KEY BLOCK--- > certif: Version: 2.6.3ia > certif: > certif: mQA9AzZizeQAAAEBgJsq2YfoInVOWlLxalmR14GlUzEd0WgrUH9iXjZ > certif: a/uqWiLnvN59S4rgDQAFEbQeSm9lIFRoZSBVc2VyIDxqb2VAZXhhbXB > certif: iQBFAwUQNmLN5ee83n1LiuANAQFOFQGAmowlUYtF+xnWBdMNDKBiOSy > certif: YvpKr05Aycn8Rb55E1onZL5KhNMYU/gd > certif: =nfno > certif: ---END PGP PUBLIC KEY BLOCK--- > mnt-by: EXAMPLE-MNT > changed: joe at example.net 19981117 > source: TEST > > > How are those fields automatically detected/generated? "Owner"(UID in gpg terminology) is written to public key- one can verify this with analyzing the public key with hex editor. However: > > 1) is "method" also built into public key? At least "hexdump -C pubring.gpg | grep -i pgp" does not indicate this.. Or has "PGP" some sort of special fingerprint which is understood by server-side software? Last but not least, are there any other types besides "PGP"? I guess it is as pgpdump is even able to dump the timestamp when the key itself was generated. I think "method" in the example above is just indicating that this is a PGP key. That is, there may be other types than PGP that RIPE supports, but you'd have to ask them about that. > 2) is fingerprint automatically hashed based on the UID? No. The fingerprint is based on the key material only. You can add/change UIDs without the fingerprint changing. David From philip at foolip.org Fri Aug 2 07:23:49 2013 From: philip at foolip.org (Philip =?ISO-8859-1?Q?J=E4genstedt?=) Date: Fri, 02 Aug 2013 07:23:49 +0200 Subject: Is it possible to sign a key again after revoking a signature? In-Reply-To: <1375420678.2479.14.camel@dax> References: <1375420678.2479.14.camel@dax> Message-ID: <1375421029.2479.16.camel@dax> On fre, 2013-08-02 at 07:17 +0200, Philip J?genstedt wrote: > The first time I bypassed this didn't turn out great, so can someone > confirm to me that my (3) existing signatures locally, signing again and ... that *deleting* my signatures locally ... / Philip -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: This is a digitally signed message part URL: From philip at foolip.org Fri Aug 2 07:17:58 2013 From: philip at foolip.org (Philip =?ISO-8859-1?Q?J=E4genstedt?=) Date: Fri, 02 Aug 2013 07:17:58 +0200 Subject: Is it possible to sign a key again after revoking a signature? Message-ID: <1375420678.2479.14.camel@dax> Hi all, I'm new to GnuPG and have probably been a little too ambitious for my own good. I originally signed key AB4DFBA4 at level 3 after a meetup, but was later paranoid that I was too lax and wanted to resign it at level 2, but did the resigning (by deleting the first signature locally) and revoking in the wrong order, and left my signature simply revoked. After some tinkering I arrived at and now want to sign the key again at level 3, but want to make sure I don't make a mess of it again. The problem: When I try to sign the key using gpg --edit-key, I'm told that (twice) that the key "was already signed by key 9DC6C210" and that there's "Nothing to sign with key 9DC6C210." The first time I bypassed this didn't turn out great, so can someone confirm to me that my (3) existing signatures locally, signing again and then syncing with the keyserver will leave this is in a state where my signature will be considered valid, in spite of an earlier revoke on the same key? As a side note, the interaction with revsig at the point where I had made two signatures tricked me into thinking that it was possible to revoke only one of them, since it asked for both of them separately. Should I file a bug for this, or is it intentional? Also, since gpg apparently doesn't really want one to make multiple signatures on the same key, maybe it should warn when trying to upload a signature when there's already one on the keyserver, but not locally? / Philip -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: This is a digitally signed message part URL: From wk at gnupg.org Fri Aug 2 08:55:05 2013 From: wk at gnupg.org (Werner Koch) Date: Fri, 02 Aug 2013 08:55:05 +0200 Subject: gpg use in Debian popcon In-Reply-To: <20130801184031.GA2014@yellowpig> (Bill Allombert's message of "Thu, 1 Aug 2013 20:40:31 +0200") References: <20130731115117.GD25355@yellowpig> <87y58lrh1p.fsf@vigenere.g10code.de> <20130801184031.GA2014@yellowpig> Message-ID: <8738qsr392.fsf@vigenere.g10code.de> On Thu, 1 Aug 2013 20:40, Bill.Allombert at math.u-bordeaux1.fr said: > gpg: keyblock resource `/root/.gnupg/secring.gpg': file open error I did a quick test: $ fortune | gpg --no-options --homedir=$(pwd) --no-default-keyring \ --keyring ~/.gnupg/pubring.gpg --secret-keyring /dev/null \ --no-random-seed-file --always-trust -eavr wk at gnupg.org If used in an empty directory it only creates one file: trustdb.gpg. I thinkl it is pissible to do something about that. The hack with using /dev/null for the secret keyring would only fail if gpg actually needs to access the secret keys because then it won't be able to lock /dev/null. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Fri Aug 2 09:30:12 2013 From: wk at gnupg.org (Werner Koch) Date: Fri, 02 Aug 2013 09:30:12 +0200 Subject: gpg use in Debian popcon In-Reply-To: <8738qsr392.fsf@vigenere.g10code.de> (Werner Koch's message of "Fri, 02 Aug 2013 08:55:05 +0200") References: <20130731115117.GD25355@yellowpig> <87y58lrh1p.fsf@vigenere.g10code.de> <20130801184031.GA2014@yellowpig> <8738qsr392.fsf@vigenere.g10code.de> Message-ID: <87vc3opn23.fsf@vigenere.g10code.de> On Fri, 2 Aug 2013 08:55, wk at gnupg.org said: > If used in an empty directory it only creates one file: trustdb.gpg. I > thinkl it is pissible to do something about that. The hack with using Alright. Done for all branches. See git.gnupg.org. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From m4rtntns at gmail.com Fri Aug 2 09:56:59 2013 From: m4rtntns at gmail.com (Martin T) Date: Fri, 2 Aug 2013 10:56:59 +0300 Subject: How to detect fingerprint and type of the key from pubring.gpg(public keyring file)? In-Reply-To: <1D917D2B-083C-4445-8912-00AE1D207D2F@jabberwocky.com> References: <1D917D2B-083C-4445-8912-00AE1D207D2F@jabberwocky.com> Message-ID: Hi, thanks for the reply! >> I think "method" in the example above is just indicating that this is a PGP key. Exactly. However, how does RIPE server-side software detect that it's a PGP key? Is this information(besides other information like key creation date and UID) written into pubring.gpg file during the creation of the public key? >> No. The fingerprint is based on the key material only. You can add/change UIDs without the fingerprint changing. Indeed. I revoked my current UID and changed it to another one and both public and private key fingerprints remained the same. So the key fingerprint is a hashed key material? Is it a SHA-1, MD5 or some other type of hash? regards, Martin 2013/8/2, David Shaw : > On Aug 1, 2013, at 6:58 PM, Martin T wrote: > >> Hi, >> >> RIPE(RIR in European region) database allows one to upload ASCII armored >> PGP public keys: http://www.ripe.net/data-tools/support/security/pgp >> Server-side software is able to generate some "key-cert" object attributes >> automatically. For example "method", "owner" and "fingerpr": >> >> noc at T42 ~ $ whois -h whois.ripe.net -t key-cert | grep gene >> method: [generated] [single] [ ] >> owner: [generated] [multiple] [ ] >> fingerpr: [generated] [single] [inverse key] >> noc at T42 ~ $ >> >> >> Example "key-cert" object provided by RIPE: >> >> key-cert: PGPKEY-4B8AE00D >> method: PGP >> owner: Joe User >> fingerpr: 9D 82 4B B8 38 56 AE 12 BD 88 73 F7 EF D3 7A 92 >> certif: ---BEGIN PGP PUBLIC KEY BLOCK--- >> certif: Version: 2.6.3ia >> certif: >> certif: mQA9AzZizeQAAAEBgJsq2YfoInVOWlLxalmR14GlUzEd0WgrUH9iXjZ >> certif: a/uqWiLnvN59S4rgDQAFEbQeSm9lIFRoZSBVc2VyIDxqb2VAZXhhbXB >> certif: iQBFAwUQNmLN5ee83n1LiuANAQFOFQGAmowlUYtF+xnWBdMNDKBiOSy >> certif: YvpKr05Aycn8Rb55E1onZL5KhNMYU/gd >> certif: =nfno >> certif: ---END PGP PUBLIC KEY BLOCK--- >> mnt-by: EXAMPLE-MNT >> changed: joe at example.net 19981117 >> source: TEST >> >> >> How are those fields automatically detected/generated? "Owner"(UID in gpg >> terminology) is written to public key- one can verify this with analyzing >> the public key with hex editor. However: >> >> 1) is "method" also built into public key? At least "hexdump -C >> pubring.gpg | grep -i pgp" does not indicate this.. Or has "PGP" some sort >> of special fingerprint which is understood by server-side software? Last >> but not least, are there any other types besides "PGP"? I guess it is as >> pgpdump is even able to dump the timestamp when the key itself was >> generated. > > I think "method" in the example above is just indicating that this is a PGP > key. That is, there may be other types than PGP that RIPE supports, but > you'd have to ask them about that. > > >> 2) is fingerprint automatically hashed based on the UID? > > No. The fingerprint is based on the key material only. You can add/change > UIDs without the fingerprint changing. > > David > > From m4rtntns at gmail.com Fri Aug 2 12:51:10 2013 From: m4rtntns at gmail.com (Martin T) Date: Fri, 2 Aug 2013 13:51:10 +0300 Subject: best practice for handing over the private key Message-ID: Hi, I need to create a public and private key pair for a person representing an organization, upload the public key to RIPE(regional Internet registry in Europe) public server, create some database entries using those public and private keys and finally hand over the private key + password protecting the private key to this person. I'm aware that handing over the private key is not the best practice, but at the moment I don't have an option. Has anyone been in similar situation? I thought that I'll ship the private key on a USB memory stick in closed envelope, send the password protecting the private key over e-mail or SMS, delete the private key from my own machine and ask him to change the password protecting the private key. Are there better methods? Or ask him to create personal gpg key pair, upload the public key to key-server and finally I'll encrypt this private key with his personal public key from the key server and send the encrypted private key to his e-mail? This method doesn't require shipping the USB memory stick. Better ideas? regards, Martin From John at enigmail.net Fri Aug 2 14:24:06 2013 From: John at enigmail.net (John Clizbe) Date: Fri, 02 Aug 2013 07:24:06 -0500 Subject: best practice for handing over the private key In-Reply-To: References: Message-ID: <51FBA4E6.9070403@enigmail.net> Martin T wrote: > Hi, > > I need to create a public and private key pair for a person > representing an organization, upload the public key to RIPE(regional > Internet registry in Europe) public server, create some database > entries using those public and private keys and finally hand over the > private key + password protecting the private key to this person. I'm > aware that handing over the private key is not the best practice, but > at the moment I don't have an option. Has anyone been in similar > situation? I thought that I'll ship the private key on a USB memory > stick in closed envelope, send the password protecting the private key > over e-mail or SMS, delete the private key from my own machine and ask > him to change the password protecting the private key. Are there > better methods? Or ask him to create personal gpg key pair, upload the > public key to key-server and finally I'll encrypt this private key > with his personal public key from the key server and send the > encrypted private key to his e-mail? This method doesn't require > shipping the USB memory stick. Better ideas? Usually the phrase "handing over the private key" is used to denote an element of coercion, as in surrendering the key. Your description sounds, to me, as if you are only generating a key for the other persons use. For a project I work with, three of us may sign archives with the project key. That key was generated and encrypted to each of the other two persons public keys and then emailed to them. Your correspondent doesn't need to upload his key to the keyservers to get it to you. He could send you his public key, encrypted to your public key, in an email. -- John P. Clizbe Inet: John (a) Gingerbear DAWT net SKS/Enigmail/PGP-EKP or: John ( @ ) Enigmail DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 520 bytes Desc: OpenPGP digital signature URL: From m4rtntns at gmail.com Fri Aug 2 14:25:46 2013 From: m4rtntns at gmail.com (Martin T) Date: Fri, 2 Aug 2013 15:25:46 +0300 Subject: best practice for handing over the private key In-Reply-To: <51FB9814.6050007@gmail.com> References: <51FB9814.6050007@gmail.com> Message-ID: Diego, I'm afraid this doesn't work because at the beginning I need to have both the private and public key in order to carry out operations in RIPE database. I don't see a difference if he generates the key pair, uploads the ASCII armored public key to RIPE public database and then has to send the private key and password protecting the private key to me. regards, Martin 2013/8/2, NdK : > Il 02/08/2013 12:51, Martin T ha scritto: > > [...] >> shipping the USB memory stick. Better ideas? > It's a wrong thing from the start. > Let the user generate his key pair. Get his pubkey in a secure way > (maybe for you it's enough if he sends you a snail mail hand-signed w/ > the key hash) and send it to RIPE (maybe signed by your key). > > If you have the secret key at any point in time, it's always doubtful > who signed something. > > BYtE, > Diego. > From John at enigmail.net Fri Aug 2 14:43:16 2013 From: John at enigmail.net (John Clizbe) Date: Fri, 02 Aug 2013 07:43:16 -0500 Subject: How to detect fingerprint and type of the key from pubring.gpg(public keyring file)? In-Reply-To: References: <1D917D2B-083C-4445-8912-00AE1D207D2F@jabberwocky.com> Message-ID: <51FBA964.60202@enigmail.net> Martin T wrote: > Hi, > > thanks for the reply! > >>> I think "method" in the example above is just indicating that this is a PGP key. > > Exactly. However, how does RIPE server-side software detect that it's > a PGP key? Is this information(besides other information like key > creation date and UID) written into pubring.gpg file during the > creation of the public key? > Yes it's stored in the key packets. The format for all the packets is described in RFC 4880 You can see the data yourself by listing the packet data gpg --export 0xDECAFBAD | gpg --list-packets or gpg --export 0xDEADBEEF | pgpdump --list-packets accepts the -v option to increase verbosity. See the gpg man page > >>> No. The fingerprint is based on the key material only. You can >>> add/change UIDs without the fingerprint changing. > > Indeed. I revoked my current UID and changed it to another one and > both public and private key fingerprints remained the same. So the key > fingerprint is a hashed key material? Is it a SHA-1, MD5 or some other > type of hash? SHA-1 for current V4 keys. Covered in RFC 4880 -- John P. Clizbe Inet: John (a) Gingerbear DAWT net SKS/Enigmail/PGP-EKP or: John ( @ ) Enigmail DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 520 bytes Desc: OpenPGP digital signature URL: From dshaw at jabberwocky.com Fri Aug 2 14:53:40 2013 From: dshaw at jabberwocky.com (David Shaw) Date: Fri, 2 Aug 2013 08:53:40 -0400 Subject: How to detect fingerprint and type of the key from pubring.gpg(public keyring file)? In-Reply-To: References: <1D917D2B-083C-4445-8912-00AE1D207D2F@jabberwocky.com> Message-ID: <1F0AA38F-E5B9-4CE2-8880-15F6509573B7@jabberwocky.com> On Aug 2, 2013, at 3:56 AM, Martin T wrote: > Hi, > > thanks for the reply! > >>> I think "method" in the example above is just indicating that this is a PGP key. > > Exactly. However, how does RIPE server-side software detect that it's > a PGP key? Is this information(besides other information like key > creation date and UID) written into pubring.gpg file during the > creation of the public key? Not directly. There isn't some special tag that says "this is a PGP key" that lets you tell it apart from (say) some new image format that just happens to have a similar packet structure. If you think about it, that's not possible since some other file format might accidentally trip the detector since there is no global registry of tags. Many people use heuristics, based on the format in the spec. (For example, the 'file' program does this). Or the ultimate heuristic: if it looks like a PGP key, can you parse it and import it? >>> No. The fingerprint is based on the key material only. You can add/change UIDs without the fingerprint changing. > > Indeed. I revoked my current UID and changed it to another one and > both public and private key fingerprints remained the same. So the key > fingerprint is a hashed key material? Is it a SHA-1, MD5 or some other > type of hash? SHA-1. The exact bytes that get fed into the hash are given in RFC-4880, but basically it's the public key material with a few bytes of structure around it. David From htd at fritha.org Fri Aug 2 15:26:46 2013 From: htd at fritha.org (Heinz Diehl) Date: Fri, 2 Aug 2013 15:26:46 +0200 Subject: Successful experiment boosting the number of users using OpenPGP verification for file download In-Reply-To: <51FAB994.6040900@dougbarton.us> References: <51F949B5.1030902@riseup.net> <20130801143311.GA2534@fritha.org> <51FAB994.6040900@dougbarton.us> Message-ID: <20130802132646.GA4557@fritha.org> On 02.08.2013, Doug Barton wrote: > However, what you really want to encourage is the verification of the > signature (ignoring the bootstrapping problem for the moment), and even > forcing people to download the signature file won't do that. Enforcing something to people mainly results in the opposite of what you want them to do. > In fact I would argue that the only folks interested in verifying the signature already do > that You can't know. There can be people who download the sig but doesn't manage to get it checked afterwards. Quality improvement should both target these and all the others who don't bother. Show them why it is important, how they could be affected of the negative consequences of not checking the signature. And show them how they can do that. > and that any increase in downloads of the signature files is > statistically meaningless. There is no such thing as "statistically meaningless". A difference can be statistically significant (it's unlikely the result occured by chance) or non-significant (it's likely that the results you observe is due to natural variation/chance). What you mean is that the increased download rate isn't relevant (because it's flawed by the fact that downloading the sig doesn't indicate that is has been checked) ;-) You can only find out if an increased download rate is related to an increased signature check if you ask the downloaders themselves. From m4rtntns at gmail.com Fri Aug 2 15:31:24 2013 From: m4rtntns at gmail.com (Martin T) Date: Fri, 2 Aug 2013 16:31:24 +0300 Subject: best practice for handing over the private key In-Reply-To: <51FBA4E6.9070403@enigmail.net> References: <51FBA4E6.9070403@enigmail.net> Message-ID: Hi, > Your description sounds, to me, as if you are only generating a key for the other persons use. Not quite. At the beginning I need to use those keys myself in order to create the needed database objects. Once those are done, I need to hand over the private key to other person. So basically I'm generating a key pair for other persons use which I need to use myself at the beginning. So you mean that my correspondent sends me his public key, encrypted to my public key which he finds from the key-server, in an e-mail. Then I generate the key pair needed for the project. Finally I encrypt the project private key with his public key and e-mail this encrypted private key to him. Once he confirms that he has received the project private key, I will delete the project private key from my machine as I do not need it any more. Is that what you meant? regards, Martin 2013/8/2, John Clizbe : > Martin T wrote: >> Hi, >> >> I need to create a public and private key pair for a person >> representing an organization, upload the public key to RIPE(regional >> Internet registry in Europe) public server, create some database >> entries using those public and private keys and finally hand over the >> private key + password protecting the private key to this person. I'm >> aware that handing over the private key is not the best practice, but >> at the moment I don't have an option. Has anyone been in similar >> situation? I thought that I'll ship the private key on a USB memory >> stick in closed envelope, send the password protecting the private key >> over e-mail or SMS, delete the private key from my own machine and ask >> him to change the password protecting the private key. Are there >> better methods? Or ask him to create personal gpg key pair, upload the >> public key to key-server and finally I'll encrypt this private key >> with his personal public key from the key server and send the >> encrypted private key to his e-mail? This method doesn't require >> shipping the USB memory stick. Better ideas? > > Usually the phrase "handing over the private key" is used to denote an > element > of coercion, as in surrendering the key. Your description sounds, to me, as > if > you are only generating a key for the other persons use. > > For a project I work with, three of us may sign archives with the project > key. > That key was generated and encrypted to each of the other two persons > public > keys and then emailed to them. > > Your correspondent doesn't need to upload his key to the keyservers to get > it > to you. He could send you his public key, encrypted to your public key, in > an > email. > > -- > John P. Clizbe Inet: John (a) Gingerbear DAWT net > SKS/Enigmail/PGP-EKP or: John ( @ ) Enigmail DAWT net > FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or > mailto:pgp-public-keys at gingerbear.net?subject=HELP > > Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" > A:"An odd melody / island voices on the winds / surplus of vowels" > > > From hhhobbit at securemecca.net Fri Aug 2 17:32:52 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Fri, 02 Aug 2013 15:32:52 +0000 Subject: best practice for handing over the private key In-Reply-To: References: <51FBA4E6.9070403@enigmail.net> Message-ID: <51FBD124.20609@securemecca.net> On 08/02/2013 01:31 PM, Martin T wrote: > Hi, > >> Your description sounds, to me, as if you are only generating a key for the other persons use. > > Not quite. At the beginning I need to use those keys myself in order > to create the needed database objects. Once those are done, I need to > hand over the private key to other person. So basically I'm generating > a key pair for other persons use which I need to use myself at the > beginning. > > > So you mean that my correspondent sends me his public key, encrypted > to my public key which he finds from the key-server, in an e-mail. > Then I generate the key pair needed for the project. Finally I encrypt > the project private key with his public key and e-mail this encrypted > private key to him. Once he confirms that he has received the project > private key, I will delete the project private key from my machine as > I do not need it any more. Is that what you meant? I don't know if that is what John meant but this makes me far happier. I was concerned about the secret (private) key which I assumed you were creating via either a --export-secret-subkeys or a --export-secret-keys was being sent en-transit unencrypted. But the way you just said it here sounds optimal in protecting the secret key en-transit. If he wants only the secret / public key pair (does not want a personal key pair), the encryption and zipping of the secret key for en-transit could be done with 7-zip's AES-128 cipher which avoids a chicken versus egg problem and still gives some measure of securing the secret key en-transit: http://www.7-zip.org/ Send the password for the zip separately and preferably after the secret key is sent. If you send the keys in snail mail on a USB stick use something a little sturdier than an envelope like a small box with foam peanut shipping padding. Wait a little longer than you think is necessary before deleting the secret (private) key just in case something goes wrong. But the way you just said it sounds best to me. From ndk.clanbo at gmail.com Fri Aug 2 21:06:40 2013 From: ndk.clanbo at gmail.com (NdK) Date: Fri, 02 Aug 2013 21:06:40 +0200 Subject: best practice for handing over the private key In-Reply-To: References: <51FB9814.6050007@gmail.com> Message-ID: <51FC0340.4050800@gmail.com> Il 02/08/2013 14:25, Martin T ha scritto: > I'm afraid this doesn't work because at the beginning I need to have > both the private and public key in order to carry out operations in > RIPE database. I don't see a difference if he generates the key pair, > uploads the ASCII armored public key to RIPE public database and then > has to send the private key and password protecting the private key to > me. Maybe (I don't know how RIPE database is handled) another, cleaner, solution is possible. Initially you "do your work" using your key (or a newly generated key). When you're done, you replace your public key in RIPE db w/ client's one. No secret keys need to travel and it's always clear who-did-what. BYtE, Diego. From dshaw at jabberwocky.com Sat Aug 3 04:48:12 2013 From: dshaw at jabberwocky.com (David Shaw) Date: Fri, 2 Aug 2013 22:48:12 -0400 Subject: Is it possible to sign a key again after revoking a signature? In-Reply-To: <1375420678.2479.14.camel@dax> References: <1375420678.2479.14.camel@dax> Message-ID: On Aug 2, 2013, at 1:17 AM, Philip J?genstedt wrote: > Hi all, > > I'm new to GnuPG and have probably been a little too ambitious for my > own good. I originally signed key AB4DFBA4 at level 3 after a meetup, > but was later paranoid that I was too lax and wanted to resign it at > level 2, but did the resigning (by deleting the first signature locally) > and revoking in the wrong order, and left my signature simply revoked. > > After some tinkering I arrived at > and now want to sign the > key again at level 3, but want to make sure I don't make a mess of it > again. The problem: > > When I try to sign the key using gpg --edit-key, I'm told that (twice) > that the key "was already signed by key 9DC6C210" and that there's > "Nothing to sign with key 9DC6C210." > > The first time I bypassed this didn't turn out great, so can someone > confirm to me that my (3) existing signatures locally, signing again and > then syncing with the keyserver will leave this is in a state where my > signature will be considered valid, in spite of an earlier revoke on the > same key? Yes. So long as the date on the most recent signature is after the date of the revocation, the signature will take effect. Leaving aside a bunch of more complex cases like non-revocable signatures, and signatures with expired expiration dates for now, in the simple case, the algorithm used for deciding if a signature is valid is to find the latest signature from a given key. If that signature is a revocation, then it's considered revoked. If the latest signature isn't a revocation, that signature takes effect. An easy way to see what GnuPG considers a valid signature is to run "clean" on the key from the --edit-key menu. GnuPG will strip off everything that it isn't using for trust calculations (so, revoked signatures are removed, runs of multiple signatures are collapsed down to the most recent, and so on). David From ix4svs at gmail.com Sat Aug 3 13:16:56 2013 From: ix4svs at gmail.com (ix4svs at gmail.com) Date: Sat, 3 Aug 2013 12:16:56 +0100 Subject: key management & APG In-Reply-To: References: Message-ID: Any help/pointers with these queries? Let me know if they don't make sense and I'll attempt to clarify. On 30 July 2013 22:30, wrote: > Hello > > I've spent a few hours reading the list archives and would appreciate > verification of my understanding or corrections as appropriate. > > [Key management] > > I only need one GPG identity for now. I also use GPG on devices of two > classes: "Secure" and "insecure". I would like to take some operational > security (OPSEC) precautions to minimize my pain when my insecure devices > get compromised. > > The plan: > 1. Create two subkeys: one for signing, one for encrypting. > 2. Export the full keyring and keep it somewhere safe (on a few offline > systems). > 3. Create a "insecure" keyring with the original signing subkey missing > (as described in https://alexcabal.com/creating-the-perfect-gpg-keypair/ ) > 4. Only use the "insecure" keyring on "insecure" systems. > > Hope the above is a reasonable generic key management approach. > > [APG] > > According to https://grepular.com/Android_Privacy_Guard_and_Subkeys this > keyring setup is not usable by APG. > > Given this, how are people using GPG on Android without exposing their > entire keyring? Is creating a completely separate key/identity (sorry not > sure what the right term is) currently the only way to maintain some > semblance of OPSEC? > > Alex > -------------- next part -------------- An HTML attachment was scrubbed... URL: From nobody at dizum.com Fri Aug 2 18:52:16 2013 From: nobody at dizum.com (Nomen Nescio) Date: Fri, 2 Aug 2013 18:52:16 +0200 (CEST) Subject: best practice for handing over the private key Message-ID: <6c9627a93e24e66e8b3d44756b63086c@dizum.com> Martin T wrote: > I need to create a public and private key pair for a person > representing an organization, upload the public key to RIPE(regional > Internet registry in Europe) public server, create some database > entries using those public and private keys and finally hand over the > private key + password protecting the private key to this person. > do you telephone to ORGNAME representative, you have assurance of correct party? 1. email to ORGNAME representative the PUBKEY you create. 2. phone: 2a. ORGNAME representative confirms fingerprint of emailed PUBKEY. 2b. you give to ORGNAME representative passphrase for the SECKEY. 2c. ORGNAME representative gives a chosen passphrase for symmetric encryption. 3. you email to ORGNAME representative SECKEY encrypted with their chosen passphrase and signed by the PUBKEY. (1) gpg --armor --export --output pubkey.asc ORGNAME (3) gpg -a --export-secret-keys ORGNAME | gpg -acs --force-mdc -o seckey.asc -u ORGNAME From mailinglisten at hauke-laging.de Sat Aug 3 14:51:25 2013 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Sat, 03 Aug 2013 14:51:25 +0200 Subject: key management & APG In-Reply-To: References: Message-ID: <171951410.JoHOkf7hK8@inno.berlin.laging.de> Am Sa 03.08.2013, 12:16:56 schrieb ix4svs at gmail.com: > On 30 July 2013 22:30, wrote: > > I only need one GPG identity for now. I also use GPG on devices of two > > classes: "Secure" and "insecure". I would like to take some operational > > security (OPSEC) precautions to minimize my pain when my insecure devices > > get compromised. You should consider using two keys for the same identity and very obviously give them different security levels. IMHO that's what we all are going to do in five years. Then the sender can decide how confidential the information is (or how reliable the signature must be). > > 2. Export the full keyring and keep it somewhere safe (on a few offline > > systems). There is no need to export the keyring. Just export the whole key: gpg --armor --export-secret-keys 0x12345678 > 0x12345678.secret-mainkey.asc export the subkeys only gpg --armor --export-secret-subkeys 0x12345678 > 0x12345678.secret-subkeys.asc delete the secret keys gpg --delete-secret-key 0x12345678 and import the subkeys only gpg --import 0x12345678.secret-subkeys.asc It's not important where you store the offline mainkey. You may even put it on your web site. Just make sure that your passphrase is cryptografically safe (16+ chars [a-zA-Z0-9] and never entered on an insecure system). > > 3. Create a "insecure" keyring with the original signing subkey missing > > (as described in https://alexcabal.com/creating-the-perfect-gpg-keypair/ ) To me this seems to be a really strange article. My advise is to ignore that. Hauke -- Crypto f?r alle: http://www.openpgp-schulungen.de/fuer/bekannte/ OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 572 bytes Desc: This is a digitally signed message part. URL: From rdohm321 at gmail.com Sun Aug 4 04:50:25 2013 From: rdohm321 at gmail.com (Randolph D.) Date: Sun, 4 Aug 2013 04:50:25 +0200 Subject: GoldBug.sf.net - Secure Instant Messenger In-Reply-To: <51FC59DA.4050902@wisemo.com> References: <51FC59DA.4050902@wisemo.com> Message-ID: I think the RFC you mention is more a "reply" protocol, rather than an "echo protocol" with a "total algorhytmus" utilized by this. A RFC has to be written still. Anyone? It s still a good research project for students. The TTL seems to be replaced by bounces in the latest lib according to lib-SVN. And the homepage describes that all a little more, as to see. Did you read, scroll and load the site with lots of text to the end? the comparison table is interesting. Regards 2013/8/3 Jakob Bohm > 2013/8/1 Jakob Bohm ** >> >> GoldBug.sf.net >- >> Secure Instant Messenger >> > You mean a protocol called "echo" which has nothing to do with the > RFC862 standard echo protocol. -------------- next part -------------- An HTML attachment was scrubbed... URL: From pkk at spth.de Sun Aug 4 10:00:49 2013 From: pkk at spth.de (Philipp Klaus Krause) Date: Sun, 04 Aug 2013 10:00:49 +0200 Subject: key management & APG In-Reply-To: <171951410.JoHOkf7hK8@inno.berlin.laging.de> References: <171951410.JoHOkf7hK8@inno.berlin.laging.de> Message-ID: <51FE0A31.7080402@spth.de> Am 03.08.2013 14:51, schrieb Hauke Laging: > Am Sa 03.08.2013, 12:16:56 schrieb ix4svs at gmail.com: > >> On 30 July 2013 22:30, wrote: > >>> I only need one GPG identity for now. I also use GPG on devices of two >>> classes: "Secure" and "insecure". I would like to take some operational >>> security (OPSEC) precautions to minimize my pain when my insecure devices >>> get compromised. > > You should consider using two keys for the same identity and very obviously > give them different security levels. IMHO that's what we all are going to do > in five years. > > Then the sender can decide how confidential the information is (or how > reliable the signature must be). You mean creating two separate keys for the same email address? And sign each with the other? Anyone else will have to sign both of my keys for this address? How would I document the security levels? Use the comment field? Will current software make the choice easy for the people sending mail to me, or will their mail program just choose one of the keys without asking the user? Philipp From piracy at teamspeakusa.com Sun Aug 4 10:06:03 2013 From: piracy at teamspeakusa.com (TeamSpeak Piracy) Date: Sun, 04 Aug 2013 08:06:03 +0000 Subject: [#FNF-875-55415]: Re: key management & APG Message-ID: <1375603563.51fe0b6b46be3@support.teamspeakusa.com> An HTML attachment was scrubbed... URL: From simon+gnupg at bleah.co.uk Sun Aug 4 15:13:01 2013 From: simon+gnupg at bleah.co.uk (Simon Ward) Date: Sun, 4 Aug 2013 14:13:01 +0100 Subject: best practice for handing over the private key In-Reply-To: References: <51FBA4E6.9070403@enigmail.net> Message-ID: <20130804131301.GA15764@squawkencluck.cosgrove.lan> On Fri, Aug 02, 2013 at 04:31:24PM +0300, Martin T wrote: > > Your description sounds, to me, as if you are only generating a key for the other persons use. > > Not quite. At the beginning I need to use those keys myself in order > to create the needed database objects. Once those are done, I need to > hand over the private key to other person. So basically I'm generating > a key pair for other persons use which I need to use myself at the > beginning. RIPE objects can have multiple maintainers. Add a MNTNER object for yourself, authenticating with your own key. Create any other objects you need, and a MNTNER object for the other person, adding their public key. Add mnt-by field for the other person to the objects you created. You or the other maintainer should be able to then remove you as a maintainer of these objects. MNTNER objects can also have multiple authentication methods. You can, for example, use both a PGP key and a password. I assume you can add multiple PGP keys. Regards, Simon Ward -- A complex system that works is invariably found to have evolved from a simple system that works.?John Gall From mailinglisten at hauke-laging.de Sun Aug 4 17:21:58 2013 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Sun, 04 Aug 2013 17:21:58 +0200 Subject: key management & APG In-Reply-To: <51FE0A31.7080402@spth.de> References: <171951410.JoHOkf7hK8@inno.berlin.laging.de> <51FE0A31.7080402@spth.de> Message-ID: <11767143.cCSDIEPf3y@inno.berlin.laging.de> Am So 04.08.2013, 10:00:49 schrieb Philipp Klaus Krause: > > Then the sender can decide how confidential the information is (or how > > reliable the signature must be). > > You mean creating two separate keys for the same email address? And sign > each with the other? You may sign them with each other. > Anyone else will have to sign both of my keys for this address? If you sign them with each other and both signing keys are high security (the one as a whole and the offline mainkey of the other) then everyone would have to sign one only. In general it would be enough to sign the highest security key of a person but this may break the web of trust because that unfirtunately does not make a difference between your own keys and those of others. > How would I document the security levels? For the future I suggest a five step scale: 1: test key (publicly available) or used on untrusted systems 2: key available to trusted other systems (e.g. webmail) or smartphones 3: normal PC (email, web surfing) 4: hardened normal PC (noone else is using it; technical protections) 5: secure environment (e.g. verified Linux live DVD) I guess anything above that can hardly be standardized (and need not). > Use the comment field? When I create keys for Germans I create a UID without email but with this comment: "Alltagsschl?ssel mit sicherem Offline-Hauptschl?ssel und policy URL" This is: "Everyday key with secure offline mainkey and policy URL" The safe way is to have a key policy (not just a certification policy!) which is signed by a secure offline mainkey. But, of course, you must know for sure that another one's key has a secure offline mainkey. You easily realize that the current WoT is useless. http://www.openpgp-notations.org/ > Will > current software make the choice easy for the people sending mail to me, No but if more people start using crypto then the demand for usable solutions will arise quickly and result in the tools getting this ability. This could be done by signature notations (for both self-signatures and certifications by others). Hauke -- Crypto f?r alle: http://www.openpgp-schulungen.de/fuer/bekannte/ OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 XMPP (Chat mit OTR): hauke.laging at googlemail.com XMPP (Chat mit OTR): hauke.laging at jabber.ccc.de -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 572 bytes Desc: This is a digitally signed message part. URL: From piracy at teamspeakusa.com Sun Aug 4 16:17:02 2013 From: piracy at teamspeakusa.com (TeamSpeak Piracy) Date: Sun, 04 Aug 2013 14:17:02 +0000 Subject: [#KOD-468-37737]: Re: best practice for handing over the private key Message-ID: <1375625822.51fe625ee20a2@support.teamspeakusa.com> An HTML attachment was scrubbed... URL: From piracy at teamspeakusa.com Sun Aug 4 17:27:03 2013 From: piracy at teamspeakusa.com (TeamSpeak Piracy) Date: Sun, 04 Aug 2013 15:27:03 +0000 Subject: [#INN-651-31269]: Re: key management & APG Message-ID: <1375630023.51fe72c7032d1@support.teamspeakusa.com> An HTML attachment was scrubbed... URL: From ivangrunt09 at gmail.com Sun Aug 4 22:24:51 2013 From: ivangrunt09 at gmail.com (Larry Brower) Date: Sun, 04 Aug 2013 15:24:51 -0500 Subject: [#INN-651-31269]: Re: key management & APG In-Reply-To: <1375630023.51fe72c7032d1@support.teamspeakusa.com> References: <1375630023.51fe72c7032d1@support.teamspeakusa.com> Message-ID: <51FEB893.20401@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 08/04/2013 10:27 AM, TeamSpeak Piracy wrote: > Hauke Laging, > > Thank you for contacting us. This is an automated response confirming > the receipt of your ticket. One of our agents will get back to you as > soon as possible. For your records, the details of the ticket are listed > below. When replying, please make sure that the ticket ID is kept in the > subject line to ensure that your replies are tracked appropriately. > > *Ticket ID: *INN-651-31269 > *Subject: *Re: key management & APG > *Department: *Piracy [English] > *Type: *Issue > *Status: *Open > What is with the helpdesk being a list member? - -- Larry Brower, CCNA Fedora Ambassador - North America Fedora Quality Assurance lbrower at fedoraproject.org http://www.fedoraproject.org/ -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCgAGBQJR/riTAAoJEEP/g4ToY9/OF3sP/00gYsJuAS5Q/iZoCgpRx89G 0A+WVt9k56MY8x1LFqgZ9DnOXYoKEzzDxwDpvmTpq6gZPeFvDp1+pvcybfJi9ntG PS37v+YfbshrFoCOML0G7R8FcB5Z4WfgFoVxGe2uODwbjEyQe5WmvWfgkOXUtx4Q D5gA8uW1m1I/J1rvFyx71Vx47yrdY45l8DGNvw2H/pwI9Jmw2VsVDYQapGzUSxyJ x/XwOg8Dd+F7ZpiOzBkT3tScabZKbhotTBlHfvlybfinx9fGeYrHcdX3aPQdGGST FBKI31pP/7bud8r30vyKztXSH9L3byFeYeuwETjKfQQ8UyWbuwQa5wRJ6G7IxfMw kOKL6hyhnLHNo5uY8I3SqgmbrIcADLRTX3TrHO9MwK/W8uOpdcUxJ5RrQa8S64Iq ETsaqQVZMW008k2L+/dQh/i7xFfivjN+60cSfYkaqyaZ7KGpim/BeICL5BBLu7/f FFHjVurxQrAFuUANc4GLu+pn1P3qw0kh1uOIgeQXRQeZSsOIXwVthEZZnFwZXzz3 0zeTQZ0CvndWxda6Eqjxawq5mELAqxeMf/2GF3Qn7JyysCvQo23lUDpTtGX5kqee bTigs92r7EYugqPHp6gP5EkloaidhCPJU0xGMB0RLQbyW9Oli+q5o+hSgPf4DaKa rhz9xwrI3MqEmRWSp5qZ =7tr+ -----END PGP SIGNATURE----- From expires2013 at ymail.com Sun Aug 4 23:55:02 2013 From: expires2013 at ymail.com (MFPA) Date: Sun, 4 Aug 2013 22:55:02 +0100 Subject: [#INN-651-31269]: Re: key management & APG In-Reply-To: <51FEB893.20401@gmail.com> References: <1375630023.51fe72c7032d1@support.teamspeakusa.com> <51FEB893.20401@gmail.com> Message-ID: <962549381.20130804225502@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Sunday 4 August 2013 at 9:24:51 PM, in , Larry Brower wrote: > What is with the helpdesk being a list member? I suspect somebody has forwarded their mail to the helpdesk, forgetting to turn off message delivery from the list and thereby causing the list to be spammed with those irritating auto-replies. - -- Best regards MFPA mailto:expires2013 at ymail.com Ballerinas are always on their toes. We need taller ballerinas! -----BEGIN PGP SIGNATURE----- iQCVAwUBUf7NxaipC46tDG5pAQqL3wP7BXiY+0TaaIP0TM7Z12r0lWY7+MujBnBl 03hLvymR+YcSesxO6MWMnO5tD1F8AFo32ayifakQUVvojWfDEmPC55aK8KaZfB3m pXaxscDFFA2MsfvU8aIebyqd44Y1p+Gu/r4Ss0Yj8do3m6YZCYQOWO+1U5w2JAKw GqEx6mIADL0= =6ZYH -----END PGP SIGNATURE----- From hhhobbit at securemecca.net Mon Aug 5 08:13:17 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Mon, 05 Aug 2013 06:13:17 +0000 Subject: [#INN-651-31269]: Re: key management & APG In-Reply-To: <962549381.20130804225502@my_localhost> References: <1375630023.51fe72c7032d1@support.teamspeakusa.com> <51FEB893.20401@gmail.com> <962549381.20130804225502@my_localhost> Message-ID: <51FF427D.7090205@securemecca.net> On 08/04/2013 09:55 PM, MFPA wrote: > Hi > > > On Sunday 4 August 2013 at 9:24:51 PM, in > , Larry Brower wrote: > > >> What is with the helpdesk being a list member? > > I suspect somebody has forwarded their mail to the helpdesk, > forgetting to turn off message delivery from the list and thereby > causing the list to be spammed with those irritating auto-replies. That doesn't seem likely given the first message was ostensibly to Philipp Klaus Krause, The second was to Simon Ward. The third was to Hauke Laging. Why would all three be using their service and leaving it in a bad setting (still possible)? http://www.securemecca.com/tmp/TeamSpeakUSA-01.txt http://www.securemecca.com/tmp/TeamSpeakUSA-02.txt http://www.securemecca.com/tmp/TeamSpeakUSA-03.txt http://www.securemecca.com/tmp/ I could go into more detail on the other possible causes but won't because they are just that - just POSSIBLE causes. All I have are Microsoft Exchange headers which are not very informative. I will point to one which is that it is the same thing as what took down PhishTank's mailing list for at least a whiile. I wouldn't know because my efforts to get most of the spam links and didn't have malware link in the URLs was successful. But Phishtank use (used) an exim list mailer as well. I won't go into any more details than that. HHH From wk at gnupg.org Mon Aug 5 09:36:42 2013 From: wk at gnupg.org (Werner Koch) Date: Mon, 05 Aug 2013 09:36:42 +0200 Subject: [#INN-651-31269]: Re: key management & APG In-Reply-To: <51FEB893.20401@gmail.com> (Larry Brower's message of "Sun, 04 Aug 2013 15:24:51 -0500") References: <1375630023.51fe72c7032d1@support.teamspeakusa.com> <51FEB893.20401@gmail.com> Message-ID: <87ob9coagl.fsf@vigenere.g10code.de> On Sun, 4 Aug 2013 22:24, ivangrunt09 at gmail.com said: > What is with the helpdesk being a list member? They are. I have set the moderation flag. