From dkbryant at gmail.com  Wed May  1 06:47:33 2019
From: dkbryant at gmail.com (Dan Bryant)
Date: Tue, 30 Apr 2019 23:47:33 -0500
Subject: Ideas on raising donations for GnuPG, Gpg4win, and g10 code
Message-ID: <CAAUFj11y02EhAH_UJOnW-kUgZC4+1XmVVm1RPxmuV8fQ-rBFUA@mail.gmail.com>

I was on Amazon Smile today and noticed quite a few FOSS projects were
available to select as the source of my amazon shopping proceeds.
Also thought that registering gnupg.org, gpg4win.org and g10code.com
in the Brave Rewards program might be an interesting way to allow
GnuPG to accept small concurrency donations.

There may be some legal reasons, or non profit status constraints that
might prevent these organizations from accepting donations through
Smile or Brave, but I thought I would go ahead and make the suggestion
on the chance that it simply hadn't been considered yet.

AmazonSmile: https://org.amazon.com/
BraveRewards: https://publishers.basicattentiontoken.org/


From raubvogel at gmail.com  Wed May  1 15:22:27 2019
From: raubvogel at gmail.com (Mauricio Tavares)
Date: Wed, 1 May 2019 09:22:27 -0400
Subject: Ideas on raising donations for GnuPG, Gpg4win, and g10 code
In-Reply-To: <CAAUFj11y02EhAH_UJOnW-kUgZC4+1XmVVm1RPxmuV8fQ-rBFUA@mail.gmail.com>
References: <CAAUFj11y02EhAH_UJOnW-kUgZC4+1XmVVm1RPxmuV8fQ-rBFUA@mail.gmail.com>
Message-ID: <CAHEKYV5S_aiBGksKqkxDnM1i6mVOFPyNrB3n5j1yyrgQuG1OUw@mail.gmail.com>

On Wed, May 1, 2019 at 1:50 AM Dan Bryant <dkbryant at gmail.com> wrote:
>
> I was on Amazon Smile today and noticed quite a few FOSS projects were
> available to select as the source of my amazon shopping proceeds.
> Also thought that registering gnupg.org, gpg4win.org and g10code.com
> in the Brave Rewards program might be an interesting way to allow
> GnuPG to accept small concurrency donations.
>
> There may be some legal reasons, or non profit status constraints that
> might prevent these organizations from accepting donations through
> Smile or Brave, but I thought I would go ahead and make the suggestion
> on the chance that it simply hadn't been considered yet.
>
> AmazonSmile: https://org.amazon.com/
> BraveRewards: https://publishers.basicattentiontoken.org/
>
      As far as I know, the Amazon Smile (smile.amazon.com) is for non
profit orgs (I think that means 501(c)3), so if any of the groups you
mentioned are registered as non-profit, it does not take much to add
to amazonsmile. We (trilug.org) did that last year and would be
willing to help.

> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users


From codeguro at gmail.com  Fri May  3 03:32:55 2019
From: codeguro at gmail.com (Tony Lane)
Date: Thu, 2 May 2019 21:32:55 -0400
Subject: safecurve implementations
Message-ID: <2c0228c5-e13a-ab9a-195e-7e05dbea0da1@gmail.com>

I've heard from some old archives...
https://gnupg.org/ftp/blurbs/an-advanced-introduction-to-gnupg.pdf
https://gnupg.org/ftp/blurbs/kernel-recipes-2017-modern-key-management.pdf
https://lwn.net/Articles/735840/

And am wondering if or when the Curve448 (Ed448-Goldilocks - 
https://eprint.iacr.org/2015/625.pdf) will be implemented.
It would be nice to have matching the presumed levels of security 
of the standard NIST curves P-384 and P-521. From the sources I've
read it seems like this was on the books. I know that TLS has already
implemented it into their standards in 2017. When can we expect GnuPG
to step up?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 321 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190502/ed1045fc/attachment.sig>

From wk at gnupg.org  Fri May  3 15:44:26 2019
From: wk at gnupg.org (Werner Koch)
Date: Fri, 03 May 2019 15:44:26 +0200
Subject: Enforcing password complexity for private keys
In-Reply-To: <FE640438-D96C-4E80-9AE5-E2282C04FFE2@gmail.com> (David Milet's
 message of "Tue, 30 Apr 2019 06:55:07 -0400")
References: <FE640438-D96C-4E80-9AE5-E2282C04FFE2@gmail.com>
Message-ID: <874l6b64at.fsf@wheatstone.g10code.de>

On Tue, 30 Apr 2019 06:55, david.milet at gmail.com said:

> We?re considering rolling out GnuPG at work for developers to sign git commits.
> How can we prevent developers from choosing a trivial password?

You can't but it is not a problem.  The passphrase is used to protect
the private key in case it ever leaks.  It is not a security measure but
a failstop mechanism.  You should use that on a laptop which can easily
get lost.  However, over there you might already use disk encryption and
thus your private key is reasonable safe.  As always it is a question of
your threat model.

On any box without easy physical access, attackers first install a
software keyboard sniffer which is a standard part of all remote attack
software.  The attacker only needs to wait until you enter the
passphrase and can then use your key and data at their own discretion.

Signing commit is a very good idea because it helps to detect the
compromised machine after an incident.  Using on-disk keys may defeats
that because an attacker could mix up the signing keys and comprimised
machines.  Whether the on-disk key has a string passphrase or none does
not matter (keyboard sniffer).

I would suggest to use a token instead because it does not compromise
the key and it is always clear which token was used to sign a commit.
Of course an attacker can also trick the developer into using that token
to sign a certain commit but that requires that the token is plugged in
and the PIN has been entered.  With tokens you may not even need to roll
out a new keys to all developers, because, they keys, themselves are not
compromised.

> Is there a way for GnuPG to enforce some password complexity on the
> private keys?

If you don't want to go with a token but a strong passphrase gpg-agent
provides these options:

       --min-passphrase-len N
       
              Set the minimal length of a passphrase.  When entering a
              new passphrase shorter than this value a warning will be
              displayed.  Defaults to 8.

       --min-passphrase-nonalpha N
       
              Set the minimal number of digits or special characters
              required in a passphrase.  When entering a new passphrase
              with less than this number of digits or special characters
              a warning will be displayed.  Defaults to 1.

      --check-passphrase-pattern FILE
      
              Check the passphrase against the pattern given in file.
              When entering a new passphrase matching one of these
              pattern a warning will be displayed.  FILE should be an
              absolute filename.  The default is not to use any pattern
              file.

              Security note: It is known that checking a passphrase
              against a list of pattern or even against a complete
              dictionary is not very effective to enforce good
              passphrases.  Users will soon figure up ways to bypass
              such a policy.  A better policy is to educate users on
              good security behavior and optionally to run a passphrase
              cracker regularly on all users passphrases to catch the
              very simple ones.


> Is that something that a Yubikey could do? 

Use ECC keys with Yubikeys or use a Gnuk based token like the original
Gnuk token or one from another venodor like Nitrokey.  I use a GnuK
token with an ed25519 signing key to sign my commits.  IMHO, token based
4k RSA keys are too slow for regular work.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190503/95a3d3f2/attachment.sig>

From mtg at gnu.org  Sat May  4 04:24:54 2019
From: mtg at gnu.org (Mike Gerwitz)
Date: Fri, 03 May 2019 22:24:54 -0400
Subject: Enforcing password complexity for private keys
In-Reply-To: <874l6b64at.fsf@wheatstone.g10code.de> (Werner Koch's message of
 "Fri, 03 May 2019 15:44:26 +0200")
References: <FE640438-D96C-4E80-9AE5-E2282C04FFE2@gmail.com>
 <874l6b64at.fsf@wheatstone.g10code.de>
Message-ID: <87o94j2byh.fsf@gnu.org>

On Fri, May 03, 2019 at 15:44:26 +0200, Werner Koch wrote:
> Use ECC keys with Yubikeys or use a Gnuk based token like the original
> Gnuk token or one from another venodor like Nitrokey.  I use a GnuK
> token with an ed25519 signing key to sign my commits.  IMHO, token based
> 4k RSA keys are too slow for regular work.

FWIW I use a 4096 bit RSA key on a Nitrokey Pro (a model that's a couple
years old) and the total time of PIN entry + signing averages
~5s.  While it is certainly a noticeable delay, I don't find it
burdensome for operations like signing mail and commits, and I'll sign
sometimes dozens of times per day, with forced pinentry.

I'm not suggesting that RSA be used instead of ECC; my token just
doesn't support it.  But newer Nitrokeys do.  I'll likely switch
eventually.

-- 
Mike Gerwitz
Free Software Hacker+Activist | GNU Maintainer & Volunteer
GPG: D6E9 B930 028A 6C38 F43B  2388 FEF6 3574 5E6F 6D05
https://mikegerwitz.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 818 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190503/012081a6/attachment.sig>

From sac at 300baud.de  Sun May  5 12:12:05 2019
From: sac at 300baud.de (Stefan Claas)
Date: Sun, 5 May 2019 12:12:05 +0200
Subject: ProtonMail and Anonymity
Message-ID: <20190505121014.06cab2fe@pitti.ddsn.net>

Hi all,

appologies for posting this, but I think it could
be of interest for GnuPG users, because ProtoMail
uses the OpenPGP protocol too.

Some of you may have signed up with ProtonMail and
enjoy the service, due to it's ease of use and they
think they are anonymous, when using this service.

At least ProtonMail says so on their main page.

I have a different understanding of what anonymous
email is, because not only PGP usage but also the
use of anonymous email services is a hobby of mine
which I use since the mid 90's.

O.k. lets get started with a little test (I did a
while ago):

Fire up Tor browser and register at the ProtonMail
site for a free email account and use as a user
name a string from random.org.

https://www.random.org/strings/

When ProtonMail ask you for verification (...????)
of your email account select SMS and use as
SMS service a free one like:

https://miracletele.com/sms/?fbclid=IwAR2hQ2rZ2vyyXylupj3JhJT4AWu4V4CEjX3ACvRSpryD5cMBreoW4La03qE

I just choose for a new test, which I did a couple
of minutes ago, Poland and received there the SMS

https://miracletele.com/sms/receive/PL

After entering the required verification
code ProtonMail says that either the email
address or the phone number is already taken
and then denies the account creation.

Since the user name string can't be taken
already it tells me that they keep track
of SMS numbers.

If you choose for example the U.S. SMS
number then ProtonMail says that this
number was used to many times and also
denies the account creation.

To come to an end, I do consider this
verification procedure *not* anonymous
and wonder why ProtonMail does not use
captchas to see if a human registers.

Regards
Stefan











From codeguro at gmail.com  Sun May  5 17:22:56 2019
From: codeguro at gmail.com (Tony Lane)
Date: Sun, 5 May 2019 11:22:56 -0400
Subject: ProtonMail and Anonymity
In-Reply-To: <20190505121014.06cab2fe@pitti.ddsn.net>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
Message-ID: <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>

Isn't it obvious?
If ProtonMail is forcing you to sign up and use 
an SMS registered to your cellphone then clearly
it's in their interest to collect cellphone numbers.

They're probably selling this information just like
facebook and so many other data-mining corporations.
After all, they have to fund it somehow.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 321 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190505/4cfd5cf7/attachment-0001.sig>

From sac at 300baud.de  Sun May  5 19:36:11 2019
From: sac at 300baud.de (Stefan Claas)
Date: Sun, 5 May 2019 19:36:11 +0200
Subject: ProtonMail and Anonymity
In-Reply-To: <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
Message-ID: <20190505193602.41827424.sac@300baud.de>

On Sun, 5 May 2019 11:22:56 -0400
Tony Lane <codeguro at gmail.com> wrote:

> Isn't it obvious?

I don't think so! Users new to privacy related
services may think when visiting the ProtonMail
site that they are anonymous, when seeing their
main page:

https://protonmail.com/

Regards
Stefan


From jrallen at runbox.com  Sun May  5 20:32:20 2019
From: jrallen at runbox.com (Jeff Allen)
Date: Sun, 5 May 2019 14:32:20 -0400
Subject: ProtonMail and Anonymity
In-Reply-To: <20190505193602.41827424.sac@300baud.de>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
 <20190505193602.41827424.sac@300baud.de>
Message-ID: <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>

On 5/5/19 1:36 PM, Stefan Claas wrote:
> On Sun, 5 May 2019 11:22:56 -0400
> Tony Lane <codeguro at gmail.com> wrote:
> 
>> Isn't it obvious?
> 
> I don't think so! Users new to privacy related
> services may think when visiting the ProtonMail
> site that they are anonymous, when seeing their
> main page:
> 
> https://protonmail.com/
> 

I suppose like anything else it all comes down to whether you believe
them or not.  I do.

Here is ProtonMail's explanation of what they do with the personally
identifiable information collected during registration:

"If you are presented with Email or SMS verification, we only save a
cryptographic hash of your email or phone number which is not
permanently associated with the account that you create. Because hash
functions are one way functions, it is impossible to derive your phone
number or email from that hash. However, using the same phone number
will result in obtaining the same cryptographic hash, so by comparing
hashes, we can detect re-use of phone number or email addresses for
human verification."

The reasons behind ProtonMail signup procedures are more fully expained
at https://protonmail.com/support/knowledge-base/human-verification/

HTH,

Jeff

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4052 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190505/ee1dc91f/attachment.bin>

From mgorny at gentoo.org  Sun May  5 22:20:58 2019
From: mgorny at gentoo.org (=?UTF-8?Q?Micha=C5=82_G=C3=B3rny?=)
Date: Sun, 05 May 2019 22:20:58 +0200
Subject: ProtonMail and Anonymity
In-Reply-To: <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
 <20190505193602.41827424.sac@300baud.de>
 <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>
Message-ID: <9d8eb962c72e9b90a4dea34d3d2035b6c5eae89e.camel@gentoo.org>

On Sun, 2019-05-05 at 14:32 -0400, Jeff Allen wrote:
> On 5/5/19 1:36 PM, Stefan Claas wrote:
> > On Sun, 5 May 2019 11:22:56 -0400
> > Tony Lane <codeguro at gmail.com> wrote:
> > 
> > > Isn't it obvious?
> > 
> > I don't think so! Users new to privacy related
> > services may think when visiting the ProtonMail
> > site that they are anonymous, when seeing their
> > main page:
> > 
> > https://protonmail.com/
> > 
> 
> I suppose like anything else it all comes down to whether you believe
> them or not.  I do.
> 
> Here is ProtonMail's explanation of what they do with the personally
> identifiable information collected during registration:
> 
> "If you are presented with Email or SMS verification, we only save a
> cryptographic hash of your email or phone number which is not
> permanently associated with the account that you create. Because hash
> functions are one way functions, it is impossible to derive your phone
> number or email from that hash. However, using the same phone number
> will result in obtaining the same cryptographic hash, so by comparing
> hashes, we can detect re-use of phone number or email addresses for
> human verification."
> 

Don't you think that brute-forcing a hash of a phone number would be
trivial?

-- 
Best regards,
Micha? G?rny




From mirimir at riseup.net  Mon May  6 02:16:12 2019
From: mirimir at riseup.net (Mirimir)
Date: Sun, 5 May 2019 17:16:12 -0700
Subject: ProtonMail and Anonymity
In-Reply-To: <20190505121014.06cab2fe@pitti.ddsn.net>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
Message-ID: <8ee0e697-c55a-0f33-62ea-16bd86666209@riseup.net>

On 05/05/2019 03:12 AM, Stefan Claas wrote:
> Hi all,
> 
> appologies for posting this, but I think it could
> be of interest for GnuPG users, because ProtoMail
> uses the OpenPGP protocol too.
> 
> Some of you may have signed up with ProtonMail and
> enjoy the service, due to it's ease of use and they
> think they are anonymous, when using this service.
> 
> At least ProtonMail says so on their main page.
> 
> I have a different understanding of what anonymous
> email is, because not only PGP usage but also the
> use of anonymous email services is a hobby of mine
> which I use since the mid 90's.
> 
> O.k. lets get started with a little test (I did a
> while ago):
> 
> Fire up Tor browser and register at the ProtonMail
> site for a free email account and use as a user
> name a string from random.org.
> 
> https://www.random.org/strings/
> 
> When ProtonMail ask you for verification (...????)
> of your email account select SMS and use as
> SMS service a free one like:

Well of course that's not anonymous!

So what you do, if you want ~anonymity, is to use their Tor onion site.
That doesn't ask for anything beyond an email address.

<SNIP>


From sac at 300baud.de  Mon May  6 06:52:10 2019
From: sac at 300baud.de (Stefan Claas)
Date: Mon, 6 May 2019 06:52:10 +0200
Subject: ProtonMail and Anonymity
In-Reply-To: <8ee0e697-c55a-0f33-62ea-16bd86666209@riseup.net>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <8ee0e697-c55a-0f33-62ea-16bd86666209@riseup.net>
Message-ID: <20190506065210.76b3b899.sac@300baud.de>

Am Sun, 5 May 2019 17:16:12 -0700
schrieb Mirimir <mirimir at riseup.net>:

> Well of course that's not anonymous!
> 
> So what you do, if you want ~anonymity, is to use their Tor onion
> site. That doesn't ask for anything beyond an email address.


Assuming that this is their real .onion address, I just tried that. 

https://protonirockerxow.onion/login and got this:

Are you human?

To fight spam, please verify you are human.

Your email or phone number will not be linked to the account created.
It is only used during the signup process. A hash will be saved to
prevent abuse of the ProtonMail systems. (Why is this required?)

SMS
Donate

Now my question for privacy experts ... Would you give away your
mobile phone number when using Tor ???

Regards
Stefan






From mirimir at riseup.net  Mon May  6 07:07:57 2019
From: mirimir at riseup.net (Mirimir)
Date: Sun, 5 May 2019 22:07:57 -0700
Subject: ProtonMail and Anonymity
In-Reply-To: <20190506065210.76b3b899.sac@300baud.de>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <8ee0e697-c55a-0f33-62ea-16bd86666209@riseup.net>
 <20190506065210.76b3b899.sac@300baud.de>
Message-ID: <33d67899-6498-2fc8-a5c4-60577b31dd19@riseup.net>

On 05/05/2019 09:52 PM, Stefan Claas wrote:
> Am Sun, 5 May 2019 17:16:12 -0700
> schrieb Mirimir <mirimir at riseup.net>:
> 
>> Well of course that's not anonymous!
>>
>> So what you do, if you want ~anonymity, is to use their Tor onion
>> site. That doesn't ask for anything beyond an email address.
> 
> 
> Assuming that this is their real .onion address, I just tried that. 
> 
> https://protonirockerxow.onion/login and got this:
> 
> Are you human?
> 
> To fight spam, please verify you are human.
> 
> Your email or phone number will not be linked to the account created.
> It is only used during the signup process. A hash will be saved to
> prevent abuse of the ProtonMail systems. (Why is this required?)
> 
> SMS
> Donate

Huh. I've created a few ProtonMail accounts using their onion, and don't
recall ever being asked for a mobile number. Most recently, a few weeks
ago. But maybe this is a recent change. ProtonMail has become quite the
go-to place for trolls and worse, so maybe they've gotten too many
complaints.

Try CockMail's onion, perhaps ;)

> Now my question for privacy experts ... Would you give away your
> mobile phone number when using Tor ???

Of course not. But you can lease a SIM from https://speedyverify.com/,
and pay in mixed Bitcoin, all via Tor. They use real SIMs, hosted in the
Philippines.

> Regards
> Stefan
> 
> 
> 
> 
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
> 


From sac at 300baud.de  Mon May  6 07:15:06 2019
From: sac at 300baud.de (Stefan Claas)
Date: Mon, 6 May 2019 07:15:06 +0200
Subject: ProtonMail and Anonymity
In-Reply-To: <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
 <20190505193602.41827424.sac@300baud.de>
 <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>
Message-ID: <20190506071455.5410f855.sac@300baud.de>

Am Sun, 5 May 2019 14:32:20 -0400
schrieb Jeff Allen <jrallen at runbox.com>:

> On 5/5/19 1:36 PM, Stefan Claas wrote:
> > On Sun, 5 May 2019 11:22:56 -0400
> > Tony Lane <codeguro at gmail.com> wrote:
> >   
> >> Isn't it obvious?  
> > 
> > I don't think so! Users new to privacy related
> > services may think when visiting the ProtonMail
> > site that they are anonymous, when seeing their
> > main page:
> > 
> > https://protonmail.com/
> >   
> 
> I suppose like anything else it all comes down to whether you believe
> them or not.  I do.

[snip]

Well, I just asked myself ...

What is the purpose behind an unlinked hash. 

A spammer using their system, without a hash function
could send successfully spam to other users, because
ProtonMail is not blacklisted. When that happens a
user receiving this spam can report that, so that
actions can be taken. This of course requires then
a bit of work, at the ProtonMail site, to remove
the spammers account.

Why do they use unlinked hashes? If I could sign up
anonymously the hash could also be linked to my account
and even if thousands of people have the same hash they
could remove the spammers account.

Should an unlinked hash protect users from a powerful
adversary? O.k. people can now laugh at me, because
I am no programmer nor cryptographer or math-geek. My
assumption is that a powerful adversary has a list of
all global mobile phone numbers, computes quickle the
hashes for them and saves them also in a database.

How long does it take to find in a database the correct
hash for a given number ...

Regards
Stefan


From sac at 300baud.de  Mon May  6 07:28:13 2019
From: sac at 300baud.de (Stefan Claas)
Date: Mon, 6 May 2019 07:28:13 +0200
Subject: ProtonMail and Anonymity
In-Reply-To: <33d67899-6498-2fc8-a5c4-60577b31dd19@riseup.net>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <8ee0e697-c55a-0f33-62ea-16bd86666209@riseup.net>
 <20190506065210.76b3b899.sac@300baud.de>
 <33d67899-6498-2fc8-a5c4-60577b31dd19@riseup.net>
Message-ID: <20190506072813.7cf6f79d.sac@300baud.de>

Am Sun, 5 May 2019 22:07:57 -0700
schrieb Mirimir <mirimir at riseup.net>:

> Of course not. But you can lease a SIM from https://speedyverify.com/,
> and pay in mixed Bitcoin, all via Tor. They use real SIMs, hosted in
> the Philippines.

Thanks a lot for this valuable privacy tip, much appreciated!

Regards
Stefan



From guru at unixarea.de  Mon May  6 07:26:50 2019
From: guru at unixarea.de (Matthias Apitz)
Date: Mon, 6 May 2019 07:26:50 +0200
Subject: ProtonMail and Anonymity
In-Reply-To: <20190506071455.5410f855.sac@300baud.de>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
 <20190505193602.41827424.sac@300baud.de>
 <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>
 <20190506071455.5410f855.sac@300baud.de>
Message-ID: <20190506052650.GA3243@c720-r342378>

El d?a lunes, mayo 06, 2019 a las 07:15:06a. m. +0200, Stefan Claas escribi?:

> > > https://protonmail.com/
> > >   
> > 
> > I suppose like anything else it all comes down to whether you believe
> > them or not.  I do.
> 
> [snip]
> 
> Well, I just asked myself ...
> 
> What is the purpose behind an unlinked hash. 
> 
> ....

