From gw_goldwing@gwstrong.com Mon Apr 1 01:03:01 2002 From: gw_goldwing@gwstrong.com (Greg Strong) Date: Mon Apr 1 00:03:01 2002 Subject: Restrictions / Commercial Use? In-Reply-To: <20020331202153.GH12169@akamai.com> References: <20020331202153.GH12169@akamai.com> Message-ID: In article <20020331202153.GH12169@akamai.com>, David Shaw wrote: > This is correct. Use it commercially, use it non-commercially, use it > for whatever you like. Have fun. I don't know about fun. Interesting is more like it. I just want to make sure I'm in compliance on use. > However, if you want to use the IDEA cipher then the situation changes > a little. The IDEA cipher is patented by a Swiss company called Ascom > Systec Ltd. They require a licence for commercial use. > > GnuPG does not come with IDEA, despite what people may have added to > their own copies of the distribution. You don't even need IDEA unless > you are trying to communicate with a user who uses certain versions of > PGP 2. Since the current version of PGP is 7, it's been a few years > since PGP 2... >From what I gather it depends on how the developer packages the frontend. I just need to read. I want to thank both David and Ingo for their quick replies. Regards, Greg Strong Email: gw_goldwing@gwstrong.com Sun, 31 Mar 2002 15:51 CST From gw_goldwing@gwstrong.com Mon Apr 1 01:03:03 2002 From: gw_goldwing@gwstrong.com (Greg Strong) Date: Mon Apr 1 00:03:03 2002 Subject: Restrictions / Commercial Use? In-Reply-To: <200203312225.32188@erwin.ingo-kloecker.de> References: <200203312225.32188@erwin.ingo-kloecker.de> Message-ID: In article <200203312225.32188@erwin.ingo-kloecker.de>, Ingo Klöcker wrote: > Short answer: No. > > But... Some binary GnuPG packages for Windows include the non-free IDEA > plugin. These packages must not be used in a commercial environment. > > So, if you want to use GnuPG for commercial use you must install a > binary GnuPG package which does not include the IDEA plugin. > > Hope this helps. Most definitely helps. I just have to read. Thanks for the info. BTW since I've joined this group I keep getting an email from "Daniel Siegers" every time I check this mail list. The email has no body. It looks like something either has gone wrong somewhere on the email list program, or who ever is responsible is trying to irritate me. If it is the former rather than the later, anybody I can notify to correct. Thanks again! Regards, Greg Strong Email: gw_goldwing@gwstrong.com Sun, 31 Mar 2002 15:55 CST From ingo.kloecker@epost.de Mon Apr 1 01:31:01 2002 From: ingo.kloecker@epost.de (Ingo =?iso-8859-1?q?Kl=F6cker?=) Date: Mon Apr 1 00:31:01 2002 Subject: Restrictions / Commercial Use? In-Reply-To: References: <200203312225.32188@erwin.ingo-kloecker.de> Message-ID: <200204010024.25378@erwin.ingo-kloecker.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Monday 01 April 2002 00:01, Greg Strong wrote: > BTW since I've joined this group I keep getting an email from "Daniel > Siegers" every time I check this mail > list. The email has no body. It looks like something either has > gone wrong somewhere on the email list program, or who ever is > responsible is trying to irritate me. If it is the former rather > than the later, anybody I can notify to correct. I also get those annoying messages. Maybe this is a vacation=20 notification. Werner, assuming that you are the list admin, could you please remove=20 Daniel Siegers' subscription (if he is subscribed). Thanks! Regards, Ingo -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8p4yYGnR+RTDgudgRAu0XAJ98WPIEoL2rbiO3vgCt/Tv4SSbXEACdHebL yb70u2v4lpjDAf0x9C8cDas=3D =3Dyj00 -----END PGP SIGNATURE----- From gw_goldwing@gwstrong.com Mon Apr 1 02:21:01 2002 From: gw_goldwing@gwstrong.com (Greg Strong) Date: Mon Apr 1 01:21:01 2002 Subject: Restrictions / Commercial Use? In-Reply-To: <200204010024.25378@erwin.ingo-kloecker.de> References: <200203312225.32188@erwin.ingo-kloecker.de> <200204010024.25378@erwin.ingo-kloecker.de> Message-ID: In article <200204010024.25378@erwin.ingo-kloecker.de>, Ingo Klöcker wrote: > I also get those annoying messages. Maybe this is a vacation > notification. > > Werner, assuming that you are the list admin, could you please remove > Daniel Siegers' subscription (if he is subscribed). Thanks! I'm glad to here that I'm not the only one receiving it. I was starting to suspect either my email program, VA, had gone wrong somewhere, or someone had gotten the better of my system. Regards, Greg Strong Email: gw_goldwing@gwstrong.com Sun, 31 Mar 2002 17:16 CST From justinrt@bellsouth.net Mon Apr 1 05:07:01 2002 From: justinrt@bellsouth.net (Justin Troutman) Date: Mon Apr 1 04:07:01 2002 Subject: Install GnuPG on Win98? Use GPA? References: <005801c1d89b$bbea27a0$3c709d42@sardine> Message-ID: <001a01c1d921$8527a2c0$ae729d42@sardine> -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 On Sun, 31 Mar 2002 13:10 CST, Greg Strong wrote: > If the package you are referring to is at http://www.winpt.org/download.html, > then I don't believe GPA is bundled. From reading the documentation only > WinPT & GnuPG. The site now has documentation in English, so no translation > required. Actually, the package I was referring to can be found at: http://translate.google.com/translate?hl=en&sl=de&u=http://www.gnupp.de/down load.html&pre Last time, I gave the URL for the GnuPP home page, but this link will display the download page, with the bundled GnuPG 1.0.6/GPA 0.5/WinPT 0.5.7 package. Happy 'crypting, -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (MingW32) - GPGOE Plug-in 0.2.2 Comment: GnuPG - Simple. Robust. Open source. Enough said. http://www.gnupg.org | http://www.gnupp.org iD8DBQE8p8AZnMjKhGLOEDYRA3QJAJ9lXqyEbOhSi8XFPlXNFQ06RKfEugCcCso1 sRqfCzQ6oTUg5qVHbfruLpM= =SrW2 -----END PGP SIGNATURE----- From gw_goldwing@gwstrong.com Mon Apr 1 05:26:01 2002 From: gw_goldwing@gwstrong.com (Greg Strong) Date: Mon Apr 1 04:26:01 2002 Subject: Install GnuPG on Win98? Use GPA? In-Reply-To: <001a01c1d921$8527a2c0$ae729d42@sardine> References: <005801c1d89b$bbea27a0$3c709d42@sardine> <001a01c1d921$8527a2c0$ae729d42@sardine> Message-ID: In article <001a01c1d921$8527a2c0$ae729d42@sardine>, Justin Troutman wrote: > Last time, I gave the URL for the GnuPP home page, but this link will > display the download page, with the bundled GnuPG 1.0.6/GPA 0.5/WinPT > 0.5.7 package. Thanks! Greg Strong Email: gw_goldwing@gwstrong.com Sun, 31 Mar 2002 20:16 CST From gw_goldwing@gwstrong.com Mon Apr 1 10:57:02 2002 From: gw_goldwing@gwstrong.com (Greg Strong) Date: Mon Apr 1 09:57:02 2002 Subject: Install GnuPG on Win98? Use GPA? In-Reply-To: <4347395012.20020331111017@telus.net> References: <19440282497.20020331091146@telus.net> <4347395012.20020331111017@telus.net> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In article <4347395012.20020331111017@telus.net>, Nick Andriash wrote: > None of the Win32 GUI's for GnuPG are Client dependant... that is the > beauty of using them. ;o) Well I've got the first part figured out. Now I just have to get the rest figured out. I can see reading the manual on GnuPG again, but I still need to be more proficient with GPGShell. Knowing the concepts and applying the concepts with a new UI is a different game. It will be interesting to see where I go from here. - From my experience the general public doesn't know much about encryption, but I think they would be well served if they did. Regards, Greg Strong Email: gw_goldwing@gwstrong.com Mon, 01 Apr 2002 01:45 CST -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6-2 (MingW32) - GPGshell v2.27 Comment: For info see http://www.gnupg.org iD8DBQE8qBHXKOQ6jYjO/zYRAv9qAKCpfDJ3GjZH05MOtGhvhNxdZ0lB7ACgrtuW 2dIYY4kgDnn6zRy3Cfwmr9M= =yr0a -----END PGP SIGNATURE----- From bart.martens@advalvas.be Mon Apr 1 11:34:02 2002 From: bart.martens@advalvas.be (Bart Martens) Date: Mon Apr 1 10:34:02 2002 Subject: Restrictions / Commercial Use? In-Reply-To: ; from gw_goldwing@gwstrong.com on Sun, Mar 31, 2002 at 04:01:43PM -0600 References: <200203312225.32188@erwin.ingo-kloecker.de> Message-ID: <20020401104813.A9661@cable-195-162-214-247.upc.chello.be> On Sun, Mar 31, 2002 at 04:01:43PM -0600, Greg Strong wrote: > In article <200203312225.32188@erwin.ingo-kloecker.de>, Ingo Kl=F6cker = > wrote: > > Short answer: No. > > = > > But... Some binary GnuPG packages for Windows include the non-free ID= EA = > > plugin. These packages must not be used in a commercial environment. > > = > > So, if you want to use GnuPG for commercial use you must install a = > > binary GnuPG package which does not include the IDEA plugin. > > = > > Hope this helps. > = > Most definitely helps. I just have to read. Thanks for the info. > = > BTW since I've joined this group I keep getting an email from "Daniel = > Siegers" every time I check this mail = > list. The email has no body. It looks like something either has gone = > wrong somewhere on the email list program, or who ever is responsible i= s = > trying to irritate me. If it is the former rather than the later, anyb= ody = > I can notify to correct. I also got mails with an empty body. From sales@a2zuniforms.com Mon Apr 1 16:47:02 2002 From: sales@a2zuniforms.com (A2ZUniforms.com) Date: Mon Apr 1 15:47:02 2002 Subject: Decrypting an entire CSV file Message-ID: <001201c1d983$55f669c0$0100a8c0@A2ZMAIN> This is a multi-part message in MIME format. --Boundary_(ID_8ytwJ3HbC55/7xGLY7pM3Q) Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT Hey guys. I'm new to the list and I think I will finally find the answer to my question here. Our shopping cart encrypts our order log file (filename.csv) (pipe delimited) and adds to the file each time a new order is placed. Up until now we have downloaded the encrypted file, opened it in Wordpad, using PGP Tray select CURRENT WINDOW > DECRYPT AND VERIFY. This will allow us to copy the decrypted info entire file and past it to a new window. If we were to simply try and decrypt the file without going through the process just described, it would decrypt the file and create a bunch of individual "decrypted" files with goofy names and no extensions. We just created a script to log into the webserver, download the CSV files and then run a BAT file to decrypt the file we just downloaded. But when using the command line to decrypt the file the only thing we end up with is the last record added to the encrypted CSV file. The file is decrypted on a Win XP machine. Can anybody tell me the command line we should use to 1) decrypt the file 2) keep the entire contents of the file 3) keep the same file name after it is decrypted A sample of the encrypted info is shown below. If there are 50 orders , then there would be 50 sections (if that is what you call them) Thanks, Tim Durham -----BEGIN PGP MESSAGE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org hQIOA8gNDLAgh8LpEAgA41i6fpZYfVw4SxFiUPFAak47GV6jcBuGCWyAGKMcC4Yd 7WWaR4KnOcMtoE0DsIoQcgBrBV0/Fi4+t1B77JBwDNmyAAa7fyys9K5iSBjBqEFk jlslKUUBmD+XXQ0E9JGpdHeV8npnJOkvHYLDdWjYr22lLMee0OAeDRn401FkxcvW iyCG9y0xWUROhWpe1UNmW6siLRbM9oM7ahdvjWg+73LcmIhwkkeHUnGasKNQj8Tc QpVpU4Jx2HkQPYtcX48SXhVZ04wQC2+UwMMR+xtti0EbOlprV1w6+p6WlIVnbAVR 2JeLKO3QdCngi3J3vN5WbWV8Nqa0L944mtn8yREAwgf/WIzBuZRCyU/tUsb4Hkqi ml1AUjWdMfL2IiBBxeyqY5dgRdAlWYay1VhfsMlc5W/RFQPE9Of1LrWrEfEmCdz0 Pj12dohN4Fhkdm+U4U7DR66EKXQoOY5/OQgODmsH7tOWx4l1+X66A3oCgtojel7u v0ODCbxhcKxrmqLx76MlcotSEV9qqOHDMjKH9BJoYMpWM+VlZAs3Ozm4Tfo4K49p W/9BjBNCN3UwK12+IXZ1wluHiOLyaC3VvusuiG5IJQW3ffBRgWQga38p0KUmnTz9 isN/cm/GXo26VyoINqjRyXZ9mMDAlsURSp2yk+Rwe7LUuYBTniGyAzMGeziYsSAp fcnA6vncOZb5Q73lrMg0ODbWYCMHJijsHQmP4nVDgB53qQjitFcCgUChmMyhOaOQ /3QpPBN8MMSRr5uU6rMcGVbgM2Rc818VamftX1BX3K/U4zwoJqVPAI/1l3SZWk2b v0rLGQXEtCJA6Q8lii0X+UsYXojlZJEk01Zju1fVY+l+EciwAfyRCEwxDxqKT4Uo Pc68VGI/EJH99nk6yVMCQs2ryW3slJziMq2Oq2e6IA10OhbZF7no1pQQhywEX4GR 0BiHTJvh07gGCnGEDIOHYWCjDHA1qUBIofQMo1BQrKzk7ZDKN4esN9Wih2LgZA3l yUI9SMFw6jxypkNJ59LFx+HGx+r63TcBHRPqWeO5D+NtsgIG7PpYSXwdOhENg7St +Bc7QpFXcQLx0ufBh6Eq2ky4octcMyiPjADSDn/7cfNx2xyAyOtwEzkK6g8H9agz y5jPKSqHrPhpYp+eRidJHeEEeZjWyPHvHM/dKcFRL04LeFs6nwiGm/snUtqnU0jn WacTApK4L4vz3ZtvB3as0Qtr9kNtV7C8krH/Q4n3Z8WoMCcQnGwGZQe9Sg6v0w== =o6Qi -----END PGP MESSAGE----- -----BEGIN PGP MESSAGE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org hQIOA8gNDLAgh8LpEAgAg9qlAHJAIM2T7elNspEZ5tDTOG/kjMMn7e5aHmsqHujt vPXf4Jwa51aCb+N5ymMBnhWhK6nzFd+GgMs9LWYpfZVouU0GzSkdQ9iXcX9AHkQU ROSrroACd1kFDKB+E2sa2klEAREgU46v0yjMf4lWzz0VoGv+ql0HWOLBGYcrMCJl /fItLhdehkoUovtIf6fAiEVSCIUySsteCH1lZjWkUVXuDm3AH8i0jEil3m2K63J7 lT17uJCXKBcgsQTn/AKW6zvm952WuvbIGEwoK9E02xtdmg2yWeWmS0jUggDLghnn 7CYT5KRi8KChPNlJ1O4ZHSnr9jhvX/WJleXpoW0UrggA4TtKybQwIxIMeu1/Oeud L00xREzmQF2bDVF00x1zF4KLKbKZEv/w41Vl/Oy2CY0zxxk8PX4jHPo8oLZJX6+4 AJHK+FxtISorXKfNVavRqFnL7ELtEruZNn0O6LYvtplA7U3COlnBIMjX2VyaYBSJ 8hpxtn7IIsQOsE9SDlFwCTbpW8RQPQlPeGFRta1mKHj6eU1NS8ybxTPG977+jTt7 oMolBowSJ2PjN147N/h7UDaMt4xSdyUH+Z40jvmoM1GkMhL4FCvcEVr/RcJy1SqA /owidEkm2pNmXwhNvcpbVyeF8PGN4u+ZDQoUnTXj39QRNqYq4A+AM8y6FTU7EYFS b8np0bKMlSkFFjtwzuWn7AoGg0D8+qQ23eApaN1SzvkAh7sDdy02sdommGUT82jo u7vSbpTYrdHLJvBFc5A7Xr9S5m5hvHFpi0udszKDFl+pJ0CxWw4fdUk50LNCSN6w LoEaDIi8MzO8c4s8lGf9RwUqKjNOXIykB3Vj+bJ5/eSgz1qnl25LHMEe9Kr4ZNlP EJ5maqt1+9NTZhblLOA3QAMNd9WkxQbxljMV+qREScvbfvOhlhzOaBNpXVbNmNcC namw3SIyHgYaf/7FRLDZcHYkNhGoZZzGpH+DRkHOuLNvlJkwgSaF9ugU0+ye2+ID hqfksPFdRC8iMUQaTfDcNsucRoDPMshm7aa6qr6lSRaezV6T7r6zxlC7e/ryFYTd cvVP/YtqHax/SbOvOUTUHBpBXi+4gyQNFdgr+R5RcOo+jKJqDj4wUxRIz9LE1LU4 D9MuBqg0B6+LlC+CmMbmnFkoRHTvW/tYT0HMP2hk3+VJtK4o9lqKDf3CbTTalA/e kFhCG3I7YhXJjNZua9HaqnxqbdDbHf5XpQh2anLhk8QW69f0JMPFPTme4uUED2vz 3LindPWbHHfg2NwEqX6JgTHWjh4HpmUaQMinOMAHT7NZfPKoUnDpro86R8mDgkUK emZM+K1ccuDGKJhEiYIdzhqmuUSRzPABgDGLTYQdlQOcugUVoJitrwYWtefCfjnq j0tHTRTnHasC =jXuV -----END PGP MESSAGE----- --Boundary_(ID_8ytwJ3HbC55/7xGLY7pM3Q) Content-type: text/html; charset=iso-8859-1 Content-transfer-encoding: 7BIT
Hey guys.  I'm new to the list and I think I will finally find the answer to my question here.  Our shopping cart encrypts our order log file (filename.csv) (pipe delimited) and adds to the file each time a new order is placed.  Up until now we have downloaded the encrypted file, opened it in Wordpad, using PGP Tray select CURRENT WINDOW > DECRYPT AND VERIFY.  This will allow us to copy the decrypted info entire file and past it to a new window.  If we were to simply try and decrypt the file without going through the process just described, it would decrypt the file and create a bunch of individual "decrypted" files with goofy names and no extensions.
 
We just created a script to log into the webserver, download the CSV files and then run a BAT file to decrypt the file we just downloaded.  But when using the command line to decrypt the file the only thing we end up with is the last record added to the encrypted CSV file.  The file is decrypted on a Win XP machine.  Can anybody tell me the command line we should use to
 
1) decrypt the file
2) keep the entire contents of the file
3) keep the same file name after it is decrypted
 
A sample of the encrypted info is shown below.  If there are 50 orders , then there would be 50 sections (if that is what you call them)
 
