From nobody at dizum.com Sat Jun 1 05:00:20 2013 From: nobody at dizum.com (Nomen Nescio) Date: Sat, 1 Jun 2013 05:00:20 +0200 (CEST) Subject: [OT] Why are you using the GPG / PGP keys? References: <519DF443.6080206@riseup.net> <519E8928.6040103@sixdemonbag.org> <01944c2fae8fd94069ed9eb8c0d275a7@dizum.com> Message-ID: <240456d1e7faad9f03f8b93b63ca670f@dizum.com> > But it can also mean it can mean PLAUSIBLE GUILTY (PG). And > while PD works only once, PG can go ad infinitum. And don't forget > there are some organisations which activate worldwide for which any > suspicion means guilty without any respect for the facts. > So does threatening the public-at-large with extra-judicial surviellance and torture fit under "political activity?" Please leave your FBI-trolling and threats to our wonderful elected officials, and off this respectable list. From John at enigmail.net Mon Jun 3 04:06:57 2013 From: John at enigmail.net (John Clizbe) Date: Sun, 02 Jun 2013 21:06:57 -0500 Subject: certificat for a key pair In-Reply-To: <51A6F26E.50805@dougbarton.us> References: <51A59C36.3050606@gmx.fr> <51A65258.9040608@securemecca.net> <51A65689.9020300@dougbarton.us> <51A6F1A7.5000000@securemecca.net> <51A6F26E.50805@dougbarton.us> Message-ID: <51ABFA41.1010203@enigmail.net> Doug Barton wrote: > On 05/29/2013 11:28 PM, Henry Hertz Hobbit wrote: > | First, whose advice? > > The advice of the people who actually write Enigmail. All of your > irrelevant stuff aside, you still haven't explained yourself. Speaking as one of those people who took part in the discussion creating that advice, it wasn't about the mechanics of the install: manual, apt-get, yum,...; but that the copy of Thunderbird/Seamonkey and Enigmail come from the same distro foundry, i.e., compiled by the same compiler. This was required because Enigmail contained a binary IPC component creating a dependency on both the OS and on the C++ compiler used to build the code. This is why we created the statement that both TB/SM & Enigmail must come from the same source -- Enigmail's 'source for TB & SM being Mozilla.org; Enigmail's own build architecture tracked that of Mozilla.org. Thus, a SuSE Thunderbird needed a SuSE Enigmail, a Debian (whatever they call it) needed a Debian Enigmail, and so on... Patrick Brunschwig did a large amount of code cleanup this past winter and removed the binary IPC components from Enigmail. The "same place" rule is pretty much gone for Enigmail 1.5+, but is still a strong recommendation due to the numerous changes in the mail-news code in each Thunderbird release. -- John P. Clizbe Inet: John (a) Gingerbear DAWT net SKS/Enigmail/PGP-EKP or: John ( @ ) Enigmail DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 471 bytes Desc: OpenPGP digital signature URL: From rjh at sixdemonbag.org Mon Jun 3 07:26:22 2013 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 03 Jun 2013 01:26:22 -0400 Subject: certificat for a key pair In-Reply-To: <51ABFA41.1010203@enigmail.net> References: <51A59C36.3050606@gmx.fr> <51A65258.9040608@securemecca.net> <51A65689.9020300@dougbarton.us> <51A6F1A7.5000000@securemecca.net> <51A6F26E.50805@dougbarton.us> <51ABFA41.1010203@enigmail.net> Message-ID: <51AC28FE.4030807@sixdemonbag.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 6/2/2013 10:06 PM, John Clizbe wrote: > Speaking as one of those people who took part in the discussion > creating that advice... Speaking as another one of those people who took part in that discussion: although the move to a pure-Javascript implementation has done a lot to minimize this rule, I think John's "the 'same place' rule is pretty much gone" needs a little explanation. The number of different Linux distros, the number of different customized Windows builds of Thunderbird, the number of different customized OS X builds of Thunderbird... if you add up all these variations you'll probably hit triple digits. On top of that, each distro may support several different versions of Thunderbird, and do different optimizations to each. We don't have the resources to test Enigmail against every custom version of Thunderbird, and so we can't make guarantees. Moving to all-Javascript has made it far more likely that Enigmail will work without a problem, but you're still taking chances. As John said, the 'same place' rule is pretty much gone. But make sure to remember the rest of what he said, which was that it's still a strong recommendation. -----BEGIN PGP SIGNATURE----- iQEcBAEBCAAGBQJRrCj+AAoJEERqRG+BDbXQDRwH/juoHZeXaLGn2TXrlTl5EO4t ivNTt6HqlWy3PjGKxHSqH+BAWt5b86h10gVJ9c+K3zfZ1YWb1tNeA2ek1vY5RWZZ s9hPHga0hHK8nWEopiYtgc6uwT8+3yvjaWh4iFL4STVaP5tfse2mMxxdQ8SPfj0t HLkqlev0NVghQUdVyQ2SZpgDEYREB1t6zt6C8nAzdTXv6p72De9Mh1nOZGNFltE+ yZzooIMIyAB9R5zz3uJUB2lNpAf9t4PA/kB4BPelr4YBFZuxCAYj9UxQkP0nPa+u KhyEHmx73j+bz99LlBs+4R3FFASZENJ02jJFQh4MUZSVSDV+nYEMxUHRmnxFmS8= =hyQ4 -----END PGP SIGNATURE----- From melvincarvalho at gmail.com Mon Jun 3 14:04:55 2013 From: melvincarvalho at gmail.com (Melvin Carvalho) Date: Mon, 3 Jun 2013 14:04:55 +0200 Subject: How difficult is it to break the OpenPGP 40 character long fingerprint? In-Reply-To: <5159C7F5.2060709@fifthhorseman.net> References: <5159B4B4.9090803@riseup.net> <5159C7F5.2060709@fifthhorseman.net> Message-ID: On 1 April 2013 19:46, Daniel Kahn Gillmor wrote: > On 04/01/2013 12:24 PM, adrelanos wrote: > > > gpg uses only(?) 40 chars for the fingerprint. > > (I mean the output of: gpg --fingerprint --keyid-format long.) > > this is a 160-bit SHA-1 digest of the public key material and the > creation date, with a bit of boilerplate for formatting. This is not > gpg-specific, it is part of the OpenPGP specification: > > https://tools.ietf.org/html/rfc4880#section-12.2 > > A better place to discuss issues related to OpenPGP in general is the > IETF's OpenPGP mailing list: > > https://www.ietf.org/mailman/listinfo/openpgp > > It is a good idea to review their archives for fingerprints and digest > algorithms before posting, though. Much of what you asked has been > discussed in some detail on that list already. > > > How difficult, i.e. how much computing power and time is required to > > create a key, which matches the very same fingerprint? > > This is called a second-preimage attack. I am not aware of any > published second-preimage attacks against SHA-1's 160-bit digest that > bring the computation within tractable limits. A theoretically perfect > 160-bit-long digest algorithm would require ~2^160 operations to arrive > at a particular digest. SHA-1 is almost certainly not theoretically > perfect against this sort of attack, but does not appear to be > practically broken by anyone who is publishing about it. > > > Isn't 40 chars a bit weak? > > the underlying material is 160 bits -- it does not need to be > represented as 40 chars. And if the digest algorithm was known to be > weak (e.g. if it was a simple CRC), then even fingerprints 10 times as > long would not be enough. > > However, for the purposes of key fingerprints in particular, SHA-1 > appears to be reasonable in the near term. > > > Are there plans to provide a longer fingerprint which in theory can't be > > broken with computing power expected in for example 100(0) years? > > For future OpenPGP drafts, there has been some discussion about moving > to a longer digest (on the IETF list i mentioned above). Those > decisions have not reached a consensus, from what i can tell. > > Predicting computing power or the state of mathematics itself 100 or > 1000 years into the future seems like a dubious proposition. Consider > the state of mechanical computation and mathematics 100 or 1000 years > ago. Do you think that even a skilled mathematician at the time could > have predicted where we are today? > > The longevity of any public key cryptosystem should probably be > estimated in years or decades at the longest if you want any confidence > in your answer. > I've been doing a lot of work with bitcoin lately. Bitcoin is essentially a ledger where you have an array of fingerprints (160 bit hashes of a public key) and a value (number of coins in wallet). Transactions involve signing transfers from one key to another, which also creates new coins in the process, when the distributed ledger syncs up. Unfortunately bitcoin only supports ECDSA and not RSA. But I wonder if a fingerprint of your GPG key could be used as the basis of a payment ledger? > > Regards, > > --dkg > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From branko at majic.rs Mon Jun 3 14:41:46 2013 From: branko at majic.rs (Branko Majic) Date: Mon, 3 Jun 2013 14:41:46 +0200 Subject: Separate OpenPGP cards for master key and sub-keys Message-ID: <20130603144146.42da39ed@zetkin.primekey.se> Hello all, I'm looking into setting myself up with some OpenPGP cards, and I'm looking into some opinions on using separate OpenPGP card for the master key and sub-keys vs using a single OpenPGP card. The idea behind this would be that my master OpenPGP card would be kept in a safe area (hidden cavern, back home under pillow/mattress and similar :), while I'd carry my sub-keys OpenPGP card with me at all times and use it for every-day operations. In particular, I'm curious to find out if there is any technical limitation that I should be aware of if I go with this kind of schema? Mainly in terms of how GnuPG handles the OpenPGP cards? Does anyone utilise this kind of schema? Or do people go with soft token for master key instead? Best regards P.S. If somebody knows of a good previous thread about this topic, please do feel free to point me to it with a link. "Best-practices" links in terms of key management with OpenPGP smart-cards are welcome as well, especially in terms of back-up :) -- Branko Majic Jabber: branko at majic.rs Please use only Free formats when sending attachments to me. ?????? ????? ?????: branko at majic.rs ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: not available URL: From pete at heypete.com Mon Jun 3 18:08:28 2013 From: pete at heypete.com (Pete Stephenson) Date: Mon, 3 Jun 2013 09:08:28 -0700 Subject: Separate OpenPGP cards for master key and sub-keys In-Reply-To: <20130603144146.42da39ed@zetkin.primekey.se> References: <20130603144146.42da39ed@zetkin.primekey.se> Message-ID: On Mon, Jun 3, 2013 at 5:41 AM, Branko Majic wrote: > Hello all, > > I'm looking into setting myself up with some OpenPGP cards, and I'm > looking into some opinions on using separate OpenPGP card for the > master key and sub-keys vs using a single OpenPGP card. > > The idea behind this would be that my master OpenPGP card would be kept > in a safe area (hidden cavern, back home under pillow/mattress and > similar :), while I'd carry my sub-keys OpenPGP card with me at all > times and use it for every-day operations. > > In particular, I'm curious to find out if there is any technical > limitation that I should be aware of if I go with this kind of schema? > Mainly in terms of how GnuPG handles the OpenPGP cards? > > Does anyone utilise this kind of schema? Or do people go with soft > token for master key instead? Using separate smartcards for master and subkeys works perfectly fine for RSA keys in my experience. I do precisely this with one of my recent keys. Here's a general overview of how I did it: 1. Generate primary key on the computer (not directly on the smartcard), then make appropriate offline backups (e.g. on CD-R) so if the card is damaged I can still use the key. 2. Transfer the primary key to the smartcard, then delete the primary key from the computer. I then ran "gpg2 --card-status" to generate the private key stub that tells GnuGP that the private key for that KeyID is on the smartcard. 3. Generate subkeys (encryption and signing) on the computer, signing them with the smartcard-based primary key. 4. Transfer the subkeys to a new smartcard, then deleting the subkeys from the computer. "gpg2 --card-status" generates the stubs for the subkeys, as above. I keep the backups in a physically secure location, including a locked box in my house and in a safe deposit box at my bank. I'm not really worried about physical compromise of my keys (I figure if someone's breaking into my house to steal my keys, I have more important issues at hand). My use of smartcards is to help reduce the risk of key compromise due to malware or some other computer-based attack, so they're kept in my immediate control but not as physically secure (e.g. in desk drawer, rather than in a locked box). Your exact strategy might differ slightly: for example, you might want to generate the keys on the card and never have private key material on the computer (this also prevents you from making backups), but the overall process should be similar. Since the smartcards don't support DSA or ElGamal keys, you can't use the cards to protect these types of keys (though you can use RSA subkeys with a DSA primary key). One of my keys is a DSA primary key, which I keep offline but have the RSA subkeys on a smartcard (I have three in total). I only use the DSA key for signing/certifying new subkeys or other people's public keys, then delete it from the computer. Cheers! -Pete -- Pete Stephenson From dkg at fifthhorseman.net Mon Jun 3 19:20:43 2013 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Mon, 03 Jun 2013 13:20:43 -0400 Subject: How difficult is it to break the OpenPGP 40 character long fingerprint? In-Reply-To: References: <5159B4B4.9090803@riseup.net> <5159C7F5.2060709@fifthhorseman.net> Message-ID: <51ACD06B.8080904@fifthhorseman.net> On 06/03/2013 08:04 AM, Melvin Carvalho wrote: > Bitcoin is essentially a ledger where you have an array of fingerprints > (160 bit hashes of a public key) and a value (number of coins in wallet). i thought that bitcoin didn't hash the public keys at all, but rather used the full elliptic curve public key, since it is smaller than comparably-strong RSA or DSA keys. I don't know much about bitcoin though so i could be mistaken here. > Unfortunately bitcoin only supports ECDSA and not RSA. But I wonder if a > fingerprint of your GPG key could be used as the basis of a payment ledger? The OpenPGP standard supports elliptic curve keys directly: https://tools.ietf.org/html/rfc6637 GnuPG will add support for these keys in version 2.1 (now in beta). If you wanted to make an assertion about your ownership of a given bitcoin purse it seems like you might be able to do that. however, the specific curves used seem to differ: According to https://en.bitcoin.it/wiki/Protocol_specification, For ECDSA the secp256k1 curve from http://www.secg.org/collateral/sec2_final.pdf is used. https://tools.ietf.org/html/rfc6637#section-11 refers to NIST curve P-256, which i think is different :/ Still, it seems like it wouldn't be difficult to use your OpenPGP identity make assertions about your possession of any given bitcoin wallet, they just wouldn't be digested into the global bitcoin transaction log. Does this address what you were asking about? if not, what problem are you trying to solve specifically? --dkg PS your MUA seems to think that this list is named "Jay Litwyn on GnuPG-Users " -- you probably want to update your addressbook :) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1027 bytes Desc: OpenPGP digital signature URL: From Mustrum at Mustrum.net Mon Jun 3 20:10:41 2013 From: Mustrum at Mustrum.net (Mustrum) Date: Mon, 03 Jun 2013 20:10:41 +0200 Subject: Separate OpenPGP cards for master key and sub-keys In-Reply-To: References: <20130603144146.42da39ed@zetkin.primekey.se> Message-ID: <51ACDC21.40604@Mustrum.net> I already moved my subkeys to one cryptostick. When i tried to move the primary key (4096 RSA) to another stick i got: >gpg> keytocard >Really move the primary key? (y/N) y >Signature key ....: [none] >Encryption key....: [none] >Authentication key: [none] >Please select where to store the key: >Your selection? Note that there is NO valid choice. Any ideas ? I'm using gpg 2.0.20 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 801 bytes Desc: OpenPGP digital signature URL: From pete at heypete.com Tue Jun 4 02:03:51 2013 From: pete at heypete.com (Pete Stephenson) Date: Mon, 3 Jun 2013 17:03:51 -0700 Subject: Separate OpenPGP cards for master key and sub-keys In-Reply-To: <51ACDC21.40604@Mustrum.net> References: <20130603144146.42da39ed@zetkin.primekey.se> <51ACDC21.40604@Mustrum.net> Message-ID: On Mon, Jun 3, 2013 at 11:10 AM, Mustrum wrote: > I already moved my subkeys to one cryptostick. > When i tried to move the primary key (4096 RSA) to another stick i got: > >>gpg> keytocard >>Really move the primary key? (y/N) y >>Signature key ....: [none] >>Encryption key....: [none] >>Authentication key: [none] > >>Please select where to store the key: >>Your selection? > > Note that there is NO valid choice. > > Any ideas ? > > I'm using gpg 2.0.20 What version of the Crypto Stick are you using? I've successfully moved 4096-bit RSA primary keys to the OpenPGP smartcard and 2048-bit RSA subkeys to a Crypto Stick v1.2, but I would expect the Crypto Stick would also support 4096-bit keys. I don't know if early versions wouldn't support keys of that length. -- Pete Stephenson From mustrum at mustrum.net Tue Jun 4 08:31:29 2013 From: mustrum at mustrum.net (Mustrum) Date: Tue, 04 Jun 2013 08:31:29 +0200 Subject: Separate OpenPGP cards for master key and sub-keys In-Reply-To: References: <20130603144146.42da39ed@zetkin.primekey.se> <51ACDC21.40604@Mustrum.net> Message-ID: <8256b5a9-c6f8-437a-9ef0-5e7955015cb8@email.android.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Pete Stephenson a ?crit?: >On Mon, Jun 3, 2013 at 11:10 AM, Mustrum wrote: >> I already moved my subkeys to one cryptostick. >> When i tried to move the primary key (4096 RSA) to another stick i >got: >> >>>gpg> keytocard >>>Really move the primary key? (y/N) y >>>Signature key ....: [none] >>>Encryption key....: [none] >>>Authentication key: [none] >> >>>Please select where to store the key: >>>Your selection? >> >> Note that there is NO valid choice. >> >> Any ideas ? >> >> I'm using gpg 2.0.20 > >What version of the Crypto Stick are you using? I've successfully >moved 4096-bit RSA primary keys to the OpenPGP smartcard and 2048-bit >RSA subkeys to a Crypto Stick v1.2, but I would expect the Crypto >Stick would also support 4096-bit keys. I don't know if early versions >wouldn't support keys of that length. I'm using the v1.2. It's supposed to be fine with 4096 rsa key if used with GnuPG 2.0.20. May be the capacity flags of my primary key is the probleme. As i'm using subkeys to sign & encrypt, i created the primary with only the "certify" capability and the stick only got 3 slots: Signing Enccrypt Authentification. Nothing to receive a certification only key ? -----BEGIN PGP SIGNATURE----- Version: APG v1.0.8 iQI7BAEBCAAlBQJRrYnBHhxNdXN0cnVtIDxNdXN0cnVtQE11c3RydW0ubmV0PgAK CRBMuv2GX9WDnvJ/EACANz5ROnge/bJshG/doKcZvw3KNomeZ2PWQn4Gu1QA9vTf xQ2BCuHmHogoOD0sp49tcFa/8WM05PxoafNTmuUNZjgi9lR5nMvv69VmHNMe2jrD Z9Oox/MsWttEVXYKpV3ydFjOG30Fy6ht6MUY+RzsOjx4B7LrdU4uH837PDvOc/Zq OuWGsBIhA0nfvY4sEUSq3uK0GYB2iXdyY5oYuBH+zWt1ome/vo/rZWe9RHyzw7yv S3PPnjLZSxmVNTFV4ADZeUue/0d9fa3vv43H/YBoLOCDS0AlMSCGW15IBiAgMsKD Q3KXpw0W2cX1gpnYpEhvGAT8H4BFG3O5EmZDpkqPW0dm6Cn8djAGuh5+waBhfycS IxZwvhOlFyhdSE2ksuNG8CkWevVpkuythuiEwjTDcphf0EzBaHxN3Pn74UaecL6O VhSC/goKf5WzLJcPfAHfKZ/vC6N0z+PWfW4meYf7Tz7CpRSpDLI+VmmYOurpXpxO jk2iIpcmjwfi8SFSKnV6wVf+usIH9y7gZyoAb3If5Gbwv/AzohTlUQoyxWzMSJXb 0gwqOQRwozbiHeyCqTJZyo6g7te4vIrLWlW1adEhRDsuOLVVhvA0/RNh4tSmTCpU QTPyzncbwgwv0zX1X+foePgw2ganQ7gOY5KtlAJZUBAP5CnSgVNpo49bbVZ8lw== =K1FW -----END PGP SIGNATURE----- From melvincarvalho at gmail.com Tue Jun 4 15:09:10 2013 From: melvincarvalho at gmail.com (Melvin Carvalho) Date: Tue, 4 Jun 2013 15:09:10 +0200 Subject: How difficult is it to break the OpenPGP 40 character long fingerprint? In-Reply-To: <51ACD06B.8080904@fifthhorseman.net> References: <5159B4B4.9090803@riseup.net> <5159C7F5.2060709@fifthhorseman.net> <51ACD06B.8080904@fifthhorseman.net> Message-ID: On 3 June 2013 19:20, Daniel Kahn Gillmor wrote: > On 06/03/2013 08:04 AM, Melvin Carvalho wrote: > > > Bitcoin is essentially a ledger where you have an array of fingerprints > > (160 bit hashes of a public key) and a value (number of coins in wallet). > > i thought that bitcoin didn't hash the public keys at all, but rather > used the full elliptic curve public key, since it is smaller than > comparably-strong RSA or DSA keys. I don't know much about bitcoin > though so i could be mistaken here. > Here's a good page that shows how it's hashed: http://gobittest.appspot.com/Address essentially its prefix . ripemd-160(sha256(pubKey)) . checksum base58 encoded with a custom alphabet > > > Unfortunately bitcoin only supports ECDSA and not RSA. But I wonder if a > > fingerprint of your GPG key could be used as the basis of a payment > ledger? > > The OpenPGP standard supports elliptic curve keys directly: > > https://tools.ietf.org/html/rfc6637 > > GnuPG will add support for these keys in version 2.1 (now in beta). If > you wanted to make an assertion about your ownership of a given bitcoin > purse it seems like you might be able to do that. > > however, the specific curves used seem to differ: > > According to https://en.bitcoin.it/wiki/Protocol_specification, > > For ECDSA the secp256k1 curve from > http://www.secg.org/collateral/sec2_final.pdf is used. > > https://tools.ietf.org/html/rfc6637#section-11 refers to NIST curve > P-256, which i think is different :/ > That's great. Satoshi used the Koblitz curve for performance. I noticed this one is also not in the upcoming Web Crypto API, I believe it's related to that curve not being in browser NSS (network security services). > > Still, it seems like it wouldn't be difficult to use your OpenPGP > identity make assertions about your possession of any given bitcoin > wallet, they just wouldn't be digested into the global bitcoin > transaction log. > That's OK, I'm curious about making a system that doesnt necessarily go onto the bitcoin block chain, but could be used with GPG keys, making each keypair a theoretical wallet. > > Does this address what you were asking about? if not, what problem are > you trying to solve specifically? > Yes very helpful. The question is whether the fingerprint contains enough entropy such that it would be impractical for an attacker to find a key that hashes to it either with preimage or birthday attack... > > --dkg > > PS your MUA seems to think that this list is named "Jay Litwyn on > GnuPG-Users " -- you probably want to update your > addressbook :) > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From Ira.Kirschner at sungard.com Tue Jun 4 21:22:04 2013 From: Ira.Kirschner at sungard.com (Ira.Kirschner at sungard.com) Date: Tue, 4 Jun 2013 19:22:04 +0000 Subject: gpg: WARNING: unsafe ownership on homedir Message-ID: <3773BDF471D15C4E96396A84BA00EF5626FFDA11@US-VOO-MB02.internal.sungard.corp> I have researched this error message and have found the suggestions do not work. Does anyone know how to have this warning message stop? I am getting the message: gpg: WARNING: unsafe ownership on homedir `/home/wsc_gpg/.gnupg' User wsc_gpg owns the gpg installation. The process is running from root as: sudo -u wsc_gpg cat /home/wsc_gpg/.gnupg/cache.txt | gpg --homedir /home/wsc_gpg/.gnupg --batch --yes --no-mdc-warning --skip-verify --passphrase-fd 0 --no-secmem-warning -o $OUTPUTFILE -d $ENCRYPTEDFILE I am running on Red Hat Linux 6.4.6 # gpg --version gpg (GnuPG) 1.4.5 Copyright (C) 2006 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. Home: ~/.gnupg Supported algorithms: Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2 The directories in question have the following ownership [root at wsc-voo-005 scripts]# ls -al /home/wsc_gpg total 40 drwx------ 5 wsc_gpg wsc_gpg 4096 Jun 1 06:38 . drwxr-xr-x 28 root root 4096 Feb 26 01:42 .. -rw------- 1 wsc_gpg wsc_gpg 10416 Jun 3 16:45 .bash_history drwx------ 2 wsc_gpg wsc_gpg 4096 Jun 4 14:25 .gnupg drwx------ 3 wsc_gpg wsc_gpg 4096 May 22 14:41 .pgp drwx------ 2 wsc_gpg wsc_gpg 4096 Feb 26 02:33 .ssh -rw------- 1 wsc_gpg wsc_gpg 753 Jun 1 06:38 .viminfo [root at wsc-voo-005 scripts]# ls -al /home/wsc_gpg/.gnupg total 356 drwx------ 2 wsc_gpg wsc_gpg 4096 Jun 4 14:25 . drwx------ 5 wsc_gpg wsc_gpg 4096 Jun 1 06:38 .. -rw------- 1 wsc_gpg wsc_gpg 526 May 22 13:37 cache.bsh -rw------- 1 wsc_gpg wsc_gpg 51 Jun 3 08:14 cache.txt -rw------- 1 wsc_gpg wsc_gpg 26 Jun 1 06:38 options -rw------- 1 wsc_gpg wsc_gpg 151660 May 31 12:36 pubring.gpg -rw------- 1 wsc_gpg wsc_gpg 151354 May 31 12:14 pubring.gpg~ -rw------- 1 wsc_gpg wsc_gpg 600 Jun 4 14:25 random_seed -rw------- 1 wsc_gpg wsc_gpg 1326 May 22 13:39 secring.gpg -rw------- 1 wsc_gpg wsc_gpg 1240 May 31 12:14 trustdb.gpg -rw------- 1 wsc_gpg wsc_gpg 1680 May 22 13:38 wsc_public.asc -rw------- 1 wsc_gpg wsc_gpg 1680 May 22 13:38 wsc_public_compatible.asc -rw------- 1 wsc_gpg wsc_gpg 3342 May 22 13:38 wsc_public_pair.asc -rw------- 1 wsc_gpg wsc_gpg 3342 May 22 13:38 wsc_public_pair_compatible.asc Ira Kirschner * CIO * Wall Street Concepts * Capital Markets * SunGard * 59 Maiden Lane, 32nd Floor, New York, NY 10038 * Direct (646) 445-1087 * Tel (646) 445-1099 ext 1087 * Mobile (917) 847-1686 * ira.kirschner at sungard.com * www.sungard.com [Description: Description: Description: Description: coc-signature-03-2012] Join the online conversation with SunGard's customers, partners and Industry experts and find an event near you at: www.sungard.com/ten. CONFIDENTIALITY: This e-mail (including any attachments) may contain confidential, proprietary and privileged information, and unauthorized disclosure or use is prohibited. If you receive this e-mail in error, please notify the sender and delete this e-mail from your system. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 8696 bytes Desc: image001.gif URL: From branko at majic.rs Tue Jun 4 22:43:09 2013 From: branko at majic.rs (Branko Majic) Date: Tue, 4 Jun 2013 22:43:09 +0200 Subject: gpg: WARNING: unsafe ownership on homedir In-Reply-To: <3773BDF471D15C4E96396A84BA00EF5626FFDA11@US-VOO-MB02.internal.sungard.corp> References: <3773BDF471D15C4E96396A84BA00EF5626FFDA11@US-VOO-MB02.internal.sungard.corp> Message-ID: <20130604224309.69e82b8c@zetkin.primekey.se> On Tue, 4 Jun 2013 19:22:04 +0000 wrote: > I have researched this error message and have found the suggestions do not work. Does anyone know how to have this warning message stop? > > I am getting the message: gpg: WARNING: unsafe ownership on homedir `/home/wsc_gpg/.gnupg' > > User wsc_gpg owns the gpg installation. > The process is running from root as: > sudo -u wsc_gpg cat /home/wsc_gpg/.gnupg/cache.txt | gpg --homedir /home/wsc_gpg/.gnupg --batch --yes --no-mdc-warning --skip-verify --passphrase-fd 0 --no-secmem-warning -o $OUTPUTFILE -d $ENCRYPTEDFILE Ok, so the catch here is that the first command in the line is being run as user wsc_gpg, but not the subsequent ones. You want want to put a sudo -u wsc_gpg in front of the second gpg command in the pipeline as well (otherwise it'll still run as root, and gpg will complain about .gnupg directory not being owned by root). Best regards -- Branko Majic Jabber: branko at majic.rs Please use only Free formats when sending attachments to me. ?????? ????? ?????: branko at majic.rs ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: not available URL: From jeandavid8 at verizon.net Tue Jun 4 23:12:15 2013 From: jeandavid8 at verizon.net (Jean-David Beyer) Date: Tue, 04 Jun 2013 17:12:15 -0400 Subject: gpg: WARNING: unsafe ownership on homedir In-Reply-To: <3773BDF471D15C4E96396A84BA00EF5626FFDA11@US-VOO-MB02.internal.sungard.corp> References: <3773BDF471D15C4E96396A84BA00EF5626FFDA11@US-VOO-MB02.internal.sungard.corp> Message-ID: <51AE582F.1000002@verizon.net> On 06/04/2013 03:22 PM, Ira.Kirschner at sungard.com wrote: > I am running on Red Hat Linux 6.4.6 What release is that? I have support from Red Hat that is up to date as of today, and it claims to be: $ cat /etc/redhat-release Red Hat Enterprise Linux Server release 6.4 (Santiago) Nothing about a third level of releases. It is running this kernel: vmlinuz-2.6.32-358.6.2.el6.x86_64 From Ira.Kirschner at sungard.com Wed Jun 5 02:24:39 2013 From: Ira.Kirschner at sungard.com (Ira.Kirschner at sungard.com) Date: Wed, 5 Jun 2013 00:24:39 +0000 Subject: gpg: WARNING: unsafe ownership on homedir In-Reply-To: <20130604224309.69e82b8c@zetkin.primekey.se> References: <3773BDF471D15C4E96396A84BA00EF5626FFDA11@US-VOO-MB02.internal.sungard.corp> <20130604224309.69e82b8c@zetkin.primekey.se> Message-ID: <3773BDF471D15C4E96396A84BA00EF5626FFDDC6@US-VOO-MB02.internal.sungard.corp> Perfectly simple explanation of what I was doing wrong. Works fine now. Much appreciated. -----Original Message----- From: Gnupg-users [mailto:gnupg-users-bounces at gnupg.org] On Behalf Of Branko Majic Sent: Tuesday, June 04, 2013 4:43 PM To: gnupg-users at gnupg.org Subject: Re: gpg: WARNING: unsafe ownership on homedir On Tue, 4 Jun 2013 19:22:04 +0000 wrote: > I have researched this error message and have found the suggestions do not work. Does anyone know how to have this warning message stop? > > I am getting the message: gpg: WARNING: unsafe ownership on homedir `/home/wsc_gpg/.gnupg' > > User wsc_gpg owns the gpg installation. > The process is running from root as: > sudo -u wsc_gpg cat /home/wsc_gpg/.gnupg/cache.txt | gpg --homedir /home/wsc_gpg/.gnupg --batch --yes --no-mdc-warning --skip-verify --passphrase-fd 0 --no-secmem-warning -o $OUTPUTFILE -d $ENCRYPTEDFILE Ok, so the catch here is that the first command in the line is being run as user wsc_gpg, but not the subsequent ones. You want want to put a sudo -u wsc_gpg in front of the second gpg command in the pipeline as well (otherwise it'll still run as root, and gpg will complain about .gnupg directory not being owned by root). Best regards -- Branko Majic Jabber: branko at majic.rs Please use only Free formats when sending attachments to me. ?????? ????? ?????: branko at majic.rs ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????. From peter at digitalbrains.com Wed Jun 5 11:22:55 2013 From: peter at digitalbrains.com (Peter Lebbing) Date: Wed, 05 Jun 2013 11:22:55 +0200 Subject: Separate OpenPGP cards for master key and sub-keys In-Reply-To: <51ACDC21.40604@Mustrum.net> References: <20130603144146.42da39ed@zetkin.primekey.se> <51ACDC21.40604@Mustrum.net> Message-ID: <51AF036F.7070401@digitalbrains.com> On 03/06/13 20:10, Mustrum wrote: > Note that there is NO valid choice. Stick it in signature, that works. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From peter at digitalbrains.com Wed Jun 5 11:23:34 2013 From: peter at digitalbrains.com (Peter Lebbing) Date: Wed, 05 Jun 2013 11:23:34 +0200 Subject: Separate OpenPGP cards for master key and sub-keys In-Reply-To: <20130603144146.42da39ed@zetkin.primekey.se> References: <20130603144146.42da39ed@zetkin.primekey.se> Message-ID: <51AF0396.6080802@digitalbrains.com> On 03/06/13 14:41, Branko Majic wrote: > Does anyone utilise this kind of schema? I do this as well. The primary key is on a different card than the subkeys. Unlike Pete, I had to resort to some key splitting and recombination tricks to get GnuPG to recognise the situation. Perhaps this has since improved and is no longer needed. The thing is that when I stuck one smartcard in the computer and ran --card-status, it would create a stub private key which only referred to the card I had inserted. So far, this is obvious and correct. However, once I gave it the other smartcard, I could not get GnuPG to update the private key stub to refer to that smartcard as well. Generating two stubs, one for each smartcard, 'gpgsplit'ting the secret key stubs and recombining them to have stubs for both smartcards in one key, fixed the situation for me. If this happens to you as well, I can give detailed instructions. Good luck, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From mustrum at mustrum.net Wed Jun 5 12:55:21 2013 From: mustrum at mustrum.net (Mustrum) Date: Wed, 05 Jun 2013 12:55:21 +0200 Subject: Separate OpenPGP cards for master key and sub-keys In-Reply-To: <51AF036F.7070401@digitalbrains.com> References: <20130603144146.42da39ed@zetkin.primekey.se> <51ACDC21.40604@Mustrum.net> <51AF036F.7070401@digitalbrains.com> Message-ID: Peter Lebbing a ?crit?: >On 03/06/13 20:10, Mustrum wrote: >> Note that there is NO valid choice. > >Stick it in signature, that works. > >Peter. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Peter Lebbing a ?crit?: On 03/06/13 20:10, Mustrum wrote: Note that there is NO valid choice. Stick it in signature, that works. Peter. But I can't. The keytocard command displays the 3 slots, but none of them are listed as a valid choice. I've to choose from an empty list. I need a ctrl-c to exit gpg Regards. -----BEGIN PGP SIGNATURE----- Version: APG v1.0.8 iQI7BAEBCAAlBQJRrxh4HhxNdXN0cnVtIDxNdXN0cnVtQE11c3RydW0ubmV0PgAK CRBMuv2GX9WDnrnLD/wPD1D7WAJJRqT28EEqRMZPQMLEi/jxtAcFUyYmBJvOSdKN BS07/y1NoDmPvgMMHmg5h2TRkJ8wkzapnCq5J0wgPtm4P6WDEDRPFOlOqepGmsxK dZPZ2lobUiUd3WwpKqI6HI5b5QvYtNXliS2tnF4nOpL8tkSzJI3fMDE6E5n46zj7 TJiqnXhyUU9gl/pBtzWkpUc6vrLOve5LJ+q1c6xIe4muvob57TipQK0XXdm6J+e4 QD73A3ByG4FKWRnYpFhMkN6hAvQ+FzoJHGMZ6mOO4UOuGPJ3SxM0ridSKQBSxjrR C22DyuSR03Fik5PEkd/m/7BivaY5QTNAfe3hSHbB/yDFq/lV1VSKj68hcpR8jL/J a0fz2XbEMPN5zPer3d2sbLlTLRnqWKdkSNnmKcWjEVg1S8evh6b4H1xxgmnyI0Ja +tUVNgvNd4ycyexMTqsCBWv5KZ5E7L7IcLydcIJG2penlnKTaAEOlnbOHunpsryP nAqAX0qqoJ6ulGHqHp2iLabtQr7kwPoJ5h82PnZUtPVT+spLt9YHFZE6PeF48Zed VtIHdnKJPTVEUIJGN8Mwykc8ISw+OXPZIM1ck47P/7ZngPYCLmOiZ79A1KuAj6aT MWFHASQZEubppPfYqi3NCtn4VQoAQ8whxYkm7mLvqsI4P41/09kZ2Oh98PDNLw== =QMEm -----END PGP SIGNATURE----- From peter at digitalbrains.com Wed Jun 5 14:50:26 2013 From: peter at digitalbrains.com (Peter Lebbing) Date: Wed, 05 Jun 2013 14:50:26 +0200 Subject: Separate OpenPGP cards for master key and sub-keys In-Reply-To: References: <20130603144146.42da39ed@zetkin.primekey.se> <51ACDC21.40604@Mustrum.net> <51AF036F.7070401@digitalbrains.com> Message-ID: <51AF3412.3010603@digitalbrains.com> On 05/06/13 12:55, Mustrum wrote: > The keytocard command displays the 3 slots, but none of them are listed as > a valid choice. I've to choose from an empty list. Ah. I hadn't noticed that. I believe the problem is that the "Key attributes" (displayed on --card-edit) force a specific keylength and keytocard only works for that keylength. I think I remember the solution was to create a key on card of the desired length, and then overwrite that one with keytocard. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From Mustrum at Mustrum.net Wed Jun 5 19:37:09 2013 From: Mustrum at Mustrum.net (Mustrum) Date: Wed, 05 Jun 2013 19:37:09 +0200 Subject: Separate OpenPGP cards for master key and sub-keys In-Reply-To: <51AF3412.3010603@digitalbrains.com> References: <20130603144146.42da39ed@zetkin.primekey.se> <51ACDC21.40604@Mustrum.net> <51AF036F.7070401@digitalbrains.com> <51AF3412.3010603@digitalbrains.com> Message-ID: <51AF7745.6030805@Mustrum.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Le 05/06/2013 14:50, Peter Lebbing a ?crit : > On 05/06/13 12:55, Mustrum wrote: >> The keytocard command displays the 3 slots, but none of them are >> listed as a valid choice. I've to choose from an empty list. > > Ah. I hadn't noticed that. I believe the problem is that the "Key > attributes" (displayed on --card-edit) force a specific keylength > and keytocard only works for that keylength. I think I remember the > solution was to create a key on card of the desired length, and > then overwrite that one with keytocard. > > Peter. > I moved a 4096/rsa signature key to the card, with succes, and tried to overwrite it with my real primary key gpg> keytocard Really move the primary key? (y/N) y Signature key ....: A41C 227F C1EB BA5C 3CFE 776D C011 169C 983F E396 Encryption key....: [none] Authentication key: [none] Please select where to store the key: Your selection? 1 Invalid selection. Your selection? 2 Invalid selection. Your selection? 3 Invalid selection. Your selection? 0 Invalid selection. Your selection? 4 Invalid selection. Your selection? 