Well, I'm asking myself: What has all this thread to do with GnuPG?

	matthias


-- 
Matthias Apitz, ? guru at unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub
May, 9: ???????? ????????????! Thank you very much, Russian liberators!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190506/1a29c0a2/attachment.sig>

From oscar at spindel.tax  Mon May  6 07:16:39 2019
From: oscar at spindel.tax (Oscar Carlsson)
Date: Mon, 6 May 2019 07:16:39 +0200
Subject: ProtonMail and Anonymity
In-Reply-To: <9d8eb962c72e9b90a4dea34d3d2035b6c5eae89e.camel@gentoo.org>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
 <20190505193602.41827424.sac@300baud.de>
 <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>
 <9d8eb962c72e9b90a4dea34d3d2035b6c5eae89e.camel@gentoo.org>
Message-ID: <20190506071639.cc99d39db117cc700e5aa9cd@spindel.tax>

On Sun, 05 May 2019 22:20:58 +0200
Micha? G?rny <mgorny at gentoo.org> wrote:

> On Sun, 2019-05-05 at 14:32 -0400, Jeff Allen wrote:
> Don't you think that brute-forcing a hash of a phone number would be
> trivial?
>
> --
> Best regards,
> Micha? G?rny
>
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

Hi,

Yes, of course it would be. But then, why would they even bother to
hash it?

This entire conversation is...interesting. If ProtonMail was
interested in selling our data then they chose a very small usergroup
to target, and honestly, that usergroup is too small to prove any real
value of any kind. And they claim they use end to end encryption, so
selling our data would be limited to phone numbers and email
addresses, data which is readily available elsewhere. (given that you
trust their end to end encryption claim)

I'm not a PM user but have been, and I liked their service due to
usability, being able to use sieve filtering and so forth. Had I been
truly paranoid I'd use something else.

--
Oscar


From peter at digitalbrains.com  Mon May  6 11:19:35 2019
From: peter at digitalbrains.com (Peter Lebbing)
Date: Mon, 6 May 2019 11:19:35 +0200
Subject: ProtonMail and Anonymity
In-Reply-To: <20190505121014.06cab2fe@pitti.ddsn.net>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
Message-ID: <6b3e1a02-6d44-6a8c-8d00-45706bc3bdbb@digitalbrains.com>

Hello Stephan,

Something completely different.

What is that link with the binary data in your OP?

I did not click it because I don't know what binary data I'd be handing
to that site. But I see this text on the front page of that site:

> You can also earn FREE TELE TOKENS from our bounty or airdrop programs
> or our referral bonus

I get the ugly feeling this is a referral link. That every time someone
clicks that link of yours, or perhaps only after they use some
functionality there, you get a "referral bonus".

If this is a referral link, I would consider that *extremely* bad form
of you. Made all the worse by you not explaining immediately that it
/is/ a referral link.

Could you please explain what the purpose of the data is? (Even with a
good explanation, I'd consider it basic hygiene to never click such
links, since the explanation cannot be verified).

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190506/a7eb2c9c/attachment.sig>

From raubvogel at gmail.com  Mon May  6 12:17:42 2019
From: raubvogel at gmail.com (Mauricio Tavares)
Date: Mon, 6 May 2019 06:17:42 -0400
Subject: ProtonMail and Anonymity
In-Reply-To: <33d67899-6498-2fc8-a5c4-60577b31dd19@riseup.net>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <8ee0e697-c55a-0f33-62ea-16bd86666209@riseup.net>
 <20190506065210.76b3b899.sac@300baud.de>
 <33d67899-6498-2fc8-a5c4-60577b31dd19@riseup.net>
Message-ID: <CAHEKYV6rYDDUa_pbShFmoQt7BwsJ+Lv5zY0nwK9J6BbxLYOCHw@mail.gmail.com>

On Mon, May 6, 2019 at 1:08 AM Mirimir <mirimir at riseup.net> wrote:
>
> On 05/05/2019 09:52 PM, Stefan Claas wrote:
> > Am Sun, 5 May 2019 17:16:12 -0700
> > schrieb Mirimir <mirimir at riseup.net>:
> >
> >> Well of course that's not anonymous!
> >>
> >> So what you do, if you want ~anonymity, is to use their Tor onion
> >> site. That doesn't ask for anything beyond an email address.
> >
> >
> > Assuming that this is their real .onion address, I just tried that.
> >
> > https://protonirockerxow.onion/login and got this:
> >
> > Are you human?
> >
> > To fight spam, please verify you are human.
> >
> > Your email or phone number will not be linked to the account created.
> > It is only used during the signup process. A hash will be saved to
> > prevent abuse of the ProtonMail systems. (Why is this required?)
> >
> > SMS
> > Donate
>
> Huh. I've created a few ProtonMail accounts using their onion, and don't
> recall ever being asked for a mobile number. Most recently, a few weeks
> ago. But maybe this is a recent change. ProtonMail has become quite the
> go-to place for trolls and worse, so maybe they've gotten too many
> complaints.
>
> Try CockMail's onion, perhaps ;)
>
> > Now my question for privacy experts ... Would you give away your
> > mobile phone number when using Tor ???
>
> Of course not. But you can lease a SIM from https://speedyverify.com/,
> and pay in mixed Bitcoin, all via Tor. They use real SIMs, hosted in the
> Philippines.
>
      Another option is to buy a burner phone and SIM paying cash.
I've seen both available in stores and supermarkets and street stands
in at least 3 countries.

> > Regards
> > Stefan
> >
> >
> >
> >
> >
> > _______________________________________________
> > Gnupg-users mailing list
> > Gnupg-users at gnupg.org
> > http://lists.gnupg.org/mailman/listinfo/gnupg-users
> >
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users


From ullbeking at andrewnesbit.org  Mon May  6 13:21:15 2019
From: ullbeking at andrewnesbit.org (Andrew Luke Nesbit)
Date: Mon, 6 May 2019 12:21:15 +0100
Subject: ProtonMail and Anonymity
In-Reply-To: <CAHEKYV6rYDDUa_pbShFmoQt7BwsJ+Lv5zY0nwK9J6BbxLYOCHw@mail.gmail.com>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <8ee0e697-c55a-0f33-62ea-16bd86666209@riseup.net>
 <20190506065210.76b3b899.sac@300baud.de>
 <33d67899-6498-2fc8-a5c4-60577b31dd19@riseup.net>
 <CAHEKYV6rYDDUa_pbShFmoQt7BwsJ+Lv5zY0nwK9J6BbxLYOCHw@mail.gmail.com>
Message-ID: <01e380e3-40c1-8b45-be2e-556f4e9eb192@andrewnesbit.org>

[I am resending from my list-subscribed email address.]

On 06/05/2019 11:17, Mauricio Tavares wrote:

>       Another option is to buy a burner phone and SIM paying cash.
> I've seen both available in stores and supermarkets and street stands
> in at least 3 countries.

In which countries is this allowed?  In other words, is there a list
oublished online?

In Australia, where I am originally from, you can't do this.  But this
is hardly surprising because Australia is not a privacy-respecting nation.

Andrew
-- 
OpenPGP key: EB28 0338 28B7 19DA DAB0  B193 D21D 996E 883B E5B9


From jrallen at runbox.com  Mon May  6 14:53:14 2019
From: jrallen at runbox.com (Jeff Allen)
Date: Mon, 6 May 2019 08:53:14 -0400
Subject: ProtonMail and Anonymity
In-Reply-To: <9d8eb962c72e9b90a4dea34d3d2035b6c5eae89e.camel@gentoo.org>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
 <20190505193602.41827424.sac@300baud.de>
 <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>
 <9d8eb962c72e9b90a4dea34d3d2035b6c5eae89e.camel@gentoo.org>
Message-ID: <f79e3914-c6ff-04d1-45d1-01f5284e2c69@runbox.com>

On 5/5/19 4:20 PM, Micha? G?rny wrote:
> 
> Don't you think that brute-forcing a hash of a phone number would be
> trivial?
> 

It would be more trivial not to hash the number and say you did.
ProtonMail claims they hash the number and store it unlinked to your
account.  Their stated objective is to prevent the same phone number or
email address from being used to sign up for numerous accounts.  As I
said, I believe them.  You apparently do not.

People who don't trust ProtonMail shouldn't use it.  Why believe them
about end-to-end encryption if you can't trust them?  That would seem to
me to be a bigger concern than how they handle your number or email address.

Jeff


From raubvogel at gmail.com  Mon May  6 15:14:43 2019
From: raubvogel at gmail.com (Mauricio Tavares)
Date: Mon, 6 May 2019 09:14:43 -0400
Subject: ProtonMail and Anonymity
In-Reply-To: <01e380e3-40c1-8b45-be2e-556f4e9eb192@andrewnesbit.org>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <8ee0e697-c55a-0f33-62ea-16bd86666209@riseup.net>
 <20190506065210.76b3b899.sac@300baud.de>
 <33d67899-6498-2fc8-a5c4-60577b31dd19@riseup.net>
 <CAHEKYV6rYDDUa_pbShFmoQt7BwsJ+Lv5zY0nwK9J6BbxLYOCHw@mail.gmail.com>
 <01e380e3-40c1-8b45-be2e-556f4e9eb192@andrewnesbit.org>
Message-ID: <CAHEKYV4LT-PzdT3GxejgwB4x6rfG0E1xKwH0VMFVrSXAzgyBCw@mail.gmail.com>

On 07:21, Mon, May 6, 2019 Andrew Luke Nesbit <ullbeking at andrewnesbit.org
wrote:
>
> [I am resending from my list-subscribed email address.]
>
> On 06/05/2019 11:17, Mauricio Tavares wrote:
>
> >       Another option is to buy a burner phone and SIM paying cash.
> > I've seen both available in stores and supermarkets and street stands
> > in at least 3 countries.
>
> In which countries is this allowed?  In other words, is there a list
> oublished online?
>
      Personal experience US and Switzerland. I was told Canada, Vietnam,
and many African countries. Don't know of a list  though.

> In Australia, where I am originally from, you can't do this.  But this
> is hardly surprising because Australia is not a privacy-respecting nation.
>
> Andrew
> --
> OpenPGP key: EB28 0338 28B7 19DA DAB0  B193 D21D 996E 883B E5B9
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190506/259c3a95/attachment.html>

From peter at digitalbrains.com  Mon May  6 15:30:13 2019
From: peter at digitalbrains.com (Peter Lebbing)
Date: Mon, 6 May 2019 15:30:13 +0200
Subject: ProtonMail and Anonymity
In-Reply-To: <f79e3914-c6ff-04d1-45d1-01f5284e2c69@runbox.com>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
 <20190505193602.41827424.sac@300baud.de>
 <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>
 <9d8eb962c72e9b90a4dea34d3d2035b6c5eae89e.camel@gentoo.org>
 <f79e3914-c6ff-04d1-45d1-01f5284e2c69@runbox.com>
Message-ID: <fcf52a57-affa-c1cd-ef45-61b21ff38bc8@digitalbrains.com>

On 06/05/2019 14:53, Jeff Allen wrote:
> It would be more trivial not to hash the number and say you did.

I think it's a worthwhile thing to point out that they state "because
hash functions are one-way functions, it is impossible to derive your
phone number [...]" without reservations, but that this is a false sense
of security. It is a very limited part of the complete picture, which is
that a Dutch mobile phone number has only 8 varying digits, meaning an
entropy of less than 27 bits, cryptographically laughable. And that an
adversary might not even be interested in reversing the hash at all, but
just to verify that the phone number of their target has been used to
set up a ProtonMail account.

With passphrase hashing, the passphrase should be secret. There's
nothing secret about a phone number or e-mail address. That completely
changes the picture.

For me, it's not so much that I question their methods, it's that I
question their claims. Blanketly stating "it is impossible to derive
your phone number" sounds like security theater to me, and they should
be aware of that if they are the least bit competent. That doesn't sit
well.

I don't expect most of their clients to see through this theater. It is
their job to be open and honest about the consequences of their methods,
so their clients can make an informed choice whether they will go
through with it or not.

My 2 cents,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190506/1122fef6/attachment.sig>

From markr at signal100.com  Mon May  6 14:37:58 2019
From: markr at signal100.com (Mark Rousell)
Date: Mon, 6 May 2019 13:37:58 +0100
Subject: ProtonMail and Anonymity
In-Reply-To: <01e380e3-40c1-8b45-be2e-556f4e9eb192@andrewnesbit.org>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <8ee0e697-c55a-0f33-62ea-16bd86666209@riseup.net>
 <20190506065210.76b3b899.sac@300baud.de>
 <33d67899-6498-2fc8-a5c4-60577b31dd19@riseup.net>
 <CAHEKYV6rYDDUa_pbShFmoQt7BwsJ+Lv5zY0nwK9J6BbxLYOCHw@mail.gmail.com>
 <01e380e3-40c1-8b45-be2e-556f4e9eb192@andrewnesbit.org>
Message-ID: <5CD02AA6.8020307@signal100.com>

On 06/05/2019 12:21, Andrew Luke Nesbit wrote:
> [I am resending from my list-subscribed email address.]
>
> On 06/05/2019 11:17, Mauricio Tavares wrote:
>
>>       Another option is to buy a burner phone and SIM paying cash.
>> I've seen both available in stores and supermarkets and street stands
>> in at least 3 countries.
> In which countries is this allowed?  In other words, is there a list
> oublished online?

Don't know about a list of countries but this is certainly possible in
the UK (for now, at least, until the government freaks out about it).
SIMs are widely available for purchase with no identity requirements and
can very often be topped up anonymously for cash via newsagents. As for
phones, it's been a while since I bought a new phone (although I suspect
that it is still possible to buy them new for cash) but of course second
hand ones are also widely available.


-- 
Mark Rousell

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190506/80b0cf4f/attachment.html>

From markr at signal100.com  Mon May  6 14:43:45 2019
From: markr at signal100.com (Mark Rousell)
Date: Mon, 6 May 2019 13:43:45 +0100
Subject: ProtonMail and Anonymity
In-Reply-To: <6b3e1a02-6d44-6a8c-8d00-45706bc3bdbb@digitalbrains.com>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <6b3e1a02-6d44-6a8c-8d00-45706bc3bdbb@digitalbrains.com>
Message-ID: <5CD02C01.30709@signal100.com>

On 06/05/2019 10:19, Peter Lebbing wrote:
> Hello Stephan,
>
> Something completely different.
>
> What is that link with the binary data in your OP?
>
> I did not click it because I don't know what binary data I'd be handing
> to that site. But I see this text on the front page of that site:
>

I thought that too but it's easy enough to remove the code before going
to the site.

Assuming it is an affiliate tracking link then, to be fair, if you
haven't seen the site before and it's useful to you then it's only
reasonable to help reward the person who introduced you to it. (Although
it would have been nicer for it to be declared openly as an affiliate link).

-- 
Mark Rousell

PGP public key: http://www.signal100.com/markr/pgp
Key ID: C9C5C162
 
 
 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190506/19c05d40/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190506/19c05d40/attachment-0001.sig>

From sac at 300baud.de  Mon May  6 16:08:08 2019
From: sac at 300baud.de (Stefan Claas)
Date: Mon, 6 May 2019 16:08:08 +0200
Subject: ProtonMail and Anonymity
In-Reply-To: <20190506052650.GA3243@c720-r342378>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
 <20190505193602.41827424.sac@300baud.de>
 <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>
 <20190506071455.5410f855.sac@300baud.de>
 <20190506052650.GA3243@c720-r342378>
Message-ID: <20190506160808.6a43614b.sac@300baud.de>

Am Mon, 6 May 2019 07:26:50 +0200
schrieb Matthias Apitz <guru at unixarea.de>:

> Well, I'm asking myself: What has all this thread to do with GnuPG?

I think it is a good idea to post GnuPG related things here
on the ML when it comes also to things or services etc.
using the Openpgp protocol, so that users are aware of how those
services handle privacy,security and anonymity related things
in combination with GnuPG usage. I think it does not hurt and
if someone does not like such content he / she can simply skip
it.

And should'nt the older PGP geeks not post such stuff to educate
the younger generation, whishing to learn such privacy related
things in combination with GnuPG usage?

Regards
Stefan


From sac at 300baud.de  Mon May  6 16:15:46 2019
From: sac at 300baud.de (Stefan Claas)
Date: Mon, 6 May 2019 16:15:46 +0200
Subject: ProtonMail and Anonymity
In-Reply-To: <f79e3914-c6ff-04d1-45d1-01f5284e2c69@runbox.com>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
 <20190505193602.41827424.sac@300baud.de>
 <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>
 <9d8eb962c72e9b90a4dea34d3d2035b6c5eae89e.camel@gentoo.org>
 <f79e3914-c6ff-04d1-45d1-01f5284e2c69@runbox.com>
Message-ID: <20190506161546.0e40e685.sac@300baud.de>

Am Mon, 6 May 2019 08:53:14 -0400
schrieb Jeff Allen <jrallen at runbox.com>:


> People who don't trust ProtonMail shouldn't use it.  

Absolutely! But I think it does not hurt to post
such things to educate PGP users how different
services or software applications etc. handle such
privacy related things, especially when using the
word anonymous. 

I am not sure if you ever used an anonymous email
service, but I think, if, you would agree with me
that ProtonMail's procedure is not anonymous like
real anonymous email services are and therefore they
should IMHO not advertise Anonymity as a feature.

Regards
Stefan


From sac at 300baud.de  Mon May  6 16:39:46 2019
From: sac at 300baud.de (Stefan Claas)
Date: Mon, 6 May 2019 16:39:46 +0200
Subject: ProtonMail and Anonymity
In-Reply-To: <CAHEKYV6rYDDUa_pbShFmoQt7BwsJ+Lv5zY0nwK9J6BbxLYOCHw@mail.gmail.com>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <8ee0e697-c55a-0f33-62ea-16bd86666209@riseup.net>
 <20190506065210.76b3b899.sac@300baud.de>
 <33d67899-6498-2fc8-a5c4-60577b31dd19@riseup.net>
 <CAHEKYV6rYDDUa_pbShFmoQt7BwsJ+Lv5zY0nwK9J6BbxLYOCHw@mail.gmail.com>
Message-ID: <20190506163946.35c5af92.sac@300baud.de>

Am Mon, 6 May 2019 06:17:42 -0400
schrieb Mauricio Tavares <raubvogel at gmail.com>:


>       Another option is to buy a burner phone and SIM paying cash.
> I've seen both available in stores and supermarkets and street stands
> in at least 3 countries.

While I am not using regular proxy servers, I figured out this morning
that when signing up there without Tor usage they allow captchas and
email as verification option.

So when using mailcatch.com, for example, you can then sign-up, because
they send the verification code to mailcatch.com and accept
mailcatch.com as registration email address ...

Maybe I should set-up squid on a VPS and let people register from there,
while keeping no log files. :-D

Regards
Stefan


From markr at signal100.com  Mon May  6 17:17:01 2019
From: markr at signal100.com (Mark Rousell)
Date: Mon, 6 May 2019 16:17:01 +0100
Subject: ProtonMail and Anonymity
In-Reply-To: <20190506163946.35c5af92.sac@300baud.de>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <8ee0e697-c55a-0f33-62ea-16bd86666209@riseup.net>
 <20190506065210.76b3b899.sac@300baud.de>
 <33d67899-6498-2fc8-a5c4-60577b31dd19@riseup.net>
 <CAHEKYV6rYDDUa_pbShFmoQt7BwsJ+Lv5zY0nwK9J6BbxLYOCHw@mail.gmail.com>
 <20190506163946.35c5af92.sac@300baud.de>
Message-ID: <5CD04FED.8060000@signal100.com>

On 06/05/2019 15:39, Stefan Claas wrote:
> Maybe I should set-up squid on a VPS and let people register from there,
> while keeping no log files. :-D

Check your local laws first. I am pretty sure that doing that
(specifically the no logs bit) in the UK would now be a criminal
offence. ;-) This is the same as many other EU countries due to one of
the EU's data retention regulations whose name I've now forgotten.


-- 
Mark Rousell

PGP public key: http://www.signal100.com/markr/pgp
Key ID: C9C5C162
 
 
 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190506/16c639e8/attachment.html>

From raubvogel at gmail.com  Mon May  6 17:27:40 2019
From: raubvogel at gmail.com (Mauricio Tavares)
Date: Mon, 6 May 2019 11:27:40 -0400
Subject: ProtonMail and Anonymity
In-Reply-To: <5CD04FED.8060000@signal100.com>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <8ee0e697-c55a-0f33-62ea-16bd86666209@riseup.net>
 <20190506065210.76b3b899.sac@300baud.de>
 <33d67899-6498-2fc8-a5c4-60577b31dd19@riseup.net>
 <CAHEKYV6rYDDUa_pbShFmoQt7BwsJ+Lv5zY0nwK9J6BbxLYOCHw@mail.gmail.com>
 <20190506163946.35c5af92.sac@300baud.de> <5CD04FED.8060000@signal100.com>
Message-ID: <CAHEKYV5ru6hgo_xj5aRwbqLffaXjV+ohCCsB7fBMZBws4oA9rw@mail.gmail.com>

On Mon, May 6, 2019 at 11:17 AM Mark Rousell <markr at signal100.com> wrote:
>
> On 06/05/2019 15:39, Stefan Claas wrote:
>
> Maybe I should set-up squid on a VPS and let people register from there,
> while keeping no log files. :-D
>
>
> Check your local laws first. I am pretty sure that doing that (specifically the no logs bit) in the UK would now be a criminal offence. ;-) This is the same as many other EU countries due to one of the EU's data retention regulations whose name I've now forgotten.
>
      Going maybe on a tangent, how would those data retention
regulations play with GDPR?
>
> --
> Mark Rousell
>
> PGP public key: http://www.signal100.com/markr/pgp
> Key ID: C9C5C162
>
>
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users


From sac at 300baud.de  Mon May  6 18:07:58 2019
From: sac at 300baud.de (Stefan Claas)
Date: Mon, 6 May 2019 18:07:58 +0200
Subject: ProtonMail and Anonymity
In-Reply-To: <5CD04FED.8060000@signal100.com>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <8ee0e697-c55a-0f33-62ea-16bd86666209@riseup.net>
 <20190506065210.76b3b899.sac@300baud.de>
 <33d67899-6498-2fc8-a5c4-60577b31dd19@riseup.net>
 <CAHEKYV6rYDDUa_pbShFmoQt7BwsJ+Lv5zY0nwK9J6BbxLYOCHw@mail.gmail.com>
 <20190506163946.35c5af92.sac@300baud.de>
 <5CD04FED.8060000@signal100.com>
Message-ID: <20190506180758.50809d70.sac@300baud.de>

Am Mon, 6 May 2019 16:17:01 +0100
schrieb Mark Rousell <markr at signal100.com>:

> On 06/05/2019 15:39, Stefan Claas wrote:
> > Maybe I should set-up squid on a VPS and let people register from
> > there, while keeping no log files. :-D  
> 
> Check your local laws first. I am pretty sure that doing that
> (specifically the no logs bit) in the UK would now be a criminal
> offence. ;-) This is the same as many other EU countries due to one of
> the EU's data retention regulations whose name I've now forgotten.