Thanks,
 
Tim Durham
 
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
hQIOA8gNDLAgh8LpEAgA41i6fpZYfVw4SxFiUPFAak47GV6jcBuGCWyAGKMcC4Yd
7WWaR4KnOcMtoE0DsIoQcgBrBV0/Fi4+t1B77JBwDNmyAAa7fyys9K5iSBjBqEFk
jlslKUUBmD+XXQ0E9JGpdHeV8npnJOkvHYLDdWjYr22lLMee0OAeDRn401FkxcvW
iyCG9y0xWUROhWpe1UNmW6siLRbM9oM7ahdvjWg+73LcmIhwkkeHUnGasKNQj8Tc
QpVpU4Jx2HkQPYtcX48SXhVZ04wQC2+UwMMR+xtti0EbOlprV1w6+p6WlIVnbAVR
2JeLKO3QdCngi3J3vN5WbWV8Nqa0L944mtn8yREAwgf/WIzBuZRCyU/tUsb4Hkqi
ml1AUjWdMfL2IiBBxeyqY5dgRdAlWYay1VhfsMlc5W/RFQPE9Of1LrWrEfEmCdz0
Pj12dohN4Fhkdm+U4U7DR66EKXQoOY5/OQgODmsH7tOWx4l1+X66A3oCgtojel7u
v0ODCbxhcKxrmqLx76MlcotSEV9qqOHDMjKH9BJoYMpWM+VlZAs3Ozm4Tfo4K49p
W/9BjBNCN3UwK12+IXZ1wluHiOLyaC3VvusuiG5IJQW3ffBRgWQga38p0KUmnTz9
isN/cm/GXo26VyoINqjRyXZ9mMDAlsURSp2yk+Rwe7LUuYBTniGyAzMGeziYsSAp
fcnA6vncOZb5Q73lrMg0ODbWYCMHJijsHQmP4nVDgB53qQjitFcCgUChmMyhOaOQ
/3QpPBN8MMSRr5uU6rMcGVbgM2Rc818VamftX1BX3K/U4zwoJqVPAI/1l3SZWk2b
v0rLGQXEtCJA6Q8lii0X+UsYXojlZJEk01Zju1fVY+l+EciwAfyRCEwxDxqKT4Uo
Pc68VGI/EJH99nk6yVMCQs2ryW3slJziMq2Oq2e6IA10OhbZF7no1pQQhywEX4GR
0BiHTJvh07gGCnGEDIOHYWCjDHA1qUBIofQMo1BQrKzk7ZDKN4esN9Wih2LgZA3l
yUI9SMFw6jxypkNJ59LFx+HGx+r63TcBHRPqWeO5D+NtsgIG7PpYSXwdOhENg7St
+Bc7QpFXcQLx0ufBh6Eq2ky4octcMyiPjADSDn/7cfNx2xyAyOtwEzkK6g8H9agz
y5jPKSqHrPhpYp+eRidJHeEEeZjWyPHvHM/dKcFRL04LeFs6nwiGm/snUtqnU0jn
WacTApK4L4vz3ZtvB3as0Qtr9kNtV7C8krH/Q4n3Z8WoMCcQnGwGZQe9Sg6v0w==
=o6Qi
-----END PGP MESSAGE-----
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
hQIOA8gNDLAgh8LpEAgAg9qlAHJAIM2T7elNspEZ5tDTOG/kjMMn7e5aHmsqHujt
vPXf4Jwa51aCb+N5ymMBnhWhK6nzFd+GgMs9LWYpfZVouU0GzSkdQ9iXcX9AHkQU
ROSrroACd1kFDKB+E2sa2klEAREgU46v0yjMf4lWzz0VoGv+ql0HWOLBGYcrMCJl
/fItLhdehkoUovtIf6fAiEVSCIUySsteCH1lZjWkUVXuDm3AH8i0jEil3m2K63J7
lT17uJCXKBcgsQTn/AKW6zvm952WuvbIGEwoK9E02xtdmg2yWeWmS0jUggDLghnn
7CYT5KRi8KChPNlJ1O4ZHSnr9jhvX/WJleXpoW0UrggA4TtKybQwIxIMeu1/Oeud
L00xREzmQF2bDVF00x1zF4KLKbKZEv/w41Vl/Oy2CY0zxxk8PX4jHPo8oLZJX6+4
AJHK+FxtISorXKfNVavRqFnL7ELtEruZNn0O6LYvtplA7U3COlnBIMjX2VyaYBSJ
8hpxtn7IIsQOsE9SDlFwCTbpW8RQPQlPeGFRta1mKHj6eU1NS8ybxTPG977+jTt7
oMolBowSJ2PjN147N/h7UDaMt4xSdyUH+Z40jvmoM1GkMhL4FCvcEVr/RcJy1SqA
/owidEkm2pNmXwhNvcpbVyeF8PGN4u+ZDQoUnTXj39QRNqYq4A+AM8y6FTU7EYFS
b8np0bKMlSkFFjtwzuWn7AoGg0D8+qQ23eApaN1SzvkAh7sDdy02sdommGUT82jo
u7vSbpTYrdHLJvBFc5A7Xr9S5m5hvHFpi0udszKDFl+pJ0CxWw4fdUk50LNCSN6w
LoEaDIi8MzO8c4s8lGf9RwUqKjNOXIykB3Vj+bJ5/eSgz1qnl25LHMEe9Kr4ZNlP
EJ5maqt1+9NTZhblLOA3QAMNd9WkxQbxljMV+qREScvbfvOhlhzOaBNpXVbNmNcC
namw3SIyHgYaf/7FRLDZcHYkNhGoZZzGpH+DRkHOuLNvlJkwgSaF9ugU0+ye2+ID
hqfksPFdRC8iMUQaTfDcNsucRoDPMshm7aa6qr6lSRaezV6T7r6zxlC7e/ryFYTd
cvVP/YtqHax/SbOvOUTUHBpBXi+4gyQNFdgr+R5RcOo+jKJqDj4wUxRIz9LE1LU4
D9MuBqg0B6+LlC+CmMbmnFkoRHTvW/tYT0HMP2hk3+VJtK4o9lqKDf3CbTTalA/e
kFhCG3I7YhXJjNZua9HaqnxqbdDbHf5XpQh2anLhk8QW69f0JMPFPTme4uUED2vz
3LindPWbHHfg2NwEqX6JgTHWjh4HpmUaQMinOMAHT7NZfPKoUnDpro86R8mDgkUK
emZM+K1ccuDGKJhEiYIdzhqmuUSRzPABgDGLTYQdlQOcugUVoJitrwYWtefCfjnq
j0tHTRTnHasC
=jXuV
-----END PGP MESSAGE-----
 --Boundary_(ID_8ytwJ3HbC55/7xGLY7pM3Q)-- From soerenmm@web.de Mon Apr 1 20:40:01 2002 From: soerenmm@web.de (=?iso-8859-1?Q?S=F6ren?= Mindorf) Date: Mon Apr 1 19:40:01 2002 Subject: GnuPG with mutt and M$ Outlook Message-ID: <20020401192724.A1349@mindorf.org> Dear Listreaders, I have a little problem with gnuPG and the output in Outlook and Outlook Express. I write my E-Mails with mutt and then I sign or/and encrypt my E-Mails. But if one of the adressee have Outlook or Outlook Express they become two Attachmets. One with my sign and one with the text. But I don't want that there are two Attachments. One with my sign is ok, but not with the message. And the second when I write= to Windows Users I want sometimes to sign inbody. With mutt I have made a macro but that also doesen't work.=20 Can you help me? My OS: SuSE 7.2 Prof. gnuPG Version: 1.0.6 my config part in mutt: set pgp_autosign=3Dno #nicht automatisch jede ausgehende mail signieren set pgp_autoencrypt=3Dno #nicht automatisch jede ausgehende Mail verschl= =FCsseln set pgp_entry_format=3D"%4n %t%f %41/0x%k %-4a %2c %u" # Format f=FCr die= PGP Schl=FCsselauswahl set pgp_long_ids=3Dyes # 64bit langen Schl=FCssel-ID anzeigen set pgp_replyencrypt=3Dyes # verschl=FCsseln, wenn ankommende Mail versch= l=FCsselt ist set pgp_replysign=3Dyes # Antworten auf signierte Nachrichten werden aut= om. signiert set pgp_replysignencrypted=3Dyes # Antworten auf signierte und verschl=FC= sselte Nachrichten werden autom. verschl=FCsselt und signiert set pgp_show_unusable=3Dyes # Auch unbrauchbare Schl=FCssel werden angeze= igt set pgp_verify_sig=3Dyes # Signatur pr=FCfen set pgp_strict_enc=3Dyes # codiert autom. PGP/MIME signierte Mails als q= uoted-printable set pgp_timeout=3D3600 # nach einer Stunde das Passwort vergessen set pgp_sort_keys=3Daddress # PGP-Schl=FCssel werden nach ihrer Adresse s= ortiert set pgp_sign_as=3D0x6048EE47 # mein GnuPG Schl=FCssel, mit dem ich signi= ere set pgp_create_traditional=3Dno set pgp_decode_command=3D"gpg %?p?--passphrase-fd 0? --no-verbose --batch= --output - %f"=20 set pgp_verify_command=3D"gpg --no-verbose --batch --output - --verify %s= %f" set pgp_decrypt_command=3D"gpg --passphrase-fd 0 --no-verbose --batch --o= utput - %f" set pgp_sign_command=3D"gpg --no-verbose --batch --output - --passphrase-= fd 0 --armor --detach-sign --textmode %?a?-u %a? %f" set pgp_clearsign_command=3D"gpg --no-verbose --batch --output - --passph= rase-fd 0 --armor --textmode --clearsign %?a?-u %a? %f" set pgp_encrypt_only_command=3D"/usr/bin/pgpwrap gpg -v --batch --output = - --encrypt --textmode --armor --always-trust -- -r %r -- %f" set pgp_encrypt_sign_command=3D"/usr/bin/pgpewrap gpg --passphrase-fd 0 -= v --batch --output - --encrypt --sign %?a?-u %a? --armor --always-trust -= - -r %r -- %f" set pgp_import_command=3D"gpg --no-verbose --import -v %f" set pgp_export_command=3D"gpg --no-verbose --export --armor %r" set pgp_verify_key_command=3D"gpg --no-verbose --batch --fingerprint --ch= eck-signs %r" set pgp_list_pubring_command=3D"gpg --no-verbose --batch --with-colons --= list-keys %r" set pgp_list_secring_command=3D"gpg --no-verbose --batch --with-colons --= list-secret-keys %r" set pgp_getkeys_command=3D"" # Befehl, wenn mutt informationen =FCber =F6= ffentliche Schl=FCssel ben=F6tigt ## ------------------------------------------------------------------ ## Macros for Windwos-user ## ------------------------------------------------------------------ macro compose xwin "Fgpg --clearsign --textmode --armor -r 0x6048EE47=20 ## End GnuPG Section ## End PGP Section Best regards S=F6ren Mindorf --=20 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~ Soeren Mindorf ~ ~ Industriemeister der Elektrotechnik ~ ~ Wrangelstrasse 33 ~ ~ 24105 Kiel ~ ~ E-Mail1: soeren@mindorf.org ~ ~ E-Mail2: soerenmm@web.de ~ ~ Homepage: http://www.mindorf.org ~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From wk@gnupg.org Mon Apr 1 20:45:01 2002 From: wk@gnupg.org (Werner Koch) Date: Mon Apr 1 19:45:01 2002 Subject: Restrictions / Commercial Use? In-Reply-To: (Greg Strong's message of "Sun, 31 Mar 2002 14:02:58 CST") References: Message-ID: <87d6xjmi28.fsf@alberti.gnupg.de> On Sun, 31 Mar 2002 14:02:58 CST, Greg Strong said: > Are there any restrictions on using GnuPG for commercial use? No. > While the installation instructions for GPGshell at GPGShell is a proprietary software not related to GnuPG, the GPL or the FSF. It just happens that GPGShell uses GnuPG as a backend. This is similar to run the proprietary ORACLE DB on GNU/Linux. > to use the following GPG-version. Please keep in mind that this file > contains a version with implemented IDEA-algorithm which is free only > for non-commercial use!" By distributing a modified GnuPG version with the IDEA algorithm included, the distributor violates the license terms of GnuPG (section 7 of the GNU GPL). Thanks for bringing this to my attention. > I've scanned the GNU General Public License (GPL) in plain text format > at http://www.gnu.org/licenses/gpl.txt. I believe this license governs > the distribution of GnuPG. I don't recall seeing any restrictions on > use meaning commercial versus non-commercial. You are right. The FSF actually encourages the commercial use of Free Software - the "free" stands for freedom and not for price. > The only thing I can see different is the fact that GPGshell > installation instructions reference a different file, > gnupg-w32-1.0.6.zip, than GnuPG, gnupg-w32-1.0.6-2.zip. The -2 version fixes a potential security problem with the included compression library (ZLIB). The file gnupg-w32-1.0.6-1.0.6-2.diff in the same directory of the FTP server contains the changes in source form. Werner -- Werner Koch Omnis enim res, quae dando non deficit, FSF Europe dum habetur et non datur, nondum habetur, Vice-Chancellor Germany quomodo habenda est. -- Augustinus From Nick Andriash Mon Apr 1 20:59:01 2002 From: Nick Andriash (Nick Andriash) Date: Mon Apr 1 19:59:01 2002 Subject: GnuPG with mutt and M$ Outlook In-Reply-To: <20020401192724.A1349@mindorf.org> References: <20020401192724.A1349@mindorf.org> Message-ID: <1069815453.20020401095522@telus.net> On April 1, 2002 at 09:53:37 AM, Sören wrote: > I write my E-Mails with mutt and then I sign or/and encrypt my E-Mails. > But if one of the adressee have Outlook or Outlook Express they become > two Attachmets. I have a few Members of my PGP-Basics List who use Mutt/1.3.27i and they don't seem to have any problems creating in-line PGP signatures. If you can't find an answer here, let me know and I will ask them how they did it. Nick -- PGP Public Keys: Mailto:andriash@gmx.net?subject=PGPKeys From gw_goldwing@gwstrong.com Mon Apr 1 21:29:01 2002 From: gw_goldwing@gwstrong.com (Greg Strong) Date: Mon Apr 1 20:29:01 2002 Subject: Restrictions / Commercial Use? In-Reply-To: <20020401104813.A9661@cable-195-162-214-247.upc.chello.be> References: <200203312225.32188@erwin.ingo-kloecker.de> <20020401104813.A9661@cable-195-162-214-247.upc.chello.be> Message-ID: In article <20020401104813.A9661@cable-195-162-214-247.upc.chello.be>, Bart Martens wrote: > I also got mails with an empty body. Is it always from the same individual I listed earlier in this thread? If yes, I would think a problem exists with the mail program for this list, and would hope it is fixed soon. Regards, Greg Strong Email: gw_goldwing@gwstrong.com Mon, 01 Apr 2002 12:03 CST From michael@clockwork.net Mon Apr 1 21:35:02 2002 From: michael@clockwork.net (Michael Koppelman) Date: Mon Apr 1 20:35:02 2002 Subject: RSA Message-ID: I'm sure this has been talked about a million times, but... What the hell does this mean: Michael Koppelman CTO Clockwork Active Media Systems Expertise in the Internet Marketplace http://www.clockwork.net/ (612)221-9500 From lolife@bitstream.net Mon Apr 1 21:37:02 2002 From: lolife@bitstream.net (Michael Koppelman) Date: Mon Apr 1 20:37:02 2002 Subject: RSA Message-ID: What does this mean: gpg: cipher algorithm 1 is unknown or disabled gpg: encrypted with 1024-bit ELG-E key, ID 9DBCAC2E, created 2002-04-01 "Michael D. Koppelman " gpg: public key decryption failed: unknown cipher algorithm gpg: encrypted with 1024-bit RSA key, ID FF1452BB, created 2002-03-20 "VISI.com billing " gpg: decryption failed: secret key not available I have RSA installed: Supported algorithms: Cipher: 3DES, CAST5, BLOWFISH, RIJNDAEL, RIJNDAEL192, RIJNDAEL256, TWOFISH Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA, ELG Hash: MD5, SHA1, RIPEMD160 Is this because of goddamn IDEA? Thanks, Michael Koppelman From lolife@bitstream.net Mon Apr 1 21:41:01 2002 From: lolife@bitstream.net (Michael Koppelman) Date: Mon Apr 1 20:41:01 2002 Subject: RSA In-Reply-To: Message-ID: Sorry about this empty message. Surprised it posted since this address is not a member of the list! On 4/1/02 12:32 PM, "Michael Koppelman" wrote: > I'm sure this has been talked about a million times, but... > > What the hell does this mean: > > > Michael Koppelman > CTO > > Clockwork Active Media Systems > Expertise in the Internet Marketplace > http://www.clockwork.net/ > (612)221-9500 > > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > From gw_goldwing@gwstrong.com Mon Apr 1 21:42:01 2002 From: gw_goldwing@gwstrong.com (Greg Strong) Date: Mon Apr 1 20:42:01 2002 Subject: Restrictions / Commercial Use? In-Reply-To: <87d6xjmi28.fsf@alberti.gnupg.de> References: <87d6xjmi28.fsf@alberti.gnupg.de> Message-ID: In article <87d6xjmi28.fsf@alberti.gnupg.de>, Werner Koch wrote: > GPGShell is a proprietary software not related to GnuPG, the GPL or the > FSF. It just happens that GPGShell uses GnuPG as a backend. This is > similar to run the proprietary ORACLE DB on GNU/Linux. Understood. The intent of my initial inquiry is to determine any restrictions when using GnuPG backend and a frontend that makes more user friendly. From what I could determine on website for GPGShell, http://www.jumaros.de/rsoft/gpgshell.html, there are NO restrictions with GPGShell. Bottom line is you have to read. When in doubt ask. Regards, Greg Strong Email: gw_goldwing@gwstrong.com Mon, 01 Apr 2002 12:30 CST From ftobin@neverending.org Mon Apr 1 21:45:01 2002 From: ftobin@neverending.org (Frank Tobin) Date: Mon Apr 1 20:45:01 2002 Subject: RSA In-Reply-To: Message-ID: <20020401134224.R4522-100000@palanthas.neverending.org> Michael Koppelman, on 2002-04-01, wrote: > What does this mean: > > gpg: cipher algorithm 1 is unknown or disabled According to http://www.gnupg.org/rfc2440-9.html algorithm 1 is IDEA. So yes, your problem is due to visi.com using a patented algorithm. -- Frank Tobin http://www.neverending.org/~ftobin/ From dshaw@jabberwocky.com Mon Apr 1 21:52:01 2002 From: dshaw@jabberwocky.com (David Shaw) Date: Mon Apr 1 20:52:01 2002 Subject: RSA In-Reply-To: References: Message-ID: <20020401185003.GA1426@akamai.com> On Mon, Apr 01, 2002 at 12:34:53PM -0600, Michael Koppelman wrote: > What does this mean: > > gpg: cipher algorithm 1 is unknown or disabled > gpg: encrypted with 1024-bit ELG-E key, ID 9DBCAC2E, created 2002-04-01 > "Michael D. Koppelman " > gpg: public key decryption failed: unknown cipher algorithm > gpg: encrypted with 1024-bit RSA key, ID FF1452BB, created 2002-03-20 > "VISI.com billing " > gpg: decryption failed: secret key not available > > > I have RSA installed: > > Supported algorithms: > Cipher: 3DES, CAST5, BLOWFISH, RIJNDAEL, RIJNDAEL192, RIJNDAEL256, TWOFISH > Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA, ELG > Hash: MD5, SHA1, RIPEMD160 > > Is this because of goddamn IDEA? Yes. You will need the IDEA plugin to read the message. Please read http://www.gnupg.org/why-not-idea.html first, but if this does not apply to you, you can get the plugin at ftp://ftp.gnupg.dk/pub/contrib-dk/idea.c (and idea.c.sig) David -- David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +---------------------------------------------------------------------------+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson From ams@kemisten.nu Mon Apr 1 22:45:01 2002 From: ams@kemisten.nu (Alfred M. Szmidt) Date: Mon Apr 1 21:45:01 2002 Subject: Restrictions / Commercial Use? In-Reply-To: References: <87d6xjmi28.fsf@alberti.gnupg.de> Message-ID: <87663b8atz.fsf@lgh163a.kemisten.nu> * Greg Strong writes: > In article <87d6xjmi28.fsf@alberti.gnupg.de>, Werner Koch wrote: >> GPGShell is a proprietary software not related to GnuPG, the GPL or >> the FSF. It just happens that GPGShell uses GnuPG as a backend. >> This is similar to run the proprietary ORACLE DB on GNU/Linux. > Understood. The intent of my initial inquiry is to determine any > restrictions when using GnuPG backend and a frontend that makes more > user friendly. From what I could determine on website for GPGShell, > http://www.jumaros.de/rsoft/gpgshell.html, there are NO restrictions > with GPGShell. It has restrictions. One can't study it or modify it which are two of the four freedoms when one speaks about about Free Software [1]. GPGShell may be free as in free beer, but not free as in freedom. [1] http://www.gnu.org/philosophy/free-sw.html -- Alfred M. Szmidt From David Gardi Mon Apr 1 23:24:01 2002 From: David Gardi (David Gardi) Date: Mon Apr 1 22:24:01 2002 Subject: GnuPG with mutt and M$ Outlook Message-ID: <20020401202150.GG21806@vxi.localdom> --5p8PegU4iirBW1oA Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I have the same attachment problem with sending encrypted and signed messages to MS clients. I would like both sig and msg to be inline. Is it possible to change my email address in my pub key listing. Ex. when I list my key, gpg --list-keys I get my name, email address and more. I would like to update my personal information. I cannot regen key. Can anything be done? Thanks, David. --=20 David Gardi =20 Email: dg@gardisoft.org Key Fingerprint: BC9E 9D71 4E74 60E2 2C45 0330 6EEE 7EE7 9D2B 8CA0 Public Key: http://www.gardisoft.org/key.asc The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself. Therefore all progress depends on the unreasonable man. -- George Bernard Shaw --5p8PegU4iirBW1oA Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8qMFebu5+550rjKARAj+fAJ9/NLeq5TZAb2lDhiE2GX8ykoykMQCgnzCn te7jFuu5rvO9eJ9niEp2AF8= =YKlT -----END PGP SIGNATURE----- --5p8PegU4iirBW1oA-- From David Gardi Mon Apr 1 23:32:01 2002 From: David Gardi (David Gardi) Date: Mon Apr 1 22:32:01 2002 Subject: GnuPG with mutt and M$ Outlook Message-ID: <20020401202936.GA13346@vxi.localdom> --wRRV7LY7NUeQGEoC Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I have the same attachment problem with sending encrypted and signed messages to MS clients. I would like both sig and msg to be inline. Is it possible to change my email address in my pub key listing. Ex. when I list my key, gpg --list-keys I get my name, email address and more. I would like to update my personal information. I cannot regen key. Can anything be done? Thanks, David. --=20 David Gardi =20 Email: dg@gardisoft.org Key Fingerprint: BC9E 9D71 4E74 60E2 2C45 0330 6EEE 7EE7 9D2B 8CA0 Public Key: http://www.gardisoft.org/key.asc The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself. Therefore all progress depends on the unreasonable man. -- George Bernard Shaw --wRRV7LY7NUeQGEoC Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8qMMwbu5+550rjKARAsabAKCNP2dS/zmkgPs23mwxCaXzN/gkDQCgw8Ko NdjXnR+7Iu0bkPEYCDe4/G8= =wm/R -----END PGP SIGNATURE----- --wRRV7LY7NUeQGEoC-- From Nick Andriash Mon Apr 1 23:39:02 2002 From: Nick Andriash (Nick Andriash) Date: Mon Apr 1 22:39:02 2002 Subject: Restrictions / Commercial Use? In-Reply-To: <87663b8atz.fsf@lgh163a.kemisten.nu> References: <87d6xjmi28.fsf@alberti.gnupg.de> <87663b8atz.fsf@lgh163a.kemisten.nu> Message-ID: <6019453682.20020401123559@telus.net> On April 1, 2002 at 12:34:23 PM, Alfred wrote: > It has restrictions. One can't study it or modify it which are two of > the four freedoms when one speaks about about Free Software [1]. Yes, but that doesn't detract from the point he was making, which is that GPGShell makes using GnuPG more User friendly. Nick -- PGP Public Keys: Mailto:andriash@gmx.net?subject=PGPKeys From agreene@pobox.com Mon Apr 1 23:56:01 2002 From: agreene@pobox.com (Anthony E. Greene) Date: Mon Apr 1 22:56:01 2002 Subject: GnuPG with mutt and M$ Outlook In-Reply-To: <20020401202936.GA13346@vxi.localdom> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 1 Apr 2002, David Gardi wrote: >Is it possible to change my email address in my >pub key listing. No. You can add a userid, but you cannot edit or remove an existing userid. Tony - -- Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: Linux: the choice of a GNU Generation. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene 0x6C94239D iD8DBQE8qMiupCpg3WyUI50RAlvAAKCOCGlSc/s9FQLqidclFzJhxyx3YgCghq/a HXPJAC0ZWVXSU3zLYdcuICk= =sdyN -----END PGP SIGNATURE----- From agreene@pobox.com Tue Apr 2 00:00:02 2002 From: agreene@pobox.com (Anthony E. Greene) Date: Mon Apr 1 23:00:02 2002 Subject: Restrictions / Commercial Use? In-Reply-To: <6019453682.20020401123559@telus.net> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 1 Apr 2002, Nick Andriash wrote: >On April 1, 2002 at 12:34:23 PM, Alfred wrote: > >> It has restrictions. One can't study it or modify it which are two of >> the four freedoms when one speaks about about Free Software [1]. > >Yes, but that doesn't detract from the point he was making, which is that >GPGShell makes using GnuPG more User friendly. Actually, the point he was making was that GPGShell may be used without paying fees by a for-profit oganization. Tony - -- Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: Linux: the choice of a GNU Generation. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene 0x6C94239D iD8DBQE8qMnJpCpg3WyUI50RAp07AJ9cOXdyMLZBs/3QtfT88tj5GBdpxwCePPcG h92IG3HnjvbQNPTQnCifumk= =8gJ2 -----END PGP SIGNATURE----- From ams@kemisten.nu Tue Apr 2 00:32:01 2002 From: ams@kemisten.nu (Alfred M. Szmidt) Date: Mon Apr 1 23:32:01 2002 Subject: Restrictions / Commercial Use? In-Reply-To: <200204010024.25378@erwin.ingo-kloecker.de> References: <200203312225.32188@erwin.ingo-kloecker.de> <200204010024.25378@erwin.ingo-kloecker.de> Message-ID: <871ydz5cqj.fsf@lgh163a.kemisten.nu> * Ingo Kl=F6cker writes: > I also get those annoying messages. Maybe this is a vacation > notification. > Werner, assuming that you are the list admin, could you please > remove Daniel Siegers' subscription (if he is subscribed). Thanks! Cute, you can add me to the list of people who have received it.. --=20 Alfred M. Szmidt From Nick Andriash Tue Apr 2 01:03:01 2002 From: Nick Andriash (Nick Andriash) Date: Tue Apr 2 00:03:01 2002 Subject: Restrictions / Commercial Use? In-Reply-To: References: Message-ID: <6424486841.20020401135951@telus.net> On April 1, 2002 at 01:58:00 PM, Anthony wrote: > Actually, the point he was making was that GPGShell may be used without > paying fees by a for-profit oganization. Very well then...GPGShell may be used without paying fees by a for-profit Organization...'and' it makes using GnuPG more User friendly. ;o) Nick -- PGP Public Keys: Mailto:andriash@gmx.net?subject=PGPKeys From sunny@sunbase.org Tue Apr 2 04:55:02 2002 From: sunny@sunbase.org (Oyvind A. Holm) Date: Tue Apr 2 03:55:02 2002 Subject: Restrictions / Commercial Use? In-Reply-To: Message-ID: On 2002-03-31 16:01-0600 Greg Strong wrote: > BTW since I've joined this group I keep getting an email from "Daniel > Siegers" every time I check this mail > list. The email has no body. I also get it every time I post to the list. I assume he's on easter holiday and has set up a auto-reply on his machine. He forgot to include a message though... :-) =D8yvind +-------------------------------------------------------------------+ | OpenPGP: 0x629022EB 2002-02-24 =D8yvind A. Holm | | Fingerprint: DBE9 8D44 67F7 42AC 2CA1 7651 724E 9D53 6290 22EB | +-----------------| ☮, ♥ and Linux. |-----------------+ From rasoul@rhythm.com Tue Apr 2 06:10:01 2002 From: rasoul@rhythm.com (Rasoul Hajikhani) Date: Tue Apr 2 05:10:01 2002 Subject: Error using --no-default-keyring Message-ID: <3CA92021.A3E41140@rhythm.com> Hello folks, I am sorry to pose this question again but I get another error trying this command: %gpg --homedir /usr/lsd/apache-ssl/htdocs/secureDB/PGP/.gnugpg \ --no-default-keyring --secret-keyring 1017716050.asc --decrypt /tmp/.1017716050.gpg > /tmp/.1017716050.txt Here is what I have done: %gpg --export-secret-keys rasoul@rhythm.com > \ /usr/lsd/apache-ssl/htdocs/secureDB/PGP/.gnugpg/1017716050.asc Then I do: %gpg --homedir /usr/lsd/apache-ssl/htdocs/secureDB/PGP/.gnugpg \ --no-default-keyring --secret-keyring 1017716050.asc --decrypt /tmp/.1017716050.gpg > /tmp/.1017716050.txt But I get this error: gpg: CRC error; e478cc - 47d937 As I am very new to gpg, I appreciate your patience and help. So if you think that this question has already been answered, I ask you very kindly to answer it again one last time. Thanks in advance -r From nazir@itautec-philco.com.br Wed Apr 3 11:24:09 2002 From: nazir@itautec-philco.com.br (Nazir Najjar) Date: Wed Apr 3 10:24:09 2002 Subject: Unsubcribe Message-ID: <000e01c1da48$567911c0$6801190a@NAZIR> How Can I unsubcribe from this list. Thank you. Nazir Najjar Itautec - Segurança Internet nazir@itautec.com.br 55 (11) 6097-3959 From pta@psaconsultants.com Wed Apr 3 14:51:02 2002 From: pta@psaconsultants.com (Peter T. Abplanalp) Date: Wed Apr 3 13:51:02 2002 Subject: Unsubcribe In-Reply-To: <000e01c1da48$567911c0$6801190a@NAZIR>; from nazir@itautec-philco.com.br on Tue, Apr 02, 2002 at 10:14:35AM -0300 References: <000e01c1da48$567911c0$6801190a@NAZIR> Message-ID: <20020403041218.A21101@psaconsultants.com> --HlL+5n6rz5pIUxbD Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable http://lists.gnupg.org/mailman/listinfo/gnupg-users On Tue, Apr 02, 2002 at 10:14:35AM -0300, Nazir Najjar wrote: > How Can I unsubcribe from this list. >=20 > Thank you. >=20 > Nazir Najjar > Itautec - Seguran=E7a Internet > nazir@itautec.com.br > 55 (11) 6097-3959 >=20 >=20 >=20 > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users --=20 Peter Abplanalp Email: pta@psaconsultants.com PGP: pgp.mit.edu --HlL+5n6rz5pIUxbD Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8quOSggA8sH0iRXQRAr64AJwLntxvDNiJZpf/qjhlKPtBmOiqDgCeIjUM w/dKsqJH+q6/A9z1ZD1Iv90= =HwhJ -----END PGP SIGNATURE----- --HlL+5n6rz5pIUxbD-- From mutz@kde.org Wed Apr 3 14:52:01 2002 From: mutz@kde.org (Marc Mutz) Date: Wed Apr 3 13:52:01 2002 Subject: Unsubcribe In-Reply-To: <000e01c1da48$567911c0$6801190a@NAZIR> References: <000e01c1da48$567911c0$6801190a@NAZIR> Message-ID: <200204031206.26623@sendmail.mutz.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday 02 April 2002 15:14, Nazir Najjar wrote: > How Can I unsubcribe from this list. > > Thank you. "View source" of this message, then search for the List-Unsubscribe: head= er=20 field, maybe? Marc - --=20 Marc Mutz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8qtQi3oWD+L2/6DgRAqpSAJ4l9tCyv4iFYmuPRWFtEtzUCCKuRQCgiFWI a4F8kg4XYeXuyDo5BYvJGzE=3D =3DE/Y2 -----END PGP SIGNATURE----- From oliver@schonrocks.com Wed Apr 3 14:52:03 2002 From: oliver@schonrocks.com (=?ISO-8859-1?Q?Oliver_Sch=F6nrock?=) Date: Wed Apr 3 13:52:03 2002 Subject: Unsubcribe In-Reply-To: <000e01c1da48$567911c0$6801190a@NAZIR> References: <000e01c1da48$567911c0$6801190a@NAZIR> Message-ID: <157669907.1017830991@[192.168.0.1]> --==========157675855========== Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline --On 02 April 2002 10:14 -0300 Nazir Najjar =20 wrote: > How Can I unsubcribe from this list. received a mail when I first subscribed that explains the process. The best = options for you might be: > You can also make such adjustments via email by sending a message to: > > Gnupg-users-request@gnupg.org > > with the word `help' in the subject or body (don't include the > quotes), and you will get back a message with instructions. > Regards Oliver --==========157675855========== Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6-2 (MingW32) iEYEARECAAYFAjyq0D8ACgkQhN/6uonit6koRACeMtpjgB90FVPLMiEKOUXkkJg3 yVYAnAym3iSaEYtIHi0v+oflobKEMmVe =6mGW -----END PGP SIGNATURE----- --==========157675855==========-- From avbidder@acter.ch Wed Apr 3 14:53:02 2002 From: avbidder@acter.ch (Adrian von Bidder) Date: Wed Apr 3 13:53:02 2002 Subject: [OT] Attack trees Message-ID: <1017825043.29024.6.camel@atlas> --=-AhRS+tB6R6H/FpKVZy+Q Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Yo! Sorry for the offtopic msg, but I guess some people here could know this. Are there any tools that help constructing an attack tree of a system? I can do it with any diagraming tool, but some templates would be nice. (environment is usually Linux) cheers -- vbi (no need to cc: - I'm monitoring the list) --=-AhRS+tB6R6H/FpKVZy+Q Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEABECAAYFAjyqxxMACgkQwj49sl5Lcx9HBACePhz4dAsvvecCauF2vACf2ybl UtUAnRuMN2sbtGUbifIbhnh5+sLqJRfE =50CZ -----END PGP SIGNATURE----- --=-AhRS+tB6R6H/FpKVZy+Q-- From rasoul@rhythm.com Wed Apr 3 14:54:03 2002 From: rasoul@rhythm.com (Rasoul Hajikhani) Date: Wed Apr 3 13:54:03 2002 Subject: using gpg Message-ID: <3CAA70A1.30FF502D@rhythm.com> Hello folks, I have just hit a major malfunction and I was hoping that someone might be able to help me. I am writing a web based interface to encrypt, decrypt user's passphrases and save them into a database. I have no problem generating, and encrypting a passphrase. The problem arises when I try to decrypt a saved passphrase. Encryption of passphrase is done like this: --homedir $home --output $tempFile --no-comment --no-version --armor --encrypt $recipient $phraseFile where $recipient is : -r $user@thisCompany.com. So everyone has an encrypted passphrase using their own uid. The result is saved into the database. Groups' passphrase encryption is done using the admin as --recipient My problem arises when I try to decrypt a user's saved passphrase. Here is the steps that I take: 1- retrieve passphrase 2- Save into .gpg file 3- call --homedir $home --decrypt $encryptFile through open3() The code looks like this: # This is actual code in perl push (@$commands,"--homedir $home --decrypt $encryptFile"); # Execute user defined routine # open3($fin, $fout, $ferr,"$self->{GPGExec} $cmd") || return EXEC_ERROR(); my $result = $self->Execute($commands,FIN,FOUT,FERR); # this passes in the passphrase print FIN "$passPhrase\n"; # this closes the communication channel, # indicating we are done close FIN; my @error_output = ; # reading the error my @plaintext = ; # reading the output # clean up... close FOUT; close FERR; If i did the same command on the command line, everything is dandy and fine, file is actually decrypted, but when using open3() and through the apache thread, nothing works. The error, if that is at all error, is: errors: gpg: Warning: using insecure memory! I am hoping someone who has done this kind of stuff in an application, could help me find out what I am doing wrong. I appreciate all the comments/help that I can get. Thanks in advance From gw_goldwing@gwstrong.com Wed Apr 3 14:55:02 2002 From: gw_goldwing@gwstrong.com (Greg Strong) Date: Wed Apr 3 13:55:02 2002 Subject: Best Configuration for GnuPG & GPGShell on Multi-boot PC? Message-ID: What is the best configuration for GnuPG and GPGShell on a Multi-boot PC? I have 3 partitions (1) 1st partition for application set A & OS Win98 (2) 2nd partition for application set B & OS Win98 (3) Extended partition for data I would preferably like to have one set of files. Can I set up both apps in the extended partition without problems? TIA! Greg Strong Email: gw_goldwing@gwstrong.com Win98 Tue, 02 Apr 2002 18:33 CST From dfc@anize.org Wed Apr 3 14:55:05 2002 From: dfc@anize.org (Douglas Calvert) Date: Wed Apr 3 13:55:05 2002 Subject: new keysigning list Message-ID: <1017789280.6905.378.camel@allevil> --=-OPVeVawh+DgFH93mTgfC Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Hello, Drew Streib of the keyanalyze project has set up a mailing list for people to coordinate formal and informal keysignings. I have included the announcement: Announcing a new mailing list: keysignings@lists.alt.org The keysignings list has been started to give a place where people can announce intended and desired keysignings and key signature exchanges. It was created for people that are interested in expanding their personal webs of trust. I expect most of the list traffic to be: * People announcing travel to a city, and asking if anyone locally is interested in meeting and exchanging signatures. * Announcments of planned keysignings at LUGs, conventions, etc. * _Some_ discussion about the mechanics of keysignings. * Specific queries for anyone needing a particular trust path. * Anything else directly related to expanding one's web of trust through digital signature exchanges. List information is at: http://lists.alt.org/mailman/listinfo/keysignings/ Like most lists on lists.alt.org, keysignings will be mildly monitored to keep things vaguely on topic. List posting is restricted to list=20 members in order to reduce spam. If you're interested in this list, you may also be interested in others at lists.alt.org. Feel free to=20 take a look. --=20 +---------------+-----------------------------------+ |Douglas Calvert| http://anize.org/dfc | | dfc@anize.org | http://imissjerry.org | +---------------+-----------------------------------+ | If you use envelopes, why not use encryption? | | http://anize.org/dfc/dfc-keys.asc | | 0817 30D4 82B6 BB8D 5E66 06F6 B796 073D C954 1FB2 | +-------------| http://www.gnupg.org |--------------+ --=-OPVeVawh+DgFH93mTgfC Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQA8qjtgt5YHPclUH7IRAjlGAJ9w5QMY2ItLsgvq+lxa8GQAIBaACgCaAyHZ A1Mshm0x826MqTu9Jp5K2+8= =3Ch+ -----END PGP SIGNATURE----- --=-OPVeVawh+DgFH93mTgfC-- From ingo.kloecker@epost.de Wed Apr 3 14:55:07 2002 From: ingo.kloecker@epost.de (Ingo =?iso-8859-1?q?Kl=F6cker?=) Date: Wed Apr 3 13:55:07 2002 Subject: Restrictions / Commercial Use? In-Reply-To: References: Message-ID: <200204030025.26506@erwin.ingo-kloecker.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday 02 April 2002 03:52, Oyvind A. Holm wrote: > On 2002-03-31 16:01-0600 Greg Strong wrote: > > BTW since I've joined this group I keep getting an email from > > "Daniel Siegers" every time I check > > this mail list. The email has no body. > > I also get it every time I post to the list. I assume he's on easter > holiday and has set up a auto-reply on his machine. He forgot to > include a message though... :-) And unfortunately his vacation program obviously doesn't know anything=20 about the Precedence: bulk header which is used to mark mailing list=20 messages which a vacation program should never reply to. Regards, Ingo -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8qi/UGnR+RTDgudgRAhk/AJ4rtobhaVxCJ0hjoK5VwDjz8OZWEACaAs5q qJp4Upw18rjd0C6RCeBFiDk=3D =3DExvZ -----END PGP SIGNATURE----- From rasoul@rhythm.com Wed Apr 3 14:55:10 2002 From: rasoul@rhythm.com (Rasoul Hajikhani) Date: Wed Apr 3 13:55:10 2002 Subject: Errors Message-ID: <3CAA224B.9345D0A2@rhythm.com> Can someone tell me what these errors mean? gpg: CRC error; 558434 - 7d1842 gpg: mpi too large (53683 bits) gpg: [don't know]: invalid packet (ctb=37) Thanks in advance -r From wallis@walc.com Wed Apr 3 14:55:12 2002 From: wallis@walc.com (wallis@walc.com) Date: Wed Apr 3 13:55:12 2002 Subject: gpg and apacheSSL problem Message-ID: <15530.6188.148425.81342@gargle.gargle.HOWL> I'm running gpg 1.0.6 on Linux with Apache SSL 1.3.6. I'm trying to set up secure email from the server to my clinet via Gnupg and pgpmail. However, on this system, the secure server is set to run as a userid other than my own, with the end result that gpg can't get the keyrings. Here's the output from gpg: gpg: Warning: using insecure memory! gpg: loaded digest 2 gpg: using secondary key E9E9B0EB instead of primary key 9AA75E9D gpg: E9E9B0EB: no info to calculate a trust probability gpg: no valid addressees gpg: [stdin]: encryption failed: no such user id This configuration works fine from the non-secure server, which runs as my userid. Is there a way to configure gpg to run as one id, but use the keyring of another for sending encrypted email? Or am I missing something painfully obvious? Thanks in advance! David Wallis From gw_goldwing@gwstrong.com Wed Apr 3 14:55:14 2002 From: gw_goldwing@gwstrong.com (Greg Strong) Date: Wed Apr 3 13:55:14 2002 Subject: Key Type & Size / Multiple Email Accounts / Key Server Questions Message-ID: I'm new to GnuPG. You might say that I'm in learn and test mode before using full time and publish keys to key servers. I have several questions. They are as follows: 1) What type of key do you suggest? I ask this question because I'll use GnuPG primarily for signing but in limited instances for encryption. I've read the manual and know DSA is limited to a size of 1024 bits, and is used only for signing. ElGamal can be used for both signing and encryption with no limit on size. My first inclination is to use the default of DSA & ElGamal. See question #2 when answering. 2) With the advancement of computing power what key size do you recommend? Presently I'm using an old P166 PC that will update in the near future. For getting off the ground with GnuPG I have tested with type 1 (DSA & Elgamal) with both having a size of 1024 bits. After generating the keys this size hasn't really pushed this old PC. It hasn't really been exposed to much either. 3) If you have multiple email accounts on one key and put on a key server, would these multiple email accounts then be analogous to being published in a telephone book? TIA! Greg Strong Email: gw_goldwing@gwstrong.com Tue, 02 Apr 2002 14:35 CST From agreene@pobox.com Wed Apr 3 14:55:16 2002 From: agreene@pobox.com (Anthony E. Greene) Date: Wed Apr 3 13:55:16 2002 Subject: GPG Encrytion process In-Reply-To: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 29 Mar 2002, Loaded Media wrote: >I need to encrypt emails sent through an Agora Shopping Cart system I have >setup on an account I have setup HostingMatters.com What operating system runs on the server? >How do I set it up in the shopping cart? That depends on how the shopping card application works. If there is a way to tell it to process the order info through some external module before emailing it, then that's where you'd setup GPG. You're probably better off asking an Agora expert about processing order info through an external app. On a UNIX-like system, a simple pipe would do the trick. >How do I set it up on my >client's PC for email retrieval? That part is relatively easy. You'd install the Win32 binary version of GnuPG, along with a front end such as WinPT or GPGShell. Tony - -- Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: Linux. The choice of a GNU generation -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene 0x6C94239D iD8DBQE8qg7YpCpg3WyUI50RAoooAKDjMbdo39MB5xRIBH3P0hYQpfWD2gCfYXbl pFv4WUWFKjPo81Ig4N35z00= =Z5ia -----END PGP SIGNATURE----- From pta@psaconsultants.com Wed Apr 3 14:55:18 2002 From: pta@psaconsultants.com (Peter T. Abplanalp) Date: Wed Apr 3 13:55:18 2002 Subject: outlook plugin question Message-ID: <20020402132303.D19865@psaconsultants.com> --T7mxYSe680VjQnyC Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable hello all. i'm sorry if this isn't the correct place for this but i have installed the gnupg plugin for outlook and it seems to use the "traditional" inline method of signing and encrypting. does anyone know if there is a way to get it to use the now "standard" pgp/mime method? thanks... --=20 Peter Abplanalp Email: pta@psaconsultants.com PGP: pgp.mit.edu --T7mxYSe680VjQnyC Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8qhMmggA8sH0iRXQRAohJAJ9qztTiUqikaOyy51VWaTGdXstetgCcDhQR CgY8X/X2FqbKLDDxMGkccX8= =9u51 -----END PGP SIGNATURE----- --T7mxYSe680VjQnyC-- From jkane89@softhome.net Wed Apr 3 14:56:01 2002 From: jkane89@softhome.net (John Kane) Date: Wed Apr 3 13:56:01 2002 Subject: --no-default-keyring, .asc, --import Message-ID: <3CAA0441.7E0DD668@softhome.net> Rasoul Hajikhani rasoul@rhythm.com writes: > gpg ... --secret-keyring 1017716050.asc Sorry. After exporting your key, you need to import it into a new *.gpg keyring before you can use it. Also, you should transfer the public and secret keys toghether. Also, it's necessary to use -a when making an ascii .asc file: gpg ... -a --export-keys me@email.net >mypub.asc gpg ... -a --export-secret-keys me@email.net >mysecret.asc gpg ... --import mypub.asc gpg ... --allow-secret-key-import --import mysecret.asc with --keyring newpub.gpg --secret-keyring newsec.gpg From texmex@uni.de Wed Apr 3 14:56:05 2002 From: texmex@uni.de (Gregor Zattler) Date: Wed Apr 3 13:56:05 2002 Subject: Solution (was: Re: gpg --list-key shows keys twice) In-Reply-To: <20020331045821.GA11580@glitch.localdomain> References: <20020331015328.A5513@localhost> <20020331045821.GA11580@glitch.localdomain> Message-ID: <20020402165036.A2154@localhost> Hi Greg et al. * Greg Norris [Sam 30 Mär 2002 22:58:21 GMT]: > Your public keyring is being checked twice. Edit ~/.gnupg/options, and > remove the "keyring" entry for ~/.gnupg/pubring.gpg. Current versions > of gpg use the default keyring file automagically, while older ones > required that it be specified explicitely... that's been my experience > on Debian, anyway. You are right my options file contained this lines: keyring gnupg-ring:~/.gnupg/pubring.gpg secret-keyring gnupg-ring:~/.gnupg/secring.gpg keyring ~/.pgp/pubring.pgp secret-keyring ~/.pgp/secring.pgp without the "gnupg-ring:" lines all works fine. thanks a bundle. > On Sun, Mar 31, 2002 at 01:53:28AM +0100, Gregor Zattler wrote: > > Hi gnupg-users, > > > > gpg --list-key shows pubkeys in pubring.gpg twice, > > whereas pubkeys from "included" pubring.pgp are single in the > > listing (see below). ^^^ [...] Ciao, Gregor -- Kommunikation benoetigt gemeinsame /"\ ASCII Ribbon Campaign Standards --> unformatierter Text \ / Respect for open standards in E-Mails, als Anhaenge nur offene X No HTML/RTF in email Standards, keine Micro$oft-Dateien / \ No M$ Word docs in email From agreene@pobox.com Wed Apr 3 16:44:01 2002 From: agreene@pobox.com (Anthony E. Greene) Date: Wed Apr 3 15:44:01 2002 Subject: gpg and apacheSSL problem In-Reply-To: <15530.6188.148425.81342@gargle.gargle.HOWL> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 2 Apr 2002 wallis@walc.com wrote: >I'm running gpg 1.0.6 on Linux with Apache SSL 1.3.6. I'm trying to >set up secure email from the server to my clinet via Gnupg and >pgpmail. However, on this system, the secure server is set to run as a >userid other than my own, with the end result that gpg can't get the >keyrings. Here's the output from gpg: Create a public keyring with only one key: the key needed for this application. Geenrate a key pair just for this app. >gpg: Warning: using insecure memory! You can set gpg to suid root if you want to avoid this error message and ensure your plaintext is not available to other processes on the server. >gpg: loaded digest 2 >gpg: using secondary key E9E9B0EB instead of primary key 9AA75E9D >gpg: E9E9B0EB: no info to calculate a trust probability Use the --always-trust option to fix this error message. >gpg: no valid addressees >gpg: [stdin]: encryption failed: no such user id Put the keyring for this app in a directory that's readable by Apache and specify that directory on the commandline using the --homedir option. Tony - -- Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: Linux: the choice of a GNU Generation. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene 0x6C94239D iD8DBQE8qwcbpCpg3WyUI50RAh/QAJsHWS8BAev5WOHnrnBOptri5q4PPACghCPJ iBXFS/0MJw1vjzHfPNrEwC8= =TTOc -----END PGP SIGNATURE----- From oliver@schonrocks.com Wed Apr 3 18:04:01 2002 From: oliver@schonrocks.com (=?ISO-8859-1?Q?Oliver_Sch=F6nrock?=) Date: Wed Apr 3 17:04:01 2002 Subject: GnuPG between Sendmail servers Message-ID: <176567861.1017849889@[192.168.0.1]> --==========176575341========== Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline I need to set up "secure routing of mail" between 2 (or more) Sendmail SMTP = servers. Is it possible to somehow connect gpg into the loop? How do you deal with=20 the fact that many messages will have to share the same key pair which is=20 known only only by the 2 servers. The receiving server will have to decrypt = and then perform its normal routing functions. The clients where the=20 messages originate and are received should know nothing of the encryption. Is this doable? Will I have to write code or can sendmail/gpg be configured to make this=20 possible? Does anyone have any experience with this? Thanks in advance Oliver --==========176575341========== Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6-2 (MingW32) iEYEARECAAYFAjyrGhEACgkQhN/6uonit6n0WwCfS9DzMZhG0ElimzCKTklGe47H VGEAoIeOkViqL2nc0xU2ahlmMHx/vW6A =sLzK -----END PGP SIGNATURE----- --==========176575341==========-- From dirk.raeder@gmx.net Wed Apr 3 18:19:01 2002 From: dirk.raeder@gmx.net (Dirk Raeder) Date: Wed Apr 3 17:19:01 2002 Subject: GnuPG between Sendmail servers References: <176567861.1017849889@[192.168.0.1]> Message-ID: <000b01c1db23$09ba7f00$a7b0fcc3@dirk1> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Oliver, I think the G-N-U GmbH in Germany has a software solution that suits your needs perfectly. It is available under GNU Public License as far as I remember. Why do you not contact them? www.g-n-u.de -- Dirk Raeder dirk.raeder@gmx.net www.postrollenspiel.de - ----- Original Message ----- From: "Oliver Schönrock" To: Sent: Wednesday, April 03, 2002 5:04 PM Subject: GnuPG between Sendmail servers -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (MingW32) - WinPT 0.5.6 Comment: Weitere Infos: siehe http://www.gnupg.org iEYEARECAAYFAjyrHY8ACgkQZuUg5BjyV7IMvQCfRZXG3YbwJqHJ5CPRwEE1KqfR QSEAn1Ac9dX5CscQwj+b5qozs0a1B9pT =s7b3 -----END PGP SIGNATURE----- From ca+gnupg@esmtp.org Wed Apr 3 18:44:01 2002 From: ca+gnupg@esmtp.org (Claus Assmann) Date: Wed Apr 3 17:44:01 2002 Subject: GnuPG between Sendmail servers In-Reply-To: <176567861.1017849889@[192.168.0.1]>; from oliver@schonrocks.com on Wed, Apr 03, 2002 at 04:04:49PM +0100 References: <176567861.1017849889@[192.168.0.1]> Message-ID: <20020403074337.A2722@zardoc.esmtp.org> On Wed, Apr 03, 2002, Oliver Schönrock wrote: > I need to set up "secure routing of mail" between 2 (or more) Sendmail SMTP > servers. > > Is it possible to somehow connect gpg into the loop? How do you deal with Why do you want to use gpg when there is a standard for SMTP, that is already implemented in sendmail? > the fact that many messages will have to share the same key pair which is > known only only by the 2 servers. The receiving server will have to decrypt > and then perform its normal routing functions. The clients where the > messages originate and are received should know nothing of the encryption. > > Is this doable? > > Will I have to write code or can sendmail/gpg be configured to make this > possible? > > Does anyone have any experience with this? STARTTLS is implemented by sendmail (since version 8.11). You don't need to write any extra software for this. You can enforce that all mails between those two hosts are encrypted (and authenticated). See: http://www.sendmail.org/~ca/email/starttls.html From jkane89@softhome.net Wed Apr 3 19:05:01 2002 From: jkane89@softhome.net (John Kane) Date: Wed Apr 3 18:05:01 2002 Subject: 'Opportunistic Encryption in sendmail' Message-ID: <3CAB285A.45EDDC70@softhome.net> Oliver Scho:nrock oliver@schonrocks.com writes: > can sendmail be configured to make this possible? Opportunistic Encryption in sendmail http://www.usenix.org/events/lisa99/bentley.html Greg Rose, http://people.qualcomm.com/ggr/QC/ has current information. (His fix works, but may not be gpg-related. He may still have relevant info.) From karlsson@hal-pc.org Wed Apr 3 19:23:01 2002 From: karlsson@hal-pc.org (Brian M. Carlson) Date: Wed Apr 3 18:23:01 2002 Subject: Key Type & Size / Multiple Email Accounts / Key Server Questions In-Reply-To: References: Message-ID: <20020403162406.GA1561@stonewall> --uAKRQypu60I7Lcqm Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Apr 02, 2002 at 02:38:19PM -0600, Greg Strong wrote: > I'm new to GnuPG. You might say that I'm in learn and test mode before= =20 > using full time and publish keys to key servers. I have several=20 > questions. They are as follows: >=20 > 1) What type of key do you suggest? I ask this question because I'll use= =20 > GnuPG primarily for signing but in limited instances for encryption. =20 > I've read the manual and know DSA is limited to a size of 1024 bits, and= =20 > is used only for signing. ElGamal can be used for both signing and=20 > encryption with no limit on size. My first inclination is to use the=20 > default of DSA & ElGamal. See question #2 when answering. I'd suggest that you not create an ElGamal type 20 (sign and encrypt) key, as these signatures are enormous. (If you'd like to see how big, I can show you off-list.) They are also not very well supported. DSA / ElGamal is a go= od default, as it produces small signatures. =20 > 2) With the advancement of computing power what key size do you=20 > recommend? Presently I'm using an old P166 PC that will update in the=20 > near future. For getting off the ground with GnuPG I have tested with=20 > type 1 (DSA & Elgamal) with both having a size of 1024 bits. After=20 > generating the keys this size hasn't really pushed this old PC. It=20 > hasn't really been exposed to much either. For the ElGamal, I wouldn't use anything smaller than 2048, and probably fr= om 3072-4096. Some people will say this is overkill; it pays to be paranoid. T= he DSA can be no larger than 1024, and that's where I'd leave it. > 3) If you have multiple email accounts on one key and put on a key=20 > server, would these multiple email accounts then be analogous to being=20 > published in a telephone book? Well, it depends on what you mean by that. If you mean can someone search f= or them on a keyserver, yes. But that's a Good Thing, IMO. AFAIK, nobody has ever been spammed because their email address was on their OpenPGP key. --=20 Brian M. Carlson OpenPGP: 0x351336B2DCA1913A --uAKRQypu60I7Lcqm Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6d (GNU/Linux) Comment: Ubi libertas, ibi patria. iQEVAwUBPKsspeWR/8lWBVPnAQOcjAf/amfVGSdBcX0fQX0mLfeBdlM1fIvezPvj A+DGkFoQW8aXoxcOqCj6W2MzC7Layg4m2YmktHqB6rTrics2vjYFUiRXzQnKSfTW ZdwSgzkmaLImgQ0K5LDrgBgksv7Ig+aYVZ2KCHjFvvml4jsV+OZhoHT1ZwQku4QI QR8KCNt8Jq6JSexprvmoKAGAnChR9FQa8YcEFTjhoyv7Stqe36jiYGorOtFmURpL jJSPvxt1r4QdX4ay9kqfXK8w4zmxBaI5jbbjmYe/OH2R2rx/9mYHW57eNDkzDWM+ nypq6SvBAgYNIy3kAioggZwSR9+CFznepzqhxbdM9iC1EJmIymdWYQ== =4Ya6 -----END PGP SIGNATURE----- --uAKRQypu60I7Lcqm-- From agreene@pobox.com Wed Apr 3 20:15:02 2002 From: agreene@pobox.com (Anthony E. Greene) Date: Wed Apr 3 19:15:02 2002 Subject: GnuPG between Sendmail servers In-Reply-To: <176567861.1017849889@[192.168.0.1]> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 3 Apr 2002, Oliver Sch=F6nrock wrote: >I need to set up "secure routing of mail" between 2 (or more) Sendmail S= MTP=20 >servers. You should look into TLS. If using GPG is even possible, it would be a serious kludge. TLS was=20 designed to solve this problem. Tony - --=20 Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239= D AOL/Yahoo Chat: TonyG05 HomePage: Linux: the choice of a GNU Generation. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene 0x6C94239D iD8DBQE8qzivpCpg3WyUI50RAn+CAJ0UiXxrh438/OaGVQqZ40BSQuGnugCeKfPK Un6x3Lyg3HmJMM9qKyaqhhA=3D =3DWkex -----END PGP SIGNATURE----- From dshaw@jabberwocky.com Wed Apr 3 20:33:02 2002 From: dshaw@jabberwocky.com (David Shaw) Date: Wed Apr 3 19:33:02 2002 Subject: Key Type & Size / Multiple Email Accounts / Key Server Questions In-Reply-To: References: Message-ID: <20020403173415.GB696@akamai.com> On Tue, Apr 02, 2002 at 02:38:19PM -0600, Greg Strong wrote: > I'm new to GnuPG. You might say that I'm in learn and test mode before > using full time and publish keys to key servers. I have several > questions. They are as follows: > > 1) What type of key do you suggest? I ask this question because I'll use > GnuPG primarily for signing but in limited instances for encryption. > I've read the manual and know DSA is limited to a size of 1024 bits, and > is used only for signing. ElGamal can be used for both signing and > encryption with no limit on size. My first inclination is to use the > default of DSA & ElGamal. See question #2 when answering. You actually have another possibility which is an RSA key. As to which to pick, it depends on the use. ElGamal signatures are somewhat controversial (they're hard to get right), and so may not be widely supported in the future. RSA signatures are physically large, which may be a disadvantage if you're signing emails most of the time. This document, while slightly out of date, is fantastic on the subject: http://www.samsimpson.com/pgp.php In general, if you are signing emails, then I'd pick DSA for your signing key. > 2) With the advancement of computing power what key size do you > recommend? Presently I'm using an old P166 PC that will update in the > near future. For getting off the ground with GnuPG I have tested with > type 1 (DSA & Elgamal) with both having a size of 1024 bits. After > generating the keys this size hasn't really pushed this old PC. It > hasn't really been exposed to much either. Well, DSA is limited to 1024, and that what to use (there is no point in going smaller). The size of the encryption key can be larger. You can pretty easily test how fast you can go with various key sizes. In general, the speed doesn't matter terribly much in practical terms unless you're processing thousands of items an hour. > 3) If you have multiple email accounts on one key and put on a key > server, would these multiple email accounts then be analogous to being > published in a telephone book? Yes, pretty much. David -- David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +---------------------------------------------------------------------------+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson From avbidder@fortytwo.ch Wed Apr 3 20:50:01 2002 From: avbidder@fortytwo.ch (Adrian 'Dagurashibanipal' von Bidder) Date: Wed Apr 3 19:50:01 2002 Subject: GnuPG between Sendmail servers In-Reply-To: <176567861.1017849889@[192.168.0.1]> References: <176567861.1017849889@[192.168.0.1]> Message-ID: <1017856232.802.2.camel@zaphod> --=-q4NnOh1noSLfzx5TlyPB Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On Wed, 2002-04-03 at 17:04, Oliver Sch=F6nrock wrote: > I need to set up "secure routing of mail" between 2 (or more) Sendmail SM= TP=20 > servers. I'd ask myself if it wouldn't be easier to set up a VPN (IP/Sec with S/WAN or something like that) and have the network take care of encryption. Of course mail wouldn't be encrypted on the servers, but only on the wire, but if you're mostly concerned about somebody sniffing on the network this solution seems easier. cheers -- vbi --=-q4NnOh1noSLfzx5TlyPB Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEABECAAYFAjyrQOcACgkQFDhRaJIIJIG5tgCeKhu6MLtqIBbRj0F9FGnKFDRu b2wAn0hRUSlU3kzJRhNkizn2tDRX3faM =RUhj -----END PGP SIGNATURE----- --=-q4NnOh1noSLfzx5TlyPB-- From oliver@schonrocks.com Wed Apr 3 21:16:02 2002 From: oliver@schonrocks.com (=?ISO-8859-1?Q?Oliver_Sch=F6nrock?=) Date: Wed Apr 3 20:16:02 2002 Subject: GnuPG between Sendmail servers In-Reply-To: <1017856232.802.2.camel@zaphod> References: <1017856232.802.2.camel@zaphod> Message-ID: <188100464.1017861421@[192.168.0.1]> --==========188109849========== Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline --On 03 April 2002 19:50 +0200 Adrian 'Dagurashibanipal' von Bidder=20 wrote: > I'd ask myself if it wouldn't be easier to set up a VPN (IP/Sec with > S/WAN or something like that) and have the network take care of > encryption. > Wow, great responses with many ideas. So we have 1. G-N-U Gmbh's GEAM (=3D Geam Encrypts All Mail) server 2. Sendmail itself V8.11+, using STARTTLS 3. ssmail for sendmail with dynamic key generation 4. and VPN/IPSec based solutions I had thought of No 4 when I first came across this app, but have been=20 advised that keeping VPNs up and running long term can involve a lot of=20 work and no guaranteed success. Also it seemed more logical to use an=20 "asynchronous" secure connection (sorry if that's not the right term) for=20 what is an asycnhronous process, rather than trying to keep a VPN live 24/7 = for infrequent and peaky mail traffic. That's when I started looking at = GPG. ssmail sounds quite cool also, but I not sure that the key per email is=20 good for my application since I need remote control of the operation (ie=20 the keys). If someone understands this better, please let me know. Sendmail itself with TLS is obviously a great option, my question here (to=20 save me some time reading the whole manual before I even think about making = a decision) would be: "does sendmail/STARTTLS allow for remote allocation=20 of keys. In other words can I control the operation of the secure comms=20 remotely?" Any shared prior knowledge would be much appreciated. Lastly, the GNU GEAM server, while obviously not as native as the Sendmail=20 solution might provide management services suited to my app which may=20 outweigh is disadvantages. -Is anyone familiar with what GNU provides over sendmail/STARTTLS? -Is their a difference in the level of security of TLS vs GnuPG/GEAM? -Is their more flexibility of adding single clients into the secure network = (which may be a requirement for my app)? Thanks again Oliver --==========188109849========== Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6-2 (MingW32) iEYEARECAAYFAjyrRx4ACgkQhN/6uonit6nIUACeKDgE+VUCiq5vmpvczZrQYH0W XVsAmgPgpN59++g2yOg9TKWlt8ROrVZ3 =G791 -----END PGP SIGNATURE----- --==========188109849==========-- From oliver@schonrocks.com Wed Apr 3 21:19:01 2002 From: oliver@schonrocks.com (=?ISO-8859-1?Q?Oliver_Sch=F6nrock?=) Date: Wed Apr 3 20:19:01 2002 Subject: my signatures Message-ID: <188245192.1017861566@[192.168.0.1]> --==========188257313========== Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline I have been privately advised that my MIME/PGP signatures were giving=20 trouble... Anyone else on the list have this problem with my mails.. If so I would revert to inline PGP or at least try to fix it..(I am using=20 Mulberry V2.2b4 on W2K). Oliver --==========188257313========== Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6-2 (MingW32) iEYEARECAAYFAjyrR64ACgkQhN/6uonit6kLmwCffyAAH8kfG8j8jhao3etvhVsG iyMAnAwqrDoZryKHJ6Q/aRgc/39usCbq =I2M4 -----END PGP SIGNATURE----- --==========188257313==========-- From pta@psaconsultants.com Wed Apr 3 22:01:02 2002 From: pta@psaconsultants.com (Peter T. Abplanalp) Date: Wed Apr 3 21:01:02 2002 Subject: my signatures In-Reply-To: <188245192.1017861566@[192.168.0.1]>; from oliver@schonrocks.com on Wed, Apr 03, 2002 at 07:19:26PM +0100 References: <188245192.1017861566@[192.168.0.1]> Message-ID: <20020403120151.A6502@psaconsultants.com> --pWyiEgJYm5f9v55/ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable it looks like a good but unverified sig to me. i.e. good sig but no trust path back to me. On Wed, Apr 03, 2002 at 07:19:26PM +0100, Oliver Sch?nrock wrote: > I have been privately advised that my MIME/PGP signatures were giving=20 > trouble... >=20 > Anyone else on the list have this problem with my mails.. >=20 > If so I would revert to inline PGP or at least try to fix it..(I am using= =20 > Mulberry V2.2b4 on W2K). >=20 > Oliver --=20 Peter Abplanalp Email: pta@psaconsultants.com PGP: pgp.mit.edu --pWyiEgJYm5f9v55/ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8q1GeggA8sH0iRXQRAi1UAKCN49fkCYxUl18bdr4LKfvgYt6m7QCePCRm WZ9C//ntbHslBPIsXFysnUM= =7Lhq -----END PGP SIGNATURE----- --pWyiEgJYm5f9v55/-- From ASkwar@host.homelinux.org Wed Apr 3 22:10:02 2002 From: ASkwar@host.homelinux.org (Alexander Skwar) Date: Wed Apr 3 21:10:02 2002 Subject: AIM Encryption? In-Reply-To: <7CE1EE1A3A42D411893200A0C98A39C00B2D0467@tc360.troweprice.com> References: <7CE1EE1A3A42D411893200A0C98A39C00B2D0467@tc360.troweprice.com> Message-ID: <20020403191046.GG11104@teich.Garten.DigitalProjects.com> =BBCase, Cory=AB sagte am 2002-03-26 um 11:23:54 -0500 : > Alternatively, is there another product available that would offer the bu= ddy > list & chat features of AIM, in a secure message transport? We're less > interested in the ftp, chat room, and other AIM features. It's the IM > portion that is of most interest to us. Jabber allows you to connect to it thru a SSL connection. And further, you can easily install your own Jabber server in your intranet. See www.jabber.org for more details. In case you wonder, jabber is an OpenSource IM system. If you want to, you can also have it connect to AIM, ICQ, MSN, Yahoo and thus chat to users of these systems from your Jabber client. Alexander Skwar --=20 How to quote: http://learn.to/quote (german) http://quote.6x.to (english) Homepage: http://www.iso-top.de | Jabber: askwar@charente.de iso-top.de - Die g=FCnstige Art an Linux Distributionen zu kommen Uptime: 2 hours 26 minutes From dshaw@jabberwocky.com Wed Apr 3 22:15:02 2002 From: dshaw@jabberwocky.com (David Shaw) Date: Wed Apr 3 21:15:02 2002 Subject: my signatures In-Reply-To: <188245192.1017861566@[192.168.0.1]> References: <188245192.1017861566@[192.168.0.1]> Message-ID: <20020403191535.GG696@akamai.com> On Wed, Apr 03, 2002 at 07:19:26PM +0100, Oliver Sch=F6nrock wrote: > I have been privately advised that my MIME/PGP signatures were giving=20 > trouble... >=20 > Anyone else on the list have this problem with my mails.. What sort of trouble? Signatures that won't verify, or people disliking PGP/MIME? (I don't want to get into a PGP/MIME battle, but suffice to say that some people like PGP/MIME and some people don't.) David --=20 David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.co= m/ +------------------------------------------------------------------------= ---+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson From pta@psaconsultants.com Wed Apr 3 22:33:02 2002 From: pta@psaconsultants.com (Peter T. Abplanalp) Date: Wed Apr 3 21:33:02 2002 Subject: searchable archive Message-ID: <20020403123408.C6502@psaconsultants.com> --32u276st3Jlj2kUU Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable can someone point me to a searchable archive for this list? there are a number of topics i like to read up on but don't want to make anyone angry by bringing them up again. like pgp/mime v. inline sigs... :) thanks. --=20 Peter Abplanalp Email: pta@psaconsultants.com PGP: pgp.mit.edu --32u276st3Jlj2kUU Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8q1kvggA8sH0iRXQRAuEoAJ9i+diYpKLzmxX4m6sldvOXFf+U2gCeLmUr v46dRRaQqXAVbU7saoiS+/c= =ryq9 -----END PGP SIGNATURE----- --32u276st3Jlj2kUU-- From JanuszA.Urbanowicz Wed Apr 3 23:16:01 2002 From: JanuszA.Urbanowicz (JanuszA.Urbanowicz) Date: Wed Apr 3 22:16:01 2002 Subject: GnuPG between Sendmail servers In-Reply-To: <176567861.1017849889@[192.168.0.1]> from "[Oliver Sch_nrock]" at "Apr 3, 2002 04:04:49 pm" Message-ID: [Oliver Sch_nrock] wrote/napisa=B3[a]/schrieb: > I need to set up "secure routing of mail" between 2 (or more) Sendmail SM= TP=20 > servers. Use SMTP/TLS or better set-up IPSec link between the machines. Alex --=20 C _-=3D-_ H| Janusz A. Urbanowicz | ALEX3-RIPE | SF-F Framling | | = * =09 ; (_O : +-------------------------------------------------------------+ --= +~|=09 ! &~) ? | P=B3yn=B1=E6 chc=EA na Wsch=F3d, za Suez, gdzie jest dobrem ka= =BFde z=B3o | l_|/=09 A ~-=3D-~ O| Gdzie przykaza=F1 brak dziesi=EAciu, a pi=E6 mo=BFna a=BF po d= no; | | =20 From Fabian.Rodriguez@Toxik.com Wed Apr 3 23:26:02 2002 From: Fabian.Rodriguez@Toxik.com (Toxik - Fabian Rodriguez) Date: Wed Apr 3 22:26:02 2002 Subject: searchable archive In-Reply-To: <20020403123408.C6502@psaconsultants.com> Message-ID: Hi Peter, > can someone point me to a searchable archive for this list? [...] It's at http://lists.gnupg.org/ This is mentioned at http://www.gnupg.org/docs-mls.html Cheers, Fabian Rodriguez - Toxik Technologies, Inc. www.toxik.com . (514) 528-6945 @221 OpenPGP: 0x5AF2A4D5 From sales@a2zuniforms.com Wed Apr 3 23:34:01 2002 From: sales@a2zuniforms.com (A2ZUniforms.com) Date: Wed Apr 3 22:34:01 2002 Subject: Decrypting an entire file Message-ID: <00d801c1db4f$b40db0e0$0100a8c0@A2ZMAIN> This is a multi-part message in MIME format. --Boundary_(ID_scjQSxBEBqBVIZ9a+hG8YQ) Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT I put this out the other day and I'm still trying to solve my problem. I have a comma delimited file that is encrypted on our server. I am trying to decrypt the file from the command prompt and keep the entire contents of the file in one file using the same file name. If I specify a file name with the +force -o variable, it only ends up with last record appended to the encrypted file. If we just decrypt with no variables, it will create a separate file with no extension for each record that was added to the encrypted file. I am needing the correct syntax (command line) to decrypt the file keeping the whole file intact, using the same name as the original file. Any help with this will be greatly appreciated. Tim Durham --Boundary_(ID_scjQSxBEBqBVIZ9a+hG8YQ) Content-type: text/html; charset=iso-8859-1 Content-transfer-encoding: 7BIT
I put this out the other day and I'm still trying to solve my problem.  I have a comma delimited file that is encrypted on our server.  I am trying to decrypt the file from the command prompt and keep the entire contents of the file in one file using the same file name.  If I specify a file name with the +force -o variable, it only ends up with last record appended to the encrypted file.  If we just decrypt with no variables, it will create a separate file with no extension for each record that was added to the encrypted file.  I am needing the correct syntax (command line) to decrypt the file keeping the whole file intact, using the same name as the original file.  Any help with this will be greatly appreciated.
 