42 Invalid selection. Your selection? Same issue, no valid selection avalaible. I'm quite sur the root cause is the "certification only" capacity of my key: usage: C <-primary usage: S <-subkey usage: E <-subkey All keys with the S or E flags are fine. All my real and test keys with only the C flag can't be move to my card. Regards. -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJRr3dFAAoJEEy6/YZf1YOezg8QAItXI48uKdbEeSKxw6eALJ/p RSxmib3rH5DlL+BN9WkufPKw3RJkNsRwEDlnojzHaQ4i3QWICw2zgv2lGUBaw1Bw UoPx1A74hjGZjgzySBjEhoQvjK3pywhRWQebguJ0iMcnZDQHkY92iKPybdR7z3r5 0QASl+WAFsrvkclLS3xawpLf9ZnhixR+w92nobKauTo8lufIrVO4l9QDQvM6BMmi x//Tx+k7URMJJjb5IyDxkbnsjcSdYFjtWtl0mMCbcm/zbbSEYFHWX/F6EX2yw992 cph8lhvey4/JXiGpSxjxq9/3ReifoYYVlZT15t/AFxj2Jk/Axc8L2eUfmdW9z6YW b72EYUj531Nio5Dcij4eRQLAP5MTTuksbMSx4FAHALzJbIJDuw1ZW/rtYY3mW3/G 4O1y1uo3SGN8UBzmmxkoad3HUmLiuVYspmt6gnDH2VHUCk9/5MygtbCeiueYgiTE G8hYpUOsa3A+PMDkbq0b60j3iaKpxtX+DYgtAQYfWbGKzbCl+Z8qAqNtlanPm9qK HRQ6hucRNV2MY0zbc1SLHRh3sFUs2xKl9PQyEFGJZkLqfZJA4qxHK5dXrX3n2mmP lY/ZKpQuQP91NmUrBMP9FfFvg9Do6mwz5ZyBoG0GorZIMPyPcz/oVl1prVktrC9k H1imYGmH44cdHjXLacJy =z8dK -----END PGP SIGNATURE----- From peter at digitalbrains.com Wed Jun 5 20:20:25 2013 From: peter at digitalbrains.com (Peter Lebbing) Date: Wed, 05 Jun 2013 20:20:25 +0200 Subject: Separate OpenPGP cards for master key and sub-keys In-Reply-To: <51AF7745.6030805@Mustrum.net> References: <20130603144146.42da39ed@zetkin.primekey.se> <51ACDC21.40604@Mustrum.net> <51AF036F.7070401@digitalbrains.com> <51AF3412.3010603@digitalbrains.com> <51AF7745.6030805@Mustrum.net> Message-ID: <51AF8169.2090308@digitalbrains.com> On 05/06/13 19:37, Mustrum wrote: > I'm quite sur the root cause is the "certification only" capacity of my > key: I'm quite sure I never had data signature capability on my primary key. And I moved it to an OpenPGP v2 card, so it worked for me. I did use a 2048-bit key, but I don't see why that should make a difference. You could try to temporarily add data signature capability to your primary key, and see if it accepts it then. Then remove it afterwards. But I can't come up with something better right now, sorry. Good luck, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From di44vq at nottheoilrig.com Wed Jun 5 20:14:27 2013 From: di44vq at nottheoilrig.com (Jack Bates) Date: Wed, 05 Jun 2013 11:14:27 -0700 Subject: Read --status-fd with Expect Message-ID: <51AF8003.1080302@nottheoilrig.com> I am working on non-interactively creating a new subkey, with Expect and --status-fd, but I haven't figured out how to read from --status-fd with Expect: $ expect -c ' spawn gpg --status-fd 3 --edit-key CF11451A9BF0C50DA6B17B5926FB09F7C0D5639E addkey; interact' spawn gpg --status-fd 3 --edit-key CF11451A9BF0C50DA6B17B5926FB09F7C0D5639E addkey gpg: fatal: can't open fd 3 for status output: Bad file descriptor secmem usage: 0/0 bytes in 0/0 blocks of pool 0/0 $ Has anyone else figured out how to read from --status-fd with Expect? Thanks! From Mustrum at Mustrum.net Wed Jun 5 22:57:59 2013 From: Mustrum at Mustrum.net (Mustrum) Date: Wed, 05 Jun 2013 22:57:59 +0200 Subject: Separate OpenPGP cards for master key and sub-keys In-Reply-To: <51AF8169.2090308@digitalbrains.com> References: <20130603144146.42da39ed@zetkin.primekey.se> <51ACDC21.40604@Mustrum.net> <51AF036F.7070401@digitalbrains.com> <51AF3412.3010603@digitalbrains.com> <51AF7745.6030805@Mustrum.net> <51AF8169.2090308@digitalbrains.com> Message-ID: <51AFA657.9090501@Mustrum.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Le 05/06/2013 20:20, Peter Lebbing a ?crit : > On 05/06/13 19:37, Mustrum wrote: >> I'm quite sur the root cause is the "certification only" capacity >> of my key: > > I'm quite sure I never had data signature capability on my primary > key. And I moved it to an OpenPGP v2 card, so it worked for me. I > did use a 2048-bit key, but I don't see why that should make a > difference. > > You could try to temporarily add data signature capability to your > primary key, and see if it accepts it then. Then remove it > afterwards. But I can't come up with something better right now, > sorry. > > Good luck, > > Peter. > how can we change a key capability ? -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJRr6ZXAAoJEEy6/YZf1YOe93MP/0+TLKw5q0qmcpF9edxZov+D 82Hpd6L6JRRmVh0dxKmE2jwTvBc0bbN/e8+en7Ds00OCVbhwbIePzXf/01MWyE78 8MELesvlDuSetiym8ePPMufrRkzxsocJ1gHFAPDmjrt5FAokiQkofWZNGHbd4Zac ZB0GQVRujzo0fJ6uQNNiH0o3ASECTvL2VLIgAOeoS2GtaW+Sv3WnQLCrLzYyVSd3 k2/wRJdlDM4zeAcqEwP6yh2ivfmnXRzB9lyhqh9WnDO4kPDypCs7W7gFNghxv15D nEDEML0M7VtmcQFeIoRt9cSxWnGabnIrLuHi+u7/3Sw16RCnHxRTAkF61L4neMyP 6PmZKE6y4sFoiN67YZqido6AmwSDVtJZch04a+ofIzBSECnEO/8wGbY6RemegvjH 8iJcCqFrrvLP20/Cj5lN1ewi1+oCnuMT9NBaJA0vvLw8HpdQkf63HPfXWjKhQhJX 5G9yUq66Uy0bCvxBzqreAumvMUnejpoEo9a6GZSq3KmxxhUjSu92NDEzLYCLENql vOKBF9+u/7gQGbJx0cteNblqmOcLGvmuv+rJr1ADkYq3DDK4Y27Uz6jcmbUfYAm/ xr0RU/oZe5dqCodmtplKCQZJX5rj0Dw5bmMQkBzUTNqUTjf32a42OReszH4IFJTW VZEkbId0IINu1PTSbJkX =ds9h -----END PGP SIGNATURE----- From frase at frase.id.au Thu Jun 6 01:14:04 2013 From: frase at frase.id.au (Fraser Tweedale) Date: Thu, 6 Jun 2013 09:14:04 +1000 Subject: Read --status-fd with Expect In-Reply-To: <51AF8003.1080302@nottheoilrig.com> References: <51AF8003.1080302@nottheoilrig.com> Message-ID: <20130605231403.GT5862@bacardi.hollandpark.frase.id.au> Hi Jack, The argument to --status-fd must be an open file descriptor. Not sure of a way to open a raw file descriptor in expect, but you could use mkfifo(1) and the --status-file argument instead, I think. Regards, Fraser On Wed, Jun 05, 2013 at 11:14:27AM -0700, Jack Bates wrote: > I am working on non-interactively creating a new subkey, with Expect and > --status-fd, but I haven't figured out how to read from --status-fd with > Expect: > > $ expect -c ' > spawn gpg --status-fd 3 --edit-key > CF11451A9BF0C50DA6B17B5926FB09F7C0D5639E addkey; > interact' > spawn gpg --status-fd 3 --edit-key > CF11451A9BF0C50DA6B17B5926FB09F7C0D5639E addkey > gpg: fatal: can't open fd 3 for status output: Bad file descriptor > secmem usage: 0/0 bytes in 0/0 blocks of pool 0/0 > $ > > Has anyone else figured out how to read from --status-fd with Expect? > > Thanks! > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users From peter at digitalbrains.com Thu Jun 6 12:41:29 2013 From: peter at digitalbrains.com (Peter Lebbing) Date: Thu, 06 Jun 2013 12:41:29 +0200 Subject: Separate OpenPGP cards for master key and sub-keys In-Reply-To: <51AFA657.9090501@Mustrum.net> References: <20130603144146.42da39ed@zetkin.primekey.se> <51ACDC21.40604@Mustrum.net> <51AF036F.7070401@digitalbrains.com> <51AF3412.3010603@digitalbrains.com> <51AF7745.6030805@Mustrum.net> <51AF8169.2090308@digitalbrains.com> <51AFA657.9090501@Mustrum.net> Message-ID: <51B06759.5060708@digitalbrains.com> On 05/06/13 22:57, Mustrum wrote: > how can we change a key capability ? Hmmm. Good point. No idea :) If you use a hex editor to change flags, the signature will not check out. Possibly --edit-key and then "expire" will allow you to re-issue a signature. But I simply hadn't realised it's not a properly supported function of GnuPG. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From mustrum at mustrum.net Thu Jun 6 13:17:51 2013 From: mustrum at mustrum.net (Mustrum) Date: Thu, 06 Jun 2013 13:17:51 +0200 Subject: Separate OpenPGP cards for master key and sub-keys In-Reply-To: <51B06759.5060708@digitalbrains.com> References: <20130603144146.42da39ed@zetkin.primekey.se> <51ACDC21.40604@Mustrum.net> <51AF036F.7070401@digitalbrains.com> <51AF3412.3010603@digitalbrains.com> <51AF7745.6030805@Mustrum.net> <51AF8169.2090308@digitalbrains.com> <51AFA657.9090501@Mustrum.net> <51B06759.5060708@digitalbrains.com> Message-ID: <63eeef02-ca42-4736-943b-b85b97099e3f@email.android.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Peter Lebbing a ?crit?: >On 05/06/13 22:57, Mustrum wrote: >> how can we change a key capability ? > >Hmmm. Good point. No idea :) > >If you use a hex editor to change flags, the signature will not check >out. >Possibly --edit-key and then "expire" will allow you to re-issue a >signature. >But I simply hadn't realised it's not a properly supported function of >GnuPG. > >Peter. I sucessfully add the signing capability to my key by editing it with the APG app on my android phone. Don't ask how it's done... I'll try again with my catd asap. Thanks for your help anyway. -----BEGIN PGP SIGNATURE----- Version: APG v1.0.8 iQI7BAEBCAAlBQJRsG/fHhxNdXN0cnVtIDxNdXN0cnVtQE11c3RydW0ubmV0PgAK CRBMuv2GX9WDnhtSD/4tVuaE3rZDK/j8RWFo5ZRbpvxI9fA09G0El3ItjzUAj8yN A3mQieshAolCDSnaBAqLlRstsZW5leCYEXzbpjXahN1sh/h8PuLYz+Kw4NGOGhRQ AY1hMIxnGOShMf/8BVuTPq6qdV2vY1cSDpJqTWnY7twRusAXxo+Ebb2b3OfQYhaY wchInP7m7aW/kZNj6bNGqtKfnASmdhaxbXa5jVKKapSP+4coNzUjv22oYac2r3kb TbuGSJku4RJf6Edpxd/xCqUzYD48ADaZrzvo6hT7VnlfmKKcBheOwWPqDMv6hdAF EZ+lW6ZObL74tcTZUflVuk1Oz1BDu8bTNcSMAEdTf8EaRHB8znxH7jJ10GJ2PeUt hdMixAlGj4op82/GllC7OPlI+TVd2QQgue4mnE6f1/EgcTmP6+bl5vu0NYMYdgPq txpTuHN8E2A6nYEjEFQTWlSN4QDyUSztLLzfG+NrdBKq6aDshQK/E6bAct9p8K4M kcZ27ueZJJjqI48umajEz01V8LKTtiCM47td/jpajDtwHiN6NFIphmKGeFyiWmSG /trr3tekOk8Cq/cSvYbxSlJlUZxI7L3bWlh+SyZEWZsHwql96YsjgaVqBgrI4Gb6 Ff1XiolV+QJMzEYXTMtLSdEkid9JguQBnlDyFw4QYRzjoq5U4nC1r2DWdGaa4g== =cREH -----END PGP SIGNATURE----- From Ira.Kirschner at sungard.com Fri Jun 7 17:08:48 2013 From: Ira.Kirschner at sungard.com (Ira.Kirschner at sungard.com) Date: Fri, 7 Jun 2013 15:08:48 +0000 Subject: using --multifile to create multiple ".pgp" files from source files Message-ID: <3773BDF471D15C4E96396A84BA00EF562700841F@US-VOO-MB02.internal.sungard.corp> I have a list of files that I want to encrypt to files with ".pgp" extension because my clients are incapable of changing to ".gpg". The following creates multiple files "IBK*.gpg" from the source files "IBK*.txt": gpg --homedir /home/wsc_gpg/.gnupg --always-trust --force-mdc --batch --yes -r -e "IBK*.txt" I know that I can force it do one file at a time by specify the -option, but I would really like to do something like: gpg --homedir /home/wsc_gpg/.gnupg --always-trust --force-mdc --batch --yes -r --output *.pgp -e "IBK*.txt" Is this doable? Ira Kirschner * CIO * Wall Street Concepts * Capital Markets * SunGard * 59 Maiden Lane, 32nd Floor, New York, NY 10038 * Direct (646) 445-1087 * Tel (646) 445-1099 ext 1087 * Mobile (917) 847-1686 * ira.kirschner at sungard.com * www.sungard.com [Description: Description: Description: Description: coc-signature-03-2012] Join the online conversation with SunGard's customers, partners and Industry experts and find an event near you at: www.sungard.com/ten. CONFIDENTIALITY: This e-mail (including any attachments) may contain confidential, proprietary and privileged information, and unauthorized disclosure or use is prohibited. If you receive this e-mail in error, please notify the sender and delete this e-mail from your system. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 8696 bytes Desc: image001.gif URL: From branko at majic.rs Fri Jun 7 22:09:01 2013 From: branko at majic.rs (Branko Majic) Date: Fri, 7 Jun 2013 22:09:01 +0200 Subject: Recommendations for handling (multiple) user IDs - personal and company ones Message-ID: <20130607220901.2f7fadb2@zetkin.primekey.se> Hello again, With my OpenPGP smart-card set-up almost done (master key on one card, everyday sub-keys on second), I'm thinking a bit about how I should handle my user ID, since the master key will be valid for 15 years. What are the general recommendations on what to use the user ID for (i.e. which e-mail addresses)? In addition to adding my home/personal e-mail information, I was thinking of maybe adding my (current) company's e-mail as well (and starting to actually sign my outgoing work mails with the same card). The catch is that I might not stay in the company for full 15 years. I've read-up a bit on how the user IDs are handled, and seen that keyservers will merge user IDs instead of replacing them. So, is it common that people reuse the keys in this way (for both personal and work communications)? Any bad experiences or recommendations someone could share on this topic? Best regards -- Branko Majic Jabber: branko at majic.rs Please use only Free formats when sending attachments to me. ?????? ????? ?????: branko at majic.rs ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: not available URL: From dougb at dougbarton.us Fri Jun 7 22:22:04 2013 From: dougb at dougbarton.us (Doug Barton) Date: Fri, 07 Jun 2013 13:22:04 -0700 Subject: Recommendations for handling (multiple) user IDs - personal and company ones In-Reply-To: <20130607220901.2f7fadb2@zetkin.primekey.se> References: <20130607220901.2f7fadb2@zetkin.primekey.se> Message-ID: <51B240EC.7030107@dougbarton.us> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 I'm not sure where you're getting this "15 years" number. In any case, the conventional wisdom is that for completely distinct roles (such as personal vs. work) that separate keys is the way to go. That way when you no longer have the work role the whole key can be retired, and there is no question down the road about old/expired/revoked subkeys. Personally I have used this strategy and it has worked well for me. Also, some companies have key escrow practices that make using a separate key the only viable option. OTOH, others on this list, and many keys that I have signed over the years, have combined various roles (i.e., personal and work e-mail addresses) on the same key, so that practice is not uncommon. hope this helps, Doug On 06/07/2013 01:09 PM, Branko Majic wrote: | Hello again, | | With my OpenPGP smart-card set-up almost done (master key on one card, | everyday sub-keys on second), I'm thinking a bit about how I should | handle my user ID, since the master key will be valid for 15 years. | | What are the general recommendations on what to use the user ID for | (i.e. which e-mail addresses)? | | In addition to adding my home/personal e-mail information, I was | thinking of maybe adding my (current) company's e-mail as well (and | starting to actually sign my outgoing work mails with the same card). | The catch is that I might not stay in the company for full 15 years. | | I've read-up a bit on how the user IDs are handled, and seen that | keyservers will merge user IDs instead of replacing them. | | So, is it common that people reuse the keys in this way (for both | personal and work communications)? Any bad experiences or | recommendations someone could share on this topic? -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iQEcBAEBCAAGBQJRskDsAAoJEFzGhvEaGryE5nUH/i2awrMkNgJEq/pTB6If5Drb q4pn/mV9QBhGH+AG5DT9wFf2j85I9gu+Fr+GXkGfQcJW6ykIFZgsSUh8kBOeym97 FZd2X3/SbO7BifTIL1GivPUlcxWKicLrYzYTFjKXfny6mhMJbyPbeJIWZ9QTUtkW 6ruuItTCnV/8TzmIzEMSq4VueLfMy+AXSEXD1OZLInXfwDSStwKYkckj7483We9z Bkl+CE18+LZFCUMkaAMEPdoxIgkHxUD0u3tfHKIc5aSNBUJplKqwSke4+zKR/A72 MzY9Y53EogzOxNpIlg+/7xT1u9MDtNYR9fDffjJrKssTpUK/B9Dc3JW1tNTXAiE= =dJhr -----END PGP SIGNATURE----- From tnakamura at eml.cc Fri Jun 7 21:40:14 2013 From: tnakamura at eml.cc (Tom Nakamura) Date: Fri, 07 Jun 2013 12:40:14 -0700 Subject: How do you show a list of cached keys in gpg-agent? Message-ID: <1370634014.17201.140661241263265.75913358@webmail.messagingengine.com> With ssh-agent, after you do 'ssh-add' to add a key to the agent, you can run 'ssh-add -l' to show a list of cached keys (their fingerprints, actually). What is the equivalent operation for gpg-agent? thanks, Tom From mailinglisten at hauke-laging.de Sat Jun 8 00:49:23 2013 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Sat, 08 Jun 2013 00:49:23 +0200 Subject: Recommendations for handling (multiple) user IDs - personal and company ones In-Reply-To: <51B240EC.7030107@dougbarton.us> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <51B240EC.7030107@dougbarton.us> Message-ID: <21759967.vYLLkCSJqZ@inno.berlin.laging.de> Am Fr 07.06.2013, 13:22:04 schrieb Doug Barton: > Personally I have used this strategy and it > has worked well for me. > OTOH, others on this list, and many keys that I have signed over the > years, have combined various roles (i.e., personal and work e-mail > addresses) on the same key, so that practice is not uncommon. The interesting point is: Has it worked well for them, too? Or was just the pain of retiring the key (to separate the roles later) too heavy? ;-) Meanwhile I am convinced that most OpenPGP users don't think a lot about what their key should look like before they generate / publish it. Hauke -- ? PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04) http://www.openpgp-schulungen.de/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 572 bytes Desc: This is a digitally signed message part. URL: From mailinglisten at hauke-laging.de Sat Jun 8 00:54:40 2013 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Sat, 08 Jun 2013 00:54:40 +0200 Subject: Recommendations for handling (multiple) user IDs - personal and company ones In-Reply-To: <20130607220901.2f7fadb2@zetkin.primekey.se> References: <20130607220901.2f7fadb2@zetkin.primekey.se> Message-ID: <3779575.bdWUum2JNy@inno.berlin.laging.de> Am Fr 07.06.2013, 22:09:01 schrieb Branko Majic: > With my OpenPGP smart-card set-up almost done (master key on one card, With backup? If not: Are you sure this card is going to survive for 15 years? > What are the general recommendations on what to use the user ID for > (i.e. which e-mail addresses)? In addition to what Doug has said: I recommend to have one UID without email address. Just your name and a comment (like "everyday key on smartcard with offline main key; see policy URL". There is no risk of losing the certifications for this UID just because you don't have an email address any more. Hauke -- ? PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04) http://www.openpgp-schulungen.de/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 572 bytes Desc: This is a digitally signed message part. URL: From dougb at dougbarton.us Sat Jun 8 02:38:59 2013 From: dougb at dougbarton.us (Doug Barton) Date: Fri, 07 Jun 2013 17:38:59 -0700 Subject: Recommendations for handling (multiple) user IDs - personal and company ones In-Reply-To: <21759967.vYLLkCSJqZ@inno.berlin.laging.de> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <51B240EC.7030107@dougbarton.us> <21759967.vYLLkCSJqZ@inno.berlin.laging.de> Message-ID: <51B27D23.4000000@dougbarton.us> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 06/07/2013 03:49 PM, Hauke Laging wrote: | Am Fr 07.06.2013, 13:22:04 schrieb Doug Barton: | |> Personally I have used this strategy and it |> has worked well for me. | |> OTOH, others on this list, and many keys that I have signed over the |> years, have combined various roles (i.e., personal and work e-mail |> addresses) on the same key, so that practice is not uncommon. | | The interesting point is: Has it worked well for them, too? Or was just the | pain of retiring the key (to separate the roles later) too heavy? ;-) I can't speak for all of them of course, but I have dealt with a non-zero amount of frustration on the part of some of those keyholders after a signing party when old e-mail addresses that were supposed to be working no longer are, etc. For myself, I'm certainly glad that I created 2 separate keys. | Meanwhile I am convinced that most OpenPGP users don't think a lot about what | their key should look like before they generate / publish it. Right-O, so kudos to the OP for doing so. Doug -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iQEcBAEBCAAGBQJRsn0jAAoJEFzGhvEaGryEXd8H/2W4VpIAuUrjeN4sCnt4zb8S Nz91s5nKyFb6u+GTgGBXQ5gBxAXg1GAyf9RlJYnNvMjRS3C6AUxb+Hlk2r+vSGlD eKUNVtUNjwKzcBMWljTwWfqPv1T3/HX4gt7uMPk6drK+09QFh3zkm/bewsy66t/D +0V3WZ1SvHXu7VHVV3dVy17EnYdnl3QUOtvc2A0wkYYdQSN8Sv0AaeNPRdxQ2qCx 9f0XvoMEwEHcJQVrJIfRkksEoKxkNBcIcR+f2AYGwq2Tg1raTgZUWnYDiWz4EaMd Zvwpxui1So2LkM2s94RqgD+WSrmmFUXCeT4Bnpc5EzXQhWfcGQPXhYw5dz3tdYM= =PPkG -----END PGP SIGNATURE----- From peter at digitalbrains.com Sat Jun 8 10:42:51 2013 From: peter at digitalbrains.com (Peter Lebbing) Date: Sat, 08 Jun 2013 10:42:51 +0200 Subject: How do you show a list of cached keys in gpg-agent? In-Reply-To: <1370634014.17201.140661241263265.75913358@webmail.messagingengine.com> References: <1370634014.17201.140661241263265.75913358@webmail.messagingengine.com> Message-ID: <51B2EE8B.5090005@digitalbrains.com> On 07/06/13 21:40, Tom Nakamura wrote: > What is the equivalent operation for gpg-agent? $ gpg-connect-agent > help # NOP # CANCEL [...] # KEYINFO [--list] [--data] [--ssh-fpr] [...] > help keyinfo # KEYINFO [--list] [--data] [--ssh-fpr] # # Return information about the key specified by the KEYGRIP. If the # key is not available GPG_ERR_NOT_FOUND is returned. If the option # --list is given the keygrip is ignored and information about all # available keys are returned. The information is returned as a # status line unless --data was specified, with this format: # # KEYINFO - - # # KEYGRIP is the keygrip. # # TYPE is describes the type of the key: # 'D' - Regular key stored on disk, # 'T' - Key is stored on a smartcard (token). # '-' - Unknown type. # # SERIALNO is an ASCII string with the serial number of the # smartcard. If the serial number is not known a single # dash '-' is used instead. # # IDSTR is the IDSTR used to distinguish keys on a smartcard. If it # is not known a dash is used instead. # # FPR returns the formatted ssh-style fingerprint of the key. It is only # print if the option --ssh-fpr has been used. '-' is printed if the # fingerprint is not available. # # More information may be added in the future. OK > keyinfo --list [...] HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From branko at majic.rs Sat Jun 8 11:26:40 2013 From: branko at majic.rs (Branko Majic) Date: Sat, 8 Jun 2013 11:26:40 +0200 Subject: Recommendations for handling (multiple) user IDs - personal and company ones In-Reply-To: <3779575.bdWUum2JNy@inno.berlin.laging.de> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <3779575.bdWUum2JNy@inno.berlin.laging.de> Message-ID: <20130608112640.4ba835ec@zetkin.primekey.se> On Sat, 08 Jun 2013 00:54:40 +0200 Hauke Laging wrote: > > With my OpenPGP smart-card set-up almost done (master key on one card, > > With backup? If not: Are you sure this card is going to survive for 15 years? Of course. I've actually initialised everything in the offline mode, including backups to multiple media devices. Just couldn't find some orcs to guard those :) Best regards -- Branko Majic Jabber: branko at majic.rs Please use only Free formats when sending attachments to me. ?????? ????? ?????: branko at majic.rs ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: not available URL: From branko at majic.rs Sat Jun 8 11:35:07 2013 From: branko at majic.rs (Branko Majic) Date: Sat, 8 Jun 2013 11:35:07 +0200 Subject: Recommendations for handling (multiple) user IDs - personal and company ones In-Reply-To: <51B240EC.7030107@dougbarton.us> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <51B240EC.7030107@dougbarton.us> Message-ID: <20130608113507.6d8be280@zetkin.primekey.se> On Fri, 07 Jun 2013 13:22:04 -0700 Doug Barton wrote: > I'm not sure where you're getting this "15 years" number. Up until now I've usually went with short-lived (1-2 years) keys. After each period I'd simply replace them with completely new ones. Since this can be a bit cumbersome, I wanted to set-up master key with a bit longer validity period. The 15 years felt good enough for me to have a nice longer-living trust anchor without overdoing it (lots of X.509-based CAs out there have validity of 20-25 years, but to me it feels a bit too long). Of course, in case of some serious cryptographic attacks on RSA keys, I may need to revoke the key long before those 15 years expire. Truth be told, figuring out the validity of keys/certificates in PKI is probably one of those things where you have to guess more than anything else. In general, the way I see it it's a trade-off between convenience and security (where security is actually very hard to figure out). Best regards -- Branko Majic Jabber: branko at majic.rs Please use only Free formats when sending attachments to me. ?????? ????? ?????: branko at majic.rs ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: not available URL: From peter at digitalbrains.com Sat Jun 8 12:50:23 2013 From: peter at digitalbrains.com (Peter Lebbing) Date: Sat, 08 Jun 2013 12:50:23 +0200 Subject: Separate OpenPGP cards for master key and sub-keys In-Reply-To: <63eeef02-ca42-4736-943b-b85b97099e3f@email.android.com> References: <20130603144146.42da39ed@zetkin.primekey.se> <51ACDC21.40604@Mustrum.net> <51AF036F.7070401@digitalbrains.com> <51AF3412.3010603@digitalbrains.com> <51AF7745.6030805@Mustrum.net> <51AF8169.2090308@digitalbrains.com> <51AFA657.9090501@Mustrum.net> <51B06759.5060708@digitalbrains.com> <63eeef02-ca42-4736-943b-b85b97099e3f@email.android.com> Message-ID: <51B30C6F.5090805@digitalbrains.com> I thought of another way to get the key on the card. During on-card key generation, you're prompted if you want to make a backup in a file. Such a backup is just a bare OpenPGP secret key material packet. It doesn't have key usage flags, so they can't be in the way either. We can create an equivalent file that contains the key material from your normal key, so we can move it to the card. Note that we disable a lot of safety checks by GnuPG by manipulating it like this. But I just did some testing with an empty OpenPGP v2 card and GnuPG 2.0.20, and I can reproduce your problem: a key with just Certify ability will not be copied to a card; the list of options is empty as you said. If I create a key with Certify and Sign on the primary key, I /can/ move it to the card, and it will also correctly issue certifications from the card. To get a bare OpenPGP secret key material packet for your key (adapt to your situation): ------------8<--------cut here-------->8------------ peter at tweek:~$ gpg2 -o bla.gpg --export-secret-keys AE2B4D8A peter at tweek:~$ gpg2 --list-packets bla.gpg :secret key packet: version 4, algo 1, created 1370686349, expires 0 skey[0]: [4096 bits] skey[1]: [17 bits] iter+salt S2K, algo: 3, SHA1 protection, hash: 2, salt: e627f9a2e13fb52d [...] ^^^ Check that the secret key packet is a real secret key: it has a normal String-to-Key specifier (S2K). What you don't want to see is "gnu-dummy S2K" or "gnu-divert-to-card S2K" (although the latter is our goal). peter at tweek:~$ cd tmp/ peter at tweek:~/tmp$ gpgsplit ../bla.gpg peter at tweek:~/tmp$ ls 000001-005.secret_key 000003-002.sig 000005-002.sig 000007-002.sig 000002-013.user_id 000004-007.secret_subkey 000006-007.secret_subkey peter at tweek:~/tmp$ gpg2 --edit-key AE2B4D8A [...] Secret key is available. pub 4096R/AE2B4D8A created: 2013-06-08 expires: 2013-06-15 usage: C trust: ultimate validity: ultimate sub 2048R/34B258B1 created: 2013-06-08 expires: 2013-06-15 usage: S sub 2048R/AF72E72E created: 2013-06-08 expires: 2013-06-15 usage: E [ultimate] (1). Testkey gpg> toggle [...] gpg> bkuptocard 000001-005.secret_key Signature key ....: [none] Encryption key....: [none] Authentication key: [none] Please select where to store the key: (1) Signature key (2) Encryption key (3) Authentication key Your selection? 1 [...] gpg> quit Save changes? (y/N) Quit without saving? (y/N) y ^^^ GnuPG thinks something has changed about the key. It has not, and it is safe to save, but err on the side of caution anyway. ------------8<--------cut here-------->8------------ Now you have the key on the card. Obviously, you also still have the secret key on your keyring. That copy has to go; but think about what you're doing and if you still have backups. We already covered the case of two smartcards, with the subkeys on a separate smartcard, elsewhere in the thread. I'm just going to throw away the secret key now, but obviously I also lose the subkeys in the process. So think about what you're doing. peter at tweek:~$ gpg2 --delete-secret-keys AE2B4D8A [...] peter at tweek:~$ gpg2 --card-status [...] Signature key ....: 522A 0C00 D2B3 E5A0 2003 0F7E 4E70 3236 AE2B 4D8A created ....: 2013-06-08 10:12:29 Encryption key....: [none] Authentication key: [none] General key info..: pub 4096R/AE2B4D8A 2013-06-08 Testkey sec> 4096R/AE2B4D8A created: 2013-06-08 expires: 2013-06-15 card-no: 0005 0000106E ssb# 2048R/34B258B1 created: 2013-06-08 expires: 2013-06-15 ssb# 2048R/AF72E72E created: 2013-06-08 expires: 2013-06-15 Et voil?, we have the needed stub. Let's see what the secret key looks like: peter at tweek:~$ gpg2 --export-secret-keys AE2B4D8A|gpg --list-packets :secret key packet: version 4, algo 1, created 1370686349, expires 0 skey[0]: [4096 bits] skey[1]: [17 bits] gnu-divert-to-card S2K, algo: 0, simple checksum, hash: 0 That's correct! And it also works: I could certify another test key with my smartcard. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From peter at digitalbrains.com Sat Jun 8 13:01:29 2013 From: peter at digitalbrains.com (Peter Lebbing) Date: Sat, 08 Jun 2013 13:01:29 +0200 Subject: Is this a bug? Primary certification-only key will not "keytocard" In-Reply-To: <51B30C6F.5090805@digitalbrains.com> References: <20130603144146.42da39ed@zetkin.primekey.se> <51ACDC21.40604@Mustrum.net> <51AF036F.7070401@digitalbrains.com> <51AF3412.3010603@digitalbrains.com> <51AF7745.6030805@Mustrum.net> <51AF8169.2090308@digitalbrains.com> <51AFA657.9090501@Mustrum.net> <51B06759.5060708@digitalbrains.com> <63eeef02-ca42-4736-943b-b85b97099e3f@email.android.com> <51B30C6F.5090805@digitalbrains.com> Message-ID: <51B30F09.6090203@digitalbrains.com> Hello Werner and list, I could reproduce the problem the user "Mustrum" had with moving his certification-only primary key to a smartcard. If you have a primary key with sign and certify abilities, you can "keytocard" it to the Signature slot of an OpenPGP card, and it will issue certifications just fine. But you can't move a certification-only primary key to the Signature slot. I think I did exactly this with my own key in 2009, and it worked fine. Also, if you trick GnuPG into moving the primary key to a smartcard, it will issue certifications perfectly fine as well. This message is a reply to a message where I explain how I tricked GnuPG, in the thread "Separate OpenPGP cards for master key and sub-keys". Is it deliberate behaviour to deny the operation? And if so, I'm very interested to know why. By the way, back in 2009 I used a 2048-bit key, and Mustrum ran into the problem with a 4096-bit key. I just tried, but it won't work for a 2048-bit key either. Obviously, the chances that it was related to keysize were already slim, but I checked anyway. Greets, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From mailinglisten at hauke-laging.de Sat Jun 8 17:22:00 2013 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Sat, 08 Jun 2013 17:22 +0200 Subject: How do you show a list of cached keys in gpg-agent? In-Reply-To: <51B2EE8B.5090005@digitalbrains.com> References: <1370634014.17201.140661241263265.75913358@webmail.messagingengine.com> <51B2EE8B.5090005@digitalbrains.com> Message-ID: <5714962.GsgiHs7t3f@inno.berlin.laging.de> Am Sa 08.06.2013, 10:42:51 schrieb Peter Lebbing: > # If the option > # --list is given the keygrip is ignored and information about all > # available keys are returned. I am afraid that is not what the OP wants to know. "Cached keys" in the sense of "ssh-add -l" are keys whose passphrase is cached. But gpg-agent gives you a list of all keys it knows (however). I remember having read that it is explicitly impossible to get a list of the keys with cached passphrases from gpg-agent. I just tried the command (for the first time) and something strange happens. I get a list of five entries. Four of which seem to belong to keys on smartcards. None contains a fingerprint. Then I opened an encrypted email, was asked for a passphrase (which was cached: I could open other encrypted emails afterwards) but the output of "KEYINFO --list" didn't change at all! There is only one instance of gpg-agent running... Hauke -- ? PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04) http://www.openpgp-courses.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 572 bytes Desc: This is a digitally signed message part. URL: From dkg at fifthhorseman.net Sat Jun 8 19:03:06 2013 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Sat, 08 Jun 2013 13:03:06 -0400 Subject: Recommendations for handling (multiple) user IDs - personal and company ones In-Reply-To: <3779575.bdWUum2JNy@inno.berlin.laging.de> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <3779575.bdWUum2JNy@inno.berlin.laging.de> Message-ID: <51B363CA.7080802@fifthhorseman.net> On 06/07/2013 06:54 PM, Hauke Laging wrote: > In addition to what Doug has said: I recommend to have one UID without email > address. Just your name and a comment (like "everyday key on smartcard with > offline main key; see policy URL". fwiw, some people might not be comfortable certifying a User ID ("signing a key") with such a comment, since it is not actually a part of the user's identity. How is an OpenPGP certifier supposed to validate the correctness of this comment? In general, i think that comments in User IDs should be discouraged, as i've suggested publicly: https://www.debian-administration.org/users/dkg/weblog/97 Regards, --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1027 bytes Desc: OpenPGP digital signature URL: From mailinglisten at hauke-laging.de Sat Jun 8 21:21:17 2013 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Sat, 08 Jun 2013 21:21:17 +0200 Subject: Recommendations for handling (multiple) user IDs - personal and company ones In-Reply-To: <51B363CA.7080802@fifthhorseman.net> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <3779575.bdWUum2JNy@inno.berlin.laging.de> <51B363CA.7080802@fifthhorseman.net> Message-ID: <6891728.iZVM71EG9L@inno.berlin.laging.de> Am Sa 08.06.2013, 13:03:06 schrieb Daniel Kahn Gillmor: > fwiw, some people might not be comfortable certifying a User ID > ("signing a key") with such a comment, Crypto is NOT about comfort but about security. The point is: Does a certification make sense? Most certifications I see do not. They come without a certification level, without a policy URL, usually have no (especially not a reliably signed) key policy and are usually not made by offline main keys (or similar). In the end: more or less worthless. The WoT in its current form is occupational therapy for people who refuse to do crypto right (or rather: don't know what that means). > since it is not actually a part of the user's identity. Who cares? The question is: Does such a UID make the key better (with or without the WoT)? And if the answer is "It does", who would dare argue against that with the vague definition from the RfC? A comment may be a statement about the function of the key owner in an organization and thus is an important part of the identity. This is explicitly intended by signature law! Such a comment should be certified by the organization's certification key only. That it does not make sense that everyone signs a comment does not make the comment useless or bad in any way. > How is an OpenPGP certifier supposed to > validate the correctness of this comment? You have to read the comment statement and its certification right. It obviously doesn't mean "I have checked that this is true" as everybody immediately understands that it is not possible for the certifier to check this. Instead it means: "I testify to it that the key owner makes this statement about the certified key." And statements about keys are damn important. You cannot do secure crypto without them. You are right insofar as in a perfect world this information might better be placed elsewhere (standardized, machine readable signature notations). But in this world and this time not even policy URLs are shown by default. Thus for maybe the next five years it is definitely a good idea to put the most important information about a key into a UID. > https://www.debian-administration.org/users/dkg/weblog/97 Sorry but the example you use on that page is ridiculous. It doesn't prove anything about UID comments except for the trivial fact that it is possible to use them for ridiculous purposes. You really should not leave that online. If someone makes a statement about the security of his key and decides to change this statement for the same key (no matter in which direction) that would be self-sabotage. Stupid behaviour but not nearly an argument against statements about key security. And such statements are useless if they are not certified. It would make sense that the certifier demands that statement on paper with a manual signature. Hauke -- ? PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04) http://www.openpgp-courses.