Thanks for pointing that out! O.k. I do not want to get to off-topic
here but it interests me what would happen if I use a US based server
and a US domain with whois guard? Would ProtonMail really hunt down
a proxy server operator, or let's say other email providers, when
doing such a thing, or would they simply block access from that
domain? I mean it is not a crime to run a proxy server.


Regards
Stefan


From sac at 300baud.de  Mon May  6 19:31:38 2019
From: sac at 300baud.de (Stefan Claas)
Date: Mon, 6 May 2019 19:31:38 +0200
Subject: ProtonMail and Anonymity
In-Reply-To: <20190506065210.76b3b899.sac@300baud.de>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <8ee0e697-c55a-0f33-62ea-16bd86666209@riseup.net>
 <20190506065210.76b3b899.sac@300baud.de>
Message-ID: <20190506193138.24336f85.sac@300baud.de>

Am Mon, 6 May 2019 06:52:10 +0200
schrieb Stefan Claas <sac at 300baud.de>:

> Am Sun, 5 May 2019 17:16:12 -0700
> schrieb Mirimir <mirimir at riseup.net>:
> 
> > Well of course that's not anonymous!
> > 
> > So what you do, if you want ~anonymity, is to use their Tor onion
> > site. That doesn't ask for anything beyond an email address.  
> 
> 
> Assuming that this is their real .onion address, I just tried that. 
> 
> https://protonirockerxow.onion/login and got this:
> 
> Are you human?
> 
> To fight spam, please verify you are human.
> 
> Your email or phone number will not be linked to the account created.
> It is only used during the signup process. A hash will be saved to
> prevent abuse of the ProtonMail systems. (Why is this required?)
> 
> SMS
> Donate
> 
> Now my question for privacy experts ... Would you give away your
> mobile phone number when using Tor ???

In case someone from the ProtonMail team is reading this thread ...

When using Tor for sign-up and using the donate* button I would
suggest support for the crypto currency Monero, so that users
stay anonymous.

*I have learned a while ago that privacy may cost also a bit
of money, even when using Open Source software only.

Regards
Stefan



From markr at signal100.com  Mon May  6 19:44:48 2019
From: markr at signal100.com (Mark Rousell)
Date: Mon, 6 May 2019 18:44:48 +0100
Subject: ProtonMail and Anonymity
In-Reply-To: <CAHEKYV5ru6hgo_xj5aRwbqLffaXjV+ohCCsB7fBMZBws4oA9rw@mail.gmail.com>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <8ee0e697-c55a-0f33-62ea-16bd86666209@riseup.net>
 <20190506065210.76b3b899.sac@300baud.de>
 <33d67899-6498-2fc8-a5c4-60577b31dd19@riseup.net>
 <CAHEKYV6rYDDUa_pbShFmoQt7BwsJ+Lv5zY0nwK9J6BbxLYOCHw@mail.gmail.com>
 <20190506163946.35c5af92.sac@300baud.de> <5CD04FED.8060000@signal100.com>
 <CAHEKYV5ru6hgo_xj5aRwbqLffaXjV+ohCCsB7fBMZBws4oA9rw@mail.gmail.com>
Message-ID: <5CD07290.1040108@signal100.com>

On 06/05/2019 16:27, Mauricio Tavares wrote:
> On Mon, May 6, 2019 at 11:17 AM Mark Rousell <markr at signal100.com> wrote:
>> Check your local laws first. I am pretty sure that doing that (specifically the no logs bit) in the UK would now be a criminal offence. ;-) This is the same as many other EU countries due to one of the EU's data retention regulations whose name I've now forgotten.
>>
>       Going maybe on a tangent, how would those data retention
> regulations play with GDPR?

It would not be a problem for GDPR. GDPR certainly doesn't prohibit all
data retention or usage. If data/metadata/log retention is legally
mandated then this will be allowed for in GDPR.

-- 
Mark Rousell

PGP public key: http://www.signal100.com/markr/pgp
Key ID: C9C5C162
 
 
 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190506/32dc1396/attachment.html>

From peter at digitalbrains.com  Mon May  6 19:46:58 2019
From: peter at digitalbrains.com (Peter Lebbing)
Date: Mon, 6 May 2019 19:46:58 +0200
Subject: ProtonMail and Anonymity
In-Reply-To: <20190506163946.35c5af92.sac@300baud.de>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <8ee0e697-c55a-0f33-62ea-16bd86666209@riseup.net>
 <20190506065210.76b3b899.sac@300baud.de>
 <33d67899-6498-2fc8-a5c4-60577b31dd19@riseup.net>
 <CAHEKYV6rYDDUa_pbShFmoQt7BwsJ+Lv5zY0nwK9J6BbxLYOCHw@mail.gmail.com>
 <20190506163946.35c5af92.sac@300baud.de>
Message-ID: <96f6cca0-eac3-98db-1202-d8c030e9d6cf@digitalbrains.com>

On 06/05/2019 16:39, Stefan Claas wrote:
> Maybe I should set-up squid on a VPS and let people register from there,
> while keeping no log files. :-D

The only purpose of that would be to specifically subvert the intentions
and processes of ProtonMail. They have designed a system which chooses
policy based on the source IP (including a different policy for Tor exit
nodes), and you try to subvert this policy selection, and possibly give
a route for spammers to register on the system.

If you don't like their policies, don't use them. Don't try to work
around the policies they impose on the use of their service. You don't
have a right to the use of their services under your conditions.

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190506/0320496b/attachment-0001.sig>

From markr at signal100.com  Mon May  6 19:55:50 2019
From: markr at signal100.com (Mark Rousell)
Date: Mon, 6 May 2019 18:55:50 +0100
Subject: ProtonMail and Anonymity
In-Reply-To: <20190506180758.50809d70.sac@300baud.de>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <8ee0e697-c55a-0f33-62ea-16bd86666209@riseup.net>
 <20190506065210.76b3b899.sac@300baud.de>
 <33d67899-6498-2fc8-a5c4-60577b31dd19@riseup.net>
 <CAHEKYV6rYDDUa_pbShFmoQt7BwsJ+Lv5zY0nwK9J6BbxLYOCHw@mail.gmail.com>
 <20190506163946.35c5af92.sac@300baud.de> <5CD04FED.8060000@signal100.com>
 <20190506180758.50809d70.sac@300baud.de>
Message-ID: <5CD07526.70100@signal100.com>

On 06/05/2019 17:07, Stefan Claas wrote:
> Thanks for pointing that out! O.k. I do not want to get to off-topic
> here but it interests me what would happen if I use a US based server
> and a US domain with whois guard? Would ProtonMail really hunt down
> a proxy server operator, or let's say other email providers, when
> doing such a thing, or would they simply block access from that
> domain? I mean it is not a crime to run a proxy server.

(a) It's not a crime to run a proxy in the UK or EU[1]. It's just that
there are metadata logging and log-retention requirements if you do so.
(Once again, I apologise because I've lost my notes on all the EU and UK
legislation that may require this. It's findable on DuckDuckGo or the
search engine of your choice of course).

(b) ProtonMail isn't going to hunt down anyone (unless, maybe, they are
forced to by their local law enforcement). They aren't the police and
they're not even based in the EU, so they don't care.

(c) I do not know how the relevant legislation would work if you are a
UK or EU resident but set up your proxy service on hardware based in the
USA or another jurisdiction that does not enforce logging. A careful
reading of the legislation that is relevant to your local jurisdiction
might inform you.


Footnote:-
1: Although I fear that the UK is heading in this direction. That it,
not to outright criminalise proxies or VPNs but to 'regulate', control
and license their use. The cassus belli for this will, I suspect, be
probably very widespread evasion of the forthcoming 'porn block' using
proxies and VPNs.

-- 
Mark Rousell

PGP public key: http://www.signal100.com/markr/pgp
Key ID: C9C5C162
 
 
 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190506/72232417/attachment.html>

From sac at 300baud.de  Mon May  6 20:30:55 2019
From: sac at 300baud.de (Stefan Claas)
Date: Mon, 6 May 2019 20:30:55 +0200
Subject: ProtonMail and Anonymity
In-Reply-To: <5CD07526.70100@signal100.com>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <8ee0e697-c55a-0f33-62ea-16bd86666209@riseup.net>
 <20190506065210.76b3b899.sac@300baud.de>
 <33d67899-6498-2fc8-a5c4-60577b31dd19@riseup.net>
 <CAHEKYV6rYDDUa_pbShFmoQt7BwsJ+Lv5zY0nwK9J6BbxLYOCHw@mail.gmail.com>
 <20190506163946.35c5af92.sac@300baud.de>
 <5CD04FED.8060000@signal100.com>
 <20190506180758.50809d70.sac@300baud.de>
 <5CD07526.70100@signal100.com>
Message-ID: <20190506203055.531fc258.sac@300baud.de>

Am Mon, 6 May 2019 18:55:50 +0100
schrieb Mark Rousell <markr at signal100.com>:

> (a) It's not a crime to run a proxy in the UK or EU[1]. It's just that
> there are metadata logging and log-retention requirements if you do
> so. (Once again, I apologise because I've lost my notes on all the EU
> and UK legislation that may require this. It's findable on DuckDuckGo
> or the search engine of your choice of course).

Thanks for pointing that out! I will do more research on this topic.
 
> (b) ProtonMail isn't going to hunt down anyone (unless, maybe, they
> are forced to by their local law enforcement). They aren't the police
> and they're not even based in the EU, so they don't care.

That is was I am thinking as well, but it does not hurt to ask.

> (c) I do not know how the relevant legislation would work if you are a
> UK or EU resident but set up your proxy service on hardware based in
> the USA or another jurisdiction that does not enforce logging. A
> careful reading of the legislation that is relevant to your local
> jurisdiction might inform you.

I will check that out, because I am currently doing a project
which is similar and it is better to be properly informed than
instead later falling on my nose.

Thanks again for your valuable input, much appreciated!

Regards
Stefan


From 2017-r3sgs86x8e-lists-groups at riseup.net  Wed May  8 01:19:26 2019
From: 2017-r3sgs86x8e-lists-groups at riseup.net (MFPA)
Date: Wed, 8 May 2019 00:19:26 +0100
Subject: ProtonMail and Anonymity
In-Reply-To: <6b3e1a02-6d44-6a8c-8d00-45706bc3bdbb@digitalbrains.com>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <6b3e1a02-6d44-6a8c-8d00-45706bc3bdbb@digitalbrains.com>
Message-ID: <1344354767.20190508001926@my_localhost_LG>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Monday 6 May 2019 at 10:19:35 AM, in
<mid:6b3e1a02-6d44-6a8c-8d00-45706bc3bdbb at digitalbrains.com>, Peter
Lebbing wrote:-



> If this is a referral link, I would consider that
> *extremely* bad form
> of you.

The ?fbclid? parameter looks like a Facebook click identifier. It's a
tracking ploy added to external URLs from the Facebook site, similar
to Google's ?gclid?.

- --
Best regards

MFPA                  <mailto:2017-r3sgs86x8e-lists-groups at riseup.net>

Great minds discuss ideas;
Average minds discuss events;
Small minds discuss people.
-----BEGIN PGP SIGNATURE-----

iNUEARYKAH0WIQSWDIYo1ZL/jN6LsL/g4t7h1sju+gUCXNISfl8UgAAAAAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0OTYw
Qzg2MjhENTkyRkY4Q0RFOEJCMEJGRTBFMkRFRTFENkM4RUVGQQAKCRDg4t7h1sju
+lLvAPkBXb7U5fYH0tE8sxW+Goh6aV5X/ZWnQEPcEtp07mSV+wEA+4Cqxek1og8s
zZxtNBu44xuqLmlMuFhHPAXKBKZ+RwyJApMEAQEKAH0WIQRSX6konxd5jbM7JygT
DfUWES/A/wUCXNISfl8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0NTI1RkE5Mjg5RjE3Nzk4REIzM0IyNzI4MTMw
REY1MTYxMTJGQzBGRgAKCRATDfUWES/A/1X0D/9dJeMq52G25usMWuCBzCLndY/5
CifloqoVwOND5qX2VrPDGJ4mPgPUvqDXUz9SEOMzeCGZgkOMchZ29j45eLippSjc
zWY6nKTB7OE7D8ZMF6TpypXDAdQX8ULemUZOJDvgyb4Xj2yTYYDieQgu6bPivZni
PB9oLIEcaA2h3VXnDYWYrSAITA8YlPKVb/2ocGlv+f3Cu1VZZF119rHFpBrMc436
XcKVybXaYQccUlAyI87vm2GxnGDbnGXIv6dMw2tEhVYHeyjo4iE0wizz+IyKSXfv
H0fXWTskB+rPnHqORUFKoSIZtjTiKg7Y0/IUNCj4Zpr0MkNFs+xImYpCNRvnf1Ae
665t1tWMsmk/nTAmLLK7bLK38do9HmFjIpNZHB/2PZpsfrfyCSmJX4DaWofd1hZg
VXmRz5977o2IeMMwAUuykb+y9Kn30PqSE60Tt/fXBqjTSP5xw83RgJCAzWtGFB6s
d23ZcmOp6VRuHwXLFLjNtuQzPdohTN8OGLM6ZpmQO0ZBc2WB7XOLigs9IGj9qKOZ
+6LftMODff34h7ItKzqDUgpvhJmRMiW1R31VnYuKWtLmPKL7j11LtenyU/mEA3Mh
/U2z6QelkiPjLoSmNpROtJj6VYetqABhXCtXDAuYECP0X4oiaYyDcTQu/ljg0XIZ
VgeUtaRSsOKs0mSylw==
=ep1T
-----END PGP SIGNATURE-----



From sac at 300baud.de  Wed May  8 14:11:49 2019
From: sac at 300baud.de (Stefan Claas)
Date: Wed, 8 May 2019 14:11:49 +0200
Subject: ProtonMail and Anonymity
In-Reply-To: <1344354767.20190508001926@my_localhost_LG>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <6b3e1a02-6d44-6a8c-8d00-45706bc3bdbb@digitalbrains.com>
 <1344354767.20190508001926@my_localhost_LG>
Message-ID: <20190508141112.44d6fbb4.sac@300baud.de>

Am Wed, 8 May 2019 00:19:26 +0100
schrieb MFPA <2017-r3sgs86x8e-lists-groups at riseup.net>:

> The ?fbclid? parameter looks like a Facebook click identifier. It's a
> tracking ploy added to external URLs from the Facebook site, similar
> to Google's ?gclid?.

That's correct, the fbclid parameter is from Facebook. I was careless
and copy / pasted the link from my PGP forum article. I already
appologized to Peter, but forgot to reply here as well.

Regards
Stefan


From cwr at cwrichardson.com  Wed May  8 22:08:22 2019
From: cwr at cwrichardson.com (Christopher W. Richardson)
Date: Wed, 8 May 2019 22:08:22 +0200
Subject: ProtonMail and Anonymity
In-Reply-To: <20190506161546.0e40e685.sac@300baud.de>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
 <20190505193602.41827424.sac@300baud.de>
 <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>
 <9d8eb962c72e9b90a4dea34d3d2035b6c5eae89e.camel@gentoo.org>
 <f79e3914-c6ff-04d1-45d1-01f5284e2c69@runbox.com>
 <20190506161546.0e40e685.sac@300baud.de>
Message-ID: <8AA55BBC-C65F-4C8B-B855-2897412F909B@cwrichardson.com>



> On 6 May 2019, at 16:15, Stefan Claas <sac at 300baud.de <mailto:sac at 300baud.de>> wrote:
> 
> ProtonMail's procedure is not anonymous like
> real anonymous email services

What are some such ?real? anonymous email services?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190508/68938123/attachment.html>

From mirimir at riseup.net  Thu May  9 00:33:10 2019
From: mirimir at riseup.net (Mirimir)
Date: Wed, 8 May 2019 15:33:10 -0700
Subject: ProtonMail and Anonymity
In-Reply-To: <8AA55BBC-C65F-4C8B-B855-2897412F909B@cwrichardson.com>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
 <20190505193602.41827424.sac@300baud.de>
 <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>
 <9d8eb962c72e9b90a4dea34d3d2035b6c5eae89e.camel@gentoo.org>
 <f79e3914-c6ff-04d1-45d1-01f5284e2c69@runbox.com>
 <20190506161546.0e40e685.sac@300baud.de>
 <8AA55BBC-C65F-4C8B-B855-2897412F909B@cwrichardson.com>
Message-ID: <cdad1b3d-879b-3efc-725c-b6e8f27cf4bf@riseup.net>

On 05/08/2019 01:08 PM, Christopher W. Richardson wrote:
> 
> 
>> On 6 May 2019, at 16:15, Stefan Claas <sac at 300baud.de <mailto:sac at 300baud.de>> wrote:
>>
>> ProtonMail's procedure is not anonymous like
>> real anonymous email services
> 
> What are some such ?real? anonymous email services?

Any service that's available as a Tor onion service, and doesn't require
any verification, is about as anonymous as it gets. There aren't many of
those, because they get very popular among jerks. One is cock.li
(cockmailwwfvrtqj.onion). It came out of the chans, and it shows. Tor
Mail and Sigaint were great in their day, but both got taken down. I
could come up with others, but many are ~hobby-level.

ProtonMail is less anonymous for sure. There is a Tor onion service
(protonirockerxow.onion) but it can switch to the clearnet address
during registration. And they do require verification. But you can use a
cock.li address for that. But not an anonbox.net address :(



From codeguro at gmail.com  Thu May  9 00:41:13 2019
From: codeguro at gmail.com (Tony Lane)
Date: Wed, 8 May 2019 18:41:13 -0400
Subject: ProtonMail and Anonymity
In-Reply-To: <cdad1b3d-879b-3efc-725c-b6e8f27cf4bf@riseup.net>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
 <20190505193602.41827424.sac@300baud.de>
 <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>
 <9d8eb962c72e9b90a4dea34d3d2035b6c5eae89e.camel@gentoo.org>
 <f79e3914-c6ff-04d1-45d1-01f5284e2c69@runbox.com>
 <20190506161546.0e40e685.sac@300baud.de>
 <8AA55BBC-C65F-4C8B-B855-2897412F909B@cwrichardson.com>
 <cdad1b3d-879b-3efc-725c-b6e8f27cf4bf@riseup.net>
Message-ID: <9f99f32f-2455-18b0-9373-eebb1f444839@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Or you could just use qmail+GPG with the -R option.
Or heck, just post it the clearnet on some *chan. Isn't the whole point of GPG to hide the content or who it's intended to?
GPG is perfect for this imo
-----BEGIN PGP SIGNATURE-----

iLkEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXNNbCQAKCRDo8fj9gx4T
08U6AgkBU8XYac2+1C/zc6f+MEgit+MmladaKxb8BVP+xb1x3Sj5yi8k9iDStXID
2JdoVgbHmc79I7rgZ42Ab8V/6CCNoroCCQG0IOcaYdL1PPyZGH9EeZ9vCnLd1xNc
J4H7bAoMwLKthOXsE3kkAGFK9YZ9CkZSZ1BQ+dNyrFKuY5mQ2f5Kxl38zw==
=g9RY
-----END PGP SIGNATURE-----


From mirimir at riseup.net  Thu May  9 00:58:28 2019
From: mirimir at riseup.net (Mirimir)
Date: Wed, 8 May 2019 15:58:28 -0700
Subject: ProtonMail and Anonymity
In-Reply-To: <9f99f32f-2455-18b0-9373-eebb1f444839@gmail.com>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
 <20190505193602.41827424.sac@300baud.de>
 <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>
 <9d8eb962c72e9b90a4dea34d3d2035b6c5eae89e.camel@gentoo.org>
 <f79e3914-c6ff-04d1-45d1-01f5284e2c69@runbox.com>
 <20190506161546.0e40e685.sac@300baud.de>
 <8AA55BBC-C65F-4C8B-B855-2897412F909B@cwrichardson.com>
 <cdad1b3d-879b-3efc-725c-b6e8f27cf4bf@riseup.net>
 <9f99f32f-2455-18b0-9373-eebb1f444839@gmail.com>
Message-ID: <d166887c-1285-e530-d227-e6b8b4e27f06@riseup.net>

On 05/08/2019 03:41 PM, Tony Lane wrote:
> Or you could just use qmail+GPG with the -R option.

Seriously, you're recommending that people run their own mail servers?

> Or heck, just post it the clearnet on some *chan. Isn't the whole point of GPG to hide the content or who it's intended to?
> GPG is perfect for this imo

Sure. Or pastebin. But that's not email.


From ryan at digicana.com  Wed May  8 23:49:29 2019
From: ryan at digicana.com (Ryan McGinnis)
Date: Wed, 08 May 2019 21:49:29 +0000
Subject: ProtonMail and Anonymity
In-Reply-To: <8AA55BBC-C65F-4C8B-B855-2897412F909B@cwrichardson.com>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
 <20190505193602.41827424.sac@300baud.de>
 <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>
 <9d8eb962c72e9b90a4dea34d3d2035b6c5eae89e.camel@gentoo.org>
 <f79e3914-c6ff-04d1-45d1-01f5284e2c69@runbox.com>
 <20190506161546.0e40e685.sac@300baud.de>
 <8AA55BBC-C65F-4C8B-B855-2897412F909B@cwrichardson.com>
Message-ID: <JtoUkR29fyCirbfr_mD65EBMxkQOTVgwE-M-7zD43Hl_A5hGcn4-fD2URLI4PzRNrJIEoC1SxKqK8B8SdpcmwUQiqpI4nN1YX-QHJ6952Lo=@digicana.com>

Protonmail is anonymous? if used correctly and if you trust them.? Any user worried about text messages being tied to them could use cash at a place far from where they live with no cameras to buy a burner phone for a one time text message code if they are really that paranoid.?

If Protonmail didn't do some sort of vetting of accounts then it'd literally be infeasible to use because it would be RBL'd to hell and back due to being overrun with spammers.??

?Against typical adversaries.? If you are trying to hide from a powerful nation state willing to expend significant resources to look into you and you are not yourself supported and trained by a nation state's intelligence services, well, good luck with that.

-Ryan McGinnis
PGP: 486ED7AD
Sent with ProtonMail

??????? Original Message ???????
On Wednesday, May 8, 2019 3:08 PM, Christopher W. Richardson <cwr at cwrichardson.com> wrote:

> > On 6 May 2019, at 16:15, Stefan Claas <sac at 300baud.de> wrote:
> > 

> > ProtonMail's procedure is not anonymous like
> > real anonymous email services
> 

> What are some such ?real? anonymous email services?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190508/f8aa9b27/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 855 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190508/f8aa9b27/attachment.sig>

From sac at 300baud.de  Thu May  9 16:34:31 2019
From: sac at 300baud.de (Stefan Claas)
Date: Thu, 9 May 2019 16:34:31 +0200
Subject: ProtonMail and Anonymity
In-Reply-To: <8AA55BBC-C65F-4C8B-B855-2897412F909B@cwrichardson.com>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
 <20190505193602.41827424.sac@300baud.de>
 <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>
 <9d8eb962c72e9b90a4dea34d3d2035b6c5eae89e.camel@gentoo.org>
 <f79e3914-c6ff-04d1-45d1-01f5284e2c69@runbox.com>
 <20190506161546.0e40e685.sac@300baud.de>
 <8AA55BBC-C65F-4C8B-B855-2897412F909B@cwrichardson.com>
Message-ID: <20190509163431.44187e02.sac@300baud.de>

Am Wed, 8 May 2019 22:08:22 +0200
schrieb Christopher W. Richardson <cwr at cwrichardson.com>:

> > On 6 May 2019, at 16:15, Stefan Claas <sac at 300baud.de
> > <mailto:sac at 300baud.de>> wrote:
> > 
> > ProtonMail's procedure is not anonymous like
> > real anonymous email services  
> 
> What are some such ?real? anonymous email services?