Tim Durham
--Boundary_(ID_scjQSxBEBqBVIZ9a+hG8YQ)-- From sbutler@fchn.com Thu Apr 4 00:02:01 2002 From: sbutler@fchn.com (Steve Butler) Date: Wed Apr 3 23:02:01 2002 Subject: Decrypting an entire file Message-ID: <9A86613AB85FF346BB1321840DB42B4B67D5EB@jupiter.fchn.com> This is a multi-part message in MIME format. ------=_NextPart_000_035B_01C1DB0F.CADC9290 x-gfisavedcharset: iso-8859-1 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit I don't remember all the details. Seems like you had individual encrypted sessions appended to the main file. I suspect that since you want each decrypted session to also append to the output that you will need to send the decrypted output to STDLIST and redirect that to a file using the append redirect (>>). I presume this is on a *NIX box. -----Original Message----- From: A2ZUniforms.com [mailto:sales@a2zuniforms.com] Sent: Wednesday, April 03, 2002 12:40 PM To: gnupg-users@gnupg.org Subject: Decrypting an entire file I put this out the other day and I'm still trying to solve my problem. I have a comma delimited file that is encrypted on our server. I am trying to decrypt the file from the command prompt and keep the entire contents of the file in one file using the same file name. If I specify a file name with the +force -o variable, it only ends up with last record appended to the encrypted file. If we just decrypt with no variables, it will create a separate file with no extension for each record that was added to the encrypted file. I am needing the correct syntax (command line) to decrypt the file keeping the whole file intact, using the same name as the original file. Any help with this will be greatly appreciated. Tim Durham CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ------=_NextPart_000_035B_01C1DB0F.CADC9290 x-gfisavedcharset: iso-8859-1 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: 7bit
I don't remember all the details.  Seems like you had individual encrypted sessions appended to the main file.
 
I suspect that since you want each decrypted session to also append to the output that you will need to send the decrypted output to STDLIST and redirect that to a file using the append redirect (>>).  I presume this is on a *NIX box.
 
-----Original Message-----
From: A2ZUniforms.com [mailto:sales@a2zuniforms.com]
Sent: Wednesday, April 03, 2002 12:40 PM
To: gnupg-users@gnupg.org
Subject: Decrypting an entire file

I put this out the other day and I'm still trying to solve my problem.  I have a comma delimited file that is encrypted on our server.  I am trying to decrypt the file from the command prompt and keep the entire contents of the file in one file using the same file name.  If I specify a file name with the +force -o variable, it only ends up with last record appended to the encrypted file.  If we just decrypt with no variables, it will create a separate file with no extension for each record that was added to the encrypted file.  I am needing the correct syntax (command line) to decrypt the file keeping the whole file intact, using the same name as the original file.  Any help with this will be greatly appreciated.
 