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 572 bytes Desc: This is a digitally signed message part. URL: From dkg at fifthhorseman.net Sat Jun 8 22:16:18 2013 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Sat, 08 Jun 2013 16:16:18 -0400 Subject: Recommendations for handling (multiple) user IDs - personal and company ones In-Reply-To: <6891728.iZVM71EG9L@inno.berlin.laging.de> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <3779575.bdWUum2JNy@inno.berlin.laging.de> <51B363CA.7080802@fifthhorseman.net> <6891728.iZVM71EG9L@inno.berlin.laging.de> Message-ID: <51B39112.6040009@fifthhorseman.net> On 06/08/2013 03:21 PM, Hauke Laging wrote: > Crypto is NOT about comfort but about security. The point is: Does a > certification make sense? Most certifications I see do not. People simply won't use tools that they aren't comfortable with. This is a delicate tradeoff, but if you're willing to sacrifice everyone's comfort to build a system, that system simply won't get used. The end result? decades of cleartext e-mail, long after we had the tools to do better :( > They come without a certification level, Including a certification level, given the state of modern OpenPGP implementations, is meaningless and serves only to leak information about the social graph which otherwise wouldn't be leaked. I think it's also a bad idea, and i'm grateful to Werner and the rest of the GnuPG crew that it is not a question asked by default, as i've also argued publicly recently: https://debian-administration.org/users/dkg/weblog/98 > without a policy URL, usually have no > (especially not a reliably signed) key policy and are usually not made by > offline main keys (or similar). In the end: more or less worthless. The WoT in > its current form is occupational therapy for people who refuse to do crypto > right (or rather: don't know what that means). If you want to be able to do machine-level inference about user identity (so that a user's computer can tell them with confidence "This is Sally, you know this because Joe said so"), and you insist that policy URLs are critical then you probably also need machine-readable policies; and you need to define a way that users can declare their sentiments about specific policies, in addition to declaring their sentiments about how well they think some other keyholders can effectively implement each flavor of policy encountered. This sounds like a complicated mess, and afaict no one is working on this. it is another barrier to participating in the OpenPGP network of certifications. Learning the basics of what it means to responsibly hold a secret key and make (or choose to not make) identity assertions with it is already too complex for most people. Adding layers of complexity to the system will simply make the user base smaller. This is particularly disastrous with systems that rely on the network effect for any sort of public usefulness. > Who cares? The question is: Does such a UID make the key better (with or > without the WoT)? And if the answer is "It does", who would dare argue against > that with the vague definition from the RfC? I would argue "it doesn't make it better" because it confuses people about what User IDs are, which makes it harder for them to participate in OpenPGP's network of certifications. Clearly, we disagree here. > A comment may be a statement about the function of the key owner in an > organization and thus is an important part of the identity. This is explicitly > intended by signature law! Such a comment should be certified by the > organization's certification key only. It sounds like you're saying that the presence of some comments in User IDs make it so that no one else is supposed to certify those User IDs, for some sort of legal reason ("signature law") which i don't know about or understand. If this is correct, this sounds like yet another reason for me to not want to get into the habit of certifying any User IDs with comments in them. > You have to read the comment statement and its certification right. It > obviously doesn't mean "I have checked that this is true" as everybody > immediately understands that it is not possible for the certifier to check > this. Instead it means: "I testify to it that the key owner makes this > statement about the certified key." And statements about keys are damn > important. You cannot do secure crypto without them. I'm wary of the term "secure" -- can you be more specific about what benefits we gain as a community from a comment in a User ID like "I have this primary key offline"? Are there no other ways to gain those benefits without putting the comment in the User ID? > You are right insofar as in a perfect world this information might better be > placed elsewhere (standardized, machine readable signature notations). But in > this world and this time not even policy URLs are shown by default. If you think that policy URLs should be shown by default, you should make the case for that. I suspect they're not currently shown by default because they are an additional source of confusion in an already too-confusing interface for most people. Who do you want to be able to participate in the public network -- just a handful of experts steeped in the arcana? or everyone capable of operating a computer at a reasonable level? >> https://www.debian-administration.org/users/dkg/weblog/97 > > Sorry but the example you use on that page is ridiculous. It doesn't prove > anything about UID comments except for the trivial fact that it is possible to > use them for ridiculous purposes. You really should not leave that online. clearly, we disagree about this. But the overwhelming majority of comments in User IDs on the public keyservers are exactly of the ridiculous types used as examples in that page. Try looking at them sometime, it's pretty depressing. This suggests to me that this feature (the "comment" prompt when generating a new User ID) is causing more confusion and difficulty than it is providing benefit. > If someone makes a statement about the security of his key and decides to > change this statement for the same key (no matter in which direction) that > would be self-sabotage. Stupid behaviour but not nearly an argument against > statements about key security. And such statements are useless if they are not > certified. You'll note that i'm not objecting to statements about key security in general. I'm objecting to placing them in the User ID. You can make these statements in other forms than placing them in the User ID. For example, you can put a signed message on your web site about your key maintenance habits, which other people could refer to when they want to learn from you. > It would make sense that the certifier demands that statement on > paper with a manual signature. again, it sounds like you're asking for something that would make an already-too-cumbersome process even more cumbersome. I don't think that's to the advantage of the community as a whole. Regards, --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1027 bytes Desc: OpenPGP digital signature URL: From rjh at sixdemonbag.org Sun Jun 9 02:40:07 2013 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sat, 08 Jun 2013 20:40:07 -0400 Subject: Recommendations for handling (multiple) user IDs - personal and company ones In-Reply-To: <51B363CA.7080802@fifthhorseman.net> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <3779575.bdWUum2JNy@inno.berlin.laging.de> <51B363CA.7080802@fifthhorseman.net> Message-ID: <51B3CEE7.302@sixdemonbag.org> On 06/08/2013 01:03 PM, Daniel Kahn Gillmor wrote: > fwiw, some people might not be comfortable certifying a User ID > ("signing a key") with such a comment, since it is not actually a > part of the user's identity. How is an OpenPGP certifier supposed > to validate the correctness of this comment? I entirely believe *you* might not be comfortable, but I think it's already well-established that you're an edge case. :) People are free to be uncomfortable certifying user IDs that end in 'n', in which case I'm completely out of luck. People are free to be uncomfortable signing user IDs for any old reason. Unless there's either a usability study that shows a particular pattern of behavior, or widespread agreement that such a behavior is common in the field, I think we ought be skeptical. > In general, i think that comments in User IDs should be discouraged, > as i've suggested publicly: Nonsense. They should be used where it makes sense to use them. If it doesn't make sense, they shouldn't be used. We need no default encouragement or discouragement policy, just a "please think about whether it serves your needs" policy. From toothache200873 at yahoo.com Sun Jun 9 12:34:51 2013 From: toothache200873 at yahoo.com (Condor Kim) Date: Sun, 9 Jun 2013 03:34:51 -0700 (PDT) Subject: from Condor Kim enjoy! Message-ID: <1370774091.48304.YahooMailNeo@web164602.mail.gq1.yahoo.com> http://www.coreministriesonline.org/eqinlyfhb.php http://www.coreministriesonline.org/eqinlyfhb.php -------------- next part -------------- An HTML attachment was scrubbed... URL: From mailinglisten at hauke-laging.de Mon Jun 10 05:14:05 2013 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Mon, 10 Jun 2013 05:14:05 +0200 Subject: Recommendations for handling (multiple) user IDs - personal and company ones In-Reply-To: <51B39112.6040009@fifthhorseman.net> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> Message-ID: <1448195.NK6CoADzsu@inno.berlin.laging.de> Am Sa 08.06.2013, 16:16:18 schrieb Daniel Kahn Gillmor: > People simply won't use tools that they aren't comfortable with. This is much more about understanding the connections and seeing what's necessary to achieve a certain goal. And understanding which is the right goal in every single case. I remember the professor in my first computer science course: "Many people talk about reducing the complexity of a problem. That's nonsense. You cannot reduce the complexity of a problem, that is a fixed value. You just can work on the problem in small pieces." I see people doing stupid things with crypto all the time. Why? Because they don't understand the connections. You cannot throw Enigmail and GPA at clueless people and pretend they were capable of using OpenPGP seriously now just because it *looks* simple to *them* now. I tell the people who attend to my courses: "For get the Web of Trust. That is not for beginners. You neither need it now nor understand enough of the subject to use it well." But I tell them to have a look at my key policy template. So that they get an impression what is important about keys. > This > is a delicate tradeoff, but if you're willing to sacrifice everyone's > comfort to build a system, that system simply won't get used. You mean like GnuPG itself (including all GUIs)? What I want does not make OpenPGP more complicated (in the usual sense). The GUI would ask you a few simple questions. That requires time but not deep understanding. You don't even have to understand what an offline main key is in order to testify to the key owners claim of having one. What do you think how many people who use OpenPGP today wouldn't use it if the WoT didn't exist? The WoT is a playground for statistics but for whom is it a killer feature? And who would use it for really serious purposes (high security demand)? I don't see any reason to consider the current WoT as a big success which would be exposed to danger by what I promote. > The end > result? decades of cleartext e-mail, long after we had the tools to do > better :( The reason hardly anybody uses crypto is not that its usage was complicated (I know, I a minute Rob will post his usability study link and ask for my sources...). It isn't. Not the basic operations if you have a working configuration. And for the rest the users can ask for help. The reason that most people do not use crypto is the most trivial one: They don't think they need it. But if you think you need it and if you understand the connections would you really accept the low security level ot the WoT just for some comport? Probably not. You would not use the WoT for important issues. > Including a certification level, given the state of modern OpenPGP > implementations, is meaningless You are aware that I strongly critizise the current state? > and serves only to leak information > about the social graph which otherwise wouldn't be leaked. There is no relation between the precision of a key and UID verification and the social contact. > as i've also argued publicly recently: > > https://debian-administration.org/users/dkg/weblog/98 I wouldn't agree that you argue there. I read a lot of opinion. I would prefer facts and connections which support an opinion. > If you want to be able to do machine-level inference about user identity > (so that a user's computer can tell them with confidence "This is Sally, > you know this because Joe said so"), and you insist that policy URLs are > critical then you probably also need machine-readable policies; That is my long term aim. But until there is a widely used standard we will need human-readable text at least in parallel. It doesn't make sense to have to read something that can be made machine-readable. Noone is interested in reading 30 key policies after a key signing party. > This sounds like a complicated mess, The complicated mess is going to be hidden by the GUI. > afaict no one is working on this. I am (but how should you have known...): http://www.openpgp-notations.org/ But there isn't much yet as I am busy with my courses project. > it is another barrier to > participating in the OpenPGP network of certifications. It's not at all. Nobody would prevent a user from doing certifications like today. But my aim is to make most users take the WoT security not seriously any more. My approach is a chance. To leave the low, hardly useful level of the current WoT behind. And there is another chance: If enough people use OpenPGP someday then you don't need a big amount of signatures any more. If you have 20 highly trustworthy signatures (from your family, long term friends and the like) that will be enough. And all the saved time which you use for another 100 signatures today can be used for making the certifications better. > Learning the basics of what it means to responsibly hold a secret key > and make (or choose to not make) identity assertions with it is already > too complex for most people. It is not "too complex" in an absolute sense. We are not talking about rocket science. It is "too complex considering there is no demand to do it right". If more and more people use crypto then social pressure will arise. 15 years ago it wasn't a problem in Germany not to have an email address. Nobody would have considered you and idiot or otherwise strange person if you didn't have one. This has changed. And it will change similarly for crypto. In another 15 years it will not be possible not to use crypto without being laughed at. But if I promote a system for the whole population then it must be good enough for that task. It must be capable of delivering (in practice!) security and transparency on a level similar to what the crypto laws demand. > Adding layers of complexity to the system > will simply make the user base smaller. The OpenPGP userbase is ridiculously small. And BTW: The WoT knowledge even among people actively involved with OpenPGP is ridiculously low. You don't even find the relevant details in the documentation on gnupg.org. When I was writing about the WoT (which I had not used at that time) on my OpenPGP page I didn't find a single really good source about the subject. After acquiring the knowledge myself through intense testing I found a dozen errors on the probably best German OpenPGP resource. If I talk to people who organize key signing partys it turns out that none of them is familiar with the details. Thus I consider the WoT a joke meanwhile. > This is particularly disastrous > with systems that rely on the network effect for any sort of public > usefulness. There is obviously no public usefulness of OpenPGP as a whole given the irrelevant user base. So how can the WoT be a great feature if not even the base technology is? We must teach the public about the need and benefits of crypto for them but also about the complexity. Either you need security or you don't but you will not get it for free. The aim is not to pull everyone on a high security level. My aim is to have a system which fulfills the needs of different types of users. > > A comment may be a statement about the function of the key owner in an > > organization and thus is an important part of the identity. This is > > explicitly intended by signature law! Such a comment should be certified > > by the organization's certification key only. > > It sounds like you're saying that the presence of some comments in User > IDs make it so that no one else is supposed to certify those User IDs, > for some sort of legal reason ("signature law") which i don't know about > or understand. No, you misunderstood me. This is basically your argument: It doesn't make sense to certify certain statements because you cannot verify them. If the statement is "This person is the CEO of that company" then this is a plain fact (which is going to change over time though) but hard for most people to assess. Thus only the company (and maybe an authority where the CEOs must be registered) should certify such a statement. Everybody else should certify the name and email address only (which the current OpenPGP does not offer you unless there are separate UIDs). > I'm wary of the term "secure" -- can you be more specific about what > benefits we gain as a community from a comment in a User ID like "I have > this primary key offline"? Are there no other ways to gain those > benefits without putting the comment in the User ID? This information can be put elsewhere. But today that would make little sense as hardly anybody would notice. Who knows what a key policy is? Those who don't will certainly not look for it. But if someone reads "offline mainkey; see policy URL" in my UID comment then he may get curious about that, learn something about crypto and use it better in the end. But I don't see any reason to avoid that in a UID. There is not just one identity "Hauke Laging" (even if noone else has that name). There are "Hauke Laging, private person", "Hauke Laging, employee", "Hauke Laging, founder of an OpenPGP teaching project" and these identities are quite separate from the perspectives of people who are in contact with me in those different areas. So why should such an additional information in a UID not help those who use the key? It may help them even if the certification becomes more difficult for others. > If you think that policy URLs should be shown by default, you should > make the case for that. I mainly think that the default should be that everbody has one. If nearly noone has, why should they be shown? > I suspect they're not currently shown by > default because they are an additional source of confusion in an already > too-confusing interface for most people. The interface can get better. The problem is IMHO not the interface, not at all. The problem is that the people do not learn crypto like they learn other things. Most people do not have someone they can ask. If everyone learnt that at (e.g.) school then nobody would consider that complicated any more. At least not more complicated than using email, making web pages or office documents. > Who do you want to be able to > participate in the public network -- just a handful of experts steeped > in the arcana? or everyone capable of operating a computer at a > reasonable level? That's one of the really important questions. I thing I already mentioned it above: I want EVERYONE to use crypto (not all on the same level, though). But I am convinced that this is primarily about a) convincing people that they need it b) teach them well I don't think that the "visible complexity of crypto" should be stripped down so that everyone believes he can use it after having seen a 10 minutes video and done a few clicks. We should go for a consensus about what crypto users should know / have understood. In parallel we should make the system better so that it suits the needs of more people. And most important: We have to teach others. One of my better recent ideas: https://bugs.kde.org/show_bug.cgi?id=318005 I want software which supports crypto but is used without it, too, to point its users at crypto teaching resources. > But the overwhelming majority of > comments in User IDs on the public keyservers are exactly of the > ridiculous types used as examples in that page. I wasn't aware of that but that is not an argument against comments but an argument against stupid comments. This would not happen if most users did not create their keys by themselves but with professional help. You can do so much wrong when generating a key. You cannot demand from a new user to understand all that in advance. The more as key generation is rather useless knowledge for him. Thus: Get potential users into courses and we automatically get rid of most of the stupid UIDs. > This suggests to me that this feature (the "comment" prompt when > generating a new User ID) is causing more confusion and difficulty than > it is providing benefit. I agree with that. If I suggest changes Werner always says: "The GUIs should handle that." But is there a single good graphical key generation tool available? One that gives you all the information you need? One that is at least capable of creating offline mainkeys? I am not aware of one. The GUIs have to become a lot better. Fortunately I am in contact with a KDE developer who intends to work on the crypto part of KMail and KGpg. I am sure that even with little development effort big improvements are possible. > You can make these statements in other forms than placing them in the > User ID. For example, you can put a signed message on your web site > about your key maintenance habits, which other people could refer to > when they want to learn from you. That makes sense only if this document is signed by others, too (those who certify your key). And even if they did: The result would be invisible for most users today. > again, it sounds like you're asking for something that would make an > already-too-cumbersome process even more cumbersome. I don't think > that's to the advantage of the community as a whole. Maybe not. But nobody would be forced to do it that way. Why should experts and newbies make the same kind of certification? Why limit the experts? Hauke -- ? PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04) http://www.openpgp-courses.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 572 bytes Desc: This is a digitally signed message part. URL: From rjh at sixdemonbag.org Mon Jun 10 05:52:32 2013 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sun, 09 Jun 2013 23:52:32 -0400 Subject: Recommendations for handling (multiple) user IDs - personal and company ones In-Reply-To: <1448195.NK6CoADzsu@inno.berlin.laging.de> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> Message-ID: <51B54D80.8010301@sixdemonbag.org> On 6/9/2013 11:14 PM, Hauke Laging wrote: > The reason hardly anybody uses crypto is not that its usage was > complicated (I know, I a minute Rob will post his usability study > link and ask for my sources...). Yes, I will repeat my mantra: unless you're looking at peer-reviewed usability studies you don't really know anything -- you're going off your accumulated anecdotal experience. That's not to say you're wrong: you might be completely correct. It just means I can't take the claim seriously. For what it's worth, the usability study I keep going back to agrees with you. The number one factor inhibiting adoption of encrypted email is fear of public scorn, whether being seen as one of "those paranoid people" or "I don't want people to wonder what I have to hide" or what-have-you. Inconvenience runs a close second. That's why I'm so skeptical of all claims that if we just fix the UI we'll solve the adoption problem. The problem isn't UI. > The reason that most people do not use crypto is the most trivial > one: They don't think they need it. This is not supported by the studies. Many people who do not use crypto openly acknowledge that maybe they "should", in a vague "I really should eat more salads and less meat" sense. However, they see the risks to themselves as diffuse and distant, and the consequences mild. If you're a political campaign worker and you send an unencrypted email of your contact list, and it gets intercepted by the other side, your screw-up has done enormous damage to your candidate... but you, yourself, will likely never face any real punishment for it. Bruce Schneier has gone on the record as saying something to the effect of, "Whenever I hear a business exec tell me they have mandatory security training, I ask how many people they fired in the last year for violating security policies. If it's zero then they don't have training, they have an hourlong all-hands meeting that no one will pay attention to. And really, why should they?" (I'm paraphrasing him quite loosely: I'm certain I've got the gist and spirit right, but I'm certain the words are horribly wrong.) From hhhobbit at securemecca.net Mon Jun 10 08:23:52 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Mon, 10 Jun 2013 06:23:52 +0000 Subject: Recommendations for handling (multiple) user IDs - personal and company ones In-Reply-To: <1448195.NK6CoADzsu@inno.berlin.laging.de> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> Message-ID: <51B570F8.6040902@securemecca.net> On 06/10/2013 03:14 AM, Hauke Laging wrote: What a mouthful. I shortened it to those things most relevant to me. My keys are NOT part of the WoT due mostly to nobody around my home having OpenPGP keys. I would say that I have a higher option that you do of the Wot when contrasted with one SSL licensing authority after another being compromised very badly. >> The end result? decades of cleartext e-mail, long after we had >> the tools to do better :( I don't know quite what you mean by the tools. But I would love the requirement of some sort of secure token from an SMTP server trying to attach to another SMTP server. That would slow PeskySpammer from filling my email box with messages where the sending SMTP server is running on a hacked Windows PC. Actually it would stop it altogether until PeskySpammer figured out a work-around. Yes, I know, we have tons of hacked SSL certs on web-sites. But it would at least slow things down a little bit. But the big problem isn't technical. It is as expressed by one Unix / Linux Admin that I trust "not worth the effort." There is a massive sense of futility that we cannot solve the problem and thus no new RFC on email. Trust me on this one. My other POP email account can no longer send except through the web-mail account (maybe that has gone down too) because it is being blocked by something that has gone wrong. That something that has gone wrong may be the NSA or the FBI after my comment in the Washington Post on Prism. Can it be fixed? Yes if it is my current POP / IWSP that is causing the problem. But it can be done only by moving from my current IWSP to a new smaller IWSP that will accept input and be able to hack a temporary fix. But what is needed is a complete revamping on how email works including a new RFC and some way to reduce spam to a trickle and nobody but me wants it. You did see the spam in our mail chutes yesterday morning didn't you? They also sent it to the wireshark group and several others. I will be blocking not the host in the message but the host that it led to that had whois information that was bogus. > The reason hardly anybody uses crypto is not that its usage was > complicated (I know, I a minute Rob will post his usability study > link and ask for my sources...). It isn't. Not the basic operations > if you have a working configuration. And for the rest the users can > ask for help. > > The reason that most people do not use crypto is the most trivial > one: They don't think they need it. That isn't it at all. One of the people commenting on the Prism article at the Washignton Post said OpenPGP IS too complicated. It certainly isn't very easy for most people and I have even observed engineers struggling to use OpenPGP. I had a person that stupidly thought they could email me bad host names through their Yahoo web-mail account. Yahoo blocked their send. I have even run tests where I am the only person that had a particular hostname in their block-list and Yahoo even blocked those messages. That would be admirable if I got my names from email. I didn't. I got them from stabbed in links on vulnerable web servers. Even after I tried to get him to zip them with 7-Zip using the AES-128 encryption cipher he just wouldn't do it. A current person is using WinRAR exe installers and dumbly thought he could just send the EXE file as an attachment in email. He finally encrypted it with rar's simple cipher. Sure, you and others could decipher it easily but that was enough to get an email's virus-scanner to leave it alone. At least he listened to me and didn't use zip which was banned because of the ever-expanding zips. Now he has the problem of false detects due to using the WinRAR installer. I told him to shift to using Inno Setup. You do that and the problems go away, especially with a "Legal Copyright" string. The problem is more serious than whether they think they need any encryption or not. THEY HATE THE IDEA OF USING ENCRYPTION! My sig says it all and is attached manually because it really does show what the real problem is now. People including even the Computer Scientists are totally unable to think any more. Even the knowledge that PRISM is snooping into everything won't cause them to change. Why not? They are using Facebook, Twitter and other social services to broadcast everything they do now anyway. That is a sure sign that enciphering is not wanted. But encryption isn't just enciphering. It also includes signing. I would love for them to send me messages that are signed, especially if we exchanged the keys by hand. So why do they hate using encryption? It takes too much work. Unless they are forced to use encryption by somebody else, than dammit all to hell they are NOT GOING TO USE IT. They also trust the privacy of their email messages implicitly despite the fact that they use web-mail. Me? I am rather suspicious but I had a half-sister (blessed) that worked at Arlington Hall. The latest for me was an email message from somebody that used the Latin name for his eail account that was the equivalent of "one man army" (exercitussolus - two words contracted together) and his sig was even more entertaining: "Fortuna audaces adiuvat -- hos solos ?" Roughly translated that is "Fortune favors the bold - only these?" OOPS. I am now condemned for thinking and will be taken out and summarily shot. HHH --- Gnome 3, Ubuntu Unity, Windows 8 - poor iPhone GUI on Desktop Thinking has been suspended indefinitely. Anybody caught thinking will be immediately shot! -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 555 bytes Desc: OpenPGP digital signature URL: From hhhobbit at securemecca.net Mon Jun 10 10:46:35 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Mon, 10 Jun 2013 08:46:35 +0000 Subject: Why OpenPGP is not wanted - stupid is in vogue right now In-Reply-To: <51B54D80.8010301@sixdemonbag.org> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> <51B54D80.8010301@sixdemonbag.org> Message-ID: <51B5926B.4060108@securemecca.net> My personal observations agrees with Rob Hansen's studies 100%. Even when required to use encryption people hate doing it and their concept is entirely focused on the ciphering with them thinking that people who use encryption are trying to hide something. They don't even begin to understand that signing is also a part of encryption. IOW, there is also an ignorance factor. Nobody but me uses my signatures on the stuff I deliver. It isn't because my keys aren't part of the WOT. It is because for what ever reason they want to complain like mad about Prism but then go to Facebook and broadcast their personal lives to the entire world. Why? I would like to say I don't know why and that it could be used for a doctoral dissertation but I am beginning to suspect the doctoral candidates in Sociology and Psychology will be similarly nuts any more. For those few who use my stuff they don't even use the signatures to verify that things are okay.. Dumb? Certainly. But stupid is in vogue right now and I don't know why. The Mayan Haab (365 days per cycle) and Tz'olkin (260 days per cycle) calendars both go backwards and forwards forever but nobody wants to know that these calendars really didn't come to an end on 21 Decembre 2012 and that was just one of the times that the first days align. It also happens every 52 Haab cycles (years) and 73 Tz'olkin periods. Don't try to sit down and explain it to them either. They go glassy eyed and make sure they don't understand that (365 * 52) = (260 * 73) and make sure they don't understand why even when you show the reduction that is lowest number you can get in the multiplication where they are equal. They want to say that it is completely impossible to understand and they want to believe what ever lies are told on the History II channel and elsewhere. They get away with it because everybody else is doing the same thing. Why? BEING STUPID IS IN FASHION RIGHT NOW! If they had complained that my keys were not part of the WOT, my keys would have been part of the WOT in a hurry. That was why I added my legal name as a comment. I anticipated somebody would ask me to become part of the WOT. Nobody has asked because less than 1/10 of 1% of people are using encryption except when they don't know that they are using it (443). What is wrong with the GUI provided with GPG4WIN? I really don't want a GUI on Linux since I do most things in a terminal and BASH anyway. My only complaint with GPG4WIN is that checking the signature should come first but that is because that is what I use it for. I verify that my own downloads have not been tampered with. Hey, the web-server isn't under my control. I can no longer send email on the POP email account that goes with that web server any more either. Yahoo's SMTP server stopped accepting my email from Thunderbird just two days ago. Unfortunately, POP still pulls down 100 or so messages from PeskySpammer every day. That does not instill confidence. But I can still mail fine here using OpenPGP on 1and1 with no problems. So it is not my setup which has not changed that is causing the problems. Business mail at Yahoo is either broken or the NSA / FBI retaliated for my comment at WaPo. I pick broken. Why retaliate when even some of them will agree with my comments at WaPo? My snail mail delivered letter to Yahoo will be my last chance at getting it working again. My hope is extremely low. Until stupid falls out of vogue, encryption just isn't going to be used. If the History II channel and my downstairs neighbor with Planet X (Nibiru) are any indication we will need a completely new generation for that to happen. This generation is so stupid with their iPhones and iPads and Galaxy Samsungs that I am beginning to wonder how we got here. It isn't just the young doing it either. Many older people have been similarly afflicted. I think I will watch the programs on the D-Day veterans so I can get out of this time warp factor we are in right now for a while. Those people back then weren't stupid. They cracked the Enigma, the Lorenz, and most of the Japanese codes as well. I should have lived my life back then with my half-sister Susie and helped in the cracking. Now? The emperor has no clothes and almost nobody wants to use encryption - ANY KIND OF ENCRYPTION! Me? My financial data and passwords are enciphered. I don't make any apologies either. There are too many hackers that want to steal that stuff. I strongly avoid using software that isn't signed unless I created it either. The people that aren't doing it? THEY ARE PROUD ABOUT BEING STUPID! The reason Microsoft bundled Windows Defender and have it on by default is because well over 