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From hhhobbit at securemecca.net Mon Aug 5 09:54:39 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Mon, 05 Aug 2013 07:54:39 +0000 Subject: Team Speak USA Test Message-ID: <51FF5A3F.7020105@securemecca.net> It looks like the initial guess (not my guess) is correct as my test shows (message from TeamSpeaK USA to me) http://www.securemecca.com/tmp/TeamSpeakUSA-Direct.txt http://www.securemecca.com/tmp/TeamSpeakUSA-Msg.txt Setting up a system like this which can spam a mailing list is an abuse. Whether it is accidental or intentional remains to be seen. It may be wise to not send until the spam issue can be resolved. HHH -- Gnome 3, Ubuntu Unity, Windows 8 - poor iPhone GUI on Desktop. Thinking has been suspended indefinitely. Anybody caught thinking will be immediately shot! -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 555 bytes Desc: OpenPGP digital signature URL: From brad at fineby.me.uk Mon Aug 5 10:18:57 2013 From: brad at fineby.me.uk (Brad Rogers) Date: Mon, 5 Aug 2013 09:18:57 +0100 Subject: [#INN-651-31269]: Re: key management & APG In-Reply-To: <87ob9coagl.fsf@vigenere.g10code.de> References: <1375630023.51fe72c7032d1@support.teamspeakusa.com> <51FEB893.20401@gmail.com> <87ob9coagl.fsf@vigenere.g10code.de> Message-ID: <20130805091857.3d41aad2@abydos.stargate.org.uk> On Mon, 05 Aug 2013 09:36:42 +0200 Werner Koch wrote: Hello Werner, >On Sun, 4 Aug 2013 22:24, ivangrunt09 at gmail.com said: >> What is with the helpdesk being a list member? >They are. I have set the moderation flag. The XOrg list has suffered the same problem. -- Regards _ / ) "The blindingly obvious is / _)rad never immediately apparent" Your life is like a schedule, you run to meet the bills Life Kills - Human League -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: not available URL: From kardan at riseup.net Mon Aug 5 12:31:13 2013 From: kardan at riseup.net (kardan) Date: Mon, 5 Aug 2013 12:31:13 +0200 Subject: Why trust any software? In-Reply-To: References: <51F17DB2.7050305@gmx.de> Message-ID: <20130805123113.7fea4454@delight> Hi, I would like to widen the view of this thread as the question not only apply to windows software in my eyes. On Thu, 25 Jul 2013 21:17:43 +0000 atair wrote: > This basically means, that everyone(!) can access, modify and > redistribute the source code of the program (see [2] if you're > interested). There are lots of people (usually volunteers from all > over the wold) who do peer reviews on the sources (and if you start > with [2], _you_ can be another one). Therefore, changes that look like > back doors are VERY unlikely to find their way in a release, because > hundreds of people are looking how the software evolves and will > reject such a patch. This is heard very often. How can I check if this is true for a particular piece of software? For the kernel reviews can be tracked via LKML but not every code is so popular. How to see how many people really read and approved a patch for example? Also the number may not be that relevant than if experienced developers did. On Fri, 26 Jul 2013 09:22:32 -0400 "Mark H. Wood" wrote: > But it takes only one person who can and does do this inspection, to > reveal the evil deed. And that person could be anywhere. He very > likely won't be identified until he announces his presence by > announcing his discovery of the attack. I would love this person even showing up to approve if there is no attack - just for me feeling better. On Fri, 26 Jul 2013 00:14:08 +0200 "Julian H. Stacey" wrote: > However you missed the point that many MS users are not programmers, > & will not be compiling their own binaries, so any malign entity > could regularly hack their nasty extras in, compile & issue binaries > that dont match published source [...] Also many linux users look strange at me if I say I do compile parts of my debian system. Fri, 26 Jul 2013 09:22:32 -0400 "Mark H. Wood" wrote: > Well, Windows users who aren't programmers, who switch to e.g. Linux, > will then be Linux users who aren't programmers, so this alone changes > little for the individual. He is still dependent on others in the > community. That is quite alright -- an important part of PKC is for > people to find out for themselves who is reliable and form open-eyed > trust relationships. Can you please explain what you mean by PKC in this context? Do you know of signing mechanisms for developers to A have special keys for signing code changes B sign each others keys to approve they are knowledged enough to understand and check the code reliably. C sign a piece of software/patch/commit with it ? Also it is interesting to differ between source and binaries - tracking source changes and builds separatedly or even confirm a trust chain with a combination of both. > One can't assume whoever offers a .exe has used a the same free GCC > compiler for MS aka http://www.cygwin.org that we might by default > reach for. > > It would be hard Work, comparing & analysing different _binaries_ > not _sources_ to differentiate benign irrelevant differences from > link order & tools used, & maybe date stamp & trace of compiler > host & licence number, as opposed to possible differences from to > malign source manipulation, > > I wouldn't waste time working unpaid analysing MS binaries to protect > clueless MS end users. More fun to develop source code for projects. There is a discussion going on [1] about this proposing deterministic builds system like gitian [2]. What do you think of it and is this applicable to gnupg as well? kardan [1] http://lists.debian.org/debian-security/2013/08/msg00003.html [2] https://gitian.org/ -- Kardan Encrypt your email: http://gnupg.org/documentation Public GPG key 9D6108AE58C06558 at hkp://pool.sks-keyservers.net fpr: F72F C4D9 6A52 16A1 E7C9 AE94 9D61 08AE 58C0 6558 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 620 bytes Desc: not available URL: From hhhobbit at securemecca.net Mon Aug 5 12:47:55 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Mon, 05 Aug 2013 10:47:55 +0000 Subject: [#INN-651-31269]: Re: key management & APG In-Reply-To: <20130805091857.3d41aad2@abydos.stargate.org.uk> References: <1375630023.51fe72c7032d1@support.teamspeakusa.com> <51FEB893.20401@gmail.com> <87ob9coagl.fsf@vigenere.g10code.de> <20130805091857.3d41aad2@abydos.stargate.org.uk> Message-ID: <51FF82DB.9010904@securemecca.net> On 08/05/2013 08:18 AM, Brad Rogers wrote: > On Mon, 05 Aug 2013 09:36:42 +0200 > Werner Koch wrote: > > Hello Werner, > >> On Sun, 4 Aug 2013 22:24, ivangrunt09 at gmail.com said: >>> What is with the helpdesk being a list member? >> They are. I have set the moderation flag. > > The XOrg list has suffered the same problem. Then it is malevolent by somebody. I am bcc'ing this message to teamspeak's technical contact. I suspect somebody is doing it deliberately now. HHH -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 555 bytes Desc: OpenPGP digital signature URL: From jeandavid8 at verizon.net Mon Aug 5 14:35:24 2013 From: jeandavid8 at verizon.net (Jean-David Beyer) Date: Mon, 05 Aug 2013 08:35:24 -0400 Subject: Why trust any software? In-Reply-To: <20130805123113.7fea4454@delight> References: <51F17DB2.7050305@gmx.de> <20130805123113.7fea4454@delight> Message-ID: <51FF9C0C.6020106@verizon.net> On 08/05/2013 06:31 AM, kardan wrote: > Hi, > > I would like to widen the view of this thread as the question not > only apply to windows software in my eyes. > > On Thu, 25 Jul 2013 21:17:43 +0000 atair > wrote: > >> This basically means, that everyone(!) can access, modify and >> redistribute the source code of the program (see [2] if you're >> interested). There are lots of people (usually volunteers from >> all over the wold) who do peer reviews on the sources (and if >> you start with [2], _you_ can be another one). Therefore, >> changes that look like back doors are VERY unlikely to find their >> way in a release, because hundreds of people are looking how the >> software evolves and will reject such a patch. > > This is heard very often. How can I check if this is true for a > particular piece of software? For the kernel reviews can be > tracked via LKML but not every code is so popular. How to see how > many people really read and approved a patch for example? Also the > number may not be that relevant than if experienced developers > did. > > On Fri, 26 Jul 2013 09:22:32 -0400 "Mark H. Wood" > wrote: > >> But it takes only one person who can and does do this >> inspection, to reveal the evil deed. And that person could be >> anywhere. He very likely won't be identified until he announces >> his presence by announcing his discovery of the attack. > > I would love this person even showing up to approve if there is no > attack - just for me feeling better. > > On Fri, 26 Jul 2013 00:14:08 +0200 "Julian H. Stacey" > wrote: > >> However you missed the point that many MS users are not >> programmers, & will not be compiling their own binaries, so any >> malign entity could regularly hack their nasty extras in, >> compile & issue binaries that dont match published source [...] > > Also many linux users look strange at me if I say I do compile > parts of my debian system. > If somehow you trust the Linux kernel you are using, that is already a big assumption. That would assure you that the Kernel source was used to compile the kernel. And if all was properly signed, and you have somehow obtained the fingerprint of the signing key in some reliable way, that would give high assurance. But how about the compiler that was used. It could have been sabotaged too, to insert a back door into any code it compiled, or only code for files with names that exist in the compiler and a kernel, perhaps. So not only need you trust the people who examined the source code for the kernel, you need to trust the people who support the kernel to have done the same thing for the compiler they use. And the compiler they used for compiling that compiler. To really trust (or not trust), you have to take all that C-code for the first compiler and compile it by hand to binary (not assembly level). Then use that to make the assembler that has been similarly verified, then the C compiler you really want to use, and so on. I am not sufficiently paranoid to do this, and I would not live long enough to do it even were I motivated to do it. Maybe Ken Thompson or Dennis Ritchie could do it, but I bet he would not. -- .~. Jean-David Beyer Registered Linux User 85642. /V\ PGP-Key:166D840A 0C610C8B Registered Machine 1935521. /( )\ Shrewsbury, New Jersey http://counter.li.org ^^-^^ 08:10:01 up 1 day, 23:35, 2 users, load average: 4.49, 4.43, 4.56 From expires2013 at ymail.com Mon Aug 5 22:39:24 2013 From: expires2013 at ymail.com (MFPA) Date: Mon, 5 Aug 2013 21:39:24 +0100 Subject: [#INN-651-31269]: Re: key management & APG In-Reply-To: <51FF427D.7090205@securemecca.net> References: <1375630023.51fe72c7032d1@support.teamspeakusa.com> <51FEB893.20401@gmail.com> <962549381.20130804225502@my_localhost> <51FF427D.7090205@securemecca.net> Message-ID: <1210381655.20130805213924@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Monday 5 August 2013 at 7:13:17 AM, in , Henry Hertz Hobbit wrote: > That doesn't seem likely given the first message was > ostensibly to Philipp Klaus Krause, The second was to > Simon Ward. The third was to Hauke Laging. Whichever member sends a message, all list members receive it. Any individual list member can spam the list with auto-replies. - -- Best regards MFPA mailto:expires2013 at ymail.com Never trust a dog with orange eyebrows -----BEGIN PGP SIGNATURE----- iQCVAwUBUgANjKipC46tDG5pAQqpGAP9G2w4N1oNB5VRxDp2Dm5uLyiBbMKCl0VP Jpgtuodc2dOl7pqTBFz5YedYKCpsPj+SM1In/tGt0c3biAEjhdyFgQpHab2A9Wss yV2HNDD6wjUWbcDJCMekpPp9x/lFM9Gj1ip+dozfd2S6CDSkPD5a6kWgKIyKyrvi 7JowAYoOqV8= =x8cN -----END PGP SIGNATURE----- From piracy at teamspeakusa.com Mon Aug 5 12:43:03 2013 From: piracy at teamspeakusa.com (TeamSpeak Piracy) Date: Mon, 05 Aug 2013 10:43:03 +0000 Subject: [#EJK-803-63662]: Re: Why trust any software? Message-ID: <1375699383.51ff81b7965cd@support.teamspeakusa.com> An HTML attachment was scrubbed... URL: From piracy at teamspeakusa.com Mon Aug 5 15:23:02 2013 From: piracy at teamspeakusa.com (TeamSpeak Piracy) Date: Mon, 05 Aug 2013 13:23:02 +0000 Subject: [#JYM-378-41570]: Re: Why trust any software? Message-ID: <1375708982.51ffa73693569@support.teamspeakusa.com> An HTML attachment was scrubbed... URL: From jeandavid8 at verizon.net Tue Aug 6 02:42:36 2013 From: jeandavid8 at verizon.net (Jean-David Beyer) Date: Mon, 05 Aug 2013 20:42:36 -0400 Subject: [#JYM-378-41570]: Re: Why trust any software? In-Reply-To: <1375708982.51ffa73693569@support.teamspeakusa.com> References: <1375708982.51ffa73693569@support.teamspeakusa.com> Message-ID: <5200467C.1010307@verizon.net> On 08/05/2013 09:23 AM, TeamSpeak Piracy wrote: > Jean-David Beyer, > > Thank you for contacting us. This is an automated response confirming > the receipt of your ticket. One of our agents will get back to you as > soon as possible. For your records, the details of the ticket are listed > below. When replying, please make sure that the ticket ID is kept in the > subject line to ensure that your replies are tracked appropriately. > > *Ticket ID: *JYM-378-41570 > *Subject: *Re: Why trust any software? > *Department: *Piracy [English] > *Type: *Issue > *Status: *Open > > You can check the status of or reply to this ticket online at: > https://support.teamspeakusa.com/index.php?/Tickets/Ticket/View/JYM-378-41570 > > Kind regards, > > TeamSpeak USA, Inc. > > ________________________________ > TeamSpeak Piracy > e-Mail: piracy at teamspeakusa.com > Visit: http://www.TeamSpeak.com > Knowledgebase: http://support.TeamSpeakUSA.com > > Hours of operation for this department are Monday - Friday, 9AM to 5PM > Pacific Time (UTC-8). We are committed to responding to your inquiry > within 48 hours, and typically will reply within 24 hours, excluding > weekends and holidays. I thought I posted to gnupg-users list. I was making a remark to a previous post. I was not filing a trouble report, and do not think I was even addressing the issue of piracy. Hence I am very confused that I seem to have been issued a trouble ticket and getting two e-mails about this. Is something wrong with a server? Or an autoresponder? -- .~. Jean-David Beyer Registered Linux User 85642. /V\ PGP-Key:166D840A 0C610C8B Registered Machine 1935521. /( )\ Shrewsbury, New Jersey http://counter.li.org ^^-^^ 20:40:01 up 2 days, 12:05, 2 users, load average: 4.34, 4.52, 4.52 From mlists at robin-kipp.net Tue Aug 6 03:09:29 2013 From: mlists at robin-kipp.net (Robin Kipp) Date: Tue, 6 Aug 2013 03:09:29 +0200 Subject: [#JYM-378-41570]: Re: Why trust any software? In-Reply-To: <5200467C.1010307@verizon.net> References: <1375708982.51ffa73693569@support.teamspeakusa.com> <5200467C.1010307@verizon.net> Message-ID: Hi Jean, no, I think you can be fairly certain that you never contacted any piracy department. If you look back through the last messages that have been going over the lest you'll find this has been going on for a while now, also for others posting to this list. Seems like their contact address got on this list somehow, hence a new ticket gets created each time someone on this list starts a new discussion. So, looks like their Piracy Department is getting lots of work for no reason :-) HTH! Robin Am 06.08.2013 um 02:42 schrieb Jean-David Beyer : > On 08/05/2013 09:23 AM, TeamSpeak Piracy wrote: >> Jean-David Beyer, >> >> Thank you for contacting us. This is an automated response confirming >> the receipt of your ticket. One of our agents will get back to you as >> soon as possible. For your records, the details of the ticket are listed >> below. When replying, please make sure that the ticket ID is kept in the >> subject line to ensure that your replies are tracked appropriately. >> >> *Ticket ID: *JYM-378-41570 >> *Subject: *Re: Why trust any software? >> *Department: *Piracy [English] >> *Type: *Issue >> *Status: *Open >> >> You can check the status of or reply to this ticket online at: >> https://support.teamspeakusa.com/index.php?/Tickets/Ticket/View/JYM-378-41570 >> >> Kind regards, >> >> TeamSpeak USA, Inc. >> >> ________________________________ >> TeamSpeak Piracy >> e-Mail: piracy at teamspeakusa.com >> Visit: http://www.TeamSpeak.com >> Knowledgebase: http://support.TeamSpeakUSA.com >> >> Hours of operation for this department are Monday - Friday, 9AM to 5PM >> Pacific Time (UTC-8). We are committed to responding to your inquiry >> within 48 hours, and typically will reply within 24 hours, excluding >> weekends and holidays. > > I thought I posted to gnupg-users list. I was making a remark to a > previous post. I was not filing a trouble report, and do not think I was > even addressing the issue of piracy. > > Hence I am very confused that I seem to have been issued a trouble > ticket and getting two e-mails about this. Is something wrong with a > server? Or an autoresponder? > > -- > .~. Jean-David Beyer Registered Linux User 85642. > /V\ PGP-Key:166D840A 0C610C8B Registered Machine 1935521. > /( )\ Shrewsbury, New Jersey http://counter.li.org > ^^-^^ 20:40:01 up 2 days, 12:05, 2 users, load average: 4.34, 4.52, 4.52 > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users From hhhobbit at securemecca.net Tue Aug 6 04:28:55 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Tue, 06 Aug 2013 02:28:55 +0000 Subject: [#JYM-378-41570]: Re: Why trust any software? In-Reply-To: <5200467C.1010307@verizon.net> References: <1375708982.51ffa73693569@support.teamspeakusa.com> <5200467C.1010307@verizon.net> Message-ID: <52005F67.1020301@securemecca.net> On 08/06/2013 12:42 AM, Jean-David Beyer wrote: > On 08/05/2013 09:23 AM, TeamSpeak Piracy wrote: >> Jean-David Beyer, >> >> Thank you for contacting us. This is an automated response confirming >> the receipt of your ticket. One of our agents will get back to you as >> soon as possible. For your records, the details of the ticket are listed >> below. When replying, please make sure that the ticket ID is kept in the >> subject line to ensure that your replies are tracked appropriately. >> >> *Ticket ID: *JYM-378-41570 >> *Subject: *Re: Why trust any software? >> *Department: *Piracy [English] >> *Type: *Issue >> *Status: *Open >> >> You can check the status of or reply to this ticket online at: >> https://support.teamspeakusa.com/index.php?/Tickets/Ticket/View/JYM-378-41570 >> >> Kind regards, >> >> TeamSpeak USA, Inc. >> >> ________________________________ >> TeamSpeak Piracy >> e-Mail: piracy at teamspeakusa.com >> Visit: http://www.TeamSpeak.com >> Knowledgebase: http://support.TeamSpeakUSA.com >> >> Hours of operation for this department are Monday - Friday, 9AM to 5PM >> Pacific Time (UTC-8). We are committed to responding to your inquiry >> within 48 hours, and typically will reply within 24 hours, excluding >> weekends and holidays. > > I thought I posted to gnupg-users list. I was making a remark to a > previous post. I was not filing a trouble report, and do not think I was > even addressing the issue of piracy. > > Hence I am very confused that I seem to have been issued a trouble > ticket and getting two e-mails about this. Is something wrong with a > server? Or an autoresponder? I guess you deleted all of my other messages. ANYBODY WHO POSTS ANYTHING TO THIS MAILING LIST IS GOING TO GET THIS UNLESS IT IS FIXED. I have done some preliminary studies and the messages are posted here: http://www.securemecca.com/tmp/ Look at the ones that start with "TeamSpeak". If the problem cannot be fixed or won't be fixed, the gnupg-usersGNATgnupg.org will have the very same problems the phishtank-dev list. What happened there is that the phishtank-dev list had to be closed. I assume the same thing is going to happen here. YOU DO NOT MONITOR THE SOURCE OF THE PROBLEM! If you can identify what the problem is and can remove it then you KILL THE PROBLEM. If you don't you have to shut down. I received no comment from TeamSpeak's technical person so I am going to be blocking ALL of their hosts in my blocking hosts file. I have no other choice. You don't listen to your attorney saying to not say anything if you are the victime. You cure the problem. They didn't reply so I have no choice. HHH From mirimir at riseup.net Tue Aug 6 05:07:57 2013 From: mirimir at riseup.net (mirimir) Date: Tue, 06 Aug 2013 03:07:57 +0000 Subject: [#JYM-378-41570]: Re: Why trust any software? In-Reply-To: <52005F67.1020301@securemecca.net> References: <1375708982.51ffa73693569@support.teamspeakusa.com> <5200467C.1010307@verizon.net> <52005F67.1020301@securemecca.net> Message-ID: <5200688D.6080609@riseup.net> On 08/06/2013 02:28 AM, Henry Hertz Hobbit wrote: > On 08/06/2013 12:42 AM, Jean-David Beyer wrote: >> On 08/05/2013 09:23 AM, TeamSpeak Piracy wrote: >>> Jean-David Beyer, >>> >>> Thank you for contacting us. This is an automated response confirming >>> the receipt of your ticket. One of our agents will get back to you as >>> soon as possible. For your records, the details of the ticket are listed >>> below. When replying, please make sure that the ticket ID is kept in the >>> subject line to ensure that your replies are tracked appropriately. >>> >>> *Ticket ID: *JYM-378-41570 >>> *Subject: *Re: Why trust any software? >>> *Department: *Piracy [English] >>> *Type: *Issue >>> *Status: *Open >>> >>> You can check the status of or reply to this ticket online at: >>> https://support.teamspeakusa.com/index.php?/Tickets/Ticket/View/JYM-378-41570 >>> >>> Kind regards, >>> >>> TeamSpeak USA, Inc. >>> >>> ________________________________ >>> TeamSpeak Piracy >>> e-Mail: piracy at teamspeakusa.com >>> Visit: http://www.TeamSpeak.com >>> Knowledgebase: http://support.TeamSpeakUSA.com >>> >>> Hours of operation for this department are Monday - Friday, 9AM to 5PM >>> Pacific Time (UTC-8). We are committed to responding to your inquiry >>> within 48 hours, and typically will reply within 24 hours, excluding >>> weekends and holidays. >> >> I thought I posted to gnupg-users list. I was making a remark to a >> previous post. I was not filing a trouble report, and do not think I was >> even addressing the issue of piracy. >> >> Hence I am very confused that I seem to have been issued a trouble >> ticket and getting two e-mails about this. Is something wrong with a >> server? Or an autoresponder? > > I guess you deleted all of my other messages. ANYBODY WHO POSTS > ANYTHING TO THIS MAILING LIST IS GOING TO GET THIS UNLESS IT IS > FIXED. I have done some preliminary studies and the messages are > posted here: > > http://www.securemecca.com/tmp/ > > Look at the ones that start with "TeamSpeak". If the problem cannot be > fixed or won't be fixed, the gnupg-usersGNATgnupg.org will have the > very same problems the phishtank-dev list. What happened there is that > the phishtank-dev list had to be closed. I assume the same thing is > going to happen here. YOU DO NOT MONITOR THE SOURCE OF THE PROBLEM! > If you can identify what the problem is and can remove it then you > KILL THE PROBLEM. If you don't you have to shut down. > > I received no comment from TeamSpeak's technical person so I am going > to be blocking ALL of their hosts in my blocking hosts file. I have > no other choice. You don't listen to your attorney saying to not say > anything if you are the victime. You cure the problem. They didn't > reply so I have no choice. > > HHH Why can't gnupg.org just blackhole everything from TeamSpeak's hosts? From wk at gnupg.org Tue Aug 6 09:43:28 2013 From: wk at gnupg.org (Werner Koch) Date: Tue, 06 Aug 2013 09:43:28 +0200 Subject: [#JYM-378-41570]: Re: Why trust any software? In-Reply-To: <5200688D.6080609@riseup.net> (mirimir@riseup.net's message of "Tue, 06 Aug 2013 03:07:57 +0000") References: <1375708982.51ffa73693569@support.teamspeakusa.com> <5200467C.1010307@verizon.net> <52005F67.1020301@securemecca.net> <5200688D.6080609@riseup.net> Message-ID: <874nb3mfhb.fsf@vigenere.g10code.de> On Tue, 6 Aug 2013 05:07, mirimir at riseup.net said: > Why can't gnupg.org just blackhole everything from TeamSpeak's hosts? The address was subscribed to gnupg-users. Yeasterday I enabled the moderation flag for this address but for unknown reasons this didn't worked. I now unsubscribed the address and put it on the ban list. If stuff like this continues we will need to moderate new subscriptions. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From mirimir at riseup.net Tue Aug 6 10:08:36 2013 From: mirimir at riseup.net (mirimir) Date: Tue, 06 Aug 2013 08:08:36 +0000 Subject: [#JYM-378-41570]: Re: Why trust any software? In-Reply-To: <874nb3mfhb.fsf@vigenere.g10code.de> References: <1375708982.51ffa73693569@support.teamspeakusa.com> <5200467C.1010307@verizon.net> <52005F67.1020301@securemecca.net> <5200688D.6080609@riseup.net> <874nb3mfhb.fsf@vigenere.g10code.de> Message-ID: <5200AF04.3010604@riseup.net> On 08/06/2013 07:43 AM, Werner Koch wrote: > On Tue, 6 Aug 2013 05:07, mirimir at riseup.net said: > >> Why can't gnupg.org just blackhole everything from TeamSpeak's hosts? > > The address was subscribed to gnupg-users. Yeasterday I enabled the > moderation flag for this address but for unknown reasons this didn't > worked. I now unsubscribed the address and put it on the ban list. > > If stuff like this continues we will need to moderate new subscriptions. Is it possible to drop "simply reply to this message" from the confirmation options? Requiring a visit to the mailman page, or even a specifically crafted reply, would prevent trolls from subscribing autoresponders. From jeandavid8 at verizon.net Tue Aug 6 12:52:37 2013 From: jeandavid8 at verizon.net (Jean-David Beyer) Date: Tue, 06 Aug 2013 06:52:37 -0400 Subject: [#JYM-378-41570]: Re: Why trust any software? In-Reply-To: References: <1375708982.51ffa73693569@support.teamspeakusa.com> <5200467C.1010307@verizon.net> Message-ID: <5200D575.2030204@verizon.net> On 08/05/2013 09:09 PM, Robin Kipp wrote: > Hi Jean, no, I think you can be fairly certain that you never > contacted any piracy department. If you look back through the last > messages that have been going over the lest you'll find this has been > going on for a while now, also for others posting to this list. Seems > like their contact address got on this list somehow, hence a new > ticket gets created each time someone on this list starts a new > discussion. So, looks like their Piracy Department is getting lots of > work for no reason :-) HTH! Robin Oh! Good! I was afraid it was something I did. -- .~. Jean-David Beyer Registered Linux User 85642. /V\ PGP-Key:166D840A 0C610C8B Registered Machine 1935521. /( )\ Shrewsbury, New Jersey http://counter.li.org ^^-^^ 06:50:01 up 2 days, 22:15, 2 users, load average: 4.22, 4.39, 4.43 From kententen at me.com Tue Aug 6 12:38:45 2013 From: kententen at me.com (Kenneth Jones) Date: Tue, 06 Aug 2013 18:38:45 +0800 Subject: Identifying your private key by the public KeyID Message-ID: Good day, and hello to the autoresponder (%]##{}#%^!!!) (just my opinion, mind you). I've been toying with PGP GPG GnuPG and whatever on and off since mid 1995, but recently have become interested again as the political situation in the US seems to warrant it. (Warrant? We don't need no stinking warrants...) anyway... I have a question about procedure...nomenclature, actually. Is it normal to refer to the private key by its own keyID, or by the KeyID of the mating public key? The public fingerprint is the one known by others (natch) and it's the identification I associate with the key pair. Is there any time when it is appropriate to refer to my private key by its own KeyID? I understand that each of the two eight-character sequences is unique, and so the private key is in fact not accurately identified by using the public key's ID, but is it common to do so? Seems to me it would be less confusing (for me, any way) to be prompted with the Main KeyID than with that of the private key. From peter at digitalbrains.com Tue Aug 6 14:18:12 2013 From: peter at digitalbrains.com (Peter Lebbing) Date: Tue, 06 Aug 2013 14:18:12 +0200 Subject: Identifying your private key by the public KeyID In-Reply-To: References: Message-ID: <5200E984.7090205@digitalbrains.com> On 06/08/13 12:38, Kenneth Jones wrote: > Is it normal to refer to the private key by its own keyID, or by the KeyID > of the mating public key? Key IDs are /always/ based on the public key, not the private counterpart. So the private key is also identified by the ID of the related public key. Can you give an example of where you see different IDs which led you to believe the private key had a different ID? Because I think you misunderstood something about that. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From dshaw at jabberwocky.com Tue Aug 6 14:38:56 2013 From: dshaw at jabberwocky.com (David Shaw) Date: Tue, 6 Aug 2013 08:38:56 -0400 Subject: Identifying your private key by the public KeyID In-Reply-To: References: Message-ID: <5DC9B915-F2EB-4055-8B88-1E62597CC6D0@jabberwocky.com> On Aug 6, 2013, at 6:38 AM, Kenneth Jones wrote: > > Good day, and hello to the autoresponder (%]##{}#%^!!!) (just my opinion, mind you). > I've been toying with PGP GPG GnuPG and whatever on and off since mid 1995, but recently have become interested again as the political situation in the US seems to warrant it. (Warrant? We don't need no stinking warrants...) anyway... > > I have a question about procedure...nomenclature, actually. Is it normal to refer to the private key by its own keyID, or by the KeyID of the mating public key? The public fingerprint is the one known by others (natch) and it's the identification I associate with the key pair. Is there any time when it is appropriate to refer to my private key by its own KeyID? I understand that each of the two eight-character sequences is unique, and so the private key is in fact not accurately identified by using the public key's ID, but is it common to do so? Seems to me it would be less confusing (for me, any way) to be prompted with the Main KeyID than with that of the private key. The public and private keys, by design, have the same fingerprints and key IDs. I'm not quite sure what you're referring to here. Is it possible you're looking at the primary key and subkey? Subkeys do have their own fingerprint and key ID, but that doesn't have anything to do with whether it is public or private - the subkey on a public key is public, and the subkey on a private key is private. David From hhhobbit at securemecca.net Tue Aug 6 14:52:54 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Tue, 06 Aug 2013 12:52:54 +0000 Subject: Identifying your private key by the public KeyID In-Reply-To: References: Message-ID: <5200F1A6.9090004@securemecca.net> On 08/06/2013 10:38 AM, Kenneth Jones wrote: > > Good day, and hello to the autoresponder (%]##{}#%^!!!) (just > my opinion, mind you). I've been toying with PGP GPG GnuPG and > whatever on and off since mid 1995, but recently have become > interested again as the political situation in the US seems to > warrant it. (Warrant? We don't need no stinking warrants...) > anyway... > > I have a question about procedure...nomenclature, actually. > Is it normal to refer to the private key by its own keyID, or > by the KeyID of the mating public key? The public fingerprint > is the one known by others (natch) and it's the identification > I associate with the key pair. Is there any time when it is > appropriate to refer to my private key by its own KeyID? I > understand that each of the two eight-character sequences is > unique, and so the private key is in fact not accurately > identified by using the public key's ID, but is it common to > do so? Seems to me it would be less confusing (for me, any > way) to be prompted with the Main KeyID than with that of the > private key. Are you speaking of the sub key? From the perspective of gpg --list-keys and gpg --list-secret-keys the public and private side have the same key number. Usually the first of a two key pair is defined as sec/pub with the two matching. The first key is for sighing. The second key is for enciphering and is specified as ssb/sub but still has the same key number in both --list-keys and list--secret-keys. Beyond that I will let somebody else elaborate. You put just your main key in the ~/.gnupg/gpg.conf file on Linux and everything just works. Ditto for selecting it on Windows. E/g.: pub 2048R/E05A9F9F 2013-08-06 [expires: 2015-08-06] uid Henry Hertz Hobbit (test) sub 2048R/051516A5 2013-08-06 [expires: 2015-08-06] You just use the E05A9F9F and now this temporary key is going away. Regarding the efforts of the autoresponder, TeamSpeak didn't do it. Here are their replies to me with the full message with headers and just the message itself: http://www.securemecca.com/tmp/FromTeamSpeakDirect.txt http://www.securemecca.com/tmp/FromTeamSpeakMsg.txt http://www.securemecca.com/tmp/ (it is best done this way rather than forwarding since you get the prime copy) If the monitoring was for a certain organixation it shouldn't have been done at all. All it did was pose a significantly larger burden for TeamSpeak getting rid of the garbage. How did they get there address added? Some little hackers used the technique PeskySpammer uses. PeskySpammer is NOT a generic term but refers to a group of spammers that fill one of my email queues with about 100 spam messages per day but it has gone as high as a thousand per day: http://securemecca.blogspot.com/2013/07/fake-health-ads.html (search for MX) http://securemecca.blogspot.com/2013/01/peskyspammer.html (see Mail Admin section) During this brief time of the gnupg-users problems I have had three malware shipped to me. They have to infect their SMTP servers which are just Microsoft Windows PCs. Next time, don't monitor. If it is for a certain organization I don't want to hear another one of their hacker workers complaining that I don't deserve the car when I walk past them. If you don't know what that means the day will come when you do understand and I foiled their effort to give me a car. If you can stop the bounces caused by the spammers, next time stop it IMMEDIATELY. Even madder than you are about the spam situation! HHH 0123456789012345678901234567890123456789012345678901234567890123 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 555 bytes Desc: OpenPGP digital signature URL: From mwood at IUPUI.Edu Tue Aug 6 14:56:50 2013 From: mwood at IUPUI.Edu (Mark H. Wood) Date: Tue, 6 Aug 2013 08:56:50 -0400 Subject: Why trust any software? In-Reply-To: <20130805123113.7fea4454@delight> References: <51F17DB2.7050305@gmx.de> <20130805123113.7fea4454@delight> Message-ID: <20130806125650.GA7667@IUPUI.Edu> On Mon, Aug 05, 2013 at 12:31:13PM +0200, kardan wrote: [snip] > Also many linux users look strange at me if I say I do compile parts > of my debian system. Heh, but then Gentoo Linux users will look at you strangely if you say that you *don't* compile parts of your system. :-) > Fri, 26 Jul 2013 09:22:32 -0400 > "Mark H. Wood" wrote: > > > Well, Windows users who aren't programmers, who switch to e.g. Linux, > > will then be Linux users who aren't programmers, so this alone changes > > little for the individual. He is still dependent on others in the > > community. That is quite alright -- an important part of PKC is for > > people to find out for themselves who is reliable and form open-eyed > > trust relationships. > > Can you please explain what you mean by PKC in this context? Sorry -- public key cryptography. > Do you know of signing mechanisms for developers to > A have special keys for signing code changes > B sign each others keys to approve they are knowledged enough to > understand and check the code reliably. > C sign a piece of software/patch/commit with it I don't see how this is different from a community building trust relationships for email. > ? Also it is interesting to differ between source and binaries - > tracking source changes and builds separatedly or even confirm a > trust chain with a combination of both. I suppose that you could rig a compiler to compute signatures over the sources it reads and incorporate these signatures into the binary. Likewise the linker. The whole toolchain would have to be carefully considered and modified to suit. I haven't heard of anyone doing that. (Someone will now point out that we would be reposing even more trust in the toolchain, making its verification more important. Yes.) -- Mark H. Wood, Lead System Programmer mwood at IUPUI.Edu Machines should not be friendly. Machines should be obedient. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From htd at fritha.org Tue Aug 6 16:08:06 2013 From: htd at fritha.org (Heinz Diehl) Date: Tue, 6 Aug 2013 16:08:06 +0200 Subject: [#JYM-378-41570]: Re: Why trust any software? In-Reply-To: <5200467C.1010307@verizon.net> References: <1375708982.51ffa73693569@support.teamspeakusa.com> <5200467C.1010307@verizon.net> Message-ID: <20130806140806.GA3577@fritha.org> On 06.08.2013, Jean-David Beyer wrote: > I thought I posted to gnupg-users list. I was making a remark to a > previous post. I was not filing a trouble report, and do not think I was > even addressing the issue of piracy. Put something like this in your mailfilter (this is procmail): :0 * ^From:[ ]+.