Tim Durham

CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
 ------=_NextPart_000_035B_01C1DB0F.CADC9290-- From pta@psaconsultants.com Thu Apr 4 00:10:01 2002 From: pta@psaconsultants.com (Peter T. Abplanalp) Date: Wed Apr 3 23:10:01 2002 Subject: Decrypting an entire file In-Reply-To: <00d801c1db4f$b40db0e0$0100a8c0@A2ZMAIN>; from sales@a2zuniforms.com on Wed, Apr 03, 2002 at 02:39:50PM -0600 References: <00d801c1db4f$b40db0e0$0100a8c0@A2ZMAIN> Message-ID: <20020403140959.D6502@psaconsultants.com> --2Z2K0IlrPCVsbNpk Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable don't quote me on this but i don't think this will work. i suggest you use a temp file and then rename it the same as the original. put it in a little script. On Wed, Apr 03, 2002 at 02:39:50PM -0600, A2ZUniforms.com wrote: > I put this out the other day and I'm still trying to solve my problem. I= have a comma delimited file that is encrypted on our server. I am trying = to decrypt the file from the command prompt and keep the entire contents of= the file in one file using the same file name. If I specify a file name w= ith the +force -o variable, it only ends up with last record appended to th= e encrypted file. If we just decrypt with no variables, it will create a s= eparate file with no extension for each record that was added to the encryp= ted file. I am needing the correct syntax (command line) to decrypt the fi= le keeping the whole file intact, using the same name as the original file.= Any help with this will be greatly appreciated. >=20 > Tim Durham --=20 Peter Abplanalp Email: pta@psaconsultants.com PGP: pgp.mit.edu --2Z2K0IlrPCVsbNpk Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8q2+nggA8sH0iRXQRAmRRAKCTp5oMo4RzMj8V8xDfHkL7CpZu9QCfRxIi 8rQGRFmSiUxPR08OeHSHCso= =cg/c -----END PGP SIGNATURE----- --2Z2K0IlrPCVsbNpk-- From dshaw@jabberwocky.com Thu Apr 4 00:11:01 2002 From: dshaw@jabberwocky.com (David Shaw) Date: Wed Apr 3 23:11:01 2002 Subject: searchable archive In-Reply-To: <20020403123408.C6502@psaconsultants.com> References: <20020403123408.C6502@psaconsultants.com> Message-ID: <20020403211025.GA3640@akamai.com> On Wed, Apr 03, 2002 at 12:34:08PM -0700, Peter T. Abplanalp wrote: > can someone point me to a searchable archive for this list? there are a > number of topics i like to read up on but don't want to make anyone angry > by bringing them up again. like pgp/mime v. inline sigs... :) Oops. I didn't mean to give the impression that it was a very contentious issue. Just very mildly contentious. :) There are archives for this list (and others) on lists.gnupg.org, but they are not searchable. You can use Google to search them by searching for "(whatever you want to search for) site:lists.gnupg.org". In other words, just tack on "site:lists.gnupg.org" to the end of your search. David -- David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +---------------------------------------------------------------------------+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson From sales@a2zuniforms.com Thu Apr 4 00:26:01 2002 From: sales@a2zuniforms.com (A2ZUniforms.com) Date: Wed Apr 3 23:26:01 2002 Subject: Decrypting an entire file References: <9A86613AB85FF346BB1321840DB42B4B67D5EB@jupiter.fchn.com> Message-ID: <001e01c1db56$efa3bbc0$0100a8c0@A2ZMAIN> Steve, The file is encrypted on a Cobalt (Redhat Linux) and decrypted on a WinXP machine. Can you tell me what the full command line should be at the command prompt on my WinXP box to accomplish this? I sure do appreciate the response :) It will be a happy day when I know how to do this. Thanks, Tim D. I don't remember all the details. Seems like you had individual encrypted sessions appended to the main file. I suspect that since you want each decrypted session to also append to the output that you will need to send the decrypted output to STDLIST and redirect that to a file using the append redirect (>>). I presume this is on a *NIX box. From sbutler@fchn.com Thu Apr 4 01:38:02 2002 From: sbutler@fchn.com (Steve Butler) Date: Thu Apr 4 00:38:02 2002 Subject: Decrypting an entire file Message-ID: <9A86613AB85FF346BB1321840DB42B4B67D5ED@jupiter.fchn.com> Sorry, all my scripting is in the Korn shell on a Linux box. On Linux I'd do: echo "My Pass Phrase" | gpg --homedir my_home_dir --passphrase-fd 0 --no-tty --output - --decrypt "$2" >> my_decrypted_output Don't know if the '--output -' will force the output to STDLIST on a *doze box or not. You might try it without the '--output -' altogether. -----Original Message----- From: A2ZUniforms.com [mailto:sales@a2zuniforms.com] Sent: Wednesday, April 03, 2002 1:32 PM To: Steve Butler; gnupg-users@gnupg.org Subject: Re: Decrypting an entire file Steve, The file is encrypted on a Cobalt (Redhat Linux) and decrypted on a WinXP machine. Can you tell me what the full command line should be at the command prompt on my WinXP box to accomplish this? I sure do appreciate the response :) It will be a happy day when I know how to do this. Thanks, Tim D. I don't remember all the details. Seems like you had individual encrypted sessions appended to the main file. I suspect that since you want each decrypted session to also append to the output that you will need to send the decrypted output to STDLIST and redirect that to a file using the append redirect (>>). I presume this is on a *NIX box. CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. From gw_goldwing@gwstrong.com Thu Apr 4 01:46:01 2002 From: gw_goldwing@gwstrong.com (Greg Strong) Date: Thu Apr 4 00:46:01 2002 Subject: Key Type & Size / Multiple Email Accounts / Key Server Questions In-Reply-To: <20020403173415.GB696@akamai.com> References: <20020403173415.GB696@akamai.com> Message-ID: In article <20020403173415.GB696@akamai.com>, David Shaw wrote: > You actually have another possibility which is an RSA key. > > As to which to pick, it depends on the use. ElGamal signatures are > somewhat controversial (they're hard to get right), and so may not be > widely supported in the future. I plan on using GnuPG. Unless I missed something RSA was NOT an option. > This document, while slightly out of date, is fantastic on the subject: > http://www.samsimpson.com/pgp.php Using GnuPG reading these threads and your reference I would say a primary key type of DSA to sign at maximum size of 1024, and a key type of ElGamal to encrypt with a size of 4096. It sounds like I may run into some problems with the ElGamal which I understand is a derivative of DH. Thanks for the info! Greg Strong Email: gw_goldwing@gwstrong.com Win98 Wed, 03 Apr 2002 16:15 CST From peter.kuhm@plus.at Thu Apr 4 01:49:01 2002 From: peter.kuhm@plus.at (Peter Kuhm) Date: Thu Apr 4 00:49:01 2002 Subject: searchable archive In-Reply-To: References: <20020403123408.C6502@psaconsultants.com> Message-ID: <3.0.6.32.20020404004855.013ccbe0@mail.plus.at> Hi, At 15:25 03.04.02 -0500, Toxik - Fabian Rodriguez wrote: >> can someone point me to a searchable archive for this list? [...] >It's at http://lists.gnupg.org/ >This is mentioned at http://www.gnupg.org/docs-mls.html zhe archive is mentioned in each mail that comes via list so I think "searchable" should be emphasized. Peter, you may try: http://www.google.com/search?q=site%3Alists.gnupg.org+your+searchterms regards, Peter From bedouglas@earthlink.net Thu Apr 4 02:20:02 2002 From: bedouglas@earthlink.net (mail.earthlink.net) Date: Thu Apr 4 01:20:02 2002 Subject: building gnupg on Windows 2000 In-Reply-To: Message-ID: <001501c1db66$f5b8ca40$0301a8c0@Mesa.com> Hey, I'm interested in building the GnuPG application from source on a windows 2000 platform. I'd like to be able to use the VisualSource IDE and build the app as a console application. I've taken a look at the source code contained in the latest zip file (1.0.6) and am curious as to why the mwing32, binutils, gcc software is required. I'm looking to talk with anyone who has successfully built the app using either the instructions provided, or from a scratch windows environment, using msdev winsock.h, etc... I'd prefer to stay away from having to replicate pieces of the unix environment if possible. I'd also like to minimize the need to alter code as much as possible. All pointers, advice will be duly considered and appreciated. Thanks for any assistance..... Bruce Douglas From gw_goldwing@gwstrong.com Thu Apr 4 02:42:01 2002 From: gw_goldwing@gwstrong.com (Greg Strong) Date: Thu Apr 4 01:42:01 2002 Subject: Change directory for public and secret key rings? Message-ID: How can you change the directory location of the public and secret key rings? TIA! Greg Strong Email: gw_goldwing@gwstrong.com Win98 Wed, 03 Apr 2002 17:40 CST From jkane89@softhome.net Thu Apr 4 04:28:01 2002 From: jkane89@softhome.net (John Kane) Date: Thu Apr 4 03:28:01 2002 Subject: search gnupg-users at marc.theaimsgroup.com Message-ID: <3CABAC4B.41D691B8@softhome.net> We're searchable online courtesy of the AIMS group, which indexes many tech mailing lists: http://marc.theaimsgroup.com/ http://marc.theaimsgroup.com/?l=gnupg-users&r=1&w=2 From jkane89@softhome.net Thu Apr 4 04:39:02 2002 From: jkane89@softhome.net (John Kane) Date: Thu Apr 4 03:39:02 2002 Subject: Change directory for public and secret key rings? Message-ID: <3CABAEE4.20EAD519@softhome.net> Greg Strong gw_goldwing@gwstrong.com writes: > How can you change the directory location of the > public and secret key rings? TIA! With gpg --homedir c:/any/dir/ --mycommand... or, in Windows, by setting a registry key, which I can send you instructions for. From dshaw@jabberwocky.com Thu Apr 4 06:39:02 2002 From: dshaw@jabberwocky.com (David Shaw) Date: Thu Apr 4 05:39:02 2002 Subject: Key Type & Size / Multiple Email Accounts / Key Server Questions In-Reply-To: References: <20020403173415.GB696@akamai.com> Message-ID: <20020404033855.GA1563@akamai.com> On Wed, Apr 03, 2002 at 04:47:27PM -0600, Greg Strong wrote: > In article <20020403173415.GB696@akamai.com>, David Shaw wrote: > > You actually have another possibility which is an RSA key. > > > > As to which to pick, it depends on the use. ElGamal signatures are > > somewhat controversial (they're hard to get right), and so may not be > > widely supported in the future. > > I plan on using GnuPG. Unless I missed something RSA was NOT an option. If you use one of the 1.0.7 development versions (or generate the key in PGP), then RSA is an option. Once the key is generated, you can use it in your current version of GnuPG. > > This document, while slightly out of date, is fantastic on the subject: > > http://www.samsimpson.com/pgp.php > > Using GnuPG reading these threads and your reference I would say a > primary key type of DSA to sign at maximum size of 1024, and a key type > of ElGamal to encrypt with a size of 4096. It sounds like I may run into > some problems with the ElGamal which I understand is a derivative of DH. Only for signing. Encrypting with ElGamal is just fine. For what it's worth, I decided to start the transition to using an OpenPGP key a few months ago. I settled on an 4096 bit RSA master key, with an ElGamal encryption subkey, and a DSA signing subkey. Best of all worlds :) David -- David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +---------------------------------------------------------------------------+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson From cwsiv_home1@juno.com Tue Apr 9 07:52:01 2002 From: cwsiv_home1@juno.com (carl w spitzer) Date: Tue Apr 9 06:52:01 2002 Subject: 1024 bit encryption compromised? References: Message-ID: <20020408.214827.2335.1.cwsiv_home1@juno.com> Why 2048? A friend who first gave me a copy of PGP said to use either 1023 or 2047 to make the mathmatics of factoring fail to the more common computer routines. o _______________________________ o _____ | CWSIV_HOME1@JUNO.COM | .][__n_n_|DD[ ====_____ | M A R K L I N T R A I N S | > (________|__|_[_________]_|___________________________| _/oo OOOOO oo` ooo ooo 'o!o!o o!o!o` On Wed, 27 Mar 2002 17:15:59 +0100 (CET) "Oyvind A. Holm" writes: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >Found a disquieting article at : > > 1024-bit encryption is 'compromised' > > Upgrade to 2048-bit, says crypto expert > > According to a security debate sparked off by cryptography expert > Lucky Green on Bugtraq yesterday, 1,024-bit RSA encryption should > be "considered compromised". > > The Financial Cryptography conference earlier this month, which > largely focused on a paper published by cryptographer Dan >Bernstein > last October detailing integer factoring methodologies, revealed > "significant practical security implications impacting the > overwhelming majority of deployed systems utilising RSA as the > public key algorithm". > > Based on Bernstein's proposed architecture, a panel of experts > estimated that a 1,024-bit RSA factoring device can be built using > only commercially available technology for a price range of several > hundred million to $1bn. > >I guess this is the same thing that was discussed last week on this >list. I'm not into this level of cryptoanalytics, but what do you >folks >say about this? I guess there is no need to get upset of this, if Big >Brother wants my bytes, I suppose he has other ugly ways to compromise >the key -- bugging my flat or setting up some kind of scanners to >analyze the keyboard radiation or maybe plain old violence. I doubt >the >govs wants to use millions of euro to read my mail. But I admit it's >damn irritating to read this now that I changed my key only one month >ago. *grmpf* > >The question is floating around among us -- would it be wise to >upgrade >to 2048 bits, or is this just speculations? Now that they're talking >about this, I guess one should be a step ahead of the snoopers -- >especially when it comes to the future robustness of the signatures. > >Mvh >=D8yvind > >+-------------------------------------------------------------------+ >| OpenPGP: 0x629022EB 2002-02-24 =D8yvind A. Holm >| >| Fingerprint: DBE9 8D44 67F7 42AC 2CA1 7651 724E 9D53 6290 22EB | >+-------- Don't support organized crime, boycott Microsoft. --------+ > >-----BEGIN PGP SIGNATURE----- >Version: GnuPG v1.0.6 (GNU/Linux) > >iD8DBQE8ofApck6dU2KQIusRAvgrAKCZKsw3w+VSzUyNOSlbsOWaT+CZyQCeOu9w >au88KVPs3/rNsFvPkiASBlU=3D >=3D+B5H >-----END PGP SIGNATURE----- ________________________________________________________________ GET INTERNET ACCESS FROM JUNO! Juno offers FREE or PREMIUM Internet access for less! Join Juno today! For your FREE software, visit: http://dl.www.juno.com/get/web/. From avbidder@acter.ch Tue Apr 9 17:19:02 2002 From: avbidder@acter.ch (Adrian von Bidder) Date: Tue Apr 9 16:19:02 2002 Subject: Difficulties with PGP 7.1? Message-ID: <1018362010.4926.70.camel@atlas> --=-WDRR/zBXqr3K5AUdjZRE Content-Type: multipart/mixed; boundary="=-J675iUdi7OqxQMmJsTpr" --=-J675iUdi7OqxQMmJsTpr Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Yo! [hope the mailing list runs again - got no mail so far.] Are there any fundamental difficulties between PGP 7.1 and GnuPG (Debian 1.0.6-3 here)? I'll try to get some more data, but a friend of mine and I have some difficulties with broken signatures. his key: [removed --moderator] Of course, it could be a fundamental problem between outlook and evolution, too. (No, it is an inline signature, so it's not the evolution MIME-boundaries problem this time). I'm attaching the problematic part of the mail. cheers -- vbi [private attachments removed --moderator] --=-J675iUdi7OqxQMmJsTpr-- --=-WDRR/zBXqr3K5AUdjZRE Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEABECAAYFAjyy+JoACgkQwj49sl5Lcx+yFgCdFJ71kR4ewxLWH/A1+APBY7Rt n0EAnisnv1/bfflPFCKLSfNt3DhmoJcb =JJhO -----END PGP SIGNATURE----- --=-WDRR/zBXqr3K5AUdjZRE-- From rmalayter@bai.org Tue Apr 9 18:19:01 2002 From: rmalayter@bai.org (Ryan Malayter) Date: Tue Apr 9 17:19:01 2002 Subject: 1024 bit encryption compromised? Message-ID: <22FD1855C2B16C40A1F6DE406420021E0187F966@mail.bai.org> From: carl w spitzer [mailto:cwsiv_home1@juno.com] >Why 2048? >A friend who first gave me a copy of PGP said >to use either 1023 or 2047 to make the mathmatics >of factoring fail to the more common computer >routines. This seems kind of pointless to me. Okay, so maybe this-or-that implementation of PGP does fix the high-order bit of a generated key at 1. You could be fooling an attacker who is simply trying an exhaustive keyspace search by using a 1023-bit key. But this attacker would be a moron, and not much to worry about. I'm no mathemetician, but from what I've read it seems that the General Number Field Sieve (currently the best factoring algorithm) doesn't work like a brute-force keyspace search at all: it will factor any length of number smaller than the limit implemented by the programmer. If the programmer codes for 1024-bit keys, his algorithm will factor 1023-bit keys as well. (Can any academics out there confirm this?) Regards, -ryan- From rdmyers@netzon.net Tue Apr 9 20:54:01 2002 From: rdmyers@netzon.net (Rodney D. Myers) Date: Tue Apr 9 19:54:01 2002 Subject: why lose you secret key ring Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 What about putting your secring into the background of a picture, with some form of stenography program. With this, you can have a copy of your secret keyring on your background. - -- Rodney D. Myers Member of Digital Freedom Alliance Amateur: KG6ANX GMRS: WPOM592 ICQ# : 18002350 Have A NORML Day AIM#: mailman452 Yahoo Chat: Mailman42_5 The difference between a good haircut and a bad one is seven days. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Have A NORML Day iEYEARECAAYFAjyzKwAACgkQRzSENXJW+i+J8ACbB4EeRe+XeG1kPka4D2RV8ZJ6 e10An1N55dHI1+O1HXBDaG2ILYXWslO8 =LKZP -----END PGP SIGNATURE----- From jeroen@valcke.com Tue Apr 9 22:36:02 2002 From: jeroen@valcke.com (Jeroen Valcke) Date: Tue Apr 9 21:36:02 2002 Subject: key security Message-ID: <20020409193718.GB3192@Tomsk> Hello, I'm new to the list and GnuPG. I have some small (newbie) questions. 1/ What about key security. Do you people all leave your private key on the harddisk of your machine. On Debian linux that's in the .gnupg directory. How about putting this whole directory on removable media (for example diskette) A colleague of mine has his on a remove USB media. Good idea? reactions? impractical? 2/ To encrypt a message all I need is the recipients public key, right? Encryption is done solely with the public key of the recipient. My private key is not used, is this correct? -Jeroen- A confused newbie. -- Jeroen Valcke jeroen@valcke.com From jdbeyer@exit109.com Tue Apr 9 22:52:01 2002 From: jdbeyer@exit109.com (Jean-David Beyer) Date: Tue Apr 9 21:52:01 2002 Subject: key security References: <20020409193718.GB3192@Tomsk> Message-ID: <3CB34686.C6E043E5@exit109.com> Jeroen Valcke wrote: > > Hello, > > I'm new to the list and GnuPG. I have some small (newbie) questions. > > 1/ What about key security. Do you people all leave your private key on > the harddisk of your machine. On Debian linux that's in the .gnupg > directory. How about putting this whole directory on removable media > (for example diskette) A colleague of mine has his on a remove USB > media. Good idea? reactions? impractical? > > 2/ To encrypt a message all I need is the recipients public key, right? > Encryption is done solely with the public key of the recipient. My > private key is not used, is this correct? > I keep mine on the hard drive (with a backup on a floppy, and it gets backed up along with everything else onto backup tape daily). Bear in mind that to get at it, the attacker must: 1.) Find out my login and password, OR 2.) Find out the superuser password, 3.) AND guess my passphrase that is fairly long and is composed of two nonsense words with screwball capitalizations. Furthermore, this is essentially a single-user machine (though there are a very few other users (mainly my sister) who very seldom log in. Rather than guessing my superuser password or my login and password, the would-be attacker should steal my backup tapes and find a computer with a similar tape drive, or find my safe-deposit box key, guess my bank, and get the floppy from there. (S)He would still have to guess my passphrase. I.e., my system is not foolproof. Furthermore, I know no one who cares enough about security to get PGP or GPG, and only one who has a VeriSign digital signature certificate, so I guess it does not really matter. Sigh. -- .~. Jean-David Beyer Registered Linux User 85642. /V\ Registered Machine 73926. /( )\ Shrewsbury, New Jersey http://counter.li.org ^^-^^ 3:45pm up 13 days, 4:02, 3 users, load average: 2.04, 2.16, 2.09 From avbidder@fortytwo.ch Tue Apr 9 23:07:01 2002 From: avbidder@fortytwo.ch (Adrian 'Dagurashibanipal' von Bidder) Date: Tue Apr 9 22:07:01 2002 Subject: key security In-Reply-To: <20020409193718.GB3192@Tomsk> References: <20020409193718.GB3192@Tomsk> Message-ID: <1018382867.628.3.camel@zaphod> --=-2RkE13FmBgjXX8mlG1UI Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Tue, 2002-04-09 at 21:37, Jeroen Valcke wrote: > 1/ What about key security. Do you people all leave your private key on > the harddisk of your machine. On Debian linux that's in the .gnupg > directory. How about putting this whole directory on removable media > (for example diskette) A colleague of mine has his on a remove USB > media. Good idea? reactions? impractical? floppy would most likely be too small for the whole directory (depending on how you use gpg). I auto-add all verified signatures to my public key ring. But in principle you are right: putting the secret key ring onto removable media would be the thing. Personally, I'm lazy and trust the protection of my password, but use a seperate (more short lived) private key in the office with a network shared home dir. > 2/ To encrypt a message all I need is the recipients public key, right? > Encryption is done solely with the public key of the recipient. My > private key is not used, is this correct? Yes. But mostly you'll want to sign your messages with your key in addition to encrypting them. cheers -- vbi --=-2RkE13FmBgjXX8mlG1UI Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEABECAAYFAjyzShIACgkQFDhRaJIIJIF/JgCcD8lh7QLOK35pXNNp2lzFYGQM roQAnR1prsMTBRC5nYtQwSUYPbtetx2R =50DT -----END PGP SIGNATURE----- --=-2RkE13FmBgjXX8mlG1UI-- From sbutler@fchn.com Tue Apr 9 23:15:01 2002 From: sbutler@fchn.com (Steve Butler) Date: Tue Apr 9 22:15:01 2002 Subject: key security Message-ID: <9A86613AB85FF346BB1321840DB42B4B67D60F@jupiter.fchn.com> 1. Removable media is good. I leave mine on my hard drive but other folks don't have access to it <>. If you choose to leave it on your hard drive use a nice, long, easy to remember but hard to guess pass phrase. 2. Encrypt to recipient does not use your private key. You would use your private key to sign if you should choose to also do that. BTW, my attempt to reply directly to you resulted in this message: Reporting-MTA: dns;milkyway.fchn.com Received-From-MTA: dns;milkyway.fchn.com Arrival-Date: Tue, 9 Apr 2002 13:12:01 -0700 Final-Recipient: rfc822;jeroen@valcke.com Action: failed Status: 5.0.0 Diagnostic-Code: smtp;550 Requested action not taken: mailbox unavailable -----Original Message----- From: Jeroen Valcke [mailto:jeroen@valcke.com] Sent: Tuesday, April 09, 2002 12:37 PM To: gnupg-users@gnupg.org Subject: key security Hello, I'm new to the list and GnuPG. I have some small (newbie) questions. 1/ What about key security. Do you people all leave your private key on the harddisk of your machine. On Debian linux that's in the .gnupg directory. How about putting this whole directory on removable media (for example diskette) A colleague of mine has his on a remove USB media. Good idea? reactions? impractical? 2/ To encrypt a message all I need is the recipients public key, right? Encryption is done solely with the public key of the recipient. My private key is not used, is this correct? -Jeroen- A confused newbie. -- Jeroen Valcke jeroen@valcke.com _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. From mikko@rossi.reimari.net Tue Apr 9 23:22:02 2002 From: mikko@rossi.reimari.net (Mikko Moilanen) Date: Tue Apr 9 22:22:02 2002 Subject: key security In-Reply-To: <20020409193718.GB3192@Tomsk>; from jeroen@valcke.com on Tue, Apr 09, 2002 at 09:37:18PM +0200 References: <20020409193718.GB3192@Tomsk> Message-ID: <20020409231149.A935@rossi> --gKMricLos+KVdGMg Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Apr 09, 2002 at 09:37:18PM +0200, Jeroen Valcke wrote: =20 =20 =20 > 2/ To encrypt a message all I need is the recipients public key, right? > Encryption is done solely with the public key of the recipient. My > private key is not used, is this correct? =20 Yes, that is correct. (Sorry, I am learning to use Vi.) =20 =20 =20 =20 --=20 http://www.koti.reimari.net/smoto --gKMricLos+KVdGMg Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8s0sEpZOH5bT/xTIRAl4AAJ0cX8ghtndEMXKFaHNQX+pNyjy3ugCZActc KNn9gmfU8rIAg/qwwGXSawY= =k3u3 -----END PGP SIGNATURE----- --gKMricLos+KVdGMg-- From Trevor Smith" Message-ID: <200204092039.g39KdCvx019789@jupiter.accesscable.net> On Tue, 9 Apr 2002 21:37:18 +0200, Jeroen Valcke wrote: >1/ What about key security. Do you people all leave your private key on >the harddisk of your machine. On Debian linux that's in the .gnupg >directory. How about putting this whole directory on removable media >(for example diskette) A colleague of mine has his on a remove USB >media. Good idea? reactions? impractical? I keep mine on my hard drive with a backup on floppy which is in a safe deposit box, in case of catastrophic hard disk failure, fire, etc. (as opposed to "in case of burglary"). The simple fact is, for most of us, encryption is not necessary. However, some of us subscribe to the idea that continual use of encryption is a Good Idea. (Some of us also just think it's cool.) Since I fall into those categories, I don't worry about someone trying to hack my keyrings so I don't get ultra paranoid about them. Plus, I live alone and I'm the only one with access to my computer on a regular basis. >-Jeroen- >A confused newbie. Don't sweat being confused. It has frustrated me for a long time how simple public-key encryption is at its core (i.e. the processes that would account for 90+% of the use by 90+% of the users if the "common person" would use it) yet how unbelievably complex most implementations of it are (because it's generally not used by the "common person" and because it's generally written by computer geeks for computer geeks). Most of us don't care about 'webs of trust', which algorithms are used, etc. We just want: 1) to get our friend's public keys so we can encrypt messages to them; and 2) give our friends our public keys so we can sign messages and they can verify them (and send us encrypted messages). sigh. -- Trevor Smith | trevor@haligonian.com From Trevor Smith" Message-ID: <200204092039.g39KdKvx019937@jupiter.accesscable.net> On Tue, 9 Apr 2002 21:37:18 +0200, Jeroen Valcke wrote: >1/ What about key security. Do you people all leave your private key on >the harddisk of your machine. On Debian linux that's in the .gnupg >directory. How about putting this whole directory on removable media >(for example diskette) A colleague of mine has his on a remove USB >media. Good idea? reactions? impractical? I keep mine on my hard drive with a backup on floppy which is in a safe deposit box, in case of catastrophic hard disk failure, fire, etc. (as opposed to "in case of burglary"). The simple fact is, for most of us, encryption is not necessary. However, some of us subscribe to the idea that continual use of encryption is a Good Idea. (Some of us also just think it's cool.) Since I fall into those categories, I don't worry about someone trying to hack my keyrings so I don't get ultra paranoid about them. Plus, I live alone and I'm the only one with access to my computer on a regular basis. >-Jeroen- >A confused newbie. Don't sweat being confused. It has frustrated me for a long time how simple public-key encryption is at its core (i.e. the processes that would account for 90+% of the use by 90+% of the users if the "common person" would use it) yet how unbelievably complex most implementations of it are (because it's generally not used by the "common person" and because it's generally written by computer geeks for computer geeks). Most of us don't care about 'webs of trust', which algorithms are used, etc. We just want: 1) to get our friend's public keys so we can encrypt messages to them; and 2) give our friends our public keys so we can sign messages and they can verify them (and send us encrypted messages). sigh. -- Trevor Smith | trevor@haligonian.com From mutz@kde.org Wed Apr 10 02:05:02 2002 From: mutz@kde.org (Marc Mutz) Date: Wed Apr 10 01:05:02 2002 Subject: key security In-Reply-To: <9A86613AB85FF346BB1321840DB42B4B67D60F@jupiter.fchn.com> References: <9A86613AB85FF346BB1321840DB42B4B67D60F@jupiter.fchn.com> Message-ID: <200204100026.26820@sendmail.mutz.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday 09 April 2002 22:14, Steve Butler wrote: > If you choose to > leave it on your hard drive use a nice, long, easy to remember but hard to > guess pass phrase. Ie, use the output of head -c 16 /dev/random | mimencode write it down on a piece of paper until you know it by heart and then burn the paper ;-) I finally did it and it's not that hard to memorize. Marc - -- Marc Mutz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8s2qQ3oWD+L2/6DgRAqGZAJ9G1UIDSg6VUELg9aWv5UbPenU9RwCgorHb jG4fQRNt2XKXwFV++bmJ43E= =Oygp -----END PGP SIGNATURE----- From kr6x@kr6x.com Wed Apr 10 02:54:02 2002 From: kr6x@kr6x.com (Leigh S. Jones) Date: Wed Apr 10 01:54:02 2002 Subject: key security References: <20020409193718.GB3192@Tomsk> Message-ID: <001401c1e022$aed50330$ede3c23f@KR6X.ORG> The only real security for your encrypted data depends on the quality of your passphrase, although to some degree there may be some degree of physical security that you can provide for your computer. Computers at a company are rarely secure, even when locked behind doors. If prying eyes really want to see your data, they can get behind the doors and beyond the boot ROM password, your computer can be booted from a floppy or tape giving the invader root access to your whole drive without even guessing a password. Or your hard drive can be unplugged and jumpered over to a laptop that will soak up everything. The whole job will be over quickly and quietly without you ever knowing anything happened. You have, basically, 1 defense. Forget removable media for the secret key ring file, it will eventually become such a nuisance to use that you give up on securely storing it on a regular basis, or else your secure storage will be insecure. Unless you do nothing that anyone would ever be interested in knowing about, your highly secure password is your only defense. Frankly, in the present electronic age this is quickly becoming very important in many more ways than one might at first imagine. People don't have to do anything spicy in their lives to have a very real need to keep secrets. Consider the credit card number. In my business we do nothing that needs to be kept a secret beyond the occasional intellectual property. But we will be using electronic signatures to replace signatures on paper documents widely very soon, and in an environment where secret keyrings must be widely shared. Password integrity becomes the only available means for assurance that the system will work. There's no sense in attempting password security that exceeds the basic security of the underlying encryption system. For the most secure applications it should take an attacker just a little bit less effort to break GPG's underlying symmetric-key cryptography than to break your own password by guessing. There are ways to assure that you've selected a password this random while still making it possible for you to remember your password. Research them, and but keep the method you use secret. Don't recommend a method that you like on a public forum like this one. If you come on here and tell everyone you used "head -c 16 /dev/random | mimencode" then everyone knows how best to attack you. Better to tell them you used "head -c 24 /dev/random | mimencode" but actually use the telephone number for your dead grandmother that you remember from your youth plus your dog's name plus two different negative descriptors you use for your two ex-wives plus your favorite flavor... ----- Original Message ----- From: "Jeroen Valcke" To: Sent: Tuesday, April 09, 2002 12:37 PM Subject: key security > Hello, > > I'm new to the list and GnuPG. I have some small (newbie) questions. > > 1/ What about key security. Do you people all leave your private key on > the harddisk of your machine. On Debian linux that's in the .gnupg > directory. How about putting this whole directory on removable media > (for example diskette) A colleague of mine has his on a remove USB > media. Good idea? reactions? impractical? > > 2/ To encrypt a message all I need is the recipients public key, right? > Encryption is done solely with the public key of the recipient. My > private key is not used, is this correct? > > -Jeroen- > A confused newbie. > > -- > Jeroen Valcke jeroen@valcke.com > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users From Trevor Smith" Message-ID: <200204100025.g3A0PMvx023396@jupiter.accesscable.net> On Tue, 9 Apr 2002 17:00:08 -0700, Leigh S. Jones wrote: >There's no sense in attempting password security that >exceeds the basic security of the underlying encryption >system. For the most secure applications it should take >an attacker just a little bit less effort to break GPG's >underlying symmetric-key cryptography than to break your >own password by guessing. This is contrary to what I believed. It was my understanding that breaking symmetric-key crypto systems like the one in OpenPGP implementations was monumentally difficult (i.e. requiring hundreds of millions of dollars or more of computer hardware). It was also my understanding that the weakest link in the system was the passphrase protecting the encrypted private key. I believed that using brute force one could break a passphrase relatively easily (i.e. much less than hundreds of millions of dollars of equipment would be needed). Which is correct? Is any passphrase, even one 100 - 200 characters long consisting of completely random characters, even as remotely difficult to break as it is to break a GPG coded message? -- Trevor Smith | trevor@haligonian.com From Trevor Smith" Message-ID: <200204100025.g3A0Pnvx024080@jupiter.accesscable.net> On Tue, 9 Apr 2002 17:00:08 -0700, Leigh S. Jones wrote: >There's no sense in attempting password security that >exceeds the basic security of the underlying encryption >system. For the most secure applications it should take >an attacker just a little bit less effort to break GPG's >underlying symmetric-key cryptography than to break your >own password by guessing. This is contrary to what I believed. It was my understanding that breaking symmetric-key crypto systems like the one in OpenPGP implementations was monumentally difficult (i.e. requiring hundreds of millions of dollars or more of computer hardware). It was also my understanding that the weakest link in the system was the passphrase protecting the encrypted private key. I believed that using brute force one could break a passphrase relatively easily (i.e. much less than hundreds of millions of dollars of equipment would be needed). Which is correct? Is any passphrase, even one 100 - 200 characters long consisting of completely random characters, even as remotely difficult to break as it is to break a GPG coded message? -- Trevor Smith | trevor@haligonian.com From athlonrobnf@cs.com Wed Apr 10 03:45:01 2002 From: athlonrobnf@cs.com (AthlonRob) Date: Wed Apr 10 02:45:01 2002 Subject: Multiple File Encryption (Win32) Message-ID: <001e01c1e028$fbfd26f0$7b00558b@robxp> ------=_NextPart_000_001B_01C1DFEE.4CE87DC0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hi all- I'm trying to come up with a way to encrypt batches of files... 10-15 at mos= t with varying file names. I want the files to be encrypted into either a s= ingle large file or in to multiple files, each replacing the non-encrypted v= ersion. The files are *NOT* ASCII text. I want to then be able to decrypt=20= each of them to the original state with a single command (batch file) Now... after searching around the web for a while, I'm not having much luck.= Any thoughts? I've got GnuPG downloaded and working. I'm running Windows= XP... so this is a Win32 thing. Rob ------=_NextPart_000_001B_01C1DFEE.4CE87DC0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable

Hi all-
 
I'm trying to come up with a way to encrypt= batches=20 of files... 10-15 at most with varying file names.  I want the files to= be=20 encrypted into either a single large file or in to multiple files, each=20 replacing the non-encrypted version.  The files are *NOT* ASCII text.&n= bsp;=20 I want to then be able to decrypt each of them to the original state with a=20 single command (batch file)
 
Now... after searching around the web for a= while,=20 I'm not having much luck.  Any thoughts?  I've got GnuPG downloade= d=20 and working.  I'm running Windows XP... so this is a Win32=20 thing.
 