50% of the people weren't using an AV product on Windows. Unfortunately, Windows Defender is removing all blocked entries including even Facebook and bad hosts from the hosts file now. Again, stupid is in fasion even at Microsoft when they attempt to remedy a problem. Windows Defender may have removed the only thing that would keep that problem away from that person's computer. Will the Microsoft programmers understand that? NO! STUPID IS IN VOGUE RIGHT NOW! Mucking around with a new GUI for GnuPG will not change these factors. The new GUI design needs to be driven by what the people want. Right now they don't want encryption. Encryption has become a dirty word in their diseased minds. HHH -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 555 bytes Desc: OpenPGP digital signature URL: From net at janeden.net Mon Jun 10 11:30:54 2013 From: net at janeden.net (Jan Eden) Date: Mon, 10 Jun 2013 11:30:54 +0200 Subject: Why OpenPGP is not wanted - stupid is in vogue right now In-Reply-To: <51B5926B.4060108@securemecca.net> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> <51B54D80.8010301@sixdemonbag.org> <51B5926B.4060108@securemecca.net> Message-ID: <20130610093054.GI805@uni-koeln.de> Well... most people in 1940 were not capable of cracking the Enigma or even aware of encryption technology. In fact, most human beings are "stupid" in that they do not seek to understand the inner workings of systems around them. This is simply a pragmatic approach: As long as something works as expected, it will not be questioned. This is true for technical, political and economic systems. Media coverage of Prism or Facebook's, Google's etc. data handling will not increase demand for encryption significantly unless many people are affected directly (i.e. questioned by the FBI regarding some message they sent). On the other hand, ordinary people have adapted at remarkable speed to a society which is much more complex and intellectualy demanding than 200 years ago. I would not underestimate the potential of the homo sapiens. Kind regards, Jan Eden On Mon, Jun 10, 2013 at 08:46:35AM +0000, Henry Hertz Hobbit wrote: > My personal observations agrees with Rob Hansen's studies 100%. > Even when required to use encryption people hate doing it and > their concept is entirely focused on the ciphering with them > thinking that people who use encryption are trying to hide > something. They don't even begin to understand that signing is > also a part of encryption. IOW, there is also an ignorance > factor. Nobody but me uses my signatures on the stuff I > deliver. It isn't because my keys aren't part of the WOT. It > is because for what ever reason they want to complain like mad > about Prism but then go to Facebook and broadcast their personal > lives to the entire world. Why? I would like to say I don't > know why and that it could be used for a doctoral dissertation > but I am beginning to suspect the doctoral candidates in > Sociology and Psychology will be similarly nuts any more. For > those few who use my stuff they don't even use the signatures to > verify that things are okay.. Dumb? Certainly. But stupid is > in vogue right now and I don't know why. The Mayan Haab > (365 days per cycle) and Tz'olkin (260 days per cycle) > calendars both go backwards and forwards forever but nobody > wants to know that these calendars really didn't come to an > end on 21 Decembre 2012 and that was just one of the times > that the first days align. It also happens every 52 Haab > cycles (years) and 73 Tz'olkin periods. Don't try to sit down > and explain it to them either. They go glassy eyed and make > sure they don't understand that (365 * 52) = (260 * 73) and > make sure they don't understand why even when you show the > reduction that is lowest number you can get in the > multiplication where they are equal. They want to say that > it is completely impossible to understand and they want to > believe what ever lies are told on the History II channel and > elsewhere. They get away with it because everybody else is > doing the same thing. Why? BEING STUPID IS IN FASHION RIGHT > NOW! > > If they had complained that my keys were not part of the WOT, my > keys would have been part of the WOT in a hurry. That was why I > added my legal name as a comment. I anticipated somebody would > ask me to become part of the WOT. Nobody has asked because less > than 1/10 of 1% of people are using encryption except when they > don't know that they are using it (443). > > What is wrong with the GUI provided with GPG4WIN? I really don't > want a GUI on Linux since I do most things in a terminal and BASH > anyway. My only complaint with GPG4WIN is that checking the > signature should come first but that is because that is what I > use it for. I verify that my own downloads have not been tampered > with. Hey, the web-server isn't under my control. I can no longer > send email on the POP email account that goes with that web server > any more either. Yahoo's SMTP server stopped accepting my email > from Thunderbird just two days ago. Unfortunately, POP still > pulls down 100 or so messages from PeskySpammer every day. That > does not instill confidence. But I can still mail fine here using > OpenPGP on 1and1 with no problems. So it is not my setup which has > not changed that is causing the problems. Business mail at Yahoo is > either broken or the NSA / FBI retaliated for my comment at WaPo. > I pick broken. Why retaliate when even some of them will agree with > my comments at WaPo? My snail mail delivered letter to Yahoo will be > my last chance at getting it working again. My hope is extremely > low. > > Until stupid falls out of vogue, encryption just isn't going to > be used. If the History II channel and my downstairs neighbor > with Planet X (Nibiru) are any indication we will need a > completely new generation for that to happen. This generation > is so stupid with their iPhones and iPads and Galaxy Samsungs > that I am beginning to wonder how we got here. It isn't just > the young doing it either. Many older people have been similarly > afflicted. I think I will watch the programs on the D-Day veterans > so I can get out of this time warp factor we are in right now for > a while. Those people back then weren't stupid. They cracked the > Enigma, the Lorenz, and most of the Japanese codes as well. I > should have lived my life back then with my half-sister Susie and > helped in the cracking. Now? The emperor has no clothes and > almost nobody wants to use encryption - ANY KIND OF ENCRYPTION! > > Me? My financial data and passwords are enciphered. I don't > make any apologies either. There are too many hackers that > want to steal that stuff. I strongly avoid using software > that isn't signed unless I created it either. The people > that aren't doing it? THEY ARE PROUD ABOUT BEING STUPID! > The reason Microsoft bundled Windows Defender and have it > on by default is because well over 50% of the people weren't > using an AV product on Windows. Unfortunately, Windows > Defender is removing all blocked entries including even > Facebook and bad hosts from the hosts file now. Again, > stupid is in fasion even at Microsoft when they attempt > to remedy a problem. Windows Defender may have removed > the only thing that would keep that problem away from > that person's computer. Will the Microsoft programmers > understand that? NO! STUPID IS IN VOGUE RIGHT NOW! > > Mucking around with a new GUI for GnuPG will not change > these factors. The new GUI design needs to be driven by > what the people want. Right now they don't want > encryption. Encryption has become a dirty word in their > diseased minds. > > HHH > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 833 bytes Desc: not available URL: From johanw at vulcan.xs4all.nl Mon Jun 10 12:40:07 2013 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Mon, 10 Jun 2013 12:40:07 +0200 Subject: Why OpenPGP is not wanted - stupid is in vogue right now In-Reply-To: <51B5926B.4060108@securemecca.net> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> <51B54D80.8010301@sixdemonbag.org> <51B5926B.4060108@securemecca.net> Message-ID: <51B5AD07.90000@vulcan.xs4all.nl> On 10-06-2013 10:46, Henry Hertz Hobbit wrote: > Nobody but me uses my signatures on the stuff I > deliver. It isn't because my keys aren't part of the WOT. It > is because for what ever reason they want to complain like mad > about Prism but then go to Facebook and broadcast their personal > lives to the entire world. Privacy has much more to do with encryption than with signing. On the contrary, when I sign a message it is much easier to prove, or at the very least make it probable, that I wrote it, thus reducing my privacy. When I want privacy from government agencies I would use encryption for sensitive or 1 to 1 messages. Signing will not help, when some 3-letter agancy starts sending messages in my name that is easily detected by me. For email this is easy, I'm now figuring out how to set up myn own encrypted VOIP server for secure phone conversations within a group. This proves much more complicated, most private VOIP services either don't support encryption, support it in an unsafe way (unencrypted key exchange, who the ^$*#E%#%& invented that?) or assume you're using fixed phones instead of mobiles over 3G. -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From mwood at IUPUI.Edu Mon Jun 10 16:00:31 2013 From: mwood at IUPUI.Edu (Mark H. Wood) Date: Mon, 10 Jun 2013 10:00:31 -0400 Subject: Why OpenPGP is not wanted - stupid is in vogue right now In-Reply-To: <51B5AD07.90000@vulcan.xs4all.nl> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> <51B54D80.8010301@sixdemonbag.org> <51B5926B.4060108@securemecca.net> <51B5AD07.90000@vulcan.xs4all.nl> Message-ID: <20130610140031.GE5671@IUPUI.Edu> On Mon, Jun 10, 2013 at 12:40:07PM +0200, Johan Wevers wrote: > On 10-06-2013 10:46, Henry Hertz Hobbit wrote: > > > Nobody but me uses my signatures on the stuff I > > deliver. It isn't because my keys aren't part of the WOT. It > > is because for what ever reason they want to complain like mad > > about Prism but then go to Facebook and broadcast their personal > > lives to the entire world. > > Privacy has much more to do with encryption than with signing. On the > contrary, when I sign a message it is much easier to prove, or at the > very least make it probable, that I wrote it, thus reducing my privacy. Hmmm. I begin to think that "privacy" is another one of those words we should avoid because it is so vague. Encryption is about secrecy, which is a bit easier to define. I could argue that someone pretending to be me on email is an attack on my privacy and that signing my emails thus increases my privacy (if my correspondents accept my assertion that I don't send unsigned emails; if not, I might argue that it at worst doesn't change anything). Yes, let's get rid of "privacy" (the word). We can have secrecy, we can have verification of authorship, we can have several other properties I've forgotten just now, and they are all aspects of this misty thing called "privacy". Privacy itself is a set of social conventions: there are aspects of my life which it is right and proper for me to control, and it is wrong and improper for others to attempt to control them, because my society generally agrees that this is so and my government is (generally) willing to enforce laws codifying these norms. -- Mark H. Wood, Lead System Programmer mwood at IUPUI.Edu Machines should not be friendly. Machines should be obedient. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From jeandavid8 at verizon.net Mon Jun 10 16:12:16 2013 From: jeandavid8 at verizon.net (Jean-David Beyer) Date: Mon, 10 Jun 2013 10:12:16 -0400 Subject: Fwd: Re: Why OpenPGP is not wanted - stupid is in vogue right now In-Reply-To: <51B5B1AF.9020302@verizon.net> References: <51B5B1AF.9020302@verizon.net> Message-ID: <51B5DEC0.6020804@verizon.net> Sorry, I sent it privately by mistake... -------- Original Message -------- Subject: Re: Why OpenPGP is not wanted - stupid is in vogue right now Date: Mon, 10 Jun 2013 06:59:59 -0400 From: Jean-David Beyer Organization: Institute for Regimented Whimsey To: Johan Wevers On 06/10/2013 06:40 AM, Johan Wevers wrote: > On 10-06-2013 10:46, Henry Hertz Hobbit wrote: > >> Nobody but me uses my signatures on the stuff I >> deliver. It isn't because my keys aren't part of the WOT. It >> is because for what ever reason they want to complain like mad >> about Prism but then go to Facebook and broadcast their personal >> lives to the entire world. I was just at a discussion of this by people wringing their hands, helpless as deer staring at the headlights of moving automobiles. But they absolutely will not consider sending and receiving encrypted e-mail for their communications. In fact, most no longer use e-mail, but Facebook, Twitter, and so on. They protest that encryption is too technical and complicated, but never actually learned anything about it (and I do not even mean that they do not know how encryption works, what public key encryption is). They do not know that enigmail is a simple to use add-on to Thunderbird because they do not use Thunderbird, but some web-browser interface to Google or something like that. They do not complain that automobiles and television sets are too technical. That microwave ovens and their cell phones are too technical. So they run around like chickens with their heads cut off, but refuse to do anything about it. > > Privacy has much more to do with encryption than with signing. On the > contrary, when I sign a message it is much easier to prove, or at the > very least make it probable, that I wrote it, thus reducing my privacy. My correspondents hate it when I even sign something because they think the signature is some kind of error message that they do not understand, and they ignore stuff they do not understand (like messages to update their virus scanner, etc.). > > When I want privacy from government agencies I would use encryption for > sensitive or 1 to 1 messages. Signing will not help, when some 3-letter > agancy starts sending messages in my name that is easily detected by me. When I want privacy, I wring my hands in despair because only one person I know even has a copy of gnupg and runs an enigmail interface to it. Very few use Linux. And as far as I know, he uses it only because it is interesting technically, and when he gets bored with it, because I am the only one he knows who has the capability of using it, he will probably stop using it too. So when I want privacy, I cannot use it anyway because none of my correspondents will use it. And even if they did, they would decrypt what I said, and then forward it clear text to others. So in my view it is useless except in very small communities of committed users, and I am in no such community. > > For email this is easy, I'm now figuring out how to set up myn own > encrypted VOIP server for secure phone conversations within a group. > This proves much more complicated, most private VOIP services either > don't support encryption, support it in an unsafe way (unencrypted key > exchange, who the ^$*#E%#%& invented that?) or assume you're using fixed > phones instead of mobiles over 3G. > From fcassia at gmail.com Mon Jun 10 16:24:26 2013 From: fcassia at gmail.com (Fernando Cassia) Date: Mon, 10 Jun 2013 10:24:26 -0400 Subject: Why OpenPGP is not wanted - stupid is in vogue right now In-Reply-To: <51B5DEC0.6020804@verizon.net> References: <51B5B1AF.9020302@verizon.net> <51B5DEC0.6020804@verizon.net> Message-ID: On Mon, Jun 10, 2013 at 10:12 AM, Jean-David Beyer wrote: > In fact, most no longer use e-mail, but > Facebook, Twitter, and so on. > Well, you must have a valid working e-mail address to sign up to any of the above mentioned. When they want to reset their passwords, they are sent a verification email to the registered email address. So you can't sign up for services without email... FC -------------- next part -------------- An HTML attachment was scrubbed... URL: From mwood at IUPUI.Edu Mon Jun 10 17:48:19 2013 From: mwood at IUPUI.Edu (Mark H. Wood) Date: Mon, 10 Jun 2013 11:48:19 -0400 Subject: Recommendations for handling (multiple) user IDs - personal and company ones In-Reply-To: <51B54D80.8010301@sixdemonbag.org> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> <51B54D80.8010301@sixdemonbag.org> Message-ID: <20130610154819.GF5671@IUPUI.Edu> On Sun, Jun 09, 2013 at 11:52:32PM -0400, Robert J. Hansen wrote: > On 6/9/2013 11:14 PM, Hauke Laging wrote: [snip] > > The reason that most people do not use crypto is the most trivial > > one: They don't think they need it. > > This is not supported by the studies. Many people who do not use crypto > openly acknowledge that maybe they "should", in a vague "I really should > eat more salads and less meat" sense. However, they see the risks to > themselves as diffuse and distant, and the consequences mild. If you're > a political campaign worker and you send an unencrypted email of your > contact list, and it gets intercepted by the other side, your screw-up > has done enormous damage to your candidate... but you, yourself, will > likely never face any real punishment for it. So, "think I need it" is a continuous variable. Many people think they need it, sort of, in a small way, but think they don't need it enough to pay the cost of learning to use it. Provided that potential user X understands his position, the threats to it, and his values w.r.t. those, he may be drawing a reasonable conclusion against which I would not argue. People don't need to encrypt their grocery lists, except in the sense that it's easier to always do something potentially useful than to make a decision each time. The CIA does not care that I send myself a reminder to get a book on software testing; this is noise, for their purpose, and they'd rather not handle it. Identity thieves do not care to know that I fed the dog this morning, though my wife does. Occasions when I find myself thinking, "I'd better guard this information" are exceedingly rare. But that points at the real cost of crypto: you have to think about it. There is no escape; you have to think deeply about slippery things like identity and trust and threat models, and then you have to apply your resulting policies a hundred times a day. Software can relieve large parts of the latter burden; it can do nothing about the former, which is the hardest part. -- Mark H. Wood, Lead System Programmer mwood at IUPUI.Edu Machines should not be friendly. Machines should be obedient. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From markr-gnupg at signal100.com Mon Jun 10 21:39:49 2013 From: markr-gnupg at signal100.com (Mark Rousell) Date: Mon, 10 Jun 2013 20:39:49 +0100 Subject: Why OpenPGP is not wanted - stupid is in vogue right now In-Reply-To: <51B5926B.4060108@securemecca.net> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> <51B54D80.8010301@sixdemonbag.org> <51B5926B.4060108@securemecca.net> Message-ID: <51B62B85.8040409@signal100.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/06/2013 09:46, Henry Hertz Hobbit wrote: > My personal observations agrees with Rob Hansen's studies 100%. > Even when required to use encryption people hate doing it and their > concept is entirely focused on the ciphering with them thinking > that people who use encryption are trying to hide something. [...] > They get away with it because everybody else is doing the same > thing. Why? BEING STUPID IS IN FASHION RIGHT NOW! [...] > Encryption has become a dirty word in their diseased minds. I just wanted to say that you have neatly encapsulated my feelings on the subject: Stupid is in vogue. My concern is that it will be for a long time to come. It is ironic that technology is, to a considerable extent, what has made it possible. So much is taken care of by technology that it is simple and easy to be "stupid". You can get away with it. That suits the data miners of this world just fine. - -- MarkR PGP public key: http://www.signal100.com/markr/pgp Key ID: C9C5C162 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (MingW32) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlG2K4QACgkQJQGogsnFwWKCfQCcCORGEmg6v5yJivPdR1aCqOgb 7I4AnjoadQzSCaovq9SUhK5b0YUJIY4A =Byyc -----END PGP SIGNATURE----- From reynt0 at cs.albany.edu Tue Jun 11 02:15:56 2013 From: reynt0 at cs.albany.edu (reynt0) Date: Mon, 10 Jun 2013 20:15:56 -0400 (EDT) Subject: Recommendations for handling (multiple) user IDs - personal and company ones In-Reply-To: <51B54D80.8010301@sixdemonbag.org> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> <51B54D80.8010301@sixdemonbag.org> Message-ID: On Sun, 9 Jun 2013, Robert J. Hansen wrote: . . . > That's why I'm so skeptical of all claims that if we just fix the UI > we'll solve the adoption problem. The problem isn't UI. . . . As pointed out at the start of a gestural interface programming book I have, Apple iOS made it possible to use a fancy computer by using no more than the skills of a chimpanzee. Ie, simplistic behaviors matching simplistic, even primitive, use-conceptualization. Could a model of using encryption be simplified enough that a UI matching it would make a semi-chimpanzee feel happy and comfortable using it? If not, would encryption be used widely even under threat of harm? Unless maybe the encryption were some kind of automatic and total? IIRC during the time when electronic voting began to be in fashion, somebody (blackboxvoting??) posted a video showing a chimpanzee successfully attacking the vote accumulation process, actually using a Windows unit, IIRC. From rjh at sixdemonbag.org Tue Jun 11 03:05:56 2013 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 10 Jun 2013 21:05:56 -0400 Subject: Recommendations for handling (multiple) user IDs - personal and company ones In-Reply-To: References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> <51B54D80.8010301@sixdemonbag.org> Message-ID: <51B677F4.1000102@sixdemonbag.org> On 6/10/2013 8:15 PM, reynt0 wrote: > As pointed out at the start of a gestural interface programming book > I have, Apple iOS made it possible to use a fancy computer by using > no more than the skills of a chimpanzee. Interesting you should say that. Apple's Certificate Manager application (on Mac OS X) is an adventure in confusion: full-screen the window and you'll easily get spammed with over two hundred different widgets which can react to mouse clicks and menu presses. > Could a model of using encryption be simplified enough that a UI > matching it would make a semi-chimpanzee feel happy and comfortable > using it? Sure, but that's not the question. The question is whether OpenPGP's model could be, and whether such a simplification would improve OpenPGP's adoption. I think the answers are "no" and "not significantly." From jeandavid8 at verizon.net Tue Jun 11 05:37:10 2013 From: jeandavid8 at verizon.net (Jean-David Beyer) Date: Mon, 10 Jun 2013 23:37:10 -0400 Subject: Why OpenPGP is not wanted - stupid is in vogue right now In-Reply-To: <51B62B85.8040409@signal100.com> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> <51B54D80.8010301@sixdemonbag.org> <51B5926B.4060108@securemecca.net> <51B62B85.8040409@signal100.com> Message-ID: <51B69B66.3090206@verizon.net> On 06/10/2013 03:39 PM, Mark Rousell wrote: > I just wanted to say that you have neatly encapsulated my feelings > on the subject: Stupid is in vogue. > > My concern is that it will be for a long time to come. It is > ironic that technology is, to a considerable extent, what has made > it possible. So much is taken care of by technology that it is > simple and easy to be "stupid". You can get away with it. That > suits the data miners of this world just fine. > In 1962, Consumers Union hosted a conference entitled Passenger Car Design and Highway Safety. Lots of engineers, etc., were there and presented papers. One was a guy named John Fitch who designed and drove race cars. While it was not the main point of his presentation, at one point he mused that perhaps all cars should be designed like race cars. In particular, 6 speed non-synchromesh manual transmissions, grabbing clutches, no power steering, no power brakes, no radios, etc. He said the added complexity would have two benefits: 1.) Some really stupid people would not be able to drive them because they would be stalled out most of the time. 2.) Those who could get them to move would have to pay a higher level of attention to what they were doing than the average driver. Of course he did not seriously propose the idea as a real course of action. But it is interesting to think about. https://en.wikipedia.org/wiki/John_Fitch_%28racing_driver%29 From fcassia at gmail.com Tue Jun 11 05:58:04 2013 From: fcassia at gmail.com (Fernando Cassia) Date: Mon, 10 Jun 2013 23:58:04 -0400 Subject: Why OpenPGP is not wanted - stupid is in vogue right now In-Reply-To: <51B69B66.3090206@verizon.net> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> <51B54D80.8010301@sixdemonbag.org> <51B5926B.4060108@securemecca.net> <51B62B85.8040409@signal100.com> <51B69B66.3090206@verizon.net> Message-ID: On Mon, Jun 10, 2013 at 11:37 PM, Jean-David Beyer wrote: > He said the added complexity would have two benefits: I've said for years that in the ages of dial-up internet, particularly the DOS+Windows 3.x years, people had a barrier of entry in getting a dial-up modem, getting the right RS232 card (one with a 16550 FIFO to avoid probs), configuring it, and setting up Trumpet Winsock plus any necessary log-in script required by the ISP. That left a lot of people out, leaving just the persistent who tooks things seriously, or the techies. :) While I look back at those years with joy -the "pioneers", not to mention the real Unix pioneers before the WWW-, today I thank that my mother or my old man can grab a tablet and send me e-mail. FC -------------- next part -------------- An HTML attachment was scrubbed... URL: From rjh at sixdemonbag.org Tue Jun 11 06:23:20 2013 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 11 Jun 2013 00:23:20 -0400 Subject: Why OpenPGP is not wanted - stupid is in vogue right now In-Reply-To: <51B69B66.3090206@verizon.net> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> <51B54D80.8010301@sixdemonbag.org> <51B5926B.4060108@securemecca.net> <51B62B85.8040409@signal100.com> <51B69B66.3090206@verizon.net> Message-ID: <51B6A638.50601@sixdemonbag.org> On 6/10/2013 11:37 PM, Jean-David Beyer wrote: > Of course he did not seriously propose the idea as a real course of > action. But it is interesting to think about. I drive a Mustang GT with enough engine work to make it genuinely dangerous to unprepared drivers. When I was taking a couple of advanced driving classes (because I don't want to be a hazard on the road behind such a vehicle), one of my instructors -- a police driving instructor -- told me about a collision he recently saw with a tricked-out Mustang GT like mine. 17-year-old drives an econobox to high school. One day he gets to borrow somebody else's tricked-out Mustang GT, and in order to impress his friends with the noise of the engine, briefly floors the pedal. He's expecting the engine to make a howling noise but of course he'll take his foot off the pedal before the car goes out of control. Except the car doesn't make a howling noise. It howls *and lunges*, and the G-forces were something this young man had never before experienced. The new experience left him cognitively paralyzed for a good part of a second... with his foot still on the gas pedal. At the last moment he snapped out of it. He thought he didn't have enough room to successfully brake, so instead he whipped the wheel around -- -- and discovered that due to the car's lunging acceleration, virtually all of the weight was on the rear wheels. The front wheels didn't have enough weight on them to allow them to keep traction with the road. The car didn't veer. His response was to turn the wheel harder, not recognizing that *his foot was still on the accelerator*. His cognitive process was something like, "braking is pointless right now so I'm not going to move my foot I'll just worry about steering out of it." Whoops. He crashed into another parked car at about 45. Wasn't wearing a seatbelt, but the airbags deployed and saved his life. He got to walk away from the collision after doing over $10,000 of damage to the vehicles involved. Although an anecdote is not the same thing as hard data and NTSB crash statistics, I respectfully suggest there's a third option Fitch was overlooking: 3. A lot of people are just going to kill themselves by doing stupid things they think can't possibly hurt them. From jeandavid8 at verizon.net Tue Jun 11 15:04:46 2013 From: jeandavid8 at verizon.net (Jean-David Beyer) Date: Tue, 11 Jun 2013 09:04:46 -0400 Subject: Why OpenPGP is not wanted - stupid is in vogue right now In-Reply-To: <51B6A638.50601@sixdemonbag.org> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> <51B54D80.8010301@sixdemonbag.org> <51B5926B.4060108@securemecca.net> <51B62B85.8040409@signal100.com> <51B69B66.3090206@verizon.net> <51B6A638.50601@sixdemonbag.org> Message-ID: <51B7206E.2050209@verizon.net> On 06/11/2013 12:23 AM, Robert J. Hansen wrote: > On 6/10/2013 11:37 PM, Jean-David Beyer wrote: >> Of course he did not seriously propose the idea as a real course of >> action. But it is interesting to think about. > > I drive a Mustang GT with enough engine work to make it genuinely > dangerous to unprepared drivers. When I was taking a couple of advanced > driving classes (because I don't want to be a hazard on the road behind > such a vehicle), one of my instructors -- a police driving instructor -- > told me about a collision he recently saw with a tricked-out Mustang GT > like mine. > I had been driving Alfa Romeo Giulietta Spiders for a while, and one Giulia (same car, 1600 cc engine). Then I bought a Lotus 26. I had driven my current Alfa to NYC (the nearest Lotus dealer to Buffalo NY where I was living). I had already bought and paid for the car, but it needed preparation so I could not take delivery until the next day. Nevertheless, the owner of the dealership took me to dinner at a fancy French Restaurant on his bill. He started by buying me a Martini. I drank it, but did not like it much. He then bought me another. I nursed it along, but finished it. He then ordered me a third. I told him I did not want it, that two were enough. He insisted. I took one sip to be polite, but I was not going to drink any more. He surprised me, though. He took the drink from my hand and smashed it to the floor. He then pointed out the old saw about martinis were like breasts on a woman: one is not enough, but three are too many. His point, as he explained, was that the Lotus 26 was not like the Alfa Romeos that I was accustomed to, and if I drove the Lotus the same way, I would kill myself. He then explained some of the fine points of a car that normally understeered but under the right circumstances, could oversteer, and that I better go to a large vacant parking lot and learn to handle that. Which I did. Luckily, in Buffalo at the time, there were blue laws that prohibited shopping malls from being open on Sundays so even if I spun out the car, other than a little excitement, I could not really hurt anything. The Lotus 26 was not like the 300 SL or the W-186 in switching from under to oversteer, but it could do it. It saved my life once or twice when driving on snow with glare ice (that I did not know was there) underneath it. But it takes nerve, when the front end is losing it to shift down a gear and floor it, when instinct and reflexes make you want to hit the brakes. But none of that will work on my Prius. From jeandavid8 at verizon.net Tue Jun 11 15:16:50 2013 From: jeandavid8 at verizon.net (Jean-David Beyer) Date: Tue, 11 Jun 2013 09:16:50 -0400 Subject: Why OpenPGP is not wanted - stupid is in vogue right now In-Reply-To: <51B6A638.50601@sixdemonbag.org> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> <51B54D80.8010301@sixdemonbag.org> <51B5926B.4060108@securemecca.net> <51B62B85.8040409@signal100.com> <51B69B66.3090206@verizon.net> <51B6A638.50601@sixdemonbag.org> Message-ID: <51B72342.3030509@verizon.net> On 06/11/2013 12:23 AM, Robert J. Hansen wrote: > On 6/10/2013 11:37 PM, Jean-David Beyer wrote: >> Of course he did not seriously propose the idea as a real course of >> action. But it is interesting to think about. > > I drive a Mustang GT with enough engine work to make it genuinely > dangerous to unprepared drivers. When I was taking a couple of advanced > driving classes (because I don't want to be a hazard on the road behind > such a vehicle), one of my instructors -- a police driving instructor -- > told me about a collision he recently saw with a tricked-out Mustang GT > like mine. > Come to think of it, I had a friend who drove a Griffith (or some name like that) which was basically a TVR designed with an 1800 cc British engine in it. To make it into a Griffith, you swap out that little engine and put in a Ford 275 (or so) cubic inch one. I think the clutch and transmission get replaced too, but I do not remember (or care). this must have been in the early 1960s. Well, when he took the thing to the inspection station, you sometimes get an inspector who fancies himself a race car driver. But do not actually have the knowledge or skill for it. Well this one takes it to the brake testing machine, which here is a long instrumented track. The drill is to take the car up to some modest speed, and hit the brakes. The machine measures the braking forces of all four wheels, etc. Well this clown revs up the engine and pops the clutch. If I remember correctly, that car would do 0 to 60 in something like 4 seconds. It would not handle worth a damn, but it sure would accelerate. By the time he got his foot off the gas and onto the brake, he had run past the end of the machine and almost hit the car ahead (it did have good brakes). Since he missed the car ahead, he gave my friend a pass on that test. From vedaal at nym.hush.com Tue Jun 11 16:10:35 2013 From: vedaal at nym.hush.com (vedaal at nym.hush.com) Date: Tue, 11 Jun 2013 10:10:35 -0400 Subject: Why OpenPGP is not wanted - stupid is in vogue right now In-Reply-To: <51B72342.3030509@verizon.net> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> <51B54D80.8010301@sixdemonbag.org> <51B5926B.4060108@securemecca.net> <51B62B85.8040409@signal100.com> <51B69B66.3090206@verizon.net> <51B6A638.50601@sixdemonbag.org> <51B72342.3030509@verizon.net> Message-ID: <20130611141036.0F141200D4@smtp.hushmail.com> I drive a GMC Suburban, terrible gas mileage, but roomy and relatively sturdy if there is an unavoidable accident by someone driving too fast, or out of control, and slamming into me. (Have walked away unharmed, with a minor tail-light cover break, while the other car was totaled. (Driver wore a seat-belt and did OK.) ) Maybe a simple sturdy model like Hushmail might work. In the US today, the HIPPA regulations forbid sending medically related information unencrypted. This is true even for Special Education school children getting a short e-mail from a therapist. Employees can and do get 'suspended without pay ' for repeated violations. Hushmail has a way to send Open-PGP encrypted mail to someone not using encryption. The receiver is directed to a Hushmail website and has to answer a question that the sender and receiver agreed upon, in order to decrypt the message. The receiver is allowed only 3 tries, and the message is removed from the server within 72 hours after successful decryption. People who have used this, have the initial reaction that ' This Is COOL. I want to try it'. One such person did, and wound up storing her special files, encrypted, in a Husmail file-storage option, and now 'loves' encryption. Hushmail though, DOES have a backdoor, and a few years ago, admitted it, and gave up the key to law enforcement. Maybe a GnuPG based Hushmail type e-mail system, for a reasonable fee, with NO backdoor, might work. (It might attract also a criminal element clientele and be fairly profitable, but then law enforcement can try to go the hardware key-logger route.) just a thought ... vedaal From fcassia at gmail.com Tue Jun 11 16:27:24 2013 From: fcassia at gmail.com (Fernando Cassia) Date: Tue, 11 Jun 2013 11:27:24 -0300 Subject: Why OpenPGP is not wanted - stupid is in vogue right now In-Reply-To: <51B7206E.2050209@verizon.net> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> <51B54D80.8010301@sixdemonbag.org> <51B5926B.4060108@securemecca.net> <51B62B85.8040409@signal100.com> <51B69B66.3090206@verizon.net> <51B6A638.50601@sixdemonbag.org> <51B7206E.2050209@verizon.net> Message-ID: On Tue, Jun 11, 2013 at 10:04 AM, Jean-David Beyer wrote: > But none of that will work on my Prius. as much as I like cars,before this list turns into "Top Gear", can we get this thread back *on track* please? TIA... FC -- During times of Universal Deceit, telling the truth becomes a revolutionary act - George Orwell -------------- next part -------------- An HTML attachment was scrubbed... URL: From avi.wiki at gmail.com Tue Jun 11 17:15:08 2013 From: avi.wiki at gmail.com (Avi) Date: Tue, 11 Jun 2013 11:15:08 -0400 Subject: Why OpenPGP is not wanted - stupid is in vogue right now In-Reply-To: References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> <51B54D80.8010301@sixdemonbag.org> <51B5926B.4060108@securemecca.net> <51B62B85.8040409@signal100.com> <51B69B66.3090206@verizon.net> <51B6A638.50601@sixdemonbag.org> <51B7206E.2050209@verizon.net> Message-ID: You mean that you we should clutch to the main topic and brake any off-topic tangents before they drive the thread completely off-road? Or are you just tire_d of how these threads wheel around with no differential between the main theme and non-themes, and no filter to steer the thread back to one universal topic? I will be accepting donations of projectile fermented vegetables for a limited time. ---- User:Avraham pub 3072D/F80E29F9 1/30/2009 Avi (Wikimedia-related key) Primary key fingerprint: 167C 063F 7981 A1F6 71EC ABAA 0D62 B019 F80E 29F9 On Tue, Jun 11, 2013 at 10:27 AM, Fernando Cassia wrote: > > On Tue, Jun 11, 2013 at 10:04 AM, Jean-David Beyer > wrote: > >> But none of that will work on my Prius. > > > as much as I like cars,before this list turns into "Top Gear", can we get > this thread back *on track* please? > > TIA... > FC > > -- > During times of Universal Deceit, telling the truth becomes a > revolutionary act > - George Orwell > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From jerry at seibercom.net Tue Jun 11 19:05:20 2013 From: jerry at seibercom.net (Jerry) Date: Tue, 11 Jun 2013 13:05:20 -0400 Subject: Why OpenPGP is not wanted - stupid is in vogue right now In-Reply-To: References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> <51B54D80.8010301@sixdemonbag.org> <51B5926B.4060108@securemecca.net> <51B62B85.8040409@signal100.com> <51B69B66.3090206@verizon.net> <51B6A638.50601@sixdemonbag.org> <51B7206E.2050209@verizon.net> Message-ID: <20130611130520.7a0ba502@scorpio> On Tue, 11 Jun 2013 11:15:08 -0400 Avi articulated: > On Tue, Jun 11, 2013 at 10:27 AM, Fernando Cassia > wrote: > > > On Tue, Jun 11, 2013 at 10:04 AM, Jean-David Beyer > > > > wrote: > > > >> But none of that will work on my Prius. > > > > as much as I like cars,before this list turns into "Top Gear", can > > we get this thread back *on track* please? > You mean that you we should clutch to the main topic and brake any > off-topic tangents before they drive the thread completely off-road? > Or are you just tire_d of how these threads wheel around with no > differential between the main theme and non-themes, and no filter to > steer the thread back to one universal topic? > > I will be accepting donations of projectile fermented vegetables for a > limited time. This thread is rapidly become a joke. "TOP" posting, HTML, etcetera. Maybe those who are actually still interested in it could take it off-list. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From ndk.clanbo at gmail.com Tue Jun 11 21:54:35 2013 From: ndk.clanbo at gmail.com (NdK) Date: Tue, 11 Jun 2013 21:54:35 +0200 Subject: Why OpenPGP is not wanted - stupid is in vogue right now In-Reply-To: <20130611141036.0F141200D4@smtp.hushmail.com> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> <51B54D80.8010301@sixdemonbag.org> <51B5926B.4060108@securemecca.net> <51B62B85.8040409@signal100.com> <51B69B66.3090206@verizon.net> <51B6A638.50601@sixdemonbag.org> <51B72342.3030509@verizon.net> <20130611141036.0F141200D4@smtp.hushmail.com> Message-ID: <51B7807B.3060907@gmail.com> Il 11/06/2013 16:10, vedaal at nym.hush.com ha scritto: > (It might attract also a criminal element clientele and be fairly profitable, but then law enforcement can try to go the hardware key-logger route.) As long as decryption is done client-side (I've used JS libraries that could do RSA2048 in a reasonable time) and "some" users check the JS sources "often enough", then it should be quite doable. Too bad interfacing to a smartcard from JS requires too much setup... BYtE, Diego. From melvincarvalho at gmail.com Tue Jun 11 21:06:39 2013 From: melvincarvalho at gmail.com (Melvin Carvalho) Date: Tue, 11 Jun 2013 21:06:39 +0200 Subject: Why OpenPGP is not wanted - stupid is in vogue right now In-Reply-To: <51B5926B.4060108@securemecca.net> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> <51B54D80.8010301@sixdemonbag.org> <51B5926B.4060108@securemecca.net> Message-ID: On 10 June 2013 10:46, Henry Hertz Hobbit wrote: > My personal observations agrees with Rob Hansen's studies 100%. > Even when required to use encryption people hate doing it and > their concept is entirely focused on the ciphering with them > thinking that people who use encryption are trying to hide > something. They don't even begin to understand that signing is > also a part of encryption. IOW, there is also an ignorance > factor. Nobody but me uses my signatures on the stuff I > deliver. It isn't because my keys aren't part of the WOT. It > is because for what ever reason they want to complain like mad > about Prism but then go to Facebook and broadcast their personal > lives to the entire world. Why? I would like to say I don't > know why and that it could be used for a doctoral dissertation > but I am beginning to suspect the doctoral candidates in > Sociology and Psychology will be similarly nuts any more. For > those few who use my stuff they don't even use the signatures to > verify that things are okay.. Dumb? Certainly. But stupid is > in vogue right now and I don't know why. The Mayan Haab > (365 days per cycle) and Tz'olkin (260 days per cycle) > calendars both go backwards and forwards forever but nobody > wants to know that these calendars really didn't come to an > end on 21 Decembre 2012 and that was just one of the times > that the first days align. It also happens every 52 Haab > cycles (years) and 73 Tz'olkin periods. Don't try to sit down > and explain it to them either. They go glassy eyed and make > sure they don't understand that (365 * 52) = (260 * 73) and > make sure they don't understand why even when you show the > reduction that is lowest number you can get in the > multiplication where they are equal. They want to say that > it is completely impossible to understand and they want to > believe what ever lies are told on the History II channel and > elsewhere. They get away with it because everybody else is > doing the same thing. Why? BEING STUPID IS IN FASHION RIGHT > NOW! > > If they had complained that my keys were not part of the WOT, my > keys would have been part of the WOT in a hurry. That was why I > added my legal name as a comment. I anticipated somebody would > ask me to become part of the WOT. Nobody has asked because less > than 1/10 of 1% of people are using encryption except when they > don't know that they are using it (443). > > What is wrong with the GUI provided with GPG4WIN? I really don't > want a GUI on Linux since I do most things in a terminal and BASH > anyway. My only complaint with GPG4WIN is that checking the > signature should come first but that is because that is what I > use it for. I verify that my own downloads have not been tampered > with. Hey, the web-server isn't under my control. I can no longer > send email on the POP email account that goes with that web server > any more either. Yahoo's SMTP server stopped accepting my email > from Thunderbird just two days ago. Unfortunately, POP still > pulls down 100 or so messages from PeskySpammer every day. That > does not instill confidence. But I can still mail fine here using > OpenPGP on 1and1 with no problems. So it is not my setup which has > not changed that is causing the problems. Business mail at Yahoo is > either broken or the NSA / FBI retaliated for my comment at WaPo. > I pick broken. Why retaliate when even some of them will agree with > my comments at WaPo? My snail mail delivered letter to Yahoo will be > my last chance at getting it working again. My hope is extremely > low. > > Until stupid falls out of vogue, encryption just isn't going to > be used. If the History II channel and my downstairs neighbor > with Planet X (Nibiru) are any indication we will need a > completely new generation for that to happen. This generation > is so stupid with their iPhones and iPads and Galaxy Samsungs > that I am beginning to wonder how we got here. It isn't just > the young doing it either. Many older people have been similarly > afflicted. I think I will watch the programs on the D-Day veterans > so I can get out of this time warp factor we are in right now for > a while. Those people back then weren't stupid. They cracked the > Enigma, the Lorenz, and most of the Japanese codes as well. I > should have lived my life back then with my half-sister Susie and > helped in the cracking. Now? The emperor has no clothes and > almost nobody wants to use encryption - ANY KIND OF ENCRYPTION! > > Me? My financial data and passwords are enciphered. I don't > make any apologies either. There are too many hackers that > want to steal that stuff. I strongly avoid using software > that isn't signed unless I created it either. The people > that aren't doing it? THEY ARE PROUD ABOUT BEING STUPID! > The reason Microsoft bundled Windows Defender and have it > on by default is because well over 50% of the people weren't > using an AV product on Windows. Unfortunately, Windows > Defender is removing all blocked entries including even > Facebook and bad hosts from the hosts file now. Again, > stupid is in fasion even at Microsoft when they attempt > to remedy a problem. Windows Defender may have removed > the only thing that would keep that problem away from > that person's computer. Will the Microsoft programmers > understand that? NO! STUPID IS IN VOGUE RIGHT NOW! > > Mucking around with a new GUI for GnuPG will not change > these factors. The new GUI design needs to be driven by > what the people want. Right now they don't want > encryption. Encryption has become a dirty word in their > diseased minds. > Try this: http://xkcd.com/1181/ It's not about stupidity, it's about incentives. > > HHH > > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From zece at riseup.net Tue Jun 11 22:19:39 2013 From: zece at riseup.net (Zece) Date: Tue, 11 Jun 2013 20:19:39 +0000 Subject: Why OpenPGP is not wanted - stupid is in vogue right now In-Reply-To: <51B5926B.4060108@securemecca.net> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> <51B54D80.8010301@sixdemonbag.org> <51B5926B.4060108@securemecca.net> Message-ID: Henry Hertz Hobbit : > I think I will watch the programs on the D-Day veterans > so I can get out of this time warp factor we are in right now for > a while. Those people back then weren't stupid. They cracked the > Enigma, the Lorenz, and most of the Japanese codes as well. I > should have lived my life back then with my half-sister Susie and > helped in the cracking. Now? The emperor has no clothes and > almost nobody wants to use encryption - ANY KIND OF ENCRYPTION! Lovely romance about the Good Ol' Days. Only that was probably the stupidest era ever. Just think a couple of minutes about it. Medicine was making rapid improvements. Yet people were ready to redefine a dumb blind god only to fit the new era. A large country got beaten up because they wanted too much. Have they learned anything? Nope. They blamed the a more intelectual ethnic minority and glorified dumb work. A few former colonies, that were close to 100% ?let the people of the old countries? fight their own dumb wars left any reason and jumped in. Some smart scientists that could study how to have energy for free at no polution wasted their lives creating a weapon that could break the Planet in two. And they were stupid enough to say it ?we're doing it for the children? or something like that. Other smart scientists worked not for the laundry machine that cleans with 200ml of water, not about the home that heats the snow outside the walls, but about new and creative way to push explosives over large distances because people needed less cement and more skyes. And while savages living in developed countries were getting together to blame a race for the killing of an imaginary god that was so darn important no writer outside its sect ever wrote about him for a few centuries, savages living in deserts were discovering how big the whole world was. New gods were taking a stand and asking for more land mines and grenades to play like the big boys. I know only one moment in history with deeper implications for the future: when a young and blood thristy emperor changed the imperial god and started winning with the new talismans. Which lead for two millenia of darkness for a large part of the human kind. Only that time it took centuries and not years for all to see the results. From jhs at berklix.com Tue Jun 11 22:49:05 2013 From: jhs at berklix.com (Julian H. Stacey) Date: Tue, 11 Jun 2013 22:49:05 +0200 Subject: Why OpenPGP is not wanted - stupid is in vogue right now In-Reply-To: Your message "Tue, 11 Jun 2013 20:19:39 -0000." <201306112023.r5BKNXWL061707@slim.berklix.org> Message-ID: <201306112049.r5BKn5w9072829@fire.js.berklix.net> Hi, Reference: > From: Zece > Date: Tue, 11 Jun 2013 20:19:39 +0000 Cut the crap. This list is for GPG encryption. Cheers, Julian -- Julian Stacey, BSD Unix Linux C Sys Eng Consultant, Munich http://berklix.com Reply below not above, like a play script. Indent old text with "> ". Send plain text. No quoted-printable, HTML, base64, multipart/alternative. From hhhobbit at securemecca.net Wed Jun 12 01:29:02 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Tue, 11 Jun 2013 23:29:02 +0000 Subject: Why OpenPGP is not wanted - stupid is in vogue right now In-Reply-To: <51B5926B.4060108@securemecca.net> References: <20130607220901.2f7fadb2@zetkin.primekey.se> <6891728.iZVM71EG9L@inno.berlin.laging.de> <51B39112.6040009@fifthhorseman.net> <1448195.NK6CoADzsu@inno.berlin.laging.de> <51B54D80.8010301@sixdemonbag.org> <51B5926B.4060108@securemecca.net> Message-ID: <51B7B2BE.9020508@securemecca.net> On 06/10/2013 08:46 AM, Henry Hertz Hobbit wrote: > is because for what ever reason they want to complain like mad > about Prism but then go to Facebook and broadcast their personal > lives to the entire world. Why? I would like to say I don't > know why and that it could be used for a doctoral dissertation The reason why is that they are narcissistic. A good book to understand younger people today is "The Narcissism Epidemic - Living in the age of Entitlement." But Jean M. Twenge at San Diego State (Ph.D. from the University of Michigan) and her cohort W. Keith Campbell at the University of Georgia (Ph.D. from the University of North Carolina - Chapel Hill) are not graduate students. I have bad news for them. The narcissism has spread far beyond the United States borders now. Yes, I have a degree in Psychology as well as degrees in Mathematics and Computer Science and was just considered for a teaching position at a University. I turned it down. I am holding out for that junior level Unix / Linux administration position that is commensurate with my experience. That is not a joke. It is what I am best at and that is now the level I should work at. So you if you want to see the social-psychnological reasons for why encryption is eschewed, read the book. The puzzle part for me is why many older people are also falling prey to stupid ideas just like they are teen-agers that have to be with the in-crowd. It does NOT bode well for getting encryption used by a lot of people though. I just wished I could walk into a Radio Shack store and purchase my Torx screw-drivers without some stupid grinning sales person trying to ram an iS**t device down my throat. I apologize to the Road Warriors that must use such a device but I don't want one. I am NOT on Facebook or Twitter either. And I unapologetically use encryption when it is appropriate. Thanks Zimmerman, Werner, and crew. HHH -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 555 bytes Desc: OpenPGP digital signature URL: From nkipe at tatapowersed.com Wed Jun 12 07:24:30 2013 From: nkipe at tatapowersed.com (Navin) Date: Wed, 12 Jun 2013 10:54:30 +0530 Subject: Clarifying the GnuPG License Message-ID: <51B8060E.40809@tatapowersed.com> Hi, Since GnuPG comes under the GPL, I would like to clarify if a person's proprietary software makes use of GnuPG purely by invocation of the commandline commands, and the GnuPG exe's and DLL's are bundled unmodified with the person's proprietary software, can the person use GnuPG commercially in this manner without having to publish his/her source code? -- Nav From nils.faerber at kernelconcepts.de Wed Jun 12 11:49:39 2013 From: nils.faerber at kernelconcepts.de (Nils Faerber) Date: Wed, 12 Jun 2013 11:49:39 +0200 Subject: Clarifying the GnuPG License In-Reply-To: <51B8060E.40809@tatapowersed.com> References: <51B8060E.40809@tatapowersed.com> Message-ID: <51B84433.2000607@kernelconcepts.de> Am 12.06.2013 07:24, schrieb Navin: > Hi, Hi! > Since GnuPG comes under the GPL, I would like to clarify if a person's > proprietary software makes use of GnuPG purely by invocation of the > commandline commands, and the GnuPG exe's and DLL's are bundled > unmodified with the person's proprietary software, can the person use > GnuPG commercially in this manner without having to publish his/her > source code? IANAL but from my understanding: 1. by invocation of the commandline commands: Yes 2. invocation of GnuPG exe: Yes 3. Linking, dynamically or statically, against a GnuPG DLL, presumed that it is licensed under GPL: No The DLL usage would require the DLL to be licensed under LGPL, which is the very reason why LGPL was invented. Im am not sure which parts of the GnuPG suit are licensed under which license though, e.g. if the GnuPG DLL (if such exists at all) is licensed GPL or LGPL. Cheers nils -- kernel concepts GmbH Tel: +49-271-771091-12 Sieghuetter Hauptweg 48 D-57072 Siegen Mob: +49-176-21024535 http://www.kernelconcepts.de From Dave.Smith at st.com Wed Jun 12 13:21:20 2013 From: Dave.Smith at st.com (David Smith) Date: Wed, 12 Jun 2013 12:21:20 +0100 Subject: Clarifying the GnuPG License In-Reply-To: <51B84433.2000607@kernelconcepts.de> References: <51B8060E.40809@tatapowersed.com> <51B84433.2000607@kernelconcepts.de> Message-ID: <51B859B0.9030300@st.com> On 06/12/13 10:49, Nils Faerber wrote: > Am 12.06.2013 07:24, schrieb Navin: >> Since GnuPG comes under the GPL, I would like to clarify if a person's >> proprietary software makes use of GnuPG purely by invocation of the >> commandline commands, and the GnuPG exe's and DLL's are bundled >> unmodified with the person's proprietary software, can the person use >> GnuPG commercially in this manner without having to publish his/her >> source code? > > IANAL but from my understanding: > 1. by invocation of the commandline commands: Yes > 2. invocation of GnuPG exe: Yes > 3. Linking, dynamically or statically, against a GnuPG DLL, presumed > that it is licensed under GPL: No IANAL either, but that is also my understanding. If you do ship GnuPG with a proprietary application under options 1 or 2, you also have to include the GnuPG source code (or an offer to provide it on request). Just providing a link to the main GnuPG site (or a mirror) is technically not sufficent (unless you enter into an agreement with the person that operates that site to provide the downloads on your behalf). From hhhobbit at securemecca.net Wed Jun 12 20:53:35 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Wed, 12 Jun 2013 18:53:35 +0000 Subject: Clarifying the GnuPG License In-Reply-To: <51B84433.2000607@kernelconcepts.de> References: <51B8060E.40809@tatapowersed.com> <51B84433.2000607@kernelconcepts.de> Message-ID: <51B8C3AF.8020003@securemecca.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 06/12/2013 09:49 AM, Nils Faerber wrote: > Am 12.06.2013 07:24, schrieb Navin: >> Hi, > Hi! > >> Since GnuPG comes under the GPL, I would like to clarify if a >> person's proprietary software makes use of GnuPG purely by >> invocation of the command line commands, and the GnuPG exe's and >> DLL's are bundled unmodified with the person's proprietary >> software, can the person use GnuPG commercially in this manner >> without having to publish his/her source code? > > IANAL but from my understanding: 1. by invocation of the > commandline commands: Yes 2. invocation of GnuPG exe: Yes 3. > Linking, dynamically or statically, against a GnuPG DLL, presumed > that it is licensed under GPL: No > > The DLL usage would require the DLL to be licensed under LGPL, > which is the very reason why LGPL was invented. > > Im am not sure which parts of the GnuPG suit are licensed under > which license though, e.g. if the GnuPG DLL (if such exists at all) > is licensed GPL or LGPL. I am in agreement on the constraints Nils Faerber gives. You were not specific as to the OS but since most distros of Linux have GhuPG bundled I am assuming a Windows OS target. Merging any of the GnuPG / PGP4WIN files into your install folder may get you into trouble. It is because it makes it seem like you own the binaries. You don't so they should not be in your app folder. There are 76 DLL files in the main folder for 2.0.17 (GPG4WIN). Licensing for things like GPGOL DLL is LGPL. Most other DLLs do not give me the licensing information (looking at actual strings in the binary files). All the 46 EXE files I looked at were GPLv3 but I didn't look at all of them so some may be GPLv2. Bascially, consider the GPG4WIN bundle to be a GPLv3 product. The last time I looked at it, I had to install GPG4Win or one of the GPG 1.x installs before I put Enigmail in THunderbird on Windows. EnigMail is licensed under MPLv2/GPLv2 to avoid licensing issues. If Enigmail doesn't bundle when they have compatible licensing then neither should you bundle. I would have people download and install GPG4WIN themselves. Under no circumstances link in any of the DLL files to avoid licensing issues. gpg.exe and some other EXE files and iconv.dll are in the %ProgramFiles%\GNU\GnuPG\pub folder which is added to the %PATH% in the install for command line use. Ergo, there is no need to bundle if you use gpg.exe on the command line. HHH -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQEcBAEBCAAGBQJRuMOuAAoJEMhFIk/IOUbwbtEH/Rn/JAJHN0+FFE7JT/id2dYO qoSSdQov8CX5exaNHXnBHr4SSzmalrcCkkbfSHbyl0bSoR85FRqX2N5AZOurZt7I koi4cEVzoRatNxAsLn+drSjbVwg88P+BGDEVK/22BuO/wdLB8yPeXshPGbNOaJAh 3fJWpjI3IBBGIzg54Wm8CiQ3WsVBF2BbOxzJMaaChx29p3JrfFCoZP5FiVhNiPV0 ZiHFay3DUhHjfCfpSv6eRsqXV+TP+bAzKe0V2XkDh/OK39QK7d9ZnW3EnfuxsV7m gnUCH1cxyISDE/DmdnVFFOxap3bOmcOfqkvh58qBGtIqzF5qqkknT5mS7FTN6lo= =69/h -----END PGP SIGNATURE----- From apadmaraju at prounlimited.com Thu Jun 13 05:20:45 2013 From: apadmaraju at prounlimited.com (Anilkumar Padmaraju) Date: Wed, 12 Jun 2013 20:20:45 -0700 Subject: File extension is .txt for gpg import. Is that ok? Message-ID: Hi Gnupg Users, I have question that on of the user gave a file to import and the file is having .txt extension, for example test.txt. I usually import files having .asc or .gpg extensions. Can I do "gpg --import test.txt" with that .txt file extension? Thank you, Anil. From johanw at vulcan.xs4all.nl Thu Jun 13 10:52:17 2013 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Thu, 13 Jun 2013 10:52:17 +0200 Subject: File extension is .txt for gpg import. Is that ok? In-Reply-To: References: Message-ID: <51B98841.7080604@vulcan.xs4all.nl> On 13-06-2013 5:20, Anilkumar Padmaraju wrote: > I have question that on of the user gave a file to import and the file > is having .txt extension, for example test.txt. I usually import > files having .asc or .gpg extensions. Can I do "gpg --import > test.txt" with that .txt file extension? Yes, no problem. Otherwise you could probably rename it to .asc if some program you use depends on the extension. Just open it wit a text editor and see how it looks to see if this will work, if it has somewhere a line like -- BEGIN PGP ENCRYPTED MESSAGE it probably will. -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From hhhobbit at securemecca.net Thu Jun 13 12:05:29 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Thu, 13 Jun 2013 10:05:29 +0000 Subject: File extension is .txt for gpg import. Is that ok? In-Reply-To: References: Message-ID: <51B99969.1050901@securemecca.net> On 06/13/2013 03:20 AM, Anilkumar Padmaraju wrote: > Hi Gnupg Users, > > I have question that on of the user gave a file to import and the file > is having .txt extension, for example test.txt. I usually import > files having .asc or .gpg extensions. Can I do "gpg --import > test.txt" with that .txt file extension? If it has "-----BEGIN PGP PUBLIC KEY BLOCK-----" on the first line you will probably be fine on 'nix since gpg and gpg2 look at what is in the file to determine if it is safe to do a --import or not. There is one caveat here. On OpenSuSE it refuses to do the following assuming the file "Picture." is actually an image file: $ eog Picture. & Will fail. They have made it so eog and many other utilities will fail unless you have have the proper extension. For this one, if "Picture." is jpg file, even this rename $ mv Picture. Picture.gif $ eog Picture.gif & will still fail. Ergo, you should probably make sure the file has the proper extension. It takes just a few seconds to do it. From ekleog at gmail.com Thu Jun 13 11:58:09 2013 From: ekleog at gmail.com (Leo Gaspard) Date: Thu, 13 Jun 2013 11:58:09 +0200 Subject: Clarifying the GnuPG License In-Reply-To: <51B84433.2000607@kernelconcepts.de> References: <51B8060E.40809@tatapowersed.com> <51B84433.2000607@kernelconcepts.de> Message-ID: <20130613095809.GC14419@leortable> On Wed, Jun 12, 2013 at 11:49:39AM +0200, Nils Faerber wrote: > IANAL but from my understanding: > 1. by invocation of the commandline commands: Yes > 2. invocation of GnuPG exe: Yes > 3. Linking, dynamically or statically, against a GnuPG DLL, presumed > that it is licensed under GPL: No IANAL either, but wonder whether hard-coding the GPG program name and arguments in your binary would not be sufficient to consider your program as linked to the GPG executable. This would mean the program would be bound by the GPL terms. But, again, this is only a supposition, and you should get proper legal advice. Cheers, Leo From hhhobbit at securemecca.net Thu Jun 13 13:11:02 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Thu, 13 Jun 2013 11:11:02 +0000 Subject: Fail-safe backup Message-ID: <51B9A8C6.6070000@securemecca.net> I just answered a question on whether you could import somebody else's keys from a file named "other.txt" rather than "other.asc" or "other.gpg". While perhaps technically correct I also pointed out that Windows depends on the proper file-name extension and some Linux distros like OpenSuSE are very persnickety about the file having the proper extension. If you are going into the unknown make a backup of your key folder before experimenting. The following in a terminal would be a good idea on 'nix: $ cd ; rm -f gnugp.zip $ zip -r9 gnupg.zip ./.gnupg Now go ahead and experiment to your hearts content. Just be aware that something like OpenSuSE may block an --import unless the file-name is something like "other.asc" or "other.gpg". That doesn't mean any damage will be done with something like "other.txt", The shell will just refuse to let gpg / gpg2 do anything. But if you do damage or think you damaged your key-ring, the old fail-safe can always be put back: $ cd # # if you are unsure if you damanged keys $ rm -fr zzz.gnupg $ mv .gnupg zzz.gnupg # # or if you are POSITIVE you killed things: $ rm -fr .gnupg # then put the fail-safe back in place $ unzip gnupg.zip If nothing else you have a backup of your keys in case of files being damaged due to power failure, et al. But you never want to take steps into the unknown without a way to go back to something that works. If you don't believe me, watch the movie The Eiger Santion some time. Karl Freytag said: "I consider it self defeating to plan in terms of retreat." Hemlock replied "I consider it stupid not to." The ending of the movie drives the point home in a very dramatic manner despite one of the climbers saying they would continue in style. Sooner or later you think can get away with something and you can't no matter how good you are. When that happens you need some way to recover from the disaster. Now go ahead and gpg --import other.txt. HHH -- Gnome 3, Ubuntu Unity, Windows 8 - poor iPhone GUI on Desktop Thinking has been suspended indefinitely Anybody caught thinking will be immediately shot! -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 553 bytes Desc: OpenPGP digital signature URL: From John at enigmail.net Sun Jun 16 00:50:11 2013 From: John at enigmail.net (John Clizbe) Date: Sat, 15 Jun 2013 17:50:11 -0500 Subject: Clarifying the GnuPG License In-Reply-To: <51B8C3AF.8020003@securemecca.net> References: <51B8060E.40809@tatapowersed.com> <51B84433.2000607@kernelconcepts.de> <51B8C3AF.8020003@securemecca.net> Message-ID: <51BCEFA3.2070902@enigmail.net> Henry Hertz Hobbit wrote: > The last time I looked at it, I had to install GPG4Win or > one of the GPG 1.x installs before I put Enigmail in THunderbird > on Windows. EnigMail is licensed under MPLv2/GPLv2 to avoid > licensing issues. If Enigmail doesn't bundle when they have > compatible licensing then neither should you bundle. Licensing was discussed when we considered bundling GnuPG. It had little to do with the decision not to bundle, AIR. -John -- John P. Clizbe Inet: John (a) Gingerbear DAWT net SKS/Enigmail/PGP-EKP or: John ( @ ) Enigmail DAWT net FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 471 bytes Desc: OpenPGP digital signature URL: From rjh at sixdemonbag.org Sun Jun 16 05:46:00 2013 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sat, 15 Jun 2013 23:46:00 -0400 Subject: Clarifying the GnuPG License In-Reply-To: <51BCEFA3.2070902@enigmail.net> References: <51B8060E.40809@tatapowersed.com> <51B84433.2000607@kernelconcepts.de> <51B8C3AF.8020003@securemecca.net> <51BCEFA3.2070902@enigmail.net> Message-ID: <51BD34F8.3030704@sixdemonbag.org> On 6/15/2013 6:50 PM, John Clizbe wrote: > Licensing was discussed when we considered bundling GnuPG. It had > little to do with the decision not to bundle, AIR. I can confirm this. According to my recollection, the argument was "all right, so what *shouldn't* we bundle, then?" Once you bundle GnuPG with Enigmail you have to take responsibility for both packages. And then people will ask, "well, why don't you release your own Thunderbird for [insert my OS here] that has Enigmail and GnuPG preconfigured?" Some projects (GPGTools) pride themselves on doing just this, on creating a single installer that drops everything onto your system in a preconfigured state. It works for them and we're happy it works for them. But given the perpetual shortage of developer time on Enigmail, and the limited support staff... it doesn't make sense for us. What a lot of people don't recognize: Enigmail is written by only one guy -- Patrick Brunschwig. He has a full-time job and hacks on Enigmail in his spare time. That places some severe constraints on the size of the engineering we can do. From wk at gnupg.org Mon Jun 17 11:52:03 2013 From: wk at gnupg.org (Werner Koch) Date: Mon, 17 Jun 2013 11:52:03 +0200 Subject: How do you show a list of cached keys in gpg-agent? In-Reply-To: <5714962.GsgiHs7t3f@inno.berlin.laging.de> (Hauke Laging's message of "Sat, 08 Jun 2013 17:22 +0200") References: <1370634014.17201.140661241263265.75913358@webmail.messagingengine.com> <51B2EE8B.5090005@digitalbrains.com> <5714962.GsgiHs7t3f@inno.berlin.laging.de> Message-ID: <87ehc1ysho.fsf@vigenere.g10code.de> On Sat, 8 Jun 2013 17:22, mailinglisten at hauke-laging.de said: > list of all keys it knows (however). I remember having read that it is > explicitly impossible to get a list of the keys with cached passphrases from > gpg-agent. Right. It won't help you because by the time you want to use this information the cached passphrase may already be expired. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From pastloweright at gmail.com Mon Jun 17 20:22:42 2013 From: pastloweright at gmail.com (T L) Date: Mon, 17 Jun 2013 14:22:42 -0400 Subject: How do I make the private key on a OpenPGP smartcard non exportable ? Message-ID: Under GPA in windows there is a option to backup the private key from a OpenPGP smartcard. My understanding is that one of the main purposes of smartcard use is to prevent the private key from being exported and force cryptographic operations through the card. Is there a method of setting the private key non exportable that I am unaware of ? If not then what am I missing ? How is this more secure than a password protected file ? -------------- next part -------------- An HTML attachment was scrubbed... URL: From ndk.clanbo at gmail.com Mon Jun 17 23:31:52 2013 From: ndk.clanbo at gmail.com (NdK) Date: Mon, 17 Jun 2013 23:31:52 +0200 Subject: How do I make the private key on a OpenPGP smartcard non exportable ? In-Reply-To: References: Message-ID: <51BF8048.4030502@gmail.com> Il 17/06/2013 20:22, T L ha scritto: > Under GPA in windows there is a option to backup the private key from a > OpenPGP smartcard. The smartcard protocol of a standard OpenPGP card doesn't allow it. MyPGPid card will allow a controlled export. > My understanding is that one of the main purposes of > smartcard use is to prevent the private key from being exported and > force cryptographic operations through the card. Roughly speaking, yes. > Is there a method of > setting the private key non exportable that I am unaware of ? If the key is generated on-card, you have no way to backup it. No need for "unexportable" flag: simply there's no command to export it. > If not then what am I missing ? The whole point of using a smartcard? :) > How is this more secure than a password protected file ? Since the key is never available to the host, there's no way a malicious software can copy it. BYtE, Diego. From wk at gnupg.org Tue Jun 18 14:06:12 2013 From: wk at gnupg.org (Werner Koch) Date: Tue, 18 Jun 2013 14:06:12 +0200 Subject: Clarifying the GnuPG License In-Reply-To: <20130613095809.GC14419@leortable> (Leo Gaspard's message of "Thu, 13 Jun 2013 11:58:09 +0200") References: <51B8060E.40809@tatapowersed.com> <51B84433.2000607@kernelconcepts.de> <20130613095809.GC14419@leortable> Message-ID: <87ip1bvd1n.fsf@vigenere.g10code.de> On Thu, 13 Jun 2013 11:58, ekleog at gmail.com said: > IANAL either, but wonder whether hard-coding the GPG program name and arguments > in your binary would not be sufficient to consider your program as linked to the > GPG executable. Running a program is not restricted and you don't even need to com,ply to the GPL. The GPL is only about distribution. Using a string in a non-GPL program to spawn gpg is just fine unless you have heavily tweaked gpg to work around the GPL. FWIW, the technical process of linking is not relevant to check whether a software is a derived work. It needs to be decided case by case, Fortunately there are a couple of pretty solid hints to decide whether it is a derived work. See the GPL FAQ for details. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From adrelanos at riseup.net Tue Jun 18 22:34:50 2013 From: adrelanos at riseup.net (adrelanos) Date: Tue, 18 Jun 2013 20:34:50 +0000 Subject: gpg --fingerprint show only fingerprints and nothing else? Message-ID: <51C0C46A.7000102@riseup.net> Hi! When I run gpg --fingerprint Is there a way to only get the fingerprints, without any other information? (I need this to automate gpg tasks and would like to avoid awk/sed, since this easily breaks, when the output ever changes.) Cheers, adrelanos From mailinglisten at hauke-laging.de Wed Jun 19 00:10:58 2013 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Wed, 19 Jun 2013 00:10:58 +0200 Subject: gpg --fingerprint show only fingerprints and nothing else? In-Reply-To: <51C0C46A.7000102@riseup.net> References: <51C0C46A.7000102@riseup.net> Message-ID: <19598298.QYDHNrd8Qk@inno.berlin.laging.de> Am Di 18.06.2013, 20:34:50 schrieb adrelanos: > Is there a way to only get the fingerprints, without any other information? gpg --with-colons --fingerprint | awk -F: '$1 == "fpr" {print $10;}' > when the output ever changes It won't (it's designed not to change). Hauke -- ? PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04) http://www.openpgp-courses.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 572 bytes Desc: This is a digitally signed message part. URL: From mailinglisten at hauke-laging.de Wed Jun 19 02:41:54 2013 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Wed, 19 Jun 2013 02:41:54 +0200 Subject: wishes for improved digest handling Message-ID: <1983330.rl4GnvuRO4@inno.berlin.laging.de> Hello, 1) I just noticed that you can enforce the sender to make a SHA-1 signature (if he also encrypts the message) by clearing the digest preferences (or setting it to SHA-1 only). I am aware that this is done in compliance with the RfC. I just want to suggest that a warning is issued if a digest is used which is not listed in --personal-digest-preferences. 2) I would also like to suggest to allow the usage of --recipient with --sign (without --encrypt) because it makes sense. The digest compatibility checking is not related to the encryption so IMHO it doesn't make sense not to allow it without encryption. If recipients are given for a signing operation then the result should be that a digest is chosen which is explicitly compatible with all intended users of the signature. The code is already there. Even the case "--recipient without --encrypt" is detected. Thus this should be a quite small change to the code (replace the warning by calling the digest selection). 3) Last wish: I would like to have an option for explicitly forbidding the use of certain ciphers or digests. This affects only those which are defined in the standard as fallback (a mistake which should be avoided in the next OpenPGP version). I don't see any sense in optimizing a crypto application for compatibility instead of security. Hauke -- ? PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04) http://www.openpgp-courses.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 572 bytes Desc: This is a digitally signed message part. URL: From peter at digitalbrains.com Wed Jun 19 11:30:22 2013 From: peter at digitalbrains.com (Peter Lebbing) Date: Wed, 19 Jun 2013 11:30:22 +0200 Subject: gpg --fingerprint show only fingerprints and nothing else? In-Reply-To: <19598298.QYDHNrd8Qk@inno.berlin.laging.de> References: <51C0C46A.7000102@riseup.net> <19598298.QYDHNrd8Qk@inno.berlin.laging.de> Message-ID: <51C17A2E.6080601@digitalbrains.com> On 19/06/13 00:10, Hauke Laging wrote: > gpg --with-colons --fingerprint | awk -F: '$1 == "fpr" {print $10;}' >> when the output ever changes > > It won't (it's designed not to change). At the risk of sounding pedantic, let me point out that the output you get with --with-colons is designed not to change. --with-colons is an option added precisely because the output without that option might change and break scripts. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From adrelanos at riseup.net Wed Jun 19 12:07:09 2013 From: adrelanos at riseup.net (adrelanos) Date: Wed, 19 Jun 2013 10:07:09 +0000 Subject: gpg --fingerprint show only fingerprints and nothing else? In-Reply-To: <51C17A2E.6080601@digitalbrains.com> References: <51C0C46A.7000102@riseup.net> <19598298.QYDHNrd8Qk@inno.berlin.laging.de> <51C17A2E.6080601@digitalbrains.com> Message-ID: <51C182CD.1070209@riseup.net> Peter Lebbing: > On 19/06/13 00:10, Hauke Laging wrote: >> gpg --with-colons --fingerprint | awk -F: '$1 == "fpr" {print $10;}' > >>> when the output ever changes >> >> It won't (it's designed not to change). > > At the risk of sounding pedantic, let me point out that the output you get with > --with-colons is designed not to change. --with-colons is an option added > precisely because the output without that option might change and break scripts. Thats awesome! Thank you both! From mailinglisten at hauke-laging.de Wed Jun 19 14:19:51 2013 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Wed, 19 Jun 2013 14:19:51 +0200 Subject: cleartext signature: digest determination Message-ID: <1531549.R6i3vRjR0Z@inno.berlin.laging.de> Hello, in RfC4880 I read this: https://tools.ietf.org/html/rfc4880#section-7 ?If the "Hash" Armor Header is given, the specified message digest algorithm(s) are used for the signature. If there are no such headers, MD5 is used.? That doesn't make sense to me. I checked a cleartext signature with gpg --list-packets and got this: :signature packet: algo 1, keyid 4CB66C1B33FB59FC version 4, created 1364174035, md5len 0, sigclass 0x01 digest algo 2, begin of digest a1 0d hashed subpkt 2 len 4 (sig created 2013-03-25) subpkt 16 len 8 (issuer key ID 4CB66C1B33FB59FC) data: [4093 bits] This looks like a normal signature packet to me, and it does contain the used digest algo. So why should it be necessary to write the used digest into the cleartext part? Is that a compatibility issue with older OpenPGP versions? Usually that is mentioned but not in the text I quoted. Hauke -- ? PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04) http://www.openpgp-courses.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 572 bytes Desc: This is a digitally signed message part. URL: From dshaw at jabberwocky.com Wed Jun 19 15:07:39 2013 From: dshaw at jabberwocky.com (David Shaw) Date: Wed, 19 Jun 2013 09:07:39 -0400 Subject: cleartext signature: digest determination In-Reply-To: <1531549.R6i3vRjR0Z@inno.berlin.laging.de> References: <1531549.R6i3vRjR0Z@inno.berlin.laging.de> Message-ID: <2D54D8F5-584E-4884-8044-8809F06F80A4@jabberwocky.com> On Jun 19, 2013, at 8:19 AM, Hauke Laging wrote: > Hello, > > in RfC4880 I read this: > > https://tools.ietf.org/html/rfc4880#section-7 > > ?If the "Hash" Armor Header is given, the specified message digest > algorithm(s) are used for the signature. If there are no such headers, MD5 is > used.? > > That doesn't make sense to me. I checked a cleartext signature with > gpg --list-packets and got this: > > :signature packet: algo 1, keyid 4CB66C1B33FB59FC > version 4, created 1364174035, md5len 0, sigclass 0x01 > digest algo 2, begin of digest a1 0d > hashed subpkt 2 len 4 (sig created 2013-03-25) > subpkt 16 len 8 (issuer key ID 4CB66C1B33FB59FC) > data: [4093 bits] > > This looks like a normal signature packet to me, and it does contain the used > digest algo. So why should it be necessary to write the used digest into the > cleartext part? Is that a compatibility issue with older OpenPGP versions? > Usually that is mentioned but not in the text I quoted. It's an ordering issue. Cleartext signatures are designed to be able to be read in a single pass - thus the need for the Hash header at the beginning of the document, so the receiving program doesn't have to read to the end, find out what hash is in use, then jump back to the beginning to actually hash the document. David From htd at fritha.org Wed Jun 19 17:21:33 2013 From: htd at fritha.org (Heinz Diehl) Date: Wed, 19 Jun 2013 17:21:33 +0200 Subject: How do I make the private key on a OpenPGP smartcard non exportable ? In-Reply-To: <51BF8048.4030502@gmail.com> References: <51BF8048.4030502@gmail.com> Message-ID: <20130619152133.GA3452@fritha.org> On 18.06.2013, NdK wrote: > If the key is generated on-card, you have no way to backup it. No need > for "unexportable" flag: simply there's no command to export it. And if the key is generated off-card and properly moved to the smartcard afterwards, there's no way to export it either. It's only the stub which points to the smartcard left on disk. From hhhobbit at securemecca.net Thu Jun 20 01:16:37 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Wed, 19 Jun 2013 23:16:37 +0000 Subject: How do I make the private key on a OpenPGP smartcard non exportable ? In-Reply-To: <20130619152133.GA3452@fritha.org> References: <51BF8048.4030502@gmail.com> <20130619152133.GA3452@fritha.org> Message-ID: <51C23BD5.2020104@securemecca.net> On 06/19/2013 03:21 PM, Heinz Diehl wrote: > On 18.06.2013, NdK wrote: > >> If the key is generated on-card, you have no way to backup it. No need >> for "unexportable" flag: simply there's no command to export it. > > And if the key is generated off-card and properly moved to the > smartcard afterwards, there's no way to export it either. It's only > the stub which points to the smartcard left on disk. Is the original poster still there? I was going to write and decided it was wiser to wait for these responses which I almost knew were coming. Try the backup from GPA's menu. I doubt you will get anything that can be exported. If you get a backupg.gpg (or similar), then try importing your secret keys onto a second system with GPGWIN installed. If all that flies (you were actually able to do a --export of your private keys despite these two people's responses to the contrary and then are able to do a --import on the second system) then try these tests: 1. Make a detached signature of a file on system one (with OpenPGP card). Copy the base file and the signature file to system two and see if it verifies. 2. Sign on second, copy to first, and see if it verifies on first. IOW, reverse of previous. 3. Enciper a file using public-key of said key you supposedly was able to import on either of the system. By that I mean a public-key enciphering, not just a symmetric cipher, e.g.: http://www.securemecca.com/public/GnuPG/pcrypt.txt Copy the public-key enciphered file to the other system. Flash drive, et al. Decipher it on the other system. I don't think your tests will work. In fact I don't believe you will even get to these three tests. What is the advantage of using the OpenPGP key and having a public-key enciphered file over a symmetric enciphered file? Symmetric Enciphered: ===================== Let's say your machine gets infected. Let's also suppose that a key logger has been installed. I can assure you that most malware today either has a mini key-logger as part of the initial install or a key-logger can be downloaded and installed. Actually, most malware will almost do it automatically. I have over 10,000 malware to back that statement up. Either the key-logger got the password to encipher the enciphered file or they saw it when you temporarily deciphered the file. So now all the hackers need are either the plain-text file or the enciphered file and to know what created the enciphered file. But even if all the hackers have are the enciphered file and the pass-phrase they are now only one step away. PeskySpammer has even installed SMTP agents on tens of thousands of Microsoft Windows machines, one of which was at RIPE, one more at ICANN, and one at Yahoo. The hackers have your file and its name alone or what is in the file header reveals what was used to create the enciphered file. Within a few minutes they will have a deciphered file. The only thing that can protect you is to NEVER encipher or decipher the file while the key-logger is there and to never have the deciphered file available. But once they have the enciphered file and know the password to decipher the file the game is over and you have lost. OpenPGP Public-Key Enciphered: ============================== All the same things hold. Assume they know the key's pass-phrase. They can also pull down the enciphered file. But you cannot just copy the keys since an OpenPGP card doesn't have a file system. If you cannot --export the secret-keys then the hackers will never get them. FOILED! The hackers have no choice but to move on or set some sort of trigger that knows when you decipher the public-key enciphered file. The longer you let the unenciphered file hang around the more likely it is to fly the coop. So even if the hackers know the pass-phrase (assume they do) and have the public-key enciphered file, they can NOT decipher the file. Now do you see the difference between a symmetric enciphered file and a public-key enciphered file where the OpenPGP keys are on an OpenPGP card? Just don't let the unenciphered file hang around any longer than normal. Do not just delete the unenciphered file - securely erase it when you don't need it. If you need higher security use an OS which has moderately more security (Linux) or even higher security (OpenBSD) with an OpenPGP card to hold the keys. Every layer of defense you add encourabes the hackers to move on in search of an easier target. From mjt at tls.msk.ru Fri Jun 21 09:50:37 2013 From: mjt at tls.msk.ru (Michael Tokarev) Date: Fri, 21 Jun 2013 11:50:37 +0400 Subject: encrypting to a user, "There is no assurance this key belongs to the named user" Message-ID: <51C405CD.8010202@msgid.tls.msk.ru> Hello. Recently I upgraded a Debian machine from squeeze to wheezy, which lead to upgrading gnupg from 1.4.10 to 1.4.12. And immediately noticed that many automated tools I used stopped working, refusing to encrypt with the error indicated in the subject. $ gpg --batch -q --encrypt --recipient rconf < foo > foo.enc gpg: 468E35BC: There is no assurance this key belongs to the named user gpg: [stdin]: sign+encrypt failed: unusable public key $ gpg --list-sigs (names edited) ------------------------- pub 1024R/A8983CE7 2005-01-27 uid f0501 sig 3 A8983CE7 2005-01-27 f0501 sub 1024R/8BB2CB48 2005-01-27 sig A8983CE7 2005-01-27 f0501 pub 1024R/DC42DA4C 2005-01-27 uid rconf sig 3 DC42DA4C 2005-01-27 rconf sig L A8983CE7 2013-06-21 f0501 sub 1024R/468E35BC 2005-01-27 sig DC42DA4C 2005-01-27 rconf (I tried to re-sign rconf key with my f0501 key locally which resulted in A8983CE7 - it was signed before the same way, back in 2005, -- but it made no difference). This error message is referenced alot in the 'net, google finds many examples, including gnupg mailinglists. And there are basically two solutions: Users suggested to [l]sign the key in question. As you see, it is already signed and has been signed for many years, so this does not work. Users suggested to indicate ultimate trust to the key in question. This works, I verified that, but this seem to be wrong. As asked by --edit-key `trust' subcommand: Please decide how far you trust this user to correctly verify other users' keys (by looking at passports, checking fingerprints from different sources, etc.) I do NOT trust that other party with their verifications of other user's keys, at all. It never verifies that trust, it is a robot which collects files sent to it by other robots, and there's no trust at all in it. So I don't want to build my trustdb based on that. However, I really want to send encrypted data to that robot, even if I don't trust its decisions in verifying users. So it looks to me like in 1.4.12 at least, this trust model is used wrongly -- it should not disallow encrypting data to users who's users verification I don't trust. I already signed their key and thus indicated that I know who that other party is, and I want to send encrypted data to that party -- for this, there's no need to verify my trust to them, it is their business what they will do with that data -- I already indicated my wish to send that data to them, and just want it to be out of reach of spies while in- transit. Yes I know there's --always-trust (or --trust-model always), but again, this - to me anyway - looks like the wrong place to use this option, I'm not verifying someone else's signature, I'm just sending them encrypted data. Do I misunderstand something? Thanks! /mjt From hhhobbit at securemecca.net Fri Jun 21 12:00:47 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Fri, 21 Jun 2013 10:00:47 +0000 Subject: encrypting to a user, "There is no assurance this key belongs to the named user" In-Reply-To: <51C405CD.8010202@msgid.tls.msk.ru> References: <51C405CD.8010202@msgid.tls.msk.ru> Message-ID: <51C4244F.8020403@securemecca.net> On 06/21/2013 07:50 AM, Michael Tokarev wrote: > Hello. > > Recently I upgraded a Debian machine from squeeze to wheezy, > which lead to upgrading gnupg from 1.4.10 to 1.4.12. And > immediately noticed that many automated tools I used stopped > working, refusing to encrypt with the error indicated in the > subject. > > $ gpg --batch -q --encrypt --recipient rconf < foo > foo.enc > gpg: 468E35BC: There is no assurance this key belongs to the named user > gpg: [stdin]: sign+encrypt failed: unusable public key Who or what is "gconf"? If that is what is actually used then it is neither an email address or the keyid. I suggest as your first step replacing "rconf" with the actual key-id (number) you want to encrypt for to see if that works. It is just that GnuPG seems to be having problems with the supplied user name. If rconf was meant to be an email address either it doesn't match that field completely or maybe you had a define in your ~/.gnupg/gpg.conf that is now missing. We can go from there if this doesn't work. From mjt at tls.msk.ru Fri Jun 21 12:13:30 2013 From: mjt at tls.msk.ru (Michael Tokarev) Date: Fri, 21 Jun 2013 14:13:30 +0400 Subject: encrypting to a user, "There is no assurance this key belongs to the named user" In-Reply-To: <51C4244F.8020403@securemecca.net> References: <51C405CD.8010202@msgid.tls.msk.ru> <51C4244F.8020403@securemecca.net> Message-ID: <51C4274A.7090707@msgid.tls.msk.ru> 21.06.2013 14:00, Henry Hertz Hobbit wrote: > On 06/21/2013 07:50 AM, Michael Tokarev wrote: >> Hello. >> >> Recently I upgraded a Debian machine from squeeze to wheezy, >> which lead to upgrading gnupg from 1.4.10 to 1.4.12. And >> immediately noticed that many automated tools I used stopped >> working, refusing to encrypt with the error indicated in the >> subject. >> >> $ gpg --batch -q --encrypt --recipient rconf < foo > foo.enc >> gpg: 468E35BC: There is no assurance this key belongs to the named user >> gpg: [stdin]: sign+encrypt failed: unusable public key > > Who or what is "gconf"? If that is what is actually used then > it is neither an email address or the keyid. I suggest as your > first step replacing "rconf" with the actual key-id (number) you > want to encrypt for to see if that works. It is just that GnuPG > seems to be having problems with the supplied user name. If > rconf was meant to be an email address either it doesn't match > that field completely or maybe you had a define in your > ~/.gnupg/gpg.conf that is now missing. Well.. I didn't think this might be relevant. As I wrote further in my original email, the problem goes away when I mark this key as 'trusted', so it didn't look like marking some key as trusted will help gpg to establish relationship between that key and its name. Actual command line and keys are (domain name replaced with example.com): $ gpg --batch -q --encrypt --sign --recipient '' < test > test.sign $ gpg --list-sigs | sed 's/domain/example.com/g' pub 1024R/A8983CE7 2005-01-27 uid f0501.example.com (main key) sig 3 A8983CE7 2005-01-27 f0501.example.com (main key) sub 1024R/8BB2CB48 2005-01-27 sig A8983CE7 2005-01-27 f0501.example.com (main key) pub 1024R/DC42DA4C 2005-01-27 uid rconf receiver sig 3 DC42DA4C 2005-01-27 rconf receiver sig L A8983CE7 2013-06-21 f0501.example.com (main key) sub 1024R/468E35BC 2005-01-27 sig DC42DA4C 2005-01-27 rconf receiver Note that gpg mentions 468E35BC which is a subkey of DC42DA4C, as far as I can understand. > We can go from there if this doesn't work. Well, quite expectedly it doesn't work... ;) Using either DC42DA4C, or DC42DA4C, as --recipient, makes no difference, it still complains as in $subject unless I also use --trust-model=always. Thanks, /mjt From peter at digitalbrains.com Fri Jun 21 12:22:22 2013 From: peter at digitalbrains.com (Peter Lebbing) Date: Fri, 21 Jun 2013 12:22:22 +0200 Subject: encrypting to a user, "There is no assurance this key belongs to the named user" In-Reply-To: <51C4244F.8020403@securemecca.net> References: <51C405CD.8010202@msgid.tls.msk.ru> <51C4244F.8020403@securemecca.net> Message-ID: <51C4295E.4060601@digitalbrains.com> On 21/06/13 12:00, Henry Hertz Hobbit wrote: > Who or what is "gconf"? If that is what is actually used then > it is neither an email address or the keyid. I don't think that's the problem, gpg is picking the key the OP wants, since it complains about key 468E35BC having insufficient validity. Michael, what does --edit-key rconf tell you about key validity? I don't know what's happening here, it looks to me like you're doing it correctly and it ought to just work. I tried to reproduce on my Wheezy system and couldn't reproduce it. But maybe I'm missing some detail. Do you have any fancy stuff in your gpg.conf? Define "fancy stuff" broadly ;). Anything you feel comfortable sharing might be useful to mention. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From mjt at tls.msk.ru Fri Jun 21 12:34:08 2013 From: mjt at tls.msk.ru (Michael Tokarev) Date: Fri, 21 Jun 2013 14:34:08 +0400 Subject: encrypting to a user, "There is no assurance this key belongs to the named user" In-Reply-To: <51C4295E.4060601@digitalbrains.com> References: <51C405CD.8010202@msgid.tls.msk.ru> <51C4244F.8020403@securemecca.net> <51C4295E.4060601@digitalbrains.com> Message-ID: <51C42C20.2000803@msgid.tls.msk.ru> 21.06.2013 14:22, Peter Lebbing wrote: > On 21/06/13 12:00, Henry Hertz Hobbit wrote: >> Who or what is "gconf"? If that is what is actually used then >> it is neither an email address or the keyid. > > I don't think that's the problem, gpg is picking the key the OP wants, since it > complains about key 468E35BC having insufficient validity. > > Michael, what does --edit-key rconf tell you about key validity? It says "validity: unknown" pub 1024R/DC42DA4C created: 2005-01-27 expires: never usage: SC trust: undefined validity: unknown sub 1024R/468E35BC created: 2005-01-27 expires: never usage: E [ unknown] (1). rconf receiver That's why I tried to re-[l]sign it so that --list-sigs shows todays signature, but it didn't help. > I don't know what's happening here, it looks to me like you're doing it > correctly and it ought to just work. I tried to reproduce on my Wheezy system > and couldn't reproduce it. But maybe I'm missing some detail. Well, an obvious detail is that these keys are rather old -- note the date, it all has been created in 2005. Indeed, I can't reproduce this on a fresh keyring either, -- maybe the key(s) are somehow broken? (the files hasn't been changed since their creation in 2005, only today I tried to re-sign it and changed). I have several other keyrings like that which also stoped working after upgrading from 1.4.10 to 1.4.12. > Do you have any fancy stuff in your gpg.conf? Define "fancy stuff" broadly ;). > Anything you feel comfortable sharing might be useful to mention. Well. For added fun, the complete command line also includes --no-config, because it was intended to run by a robot in a known-clean environment (just to be "extra-sure", so to say :). And there's no config files in the gpg home directory, either: -rw------- 1 root root 2375 Jun 21 09:46 pubring.gpg -rw------- 1 root root 2375 Jun 21 09:46 pubring.gpg~ -rw------- 1 root root 600 Jun 21 12:16 random_seed -rw------- 1 root root 1360 Jan 27 2005 secring.gpg -rw------- 1 root root 1440 Jun 21 09:46 trustdb.gpg Maybe I should just re-create the keys. However that will require me to update the keyrings on many machines which are exchanging stuff. Not a quick task, even if I wanted to do that for a while already :) Thank you! /mjt From hhhobbit at securemecca.net Fri Jun 21 16:06:55 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Fri, 21 Jun 2013 14:06:55 +0000 Subject: encrypting to a user, "There is no assurance this key belongs to the named user" In-Reply-To: <51C4295E.4060601@digitalbrains.com> References: <51C405CD.8010202@msgid.tls.msk.ru> <51C4244F.8020403@securemecca.net> <51C4295E.4060601@digitalbrains.com> Message-ID: <51C45DFF.902@securemecca.net> On 06/21/2013 10:22 AM, Peter Lebbing wrote: > On 21/06/13 12:00, Henry Hertz Hobbit wrote: >> Who or what is "gconf"? If that is what is actually used then >> it is neither an email address or the keyid. > > I don't think that's the problem, gpg is picking the key the OP wants, since it > complains about key 468E35BC having insufficient validity. > > Michael, what does --edit-key rconf tell you about key validity? > > I don't know what's happening here, it looks to me like you're doing it > correctly and it ought to just work. I tried to reproduce on my Wheezy system > and couldn't reproduce it. But maybe I'm missing some detail. > > Do you have any fancy stuff in your gpg.conf? Define "fancy stuff" broadly ;). > Anything you feel comfortable sharing might be useful to mention. Okay, try the following as a test since I had similar problems with a version update and this got rid of my problems (but their is no assurance it will help you since my problems were slightly different but did not manifest themselves until I had a GnuPG version jump like what you just got): 1. Backup your key-folder in an xterm: $ cd ; rm -f gnupg.zip $ zip -r9 gnupg.zip ./.gnupg 2. Delete they key using gpg and make sure the trustdb entry for this key has also been removed. 3. Check to make sure you have an up-to-date version of the key and then --import it. lsign it again. Now test it. I am not saying it will work but it may. There may be a possibility your trustdb got fouled up somehow. This test is not catastrophic because you can always go back to what you had: $ if [ -s gnupg.zip ] then rm -fr z00.gnupg mv .gnupg z00.gnupg unzip gnupg.zip fi # number others z01, z02, etcetera, if you want to keep a trail. From ahoeltje at lmi.net Fri Jun 21 20:09:36 2013 From: ahoeltje at lmi.net (ahoeltje at lmi.net) Date: Fri, 21 Jun 2013 11:09:36 -0700 (PDT) Subject: gnupg 2.0 Build fails Message-ID: <56606.66.117.140.17.1371838176.squirrel@webmail.lmi.net> Hello gpg Folks, I downloaded the gnupg-2.0.20 files and the associated required lib sources, including pth-2.0.7, today. The configure, make, make check, and make install, all went well in this order: libgpg-error-1.11 libassuan-2.1.0 libksba-1.3.0 libgcrypt-1.5.2 pth-2.0.7 However the make for gnupg fails with this compiler error: gcc -DHAVE_CONFIG_H -I. -I.. -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -MT allocsa.o -MD -MP -MF .deps/allocsa.Tpo -c -o allocsa.o allocsa.c In file included from allocsa.c:21: In file included from ./allocsa.h:23: In file included from /Applications/Xcode5-DP.app/Contents/Developer/Platforms/MacOSX.platform /Developer/SDKs/MacOSX10.9.sdk/usr/include/stdlib.h:65: In file included from /Applications/Xcode5-DP.app/Contents/Developer/Platforms/MacOSX.platform /Developer/SDKs/MacOSX10.9.sdk/usr/include/sys/wait.h:110: In file included from /Applications/Xcode5-DP.app/Contents/Developer/Platforms/MacOSX.platform /Developer/SDKs/MacOSX10.9.sdk/usr/include/sys/resource.h:72: In file included from ./stdint.h:66: /Applications/Xcode5-DP.app/Contents/Developer/Platforms/MacOSX.platform /Developer/SDKs/MacOSX10.9.sdk/usr/include/inttypes.h:238:10: error: unknown type name 'intmax_t' extern intmax_t imaxabs(intmax_t j); ^ My system is an iMac running OSX 10.8.3 but it would appear that my recent XCode 5 update has upset the magic of stdint.h and intmax_t. Notice the "MacOSX10.9.sdk" in the include path that make is looking at: /Applications/Xcode5-DP.app/Contents/Developer/Platforms /MacOSX.platform/Developer/SDKs/MacOSX10.9.sdk/usr/include This is totaly wrong. It should be: /Applications/Xcode.app/Contents/Developer/Platforms /MacOSX.platform/Developer/SDKs/MacOSX10.8.sdk/usr/include I do not see any notes in the README or INSTALL regarding how to tell make which Mac SDK to use. Is there a ./configuration option? Do you have any suggestion on how I get around this? Thanks! Allan Hoeltje Oakland, California From htd at fritha.org Sat Jun 22 09:35:06 2013 From: htd at fritha.org (Heinz Diehl) Date: Sat, 22 Jun 2013 09:35:06 +0200 Subject: How do I make the private key on a OpenPGP smartcard non exportable ? In-Reply-To: <51C23BD5.2020104@securemecca.net> References: <51BF8048.4030502@gmail.com> <20130619152133.GA3452@fritha.org> <51C23BD5.2020104@securemecca.net> Message-ID: <20130622073506.GA1597@fritha.org> On 20.06.2013, Henry Hertz Hobbit wrote: > Try the backup from GPA's menu. I doubt you will get anything > that can be exported. If you get a backupg.gpg (or similar), then try > importing your secret keys onto a second system with GPGWIN installed. The thing is, if there's a command to export the private keyring, you're hosed. Somebody who has access to your machine could simply install his own software. Besides: what would you do if you had discovered that somebody had gained root-access to your machine? I bet you would use your revocation certificate anyway. > Let's say your machine gets infected. Let's also suppose that a > key logger has been installed. Then, your PIN and passphrase is known to the adversary, and you're f*cked up. The whole point with a smartcard is that it's a lot easier to memorize the PIN than a long and complicated passphrase, and that the private key can't be exported. If it can, there's no need for a smartcard. From peter at digitalbrains.com Sat Jun 22 09:56:54 2013 From: peter at digitalbrains.com (Peter Lebbing) Date: Sat, 22 Jun 2013 09:56:54 +0200 Subject: encrypting to a user, "There is no assurance this key belongs to the named user" In-Reply-To: <51C42C20.2000803@msgid.tls.msk.ru> References: <51C405CD.8010202@msgid.tls.msk.ru> <51C4244F.8020403@securemecca.net> <51C4295E.4060601@digitalbrains.com> <51C42C20.2000803@msgid.tls.msk.ru> Message-ID: <51C558C6.205@digitalbrains.com> On 21/06/13 12:34, Michael Tokarev wrote: > It says "validity: unknown" I just thought of something. If for some reason your /own/ key is no longer trusted, you can make signatures all day but it won't increase validity. If you do --edit-key A8983CE7, what does its trust say? Your own keys should normally be trusted ultimately, so if it's not trusted, just give the --edit-key command "trust" and choose option 5. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privayou cy. My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt From mjt at tls.msk.ru Sat Jun 22 10:52:12 2013 From: mjt at tls.msk.ru (Michael Tokarev) Date: Sat, 22 Jun 2013 12:52:12 +0400 Subject: encrypting to a user, "There is no assurance this key belongs to the named user" In-Reply-To: <51C558C6.205@digitalbrains.com> References: <51C405CD.8010202@msgid.tls.msk.ru> <51C4244F.8020403@securemecca.net> <51C4295E.4060601@digitalbrains.com> <51C42C20.2000803@msgid.tls.msk.ru> <51C558C6.205@digitalbrains.com> Message-ID: <51C565BC.5080108@msgid.tls.msk.ru> 22.06.2013 11:56, Peter Lebbing wrote: > On 21/06/13 12:34, Michael Tokarev wrote: >> It says "validity: unknown" > > I just thought of something. If for some reason your /own/ key is no longer > trusted, you can make signatures all day but it won't increase validity. > > If you do --edit-key A8983CE7, what does its trust say? That was it. $ gpg ... --edit-key A8983CE7 Secret key is available. pub 1024R/A8983CE7 created: 2005-01-27 expires: never usage: SC trust: unknown validity: unknown sub 1024R/8BB2CB48 created: 2005-01-27 expires: never usage: E [ unknown] (1). f0501... After setting trust to it: pub 1024R/A8983CE7 created: 2005-01-27 expires: never usage: SC trust: ultimate validity: ultimate sub 1024R/8BB2CB48 created: 2005-01-27 expires: never usage: E [ultimate] (1). f0501... and it now does not complain anymore when encrypting data to other keys, without re-signing anything. Wow. WOW! Thank you very much for this, awesome guess. I think in quite some other cases when users had to trust _other_ keys to be able to encrypt data to them the actual problem was the same as in my case. And it's interesting that this prob only manifested itself now after upgrade from 1.4.10 to 1.4.12. I think I've seen similar issue myself before in other situation, it was very much like that, so I too had to indicate ultimate trust for other keys like that. But it was several years ago. Thanks you guys! /mjt From ndk.clanbo at gmail.com Sat Jun 22 15:03:21 2013 From: ndk.clanbo at gmail.com (NdK) Date: Sat, 22 Jun 2013 15:03:21 +0200 Subject: How do I make the private key on a OpenPGP smartcard non exportable ? In-Reply-To: <20130622073506.GA1597@fritha.org> References: <51BF8048.4030502@gmail.com> <20130619152133.GA3452@fritha.org> <51C23BD5.2020104@securemecca.net> <20130622073506.GA1597@fritha.org> Message-ID: <51C5A099.3060104@gmail.com> Il 22/06/2013 09:35, Heinz Diehl ha scritto: > The whole point with a smartcard is that it's a lot easier to memorize > the PIN than a long and complicated passphrase, and that the private > key can't be exported. If it can, there's no need for a smartcard. I quite disagree, here. A smartcard could be useful anyway, at least as a "portable keyring" (if it didn't need initialization on every machine...). And key export could be controlled (like in MyPGPid card): private keys can only leave the card encrypted under "certified" keys. BTW, for the really "paranoid", readers with an integrated pinpad are available: the PC never sees the PIN, so no installed sw can spoof it. (even if what I'd prefer is a card w/ both a pinpad and a display...). BYtE, Diego. From hhhobbit at securemecca.net Sun Jun 23 18:44:35 2013 From: hhhobbit at securemecca.net (hhhobbit at securemecca.net) Date: Sun, 23 Jun 2013 12:44:35 -0400 (EDT) Subject: encrypting to a user, "There is no assurance this key belongs to the named user" In-Reply-To: <51C565BC.5080108@msgid.tls.msk.ru> References: <51C405CD.8010202@msgid.tls.msk.ru> <51C4244F.8020403@securemecca.net> <51C4295E.4060601@digitalbrains.com> <51C42C20.2000803@msgid.tls.msk.ru> <51C558C6.205@digitalbrains.com> <51C565BC.5080108@msgid.tls.msk.ru> Message-ID: <559443239.170254.1372005875684.open-xchange@email.1and1.com> > On June 22, 2013 at 4:52 AM Michael Tokarev > wrote: > > > 22.06.2013 11:56, Peter Lebbing wrote: > > On 21/06/13 12:34, Michael Tokarev wrote: > >> It says "validity: unknown" > > > > I just thought of something. If for some reason your /own/ > > key is no longer > > trusted, you can make signatures all day but it won't > > increase validity. > > > > If you do --edit-key A8983CE7, what does its trust say? > > That was it. > > $ gpg ... --edit-key A8983CE7 > Secret key is available. > > pub 1024R/A8983CE7 created: 2005-01-27 expires: never usage: > SC > trust: unknown validity: unknown > sub 1024R/8BB2CB48 created: 2005-01-27 expires: never usage: E > [ unknown] (1). f0501... > > > After setting trust to it: > > pub 1024R/A8983CE7 created: 2005-01-27 expires: never usage: > SC > trust: ultimate validity: ultimate > sub 1024R/8BB2CB48 created: 2005-01-27 expires: never usage: E > [ultimate] (1). f0501... > > and it now does not complain anymore when encrypting data to > other > keys, without re-signing anything. > > Wow. > > WOW! > > Thank you very much for this, awesome guess. > > I think in quite some other cases when users had to trust > _other_ > keys to be able to encrypt data to them the actual problem was > the > same as in my case. > > And it's interesting that this prob only manifested itself now > after > upgrade from 1.4.10 to 1.4.12. > > I think I've seen similar issue myself before in other > situation, it > was very much like that, so I too had to indicate ultimate > trust for > other keys like that. But it was several years ago. > > Thanks you guys! Well, it was Peter's thinking that saved you. Great job! I will file that tidbit of information away because I have some similar upgrades in the future and want my keys to last 8 more years or until there is a paradigm shift that makes the present keys obsolete, which ever comes first. Kudos! -------------- next part -------------- An HTML attachment was scrubbed... URL: From werewolf6851 at gmail.com Mon Jun 24 04:44:50 2013 From: werewolf6851 at gmail.com (Werewolf) Date: Sun, 23 Jun 2013 21:44:50 -0500 Subject: gnupg ecc subkeys Message-ID: <20130624024450.GA3654@raspberrypi> Is it possible to have 2 active subkeys? ie say an ecc and an ElGamal for encryption? -- Werewolf =====- http://www.nyx.net/~mdkeith/ -==== GPG key 0xF52A14B4 with following fingerprint 35CD 0611 2F71 BC17 5C53 29A2 5F5A 4309 F52A 14B4 =====- http://spandex31095.tripod.com/ -== From mailinglisten at hauke-laging.de Mon Jun 24 10:09:02 2013 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Mon, 24 Jun 2013 10:09:02 +0200 Subject: gnupg ecc subkeys In-Reply-To: <20130624024450.GA3654@raspberrypi> References: <20130624024450.GA3654@raspberrypi> Message-ID: <16534965.07MT9u1gqR@inno.berlin.laging.de> Am So 23.06.2013, 21:44:50 schrieb Werewolf: > Is it possible to have 2 active subkeys? > > ie say an ecc and an ElGamal for encryption? Yes. -- ? PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04) http://www.openpgp-courses.