Sceptic, eh? :-)

No, seriously ... I will not reveal my knowledge here
publicity on the ML, for good reasons.

However, as soon as time permits I will create a little
.pdf dokument showing the required and reliable resources,
on how power user Bob communicates and how Mac Dummie Alice
communicates, securely and anonymously.

In order to obtain this document you or anybody else
will have to follow some guidelines, which I will
outline here, once the document is available.

I will challenge every GnuPG user, regardless of skill
level to try it out so that they can see that this is a
prooven and reliable method in anonymity circles. Toys
like Enigmail/Thunderbird etc. are not used. You will
need to be comfortable with GnuPG in command line mode.

Regards
Stefan




From sac at 300baud.de  Thu May  9 16:44:18 2019
From: sac at 300baud.de (Stefan Claas)
Date: Thu, 9 May 2019 16:44:18 +0200
Subject: ProtonMail and Anonymity
In-Reply-To: <9f99f32f-2455-18b0-9373-eebb1f444839@gmail.com>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
 <20190505193602.41827424.sac@300baud.de>
 <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>
 <9d8eb962c72e9b90a4dea34d3d2035b6c5eae89e.camel@gentoo.org>
 <f79e3914-c6ff-04d1-45d1-01f5284e2c69@runbox.com>
 <20190506161546.0e40e685.sac@300baud.de>
 <8AA55BBC-C65F-4C8B-B855-2897412F909B@cwrichardson.com>
 <cdad1b3d-879b-3efc-725c-b6e8f27cf4bf@riseup.net>
 <9f99f32f-2455-18b0-9373-eebb1f444839@gmail.com>
Message-ID: <20190509164330.366c1702.sac@300baud.de>

Am Wed, 8 May 2019 18:41:13 -0400
schrieb Tony Lane <codeguro at gmail.com>:

> -----BEGIN PGP SIGNED MESSAGE-----
> Isn't the whole point of GPG to hide the content or who it's intended
> to? 

Well, yes to hide the content, that is true, but the recipient is known
and GnuPG produces the encrypted and armored content in an IMHO
non-optimal way.

In case Werner is reading this thread ..., I kindly request that you
implement for future generations of GnuPG users message padding
and and stealth mode, we had in PGP, back in the mid 90's, so
that procmail and Co. have it more difficult to filter PGP messages.

It could be implemented in gpg.conf, like:

--stealth-mode = true
--padding = integer (like minimum 1024, or 2048 etc.)

Regards
Stefan


From codeguro at gmail.com  Thu May  9 21:28:36 2019
From: codeguro at gmail.com (Tony Lane)
Date: Thu, 9 May 2019 15:28:36 -0400
Subject: ProtonMail and Anonymity
In-Reply-To: <20190509164330.366c1702.sac@300baud.de>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
 <20190505193602.41827424.sac@300baud.de>
 <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>
 <9d8eb962c72e9b90a4dea34d3d2035b6c5eae89e.camel@gentoo.org>
 <f79e3914-c6ff-04d1-45d1-01f5284e2c69@runbox.com>
 <20190506161546.0e40e685.sac@300baud.de>
 <8AA55BBC-C65F-4C8B-B855-2897412F909B@cwrichardson.com>
 <cdad1b3d-879b-3efc-725c-b6e8f27cf4bf@riseup.net>
 <9f99f32f-2455-18b0-9373-eebb1f444839@gmail.com>
 <20190509164330.366c1702.sac@300baud.de>
Message-ID: <82d4d086-2f42-c727-46ba-259f96aeee38@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 5/9/19 10:44 AM, Stefan Claas wrote:
> Am Wed, 8 May 2019 18:41:13 -0400
> schrieb Tony Lane <codeguro at gmail.com>:
> 
>> Isn't the whole point of GPG to hide the content or who it's intended
>> to? 
> 
> Well, yes to hide the content, that is true, but the recipient is known
> and GnuPG produces the encrypted and armored content in an IMHO
> non-optimal way.

Uhh... no.
You can absolutely hide the recipient with the '-R' option in Gnupg.
-----BEGIN PGP SIGNATURE-----

iLgEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXNR/ZAAKCRDo8fj9gx4T
02bCAgkB+2W+DwtY34g6PJdFbESABim2/WOYir+P9hm+24oN6GuwgiQcMGObS539
hjAhi+B1lejvGbltx2xLODj7TPAlQ64CCNSs2F4eYbc9ZRmoKVGeveDd6lMxxdBZ
TBxFKVOmcFB+ug9ocGMXJ5IWC3mA7ksTxqFnGz6w6np5rn+bzLCshjvh
=kFa/
-----END PGP SIGNATURE-----


From sac at 300baud.de  Thu May  9 22:03:28 2019
From: sac at 300baud.de (Stefan Claas)
Date: Thu, 9 May 2019 22:03:28 +0200
Subject: ProtonMail and Anonymity
In-Reply-To: <82d4d086-2f42-c727-46ba-259f96aeee38@gmail.com>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
 <20190505193602.41827424.sac@300baud.de>
 <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>
 <9d8eb962c72e9b90a4dea34d3d2035b6c5eae89e.camel@gentoo.org>
 <f79e3914-c6ff-04d1-45d1-01f5284e2c69@runbox.com>
 <20190506161546.0e40e685.sac@300baud.de>
 <8AA55BBC-C65F-4C8B-B855-2897412F909B@cwrichardson.com>
 <cdad1b3d-879b-3efc-725c-b6e8f27cf4bf@riseup.net>
 <9f99f32f-2455-18b0-9373-eebb1f444839@gmail.com>
 <20190509164330.366c1702.sac@300baud.de>
 <82d4d086-2f42-c727-46ba-259f96aeee38@gmail.com>
Message-ID: <20190509220320.04303fa2.sac@300baud.de>

Am Thu, 9 May 2019 15:28:36 -0400
schrieb Tony Lane <codeguro at gmail.com>:

> Uhh... no.
> You can absolutely hide the recipient with the '-R' option in Gnupg.
> -----BEGIN PGP SIGNATURE-----


Sorry for my bad wording! I was refering to the email recipient, when
using a standard MUA which sends to a regular single email address.

Of course the -R option allows to send to someone and when the mail
arrives the message can then be handed over to the real recipient. ;-)

Regards
Stefan


From mirimir at riseup.net  Fri May 10 02:04:50 2019
From: mirimir at riseup.net (Mirimir)
Date: Thu, 9 May 2019 17:04:50 -0700
Subject: ProtonMail and Anonymity
In-Reply-To: <20190509220320.04303fa2.sac@300baud.de>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
 <20190505193602.41827424.sac@300baud.de>
 <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>
 <9d8eb962c72e9b90a4dea34d3d2035b6c5eae89e.camel@gentoo.org>
 <f79e3914-c6ff-04d1-45d1-01f5284e2c69@runbox.com>
 <20190506161546.0e40e685.sac@300baud.de>
 <8AA55BBC-C65F-4C8B-B855-2897412F909B@cwrichardson.com>
 <cdad1b3d-879b-3efc-725c-b6e8f27cf4bf@riseup.net>
 <9f99f32f-2455-18b0-9373-eebb1f444839@gmail.com>
 <20190509164330.366c1702.sac@300baud.de>
 <82d4d086-2f42-c727-46ba-259f96aeee38@gmail.com>
 <20190509220320.04303fa2.sac@300baud.de>
Message-ID: <b3e29291-024b-94a6-422f-d49e1fa6443f@riseup.net>

On 05/09/2019 01:03 PM, Stefan Claas wrote:
> Am Thu, 9 May 2019 15:28:36 -0400
> schrieb Tony Lane <codeguro at gmail.com>:
> 
>> Uhh... no.
>> You can absolutely hide the recipient with the '-R' option in Gnupg.
>> -----BEGIN PGP SIGNATURE-----
> 
> 
> Sorry for my bad wording! I was refering to the email recipient, when
> using a standard MUA which sends to a regular single email address.
> 
> Of course the -R option allows to send to someone and when the mail
> arrives the message can then be handed over to the real recipient. ;-)
> 
> Regards
> Stefan

Or one can send to alt.anonymous.messages, or wherever. And recipient(s)
can periodically download everything, and simply try decrypting each
message. I don't recall now whether remailer nyms worked exactly that
way. Maybe client apps depended on seeing recipient IDs. Or maybe hashes
of recipient IDs. It's interesting, but doesn't scale well.


From cwr at cwrichardson.com  Fri May 10 02:12:50 2019
From: cwr at cwrichardson.com (Christopher W. Richardson)
Date: Fri, 10 May 2019 08:12:50 +0800
Subject: ProtonMail and Anonymity
In-Reply-To: <20190509163431.44187e02.sac@300baud.de>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
 <20190505193602.41827424.sac@300baud.de>
 <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>
 <9d8eb962c72e9b90a4dea34d3d2035b6c5eae89e.camel@gentoo.org>
 <f79e3914-c6ff-04d1-45d1-01f5284e2c69@runbox.com>
 <20190506161546.0e40e685.sac@300baud.de>
 <8AA55BBC-C65F-4C8B-B855-2897412F909B@cwrichardson.com>
 <20190509163431.44187e02.sac@300baud.de>
Message-ID: <9700B423-7461-4DA7-963F-A4CE659BB25F@cwrichardson.com>



> On 9 May 2019, at 22:34, Stefan Claas <sac at 300baud.de> wrote:
> 
> Am Wed, 8 May 2019 22:08:22 +0200
> schrieb Christopher W. Richardson <cwr at cwrichardson.com>:
> 
>>> On 6 May 2019, at 16:15, Stefan Claas <sac at 300baud.de
>>> <mailto:sac at 300baud.de>> wrote:
>>> 
>>> ProtonMail's procedure is not anonymous like
>>> real anonymous email services  
>> 
>> What are some such ?real? anonymous email services?
> 
> Sceptic, eh? :-)
> 
> However, as soon as time permits I will create a little
> .pdf dokument showing the required and reliable resources
> 
> In order to obtain this document you or anybody else
> will have to follow some guidelines, which I will
> outline here, once the document is available.

I shall patiently await :)

From ben at artfuldodge.io  Fri May 10 15:34:53 2019
From: ben at artfuldodge.io (Ben Edwards)
Date: Fri, 10 May 2019 14:34:53 +0100
Subject: Audit logging for gpg-agent
Message-ID: <665103c0-1be7-b2e2-7fe9-be344e9aed58@artfuldodge.io>

Hi,

Is there any method for logging which keys have been used and for what 
operations via the agent? Essentially I'd like to be able to tail a file 
or attach to a socket to both send off for safe keeping and also do cute 
things like send a notification with libnotify to inform me that 
something just happened etc. I have tried the agent / scdaemon logs and 
they seem unsuitable for this purpose.

Advice gratefully received,

Ben



From sac at 300baud.de  Wed May 15 17:17:14 2019
From: sac at 300baud.de (Stefan Claas)
Date: Wed, 15 May 2019 17:17:14 +0200
Subject: Johnny-You-Are-Fired
Message-ID: <20190515171714.5f731b88.sac@300baud.de>

Hi all,

I have read this in German News and wonder why
MUAs in 2019 are still vulnerable?

https://github.com/RUB-NDS/Johnny-You-Are-Fired/

O.k. I don't have this problem, becaue I switched
to box and base91 armor a while ago, which my friends
and I really like.

https://github.com/rovaughn/box

Regards
Stefan




From andrewg at andrewg.com  Wed May 15 17:27:59 2019
From: andrewg at andrewg.com (Andrew Gallagher)
Date: Wed, 15 May 2019 16:27:59 +0100
Subject: Johnny-You-Are-Fired
In-Reply-To: <20190515171714.5f731b88.sac@300baud.de>
References: <20190515171714.5f731b88.sac@300baud.de>
Message-ID: <7b99dc15-e81d-fe81-ca92-87fe47a75007@andrewg.com>

On 15/05/2019 16:17, Stefan Claas wrote:
> I have read this in German News and wonder why
> MUAs in 2019 are still vulnerable?
> 
> https://github.com/RUB-NDS/Johnny-You-Are-Fired/

Bluntly, because MUAs are designed to accept arbitrary data from random
strangers on the internet and display it to you without question. They
prioritise Getting It Done over Doing It Right, and it's hard to fight
against a baked-in paradigm.

It's like the old proverb about the tourist asking for directions in
Ireland and being told "If I was you, I wouldn't start from here" :-D

-- 
Andrew Gallagher

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190515/301348e5/attachment-0001.sig>

From aaltan.ahmad at gmail.com  Wed May 15 23:37:57 2019
From: aaltan.ahmad at gmail.com (aaltan)
Date: Wed, 15 May 2019 14:37:57 -0700
Subject: Python: interact callback issues
Message-ID: <CAD5GKuVb+FDAfYzwbnStjaq3EfAEdBUtdw+NcFJy_wiUWBa4vA@mail.gmail.com>

Hi All,

I'm trying to use the "keytocard" functionality in the GPGME python
bindings using the "interact" function. However, I can't figure out how to
get the callback to work. My callback does indeed get called, but how do I
return my response? Returning my response to the prompt as a string e.g
"fpr"  or "key 1" or "keytocard" simply causes my whole script to hang. Am
I doing something wrong? You can view the code and output here:
https://pastebin.com/8BzTX5Y9 . It seems like the script just hangs after
returning from the callback the second time...

I'm basically following this structure:
https://github.com/gpg/gpgme/blob/b182838f71d8349d6cd7be9ecfb859b893d09127/lang/python/tests/t-edit.py

Any help much appreciated :)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190515/6eac34c9/attachment.html>

From aaltan.ahmad at gmail.com  Wed May 15 22:32:02 2019
From: aaltan.ahmad at gmail.com (aaltan)
Date: Wed, 15 May 2019 13:32:02 -0700
Subject: Python: interact callback issues
Message-ID: <CAD5GKuXkMQyi3yk+SbNnTkbgG7BF0WCjNi-VG=4hQQeHvBiCiQ@mail.gmail.com>

Hi All,

I'm trying to use the "keytocard" functionality in the GPGME python
bindings using the "interact" function. However, I can't figure out how to
get the callback to work. My callback does indeed get called, but how do I
return my response? Returning my response to the prompt as a string e.g
"fpr"  or "key 1" or "keytocard" simply causes my whole script to hang. Am
I doing something wrong? You can view the code and output here:
https://pastebin.com/8BzTX5Y9 . It seems like the script just hangs after
returning from the callback the second time...

I'm basically following this structure:
https://github.com/gpg/gpgme/blob/b182838f71d8349d6cd7be9ecfb859b893d09127/lang/python/tests/t-edit.py

Any help much appreciated :)

Aaltan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190515/e86693d4/attachment.html>

From aaltan.ahmad at gmail.com  Thu May 16 01:13:15 2019
From: aaltan.ahmad at gmail.com (aaltan)
Date: Wed, 15 May 2019 16:13:15 -0700
Subject: Python: interact callback issues
In-Reply-To: <CAD5GKuVb+FDAfYzwbnStjaq3EfAEdBUtdw+NcFJy_wiUWBa4vA@mail.gmail.com>
References: <CAD5GKuVb+FDAfYzwbnStjaq3EfAEdBUtdw+NcFJy_wiUWBa4vA@mail.gmail.com>
Message-ID: <CAD5GKuWFNg4jWie2yVQ9h002mF_eWhj9+x8Oy-HGHjBBFei38Q@mail.gmail.com>

Update, I found that this works on my system using the C bindings, but not
the Python bindings. Very confusing.

Using the C bindings, I had to put a newline when writing to the fd. I
tried putting a newline at the end of my return value in the callback in
the Python code, and that did not help :( It still just hangs.

(I'm on a Mac, gpgme 1.13.0, gpg (GnuPG/MacGPG2) 2.2.10, libgcrypt 1.8.3)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190515/41ca3d38/attachment.html>

From patrick at enigmail.net  Thu May 16 18:11:27 2019
From: patrick at enigmail.net (Patrick Brunschwig)
Date: Thu, 16 May 2019 18:11:27 +0200
Subject: Johnny-You-Are-Fired
In-Reply-To: <20190515171714.5f731b88.sac__2451.0504024633$1557933567$gmane$org@300baud.de>
References: <20190515171714.5f731b88.sac__2451.0504024633$1557933567$gmane$org@300baud.de>
Message-ID: <43b2bd21-8f78-88a9-56c4-110af03c1f49@enigmail.net>

On 15.05.2019 17:17, Stefan Claas wrote:
> Hi all,
> 
> I have read this in German News and wonder why
> MUAs in 2019 are still vulnerable?
> 
> https://github.com/RUB-NDS/Johnny-You-Are-Fired/

This is mostly a summary of the various failures that were discovered
with EFAIL and shortly thereafter. Most MUAs have been fixed against
these attacks by now.

For example, the tests with Enigmail were performed using version 1.9.8,
which was released almost 2 years ago, that is long before EFAIL was
published. The same is true for most other products.

-Patrick



From sac at 300baud.de  Thu May 16 21:27:01 2019
From: sac at 300baud.de (Stefan Claas)
Date: Thu, 16 May 2019 21:27:01 +0200
Subject: Johnny-You-Are-Fired
In-Reply-To: <43b2bd21-8f78-88a9-56c4-110af03c1f49@enigmail.net>
References: <20190515171714.5f731b88.sac__2451.0504024633$1557933567$gmane$org@300baud.de>
 <43b2bd21-8f78-88a9-56c4-110af03c1f49@enigmail.net>
Message-ID: <20190516212701.3f3313c7.sac@300baud.de>

Am Thu, 16 May 2019 18:11:27 +0200
schrieb Patrick Brunschwig <patrick at enigmail.net>:

> On 15.05.2019 17:17, Stefan Claas wrote:
> > Hi all,
> > 
> > I have read this in German News and wonder why
> > MUAs in 2019 are still vulnerable?
> > 
> > https://github.com/RUB-NDS/Johnny-You-Are-Fired/  
> 
> This is mostly a summary of the various failures that were discovered
> with EFAIL and shortly thereafter. Most MUAs have been fixed against
> these attacks by now.

Are you sure? I remember Efail. Why would the BSI and press publish
then such things recently? I would assume that no one is interested
in old news or summaries regarding Efail.

Regards
Stefan


From patrick at enigmail.net  Fri May 17 17:40:18 2019
From: patrick at enigmail.net (Patrick Brunschwig)
Date: Fri, 17 May 2019 17:40:18 +0200
Subject: Johnny-You-Are-Fired
In-Reply-To: <20190516212701.3f3313c7.sac__20448.30391403$1558034915$gmane$org@300baud.de>
References: <20190515171714.5f731b88.sac__2451.0504024633$1557933567$gmane$org@300baud.de>
 <43b2bd21-8f78-88a9-56c4-110af03c1f49@enigmail.net>
 <20190516212701.3f3313c7.sac__20448.30391403$1558034915$gmane$org@300baud.de>
Message-ID: <72515b2e-ee1a-2dc8-d14b-e9d0087f8865@enigmail.net>

On 16.05.2019 21:27, Stefan Claas wrote:
> Am Thu, 16 May 2019 18:11:27 +0200
> schrieb Patrick Brunschwig <patrick at enigmail.net>:
> 
>> On 15.05.2019 17:17, Stefan Claas wrote:
>>> Hi all,
>>>
>>> I have read this in German News and wonder why
>>> MUAs in 2019 are still vulnerable?
>>>
>>> https://github.com/RUB-NDS/Johnny-You-Are-Fired/  
>>
>> This is mostly a summary of the various failures that were discovered
>> with EFAIL and shortly thereafter. Most MUAs have been fixed against
>> these attacks by now.
> 
> Are you sure? I remember Efail. Why would the BSI and press publish
> then such things recently? I would assume that no one is interested
> in old news or summaries regarding Efail.

I can only speak for Enigmail (and to some degree for Thunderbird).
The errors described where Enigmail is mentioned/affected were all
discovered last spring/summer (i.e. shortly after EFAIL), and were
addressed last year.

-Patrick


From guru at unixarea.de  Sat May 18 10:32:37 2019
From: guru at unixarea.de (Matthias Apitz)
Date: Sat, 18 May 2019 10:32:37 +0200
Subject: GnuPG signature of mails && web.de
Message-ID: <20190518083237.GA3054@c720-r342378>


Hello,

I'm signing my mails with GnuPG (like this one), but a colleague is
claiming that she can't open the mails with some "App WebDe" (I don't
know this and do not have more information). She sent me two screens,
the list view of all mails in her INBOX says (in German) "ciphered mail"
about my mails and when she tries to open them it pops up a screen (in German)

"You still didn't have activated crypt on this device! What do you want todo?
For the activation you need some QR code or the restore code you got when
activating Web."

Any hints I could give her?

Thanks

	matthias
-- 
Matthias Apitz, ? guru at unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub
May, 9: ???????? ????????????! Thank you very much, Russian liberators!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190518/f1a91b69/attachment-0001.sig>

From sac at 300baud.de  Sat May 18 12:15:29 2019
From: sac at 300baud.de (Stefan Claas)
Date: Sat, 18 May 2019 12:15:29 +0200
Subject: GnuPG signature of mails && web.de
In-Reply-To: <20190518083237.GA3054@c720-r342378>
References: <20190518083237.GA3054@c720-r342378>
Message-ID: <20190518121510.49504eae.sac@300baud.de>

Am Sat, 18 May 2019 10:32:37 +0200
schrieb Matthias Apitz <guru at unixarea.de>:

> "You still didn't have activated crypt on this device! What do you
> want todo? For the activation you need some QR code or the restore
> code you got when activating Web."
> 
> Any hints I could give her?

I would politely tell her to RTFM or tell her to ask
Web.de's support. Web.de support, assuming they have
one, should know the solution and help her!

Regards
Stefan


From 2017-r3sgs86x8e-lists-groups at riseup.net  Sat May 18 12:59:00 2019
From: 2017-r3sgs86x8e-lists-groups at riseup.net (MFPA)
Date: Sat, 18 May 2019 11:59:00 +0100
Subject: GnuPG signature of mails && web.de
In-Reply-To: <20190518083237.GA3054@c720-r342378>
References: <20190518083237.GA3054@c720-r342378>
Message-ID: <743572960.20190518115900@my_localhost_LG>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Saturday 18 May 2019 at 9:32:37 AM, in
<mid:20190518083237.GA3054 at c720-r342378>, Matthias Apitz wrote:-



> the list view of all mails in her INBOX says (in
> German) "ciphered mail"
> about my mails

If they are signed and not encrypted, the app is lying.



>  and when she tries to open them it
> pops up a screen (in German)

> "You still didn't have activated crypt on this
> device!
[...]