Rob
------=_NextPart_000_001B_01C1DFEE.4CE87DC0-- From miket@bluemug.com Wed Apr 10 04:13:01 2002 From: miket@bluemug.com (Mike Touloumtzis) Date: Wed Apr 10 03:13:01 2002 Subject: key security In-Reply-To: <200204100025.g3A0PMvx023396@jupiter.accesscable.net> References: <001401c1e022$aed50330$ede3c23f@KR6X.ORG> <200204100025.g3A0PMvx023396@jupiter.accesscable.net> Message-ID: <20020410011423.GA27976@bluemug.com> On Tue, Apr 09, 2002 at 09:25:18PM -0300, Trevor Smith wrote: > > Which is correct? Is any passphrase, even one 100 - 200 characters > long consisting of completely random characters, even as remotely > difficult to break as it is to break a GPG coded message? It depends on the amount of entropy represented by the passphrase (and the hash or other technique used by GPG to convert the passphrase to a key). Assuming GPG's hash is sound: If a passphrase consists of _truly_ random characters from, say, a set of 64 printable characters such as the ones used for Base64 encoding, then each character contributes log_2(64) == 6 bits to the entropy of the passphrase. So a 22-character passphrase using this approach represents 132 bits of entropy; thus at this point the passphrase is not the weak link in a 128 bit cryptosystem. You can generate passphrases like this very easily: just base64 encode chunks of /dev/random: $ head -c 22 /dev/random | uuencode -m - In practice, though, it's easier to remember a much longer passphrase made up of words than a short one made up of random letters--but in a longer passphrase you have to be careful about whether what you're adding actually makes the phrase harder to guess. If you know that the beginning of my passphrase is "It was the best of times, " then the rest of it is not contributing a whole lot :-). Passphrase selection algorithms should reduce or eliminate the redundancy present in natural language. The system you use to select a passphrase need not be kept secret if it incorporates enough truly random choices. In practice it's hard to pass up the extra bits of entropy you get by keeping your selection method a secret :-). Here are some messages on this subject which I posted to linux-crypto last July: http://mail.nl.linux.org/linux-crypto/2001-07/msg00029.html http://mail.nl.linux.org/linux-crypto/2001-07/msg00142.html http://mail.nl.linux.org/linux-crypto/2001-07/msg00145.html No one contradicted them at the time and I still believe the information given to be correct (corrections welcome, of course). The third message implements a simple passphrase generation program in C. A quote from one of the above messages sums it up: "Generating strong passphrase data is easy; just choose a truly random value N bits long. The challenge is in constructing a useful mapping from the space of N-bit strings to the space of character strings which can (a) be typed, and (b) be memorized." Another quote re practical passphrase storage considerations (lots of the recommendations in this area come from very hardcore crypto people who are unwilling to even consider writing down a passphrase): "You can have as many bits as you want if you're willing to use a long enough passphrase. At a certain point you'll have to start writing them down, though. This is probably OK if you're the average forgetful Joe and the risk of irrevocably losing your data outweighs the risk of someone violating the physical security of your home, office safe deposit box, etc. order to get the passphrase. It's not a good idea if you're a hard-core cypherpunk, are at risk of law enforcement investigation or intrusive subpoena, or are just playing with crypto because it's fun and don't have any important data under encryption :-)." Finally, remember that crypto can turn big secrets into little ones. One option is always to keep a file containing all your passwords and passphrases, and encrypt that file using a key which can be unlocked by your One True Passphrase (something you _know_ you'll never forget). Mailers with GPG integration are handy for this: every time you sign up for a Web service or acquire a server password, mail the account info (including password) to yourself, with all messages encrypted to your master GPG key. File them all in a folder and you're happy. miket From kr6x@kr6x.com Wed Apr 10 04:28:01 2002 From: kr6x@kr6x.com (Leigh S. Jones) Date: Wed Apr 10 03:28:01 2002 Subject: key security References: <200204100025.g3A0PMvx023396@jupiter.accesscable.net> Message-ID: <00c001c1e02f$dcc6def0$ede3c23f@KR6X.ORG> GPG and PGP essentially use the same scheme. A 128 bit symmetric-key algorithm does the basic encoding, while perhaps a 2048 bit public key encrypts the randomly generated 128 bit session key for transmission to the target, who uses his 2048 bit secret key to decode the session key. So your password, if truly random, needs to be 128 bits. That's why the "head -c 16 /dev/random | mimencode" suggestion appeared here. 16 bytes times 8 bits per byte equals128 bits. If you get truly random numbers from your /dev/random (generally available on linux) then you will get 128 bits of randomness in the mime output from the output -- no more, no less. Might seem pretty slick to use that to generate a password -- if you can memorize it. Honestly, a quality 128 bit symmetric key algorithm should do a great job. My calculator says: 3.04E+38 trys to check all combinations. But don't tell everyone how to best attack your password. ----- Original Message ----- From: "Trevor Smith" To: Sent: Tuesday, April 09, 2002 5:25 PM Subject: Re: key security > On Tue, 9 Apr 2002 17:00:08 -0700, Leigh S. Jones wrote: > > >There's no sense in attempting password security that > >exceeds the basic security of the underlying encryption > >system. For the most secure applications it should take > >an attacker just a little bit less effort to break GPG's > >underlying symmetric-key cryptography than to break your > >own password by guessing. > > This is contrary to what I believed. It was my understanding that > breaking symmetric-key crypto systems like the one in OpenPGP > implementations was monumentally difficult (i.e. requiring hundreds > of millions of dollars or more of computer hardware). It was also my > understanding that the weakest link in the system was the passphrase > protecting the encrypted private key. I believed that using brute > force one could break a passphrase relatively easily (i.e. much less > than hundreds of millions of dollars of equipment would be needed). > > Which is correct? Is any passphrase, even one 100 - 200 characters > long consisting of completely random characters, even as remotely > difficult to break as it is to break a GPG coded message? > > > -- > Trevor Smith | trevor@haligonian.com > > > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users From Trevor Smith" Message-ID: <200204100325.g3A3P6vx010362@jupiter.accesscable.net> On Tue, 9 Apr 2002 18:14:23 -0700, (null) wrote: >Assuming GPG's hash is sound: If a passphrase consists of _truly_ random >characters from, say, a set of 64 printable characters such as the ones >used for Base64 encoding, then each character contributes log_2(64) == >6 bits to the entropy of the passphrase. So a 22-character passphrase >using this approach represents 132 bits of entropy; thus at this point >the passphrase is not the weak link in a 128 bit cryptosystem. Sorry, as a non-technical user, I'm still at a loss. A scenario: 1. you have my private key but not my passphrase 2. my passphrase is: AGbaka-g92kLA.ba29bskt2blb992asjg.220tu0-ut\]ablb292a[B<> Hi, I used to use PGP 7.0.3 and switched to GPG a few days ago. I imported my public and private keys from PGP with no problems. One of my colleagues still uses PGP 7.0.3 (freeware) and is using my public key to encrypt messages to me. However, when I try to decrypt the messages, I get the following error message: gpg: invalid armor header: qANQR1DBwU4DtwnDv0IuLDcQB/sFV7tdX0tZXml4PmvXgpbcFyo3FXCrzTnvEOYi The message decrypts fine using PGP 7.0.3 on my machine, though. Can anyone help me in figuring out this problem? Thanks Charath -- ---------------------------------------------------------- R. Charath Ram Director - Engineering SIP Technologies Limited 2068 Walsh Avenue, Suite C-1 Santa Clara CA 95050 Tel: (408) 567-0322 (Work) (408) 309-7615 (Cell) Fax: (408) 516-9942 Email: charath@siptech.com URL: http://www.siptech.com/ ---------------------------------------------------------- From wk@gnupg.org Wed Apr 10 11:35:01 2002 From: wk@gnupg.org (Werner Koch) Date: Wed Apr 10 10:35:01 2002 Subject: Problem with messages sent using PGP 7.0.3 In-Reply-To: <3CB3E25A.9060200@siptech.com> (Charath Ram's message of "Tue, 09 Apr 2002 23:57:30 -0700") References: <3CB3E25A.9060200@siptech.com> Message-ID: <87k7rgt0dk.fsf@alberti.gnupg.de> On Tue, 09 Apr 2002 23:57:30 -0700, Charath Ram said: > However, when I try to decrypt the messages, I get the following error > message: > gpg: invalid armor header: > qANQR1DBwU4DtwnDv0IuLDcQB/sFV7tdX0tZXml4PmvXgpbcFyo3FXCrzTnvEOYi There might be trailing spaces after the "-----BEGIN PGP MESSAGE-----" or an empty header line like ("Version:"). The first is due to the specs but we are relaxing the check in the next version. If you can't figure it out, please have him create create a test message and send the first few lines to me. Werner From Peter.Hegt@phidias.nl Wed Apr 10 12:00:01 2002 From: Peter.Hegt@phidias.nl (Hegt, Peter) Date: Wed Apr 10 11:00:01 2002 Subject: Multiple File Encryption (Win32) Message-ID: This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01C1E06E.2D6C9640 Content-Type: text/plain; charset="iso-8859-1" encrypt each individual file and then combine them with winzip (with command line parameters). -----Original Message----- From: AthlonRob [mailto:athlonrobnf@cs.com] Sent: woensdag 10 april 2002 2:45 To: gnupg-users@gnupg.org Subject: Multiple File Encryption (Win32) Hi all- I'm trying to come up with a way to encrypt batches of files... 10-15 at most with varying file names. I want the files to be encrypted into either a single large file or in to multiple files, each replacing the non-encrypted version. The files are *NOT* ASCII text. I want to then be able to decrypt each of them to the original state with a single command (batch file) Now... after searching around the web for a while, I'm not having much luck. Any thoughts? I've got GnuPG downloaded and working. I'm running Windows XP... so this is a Win32 thing. Rob ------_=_NextPart_001_01C1E06E.2D6C9640 Content-Type: text/html; charset="iso-8859-1"
encrypt each individual file and then combine them with winzip (with command line parameters).
-----Original Message-----
From: AthlonRob [mailto:athlonrobnf@cs.com]
Sent: woensdag 10 april 2002 2:45
To: gnupg-users@gnupg.org
Subject: Multiple File Encryption (Win32)

Hi all-
 
I'm trying to come up with a way to encrypt batches of files... 10-15 at most with varying file names.  I want the files to be encrypted into either a single large file or in to multiple files, each replacing the non-encrypted version.  The files are *NOT* ASCII text.  I want to then be able to decrypt each of them to the original state with a single command (batch file)
 
Now... after searching around the web for a while, I'm not having much luck.  Any thoughts?  I've got GnuPG downloaded and working.  I'm running Windows XP... so this is a Win32 thing.
 
Rob
------_=_NextPart_001_01C1E06E.2D6C9640-- From kr6x@kr6x.com Wed Apr 10 17:16:01 2002 From: kr6x@kr6x.com (Leigh S. Jones) Date: Wed Apr 10 16:16:01 2002 Subject: Multiple File Encryption (Win32) References: <001e01c1e028$fbfd26f0$7b00558b@robxp> Message-ID: <017101c1e09b$24880050$ede3c23f@KR6X.ORG> This is a multi-part message in MIME format. ------=_NextPart_000_016E_01C1E060.772266B0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I don't have time to test this right now, but my memory says that the = following lines of code worked right. I later rewrote them and will send them to you in the = complete version later. The rewrite performed a great deal of error checking and assured that = the file containing=20 the password was first overwritten with new data then deleted. This code was written as a Win32 console application in Borland C++. I = don't think that the code should need much change to work with MSVC. Your = batch file would call this program after collecting your password from you, = this program proceeds by first writing a file named "command" that contains your = passphrase. =20 I used low level file I/O commands for the most part, the objective was = to accomodate=20 the "_get_osfhandle()" function's needs, but some later update will use = the low level=20 file I/O motif to take possession of the "command" file for security = purposes. As written,=20 argument 1 contains the name of the file to be decrypted, argument 2 = contains the user=20 name, argument 3 contains the passphrase. Don't use this on a computer = that you don't have 100% physical control over and always change your secret key = password after running this code. Oh, yes, as written the code "signs" files, you'd rewrite this for = purposes of decryption.=20 #include #include #include #include #include int main ( int argc, char *argv[ ] ) { int command; FILE *ptr; char buf[ 1024 ]; if ( argc !=3D 4 ) { return -1; } /* end if ( argc !=3D 4 ) */ command =3D open ( "command", O_WRONLY ); write ( command, argv[ 3 ], strlen ( argv[ 3 ] ) ); close ( command ); command =3D open ( "command", O_RDONLY ); sprintf ( buf, "gpg --passphrase %d -u %s --batch --clearsign %s", _get_osfhandle ( ( int ) command ), argv[ 2 ], argv[ 1 ] ); ptr =3D _popen ( buf, "rt" ); while ( !feof ( ptr ) ) fgets ( buf, sizeof ( buf ), ptr ); _pclose ( ptr ); close ( command ); command =3D open ( "command", O_TRUNC ); close ( command ); return ( 0 ); } /* end main ( ) */ ----- Original Message -----=20 From: AthlonRob=20 To: gnupg-users@gnupg.org=20 Sent: Tuesday, April 09, 2002 5:45 PM Subject: Multiple File Encryption (Win32) Hi all- I'm trying to come up with a way to encrypt batches of files... 10-15 = at most with varying file names. I want the files to be encrypted into = either a single large file or in to multiple files, each replacing the = non-encrypted version. The files are *NOT* ASCII text. I want to then = be able to decrypt each of them to the original state with a single = command (batch file) Now... after searching around the web for a while, I'm not having much = luck. Any thoughts? I've got GnuPG downloaded and working. I'm = running Windows XP... so this is a Win32 thing. Rob ------=_NextPart_000_016E_01C1E060.772266B0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
I don't have time to test this right = now, but my=20 memory says that the following lines of code
worked right.  I later rewrote = them and will=20 send them to you in the complete version later.
The rewrite performed a great deal of = error=20 checking and assured that the file containing
the password was first overwritten with = new data=20 then deleted.
 
This code was written as a Win32 = console=20 application in Borland C++.  I don't
think that the code should need much = change to work=20 with MSVC.  Your batch
file would call this program after = collecting your=20 password from you, this program
proceeds by first writing a file named = "command"=20 that contains your passphrase. =20
I used low level file I/O commands for = the most=20 part, the objective was to accomodate =
the "_get_osfhandle()" function's = needs,=20 but some later update will use = the low level=20
file I/O motif to take possession of = the=20 "command" file for security = purposes.  As=20 written,
argument 1 contains the name of the file to be decrypted, argument 2 contains the user=20
name, argument 3 contains the = passphrase. =20 Don't use this on a computer that you don't
have 100% physical control over and = always=20 change your secret key password after
running this code.
 
Oh, yes, as written the code "signs" = files, you'd=20 rewrite this for purposes of decryption. 
 
#include <stdlib.h>
#include=20 <stdio.h>
#include <fcntl.h>
#include = <io.h>
#include=20 <string.h>
 
int main ( int argc, char *argv[ ] = )
 
 {
 int = command;
 FILE=20 *ptr;
 char buf[ 1024 ];
 
 if ( argc !=3D 4=20 )
  {
  return -1;
  } /* end if = ( argc=20 !=3D 4 ) */
 command =3D open ( "command", O_WRONLY = );
 write (=20 command, argv[ 3 ], strlen ( argv[ 3 ] ) );
 close ( command=20 );
 command =3D open ( "command", O_RDONLY );
 sprintf ( = buf,
     "gpg --passphrase %d -u %s --batch = --clearsign=20 %s",
     _get_osfhandle ( ( int ) command=20 ),
     argv[ 2 ],
     = argv[ 1 ]=20 );
 ptr =3D _popen ( buf, "rt" );
 while ( !feof ( ptr ) = ) fgets (=20 buf, sizeof ( buf ), ptr );
   _pclose ( ptr = );
 close (=20 command );
 command =3D open ( "command", O_TRUNC = );
 close (=20 command );
 return ( 0 );
 } /* end main ( ) = */
----- Original Message -----
From:=20 AthlonRob=20
Sent: Tuesday, April 09, 2002 = 5:45=20 PM
Subject: Multiple File = Encryption=20 (Win32)

Hi all-
 
I'm trying to come up with a way to = encrypt=20 batches of files... 10-15 at most with varying file names.  I = want the=20 files to be encrypted into either a single large file or in to = multiple files,=20 each replacing the non-encrypted version.  The files are *NOT* = ASCII=20 text.  I want to then be able to decrypt each of them to the = original=20 state with a single command (batch file)
 
Now... after searching around the web = for a=20 while, I'm not having much luck.  Any thoughts?  I've got = GnuPG=20 downloaded and working.  I'm running Windows XP... so this is a = Win32=20 thing.
 
Rob
------=_NextPart_000_016E_01C1E060.772266B0-- From sbutler@fchn.com Wed Apr 10 17:33:02 2002 From: sbutler@fchn.com (Steve Butler) Date: Wed Apr 10 16:33:02 2002 Subject: key security Message-ID: <9A86613AB85FF346BB1321840DB42B4B67D611@jupiter.fchn.com> Throw in some "bad" spellings or words that sound the same but are spelled differently with different meanings <> like, not versus knot. Use some random capitalization and a few numbers or other strange keys at weird places. The most important part -- remember it! -----Original Message----- From: Leigh S. Jones [mailto:kr6x@kr6x.com] Sent: Tuesday, April 09, 2002 5:00 PM To: gnupg-users@gnupg.org Subject: Re: key security The only real security for your encrypted data depends on the quality of your passphrase, although to some [snip] Better to tell them you used "head -c 24 /dev/random | mimencode" but actually use the telephone number for your dead grandmother that you remember from your youth plus your dog's name plus two different negative descriptors you use for your two ex-wives plus your favorite flavor... [snip] CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. From kr6x@kr6x.com Wed Apr 10 19:51:02 2002 From: kr6x@kr6x.com (Leigh S. Jones, KR6X) Date: Wed Apr 10 18:51:02 2002 Subject: Multiple File Encryption (Win32) References: <001e01c1e028$fbfd26f0$7b00558b@robxp> Message-ID: <003401c1e0b0$0d00d9b0$963fca96@pacesetter.com> OK; here's the finished C language wrapper program file for Borland C. Or, at least, partially finished. Eventually I'd like to add some additional security, like taking file ownership to assure privacy of the password file during the many milliseconds that it is in existence. Once again, the program that follows was tailored to applying signatures, but could easily be adapted to decryption under batch mode. For this program, the command line arguments include two file names that will be used as the output file name (in this case the clearsigned text file) and a "status" file that will collect some output from the GPG program itself. The batch file calling this program must create the file containing the password (remember that for security's sake the password should not be on the command line) and pass along the filename to this program. The program has a feature (that can be disabled) that would check for a network time server immediately prior to applying the signature. You wouldn't want any of that stuff for decryption. My application really wanted to know if the signature had been successfully applied -- you might not care for some of the error checking... #include #include #include #include #include #include int main ( int argc, char *argv[ ] ) { int passphrase; int status; int error; int time_error; FILE *ptr; char buf[ 1024 ]; /*************************************************************************** **** * argv strings represent: * * user_id * * passphrase * * target_file * * passphrase_file * * status_file * **************************************************************************** ***/ time_error = 0; if ( ( argc != 6 ) && ( argc != 7 ) ) { if ( ( strncmp ( "NULL", argv[ 2 ], 4 ) ) && ( argc > 4 ) ) { passphrase = open ( argv[ 4 ], O_CREAT | O_WRONLY | O_TRUNC | O_TEXT, S_IREAD | S_IWRITE ); write ( passphrase, "12345678901234567890", 20 ); close ( passphrase ); unlink ( argv[ 4 ] ); } /* end if ( strncmp ( "NULL", argv[ 2 ], 4 ) ) */ return ( -1 ); } /* end if ( argc != 7 ) */ if ( ( argc == 7 ) && strncmp ( argv[ 6 ], "NO_TIME_SET", strlen ( "NO_TIME_SET" ) ) ) { if ( ( strncmp ( "NULL", argv[ 2 ], 4 ) ) && ( argc > 4 ) ) { passphrase = open ( argv[ 4 ], O_CREAT | O_WRONLY | O_TRUNC | O_TEXT, S_IREAD | S_IWRITE ); write ( passphrase, "12345678901234567890", 20 ); close ( passphrase ); unlink ( argv[ 4 ] ); } /* end if ( strncmp ( "NULL", argv[ 2 ], 4 ) ) */ return ( -1 ); } /* end if ( argc != 7 ) */ if ( argc == 6 ) { sprintf ( buf, "NET TIME /SET /Y" ); ptr = _popen ( buf, "rt" ); while ( !feof ( ptr ) ) fgets ( buf, sizeof ( buf ), ptr ); time_error = _pclose ( ptr ); } /* end if ( ( argc == 7 ) && ( ... ) ) */ /*************************************************************************** **** * passing "NULL" as the password results in reading of the password file * rather than creation of a new password file **************************************************************************** ***/ if ( strncmp ( "NULL", argv[ 2 ], 4 ) ) { /*************************************************************************** **** * set up to pass the password in a temporary file * first, open the temporary file for writing, checking for failure **************************************************************************** ***/ passphrase = open ( argv[ 4 ], O_CREAT | O_WRONLY | O_TRUNC | O_TEXT, S_IREAD | S_IWRITE ); if ( passphrase <= 0 ) { return ( -2 ); } /* end if ( passphrase <= 0 ) */ /*************************************************************************** **** * write the password from the command line to the temporary file **************************************************************************** ***/ if ( write ( passphrase, argv[ 2 ], strlen ( argv[ 2 ] ) ) <= 0 ) { close ( passphrase ); unlink ( argv[ 4 ] ); return ( -3 ); } /* end if ( write ( passphrase, ... ) <= 0 ) */ /*************************************************************************** **** * close the temporary file and reopen for reading **************************************************************************** ***/ if ( close ( passphrase ) != 0 ) { passphrase = open ( argv[ 4 ], O_CREAT | O_WRONLY | O_TRUNC | O_TEXT, S_IREAD | S_IWRITE ); write ( passphrase, "12345678901234567890", 20 ); close ( passphrase ); unlink ( argv[ 4 ] ); return ( -4 ); } /* end if ( close ( passphrase ) <= 0 ) */ } /* end if ( strncmp ( "NULL", argv[ 2 ], 4 ) */ passphrase = open ( argv[ 4 ], O_RDONLY | O_TEXT ); if ( passphrase <= 0 ) { passphrase = open ( argv[ 4 ], O_CREAT | O_WRONLY | O_TRUNC | O_TEXT, S_IREAD | S_IWRITE ); write ( passphrase, "12345678901234567890", 20 ); close ( passphrase ); unlink ( argv[ 4 ] ); return ( -5 ); } /* end if ( passphrase <= 0 ) */ /*************************************************************************** **** * open the temporary file for writing **************************************************************************** ***/ status = open ( argv[ 5 ], O_CREAT | O_WRONLY | O_TRUNC | O_TEXT, S_IREAD | S_IWRITE ); if ( status <= 0 ) { close ( passphrase ); passphrase = open ( argv[ 4 ], O_CREAT | O_WRONLY | O_TRUNC | O_TEXT, S_IREAD | S_IWRITE ); write ( passphrase, "12345678901234567890", 20 ); close ( passphrase ); unlink ( argv[ 4 ] ); return ( -6 ); } /* end if ( passphrase <= 0 ) */ /*************************************************************************** **** * form and execute the command line that runs gpg **************************************************************************** ***/ sprintf ( buf, "gpg --passphrase %d --status-fd %d -u %s --batch --clearsign %s", _get_osfhandle ( ( int ) passphrase ), _get_osfhandle ( ( int ) status ), argv[ 1 ], argv[ 3 ] ); ptr = _popen ( buf, "rt" ); if ( !ptr ) { close ( passphrase ); passphrase = open ( argv[ 4 ], O_CREAT | O_WRONLY | O_TRUNC | O_TEXT, S_IREAD | S_IWRITE ); write ( passphrase, "12345678901234567890", 20 ); close ( passphrase ); unlink ( argv[ 4 ] ); close ( status ); unlink ( argv[ 5 ] ); return ( -7 ); } /* end if ( !ptr ) */ while ( !feof ( ptr ) ) fgets ( buf, sizeof ( buf ), ptr ); /*************************************************************************** **** * close the pipe from gpg and check for nonzero exit status **************************************************************************** ***/ if ( ( error = _pclose ( ptr ) ) != 0 ) { close ( passphrase ); passphrase = open ( argv[ 4 ], O_CREAT | O_WRONLY | O_TRUNC | O_TEXT, S_IREAD | S_IWRITE ); write ( passphrase, "12345678901234567890", 20 ); close ( passphrase ); unlink ( argv[ 4 ] ); close ( status ); status = open ( argv[ 5 ], O_RDONLY | O_TEXT ); read ( status, buf, sizeof ( buf ) - 1 ); /*************************************************************************** **** * the first line of the status file should contain "USERID_HINT" **************************************************************************** ***/ if ( !strstr ( buf, "[GNUPG:] USERID_HINT" ) ) { if ( error == 2 ) { error = -111; } close ( status ); unlink ( argv[ 5 ] ); return ( error - 100 ); } /* end if ( strncmp ( buf, "[GNUPG:] USERID_HINT", ... ) */ /*************************************************************************** **** * the second line of the status file should contain "NEED_PASSPHRASE" **************************************************************************** ***/ if ( !strstr ( buf, "[GNUPG:] NEED_PASSPHRASE" ) ) { if ( error == 2 ) { error = -112; } close ( status ); unlink ( argv[ 5 ] ); return ( error - 100 ); } /* end if ( strncmp ( buf, "[GNUPG:] NEED_PASSPHRASE", ... ) */ /*************************************************************************** **** * the third line of the status file should contain "GOOD_PASSPHRASE" **************************************************************************** ***/ if ( !strstr ( buf, "[GNUPG:] GOOD_PASSPHRASE" ) ) { if ( error == 2 ) { error = -113; } close ( status ); unlink ( argv[ 5 ] ); return ( error - 100 ); } /* end if ( strncmp ( buf, "[GNUPG:] GOOD_PASSPHRASE", ... ) */ /*************************************************************************** **** * the fourth line of the status file should contain "SIG_CREATED" **************************************************************************** ***/ if ( !strstr ( buf, "[GNUPG:] SIG_CREATED" ) ) { if ( error == 2 ) { error = -114; } close ( status ); unlink ( argv[ 5 ] ); return ( error - 100 ); } /* end if ( strncmp ( buf, "[GNUPG:] SIG_CREATED", ... ) */ close ( status ); unlink ( argv[ 5 ] ); return ( error - 100 ); } /* end if ( !ptr ) */ /*************************************************************************** **** * close the temporary (password) file and delete it **************************************************************************** ***/ if ( close ( passphrase ) != 0 ) { passphrase = open ( argv[ 4 ], O_CREAT | O_WRONLY | O_TRUNC | O_TEXT, S_IREAD | S_IWRITE ); write ( passphrase, "12345678901234567890", 20 ); close ( passphrase ); unlink ( argv[ 4 ] ); close ( status ); unlink ( argv[ 5 ] ); return ( -8 ); } /* end if ( close ( passphrase ) <= 0 ) */ if ( unlink ( argv[ 4 ] ) ) { close ( status ); unlink ( argv[ 5 ] ); return ( -9 ); } /* end if ( close ( passphrase ) <= 0 ) */ /*************************************************************************** **** * read back the status file written to by gpg and check for signs of failure **************************************************************************** ***/ close ( status ); status = open ( argv[ 5 ], O_RDONLY | O_TEXT ); read ( status, buf, sizeof ( buf ) - 1 ); close ( status ); unlink ( argv[ 5 ] ); /*************************************************************************** **** * the first line of the status file should contain "USERID_HINT" **************************************************************************** ***/ if ( !strstr ( buf, "[GNUPG:] USERID_HINT" ) ) { return ( -10 ); } /* end if ( strncmp ( buf, "[GNUPG:] USERID_HINT", ... ) */ /*************************************************************************** **** * the second line of the status file should contain "NEED_PASSPHRASE" **************************************************************************** ***/ if ( !strstr ( buf, "[GNUPG:] NEED_PASSPHRASE" ) ) { return ( -11 ); } /* end if ( strncmp ( buf, "[GNUPG:] NEED_PASSPHRASE", ... ) */ /*************************************************************************** **** * the third line of the status file should contain "GOOD_PASSPHRASE" **************************************************************************** ***/ if ( !strstr ( buf, "[GNUPG:] GOOD_PASSPHRASE" ) ) { return ( -12 ); } /* end if ( strncmp ( buf, "[GNUPG:] GOOD_PASSPHRASE", ... ) */ /*************************************************************************** **** * the fourth line of the status file should contain "SIG_CREATED" **************************************************************************** ***/ if ( !strstr ( buf, "[GNUPG:] SIG_CREATED" ) ) { return ( -13 ); } /* end if ( strncmp ( buf, "[GNUPG:] SIG_CREATED", ... ) */ if ( time_error ) { return ( -1000 - time_error ); } /* end if ( time_error ) */ /*************************************************************************** **** * exit with success status **************************************************************************** ***/ return ( 0 ); } /* end main ( ) */ ----- Original Message ----- From: AthlonRob To: gnupg-users@gnupg.org Sent: Tuesday, April 09, 2002 17:45 Subject: Multiple File Encryption (Win32) Hi all- I'm trying to come up with a way to encrypt batches of files... 10-15 at most with varying file names. I want the files to be encrypted into either a single large file or in to multiple files, each replacing the non-encrypted version. The files are *NOT* ASCII text. I want to then be able to decrypt each of them to the original state with a single command (batch file) Now... after searching around the web for a while, I'm not having much luck. Any thoughts? I've got GnuPG downloaded and working. I'm running Windows XP... so this is a Win32 thing. Rob From rmalayter@bai.org Wed Apr 10 20:31:01 2002 From: rmalayter@bai.org (Ryan Malayter) Date: Wed Apr 10 19:31:01 2002 Subject: key security Message-ID: <22FD1855C2B16C40A1F6DE406420021E0187F97D@mail.bai.org> From: Trevor Smith [mailto:trevor@haligonian.com] >A scenario: >1. you have my private key but not my passphrase >2. my passphrase is: >AGbaka-g92kLA.ba29bskt2blb992asjg.220tu0-ut\]ablb292a[B<>(or something similar) >3. my key size is 1024 >4. you have a message encrypted with my public key >Which is easier: >A. crack my passphrase (brute force?) to get to my private key or >B. attack the message itself, ignoring the private key? >What if my key size is 2048? 4096? Factoring the 1024-bit public key would be easiest. Assuming each character in that passphrase was really chosen randomly, it represents over 400 bits of entropy. This means it is stronger than any common symmetric cipher, even 256-bit AES. So strong, in fact, as to be pointlessly long. Factoring a 1024-bit (or even 2048-bit) integer would be computationally easier than brute-forcing a 400 bit entity. From simonst@WellsFargo.COM Wed Apr 10 21:14:01 2002 From: simonst@WellsFargo.COM (simonst@WellsFargo.COM) Date: Wed Apr 10 20:14:01 2002 Subject: key security Message-ID: <28569EEFF98BD411898B0001FA7ED2CF05F9DAED@xcem-casfo-01.wellsfargo.com> Check out http://www.diceware.com for generating passphrases using dice and a word list. From volker.gaibler@urz.uni-heidelberg.de Thu Apr 11 01:24:01 2002 From: volker.gaibler@urz.uni-heidelberg.de (Volker Gaibler) Date: Thu Apr 11 00:24:01 2002 Subject: Difficulties with PGP 7.1? In-Reply-To: <1018362010.4926.70.camel@atlas> References: <1018362010.4926.70.camel@atlas> Message-ID: <20020410223144.A1500@gina.local> --bp/iNruPH9dso1Pn Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable > Are there any fundamental difficulties between PGP 7.1 and GnuPG (Debian > 1.0.6-3 here)? I'll try to get some more data, but a friend of mine and > I have some difficulties with broken signatures. I also had problems communicating with PGP 7.0.x at the beginning because= =20 I always got bad signatures. Maybe it's because GnuPG uses v4-signatures for data material and PGP accepts V4 only for keys. To fix this problem just write force-v3-sigs to your options-file (that's also mentioned in the FAQ). That makes GnuPG sign with v3 always.=20 Volker --=20 Volker Gaibler contact:=20 http://www.volker-gaibler.de mail@volker-gaibler.de OpenPGP key: 0x86ECAC0B +---------------------------------------------------------------------+ --bp/iNruPH9dso1Pn Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Weitere Infos: siehe http://www.gnupg.org iD8DBQE8tKEwCrJjc4bsrAsRAtKNAJ9glyfM+WTlrg1BnfEpo3HO42vMJwCdGvyT NFcNEHW1vO3mTFpUcoADAVg= =ne5O -----END PGP SIGNATURE----- --bp/iNruPH9dso1Pn-- From avbidder@fortytwo.ch Thu Apr 11 10:43:01 2002 From: avbidder@fortytwo.ch (Adrian 'Dagurashibanipal' von Bidder) Date: Thu Apr 11 09:43:01 2002 Subject: Difficulties with PGP 7.1? In-Reply-To: <20020410223144.A1500@gina.local> References: <1018362010.4926.70.camel@atlas> <20020410223144.A1500@gina.local> Message-ID: <1018511013.20368.11.camel@atlas> --=-7DGEDzJaz3C3XZNV5E1S Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Wed, 2002-04-10 at 22:31, Volker Gaibler wrote: > > Are there any fundamental difficulties between PGP 7.1 and GnuPG (Debia= n > > 1.0.6-3 here)? I'll try to get some more data, but a friend of mine and > > I have some difficulties with broken signatures. >=20 > I also had problems communicating with PGP 7.0.x at the beginning because= =20 > I always got bad signatures. Maybe it's because GnuPG uses v4-signatures = for > data material and PGP accepts V4 only for keys. To fix this problem just > write force-v3-sigs to your options-file (that's also mentioned in the FA= Q). > That makes GnuPG sign with v3 always.=20 Ok, I will try this. But what about pgp7 sigs I can't verify with gnupg? These happen sometimes, too. (This said, I'm more and more ready to just blame it all on evolution - saving the messages to an external file, and the signatures will verify fine.) btw, I'm having trouble with your sig, too. gpg: Signature made Wed Apr 10 22:31:44 2002 CEST using DSA key ID 86ECAC0B gpg: requesting key 86ECAC0B from wwwkeys.ch.pgp.net ... gpg: key 86ECAC0B: invalid subkey binding gpg: key 86ECAC0B: no valid user IDs gpg: this may be caused by a missing self-signature gpg: Total number processed: 1 gpg: w/o user IDs: 1 gpg: Can't check signature: public key not found cheers -- vbi --=-7DGEDzJaz3C3XZNV5E1S Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEABECAAYFAjy1PqUACgkQwj49sl5Lcx8vIwCeJiHdhKVfRFvNccj/CPO/0fkD SMEAnA6yeEvSpHhGRmwT+lfD4q/yj2C4 =O8PX -----END PGP SIGNATURE----- --=-7DGEDzJaz3C3XZNV5E1S-- From jayachristina@hotmail.com Thu Apr 11 10:54:01 2002 From: jayachristina@hotmail.com (Jaya Christina) Date: Thu Apr 11 09:54:01 2002 Subject: key security Message-ID: This is a multi-part message in MIME format. ------=_NextPart_000_0013_01C1E13F.65B36750 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hi all, Will using a 2048 bit key offer more security than a 1024 bit key.. or = is it not going to make any difference?? Jaya ------=_NextPart_000_0013_01C1E13F.65B36750 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
Hi all,
 
Will using a 2048  bit key offer = more security=20 than a 1024 bit key.. or is it not going to make any = difference??
 