*@teamspeakusa\.com) /dev/null From kententen at me.com Tue Aug 6 15:22:43 2013 From: kententen at me.com (Kenneth Jones) Date: Tue, 06 Aug 2013 21:22:43 +0800 Subject: Identifying your private key by the public KeyID In-Reply-To: <5200F1A6.9090004@securemecca.net> References: <5200F1A6.9090004@securemecca.net> Message-ID: <5200F8A3.9040109@Me.com> I'm referring to the information you see for example in the prompt to enter your private key when you have received an encrypted message in Thunderbird/Enigmail. The window "pinetry" prompts "Please enter the pass...2048-bit RSA key, ID DEADBEEF, created ... (main key ID ABCD0123)." Notice there are two key ID mentioned in the window, one called Main, which is also the public Key ID, (the one I expected, the one I remember) and the other for the secret key (which I have Never Paid any attention to). Frankly, I had never even noticed that before I ran into a little app for the iPad called iPGMail that actually ONLY prompts me for my secret key by asking for it by the secret key ID. Now, you gotta grant that there is nothing incorrect or inaccurate about asking for the desired key by its actual identification. But it sure isn't normal in my experience to do it that way. It caused me no end of troublesome investigation until I tumbled to what was actually being asked for was technically the Correct ID, but it certainly wasn't the Commonly Used Method, in my experience. See what I mean? Ken OxE2557AA7 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 553 bytes Desc: OpenPGP digital signature URL: From dshaw at jabberwocky.com Tue Aug 6 16:44:03 2013 From: dshaw at jabberwocky.com (David Shaw) Date: Tue, 6 Aug 2013 10:44:03 -0400 Subject: Identifying your private key by the public KeyID In-Reply-To: <5200F8A3.9040109@Me.com> References: <5200F1A6.9090004@securemecca.net> <5200F8A3.9040109@Me.com> Message-ID: On Aug 6, 2013, at 9:22 AM, Kenneth Jones wrote: > I'm referring to the information you see for example in the prompt to > enter your private key when you have received an encrypted message in > Thunderbird/Enigmail. The window "pinetry" prompts "Please enter the > pass...2048-bit RSA key, ID DEADBEEF, created ... (main key ID > ABCD0123)." Notice there are two key ID mentioned in the window, one > called Main, which is also the public Key ID, (the one I expected, the > one I remember) and the other for the secret key (which I have Never > Paid any attention to). Ah, that clarifies it. Yes, as a few people have suggested, that's the subkey ID. It's not inherently public or secret, but just another key attached to your primary key. In OpenPGP, "your key" refers to a primary key, plus some number of subkeys (occasionally zero, but that's fairly rare). The primary key is the one that the user IDs (email addresses, etc) are attached to, and the one that gathers signatures from other people if you get your key signed. The subkey(s) are keys attached to the primary key, that can be used for encryption or signing. The idea is that since it is difficult to change your primary key (you'd need to get it re-signed, and re-print your business cards, and the like) you should be able to change the subkey quickly and easily. A common methodology (and in fact the default for many programs) is to use the primary key for signing, and a subkey for encryption. There are interesting variations that can be used with this basic design: some people leave their primary key offline completely, only taking it out to make new subkeys. Some people use different passphrases on different subkeys. To answer your original question, though, traditionally the key-as-a-whole is referred to by its primary key ID and fingerprint. The subkeys are effectively along for the ride. Some programs make a point of telling you which subkey is in use at a particular time. Some do not. David From jays at panix.com Tue Aug 6 16:40:05 2013 From: jays at panix.com (Jay Sulzberger) Date: Tue, 6 Aug 2013 10:40:05 -0400 (EDT) Subject: Why trust any software? In-Reply-To: <20130806125650.GA7667@IUPUI.Edu> References: <51F17DB2.7050305@gmx.de> <20130805123113.7fea4454@delight> <20130806125650.GA7667@IUPUI.Edu> Message-ID: On Tue, 6 Aug 2013, Mark H. Wood wrote: > On Mon, Aug 05, 2013 at 12:31:13PM +0200, kardan wrote: > [snip] >> Also many linux users look strange at me if I say I do compile parts >> of my debian system. > > Heh, but then Gentoo Linux users will look at you strangely if you say > that you *don't* compile parts of your system. :-) > >> Fri, 26 Jul 2013 09:22:32 -0400 >> "Mark H. Wood" wrote: >> >>> Well, Windows users who aren't programmers, who switch to e.g. Linux, >>> will then be Linux users who aren't programmers, so this alone changes >>> little for the individual. He is still dependent on others in the >>> community. That is quite alright -- an important part of PKC is for >>> people to find out for themselves who is reliable and form open-eyed >>> trust relationships. >> >> Can you please explain what you mean by PKC in this context? > > Sorry -- public key cryptography. > >> Do you know of signing mechanisms for developers to >> A have special keys for signing code changes >> B sign each others keys to approve they are knowledged enough to >> understand and check the code reliably. >> C sign a piece of software/patch/commit with it > > I don't see how this is different from a community building trust > relationships for email. > >> ? Also it is interesting to differ between source and binaries - >> tracking source changes and builds separatedly or even confirm a >> trust chain with a combination of both. > > I suppose that you could rig a compiler to compute signatures over the > sources it reads and incorporate these signatures into the binary. > Likewise the linker. The whole toolchain would have to be carefully > considered and modified to suit. I haven't heard of anyone doing > that. (Someone will now point out that we would be reposing even more > trust in the toolchain, making its verification more important. Yes.) > > -- > Mark H. Wood, Lead System Programmer mwood at IUPUI.Edu > Machines should not be friendly. Machines should be obedient. Here is one recent effort along this line of defense: https://bitcointalk.org/index.php?topic=83743.0 oo--JS. From expires2013 at ymail.com Tue Aug 6 20:32:33 2013 From: expires2013 at ymail.com (MFPA) Date: Tue, 6 Aug 2013 19:32:33 +0100 Subject: [#JYM-378-41570]: Re: Why trust any software? In-Reply-To: <52005F67.1020301@securemecca.net> References: <1375708982.51ffa73693569@support.teamspeakusa.com> <5200467C.1010307@verizon.net> <52005F67.1020301@securemecca.net> Message-ID: <986967315.20130806193233@my_localhost> Hi On Tuesday 6 August 2013 at 3:28:55 AM, in , Henry Hertz Hobbit wrote: > I received no comment from TeamSpeak's technical person > so I am going to be blocking ALL of their hosts in my > blocking hosts file. I have no other choice. You > don't listen to your attorney saying to not say > anything if you are the victime. You cure the problem. > They didn't reply so I have no choice. Definitely something wrong when messages to get returned "550 Recipient unknown." -- Best regards MFPA mailto:expires2013 at ymail.com If at first you don't succeed, destroy all evidence that you tried. From kententen at me.com Wed Aug 7 02:13:52 2013 From: kententen at me.com (Kenneth Jones) Date: Wed, 07 Aug 2013 08:13:52 +0800 Subject: Identifying your private key by the public KeyID In-Reply-To: References: <5200F1A6.9090004@securemecca.net> <5200F8A3.9040109@Me.com> Message-ID: <52019140.6000208@Me.com> On 2013-08-06 22:44, David Shaw wrote: > On Aug 6, 2013, at 9:22 AM, Kenneth Jones wrote: > >> I'm referring to the information you see for example in the prompt to >> enter your private key when you have received an encrypted message in >> Thunderbird/Enigmail. The window "pinetry" prompts "Please enter the >> pass...2048-bit RSA key, ID DEADBEEF, created ... (main key ID >> ABCD0123)." Notice there are two key ID mentioned in the window, one >> called Main, which is also the public Key ID, (the one I expected, the >> one I remember) and the other for the secret key (which I have Never >> Paid any attention to). > Ah, that clarifies it. Yes, as a few people have suggested, that's the subkey ID. It's not inherently public or secret, but just another key attached to your primary key. In OpenPGP, "your key" refers to a primary key, plus some number of subkeys (occasionally zero, but that's fairly rare). The primary key is the one that the user IDs (email addresses, etc) are attached to, and the one that gathers signatures from other people if you get your key signed. > > The subkey(s) are keys attached to the primary key, that can be used for encryption or signing. The idea is that since it is difficult to change your primary key (you'd need to get it re-signed, and re-print your business cards, and the like) you should be able to change the subkey quickly and easily. A common methodology (and in fact the default for many programs) is to use the primary key for signing, and a subkey for encryption. There are interesting variations that can be used with this basic design: some people leave their primary key offline completely, only taking it out to make new subkeys. Some people use different passphrases on different subkeys. > > To answer your original question, though, traditionally the key-as-a-whole is referred to by its primary key ID and fingerprint. The subkeys are effectively along for the ride. Some programs make a point of telling you which subkey is in use at a particular time. Some do not. > > David > Thank you, David, for your reply. And thanks to all others who also helped, and those who patiently waited for me while the light dawned. It's apparent that I have a lot of catching up, I'll go do some reading. I'm fascinated, for example that a key pair has more than two parts. I have many questions, but I've taken enough of your time. FWIW, Steve Gibson, the SpinRite guy if you know of it, is beginning a series on mail privacy on his internet TV program at TWiT dot TV. Might be good to have you guys 'audit the course' so to speak, in case he goes far afield. Thanks again for your help. Ken -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 553 bytes Desc: OpenPGP digital signature URL: From jeandavid8 at verizon.net Wed Aug 7 14:49:10 2013 From: jeandavid8 at verizon.net (Jean-David Beyer) Date: Wed, 07 Aug 2013 08:49:10 -0400 Subject: [#JYM-378-41570]: Re: Why trust any software? In-Reply-To: <986967315.20130806193233@my_localhost> References: <1375708982.51ffa73693569@support.teamspeakusa.com> <5200467C.1010307@verizon.net> <52005F67.1020301@securemecca.net> <986967315.20130806193233@my_localhost> Message-ID: <52024246.4080900@verizon.net> On 08/06/2013 02:32 PM, MFPA wrote: > Hi > > > On Tuesday 6 August 2013 at 3:28:55 AM, in > , Henry Hertz Hobbit wrote: > > >> I received no comment from TeamSpeak's technical person >> so I am going to be blocking ALL of their hosts in my >> blocking hosts file. I have no other choice. You >> don't listen to your attorney saying to not say >> anything if you are the victime. You cure the problem. >> They didn't reply so I have no choice. > > > Definitely something wrong when messages to > get returned "550 Recipient unknown." > > Is the address abuse at teamspeakusa.com actually required? I know "postmaster at teamspeakusa.com" is required and it must go to a real person, but is any other? -- .~. Jean-David Beyer Registered Linux User 85642. /V\ PGP-Key:166D840A 0C610C8B Registered Machine 1935521. /( )\ Shrewsbury, New Jersey http://counter.li.org ^^-^^ 08:45:01 up 4 days, 10 min, 2 users, load average: 4.31, 4.37, 4.40 From hhhobbit at securemecca.net Wed Aug 7 19:15:22 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Wed, 07 Aug 2013 17:15:22 +0000 Subject: [#JYM-378-41570]: Re: Why trust any software? In-Reply-To: <52024246.4080900@verizon.net> References: <1375708982.51ffa73693569@support.teamspeakusa.com> <5200467C.1010307@verizon.net> <52005F67.1020301@securemecca.net> <986967315.20130806193233@my_localhost> <52024246.4080900@verizon.net> Message-ID: <520280AA.6030408@securemecca.net> On 08/07/2013 12:49 PM, Jean-David Beyer wrote: > Is the address abuse at teamspeakusa.com actually required? I know > "postmaster at teamspeakusa.com" is required and it must go to a real > person, but is any other? SKIP TO TEAMSPEAK OR SPECIFIC. Actually, even "postmaster" is no longer required. There are too many domains like the one I am using right now that doesn't even have anything but one email address (no http, ftp, or anything else) so the postmaster requirement was dropped. The postmaster requirement made sense in the days of bigger domains and a less fierce spam problem. Now most companies are behind firewalls. They may have "info", "hostmaster", "webmaster" or something like "Domain.Administrator". Actually, due to the same thing you just had in this list, spam, many now have only a web-form input with a captcha for abuse and other purposes. The spam problem promises to get only worse exponentially. IMHO, SMTP needs be replaced by SSMTP where a secure cryptographic token is required. I don't know if most mail servers can do the lookup of MX, then the IP addresses for the MX servers, and then dropping the message if the sending IP address does not match one of the mail server IP addresses. IPv6 makes things WORSE, not better. Bernstein's qmail can handle IPv4 but only if the volume is low. I know people using sendmail (have had it hacked at least three times) because qmail even without the extra burden isn't fast enough. The US Senate and US House of Representatives have used nothing but a web-form for what seems like at least ten years with a captcha. Their captcha probably needs to be upgraded. PeskySpammer (my name for a specific organization that gave me yet another piece of malware this morning that only 1 out of 46 AV at VirusTotal.com detecting at the start) regularly shoves in about 100+ email messages per day into my other account. What sends the messages? Hacked Windows PC machines that have a half (send-only) SMTP server dropped onto them. They attach directly to the receiving mail servers, bypassing an outbound SMTP server. PeskySpammer can do as bad to me as 1000+ messages per day with dumb mail servers continuing the practice of bouncing rather than dropping bogus email. If their bouncing mail servers strip the URLs and malware attaqchments I am left with nothing since you don't have the originating IP from a bounce. My domain didn't send the message so why tell me? TEAMSPEAK: TeamSpeak didn't cause the problems. I reformatted the mail message they sent to me by changing one portion of the email addresses in an attempt to prevent bot harvesting of the email addresses and reformatting the FromTeamSpeakMsg.txt file to make it more readable: http://www.securemecca.com/tmp/FromTeamSpeakDirect.txt http://www.securemecca.com/tmp/FromTeamSpeakDirect.txt.sig http://www.securemecca.com/tmp/FromTeamSpeakMsg.txt http://www.securemecca.com/tmp/FromTeamSpeakMsg.txt.sig TeamSpeak had hundreds of list servers like gnupg-users that were pelting TeamSpeak with useless requests. Maybe it is time for somebody with 7mm Remington Magnum instead of what we are doing. Mine was sighted in to go up through the line of sight at a little over 100 meters and then come back down at about 350 meters. I could shoot five shot groups in the size of a dime at 100 meters and shooting one kilometer was not only possible but done regularly - target barrel on a pre 1964 Winchester Model 70 long bolt action. 8x - 16X scope but better scopes are now available (mostly on the .50 caliber sniper rifles that can almost go through an engine block). The hackers have create the equivalent of the old west (or old east in Russia) with no rules. Naybe it is time to retaliate. Anonymous, I don't expect you to apologize and any tears you have will be just crocodile tears. gnupg-users was probably abused in the same way that PeskySpammer is abusing things with SMTP servers that forges the header. Better real SMTP servers like postfix and qmail or hand-crafted SMTP servers preserve the IPv4 address. Microsoft Exchange does a LOUSY job of preserving the IPv4 address. The transition to IPv6 is going to make things worse. SPECIFIC Your old postmaster days are gone forever. Actually, I think they mostly disappeared before the 21st century started. But my thousand messages a day made a very good admin at a University raise his eyebrows in surprise. Special SMTP servers with a send only design that can be dropped into place on a Microsoft Windows machine have completely changed the spam equation. List servers need a first step web-form with captcha to curtail this abuse which is just going to get infinitely worse. So don't blame TeamSpeak for the problems. Blame the hackers who are anarchists who want to make things exponentially worse for everybody else and are selfish and care only about themselves. HHH -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 555 bytes Desc: OpenPGP digital signature URL: From kardan at riseup.net Wed Aug 7 21:37:46 2013 From: kardan at riseup.net (kardan) Date: Wed, 7 Aug 2013 21:37:46 +0200 Subject: Why trust any software? In-Reply-To: <51FF9C0C.6020106@verizon.net> References: <51F17DB2.7050305@gmx.de> <20130805123113.7fea4454@delight> <51FF9C0C.6020106@verizon.net> Message-ID: <20130807213746.27962b59@delight> Hi, thanks for your thoughts and sorry for this copy/paste nightmare. I tried to fit in my thoughts, but if you think this topic is on the wrong list, don't hesitate to slap me into the right direction, please. On Mon, 05 Aug 2013 08:35:24 -0400 Jean-David Beyer wrote: > If somehow you trust the Linux kernel you are using, that is already a > big assumption. > > That would assure you that the Kernel source was used to compile the > kernel. And if all was properly signed, and you have somehow obtained > the fingerprint of the signing key in some reliable way, that would > give high assurance. > > But how about the compiler that was used. It could have been sabotaged > too, to insert a back door into any code it compiled, or only code for > files with names that exist in the compiler and a kernel, perhaps. > > So not only need you trust the people who examined the source code for > the kernel, you need to trust the people who support the kernel to > have done the same thing for the compiler they use. And the compiler > they used for compiling that compiler. > > To really trust (or not trust), you have to take all that C-code for > the first compiler and compile it by hand to binary (not assembly > level). Then use that to make the assembler that has been similarly > verified, then the C compiler you really want to use, and so on. I can't do that myself yet, but I can roughly imagine a scripted way for storing the signatures on some pool which could be checked in a scripted way from command line or even a "trusted" gui in the future. I even could live with a mechanism of cenralized archive for this like the debian's packaging system. > Do you use a web browser on the internet? If yes, then somone can > target you with an exploit. So looking a bit in the future I would say, if it is worth and really would help to authenticate the trust of software, we [whoever sees the need for it] could establish such an infrastructure in the next years. > Heh, but then Gentoo Linux users will look at you strangely if you say > that you *don't* compile parts of your system. :-) Surely they do because I don't compile all of system. > > Do you know of signing mechanisms for developers to > > A have special keys for signing code changes > > B sign each others keys to approve they are knowledged enough to > > understand and check the code reliably. > > C sign a piece of software/patch/commit with it > > I don't see how this is different from a community building trust > relationships for email. I think it could set up on top of the debian web of trust or any other developers's trust chain. Currently for example debian maintainers undergo some social tests to become DD once which does not mean that all their future packages are done well enough, to not allow any exploits (not talking about any intended security holes). < http://lists.debian.org/debian-security/2013/08/msg00035.html > For any who missed the scandal or need cribnotes: > http://lwn.net/Articles/282038/ > http://www.links.org/?p=327 > http://www.links.org/?p=328 I had not time to go through all of this, but maybe some of you still remember and can add some final thoughts. Package checks and bug tracking are merely done on a trial and error base. Although I know the security team takes big efforts to find such vulnerabilites and to fix them in short time. (Which I am extremely grateful for). However, this has be shown to be insufficient and I wonder how a structured process could look like to check packages before they wander into a distro. > I think a basic first step would be to disallow binary uploads, as > ubuntu does. Would this really help? < http://lists.debian.org/debian-security/2013/08/msg00027.html > Michael Stone: > > On Sun, Aug 04, 2013 at 10:12:40AM +0200, Heimo Stranner wrote: > >> I think the real issue is about if the malicious patch is not part > >> of the source package > > > > Why? It certainly makes your argument simpler if you arbitrarily > > restrict the problem set, but it isn't obvious that it makes sense. > > If I was going to backdoor something, I'd just make an > > innocent-looking coding error that would enable a successful > > exploit; I certainly wouldn't put in a commented section of code > > that says "backdoor here". With sufficient effort it wouldn't be > > hard to inject such a vulnerability that would go unnoticed for > > years--and > > > I'm not sure why > > that's less of an issue than someone making a one-time build with a > > malicious patch that is not part of the source package. > > An innocent-looking coding error requires a malicious maintainer. > > A malicious patch not part of the source code can be done by any > adversary who compromised the build server. I think the latter is more > simple, risk free and anonymous. > > Getting rid of possibilities for intentional innocent-looking coding > error is possible as well. First of all, how much security is the goal > vs required effort? Is pragmatic security, as in "no random script > kiddy can take down any Debian powered systems" sufficient or is it > "we don't want all the three letter agencies around the globe being > always able to remotely access any Debian system". > > As far I know, only lower level programming languages such as > assembler, C and C++ open up for sophisticated intentional > innocent-looking coding errors, right? Bugs possibly leading to > remote code execution are much more obvious to spot in higher level > languages such as python? > > If that case and more than pragmatic security is the goal, the use of > lower level languages should be restricted to cases where other > solutions aren't possible (bootloader etc.). And frozen. So that the > code is 100% stable and vulnerability free after some time. It should > be possible in theory if our machines get more performance over time? > I think that would be quite painful to rewrite so many tools. > > Are there any better solutions to the trusting trust issue? Or will > the fight against backdoors be lost at some point? > Checksums should be created on the .deb and the individual files. The > advantage of deterministic builds would be, that these checksums would > always be the same, no matter when and by whom the build is made as > long as the source code isn't changed. > > Sure, deterministic builds are only the first step. Getting up a > system to automatically to track changes in source code and to > compare hash sums would be required as well. > > I am afraid if deterministic builds can't solve all problems at once. > Do you see no advantages at all? I am just interested to have in a > couple of years still operating systems without any secretly built-in > trojans because build servers got compromised with zero days. > > I suppose that you could rig a compiler to compute signatures over > > the sources it reads and incorporate these signatures into the > > binary. Likewise the linker. The whole toolchain would have to be > > carefully considered and modified to suit. I haven't heard of > > anyone doing that. (Someone will now point out that we would be > > reposing even more trust in the toolchain, making its verification > > more important. Yes.) > > > > -- > > Mark H. Wood, Lead System Programmer mwood at IUPUI.Edu > > Machines should not be friendly. Machines should be obedient. > > Here is one recent effort along this line of defense: < https://bitcointalk.org/index.php?topic=83743.0 > Currently, before a new release of Bitcoin-Qt is published to > SourceForge, it must be compiled by 3 different people who verify that > they have produced the same exact binaries. This is done to protect > against a variety of attack vectors: a single builder could include a > trojan or backdoor into their binaries. No matter how much this person > is trusted, their ability puts them at risk of being forced (eg, by > gunpoint or legal action) to do so, or potential to do so accidentally > (eg, if their build system is infected itself). Additionally, there is > one person to impersonate or man-in-the-middle-attack, and the chance > (5-10% in a person's lifetime, according to a quick Google) the person > may begin to go insane. It also leaves open a question to the masses > should that person die, of whether his successor is just as > trustworthy. > > However, right now, these thrice-verified builds are only possible for > Linux and Windows using the Gitian framework. So far, Gavin has been > personally responsible for the Mac OS X binaries, and he (and the > community) incurs all the risks above as a result. < http://gitian.org/howto.html > To bootstrap a clean RubyGems installation, run: > > % curl https://gitian.org/boot-gems | sh > > This will: > > Install RubyGems to ~/.gem > Create ~/.profile-gem to be included in your shell startup script > Install the Gitian gem > The HighSecurity gem install policy will be activated, meaning that > all gems must be signed with a trusted certificate. If you have to > install a gem from another repository, you can turn off security > temporarily with gem gitian --undo and turn it back on with gem > gitian. Alternatively, you can download a gem and install it with gem > install -P LowSecurity name.gem. > > USE WITH AN EXISTING RUBYGEMS INSTALLATION > This is somewhat less secure, since it relies on your existing gem > source (e.g. gemcutter) for obtaining the Gitian gem. > > % gem install gitian > % gem gitian > > This will display: > > Please verify fingerprint for is > A9:24:34:B6:63:16:80:6A:06:9B:30:29:D0:EA:9C:0D:3D:86:A9:32 $ gem install gitian Fetching: gitian-0.0.3.gem (100%) ======================================================================== Thanks for installing Gitian! You can now run: gem gitian use Gitian.org or another distribution as your main gem source ======================================================================== Successfully installed gitian-0.0.3 1 gem installed Installing ri documentation for gitian-0.0.3... Installing RDoc documentation for gitian-0.0.3... $ gem gitian Please verify fingerprint for is A9:24:34:B6:63:16:80:6A:06:9B:30:29:D0:EA:9C:0D:3D:86:A9:32 High security policy enabled. You will get an 'unsigned gem' error if you try to install a gem from a normal, non-signing gem repository. Use 'gem gitian --undo' if you want to install an unsigned gem. Sources in ~/.gemrc: - https://gitian.org/rubygems/latest/ Gem defaults: --trust-policy HighSecurity So from now in theory I can trust that all gems installed in the future are signed with a trusted certificate. Unfortunately the files on https://gitian.org/rubygems/ are last touched in 2009 (same for http://github.com/devrandom/gitian-tools ). The gitian-builder for builds in a consolidated VM looks more current: https://github.com/devrandom/gitian-builder "This package can do a deterministic build of a package inside a VM" So I have no conclusion but I would like to keep the discussion running to step towards what seems impossible for now. -- Kardan Encrypt your email: http://gnupg.org/documentation Public GPG key 9D6108AE58C06558 at hkp://pool.sks-keyservers.net fpr: F72F C4D9 6A52 16A1 E7C9 AE94 9D61 08AE 58C0 6558 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 620 bytes Desc: not available URL: From simon+gnupg at bleah.co.uk Wed Aug 7 21:53:37 2013 From: simon+gnupg at bleah.co.uk (Simon Ward) Date: Wed, 07 Aug 2013 20:53:37 +0100 Subject: [#JYM-378-41570]: Re: Why trust any software? In-Reply-To: <52024246.4080900@verizon.net> References: <1375708982.51ffa73693569@support.teamspeakusa.com> <5200467C.1010307@verizon.net> <52005F67.1020301@securemecca.net> <986967315.20130806193233@my_localhost> <52024246.4080900@verizon.net> Message-ID: Jean-David Beyer wrote: >> Definitely something wrong when messages to >> get returned "550 Recipient unknown." > >Is the address abuse at teamspeakusa.com actually required? I know >"postmaster at teamspeakusa.com" is required and it must go to a real >person, but is any other? Various RFCs require the postmaster address, but following RFCs in this respect, since it has little impact on interoperability, is effectively voluntary. RFC 2142 gives other common and not really required mailboxes. Simon Ward From eye.of.the.8eholder at gmail.com Thu Aug 8 23:17:40 2013 From: eye.of.the.8eholder at gmail.com (Khelben Blackstaff) Date: Fri, 9 Aug 2013 00:17:40 +0300 Subject: Question about notations and domains Message-ID: <20130809001740.719db906@tardis.info> Greetings. I am sorry if this is already answered but i could not find anything relevant in the archive. Quick introduction: I got a new smart card and reader so i thought to create a temporary test key and document on my blog all the steps i did over the years. In the next post i want to describe the policy urls and notations i use. If i have understood the standard correctly, notations should have the form tag at my.domain.tld using a domain i own because my meaning for "tag" might be different than someone else's. Is this correct ? Some users do not own a domain but have a github account. For some time now, github supports creating a repository containing html files and naming it username.github.io. Then http://username.github.io renders all the files in that repository as a normal webpage. I wouldn't want to encourage bad practice so i worry if i should mention this functionality or not. (for example issuer-fpr at username.github.io=%g) The user controls the content of the repository but he does not "own" the domain (neither it is a real domain). Also sending e-mail to the notation name will not work (though this functionality is optional). Are notations with such a "domain" a valid case or are considered bad practice and should not be used ? Another question i have is about the pgpmime notation. I see many people using it verbatim "preferred-email-encoding at pgp.com=pgpmime". Shouldn't @pgp.com be changed to the domain of each user ? Thank you for your time. From hhhobbit at securemecca.net Fri Aug 9 05:37:47 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Fri, 09 Aug 2013 03:37:47 +0000 Subject: Question about notations and domains In-Reply-To: <20130809001740.719db906@tardis.info> References: <20130809001740.719db906@tardis.info> Message-ID: <5204640B.5020703@securemecca.net> On 08/08/2013 09:17 PM, Khelben Blackstaff wrote: (please read the original) Short answer: Your github URL converted into an email address is NOT a good solution. Read on if you want to know why. It is not necessary to "own" the domain. For example, I could perhaps have an email account at physics.arizona.edu (they make great telescope optics). There was a joke about a head coach here in the United States being able to come up to a potential recruit and say "Coach Jared Grasso, Iona College." To which the potential recruit would reply as he was shaking the coach's hand; "YOU DO!?" Even though you don't own the educational institution you do own an email address there if one is given to you. It is yours as long as they let you have it. Similarly, if you have an email address at a company you work at, even though the company may say they own the email box contents, the address is "yours" at least to use until you move on to some place else. The first reason one of your UIDs needs an email address only you use is to make the keys (assuming a primary signing key and an enciphering sub key but there are many other options) "yours". It is also helpful to have a comment for that UID with an email address to help persuade others to sign your keys for the WOT. It also makes it even harder for somebody to typo-squat on your key-set (key-pair for me). If you put your public keys on one of the keyservers about the only way others can get your key(s) is if at least one of your UIDs has an email address. The email address is used to find your key as well as providing partial authentication that you got the right key. This is especially true for web key search tools: http://pgp.mit.edu/ (real names and even the shortened key ID come up blank for me but email addresses never fail) In addition to your primary UID which has an email address you can add as many UIDs as you need. Make sure you really need the UIDs. There should not be a problem in making one of the other UIDs without an email address that has only your name in the name field and your github URL in the comment field. I have many keys on my key-ring that in addition to one or more UIDs with email addresses have some additional UIDs with just their name and the Comment field filled in. So making an extra UID with your name, no email address, and your github URL in the comment field is probably the best way to do what I THINK you are attempting to do. Are you saying that strange email address created from your github ID makes it possible for people to send you a message from POP or web-mail similar to sending an SMS message to a cell phone? If it works you may want to add it but you still should have a UID for your key-set that has a "real" email address. (I answer why in a separate paragraph). It is much easier and less expensive to own your own domain and a POP email account than you would expect. The domain and POP email account I am using here is less than $30 per year at 1and1.com. GoDaddy and others can also set you up. Your first and last name run together "khelbenblackstaff" is available in the BIZ, COM, INFO, NET, and ORG TLDs. If you are in the US, "khelbenblackstaff.us" is also available. So getting a POP email account is in reach. It is also something you can have that is consistent and stays with you from school to school and job to job as well as many changes in your physical address and even across multiple ISPs. If you get an email account with a mail provider that is using Microsoft Exchange make sure you write EVERYTHING down. Others send to you with the traditional NAME at DOMAIN but you usually access the POP email in Thunderbird or another MUA by using the internal Microsoft Exchange name your mail service provider will give you. E.g,. instead of using hhhobbit[GNAT]securemecca.net I use m-MYHASHID to access the email for this account. I also have to use the m-MYHASHID in the web-mail interface. I will let others answer your questions about "converting" your github URL to an email address. I don't think too much of it because another reason for a "real" email address is so they can email you an enciphered message and ask "is this key yours?" They enciphered with your public key. If you don't have the secret (private) side of the key then you cannot decipher the message. If you don't answer the sender gets paranoid and decides the key is bogus. Can you handle an enciphered message with that github id converted into an email address? I don't think so. NOW you know why I don't like that strange github derived email address. I have taken up WAY too much space in an attempt to give the greatest clarity. I will let somebody else answer your pgpmime question. All I know is that Enigmail in Thunderbird makes it explicit with an "use PGP/MIME" check box. It works. So does Claws Mail on Windows which is bundled with GPG4Win. I cannot advise using any MUA (Mail User Agent - Thunderbird, Office, Claws Mail, etc.) that renders HTML. I am getting one malware per day in my email but since I use Thunderbird, NOT phish or spear phish fools me even when I am sick and almost asleep. Enigmail in Thunderbird seamlessly integrates GnuPG encryption as well. Ditto for Claws Mail. I strongly discourage using Microsoft Office. Even RSA and other companies get whacked by spear-phish when they use Microsort Office to read email. HHH From dshaw at jabberwocky.com Fri Aug 9 06:09:29 2013 From: dshaw at jabberwocky.com (David Shaw) Date: Fri, 9 Aug 2013 00:09:29 -0400 Subject: Question about notations and domains In-Reply-To: <20130809001740.719db906@tardis.info> References: <20130809001740.719db906@tardis.info> Message-ID: <3AE0287D-181C-4DFE-8B0F-CB8377311A09@jabberwocky.com> On Aug 8, 2013, at 5:17 PM, Khelben Blackstaff wrote: > Greetings. > > I am sorry if this is already answered but i could not find anything > relevant in the archive. > > Quick introduction: I got a new smart card and reader so i thought to > create a temporary test key and document on my blog all the steps i > did over the years. In the next post i want to describe the policy urls > and notations i use. > > If i have understood the standard correctly, notations should have > the form tag at my.domain.tld using a domain i own because my meaning > for "tag" might be different than someone else's. Is this correct ? There are two namespaces here. If a tag is defined by the IETF process, then there is no @domain at all. The @domain tags are used when regular users want to define a tag. Anyway, so it's true that you can use the @domain notation to differentiate between a tag you use and the same tag used by someone else, but this shouldn't be interpreted as that you should always use the local domain. The domain is set by whoever defines the tag. For example: > Another question i have is about the pgpmime notation. I see many > people using it verbatim "preferred-email-encoding at pgp.com=pgpmime". > Shouldn't @pgp.com be changed to the domain of each user ? In this case, the preferred-email-encoding tag was defined by the pgp.com people. Thus preferred-email-encoding at pgp.com is the proper string to use. David From eye.of.the.8eholder at gmail.com Fri Aug 9 08:09:38 2013 From: eye.of.the.8eholder at gmail.com (Khelben Blackstaff) Date: Fri, 9 Aug 2013 09:09:38 +0300 Subject: Question about notations and domains In-Reply-To: <5204640B.5020703@securemecca.net> References: <20130809001740.719db906@tardis.info> <5204640B.5020703@securemecca.net> Message-ID: <20130809090938.087aad95@tardis.info> On Fri, 09 Aug 2013 03:37:47 +0000 Henry Hertz Hobbit wrote: First, thank you for replying. > Short answer: Your github URL converted into an email > address is NOT a good solution. Read on if you want to > know why. > > The first reason one of your UIDs needs an email address only > you use is to make the keys (assuming a primary signing key > and an enciphering sub key but there are many other options) > "yours". It is also helpful to have a comment for that > UID with an email address to help persuade others to sign your > keys for the WOT. It also makes it even harder for somebody Perhaps i did not phrase my question correctly, but i did not mean to use the github url as e-mail address in the UID. As i put in the subject, i meant it only for notations. Let me describe it a bit better. When you own a real domain that hosts your web page, you can put your public key, a text file describing your signing policy and you can even also put files describing the exact procedure of that cerfitication (for example saying "I met Khelben Blackstaff on a cafe, he shown me his id and passport, ......"). You can then set gnupg to automatically embed this info to the signatures. For example: default-keyserver-url http://your.domain.tld/gpg/pubkey.asc sig-notation issuer-fpr at your.domain.tld=%g cert-notation signotes at your.domain.tld=http://your.domain.tld/gpg/%K.asc set-policy-url http://your.domain.tld/gpg/policy-current.txt The domain is yours so it is perfectly fine to use it on the notations. > It is much easier and less expensive to own your own domain > and a POP email account than you would expect. The domain and > POP email account I am using here is less than $30 per year > at 1and1.com. GoDaddy and others can also set you up. Your > first and last name run together "khelbenblackstaff" is > available in the BIZ, COM, INFO, NET, and ORG TLDs. If you are > in the US, "khelbenblackstaff.us" is also available. So Yes it is very easy and cheap to acquire a domain but not everyone has one and i do not think he will get one just to use with gpg. I hardly persuade my friends to use gpg in the first place. That is why i wanted to mention that he can do the same thing with github. He can put his policy and key notes on his github "web page" and then use that "domain" as a notation. The notation that would be embedded in the signature would be issuer-fpr at username.github.io I never meant to use the github url in the UID. I hope my explanation is better now and not more confusing. Thank you again. From wk at gnupg.org Fri Aug 9 09:13:07 2013 From: wk at gnupg.org (Werner Koch) Date: Fri, 09 Aug 2013 09:13:07 +0200 Subject: Question about notations and domains In-Reply-To: <20130809001740.719db906@tardis.info> (Khelben Blackstaff's message of "Fri, 9 Aug 2013 00:17:40 +0300") References: <20130809001740.719db906@tardis.info> Message-ID: <87d2pngwvw.fsf@vigenere.g10code.de> On Thu, 8 Aug 2013 23:17, eye.of.the.8eholder at gmail.com said: > the form tag at my.domain.tld using a domain i own because my meaning > for "tag" might be different than someone else's. Is this correct ? Right. For experiments it should be okay to example.com as domain. If you have a need for a notation key and you can describe the purpose, let us know and I may assign one from gnupg.org. > Another question i have is about the pgpmime notation. I see many > people using it verbatim "preferred-email-encoding at pgp.com=pgpmime". > Shouldn't @pgp.com be changed to the domain of each user ? No. The purpose of that key has been specified by pgp.com. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From eye.of.the.8eholder at gmail.com Fri Aug 9 08:43:35 2013 From: eye.of.the.8eholder at gmail.com (Khelben Blackstaff) Date: Fri, 9 Aug 2013 09:43:35 +0300 Subject: Question about notations and domains In-Reply-To: <3AE0287D-181C-4DFE-8B0F-CB8377311A09@jabberwocky.com> References: <20130809001740.719db906@tardis.info> <3AE0287D-181C-4DFE-8B0F-CB8377311A09@jabberwocky.com> Message-ID: <20130809094335.6618a2fe@tardis.info> I only replied to Mr. Shaw and not to the list so i send this again. On Fri, 9 Aug 2013 00:09:29 -0400 David Shaw wrote: > There are two namespaces here. If a tag is defined by the IETF > process, then there is no @domain at all. The @domain tags are used > when regular users want to define a tag. > > Anyway, so it's true that you can use the @domain notation to > differentiate between a tag you use and the same tag used by someone > else, but this shouldn't be interpreted as that you should always use > the local domain. The domain is set by whoever defines the tag. > > In this case, the preferred-email-encoding tag was defined by the > pgp.com people. Thus preferred-email-encoding at pgp.com is the proper > string to use. > > David > Yes i understood the two namespaces but i had not understood that the proper domain is the one of the person who defines the tag. I had the impression that everyone should use his own domain. So, in the case of the issuer-fpr notation, which if i am not wrong was introduced by Mr. Gillmor, the proper notation is issuer-fpr at notations.openpgp.fifthhorseman.net and not issuer-fpr at my.domain.tld ? Thank you for replying Mr. Shaw. From dcMhOYBdpZkH at web.de Fri Aug 9 09:38:50 2013 From: dcMhOYBdpZkH at web.de (.) Date: Fri, 09 Aug 2013 09:38:50 +0200 Subject: fefe's new gnupg diff Message-ID: <52049C8A.2040705@web.de> http://dl.fefe.de/gnupg-1.4.14.dif From m4rtntns at gmail.com Fri Aug 9 16:35:13 2013 From: m4rtntns at gmail.com (Martin T) Date: Fri, 9 Aug 2013 17:35:13 +0300 Subject: How to detect fingerprint and type of the key from pubring.gpg(public keyring file)? In-Reply-To: <1F0AA38F-E5B9-4CE2-8880-15F6509573B7@jabberwocky.com> References: <1D917D2B-083C-4445-8912-00AE1D207D2F@jabberwocky.com> <1F0AA38F-E5B9-4CE2-8880-15F6509573B7@jabberwocky.com> Message-ID: Ok, I see. Probably RIPE server-side software behaves like file(1) utility(or just calls the file(1) utility), which seems to determine file as a "PGP public key block" if it contains the "BEGIN PGP PUBLIC KEY BLOCK" string: noc at T42 ~/.gnupg $ file pubkey.txt pubkey.txt: PGP public key block noc at T42 ~/.gnupg $ hexdump -C /usr/share/file/magic.mgc | grep -B 3 -A 3 "PGP PUBLIC" 000011f0 00 00 00 00 00 00 00 00 00 00 20 00 3d 1e 05 00 |.......... .=...| 00001200 00 00 00 00 02 00 00 00 00 00 00 00 16 00 00 00 |................| 00001210 00 00 00 00 00 00 00 00 2d 2d 2d 42 45 47 49 4e |........---BEGIN| 00001220 20 50 47 50 20 50 55 42 4c 49 43 20 4b 45 59 20 | PGP PUBLIC KEY | 00001230 42 4c 4f 43 4b 2d 00 00 50 47 50 20 70 75 62 6c |BLOCK-..PGP publ| 00001240 69 63 20 6b 65 79 20 62 6c 6f 63 6b 00 00 00 00 |ic key block....| 00001250 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| noc at T42 ~/.gnupg $ regards, Martin On 8/2/13, David Shaw wrote: > On Aug 2, 2013, at 3:56 AM, Martin T wrote: > >> Hi, >> >> thanks for the reply! >> >>>> I think "method" in the example above is just indicating that this is a >>>> PGP key. >> >> Exactly. However, how does RIPE server-side software detect that it's >> a PGP key? Is this information(besides other information like key >> creation date and UID) written into pubring.gpg file during the >> creation of the public key? > > Not directly. There isn't some special tag that says "this is a PGP key" > that lets you tell it apart from (say) some new image format that just > happens to have a similar packet structure. If you think about it, that's > not possible since some other file format might accidentally trip the > detector since there is no global registry of tags. > > Many people use heuristics, based on the format in the spec. (For example, > the 'file' program does this). Or the ultimate heuristic: if it looks like > a PGP key, can you parse it and import it? > >>>> No. The fingerprint is based on the key material only. You can >>>> add/change UIDs without the fingerprint changing. >> >> Indeed. I revoked my current UID and changed it to another one and >> both public and private key fingerprints remained the same. So the key >> fingerprint is a hashed key material? Is it a SHA-1, MD5 or some other >> type of hash? > > SHA-1. The exact bytes that get fed into the hash are given in RFC-4880, > but basically it's the public key material with a few bytes of structure > around it. > > David > > From dshaw at jabberwocky.com Fri Aug 9 17:10:22 2013 From: dshaw at jabberwocky.com (David Shaw) Date: Fri, 9 Aug 2013 11:10:22 -0400 Subject: Question about notations and domains In-Reply-To: <20130809094335.6618a2fe@tardis.info> References: <20130809001740.719db906@tardis.info> <3AE0287D-181C-4DFE-8B0F-CB8377311A09@jabberwocky.com> <20130809094335.6618a2fe@tardis.info> Message-ID: On Aug 9, 2013, at 2:43 AM, Khelben Blackstaff wrote: > I only replied to Mr. Shaw and not to the list so i send this again. > > On Fri, 9 Aug 2013 00:09:29 -0400 > David Shaw wrote: > >> There are two namespaces here. If a tag is defined by the IETF >> process, then there is no @domain at all. The @domain tags are used >> when regular users want to define a tag. >> >> Anyway, so it's true that you can use the @domain notation to >> differentiate between a tag you use and the same tag used by someone >> else, but this shouldn't be interpreted as that you should always use >> the local domain. The domain is set by whoever defines the tag. >> >> In this case, the preferred-email-encoding tag was defined by the >> pgp.com people. Thus preferred-email-encoding at pgp.com is the proper >> string to use. >> >> David >> > > Yes i understood the two namespaces but i had not understood that the > proper domain is the one of the person who defines the tag. I had > the impression that everyone should use his own domain. > > So, in the case of the issuer-fpr notation, which if i am not wrong > was introduced by Mr. Gillmor, the proper notation is > issuer-fpr at notations.openpgp.fifthhorseman.net and not > issuer-fpr at my.domain.tld ? Sort of. Basically, if you want the semantics of the tag as defined by a particular person, you use their tag. If you want different semantics, you can use your own tag (possibly using the same tag name, but @ your own domain). In the case of the issuer-fpr tag specifically, I'd use dkg's tag. It's straightforward and well defined. David From eye.of.the.8eholder at gmail.com Sun Aug 11 16:44:12 2013 From: eye.of.the.8eholder at gmail.com (Khelben Blackstaff) Date: Sun, 11 Aug 2013 17:44:12 +0300 Subject: Question about notations and domains In-Reply-To: <87d2pngwvw.fsf@vigenere.g10code.de> References: <20130809001740.719db906@tardis.info> <87d2pngwvw.fsf@vigenere.g10code.de> Message-ID: <20130811174412.7cac3053@tardis.info> On Fri, 09 Aug 2013 09:13:07 +0200 Werner Koch wrote: > If you have a need for a notation key and you can describe the > purpose, let us know and I may assign one from gnupg.org. > Is there a notation definition for mentioning the procedure followed for each specific certification ? For example "I met Werner Koch at the linux convention in Hamburg and verified his passport, then sent a e-mail challenge, etc". I have seen 1-2 people using signotes@ but i do not know if it is widely used or if there is a more appropriate tagname. Also is there a list or "registry" containing the defined notations ? The only ones i am aware of are preferred-email-encoding and issuer-fpr. Thank you again. From adrelanos at riseup.net Sun Aug 11 23:11:39 2013 From: adrelanos at riseup.net (adrelanos) Date: Sun, 11 Aug 2013 21:11:39 +0000 Subject: How to create new keyring from an existing key in an existing keyring? Message-ID: <5207FE0B.20907@riseup.net> Hi! Lets say in /path/to/pubring.gpg is a key and I want to export it and make a suitable new keyring, for example for /etc/apt/trusted.gpg.d/. I could think of a way to export the key, change --homedir, create a new keyring, and import a the key. But is there a more elegant way? Cheers, adrelanos From m4rtntns at gmail.com Mon Aug 12 10:40:35 2013 From: m4rtntns at gmail.com (Martin T) Date: Mon, 12 Aug 2013 11:40:35 +0300 Subject: understanding GnuPG "--clearsign" option Message-ID: Hi, one can sign the message with "--clearsign" option which adds ASCII armored(Radix-64 encoding) "PGP signature" at the end of the text. This "PGP signature" contains the UID of the signer, timestamp and key ID. However, two questions: 1) Where is the UID of the signer, timestamp of the signature and signer key-ID stored? If I execute "gpg2 --verify file.asc", then I'm able to see the UID of the signer, timestamp and signer key-ID, but if I decode the Radix-64/base64 data back to binary(base64 -d) and use "hexdump -C" to analyze this data, I do not see the UID, timestamp or signer key-ID. 2) What exactly is this "PGP signature"? Is it a SHA1 hash of the message which is encrypted with my private key and then ASCII armored? regards, Martin From peter at digitalbrains.com Mon Aug 12 11:18:23 2013 From: peter at digitalbrains.com (Peter Lebbing) Date: Mon, 12 Aug 2013 11:18:23 +0200 Subject: How to create new keyring from an existing key in an existing keyring? In-Reply-To: <5207FE0B.20907@riseup.net> References: <5207FE0B.20907@riseup.net> Message-ID: <5208A85F.8090002@digitalbrains.com> On 11/08/13 23:11, adrelanos wrote: > I could think of a way to export the key, change --homedir, create a new > keyring, and import a the key. But is there a more elegant way? gpg --export 0xDEADBEEF | gpg --no-default-keyring --keyring \ /etc/apt/trusted.gpg.d/meat.gpg --import (one long command line) HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From hhhobbit at securemecca.net Mon Aug 12 14:04:32 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Mon, 12 Aug 2013 12:04:32 +0000 Subject: How to create new keyring from an existing key in an existing keyring? In-Reply-To: <5208A85F.8090002@digitalbrains.com> References: <5207FE0B.20907@riseup.net> <5208A85F.8090002@digitalbrains.com> Message-ID: <5208CF50.8070109@securemecca.net> On 08/12/2013 09:18 AM, Peter Lebbing wrote: > On 11/08/13 23:11, adrelanos wrote: >> I could think of a way to export the key, change --homedir, create a new >> keyring, and import a the key. But is there a more elegant way? > > gpg --export 0xDEADBEEF | gpg --no-default-keyring --keyring \ > /etc/apt/trusted.gpg.d/meat.gpg --import > > (one long command line) Assumes /etc/apt/trusted.gpg.d exists and is a folder (good assumption for Debian based, not so good for RPM based) and that the ordinary user can write a file in the folder (bad assumption even if your flavor is Debian-esque) with no changes made. On Debian-esque you may need to do a: # chmod 1777 /etc/apt/trusted.gpg.d then the above command, then: # chmod 755 /etc/apt/trusted.gpg.d Does that get you what you want? Is the "meat" some sort of comment that adrelanos will be dead meat? The command is elegant though. From wk at gnupg.org Mon Aug 12 15:09:22 2013 From: wk at gnupg.org (Werner Koch) Date: Mon, 12 Aug 2013 15:09:22 +0200 Subject: [Announce] GPGME 1.4.3 released Message-ID: <87siyfdpj1.fsf@vigenere.g10code.de> Hello! I am pleased to announce version 1.4.3 of GPGME. GnuPG Made Easy (GPGME) is a C language library that allows to add support for cryptography to a program. It is designed to make access to public key crypto engines as included in GnuPG easier for applications. GPGME provides a high-level crypto API for encryption, decryption, signing, signature verification, and key management. * Noteworthy changes in version 1.4.3 (2013-08-12) - The default engine names are now taken from the output of gpgconf. If gpgconf is not found the use of gpg 1 is assumed. - Under Windows the default engines names are first searched in the installation directory of the gpgme DLL. - New function gpgme_data_identify to detect the type of a message. - Interface changes relative to the 1.4.2 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_signers_count NEW. gpgme_data_type_t NEW. gpgme_data_identify NEW. * Download You may download this library and its OpenPGP signature from: ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.4.3.tar.bz2 (950k) ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.4.3.tar.bz2.sig GZIP compressed tarballs are also available: ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.4.3.tar.gz (1202k) ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.4.3.tar.gz.sig As an alternative you may use a patch file to upgrade the previous version of the library: ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.4.2-1.4.3.diff.bz2 (27k) SHA-1 checksums are: ffdb5e4ce85220501515af8ead86fd499525ef9a gpgme-1.4.3.tar.bz2 65c7f78593065946a7480c3389b4b1f19326a59d gpgme-1.4.3.tar.gz dc9f68f8d2fa1208f736035fc6c5693ae4bac0f7 gpgme-1.4.2-1.4.3.diff.bz2 * Support Please send questions regarding the use of GPGME to the gnupg-devel mailing list: http://lists.gnupg.org/mailman/listinfo/gnupg-devel/ If you need commercial support, you may want to consult this listing: http://www.gnupg.org/service.html The driving force behind the development of the GnuPG system is my company g10 Code. Maintenance and improvement of GnuPG and related software takes up most of our resources. To allow us to continue our work on free software, we ask to either purchase a support contract, engage us for custom enhancements, or to donate money: http://g10code.com/gnupg-donation.html Happy hacking, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 204 bytes Desc: not available URL: -------------- next part -------------- _______________________________________________ Gnupg-announce mailing list Gnupg-announce at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce From ekleog at gmail.com Mon Aug 12 15:21:50 2013 From: ekleog at gmail.com (Leo Gaspard) Date: Mon, 12 Aug 2013 15:21:50 +0200 Subject: understanding GnuPG "--clearsign" option In-Reply-To: References: Message-ID: <20130812132150.GA22783@leortable> On Mon, Aug 12, 2013 at 11:40:35AM +0300, Martin T wrote: > Hi, > > one can sign the message with "--clearsign" option which adds ASCII > armored(Radix-64 encoding) "PGP signature" at the end of the text. > This "PGP signature" contains the UID of the signer, timestamp and key > ID. However, two questions: > > 1) Where is the UID of the signer, timestamp of the signature and > signer key-ID stored? If I execute "gpg2 --verify file.asc", then I'm > able to see the UID of the signer, timestamp and signer key-ID, but if > I decode the Radix-64/base64 data back to binary(base64 -d) and use > "hexdump -C" to analyze this data, I do not see the UID, timestamp or > signer key-ID. > > 2) What exactly is this "PGP signature"? Is it a SHA1 hash of the > message which is encrypted with my private key and then ASCII armored? According to http://openpgp.org/technical/ the OpenPGP standard is RFC 4880. So, as your question is quite technical, you should be able to find your answer here : http://www.ietf.org/rfc/rfc4880.txt Sorry for not being able to help you more! Leo From hhhobbit at securemecca.net Mon Aug 12 18:34:58 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Mon, 12 Aug 2013 16:34:58 +0000 Subject: understanding GnuPG "--clearsign" option In-Reply-To: References: Message-ID: <52090EB2.1070009@securemecca.net> On 08/12/2013 08:40 AM, Martin T wrote: > Hi, > > one can sign the message with "--clearsign" option which adds ASCII > armored(Radix-64 encoding) "PGP signature" at the end of the text. > This "PGP signature" contains the UID of the signer, timestamp and key > ID. However, two questions: GnuPG does much more than just the Radix-64 encoding with the --clearsign: $ gpg --default-key MINE --output list.asc \ --clearsign list.txt By that I mean gpg/gpg2 doesn't just do a base64 conversion but also does other magic stuff. You can stop reading now. > 1) Where is the UID of the signer, timestamp of the signature and > signer key-ID stored? If I execute "gpg2 --verify file.asc", then I'm > able to see the UID of the signer, timestamp and signer key-ID, but if > I decode the Radix-64/base64 data back to binary(base64 -d) and use > "hexdump -C" to analyze this data, I do not see the UID, timestamp or > signer key-ID. The UID and other things are stored in the string which is usually more than one line long between the BEGIN PGP SIGNATURE and END PGP SIGNATURE. But I am puzzled how you did this part. If I copy the now clear signed list.txt to a justsig.txt file and edit out all but the hash I get a warning. Actually I get a warning no matter what content is in the justsig.txt file from the base file: $ base64 -d < justsig.asc > list.bin base64: invalid input The list.bin file has zero length unless you use nothing but the hash which is the normal way base64 works for email attachments. In any event, list.bin created with just the hash has no known file type that magic understands. e.g.: $ file list.bin list.bin: data $ ls -l list.bin 287 list.bin Like I said, if you use anything BUT just the hash, list.bin will contain nothing (zero bytes). But I will ALWAYS get the "invalid input" meaning it is something base64 does NOT understand. Is this what you did to get a non-zero length file via base64 -d from a --clearsign file? > 2) What exactly is this "PGP signature"? Is it a SHA1 hash of the > message which is encrypted with my private key and then ASCII armored? It uses the hash in the preferred order of what is associated with the key used and what the the version of OpenPGP you are using is capable of handling. That for me is SHA-256 since that is my first choice and my version of gpg can handle it. SHA1 is usually the default unless you set your preferences to something else since it is still difficult to do a brute attack on SHA1 (but it can be done): http://securemecca.com/public/GnuPG/GnuPG_Prefs.txt The hash is created based on the text as input using the private side of the key and then ASCII armored in such a way that when you verify it finds the appropriate public key based on the hash and does the other hash calculation of the text and see if it matches. In any event, the markers of --clearsign make it clear that only an OpenPGP compliant program can handle it. The MIME markines are used by email to determine what handles it since a --clearsign is what you need to make the signature something you can send in email but it can be used for other purposes. It is just that you can NOT send a non-ASCII signature directly in email without it being converted to ASCII first. There are other uses of -clearsign like when you what the signature and the file contents together. ------------------------------------------------------------ base64, the older uuencode and uudecode and similar programs do nothing more than convert a binary file like a zip file into ASCII text so the zip file can be sent as an email attachment. Send a message to yourself in email with a test.zip attachment. Save the entire message to a file (for Thunderbird you will have an *.eml file). Assuming the file was named test.eml and the attachment was test.zip: $ cp test.eml test.base64 Edit the test.base64 file so it has only the hashed material and note the zip name (assuming test.zip was what you attached and sent). Also note that it uses base64 as the type in the "Content-Transfer-Encoding:" if that is what your email used (it usually is). $ base64 -i -d < test.base64 > test,zip $ file test.zip test.zip: Zip archive data, at least v1.0 to extract $ unzip test.zip $ cat test.txt Hello World GnuPG does much more than just the Radix-64 binary to ASCII conversion and only gpg or gpg2 can handle it. Use base64 only if it is specified in the MIME markings (the latest malware from PeskySpammer here): Content-Type: application/zip; name="Tax Notices Report.zip" Content-Transfer-Encoding: base64 Content-Disposition: attachment; name="Tax Notices Report.zip" Usually you won't need to use base64 and Thunderbird Evolution, or other mail programs will allow the saving of the file unless Microsoft Exchange munges it in a bounce to you. In that case, if base64 is specified as the Transfer Encoding type you can save the enter message to file. Then edit the file and strip off all the other stuff and get the file out of the hashed stuff even if your mail program can not do it. But base64 is unusable for a -clearsign or even a -a --detach-sign where you can more easily see it: Nest Paw? From wk at gnupg.org Mon Aug 12 19:06:11 2013 From: wk at gnupg.org (Werner Koch) Date: Mon, 12 Aug 2013 19:06:11 +0200 Subject: Question about notations and domains In-Reply-To: <20130811174412.7cac3053@tardis.info> (Khelben Blackstaff's message of "Sun, 11 Aug 2013 17:44:12 +0300") References: <20130809001740.719db906@tardis.info> <87d2pngwvw.fsf@vigenere.g10code.de> <20130811174412.7cac3053@tardis.info> Message-ID: <877gfqet4s.fsf@vigenere.g10code.de> On Sun, 11 Aug 2013 16:44, eye.of.the.8eholder at gmail.com said: > Also is there a list or "registry" containing the defined notations ? > The only ones i am aware of are preferred-email-encoding and issuer-fpr. The notations GnuPG knows about are found in g10/parse-packet.c:can_handle_critical_notation Given that these are private notations you won't be able to find a complete reference. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From adrelanos at riseup.net Mon Aug 12 19:53:53 2013 From: adrelanos at riseup.net (adrelanos) Date: Mon, 12 Aug 2013 17:53:53 +0000 Subject: How to create new keyring from an existing key in an existing keyring? In-Reply-To: <5208A85F.8090002@digitalbrains.com> References: <5207FE0B.20907@riseup.net> <5208A85F.8090002@digitalbrains.com> Message-ID: <52092131.7010307@riseup.net> Peter Lebbing: > On 11/08/13 23:11, adrelanos wrote: >> I could think of a way to export the key, change --homedir, create a new >> keyring, and import a the key. But is there a more elegant way? > > gpg --export 0xDEADBEEF | gpg --no-default-keyring --keyring \ > /etc/apt/trusted.gpg.d/meat.gpg --import > > (one long command line) That worked well. Thanks for your help. From peter at digitalbrains.com Mon Aug 12 20:55:47 2013 From: peter at digitalbrains.com (Peter Lebbing) Date: Mon, 12 Aug 2013 20:55:47 +0200 Subject: [OT] Re: How to create new keyring from an existing key in an existing keyring? In-Reply-To: <5208CF50.8070109@securemecca.net> References: <5207FE0B.20907@riseup.net> <5208A85F.8090002@digitalbrains.com> <5208CF50.8070109@securemecca.net> Message-ID: <52092FB3.2060306@digitalbrains.com> On 12/08/13 14:04, Henry Hertz Hobbit wrote: >> gpg --export 0xDEADBEEF | gpg --no-default-keyring --keyring \ >> /etc/apt/trusted.gpg.d/meat.gpg --import > Assumes /etc/apt/trusted.gpg.d exists and is a folder (good assumption for > Debian based, not so good for RPM based) I simply took his own example. > # chmod 1777 /etc/apt/trusted.gpg.d Bad idea. It makes my eyes hurt, 1777 and trusted directly next to eachother ;). I think it's not really directly related to the question, but if it were relevant, I'd say that the correct way would be to let the ordinary user create the file elsewhere and then have root move it to that directory, /after/ changing ownership of the file to root. > Is the "meat" some sort of comment that adrelanos will be dead meat? Eh? A bit sinister interpretation, but okay: I took 0xDEADBEEF for the fact that it's a 32-bit identifier that's mildly funny. I still needed a filename for the keyring, so I stored the dead beef in the meat file. Cheers, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From maxp at trystero.is Mon Aug 12 21:00:08 2013 From: maxp at trystero.is (Max R.D Parmer) Date: Mon, 12 Aug 2013 12:00:08 -0700 Subject: understanding GnuPG "--clearsign" option In-Reply-To: References: Message-ID: <20130812190008.GA58832@trystero.is> On Mon, Aug 12, 2013 at 11:40:35AM +0300, Martin T wrote: > Hi, > > one can sign the message with "--clearsign" option which adds ASCII > armored(Radix-64 encoding) "PGP signature" at the end of the text. > This "PGP signature" contains the UID of the signer, timestamp and key > ID. However, two questions: > > 1) Where is the UID of the signer, timestamp of the signature and > signer key-ID stored? If I execute "gpg2 --verify file.asc", then I'm > able to see the UID of the signer, timestamp and signer key-ID, but if > I decode the Radix-64/base64 data back to binary(base64 -d) and use > "hexdump -C" to analyze this data, I do not see the UID, timestamp or > signer key-ID. To add to the other good advice you've gotten, you might want to experiment with the --list-packets option to gpg to get a peak at the inner structure of that blob at the end. -- @maximus_freeman 0x7D964D3361142ACF -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 966 bytes Desc: not available URL: From dshaw at jabberwocky.com Tue Aug 13 00:25:06 2013 From: dshaw at jabberwocky.com (David Shaw) Date: Mon, 12 Aug 2013 18:25:06 -0400 Subject: understanding GnuPG "--clearsign" option In-Reply-To: References: Message-ID: <7FF2C4B0-541C-46D0-875A-39878EF3C069@jabberwocky.com> On Aug 12, 2013, at 4:40 AM, Martin T wrote: > Hi, > > one can sign the message with "--clearsign" option which adds ASCII > armored(Radix-64 encoding) "PGP signature" at the end of the text. > This "PGP signature" contains the UID of the signer, timestamp and key > ID. However, two questions: > > 1) Where is the UID of the signer, timestamp of the signature and > signer key-ID stored? If I execute "gpg2 --verify file.asc", then I'm > able to see the UID of the signer, timestamp and signer key-ID, but if > I decode the Radix-64/base64 data back to binary(base64 -d) and use > "hexdump -C" to analyze this data, I do not see the UID, timestamp or > signer key-ID. The timestamp and the signer's key ID are both present in the binary blob. The signer's user ID is not, as GPG is using the signer's key ID to look up the signer's key and shows the user ID from there. > 2) What exactly is this "PGP signature"? Is it a SHA1 hash of the > message which is encrypted with my private key and then ASCII armored? It's not always SHA-1, and there are other things included in the hash, but at a very high level, this is basically accurate. The exact construction of a signature and how the input is calculated is given in RFC-4880, the OpenPGP specification. David From foobar3001 at yahoo.com Wed Aug 14 05:36:34 2013 From: foobar3001 at yahoo.com (Foo Bar) Date: Tue, 13 Aug 2013 20:36:34 -0700 (PDT) Subject: Can I create domain keys? Message-ID: <1376451394.71981.YahooMailNeo@web163905.mail.gq1.yahoo.com> Hello! I would like to create a domain key, which can be used for all emails in a particular domain. For example, if the key is for "*@example.com", then sending to both "foo at example.com" and "bar at example.com" would use this key. Is this possible with GPG? Thank you very much... From axel.braun at gmx.de Wed Aug 14 09:47:52 2013 From: axel.braun at gmx.de (Axel Braun) Date: Wed, 14 Aug 2013 09:47:52 +0200 Subject: self signed keys Message-ID: <5244710.Rkx2xRVkLn@t520.axxite.internal> Hi, one (stupid?) question: Where is the requirement to sign your own key documented? I had a look into RFC 4880 but could not spot the requirement there. Thanks for clarifying.... Axel -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: From johanw at vulcan.xs4all.nl Wed Aug 14 10:05:18 2013 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Wed, 14 Aug 2013 10:05:18 +0200 Subject: self signed keys In-Reply-To: <5244710.Rkx2xRVkLn@t520.axxite.internal> References: <5244710.Rkx2xRVkLn@t520.axxite.internal> Message-ID: <520B3A3E.70604@vulcan.xs4all.nl> On 14-08-2013 9:47, Axel Braun wrote: > Where is the requirement to sign your own key documented? AFAIK it is not required, just common practice. -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From johanw at vulcan.xs4all.nl Wed Aug 14 10:33:07 2013 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Wed, 14 Aug 2013 10:33:07 +0200 Subject: Can I create domain keys? In-Reply-To: <1376451394.71981.YahooMailNeo@web163905.mail.gq1.yahoo.com> References: <1376451394.71981.YahooMailNeo@web163905.mail.gq1.yahoo.com> Message-ID: <520B40C3.4030508@vulcan.xs4all.nl> On 14-08-2013 5:36, Foo Bar wrote: > I would like to create a domain key, which can be used for all > emails in a particular domain. For example, if the key is for > "*@example.com", then sending to both "foo at example.com" and "bar at example.com" > would use this key. > > Is this possible with GPG? You can use each key for each mail, your sender address doesn't have to be the address in the key. -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From axel.braun at gmx.de Wed Aug 14 11:09:45 2013 From: axel.braun at gmx.de (Axel Braun) Date: Wed, 14 Aug 2013 11:09:45 +0200 Subject: self signed keys In-Reply-To: <520B3A3E.70604@vulcan.xs4all.nl> References: <5244710.Rkx2xRVkLn@t520.axxite.internal> <520B3A3E.70604@vulcan.xs4all.nl> Message-ID: <34423965.aj30gue6I4@t520.axxite.internal> Am Mittwoch, 14. August 2013, 10:05:18 schrieb Johan Wevers: > On 14-08-2013 9:47, Axel Braun wrote: > > Where is the requirement to sign your own key documented? > > AFAIK it is not required, just common practice. Really? I recently had a key which I was unable to import due to missing self- signature. Just with the option --allow-non-selfsigned-uid it was possible docb at T520:~> gpg2 --import --verbose --allow-non-selfsigned-uid user.asc gpg: enabled debug flags: memstat Version: BCPG v1.33 gpg: armor header: gpg: pub 0s/AA58AC4E 2013-06-11 gpg: key AA58AC4E: unsupported public key algorithm on user ID "xxx" gpg: key AA58AC4E: unsupported public key algorithm gpg: key AA58AC4E: accepted non self-signed user ID "xxx" gpg: key AA58AC4E: skipped subkey gpg: using PGP trust model gpg: Invalid key AA58AC4E made valid by --allow-non-selfsigned-uid gpg: key AA58AC4E: public key "xxx " imported gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1) gpg: 26 keys cached (157 signatures) gpg: 23 keys processed (33 validity counts cleared) gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model gpg: Invalid key AA58AC4E made valid by --allow-non-selfsigned-uid gpg: depth: 0 valid: 7 signed: 13 trust: 0-, 0q, 0n, 0m, 0f, 7u gpg: Invalid key AA58AC4E made valid by --allow-non-selfsigned-uid gpg: depth: 1 valid: 13 signed: 0 trust: 13-, 0q, 0n, 0m, 0f, 0u gpg: next trustdb check due at 2042-08-02 random usage: poolsize=600 mixed=0 polls=0/0 added=0/0 outmix=0 getlvl1=0/0 getlvl2=0/0 secmem usage: 0/32768 bytes in 0 blocks The key sentence is gpg: Invalid key AA58AC4E made valid by --allow-non-selfsigned-uid So where is it specified that a key has to be self-signed? Cheers/Axel -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: From johanw at vulcan.xs4all.nl Wed Aug 14 11:22:47 2013 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Wed, 14 Aug 2013 11:22:47 +0200 Subject: self signed keys In-Reply-To: <34423965.aj30gue6I4@t520.axxite.internal> References: <5244710.Rkx2xRVkLn@t520.axxite.internal> <520B3A3E.70604@vulcan.xs4all.nl> <34423965.aj30gue6I4@t520.axxite.internal> Message-ID: <520B4C67.4030409@vulcan.xs4all.nl> On 14-08-2013 11:09, Axel Braun wrote: >> AFAIK it is not required, just common practice. > > Really? I recently had a key which I was unable to import due to missing self- > signature. Just with the option --allow-non-selfsigned-uid it was possible GnuPG can be picky about trust issues but that's no requirement. -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From wk at gnupg.org Wed Aug 14 11:24:08 2013 From: wk at gnupg.org (Werner Koch) Date: Wed, 14 Aug 2013 11:24:08 +0200 Subject: self signed keys In-Reply-To: <34423965.aj30gue6I4@t520.axxite.internal> (Axel Braun's message of "Wed, 14 Aug 2013 11:09:45 +0200") References: <5244710.Rkx2xRVkLn@t520.axxite.internal> <520B3A3E.70604@vulcan.xs4all.nl> <34423965.aj30gue6I4@t520.axxite.internal> Message-ID: <871u5wbp6v.fsf@vigenere.g10code.de> On Wed, 14 Aug 2013 11:09, axel.braun at gmx.de said: > So where is it specified that a key has to be self-signed? The self-signature binds the user id to the actual key. Thus it is necessary to have a self-signature. The OpenPGP standard does not specify any trust model but merely specifies methods which can be used to implement a trust model. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From hhhobbit at securemecca.net Wed Aug 14 11:55:41 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Wed, 14 Aug 2013 09:55:41 +0000 Subject: self signed keys In-Reply-To: <5244710.Rkx2xRVkLn@t520.axxite.internal> References: <5244710.Rkx2xRVkLn@t520.axxite.internal> Message-ID: <520B541D.6030603@securemecca.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 08/14/2013 07:47 AM, Axel Braun wrote: > Hi, > > one (stupid?) question: > > Where is the requirement to sign your own key documented? I had a > look into RFC 4880 but could not spot the requirement there. > > Thanks for clarifying.... Axel There is no such requirement. Your own keys are trusted automatically with ultimate trust when you create them. You can stop reading now. It is basically a requirement for any key to be signed to be able to use it in any meaningful way. If it isn't signed and given some sort of level of trust it cannot be used to verify either a clear-sign or detached-signature. I never thought about attempting to encipher using PK enciphering using somebody else's public key without signing it but look at RFC 4880 for what it says about that. It is just that signing and verifying is what I do most. No trust for a key means no way to have meaningful verification. You do not not need to sign your own key. The reason why is because when you generate your key, it has an entry for it that is automatically added to the trustdb with ULTIMATE trust. If it wasn't this way then you would have a chicken versus egg problem. You couldn't sign or lsign anybody else's key using your private / secret key because your own key wasn't trusted. But if you try to sign your own key with your own key ... you can't. You need a key with ultimate trust to be used to sign other keys with varying levels of trust in that key. So your own keys automatically have ultimate trust when they are created. If you cannot trust yourself to be yourself then maybe you have MPD and need an eminent brain specialist's help. Either that or you need to generate your revocation and revoke your keys. But that is more of a statement that you think somebody may have your keys + pass-phrase than something about yourself. HHH -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJSC1QcAAoJEMhFIk/IOUbwnUUH/jYHlu6PC1CLWuZUWN7C83pu 37F7wF9fNRqoi1DVHpYN6reZ4WUI8PxpZdeTQL1UTZRT2m9eAnmYYZV4yASHBnm9 NfAebZJLuxWTs6McDcHZdN4Ruw/xiK+fdMMDpR3sTgoP5XNuHwzFWkKy16D7eAkD RicZ4gyib69WO/2kM+3vnJOMUY1uUe1T/sWh6YGBzXjBvqrNgoTsQxGj4C/B+aC5 MGFqaH4IN3wGziodm75kfSs7iWpUCHaaR3ZZLrLIXj3oB+QRI3ykhYtyKgZtWLP+ o9lS/enpF2O+f52V0pBdXzlJLtqOcRcwzQ1pwB1KUsW3lsZEWLhefMQGrB7ToQI= =P2lk -----END PGP SIGNATURE----- From hhhobbit at securemecca.net Wed Aug 14 12:06:59 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Wed, 14 Aug 2013 10:06:59 +0000 Subject: Can I create domain keys? In-Reply-To: <520B40C3.4030508@vulcan.xs4all.nl> References: <1376451394.71981.YahooMailNeo@web163905.mail.gq1.yahoo.com> <520B40C3.4030508@vulcan.xs4all.nl> Message-ID: <520B56C3.4090404@securemecca.net> On 08/14/2013 08:33 AM, Johan Wevers wrote: > On 14-08-2013 5:36, Foo Bar wrote: > >> I would like to create a domain key, which can be used for all >> emails in a particular domain. For example, if the key is for >> "*@example.com", then sending to both "foo at example.com" and > "bar at example.com" >> would use this key. >> >> Is this possible with GPG? > > You can use each key for each mail, your sender address doesn't have to > be the address in the key. > I am not saying you are wrong because I don't know. But it does seem dangerous from a real world practical point of view. Should I really be able to send a message pretending to come from herrprofessor at monsters.edu when I am really just a visitor to the University being awarded an Honery degree? Part of that was being given a hhhobbit at monsters.edu email account since all people granted a Ph.D. are also given an email account that they can use until they are dead unless they ask that it be closed down. BTW, it is really monsters.com, not monsters.edu. HHH From wk at gnupg.org Wed Aug 14 12:47:45 2013 From: wk at gnupg.org (Werner Koch) Date: Wed, 14 Aug 2013 12:47:45 +0200 Subject: self signed keys In-Reply-To: <520B4C67.4030409@vulcan.xs4all.nl> (Johan Wevers's message of "Wed, 14 Aug 2013 11:22:47 +0200") References: <5244710.Rkx2xRVkLn@t520.axxite.internal> <520B3A3E.70604@vulcan.xs4all.nl> <34423965.aj30gue6I4@t520.axxite.internal> <520B4C67.4030409@vulcan.xs4all.nl> Message-ID: <87wqnoa6r2.fsf@vigenere.g10code.de> On Wed, 14 Aug 2013 11:22, johanw at vulcan.xs4all.nl said: > GnuPG can be picky about trust issues but that's no requirement. It is not only about trust. The self-signature conveys more information, for example algorithm preferences. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From mailinglisten at hauke-laging.de Wed Aug 14 16:10:19 2013 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Wed, 14 Aug 2013 16:10:19 +0200 Subject: self signed keys In-Reply-To: <520B541D.6030603@securemecca.net> References: <5244710.Rkx2xRVkLn@t520.axxite.internal> <520B541D.6030603@securemecca.net> Message-ID: <2243349.GZoB2q0K8L@inno.berlin.laging.de> Am Mi 14.08.2013, 09:55:41 schrieb Henry Hertz Hobbit: > There is no such requirement. Your own keys are trusted > automatically with ultimate trust when you create them. You > can stop reading now. This sounds like the usual mix-up of (certification) trust and validity. > You do not not need to sign your own key. The reason why is > because when you generate your key, it has an entry for it > that is automatically added to the trustdb with ULTIMATE trust. I just checked that. Surprisingly gpg shows non-selfsigned UIDs of ultimately trusted keys as valid. Doesn't make sense IMHO (as trust refers to the mainkey itself and not to the UIDs) but this is a very special case thus I am not sure whether this behaviour is intentional or rather coincidental. But: What is the argument for not self-signing a key? > If it wasn't this way then you would have a chicken versus egg > problem. You couldn't sign or lsign anybody else's key > using your private / secret key because your own key wasn't > trusted. You could. You just wouldn't make them valid by it. :-) (unless they are valid by other means and have marginal or complete trust). > If you cannot trust yourself to be yourself then maybe you have > MPD and need an eminent brain specialist's help. One more mix-up of validity (=to "be" someone) and trust (assumes quality of certifications). You may create an unsecure test key (quite probably that you already have). There is absolutely no reason to assign positive certification trust to an insecure key, no matter how sure you are about the identity of the creator. Hauke -- Crypto f?r alle: http://www.openpgp-schulungen.de/fuer/bekannte/ OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 572 bytes Desc: This is a digitally signed message part. URL: From me at janeden.net Wed Aug 14 12:17:36 2013 From: me at janeden.net (Jan Eden) Date: Wed, 14 Aug 2013 12:17:36 +0200 Subject: Can I create domain keys? In-Reply-To: <520B56C3.4090404@securemecca.net> References: <1376451394.71981.YahooMailNeo@web163905.mail.gq1.yahoo.com> <520B40C3.4030508@vulcan.xs4all.nl> <520B56C3.4090404@securemecca.net> Message-ID: <20130814101736.GA714@mcm-eden.verw.uni-koeln.de> On Wed, Aug 14, 2013 at 10:06:59AM +0000, Henry Hertz Hobbit wrote: > On 08/14/2013 08:33 AM, Johan Wevers wrote: > > On 14-08-2013 5:36, Foo Bar wrote: > > > >> I would like to create a domain key, which can be used for all > >> emails in a particular domain. For example, if the key is for > >> "*@example.com", then sending to both "foo at example.com" and > > "bar at example.com" > >> would use this key. > >> > >> Is this possible with GPG? > > > > You can use each key for each mail, your sender address doesn't have to > > be the address in the key. > > > > I am not saying you are wrong because I don't know. But it does > seem dangerous from a real world practical point of view. > Should I really be able to send a message pretending to come > from herrprofessor at monsters.edu when I am really just a visitor > to the University being awarded an Honery degree? Part of that > was being given a hhhobbit at monsters.edu email account since > all people granted a Ph.D. are also given an email account that > they can use until they are dead unless they ask that it be > closed down. I can always create a key for herrprofessor at monsters.edu and send messages from this address signed with the key. But if I do not control the domain (or at least a mailbox associated with the address), I will never receive replies to my forged messages. - Jan -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 833 bytes Desc: not available URL: From mwood at IUPUI.Edu Wed Aug 14 16:50:35 2013 From: mwood at IUPUI.Edu (Mark H. Wood) Date: Wed, 14 Aug 2013 10:50:35 -0400 Subject: Can I create domain keys? In-Reply-To: <520B56C3.4090404@securemecca.net> References: <1376451394.71981.YahooMailNeo@web163905.mail.gq1.yahoo.com> <520B40C3.4030508@vulcan.xs4all.nl> <520B56C3.4090404@securemecca.net> Message-ID: <20130814145035.GD10942@IUPUI.Edu> On Wed, Aug 14, 2013 at 10:06:59AM +0000, Henry Hertz Hobbit wrote: > On 08/14/2013 08:33 AM, Johan Wevers wrote: > > On 14-08-2013 5:36, Foo Bar wrote: > > > >> I would like to create a domain key, which can be used for all > >> emails in a particular domain. For example, if the key is for > >> "*@example.com", then sending to both "foo at example.com" and > > "bar at example.com" > >> would use this key. > >> > >> Is this possible with GPG? > > > > You can use each key for each mail, your sender address doesn't have to > > be the address in the key. > > > > I am not saying you are wrong because I don't know. But it does > seem dangerous from a real world practical point of view. > Should I really be able to send a message pretending to come > from herrprofessor at monsters.edu when I am really just a visitor > to the University being awarded an Honery degree? Part of that > was being given a hhhobbit at monsters.edu email account since > all people granted a Ph.D. are also given an email account that > they can use until they are dead unless they ask that it be > closed down. How could you successfully pretend to be herrprofessor when your signature (the only mechanically verifiable attribute of the message) says hhhobbit? The signature doesn't say anything about what the message means or from where it was sent, only that someone controlling a given key bound the text to himself. Like those political ad.s ending with "I'm John Q. Candidate and I approved this message," we don't learn anything about the truth of the message, only that someone recognizable is willing to stake his reputation on getting us to believe it. I would interpret the signature as an explicit denial that the sender was someone other than the holder of that key. Now, if I knew that herrprofessor and hhhobbit are the same person, then I wouldn't think it very strange to see the two identities mingled. It would depend on how I have known him to use his identities. But if they are the same person, then what harm? I try to keep my personal and professional identities distinct, but some people don't. -- Mark H. Wood, Lead System Programmer mwood at IUPUI.Edu Machines should not be friendly. Machines should be obedient. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From mwood at IUPUI.Edu Wed Aug 14 17:01:32 2013 From: mwood at IUPUI.Edu (Mark H. Wood) Date: Wed, 14 Aug 2013 11:01:32 -0400 Subject: Can I create domain keys? In-Reply-To: <20130814101736.GA714@mcm-eden.verw.uni-koeln.de> References: <1376451394.71981.YahooMailNeo@web163905.mail.gq1.yahoo.com> <520B40C3.4030508@vulcan.xs4all.nl> <520B56C3.4090404@securemecca.net> <20130814101736.GA714@mcm-eden.verw.uni-koeln.de> Message-ID: <20130814150132.GE10942@IUPUI.Edu> On Wed, Aug 14, 2013 at 12:17:36PM +0200, Jan Eden wrote: > On Wed, Aug 14, 2013 at 10:06:59AM +0000, Henry Hertz Hobbit wrote: > > On 08/14/2013 08:33 AM, Johan Wevers wrote: > > > On 14-08-2013 5:36, Foo Bar wrote: > > > > > >> I would like to create a domain key, which can be used for all > > >> emails in a particular domain. For example, if the key is for > > >> "*@example.com", then sending to both "foo at example.com" and > > > "bar at example.com" > > >> would use this key. > > >> > > >> Is this possible with GPG? > > > > > > You can use each key for each mail, your sender address doesn't have to > > > be the address in the key. > > > > > > > I am not saying you are wrong because I don't know. But it does > > seem dangerous from a real world practical point of view. > > Should I really be able to send a message pretending to come > > from herrprofessor at monsters.edu when I am really just a visitor > > to the University being awarded an Honery degree? Part of that > > was being given a hhhobbit at monsters.edu email account since > > all people granted a Ph.D. are also given an email account that > > they can use until they are dead unless they ask that it be > > closed down. > > I can always create a key for herrprofessor at monsters.edu and send > messages from this address signed with the key. But if I do not control > the domain (or at least a mailbox associated with the address), I will > never receive replies to my forged messages. I see I am insufficiently devious. I was assuming that the message was signed with hhhobbit's key, not a forged key. Now there are two possibilities. If Herr Professor has no PGP key or has never used it, then the signature has no reputation and should be verified out-of-band. Otherwise, there are now two keys asserting that address and not linked by cross-signatures. Suspicious, verify out-of-band. It seems unduly risky. Traditional methods of forgery try to bury one identity under another, but forging PK certificates *asserts* a new identity. It feels to me like making too much noise -- it attracts attention just when and where the forger wants to *deflect* attention. -- Mark H. Wood, Lead System Programmer mwood at IUPUI.Edu Machines should not be friendly. Machines should be obedient. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From expires2013 at ymail.com Wed Aug 14 23:19:16 2013 From: expires2013 at ymail.com (MFPA) Date: Wed, 14 Aug 2013 22:19:16 +0100 Subject: Can I create domain keys? In-Reply-To: <1376451394.71981.YahooMailNeo@web163905.mail.gq1.yahoo.com> References: <1376451394.71981.YahooMailNeo@web163905.mail.gq1.yahoo.com> Message-ID: <14010201589.20130814221916@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Wednesday 14 August 2013 at 4:36:34 AM, in , Foo Bar wrote: > I would like to create a domain key, > which can be used > for all emails in a particular domain. For example, if > the key is for "*@example.com", then sending to both > "foo at example.com" and "bar at example.com" would use this > key. > Is this possible with GPG? You can create a key with whatever information you wish to put in the user-id(s), truthful or otherwise. You can encrypt a message to any key you choose, regardless of whether the information in the key's user-id matches the name or email address of the person you are trying to contact. A key identifying itself as connected to the email address "*@example.com" rather than "foo at example.com" may be missed when an email program passes "foo at example.com" to GnuPG as the search string for an encryption key (and when GnuPG passes the string to a keyserver). And a user-id containing the email tally "*@example.com" may reduce your ability to participate in the web of trust. People who sign each a user-id individually and then send the key in an encrypted message to the email address in that user-id cannot send you their certification. - -- Best regards MFPA mailto:expires2013 at ymail.com Live your life as though every day it was your last. -----BEGIN PGP SIGNATURE----- iQCVAwUBUgv0X6ipC46tDG5pAQq+mQP8CdqRujnRMI0KrvWvdTT3x941Ne9Xscyx u2KWgc6Bx3iGFGJz5wpsTo5lif74iezLQ9VXRr/KpSBEh+mYyNS1L4VTSS8Tc4VI DAZaZniLJOdGmKpm3bu5M/OtlX7hk+w5D5CKKk4qqO0YALtabmq9kHTZ9JI5w/gD 3S69AmZ9QEc= =YZa7 -----END PGP SIGNATURE----- From foobar3001 at yahoo.com Thu Aug 15 00:56:10 2013 From: foobar3001 at yahoo.com (Foo Bar) Date: Wed, 14 Aug 2013 15:56:10 -0700 (PDT) Subject: Can I create domain keys? In-Reply-To: <14010201589.20130814221916@my_localhost> References: <1376451394.71981.YahooMailNeo@web163905.mail.gq1.yahoo.com> <14010201589.20130814221916@my_localhost> Message-ID: <1376520970.16178.YahooMailNeo@web163905.mail.gq1.yahoo.com> Hello! Thank you for your response. Some comments inline... ----- Original Message ----- > From: MFPA > > You can create a key with whatever information you wish to put in the > user-id(s), truthful or otherwise. I have tried to enter a "wildcard email" when gpg asked me for the email address during key generation. I tried "example.com", "@example.com" and "*@example.com", but all of them were rejected with 'Not a valid email address'. Is there a special syntax I should use? > A key identifying itself as connected to the email address > "*@example.com" rather than "foo at example.com" may be missed > when an > email program passes "foo at example.com" to GnuPG as the search string > for an encryption key (and when GnuPG passes the string to a > keyserver). I think the point you just made is the relevant one: Even if I would be able to create a key with a "wildcard email" associated with it, would the email client plugins, such as Enigmail, be able to deal with it? I guess that's a question for the Enigmail developers, once I figure out how to generate a key with a wildcard email via gpg. Thank you! From hhhobbit at securemecca.net Thu Aug 15 04:46:20 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Thu, 15 Aug 2013 02:46:20 +0000 Subject: Can I create domain keys? In-Reply-To: <1376520970.16178.YahooMailNeo@web163905.mail.gq1.yahoo.com> References: <1376451394.71981.YahooMailNeo@web163905.mail.gq1.yahoo.com> <14010201589.20130814221916@my_localhost> <1376520970.16178.YahooMailNeo@web163905.mail.gq1.yahoo.com> Message-ID: <520C40FC.7050307@securemecca.net> On 08/14/2013 10:56 PM, Foo Bar wrote: > > Hello! > > Thank you for your response. Some comments inline... > > ----- Original Message ----- >> From: MFPA >> >> You can create a key with whatever information you wish to >> put in the user-id(s), truthful or otherwise. > > I have tried to enter a "wildcard email" when gpg asked me for > the email address during key generation. I tried "example.com", > "@example.com" and "*@example.com", but all of them were > rejected with 'Not a valid email address'. Is there a special > syntax I should use? As I pointed out before with my example using monsters.edu, making a wildcard email for a domain is fraught with abuse peril to the maximum. How many users do you need to include at a given domain? If somebody asked me to sign such a key as part of the WOT I wouldn't sign it. OTOH, if you have a half dozen or so email addresses at that domain you can add a UID for each and every one of the email addresses to your key. There will be more on those email addresses in a moment. But I would ask questions why you need so many email addresses at the same domain for a given key. Any more than 2-3 email addresses would be very suspicious. >> A key identifying itself as connected to the email address >> "*@example.com" rather than "foo at example.com" may be missed >> when an >> email program passes "foo at example.com" to GnuPG as the search >> string for an encryption key (and when GnuPG passes the >> string to a keyserver). > > I think the point you just made is the relevant one: Even if I > would be able to create a key with a "wildcard email" > associated with it, would the email client plugins, such as > Enigmail, be able to deal with it? I guess that's a question > for the Enigmail developers, once I figure out how to generate > a key with a wildcard email via gpg. I hope you cannot do it. If I was writing the code you would need something that had a valid TLD on the end and valid alpha-numeric and optional one "-" at time for the hostname. In front of the @HOSTNAME you should only be able to have user names that are alphanumeric with what ever other characters (thinking of other character sets for other languages) but SOMETHING has to be there for the user at that domain. I don't think you have thought this through carefully though. I realize some people stupidly put all of their email accounts into one folder in Thunderbird. NOT ME! Each email account gets its own separate set of folders and I have Local Folders which accept no email so I can move email messages from the account folders into the Local area if I need to save those messages. If you have a half dozen POP/IMAP email accounts, not giving each email account its own set of folders can complicate things terribly with no end of the confusion in sight. Even with just two email accounts things can get complicated in a hurry. What do you do if one of the email accounts is closed down? I just delete that set of folders. Now we come to Enigmail. If you use the separate email accounts the way I said you should, you can actually have multiple keys for all of the email addresses. The reason why is Enigmail in Thunderbird provides a way to specify it manually for each and every email account: http://www.securemecca.com/public/GnuPG/ http://www.securemecca.com/public/GnuPG/EnigMailSettings.jpg You cannot see it but I add a UID for every email account I am going to use with my key and then just let Enigmail find the appropriate key for the email address. I could also do it with a one key fits all with a default-key in the gpg.conf file. But how are you going to say use only this key with ALL of my email accounts in Enigmail if you don't have specific email folders but dump all of them in one common folder? You also could investigate a group names to resolve the problems you will have. But this is getting so scary with so many email addresses I am beginning to believe you will have a goulash mess in just Thunderbird alone without adding Enigmail to the mix. A wise man once said: "Make every system as simple as possible but no simpler." I may contend his saying that gravity is not a force at all but just a warping of the time-space curve may be a little bit too simple. But saying gravity isn't a force (if gravity isn't a force why is almost every galaxy a spiral?) or me saying it may still be a force and the discussions thereof are simple compared to what you are attempting to do. In fact what you are attempting to do is giving me a class A migraine headache. Who was the man that made the statement about how systems should not be too complex? Albert Einstein. If you are smarter than him flail away. My low IQ is now going to be involved in watching the NOVS program on a member of the Cephalopod family called the Cuttlefish and after it a program on the new ALMA telescope system being created on the Atacama plateau. If I was really brilliant I would be one of the technicians on-site keeping these telescopes working proparly. But I think either the Canary Islands or the big Island of Hawaii would be nice places to be. I have lived most of my life above 1500 meters so I can handle the altitude. But the Atacama in Chile is a really desolate piece of real estate. I wonder how they handle the dust storms in a place that gets less than 3 cm of rainfall per year> HHH From ix4svs at gmail.com Thu Aug 15 09:45:06 2013 From: ix4svs at gmail.com (ix4svs at gmail.com) Date: Thu, 15 Aug 2013 08:45:06 +0100 Subject: key management & APG In-Reply-To: <171951410.JoHOkf7hK8@inno.berlin.laging.de> References: <171951410.JoHOkf7hK8@inno.berlin.laging.de> Message-ID: On 3 August 2013 13:51, Hauke Laging wrote: > Am Sa 03.08.2013, 12:16:56 schrieb ix4svs at gmail.com: > > > On 30 July 2013 22:30, wrote: > > > > I only need one GPG identity for now. I also use GPG on devices of two > > > classes: "Secure" and "insecure". I would like to take some operational > > > security (OPSEC) precautions to minimize my pain when my insecure > devices > > > get compromised. > > You should consider using two keys for the same identity and very obviously > give them different security levels. IMHO that's what we all are going to > do > in five years. > > Then the sender can decide how confidential the information is (or how > reliable the signature must be). > > > > > 2. Export the full keyring and keep it somewhere safe (on a few offline > > > systems). > > There is no need to export the keyring. Just export the whole key: > > gpg --armor --export-secret-keys 0x12345678 > 0x12345678.secret-mainkey.asc > > export the subkeys only > > gpg --armor --export-secret-subkeys 0x12345678 > > 0x12345678.secret-subkeys.asc > > delete the secret keys > > gpg --delete-secret-key 0x12345678 > > and import the subkeys only > > gpg --import 0x12345678.secret-subkeys.asc > > > It's not important where you store the offline mainkey. You may even put > it on > your web site. Just make sure that your passphrase is cryptografically safe > (16+ chars [a-zA-Z0-9] and never entered on an insecure system). > > Thanks, this is what I was looking for. I have this setup now and it appears to work fine. But with this setup it seems like the process to sign someone else's keys (which needs to be done with the offline mainkey) will be complicated. How would I do that? Alex -------------- next part -------------- An HTML attachment was scrubbed... URL: From dougb at dougbarton.us Thu Aug 15 10:14:55 2013 From: dougb at dougbarton.us (Doug Barton) Date: Thu, 15 Aug 2013 01:14:55 -0700 Subject: Can I create domain keys? In-Reply-To: <1376451394.71981.YahooMailNeo@web163905.mail.gq1.yahoo.com> References: <1376451394.71981.YahooMailNeo@web163905.mail.gq1.yahoo.com> Message-ID: <520C8DFF.8080705@dougbarton.us> On 08/13/2013 08:36 PM, Foo Bar wrote: > > Hello! > > I would like to create a domain key, which can be used for all emails in a particular domain. For example, if the key is for "*@example.com", then sending to both "foo at example.com" and "bar at example.com" would use this key. > > Is this possible with GPG? As others have pointed out, you _can_ do this, there is nothing to prevent it. If your real question is, "Will most mail software automatically recognize that mail to @example.com should use this key?" The answer is almost certainly, "Not by default." Most popular mail tools can be configured to do so, but if you're looking for a solution that will work "out of the box" this almost certainly isn't it. hope this helps, Doug From sbonda at advance-medical.com Wed Aug 14 22:30:26 2013 From: sbonda at advance-medical.com (Steven Bonda) Date: Wed, 14 Aug 2013 16:30:26 -0400 Subject: No secret key on 1 file Message-ID: <0dc401ce992d$1d3b80e0$57b282a0$@advance-medical.com> Hello, I'm trying to decrypt a series of PGP files with GPG. When I run the following command: Gpg2 -batch -passphrase pass -o c:\temp\temp.txt -d c:\temp\file.pgp I get the error: gpg: encrypted with RSA key, ID 727A253D gpg: decryption failed: No secret key If I use PGP Zip with the same keyring, I am able to decrypt the file. When I try to re-import the public keyring with command: Gpg2 -import \pubring.skr I get: gpg: Key A328FC0E: not changed gpg: Total number processed: 1 gpg: unchanged: 1 When I try to re-import the secret ring with command: Gpg2 -import \secring.skr I get: gpg: key A328FC0E: already in secret keyring gpg: Total number processed: 1 gpg: secret keys read: 1 gpg: secret keys unchanged: 1 Hoping someone can point me in the right direction. Thanks in advance, -- Steve -------------- next part -------------- An HTML attachment was scrubbed... URL: From expires2013 at ymail.com Thu Aug 15 21:57:42 2013 From: expires2013 at ymail.com (MFPA) Date: Thu, 15 Aug 2013 20:57:42 +0100 Subject: Can I create domain keys? In-Reply-To: <1376520970.16178.YahooMailNeo@web163905.mail.gq1.yahoo.com> References: <1376451394.71981.YahooMailNeo@web163905.mail.gq1.yahoo.com> <14010201589.20130814221916@my_localhost> <1376520970.16178.YahooMailNeo@web163905.mail.gq1.yahoo.com> Message-ID: <345530551.20130815205742@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Wednesday 14 August 2013 at 11:56:10 PM, in , Foo Bar wrote: > I have tried to enter a "wildcard email" when gpg asked > me for the email address during key generation. I tried > "example.com", "@example.com" and "*@example.com", but > all of them were rejected with 'Not a valid email > address'. Is there a special syntax I should use? gpg --allow-freeform-uid --gen-key > I think the point you just made is the relevant one: > Even if I would be able to create a key with a > "wildcard email" associated with it, would the email > client plugins, such as Enigmail, be able to deal with > it? As Doug has already said, not by default. Some email clients or plugins (such as Thunderbird/Enigmail) allow you to define which key to use when encrypting to a particular email address, others (such as The Bat!) do not. A user who cannot configure their email software in this way could instead define group lines in their gpg.conf file along the lines of group = <@example.com> or group = or group = or group = 0xDECAFBAD - -- Best regards MFPA mailto:expires2013 at ymail.com Dreams come true on this side of the Rainbow too! -----BEGIN PGP SIGNATURE----- iQCVAwUBUg0yyKipC46tDG5pAQqwPAP+Jy4E3doG2AmCuYcGJVAL9Hh6nrsDeWF3 Gn+BrVBFoCOIbEqs96jOhee2EGTrKL2QPKqdYQFBDdKb2/QiCzUzxzsHIsYqpp6n WsD1pRmNovMnJxWrsjvQ4t3jKdaCkDG+CdGjiQskV6UYkmyelM4ACKBoyKGo0tcv RiRVGXc6LBI= =pnR1 -----END PGP SIGNATURE----- From foobar3001 at yahoo.com Fri Aug 16 05:22:32 2013 From: foobar3001 at yahoo.com (Foo Bar) Date: Thu, 15 Aug 2013 20:22:32 -0700 (PDT) Subject: Can I create domain keys? In-Reply-To: <520C8DFF.8080705@dougbarton.us> References: <1376451394.71981.YahooMailNeo@web163905.mail.gq1.yahoo.com> <520C8DFF.8080705@dougbarton.us> Message-ID: <1376623352.63805.YahooMailNeo@web163903.mail.gq1.yahoo.com> Hello Doug, Thank you for the answer! ----- Original Message ----- >> Is this possible with GPG? > > As others have pointed out, you _can_ do this, there is nothing to > prevent it. Strangely, though, I still don't know how. I tried it with the gpg command line tool, but that didn't seem to accept any sort of wildcard syntax. Is there one that I am not aware of? ? > If your real question is, "Will most mail software automatically > recognize that mail to @example.com should use this key?" The? > answer is almost certainly, "Not by default." Most popular mail tools > can be configured to do so, but if you're looking for a solution that > will work "out of the box" this almost certainly isn't it. Yes, that is possibly the bigger issue. From foobar3001 at yahoo.com Fri Aug 16 05:25:18 2013 From: foobar3001 at yahoo.com (Foo Bar) Date: Thu, 15 Aug 2013 20:25:18 -0700 (PDT) Subject: Can I create domain keys? In-Reply-To: <345530551.20130815205742@my_localhost> References: <1376451394.71981.YahooMailNeo@web163905.mail.gq1.yahoo.com> <14010201589.20130814221916@my_localhost> <1376520970.16178.YahooMailNeo@web163905.mail.gq1.yahoo.com> <345530551.20130815205742@my_localhost> Message-ID: <1376623518.27938.YahooMailNeo@web163906.mail.gq1.yahoo.com> Hello! Sorry, I had not read this response yet when I wrote my previous email. Obviously, here is the answer on how to create a free-form UID for the key. Thank you! ----- Original Message ----- > From: MFPA > To: Foo Bar on GnuPG-Users > Cc: Foo Bar > Sent: Friday, 16 August 2013 7:57 AM > Subject: Re: Can I create domain keys? > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Hi > > > On Wednesday 14 August 2013 at 11:56:10 PM, in > , Foo > Bar wrote: > > > >> I have tried to enter a "wildcard email" when gpg asked >> me for the email address during key generation. I tried >> "example.com", "@example.com" and > "*@example.com", but >> all of them were rejected with 'Not a valid email >> address'. Is there a special syntax I should use? > > gpg --allow-freeform-uid --gen-key > > > >> I think the point you just made is the relevant one: >> Even if I would be able to create a key with a >> "wildcard email" associated with it, would the email >> client plugins, such as Enigmail, be able to deal with >> it? > > As Doug has already said, not by default. Some email clients or > plugins (such as Thunderbird/Enigmail) allow you to define which key > to use when encrypting to a particular email address, others (such as > The Bat!) do not. > > A user who cannot configure their email software in this way could > instead define group lines in their gpg.conf file along the lines of > > ? ? group = <@example.com> > or > ? ? group = > or > ? ? group = > or > ? ? group = 0xDECAFBAD > > > - -- > Best regards > > MFPA? ? ? ? ? ? ? ? ? ? mailto:expires2013 at ymail.com > > Dreams come true on this side of the Rainbow too! > -----BEGIN PGP SIGNATURE----- > > iQCVAwUBUg0yyKipC46tDG5pAQqwPAP+Jy4E3doG2AmCuYcGJVAL9Hh6nrsDeWF3 > Gn+BrVBFoCOIbEqs96jOhee2EGTrKL2QPKqdYQFBDdKb2/QiCzUzxzsHIsYqpp6n > WsD1pRmNovMnJxWrsjvQ4t3jKdaCkDG+CdGjiQskV6UYkmyelM4ACKBoyKGo0tcv > RiRVGXc6LBI= > =pnR1 > -----END PGP SIGNATURE----- > From wk at gnupg.org Fri Aug 16 11:50:34 2013 From: wk at gnupg.org (Werner Koch) Date: Fri, 16 Aug 2013 11:50:34 +0200 Subject: No secret key on 1 file In-Reply-To: <0dc401ce992d$1d3b80e0$57b282a0$@advance-medical.com> (Steven Bonda's message of "Wed, 14 Aug 2013 16:30:26 -0400") References: <0dc401ce992d$1d3b80e0$57b282a0$@advance-medical.com> Message-ID: <87a9ki7ymt.fsf@vigenere.g10code.de> On Wed, 14 Aug 2013 22:30, sbonda at advance-medical.com said: > When I run the following command: > > Gpg2 -batch -passphrase pass -o c:\temp\temp.txt -d c:\temp\file.pgp I assume you used Gpg2 --batch --passphrase pass -o c:\temp\temp.txt -d c:\temp\file.pgp That is two dashes for the long options. --passphrase does not work with gpg2. You will be asked by a pop-up Window for the passphrase. That requires that GnuPG has been fully installed. What version are you using. Did you used a Gpg4win installer? If you are using the command line you may want to add the option -v to see more diagnostics. If you are not using the latest gpg2 version it is possible that the imported secret hast been protected using the IDEA algorithms which - for patent reason was not support by older GnuPG versions. You need at least GnuPG 2.020 and Libgcrypt 1.5.2. Running gpg2 --version shows the the GnuPG and Libgcrypt version. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From nicholas.cole at gmail.com Fri Aug 16 13:10:21 2013 From: nicholas.cole at gmail.com (Nicholas Cole) Date: Fri, 16 Aug 2013 12:10:21 +0100 Subject: [Announce] [security fix] GnuPG 1.4.14 released In-Reply-To: References: <8738r37x5c.fsf@vigenere.g10code.de> Message-ID: Cancel that. My fault ... I'd missed that I had some old libraries installed. -------------- next part -------------- An HTML attachment was scrubbed... URL: From nicholas.cole at gmail.com Fri Aug 16 12:54:59 2013 From: nicholas.cole at gmail.com (Nicholas Cole) Date: Fri, 16 Aug 2013 11:54:59 +0100 Subject: [Announce] [security fix] GnuPG 1.4.14 released In-Reply-To: References: <8738r37x5c.fsf@vigenere.g10code.de> Message-ID: On Fri, Jul 26, 2013 at 2:40 AM, Richard Outerbridge wrote: > Werner: > > No problems. > > MacBookPro9,1; Mountain Lion OS X 10.8.4 (12E55) > Xcode 4.6.3 > __outer > For some reason I get the following error when trying to build on Mountain Lion OS X: gcc -g -O2 -Wall -Wno-pointer-sign -o gpg gpg.o build-packet.o compress.o compress-bz2.o free-packet.o getkey.o keydb.o keyring.o seskey.o kbnode.o mainproc.o armor.o mdfilter.o textfilter.o progress.o misc.o openfile.o keyid.o parse-packet.o status.o plaintext.o sig-check.o keylist.o signal.o cardglue.o tlv.o card-util.o app-openpgp.o iso7816.o apdu.o ccid-driver.o pkclist.o skclist.o pubkey-enc.o passphrase.o seckey-cert.o encr-data.o cipher.o encode.o sign.o verify.o revoke.o decrypt.o keyedit.o dearmor.o import.o export.o trustdb.o tdbdump.o tdbio.o delkey.o keygen.o pipemode.o helptext.o keyserver.o photoid.o exec.o ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a -liconv -lresolv ../intl/libintl.a -liconv -Wl,-framework -Wl,CoreFoundation -lz -lbz2 -L/sw/lib -lusb -Wl,-framework,IOKit -Wl,-framework,CoreFoundation -Wl,-prebind Undefined symbols for architecture x86_64: "_iconv", referenced from: _utf8_to_native in libutil.a(strgutil.o) _native_to_utf8 in libutil.a(strgutil.o) __nl_find_msg in libintl.a(dcigettext.o) "_iconv_close", referenced from: _utf8_to_native in libutil.a(strgutil.o) _native_to_utf8 in libutil.a(strgutil.o) _set_native_charset in libutil.a(strgutil.o) "_iconv_open", referenced from: _utf8_to_native in libutil.a(strgutil.o) _native_to_utf8 in libutil.a(strgutil.o) _set_native_charset in libutil.a(strgutil.o) __nl_find_msg in libintl.a(dcigettext.o) ld: symbol(s) not found for architecture x86_64 collect2: ld returned 1 exit status make[2]: *** [gpg] Error 1 make[1]: *** [all-recursive] Error 1 make: *** [all] Error 2 -------------- next part -------------- An HTML attachment was scrubbed... URL: From sbonda at advance-medical.com Fri Aug 16 14:56:35 2013 From: sbonda at advance-medical.com (Steven Bonda) Date: Fri, 16 Aug 2013 08:56:35 -0400 Subject: No secret key on 1 file In-Reply-To: <87a9ki7ymt.fsf@vigenere.g10code.de> References: <0dc401ce992d$1d3b80e0$57b282a0$@advance-medical.com> <87a9ki7ymt.fsf@vigenere.g10code.de> Message-ID: <002601ce9a80$0c030920$24091b60$@advance-medical.com> Thanks for replying. C:\Users\me>gpg2 --version gpg (GnuPG) 2.0.20 (Gpg4win 2.1.1) libgcrypt 1.5.2 C:\Users\me>Gpg2 -v --batch --passphrase pass -o c:\temp\temp.txt -d c:\ temp\temp.txt.pgp gpg: public key is 727A253D gpg: encrypted with RSA key, ID 727A253D gpg: decryption failed: No secret key C:\Users\me> I am using the same keyring as PGP Desktop and I am able to decrypt the file with that program. Thanks for the help. -- Steve -----Original Message----- From: Werner Koch [mailto:wk at gnupg.org] Sent: Friday, August 16, 2013 5:51 AM To: Steven Bonda Cc: gnupg-users at gnupg.org Subject: Re: No secret key on 1 file On Wed, 14 Aug 2013 22:30, sbonda at advance-medical.com said: > When I run the following command: > > Gpg2 -batch -passphrase pass -o c:\temp\temp.txt -d c:\temp\file.pgp I assume you used Gpg2 --batch --passphrase pass -o c:\temp\temp.txt -d c:\temp\file.pgp That is two dashes for the long options. --passphrase does not work with gpg2. You will be asked by a pop-up Window for the passphrase. That requires that GnuPG has been fully installed. What version are you using. Did you used a Gpg4win installer? If you are using the command line you may want to add the option -v to see more diagnostics. If you are not using the latest gpg2 version it is possible that the imported secret hast been protected using the IDEA algorithms which - for patent reason was not support by older GnuPG versions. You need at least GnuPG 2.020 and Libgcrypt 1.5.2. Running gpg2 --version shows the the GnuPG and Libgcrypt version. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From ivangrunt09 at gmail.com Fri Aug 16 16:37:27 2013 From: ivangrunt09 at gmail.com (Larry Brower) Date: Fri, 16 Aug 2013 09:37:27 -0500 Subject: No secret key on 1 file In-Reply-To: <002601ce9a80$0c030920$24091b60$@advance-medical.com> References: <0dc401ce992d$1d3b80e0$57b282a0$@advance-medical.com> <87a9ki7ymt.fsf@vigenere.g10code.de> <002601ce9a80$0c030920$24091b60$@advance-medical.com> Message-ID: <520E3927.4000203@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 08/16/2013 07:56 AM, Steven Bonda wrote: > --batch --passphrase Have you tried to do this without --batch and --passphrase? Is there any change? - -- Larry Brower, CCNA Fedora Ambassador - North America Fedora Quality Assurance lbrower at fedoraproject.org http://www.fedoraproject.org/ -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCgAGBQJSDjkmAAoJEDtLZtIIBs+LCu4H/i1DZgWHsbqFbpxgNaHsiPZ9 FsLmQSurt1HOAn/UEfK33FUN6BOS1Gk3G8s3AjqUoBvurpTb8SXuDNavTIvBBlRL 2gYnsukGMG769DifHvsgVCc0bWePxzGl08m97kZttO/MmFnpT7rJF7j3hgVUyhLB /wfgOCVqmCnScy1L2KbLRydH4hfyuP+Wt7EtNHhE5Wh/gVfEQdaIHwPQNKIPtIZo vBb/cya6SdFVii6YCZwT3/uq9YqqOqWv5VnboTW4FSwun//N5nCgRCudtxcRCuSA RAaIueMzNwJUU932VqsAQOIorjl2KWKyTp+gZX7608TTmyvmNxSFySrZNKNcs6w= =KcoN -----END PGP SIGNATURE----- -------------- next part -------------- A non-text attachment was scrubbed... Name: 0x0806CF8B.asc Type: application/pgp-keys Size: 3167 bytes Desc: not available URL: From wk at gnupg.org Fri Aug 16 16:36:21 2013 From: wk at gnupg.org (Werner Koch) Date: Fri, 16 Aug 2013 16:36:21 +0200 Subject: No secret key on 1 file In-Reply-To: <002601ce9a80$0c030920$24091b60$@advance-medical.com> (Steven Bonda's message of "Fri, 16 Aug 2013 08:56:35 -0400") References: <0dc401ce992d$1d3b80e0$57b282a0$@advance-medical.com> <87a9ki7ymt.fsf@vigenere.g10code.de> <002601ce9a80$0c030920$24091b60$@advance-medical.com> Message-ID: <87d2pd7lei.fsf@vigenere.g10code.de> On Fri, 16 Aug 2013 14:56, sbonda at advance-medical.com said: > gpg: encrypted with RSA key, ID 727A253D > gpg: decryption failed: No secret key Please check thenoutput of gpg2 -v -K 727A253D If you can't see the reason, you may want to gpg2 -v --edit-key 727A253D to see some more details. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From sbonda at advance-medical.com Fri Aug 16 16:53:40 2013 From: sbonda at advance-medical.com (Steven Bonda) Date: Fri, 16 Aug 2013 10:53:40 -0400 Subject: No secret key on 1 file In-Reply-To: <87d2pd7lei.fsf@vigenere.g10code.de> References: <0dc401ce992d$1d3b80e0$57b282a0$@advance-medical.com> <87a9ki7ymt.fsf@vigenere.g10code.de> <002601ce9a80$0c030920$24091b60$@advance-medical.com> <87d2pd7lei.fsf@vigenere.g10code.de> Message-ID: <00af01ce9a90$66c04d90$3440e8b0$@advance-medical.com> C:\Users\me>gpg2 -v -K 727A253D gpg: using PGP trust model gpg: error reading key: No secret key C:\Users\me>gpg2 -v --edit-key 727A253D gpg (GnuPG) 2.0.20; Copyright (C) 2013 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. gpg: using PGP trust model C:\Users\me> I get that there's no secret key for that ID but I don't understand why PGP can decrypt the file but GPG can't. Again, thanks for the help. -----Original Message----- From: Werner Koch [mailto:wk at gnupg.org] Sent: Friday, August 16, 2013 10:36 AM To: Steven Bonda Cc: gnupg-users at gnupg.org Subject: Re: No secret key on 1 file On Fri, 16 Aug 2013 14:56, sbonda at advance-medical.com said: > gpg: encrypted with RSA key, ID 727A253D > gpg: decryption failed: No secret key Please check thenoutput of gpg2 -v -K 727A253D If you can't see the reason, you may want to gpg2 -v --edit-key 727A253D to see some more details. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From sbonda at advance-medical.com Fri Aug 16 18:20:10 2013 From: sbonda at advance-medical.com (Steven Bonda) Date: Fri, 16 Aug 2013 12:20:10 -0400 Subject: No secret key on 1 file In-Reply-To: <87d2pd7lei.fsf@vigenere.g10code.de> References: <0dc401ce992d$1d3b80e0$57b282a0$@advance-medical.com> <87a9ki7ymt.fsf@vigenere.g10code.de> <002601ce9a80$0c030920$24091b60$@advance-medical.com> <87d2pd7lei.fsf@vigenere.g10code.de> Message-ID: <00ec01ce9a9c$7c9fdbb0$75df9310$@advance-medical.com> I did a lot of research and digging and was finally able to get the file to decrypt: c:\temp>gpg2 --batch --try-all-secrets --passphrase pass -o temp.txt -d temp.txt.pgp gpg: anonymous recipient; trying secret key A328FC0E ... gpg: WARNING: cipher algorithm IDEA not found in recipient preferences gpg: okay, we are the anonymous recipient. gpg: encrypted with RSA key, ID 727A253D gpg: old style (PGP 2.x) signature gpg: Signature made 08/15/13 03:31:01 Eastern Daylight Time using DSA key ID C0649AF6 gpg: Can't check signature: No public key gpg: WARNING: message was not integrity protected c:\temp> fwiw, I'd welcome any information on what happened just because I'd like to know what happened. Maybe this helps someone in the future. Thanks for all the help. -- STeve -----Original Message----- From: Werner Koch [mailto:wk at gnupg.org] Sent: Friday, August 16, 2013 10:36 AM To: Steven Bonda Cc: gnupg-users at gnupg.org Subject: Re: No secret key on 1 file On Fri, 16 Aug 2013 14:56, sbonda at advance-medical.com said: > gpg: encrypted with RSA key, ID 727A253D > gpg: decryption failed: No secret key Please check thenoutput of gpg2 -v -K 727A253D If you can't see the reason, you may want to gpg2 -v --edit-key 727A253D to see some more details. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From hhhobbit at securemecca.net Sat Aug 17 01:31:31 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Fri, 16 Aug 2013 23:31:31 +0000 Subject: No secret key on 1 file In-Reply-To: <00ec01ce9a9c$7c9fdbb0$75df9310$@advance-medical.com> References: <0dc401ce992d$1d3b80e0$57b282a0$@advance-medical.com> <87a9ki7ymt.fsf@vigenere.g10code.de> <002601ce9a80$0c030920$24091b60$@advance-medical.com> <87d2pd7lei.fsf@vigenere.g10code.de> <00ec01ce9a9c$7c9fdbb0$75df9310$@advance-medical.com> Message-ID: <520EB653.3050709@securemecca.net> On 08/16/2013 04:20 PM, Steven Bonda wrote: > I did a lot of research and digging and was finally able to get the file to > decrypt: > > c:\temp>gpg2 --batch --try-all-secrets --passphrase pass -o temp.txt -d > temp.txt.pgp > gpg: anonymous recipient; trying secret key A328FC0E ... > gpg: WARNING: cipher algorithm IDEA not found in recipient preferences > gpg: okay, we are the anonymous recipient. > gpg: encrypted with RSA key, ID 727A253D > gpg: old style (PGP 2.x) signature > gpg: Signature made 08/15/13 03:31:01 Eastern Daylight Time using DSA key ID > C0649AF6 > gpg: Can't check signature: No public key > gpg: WARNING: message was not integrity protected You are decrypting a public key enciphered file. The only way you can do that is you must have the secret key. That is why Werner told you to list all of the secret keys below. Without that secret key you are not going to be able to decipher the file. By telling it to try all of the secret keys it finally found the right secret key to decipher the file. gpg2 didn't see IDEA in your choice of ciphers. I should not want to see the IDEA cipher either, since it is not in my preferences. IDEA is an old archaic cipher along with 3DES. But note that I want 3DES only as a last resort. I will be much happier with the use of TWOFISH or AES. Paradoxically, at one time AES (also called AES128) was actually stronger than AES256. I don't know if this is still the case but have no desire to change my preferences. You probably also have a key setup problem in gpg/gpg2. I never was able to either use my GnuPG keys with PGP or vice versa without an export of the secret key and import and then a lot of twiddling with the trust levels and other things to make them work. Let me show you what happens with my secret key with a --edit-key (no --verbose or -v which are the same thing): http://www.securemecca.com/public/GnuPG/GnuPG_Prefs.txt What you have that is different than what I have is something you want to look at as the possible cause of the problem. I suspect you have a trust problem but gpg / gpg2 can see that the 727A253D has a secret key available and deciphered the file although gpg2 didn't like the use of the IDEA cipher. Now that I have said all of this I am not so sure that what Werner said and how he said it isn't actually a lot better. What I am hoping is that contrasting what you have (which is not working) with what I have (which does work) might help you. Just do a "?" at the "Command> " to get a list of things that can be done. I think you may need to change the trust level for your keys. Start with Werner's commands below minus the verbose, contrast with mine and then do the commands exactly as Werner has given and go from there. If you give Werner the verbose output he can probably tell you exactly what needs to be changed but you also may see the debug information gives you all you need to know. > c:\temp> > > fwiw, I'd welcome any information on what happened just > because I'd like to know what happened. > > Maybe this helps someone in the future. > > Thanks for all the help. > -- STeve > > -----Original Message----- > From: Werner Koch [mailto:wk at gnupg.org] > Sent: Friday, August 16, 2013 10:36 AM > To: Steven Bonda > Cc: gnupg-users at gnupg.org > Subject: Re: No secret key on 1 file > > On Fri, 16 Aug 2013 14:56, sbonda at advance-medical.com said: > >> gpg: encrypted with RSA key, ID 727A253D >> gpg: decryption failed: No secret key > > Please check thenoutput of > > gpg2 -v -K 727A253D > > If you can't see the reason, you may want to > > gpg2 -v --edit-key 727A253D > > to see some more details. From Ashish.Tiwari at williams.com Sat Aug 17 13:56:45 2013 From: Ashish.Tiwari at williams.com (Tiwari, Ashish) Date: Sat, 17 Aug 2013 06:56:45 -0500 Subject: Issue with --sign option Message-ID: I have generated a new gpg key, but I am having the below problem. echo |usr/local/bin/gpg --no-tty --passphrase-fd 0 -o /apploatr/.gnupg/ashish.pgp -sign --encrypt -r Ashish /apploatr/.gnupg/test.txt gpg: WARNING: using insecure memory! gpg: please see http://www.gnupg.org/faq.html for more information gpg: Ohhhh jeeee: ... this is a bug (getkey.c:2696:lookup) secmem usage: 1632/1632 bytes in 3/3 blocks of pool 1632/32768 ksh: 974890 IOT/Abort trap *********************************************************************************************************************** echo |usr/local/bin/gpg --no-tty --passphrase-fd 0 -o /apploatr/.gnupg/ashish.pgp --encrypt -r Ashish /apploatr/.gnupg/test.txt This command works. I need your help to help fix the above problem. Regards, Ashish Tiwari -------------- next part -------------- An HTML attachment was scrubbed... URL: From mailinglisten at hauke-laging.de Sun Aug 18 01:49:43 2013 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Sun, 18 Aug 2013 01:49:43 +0200 Subject: Issue with --sign option In-Reply-To: References: Message-ID: <3778172.qIAKIjGAML@inno.berlin.laging.de> Am Sa 17.08.2013, 06:56:45 schrieb Tiwari, Ashish: > -sign --encrypt There is a dash typo. -- Crypto f?r alle: http://www.openpgp-schulungen.de/fuer/bekannte/ OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 572 bytes Desc: This is a digitally signed message part. URL: From Ashish.Tiwari at williams.com Sun Aug 18 05:04:31 2013 From: Ashish.Tiwari at williams.com (Tiwari, Ashish) Date: Sat, 17 Aug 2013 22:04:31 -0500 Subject: Issue with --sign option In-Reply-To: <3778172.qIAKIjGAML@inno.berlin.laging.de> References: , <3778172.qIAKIjGAML@inno.berlin.laging.de> Message-ID: Still not working. Saying Inavlid OPtion -sign. Regards, Ashish Tiwari ________________________________________ From: Hauke Laging [mailinglisten at hauke-laging.de] Sent: Saturday, August 17, 2013 6:49 PM To: gnupg-users at gnupg.org Cc: Tiwari, Ashish Subject: Re: Issue with --sign option Am Sa 17.08.2013, 06:56:45 schrieb Tiwari, Ashish: > -sign --encrypt There is a dash typo. -- Crypto f?r alle: http://www.openpgp-schulungen.de/fuer/bekannte/ OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 From ashishtewariashish at gmail.com Sun Aug 18 14:31:33 2013 From: ashishtewariashish at gmail.com (ashish tiwari) Date: Sun, 18 Aug 2013 07:31:33 -0500 Subject: --sign option giving error Message-ID: I have generated a new pgp key. I need to encrypy and sign docs using the belwo command echo "$PGP_SKEY"|/usr/local/bin/gpg --no-tty --passphrase-fd 0 -o "$OUT_FILE" --sign --encrypt -r "$PGP_RID" "$FILE? PGP_SKEY ? Password of Oracle PGP user id OUT_FILE ? Encrypted File Name that will be sent to Bank PGP_RID ? Recipient PGP user ID (Bank?s) File ? The File Name to be encrypted When I run the below command I am getting error echo test123|/usr/local/bin/gpg --no-tty --passphrase-fd 0 -o /apploatr/.gnupg/ab.pgp --debug-level advanced --log-file a.log --sign --encrypt -r nkumar /apploatr/.gnupg/test.txt gpg: Ohhhh jeeee: ... this is a bug (getkey.c:2696:lookup) secmem usage: 1632/1632 bytes in 3/3 blocks of pool 1632/32768 ksh: 41382116 IOT/Abort trap If I remove the --sign option it works I tried also gpg --sign-key Again I got the same error [apploatr]:{tulqerp02}: gpg --sign-key gpg: WARNING: using insecure memory! gpg: please see http://www.gnupg.org/faq.html for more information pub 2048R/936BE940 created: 2013-08-18 expires: 2015-08-18 usage: SC trust: ultimate validity: ultimate sub 2048R/CB8A40C9 created: 2013-08-18 expires: 2015-08-18 usage: E [ultimate] (1). apploatr (ERP) gpg: Ohhhh jeeee: ... this is a bug (getkey.c:2696:lookup) secmem usage: 1408/1408 bytes in 2/2 blocks of pool 1408/32768 IOT/Abort trap Any help is appreciated. -------------- next part -------------- An HTML attachment was scrubbed... URL: From mlisten at hammernoch.net Sun Aug 18 15:16:36 2013 From: mlisten at hammernoch.net (=?ISO-8859-1?Q?Ludwig_H=FCgelsch=E4fer?