> Any hints I could give her?

All that a web search gave me was [0]

    Secure mail account
    You can send and receive encrypted e-mails (PGP). Add a PIN code
    to secure your WEB.DE Mail app.


[0] https://play.google.com/store/apps/details?id=de.web.mobile.android.mail&hl=en_US



- --
Best regards

MFPA                  <mailto:2017-r3sgs86x8e-lists-groups at riseup.net>

The problem with trouble-shooting is that trouble shoots back.
-----BEGIN PGP SIGNATURE-----

iNUEARYKAH0WIQSWDIYo1ZL/jN6LsL/g4t7h1sju+gUCXN/lhl8UgAAAAAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0OTYw
Qzg2MjhENTkyRkY4Q0RFOEJCMEJGRTBFMkRFRTFENkM4RUVGQQAKCRDg4t7h1sju
+sj0AQDPl8BHSfT5PQHnkuMceZSv2DTHpiDaNrHo870gU4WHIwD9Fner9T/Ohe1l
gYKyzqndAnwZfVlsNRF/W00BcxSzZwaJApMEAQEKAH0WIQRSX6konxd5jbM7JygT
DfUWES/A/wUCXN/lhl8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0NTI1RkE5Mjg5RjE3Nzk4REIzM0IyNzI4MTMw
REY1MTYxMTJGQzBGRgAKCRATDfUWES/A/2DfD/9oXlu1tk1PuWF4XdIYu2+NXw8z
P4PoEq7wIKx4d+w9SZoc4+bgHJuW/D7WSSZ1EpHl12ES2w8BqAQ/V7FpoqmzxmIL
LviPICj/7ZsG/Rt2zNiS22sOehh2ID/RWgqCqB1OnsEcoZWPSDU+xleShxhXR++t
+FFPNe1XOcIDA4zjrAG+aEC7aISZtjlM+DcUpiu3s0sQ5xR7aItnimV81MxmcHcP
bgV24NZhq3DzVBuOF0TD6Wrtq4Pnnn4kyoTVCLWsMfERjQ9qQJJlVEj6WkIH7Met
tGcyZzeNfwNtO8lR48WLtoriLCfofFu4YHTTpi+8ADYMMkDJdBJTBCISfFTxirLe
ZoItbI5yFiEyI7TQeII1cxc3B1N68iu50KbbBiJkPQDnUWyXRSIWSP/Ve0nxHgS4
aUmY07M6U0Zh8Sk1C33LDZ9Icie6tlUIal+Pl1ceMb0uGM/lCy+GBP+YmBCwB33V
rGKLafPYvVxitPhztEcwonhitQRUz8tUachrJNhvo3nFmIWIbg5yde7YRUFDWDZi
RbNDfKCzfFqnER+2nATM+4DdzrN2/07IcVzAwMuMHRLYeATyH7bVGxv6VXpUwnCp
u+XN1hmC0tzRCeRVz7foFg0rSrqcMM9kIeU6ff04biQnSXTe40GAm2Wl7Kc2hINA
cqcZJQyDirD7gpMfTw==
=AhGa
-----END PGP SIGNATURE-----



From sac at 300baud.de  Sat May 18 17:36:07 2019
From: sac at 300baud.de (Stefan Claas)
Date: Sat, 18 May 2019 17:36:07 +0200
Subject: GnuPG signature of mails && web.de
In-Reply-To: <743572960.20190518115900@my_localhost_LG>
References: <20190518083237.GA3054@c720-r342378>
 <743572960.20190518115900@my_localhost_LG>
Message-ID: <20190518173607.2bc761b4.sac@300baud.de>

Am Sat, 18 May 2019 11:59:00 +0100
schrieb MFPA <2017-r3sgs86x8e-lists-groups at riseup.net>:

> All that a web search gave me was [0]
> 
>     Secure mail account
>     You can send and receive encrypted e-mails (PGP). Add a PIN code
>     to secure your WEB.DE Mail app.
> 
> 
> [0]
> https://play.google.com/store/apps/details?id=de.web.mobile.android.mail&hl=en_US

What he could do, as a gentlemen, is to spend 5 minutes of his
time, create an test account there and play with the options,
so that he can help her first hand.

Regards
Stefan


From guru at unixarea.de  Sun May 19 09:17:02 2019
From: guru at unixarea.de (Matthias Apitz)
Date: Sun, 19 May 2019 09:17:02 +0200
Subject: GnuPG signature of mails && web.de
In-Reply-To: <20190518173607.2bc761b4.sac@300baud.de>
References: <20190518083237.GA3054@c720-r342378>
 <743572960.20190518115900@my_localhost_LG>
Message-ID: <12604073-9705-4c23-a52c-85583e24565b@unixarea.de>

Am Samstag, 18. Mai 2019 17:36:07 CEST schrieb Stefan Claas 
<sac at 300baud.de>:
> Am Sat, 18 May 2019 11:59:00 +0100
> schrieb MFPA <2017-r3sgs86x8e-lists-groups at riseup.net>:
> 
>> All that a web search gave me was [0]
>> 
>>     Secure mail account
>>     You can send and receive encrypted e-mails (PGP). Add a PIN code
>>     to secure your WEB.DE Mail app.
>> 
>> 
>> [0]
>> https://play.google.com/store/apps/details?id=de.web.mobile.android.mail&hl=en_US
> 
> What he could do, as a gentlemen, is to spend 5 minutes of his
> time, create an test account there and play with the options,
> so that he can help her first hand.
> .

I do have for tests a mail account in web.de (and any 3 months they want it 
close due to inactivity), but I don't have that app and no iOs or Android 
gadget.

matthias



-- 
Sent from my Ubuntu phone
http://www.unixarea.de/
NO to the EU! NEIN zur EU!


From sac at 300baud.de  Sun May 19 09:38:24 2019
From: sac at 300baud.de (Stefan Claas)
Date: Sun, 19 May 2019 09:38:24 +0200
Subject: GnuPG signature of mails && web.de
In-Reply-To: <12604073-9705-4c23-a52c-85583e24565b@unixarea.de>
References: <20190518083237.GA3054@c720-r342378>
 <743572960.20190518115900@my_localhost_LG>
 <12604073-9705-4c23-a52c-85583e24565b@unixarea.de>
Message-ID: <20190519093824.05354f07.sac@300baud.de>

Am Sun, 19 May 2019 09:17:02 +0200
schrieb Matthias Apitz <guru at unixarea.de>:

> I do have for tests a mail account in web.de (and any 3 months they
> want it close due to inactivity), but I don't have that app and no
> iOs or Android gadget.

Ah, o.k. Then probably her only choice is to contact support.

Regards
Stefan


From mirimir at riseup.net  Sun May 19 09:59:30 2019
From: mirimir at riseup.net (Mirimir)
Date: Sun, 19 May 2019 00:59:30 -0700
Subject: GnuPG signature of mails && web.de
In-Reply-To: <12604073-9705-4c23-a52c-85583e24565b@unixarea.de>
References: <20190518083237.GA3054@c720-r342378>
 <743572960.20190518115900@my_localhost_LG>
 <12604073-9705-4c23-a52c-85583e24565b@unixarea.de>
Message-ID: <b7c143a2-f2b4-6252-8a65-0e39da88651b@riseup.net>

On 05/19/2019 12:17 AM, Matthias Apitz wrote:
> Am Samstag, 18. Mai 2019 17:36:07 CEST schrieb Stefan Claas
> <sac at 300baud.de>:
>> Am Sat, 18 May 2019 11:59:00 +0100
>> schrieb MFPA <2017-r3sgs86x8e-lists-groups at riseup.net>:
>>
>>> All that a web search gave me was [0]
>>>
>>> ??? Secure mail account
>>> ??? You can send and receive encrypted e-mails (PGP). Add a PIN code
>>> ??? to secure your WEB.DE Mail app.
>>>
>>>
>>> [0]
>>> https://play.google.com/store/apps/details?id=de.web.mobile.android.mail&hl=en_US
>>>
>>
>> What he could do, as a gentlemen, is to spend 5 minutes of his
>> time, create an test account there and play with the options,
>> so that he can help her first hand.
>> .
> 
> I do have for tests a mail account in web.de (and any 3 months they want
> it close due to inactivity), but I don't have that app and no iOs or
> Android gadget.
> 
> matthias

Well, it would take more than a few minutes, but
https://www.android-x86.org/ has ARM ISOs and VirtualBox VMs.


From muredanta at protonmail.com  Tue May 21 04:53:45 2019
From: muredanta at protonmail.com (muredanta)
Date: Tue, 21 May 2019 02:53:45 +0000
Subject: Conflict Due to Multiple Instances of Smart Card Daemon
Message-ID: <j2bPz8qPQiCEWu4eg-E4iUMb7SetP6g1Mg1irqQk27dudRsloOQhpSv1Ow_umlBagMphl7GAsv5ADGbBHwIHbuvbJ9vvvJXDc3VMuHKW0V0=@protonmail.com>

Hello,
I'm building an application that configures smart cards (currently Yubikeys) as OpenPGP cards using GPGME and the gpgme_op_interact() API. In order to provide the functions needed at the user level, I need to engage in several different interactions, most notably some that emulate --card-edit and others with --edit-key. Because the first has no key associated with it, while the second requires a key, the second argument to gpgme_op_interact() is either NULL or a pointer to a gpgme_key_t, respectively.

This seems to be the origin of a problem I am seeing. While the first operations (--card-edit) work fine, when I try to perform the second set of operations (--edit-key), I get an error. At the API level, this manifests as a CARDCTRL 4 response to the gpgme_op_interact() session, meaning that no card is available, though clearly the card is there. If I follow the chain of operations to find out why GNUPG thinks the card is not available, the ultimate source seems to be that, when the initial set of (--card-edit) operations were done, an instance of scdaemon was spawned, and that daemon continues to run even after the operations have finished. Later, when the second set of (--edit-key) operations begin, because the arguments are different (I'm guessing), a second instance of scdaemon is spawned. But this second instance cannot access the card because the first instance still holds some kind of exclusive lock on access to the card. As a result what I get from the second (newer) instance of scdaemon is a message "pcsc_connect failed: sharing violation (0x8010000b).

As a result of this, the only current way to use the API to configure the card is to have the user remove and re-insert the card, and unfortunately depending on the series of operations they want to perform (which could include reading cards, erasing them, configuring them, etc), this can be required multiple times, which obviously isn't ideal, so I wonder if there is a solution?

One possibility would be to arrange things so that the different instances of scdaemon could effectively share access to the card. I see in scd/apdu.c:connect_pcsc_card() that there is an option to pcsc_connect() which is currently set to PCSC_SHARE_EXCLUSIVE, but there are alternatives (PCSC_SHARE_SHARED and PSCS_SHARE_DIRECT).

Another more "violent" option would be if there is some way to force the termination of the first scdaemon instance before begining the next one, say, a call like gpgme_op_interact_cleanup() or something like that.

Or perhaps there is another way that I just haven't seen yet. Do you have any suggestions?

Thanks very much!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190521/e1ffbf5f/attachment-0001.html>

From muredanta at protonmail.com  Wed May 22 02:21:11 2019
From: muredanta at protonmail.com (muredanta)
Date: Wed, 22 May 2019 00:21:11 +0000
Subject: Conflict Due to Multiple Instances of Smart Card Daemon
Message-ID: <3KAqKlwE1epzWli_Hz7QgEe2UCj-CHmgtb-aOExjxqg3p3_rOSZUCfrFz24QlzVcysae0o53Xiyt3yi7Zs1EaRGIMyHUq38x2_eqkI4vAmE=@protonmail.com>

Regarding this, more significant than the Key parameter to gpgme_op_interact() in the two example that I gave being different may be the fact that the home directory set for the underlying gpgme_ctx_t (via the home_dir argument to gpgme_ctx_set_engine_info()) is different. In the case of the --edit-key operations, home_dir points where you would expect, to the home_dir containing the key of interest, and the flags parameter of gpgme_op_interact() is NULL. In the case of --card-edit operations, the home_dir is NULL and the flags parameter is, of course, GPGME_INTERACT_CARD.

In any case, the root issue seems to be that multiple instances of scdaemon are spawned, and that the first one takes, and holds, exclusive access to the card. I've confirmed that after patching scd/apdu.c:connect_pcsc_card() to use PCSC_SHARE_SHARED instead of PCSC_SHARE_EXCLUSIVE, the operations (or at least the ones I've tried) work without requring removal/re-insertion of the card, but presumably such a change has security implications or the original developers would not have used PCSC_SHARE_EXCLUSIVE. So... I don't know if such a change is advisable. Any feedback on that? I'm thinking that it may depend on usage. For example, if there is a dedicated, single-user, air-gapped system used to manage tokens, then perhaps SHARED is not a problem?

Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190522/d2c20325/attachment.html>

From wk at gnupg.org  Thu May 23 11:53:13 2019
From: wk at gnupg.org (Werner Koch)
Date: Thu, 23 May 2019 11:53:13 +0200
Subject: Conflict Due to Multiple Instances of Smart Card Daemon
In-Reply-To: <3KAqKlwE1epzWli_Hz7QgEe2UCj-CHmgtb-aOExjxqg3p3_rOSZUCfrFz24QlzVcysae0o53Xiyt3yi7Zs1EaRGIMyHUq38x2_eqkI4vAmE=@protonmail.com>
 (muredanta via Gnupg-users's message of "Wed, 22 May 2019 00:21:11
 +0000")
References: <3KAqKlwE1epzWli_Hz7QgEe2UCj-CHmgtb-aOExjxqg3p3_rOSZUCfrFz24QlzVcysae0o53Xiyt3yi7Zs1EaRGIMyHUq38x2_eqkI4vAmE=@protonmail.com>
Message-ID: <87v9y15wfq.fsf@wheatstone.g10code.de>

On Wed, 22 May 2019 00:21, gnupg-users at gnupg.org said:

> work without requring removal/re-insertion of the card, but presumably
> such a change has security implications or the original developers
> would not have used PCSC_SHARE_EXCLUSIVE. So... I don't know if such a
> change is advisable. Any feedback on that? I'm thinking that it may

Don't.  We are currently working on autoswitching between different
applications on the card and thus a controlling instance is required.  A
second daemon (ie. using a second GNUPGHOME) on the same reader is thus
not a good idea.

FWIW, scdameon handles several readers just fine.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190523/37dd8850/attachment.sig>

From lansfordarica at gmail.com  Fri May 24 07:34:45 2019
From: lansfordarica at gmail.com (Arica Lansford)
Date: Fri, 24 May 2019 01:34:45 -0400
Subject: No subject
Message-ID: <CACHhj58hqRoWyAyN5OYfQ4ja3p2nvJz3qBdbObXDvXUKKCzrag@mail.gmail.com>

What is this supposed to do
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190524/302b8ee6/attachment.html>

From lansfordarica at gmail.com  Fri May 24 08:49:07 2019
From: lansfordarica at gmail.com (Arica Lansford)
Date: Fri, 24 May 2019 02:49:07 -0400
Subject: No subject
Message-ID: <CACHhj5__8bAHcc8m6gAYoFCRTjDyCTaP-HPT0bwF5msEoGDSZw@mail.gmail.com>

Hi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190524/32b4e6aa/attachment.html>

From lansfordarica at gmail.com  Fri May 24 08:18:13 2019
From: lansfordarica at gmail.com (Arica Lansford)
Date: Fri, 24 May 2019 02:18:13 -0400
Subject: No subject
Message-ID: <CACHhj5--JhOpp4edURrYkcF8mW_Ph7MN-XU8VFs-yQHCAjVCYQ@mail.gmail.com>

Hi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190524/6ac498e9/attachment.html>

From lansfordarica at gmail.com  Fri May 24 08:20:21 2019
From: lansfordarica at gmail.com (Arica Lansford)
Date: Fri, 24 May 2019 02:20:21 -0400
Subject: No subject
Message-ID: <CACHhj59tGakaObjRs-Y0LTFSPjGY80koOOhpFp-BT2yve1oV7Q@mail.gmail.com>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190524/fed9d6d5/attachment.html>

From lansfordarica at gmail.com  Fri May 24 10:32:51 2019
From: lansfordarica at gmail.com (Arica Lansford)
Date: Fri, 24 May 2019 04:32:51 -0400
Subject: No subject
Message-ID: <CACHhj5-ngap3_MYWNsLZAaGRwtNYtMk4p4nBrmyzJDx1Ace3eA@mail.gmail.com>

https://lists.gnupg.org/pipermail/gnupg-users/2011-July/042485.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190524/9f163b01/attachment.html>

From 2017-r3sgs86x8e-lists-groups at riseup.net  Fri May 24 22:17:35 2019
From: 2017-r3sgs86x8e-lists-groups at riseup.net (MFPA)
Date: Fri, 24 May 2019 21:17:35 +0100
Subject: No subject
In-Reply-To: <CACHhj58hqRoWyAyN5OYfQ4ja3p2nvJz3qBdbObXDvXUKKCzrag@mail.gmail.com>
References: <CACHhj58hqRoWyAyN5OYfQ4ja3p2nvJz3qBdbObXDvXUKKCzrag@mail.gmail.com>
Message-ID: <74381029.20190524211735@my_localhost_LG>




On Friday 24 May 2019 at 6:34:45 AM, in
<mid:CACHhj58hqRoWyAyN5OYfQ4ja3p2nvJz3qBdbObXDvXUKKCzrag at mail.gmail.com>,
Arica Lansford wrote:-


> What is this supposed to do  

Please expand your question so that members may know what you are 
asking.

-- 
Best regards

MFPA                  <mailto:2017-r3sgs86x8e-lists-groups at riseup.net>

Censor: a man who knows more than he thinks you ought to.



From muredanta at protonmail.com  Sat May 25 01:23:05 2019
From: muredanta at protonmail.com (muredanta)
Date: Fri, 24 May 2019 23:23:05 +0000
Subject: Conflict Due to Multiple Instances of Smart Card Daemon
In-Reply-To: <87v9y15wfq.fsf@wheatstone.g10code.de>
References: <3KAqKlwE1epzWli_Hz7QgEe2UCj-CHmgtb-aOExjxqg3p3_rOSZUCfrFz24QlzVcysae0o53Xiyt3yi7Zs1EaRGIMyHUq38x2_eqkI4vAmE=@protonmail.com>
 <87v9y15wfq.fsf@wheatstone.g10code.de>
Message-ID: <QX3rH0zUZrNri8TH_HUjPWLXHi7uVxHjZEvZMZCmOlDmoZfiqgiKDMG728N-fTlG9cMGOiPuuHSoZd5SijlPU94JK1hdm6-o31or3Qau0Z8=@protonmail.com>

Thanks for that. Given that I need to do multiple operations on the card with different GNUPGHOME values during one session, is there a way to cause an earlier instance of scdaemon to either exit or to release the card, so that a new instance can have exclusive access? It seems like this would have to happen before the second invocation of gpgme_op_interact().

Thanks!

??????? Original Message ???????
On Thursday, May 23, 2019 6:53 PM, Werner Koch <wk at gnupg.org> wrote:

> On Wed, 22 May 2019 00:21, gnupg-users at gnupg.org said:
>
> > work without requring removal/re-insertion of the card, but presumably
> > such a change has security implications or the original developers
> > would not have used PCSC_SHARE_EXCLUSIVE. So... I don't know if such a
> > change is advisable. Any feedback on that? I'm thinking that it may
>
> Don't. We are currently working on autoswitching between different
> applications on the card and thus a controlling instance is required. A
> second daemon (ie. using a second GNUPGHOME) on the same reader is thus
> not a good idea.
>
> FWIW, scdameon handles several readers just fine.
>
> Shalom-Salam,
>
> Werner
>
> ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.




From codeguro at gmail.com  Sat May 25 02:31:26 2019
From: codeguro at gmail.com (Tony Lane)
Date: Fri, 24 May 2019 20:31:26 -0400
Subject: No subject
In-Reply-To: <CACHhj58hqRoWyAyN5OYfQ4ja3p2nvJz3qBdbObXDvXUKKCzrag@mail.gmail.com>
References: <CACHhj58hqRoWyAyN5OYfQ4ja3p2nvJz3qBdbObXDvXUKKCzrag@mail.gmail.com>
Message-ID: <0843ca5c-444e-a534-6ea7-a443c1f841d4@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 5/24/19 1:34 AM, Arica Lansford wrote:
> What is this supposed to do
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
> 

"This?" You mean the mailing list? It's for sending out emails to GPG users, usually for asking or answering questions.
Or do you mean GPG itself? For that, use it for encrypting messages or, alternatively, signing it like I'm doing right now.
-----BEGIN PGP SIGNATURE-----

iLkEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXOiM3gAKCRDo8fj9gx4T
009SAgkB8x+lgrXWt+lRaaTnpr/jdsEAxFWd+vjGHfUQTowEMEZg+DXrzTg2onAR
IqJUNblbLDWFLJW/ialwBb2kzjOZ56ICCQGYLz/ZrcuXQietBudQRvXdl0/ynVFr
phZE0wfRYE/60l7+aJp4grZWyBZe620oaEqhUt+Rts1f3A2IpTh89BdmVw==
=IgiD
-----END PGP SIGNATURE-----


From hassan.mostafa87 at gmail.com  Sat May 25 01:30:21 2019
From: hassan.mostafa87 at gmail.com (Hassan Mostafa)
Date: Sat, 25 May 2019 01:30:21 +0200
Subject: Elliptic curve operations problem using libgcrypt
Message-ID: <CACpG-69Uf-Mn60FOBYybW6=CdM4sTSLC-E2awq6ua7+0rDH3Sg@mail.gmail.com>

I am a new user of libgcrypt. I am trying to do math operations on elliptic
curves for example scalar multiplication. I am started with writing a code
which simply initialize the library then generate a context for EC
operation and the get the private key and display it. in my code.

1. I am trying to get the private key value in variable called x but it
gives an error.
2. then display this x.

please I need help in this urgently.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190525/e8374393/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: test.c
Type: application/octet-stream
Size: 1673 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190525/e8374393/attachment.obj>

From sac at 300baud.de  Sat May 25 18:56:39 2019
From: sac at 300baud.de (Stefan Claas)
Date: Sat, 25 May 2019 18:56:39 +0200
Subject: I've been hacked and now I only use a key pair on keybase.
Message-ID: <20190525185639.000005c0@300baud.de>

Hi all,

since some of you have my pub key, I would like to inform
you that the key is revoked, due to the fact that i've been
hacked.

My new pub key is available via keybase and also certified
by the German CA Governikus.

Here are the infos:

PGP key added!
==========================================================

  You just added 5B81 8DA3 3B23 FE73 9591  B3C7 0F2B 4DA2 76F2 F8AD.



You performed this action by signing a statement with Desktop PC, a computer. Extra-geeky people can manually read the announcement on your sig chain: https://keybase.io/stefan_claas/sigchain.
     
And here is a full list of your live keys on Keybase:
            
* Laptop --- a computer 
* Desktop PC --- a computer 
* member nuclear... --- a paper key 

If any of the above devices or keys are lost to you, please revoke them with the Keybase app.
    