Jaya
------=_NextPart_000_0013_01C1E13F.65B36750-- From wk@gnupg.org Thu Apr 11 11:05:01 2002 From: wk@gnupg.org (Werner Koch) Date: Thu Apr 11 10:05:01 2002 Subject: Difficulties with PGP 7.1? In-Reply-To: <20020410223144.A1500@gina.local> (Volker Gaibler's message of "Wed, 10 Apr 2002 22:31:44 +0200") References: <1018362010.4926.70.camel@atlas> <20020410223144.A1500@gina.local> Message-ID: <877knepsl9.fsf@alberti.gnupg.de> On Wed, 10 Apr 2002 22:31:44 +0200, Volker Gaibler said: > write force-v3-sigs to your options-file (that's also mentioned in the FAQ). Actually the default options files has this set as long as you didn't change the homedir using the GNUPGHOME environment variable. Maybe I should set these options by default so that even with a missing options files everything is fine. Werner From jayachristina@hotmail.com Thu Apr 11 11:37:01 2002 From: jayachristina@hotmail.com (Jaya Christina) Date: Thu Apr 11 10:37:01 2002 Subject: 1024 or 2048?? Message-ID: Hi all, I posted this qn b4 and i am sorry abt this MIME format and all that in the prev mail. And so i am posting it again. Will using a 2048 bit key offer more security than a 1024 bit key.. or is it not going to make any difference?? Jaya From f.beckmann@kdvz.de Thu Apr 11 11:48:01 2002 From: f.beckmann@kdvz.de (Frank Beckmann) Date: Thu Apr 11 10:48:01 2002 Subject: GnuPG 1.0.6 compatibility Windows XP or Windows 2000 Message-ID: Dear GnuPG-Users, it would be nice if you have some informations for me about the compatibility of GnuPG 1.0.6 and MS-Windows XP or MS-Windows 2000. Thanks for answer v. email (f.beckmann@kdvz.de). M.f.G. Frank Beckmann e-mail: f.beckmann@kdvz.de From oliver@schonrocks.com Thu Apr 11 12:48:02 2002 From: oliver@schonrocks.com (=?ISO-8859-1?Q?Oliver_Sch=F6nrock?=) Date: Thu Apr 11 11:48:02 2002 Subject: GnuPG 1.0.6 compatibility Windows XP or Windows 2000 In-Reply-To: References: Message-ID: <41550846.1018522174@[192.168.0.1]> --==========41557006========== Content-Type: text/plain; charset=iso-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline I am running GnuPG 1.0.6 on W2K without problems. I have only had 2 problems: 1. When creating my key on the command line, I couldn't get GnuPG to=20 generate the real name with a correctly UTF-8 encoded german O-Umlaut = (=F6).=20 This may have been caused by a locality setting in W2K since my machine was = bought in the UK. In the end I used WinPT to act as a front end for=20 generating the key. Here I can type in the =F6 by Alt-0246 on my UK = keyboard=20 and WinPT will generate the correct UTF-8 character. Only annoyance is that = it won't display Real Names with proper UTF characters in the Key Manager. 2. The automatic Key-lookup from a public keyserver doesn't work. I believe = this has been widely acknowledged to be a "bug" in the W32 version. I think = this is a major feature gap and hopefully can be fixed in a future version. Hope this helps Oliver --On 11 April 2002 10:49 +0200 Frank Beckmann wrote: > Dear GnuPG-Users, > > it would be nice if you have some informations for me about the > compatibility of GnuPG 1.0.6 and MS-Windows XP or MS-Windows 2000. > Thanks for answer v. email (f.beckmann@kdvz.de). > > M.f.G. > Frank Beckmann > e-mail: f.beckmann@kdvz.de > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users --==========41557006========== Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6-2 (MingW32) iEYEARECAAYFAjy1XC4ACgkQhN/6uonit6ly4ACdHxj1Z42DOwb9LH4nwB7gIMSS xzkAn1ix1FFc8DiKG5Q6OoS+mCqNEMjp =k9Wx -----END PGP SIGNATURE----- --==========41557006==========-- From wk@gnupg.org Thu Apr 11 13:23:02 2002 From: wk@gnupg.org (Werner Koch) Date: Thu Apr 11 12:23:02 2002 Subject: Difficulties with PGP 7.1? In-Reply-To: <1018514528.21169.17.camel@atlas> (Adrian 'Dagurashibanipal' von Bidder's message of "11 Apr 2002 10:42:08 +0200") References: <1018362010.4926.70.camel@atlas> <20020410223144.A1500@gina.local> <1018511013.20368.11.camel@atlas> <873cy2ps0l.fsf@alberti.gnupg.de> <1018514528.21169.17.camel@atlas> Message-ID: <87pu16o7kz.fsf@alberti.gnupg.de> On 11 Apr 2002 10:42:08 +0200, Adrian 'Dagurashibanipal' von Bidder said: > I'm using 1.0.3 - perhaps some things are fixed in cvs. So I'll just > wait. (after all, it's not critical to me, it's just annoying.). Noteworthy changes in version 1.0.4 (2000-10-17) ------------------------------------------------ * Fixed a serious bug which could lead to false signature verification results when more than one signature is fed to gpg. This is the primary reason for releasing this version. Noteworthy changes in version 1.0.5 (2001-04-29) ------------------------------------------------ * WARNING: Corrected hash calculation for input data larger than 512M - it was just wrong, so you might notice bad signature in some very big files. It may be wise to keep an old copy of GnuPG around. Noteworthy changes in version 1.0.6 (2001-05-29) ------------------------------------------------ * Security fix for a format string bug in the tty code. You should have updated at least to 1.0.4, however the 1.0.7 release is not that far away. Werner From avbidder@fortytwo.ch Thu Apr 11 14:42:01 2002 From: avbidder@fortytwo.ch (Adrian 'Dagurashibanipal' von Bidder) Date: Thu Apr 11 13:42:01 2002 Subject: Difficulties with PGP 7.1? In-Reply-To: <87pu16o7kz.fsf@alberti.gnupg.de> References: <1018362010.4926.70.camel@atlas> <20020410223144.A1500@gina.local> <1018511013.20368.11.camel@atlas> <873cy2ps0l.fsf@alberti.gnupg.de> <1018514528.21169.17.camel@atlas> <87pu16o7kz.fsf@alberti.gnupg.de> Message-ID: <1018525363.21777.5.camel@atlas> --=-18scKWUjfePYZNACHaFD Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Thu, 2002-04-11 at 12:25, Werner Koch wrote: > On 11 Apr 2002 10:42:08 +0200, Adrian 'Dagurashibanipal' von Bidder said: >=20 > > I'm using 1.0.3 - perhaps some things are fixed in cvs. So I'll just > > wait. (after all, it's not critical to me, it's just annoying.). >=20 > Noteworthy changes in version 1.0.4 (2000-10-17) [...] Thanks - and sorry, I was unclear. Evolution 1.0.3, that is. gpg 1.0.6. cheers -- vbi --=-18scKWUjfePYZNACHaFD Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEABECAAYFAjy1drMACgkQwj49sl5Lcx9+JACfSiC3mRSLSeW/BXYc+ZJ5mvSl wV8An2/g9ZjK515VGXs/hMWqS0zwxqAG =VYEt -----END PGP SIGNATURE----- --=-18scKWUjfePYZNACHaFD-- From kr6x@kr6x.com Thu Apr 11 17:12:01 2002 From: kr6x@kr6x.com (Leigh S. Jones) Date: Thu Apr 11 16:12:01 2002 Subject: 1024 or 2048?? References: Message-ID: <04af01c1e163$c6745850$ede3c23f@KR6X.ORG> The 2048-bit key offers more security, but in a practical sense it depends on just who is doing the snooping. A 16 bit key will keep your secrets safe from your wife. A 512-bit key will give most people certainty that the key will not be factored by your employer in this decade. A 1024-bit key will keep your credit card relatively safe from crime for the next few years. But, fly a jetliner into a building in New York and you can bet that 4096 bits will not keep your messages safe. ----- Original Message ----- From: "Jaya Christina" To: Sent: Thursday, April 11, 2002 1:41 AM Subject: 1024 or 2048?? > Hi all, > > I posted this qn b4 and i am sorry abt this MIME format and all that in the > prev mail. And so i am posting it again. > > Will using a 2048 bit key offer more security than a 1024 bit key.. or is > it not going to make any difference?? > > Jaya > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users From sbutler@fchn.com Thu Apr 11 17:57:01 2002 From: sbutler@fchn.com (Steve Butler) Date: Thu Apr 11 16:57:01 2002 Subject: key security Message-ID: <9A86613AB85FF346BB1321840DB42B4B67D621@jupiter.fchn.com> This is a multi-part message in MIME format. ------=_NextPart_000_1501D_01C1E12E.A42F6800 x-gfisavedcharset: iso-8859-1 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Security at which level? If you are talking about the symetric cypher for each individual encryption, then no. The cypher is of a particular size and the size of you public/private key doesn't affect that. However, that cypher is probably more secure than your public/private key anyway. Breaking it only allows the hacker to read that one message. So, the hacher would really rather break your private key. At that point a 2048 bit key provides more security than a 1024 bit key (provided both are picked from an appropriately random pool of available numbers). That said, it may be easier to go after your pass phrase than to break the private key directly. So, if you use the same level of pass phrase (length, pool of characters, etc) then the security at this point doesn't change. My guess is that the pass phrase is the least secure link in this chain. Where do chains break? --Steve -----Original Message----- From: Jaya Christina [mailto:jayachristina@hotmail.com] Sent: Thursday, April 11, 2002 12:58 AM To: gnupg-users@gnupg.org Subject: key security Hi all, Will using a 2048 bit key offer more security than a 1024 bit key.. or is it not going to make any difference?? Jaya CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ------=_NextPart_000_1501D_01C1E12E.A42F6800 x-gfisavedcharset: iso-8859-1 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: 7bit
Security at which level?
 
If you are talking about the symetric cypher for each individual encryption, then no.  The cypher is of a particular size and the size of you public/private key doesn't affect that.
 
However, that cypher is probably more secure than your public/private key anyway.  Breaking it only allows the hacker to read that one message.  So, the hacher would really rather break your private key.  At that point a 2048 bit key provides more security than a 1024 bit key (provided both are picked from an appropriately random pool of available numbers).
 
That said, it may be easier to go after your pass phrase than to break the private key directly.  So, if you use the same level of pass phrase (length, pool of characters, etc) then the security at this point doesn't change. 
 
My guess is that the pass phrase is the least secure link in this chain.  Where do chains break?
 
--Steve
 
-----Original Message-----
From: Jaya Christina [mailto:jayachristina@hotmail.com]
Sent: Thursday, April 11, 2002 12:58 AM
To: gnupg-users@gnupg.org
Subject: key security

Hi all,
 
Will using a 2048  bit key offer more security than a 1024 bit key.. or is it not going to make any difference??
 