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 572 bytes Desc: This is a digitally signed message part. URL: From wk at gnupg.org Mon Jun 24 10:01:36 2013 From: wk at gnupg.org (Werner Koch) Date: Mon, 24 Jun 2013 10:01:36 +0200 Subject: GpgEX for 64 bit Windows test version Message-ID: <87ppvcos2n.fsf@vigenere.g10code.de> Hi! I just uploaded a test version of GpgEX (the GnuPG Explorer Plugin) for Windows 64 bit. This is just the bare standalone DLL without an installer. If you are using a 64 bit Windows system with Gpg4win, you may want to test this DLL: ftp://ftp.g10code.com/g10code/gpgex/gpgex-1.0.0-beta19-bin.zip ftp://ftp.g10code.com/g10code/gpgex/gpgex-1.0.0-beta19-bin.zip.sig The SHA-1 checksums are: 522bb872be5cfc360cd978c36dade07251630ca7 gpgex-1.0.0-beta19-bin.zip bcb389db05edf7566b13ca808d16c60eab68d7c3 bin/gpgex.dll To comply with the LGPL, the sources are also available as ftp://ftp.g10code.com/g10code/gpgex/gpgex-1.0.0-beta19.tar.bz2 ftp://ftp.g10code.com/g10code/gpgex/gpgex-1.0.0-beta19.tar.bz2.sig To install the DLL please unzip the ZIP file and as Admin store the DLL as c:\Program files\GNU\GnuPG\bin\gpgex.dll Using the bin directory avoids conflicts with an already installed 32-bit version of the DLL. To finish the installation run as Admin regsvr32 c:\Program files\GNU\GnuPG\bin\gpgex.dll Now you may want to test it out. Note that I also added an About menu which should always work, even if no UI-server is running. The translations are not yet included in the ZIP file. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 204 bytes Desc: not available URL: From wk at gnupg.org Mon Jun 24 10:15:52 2013 From: wk at gnupg.org (Werner Koch) Date: Mon, 24 Jun 2013 10:15:52 +0200 Subject: How do I make the private key on a OpenPGP smartcard non exportable ? In-Reply-To: <51C5A099.3060104@gmail.com> (NdK's message of "Sat, 22 Jun 2013 15:03:21 +0200") References: <51BF8048.4030502@gmail.com> <20130619152133.GA3452@fritha.org> <51C23BD5.2020104@securemecca.net> <20130622073506.GA1597@fritha.org> <51C5A099.3060104@gmail.com> Message-ID: <87hagnq5zb.fsf@vigenere.g10code.de> On Sat, 22 Jun 2013 15:03, ndk.clanbo at gmail.com said: > A smartcard could be useful anyway, at least as a "portable keyring" (if > it didn't need initialization on every machine...). A USB memory stick fulfills the same purpose. > And key export could be controlled (like in MyPGPid card): private keys > can only leave the card encrypted under "certified" keys. There are several protocols for key migration from token to token. If you want to do your own, you should be aware of possible patent problems. In any case it is a really complex task and not easy to get right - if at all. > BTW, for the really "paranoid", readers with an integrated pinpad are > available: the PC never sees the PIN, so no installed sw can spoof it. > (even if what I'd prefer is a card w/ both a pinpad and a display...). Social engineering almost always work. And further, the display of your pinpad+display equipped reader does not show you what you are going to sign. Even further, there are several attacks on pinpad equipped readers - sure that your reader has not been bugged? Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From ndk.clanbo at gmail.com Mon Jun 24 14:54:38 2013 From: ndk.clanbo at gmail.com (NdK) Date: Mon, 24 Jun 2013 14:54:38 +0200 Subject: How do I make the private key on a OpenPGP smartcard non exportable ? In-Reply-To: <87hagnq5zb.fsf@vigenere.g10code.de> References: <51BF8048.4030502@gmail.com> <20130619152133.GA3452@fritha.org> <51C23BD5.2020104@securemecca.net> <20130622073506.GA1597@fritha.org> <51C5A099.3060104@gmail.com> <87hagnq5zb.fsf@vigenere.g10code.de> Message-ID: <51C8418E.40607@gmail.com> Il 24/06/2013 10:15, Werner Koch ha scritto: >> A smartcard could be useful anyway, at least as a "portable keyring" >> (if it didn't need initialization on every machine...). > A USB memory stick fulfills the same purpose. Not really secure... >> And key export could be controlled (like in MyPGPid card): private >> keys can only leave the card encrypted under "certified" keys. > There are several protocols for key migration from token to token. I don't want to migrate (move) it. I want to replicate (copy) it, to have one or more controlled backups. > If you want to do your own, you should be aware of possible patent > problems. I leave sw patents to others... And the system I'm going to use should have enough "prior art" to render a patent useless. > In any case it is a really complex task and not easy to get > right - if at all. The card hosts public key of a "export-authorizing" CA (well, it's not a real CA, since it doesn't do certificates at all... but call it that way for clarity). When I send to the card an export command w/ a public key signed encrypted by the CA's private key, the card answers with the private key encrypted under the signed public key (thinking about requiring a signature w/ private key of the requesting card). Plain old RSA, layered. >> BTW, for the really "paranoid", readers with an integrated pinpad are >> available: the PC never sees the PIN, so no installed sw can spoof >> it. (even if what I'd prefer is a card w/ both a pinpad and a >> display...). > Social engineering almost always work. And further, the display of > your pinpad+display equipped reader does not show you what you are > going to sign. Even further, there are several attacks on pinpad > equipped readers - sure that your reader has not been bugged? Well, a "paranoid" isn't paranoid enough unless he checks the pinpad cannot be easily read from the PC. :) I'm waiting for cards w/ integrated pinpad :) BYtE, Diego. From josef at netpage.dk Mon Jun 24 16:01:33 2013 From: josef at netpage.dk (Josef Schneider) Date: Mon, 24 Jun 2013 16:01:33 +0200 Subject: How do I make the private key on a OpenPGP smartcard non exportable ? In-Reply-To: <51C8418E.40607@gmail.com> References: <51BF8048.4030502@gmail.com> <20130619152133.GA3452@fritha.org> <51C23BD5.2020104@securemecca.net> <20130622073506.GA1597@fritha.org> <51C5A099.3060104@gmail.com> <87hagnq5zb.fsf@vigenere.g10code.de> <51C8418E.40607@gmail.com> Message-ID: On Mon, Jun 24, 2013 at 2:54 PM, NdK wrote: > > Il 24/06/2013 10:15, Werner Koch ha scritto: > > >> A smartcard could be useful anyway, at least as a "portable keyring" > >> (if it didn't need initialization on every machine...). > > A USB memory stick fulfills the same purpose. > Not really secure... Not any less secure than a Smartcard that allows key export! > > > > In any case it is a really complex task and not easy to get > > right - if at all. > The card hosts public key of a "export-authorizing" CA (well, it's not a > real CA, since it doesn't do certificates at all... but call it that way > for clarity). > When I send to the card an export command w/ a public key signed > encrypted by the CA's private key, the card answers with the private key > encrypted under the signed public key (thinking about requiring a > signature w/ private key of the requesting card). > Plain old RSA, layered. Then you need a secure way to store the CA key. That is essentially exactly the same problem! I mean you can put it on a card and allow export of the CA key only if the request is signed by a SuperSecureCA key... But how do you control the export of the SuperSecureCA key? If you want a key backup, why not just create the key on a secure offline machine, copy it to a secure location (I print mine out using PaperBak) and then move it to the card on that secure offline machine? Works great! Best regards, Josef From josef at netpage.dk Mon Jun 24 16:09:39 2013 From: josef at netpage.dk (Josef Schneider) Date: Mon, 24 Jun 2013 16:09:39 +0200 Subject: [Gpg4win-devel] GpgEX for 64 bit Windows test version In-Reply-To: <87ppvcos2n.fsf@vigenere.g10code.de> References: <87ppvcos2n.fsf@vigenere.g10code.de> Message-ID: On Mon, Jun 24, 2013 at 10:01 AM, Werner Koch wrote: > Hi! > > I just uploaded a test version of GpgEX (the GnuPG Explorer Plugin) for > Windows 64 bit. This is just the bare standalone DLL without an > installer. If you are using a 64 bit Windows system with Gpg4win, you > may want to test this DLL: Hi, I tried all of the possible functions work. The only problem I found is, that help asks for Admin rights. And if the rights are granted, it starts Internet Explorer, not the default browser! All of this on Windows 8 Pro 64bit German Best regards, Josef From wk at gnupg.org Mon Jun 24 18:14:30 2013 From: wk at gnupg.org (Werner Koch) Date: Mon, 24 Jun 2013 18:14:30 +0200 Subject: [Gpg4win-devel] GpgEX for 64 bit Windows test version In-Reply-To: (Josef Schneider's message of "Mon, 24 Jun 2013 16:09:39 +0200") References: <87ppvcos2n.fsf@vigenere.g10code.de> Message-ID: <87wqpjo595.fsf@vigenere.g10code.de> On Mon, 24 Jun 2013 16:09, josef at netpage.dk said: > Hi, I tried all of the possible functions work. Thanks. > The only problem I found is, that help asks for Admin rights. And if > the rights are granted, it starts Internet Explorer, not the default > browser! I need to check how to access the default browser. It uses the class ID of "InternetExplorer.Application" to lookup IWebBrowser2. Might it be that Windows asks for Adim rights because it uses Internet Explorer for the first time? I can't replicate that on my Windows 7 box. > All of this on Windows 8 Pro 64bit German Great, at least some stuff works on Windows 8. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From oldbob at oldbob.co.uk Mon Jun 24 20:18:56 2013 From: oldbob at oldbob.co.uk (Bob Henson) Date: Mon, 24 Jun 2013 19:18:56 +0100 Subject: GpgEX for 64 bit Windows test version In-Reply-To: <87ppvcos2n.fsf@vigenere.g10code.de> References: <87ppvcos2n.fsf@vigenere.g10code.de> Message-ID: <51C88D90.1020200@oldbob.co.uk> On 24/06/2013 9:01 AM, Werner Koch wrote: > > Hi! > > > > I just uploaded a test version of GpgEX (the GnuPG Explorer Plugin) for > > Windows 64 bit. This is just the bare standalone DLL without an > > installer. If you are using a 64 bit Windows system with Gpg4win, you > > may want to test this DLL: > > > > ftp://ftp.g10code.com/g10code/gpgex/gpgex-1.0.0-beta19-bin.zip > > ftp://ftp.g10code.com/g10code/gpgex/gpgex-1.0.0-beta19-bin.zip.sig > > To install the DLL please unzip the ZIP file and as Admin store the DLL > > as > > > > c:\Program files\GNU\GnuPG\bin\gpgex.dll > > On my Window 7 64bit system, GnuPG 1.4.13 installed itself in c:\Program Files (x86)\GNU\GnuPG\ - the 32bit section. When I installed Gpg4win, the installer offered install GPG2 in that same directory, but I added a 2 to keep the two separate, ie. it was installed in c:\Program Files (x86)\GNU\GnuPG2\ Your instructions above point to the \bin directory under the 64 bit Program Files directory, not the 32bit. I assumed that I needed to have gpgex.dll along with the other files and installed it in the \bin directory with the rest of my gpg2 files ie. under c:\Program Files (x86)\GNU\GnuPG2\bin\gpgex.dll. Should I have created a new directory under the 64bit Program File directory just for the one new file? When I ran regsvr32 c:\Program Files (x86)\GNU\GnuPG2\bin\gpgex.dll it just caused an error, saying "The module "c:\program" failed to load. Make sure the binary is stored at the specified path or debug it to check for problems with the binary or dependant .dll files. The specified module could not be found." It looks to me as though the regsvr command is looking for a program to run called "c:\program"? As I can't run the 32 bit version of GPGex anyway on this system, can I not just overwrite the existing copy of gpgex.dll with the 64 bit one and reboot? What should I try if not, please? Regards, Bob From yyy at yyy.id.lv Mon Jun 24 20:47:07 2013 From: yyy at yyy.id.lv (yyy) Date: Mon, 24 Jun 2013 21:47:07 +0300 Subject: GpgEX for 64 bit Windows test version In-Reply-To: <51C88D90.1020200@oldbob.co.uk> References: <87ppvcos2n.fsf@vigenere.g10code.de> <51C88D90.1020200@oldbob.co.uk> Message-ID: <51C8942B.90104@yyy.id.lv> On 2013.06.24. 21:18, Bob Henson wrote: > it just caused an error, saying "The module "c:\program" failed to > load. Make sure the binary is stored at the specified path or debug it > to check for problems with the binary or dependant .dll files. The > specified module could not be found." It looks to me as though the > regsvr command is looking for a program to run called "c:\program"? As > I can't run the 32 bit version of GPGex anyway on this system, can I > not just overwrite the existing copy of gpgex.dll with the 64 bit one > and reboot? What should I try if not, please? Paths with spaces needs to be escaped. Put that "C:\program files..." in quotes. (""). From hhhobbit at securemecca.net Tue Jun 25 01:53:20 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Mon, 24 Jun 2013 23:53:20 +0000 Subject: GpgEX for 64 bit Windows test version In-Reply-To: <51C88D90.1020200@oldbob.co.uk> References: <87ppvcos2n.fsf@vigenere.g10code.de> <51C88D90.1020200@oldbob.co.uk> Message-ID: <51C8DBF0.1040904@securemecca.net> On 06/24/2013 06:18 PM, Bob Henson wrote: > When I ran > > regsvr32 c:\Program Files (x86)\GNU\GnuPG2\bin\gpgex.dll > > it just caused an error, saying "The module "c:\program" failed to load. > Make sure the binary is stored at the specified path or debug it to > check for problems with the binary or dependant .dll files. The > specified module could not be found." Try putting double quotes at the start and end of the string, e.g.: regsvr32 "c:\Program Files (x86)\GNU\GnuPG2\bin\gpgex.dll" I can NOT assure you that this will work but it probably will. I wished Microsoft had used just "C:/Programs/" instead of "C:\Program Files\" for %ProgramFiles%. I don't know what to say about 64 bit other than don't mix / match. Microsoft could have used "C:/Programs/64/" but that would have made too much sense. Microsoft wants back-slashes instead of slashes and a nice mix of punctuation marks in addition to dot "." plus space characters in all folder and file names. It doesn't work very well, especially for something done from cmd.exe instead of the GUI. How bad is it? I COPY 7za.exe to use it in scripts because I don't want to make registry changes (%Path%) just to make it work from where it is at. Sigh From ndk.clanbo at gmail.com Tue Jun 25 06:24:39 2013 From: ndk.clanbo at gmail.com (NdK) Date: Tue, 25 Jun 2013 06:24:39 +0200 Subject: How do I make the private key on a OpenPGP smartcard non exportable ? In-Reply-To: References: <51BF8048.4030502@gmail.com> <20130619152133.GA3452@fritha.org> <51C23BD5.2020104@securemecca.net> <20130622073506.GA1597@fritha.org> <51C5A099.3060104@gmail.com> <87hagnq5zb.fsf@vigenere.g10code.de> <51C8418E.40607@gmail.com> Message-ID: <51C91B87.5070808@gmail.com> Il 24/06/2013 16:01, Josef Schneider ha scritto: > Then you need a secure way to store the CA key. That is essentially > exactly the same problem! Nope. Throwaway CA! > I mean you can put it on a card and allow export of the CA key only if > the request is signed by a SuperSecureCA key... There's no need to be able to export CA key. Actually the recommended way of using it (to limit key export) is: - generate CA key on card - "sign" all the needed keys - destroy it The CA key shouldn't last for long. It's not an X.509 CA. > But how do you control the export of the SuperSecureCA key? Not needed at all. Neither SupeerSecureCA nor a key export control for its non-existant key :) > If you want a key backup, why not just create the key on a secure > offline machine, copy it to a secure location (I print mine out using > PaperBak) and then move it to the card on that secure offline machine? > Works great! First: I trust more the RNG on a card than a SW one Second: maintaining an offline machine is not cheap (at least here in Italy, you can't legally use a computer where there haven't been applied security patches for more than 6 months) Third: you have a potentially accessible copy of your key -- nothing prevents your backup from being photocopied... Sure, it's encrypted but bruteforcing it is possible, at least in theory, while the original is apparently untouched. A smartcard would require physical possession of the original for quite some time (IF you decide to keep the CA key). What I suggest is something that "replaces" (being "a bit" more versatile) an offline machine where you generate a key and store it to N cards, then zap it. BYtE, Diego. From josef at netpage.dk Tue Jun 25 09:38:18 2013 From: josef at netpage.dk (Josef Schneider) Date: Tue, 25 Jun 2013 09:38:18 +0200 Subject: [Gpg4win-devel] GpgEX for 64 bit Windows test version In-Reply-To: <87wqpjo595.fsf@vigenere.g10code.de> References: <87ppvcos2n.fsf@vigenere.g10code.de> <87wqpjo595.fsf@vigenere.g10code.de> Message-ID: On Mon, Jun 24, 2013 at 6:14 PM, Werner Koch wrote: > I need to check how to access the default browser. It uses the class ID > of "InternetExplorer.Application" to lookup IWebBrowser2. Usually just with ShellExecute and Windows figures out the details! http://support.microsoft.com/kb/224816/en-us Best regards, Josef Schneider From wk at gnupg.org Tue Jun 25 09:50:16 2013 From: wk at gnupg.org (Werner Koch) Date: Tue, 25 Jun 2013 09:50:16 +0200 Subject: GpgEX for 64 bit Windows test version In-Reply-To: <51C88D90.1020200@oldbob.co.uk> (Bob Henson's message of "Mon, 24 Jun 2013 19:18:56 +0100") References: <87ppvcos2n.fsf@vigenere.g10code.de> <51C88D90.1020200@oldbob.co.uk> Message-ID: <874ncmochz.fsf@vigenere.g10code.de> On Mon, 24 Jun 2013 20:18, oldbob at oldbob.co.uk said: > On my Window 7 64bit system, GnuPG 1.4.13 installed itself in c:\Program > Files (x86)\GNU\GnuPG\ - the 32bit section. When I installed Gpg4win, Yep, that is the default on English Windows systems. > the installer offered install GPG2 in that same directory, but I added a > 2 to keep the two separate, ie. it was installed in That may lead to conflicts with the registry - better don't do it. Two version of Gpg4win are not yet supported. I am working on a portable application feature in GnuPG which will allow that. > Program Files directory, not the 32bit. I assumed that I needed to have > gpgex.dll along with the other files and installed it in the \bin Actually it doesn't really matter. The plan to put them into bin is merely so that we can easily provide a 32 bit and a 64 bit version of gpgex.dll instead of providing two sets of installers. But even that is not yet set into stone. gpgex.dll should work fine in .../GNU/GnuPG or in .../GNU/GnuPG/bin. > regsvr32 c:\Program Files (x86)\GNU\GnuPG2\bin\gpgex.dll > > it just caused an error, saying "The module "c:\program" failed to load. You have to use quotes around it. The Windows tab completion feature usually does this for you. It might be easier to cd to the directory first and then run just regsvr32 gpgex.dll > As I can't run the 32 bit version of GPGex anyway on this system, can I > not just overwrite the existing copy of gpgex.dll with the 64 bit one > and reboot? Yes, you can. The regsvr32 call is still required. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Tue Jun 25 09:55:45 2013 From: wk at gnupg.org (Werner Koch) Date: Tue, 25 Jun 2013 09:55:45 +0200 Subject: How do I make the private key on a OpenPGP smartcard non exportable ? In-Reply-To: <51C91B87.5070808@gmail.com> (NdK's message of "Tue, 25 Jun 2013 06:24:39 +0200") References: <51BF8048.4030502@gmail.com> <20130619152133.GA3452@fritha.org> <51C23BD5.2020104@securemecca.net> <20130622073506.GA1597@fritha.org> <51C5A099.3060104@gmail.com> <87hagnq5zb.fsf@vigenere.g10code.de> <51C8418E.40607@gmail.com> <51C91B87.5070808@gmail.com> Message-ID: <87zjuemxoe.fsf@vigenere.g10code.de> On Tue, 25 Jun 2013 06:24, ndk.clanbo at gmail.com said: > First: I trust more the RNG on a card than a SW one A card based RNG is often nothing more than a PRNG with a card specific seed. Modern cards seem to have a real hardware RNG. Compared to actual hardware RNGs they are very limited and probaly prone to errors. there is also no way to do extensive power up tests which all other hardware RNGs require. I consider a good OS supported RNG more reliable. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From oldbob at oldbob.co.uk Tue Jun 25 10:25:21 2013 From: oldbob at oldbob.co.uk (Bob Henson) Date: Tue, 25 Jun 2013 09:25:21 +0100 Subject: GpgEX for 64 bit Windows test version In-Reply-To: <51C8DBF0.1040904@securemecca.net> References: <87ppvcos2n.fsf@vigenere.g10code.de> <51C88D90.1020200@oldbob.co.uk> <51C8DBF0.1040904@securemecca.net> Message-ID: <51C953F1.4010803@oldbob.co.uk> On 25/06/2013 12:53 AM, Henry Hertz Hobbit wrote: > On 06/24/2013 06:18 PM, Bob Henson wrote: > >> When I ran >> >> regsvr32 c:\Program Files (x86)\GNU\GnuPG2\bin\gpgex.dll >> >> it just caused an error, saying "The module "c:\program" failed to load. >> Make sure the binary is stored at the specified path or debug it to >> check for problems with the binary or dependant .dll files. The >> specified module could not be found." > > Try putting double quotes at the start and end of the string, > e.g.: > > regsvr32 "c:\Program Files (x86)\GNU\GnuPG2\bin\gpgex.dll" > > I can NOT assure you that this will work but it probably > will. > That was my problem - thank you for the explanation. > I wished Microsoft had used just "C:/Programs/" instead of > "C:\Program Files\" for %ProgramFiles%. I don't know what > to say about 64 bit other than don't mix / match. Microsoft > could have used "C:/Programs/64/" but that would have made > too much sense. Microsoft wants back-slashes instead of > slashes and a nice mix of punctuation marks in addition to > dot "." plus space characters in all folder and file names. > It doesn't work very well, especially for something done from > cmd.exe instead of the GUI. How bad is it? I COPY 7za.exe > to use it in scripts because I don't want to make registry > changes (%Path%) just to make it work from where it is at. > > Sigh I can see your points. I have only recently started using Linux, and the command line functions are much more logical - however, using two sets is even more confusing. Now I can't remember which way to slash :-) I blame old age - but I get there in the end, with the help of my friends. GpgEx is now working just fine. I used to use another explorer extension ( I forget the name - I think it used to be in Gpg4win?) which stopped being developed so it will be handy to have one again. Regards, Bob From oldbob at oldbob.co.uk Tue Jun 25 10:36:46 2013 From: oldbob at oldbob.co.uk (Bob Henson) Date: Tue, 25 Jun 2013 09:36:46 +0100 Subject: GpgEX for 64 bit Windows test version In-Reply-To: <87ppvcos2n.fsf@vigenere.g10code.de> References: <87ppvcos2n.fsf@vigenere.g10code.de> Message-ID: <51C9569E.40100@oldbob.co.uk> On 24/06/2013 9:01 AM, Werner Koch wrote: > Now you may want to test it out. Note that I also added an About menu > which should always work, even if no UI-server is running. The > translations are not yet included in the ZIP file. > Having finally solved my problem with installation, I've been trying GpgEX this morning and so far all seems to be fine. I've tried all the functions separately, and had no problems at all yet - obviously I'll report back if I get any. Thanks for the help. Regards, Bob From josef at netpage.dk Tue Jun 25 10:40:31 2013 From: josef at netpage.dk (Josef Schneider) Date: Tue, 25 Jun 2013 10:40:31 +0200 Subject: GpgEX for 64 bit Windows test version In-Reply-To: <874ncmochz.fsf@vigenere.g10code.de> References: <87ppvcos2n.fsf@vigenere.g10code.de> <51C88D90.1020200@oldbob.co.uk> <874ncmochz.fsf@vigenere.g10code.de> Message-ID: On Tue, Jun 25, 2013 at 9:50 AM, Werner Koch wrote: > On Mon, 24 Jun 2013 20:18, oldbob at oldbob.co.uk said: >> As I can't run the 32 bit version of GPGex anyway on this system, can I >> not just overwrite the existing copy of gpgex.dll with the 64 bit one >> and reboot? > > Yes, you can. The regsvr32 call is still required. But if you do this, the extension won't be available in 32bit processes! (32bit explorer.exe, file selection dialogues in 32bit programs, 32bit file managers...) Best regards, Josef Schneider From oldbob at oldbob.co.uk Tue Jun 25 10:56:41 2013 From: oldbob at oldbob.co.uk (Bob Henson) Date: Tue, 25 Jun 2013 09:56:41 +0100 Subject: GpgEX for 64 bit Windows test version In-Reply-To: References: <87ppvcos2n.fsf@vigenere.g10code.de> <51C88D90.1020200@oldbob.co.uk> <874ncmochz.fsf@vigenere.g10code.de> Message-ID: <51C95B49.2000709@oldbob.co.uk> On 25/06/2013 9:40 AM, Josef Schneider wrote: > On Tue, Jun 25, 2013 at 9:50 AM, Werner Koch wrote: >> On Mon, 24 Jun 2013 20:18, oldbob at oldbob.co.uk said: >>> As I can't run the 32 bit version of GPGex anyway on this system, can I >>> not just overwrite the existing copy of gpgex.dll with the 64 bit one >>> and reboot? >> >> Yes, you can. The regsvr32 call is still required. > > But if you do this, the extension won't be available in 32bit > processes! (32bit explorer.exe, file selection dialogues in 32bit > programs, 32bit file managers...) > I put it in a separate directory in the end, so I should have the best of both worlds. I don't think I have any 32bit processes in use - but I'm covered anyway. Regards, Bob From wk at gnupg.org Tue Jun 25 11:50:51 2013 From: wk at gnupg.org (Werner Koch) Date: Tue, 25 Jun 2013 11:50:51 +0200 Subject: [Gpg4win-devel] GpgEX for 64 bit Windows test version In-Reply-To: (Josef Schneider's message of "Tue, 25 Jun 2013 09:38:18 +0200") References: <87ppvcos2n.fsf@vigenere.g10code.de> <87wqpjo595.fsf@vigenere.g10code.de> Message-ID: <87ip12msck.fsf@vigenere.g10code.de> On Tue, 25 Jun 2013 09:38, josef at netpage.dk said: > Usually just with ShellExecute and Windows figures out the details! I do this way in GpgOL. However Marcus decided for soemthing different in GpgEX. I have a dark recollection that this was due to problems with Explorer plugins. The problem seems to appear because the helpfile is not installed or found and thus the fallback to the website is used. For privacy reasons I even consider to remove this fallback and put up a message instead. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From ndk.clanbo at gmail.com Tue Jun 25 12:32:36 2013 From: ndk.clanbo at gmail.com (NdK) Date: Tue, 25 Jun 2013 12:32:36 +0200 Subject: How do I make the private key on a OpenPGP smartcard non exportable ? In-Reply-To: <87zjuemxoe.fsf@vigenere.g10code.de> References: <51BF8048.4030502@gmail.com> <20130619152133.GA3452@fritha.org> <51C23BD5.2020104@securemecca.net> <20130622073506.GA1597@fritha.org> <51C5A099.3060104@gmail.com> <87hagnq5zb.fsf@vigenere.g10code.de> <51C8418E.40607@gmail.com> <51C91B87.5070808@gmail.com> <87zjuemxoe.fsf@vigenere.g10code.de> Message-ID: <51C971C4.3050303@gmail.com> Il 25/06/2013 09:55, Werner Koch ha scritto: >> First: I trust more the RNG on a card than a SW one > A card based RNG is often nothing more than a PRNG with a card specific > seed. Modern cards seem to have a real hardware RNG. I'm referring to cards compatible with GlobalPlatform 2.1.1 (minimum), that is the baseline for MyPGPid applet. That should be "recent enough" to have a real RNG (if RandomData.ALG_SECURE_RANDOM is implemented). > Compared to > actual hardware RNGs they are very limited and probaly prone to errors. Shouldn't RNG be subject to the various certifications the card have to pass for CC and EAL ? > there is also no way to do extensive power up tests which all other > hardware RNGs require. Dedicated applet that only returns random data? > I consider a good OS supported RNG more reliable. Might be, but it's prone to a lot of possible attacks, too :) BYtE, Diego. From daniel at pocock.com.au Tue Jun 25 13:02:34 2013 From: daniel at pocock.com.au (Daniel Pocock) Date: Tue, 25 Jun 2013 13:02:34 +0200 Subject: using OpenPGP card as an X.509 CA? Message-ID: <51C978CA.7030504@pocock.com.au> I understand the OpenPGP card can hold one X.509 certificate Can this be used in practice to run an in-house CA to sign other X.509 certificates, e.g. for small VPN setups? Also, can the X.509 cert on the OpenPGP card be used with StrongSwan (as a client or server cert for VPN)? From daniel at pocock.com.au Tue Jun 25 12:43:37 2013 From: daniel at pocock.com.au (Daniel Pocock) Date: Tue, 25 Jun 2013 12:43:37 +0200 Subject: using OpenPGP card as an X.509 CA? Message-ID: <51C97459.5070709@pocock.com.au> I understand the OpenPGP card can hold one X.509 certificate Can this be used in practice to run an in-house CA to sign other X.509 certificates, e.g. for small VPN setups? Also, can the X.509 cert on the OpenPGP card be used with StrongSwan (as a client or server cert for VPN)? From wk at gnupg.org Tue Jun 25 15:28:18 2013 From: wk at gnupg.org (Werner Koch) Date: Tue, 25 Jun 2013 15:28:18 +0200 Subject: using OpenPGP card as an X.509 CA? In-Reply-To: <51C97459.5070709@pocock.com.au> (Daniel Pocock's message of "Tue, 25 Jun 2013 12:43:37 +0200") References: <51C97459.5070709@pocock.com.au> Message-ID: <874ncmmia5.fsf@vigenere.g10code.de> On Tue, 25 Jun 2013 12:43, daniel at pocock.com.au said: > I understand the OpenPGP card can hold one X.509 certificate Actually the card does not hold any certifciate but merely the keys and OpenPGP fingerprints of the certificates. You can very well use such a key to create an X.509 certifciate: $ gpgsm --gen-key gpgsm: NOTE: THIS IS A DEVELOPMENT VERSION! gpgsm: It is only intended for test purposes and should NOT be gpgsm: used in a production environment or with production keys! Please select what kind of key you want: (1) RSA (2) Existing key (3) Existing key from card Your selection? 3 Serial number of the card: D2760001240102000005000001230000 Available keys: (1) C003409A7489993713D22A10DD0604853FEE33F8 OPENPGP.1 (2) C91C9AA0731D82B3B3191EA68478EAD4B5069EE8 OPENPGP.2 (3) EC9663F3E82CEAC9734212CF13AAAA1A63B0F7DC OPENPGP.3 Your selection? > Can this be used in practice to run an in-house CA to sign other X.509 > certificates, e.g. for small VPN setups? There is no software to manage a CA but you can do it manually with gpgsm. > Also, can the X.509 cert on the OpenPGP card be used with StrongSwan (as > a client or server cert for VPN)? Depends on what interface is supported. If it uses pkcs#11 you may want to checkout Scute. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Tue Jun 25 15:33:29 2013 From: wk at gnupg.org (Werner Koch) Date: Tue, 25 Jun 2013 15:33:29 +0200 Subject: GpgEX for 64 bit Windows test version In-Reply-To: <51C953F1.4010803@oldbob.co.uk> (Bob Henson's message of "Tue, 25 Jun 2013 09:25:21 +0100") References: <87ppvcos2n.fsf@vigenere.g10code.de> <51C88D90.1020200@oldbob.co.uk> <51C8DBF0.1040904@securemecca.net> <51C953F1.4010803@oldbob.co.uk> Message-ID: <87vc52l3h2.fsf@vigenere.g10code.de> On Tue, 25 Jun 2013 10:25, oldbob at oldbob.co.uk said: > GpgEx is now working just fine. I used to use another explorer extension > ( I forget the name - I think it used to be in Gpg4win?) which stopped > being developed so it will be handy to have one again. GpgEE. We replaced it by GpgEX because GpgEE was written in Delphi and there was no way to build it with a free tools chain or even cross-build. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Tue Jun 25 15:31:37 2013 From: wk at gnupg.org (Werner Koch) Date: Tue, 25 Jun 2013 15:31:37 +0200 Subject: GpgEX for 64 bit Windows test version In-Reply-To: (Josef Schneider's message of "Tue, 25 Jun 2013 10:40:31 +0200") References: <87ppvcos2n.fsf@vigenere.g10code.de> <51C88D90.1020200@oldbob.co.uk> <874ncmochz.fsf@vigenere.g10code.de> Message-ID: <87zjuel3k6.fsf@vigenere.g10code.de> On Tue, 25 Jun 2013 10:40, josef at netpage.dk said: > But if you do this, the extension won't be available in 32bit > processes! (32bit explorer.exe, file selection dialogues in 32bit Windows 7 64 bit has no more option to use a 32 bit explorer. This the the very reason for the 64 bit GpgEX ;-) Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From daniel at pocock.com.au Tue Jun 25 17:32:22 2013 From: daniel at pocock.com.au (Daniel Pocock) Date: Tue, 25 Jun 2013 17:32:22 +0200 Subject: using OpenPGP card as an X.509 CA? In-Reply-To: <874ncmmia5.fsf@vigenere.g10code.de> References: <51C97459.5070709@pocock.com.au> <874ncmmia5.fsf@vigenere.g10code.de> Message-ID: <51C9B806.8060201@pocock.com.au> On 25/06/13 15:28, Werner Koch wrote: > On Tue, 25 Jun 2013 12:43, daniel at pocock.com.au said: >> I understand the OpenPGP card can hold one X.509 certificate > Actually the card does not hold any certifciate but merely the keys and > OpenPGP fingerprints of the certificates. You can very well use such a > key to create an X.509 certifciate: > > $ gpgsm --gen-key > gpgsm: NOTE: THIS IS A DEVELOPMENT VERSION! > gpgsm: It is only intended for test purposes and should NOT be > gpgsm: used in a production environment or with production keys! > Please select what kind of key you want: > (1) RSA Should this option work without a smart card, e.g. creating a key in the local home directory? When I run it, it takes me through the questions, asks me to confirm the cert details and then fails with gpgsm: line 1: key generation failed: Unsupported certificate > (2) Existing key > (3) Existing key from card > Your selection? 