Cheers,
-the Keybase team

--------------------
Keybase for Android: https://keybase.io/_/download/keybase-for-android
Keybase for iPhone:  https://keybase.io/_/download/keybase-for-ios
Keybase for Linux:   https://keybase.io/docs/the_app/install_linux
Keybase for Windows: https://keybase.io/docs/the_app/install_windows
Keybase for macOS:   https://keybase.io/docs/the_app/install_macos

Regards
Stefan


From sac at 300baud.de  Sat May 25 19:35:55 2019
From: sac at 300baud.de (Stefan Claas)
Date: Sat, 25 May 2019 19:35:55 +0200
Subject: I've been hacked and now I only use a key pair on keybase.
In-Reply-To: <20190525185639.000005c0@300baud.de>
References: <20190525185639.000005c0@300baud.de>
Message-ID: <20190525193555.000018c9@300baud.de>

Am Sat, 25 May 2019 18:56:39 +0200
schrieb Stefan Claas <sac at 300baud.de>:

> My new pub key is available via keybase and also certified
> by the German CA Governikus.

P.S. I have generated my new key pair at keybase and will use
keybase for encryption / decription until I have the funds to
buy me a new *offline* usage Notebook.

Regards
Stefan


From sac at 300baud.de  Sat May 25 20:05:27 2019
From: sac at 300baud.de (Stefan Claas)
Date: Sat, 25 May 2019 20:05:27 +0200
Subject: I've been hacked and now I only use a key pair on keybase.
In-Reply-To: <20190525174631.23hyaiwtrojnefrn@x60s.casa>
References: <20190525185639.000005c0@300baud.de>
 <20190525193555.000018c9@300baud.de>
 <20190525174631.23hyaiwtrojnefrn@x60s.casa>
Message-ID: <20190525200527.0000102e@300baud.de>

Am Sat, 25 May 2019 19:46:31 +0200
schrieb Francesco Ariis <fa-ml at ariis.it>:

> offlist
> 
>     https://192.146.137.99/pks/lookup?op=vindex&fingerprint=on&search=0xD4C6F82118DB4986
> 
> your old key does not seem to be revoked  

Syncing between the key servers may take a while.

https://pgp.pm/pks/lookup?op=vindex&search=0xD4C6F82118DB4986

Regards
Stefan


From mac3iii at gmail.com  Sun May 26 12:56:08 2019
From: mac3iii at gmail.com (murphy)
Date: Sun, 26 May 2019 06:56:08 -0400
Subject: I've been hacked and now I only use a key pair on keybase.
Message-ID: <b48597a6-4479-6015-db43-c62d202fc627@gmail.com>

> ...until I have the funds to
> buy me a new *offline* usage Notebook.

Hi Stefan - I don't know your use model but you can't beat a $5 USD Rapsberry Pi Zero V1.3 for a cheap offline platform that can compile and use GnuPG 2.2.15. murphy

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190526/50dca52a/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190526/50dca52a/attachment-0001.sig>

From sac at 300baud.de  Sun May 26 16:42:08 2019
From: sac at 300baud.de (Stefan Claas)
Date: Sun, 26 May 2019 16:42:08 +0200
Subject: I've been hacked and now I only use a key pair on keybase.
In-Reply-To: <b48597a6-4479-6015-db43-c62d202fc627@gmail.com>
References: <b48597a6-4479-6015-db43-c62d202fc627@gmail.com>
Message-ID: <20190526164208.00001f0a@300baud.de>

murphy wrote:

Hi murphy,

> > ...until I have the funds to
> > buy me a new *offline* usage Notebook.
> 
> Hi Stefan - I don't know your use model but you can't beat a $5 USD
> Rapsberry Pi Zero V1.3 for a cheap offline platform that can compile
> and use GnuPG 2.2.15. murphy
> 

Thanks for the info, good idea! For certain tasks I would
however prefer a small Notebook.

Regards
Stefan


From sac at 300baud.de  Sun May 26 17:05:56 2019
From: sac at 300baud.de (Stefan Claas)
Date: Sun, 26 May 2019 17:05:56 +0200
Subject: I've been hacked and now I only use a key pair on keybase.
In-Reply-To: <20190526164208.00001f0a@300baud.de>
References: <b48597a6-4479-6015-db43-c62d202fc627@gmail.com>
 <20190526164208.00001f0a@300baud.de>
Message-ID: <20190526170556.00001c12@300baud.de>

Stefan Claas wrote:

> murphy wrote:
> 
> Hi murphy,
> 
> > > ...until I have the funds to
> > > buy me a new *offline* usage Notebook.
> > 
> > Hi Stefan - I don't know your use model but you can't beat a $5 USD
> > Rapsberry Pi Zero V1.3 for a cheap offline platform that can compile
> > and use GnuPG 2.2.15. murphy
> > 
> 
> Thanks for the info, good idea! For certain tasks I would
> however prefer a small Notebook.

P.S. I forgot to mention why and maybe someone has a better
solution.

For offline usage I ordered also a cheap USB to USB null modem
cable and would like to use it with the freeware CoolTerm.

freeware.the-meiers.org/

So that I can read and receive stuff on the online computer
and prepare replies etc. on the offline computer. The cable
would only be connected when doing so. I assume that no harm
can be done via the cable connections, when using a null modem
cable and CoolTerm.

In case of a Raspberry Pi I thought about the software minimodem
but have not managed to compile it for Windows, at least I could
after compiling not run it properly. :-(

Regards
Stefan



From codeguro at gmail.com  Sun May 26 18:14:09 2019
From: codeguro at gmail.com (Tony Lane)
Date: Sun, 26 May 2019 12:14:09 -0400
Subject: I've been hacked and now I only use a key pair on keybase.
In-Reply-To: <20190526170556.00001c12@300baud.de>
References: <b48597a6-4479-6015-db43-c62d202fc627@gmail.com>
 <20190526164208.00001f0a@300baud.de> <20190526170556.00001c12@300baud.de>
Message-ID: <12b4e9a4-d7e4-4308-942a-735f18d5b0ff@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 5/26/19 11:05 AM, Stefan Claas wrote:
> Stefan Claas wrote:
> 
>> murphy wrote:
>>
>> Hi murphy,
>>
>>>> ...until I have the funds to
>>>> buy me a new *offline* usage Notebook.
>>>
>>> Hi Stefan - I don't know your use model but you can't beat a $5 USD
>>> Rapsberry Pi Zero V1.3 for a cheap offline platform that can compile
>>> and use GnuPG 2.2.15. murphy
>>>
>>
>> Thanks for the info, good idea! For certain tasks I would
>> however prefer a small Notebook.
> 
> P.S. I forgot to mention why and maybe someone has a better
> solution.
> 
> For offline usage I ordered also a cheap USB to USB null modem
> cable and would like to use it with the freeware CoolTerm.
> 
> freeware.the-meiers.org/
> 
> So that I can read and receive stuff on the online computer
> and prepare replies etc. on the offline computer. The cable
> would only be connected when doing so. I assume that no harm
> can be done via the cable connections, when using a null modem
> cable and CoolTerm.
> 
> In case of a Raspberry Pi I thought about the software minimodem
> but have not managed to compile it for Windows, at least I could
> after compiling not run it properly. :-(
> 
> Regards
> Stefan
> 
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
> 

There's also paperkey: https://www.jabberwocky.com/software/paperkey/
Books can last a long time, you know...
-----BEGIN PGP SIGNATURE-----

iLgEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXOq7UQAKCRDo8fj9gx4T
04QzAgkBKLOBO113DkFSB9cjIHyZYeh0Z4Urbk8B8BRevUzGpTZxLomUNn/E0PKf
f1y/ib50X67/u4vHjW8SpzK+zmK+cNgCBiJ4HHiARPq7WBbWc/lYMo1wnOseLguS
rqabLd84nOoDYlkRbZ/PUr1cR0tiXRERzealoweI0W2yw6VCShfAB1tO
=THUg
-----END PGP SIGNATURE-----


From sac at 300baud.de  Sun May 26 18:27:25 2019
From: sac at 300baud.de (Stefan Claas)
Date: Sun, 26 May 2019 18:27:25 +0200
Subject: I've been hacked and now I only use a key pair on keybase.
In-Reply-To: <12b4e9a4-d7e4-4308-942a-735f18d5b0ff@gmail.com>
References: <b48597a6-4479-6015-db43-c62d202fc627@gmail.com>
 <20190526164208.00001f0a@300baud.de>
 <20190526170556.00001c12@300baud.de>
 <12b4e9a4-d7e4-4308-942a-735f18d5b0ff@gmail.com>
Message-ID: <20190526182725.000005de@300baud.de>

Tony Lane wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512

> There's also paperkey: https://www.jabberwocky.com/software/paperkey/
> Books can last a long time, you know...

I remember paperkey, but I am not sure on how to create / reply
securely messages offline with paperkey.

Regards
Stefan


From codeguro at gmail.com  Sun May 26 18:38:45 2019
From: codeguro at gmail.com (Tony Lane)
Date: Sun, 26 May 2019 12:38:45 -0400
Subject: I've been hacked and now I only use a key pair on keybase.
In-Reply-To: <20190526182725.000005de@300baud.de>
References: <b48597a6-4479-6015-db43-c62d202fc627@gmail.com>
 <20190526164208.00001f0a@300baud.de> <20190526170556.00001c12@300baud.de>
 <12b4e9a4-d7e4-4308-942a-735f18d5b0ff@gmail.com>
 <20190526182725.000005de@300baud.de>
Message-ID: <43e13763-734b-6b85-24fb-28e6a499f36b@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 5/26/19 12:27 PM, Stefan Claas wrote:
> I remember paperkey, but I am not sure on how to create / reply
> securely messages offline with paperkey.
> 
> Regards
> Stefan
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
> 

With GPG, of course. You use GPG to communicate securely over an insecure medium.
You do not have to be online to use GPG. It's done entirely on the host machine.
Or are you asking, exactly how to do that?

Paperkey is used to store your information offline, namely on paper.
Particularly, paperkey is used to aid with storing your private keys.
If you're looking to store messages offline, plain old GPG can do that trivially.
-----BEGIN PGP SIGNATURE-----

iLgEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXOrBFQAKCRDo8fj9gx4T
0/DnAgkBQTuSEkqKz2Rupi4FQOnAK4tTdEv17CFrLOSJ/vO0F/5Z70mQDNyS0nMk
h8fXOp2qbTCfPKoHtvlxuf+pxJF4DtsCCM+ZzTGu83alnz0jK0NT8uOZOvXrPVA5
tp0WnwJte+mFpHNzVwsdJsLsMUSJNruzUh2tsMyJHnwXCzzjfgEdj1Uf
=xfkY
-----END PGP SIGNATURE-----


From sac at 300baud.de  Sun May 26 19:11:32 2019
From: sac at 300baud.de (Stefan Claas)
Date: Sun, 26 May 2019 19:11:32 +0200
Subject: I've been hacked and now I only use a key pair on keybase.
In-Reply-To: <43e13763-734b-6b85-24fb-28e6a499f36b@gmail.com>
References: <b48597a6-4479-6015-db43-c62d202fc627@gmail.com>
 <20190526164208.00001f0a@300baud.de>
 <20190526170556.00001c12@300baud.de>
 <12b4e9a4-d7e4-4308-942a-735f18d5b0ff@gmail.com>
 <20190526182725.000005de@300baud.de>
 <43e13763-734b-6b85-24fb-28e6a499f36b@gmail.com>
Message-ID: <20190526191132.00004975@300baud.de>

Tony Lane wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
> 
> On 5/26/19 12:27 PM, Stefan Claas wrote:
> > I remember paperkey, but I am not sure on how to create / reply
> > securely messages offline with paperkey.
> > 
> > Regards
> > Stefan
> > 
> > _______________________________________________
> > Gnupg-users mailing list
> > Gnupg-users at gnupg.org
> > http://lists.gnupg.org/mailman/listinfo/gnupg-users
> > 
> 
> With GPG, of course. You use GPG to communicate securely over an
> insecure medium. You do not have to be online to use GPG. It's done
> entirely on the host machine. Or are you asking, exactly how to do
> that?

Yes, I would like to know how to communicate with paperkey, because
my understanding is or was that paperkey is used to store my sec
key on a paper medium. I don't understand how people would communicate
with paperkey.

What I will do, as soon as I have the funds, is using an offline
computer with an USB to USB null modem cable and CoolTerm to create
messages on the offline computer, transfer them via the cable and
then send them with the online computer, which then can be compromised
again, without having any crypto software on that machine. 

For receiving PGP-MIME messages I already have an encoder, so that
I can later then transform those messages to the offline computer,
so that GnuPG can decrypt them.

Regards
Stefan


From codeguro at gmail.com  Sun May 26 19:47:58 2019
From: codeguro at gmail.com (Tony Lane)
Date: Sun, 26 May 2019 13:47:58 -0400
Subject: I've been hacked and now I only use a key pair on keybase.
In-Reply-To: <20190526191132.00004975@300baud.de>
References: <b48597a6-4479-6015-db43-c62d202fc627@gmail.com>
 <20190526164208.00001f0a@300baud.de> <20190526170556.00001c12@300baud.de>
 <12b4e9a4-d7e4-4308-942a-735f18d5b0ff@gmail.com>
 <20190526182725.000005de@300baud.de>
 <43e13763-734b-6b85-24fb-28e6a499f36b@gmail.com>
 <20190526191132.00004975@300baud.de>
Message-ID: <62bf7d7e-e36b-b129-d302-251c9e0f2b29@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

You don't communicate with paperkey. You use GPG to communicate.
GPG uses the secret key to sign messages as well as decrypt messages that were encrypted with its corresponding public key.
Paperkey is just a tool to help store that secret key on a paper medium. That's it.
To use it, use the following command: gpg --export-secret-keys | paperkey
You can print the contents out, type them by hand, or whatever.

I think what you're asking is: "How do I sign or decrypt messages without crypto software such as GPG on the compromised computer? I don't want to risk my secrets being exposed!"
To that, my answer is "you can't." If your machine is compromised then your best bet is to keep your secret keys away from that machine entirely. Instead, install GPG on your offline machine and do all of your signing/decryption there.

To sign messages in PGP ascii armored format, you can do:
gpg --clearsign inputfile
or
gpg --detach-sign --armor inputfile

Similar commands can be used for encryption.
Remember that when encrypting that if you don't include yourself as the recipient, you won't be able to decrypt it.

Here is a good tutorial for GPG and enigmail: https://futureboy.us/pgp.html
-----BEGIN PGP SIGNATURE-----

iLgEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXOrRTgAKCRDo8fj9gx4T
09gBAgjtjxZGTdQPV46chrDyOKSN9xDxrEubNgvlao8mXRaJ/+nLc90lbe69aztD
b7WeVx9wzXzIBCNi/sbYa50S/4PWMAIJAUAS17I/mBNzFE2KYEJm1erzXvRixc15
jCvovUDGuYFU7AtLW65iPpJMMTjIfP3uX/aw+1mDbEkJoJ7+yblti6DY
=8Q6Q
-----END PGP SIGNATURE-----


From sac at 300baud.de  Sun May 26 19:58:30 2019
From: sac at 300baud.de (Stefan Claas)
Date: Sun, 26 May 2019 19:58:30 +0200
Subject: I've been hacked and now I only use a key pair on keybase.
In-Reply-To: <62bf7d7e-e36b-b129-d302-251c9e0f2b29@gmail.com>
References: <b48597a6-4479-6015-db43-c62d202fc627@gmail.com>
 <20190526164208.00001f0a@300baud.de>
 <20190526170556.00001c12@300baud.de>
 <12b4e9a4-d7e4-4308-942a-735f18d5b0ff@gmail.com>
 <20190526182725.000005de@300baud.de>
 <43e13763-734b-6b85-24fb-28e6a499f36b@gmail.com>
 <20190526191132.00004975@300baud.de>
 <62bf7d7e-e36b-b129-d302-251c9e0f2b29@gmail.com>
Message-ID: <20190526195830.00002e48@300baud.de>

Tony Lane wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
> 
> You don't communicate with paperkey. You use GPG to communicate.

[snip]

I wonder then why you mentioned paperkey in the first line,
in my thread? I thought it was obvious what I was talking
about, even if I am no native English speaker. :-)

Regards
Stefan


From sac at 300baud.de  Sun May 26 23:13:40 2019
From: sac at 300baud.de (Stefan Claas)
Date: Sun, 26 May 2019 23:13:40 +0200
Subject: I've been hacked and now I only use a key pair on keybase.
In-Reply-To: <20190525193555.000018c9@300baud.de>
References: <20190525185639.000005c0@300baud.de>
 <20190525193555.000018c9@300baud.de>
Message-ID: <20190526231340.000061ac@300baud.de>

Stefan Claas wrote:

> Am Sat, 25 May 2019 18:56:39 +0200
> schrieb Stefan Claas <sac at 300baud.de>:
> 
> > My new pub key is available via keybase and also certified
> > by the German CA Governikus.
> 
> P.S. I have generated my new key pair at keybase and will use
> keybase for encryption / decription until I have the funds to
> buy me a new *offline* usage Notebook.

P.P.S I just created a new key pair again. So, in case you
already downloaded my key, please re-download, sorry!

Regards
Stefan



From muredanta at protonmail.com  Mon May 27 00:11:43 2019
From: muredanta at protonmail.com (muredanta)
Date: Sun, 26 May 2019 22:11:43 +0000
Subject: Conflict Due to Multiple Instances of Smart Card Daemon
Message-ID: <XNgSu4rGE9SHgChiYfcBbrEE9H1NkO4OT6rqXTa9wWOXB_UeCzJ2PHXgp4ZFEGBQg8Ds6jtdiZeZ3wPJzQ63zC-7A3q-irriNbL6anDQxjU=@protonmail.com>

Well, on second thought, I think what I will try to do today is restructure everything so I can use a single GNUPGHOME. If that works out then we'd probably be in a better position to take advantage of the new design you're working on. By the way, could you describe that in more detail? What new capabilities will it offer (or what new restrictions will it impose?). The documentation is kind of sparse so it's hard to get a handle on how things work sometimes.

Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190526/08a74f45/attachment.html>

From vedaal at nym.hush.com  Sun May 26 23:30:27 2019
From: vedaal at nym.hush.com (vedaal at nym.hush.com)
Date: Sun, 26 May 2019 17:30:27 -0400
Subject: I've been hacked and now I only use a key pair on keybase.
In-Reply-To: <20190525193555.000018c9@300baud.de>
References: <20190525185639.000005c0@300baud.de>
 <20190525193555.000018c9@300baud.de> 
Message-ID: <20190526213027.AC5D1E0783@smtp.hushmail.com>

On 5/25/2019 at 1:38 PM, "Stefan Claas" <sac at 300baud.de> wrote:

>P.S. I have generated my new key pair at keybase and will use
>keybase for encryption / decription until I have the funds to
>buy me a new *offline* usage Notebook.

=====

Consider this one,

Toshiba NB100-11R notebook
https://www.pocket-lint.com/laptops/reviews/toshiba/70711-toshiba-no100-11r-notebook-review

it's small, easily portable,  comes with a toshiba linux variant installed, but you can easily install ubuntu or any other OS you prefer

it came our in 2008
and should be relatively inexpensive after 11 years


Good Luck

vedaal



From mercuryrising at hush.ai  Mon May 27 08:30:18 2019
From: mercuryrising at hush.ai (mercuryrising at hush.ai)
Date: Sun, 26 May 2019 23:30:18 -0700
Subject: Encryption Algorithm for GnuPG?
Message-ID: <2849561439a8a908889eaa2f3f7a5e5f@smtp.hushmail.com>

What is the encryption engine for the current GnuPG. I read that it isNIST AES. I know IDEA is proprietary so that can?t be used, is this correct?

If it?s NIST AES that is under the US Government? Wouldn?t that be in danger of a US back door in the algorithm?

Elwin

Sent using Hushmail
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190526/68c2246e/attachment.html>

From andrewg at andrewg.com  Mon May 27 10:05:59 2019
From: andrewg at andrewg.com (Andrew Gallagher)
Date: Mon, 27 May 2019 09:05:59 +0100
Subject: I've been hacked and now I only use a key pair on keybase.
In-Reply-To: <20190526164208.00001f0a@300baud.de>
References: <b48597a6-4479-6015-db43-c62d202fc627@gmail.com>
 <20190526164208.00001f0a@300baud.de>
Message-ID: <0758e9ad-5984-4ea2-b353-ffed8eebafd1@andrewg.com>

On 26/05/2019 15:42, Stefan Claas wrote:
> murphy wrote:
> 
> Hi murphy,
> 
>>> ...until I have the funds to
>>> buy me a new *offline* usage Notebook.
>>
>> Hi Stefan - I don't know your use model but you can't beat a $5 USD
>> Rapsberry Pi Zero V1.3 for a cheap offline platform that can compile
>> and use GnuPG 2.2.15. murphy
>>
> 
> Thanks for the info, good idea! For certain tasks I would
> however prefer a small Notebook.
For the last four years or so, I have maintained my PGP primary key on a
Tails[0] thumb drive, and my subkeys on a redundant pair of OpenPGP
smartcards. This gives me:

a) offline storage of my master key
b) secure backup of all key material
c) convenient access using any of my existing machines

I started developing a tool[1] to simplify the management of the offline
primary key on the Tails drive, but development has stalled. If there is
genuine interest out there, I will dedicate some more time to it.

[0] https://tails.boum.org
[1] https://github.com/andrewgdotcom/frith

-- 
Andrew Gallagher

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190527/b21600f5/attachment.sig>

From dgouttegattat at incenp.org  Mon May 27 13:14:19 2019
From: dgouttegattat at incenp.org (Damien Goutte-Gattat)
Date: Mon, 27 May 2019 12:14:19 +0100
Subject: Encryption Algorithm for GnuPG?
In-Reply-To: <2849561439a8a908889eaa2f3f7a5e5f@smtp.hushmail.com>
References: <2849561439a8a908889eaa2f3f7a5e5f@smtp.hushmail.com>
Message-ID: <20190527111417.mdf433mwi4pulpay@aurora.local.incenp.org>

On Sun, May 26, 2019 at 11:30:18PM -0700, Procopius via Gnupg-users wrote:
>What is the encryption engine for the current GnuPG.

There?s no single symmetric encryption algorithm. OpenPGP allows a set 
of algorithms: 3DES, IDEA, CAST5, AES, Blowfish, Twofish, and Camellia 
[1,2]. GnuPG supports all of them.


>I know IDEA is proprietary so that can?t be used, is this correct?

All patents on IDEA have now expired and IDEA is supported by GnuPG.


>If it?s NIST AES that is under the US Government? Wouldn?t that be in 
>danger of a US back door in the algorithm?