Jaya

CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
 ------=_NextPart_000_1501D_01C1E12E.A42F6800-- From huber@alum.wpi.edu Thu Apr 11 18:49:01 2002 From: huber@alum.wpi.edu (Josh Huber) Date: Thu Apr 11 17:49:01 2002 Subject: 1024 or 2048?? In-Reply-To: <04af01c1e163$c6745850$ede3c23f@KR6X.ORG> ("Leigh S. Jones"'s message of "Thu, 11 Apr 2002 07:18:38 -0700") References: <04af01c1e163$c6745850$ede3c23f@KR6X.ORG> Message-ID: <87zo0a6xp6.fsf@alum.wpi.edu> "Leigh S. Jones" writes: > But, fly a jetliner into a building in New York and you can bet that > 4096 bits will not keep your messages safe. I'm not so sure about that... Of course, at that point, it would be much easier to use social engineering tactics to get the information than trying to break the encryption. Also, I wonder what would be "faster", brute forcing the symmetric encryption on the payload, or factoring to get the key? ttyl, -- Josh Huber From huber@alum.wpi.edu Thu Apr 11 18:53:01 2002 From: huber@alum.wpi.edu (Josh Huber) Date: Thu Apr 11 17:53:01 2002 Subject: Difficulties with PGP 7.1? In-Reply-To: <1018511013.20368.11.camel@atlas> ("Adrian 'Dagurashibanipal' von Bidder"'s message of "11 Apr 2002 09:43:33 +0200") References: <1018362010.4926.70.camel@atlas> <20020410223144.A1500@gina.local> <1018511013.20368.11.camel@atlas> Message-ID: <87u1qi6xj7.fsf@alum.wpi.edu> "Adrian 'Dagurashibanipal' von Bidder" writes: > btw, I'm having trouble with your sig, too. > > gpg: Signature made Wed Apr 10 22:31:44 2002 CEST using DSA key ID > 86ECAC0B > gpg: requesting key 86ECAC0B from wwwkeys.ch.pgp.net ... > gpg: key 86ECAC0B: invalid subkey binding > gpg: key 86ECAC0B: no valid user IDs > gpg: this may be caused by a missing self-signature > gpg: Total number processed: 1 > gpg: w/o user IDs: 1 > gpg: Can't check signature: public key not found Looks good for me though, FWIW: gpg: armor header: Version: GnuPG v1.0.6 (GNU/Linux) gpg: armor header: Comment: For info see http://www.gnupg.org gpg: Signature made Thu Apr 11 03:43:33 2002 EDT using DSA key ID 5E4B731F [GNUPG:] SIG_ID 5SSMGBL7vex80VifOlC3bV103Tw 2002-04-11 1018511013 [GNUPG:] GOODSIG C23E3DB25E4B731F Adrian von Bidder gpg: Good signature from "Adrian von Bidder " [GNUPG:] VALIDSIG B6C68E4D3B0AA69FA332CB7CC23E3DB25E4B731F 2002-04-11 1018511013 [GNUPG:] TRUST_UNDEFINED gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. gpg: Fingerprint: B6C6 8E4D 3B0A A69F A332 CB7C C23E 3DB2 5E4B 731F ttyl, -- Josh Huber From pta@psaconsultants.com Thu Apr 11 19:38:01 2002 From: pta@psaconsultants.com (Peter T. Abplanalp) Date: Thu Apr 11 18:38:01 2002 Subject: Difficulties with PGP 7.1? In-Reply-To: <1018525363.21777.5.camel@atlas> References: <1018362010.4926.70.camel@atlas> <20020410223144.A1500@gina.local> <1018511013.20368.11.camel@atlas> <873cy2ps0l.fsf@alberti.gnupg.de> <1018514528.21169.17.camel@atlas> <87pu16o7kz.fsf@alberti.gnupg.de> <1018525363.21777.5.camel@atlas> Message-ID: <20020411163907.GA13626@psaconsultants.com> --rwEMma7ioTxnRzrJ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable i have been using mutt because it seems to support gnupg and pgp the best of all the mailers i've seen; however, i took a look at evolution recently and found that it had problems with some signatures that mutt verified as good. what i'm saying is that i think the problem is with evolution and not gnupg. i haven't gotten around to trying to contact the evolution folks though. On Thu, Apr 11, 2002 at 01:42:43PM +0200, Adrian 'Dagurashibanipal' von Bid= der wrote: > On Thu, 2002-04-11 at 12:25, Werner Koch wrote: > > On 11 Apr 2002 10:42:08 +0200, Adrian 'Dagurashibanipal' von Bidder sai= d: > >=20 > > > I'm using 1.0.3 - perhaps some things are fixed in cvs. So I'll just > > > wait. (after all, it's not critical to me, it's just annoying.). > >=20 > > Noteworthy changes in version 1.0.4 (2000-10-17) > [...] >=20 > Thanks - and sorry, I was unclear. Evolution 1.0.3, that is. gpg 1.0.6. >=20 > cheers > -- vbi >=20 --=20 Peter Abplanalp Email: pta@psaconsultants.com PGP: pgp.mit.edu --rwEMma7ioTxnRzrJ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8tbwqggA8sH0iRXQRAj8YAJ9+84snA6WSsDhFOnp/nKj2jUPmWwCeI+i6 cAyLObTc+sTQBJtd8EA8FJc= =QHNd -----END PGP SIGNATURE----- --rwEMma7ioTxnRzrJ-- From miket@bluemug.com Thu Apr 11 19:53:02 2002 From: miket@bluemug.com (Mike Touloumtzis) Date: Thu Apr 11 18:53:02 2002 Subject: key security In-Reply-To: <20020410011423.GA27976@bluemug.com> References: <001401c1e022$aed50330$ede3c23f@KR6X.ORG> <200204100025.g3A0PMvx023396@jupiter.accesscable.net> <20020410011423.GA27976@bluemug.com> Message-ID: <20020411165341.GC31176@bluemug.com> On Tue, Apr 09, 2002 at 06:14:23PM -0700, miket wrote: > > Assuming GPG's hash is sound: If a passphrase consists of _truly_ random > characters from, say, a set of 64 printable characters such as the ones > used for Base64 encoding, then each character contributes log_2(64) == > 6 bits to the entropy of the passphrase. So a 22-character passphrase > using this approach represents 132 bits of entropy; thus at this point > the passphrase is not the weak link in a 128 bit cryptosystem. You can > generate passphrases like this very easily: just base64 encode chunks > of /dev/random: > > $ head -c 22 /dev/random | uuencode -m - To correct an error: this should be "head -c 16" (as another poster suggested as well) for 128 bits of passphrase randomness. We want to measure the randomness by what comes out of /dev/random, not what comes out of uuencode. miket From miket@bluemug.com Thu Apr 11 20:07:02 2002 From: miket@bluemug.com (Mike Touloumtzis) Date: Thu Apr 11 19:07:02 2002 Subject: key security In-Reply-To: <200204100325.g3A3P6vx010362@jupiter.accesscable.net> References: <20020410011423.GA27976@bluemug.com> <200204100325.g3A3P6vx010362@jupiter.accesscable.net> Message-ID: <20020411170815.GD31176@bluemug.com> On Wed, Apr 10, 2002 at 12:25:02AM -0300, Trevor Smith wrote: > > A scenario: > > 1. you have my private key but not my passphrase > 2. my passphrase is: > AGbaka-g92kLA.ba29bskt2blb992asjg.220tu0-ut\]ablb292a[B<> (or something similar) > 3. my key size is 1024 > 4. you have a message encrypted with my public key > > Which is easier: > > A. crack my passphrase (brute force?) to get to my private key or To clear up a possible misconception: the passphrase doesn't come into play if someone only has messages you sent. The passphrase is used to protect your private key on disk, and it comes into play if someone manages to steal the private key from your keyring. The passphrase is an important security measure in preventing some types of compromise (such as accidental disclosure or browser bugs that allow malicious file uploads), but if someone cracks into your computer to get the private keyring they may be also be able to capture your keystrokes, thus obtaining your passphrase. The symmetric "session" keys used for messages you send are randomly generated and have nothing to do with your passphrase. To break into your correspondence without the private key, an attacker would need to (a) break a >= 128-bit symmetric cryptosystem with a randomly chosen key and only one message's worth of text, or (b) attack the public key (e.g. by factoring). (b) is much easier, but is still considered impossible for keys >= 2048 bits. Recent developments suggest that breaking 1024-bit keys is conceivable, although it would require a multibillion-dollar computing expenditure and many cryptographers still aren't sure it can be made practical at all. These are just the cryptographic methods of breaking in. It's much easier to the grand scheme of things to break into your computer, or even to break into your house and bug your keyboard. miket From ejg-gnupg@ar.homelinux.org Thu Apr 11 20:54:01 2002 From: ejg-gnupg@ar.homelinux.org (Eduardo Gargiulo) Date: Thu Apr 11 19:54:01 2002 Subject: hide warning Message-ID: <20020411175717.GA17216@masq.ingdesi.net> --5vNYLRcllDrimb99 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi all. Is there any way to avoid see the following message gpg: Warning: using insecure memory! I see it each time i sign or verify a message. I'm using red hat GNU/Linux on a i386 and gnupg 1.0.6 version. TIA --=20 Eduardo Gargiulo ejg(at)ar.homelinux.org --5vNYLRcllDrimb99 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: see http://www2.ingdesi.net:8080/~egargiulo/gnupg.html iD8DBQE8tc57VxbsAQaGTbkRAv5FAJ9yh0/qCwYSifWuTPE+1xmW4ARMngCgu1Ue iodadmK+EqqGXDSKSo1Iosc= =NcPK -----END PGP SIGNATURE----- --5vNYLRcllDrimb99-- From ams@kemisten.nu Thu Apr 11 21:15:01 2002 From: ams@kemisten.nu (Alfred M. Szmidt) Date: Thu Apr 11 20:15:01 2002 Subject: hide warning In-Reply-To: <20020411175717.GA17216@masq.ingdesi.net> References: <20020411175717.GA17216@masq.ingdesi.net> Message-ID: <87vgay85jp.fsf@lgh163a.kemisten.nu> * Eduardo Gargiulo writes: > Hi all. Is there any way to avoid see the following message > gpg: Warning: using insecure memory! Yes, read the FAQ. 6.1) Why do I get "gpg: Warning: using insecure memory!" On many systems this program should be installed as setuid(root). This is necessary to lock memory pages. Locking memory pages prevents the operating system from writing them to disk and thereby keeping your secret keys really secret. If you get no warning message about insecure memory your operating system supports locking without being root. The program drops root privileges as soon as locked memory is allocated. On UnixWare 2.x and 7.x you should install GnuPG with the 'plock' privilege to get the same effect: filepriv -f plock /path/to/gpg If you can't or don't want to install GnuPG setuid(root), you can use the option "--no-secmem-warning" or put no-secmem-warning in your ~/.gnupg/options file (this disables the warning). On some systems (e.g., Windows) GnuPG does not lock memory pages and older GnuPG versions (<=1.0.4) issue the warning gpg: Please note that you don't have secure memory This warning can't be switched off by the above option because it was thought to be a too serious issue. However, it confused users too much so the warning was eventually removed. -- Alfred M. Szmidt From sbutler@fchn.com Thu Apr 11 21:36:01 2002 From: sbutler@fchn.com (Steve Butler) Date: Thu Apr 11 20:36:01 2002 Subject: hide warning Message-ID: <9A86613AB85FF346BB1321840DB42B4B67D62A@jupiter.fchn.com> Yes, you can do this two ways: 1. chmod +s gpg -rwsr-xr-x 1 root root 1582955 Nov 14 11:00 gpg* Mine is located in /usr/local/bin This is the preferred method. 2. --no-secmem-warning on the command line or no-secmem-warning in the options file This will ignore the problem. -----Original Message----- From: Eduardo Gargiulo [mailto:ejg-gnupg@ar.homelinux.org] Sent: Thursday, April 11, 2002 10:57 AM To: gnupg-users@gnupg.org Subject: hide warning Hi all. Is there any way to avoid see the following message gpg: Warning: using insecure memory! I see it each time i sign or verify a message. I'm using red hat GNU/Linux on a i386 and gnupg 1.0.6 version. TIA -- Eduardo Gargiulo ejg(at)ar.homelinux.org CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. From kr6x@kr6x.com Fri Apr 12 06:53:01 2002 From: kr6x@kr6x.com (Leigh S. Jones) Date: Fri Apr 12 05:53:01 2002 Subject: 1024 or 2048?? References: <04af01c1e163$c6745850$ede3c23f@KR6X.ORG> <87zo0a6xp6.fsf@alum.wpi.edu> Message-ID: <01b201c1e1d6$6abebaa0$ede3c23f@KR6X.ORG> Of course the reason that messages encrypted with 4096 bits of public key can be broken is that the NSA is equipped to brute force the symmetric encryption after some time. ----- Original Message ----- From: "Josh Huber" To: "Leigh S. Jones" Cc: Sent: Thursday, April 11, 2002 8:51 AM Subject: Re: 1024 or 2048?? > "Leigh S. Jones" writes: > > > But, fly a jetliner into a building in New York and you can bet that > > 4096 bits will not keep your messages safe. > > I'm not so sure about that... > > Of course, at that point, it would be much easier to use social > engineering tactics to get the information than trying to break the > encryption. > > Also, I wonder what would be "faster", brute forcing the symmetric > encryption on the payload, or factoring to get the key? > > ttyl, > > -- > Josh Huber From dkt@registriesltd.com.au Fri Apr 12 09:03:01 2002 From: dkt@registriesltd.com.au (David K. Trudgett) Date: Fri Apr 12 08:03:01 2002 Subject: 1024 or 2048?? In-Reply-To: <01b201c1e1d6$6abebaa0$ede3c23f@KR6X.ORG>; from kr6x@kr6x.com on Thu, Apr 11, 2002 at 08:59:16PM -0700 References: <04af01c1e163$c6745850$ede3c23f@KR6X.ORG> <87zo0a6xp6.fsf@alum.wpi.edu> <01b201c1e1d6$6abebaa0$ede3c23f@KR6X.ORG> Message-ID: <20020412160307.O2870@regdp-02.intint.registriesltd.com.au> On Thursday 2002-04-11 at 20:59:16 -0700, Leigh S. Jones wrote: > Of course the reason that messages encrypted with 4096 bits of public > key > can be broken is that the NSA is equipped to brute force the symmetric > encryption after some time. ...and how many millions of years is that? David Trudgett From graham@adey.com Fri Apr 12 09:28:01 2002 From: graham@adey.com (Graham Thorpe) Date: Fri Apr 12 08:28:01 2002 Subject: Where do I find the executable file? Message-ID: <20020412062923.QLVP14788.mta01-svc.ntlworld.com@adey1> Hi, I have just got some web hosting space with Cpanel as the front end. From = cpanel I can create key sets with gnuPG. But how to I encrypt files from a script? I am unable to find the executable = file, does anyone know where it could be hiding? =20 Graham From vogtm@skunk.physik.uni-erlangen.de Fri Apr 12 12:47:01 2002 From: vogtm@skunk.physik.uni-erlangen.de (Marco Vogt) Date: Fri Apr 12 11:47:01 2002 Subject: 1024 or 2048?? In-Reply-To: <20020412160307.O2870@regdp-02.intint.registriesltd.com.au> Message-ID: On Fri, 12 Apr 2002, David K. Trudgett wrote: > On Thursday 2002-04-11 at 20:59:16 -0700, Leigh S. Jones wrote: > > > Of course the reason that messages encrypted with 4096 bits of public > > key > > can be broken is that the NSA is equipped to brute force the symmetric > > encryption after some time. > > ...and how many millions of years is that? Lol, I totally agree. It is much cheaper to use the CIA, FBI or some other intelligence agencies to pay for information, than to use computer power over - lets say - 20 years... ********************************* * * * Marco Vogt * * Schuetzenstrasse 3 * * 90461 Nuernberg * * * * Physikalisches Institut II * * Erwin-Rommel-Str. 1 * * 91058 Erlangen * * * ********************************* Die Theorie ist ein Netz, das wir auswerfen die Welt einzufangen. ********************************* Gebt Schily keine Chance! -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org mQGiBDu0be4RBAC337EiGQwCl55d3ArLsSroFKh3ZrlnJs6Op7OIFhi6h5u4C8Qs Ndh91Ter8lhofdKHQKhUjssagk5UhJj+F/ouzN6EuX61XbI+B0LurA6KnH2Srd1x o5h2rbnLFw+CLz6CegQl4SRzz+VsyoNK4JElbpjFkpbXbBdLMiD6IqXGLwCgoeQD OKLpMExAbOXNrkMsyBF/7hsD/0LN7OpxeiT9tsdvldsqygLv8IFp7HQNE6geIhFP 1at6KnU4I+XnTFvPeCT3UbBk7cqQ+ag+NG2EizMyMVARk2vD76UTJWCbXjAxRoVE 9mbhvwNC3zR/qZj+yfnItPA7jQa/V+ffND7BoYIUSsB0oBjK31LEBbNVz5o17xUw Cq7aA/4qNn0CfsfJlcqa3ux8PFWFohdditKgNs2Kv9wHf3rC+KHbA43NeTQHW5AX lrZYeTXahJphvPegZ672sWDuOYPZ6ebJLQTlSxfXUG9+9a9jNsIapovKUO4mlQrC 1cloPFWo89+m39L0/wlWbL8GF7gHufBvAEsdDfhULebo0V1BVLQ7TWFyY28gVm9n dCAoY2hvY29jaGlwKSA8dm9ndG1Ac2t1bmsucGh5c2lrLnVuaS1lcmxhbmdlbi5k ZT6IXQQTEQIAHQUCO7Rt7gUJA8JnAAULBwoDBAMVAwIDFgIBAheAAAoJELKos5pZ CfN7/3MAoJpnBUoBicEN46dx6AH1rvKpAvtTAKCa6YA6vZb/Q/f16YP0gbLyKBIV LLkCDQQ7tG4PEAgAtvqfpTKw4YZV5vntxtLlBSxz8zAiUw0UL+Gjj22f0AU0wkQJ M0sH+1RlcRDH4QuUDrYSa6RQpSK6T0SbqdmwUjJ8GXG23q3bTm8oGGZzy2lixhbI pA19PP6XjrFswcFqqdftN2r2kgT8a6vcgR+5+gFdejSEzoOIbkNk2cocxE/O7ZHM 4sbOk36M1urbmSWYgLZGvO7+oZl4FIJXJOExE3eadHtD7cg+8zztG8etrDZe48nD We8gOhLHlPaRyGNRWr6Z4rWqLyoQMVqso49VQFXAFY0uxl3fjWlpaAj6H3VdkBAq /NCb0xvwT/fZ5qI5MY195a25xHIfVOsS6uwSFwADBQf+M3kWdmDl+5jjl2fM9Cch 0DKS64G6TR93ZHV2UQlESkoCP730PQ46lk8mFkkQsfm01SUALjin8SdyFP8t2p6v 3vgc24mo4eY2M5+yfWmvw/X9c375UI8Rf1z3TEz8bstPd1mw15tlHMf/oEFEauX6 22cUZlamnOibwsRkPXHneqK8R2PIGkvvkvNLgVsBW47wlOjA0c53z+Wh2g2SyKZr zpLac3d2AbZ5MJt19xKNXgt3ulitSwI/4HiwWaPsnoyX5BQz0313sZfiv8zgMoLX 4ZWOpO9u0AC0HZc/qWNOQltfbXRg9KDebC+H0sP3fVnLe6nrjSQDELpeFgaxR/wj VYhMBBgRAgAMBQI7tG4PBQkDwmcAAAoJELKos5pZCfN7RFIAnAoqbUECEYoQgdWu EQK7mQbucTFxAJ4meJp/dTtjrwVt74wluowM6SHDRg== =9RLh -----END PGP PUBLIC KEY BLOCK----- From rtilley@vt.edu Fri Apr 12 14:44:01 2002 From: rtilley@vt.edu (Brad Tilley) Date: Fri Apr 12 13:44:01 2002 Subject: 1024 or 2048?? In-Reply-To: <20020412160307.O2870@regdp-02.intint.registriesltd.com.au> References: <04af01c1e163$c6745850$ede3c23f@KR6X.ORG> <87zo0a6xp6.fsf@alum.wpi.edu> <01b201c1e1d6$6abebaa0$ede3c23f@KR6X.ORG> <20020412160307.O2870@regdp-02.intint.registriesltd.com.au> Message-ID: <1018611895.14530.47.camel@oubop4> Not as many as you may think. No one knows for certain whether or not they've built that quantum computer yet ;) On Fri, 2002-04-12 at 02:03, David K. Trudgett wrote: > On Thursday 2002-04-11 at 20:59:16 -0700, Leigh S. Jones wrote: > > > Of course the reason that messages encrypted with 4096 bits of public > > key > > can be broken is that the NSA is equipped to brute force the symmetric > > encryption after some time. > > ...and how many millions of years is that? > > David Trudgett > > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Brad Tilley, OUB Sys. Admin. http://bursar.vt.edu/rtilley/pgpkey From a_abdul@arabia.com Fri Apr 12 14:48:02 2002 From: a_abdul@arabia.com (a_abdul@arabia.com) Date: Fri Apr 12 13:48:02 2002 Subject: Confidential Business Proposal Message-ID: BUSINESS PROPOSAL I am a member of the financial sector of my country Kuwait. My country is interested in the purchase of a large quantity of some international products which I understand your company can assist us procure. But oweing to a tight governmental restriction from the office of the Crown Prince and the Prime Minister,Sheikh Saad Al Abdullah Al Salem Al Sabah, against the prolific and indiscriminate issuance of huge contracts to foreign companies and individuals who do not queue for such priviledged consideration, I am hereby proposing to you if you could supply us the goods quite confidentially via a neutral company established abroad which has already won the contractor favour status accordingly. Note that if you are willing to assist me and cooperate with me, it would have to be done confidentially without my fellow colleagues knowing the original source of the supply. You would be paid cash before you supply the goods. Kindly be informed at this initial stage that the sole purpose of my concern in this transaction is based on the fact that all prices for the product you are to supply, must be overin-voiced by 30% from the original price you would tender. The government would pay, but the 30% would serve as a compensation to me and some relevant officers who would assist in the approval of the contract payment to you. You would also be compensated for your assistance.Is this arrangement attainable? If it is, then please kindly contact me via email immediately so that we would resume immediate discussion on how to commence transaction. Also furnish me with your DIRECT PRIVATE TELEPHONE AND FAX NUMBERS for a more private discussion over this issue. I awaite your swift response. Best Regards. Abdul Abubakar _________________________________________ Download mersal and add me as a friend :) http://www.arabia.com/mersal/english From agreene@pobox.com Fri Apr 12 15:17:01 2002 From: agreene@pobox.com (Anthony E. Greene) Date: Fri Apr 12 14:17:01 2002 Subject: Where do I find the executable file? In-Reply-To: <20020412062923.QLVP14788.mta01-svc.ntlworld.com@adey1> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 12 Apr 2002, Graham Thorpe wrote: >I have just got some web hosting space with Cpanel as the front end. >From cpanel I can create key sets with gnuPG. But how to I encrypt files >from a script? I am unable to find the executable file, does anyone know >where it could be hiding? If you have shell access and it's a UNIX box, this command should find the executable: which gpg How to use gpg in web server scripts is FAQ that may not have made it into the FAQ, but is definitely well covered in the archives. Tony - -- Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: Linux. The choice of a GNU generation -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene 0x6C94239D iD8DBQE8ttBxpCpg3WyUI50RAvO/AJ9uDjbkoJfA/dBmeUduK2WoBNiiGACeNf1o VzwLuyggaZ6fUidIxYkSoVc= =fGbn -----END PGP SIGNATURE----- From clintroberts@pangeatech.com Fri Apr 12 15:22:02 2002 From: clintroberts@pangeatech.com (Clint Roberts) Date: Fri Apr 12 14:22:02 2002 Subject: Confidential Business Proposal In-Reply-To: Message-ID: Pitty this one wasn't encrypted using an key... Ugh. Clint On 4/12/02 4:48 AM, "a_abdul@arabia.com" wrote: > BUSINESS PROPOSAL > > > > I am a member of the financial sector of my country Kuwait. My country > is interested in the purchase of a large quantity of some international > products which I understand your company can assist us procure. > > But oweing to a tight governmental restriction from the office of the > Crown Prince and the Prime Minister,Sheikh Saad Al Abdullah Al Salem Al > Sabah, against the prolific and indiscriminate issuance of huge > contracts to foreign companies and individuals who do not queue for > such priviledged consideration, I am hereby proposing to you if you > could supply us the goods quite confidentially via a neutral company > established abroad which has already won the contractor favour status > accordingly. Note that if you are willing to assist me and cooperate > with me, it would have to be done confidentially without my fellow > colleagues knowing the original source of the supply. You would be paid > cash before you supply the goods. > > Kindly be informed at this initial stage that the sole purpose of my > concern in this transaction is based on the fact that all prices for > the product you are to supply, must be overin-voiced by 30% from the > original price you would tender. The government would pay, but the 30% > would serve as a compensation to me and some relevant officers who > would assist in the approval of the contract payment to you. You would > also be compensated for your assistance.Is this arrangement attainable? > If it is, then please kindly contact me via email immediately so that > we would resume > immediate discussion on how to commence transaction. Also furnish me > with your DIRECT PRIVATE TELEPHONE AND FAX NUMBERS for a more private > discussion over this issue. > > I awaite your swift response. > > Best Regards. > > Abdul Abubakar > > _________________________________________ > Download mersal and add me as a friend :) > http://www.arabia.com/mersal/english > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users From nicholas.dickens@human-anatomy.oxford.ac.uk Fri Apr 12 15:42:02 2002 From: nicholas.dickens@human-anatomy.oxford.ac.uk (Nicholas Dickens) Date: Fri Apr 12 14:42:02 2002 Subject: Confidential Business Proposal In-Reply-To: Message-ID: <003501c1e21f$96fc8680$01000001@fgu062> Dear All Please, please, please don't anyone reply to this it's a load of rubbish and smacks of social engineering. These things are amongst a long list of old hacker/cracker tricks to gain access to your machine. If this is not the case I will apologise but I have seen so many people duped by these in the past, and besides this is a technical mailing list and is not the place for advertisements. Regards Nick -- Nicholas Dickens BSc ARCS http://smart.ox.ac.uk nicholas.dickens@human-anatomy.ox.ac.uk On 4/12/02 4:48 AM, "a_abdul@arabia.com" wrote: > BUSINESS PROPOSAL > > > > I am a member of the financial sector of my country Kuwait. My country > is interested in the purchase of a large quantity of some international > products which I understand your company can assist us procure. > > But oweing to a tight governmental restriction from the office of the > Crown Prince and the Prime Minister,Sheikh Saad Al Abdullah Al Salem Al > Sabah, against the prolific and indiscriminate issuance of huge > contracts to foreign companies and individuals who do not queue for > such priviledged consideration, I am hereby proposing to you if you > could supply us the goods quite confidentially via a neutral company > established abroad which has already won the contractor favour status > accordingly. Note that if you are willing to assist me and cooperate > with me, it would have to be done confidentially without my fellow > colleagues knowing the original source of the supply. You would be paid > cash before you supply the goods. > > Kindly be informed at this initial stage that the sole purpose of my > concern in this transaction is based on the fact that all prices for > the product you are to supply, must be overin-voiced by 30% from the > original price you would tender. The government would pay, but the 30% > would serve as a compensation to me and some relevant officers who > would assist in the approval of the contract payment to you. You would > also be compensated for your assistance.Is this arrangement attainable? > If it is, then please kindly contact me via email immediately so that > we would resume > immediate discussion on how to commence transaction. Also furnish me > with your DIRECT PRIVATE TELEPHONE AND FAX NUMBERS for a more private > discussion over this issue. > > I awaite your swift response. > > Best Regards. > > Abdul Abubakar _________________________________________ > Download mersal and add me as a friend :) > http://www.arabia.com/mersal/english From hideki@allcity.net Fri Apr 12 16:05:01 2002 From: hideki@allcity.net (Hideki Saito) Date: Fri Apr 12 15:05:01 2002 Subject: Confidential Business Proposal In-Reply-To: <003501c1e21f$96fc8680$01000001@fgu062> References: <003501c1e21f$96fc8680$01000001@fgu062> Message-ID: <200204121306.g3CD63m04007@server-1.visp.net> I'd say I wouldn't believe any "CONFIDENTIAL business proposal" without sign and/or encryption :-p Especially when it is directed to multiple people! Anyways sender's obviously missing some points here :-) Just wanted make fun of it... Enough about spam... <> -- Hideki Saito mailto:hideki@allcity.net From sbutler@fchn.com Fri Apr 12 17:29:01 2002 From: sbutler@fchn.com (Steve Butler) Date: Fri Apr 12 16:29:01 2002 Subject: Confidential Business Proposal Message-ID: <9A86613AB85FF346BB1321840DB42B4B67D632@jupiter.fchn.com> Sure, sure! You probably also want the bank account number in order to make deposits (err, withdrawls) on a timely basis. Looks like the abuse address was shut down! SpamCop version 1.3.3 (c) Julian Haight, Joel Martin 1998-2002 All Rights Reserved Parsing input:[mailto:a_abdul@arabia.com] [show] "dig arabia.com] mx" (digging for mail exchanger) Found mailserver:mail.arabia.com. = 216.251.237.200 Tracking ip 216.251.237.200: [show] "nslookup 216.251.237.200" (getting name) 216.251.237.200 = mail.arabia.com [show] "nslookup mail.arabia.com" (checking ip) ip = 216.251.237.200 Paranoid reverse DNS passes abuse.net mail.arabia.com = abuse@arabia.com, postmaster@arabia.com abuse@arabia.com = abuse@arabia.com bounces (11283 sent : 5642 bounces) (-3) Statistics: 216.251.237.200 is not currently blocked by bl.spamcop.net More Information.. Note, this is not necessarily a reflection on the specific address given. It is rather based on the overall ISP score. Found abuse address:postmaster@arabia.com -----Original Message----- From: a_abdul@arabia.com [mailto:a_abdul@arabia.com] Sent: Friday, April 12, 2002 4:49 AM To: gnupg-users@gnupg.org Subject: Confidential Business Proposal BUSINESS PROPOSAL I am a member of the financial sector of my country Kuwait. My country is interested in the purchase of a large quantity of some international products which I understand your company can assist us procure. But oweing to a tight governmental restriction from the office of the Crown Prince and the Prime Minister,Sheikh Saad Al Abdullah Al Salem Al Sabah, against the prolific and indiscriminate issuance of huge contracts to foreign companies and individuals who do not queue for such priviledged consideration, I am hereby proposing to you if you could supply us the goods quite confidentially via a neutral company established abroad which has already won the contractor favour status accordingly. Note that if you are willing to assist me and cooperate with me, it would have to be done confidentially without my fellow colleagues knowing the original source of the supply. You would be paid cash before you supply the goods. Kindly be informed at this initial stage that the sole purpose of my concern in this transaction is based on the fact that all prices for the product you are to supply, must be overin-voiced by 30% from the original price you would tender. The government would pay, but the 30% would serve as a compensation to me and some relevant officers who would assist in the approval of the contract payment to you. You would also be compensated for your assistance.Is this arrangement attainable? If it is, then please kindly contact me via email immediately so that we would resume immediate discussion on how to commence transaction. Also furnish me with your DIRECT PRIVATE TELEPHONE AND FAX NUMBERS for a more private discussion over this issue. I awaite your swift response. Best Regards. Abdul Abubakar _________________________________________ Download mersal and add me as a friend :) http://www.arabia.com/mersal/english _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. From manckaert@belgacom.net Fri Apr 12 18:29:01 2002 From: manckaert@belgacom.net (Michael Anckaert) Date: Fri Apr 12 17:29:01 2002 Subject: 1024 or 2048?? In-Reply-To: <20020412160307.O2870@regdp-02.intint.registriesltd.com.au> References: <01b201c1e1d6$6abebaa0$ede3c23f@KR6X.ORG> <20020412160307.O2870@regdp-02.intint.registriesltd.com.au> Message-ID: <31031409162800.00705@carpathia> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday 12 April 2002 08:03, you wrote: > On Thursday 2002-04-11 at 20:59:16 -0700, Leigh S. Jones wrote: > > Of course the reason that messages encrypted with 4096 bits of public > > key > > can be broken is that the NSA is equipped to brute force the symmetric > > encryption after some time. > > ...and how many millions of years is that? > > David Trudgett > if they really want to get to your data, they can break a 4096 bits key in about 7-8 months. But they wont do that unless you're a really big guy named osamma... After all it will take all their resources they have to break in such a short time span. - -- - ---------------------------------------------- Michael Anckaert manckaert@belgacom.net http://galileo.spaceports.com/~xantor Public gpg key: xantor Public gpg key-id: 360AC4A6 - ---------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAnMcbGoACgkQ+99tlzYKxKbDzACdGUexRNKnS+6qcfiMXTtVzfz3 O8wAnjyq6pe0Fxm8U668GflpTTq9lbfX =S9wn -----END PGP SIGNATURE----- From rasoul@rhythm.com Sat Apr 13 02:04:01 2002 From: rasoul@rhythm.com (Rasoul Hajikhani) Date: Sat Apr 13 01:04:01 2002 Subject: --command-fd Message-ID: <3CB76828.CC926EC1@rhythm.com> Hello People, I am trying to delete a key pair from an Apache thread. Here is my command: gpg --homedir /usr/lsd/apache-ssl/htdocs/secureDB/PGP/.gnupg --no-tty --command-fd 0 --delete-secret-and-public-key testtwo@rhythm.com The documentation for gpg says that --command-fd should be used with --status-fd but fails to explain how. Can someone shed some light on this for me? Thanks in advance. -r From kr6x@kr6x.com Sat Apr 13 02:49:01 2002 From: kr6x@kr6x.com (Leigh S. Jones, KR6X) Date: Sat Apr 13 01:49:01 2002 Subject: --command-fd References: <3CB76828.CC926EC1@rhythm.com> Message-ID: <009c01c1e27c$c1795160$963fca96@pacesetter.com> To avoid forcing the user to put sensitive information onto the command line (and thus compromising security due to the availability of commands such as ps -ef or ps -aux on Unix/Linux systems that allow all users access to your command line contents) gpg accepts inputs that could be sensitive into files, opening the files, and passing the file descriptors to the gpg command line as ASCII decimal integers. The file descriptors could actually point to an open file or a memory buffer, but your ability to control read access to your disk files under Unix allows you to protect your sensitive data. This could be used to protect your password, as in "gpg --passphrase #### --status-fd #### -u [user] --batch --clearsign [filename]". The file descriptor #### that follows --status-fd gets the text from the gpg status messages that would be outputted to the screen otherwise. You must have the file open when you execute the command. If you use file descriptors like the zero that you've illustrated below, you are usually indicating keyboard input. Isn't it zero for keyboard (stdin), 1 for screen output (stdout), 2 for error (stderr) on many machines? When the --command-fd 0 is indicated on the command line, it is usually being used to allow the command line calling the batch file to pass the command, something like putting in the password with: echo [password] | gpg --passphrase 0 -u [user] -d [filename] Of course, you'd only do this on a single user computer that will not other users to view your password, like a home computer running Linux that isn't connected to the network. ----- Original Message ----- From: "Rasoul Hajikhani" To: Sent: Friday, April 12, 2002 16:05 Subject: --command-fd > Hello People, > I am trying to delete a key pair from an Apache thread. Here is my > command: > > gpg --homedir /usr/lsd/apache-ssl/htdocs/secureDB/PGP/.gnupg --no-tty > --command-fd 0 --delete-secret-and-public-key testtwo@rhythm.com > > The documentation for gpg says that --command-fd should be used with > --status-fd but fails to explain how. Can someone shed some light on > this for me? > Thanks in advance. > -r > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > From peter-lists@hutnick.com Sat Apr 13 09:04:02 2002 From: peter-lists@hutnick.com (Peter Hutnick) Date: Sat Apr 13 08:04:02 2002 Subject: Integrated GnuPG use with MS Outlook Message-ID: <200204130003.31118.peter-lists@hutnick.com> Hello, Does anyone know of a way to use GnuPG with MS Outlook? The only thing I could find is the G DATA GnuPG-Plugin. The download link at http://www3.gdata.de/gpg/ doesn't go anywhere. Can anyone vouch for this thing? Better yet, is there an option out there that I missed? Thanks, Peter From agreene@pobox.com Sat Apr 13 09:55:02 2002 From: agreene@pobox.com (Anthony E. Greene) Date: Sat Apr 13 08:55:02 2002 Subject: Integrated GnuPG use with MS Outlook Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, 2002-04-13 at 02:03, Peter Hutnick wrote: > Does anyone know of a way to use GnuPG with MS Outlook? The only thing I > could find is the G DATA GnuPG-Plugin. The download link at > http://www3.gdata.de/gpg/ doesn't go anywhere. > > Can anyone vouch for this thing? > > Better yet, is there an option out there that I missed? You could use WinPT. It sits in the system tray and allows you to perform GPG actions on the current window or the clipboard. That's not as integrated as a plugin, but it works. Tony - -- Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: Linux. The choice of a GNU generation -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene 0x6C94239D iD8DBQE8t9ampCpg3WyUI50RAjFUAJ9ZyzSlpL3oL48+ASiPAudpwtD+UACfTUdp KvAg1BYakT6VpKPJwxFBwlg= =kEzD -----END PGP SIGNATURE----- From andriash@telus.net Sat Apr 13 09:58:02 2002 From: andriash@telus.net (Nick Andriash) Date: Sat Apr 13 08:58:02 2002 Subject: Integrated GnuPG use with MS Outlook In-Reply-To: <200204130003.31118.peter-lists@hutnick.com> References: <200204130003.31118.peter-lists@hutnick.com> Message-ID: <20020412235754.F39F.ANDRIASH@telus.net> Hello Peter Hutnick, On Friday, April 12 2002 at 11:03 PM PDT, you wrote: > Does anyone know of a way to use GnuPG with MS Outlook? You can always use GPG with a Windows front-end like GPGShell or WinPT. -- Nick Andriash Courtenay, B.C. Canada From peter-lists@hutnick.com Sat Apr 13 10:46:01 2002 From: peter-lists@hutnick.com (Peter Hutnick) Date: Sat Apr 13 09:46:01 2002 Subject: Integrated GnuPG use with MS Outlook In-Reply-To: References: Message-ID: <200204130145.16176.peter-lists@hutnick.com> On Saturday 13 April 2002 12:56 am, Anthony E. Greene wrote: > On Sat, 2002-04-13 at 02:03, Peter Hutnick wrote: > > Does anyone know of a way to use GnuPG with MS Outlook? The only thing I > > could find is the G DATA GnuPG-Plugin. The download link at > > http://www3.gdata.de/gpg/ doesn't go anywhere. > > > > Can anyone vouch for this thing? > > > > Better yet, is there an option out there that I missed? > > You could use WinPT. It sits in the system tray and allows you to > perform GPG actions on the current window or the clipboard. That's not > as integrated as a plugin, but it works. Okay, here's the thing . . . My Dad uses Outlook (I use KMail :-P ) and he /has/ to use Outlook or the world will end or something. I'm familiar with WinPT, and it is definitely something. But Dad, bless him, needs stuff to be real simple. All that cutting and pasting; we'd have to break down and put him in the home. It's funny, he's actually made his living in the computer field for 30+ years (He worked on an automated payroll system in Viet Nam!) but you put him in front of windows and he is a gibbering idiot. But then, can you blame him? In spite of this he continues to believe that windows is the One True business OS. Soooo, I'm fighting the good fight on the windows front, but I have to pick my battles. I want him off of windows, but I /need/ him on PGP. It looks like PGPi freeware will do the trick, but I'd rather push Free Software. (BTW, are Good Works required for Sainthood in the Church of EMACS? I /think/ I am pure, now that I have the accursed Pico off my system! The greatest