3 > Serial number of the card: D2760001240102000005000001230000 > Available keys: > (1) C003409A7489993713D22A10DD0604853FEE33F8 OPENPGP.1 > (2) C91C9AA0731D82B3B3191EA68478EAD4B5069EE8 OPENPGP.2 > (3) EC9663F3E82CEAC9734212CF13AAAA1A63B0F7DC OPENPGP.3 > Your selection? > >> Can this be used in practice to run an in-house CA to sign other X.509 >> certificates, e.g. for small VPN setups? > There is no software to manage a CA but you can do it manually with gpgsm. I found the command "--sign" in the man page, but there is no example. Should "--sign" take a CSR as input and generate a cert as output and could you provide an example? Or is some intermediate processing needed to convert the CSR into something the gpgsm can sign? >> Also, can the X.509 cert on the OpenPGP card be used with StrongSwan (as >> a client or server cert for VPN)? > Depends on what interface is supported. If it uses pkcs#11 you may want > to checkout Scute. strongSwan reportedly works with PKCS#11 / OpenSC, it's hard for me to understand if Scute will work but I don't mind trying it. I notice the Scute "Features and Limitations" page says it only works with 36 byte signatures for MD5 and SHA1 hashes. Many people have now moved to SHA2 or stronger hashes From di44vq at nottheoilrig.com Tue Jun 25 20:12:42 2013 From: di44vq at nottheoilrig.com (Jack Bates) Date: Tue, 25 Jun 2013 11:12:42 -0700 Subject: Transfer subkey to other keyring Message-ID: <51C9DD9A.3060707@nottheoilrig.com> Hello, I want to transfer a subkey from one keyring to another, but I get the following error: gpg: key 7FABB65F: already in secret keyring gpg: Total number processed: 1 gpg: secret keys read: 1 gpg: secret keys unchanged: 1 Here is the command I am running: $ gpg --homedir . --export-options export-reset-subkey-passwd --export-secret-subkeys 10D03493\! | gpg --import-options merge-only --import The destination keyring does not already contain the subkey 10D03493 (and unfortunately it still does not contain it after running the command) What am I doing wrong? From hhhobbit at securemecca.net Tue Jun 25 23:44:46 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Tue, 25 Jun 2013 21:44:46 +0000 Subject: Transfer subkey to other keyring In-Reply-To: <51C9DD9A.3060707@nottheoilrig.com> References: <51C9DD9A.3060707@nottheoilrig.com> Message-ID: <51CA0F4E.5090007@securemecca.net> On 06/25/2013 06:12 PM, Jack Bates wrote: > Hello, I want to transfer a subkey from one keyring to another, but I > get the following error: > > gpg: key 7FABB65F: already in secret keyring > gpg: Total number processed: 1 > gpg: secret keys read: 1 > gpg: secret keys unchanged: 1 > > Here is the command I am running: > > $ gpg --homedir . --export-options export-reset-subkey-passwd \ > --export-secret-subkeys 10D03493\! | gpg --import-options merge-only \ > --import > > The destination keyring does not already contain the subkey 10D03493 > (and unfortunately it still does not contain it after running the command) > > What am I doing wrong? Why are you setting --homedir to the current folder (.) and where are you at when you are running the command? I added some back-slashes for clarity since my mailer wrapped (sorry). You say one keyring to another which implies two directories (folders). IOW, the command implies you are trying to export from the folder you are in which is NOT ${HOME}/.gnupg into ${HOME}/.gnupg (you took the default for the second gpg which is ${HOME}/.gnupg unless you set environment variable GNUPGHOME to something else. But the error seems to indicate: 1. You are in ${HOME}/.gnupg, e.g., you did a: $cd ~/.gnupg 2. You are setting the the --homedir explicitly to "." which is now ${HOME}/.gnupg for export and the import is also going to ${HOME}/.gnupg (same folder) implicitly unless you over-rode it with the environment variable GNUPGHOME to be something else. The error seems to indicate you are importing to the same folder you are exporting from. I would suggest using the --homedir with the actual ${HOME}/FROM-DIR-PATH for the first gpg and --homedir with the actual ${HOME}/TO-DIR-PATH for the second gpg. That makes it explicit where it is coming from and going to. I leave it to others to say whether the commands once that is handled are correct. It seems to be from the man pages but since I have never done it ... From markr-gnupg at signal100.com Wed Jun 26 04:25:24 2013 From: markr-gnupg at signal100.com (Mark Rousell) Date: Wed, 26 Jun 2013 03:25:24 +0100 Subject: GpgEX for 64 bit Windows test version In-Reply-To: <51C95B49.2000709@oldbob.co.uk> References: <87ppvcos2n.fsf@vigenere.g10code.de> <51C88D90.1020200@oldbob.co.uk> <874ncmochz.fsf@vigenere.g10code.de> <51C95B49.2000709@oldbob.co.uk> Message-ID: <51CA5114.7000006@signal100.com> On 25/06/2013 09:56, Bob Henson wrote: > I put it in a separate directory in the end, so I should have the best > of both worlds. I don't think I have any 32bit processes in use - but > I'm covered anyway. If you run any 32bit programs at all (i.e. most applications) then the system-supplied file open/save dialogs for those programs with be 32bit and so these will use 32bit Explorer extensions. (Oops, forgot to reply to list previously). -- MarkR PGP public key: http://www.signal100.com/markr/pgp Key ID: C9C5C162 From markr-gnupg at signal100.com Wed Jun 26 04:34:29 2013 From: markr-gnupg at signal100.com (Mark Rousell) Date: Wed, 26 Jun 2013 03:34:29 +0100 Subject: GpgEX for 64 bit Windows test version In-Reply-To: <87zjuel3k6.fsf@vigenere.g10code.de> References: <87ppvcos2n.fsf@vigenere.g10code.de> <51C88D90.1020200@oldbob.co.uk> <874ncmochz.fsf@vigenere.g10code.de> <87zjuel3k6.fsf@vigenere.g10code.de> Message-ID: <51CA5335.40005@signal100.com> On 25/06/2013 14:31, Werner Koch wrote: > On Tue, 25 Jun 2013 10:40, josef at netpage.dk said: > >> But if you do this, the extension won't be available in 32bit >> processes! (32bit explorer.exe, file selection dialogues in 32bit > > Windows 7 64 bit has no more option to use a 32 bit explorer. This the > the very reason for the 64 bit GpgEX ;-) It is true that 32bit Windows Explorer cannot be run on 64bit Windows 7 and later but what Josef said about file open/save dialogs in 32bit programs and 32bit file managers running on 64bit Windows is correct -- these still use 32bit shell extensions Windows. -- MarkR PGP public key: http://www.signal100.com/markr/pgp Key ID: C9C5C162 From markr-gnupg at signal100.com Wed Jun 26 04:35:45 2013 From: markr-gnupg at signal100.com (Mark Rousell) Date: Wed, 26 Jun 2013 03:35:45 +0100 Subject: GpgEX for 64 bit Windows test version In-Reply-To: <51CA5114.7000006@signal100.com> References: <87ppvcos2n.fsf@vigenere.g10code.de> <51C88D90.1020200@oldbob.co.uk> <874ncmochz.fsf@vigenere.g10code.de> <51C95B49.2000709@oldbob.co.uk> <51CA5114.7000006@signal100.com> Message-ID: <51CA5381.4040502@signal100.com> On 26/06/2013 03:25, Mark Rousell wrote: > On 25/06/2013 09:56, Bob Henson wrote: >> I put it in a separate directory in the end, so I should have the best >> of both worlds. I don't think I have any 32bit processes in use - but >> I'm covered anyway. > > If you run any 32bit programs at all (i.e. most applications) then the > system-supplied file open/save dialogs for those programs with be 32bit > and so these will use 32bit Explorer extensions. > > (Oops, forgot to reply to list previously). And I see that Josef Schneider already said the same thing. Apologies for the repetition. -- MarkR PGP public key: http://www.signal100.com/markr/pgp Key ID: C9C5C162 From wk at gnupg.org Wed Jun 26 11:30:34 2013 From: wk at gnupg.org (Werner Koch) Date: Wed, 26 Jun 2013 11:30:34 +0200 Subject: Transfer subkey to other keyring In-Reply-To: <51C9DD9A.3060707@nottheoilrig.com> (Jack Bates's message of "Tue, 25 Jun 2013 11:12:42 -0700") References: <51C9DD9A.3060707@nottheoilrig.com> Message-ID: <87ppv9gqx1.fsf@vigenere.g10code.de> On Tue, 25 Jun 2013 20:12, di44vq at nottheoilrig.com said: > Hello, I want to transfer a subkey from one keyring to another, but I > get the following error: Do you want to put a subkey under a different primary key? There are no command line options for that. Recall that a subkey is bound by a key signature to the primary key. With the development version (2.1) it is possible to add a subkey using any existing key: Use "gpg2 --edit-key", "addkey", select "(13) Existing key", and enter the keygrip. To view all keygrip run "gpg2 --with-keygrip -K". Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Wed Jun 26 11:59:35 2013 From: wk at gnupg.org (Werner Koch) Date: Wed, 26 Jun 2013 11:59:35 +0200 Subject: GpgEX for 64 bit Windows test version In-Reply-To: <51CA5114.7000006@signal100.com> (Mark Rousell's message of "Wed, 26 Jun 2013 03:25:24 +0100") References: <87ppvcos2n.fsf@vigenere.g10code.de> <51C88D90.1020200@oldbob.co.uk> <874ncmochz.fsf@vigenere.g10code.de> <51C95B49.2000709@oldbob.co.uk> <51CA5114.7000006@signal100.com> Message-ID: <87li5xgpko.fsf@vigenere.g10code.de> On Wed, 26 Jun 2013 04:25, markr-gnupg at signal100.com said: > If you run any 32bit programs at all (i.e. most applications) then the > system-supplied file open/save dialogs for those programs with be 32bit > and so these will use 32bit Explorer extensions. I was not ware that GpgEX is also used by the open and save dialogs. Just tried it with DbgView and indeed - after registering the 32 bit version of gpgex it works. They currently share the same registry entries - maybe I need to use different ones so that it is possible to load both. -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From daniel at pocock.com.au Wed Jun 26 15:10:19 2013 From: daniel at pocock.com.au (Daniel Pocock) Date: Wed, 26 Jun 2013 15:10:19 +0200 Subject: subkeys on smartcard? Message-ID: <51CAE83B.7080402@pocock.com.au> I understand this is a bit old, but I believe the concept is still current: http://www.gnupg.org/howtos/card-howto/en/smartcard-howto-single.html#id2507429 Essentially, can anyone confirm why it is recommended to only store subkeys on a smart card? a) is it because of the risk that the card might be lost or damaged? b) or is it because of the risk that a smartcard may fall into the wrong hands? If the primary key was generated on a PC and stored onto two smart cards and they were both kept in secure locations and only used in a secure location, is it therefore quite acceptable to use the primary key on a smart card and potentially more secure than keeping it on a disk? From pete at heypete.com Wed Jun 26 15:22:49 2013 From: pete at heypete.com (Pete Stephenson) Date: Wed, 26 Jun 2013 15:22:49 +0200 Subject: subkeys on smartcard? In-Reply-To: <51CAE83B.7080402@pocock.com.au> References: <51CAE83B.7080402@pocock.com.au> Message-ID: On Wed, Jun 26, 2013 at 3:10 PM, Daniel Pocock wrote: > I understand this is a bit old, but I believe the concept is still current: > > http://www.gnupg.org/howtos/card-howto/en/smartcard-howto-single.html#id2507429 > > Essentially, can anyone confirm why it is recommended to only store > subkeys on a smart card? > > a) is it because of the risk that the card might be lost or damaged? > > b) or is it because of the risk that a smartcard may fall into the wrong > hands? > > If the primary key was generated on a PC and stored onto two smart cards > and they were both kept in secure locations and only used in a secure > location, is it therefore quite acceptable to use the primary key on a > smart card and potentially more secure than keeping it on a disk? [original reply was sent only to Daniel, I'm re-sending the reply to the mailing list] I think it's mostly the latter (i.e., that the primary key could fall into the wrong hands). That, and many people have DSA primary keys that are not supported by the RSA-only smartcards. Using subkeys helps insulate the primary key from potential badness: subkeys can be revoked and replaced without any major issues. Revocation of the primary key would require that one re-acquire signatures from other people to regain their position in the Web of Trust. This can often be a hassle. The same thing applies if there's no backup of a smartcard-based primary key. Personally, I keep encryption/signing subkeys on one smartcard and the primary key on a different smartcard (both with offline, secure backups). From mailinglisten at hauke-laging.de Wed Jun 26 15:30:25 2013 From: mailinglisten at hauke-laging.de (Hauke Laging) Date: Wed, 26 Jun 2013 15:30:25 +0200 Subject: subkeys on smartcard? In-Reply-To: <51CAE83B.7080402@pocock.com.au> References: <51CAE83B.7080402@pocock.com.au> Message-ID: <23663647.jfAgvKM7q0@inno.berlin.laging.de> Am Mi 26.06.2013, 15:10:19 schrieb Daniel Pocock: > Essentially, can anyone confirm why it is recommended to only store > subkeys on a smart card? That has little to do with smartcards. Mainkeys should always be stored and used safely ("offline"). Smartcards are typically used in an unsafe environment. If the mainkey is on the card then it can easily be accessed by an attacker. The key cannot be stolen but be abused. Highly secure mainkeys are the last line of defense. If even they are potentially compromised there is nothing left to trust. Hauke -- ? PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04) http://www.openpgp-courses.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 572 bytes Desc: This is a digitally signed message part. URL: From daniel at pocock.com.au Wed Jun 26 15:42:03 2013 From: daniel at pocock.com.au (Daniel Pocock) Date: Wed, 26 Jun 2013 15:42:03 +0200 Subject: subkeys on smartcard? In-Reply-To: <23663647.jfAgvKM7q0@inno.berlin.laging.de> References: <51CAE83B.7080402@pocock.com.au> <23663647.jfAgvKM7q0@inno.berlin.laging.de> Message-ID: <51CAEFAB.4090500@pocock.com.au> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 26/06/13 15:30, Hauke Laging wrote: > Am Mi 26.06.2013, 15:10:19 schrieb Daniel Pocock: > >> Essentially, can anyone confirm why it is recommended to only store >> subkeys on a smart card? > > That has little to do with smartcards. Mainkeys should always be stored and > used safely ("offline"). Smartcards are typically used in an unsafe > environment. If the mainkey is on the card then it can easily be accessed by > an attacker. The key cannot be stolen but be abused. > > Highly secure mainkeys are the last line of defense. If even they are > potentially compromised there is nothing left to trust. My own feeling is that a smart card used in a secure location is the best place for the main/primary key, especially if combined with other security measures (e.g. offline PC, reader with PIN pad). The only other issue that arises then is longevity: is a smartcard considered more or less stable than any other type of device for long term key storage? There are other practical issues too: is a smartcard likely to survive a fire if stored in one of those fire-proof packets in a safe? A fire-proof box for a HDD or laptop tends to be much more expensive than one that just holds a small documents/smartcards/DVD media -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJRyu+rAAoJEOm1uwJp1aqDYi0QAMB4+HJIFIltLAUYne7q0Tue 1LsPgyDT4OiXW0pFFHt/bzdneufSjmQq7VNmoFuEE/bzpLOb2pVxDLO6QESdtn2L 0fFh4xdIhOmDSu8/JpK5hY+6r8PNEQPZ+havPke2vSJDMobtR5RS3T3X3p+nEh0/ RUo9x/bTooRwYFz25cYpoMOh5rJAgFRtpRlBbwLpG0H1Jh+oANLRsmRbD45PKST2 6lMTYbD9jIwOI2teJq0960aPmRgbaCYUeS8roacgmF+ANSwsYiwTnfGvx9PyhwzJ 5Zw2UE9Dyh/GkGCU4+b2uMqQsTlQmSk6IowZGp4jrAgpBApZnu4kmUXYUAfTnULX pPW/1SVvCTUId2AIw5ovNdicg1uAwsJ2XHjbDvP3saP56EG8qTY6c5bzord1Z2+8 fZyaU/B/jyjS5ZCUBn5GBhM96DAJXX9BTi5DaoWlA8QgKhL1UhjQDlVnQ2hIGvls BPx7RWhKkPzShDq+q0q3L9MUuesrvxCFqgQEfQAPSJZj3+YGTrGx3rOP5rOC/fd0 uUAusbwJt6jYGZI0f3dKZF1XzCVD6KOzlxHuAGdYmHr1LiwxBjXiAauEI+smX60V 8gqKa85uicJFjDtElbBKrzmntWV3Og0QeBxV0UVMBKwxDSCpaYjQDur2lQbJ23LA IzWG2dXw2gzTSV5MXRl/ =4UyJ -----END PGP SIGNATURE----- From wk at gnupg.org Wed Jun 26 16:57:42 2013 From: wk at gnupg.org (Werner Koch) Date: Wed, 26 Jun 2013 16:57:42 +0200 Subject: Another GpgEX test version Message-ID: <87d2r8hqc9.fsf@vigenere.g10code.de> Hi! I just uploaded another test version of GpgEX (the GnuPG Explorer Plugin) for Windows 32 and 64 bit. These are just the bare standalone DLLs without an installer. If you are using a 64 bit Windows system with Gpg4win, you may want to test these DLL: ftp://ftp.g10code.com/g10code/gpgex/gpgex-1.0.0-beta24-bin.zip ftp://ftp.g10code.com/g10code/gpgex/gpgex-1.0.0-beta24-bin.zip.sig Here is the content of the ZIP file: 589312 2013-06-26 16:37 gpgex.dll -- The 32 bit version 738304 2013-06-26 16:37 bin/gpgex.dll -- The 64 bit version To comply with the LGPL, the sources are also available as ftp://ftp.g10code.com/g10code/gpgex/gpgex-1.0.0-beta24.tar.bz2 ftp://ftp.g10code.com/g10code/gpgex/gpgex-1.0.0-beta24.tar.bz2.sig To install the DLL please unzip the ZIP file and as Admin store the DLLs into the Gpg4win installation directory. c:\Program files\GNU\GnuPG\ To finish the installaion, please cd to the installation directory and run regsvr32 gpgex.dll regsvr32 bin\gpgex.dll Note that unregistering only one of them will make gpgex unavailabale for 32 and 64 bit processes. Changes in this version are some internal cleanups and improved help file detection and loading (the help files are not included). The 32 bit version now also does not require any non-system DLLs. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 204 bytes Desc: not available URL: From wk at gnupg.org Wed Jun 26 17:46:37 2013 From: wk at gnupg.org (Werner Koch) Date: Wed, 26 Jun 2013 17:46:37 +0200 Subject: subkeys on smartcard? In-Reply-To: <51CAEFAB.4090500@pocock.com.au> (Daniel Pocock's message of "Wed, 26 Jun 2013 15:42:03 +0200") References: <51CAE83B.7080402@pocock.com.au> <23663647.jfAgvKM7q0@inno.berlin.laging.de> <51CAEFAB.4090500@pocock.com.au> Message-ID: <87sj04g9ia.fsf@vigenere.g10code.de> On Wed, 26 Jun 2013 15:42, daniel at pocock.com.au said: > The only other issue that arises then is longevity: is a smartcard > considered more or less stable than any other type of device for long > term key storage? I doubt that. Although smartcards are pretty robust they might still break for example by accidentally bending them. Or they just die like any other chip. Paper is much more reliable. > There are other practical issues too: is a smartcard likely to survive >a fire if stored in one of those fire-proof packets in a safe? A Paper is even smaller than smartcard. Use paperkey for an emergency backup. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From lars at oddbit.com Wed Jun 26 19:45:01 2013 From: lars at oddbit.com (Lars Kellogg-Stedman) Date: Wed, 26 Jun 2013 17:45:01 +0000 (UTC) Subject: Loading authentication subkey into gpg-agent? Message-ID: Hello all, Is there a way -- not involving third-party tools -- to load an authentication capable subkey stored in my GPG keyring into a running GPG agent? I can use 'monkeysphere subkey-to-ssh-agent' (and I am, and it works fine), but given that both sides of this equation are from the same source, I was wondering if there is a more integrated solution these days. Thanks, -- Lars Kellogg-Stedman From di44vq at nottheoilrig.com Wed Jun 26 20:00:40 2013 From: di44vq at nottheoilrig.com (Jack Bates) Date: Wed, 26 Jun 2013 11:00:40 -0700 Subject: Transfer subkey to other keyring In-Reply-To: <87ppv9gqx1.fsf@vigenere.g10code.de> References: <51C9DD9A.3060707@nottheoilrig.com> <87ppv9gqx1.fsf@vigenere.g10code.de> Message-ID: <51CB2C48.4070809@nottheoilrig.com> On 26/06/13 02:30 AM, Werner Koch wrote: > On Tue, 25 Jun 2013 20:12, di44vq at nottheoilrig.com said: >> Hello, I want to transfer a subkey from one keyring to another, but I >> get the following error: > > Do you want to put a subkey under a different primary key? There are no > command line options for that. Recall that a subkey is bound by a key > signature to the primary key. > > With the development version (2.1) it is possible to add a subkey using > any existing key: Use "gpg2 --edit-key", "addkey", select "(13) Existing > key", and enter the keygrip. To view all keygrip run > "gpg2 --with-keygrip -K". Thanks Werner, I want to keep my primary key on a separate keyring (does this require putting subkeys under a different primary key?) Here are the steps I followed: # Generate primary key (I will use "--homedir a" and "--homedir b" for clarity, thanks Henry) $ gpg --homedir a --gen-key # Add subkey $ gpg --homedir a --edit-key . addkey # Transfer subkey to other keyring $ gpg --homedir a --export-options export-reset-subkey-passwd --export-secret-subkeys FAC3301A\! | gpg --homedir b --import # Add another subkey $ gpg --homedir a --edit-key . addkey # Transfer subkey to other keyring $ gpg --homedir a --export-options export-reset-subkey-passwd --export-secret-subkeys 10D03493\! | gpg --homedir b --import-options merge-only --import gpg: key 7FABB65F: already in secret keyring gpg: Total number processed: 1 gpg: secret keys read: 1 gpg: secret keys unchanged: 1 My version is 1.4.12 From wk at gnupg.org Thu Jun 27 09:49:57 2013 From: wk at gnupg.org (Werner Koch) Date: Thu, 27 Jun 2013 09:49:57 +0200 Subject: Transfer subkey to other keyring In-Reply-To: <51CB2C48.4070809@nottheoilrig.com> (Jack Bates's message of "Wed, 26 Jun 2013 11:00:40 -0700") References: <51C9DD9A.3060707@nottheoilrig.com> <87ppv9gqx1.fsf@vigenere.g10code.de> <51CB2C48.4070809@nottheoilrig.com> Message-ID: <87hagkdmca.fsf@vigenere.g10code.de> On Wed, 26 Jun 2013 20:00, di44vq at nottheoilrig.com said: > Thanks Werner, I want to keep my primary key on a separate keyring > (does this require putting subkeys under a different primary key?) No. We use a stub key instead. The command is gpg --export-secret-subkeys KEYID >newkey.gpg Run that command on a secure box. On your everyday box make sure that the secret KEYID does not exist and then import newkey.gpg. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From daniel at pocock.com.au Thu Jun 27 11:24:52 2013 From: daniel at pocock.com.au (Daniel Pocock) Date: Thu, 27 Jun 2013 11:24:52 +0200 Subject: Debian crypto strength Message-ID: <51CC04E4.3030509@pocock.com.au> Some of the discussion in this bug seems relevant to the GnuPG and GnuPG2 packages in Debian, but the bug is against the archive pseudo-package: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=612657 Can anybody else make any comments: a) should there be more effort to phase out SHA1? b) how is it being approached upstream? Is backwards-compatibility still emphasized to the same extent? c) should this become a general system-wide goal to audit and increase crypto-strength in all parts of jessie / future Debian versions? From hhhobbit at securemecca.net Thu Jun 27 15:06:42 2013 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Thu, 27 Jun 2013 13:06:42 +0000 Subject: Debian crypto strength In-Reply-To: <51CC04E4.3030509@pocock.com.au> References: <51CC04E4.3030509@pocock.com.au> Message-ID: <51CC38E2.4040703@securemecca.net> On 06/27/2013 09:24 AM, Daniel Pocock wrote: > > Some of the discussion in this bug seems relevant to the GnuPG and > GnuPG2 packages in Debian, but the bug is against the archive > pseudo-package: > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=612657 I wouldn't classify it as a bug but I did read all comments and what I write here should be classified as just the OPINION of one person, moi. Like Thomas Jefferson's religious beliefs I think I will be in a congregation of one. > Can anybody else make any comments: > > a) should there be more effort to phase out SHA1? Maybe not if the argument by one person here is to be believed and the statemnt by another that ALL of the SHA would have been vulnerable to the same attack. Did the discussion come to a satisfactory conclusion? Not for me since the arguments were mostly theoretical. I am one of those people who much prefers actual over theoretical. Where they can't phase out SHA1 they can't. Where they can they should replace it with SHA-256. The one comment saying you can have both SHA1 and SHA-256 is impractical. It is either SHA1 or something else. I suspect the inertia against shifting from SHA1 to something else is probably more the hassles they perceive it will cause than any technical considerations due to standards. > b) how is it being approached upstream? Is backwards-compatibility > still emphasized to the same extent? I don't know how much they are emphasizing backwards compatability. But in this case I don't see how it could be a problem if they are using only GnuPG. Support for SHA-256 has been in GnuPG for an awfully long time. SHA-512 may cause problems going forwards given its status in backwards compatibility and depending on whether Debian uses something other than GnuPG going forwards. SHA-512 also requires significantly more CPU cycles as well and can be too much for smaller devices. Is Debian planning on a smart phone or tablet? > c) should this become a general system-wide goal to audit and increase > crypto-strength in all parts of jessie / future Debian versions? The comments in the bug indicate that NIST has a directive to replace SHA1 with something else by 2010? I don't know what all that includes but Microsoft is still using SHA1 which means that if Microsoft is included the directive is hopeless. Here we are three years later and people are stubbornly refusing to shift away from SHA1. I can remember when kernel.org was hacked into and they stated that they had used super secure SHA1. That is kind of like the two radar technicians in Tora Tora Tora. The first notes a huge formation coming in from the north. The second whines about going to eat and the lieutenant they call the observation into into told them not to worry about it. The argument that SHA1 just isn't as robust seems to me to be the same type of argument as the one to ignore that radar warning. We all know what happened on that one don't we? Pearl Harbor and the US was sucked into World War II whether they wanted to be in it or not. In trying to understand the resistance to moving away from SHA1 you have to understand that it is much more dependent on the personal resistance to change than the technical hassles. But if they do it they should write down all the problems they had and how they solved them in case they have to do it again in the future. The second time around for anything is always much easier than the first. HHH --- Thinking has been suspended indefinitely Anybody caught thinking will be immediately shot! From di44vq at nottheoilrig.com Thu Jun 27 18:55:25 2013 From: di44vq at nottheoilrig.com (Jack Bates) Date: Thu, 27 Jun 2013 09:55:25 -0700 Subject: Transfer subkey to other keyring In-Reply-To: <87hagkdmca.fsf@vigenere.g10code.de> References: <51C9DD9A.3060707@nottheoilrig.com> <87ppv9gqx1.fsf@vigenere.g10code.de> <51CB2C48.4070809@nottheoilrig.com> <87hagkdmca.fsf@vigenere.g10code.de> Message-ID: <51CC6E7D.4080709@nottheoilrig.com> On 27/06/13 12:49 AM, Werner Koch wrote: > On Wed, 26 Jun 2013 20:00, di44vq at nottheoilrig.com said: > >> Thanks Werner, I want to keep my primary key on a separate keyring >> (does this require putting subkeys under a different primary key?) > > No. We use a stub key instead. The command is > > gpg --export-secret-subkeys KEYID >newkey.gpg > > Run that command on a secure box. On your everyday box make sure that > the secret KEYID does not exist and then import newkey.gpg. Thanks Werner, I think that is the command I am running (and that is giving me the error), except that I am using the key id of a subkey, with an exclamation mark, to export just one subkey instead of all the subkeys belonging to the primary key. The subkey with that key id definitely doesn't already exist in the destination keyring, although the destination keyring does already contain a different subkey. I tried to import the new subkey with and without "--import-options merge-only", but in both cases I get the same error: gpg: key 7FABB65F: already in secret keyring gpg: Total number processed: 1 gpg: secret keys read: 1 gpg: secret keys unchanged: 1 From g33plm at gmail.com Sat Jun 29 14:49:57 2013 From: g33plm at gmail.com (Jan Geep) Date: Sat, 29 Jun 2013 12:49:57 +0000 Subject: Smart card works with GPG v1 but not with GPG v2 on Ubuntu Message-ID: hello I have a CryptoStick v1.2 and am trying to get it to work with gpg 2.0.17 on Ubuntu 12.04.2 It works perfectly when I use gpg v14.11 and I am trying to figure out what to do to get gpg2 to work would any people have suggestion? $ /usr/bin/gpg --card-status Application ID ...: B0000000000000000000000000000000 Version ..........: 2.0 Manufacturer .....: ZeitControl Serial number ....: 00999999 Name of cardholder: [not set] Language prefs ...: de Sex ..............: unspecified URL of public key : [not set] Login data .......: [not set] Private DO 1 .....: [not set] Private DO 2 .....: [not set] Signature PIN ....: forced Key attributes ...: 2048R 2048R 2048R Max. PIN lengths .: 32 32 32 PIN retry counter : 3 0 3 Signature counter : 0 Signature key ....: [none] Encryption key....: [none] Authentication key: [none] General key info..: [none] (NB: Application ID / Serial number redacted) Now problem begins if I try to use GPG2 $ /usr/bin/gpg2 --card-status gpg: selecting openpgp failed: Unsupported certificate gpg: OpenPGP card not available: Unsupported certificate $ GPG_AGENT_INFO= gpg2 --card-status gpg-agent[3434]: can't connect to the SCdaemon: IPC connect call failed gpg: OpenPGP card not available: No SmartCard daemon And syslog entries when connecting cryptostick: kernel: [ 1111.106918] usb 3-2: new full-speed USB device number 8 using xhci_hcd kernel: [ 1111.124152] usb 3-2: New USB device found, idVendor=20a0, idProduct=4107 kernel: [ 1111.124160] usb 3-2: New USB device strings: Mfr=1, Product=2, SerialNumber=0 kernel: [ 1111.124164] usb 3-2: Product: Crypto Stick v1.2 kernel: [ 1111.124167] usb 3-2: Manufacturer: German Privacy Foundation kernel: [ 1111.124573] usb 3-2: ep 0x81 - rounding interval to 128 microframes, ep desc says 192 microframes mtp-probe: checking bus 3, device 8: "/sys/devices/pci0000:00/0000:00:14.0/usb3/3-2" mtp-probe: bus: 3, device: 8 was not an MTP device [ 1113.231440] xhci_hcd 0000:00:14.0: WARN Event TRB for slot 7 ep 4 with no TDs queued? [ 1113.231450] xhci_hcd 0000:00:14.0: WARN Event TRB for slot 7 ep 3 with no TDs queued? [ 1113.231454] xhci_hcd 0000:00:14.0: WARN Event TRB for slot 7 ep 2 with no TDs queued? [ 1113.231457] xhci_hcd 0000:00:14.0: WARN Event TRB for slot 7 ep 0 with no TDs queued? -------------- next part -------------- An HTML attachment was scrubbed... URL: From pete at heypete.com Sat Jun 29 17:09:51 2013 From: pete at heypete.com (Pete Stephenson) Date: Sat, 29 Jun 2013 17:09:51 +0200 Subject: Smart card works with GPG v1 but not with GPG v2 on Ubuntu In-Reply-To: References: Message-ID: <51CEF8BF.8010307@heypete.com> On 6/29/2013 2:49 PM, Jan Geep wrote: > hello > > I have a CryptoStick v1.2 and am trying to get it to work with gpg > 2.0.17 on Ubuntu 12.04.2 > > It works perfectly when I use gpg v14.11 and I am trying to figure out > what to do to get gpg2 to work would any people have suggestion? Did you install the libccid and pcscd packages, as described at https://www.crypto-stick.com/start ? If that doesn't work, also try installing the gpgsm package -- for whatever reason, my Crypto Stick didn't work until I installed that package. If the package is removed, the Crypto Stick stops working. This was the case for several Ubuntu and Mint systems, even fresh-from-the-CD systems I created in VMs for testing, though your mileage may vary. Cheers! -Pete From g33plm at gmail.com Sat Jun 29 17:20:47 2013 From: g33plm at gmail.com (Jan Geep) Date: Sat, 29 Jun 2013 15:20:47 +0000 Subject: Smart card works with GPG v1 but not with GPG v2 on Ubuntu In-Reply-To: <51CEF8BF.8010307@heypete.com> References: <51CEF8BF.8010307@heypete.com> Message-ID: On Sat, Jun 29, 2013 at 3:09 PM, Pete Stephenson wrote: > Did you install the libccid and pcscd packages, as described at > https://www.crypto-stick.com/start ? > > If that doesn't work, also try installing the gpgsm package > Thanks Pete, I had the first two installed but not gpgsm, installed it but still no go. $ dpkg -l | egrep 'libccid|pcscd|gpgsm' ii gpgsm 2.0.17-2ubuntu2.12.04.2 GNU privacy guard - S/MIME version ii libccid 1.4.5-1 PC/SC driver for USB CCID smart card readers ii pcscd 1.7.4-2ubuntu2 Middleware to access a smart card using PC/SC (daemon side) -------------- next part -------------- An HTML attachment was scrubbed... URL: From pete at heypete.com Sat Jun 29 17:24:04 2013 From: pete at heypete.com (Pete Stephenson) Date: Sat, 29 Jun 2013 17:24:04 +0200 Subject: Smart card works with GPG v1 but not with GPG v2 on Ubuntu In-Reply-To: References: <51CEF8BF.8010307@heypete.com> Message-ID: <51CEFC14.30502@heypete.com> On 6/29/2013 5:20 PM, Jan Geep wrote: > On Sat, Jun 29, 2013 at 3:09 PM, Pete Stephenson > wrote: > > Did you install the libccid and pcscd packages, as described at > https://www.crypto-stick.com/start ? > > If that doesn't work, also try installing the gpgsm package > > > Thanks Pete, I had the first two installed but not gpgsm, installed it > but still no go. Alas, I'm out of ideas -- it's always worked for me (though it's basically been cargo-cult troubleshooting in my case, as I don't really see why gpgsm would magically make things work as it doesn't seem really related to the Crypto Stick). Hopefully others on the list can be more helpful. Cheers! -Pete From peter at digitalbrains.com Sat Jun 29 19:56:05 2013 From: peter at digitalbrains.com (Peter Lebbing) Date: Sat, 29 Jun 2013 19:56:05 +0200 Subject: Smart card works with GPG v1 but not with GPG v2 on Ubuntu In-Reply-To: <51CEFC14.30502@heypete.com> References: <51CEF8BF.8010307@heypete.com> <51CEFC14.30502@heypete.com> Message-ID: <51CF1FB5.2080406@digitalbrains.com> On 29/06/13 17:24, Pete Stephenson wrote: > as I don't really see why gpgsm would magically make things work as it > doesn't seem really related to the Crypto Stick). On Ubuntu 12.04, the gpgsm package contains the scdaemon, the smart card daemon. So that's understandable that it needs to be installed. On 13.04, they moved it to the separate scdaemon package. GnuPG v1 can work without gpg-agent and scdaemon, but GnuPG v2 cannot. So the problem is somewhere there. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From pete at heypete.com Sat Jun 29 20:13:45 2013 From: pete at heypete.com (Pete Stephenson) Date: Sat, 29 Jun 2013 20:13:45 +0200 Subject: Smart card works with GPG v1 but not with GPG v2 on Ubuntu In-Reply-To: <51CF1FB5.2080406@digitalbrains.com> References: <51CEF8BF.8010307@heypete.com> <51CEFC14.30502@heypete.com> <51CF1FB5.2080406@digitalbrains.com> Message-ID: <51CF23D9.7090004@heypete.com> On 6/29/2013 7:56 PM, Peter Lebbing wrote: > On 29/06/13 17:24, Pete Stephenson wrote: >> as I don't really see why gpgsm would magically make things work as it >> doesn't seem really related to the Crypto Stick). > > On Ubuntu 12.04, the gpgsm package contains the scdaemon, the smart card daemon. > So that's understandable that it needs to be installed. > > On 13.04, they moved it to the separate scdaemon package. Ok, but isn't pcscd the scdaemon? On Ubuntu 12.10 and before I'd install the libccid and pcscd packages and the Crypto Stick still wouldn't work even though scdaemon was installed and configured. The Crypto Stick wouldn't work at all until I installed gpgsm. I admit to being a bit out of date in regards to testing the 13.04 release because I've been a bit too preoccupied with outside stuff to tinker much, but hopefully things have improved. :) Cheers! -Pete From daniel at pocock.com.au Sat Jun 29 21:06:20 2013 From: daniel at pocock.com.au (Daniel Pocock) Date: Sat, 29 Jun 2013 21:06:20 +0200 Subject: Smartcard Linux stack diagram? Message-ID: <51CF302C.5040902@pocock.com.au> I came across this diagram of the stack including OpenSC and GnuPG: https://blog.flameeyes.eu/2011/04/additional-notes-about-the-smartcard-components-diagram Is this still accurate? I notice a couple of small things missing: Scute: it should be a link between gpg-agent and NSS? StrongSWAN: it depends on PKCS#11 directly (not using NSS) The PKCS#11 interface could be labeled "Cryptoki / PKCS#11" I'm thinking about making a slightly more up to date diagram with a slightly different style - but if something else already exists, please feel free to point it out. From cloudpg at informationelle-selbstbestimmung-im-internet.de Sun Jun 30 11:04:23 2013 From: cloudpg at informationelle-selbstbestimmung-im-internet.de (Jens Lechtenboerger) Date: Sun, 30 Jun 2013 11:04:23 +0200 Subject: Smart card works with GPG v1 but not with GPG v2 on Ubuntu In-Reply-To: <51CF23D9.7090004@heypete.com> (Pete Stephenson's message of "Sat, 29 Jun 2013 20:13:45 +0200") References: <51CEF8BF.8010307@heypete.com> <51CEFC14.30502@heypete.com> <51CF1FB5.2080406@digitalbrains.com> <51CF23D9.7090004@heypete.com> Message-ID: <86bo6oufzc.fsf@informationelle-selbstbestimmung-im-internet.de> On Sa, Jun 29 2013, Pete Stephenson wrote: > Ok, but isn't pcscd the scdaemon? No. Actually, I don?t know anything about the Crypto Stick but I?m using an OpenPGP smartcard. I don?t need pcscd at all. In fact, on one of my machines pcscd was installed and interfered with scdaemon. I wrote about what I learned at [1]. My advice: Uninstall pcscd and re-try. Best wishes Jens [1] https://blogs.fsfe.org/jens.lechtenboerger/2013/04/19/how-to-set-up-your-fellowship-card/ From wk at gnupg.org Sun Jun 30 23:40:55 2013 From: wk at gnupg.org (Werner Koch) Date: Sun, 30 Jun 2013 23:40:55 +0200 Subject: Smart card works with GPG v1 but not with GPG v2 on Ubuntu In-Reply-To: <86bo6oufzc.fsf@informationelle-selbstbestimmung-im-internet.de> (Jens Lechtenboerger's message of "Sun, 30 Jun 2013 11:04:23 +0200") References: <51CEF8BF.8010307@heypete.com> <51CEFC14.30502@heypete.com> <51CF1FB5.2080406@digitalbrains.com> <51CF23D9.7090004@heypete.com> <86bo6oufzc.fsf@informationelle-selbstbestimmung-im-internet.de> Message-ID: <87a9m7b7ko.fsf@vigenere.g10code.de> On Sun, 30 Jun 2013 11:04, cloudpg at informationelle-selbstbestimmung-im-internet.de said: > No. Actually, I don?t know anything about the Crypto Stick but I?m > using an OpenPGP smartcard. I don?t need pcscd at all. In fact, on However, you need make to sure that scdaemon has the permission to write to the smartCard reader USB device. This is a matter of Proper Hotplug/udev/systemd/whatever configuration. Pcscd runs as root an thus you won't run into permission problems. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.