Rijndael was actually designed by a team of Belgian cryptologists. NIST 
evaluated it amongst the other candidate ciphers of the AES competition 
and eventually selected it as the winner, but was not involved in its 
design. [3]


- Damien

[1] https://tools.ietf.org/html/rfc4880#section-9.2

[2] 
https://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-13

[3] 
https://www.nist.gov/news-events/news/2000/10/commerce-department-announces-winner-global-information-security
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190527/eb85720b/attachment-0001.sig>

From mgorny at gentoo.org  Mon May 27 15:18:44 2019
From: mgorny at gentoo.org (=?UTF-8?Q?Micha=C5=82_G=C3=B3rny?=)
Date: Mon, 27 May 2019 15:18:44 +0200
Subject: Encryption Algorithm for GnuPG?
In-Reply-To: <2849561439a8a908889eaa2f3f7a5e5f@smtp.hushmail.com>
References: <2849561439a8a908889eaa2f3f7a5e5f@smtp.hushmail.com>
Message-ID: <85329a31dc5ca95403f5bfbf5fccf634a57c1aca.camel@gentoo.org>

On Sun, 2019-05-26 at 23:30 -0700, Procopius via Gnupg-users wrote:
> If it?s NIST AES that is under the US Government? Wouldn?t that be in danger of a US back door in the algorithm?
> 

Why would them bother trying to split a backdoor in the algorithm
unnoticed if it's much simpler to install it in the hardware and go
straight for the unencrypted data?  In fact, I'm pretty sure they would
actually encourage you to use strong encryption just to let your guard
down!

-- 
Best regards,
Micha? G?rny

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 618 bytes
Desc: This is a digitally signed message part
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190527/d534bae0/attachment.sig>

From sac at 300baud.de  Mon May 27 16:10:55 2019
From: sac at 300baud.de (Stefan Claas)
Date: Mon, 27 May 2019 16:10:55 +0200
Subject: I've been hacked and now I only use a key pair on keybase.
In-Reply-To: <0758e9ad-5984-4ea2-b353-ffed8eebafd1@andrewg.com>
References: <b48597a6-4479-6015-db43-c62d202fc627@gmail.com>
 <20190526164208.00001f0a@300baud.de>
 <0758e9ad-5984-4ea2-b353-ffed8eebafd1@andrewg.com>
Message-ID: <20190527161055.000069e5@300baud.de>

Andrew Gallagher wrote:

> For the last four years or so, I have maintained my PGP primary key
> on a Tails[0] thumb drive, and my subkeys on a redundant pair of
> OpenPGP smartcards. This gives me:
> 
> a) offline storage of my master key
> b) secure backup of all key material
> c) convenient access using any of my existing machines
> 
> I started developing a tool[1] to simplify the management of the
> offline primary key on the Tails drive, but development has stalled.
> If there is genuine interest out there, I will dedicate some more
> time to it.
> 
> [0] https://tails.boum.org
> [1] https://github.com/andrewgdotcom/frith
> 

Thanks for outlining your procedure!

I will give tails a try soon, but not for PGP usage.

I will go for my procedure, involving an offline Notebook
and a second key (which I have now on keybase).

This will give users the option, when communicating with
me, that they either can choose my keybase key, which I
think is a good idea from keybase, because it would allow
IMHO people to travel to the U.S. without carrying a secret
key with them, in case border patrol checks computers etc.
and my offline key for "important" stuff, which then will
be also used to sign all outgoing messages, regardless
which key is used.

I think it is a good procedure and in case stuff like
tempest attacks etc. would came into play then it is
game over, for a normal EU citizen like me. But at
least it should keep hackers away from my GnuPG and
box encrypted communications.

Regards
Stefan


From gnupg at raf.org  Tue May 28 02:59:40 2019
From: gnupg at raf.org (gnupg at raf.org)
Date: Tue, 28 May 2019 10:59:40 +1000
Subject: Encryption Algorithm for GnuPG?
In-Reply-To: <2849561439a8a908889eaa2f3f7a5e5f@smtp.hushmail.com>
References: <2849561439a8a908889eaa2f3f7a5e5f@smtp.hushmail.com>
Message-ID: <20190528005940.fsf7lohuuc4yjkik@raf.org>

Procopius via Gnupg-users wrote:

> What is the encryption engine for the current GnuPG. I read that it
> isNIST AES. I know IDEA is proprietary so that can?t be used, is this
> correct?
> 
> If it?s NIST AES that is under the US Government? Wouldn?t that be in
> danger of a US back door in the algorithm?
> 
> Elwin

NIST didn't create AES. They selected a subset of an existing block cipher,
Rijndael, for use by the US government to replace the previous standard, DES.

https://en.wikipedia.org/wiki/Advanced_Encryption_Standard



From wk at gnupg.org  Tue May 28 17:53:44 2019
From: wk at gnupg.org (Werner Koch)
Date: Tue, 28 May 2019 17:53:44 +0200
Subject: [Announce] GnuPG 2.2.16 released
Message-ID: <87sgsyk22f.fsf@wheatstone.g10code.de>

Hello!

We are pleased to announce the availability of a new GnuPG release:
version 2.2.16.  This is a maintenance release; see below for a list
changes.


About GnuPG
===========

The GNU Privacy Guard (GnuPG, GPG) is a complete and free implementation
of the OpenPGP and S/MIME standards.

GnuPG allows to encrypt and sign data and communication, features a
versatile key management system as well as access modules for public key
directories.  GnuPG itself is a command line tool with features for easy
integration with other applications.  The separate library GPGME provides
a uniform API to use the GnuPG engine by software written in common
programming languages.  A wealth of frontend applications and libraries
making use of GnuPG are available.  As an universal crypto engine GnuPG
provides support for S/MIME and Secure Shell in addition to OpenPGP.

GnuPG is Free Software (meaning that it respects your freedom).  It can
be freely used, modified and distributed under the terms of the GNU
General Public License.


Noteworthy changes in version 2.2.16
====================================

  * gpg,gpgsm: Fix deadlock on Windows due to a keybox sharing
    violation.  [#4505]

  * gpg: Allow deletion of subkeys with --delete-key.  This finally
    makes the bang-suffix work as expected for that command.  [#4457]

  * gpg: Replace SHA-1 by SHA-256 in self-signatures when updating
    them with --quick-set-expire or --quick-set-primary-uid. [#4508]

  * gpg: Improve the photo image viewer selection.  [#4334]

  * gpg: Fix decryption with --use-embedded-filename.  [#4500]

  * gpg: Remove hints on using the --keyserver option.  [#4512]

  * gpg: Fix export of certain secret keys with comments.  [#4490]

  * gpg: Reject too long user-ids in --quick-gen-key.  [#4532]

  * gpg: Fix a double free in the best key selection code.  [#4462]

  * gpg: Fix the key generation dialog for switching back from EdDSA
    to ECDSA.

  * gpg: Use AES-192 with SHA-384 to comply with RFC-6637.

  * gpg: Use only the addrspec from the Signer's UID subpacket to
    mitigate a problem with another implementation.

  * gpg: Skip invalid packets during a keyring listing and sync
    diagnostics with the output.

  * gpgsm: Avoid confusing diagnostic when signing with the default
    key.  [#4535]

  * agent: Do not delete any secret key in --dry-run mode.

  * agent: Fix failures on 64 bit big-endian boxes related to URIs in
    a keyfile.  [#4501]

  * agent: Stop scdaemon after a reload with disable-scdaemon newly
    configured.  [#4326]

  * dirmngr: Improve caching algorithm for WKD domains.

  * dirmngr: Support other hash algorithms than SHA-1 for OCSP.  [#3966]

  * gpgconf: Make --homedir work for --launch.  [#4496]

  * gpgconf: Before --launch check for a valid config file.  [#4497]

  * wkd: Do not import more than 5 keys from one WKD address.

  * wkd: Accept keys which are stored in armored format in the
    directory.

  * The installer for Windows now comes with signed binaries.

  Release-info: https://dev.gnupg.org/T4509


Getting the Software
====================

Please follow the instructions found at <https://gnupg.org/download/> or
read on:

GnuPG 2.2.16 may be downloaded from one of the GnuPG mirror sites or
direct from its primary FTP server.  The list of mirrors can be found at
<https://gnupg.org/download/mirrors.html>.  Note that GnuPG is not
available at ftp.gnu.org.

The GnuPG source code compressed using BZIP2 and its OpenPGP signature
are available here:

 https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.16.tar.bz2 (6542k)
 https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.16.tar.bz2.sig

An installer for Windows without any graphical frontend except for a
very minimal Pinentry tool is available here:

 https://gnupg.org/ftp/gcrypt/binary/gnupg-w32-2.2.16_20190528.exe (4183k)
 https://gnupg.org/ftp/gcrypt/binary/gnupg-w32-2.2.16_20190528.exe.sig

The source used to build the Windows installer can be found in the same
directory with a ".tar.xz" suffix.


Checking the Integrity
======================

In order to check that the version of GnuPG which you are going to
install is an original and unmodified one, you can do it in one of
the following ways:

 * If you already have a version of GnuPG installed, you can simply
   verify the supplied signature.  For example to verify the signature
   of the file gnupg-2.2.16.tar.bz2 you would use this command:

     gpg --verify gnupg-2.2.16.tar.bz2.sig gnupg-2.2.16.tar.bz2

   This checks whether the signature file matches the source file.
   You should see a message indicating that the signature is good and
   made by one or more of the release signing keys.  Make sure that
   this is a valid key, either by matching the shown fingerprint
   against a trustworthy list of valid release signing keys or by
   checking that the key has been signed by trustworthy other keys.
   See the end of this mail for information on the signing keys.

 * If you are not able to use an existing version of GnuPG, you have
   to verify the SHA-1 checksum.  On Unix systems the command to do
   this is either "sha1sum" or "shasum".  Assuming you downloaded the
   file gnupg-2.2.16.tar.bz2, you run the command like this:

     sha1sum gnupg-2.2.16.tar.bz2

   and check that the output matches the next line:

f956c8cebee3a6ddb2ce6e6e058d474d056dd9e0  gnupg-2.2.16.tar.bz2
8d2214dc3dd4a34c69953b1c9254520fd07033f1  gnupg-w32-2.2.16_20190528.tar.xz
caf09d6e0e47d87675f1805409a503ce0cf93a4e  gnupg-w32-2.2.16_20190528.exe


Internationalization
====================

This version of GnuPG has support for 26 languages with Chinese
(traditional and simplified), Czech, French, German, Japanese,
Norwegian, Polish, Russian, and Ukrainian being almost completely
translated.


Documentation and Support
=========================

If you used GnuPG in the past you should read the description of
changes and new features at doc/whats-new-in-2.1.txt or online at

  https://gnupg.org/faq/whats-new-in-2.1.html

The file gnupg.info has the complete reference manual of the system.
Separate man pages are included as well but they miss some of the
details available only in thee manual.  The manual is also available
online at

  https://gnupg.org/documentation/manuals/gnupg/

or can be downloaded as PDF at

  https://gnupg.org/documentation/manuals/gnupg.pdf .

You may also want to search the GnuPG mailing list archives or ask on
the gnupg-users mailing list for advise on how to solve problems.  Most
of the new features are around for several years and thus enough public
experience is available.  https://wiki.gnupg.org has user contributed
information around GnuPG and relate software.

In case of build problems specific to this release please first check
https://dev.gnupg.org/T4509 for updated information.

Please consult the archive of the gnupg-users mailing list before
reporting a bug: <https://gnupg.org/documentation/mailing-lists.html>.
We suggest to send bug reports for a new release to this list in favor
of filing a bug at <https://bugs.gnupg.org>.  If you need commercial
support check out <https://gnupg.org/service.html>.

If you are a developer and you need a certain feature for your project,
please do not hesitate to bring it to the gnupg-devel mailing list for
discussion.


Thanks
======

Maintenance and development of GnuPG is mostly financed by donations.
The GnuPG project currently employs two full-time developers and one
contractor.  They all work exclusively on GnuPG and closely related
software like Libgcrypt, GPGME and Gpg4win.

We have to thank all the people who helped the GnuPG project, be it
testing, coding, translating, suggesting, auditing, administering the
servers, spreading the word, and answering questions on the mailing
lists.

Many thanks to our numerous financial supporters, both corporate and
individuals.  Without you it would not be possible to keep GnuPG in a
good shape and to address all the small and larger requests made by our
users.  Thanks.


Happy hacking,

   Your GnuPG hackers



p.s.
This is an announcement only mailing list.  Please send replies only to
the gnupg-users'at'gnupg.org mailing list.

p.p.s
List of Release Signing Keys:
To guarantee that a downloaded GnuPG version has not been tampered by
malicious entities we provide signature files for all tarballs and
binary versions.  The keys are also signed by the long term keys of
their respective owners.  Current releases are signed by one or more
of these four keys:

  rsa2048 2011-01-12 [expires: 2019-12-31]
  Key fingerprint = D869 2123 C406 5DEA 5E0F  3AB5 249B 39D2 4F25 E3B6
  Werner Koch (dist sig)

  rsa2048 2014-10-29 [expires: 2019-12-31]
  Key fingerprint = 46CC 7308 65BB 5C78 EBAB  ADCF 0437 6F3E E085 6959
  David Shaw (GnuPG Release Signing Key) <dshaw 'at' jabberwocky.com>

  rsa2048 2014-10-29 [expires: 2020-10-30]
  Key fingerprint = 031E C253 6E58 0D8E A286  A9F2 2071 B08A 33BD 3F06
  NIIBE Yutaka (GnuPG Release Key) <gniibe 'at' fsij.org>

  rsa3072 2017-03-17 [expires: 2027-03-15]
  Key fingerprint = 5B80 C575 4298 F0CB 55D8  ED6A BCEF 7E29 4B09 2E28
  Andre Heinecke (Release Signing Key)

The keys are available at <https://gnupg.org/signature_key.html> and
in any recently released GnuPG tarball in the file g10/distsigkey.gpg .
Note that this mail has been signed by a different key.

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190528/f60e81e8/attachment.sig>
-------------- next part --------------
_______________________________________________
Gnupg-announce mailing list
Gnupg-announce at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-announce

From sac at 300baud.de  Tue May 28 23:43:28 2019
From: sac at 300baud.de (Stefan Claas)
Date: Tue, 28 May 2019 23:43:28 +0200
Subject: I've been hacked and now I only use a key pair on keybase.
In-Reply-To: <20190527161055.000069e5@300baud.de>
References: <b48597a6-4479-6015-db43-c62d202fc627@gmail.com>
 <20190526164208.00001f0a@300baud.de>
 <0758e9ad-5984-4ea2-b353-ffed8eebafd1@andrewg.com>
 <20190527161055.000069e5@300baud.de>
Message-ID: <20190528234328.000013c8@300baud.de>

Stefan Claas wrote:
 
> I will go for my procedure, involving an offline Notebook
> and a second key (which I have now on keybase).

Sheer awesomeness!

While waiting for my USB to USB null modem cable, I had so
much luck in getting a used Windows Notebook (in excellent
condition) from a person I know, for 30? !!!! today and
also googled a bit and found this awesome site:

https://martinmelhus.com/web-audio-modem/

The web html code allows one to transfer data via two
audio cables connected to your computers, at a very
low speed, which I absolutely don't mind, because I
am patient. 

So, be prepared when sending from you offline computer
small PGP encrypted and armored messages to your online
computer, it can take a little while.

I hope you like this privacy tip as much as I do!

I like it very much, because I don't have to send
many messages per day ...

Regards
Stefan


From chip.senkbeil at gmail.com  Wed May 29 16:56:31 2019
From: chip.senkbeil at gmail.com (Chip Senkbeil)
Date: Wed, 29 May 2019 09:56:31 -0500
Subject: Is limit-card-insert-tries a working option?
Message-ID: <20190529145631.5pgrqhdxdm5u3zlt@chipsenkbei-mbp>

Hey folks, I'm trying to figure out if

    a) the gpg option --limit-card-insert-tries is currently functioning (I'm assuming it is)
    b) setting --limit-card-insert-tries=1 does what I expect

My current setup is that I have my passwords stored using the pass tool from passwordstore.org. Each password is encrypted as a separate file and the encryption/decryption is handled by one of several of my encryption subkeys.

I've made multiple encryption subkeys from a master key after reading around best practices and other tidbits from other GPG users. My subkeys are each individually stored on a separate Yubikey from Yubico.com.

The encryption and decryption works great. For my multiple devices, I can have different keys inserted and encrypt/decrypt just like I would if the same master key was on each device. This is by using the `pass` tool initialized with each subkey's 0xid with an ! added to the end.

The annoyance comes from the pinentry prompt I'm using with the gpg agent. When needing to refresh the cache, the agent prompts me multiple times to insert my other smart cards before it reaches the smart card that is currently plugged into my device. This happens on both OSX and Fedora using version 2.2.15 of gpg and gpg-agent.

I've read about the --limit-card-insert-tries option and that, if specified as 1, the prompt shouldn't appear to insert the card. To my understanding, it should fail and move on to the next subkey silently. Am I reading the option correctly?

If I am, I currently have `limit-card-insert-tries 1` within my gpg.conf config, but it isn't having any impact. I can confirm that other settings within my gpg.conf are being read and utilized.

I pulled down the latest copy of gpg from git://git.gnupg.org/gnupg.git and tried to follow the path from when the --limit-card-insert-tries is provided, but I'm getting lost with where the setting goes. I'm sure it's used somewhere, but I seem to hit a dead end following the program's usage of the option.

Can anyone give me guidance as to what I'm doing wrong? Did I misunderstand the usage of the option? Is there some alternative I could do instead?

I love the setup I have, but I'm fairly new to gpg and smart cards; so, not sure if I've made some mistake along the way.


From codeguro at gmail.com  Wed May 29 19:55:32 2019
From: codeguro at gmail.com (Tony Lane)
Date: Wed, 29 May 2019 13:55:32 -0400
Subject: Is limit-card-insert-tries a working option?
In-Reply-To: <20190529145631.5pgrqhdxdm5u3zlt@chipsenkbei-mbp>
References: <20190529145631.5pgrqhdxdm5u3zlt@chipsenkbei-mbp>
Message-ID: <a1e51e4f-b664-50ed-f3de-630737e00853@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

When encrypting or signing or decrypting with a specific key, if you have a set of keys (say, a master key and 3 encryption subkeys etc), GPG may try to try each key until it finds a match.
However, you can do something like:
gpg -u <key-id>!
to tell GPG to use that specific key. Note the exclamation mark. When using gpg an exclamation mark (!) may be appended to force using the specified primary or secondary key and not to try and calculate which primary or secondary key to use.

You can take a peek at the documentation here for more info: https://www.gnupg.org/documentation/manuals/gnupg/Specify-a-User-ID.html
There is also a manual here, with more options if it helps: https://gnupg.org/documentation/manpage.html


On 5/29/19 10:56 AM, Chip Senkbeil wrote:
> Hey folks, I'm trying to figure out if
> 
>     a) the gpg option --limit-card-insert-tries is currently functioning (I'm assuming it is)
>     b) setting --limit-card-insert-tries=1 does what I expect
> 
> My current setup is that I have my passwords stored using the pass tool from passwordstore.org. Each password is encrypted as a separate file and the encryption/decryption is handled by one of several of my encryption subkeys.
> 
> I've made multiple encryption subkeys from a master key after reading around best practices and other tidbits from other GPG users. My subkeys are each individually stored on a separate Yubikey from Yubico.com.
> 
> The encryption and decryption works great. For my multiple devices, I can have different keys inserted and encrypt/decrypt just like I would if the same master key was on each device. This is by using the `pass` tool initialized with each subkey's 0xid with an ! added to the end.
> 
> The annoyance comes from the pinentry prompt I'm using with the gpg agent. When needing to refresh the cache, the agent prompts me multiple times to insert my other smart cards before it reaches the smart card that is currently plugged into my device. This happens on both OSX and Fedora using version 2.2.15 of gpg and gpg-agent.
> 
> I've read about the --limit-card-insert-tries option and that, if specified as 1, the prompt shouldn't appear to insert the card. To my understanding, it should fail and move on to the next subkey silently. Am I reading the option correctly?
> 
> If I am, I currently have `limit-card-insert-tries 1` within my gpg.conf config, but it isn't having any impact. I can confirm that other settings within my gpg.conf are being read and utilized.
> 
> I pulled down the latest copy of gpg from git://git.gnupg.org/gnupg.git and tried to follow the path from when the --limit-card-insert-tries is provided, but I'm getting lost with where the setting goes. I'm sure it's used somewhere, but I seem to hit a dead end following the program's usage of the option.
> 
> Can anyone give me guidance as to what I'm doing wrong? Did I misunderstand the usage of the option? Is there some alternative I could do instead?
> 
> I love the setup I have, but I'm fairly new to gpg and smart cards; so, not sure if I've made some mistake along the way.
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
> 
-----BEGIN PGP SIGNATURE-----

iLkEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXO7HkwAKCRDo8fj9gx4T
09NuAgkBlT+FUIQ8k6a18fmrFfi7dRcRDOm4yv3unMtVwfp/bMe0mszMeaGDV2hN
CQgiiGCLNhmEsLLUITvK28mL4zlLHssCCQFR2gIqWKdOZauXO0gtJeVTkLtk4DgW
hcNLKSP6cBn42hgp/tZGKfQWvN6ZbvQaly4fWkgeF/s2zONCzDxS+fJ5Ug==
=hC3D
-----END PGP SIGNATURE-----


From codeguro at gmail.com  Wed May 29 20:26:14 2019
From: codeguro at gmail.com (Tony Lane)
Date: Wed, 29 May 2019 14:26:14 -0400
Subject: Is limit-card-insert-tries a working option?
In-Reply-To: <a1e51e4f-b664-50ed-f3de-630737e00853@gmail.com>
References: <20190529145631.5pgrqhdxdm5u3zlt@chipsenkbei-mbp>
 <a1e51e4f-b664-50ed-f3de-630737e00853@gmail.com>
Message-ID: <25d6bf3b-1640-395f-65d8-39181ee91def@gmail.com>

While I'm on it, I'd like to add here that GPG doesn't really use passwords like one may think.
GPG uses public key cryptography - it doesn't use passwords to protect your files; it uses passwords to protect the keys that decrypt or sign the files.
Beneath the covers, GPG actually generates an ephemeral symmetric key used for a cipher such as AES and it's this key that actually encrypts the payload and is also the key that's encrypted by a public key and is attached to the message as the pgp protocol. When encrypting to multiple recipients, multiple encrypted ephemeral keys are attached. The recipient who holds a private key just decrypts their copy of the pad with their key, and then decrypts the payload with that.

The more you know

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 317 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190529/f8206a37/attachment.sig>

From chip.senkbeil at gmail.com  Thu May 30 18:00:01 2019
From: chip.senkbeil at gmail.com (Chip Senkbeil)
Date: Thu, 30 May 2019 11:00:01 -0500
Subject: Is limit-card-insert-tries a working option?
In-Reply-To: <a1e51e4f-b664-50ed-f3de-630737e00853@gmail.com>
References: <20190529145631.5pgrqhdxdm5u3zlt@chipsenkbei-mbp>
 <a1e51e4f-b664-50ed-f3de-630737e00853@gmail.com>
Message-ID: <20190530160001.oba6qhcwn6q7yyiy@chipsenkbei-mbp.dhcp.thefacebook.com>


Thanks for the info, Tony! I'm trying to make sure I understand the exclamation mark setup as well as still figure out the --limit-card-insert-tries.