=) Date: Sun, 18 Aug 2013 15:16:36 +0200 Subject: Issue with --sign option In-Reply-To: References: , <3778172.qIAKIjGAML@inno.berlin.laging.de> Message-ID: <5210C934.5050808@hammernoch.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi, you should type --sign using a double dash, not -sign HTH Ludwig On 18.08.13 05:04, Tiwari, Ashish wrote: > Still not working. > > Saying Inavlid OPtion -sign. > > Regards, Ashish Tiwari > > ________________________________________ From: Hauke Laging > [mailinglisten at hauke-laging.de] Sent: Saturday, August 17, 2013 > 6:49 PM To: gnupg-users at gnupg.org Cc: Tiwari, Ashish Subject: Re: > Issue with --sign option > > Am Sa 17.08.2013, 06:56:45 schrieb Tiwari, Ashish: > >> -sign --encrypt > > There is a dash typo. -- Crypto f?r alle: > http://www.openpgp-schulungen.de/fuer/bekannte/ OpenPGP: 7D82 FB9F > D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 > _______________________________________________ Gnupg-users mailing > list Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (Darwin) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCgAGBQJSEMk0AAoJEA52XAUJWdLjPdYH/2rTT9mPpbxhe6jP/XjSIccy 28GV0EqQpfA112wF0orG5iul+TAj3B2a86URyaFGZruBqRFAz6sudkHN7bTSGRft KuggRf7ldPsae4GsGs8/iHSWh7BPAmKpNNI3uMxBI2MO514yz3tzzrkIy9EbQOjs 1ZuANeG2E28KVW4jKxRy3txeBCfqua8yYePDz93DibNCriMUH7p73+lK/HW5cwsw 82zVXGSu09OOT+N8esdfS3Wq1Yld99FG0CQ2EdI86g7Bye0mfHdUPGbDjGJV1s24 mjNjiDP8SZaCC9pb6W+l05V3HtSsYsWKuAM75nlsMGBEZ0LzLCgLnqWO+uF2sOs= =RUvC -----END PGP SIGNATURE----- From ben at adversary.org Sun Aug 18 14:21:16 2013 From: ben at adversary.org (Ben McGinnes) Date: Sun, 18 Aug 2013 22:21:16 +1000 Subject: Issue with --sign option In-Reply-To: References: , <3778172.qIAKIjGAML@inno.berlin.laging.de> Message-ID: <5210BC3C.20604@adversary.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 18/08/13 1:04 PM, Tiwari, Ashish wrote: > Still not working. > > Saying Inavlid OPtion -sign. Yes, it's supposed to be: --sign --encrypt [the rest of the command] Regards, Ben -----BEGIN PGP SIGNATURE----- iQGcBAEBCgAGBQJSELw7AAoJEH/y03E1x1U89ukL/ROGyaRZXqjQFZ5q7MXkaOTw teL/W1YwxIXr+CyzdnSXBp4s1hYMVe4UZHGYyEYyhzp5O6VDtyCmgDchiJJ1wmoH zDHUZwhYX4/WbL4btcmznfv5++/CvItOcrt+LMnITL0YU8JBIkIieCO9CpHnY2bB 5DKhVrsI2kpN3vWuStPorkAaSpgoOZh5FSsH+Lvf98VISKwFi+p4wVFBykAmpaki SaNHAmD5pXcjy1mRcIBra/oCFU3O5Jh4KQEey5mlRjN88R+phAeOdd+0aDfalO2r kDKonnMDQajIE/fepjJVmAvByrh+XRbzPignOiM5NauNQDpVhbUD3f+f8tInT7IH Ov3FM6B16AQR7jRZ/McW9wJ9UHQZF+UDTnbD1kVLqfVFLUE/FxJkOLC384EU95Al EACwpE7eO07YImdwvP+BfVwoxfeAYIN8Ng/cxGeyt0EhloD/So8WNLu+EAAMUExD h208nK6Dl8NeHCPXuIZ8ltgslnje1iTptgBk6ymp6g== =liSf -----END PGP SIGNATURE----- From ashishtewariashish at gmail.com Sun Aug 18 17:45:51 2013 From: ashishtewariashish at gmail.com (ashish tiwari) Date: Sun, 18 Aug 2013 10:45:51 -0500 Subject: Issue with --sign option In-Reply-To: <5210BC3C.20604@adversary.org> References: <3778172.qIAKIjGAML@inno.berlin.laging.de> <5210BC3C.20604@adversary.org> Message-ID: echo test123|/usr/local/bin/gpg --no-tty --passphrase-fd 0 -o /apploatr/.gnupg/ab.pgp --debug-level advanced --log-file a.log --sign --encrypt -r nkumar /apploatr/.gnupg/test.txt gpg: Ohhhh jeeee: ... this is a bug (getkey.c:2696:lookup) secmem usage: 1632/1632 bytes in 3/3 blocks of pool 1632/32768 ksh: 41382116 IOT/Abort trap ************************************** [apploatr]:{tulqerp02}: gpg --list-secret-keys gpg: WARNING: using insecure memory! gpg: please see http://www.gnupg.org/faq.html for more information /apploatr/.gnupg/secring.gpg ---------------------------- gpg: Oops; key lost! node 2000f5a8 01/00 type=public-key keyid=8210AFC3 a=1 u=5 e.v. node 2000f668 00/00 type=user-id "nkumar (Test Naveen) < naveen.kumar at williams.com>" ..vp node 2000f878 00/00 type=signature class=13 keyid=8210AFC3 ts=1376715608 node 200166b8 00/00 type=public-subkey keyid=0C487726 a=1 u=2 e.v. node 200168b8 00/00 type=signature class=18 keyid=8210AFC3 ts=1376715608 sec 2048R/48AEF305 2013-08-18 [expires: 2015-08-18] uid Manu Chaudhary (Test Keys) < manu.chaudhary at eiwilliams.com> ssb 2048R/DCAB425C 2013-08-18 sec 2048R/936BE940 2013-08-18 [expires: 2015-08-18] uid apploatr (ERP) ssb 2048R/CB8A40C9 2013-08-18 On Sun, Aug 18, 2013 at 7:21 AM, Ben McGinnes wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > On 18/08/13 1:04 PM, Tiwari, Ashish wrote: > > Still not working. > > > > Saying Inavlid OPtion -sign. > > Yes, it's supposed to be: --sign --encrypt [the rest of the command] > > > Regards, > Ben > > -----BEGIN PGP SIGNATURE----- > > iQGcBAEBCgAGBQJSELw7AAoJEH/y03E1x1U89ukL/ROGyaRZXqjQFZ5q7MXkaOTw > teL/W1YwxIXr+CyzdnSXBp4s1hYMVe4UZHGYyEYyhzp5O6VDtyCmgDchiJJ1wmoH > zDHUZwhYX4/WbL4btcmznfv5++/CvItOcrt+LMnITL0YU8JBIkIieCO9CpHnY2bB > 5DKhVrsI2kpN3vWuStPorkAaSpgoOZh5FSsH+Lvf98VISKwFi+p4wVFBykAmpaki > SaNHAmD5pXcjy1mRcIBra/oCFU3O5Jh4KQEey5mlRjN88R+phAeOdd+0aDfalO2r > kDKonnMDQajIE/fepjJVmAvByrh+XRbzPignOiM5NauNQDpVhbUD3f+f8tInT7IH > Ov3FM6B16AQR7jRZ/McW9wJ9UHQZF+UDTnbD1kVLqfVFLUE/FxJkOLC384EU95Al > EACwpE7eO07YImdwvP+BfVwoxfeAYIN8Ng/cxGeyt0EhloD/So8WNLu+EAAMUExD > h208nK6Dl8NeHCPXuIZ8ltgslnje1iTptgBk6ymp6g== > =liSf > -----END PGP SIGNATURE----- > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -------------- next part -------------- An HTML attachment was scrubbed... URL: From hhhobbit at securemecca.net Sun Aug 18 18:45:16 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Sun, 18 Aug 2013 16:45:16 +0000 Subject: Issue with --sign option In-Reply-To: References: <3778172.qIAKIjGAML@inno.berlin.laging.de> <5210BC3C.20604@adversary.org> Message-ID: <5210FA1C.7000601@securemecca.net> On 08/18/2013 03:45 PM, ashish tiwari wrote: Is this a Turing test? I wrote a private reply to try to find if that is what is happening. I mean, is "--sign" as opposed to "-sign" that hard to understand? Here is what -sign chould probably mean: -s same as --sign -i same as --interactive -g NONSENSE -n same as --dry-run. That is because -sign is the equivalent of -s -i -g -n. My private reply was with the aim of convincing a human being the right way to do things and that gpg & gpg2 do the standard of a single dash means all the letters after the single dash are combined options. If you want all of the characters being considered a single atomic identity then you precede them with a double dash. A lot more detail was added with an example to show how easy it is. HHH From Ashish.Tiwari at williams.com Sun Aug 18 15:28:45 2013 From: Ashish.Tiwari at williams.com (Tiwari, Ashish) Date: Sun, 18 Aug 2013 08:28:45 -0500 Subject: Issue with --sign option In-Reply-To: <5210C934.5050808@hammernoch.net> References: , <3778172.qIAKIjGAML@inno.berlin.laging.de> <5210C934.5050808@hammernoch.net> Message-ID: echo testkeysoatr|/usr/local/bin/gpg --no-tty --passphrase-fd 0 -o /apploatr/.gnupg/ab.pgp --sign --encrypt -r Test Keys (OATR) /apploatr/.gnupg/test.txt gpg: Ohhhh jeeee: ... this is a bug (getkey.c:2696:lookup) secmem usage: 1632/1632 bytes in 3/3 blocks of pool 1632/32768 ksh: 974890 IOT/Abort trap -----Original Message----- From: Ludwig H?gelsch?fer [mailto:mlisten at hammernoch.net] Sent: Sunday, August 18, 2013 8:17 AM To: gnupg-users at gnupg.org Cc: Tiwari, Ashish Subject: Re: Issue with --sign option -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi, you should type --sign using a double dash, not -sign HTH Ludwig On 18.08.13 05:04, Tiwari, Ashish wrote: > Still not working. > > Saying Inavlid OPtion -sign. > > Regards, Ashish Tiwari > > ________________________________________ From: Hauke Laging > [mailinglisten at hauke-laging.de] Sent: Saturday, August 17, 2013 > 6:49 PM To: gnupg-users at gnupg.org Cc: Tiwari, Ashish Subject: Re: > Issue with --sign option > > Am Sa 17.08.2013, 06:56:45 schrieb Tiwari, Ashish: > >> -sign --encrypt > > There is a dash typo. -- Crypto f?r alle: > http://www.openpgp-schulungen.de/fuer/bekannte/ OpenPGP: 7D82 FB9F > D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 > _______________________________________________ Gnupg-users mailing > list Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (Darwin) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCgAGBQJSEMk0AAoJEA52XAUJWdLjPdYH/2rTT9mPpbxhe6jP/XjSIccy 28GV0EqQpfA112wF0orG5iul+TAj3B2a86URyaFGZruBqRFAz6sudkHN7bTSGRft KuggRf7ldPsae4GsGs8/iHSWh7BPAmKpNNI3uMxBI2MO514yz3tzzrkIy9EbQOjs 1ZuANeG2E28KVW4jKxRy3txeBCfqua8yYePDz93DibNCriMUH7p73+lK/HW5cwsw 82zVXGSu09OOT+N8esdfS3Wq1Yld99FG0CQ2EdI86g7Bye0mfHdUPGbDjGJV1s24 mjNjiDP8SZaCC9pb6W+l05V3HtSsYsWKuAM75nlsMGBEZ0LzLCgLnqWO+uF2sOs= =RUvC -----END PGP SIGNATURE----- From kloecker at kde.org Sun Aug 18 23:17:24 2013 From: kloecker at kde.org (Ingo =?ISO-8859-1?Q?Kl=F6cker?=) Date: Sun, 18 Aug 2013 23:17:24 +0200 Subject: Issue with --sign option In-Reply-To: References: Message-ID: <2308360.tXDCPUThok@thufir.ingo-kloecker.de> On Saturday 17 August 2013 06:56:45 Tiwari, Ashish wrote: > I have generated a new gpg key, but I am having the below problem. > > echo |usr/local/bin/gpg --no-tty --passphrase-fd 0 -o > /apploatr/.gnupg/ashish.pgp -sign --encrypt -r Ashish > /apploatr/.gnupg/test.txt Does the following work? usr/local/bin/gpg -o /apploatr/.gnupg/ashish.pgp --sign --encrypt -r Ashish /apploatr/.gnupg/test.txt Regards, Ingo -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: From wk at gnupg.org Mon Aug 19 09:07:24 2013 From: wk at gnupg.org (Werner Koch) Date: Mon, 19 Aug 2013 09:07:24 +0200 Subject: Issue with --sign option In-Reply-To: (Ashish Tiwari's message of "Sun, 18 Aug 2013 08:28:45 -0500") References: <3778172.qIAKIjGAML@inno.berlin.laging.de> <5210C934.5050808@hammernoch.net> Message-ID: <87haem5fbn.fsf@vigenere.g10code.de> On Sun, 18 Aug 2013 15:28, Ashish.Tiwari at williams.com said: > echo testkeysoatr|/usr/local/bin/gpg --no-tty --passphrase-fd 0 -o /apploatr/.gnupg/ab.pgp --sign --encrypt -r Test Keys (OATR) /apploatr/.gnupg/test.txt > > gpg: Ohhhh jeeee: ... this is a bug (getkey.c:2696:lookup) Which version of GnuPG is this? If you are using GnuPG 2.x please also show the output of gpg-connect-agent 'getinfo version' /bye Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From hhhobbit at securemecca.net Mon Aug 19 11:38:01 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Mon, 19 Aug 2013 09:38:01 +0000 Subject: Fwd: Re: Issue with --sign option In-Reply-To: <5210F3EE.5090707@securemecca.net> References: <5210F3EE.5090707@securemecca.net> Message-ID: <5211E779.9030101@securemecca.net> I am supplying this so people know what I sent to Ashish personally. Will it help? I don't know but I hope so. If you know everything there is to know about how the optional arguments are handled on 'nix systems you may want to delete this message. I assume secmem and and any other things that are going wrong are already in the archives some place. Actually the secmem messages are just bothersome and won't cause any problems. -------- Original Message -------- Subject: Re: Issue with --sign option Date: Sun, 18 Aug 2013 16:18:54 +0000 From: Henry Hertz Hobbit Reply-To: hhhobbit at securemecca.net To: Tiwari, Ashish CC: hhhobbit at securemecca.net On 08/18/2013 03:04 AM, Tiwari, Ashish wrote: > Still not working. > > Saying Inavlid OPtion -sign. > > Regards, > Ashish Tiwari Of course it is invalid. You do NOT use "-sign". You use single dashes only for single letter arguments. The way you have it with just a single dash the only valid interpretation is that it considers it a short hand for "-s -i -g -n". IOW, here is what "-sign" could mean but it seems to be nonsense: -s (same as --sign) -i (same as --interactive to prevent overwriting files) -g NO SUCH OPTION - this is what it is complaining about? -n (same as --dry-run which means don't make any changes) >From your previous output gpg/gpg2 seems to be attempting a correction of what you are doing with a best guess. gpg and gpg2 just use the standard way that all 'nix commands are done. If you want to do a sign, either use the short-hand "-s" or "--sign" (NOTE THE DOUBLE DASHES) which are equivalent. If you want a sequence of letters to be an atomic unit to a command on 'nix systems, then you always precede them with a double dash rather than a single dash. Example: these commands for ls do the same thing: $ ls -lF $ ls -l -F But even ls has double dash atomic multi-character options with these being just some of them: --ignore-backups (chops off files ending with ~) --color=never (I do not like color in ls) --time-style=STYLE (STYLE could be iso for example to chop off the year) gpg or gpg2 are doing the same thing as ls and all other GOOD 'nix commands do as the man pages show: http://www.securemecca.com/public/GnuPG/gpg.txt http://www.securemecca.com/public/GnuPG/gpg2.txt http://www.securemecca.com/public/GnuPG/ We expected you to know this before you used gpg on a 'nix system since it is the way ALL of the commands work on 'nix systems if they are doing it the standard way (there are some commands that are not standard which makes you think it must be an English thing - the exceptions to the rules). Get somebody else to translate this for you if English and 'nix commands are not your native languages. That is especially true for the 'nix commands since that seems to be what is wrong here. Also, just use the files where they are at. An example is me signing the file gnats.txt in /tmp. An actual sample usage should be highly instructive: $ cd /tmp # the next line has the same meaning as the line after it # gpg --default-key C83946F0 -s gnats.txt $ gpg --default-key C83946F0 --sign gnats.txt # I have to type my key passphrase here $ gpg --verify gnats.txt.sig gpg: Signature made Sun 18 Aug 2013 02:53:09 PM UTC using RSA key ID C83946F0 gpg: Good signature from "Henry Hertz Hobbit " gpg: aka "Henry Hertz Hobbit " The point is that both gnats.txt and gnats.txt.gpg are NOT in my ~/.gnupg key-ring folder but in /tmp. Unless you need the output files some place else you should just put them in the current folder as where the base file is. For --clearsign you may want the output file to be some place else since it modifies the base file. But I suggest some place like ~/tmp (be sure to create the folder first). Why did I use /tmp? That is where the file gnats.txt file is and it will remain there until the machine reboots and /tmp is completely cleared. Comprendez vous, n'est-pas? HHH PS And here I thought you may have been referring to the secmem warning. You have at least two methods for getting rid of of the secmem warnings. One thing at a time. From Ashish.Tiwari at williams.com Mon Aug 19 09:17:16 2013 From: Ashish.Tiwari at williams.com (Tiwari, Ashish) Date: Mon, 19 Aug 2013 02:17:16 -0500 Subject: Issue with --sign option In-Reply-To: <87haem5fbn.fsf@vigenere.g10code.de> References: <3778172.qIAKIjGAML@inno.berlin.laging.de> <5210C934.5050808@hammernoch.net> <87haem5fbn.fsf@vigenere.g10code.de> Message-ID: [apploatr]:{tulqerp02}: gpg --version gpg (GnuPG) 1.4.11 Copyright (C) 2010 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. -----Original Message----- From: Werner Koch [mailto:wk at gnupg.org] Sent: Monday, August 19, 2013 2:07 AM To: Tiwari, Ashish Cc: 'Ludwig H?gelsch?fer'; gnupg-users at gnupg.org Subject: Re: Issue with --sign option On Sun, 18 Aug 2013 15:28, Ashish.Tiwari at williams.com said: > echo testkeysoatr|/usr/local/bin/gpg --no-tty --passphrase-fd 0 -o > /apploatr/.gnupg/ab.pgp --sign --encrypt -r Test Keys (OATR) > /apploatr/.gnupg/test.txt > > gpg: Ohhhh jeeee: ... this is a bug (getkey.c:2696:lookup) Which version of GnuPG is this? If you are using GnuPG 2.x please also show the output of gpg-connect-agent 'getinfo version' /bye Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From dshaw at jabberwocky.com Mon Aug 19 14:49:30 2013 From: dshaw at jabberwocky.com (David Shaw) Date: Mon, 19 Aug 2013 08:49:30 -0400 Subject: Issue with --sign option In-Reply-To: References: <3778172.qIAKIjGAML@inno.berlin.laging.de> <5210BC3C.20604@adversary.org> Message-ID: <9B33285C-F0D5-4248-8E30-A7BCD58D5CF1@jabberwocky.com> On Aug 18, 2013, at 11:45 AM, ashish tiwari wrote: > echo test123|/usr/local/bin/gpg --no-tty --passphrase-fd 0 -o /apploatr/.gnupg/ab.pgp --debug-level advanced --log-file a.log --sign --encrypt -r nkumar /apploatr/.gnupg/test.txt > > gpg: Ohhhh jeeee: ... this is a bug (getkey.c:2696:lookup) > secmem usage: 1632/1632 bytes in 3/3 blocks of pool 1632/32768 > ksh: 41382116 IOT/Abort trap I think this is a corrupt secret keyring. Regardless of the issue of "-sign" vs "--sign", an abort like that shouldn't happen. I don't know what version of GnuPG this is, but the only BUG() call in the lookup function is one that fires if the packet it sees in the secret keyring is not a secret key. David From wk at gnupg.org Mon Aug 19 14:38:16 2013 From: wk at gnupg.org (Werner Koch) Date: Mon, 19 Aug 2013 14:38:16 +0200 Subject: [Announce] GnuPG 2.0.21 released Message-ID: <87mwod5007.fsf@vigenere.g10code.de> Hello! We are pleased to announce the availability of a new stable GnuPG-2 release: Version 2.0.21. The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data, create digital signatures, help authenticating using Secure Shell and to provide a framework for public key cryptography. It includes an advanced key management facility and is compliant with the OpenPGP and S/MIME standards. GnuPG-2 has a different architecture than GnuPG-1 (e.g. 1.4.14) in that it splits up functionality into several modules. However, both versions may be installed alongside without any conflict. In fact, the gpg version from GnuPG-1 is able to make use of the gpg-agent as included in GnuPG-2 and allows for seamless passphrase caching. The advantage of GnuPG-1 is its smaller size and the lack of dependency on other modules at run and build time. We will keep maintaining GnuPG-1 versions because they are very useful for small systems and for server based applications requiring only OpenPGP support. GnuPG is distributed under the terms of the GNU General Public License (GPLv3+). GnuPG-2 works best on GNU/Linux and *BSD systems but is also available for other Unices, Microsoft Windows and Mac OS X. What's New in 2.0.21 ==================== * gpg-agent: By default the users are now asked via the Pinentry whether they trust an X.509 root key. To prohibit interactive marking of such keys, the new option --no-allow-mark-trusted may be used. * gpg-agent: The command KEYINFO has options to add info from sshcontrol. * The included ssh agent does now support ECDSA keys. * The new option --enable-putty-support allows gpg-agent to act on Windows as a Pageant replacement with full smartcard support. * Support installation as portable application under Windows. Getting the Software ==================== Please follow the instructions found at http://www.gnupg.org/download/ or read on: GnuPG 2.0.21 may be downloaded from one of the GnuPG mirror sites or direct from ftp://ftp.gnupg.org/gcrypt/gnupg/ . The list of mirrors can be found at http://www.gnupg.org/mirrors.html . Note, that GnuPG is not available at ftp.gnu.org. On the FTP server and its mirrors you should find the following files in the gnupg/ directory: gnupg-2.0.21.tar.bz2 (4200k) gnupg-2.0.21.tar.bz2.sig GnuPG source compressed using BZIP2 and OpenPGP signature. gnupg-2.0.20-2.0.21.diff.bz2 (39k) A patch file to upgrade a 2.0.20 GnuPG source tree. This patch does not include updates of the language files. Note, that we don't distribute gzip compressed tarballs for GnuPG-2. Checking the Integrity ====================== In order to check that the version of GnuPG which you are going to install is an original and unmodified one, you can do it in one of the following ways: * If you already have a trusted version of GnuPG installed, you can simply check the supplied signature. For example to check the signature of the file gnupg-2.0.21.tar.bz2 you would use this command: gpg --verify gnupg-2.0.21.tar.bz2.sig This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by that signing key. Make sure that you have the right key, either by checking the fingerprint of that key with other sources or by checking that the key has been signed by a trustworthy other key. Note, that you can retrieve the signing key using the command finger wk ,at' g10code.com or using a keyserver like gpg --keyserver keys.gnupg.net --recv-key 4F25E3B6 The distribution key 4F25E3B6 is signed by the well known key 1E42B367. NEVER USE A GNUPG VERSION YOU JUST DOWNLOADED TO CHECK THE INTEGRITY OF THE SOURCE - USE AN EXISTING GNUPG INSTALLATION! * If you are not able to use an old version of GnuPG, you have to verify the SHA-1 checksum. Assuming you downloaded the file gnupg-2.0.21.tar.bz2, you would run the sha1sum command like this: sha1sum gnupg-2.0.21.tar.bz2 and check that the output matches the first line from the following list: 5ba8cce72eb4fd1a3ac1a282d25d7c7b90d3bf26 gnupg-2.0.21.tar.bz2 cd94a6267088eeff4735641b1fc832a1e6770ba3 gnupg-2.0.20-2.0.21.diff.bz2 Documentation ============= The file gnupg.info has the complete user manual of the system. Separate man pages are included as well; however they have not all the details available in the manual. It is also possible to read the complete manual online in HTML format at http://www.gnupg.org/documentation/manuals/gnupg/ or in Portable Document Format at http://www.gnupg.org/documentation/manuals/gnupg.pdf . The chapters on gpg-agent, gpg and gpgsm include information on how to set up the whole thing. You may also want search the GnuPG mailing list archives or ask on the gnupg-users mailing lists for advise on how to solve problems. Many of the new features are around for several years and thus enough public knowledge is already available. Almost all mail clients support GnuPG-2. Mutt users may want to use the configure option "--enable-gpgme" during build time and put a "set use_crypt_gpgme" in ~/.muttrc to enable S/MIME support along with the reworked OpenPGP support. Support ======= Please consult the archive of the gnupg-users mailing list before reporting a bug . We suggest to send bug reports for a new release to this list in favor of filing a bug at . We also have a dedicated service directory at: http://www.gnupg.org/service.html The driving force behind the development of GnuPG is the company of its principal author, Werner Koch. Maintenance and improvement of GnuPG and related software takes up most of their resources. To allow him to continue this work he kindly asks to either purchase a support contract, engage g10 Code for custom enhancements, or to donate money: http://g10code.com/gnupg-donation.html Thanks ====== We have to thank all the people who helped with this release, be it testing, coding, translating, suggesting, auditing, administering the servers, spreading the word, or answering questions on the mailing lists. Happy Hacking, The GnuPG Team -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 204 bytes Desc: not available URL: -------------- next part -------------- _______________________________________________ Gnupg-announce mailing list Gnupg-announce at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce From ashishtewariashish at gmail.com Tue Aug 20 08:40:52 2013 From: ashishtewariashish at gmail.com (ashish tiwari) Date: Tue, 20 Aug 2013 01:40:52 -0500 Subject: Issue with --sign option In-Reply-To: <9B33285C-F0D5-4248-8E30-A7BCD58D5CF1@jabberwocky.com> References: <3778172.qIAKIjGAML@inno.berlin.laging.de> <5210BC3C.20604@adversary.org> <9B33285C-F0D5-4248-8E30-A7BCD58D5CF1@jabberwocky.com> Message-ID: The issue was with corrupt secring.gpg. Solved by using gpg --no-default-keyring --keyring ./fixed-pubring.gpg --secret-keyring ./fixed-secring.gpg --import /path/to/your/broken/secring.gpg Thanks everyone. On Mon, Aug 19, 2013 at 7:49 AM, David Shaw wrote: > On Aug 18, 2013, at 11:45 AM, ashish tiwari > wrote: > > > echo test123|/usr/local/bin/gpg --no-tty --passphrase-fd 0 -o > /apploatr/.gnupg/ab.pgp --debug-level advanced --log-file a.log --sign > --encrypt -r nkumar /apploatr/.gnupg/test.txt > > > > gpg: Ohhhh jeeee: ... this is a bug (getkey.c:2696:lookup) > > secmem usage: 1632/1632 bytes in 3/3 blocks of pool 1632/32768 > > ksh: 41382116 IOT/Abort trap > > I think this is a corrupt secret keyring. Regardless of the issue of > "-sign" vs "--sign", an abort like that shouldn't happen. I don't know > what version of GnuPG this is, but the only BUG() call in the lookup > function is one that fires if the packet it sees in the secret keyring is > not a secret key. > > David > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From guptamanish at qantas.com.au Tue Aug 20 11:08:49 2013 From: guptamanish at qantas.com.au (Manish Gupta) Date: Tue, 20 Aug 2013 09:08:49 +0000 Subject: need help for GPG 1.2.1 binary for REHL 5.8 Message-ID: Dear Sir/Madam, This is regarding binary of gpg utility, we are searching for binary for GPG 1.2.1 version for Red Hat Enterprise Linux 5.8, We have searched a lots for this version but we couldn't find anywhere. We found below two links only and tried installing the same on REHL 5.8 but none of them is worked - http://rpmfind.net/linux/rpm2html/search.php?query=gpg http://rpm.pbone.net/index.php3/stat/4/idpl/17967371/dir/suse_other/com/gpg-1.2.1-1.i686.rpm.html Request you to provide the links to download the GPG 1.2.1 for REHL 5.8 compatible binary. We appreciate your response a lots. Looking forward to hear from you. Thanks and Regards.. Manish Kumar Gupta Integration Solution Architect, eQ Upgrade Program, Email: guptamanish at qantas.com.au Ph+ 61 4 0508 2374 ************** PLEASE CONSIDER OUR ENVIRONMENT BEFORE PRINTING ************* ******************* Confidentiality and Privilege Notice ******************* This e-mail is intended only to be read or used by the addressee. It is confidential and may contain legally privileged information. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone, and you should destroy this message and kindly notify the sender by reply e-mail. Confidentiality and legal privilege are not waived or lost by reason of mistaken delivery to you. Qantas Airways Limited ABN 16 009 661 901 Visit Qantas online at http://qantas.com **************************************************************************** -------------- next part -------------- An HTML attachment was scrubbed... URL: From peter at digitalbrains.com Tue Aug 20 21:43:57 2013 From: peter at digitalbrains.com (Peter Lebbing) Date: Tue, 20 Aug 2013 21:43:57 +0200 Subject: need help for GPG 1.2.1 binary for REHL 5.8 In-Reply-To: References: Message-ID: <5213C6FD.3000902@digitalbrains.com> > we are searching for binary for GPG 1.2.1 version for Red Hat Enterprise > Linux 5.8 You're trying to install a version released in 2002 on an OS released in 2012. I'm not surprised you can't find binaries! Why do you want to do this? 1.2.1 has known issues and should not be used these days. It's more than a decade old! I think your effort is much better spent on changing your workflow to use the latest 1.4 release. Again, why do you want to install 1.2.1? HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From jeandavid8 at verizon.net Tue Aug 20 22:37:39 2013 From: jeandavid8 at verizon.net (Jean-David Beyer) Date: Tue, 20 Aug 2013 16:37:39 -0400 Subject: need help for GPG 1.2.1 binary for REHL 5.8 In-Reply-To: <5213C6FD.3000902@digitalbrains.com> References: <5213C6FD.3000902@digitalbrains.com> Message-ID: <5213D393.7090106@verizon.net> On 08/20/2013 03:43 PM, Peter Lebbing wrote: >> we are searching for binary for GPG 1.2.1 version for Red Hat Enterprise >> Linux 5.8 > > You're trying to install a version released in 2002 on an OS released in 2012. True, but Red Hat support their major releases for 10 years, so implying that the O.P.'s release is obsolete is a bit extreme. We are not talking about Fedora releases now. > I'm not surprised you can't find binaries! Why do you want to do this? 1.2.1 has > known issues and should not be used these days. It's more than a decade old! > > I think your effort is much better spent on changing your workflow to use the > latest 1.4 release. Again, why do you want to install 1.2.1? > > HTH, > > Peter. > I have CentOS 5.9. similar to RHEL5.9 that, as far as I know, is the current release for RHEL5. I run RHEL 6 on my main machine. The 5.9 has gnupg2-2.0.10-3.el5.1.i386 as its current release and that requires the following libraries: libksba-1.0.5-2.el5 pinentry-0.7.3-3.el5 pth-2.0.7-6.el5. As Peter asks, "why do you want to install 1.2.1?" -- .~. Jean-David Beyer Registered Linux User 85642. /V\ PGP-Key:166D840A 0C610C8B Registered Machine 1935521. /( )\ Shrewsbury, New Jersey http://counter.li.org ^^-^^ 16:30:01 up 8 days, 21:55, 2 users, load average: 4.01, 4.24, 4.27 From peter at digitalbrains.com Tue Aug 20 23:02:17 2013 From: peter at digitalbrains.com (Peter Lebbing) Date: Tue, 20 Aug 2013 23:02:17 +0200 Subject: need help for GPG 1.2.1 binary for REHL 5.8 In-Reply-To: <5213D393.7090106@verizon.net> References: <5213C6FD.3000902@digitalbrains.com> <5213D393.7090106@verizon.net> Message-ID: <5213D959.6080706@digitalbrains.com> On 20/08/13 22:37, Jean-David Beyer wrote: >> You're trying to install a version released in 2002 on an OS released in 2012. > > True, but Red Hat support their major releases for 10 years, so implying > that the O.P.'s release is obsolete is a bit extreme. I didn't mean to say the OS is old or obsolete :). I meant the GnuPG version was much older than the OS, so people don't usually make such a combination, hence people don't build those binaries. (Actually, RHEL 5 is from 2007, I only looked at the release date of the update, so I accidentally made it sound more extreme than it was) > The 5.9 has gnupg2-2.0.10-3.el5.1.i386 as its current release It might make a lot of sense to install the latest (or at least a recent and supported) version of the 1.4 tree. Or it might make sense to install 2.0 as you say, but the upgrade path from 1.2.1 to 1.4.x is easier. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From ryan at b19.org Tue Aug 20 21:20:46 2013 From: ryan at b19.org (Ryan Sawhill) Date: Tue, 20 Aug 2013 15:20:46 -0400 Subject: Fwd: need help for GPG 1.2.1 binary for REHL 5.8 In-Reply-To: References: Message-ID: On Tue, Aug 20, 2013 at 5:08 AM, Manish Gupta wrote: > This is regarding binary of gpg utility, we are searching for binary for > GPG 1.2.1 version for Red Hat Enterprise Linux 5.8, We have searched a lots > for this version but we couldn?t find anywhere. > RHEL5 ships with a newer version of GPG, namely v1.4.5 (even RHEL 5.0 shipped with that). RHEL 5.4 and above also ship with v2.0.10. Sorry for not answering your query, but please tell me: Why in the world would you want to use an an older less-secure version? -------------- next part -------------- An HTML attachment was scrubbed... URL: From snehendu.ghosh at tcs.com Tue Aug 20 23:43:04 2013 From: snehendu.ghosh at tcs.com (Snehendu Ghosh) Date: Wed, 21 Aug 2013 03:13:04 +0530 Subject: need help for GPG 1.2.1 binary for REHL 5.8 In-Reply-To: <5213C6FD.3000902@digitalbrains.com> References: <5213C6FD.3000902@digitalbrains.com>, Message-ID: Hi Peter, Thanks for your reply.? In brief, the background is that we are replacing an existing iHub system which acts as a router for files transfer to and from Oracle EBS. In current system, for inbound interfaces, encrypted files come from third parties to iHub and being decrypted before sending to EBS. Similarly for outbound interfaces, files come from EBS, being encrypted in iHub before sending it to third party system. Now the problem is the existing iHUb system is very old and it has 1.2.1 version for encryption/decryption. We are assuming all the third parties are using same old version for encryption/decryption in their side. And there is no issue with encryption/decryption in existing system. It is much stable. We are not expecting any of the third party will make any changes in their side. That is the reason we want to go with the 1.2.1 version to minimize the risk. Now assume a?scenario, where we implement 1.4 version in our to-be system, encrypt a file with 1.4 version and send it to a third party. We are not sure if that third party will able to do decryption using a lower version. We are working from Sydney, Australia. I don't know which time zone you are working in. Can we set up a tele-conference with you today so that we can explain you our requirement ?? Thanks, Snehendu Ghosh Cell - +61 469169598 Tata Consultancy Services Mailto: snehendu.ghosh at tcs.com Website: http://www.tcs.com ____________________________________________ Experience certainty. IT Services Business Solutions Consulting ____________________________________________ -----Peter Lebbing wrote: ----- To: Manish Gupta From: Peter Lebbing Date: 08/21/2013 05:44AM Cc: "gnupg-users at gnupg.org" , Mini George , Pinky Roy , Snehendu Ghosh Subject: Re: need help for GPG 1.2.1 binary for REHL 5.8 > we are searching for binary for GPG 1.2.1 version for Red Hat Enterprise > Linux 5.8 You're trying to install a version released in 2002 on an OS released in 2012. I'm not surprised you can't find binaries! Why do you want to do this? 1.2.1 has known issues and should not be used these days. It's more than a decade old! I think your effort is much better spent on changing your workflow to use the latest 1.4 release. Again, why do you want to install 1.2.1? HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at =====-----=====-----===== Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you -------------- next part -------------- An HTML attachment was scrubbed... URL: From snehendu.ghosh at tcs.com Wed Aug 21 01:55:55 2013 From: snehendu.ghosh at tcs.com (Snehendu Ghosh) Date: Wed, 21 Aug 2013 10:55:55 +1100 Subject: Fw: need help for GPG 1.2.1 binary for REHL 5.8 Message-ID: Hi, I try to reply Peter. But it has bounced from his email id. Please refer to our response below. Thanks, Snehendu ----- Forwarded by Snehendu Ghosh/APAC/TCS on 21/08/2013 09:53 AM ----- From: Snehendu Ghosh/APAC/TCS To: peter at digitalbrains.com Cc: gnupg-users at gnupg.org, guptamanish at qantas.com.au, Mini George/KOL/TCS at TCS, Pinky Roy/KOL/TCS at TCS, Binayendu Mandal/KOL/TCS at TCS, Abdul Alim/APAC/TCS at TCS Date: 21/08/2013 07:43 AM Subject: Re: need help for GPG 1.2.1 binary for REHL 5.8 Hi Peter, Thanks for your reply. In brief, the background is that we are replacing an existing iHub system which acts as a router for files transfer to and from Oracle EBS. In current system, for inbound interfaces, encrypted files come from third parties to iHub and being decrypted before sending to EBS. Similarly for outbound interfaces, files come from EBS, being encrypted in iHub before sending it to third party system. Now the problem is the existing iHUb system is very old and it has 1.2.1 version for encryption/decryption. We are assuming all the third parties are using same old version for encryption/decryption in their side. And there is no issue with encryption/decryption in existing system. It is much stable. We are not expecting any of the third party will make any changes in their side. That is the reason we want to go with the 1.2.1 version to minimize the risk. Now assume a scenario, where we implement 1.4 version in our to-be system, encrypt a file with 1.4 version and send it to a third party. We are not sure if that third party will able to do decryption using a lower version. We are working from Sydney, Australia. I don't know which time zone you are working in. Can we set up a tele-conference with you today so that we can explain you our requirement ? Thanks, Snehendu Ghosh Cell - +61 469169598 Tata Consultancy Services Mailto: snehendu.ghosh at tcs.com Website: http://www.tcs.com ____________________________________________ Experience certainty. IT Services Business Solutions Consulting ____________________________________________ -----Peter Lebbing wrote: ----- To: Manish Gupta From: Peter Lebbing Date: 08/21/2013 05:44AM Cc: "gnupg-users at gnupg.org" , Mini George , Pinky Roy , Snehendu Ghosh Subject: Re: need help for GPG 1.2.1 binary for REHL 5.8 > we are searching for binary for GPG 1.2.1 version for Red Hat Enterprise > Linux 5.8 You're trying to install a version released in 2002 on an OS released in 2012. I'm not surprised you can't find binaries! Why do you want to do this? 1.2.1 has known issues and should not be used these days. It's more than a decade old! I think your effort is much better spent on changing your workflow to use the latest 1.4 release. Again, why do you want to install 1.2.1? HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at =====-----=====-----===== Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you -------------- next part -------------- An HTML attachment was scrubbed... URL: From snehendu.ghosh at tcs.com Wed Aug 21 02:48:53 2013 From: snehendu.ghosh at tcs.com (Snehendu Ghosh) Date: Wed, 21 Aug 2013 11:48:53 +1100 Subject: Fw: need help for GPG 1.2.1 binary for REHL 5.8 In-Reply-To: References: Message-ID: I was not listed previously. Sending again. From: Snehendu Ghosh/APAC/TCS To: gnupg-users at gnupg.org Cc: Kumar Manishgupta/APAC/TCS at TCS Date: 21/08/2013 09:56 AM Subject: Fw: need help for GPG 1.2.1 binary for REHL 5.8 Hi, I try to reply Peter. But it has bounced from his email id. Please refer to our response below. Thanks, Snehendu ----- Forwarded by Snehendu Ghosh/APAC/TCS on 21/08/2013 09:53 AM ----- From: Snehendu Ghosh/APAC/TCS To: peter at digitalbrains.com Cc: gnupg-users at gnupg.org, guptamanish at qantas.com.au, Mini George/KOL/TCS at TCS, Pinky Roy/KOL/TCS at TCS, Binayendu Mandal/KOL/TCS at TCS, Abdul Alim/APAC/TCS at TCS Date: 21/08/2013 07:43 AM Subject: Re: need help for GPG 1.2.1 binary for REHL 5.8 Hi Peter, Thanks for your reply. In brief, the background is that we are replacing an existing iHub system which acts as a router for files transfer to and from Oracle EBS. In current system, for inbound interfaces, encrypted files come from third parties to iHub and being decrypted before sending to EBS. Similarly for outbound interfaces, files come from EBS, being encrypted in iHub before sending it to third party system. Now the problem is the existing iHUb system is very old and it has 1.2.1 version for encryption/decryption. We are assuming all the third parties are using same old version for encryption/decryption in their side. And there is no issue with encryption/decryption in existing system. It is much stable. We are not expecting any of the third party will make any changes in their side. That is the reason we want to go with the 1.2.1 version to minimize the risk. Now assume a scenario, where we implement 1.4 version in our to-be system, encrypt a file with 1.4 version and send it to a third party. We are not sure if that third party will able to do decryption using a lower version. We are working from Sydney, Australia. I don't know which time zone you are working in. Can we set up a tele-conference with you today so that we can explain you our requirement ? Thanks, Snehendu Ghosh Cell - +61 469169598 Tata Consultancy Services Mailto: snehendu.ghosh at tcs.com Website: http://www.tcs.com ____________________________________________ Experience certainty. IT Services Business Solutions Consulting ____________________________________________ -----Peter Lebbing wrote: ----- To: Manish Gupta From: Peter Lebbing Date: 08/21/2013 05:44AM Cc: "gnupg-users at gnupg.org" , Mini George , Pinky Roy , Snehendu Ghosh Subject: Re: need help for GPG 1.2.1 binary for REHL 5.8 > we are searching for binary for GPG 1.2.1 version for Red Hat Enterprise > Linux 5.8 You're trying to install a version released in 2002 on an OS released in 2012. I'm not surprised you can't find binaries! Why do you want to do this? 1.2.1 has known issues and should not be used these days. It's more than a decade old! I think your effort is much better spent on changing your workflow to use the latest 1.4 release. Again, why do you want to install 1.2.1? HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at =====-----=====-----===== Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you -------------- next part -------------- An HTML attachment was scrubbed... URL: From hhhobbit at securemecca.net Wed Aug 21 14:30:52 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Wed, 21 Aug 2013 12:30:52 +0000 Subject: need help for GPG 1.2.1 binary for REHL 5.8 In-Reply-To: References: <5213C6FD.3000902@digitalbrains.com>, Message-ID: <5214B2FC.4040005@securemecca.net> On 08/20/2013 09:43 PM, Snehendu Ghosh wrote: > Hi Peter, > > Thanks for your reply. > > In brief, the background is that we are replacing an existing > iHub system which acts as a router for files transfer to and > from Oracle EBS. In current system, for inbound interfaces, > encrypted files come from third parties to iHub and being > decrypted before sending to EBS. Similarly for outbound > interfaces, files come from EBS, being encrypted in iHub > before sending it to third party system. > > Now the problem is the existing iHUb system is very old and it > has 1.2.1 version for encryption/decryption. We are assuming > all the third parties are using same old version for > encryption/decryption in their side. And there is no issue with > encryption/decryption in existing system. It is much stable. > > We are not expecting any of the third party will make any > changes in their side. That is the reason we want to go with > the 1.2.1 version to minimize the risk. > > Now assume a scenario, where we implement 1.4 version in our > to-be system, encrypt a file with 1.4 version and send it to a > third party. We are not sure if that third party will able to > do decryption using a lower version. > > We are working from Sydney, Australia. I don't know which time > zone you are working in. > > Can we set up a tele-conference with you today so that we can > explain you our requirement ? I wish you more knowledgeable people would answer first. I can not speak for Peter Lebbing but I believe there is a way you can test this if you have two spare Linux machines and something (your iHub?) with an existing 1.2.1 GnuPG on it. You want something with the 1.2.1 that you can control it manually. This is sort of similar to what you do in creating a network on a test rack before you roll it out. 1. Machine 1 - your old system Backup the ~/.gnupg folder on the existing system with the older gpg 1.2.1. I have this desire to be able to put things right back the way they were. You will be adding a key you will not keep. Generate the public keys as usual for import on machine 2. $ cd $ tar -cvf gnugp.tar ./.gnupg $ mkdir save.gnupg $ cp -frp .gnupg/* save.gnupg $ gpg [-a] --export... 