>From what I've seen from the `pass` tool, if I'm editing an already-encrypted file, it decrypts the file - producing a copy that I can edit - and then re-encrypts the file. Here's an example from my multiple subkey setup:

    gpg2 -e -r keyid1! -r keyid2! -r keyid3! -o content.gpg --quiet --yes --compress-algo=none --no-encrypt-to --batch --use-agent /path/to/content.txt

Where keyid1, keyid2, etc. are in the long form of 0x0123456789ABCDEF

I added the exclamation mark because when I provided multiple subkeys to the tool originally as it appeared that gpg was selecting the first subkey in my list regardless of which smart card I had inserted (each has a different subkey) without the exclamation mark. This seems to follow gpg trying to figure out the appropriate primary or secondary key to use, I think.

If I didn't insert the smart card of the selected key, gpg would fail saying something along the lines of no secret key available.

To get around this, providing the exclamation mark for all subkeys appeared to force gpg to try each in turn. This worked in that gpg would eventually reach the subkey that I had available through the inserted smart card, prompt me through pinentry to enter the password for the smart card, and then encrypt (or decrypt).

I take it there's no way for gpg to know which subkey on a smart card is available and automatically pick it, right? If not, does me using the exclamation marks impact the --limit-card-insert-tries option? I would have thought that I could have used that option to suppress the "insert card" dialog and only have the dialog of an actively-inserted card appear.

Does the --limit-card-insert-tries option do as I've described? I'm still trying to figure out how/if it works because it seems to have no impact on the prompts I receive regarding inserting a smart card.

Also, based on your first link, would me providing a different user ID be an option I should pursue? Would using an exact match on the email address (given all of the subkeys have the same address) be an option? Would gpg be able to figure out the appropriate subkey that is available in that manner?

On Wed, May 29, 2019 at 01:55:32PM -0400, Tony Lane wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> When encrypting or signing or decrypting with a specific key, if you have a set of keys (say, a master key and 3 encryption subkeys etc), GPG may try to try each key until it finds a match.
> However, you can do something like:
> gpg -u <key-id>!
> to tell GPG to use that specific key. Note the exclamation mark. When using gpg an exclamation mark (!) may be appended to force using the specified primary or secondary key and not to try and calculate which primary or secondary key to use.
>
> You can take a peek at the documentation here for more info: https://www.gnupg.org/documentation/manuals/gnupg/Specify-a-User-ID.html
> There is also a manual here, with more options if it helps: https://gnupg.org/documentation/manpage.html
>
>
> On 5/29/19 10:56 AM, Chip Senkbeil wrote:
> > Hey folks, I'm trying to figure out if
> >
> >     a) the gpg option --limit-card-insert-tries is currently functioning (I'm assuming it is)
> >     b) setting --limit-card-insert-tries=1 does what I expect
> >
> > My current setup is that I have my passwords stored using the pass tool from passwordstore.org. Each password is encrypted as a separate file and the encryption/decryption is handled by one of several of my encryption subkeys.
> >
> > I've made multiple encryption subkeys from a master key after reading around best practices and other tidbits from other GPG users. My subkeys are each individually stored on a separate Yubikey from Yubico.com.
> >
> > The encryption and decryption works great. For my multiple devices, I can have different keys inserted and encrypt/decrypt just like I would if the same master key was on each device. This is by using the `pass` tool initialized with each subkey's 0xid with an ! added to the end.
> >
> > The annoyance comes from the pinentry prompt I'm using with the gpg agent. When needing to refresh the cache, the agent prompts me multiple times to insert my other smart cards before it reaches the smart card that is currently plugged into my device. This happens on both OSX and Fedora using version 2.2.15 of gpg and gpg-agent.
> >
> > I've read about the --limit-card-insert-tries option and that, if specified as 1, the prompt shouldn't appear to insert the card. To my understanding, it should fail and move on to the next subkey silently. Am I reading the option correctly?
> >
> > If I am, I currently have `limit-card-insert-tries 1` within my gpg.conf config, but it isn't having any impact. I can confirm that other settings within my gpg.conf are being read and utilized.
> >
> > I pulled down the latest copy of gpg from git://git.gnupg.org/gnupg.git and tried to follow the path from when the --limit-card-insert-tries is provided, but I'm getting lost with where the setting goes. I'm sure it's used somewhere, but I seem to hit a dead end following the program's usage of the option.
> >
> > Can anyone give me guidance as to what I'm doing wrong? Did I misunderstand the usage of the option? Is there some alternative I could do instead?
> >
> > I love the setup I have, but I'm fairly new to gpg and smart cards; so, not sure if I've made some mistake along the way.
> >
> > _______________________________________________
> > Gnupg-users mailing list
> > Gnupg-users at gnupg.org
> > http://lists.gnupg.org/mailman/listinfo/gnupg-users
> >
> -----BEGIN PGP SIGNATURE-----
>
> iLkEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXO7HkwAKCRDo8fj9gx4T
> 09NuAgkBlT+FUIQ8k6a18fmrFfi7dRcRDOm4yv3unMtVwfp/bMe0mszMeaGDV2hN
> CQgiiGCLNhmEsLLUITvK28mL4zlLHssCCQFR2gIqWKdOZauXO0gtJeVTkLtk4DgW
> hcNLKSP6cBn42hgp/tZGKfQWvN6ZbvQaly4fWkgeF/s2zONCzDxS+fJ5Ug==
> =hC3D
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users


From sac at 300baud.de  Thu May 30 21:53:00 2019
From: sac at 300baud.de (Stefan Claas)
Date: Thu, 30 May 2019 21:53:00 +0200
Subject: ProtonMail and Anonymity
In-Reply-To: <20190509164330.366c1702.sac@300baud.de>
References: <20190505121014.06cab2fe@pitti.ddsn.net>
 <93fb66be-7e4a-9c17-a3c4-ee370656f240@gmail.com>
 <20190505193602.41827424.sac@300baud.de>
 <dbb78879-9e1a-e010-4183-11e1ef770338@runbox.com>
 <9d8eb962c72e9b90a4dea34d3d2035b6c5eae89e.camel@gentoo.org>
 <f79e3914-c6ff-04d1-45d1-01f5284e2c69@runbox.com>
 <20190506161546.0e40e685.sac@300baud.de>
 <8AA55BBC-C65F-4C8B-B855-2897412F909B@cwrichardson.com>
 <cdad1b3d-879b-3efc-725c-b6e8f27cf4bf@riseup.net>
 <9f99f32f-2455-18b0-9373-eebb1f444839@gmail.com>
 <20190509164330.366c1702.sac@300baud.de>
Message-ID: <99266d22-becd-eb3e-d557-94fbb32b4edc@300baud.de>

Am 09.05.2019 um 16:44 schrieb Stefan Claas:


 > implement for future generations of GnuPG users message padding

 > and and stealth mode, we had in PGP, back in the mid 90's, so

 > that procmail and Co. have it more difficult to filter PGP messages.

Maybe an interesting read.

https://web.archive.org/web/20130513043502/http://finney.org/~hal/stealth_pgp.html

Regards

Stefan



From codeguro at gmail.com  Thu May 30 23:46:55 2019
From: codeguro at gmail.com (Tony Lane)
Date: Thu, 30 May 2019 17:46:55 -0400
Subject: Is limit-card-insert-tries a working option?
In-Reply-To: <20190530160001.oba6qhcwn6q7yyiy@chipsenkbei-mbp.dhcp.thefacebook.com>
References: <20190529145631.5pgrqhdxdm5u3zlt@chipsenkbei-mbp>
 <a1e51e4f-b664-50ed-f3de-630737e00853@gmail.com>
 <20190530160001.oba6qhcwn6q7yyiy@chipsenkbei-mbp.dhcp.thefacebook.com>
Message-ID: <053ff3cb-d1d8-cb8f-e27a-bd98fd73bd75@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

I don't know much about this 'pass' tool so I can't give you much advice for that.
But more importantly, your setup seems a little... odd. If I'm understanding this correctly, you have *multiple* smartcards with (what I presume are your) unique identities on each of them but registered to the same email address? I'm not sure if I understand your exact setup, but if I have it right, I don't think this is optimal.

You should have your cert-only (master key) private key stored away somewhere offline registered to your email address.
Under this cert-key, you'd have at least 2 subkeys signed by it... an encryption subkey and signing subkey. You can have more than one of these and you can specify which one to use with: gpg -u <key-id>! for signing or: gpg -e -r <key-id>! for encrypting. Note that with encrypting however, you typically use *other* people's key ids to encrypt to. Well, you could add yourself as the recipient so you could decrypt it as well.

And yes, you can use an email address and GPG will be smart enough to pick and choose which key to use. You typically don't explicitly specify key-id! for signing unless you have multiple signing subkeys and need to use a specific one, and likewise don't typically use key-id! for encrypting unless your recipients have multiple encrypting subkeys and they request you to use a specific one (perhaps they have a subkey for work-related stuff and another for at home?).
In any case you should have only one cert key and all of your subkeys stem from that.

> From what I've seen from the `pass` tool, if I'm editing an already-encrypted file, it decrypts the file - producing a copy that I can edit - and then re-encrypts the file. Here's an example from my multiple subkey setup:

>     gpg2 -e -r keyid1! -r keyid2! -r keyid3! -o content.gpg --quiet --yes --compress-algo=none --no-encrypt-to --batch --use-agent /path/to/content.txt

> Where keyid1, keyid2, etc. are in the long form of 0x0123456789ABCDEF

If you're getting prompted for a passphrase multiple times for this, I think what may be happening is that a subset of your recipients' public keys are partitioned across the two smart cards. You should just have the public keys all in one card. Public encryption keys can be freely exchanged and shared without risk. 
-----BEGIN PGP SIGNATURE-----

iLgEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXPBPTwAKCRDo8fj9gx4T
05lFAgd0xQc+OhmAAHCoHC1G4kEQcuelrECubAC0uxjclZZGFWmZ6iKXeoexke0f
hI7NdsW0HjCl+J05J66HH/hxFxesjwIJAfyBZWlHkEMKlTnIMkBHtCDzYyyQLH/m
pQ0cRp6FT/eO25jq9/sNL/qzWWpR9+4PZB1xKgA6DEBrEW4I+YjOC9+o
=ZTAw
-----END PGP SIGNATURE-----


From wk at gnupg.org  Fri May 31 10:26:22 2019
From: wk at gnupg.org (Werner Koch)
Date: Fri, 31 May 2019 10:26:22 +0200
Subject: Conflict Due to Multiple Instances of Smart Card Daemon
In-Reply-To: <XNgSu4rGE9SHgChiYfcBbrEE9H1NkO4OT6rqXTa9wWOXB_UeCzJ2PHXgp4ZFEGBQg8Ds6jtdiZeZ3wPJzQ63zC-7A3q-irriNbL6anDQxjU=@protonmail.com>
 (muredanta via Gnupg-users's message of "Sun, 26 May 2019 22:11:43
 +0000")
References: <XNgSu4rGE9SHgChiYfcBbrEE9H1NkO4OT6rqXTa9wWOXB_UeCzJ2PHXgp4ZFEGBQg8Ds6jtdiZeZ3wPJzQ63zC-7A3q-irriNbL6anDQxjU=@protonmail.com>
Message-ID: <87woi7xc5t.fsf@wheatstone.g10code.de>

On Sun, 26 May 2019 22:11, gnupg-users at gnupg.org said:

> the new design you're working on. By the way, could you describe that
> in more detail? What new capabilities will it offer (or what new

gpg-card supports all smartcards which are supported by scdaemon and not
just the OpenPGP card.  It has a unified interface and can be used like
a regular Unix command line tool.  I attach the current man page in case
you are interested.

However, "gpg --card-edit" and "gpg-card" are both frontends to scdaemon
which provide a nicer interface to the IPC (gpg-connect-agent) interface
of scdaemon.  When I implemented card support in gpa(1) I decided to
take the direct approach without using one of the frontends.  GPGME as
an API to work direcly at the IPC level (gpgme_op_assuan_transact_ext);
I don't know much about the Puton wrapper for that, though.

In case you want to checkout how gpa does it, read cardman.c and the
various cm-*.c files.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: gpg-card.1
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190531/ad248fea/attachment.ksh>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190531/ad248fea/attachment.sig>

From stanermetin at gmail.com  Fri May 31 10:01:55 2019
From: stanermetin at gmail.com (Tan)
Date: Fri, 31 May 2019 10:01:55 +0200
Subject: Android compat
Message-ID: <CAGdqjjEPp+A11=dRanN4r=Y1GSH5p6vX+bHZQSpMD2pjkWXMpw@mail.gmail.com>

Hello all,

I am newbie to Android native development and want to benefit Gcrypt in
application. Has anyone recently compiled libgcrypt for Android recently. I
saw few commands and flags on regarding the toolchain but was not really
clear to me. Could anyone point me a right direction or share his/her
experience?

BW,
Taner
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190531/afa3bd8c/attachment-0001.html>

From oub at mat.ucm.es  Fri May 31 15:59:43 2019
From: oub at mat.ucm.es (Uwe Brauer)
Date: Fri, 31 May 2019 15:59:43 +0200
Subject: missing root certificate, SMIME spanish government
Message-ID: <87v9xqsp0w.fsf@mat.ucm.es>


Hi 

I am not sure that my email arrived via gmane.

I received an smime signed email from a colleague. It contains a public
key from 
https://www.sede.fnmt.gob.es/descargas/certificados-raiz-de-la-fnmt

Basically the Spanish government.

I installed all its root certificates in 

 /usr/share/ca-certificates/Spain

And run 

sudo dpkg-reconfigure ca-certificates

However when I run 
gpgsm --encrypt -r 0xC575B0D4 test.txt  

I obtain 

pgsm: issuer certificate {B1D44FC42379FA440509C6EB39CFE835B0B82064} not found using authorityKeyIdentifier
gpgsm: looking up issuer from the Dirmngr cache
gpgsm: DBG: chan_5 -> LOOKUP --cache-only #/CN=AC%20FNMT%20Usuarios,OU=Ceres,O=FNMT-RCM,C=ES
gpgsm: DBG: chan_5 <- ERR 167772187 Not found <Dirmngr>
gpgsm: number of matching certificates: 0
gpgsm: dirmngr cache-only key lookup failed: Not found
gpgsm: looking up issuer at external location
gpgsm: DBG: chan_5 -> LOOKUP /CN=AC%20FNMT%20Usuarios,OU=Ceres,O=FNMT-RCM,C=ES
gpgsm: DBG: chan_5 <- ERR 167772187 Not found <Dirmngr>
gpgsm: number of issuers matching: 0
gpgsm: external key lookup failed: Not found
gpgsm: issuer certificate not found
gpgsm: issuer certificate: #/CN=AC FNMT Usuarios,OU=Ceres,O=FNMT-RCM,C=ES
gpgsm: validation model used: shell
gpgsm: can't encrypt to '0xC575B0D4': Missing issuer certificate
secmem usage: 0/16384 bytes in 0 blocks

BTW encryption with that public key works in Thunderbird, and I looked
up its root certificate, I can't see anything I don't have


I start to be desperate, what do I miss?

Thanks 

Uwe Brauer 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5025 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190531/a536a6e8/attachment.bin>

From rjh at sixdemonbag.org  Fri May 31 17:58:48 2019
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Fri, 31 May 2019 11:58:48 -0400
Subject: Encryption Algorithm for GnuPG?
In-Reply-To: <2849561439a8a908889eaa2f3f7a5e5f@smtp.hushmail.com>
References: <2849561439a8a908889eaa2f3f7a5e5f@smtp.hushmail.com>
Message-ID: <8b66ae97-1117-8ead-3aea-4778b6706aa7@sixdemonbag.org>

> What is the encryption engine for the current GnuPG.

By default, AES.  Other algorithms are possible but not recommended.
The only other algorithms I'd recommend are Twofish and Camellia.

> I know IDEA is proprietary so that can?t be used

It can be used.  You'd be insane to actually use it, but that doesn't
change the fact it can be used.

IDEA was broken in 2011-2012 using meet-in-the-middle attacks and a
bicliques attack.  These aren't attacks on reduced-round variants of
IDEA.  This is the full-strength algorithm has been found vulnerable to
at least two different methods of cryptanalysis.  Right now those
attacks aren't terribly significant -- they shave a few bits off the
strength of the cipher -- but those attacks will only get better over time.

I'm unaware of any cryptographer who's still seriously studying IDEA.
It's considered to have taken a hit below the waterline.  Please do not
use IDEA for generating new traffic.  Please only use IDEA to read
existing traffic.

> If it?s NIST AES that is under the US Government?

No.  It's a Belgian-designed algorithm with no connection to the United
States government.  This algorithm, called "Rijndael", works with a
variety of block sizes and key sizes.

All the United States government did was say "Rijndael with a 128-bit
block size will be our new Advanced Encryption Standard, and AES will
support key sizes of 128, 192, and 256 bits."

That's it.

> Wouldn?t that be in danger of a US back door in the algorithm?

No.  An excellent reason to believe there is no back door comes from the
fact the United States government uses AES to secure its most
confidential information -- it's one of the few algorithms that's
certified for use at the Top Secret level.


From chip.senkbeil at gmail.com  Fri May 31 19:53:06 2019
From: chip.senkbeil at gmail.com (Chip Senkbeil)
Date: Fri, 31 May 2019 12:53:06 -0500
Subject: Is limit-card-insert-tries a working option?
In-Reply-To: <053ff3cb-d1d8-cb8f-e27a-bd98fd73bd75@gmail.com>
References: <20190529145631.5pgrqhdxdm5u3zlt@chipsenkbei-mbp>
 <a1e51e4f-b664-50ed-f3de-630737e00853@gmail.com>
 <20190530160001.oba6qhcwn6q7yyiy@chipsenkbei-mbp.dhcp.thefacebook.com>
 <053ff3cb-d1d8-cb8f-e27a-bd98fd73bd75@gmail.com>
Message-ID: <20190531175306.fc26nqqyjhzomnqj@chipsenkbei-mbp.dhcp.thefacebook.com>

Maybe my setup is like you described? I thought it was a reasonable setup, but being a gpg beginner, I'll take any advice I can get!

I've got a master key that I've used to create subkeys for encryption, signing, and authentication. Here's my current setup below:

--------------------------------------
sec   rsa4096/0x6CA6A08DBA640677 2019-03-01 [SC]
      2C8160E6AF1166154CDAED266CA6A08DBA640677
uid                   [ultimate] Chip Senkbeil (My mail & pass key) <chip at senkbeil.org>
ssb>  rsa4096/0x588B4B090695884C 2019-03-01 [E]
ssb>  rsa4096/0x8A6B3DB2C23EB74B 2019-05-08 [E]
ssb>  rsa4096/0x95B67753BA414327 2019-05-08 [E]
ssb>  rsa4096/0x231C4CB425985243 2019-05-28 [S] [expires: 2024-05-26]
ssb>  rsa4096/0x1F3D585E398D11B1 2019-05-28 [S] [expires: 2024-05-26]
ssb>  rsa4096/0x5487424ABA6BDDDB 2019-05-28 [S] [expires: 2024-05-26]
ssb>  rsa4096/0x68F5987A509841B2 2019-05-28 [A] [expires: 2024-05-26]
ssb>  rsa4096/0x70B8AA34DA9D2413 2019-05-28 [A] [expires: 2024-05-26]
ssb>  rsa4096/0xDD69ABE5B8BCF75C 2019-05-28 [A] [expires: 2024-05-26]
--------------------------------------

I've moved one encryption, signing, and authentication subkey to each of my three smart cards from Yubico. I'd deleted the master key from my laptop after that, but added it back from a backup to create the signing and authentication subkeys. I'll be deleting it again shortly.

>From what I can tell from the pass tool, it marks your own keys as recipients so you can decrypt the passwords you encrypt (to inject elsewhere).

Putting that aside for a moment, I dug through the gnupg codebase a little more and I think the functionality for --limit-card-insert-tries was removed in some update. The CLI option is still there, but the logic that was previously specified in cardglue.c is gone (as is that file itself).

It looks like the last commit I can see that had the functionality in master was from tag gnupg-1.4.5 (commit 21de807d1a170d44dabcb34f37ce90504e303b81), located in g10/cardglue.c

    rc = app_select_openpgp (app);
    if (opt.limit_card_insert_tries
        && ++retry_count >= opt.limit_card_insert_tries)
        ;
    else if (rc && !opt.batch)

The cardglue.c file was removed (presumably refactored?) in the next commit 8c219602515ae1dba5bc0da31077852dab61809e, which seems to be a large update labeled, "Moved 1.9 branch to trunk". I'm guessing development happened separately from the master branch and was merged in several versions later.

I'm assuming the logic could be added back in at agent/divert-scd.c in the main loop of the ask_for_card function.

Should I move over the limit-card-insert-tries functionality discussion to gnupg-devel?

On Thu, May 30, 2019 at 05:46:55PM -0400, Tony Lane wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> I don't know much about this 'pass' tool so I can't give you much advice for that.
> But more importantly, your setup seems a little... odd. If I'm understanding this correctly, you have *multiple* smartcards with (what I presume are your) unique identities on each of them but registered to the same email address? I'm not sure if I understand your exact setup, but if I have it right, I don't think this is optimal.
>
> You should have your cert-only (master key) private key stored away somewhere offline registered to your email address.
> Under this cert-key, you'd have at least 2 subkeys signed by it... an encryption subkey and signing subkey. You can have more than one of these and you can specify which one to use with: gpg -u <key-id>! for signing or: gpg -e -r <key-id>! for encrypting. Note that with encrypting however, you typically use *other* people's key ids to encrypt to. Well, you could add yourself as the recipient so you could decrypt it as well.
>
> And yes, you can use an email address and GPG will be smart enough to pick and choose which key to use. You typically don't explicitly specify key-id! for signing unless you have multiple signing subkeys and need to use a specific one, and likewise don't typically use key-id! for encrypting unless your recipients have multiple encrypting subkeys and they request you to use a specific one (perhaps they have a subkey for work-related stuff and another for at home?).
> In any case you should have only one cert key and all of your subkeys stem from that.
>
> > From what I've seen from the `pass` tool, if I'm editing an already-encrypted file, it decrypts the file - producing a copy that I can edit - and then re-encrypts the file. Here's an example from my multiple subkey setup:
>
> >     gpg2 -e -r keyid1! -r keyid2! -r keyid3! -o content.gpg --quiet --yes --compress-algo=none --no-encrypt-to --batch --use-agent /path/to/content.txt
>
> > Where keyid1, keyid2, etc. are in the long form of 0x0123456789ABCDEF
>
> If you're getting prompted for a passphrase multiple times for this, I think what may be happening is that a subset of your recipients' public keys are partitioned across the two smart cards. You should just have the public keys all in one card. Public encryption keys can be freely exchanged and shared without risk.
> -----BEGIN PGP SIGNATURE-----
>
> iLgEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXPBPTwAKCRDo8fj9gx4T
> 05lFAgd0xQc+OhmAAHCoHC1G4kEQcuelrECubAC0uxjclZZGFWmZ6iKXeoexke0f
> hI7NdsW0HjCl+J05J66HH/hxFxesjwIJAfyBZWlHkEMKlTnIMkBHtCDzYyyQLH/m
> pQ0cRp6FT/eO25jq9/sNL/qzWWpR9+4PZB1xKgA6DEBrEW4I+YjOC9+o
> =ZTAw
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users