2. Machine 2 - Linux system with the latest 1.X GnuPG on it. Create dummy new keys on this system. Import the public keys exported from machine 1. lsign them or sign them as desired. Export the public side of your secret keys on this system and import them onto machine 1 and lsign them there. Note that you CAN have pre-existing key-ring on this system. If you don't want to use its keys in the test do: $ cd $ zip -r9 gnugp.zip ./.gnupg $ mv .gnupg save.gnupg $ gpg --gen-key ... Do some tests of PK enciphering on machine 1 and deciphering on machine 2 and then enciphering on machine 2 and then deciphering on machine 1. If these work your battle is almost over in seeing whether it works or not. 3. Machine 3 - new Linux system with the latest 1.x GnuPG on it. Again like machine 2 if you have a pre-existing ~/.gnupg you won't be using it so set aside for a while: $ cd $ zip -r9 gnugp.zip ./.gnupg $ mv .gnupg save.gnupg Somehow copy that gnupg.tar file from machine 1 onto this system and untar it into the user you are using's top level folder. Be sure to delete the ~/,gnupg/random_seed file to force it to create a new random_seed file. Import the public keys from machine 2 and lsign just the way you did before. Now do some tests of PK enciphering on machine 2 and deciphering on machine 3 and vice-versa. I don't know whether these scripts will make things faster or not. Put them in ~/bin and make sure you change the key number to yours: http://www.securemecca.com/public/GnuPG/ http://www.securemecca.com/public/GnuPG/pcrypt.txt http://www.securemecca.com/public/GnuPG/decrypt.txt Once the tests are all done you can put things back the way they were: Machine 1: $ cd $ rm -fr .gnupg ; tar -xvf gnupg.tar # remember you have a second ~/.gnupg backup: save.gnupg # I always like multiple ways back from a disaster Machine 2:: $ cd $ rm -fr .gnupg $ if [ -s gnugp.zip ] then unzip gnupg.zip fi Machine 3: Same as machine 2. If all the enciphering and deciphering tests work you almost invariably won't have any problems. But these tests will give you a fairly good feel for it before you dive in. Just don't take the machine with GnuPG 1.2.1 down just yet. The tests wtth machine 3 can give you a pretty good idea of whether or not you can just keep on using your current keys on the new system with a newer version of GnuPG. I do know I have continued using keys generated with an older 1.x version with subsequent newer versions with no problems. That rather than the PK enciphering and deciphering with different versions MAY be more of a problem than enciphering / deciphering and signing using the old keys created with an older version of GnuPG No conference call with me is necessary. You may want one with Peter. Depending on whether the GMT line is to the east of you and the International Date Line is to the west of you or vice versa we may not even be on the same day. Now you know why so many militaries shifted to using Zulu time in World War II. Better safe than sorry. You take even greater precautions with creating networks and can still have a disaster so there you need a way back to what you had. IOW, what I did here was just the test rack. But by just doing it you will get a pretty good feel for whether you will have problems or not. HHH From rjh at sixdemonbag.org Wed Aug 21 15:53:22 2013 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Wed, 21 Aug 2013 09:53:22 -0400 Subject: need help for GPG 1.2.1 binary for REHL 5.8 In-Reply-To: References: <5213C6FD.3000902@digitalbrains.com>, Message-ID: <5214C652.9060107@sixdemonbag.org> On 08/20/2013 05:43 PM, Snehendu Ghosh wrote: > We are not expecting any of the third party will make any changes in > their side. That is the reason we want to go with the 1.2.1 version > to minimize the risk. Although I certainly understand the desire to minimize risk, the possibility of being hit by one of the dozens of bugs that have been found in 1.2.1 (and fixed since) needs to be considered as well. GnuPG 1.4 has no trouble interoperating with 1.2.1. The OpenPGP specification (which GnuPG implements) includes the ability to discover what features the other party/parties support and to automatically use compatible features. > Now assume a scenario, where we implement 1.4 version in our to-be > system, encrypt a file with 1.4 version and send it to a third party. > We are not sure if that third party will able to do decryption using > a lower version. If you are not able to, that would strike me as a very serious bug in GnuPG and one that will be soon fixed. From peter at digitalbrains.com Thu Aug 22 10:48:28 2013 From: peter at digitalbrains.com (Peter Lebbing) Date: Thu, 22 Aug 2013 10:48:28 +0200 Subject: need help for GPG 1.2.1 binary for REHL 5.8 In-Reply-To: References: <5213C6FD.3000902@digitalbrains.com>, Message-ID: <5215D05C.2040706@digitalbrains.com> > I try to reply Peter. But it has bounced from his email id. The mail got delivered to me without generating a bounce, or as my primary mail server liked to put it: 2013-08-21 02:48:53 1VBwbV-00021r-DK <= prvs=93857aca4=snehendu.ghosh at tcs.com H=inmumg02.tcs.com [219.64.33.222] I=[83.161.152.50]:25 P=esmtp S=12319 id=OF6479E12C.F115F479-ONCA257BCE.00031D1A-CA257BCE.0004895B at tcs.com 2013-08-21 02:48:54 1VBwbV-00021r-DK => peter at digitalbrains.com R=special_routing T=remote_smtp H=butters.digitalbrains.com [2001:980:a370::4] X=TLS1.0:RSA_AES_256_CBC_SHA1:32 C="250 OK id=1VBwbM-0008DP-6l" 2013-08-21 02:48:54 1VBwbV-00021r-DK Completed The mail also got delivered to gnupg-users as the web archive has it, so I think the problem was either on your side or with one of the CC:-addressees. > I was not listed previously. Sending again. I don't understand what you mean. On to the subject... > Now the problem is the existing iHUb system is very old and it has 1.2.1 > version for encryption/decryption. We are assuming all the third parties are > using same old version for encryption/decryption in their side. I keep being amazed by companies using very old software which handles data coming from the internet. Especially if that software includes GnuPG, which is supposed to Guard something. All this old software is simply not safe anymore because there are known security issues /which have not been fixed/ because you are supposed to use a more recent version where the issues /are/ fixed. Back then, the programs were fine because the security issues were (in principle) not known, and people need to know about the issue to exploit it (or fix it). These days, the issues /are/ known and a bit of Googling or reading release notes can get you on the path to exploitation. I'm not talking about GnuPG here specifically, I'm talking about ancient, unsupported software in general. > And there is no issue with encryption/decryption in existing system. It is > much stable. You don't /see/ security issues. > Now assume a scenario, where we implement 1.4 version in our to-be system, > encrypt a file with 1.4 version and send it to a third party. We are not > sure if that third party will able to do decryption using a lower version. I wholeheartedly agree with Robert J Hansen's reply: GnuPG implements the OpenPGP /standard/. Different implementations are explicitly supposed to work with eachother, and there should be no problem with using 1.4 with 1.2.1. "Should be" is not meant to say "I'm reasonably sure", it's meant to say "it's designed that way". > Can we set up a tele-conference with you today so that we can explain you our > requirement ? This is a public mailing list for users enthusiastic about GnuPG and the developers to talk about the program and crypto in general. If you need commercial support, please contact g10 Code GmbH, owned by Werner Koch, the principal author of GnuPG.[1] Good luck, Peter. PS: Some people on this list would much prefer it if you send plaintext mails, without the HTML part. Or, as in the "About Gnupg-users" text on the mailman page[2]: > Some kinds of postings will not be accepted: e.g. large ones, mails without > the list name in the To: or CC: header and HTML mails. Your mail client does > have an option to send plain text only messages; try this if you don't get > your posting through or notice it in the archive. [1] http://g10code.com/ [2] http://lists.gnupg.org/mailman/listinfo/gnupg-users -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From peter at digitalbrains.com Thu Aug 22 11:23:10 2013 From: peter at digitalbrains.com (Peter Lebbing) Date: Thu, 22 Aug 2013 11:23:10 +0200 Subject: key management & APG In-Reply-To: References: <171951410.JoHOkf7hK8@inno.berlin.laging.de> Message-ID: <5215D87E.3030303@digitalbrains.com> On 15/08/13 09:45, ix4svs at gmail.com wrote: > But with this setup it seems like the process to sign someone else's keys (which > needs to be done with the offline mainkey) will be complicated. > > How would I do that? You would use an offline system which has the offline main key. Just copying the main key back to your "normal" system would pretty much defeat the purpose. I think "the purpose" is, by the way: "If my normal computer gets compromised in the future, at least the attacker won't have my primary private key". I suddenly thought of something which I'll come back to in the end. So you would use an offline computer. Your offline system is not connected to the internet, but you need to get data in and out. So you would for instance use a USB key. It's also an attack vector, but you have to have something. There simply is no perfect security, so at some point you need to compromise. You transfer the key you want to sign to the offline system. On the offline system, you simply do something along the lines of: $ gpg2 --import /media/usb-key/someone_elses_key.gpg $ gpg2 --edit-key "Someone Else" sign And then you still need to transfer the signed key to the outer world. So you put it on your USB key: $ gpg2 -o /media/usb-key/someone_elses_key_signed.gpg --export "Someone Else" And on your normal system, you import it and, e.g., send it to a keyserver: $ gpg2 --import /media/usb-key/someone_elses_key_signed.gpg $ gpg2 --send-key "Someone Else" Note that it is not necessary to specify "sign" as the command for --edit-key. If you don't give a command, you can then enter it in the interactive --edit-key menu. Also, for the lone --send-key on the final command, you need to have a default keyserver configured in gpg.conf, otherwise you need to specify it on the command line. I suddenly noticed something in Hauke's advice while I formulated my "future compromise" scenario. I read his advice as "create the key on your normal system, then delete the primary key from that system". But deleted files are usually still on the hard drive. If I hacked your system and were interested in your private key, I'd probably search all free space on the hard drive for data that looks like a private keyring. I might be able to extract your private key, even though you thought you were safe because you deleted it. I would advise to create the whole key on the offline system you will be using to sign people's keys, and export the subkeys to your normal system. You might want to wipe all free space on your hard drive if you generated it on your normal system. Don't forget the internal fragmentation at the end of allocated files; or to put it more practically: use a tool that doesn't forget this ;). Journals can be nice to snoop around in too. I tried to find a wipe tool in the Debian package manager just now that said it also took care of the journal, but I can't find one. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From frankdmartinez at gmail.com Thu Aug 22 07:57:22 2013 From: frankdmartinez at gmail.com (Frank) Date: Thu, 22 Aug 2013 01:57:22 -0400 Subject: Serpent? Message-ID: My apologies if this has come up before. I notice Serpent-256 is available in libgcrypt. Is it available in GPG? Sincerely, -- P.S.: I prefer to be reached on BitMessage at BM-2D8txNiU7b84d2tgqvJQdgBog6A69oDAx6. -------------- next part -------------- An HTML attachment was scrubbed... URL: From rjh at sixdemonbag.org Thu Aug 22 15:56:51 2013 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 22 Aug 2013 09:56:51 -0400 Subject: Serpent? In-Reply-To: References: Message-ID: <521618A3.5020606@sixdemonbag.org> On 08/22/2013 01:57 AM, Frank wrote: > My apologies if this has come up before. I notice Serpent-256 is > available in libgcrypt. Is it available in GPG? No. SERPENT is not part of the standard OpenPGP cipher profile, and GnuPG implements the OpenPGP specification quite closely. >From section 9.2 of RFC4880, the following symmetric cipher profiles are defined: * Plaintext * IDEA * Triple DES with three independent subkeys * CAST5-128 * Blowfish-128 * AES-128 * AES-192 * AES-256 * Twofish-256 GnuPG extends this with support for Camellia-128, Camellia-192 and Camellia-256. I don't know the reasoning for introducing Camellia, but I'm sure there's a solid basis for it. The best way to get GnuPG to support SERPENT is to convince the IETF OpenPGP Working Group to add SERPENT to the symmetric cipher profiles. From mailinglisten at hauke-laging.de Thu Aug 22 16:05:12 2013 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Thu, 22 Aug 2013 16:05:12 +0200 Subject: Serpent? In-Reply-To: <521618A3.5020606@sixdemonbag.org> References: <521618A3.5020606@sixdemonbag.org> Message-ID: <2004973.GhKqyQXFi5@inno.berlin.laging.de> Am Do 22.08.2013, 09:56:51 schrieb Robert J. Hansen: > From section 9.2 of RFC4880, the following symmetric cipher profiles are > defined: > > GnuPG extends this with support for Camellia-128, Camellia-192 and > Camellia-256. The wording "GnuPG extends" seems inappropriate to me as it is indeed an RfC that extends 4880 in this way: https://tools.ietf.org/html/rfc5581 Thus your > GnuPG implements the OpenPGP specification quite closely is still perfectly right. Hauke -- Crypto f?r alle: http://www.openpgp-schulungen.de/fuer/bekannte/ OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 572 bytes Desc: This is a digitally signed message part. URL: From dkg at fifthhorseman.net Thu Aug 22 16:15:23 2013 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Thu, 22 Aug 2013 10:15:23 -0400 Subject: Serpent? In-Reply-To: <521618A3.5020606@sixdemonbag.org> References: <521618A3.5020606@sixdemonbag.org> Message-ID: <52161CFB.70204@fifthhorseman.net> On 08/22/2013 09:56 AM, Robert J. Hansen wrote: > GnuPG extends this with support for Camellia-128, Camellia-192 and > Camellia-256. I don't know the reasoning for introducing Camellia, but > I'm sure there's a solid basis for it. Camellia in OpenPGP is now a published part of the spec, complete with symmetric algorithm number assignments from the IANA: https://tools.ietf.org/html/rfc5581 > The best way to get GnuPG to support SERPENT is to convince the IETF > OpenPGP Working Group to add SERPENT to the symmetric cipher profiles. And the best way to do get started on the path to standardization is to provide a patch for an existing implementation (probably using an algorithm number from the experimental range [0] that implements it, to demonstrate feasibility. Using RFC 5581 as a template for the proposed draft would probably be the quickest path to getting it documented and agreed upon in an acceptable way. Regards, --dkg [0] https://tools.ietf.org/html/rfc4880#section-9.2 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1027 bytes Desc: OpenPGP digital signature URL: From dshaw at jabberwocky.com Thu Aug 22 16:55:36 2013 From: dshaw at jabberwocky.com (David Shaw) Date: Thu, 22 Aug 2013 10:55:36 -0400 Subject: Serpent? In-Reply-To: <521618A3.5020606@sixdemonbag.org> References: <521618A3.5020606@sixdemonbag.org> Message-ID: <1FB5DCDE-6FAB-45F5-94A9-CA9F9A03D54A@jabberwocky.com> On Aug 22, 2013, at 9:56 AM, "Robert J. Hansen" wrote: > GnuPG extends this with support for Camellia-128, Camellia-192 and > Camellia-256. I don't know the reasoning for introducing Camellia, but > I'm sure there's a solid basis for it. I think it was implemented in GnuPG first, but it's not a GnuPG extension. http://www.rfc-editor.org/rfc/rfc5581.txt David From dshaw at jabberwocky.com Thu Aug 22 17:35:50 2013 From: dshaw at jabberwocky.com (David Shaw) Date: Thu, 22 Aug 2013 11:35:50 -0400 Subject: Serpent? In-Reply-To: <52161CFB.70204@fifthhorseman.net> References: <521618A3.5020606@sixdemonbag.org> <52161CFB.70204@fifthhorseman.net> Message-ID: <7C791C20-3EA0-4506-AF28-A40C6DA6162D@jabberwocky.com> On Aug 22, 2013, at 10:15 AM, Daniel Kahn Gillmor wrote: > On 08/22/2013 09:56 AM, Robert J. Hansen wrote: >> GnuPG extends this with support for Camellia-128, Camellia-192 and >> Camellia-256. I don't know the reasoning for introducing Camellia, but >> I'm sure there's a solid basis for it. > > Camellia in OpenPGP is now a published part of the spec, complete with > symmetric algorithm number assignments from the IANA: > > https://tools.ietf.org/html/rfc5581 > >> The best way to get GnuPG to support SERPENT is to convince the IETF >> OpenPGP Working Group to add SERPENT to the symmetric cipher profiles. > > And the best way to do get started on the path to standardization is to > provide a patch for an existing implementation (probably using an > algorithm number from the experimental range [0] that implements it, to > demonstrate feasibility. > > Using RFC 5581 as a template for the proposed draft would probably be > the quickest path to getting it documented and agreed upon in an > acceptable way. If anyone wants the xml2rfc source for RFC-5581, just let me know. You can make almost any "add this cipher algorithm to OpenPGP" draft with very little more than cut and paste on top of that. Of course, that's just gives you a draft document. There are quite a few more steps in producing a RFC. David From rjh at sixdemonbag.org Thu Aug 22 19:51:38 2013 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 22 Aug 2013 13:51:38 -0400 Subject: Serpent? In-Reply-To: <2004973.GhKqyQXFi5@inno.berlin.laging.de> References: <521618A3.5020606@sixdemonbag.org> <2004973.GhKqyQXFi5@inno.berlin.laging.de> Message-ID: <52164FAA.10100@sixdemonbag.org> On 08/22/2013 10:05 AM, Hauke Laging wrote: > The wording "GnuPG extends" seems inappropriate to me as it is indeed an RfC > that extends 4880 in this way: > > https://tools.ietf.org/html/rfc5581 I agree, it is inappropriate. On the other hand, I was not aware of the RFC. Thank you for telling me about it! :) From o.jasper at gmail.com Thu Aug 22 20:22:25 2013 From: o.jasper at gmail.com (Jasper den Ouden) Date: Thu, 22 Aug 2013 20:22:25 +0200 Subject: Why trust gpg4win? In-Reply-To: <201307252214.r6PME8tp031462@fire.js.berklix.net> References: <201307252214.r6PME8tp031462@fire.js.berklix.net> Message-ID: <521656E1.9010608@gmail.com> > The solution of course is as you urged takethebus at gmx.de , to get a > free operating system such as Linux or BSD, complete with free > build tools & compile your own (even non programmers can do that, > eg on an OS downloaded from http://www.freebsd.org Compiling your own fixes the issue of the sources not corresponding to binaries. (well possibly there is a hole you compile with a compromised binary) But i think people are _correct_ in thinking that it is too much work? Package managers currently rather often sign the packages, the delivery part has a measure of security, at least. Cant package managers like apt come with easy to tools to check that the binary corresponds to the sources so people can easily do so? Perhaps a standard place to vouch for the fact that you did check some package would be a nice thing aswel. gitian.org might be a good start. This way of improving security might reach more people for the same or less work. (However PKGBUILDs on pacman AUR have not always been co-operative, not everything may compile easily, and if you tweak something to make it work, a difference in compiled result might hinge on that) As others noted, endpoints are too often insecure. Arent computers getting much cheaper now, as shown by say, the raspberry pi? It seems to me that it is time to start running highly-security oriented operating systems on cheap computers. Those would then just be used for message sending, signing documents, basic browsing..(Is there a pdf tool for extra security.) If it is not a persons main computer, restricting what it is used for is simply not an inconvenient nearly as much. From frankdmartinez at gmail.com Thu Aug 22 17:02:43 2013 From: frankdmartinez at gmail.com (Frank) Date: Thu, 22 Aug 2013 11:02:43 -0400 Subject: Serpent? In-Reply-To: <52161CFB.70204@fifthhorseman.net> References: <521618A3.5020606@sixdemonbag.org> <52161CFB.70204@fifthhorseman.net> Message-ID: On Thursday, August 22, 2013, Daniel Kahn Gillmor wrote: > And the best way to do get started on the path to standardization is to > provide a patch for an existing implementation (probably using an > algorithm number from the experimental range [0] that implements it, to > demonstrate feasibility. > Interesting. So, as a very first step, would the recommendation then be to implement command-line options which then cause GPG to reference the Serpent algorithm in libgcrypt? -- P.S.: I prefer to be reached on BitMessage at BM-2D8txNiU7b84d2tgqvJQdgBog6A69oDAx6. -------------- next part -------------- An HTML attachment was scrubbed... URL: From hhhobbit at securemecca.net Thu Aug 22 23:06:11 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Thu, 22 Aug 2013 21:06:11 +0000 Subject: Why trust gpg4win? In-Reply-To: <521656E1.9010608@gmail.com> References: <201307252214.r6PME8tp031462@fire.js.berklix.net> <521656E1.9010608@gmail.com> Message-ID: <52167D43.8050801@securemecca.net> On 08/22/2013 06:22 PM, Jasper den Ouden wrote: >> The solution of course is as you urged takethebus at gmx.de , to get a >> free operating system such as Linux or BSD, complete with free >> build tools & compile your own (even non programmers can do that, >> eg on an OS downloaded from http://www.freebsd.org > Compiling your own fixes the issue of the sources not corresponding to > binaries. (well possibly there is a hole you compile with a > compromised binary) That is why the binaries that are built for you are done by at least three people and they have to match (diff -b or my hexcmp spit out nothing and return 0). That was supposed to handle the possibility of poison build tools. If you are that concerened, disassemble but only programmers that have worked with assembler code will know what to do with it. That includes me but I think we are getting rarer all the time. But the code is also getting larger all the time making study of the assembler code more difficult. If you ask me, gpg4win was ready for prime time a long time ago. I haven't finished it but here it is: http://www.securemecca.com/public/GnuPG/ http://www.securemecca.com/public/GnuPG/TrustOfGPG4Win-2.txt If you don't think it is a problem, three of my relatives Windows OS computers got infected with two of them being in the last two weeks. "We like Chrome!" I like Firefox not for the browser itself but because NoScript can be slapped onto Firefox. There went over 75% of the malware threats from web-sites. The main problem after that is PEBKAC - Let me scan your machine - okay. NOT! Since Phil Zimmerman refused to allow government back end hooks and almost went to jail for it and all kinds of efforts are made to give a product that can be trusted, then you have to look at the people. Well read the comments of the many people like Werner Koch, David Shaw, Robert Hansen and others reassures me. They are always concerned about the security of GPG, and GPG4Win. I don't even worry about that end because they have never said anything that raises red flags in me. Now if they said that NoScript is useles ... My trust in GPG4Win is entirely predicated on whether the OS (this is individual) is safe enough. The NSA didn't use back end hooks to take down a hacker selling stolen credit card data. They watched and got his machine infected with their malware. They stole his key-ring, monitored his key-strokes with a logger, and then uploaded all of his files. They deciphered the files and at the right moment snagged him and dragged him off to court. Why didn't they use the back end hooks in GPG4Win? Answer - the probability for back end hooks is very low. GPG4Win is ready if the Windows system it is used on is ready. I suspect well over 95% of the Windows OS that are being considered for slapping GPG4Win on them aren't ready for GPG4Win being installed on them. Worry about that first. GPG4Win is ready. Windows users, are you? HHH From cwg at falma.de Thu Aug 22 23:23:31 2013 From: cwg at falma.de (Christoph Groth) Date: Thu, 22 Aug 2013 23:23:31 +0200 Subject: retracing the validity of a key Message-ID: <87siy1qv1o.fsf@falma.de> Hello, For some key in my keyring that GnuPG considers valid due to the web of trust I would like to understand why it does so. I can list all the signatures with --list-sigs, but is there any way (short to writing a script myself) to mark those signatures that are actually considered trusted? Thanks, Christoph From Dave.Smith at st.com Fri Aug 23 10:37:20 2013 From: Dave.Smith at st.com (David Smith) Date: Fri, 23 Aug 2013 09:37:20 +0100 Subject: Why trust gpg4win? In-Reply-To: <51F2E822.8050708@vulcan.xs4all.nl> References: <51F17DB2.7050305@gmx.de> <51F2E822.8050708@vulcan.xs4all.nl> Message-ID: <52171F40.1050603@st.com> On 07/26/13 22:20, Johan Wevers wrote: > Yes, I know the mantra, and I'm sure that obvious backdoors are not > present because they would be found rather quickly. However, more subtle > bugs leading to decipherable messages can take more time to find. The > infamous PRNG bug in pgp 5 on Unix is a well-known example. True, but I'm not convinced that closed-source software has any inherent advantage in this respect, so if you're really that worried, then your only other choice is to become a cryptography expert yourself and write your own software... From wk at gnupg.org Fri Aug 23 17:24:27 2013 From: wk at gnupg.org (Werner Koch) Date: Fri, 23 Aug 2013 17:24:27 +0200 Subject: [#JYM-378-41570]: Re: Why trust any software? In-Reply-To: <5200AF04.3010604@riseup.net> (mirimir@riseup.net's message of "Tue, 06 Aug 2013 08:08:36 +0000") References: <1375708982.51ffa73693569@support.teamspeakusa.com> <5200467C.1010307@verizon.net> <52005F67.1020301@securemecca.net> <5200688D.6080609@riseup.net> <874nb3mfhb.fsf@vigenere.g10code.de> <5200AF04.3010604@riseup.net> Message-ID: <87k3jczaz8.fsf@vigenere.g10code.de> On Tue, 6 Aug 2013 10:08, mirimir at riseup.net said: > Is it possible to drop "simply reply to this message" from the > confirmation options? Requiring a visit to the mailman page, or even a Not that I know. For the last two weeks I enabled the confirm+moderate option for subscriptions. From the 5 or so subscriptions I noticed, only one was suspect which I then rejected with an appropriate response. We have several moderators, thus I can't give exact numbers. I just switch the moderation flag off because it is not easy to decide whether a confirmed subscription request is malicious. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From johanw at vulcan.xs4all.nl Fri Aug 23 18:14:25 2013 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Fri, 23 Aug 2013 18:14:25 +0200 Subject: Why trust gpg4win? In-Reply-To: <52171F40.1050603@st.com> References: <51F17DB2.7050305@gmx.de> <51F2E822.8050708@vulcan.xs4all.nl> <52171F40.1050603@st.com> Message-ID: <52178A61.7050704@vulcan.xs4all.nl> On 23-08-2013 10:37, David Smith wrote: >> Yes, I know the mantra, and I'm sure that obvious backdoors are not >> present because they would be found rather quickly. However, more subtle >> bugs leading to decipherable messages can take more time to find. The >> infamous PRNG bug in pgp 5 on Unix is a well-known example. > True, but I'm not convinced that closed-source software has any inherent > advantage in this respect, so if you're really that worried, then your > only other choice is to become a cryptography expert yourself and write > your own software... Oh, I most certainly agree that OSS is vastly preferable over closed source, especially with crypto software. I only state that being OSS is not a perfect guarantee against security flaws, not even against subtle deliberate ones. -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From rdohm321 at gmail.com Fri Aug 23 19:09:10 2013 From: rdohm321 at gmail.com (Randolph D.) Date: Fri, 23 Aug 2013 19:09:10 +0200 Subject: Why trust gpg4win? In-Reply-To: <51F17DB2.7050305@gmx.de> References: <51F17DB2.7050305@gmx.de> Message-ID: Hi Jan you can try this one: http://goldbug.sourceforge.net/ which is available in version 02. It has OpenSSL and gpg method, so additional layers of security. Regards 2013/7/25 > Hi everybody, > > why should I trust gpg4win? I have doubts since it was ordered by the > "Bundesamt f?r Sicherheit in der Informationstechnik (BSI)", which has > close connections to secret services. Is gunPT any better? Finally, why > should I trust gunpg? I'm a windows user. > > Thanks for any answers, > Jan > > ______________________________**_________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/**mailman/listinfo/gnupg-users > -------------- next part -------------- An HTML attachment was scrubbed... URL: From rjh at sixdemonbag.org Fri Aug 23 19:24:46 2013 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Fri, 23 Aug 2013 13:24:46 -0400 Subject: Why trust gpg4win? In-Reply-To: References: <51F17DB2.7050305@gmx.de> Message-ID: <52179ADE.7000202@sixdemonbag.org> On 08/23/2013 01:09 PM, Randolph D. wrote: > you can try this one: http://goldbug.sourceforge.net/ > which is available in version 02. It seems disingenuous to say, "well, GnuPG says they have no connections to the BSI but if you're concerned about that then try my crypto product because I have no connections to the BSI!" If there's enough cause to doubt GnuPG, there's enough cause to doubt you. From faramir.cl at gmail.com Sat Aug 24 01:00:27 2013 From: faramir.cl at gmail.com (Faramir) Date: Fri, 23 Aug 2013 19:00:27 -0400 Subject: Serpent? In-Reply-To: <521618A3.5020606@sixdemonbag.org> References: <521618A3.5020606@sixdemonbag.org> Message-ID: <5217E98B.1000202@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 El 22-08-2013 9:56, Robert J. Hansen escribi?: ... > GnuPG extends this with support for Camellia-128, Camellia-192 and > Camellia-256. I don't know the reasoning for introducing Camellia, > but I'm sure there's a solid basis for it. IIRC, somebody said, a long long time ago, that Japan had some requirements for using Camellia, so I guess if GnuPG doesn't have it, japanese people can't use it without some "you are using an unnapproved cipher" or something like that. But I can't even remember who said Japan likes Camellia, so maybe that's not the reason. Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJSF+mLAAoJEMV4f6PvczxA8z4IAJXkulr79NVxYMgsu6F06R/w /Op22OZu6RMMYhmUNE9JjSKvTssSnNpxFxN9H09neTWiY1CdMRbiDdZcjgLXrE6z GpnEeTo8qwGt7RlDS5Y5VO6Nte/aRarsN/isTyILbNQI4XYcWzDBcYUsSprToUgH sVSZduk0tWLUPi1oq/wdT5LqjKZlHZXulin/rmfJjNLlNLWAFIAV+mq8hGtr5Vb7 tG3+M/2e3BOExkfSwIBlEwazNVcQpSxq5jHYnBwke3sh47yZ67X3BycyAdLRyC2Z FlcNQSR7GGjFERriLebK7azzM5/gVU0oDvi1p5lKGRyAL3P+Odj5MQWeypHF1Ao= =ufHz -----END PGP SIGNATURE----- From hhhobbit at securemecca.net Sat Aug 24 05:37:39 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Sat, 24 Aug 2013 03:37:39 +0000 Subject: Serpent? In-Reply-To: <5217E98B.1000202@gmail.com> References: <521618A3.5020606@sixdemonbag.org> <5217E98B.1000202@gmail.com> Message-ID: <52182A83.9030607@securemecca.net> On 08/23/2013 11:00 PM, Faramir wrote: > El 22-08-2013 9:56, Robert J. Hansen escribi?: > ... >> GnuPG extends this with support for Camellia-128, Camellia-192 and >> Camellia-256. I don't know the reasoning for introducing Camellia, >> but I'm sure there's a solid basis for it. > > IIRC, somebody said, a long long time ago, that Japan had some > requirements for using Camellia, so I guess if GnuPG doesn't have it, > japanese people can't use it without some "you are using an > unnapproved cipher" or something like that. But I can't even remember > who said Japan likes Camellia, so maybe that's not the reason. Nippon Telegraph and Telephone developed the Camellia ciphers: http://www.ietf.org/rfc/rfc4312.txt Advice is given that it is available for use in OpenPGP: http://www.ietf.org/rfc/rfc5581.txt The reason that it is there is because somebody (most likely the Japanese) wants it and even my semi-old Linux distros have it in older versions of gpg1 and gpg2 ================================================================ $ gpg --version gpg (GnuPG) 1.4.10 ... Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 ================================================================ $ gpg --version gpg (GnuPG) 2.0.16 libgcrypt 1.4.6 ... Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 ================================================================ I updated my handy-dandy cheat-sheet for settings I got from somebody else so you know their designations and can add them into mix of ciphers with preference: http://www.securemecca.com/public/GnuPG/GnuPG_Prefs.txt I will probably add Camellia-128 after TwoFish some place in there among the AES ciphers and may even let it replace one of them but will keep AES (AES-128). So if you want to use one of the Camllia ciphers use them in good health. Let me know when Serpent is avaiable. HHH -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 555 bytes Desc: OpenPGP digital signature URL: From cai.0407 at gmail.com Sat Aug 24 07:10:09 2013 From: cai.0407 at gmail.com (Kosuke Kaizuka) Date: Sat, 24 Aug 2013 14:10:09 +0900 Subject: Serpent? In-Reply-To: <5217E98B.1000202@gmail.com> References: <521618A3.5020606@sixdemonbag.org> <5217E98B.1000202@gmail.com> Message-ID: <52184031.90308@gmail.com> On Fri, 23 Aug 2013 19:00:27 -0400, Faramir wrote: > El 22-08-2013 9:56, Robert J. Hansen escribi?: > ... >> GnuPG extends this with support for Camellia-128, Camellia-192 and >> Camellia-256. I don't know the reasoning for introducing Camellia, >> but I'm sure there's a solid basis for it. > > IIRC, somebody said, a long long time ago, that Japan had some > requirements for using Camellia, so I guess if GnuPG doesn't have it, > japanese people can't use it without some "you are using an > unnapproved cipher" or something like that. But I can't even remember > who said Japan likes Camellia, so maybe that's not the reason. I think that the situation of Camellia in Japan is similar to that of AES in US or SEED in North Korea. Camellia is developed by Nippon Telegraph and Telephone and Mitsubishi Electric (both are Japanese companies), and included in "Japan e-Government Recommended Ciphers List" by CRYPTREC (Cryptography Research and Evaluation Committees, Japan). http://www.cryptrec.go.jp/english/list.html. Of course, Japanese people can use AES and any other ciphers, however, Japan Government and some Japanese people may prefer Camellia than AES (as I set key pref to "CAMELLIA256 AES256 CAMELLIA192 AES192 CAMELLIA128 AES CAST5"). Camellia is also recommended by NESSIE in EU, and supported by TLS/SSL (RFC 4132, 5932, 6367), S/MIME (RFC 3657), IPSec (RFC 4132, 5529), etc. -- Kosuke Kaizuka -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 899 bytes Desc: OpenPGP digital signature URL: From takethebus at gmx.de Sat Aug 24 23:14:25 2013 From: takethebus at gmx.de (Jan) Date: Sat, 24 Aug 2013 23:14:25 +0200 Subject: Why trust gpg4win? References: <201307252214.r6PME8tp031462@fire.js.berklix.net> <521656E1.9010608@gmail.com> <52167D43.8050801@securemecca.net> Message-ID: Thanks to everyone for the vivid discussion. @HHH: Thanks for your text at http://www.securemecca.com/public/GnuPG/TrustOfGPG4Win-2.txt >As my little discourse here should have shown to you, >Windows users as a group by and large just don't care about >securing their systems. They want a one stop solution and that >is now an iPhone or an iPad. You cannot do much with them but >people that are lazy [...] I agree with you and think we won't get rid of this "lazyness". We will not be able to change the fact, that most people use an insecure Windows or Mac OS, neither. GIVEN THAT, can we provide a way of secure communication for the majority of the people? This is what I want, since many of my friends are no computer experts and will never be. It seems quite easy to advice people to have an offline windows PC with gpg4win on it and all their private stuff and a windows(?) online PC next to it. They could transfer encrypted messages with an USB stick from one PC to the other. I think this is a vector for an attacker, but how serious is this problem? An attacker only seems to have a chance if he has a contract with microsoft and windows secretly copies the private key, password or even any decrypted "word file" on any USB stick. Could such a thing be spotted or prevented? There's another problem with the offline/online approach: convenience: Since you would transfer the messages in plain text on the USB stick, you would have to order them on the offline PC. You wouldn't have thunderbird there to do this for you. Another general problem is that you encrypt YOUR messages with another persons public key and have to rely on this person that he protecs this private key well. I think it is necessary that you know how he keeps his private key (offline PC/online PC). I think everybody should note that in his key ID. Do you agree? So if you communicate with someone who stores his key on an online windows PC, it is not worth the effort to store your key on an offline PC and to refrain from thunderbird doing the ordering for you. A "solution" might be to offer your communication partner two kind of punlic keys: An "offline key" he should use if he has an "offline key", too, and an "online key" he should use if he also uses an "online key". Maybe this is not satisfactory but somehow fair and might encourage people to get offline PCs. There's a lot more I have to say, but this has to wait now. Best regards, Jan From rjh at sixdemonbag.org Sun Aug 25 06:04:33 2013 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sun, 25 Aug 2013 00:04:33 -0400 Subject: Why trust gpg4win? In-Reply-To: References: <201307252214.r6PME8tp031462@fire.js.berklix.net> <521656E1.9010608@gmail.com> <52167D43.8050801@securemecca.net> Message-ID: <52198251.6080404@sixdemonbag.org> On 8/24/2013 5:14 PM, Jan wrote: > We will not be able to change the fact, that most people use an > insecure Windows or Mac OS, neither. In a lot of ways, Windows 7 and beyond are much harder targets to crack than Linux is -- Microsoft's implementation of ASLR is much stronger than Linux's, for instance, to name just one technology that makes Windows 7 a harder target than Linux. *No* operating system deserves the label "secure." *All* operating systems are vulnerable to more or less equal degrees. The number one factor in the security of a system is the diligence and attentiveness of the system administrator. Someone who keeps a Windows box fully patched, checks links to make sure they're not being spearphished, who only runs apps from trusted partners, etc., is going to have a much more secure operating system than someone running an OpenBSD box but who clicks on everything they come across. > GIVEN THAT, can we provide a way of secure communication for the > majority of the people? No, not until/unless people are willing to pay the price for secure communication. It doesn't come for free. Give people the choice between insecure but convenient and secure but a difficult learning curve, and people will overwhelmingly choose the former. We cannot make people care. That's one of the hardest truths I've had to accept. > It seems quite easy to advice people to have an offline windows PC > with gpg4win on it and all their private stuff and a windows(?) > online PC next to it. They could transfer encrypted messages with an > USB stick from one PC to the other. I think this is a vector for an > attacker, but how serious is this problem? Very serious. USB tokens are great tools for propagating malware. Compromise the box that's connected to the net, and as soon as someone plugs a flash drive into it, compromise the flash drive. Bring it over to the new computer, plug in there, and bang, you've spanned the air gap. This is not a new attack: it's been known about for many years and has been demonstrated in real-world environments. From mirimir at riseup.net Sun Aug 25 06:34:06 2013 From: mirimir at riseup.net (mirimir) Date: Sun, 25 Aug 2013 04:34:06 +0000 Subject: Why trust gpg4win? In-Reply-To: <52198251.6080404@sixdemonbag.org> References: <201307252214.r6PME8tp031462@fire.js.berklix.net> <521656E1.9010608@gmail.com> <52167D43.8050801@securemecca.net> <52198251.6080404@sixdemonbag.org> Message-ID: <5219893E.40903@riseup.net> On 08/25/2013 04:04 AM, Robert J. Hansen wrote: > On 8/24/2013 5:14 PM, Jan wrote: SNIP >> It seems quite easy to advice people to have an offline windows PC >> with gpg4win on it and all their private stuff and a windows(?) >> online PC next to it. They could transfer encrypted messages with an >> USB stick from one PC to the other. I think this is a vector for an >> attacker, but how serious is this problem? > > Very serious. USB tokens are great tools for propagating malware. > Compromise the box that's connected to the net, and as soon as someone > plugs a flash drive into it, compromise the flash drive. Bring it over > to the new computer, plug in there, and bang, you've spanned the air > gap. This is not a new attack: it's been known about for many years and > has been demonstrated in real-world environments. Small flash cards are cheap enough to use once and then destroy. From pete at heypete.com Sun Aug 25 10:28:47 2013 From: pete at heypete.com (Pete Stephenson) Date: Sun, 25 Aug 2013 10:28:47 +0200 Subject: Why trust gpg4win? In-Reply-To: References: <201307252214.r6PME8tp031462@fire.js.berklix.net> <521656E1.9010608@gmail.com> <52167D43.8050801@securemecca.net> Message-ID: On Sat, Aug 24, 2013 at 11:14 PM, Jan wrote: > It seems quite easy to advice people to have an offline windows PC with > gpg4win on it and all their private stuff and a windows(?) online PC next to > it. They could transfer encrypted messages with an USB stick from one PC to > the other. I think this is a vector for an attacker, but how serious is this > problem? It depends. For the average user not under any specific attack? Probably not so serious. Even using PGP/GPG in the normal, private-key-on-online-computer mode is almost certainly better than not using it at all though one would need to be careful, just as one would need to be careful with any sensitive communication. For larger organizations or governments who may be under attack by various adversaries? Probably more serious: look at Iran and Stuxnet for an example of air-gap hopping malware that caused bad things to happen (though not PGP-related). The easiest and least-expensive solution to this situation is using smartcards: http://g10code.com/p-card.html -- the private key is kept securely on the smartcard. Any private-key operations (i.e. signing or decrypting) are handled on-card and the private key is not accessible to the computer. You could, of course, generate the key on an offline computer and then transfer it to the smartcard and keep an offline backup (that's what I do) rather than having the key generated entirely on-card with no backup (which is an option). Cheers! -Pete From laurent.jumet at skynet.be Sun Aug 25 10:49:53 2013 From: laurent.jumet at skynet.be (Laurent Jumet) Date: Sun, 25 Aug 2013 10:49:53 +0200 Subject: Why trust gpg4win? In-Reply-To: Message-ID: Hello Pete ! Pete Stephenson wrote: > The easiest and least-expensive solution to this situation is using > smartcards: http://g10code.com/p-card.html -- the private key is kept > securely on the smartcard. Any private-key operations (i.e. signing or > decrypting) are handled on-card and the private key is not accessible > to the computer. You could, of course, generate the key on an offline > computer and then transfer it to the smartcard and keep an offline > backup (that's what I do) rather than having the key generated > entirely on-card with no backup (which is an option). This is only relevant (I mean existent backup) for keys that are used as a tool: you need a screwdriver for that caregory of screws. But if smartcard identifys *you*, backup means that there is a second Pete Stephenson on the Earth, that can sign, certify and so on. Forensic issues can be hard to break... -- Laurent Jumet KeyID: 0xCFAF704C From takethebus at gmx.de Sun Aug 25 14:33:44 2013 From: takethebus at gmx.de (Jan) Date: Sun, 25 Aug 2013 14:33:44 +0200 Subject: Why trust gpg4win? References: <201307252214.r6PME8tp031462@fire.js.berklix.net> <521656E1.9010608@gmail.com> Message-ID: ----- Original Message ----- From: "Jasper den Ouden" To: Sent: Thursday, August 22, 2013 8:22 PM Subject: Re: Why trust gpg4win? > As others noted, endpoints are too often insecure. Arent computers > getting much cheaper now, as shown by say, the raspberry pi? It seems > to me that it is time to start running highly-security oriented > operating systems on cheap computers. Those would then just be used > for message sending, signing documents, basic browsing..(Is there a > pdf tool for extra security.) If it is not a persons main computer, > restricting what it is used for is simply not an inconvenient nearly > as much. Can you recommend such an operating system? Your idea seems practicable and convenient to me. Would users have to refrain from flash videos? From pete at heypete.com Sun Aug 25 14:23:20 2013 From: pete at heypete.com (Pete Stephenson) Date: Sun, 25 Aug 2013 14:23:20 +0200 Subject: Why trust gpg4win? In-Reply-To: References: Message-ID: On Sun, Aug 25, 2013 at 10:49 AM, Laurent Jumet wrote: > > Hello Pete ! > > Pete Stephenson wrote: > >> The easiest and least-expensive solution to this situation is using >> smartcards: http://g10code.com/p-card.html -- the private key is kept >> securely on the smartcard. Any private-key operations (i.e. signing or >> decrypting) are handled on-card and the private key is not accessible >> to the computer. You could, of course, generate the key on an offline >> computer and then transfer it to the smartcard and keep an offline >> backup (that's what I do) rather than having the key generated >> entirely on-card with no backup (which is an option). > > This is only relevant (I mean existent backup) for keys that are used as a tool: > you need a screwdriver for that caregory of screws. > But if smartcard identifys *you*, backup means that there is a second Pete > Stephenson on the Earth, that can sign, certify and so on. Forensic issues can be hard > to break... Hi Laurent, Yes, that's true. In my case, I use smartcards to prevent my private keys from being compromised during my normal, day-to-day use of my online computer. In my case, the private keys were generated offline and then transferred to the card and to offline backups. If someone is going to physically break into my apartment to compromise my private keys then I have some pretty major problems. In such a situation, I could easily revoke the keys. Personally, I'm more concerned about the smartcard breaking in some way over the years and thus leaving me unable to decrypt or sign messages, so I prefer to have backups. Your mileage may vary. :) If you or your organization have a requirement that there be a strict one-key-per-person policy with no backups, then you can of course generate the keys on the card. Cheers! -Pete From ivangrunt09 at gmail.com Sun Aug 25 16:09:44 2013 From: ivangrunt09 at gmail.com (Larry Brower) Date: Sun, 25 Aug 2013 09:09:44 -0500 Subject: Why trust gpg4win? In-Reply-To: <5219893E.40903@riseup.net> References: <201307252214.r6PME8tp031462@fire.js.berklix.net> <521656E1.9010608@gmail.com> <52167D43.8050801@securemecca.net> <52198251.6080404@sixdemonbag.org> <5219893E.40903@riseup.net> Message-ID: <521A1028.70208@gmail.com> On 08/24/2013 11:34 PM, mirimir wrote: > Small flash cards are cheap enough to use once and then destroy. This doesn't resolve the problem of the device being compromised as soon as it is plugged into a compromised system. There is a lot of malware that will copy itself to any disk that gets plugged in the instant it is plugged in. -- Larry Brower, CCNA Fedora Ambassador - North America Fedora Quality Assurance lbrower at fedoraproject.org http://www.fedoraproject.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: 0x0806CF8B.asc Type: application/pgp-keys Size: 3167 bytes Desc: not available URL: From josef at netpage.dk Sun Aug 25 15:24:29 2013 From: josef at netpage.dk (Josef Schneider) Date: Sun, 25 Aug 2013 15:24:29 +0200 Subject: Why trust gpg4win? In-Reply-To: References: <201307252214.r6PME8tp031462@fire.js.berklix.net> <521656E1.9010608@gmail.com> Message-ID: On Sun, Aug 25, 2013 at 2:33 PM, Jan wrote: > Can you recommend such an operating system? Your idea seems practicable and > convenient to me. > Would users have to refrain from flash videos? I would suggest OpenBSD for that. If BSD is to exotic, then Debian Stable. Flas is known to have more security holes than one can count, so I would stay very far away from it! From ivangrunt09 at gmail.com Sun Aug 25 16:39:08 2013 From: ivangrunt09 at gmail.com (Larry Brower) Date: Sun, 25 Aug 2013 09:39:08 -0500 Subject: Why trust gpg4win? In-Reply-To: References: <201307252214.r6PME8tp031462@fire.js.berklix.net> <521656E1.9010608@gmail.com> Message-ID: <521A170C.3090503@gmail.com> On 08/25/2013 08:24 AM, Josef Schneider wrote: > I would suggest OpenBSD for that. If BSD is to exotic, then Debian Stable. > Flas is known to have more security holes than one can count, so I > would stay very far away from it! BSD might have too high a learning curve for most ordinary people. A custom BSD distro targeted at non-technical people would be useful here. Perhaps one which took Security and Privacy into account as design goal. Staying away from flash would be easier if all these people who think they are web developers would stop using it. -- Larry Brower, CCNA Fedora Ambassador - North America Fedora Quality Assurance lbrower at fedoraproject.org http://www.fedoraproject.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: 0x0806CF8B.asc Type: application/pgp-keys Size: 3167 bytes Desc: not available URL: From mirimir at riseup.net Mon Aug 26 02:11:52 2013 From: mirimir at riseup.net (mirimir) Date: Mon, 26 Aug 2013 00:11:52 +0000 Subject: Why trust gpg4win? In-Reply-To: <521A1028.70208@gmail.com> References: <201307252214.r6PME8tp031462@fire.js.berklix.net> <521656E1.9010608@gmail.com> <52167D43.8050801@securemecca.net> <52198251.6080404@sixdemonbag.org> <5219893E.40903@riseup.net> <521A1028.70208@gmail.com> Message-ID: <521A9D48.7060608@riseup.net> On 08/25/2013 02:09 PM, Larry Brower wrote: > On 08/24/2013 11:34 PM, mirimir wrote: >> Small flash cards are cheap enough to use once and then destroy. > > This doesn't resolve the problem of the device being compromised as soon > as it is plugged into a compromised system. There is a lot of malware > that will copy itself to any disk that gets plugged in the instant it is > plugged in. Right. It's only safe to copy from secure offline machines to potentially compromised online machines. From mailinglisten at hauke-laging.de Mon Aug 26 03:26:10 2013 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Mon, 26 Aug 2013 03:26:10 +0200 Subject: --gen-random ignores SIGPIPE Message-ID: <1781266.ZURRT5PjPE@inno.berlin.laging.de> Hello, start cmd:> gpg --version gpg (GnuPG) 2.0.19 libgcrypt 1.5.3 I would expect that "gpg --armor --gen-random 1" does not follow the documentation statement "If count is not given or zero, an endless sequence of random bytes will be emitted." unconditionally as this doesn't make any sense IMHO. Reality: gpg --armor --gen-random 1 30 | dd if=/dev/stdin of=/dev/null bs=10 count=1 terminates but gpg --armor --gen-random 1 | dd if=/dev/stdin of=/dev/null bs=10 count=1 doesn't. Hauke -- Crypto f?r alle: http://www.openpgp-schulungen.de/fuer/bekannte/ OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 572 bytes Desc: This is a digitally signed message part. URL: From faramir.cl at gmail.com Mon Aug 26 23:39:17 2013 From: faramir.cl at gmail.com (Faramir) Date: Mon, 26 Aug 2013 17:39:17 -0400 Subject: [Gpg4win-announce] Gpg4win 2.2.0 released In-Reply-To: <201308211453.22917.emanuel.schuetze@intevation.de> References: <201308211453.22917.emanuel.schuetze@intevation.de> Message-ID: <521BCB05.8050602@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 El 21-08-2013 8:53, Emanuel Sch?tze escribi?: > Hello, > > we are pleased to announce the availability of the new stable > Gpg4win version 2.2.0. Nice! But... is the stable version different than Gpg4win 2.2.0-beta56 ? Sometimes the final version of a product is the same as the last beta. Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJSG8sFAAoJEMV4f6PvczxA6ocH/0zaDcmPISTl8jZGHGrieAsF DwaKs3Fatn/L09TA6yB/Bz03iO+3jiiO2ajstDqUivbr1s8VqSu0d47HhWamK2WK G8M0MdGH3dBZPLcACm/TyLCVMx3eEGKWdHQnDwJSdrPZp34fbBqpe+vMM6kAi2kO HaJAFV/riCRfWx5uZgYEwq7itkNIp2Bv+4w5+dRh2BaUj4gShu+65pzTXsV1SVtn QKrnExfS2PWzztAZG5kGxmcIU98opysVFIybCxPMj4CS1kzD4wyCqsCfA+8FBUgH Vw2Sor9/5KDdcOvVuv5nPis/fG63WsdHSEo3aC3sIE3ruFy4/5724hDQ5zkPdY8= =q4i2 -----END PGP SIGNATURE----- From avi.wiki at gmail.com Tue Aug 27 03:29:51 2013 From: avi.wiki at gmail.com (Avi) Date: Mon, 26 Aug 2013 21:29:51 -0400 Subject: Editing a key in GnuPG2 Message-ID: With the recent release of GPG4Win, I decided to try it once again. One of the things I like about the shell I use is theability to use the GUI to start more advanced operations like editing keys (for cleaning/disabling, etc) and setting prefs for individual keys. The bundled GPA does not allow any of those options. Is that intentional to prevent people from monkeying around (they have to know the command line options to mess around)? Also, where are the configuration options controlling the preferred cipher used when creating keys, the bzip level, etc. adjusted? I'm seeing that GPA does provide a front-end to gpgconf (at least on expert mode) but I cannot find those values, whereas in GPG 1.x I could simply have a gpg.cof file with entries like: s2k-digest-algo SHA512 s2k-cipher-algo AES cert-digest-algo SHA512 verbose compress-level 9 bzip2-compress-level 9 Thank you, --Avi ---- User:Avraham pub 3072D/F80E29F9 1/30/2009 Avi (Wikimedia-related key) Primary key fingerprint: 167C 063F 7981 A1F6 71EC ABAA 0D62 B019 F80E 29F9 From hhhobbit at securemecca.net Tue Aug 27 08:15:11 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Tue, 27 Aug 2013 06:15:11 +0000 Subject: Editing a key in GnuPG2 In-Reply-To: References: Message-ID: <521C43EF.5040705@securemecca.net> On 08/27/2013 01:29 AM, Avi wrote: > With the recent release of GPG4Win, I decided to try it once again. > One of the things I like about the shell I use is the ability to use > the GUI to start more advanced operations like editing keys (for > cleaning/disabling, etc) and setting prefs for individual keys. The > bundled GPA does not allow any of those options. Is that intentional > to prevent people from monkeying around (they have to know the command > line options to mess around)? > > Also, where are the configuration options controlling the preferred > cipher used when creating keys, the bzip level, etc. adjusted? I'm > seeing that GPA does provide a front-end to gpgconf (at least on > expert mode) but I cannot find those values, whereas in GPG 1.x I > could simply have a gpg.cof file with entries like: > > s2k-digest-algo SHA512 > s2k-cipher-algo AES > cert-digest-algo SHA512 > verbose > compress-level 9 > bzip2-compress-level 9 I cannot help via the method that you are using but from the command line (yeah, I know, cmd.exe sucks): http://www.securemecca.com/public/GnuPG/GnuPG_Prefs.txt c:\> gpg --edit-key YOUR-KEY Command> set pref H10 S7 Z3 Command> save (note - you invariably have a pub/sec & sub/ssb key pair which means you need to change both if you don't like the defaults) You very rarely change the preferences and the desired way is to make it a property of the key itself since what you are really doing is telling others what your preferences are. Others can NOT see your gpg.conf file. I believe you want to make some of these attributes of the keys themselves. By that I mean if you want others to use CAMELLIA256 in sending you a PK enciphered message then you need to tell them up front in the key properties and put it first if you want it to be your s2k-cipher-algo first choice. You do that by changing the attributes of the keys themselves. If the key does not have that information the sending party will probably use the default cipher which at one time was CAST5 since your public key did not tell them what to use. Your pub/sec and sub/ssb keys if you have a key pair both have separate settings. You can also have other sub-keys. But since I only have a pair I edit both the 2048R/C83946F0 and the 2048R/BDED6C8D and give them the same preference. That is more habit than anything else and you can configure each key with a different set of preferences if that is what you want. Just be sure you use the correct key for the setting you are using. Also remember that these settings are the advice you are giving others in how you want things. If you want CAMELLIA128 instead of AES make it first. If you don't set it you will get the default which at one time was CAST5. *** ALL BUT AVI CAN STOP READING HERE *** SHA512 is fairly large. I used it for a while and dropped back to SHA256. It is just something for you to think about. I found that while SHA512 posed no burden for me it very likely will cause problems for others. Remember that GnuPG encryption is avaiable for iPhone and iPhones don't have a really powerful CPU. I assume you are using the Power Shell. I don't think GPG4Win's developers want your pass-phrase being captured by the Power Shell's GUI. The reason I gave my primitive srm program to only Linux people (I tell Windows people to purchase a good wipe program that has been around a long time so it doesn't disappear completely on you): http://www.securemecca.com/public/srm/ was because for test after test when I over-wrote the file on Windows I would find that most of it was not over-wrote at all. It didn't matter whether I used Microsoft's tools or the little free build system (it is no longer free). Huge sections of the file just didn't get over-written at all. NOW I understand the US DOD's multiple over-write requirements. By contrast my srm 'nix version over-writes everything in just one pass but only on 'nix systems. I had the same program on Windows and finally just threw it away and used a Windows wiper program. But Microsoft has this nasty habit of keeping EVERYTHING. That was when I finally did a dd of several megabytes clear back with W2K onto the start of the drive. It prevented Microsoft from SAVING that C:\ partition and building a D:\ system partition. Now that dd wipes out low level start of disk root-kits when cleaning is no longer possible. Do NOT confuse that to mean the dd erases all disk contents. It just wipes out any vestige of malware down in the bowels of the disk and makes an OS install mandatory. Windows kesps your last commands / programs started et al in the registry and in general seems to have two to three backups of EVERYTHING stashed away. Just like me setting BASH to have zero history when using gpg / gpg2 on Linux you don't want ANYTHING keepng your key's pass-phrase ANYWHERE outside the key itself other than gpg / gpg2 or the other gpg programs or libraries (dll files). Note the difference in my crypt (symmetric cipher) and pcrypt (PK enciphering) scripts: http://www.securemecca.com/public/GnuPG/crypt.txt http://www.securemecca.com/public/GnuPG/pcrypt.txt I allow for the shell possibility of reading a symmetric cipher password to be used for all enciphered files (code commented out). Just make sure you do NOT uses the password "BOGUS" or even "bogus". Either that or change the last value of the environment variable PASSPHRASE to something you will never use. I used PASSPHRASE instead of PASSWORD because many programs will use the PASSWORD environment variable. I provide NO capability for the bash shell to get the pass-phrase for the key in pcrypt even with zero history. The same thing holds for Windows. You don't want Power Shell on Windows having your key's pass-phrase any more than you want bash having it. HHH PS I made my comment on the CAMELLIA ciphers AFTER doing some symmetric cipers with the crypt script. They worked just fine so why not use the CAMELLIA ciphers if you want to? Which is best, CAMELLIA or AES? I don't know and my first choice is TWOFISH. Any of them are better than nothing. From werewolf6851 at gmail.com Tue Aug 27 09:13:17 2013 From: werewolf6851 at gmail.com (Werewolf) Date: Tue, 27 Aug 2013 02:13:17 -0500 Subject: group and pgp-hooks Message-ID: <20130827071316.GA8065@Vixen> anyone gotten gpg groups option to work with mutt? seems all searchs I find come across the same headaches. Wolf -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 230 bytes Desc: Digital signature URL: From wk at gnupg.org Tue Aug 27 09:43:45 2013 From: wk at gnupg.org (Werner Koch) Date: Tue, 27 Aug 2013 09:43:45 +0200 Subject: Editing a key in GnuPG2 In-Reply-To: (Avi's message of "Mon, 26 Aug 2013 21:29:51 -0400") References: Message-ID: <8761urvary.fsf@vigenere.g10code.de> On Tue, 27 Aug 2013 03:29, avi.wiki at gmail.com said: > bundled GPA does not allow any of those options. Is that intentional > to prevent people from monkeying around (they have to know the command > line options to mess around)? It is a whole lot of work to write and test(!) such GUI stuff. Thus experts should use the command line. > seeing that GPA does provide a front-end to gpgconf (at least on > expert mode) but I cannot find those values, whereas in GPG 1.x I > could simply have a gpg.cof file with entries like: You can still add this manually to gpg.conf. Not whole options are available via the gpgconf interface because otherwise it would get too cluttered with exotic options. > s2k-digest-algo SHA512 This is not very useful because the default value for the iteration count is taken from gpg-agent which calibrates it so that an S2K operation takes about 100ms. Using a slower algorithm does not really help. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Tue Aug 27 09:53:19 2013 From: wk at gnupg.org (Werner Koch) Date: Tue, 27 Aug 2013 09:53:19 +0200 Subject: [Gpg4win-announce] Gpg4win 2.2.0 released In-Reply-To: <521BCB05.8050602@gmail.com> (Faramir's message of "Mon, 26 Aug 2013 17:39:17 -0400") References: <201308211453.22917.emanuel.schuetze@intevation.de> <521BCB05.8050602@gmail.com> Message-ID: <871u5fvac0.fsf@vigenere.g10code.de> On Mon, 26 Aug 2013 23:39, faramir.cl at gmail.com said: > Nice! But... is the stable version different than Gpg4win > 2.2.0-beta56 ? Sometimes the final version of a product is the same as > the last beta. Yes. Here are the commits since beta56: 305eb8e3 * gpg4win-2.2.0 origin/master origin/HEAD master Add licence page and gplv3 to extra dist 6561aa70 * Release 2.2.0. 1975d250 * Update kleopatra to 2.2.0 package 15e7a60f * gpa: Add patches to fix card key generation. 714063c3 * Update GpgOL to version 1.2.0. da56691c * Updated NEWS and README for 2.2.0 release. 9df2afd0 * Update GnuPG to version 2.0.21. 5df5f2af * Fixed typo in README.en.txt and NEWS. 31b5e0a6 * wk-master Fix gpa bug 1525 (crash in clipboard) The beta numbers are computed using "git describe". Just in case you wonder: We did the evil thing and moved the release tag from 6561aa70 to 305eb8e3 so if your clone has it ar 6561aa70, please delete it and pull again. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From werewolf6851 at gmail.com Thu Aug 29 06:24:22 2013 From: werewolf6851 at gmail.com (Werewolf) Date: Wed, 28 Aug 2013 23:24:22 -0500 Subject: Identifying your private key by the public KeyID In-Reply-To: References: <5200F1A6.9090004@securemecca.net> <5200F8A3.9040109@Me.com> Message-ID: <521ECCF6.9020600@gmail.com> On 08/06/2013 09:44 AM, David Shaw wrote: > On Aug 6, 2013, at 9:22 AM, Kenneth Jones wrote: > >> I'm referring to the information you see for example in the prompt to >> enter your private key when you have received an encrypted message in >> Thunderbird/Enigmail. The window "pinetry" prompts "Please enter the >> pass...2048-bit RSA key, ID DEADBEEF, created ... (main key ID >> ABCD0123)." Notice there are two key ID mentioned in the window, one >> called Main, which is also the public Key ID, (the one I expected, the >> one I remember) and the other for the secret key (which I have Never >> Paid any attention to). > > Ah, that clarifies it. Yes, as a few people have suggested, that's the subkey ID. It's not inherently public or secret, but just another key attached to your primary key. In OpenPGP, "your key" refers to a primary key, plus some number of subkeys (occasionally zero, but that's fairly rare). The primary key is the one that the user IDs (email addresses, etc) are attached to, and the one that gathers signatures from other people if you get your key signed. > > The subkey(s) are keys attached to the primary key, that can be used for encryption or signing. The idea is that since it is difficult to change your primary key (you'd need to get it re-signed, and re-print your business cards, and the like) you should be able to change the subkey quickly and easily. A common methodology (and in fact the default for many programs) is to use the primary key for signing, and a subkey for encryption. There are interesting variations that can be used with this basic design: some people leave their primary key offline completely, only taking it out to make new subkeys. Some people use different passphrases on different subkeys. > > To answer your original question, though, traditionally the key-as-a-whole is referred to by its primary key ID and fingerprint. The subkeys are effectively along for the ride. Some programs make a point of telling you which subkey is in use at a particular time. Some do not. > > David > Pops into this tread. Is there any major disadvantage to have main key of say 2048 bits, but sub keys of 3072 or 4096 bit sizes? Wolf. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 295 bytes Desc: OpenPGP digital signature URL: From csabi.hlw at gmail.com Thu Aug 29 20:01:05 2013 From: csabi.hlw at gmail.com (Csabi) Date: Thu, 29 Aug 2013 20:01:05 +0200 Subject: GNUPG and Cast6 Message-ID: <521F8C61.5020207@googlemail.com> Hi all, Why does not support GNUPG the CAST6 (256 bit key) variant of the CAST algorithm? It supports the CAST5 (128 bit key) variant and it is the default cipher. Best regards, Csabi From hhhobbit at securemecca.net Thu Aug 29 22:12:21 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Thu, 29 Aug 2013 20:12:21 +0000 Subject: GNUPG and Cast6 In-Reply-To: <521F8C61.5020207@googlemail.com> References: <521F8C61.5020207@googlemail.com> Message-ID: <521FAB25.6010501@securemecca.net> On 08/29/2013 06:01 PM, Csabi wrote: > Hi all, > > Why does not support GNUPG the CAST6 (256 bit key) variant of the CAST > algorithm? > It supports the CAST5 (128 bit key) variant and it is the default cipher. > > Best regards, Csabi Because there is no RFC for it in OpenPGP. Unless there is an RFC for it being in OpenPGP they won't put it there. Here is RFC advice on CAST6 (CAST-256): https://www.rfc-editor.org/rfc/rfc2612.txt Before you flail away at getting it added read this and follow up by looking at the source links first: https://en.wikipedia.org/wiki/CAST-256 CAST6 was passed over and wasn't one of the five AES finalists. It is very unlikely that it will ever be included. CAST5 was included when very little else was available. In reality CAST5 is probably more than adequate for my needs despite the fact that I have TWOFISH as the preferred first choice. The main weakness of encryption is PEBKAC and I have more than my fair share of the illness. So I focus my attention for improvement there. HHH From dshaw at jabberwocky.com Thu Aug 29 22:28:15 2013 From: dshaw at jabberwocky.com (David Shaw) Date: Thu, 29 Aug 2013 16:28:15 -0400 Subject: GNUPG and Cast6 In-Reply-To: <521F8C61.5020207@googlemail.com> References: <521F8C61.5020207@googlemail.com> Message-ID: <844F1DB7-2996-42DC-9F8A-C73838F68D40@jabberwocky.com> On Aug 29, 2013, at 2:01 PM, Csabi wrote: > Hi all, > > Why does not support GNUPG the CAST6 (256 bit key) variant of the CAST algorithm? > It supports the CAST5 (128 bit key) variant and it is the default cipher. There never was a really good reason to support it. The OpenPGP working group added TWOFISH as a 256-bit cipher (and not incidentally a 128-bit blocksize), and later AES. There is nothing specifically wrong with CAST6, but given that OpenPGP has both TWOFISH and AES, there isn't really a pressing reason to include CAST6 too. David From rjh at sixdemonbag.org Fri Aug 30 02:07:59 2013 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 29 Aug 2013 20:07:59 -0400 Subject: GNUPG and Cast6 In-Reply-To: <521F8C61.5020207@googlemail.com> References: <521F8C61.5020207@googlemail.com> Message-ID: <521FE25F.4020604@sixdemonbag.org> On 8/29/2013 2:01 PM, Csabi wrote: > Why does not support GNUPG the CAST6 (256 bit key) variant of the CAST > algorithm? In addition to the other (correct) answers you've received, this one also applies: "Because nobody else is using CAST6." (Also, CAST6 is a different algorithm than CAST5. It's not really a "variant". The algorithms are similar, yes, but then again so are Blowfish and CAST5-128, and nobody calls Blowfish and CAST5 variants of one another.) From tange at gnu.org Sat Aug 31 11:46:31 2013 From: tange at gnu.org (Ole Tange) Date: Sat, 31 Aug 2013 11:46:31 +0200 Subject: Recommended key size for life long key Message-ID: The FAQ http://www.gnupg.org/faq/GnuPG-FAQ.html#what-is-the-recommended-key-size recommends a key size of 1024 bits. Reading http://www.keylength.com/en/4/ I am puzzled why GnuPG recommends that. Why not recommend a key size that will not be broken for the rest of your natural life? (Assuming the acceleration of advances in key breaking remains the same as it has done historically, thus no attack is found that completely destroys the algorithm used). I just generated a 10kbit RSA key. It took 10 minutes which is long to sit actively waiting, but not very long if you are made aware it will take this long and just leave it in the background while doing other work; and to me 10 minutes (or even 10 hours) is a tiny investment if that means that I do not loose the signatures on my key by changing key every 5 years. /Ole (Please Cc any answer) From kloecker at kde.org Sat Aug 31 19:41:33 2013 From: kloecker at kde.org (Ingo =?ISO-8859-1?Q?Kl=F6cker?=) Date: Sat, 31 Aug 2013 19:41:33 +0200 Subject: Recommended key size for life long key In-Reply-To: References: Message-ID: <1601133.G0KEF0myON@thufir.ingo-kloecker.de> On Saturday 31 August 2013 11:46:31 Ole Tange wrote: > The FAQ > http://www.gnupg.org/faq/GnuPG-FAQ.html#what-is-the-recommended-key-s > ize recommends a key size of 1024 bits. > > Reading http://www.keylength.com/en/4/ I am puzzled why GnuPG > recommends that. > > Why not recommend a key size that will not be broken for the rest of > your natural life? (Assuming the acceleration of advances in key > breaking remains the same as it has done historically, thus no attack > is found that completely destroys the algorithm used). > > I just generated a 10kbit RSA key. It took 10 minutes which is long to > sit actively waiting, but not very long if you are made aware it will > take this long and just leave it in the background while doing other > work; and to me 10 minutes (or even 10 hours) is a tiny investment if > that means that I do not loose the signatures on my key by changing > key every 5 years. Now try sending a message signed with this key to yourself. And then try verifying the signature on this message. And then imagine doing the same on a mobile phone with a processor that is 10 times slower than that of your PC. I'm pretty sure that this will make you realize that a 10kbit RSA key is a PITA for everybody, for you when you sign messages or other people's keys and for others when they need to verify your signatures. Once you've realized this you might understand the recommendation in the FAQ. BTW, the FAQ recommends creating a 1024 bit DSA key; IIRC this is more or less equivalent to a 2048 bit RSA key. Regards, Ingo -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: From johanw at vulcan.xs4all.nl Sat Aug 31 20:36:43 2013 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Sat, 31 Aug 2013 20:36:43 +0200 Subject: Recommended key size for life long key In-Reply-To: References: Message-ID: <522237BB.2090602@vulcan.xs4all.nl> On 31-8-2013 11:46, Ole Tange wrote: > Why not recommend a key size that will not be broken for the rest of > your natural life? In that case, I assume 3072bit is sufficient. Making the public/secret key a little stronger than the session keys (128 bit for most symmetric ciphers) makes sense (breaking the secret key lets an attacker read all messages, breaking a session key only one so the pubkey is more valuable) but making it extremely much stronger is useless. Attackers will go for the weakest link in the chain. -- Met vriendelijke groet / With kind regards, Johan Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From pete at heypete.com Sat Aug 31 21:52:30 2013 From: pete at heypete.com (Pete Stephenson) Date: Sat, 31 Aug 2013 21:52:30 +0200 Subject: Recommended key size for life long key In-Reply-To: <1601133.G0KEF0myON@thufir.ingo-kloecker.de> References: <1601133.G0KEF0myON@thufir.ingo-kloecker.de> Message-ID: On Sat, Aug 31, 2013 at 7:41 PM, Ingo Kl?cker wrote: > On Saturday 31 August 2013 11:46:31 Ole Tange wrote: >> The FAQ >> http://www.gnupg.org/faq/GnuPG-FAQ.html#what-is-the-recommended-key-s >> ize recommends a key size of 1024 bits. >> >> Reading http://www.keylength.com/en/4/ I am puzzled why GnuPG >> recommends that. >> >> Why not recommend a key size that will not be broken for the rest of >> your natural life? (Assuming the acceleration of advances in key >> breaking remains the same as it has done historically, thus no attack >> is found that completely destroys the algorithm used). >> >> I just generated a 10kbit RSA key. It took 10 minutes which is long to >> sit actively waiting, but not very long if you are made aware it will >> take this long and just leave it in the background while doing other >> work; and to me 10 minutes (or even 10 hours) is a tiny investment if >> that means that I do not loose the signatures on my key by changing >> key every 5 years. > > Now try sending a message signed with this key to yourself. And then try > verifying the signature on this message. And then imagine doing the same > on a mobile phone with a processor that is 10 times slower than that of > your PC. I'm pretty sure that this will make you realize that a 10kbit > RSA key is a PITA for everybody, for you when you sign messages or other > people's keys and for others when they need to verify your signatures. > > Once you've realized this you might understand the recommendation in the > FAQ. BTW, the FAQ recommends creating a 1024 bit DSA key; IIRC this is > more or less equivalent to a 2048 bit RSA key. According to the keylength.com site that Ole linked to, discrete logarithm keys (i.e. those using DSA) are essentially equivalent to RSA keys in terms of strength. That is, a 2048-bit DSA key is essentially the same as a 2048-bit RSA key. That said, the FAQ does appear to be out of date: the default these days is 2048-bit RSA keys. If one were to generate a new key today, 1024-bit DSA or RSA is a bit short. For most purposes, it probably wouldn't hurt to generate >= 2048-bit keys as this would likely be secure for the reasonable future. 3072-bit DSA/4096-bit RSA would be good for a bit longer, barring any major advances in cryptanalysis -- it's unlikely that an adversary is going to try breaking the crypto when there's so many other, more feasible means of eavesdropping (e.g. putting malware on one's computer). Hopefully GPG supports ECC keys in the near future: 521-bit ECC keys would offer 256 bits of security while being considerably more manageable than massive 10k+ RSA keys. Cheers! -Pete -- Pete Stephenson From anthony at cajuntechie.org Sat Aug 31 22:27:48 2013 From: anthony at cajuntechie.org (Anthony Papillion) Date: Sat, 31 Aug 2013 15:27:48 -0500 Subject: Recommended key size for life long key In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 08/31/2013 04:46 AM, Ole Tange wrote: > The FAQ > http://www.gnupg.org/faq/GnuPG-FAQ.html#what-is-the-recommended-key-size > > recommends a key size of 1024 bits. > > Reading http://www.keylength.com/en/4/ I am puzzled why GnuPG > recommends that. > > Why not recommend a key size that will not be broken for the rest > of your natural life? (Assuming the acceleration of advances in > key breaking remains the same as it has done historically, thus no > attack is found that completely destroys the algorithm used). > > I just generated a 10kbit RSA key. It took 10 minutes which is long > to sit actively waiting, but not very long if you are made aware it > will take this long and just leave it in the background while doing > other work; and to me 10 minutes (or even 10 hours) is a tiny > investment if that means that I do not loose the signatures on my > key by changing key every 5 years. Hi Ole, There are other problems that need to be considered when creating a 'lifelong' extra large key. First, you need to consider people on older hardware or mobile devices. That 10k key might take 10 minutes to do anything with on modern hardware. But do you think a mobile device will have the kind of horsepower needed to use that key in any way? Probably not. That may lock out a significant portion of your contacts from being able to communicate with you. Secondly, a long key length won't protect you if 1) an incredibly efficient factoring algorithm is designed and used, 2) quantum computers are used against your key, or 3) side channel attacks. In all of those sceneries, large keys won't protect you at all. Especially in side channel attacks or qc attacks. Personally, I trust my 4096 bit key for now until ECC is integrated into GnuPG. Then, I'll recreate my keys. Looking for a key that will never be broken is like looking for the fountain of youth: it's a nice idea but not realistic to plan your life around. Security is always moving. You have to be prepared to move with it. Regards, Anthony - -- Anthony Papillion XMPP/Jabber: cypherpunk at patts.us SIP: 17772471988 at callcentric.com PGP Key: 0x53B04B15 -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJSIlHEAAoJEAKK33RTsEsVCBEP/2iX/lCeUzr4XOfl9M2dKOYX Jmspl0/xUEuJ/pN8A+XXfH6Roe1HtO/sIDRxMB/yM6speLnvrfpin3lxLNh68IPW A5wkgIit61ERSpFFMw7oaaWViqZ9dz4qkm9FVA5b2WQBYJzC5jWu6t0vfJJgQIE3 PJHarT+Ok3tMPPZvDpOiC0dE0tTVmvod1O3mk5fOnbnCdXq1mIdy+cqM182t9pl2 lJWgJ4H6fsJsIYqUvC7MWJtNGXJ++8i3WySttoMbvOeVT+YyJk3/R/BetqRYxbuD qE4Clniu5l/NB/LtO7nmD4cziszU6WFZVKXft1pR8qnyFbItb/2vpA4g8PbM3m2W 4dbTGn5SA2ouF8glCukRjydeCeca1/jf/DQQ5w5DSnQegLwbH7FzORVQ79k7CyXV 4l6ulmLwrb5Jn7aw/GOukEqAjBQcaJjg1C5TjIAyfy+7yQye9nuoVRz3rf5JcOwx luu5KARLGcIyxCatrQPqydvr7FuNCH1oyLzvYTZ1qpRt5KI85bGqesTAh2ltiv/n BWEs2auasD62PxaneH8PurlPpdw5D+b6bxTs6QnKG90IhvIBfQqr/62DnkpK9D5f ImYbo6Z/pgzAqggtbXDlOEfmn9gr8g1egkNfrFei8EYSNLaNqTrQkumV9gX+RrHq zqszn5xP94iqkj1JFd9V =4t2X -----END PGP SIGNATURE-----