trick the Devil ever pulled was convincing the world that Pine and Pico are Free Software! Thank God for GNU nano!) Still looking for suggestions. Thanks Again, Peter From pta@psaconsultants.com Sat Apr 13 16:28:01 2002 From: pta@psaconsultants.com (Peter T. Abplanalp) Date: Sat Apr 13 15:28:01 2002 Subject: Integrated GnuPG use with MS Outlook In-Reply-To: <200204130003.31118.peter-lists@hutnick.com> References: <200204130003.31118.peter-lists@hutnick.com> Message-ID: <20020413132831.GB16470@psaconsultants.com> --wq9mPyueHGvFACwf Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable i have a similar problem. i would like for my accountant to use pgp but she must have things simple so i looked at the g-data gnupg plugin and it works well. the link you list works for me, perhaps there was a transient problem. you can go directly to the download at: http://www3.gdata.de/gpg/download.html. so, the plugin is fairly nice but i have to say that the command line interface to gnupg is not simple for windows users and gpa still isn't as fully featured as pgpkeys. if you really need things to be at their simplest, i would suggest you have your dad install freeeware pgp from pgpi.org. that said, i use gnupg myself because i like gnu! ;-) one other thing, when you get your dad set up, you will find that outlook cannot handle pgp/mime and that you will need to set your emailer to send "traditional" pgp email to your dad. if you have further question, don't hesitate to ask. On Sat, Apr 13, 2002 at 12:03:31AM -0600, Peter Hutnick wrote: > Hello, >=20 > Does anyone know of a way to use GnuPG with MS Outlook? The only thing I= =20 > could find is the G DATA GnuPG-Plugin. The download link at=20 > http://www3.gdata.de/gpg/ doesn't go anywhere. >=20 > Can anyone vouch for this thing? >=20 > Better yet, is there an option out there that I missed? >=20 > Thanks, > Peter >=20 > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users --=20 Peter Abplanalp Email: pta@psaconsultants.com PGP: pgp.mit.edu --wq9mPyueHGvFACwf Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8uDJ+ggA8sH0iRXQRAnEKAJ9i+0DPtATi3NZ3WyDEWb4B9/WuhgCfQt0E /Q2Xtfsuyxpvxpu2dsXbYaY= =YhI7 -----END PGP SIGNATURE----- --wq9mPyueHGvFACwf-- From Enzo Michelangeli" If the options file contains "armor", how can I force binary output? I couldn't find a "--noarmor" command line option equivalemt to PGP's "+armor=off". Enzo From lionel@mamane.lu Sun Apr 14 14:50:01 2002 From: lionel@mamane.lu (Lionel Elie Mamane) Date: Sun Apr 14 13:50:01 2002 Subject: Overriding "armor" in options file with command line option In-Reply-To: <020d01c1e3a3$98cf9580$0200000a@noip.com> References: <020d01c1e3a3$98cf9580$0200000a@noip.com> Message-ID: <20020414115105.GA7872@home.mamane.lu> On Sun, Apr 14, 2002 at 07:00:19PM +0800, Enzo Michelangeli wrote: > If the options file contains "armor", how can I force binary output? --no-armor -- Lionel From johanw@vulcan.xs4all.nl Sun Apr 14 22:34:01 2002 From: johanw@vulcan.xs4all.nl (Johan Wevers) Date: Sun Apr 14 21:34:01 2002 Subject: 1024 or 2048?? In-Reply-To: <87zo0a6xp6.fsf@alum.wpi.edu> from Josh Huber at "Apr 11, 2002 11:51:01 am" Message-ID: <200204111923.VAA01801@vulcan.xs4all.nl> Josh Huber wrote: > Of course, at that point, it would be much easier to use social > engineering tactics to get the information than trying to break the > encryption. In that case, questioning techniques like "if you don't give us the key you loose your other fingers too" are likely to be used. > Also, I wonder what would be "faster", brute forcing the symmetric > encryption on the payload, or factoring to get the key? A 128 bit symetric key is roughly comparable to a 2048 bit RSA or DH key. But since the asymetric key is used often and the symetric session key only once it is logical to make those keys a bit stronger than the symetric key. Also, the strength of RSA and DH is still based on mathematical assumptions that are unproven (but not proven false either). -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From cwsiv_home1@juno.com Mon Apr 15 07:59:02 2002 From: cwsiv_home1@juno.com (carl w spitzer) Date: Mon Apr 15 06:59:02 2002 Subject: Portable USE PGP/GNUPG References: <9A86613AB85FF346BB1321840DB42B4B67D60F@jupiter.fchn.com> Message-ID: <20020414.215829.8871.1.cwsiv_home1@juno.com> Now that i have a burner can I setup either one or both programs to run from CD assuming that the CDR at home has a different drive designation than I would find on the road? I am assuming not having a CDRW on the road for updates. Are their limits as to which versions I can use relavant to this question? o _______________________________ o _____ | CWSIV_HOME1@JUNO.COM | .][__n_n_|DD[ ====_____ | M A R K L I N T R A I N S | > (________|__|_[_________]_|___________________________| _/oo OOOOO oo` ooo ooo 'o!o!o o!o!o` ________________________________________________________________ GET INTERNET ACCESS FROM JUNO! Juno offers FREE or PREMIUM Internet access for less! Join Juno today! For your FREE software, visit: http://dl.www.juno.com/get/web/. From cwsiv_home1@juno.com Mon Apr 15 07:59:05 2002 From: cwsiv_home1@juno.com (carl w spitzer) Date: Mon Apr 15 06:59:05 2002 Subject: key security References: <9A86613AB85FF346BB1321840DB42B4B67D611@jupiter.fchn.com> Message-ID: <20020414.215829.8871.2.cwsiv_home1@juno.com> Your looking for homonyms. I might suggest looking for a phrase or poem and picking a stanza; then looking for both homonyms and synonyms for alternating key words. If you really want to get fancy find an online translater and run your phrase through that just pick a language you dont speak. You could even use phonetic spellings on top of that and have several on hand to see which you can remember best. o _______________________________ o _____ | CWSIV_HOME1@JUNO.COM | .][__n_n_|DD[ ====_____ | M A R K L I N T R A I N S | > (________|__|_[_________]_|___________________________| _/oo OOOOO oo` ooo ooo 'o!o!o o!o!o` On Wed, 10 Apr 2002 07:33:43 -0700 "Steve Butler" writes: >Throw in some "bad" spellings or words that sound the same but are >spelled >differently with different meanings <> like, >not >versus knot. Use some random capitalization and a few numbers or >other >strange keys at weird places. > >The most important part -- remember it! > ________________________________________________________________ GET INTERNET ACCESS FROM JUNO! Juno offers FREE or PREMIUM Internet access for less! Join Juno today! For your FREE software, visit: http://dl.www.juno.com/get/web/. From agreene@pobox.com Mon Apr 15 08:36:01 2002 From: agreene@pobox.com (Anthony E. Greene) Date: Mon Apr 15 07:36:01 2002 Subject: Portable USE PGP/GNUPG In-Reply-To: <20020414.215829.8871.1.cwsiv_home1@juno.com>; from cwsiv_home1@juno.com on Sun, Apr 14, 2002 at 06:10:05PM -0700 References: <9A86613AB85FF346BB1321840DB42B4B67D60F@jupiter.fchn.com> <20020414.215829.8871.1.cwsiv_home1@juno.com> Message-ID: <20020415013738.A5306@cp5340> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, Apr 14, 2002 at 06:10:05PM -0700, carl w spitzer wrote: >Now that i have a burner can I setup either one or both programs to run >from CD assuming that the CDR at home has a different drive designation >than I would find on the road? I think GnuPG will run from a floppy if your keyrings are small. I think PGP has to be installed because of the DLLs it uses. Tony - -- Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: Linux. The choice of a GNU generation -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene 0x6C94239D iD8DBQE8umcipCpg3WyUI50RAn+HAKDDENLad/8yU574U49YAHz5NXSUFACgtBI9 MJgKeXumeTpugXzbIFzpOwY= =LPhV -----END PGP SIGNATURE----- From gan-zhi@cs.sjtu.edu.cn Mon Apr 15 10:02:01 2002 From: gan-zhi@cs.sjtu.edu.cn (gan zhi) Date: Mon Apr 15 09:02:01 2002 Subject: Can I use GPGOE to verify message? References: <9A86613AB85FF346BB1321840DB42B4B67D611@jupiter.fchn.com> <20020414.215829.8871.2.cwsiv_home1@juno.com> Message-ID: <003501c1e44b$79c7c560$122650d3@sjtu.edu.cn> SSBjYW4ndCBmaW5kIGEgYnV0dG9uIHRvIGRvIHRoaXMgam9iLg0K From jayachristina@hotmail.com Mon Apr 15 15:20:01 2002 From: jayachristina@hotmail.com (Jaya Christina) Date: Mon Apr 15 14:20:01 2002 Subject: Integrated GnuPG use with MS Outlook Message-ID: Hi Peter, I tried this and it is working all fine.. using the http://www3.gdata.de/gpg/download.html to download the plug-in. Thanx. Didnt know it is so easy. Ciao, Jaya Christina From elindmayer@compuserve.de Mon Apr 15 15:20:05 2002 From: elindmayer@compuserve.de (Edmund Lindmayer) Date: Mon Apr 15 14:20:05 2002 Subject: Encrypt a whole directory in a single pass Message-ID: <000b01c1e478$158a2cf0$1400a8c0@satprowin> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, I want to encrypt a all files in a directory with gpg --symmetric in a = single pass. Is this possible, and how to do it? Thank you very much. Edmund Lindmayer -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (MingW32) Comment: Weitere Infos: siehe http://www.gnupg.org iEYEARECAAYFAjy6xJ8ACgkQaXNVppfGXfpKogCfenSrgPuN5ahGbv6IegQt7TfL +a8An1LYkigh/QdX8/sqPyl69uhAfazb =3DsVYo -----END PGP SIGNATURE----- From jayachristina@hotmail.com Mon Apr 15 15:22:01 2002 From: jayachristina@hotmail.com (Jaya Christina) Date: Mon Apr 15 14:22:01 2002 Subject: Integrated GnuPG use with MS Outlook Message-ID: Hi Peter, I tried this plugin U mentioned from http://www3.gdata.de/gpg/download.html and it is working just fine. Thanx Ciao, Jaya From agreene@pobox.com Mon Apr 15 15:37:01 2002 From: agreene@pobox.com (Anthony E. Greene) Date: Mon Apr 15 14:37:01 2002 Subject: Encrypt a whole directory in a single pass In-Reply-To: <000b01c1e478$158a2cf0$1400a8c0@satprowin>; from elindmayer@compuserve.de on Mon, Apr 15, 2002 at 02:20:47PM +0200 References: <000b01c1e478$158a2cf0$1400a8c0@satprowin> Message-ID: <20020415083802.A8942@cp5340> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, Apr 15, 2002 at 02:20:47PM +0200, Edmund Lindmayer wrote: >I want to encrypt a all files in a directory with gpg --symmetric in a >single pass. Is this possible, and how to do it? On Windows, you will probably have to zip the directory first. On Linux, I recommend tar instead, because it keeps the permissions and ownership. Tony - -- Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: Linux. The choice of a GNU generation -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene 0x6C94239D iD8DBQE8usmppCpg3WyUI50RAvHRAJ0fdg7kXECoq963XJJlZE0KbCHg1gCguBpo U4i7N6NrWrmjgXX0te+/11Q= =Qyb4 -----END PGP SIGNATURE----- From twoaday@freakmail.de Mon Apr 15 15:45:01 2002 From: twoaday@freakmail.de (Timo Schulz) Date: Mon Apr 15 14:45:01 2002 Subject: Can I use GPGOE to verify message? In-Reply-To: <003501c1e44b$79c7c560$122650d3@sjtu.edu.cn> References: <9A86613AB85FF346BB1321840DB42B4B67D611@jupiter.fchn.com> <20020414.215829.8871.2.cwsiv_home1@juno.com> <003501c1e44b$79c7c560$122650d3@sjtu.edu.cn> Message-ID: <20020415124612.GA2734@daredevil.joesixpack.net> On Mon Apr 15 2002; 15:02, gan zhi wrote: > I can't find a button to do this job. GPGOE automatically verifies a message when it was signed. But this is only true when the signature is a traditional PGP inline signature (a cleartext signature). There is no support for PGP/MIME signed messages. Timo From sbutler@fchn.com Mon Apr 15 17:22:01 2002 From: sbutler@fchn.com (Steve Butler) Date: Mon Apr 15 16:22:01 2002 Subject: Integrated GnuPG use with MS Outlook Message-ID: <9A86613AB85FF346BB1321840DB42B4B67D642@jupiter.fchn.com> Have you looked at www.winpt.org ? -----Original Message----- From: Peter Hutnick [mailto:peter-lists@hutnick.com] Sent: Friday, April 12, 2002 11:04 PM To: gnupg-users@gnupg.org Subject: Integrated GnuPG use with MS Outlook Hello, Does anyone know of a way to use GnuPG with MS Outlook? The only thing I could find is the G DATA GnuPG-Plugin. The download link at http://www3.gdata.de/gpg/ doesn't go anywhere. Can anyone vouch for this thing? Better yet, is there an option out there that I missed? Thanks, Peter _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. From pekasz@lodz.ptkardio.pl Mon Apr 15 17:48:01 2002 From: pekasz@lodz.ptkardio.pl (Piotr Kasztelowicz) Date: Mon Apr 15 16:48:01 2002 Subject: Help with compilation gpg 1.0.6 on Solaris7 Message-ID: Hello I attempt to compile GnuPG 1.6.0 on Solaris7 with gcc 2.95.3 any error has been reported make[2]: Nothing to be done for `all'. make[2]: Leaving directory `/export/home/pekasz/sources/gnupg-1.0.6/po' Making all in doc make[2]: Entering directory `/export/home/pekasz/sources/gnupg-1.0.6/doc' make[2]: Nothing to be done for `all'. make[2]: Leaving directory `/export/home/pekasz/sources/gnupg-1.0.6/doc' Making all in checks make[2]: Entering directory `/export/home/pekasz/sources/gnupg-1.0.6/checks' ../g10/gpg --no-options --no-greeting --batch --quiet --yes --dearmor -o ./pubring.gpg ./pubring.asc ld.so.1: ../g10/gpg: fatal: libz.so: open failed: No such file or directory make[2]: *** [pubring.gpg] Killed make[2]: Leaving directory `/export/home/pekasz/sources/gnupg-1.0.6/checks' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/export/home/pekasz/sources/gnupg-1.0.6' make: *** [all-recursive-am] Error 2 file libz.so has been presented and placed in /usr/local/lib Please help to solve problem Piotr --- Piotr Kasztelowicz [http://www.am.torun.pl/~pekasz] From pta@psaconsultants.com Mon Apr 15 18:07:02 2002 From: pta@psaconsultants.com (Peter T. Abplanalp) Date: Mon Apr 15 17:07:02 2002 Subject: Help with compilation gpg 1.0.6 on Solaris7 In-Reply-To: References: Message-ID: <20020415150808.GC26487@psaconsultants.com> --DSayHWYpDlRfCAAQ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable make sure you have /usr/local/lib in your LD_LIBRARY_PATH. On Mon, Apr 15, 2002 at 04:40:22PM +0200, Piotr Kasztelowicz wrote: > Hello >=20 > I attempt to compile GnuPG 1.6.0 > on Solaris7 with gcc 2.95.3 >=20 > any error has been reported >=20 > make[2]: Nothing to be done for `all'. > make[2]: Leaving directory `/export/home/pekasz/sources/gnupg-1.0.6/po' > Making all in doc > make[2]: Entering directory `/export/home/pekasz/sources/gnupg-1.0.6/doc' > make[2]: Nothing to be done for `all'. > make[2]: Leaving directory `/export/home/pekasz/sources/gnupg-1.0.6/doc' > Making all in checks > make[2]: Entering directory > `/export/home/pekasz/sources/gnupg-1.0.6/checks' > ../g10/gpg --no-options --no-greeting --batch --quiet --yes --dearmor -o > ./pubring.gpg ./pubring.asc > ld.so.1: ../g10/gpg: fatal: libz.so: open failed: No such file or > directory > make[2]: *** [pubring.gpg] Killed > make[2]: Leaving directory > `/export/home/pekasz/sources/gnupg-1.0.6/checks' > make[1]: *** [all-recursive] Error 1 > make[1]: Leaving directory `/export/home/pekasz/sources/gnupg-1.0.6' > make: *** [all-recursive-am] Error 2 >=20 > file libz.so has been presented and placed in /usr/local/lib >=20 > Please help to solve problem >=20 > Piotr > --- > Piotr Kasztelowicz > [http://www.am.torun.pl/~pekasz] >=20 >=20 > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users --=20 Peter Abplanalp Email: pta@psaconsultants.com PGP: pgp.mit.edu --DSayHWYpDlRfCAAQ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8uuzXggA8sH0iRXQRAviPAKCaq03lrSdceEqTia8PAQb0qdvW7gCfaVba MQpUw1UyLrDe49Lzbi2Cx8g= =MBNy -----END PGP SIGNATURE----- --DSayHWYpDlRfCAAQ-- From andriash@telus.net Mon Apr 15 18:14:01 2002 From: andriash@telus.net (Nick Andriash) Date: Mon Apr 15 17:14:01 2002 Subject: Encrypt a whole directory in a single pass In-Reply-To: <20020415083802.A8942@cp5340> References: <000b01c1e478$158a2cf0$1400a8c0@satprowin> <20020415083802.A8942@cp5340> Message-ID: <20020415081237.F6F5.ANDRIASH@telus.net> Hello Anthony E. Greene, On Monday, April 15 2002 at 05:38 AM PDT, you wrote: > Mime-Version: 1.0 > Content-Type: application/pgp; x-action=sign; format=text > Content-Disposition: inline; filename="msg.pgp" > User-Agent: Mutt/1.2.5i Tony, all I ever get with your Postings are headers... with a msg.pgp attachment. Are you using PGP/MIME by chance? What do I have to do to read your postings? Can you try not using whatever method you are using... at least to a Public ML where not all of us have support for what you're using? -- Nick Andriash Courtenay, B.C. Canada From lhecking@nmrc.ie Mon Apr 15 18:15:02 2002 From: lhecking@nmrc.ie (Lars Hecking) Date: Mon Apr 15 17:15:02 2002 Subject: Help with compilation gpg 1.0.6 on Solaris7 In-Reply-To: References: Message-ID: <20020415151459.GA8415@nmrc.ie> > file libz.so has been presented and placed in /usr/local/lib If you are using csh/tcsh: $ make clean $ env LD_RUN_PATH=/usr/local/lib make In a Korn/Bourne shell: $ make clean $ LD_RUN_PATH=/usr/local/lib make From JanuszA.Urbanowicz Mon Apr 15 18:16:01 2002 From: JanuszA.Urbanowicz (JanuszA.Urbanowicz) Date: Mon Apr 15 17:16:01 2002 Subject: Help with compilation gpg 1.0.6 on Solaris7 In-Reply-To: from Piotr Kasztelowicz at "Apr 15, 2002 04:40:22 pm" Message-ID: Piotr Kasztelowicz wrote/napisa=B3[a]/schrieb: > Hello > ../g10/gpg --no-options --no-greeting --batch --quiet --yes --dearmor -o > ./pubring.gpg ./pubring.asc > ld.so.1: ../g10/gpg: fatal: libz.so: open failed: No such file or > directory > make[2]: *** [pubring.gpg] Killed > make[2]: Leaving directory > `/export/home/pekasz/sources/gnupg-1.0.6/checks' > make[1]: *** [all-recursive] Error 1 > make[1]: Leaving directory `/export/home/pekasz/sources/gnupg-1.0.6' > make: *** [all-recursive-am] Error 2 >=20 > file libz.so has been presented and placed in /usr/local/lib >=20 > Please help to solve problem ./configure --with-included-zlib ? Alex --=20 C _-=3D-_ H| Janusz A. Urbanowicz | ALEX3-RIPE | SF-F Framling | | = * =09 ; (_O : +-------------------------------------------------------------+ --= +~|=09 ! &~) ? | P=B3yn=B1=E6 chc=EA na Wsch=F3d, za Suez, gdzie jest dobrem ka= =BFde z=B3o | l_|/=09 A ~-=3D-~ O| Gdzie przykaza=F1 brak dziesi=EAciu, a pi=E6 mo=BFna a=BF po d= no; | | =20 From lhecking@nmrc.ie Mon Apr 15 18:20:01 2002 From: lhecking@nmrc.ie (Lars Hecking) Date: Mon Apr 15 17:20:01 2002 Subject: Help with compilation gpg 1.0.6 on Solaris7 In-Reply-To: <20020415150808.GC26487@psaconsultants.com> References: <20020415150808.GC26487@psaconsultants.com> Message-ID: <20020415152051.GA8459@nmrc.ie> Peter T. Abplanalp writes: > make sure you have /usr/local/lib in your LD_LIBRARY_PATH. Bad advice. Do not use LD_LIBRARY_PATH. From pta@psaconsultants.com Mon Apr 15 18:33:01 2002 From: pta@psaconsultants.com (Peter T. Abplanalp) Date: Mon Apr 15 17:33:01 2002 Subject: Help with compilation gpg 1.0.6 on Solaris7 In-Reply-To: <20020415152051.GA8459@nmrc.ie> References: <20020415150808.GC26487@psaconsultants.com> <20020415152051.GA8459@nmrc.ie> Message-ID: <20020415153417.GD26487@psaconsultants.com> --C1iGAkRnbeBonpVg Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Apr 15, 2002 at 04:20:51PM +0100, Lars Hecking wrote: =20 > Bad advice. Do not use LD_LIBRARY_PATH. what's wrong with it? --=20 Peter Abplanalp Email: pta@psaconsultants.com PGP: pgp.mit.edu --C1iGAkRnbeBonpVg Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8uvL4ggA8sH0iRXQRAkNnAJ0SCKZeCG+jBN9nBIQ2pumP39hdzwCcDR9D h8w+TMUFKhaKxH7jVB2taNU= =FY1m -----END PGP SIGNATURE----- --C1iGAkRnbeBonpVg-- From lhecking@nmrc.ie Mon Apr 15 18:45:02 2002 From: lhecking@nmrc.ie (Lars Hecking) Date: Mon Apr 15 17:45:02 2002 Subject: Help with compilation gpg 1.0.6 on Solaris7 In-Reply-To: <20020415153417.GD26487@psaconsultants.com> References: <20020415150808.GC26487@psaconsultants.com> <20020415152051.GA8459@nmrc.ie> <20020415153417.GD26487@psaconsultants.com> Message-ID: <20020415154513.GA8685@nmrc.ie> Peter T. Abplanalp writes: > On Mon, Apr 15, 2002 at 04:20:51PM +0100, Lars Hecking wrote: > > > Bad advice. Do not use LD_LIBRARY_PATH. > > what's wrong with it? It's a security hazard. The recommended way is to compile the library search path into the executable, and there are several ways of doing this. I have posted one possibility. http://groups.google.com/groups?hl=en&q=LD_LIBRARY_PATH+security From pta@psaconsultants.com Mon Apr 15 18:59:01 2002 From: pta@psaconsultants.com (Peter T. Abplanalp) Date: Mon Apr 15 17:59:01 2002 Subject: Help with compilation gpg 1.0.6 on Solaris7 In-Reply-To: <20020415154513.GA8685@nmrc.ie> References: <20020415150808.GC26487@psaconsultants.com> <20020415152051.GA8459@nmrc.ie> <20020415153417.GD26487@psaconsultants.com> <20020415154513.GA8685@nmrc.ie> Message-ID: <20020415160020.GE26487@psaconsultants.com> --Rgf3q3z9SdmXC6oT Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Apr 15, 2002 at 04:45:13PM +0100, Lars Hecking wrote: > It's a security hazard. The recommended way is to compile the library > search path into the executable, and there are several ways of doing > this. I have posted one possibility. >=20 > http://groups.google.com/groups?hl=3Den&q=3DLD_LIBRARY_PATH+security thanks. i was unaware of the problem. i will do some research. --=20 Peter Abplanalp Email: pta@psaconsultants.com PGP: pgp.mit.edu --Rgf3q3z9SdmXC6oT Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8uvkTggA8sH0iRXQRApQoAJ44yYnDbno10DGo5rsoVFsyQozCUQCeIH0W ba2X733RgasqRQdFhA+zreI= =IG0t -----END PGP SIGNATURE----- --Rgf3q3z9SdmXC6oT-- From pekasz@lodz.ptkardio.pl Mon Apr 15 19:32:01 2002 From: pekasz@lodz.ptkardio.pl (Piotr Kasztelowicz) Date: Mon Apr 15 18:32:01 2002 Subject: Help with compilation gpg 1.0.6 on Solaris7 In-Reply-To: <20020415151459.GA8415@nmrc.ie> Message-ID: Hallo On Mon, 15 Apr 2002, Lars Hecking wrote: > > > file libz.so has been presented and placed in /usr/local/lib > > If you are using csh/tcsh: > > $ make clean > $ env LD_RUN_PATH=/usr/local/lib make I have made it and it works, it is already compiled. Thank you Lars and all, who has answered my question to advise my Piotr --- Piotr Kasztelowicz [http://www.am.torun.pl/~pekasz] From pekasz@lodz.ptkardio.pl Mon Apr 15 21:08:02 2002 From: pekasz@lodz.ptkardio.pl (Piotr Kasztelowicz) Date: Mon Apr 15 20:08:02 2002 Subject: How do I achieve full compatibility Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello I'll ask, how do I achieve full compatibility between GnuPG 1.0.6 and PGP 7.x.x. I known, to take it with signatures --force-v3-sigs should be used. But my friends using PGP can not read my email, while they are by me encrypted using GnuPG. My GnuPG public key i available on http://www.am.torun.pl/~pekasz/pgp or on http://sun.lodz.ptkardio.pl:11371 P. - --- Piotr Kasztelowicz [http://www.am.torun.pl/~pekasz] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (SunOS) Comment: For info see http://www.gnupg.org iD8DBQE8uxVHXThz8vPu2K8RAuImAJ4hgPL5xZujjJ1RvvKDSQWAxlgfmgCgr6Np uIbaLKCs8/KOPi0ZxD1zvus= =oCGs -----END PGP SIGNATURE----- From andriash@telus.net Mon Apr 15 21:37:01 2002 From: andriash@telus.net (Nick Andriash) Date: Mon Apr 15 20:37:01 2002 Subject: How do I achieve full compatibility In-Reply-To: References: Message-ID: <20020415113654.F701.ANDRIASH@telus.net> Hello Piotr Kasztelowicz, On Monday, April 15 2002 at 11:00 AM PDT, you wrote: > I'll ask, how do I achieve full compatibility between GnuPG 1.0.6 > and PGP 7.x.x. What about the --openpgp command? Will that not work? -- Nick Andriash Courtenay, B.C. Canada From agreene@pobox.com Mon Apr 15 22:14:02 2002 From: agreene@pobox.com (Anthony E. Greene) Date: Mon Apr 15 21:14:02 2002 Subject: Encrypt a whole directory in a single pass In-Reply-To: <20020415081237.F6F5.ANDRIASH@telus.net>; from andriash@telus.net on Mon, Apr 15, 2002 at 08:14:51AM -0700 References: <000b01c1e478$158a2cf0$1400a8c0@satprowin> <20020415083802.A8942@cp5340> <20020415081237.F6F5.ANDRIASH@telus.net> Message-ID: <20020415151440.C21010@asmoweb.hqda.pentagon.mil> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, Apr 15, 2002 at 08:14:51AM -0700, Nick Andriash wrote: >Tony, all I ever get with your Postings are headers... with a msg.pgp >attachment. Are you using PGP/MIME by chance? What do I have to do to >read your postings? Can you try not using whatever method you are >using... at least to a Public ML where not all of us have support for >what you're using? I switched to mutt yesterday, and I thought I had the clearsigning figured out. It turns out that the pgp_create_traditional setting did not do what I expected. After re-reading the man page, I think it might be because I'm using ISO-8859-1 instead of the US-ASCII character set. In any case, I found a reliable workaround that's only two extra keystrokes. My response to the original post suggested using zip on Windows or tar on Linux to get all the files into a single archive. Tony - -- Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: Linux: the choice of a GNU Generation. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene 0x6C94239D iD8DBQE8uyabpCpg3WyUI50RApHBAJ96Bpkflu20HC1pJuhfMk8Srj2/VwCghwya A5LPM3M0co6uEsPqX/Rpuo8= =qLT/ -----END PGP SIGNATURE----- From wk@gnupg.org Mon Apr 15 23:17:02 2002 From: wk@gnupg.org (Werner Koch) Date: Mon Apr 15 22:17:02 2002 Subject: How do I achieve full compatibility In-Reply-To: <20020415113654.F701.ANDRIASH@telus.net> (Nick Andriash's message of "Mon, 15 Apr 2002 11:37:44 -0700") References: <20020415113654.F701.ANDRIASH@telus.net> Message-ID: <87u1qck96j.fsf@alberti.gnupg.de> On Mon, 15 Apr 2002 11:37:44 -0700, Nick Andriash said: > What about the --openpgp command? Will that not work? No, because PGP is not OpenPGP compatible. 1.0.7 will come with a --pgp6 switch to put all pgp 6 (and 7) workarounds under one conevenience option. Make sure that the option force-v3-sigs gets used (the default option files has this enabled). Werner From david.livingstone@unn.ac.uk Tue Apr 16 15:44:01 2002 From: david.livingstone@unn.ac.uk (David Livingstone) Date: Tue Apr 16 14:44:01 2002 Subject: Dignature verification problem Message-ID: <49C55B27AA8FD411A30300508BCF7B7001912063@catalina.unn.ac.uk> I am currently trying out GPG 1.0.6, by enacting the role of two dummyusers. Having encrypted and signed a message (using --sign and --encrypt), I can decrypt the message and verify the signature using the --decrypt command. However if I use the --verify command just to verify the signature, it fails with the error message "verify signatures failed : unexpected data". Why is this ? For information : * It makes no difference whether I use --sign before --encrypt or vice versa when I create the message whose signature is to be verified. * Memory is not locked, so I get 'using insecure memory' messages occuring. * Everything relating to trust has been ignored, so there is no valid trust path to the key; a fingerprint is generated by --decrypt. David Livingstone From JanuszA.Urbanowicz Tue Apr 16 15:56:02 2002 From: JanuszA.Urbanowicz (JanuszA.Urbanowicz) Date: Tue Apr 16 14:56:02 2002 Subject: Dignature verification problem In-Reply-To: <49C55B27AA8FD411A30300508BCF7B7001912063@catalina.unn.ac.uk> from David Livingstone at "Apr 16, 2002 01:49:07 pm" Message-ID: David Livingstone wrote/napisa=B3[a]/schrieb: > However if I use the --verify command just to verify the signature, it fa= ils > with the error message "verify signatures failed : unexpected data". Why= is > this ? You can't verify signature without decrypting the message, the signature is within the encrypted part. Alex --=20 C _-=3D-_ H Janusz A. Urbanowicz, stomil at jabber.org, PGP 0x21939169 *= =09 ; (_O : ----------------------------------------------------------- --+~|= =09 ! &~) ? P=B3yn=B1=E6 chc=EA na Wsch=F3d, za Suez, gdzie jest dobrem ka=BF= de z=B3o l_|/=09 A ~-=3D-~ O Gdzie przykaza=F1 brak dziesi=EAciu, a pi=E6 mo=BFna a=BF po dn= o; | =20 From huber@alum.wpi.edu Tue Apr 16 20:18:02 2002 From: huber@alum.wpi.edu (Josh Huber) Date: Tue Apr 16 19:18:02 2002 Subject: 1024 or 2048?? In-Reply-To: <31031409162800.00705@carpathia> (Michael Anckaert's message of "Fri, 14 Mar 2031 17:41:41 +0100") References: <01b201c1e1d6$6abebaa0$ede3c23f@KR6X.ORG> <20020412160307.O2870@regdp-02.intint.registriesltd.com.au> <31031409162800.00705@carpathia> Message-ID: <87662ra7dv.fsf@alum.wpi.edu> Michael Anckaert writes: > if they really want to get to your data, they can break a 4096 bits > key in about 7-8 months. But they wont do that unless you're a > really big guy named osamma... After all it will take all their > resources they have to break in such a short time span. huh? do you know something we don't know, or are you just speculating? If you are, where did the 7-8 month timeframe come from? (fabrication?) -- Josh Huber From rmalayter@bai.org Tue Apr 16 20:43:02 2002 From: rmalayter@bai.org (Ryan Malayter) Date: Tue Apr 16 19:43:02 2002 Subject: 1024 or 2048?? Message-ID: <22FD1855C2B16C40A1F6DE406420021E0187F9BD@mail.bai.org> Bruce Schneier's most recent Crypto-Gram newsletter gives and interesting insight on this subject. See: http://www.counterpane.com/crypto-gram-0204.html -----Original Message----- From: Josh Huber [mailto:huber@alum.wpi.edu] Sent: Tuesday, April 16, 2002 12:19 PM To: manckaert@belgacom.net Cc: gnupg-users@gnupg.org Subject: Re: 1024 or 2048?? Michael Anckaert writes: > if they really want to get to your data, they can break a 4096 bits > key in about 7-8 months. But they wont do that unless you're a > really big guy named osamma... After all it will take all their > resources they have to break in such a short time span. huh? do you know something we don't know, or are you just speculating? If you are, where did the 7-8 month timeframe come from? (fabrication?) -- Josh Huber _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users From manckaert@belgacom.net Tue Apr 16 21:24:01 2002 From: manckaert@belgacom.net (Michael Anckaert) Date: Tue Apr 16 20:24:01 2002 Subject: keyserver index Message-ID: <31031820505400.01335@carpathia> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, I would like to know if there is an index file of the available pgp keyservers somewhere. If there isn't one, would it be of any use use if I would maintain one? Maybe it can be usefull to newbies or if you can't find a certain key on a server. - -- LINUX: The Choice of a GNU Generation... - ---------------------------------------------- Michael Anckaert manckaert@belgacom.net http://galileo.spaceports.com/~xantor Public gpg key: xantor Public gpg key-id: 360AC4A6 - ---------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAnMiVS0ACgkQ+99tlzYKxKZPfgCgi6dJZOBKm6pGC3G0wvo2uhSF IEIAn1kmxOkfnxYc3yyPWP4oklFQHT3+ =vtY0 -----END PGP SIGNATURE----- From alf@matchups.com Wed Apr 17 00:26:01 2002 From: alf@matchups.com (Alan Frank) Date: Tue Apr 16 23:26:01 2002 Subject: Encrypting in a directory In-Reply-To: Message-ID: In Windows, first put your passphrase in a file, say passphrase.txt. Then (all on one line, and caution: I have not tested this), for %i in (*.* ) do gpg --passphrase-fd 0 -o gpg\%i --symmetric %i < passphrase.txt The DOS for command will execute a line for multiple files, substituting the filename for %i throughout. The --passphrase-fd 0 will read the passphrase from standard input, which is redirected later with < . -o sets the output file to a subdirectory (which you should create first) so that the for command will not attempt to call gpg for the newly-created .gpg files I'm confident that Linux/Unix, etc. have a similar command, but due to the exigencies of employment, I'm not as familiar with them as with MSW. --Alan Frank Edmund Lindmayer wrote: > I want to encrypt a all files in a directory with gpg --symmetric in a > single pass. Is this possible, and how to do it? From sbutler@fchn.com Wed Apr 17 01:21:02 2002 From: sbutler@fchn.com (Steve Butler) Date: Wed Apr 17 00:21:02 2002 Subject: Encrypting in a directory Message-ID: <9A86613AB85FF346BB1321840DB42B4B67D662@jupiter.fchn.com> It's very close in *NIX: for i in * do gpg --passphrase-fd 0 -o gpg_save/$i --symmetric $i < passphrase.txt done This presumes that gpg_save is a subdirectory to the directory where this runs. This gives one file out for each file in. If the desire is a single encrypted file for all files in the directory then: tar -czf my_dir.tar . gpg --passphrase-fd 0 -o my_dir.tar.pgp -- symmetric my_dir.tar < passphrase.txt I am presuming that a *doze user would use PKZIP or equivalent instead of tar. --Steve -----Original Message----- From: Alan Frank [mailto:alf@matchups.com] Sent: Tuesday, April 16, 2002 2:27 PM To: gnupg-users@gnupg.org Subject: Encrypting in a directory In Windows, first put your passphrase in a file, say passphrase.txt. Then (all on one line, and caution: I have not tested this), for %i in (*.* ) do gpg --passphrase-fd 0 -o gpg\%i --symmetric %i < passphrase.txt The DOS for command will execute a line for multiple files, substituting the filename for %i throughout. The --passphrase-fd 0 will read the passphrase from standard input, which is redirected later with < . -o sets the output file to a subdirectory (which you should create first) so that the for command will not attempt to call gpg for the newly-created .gpg files I'm confident that Linux/Unix, etc. have a similar command, but due to the exigencies of employment, I'm not as familiar with them as with MSW. --Alan Frank Edmund Lindmayer wrote: > I want to encrypt a all files in a directory with gpg --symmetric in a > single pass. Is this possible, and how to do it? _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. From jharris@widomaker.com Wed Apr 17 04:56:02 2002 From: jharris@widomaker.com (Jason Harris) Date: Wed Apr 17 03:56:02 2002 Subject: biglumber.com/keysignings + dns-loc Message-ID: <20020417015616.GA3833@p5.widomaker.com> --82I3+IH0IqGh5yIs Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable For anyone participating in keysignings, http://www.biglumber.com/ is an excellent site. Thanks Greg! I have thought about using dns-loc as another way to specify locations dealing with keysignings. For more information, visit: http://www.ckdhr.com/dns-loc/ Thanks Christopher! --=20 Jason Harris jharris@widomaker.com --82I3+IH0IqGh5yIs Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE8vNY/SypIl9OdoOMRAmcZAJ4unYcBgjF4I6xKex84lSvidwAU/QCeK+G4 OB+rzmGG5enpNHxyeJ4KWTk= =xIev -----END PGP SIGNATURE----- --82I3+IH0IqGh5yIs-- From helmut_heinkel@non.hp.com Wed Apr 17 07:14:02 2002 From: helmut_heinkel@non.hp.com (HEINKEL,HELMUT (Non-HP-Germany,ex1)) Date: Wed Apr 17 06:14:02 2002 Subject: decryption failed Message-ID: <49A780A7FB3A6D46B7387656DA7CEE92535D6C@lessing.bbn.hp.com> Hello, I tried to decrypt a file with the command: gpg --decrypt gpg.txt I got a message: gpg: Warning: using insecure memory! gpg: encrypted with 2048-bit ELG-E key, ID 6A7E44E2, created 2001-12-03 "HP homeworkers " gpg: decryption failed: secret key not available =20 The file was encrypted on Windows, in the file I found: Version: PGPfreeware 7.0.3 for non-commercial use Is this a problem of IDEA? =20 Best regards **************************************** Helmut Heinkel Have a nice day! /)/) =3D(=B0=B0)=3D ,,(")("),,, **************************************** From agreene@pobox.com Wed Apr 17 08:31:01 2002 From: agreene@pobox.com (Anthony E. Greene) Date: Wed Apr 17 07:31:01 2002 Subject: decryption failed In-Reply-To: <49A780A7FB3A6D46B7387656DA7CEE92535D6C@lessing.bbn.hp.com>; from helmut_heinkel@non.hp.com on Wed, Apr 17, 2002 at 06:15:05AM +0200 References: <49A780A7FB3A6D46B7387656DA7CEE92535D6C@lessing.bbn.hp.com> Message-ID: <20020417013235.A22271@cp5340> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Apr 17, 2002 at 06:15:05AM +0200, HEINKEL,HELMUT (Non-HP-Germany,ex1) wrote: >I tried to decrypt a file with the command: >gpg --decrypt gpg.txt > >I got a message: > >gpg: Warning: using insecure memory! >gpg: encrypted with 2048-bit ELG-E key, ID 6A7E44E2, created 2001-12-03 > "HP homeworkers " >gpg: decryption failed: secret key not available ^^^^^^^^^^^^^^^^^^^^^^^^ >The file was encrypted on Windows, in the file I found: >Version: PGPfreeware 7.0.3 for non-commercial use >Is this a problem of IDEA? It probably means just what it says; that you don't have the required secret key (0x6A7E44E2). Tony - -- Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: Linux. The choice of a GNU generation -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene 0x6C94239D iD8DBQE8vQjvpCpg3WyUI50RAlhdAJ9pi6VweEYuOvPvZ51TLGeHIIy1YgCeKN5K TsqQyF93FWRmXyVGlKFwLkM= =YbTr -----END PGP SIGNATURE----- From lists.ASkwar@DigitalProjects.com Wed Apr 17 12:47:01 2002 From: lists.ASkwar@DigitalProjects.com (Alexander Skwar) Date: Wed Apr 17 11:47:01 2002 Subject: Encrypting in a directory In-Reply-To: <9A86613AB85FF346BB1321840DB42B4B67D662@jupiter.fchn.com> References: <9A86613AB85FF346BB1321840DB42B4B67D662@jupiter.fchn.com> Message-ID: <20020417094816.GG371@teich.Garten.DigitalProjects.com> =BBSteve Butler=AB sagte am 2002-04-16 um 15:21:13 -0700 : > tar -czf my_dir.tar . Strange name for a gzip'ped tar file, don't you think? ;) I'd rather use my_dir.tar.gz or even use bzip2: tar cjf my_dir.tar.bz2 . However, this will only work on GNU tar, I suppose. Alexander Skwar --=20 How to quote: http://learn.to/quote (german) http://quote.6x.to (english) Homepage: http://www.iso-top.de | Jabber: askwar@charente.de iso-top.de - Die g=FCnstige Art an Linux Distributionen zu kommen Uptime: 2 days 15 hours 7 minutes From sbutler@fchn.com Wed Apr 17 17:25:02 2002 From: sbutler@fchn.com (Steve Butler) Date: Wed Apr 17 16:25:02 2002 Subject: Encrypting in a directory Message-ID: <9A86613AB85FF346BB1321840DB42B4B67D66C@jupiter.fchn.com> As in the old west, if you can't wipe out your tracks make them look = like you are going somewhere else.=20 -----Original Message----- From: Alexander Skwar [mailto:lists.ASkwar@DigitalProjects.com] Sent: Wednesday, April 17, 2002 2:48 AM To: Steve Butler Cc: 'Alan Frank'; gnupg-users@gnupg.org Subject: Re: Encrypting in a directory =BBSteve Butler=AB sagte am 2002-04-16 um 15:21:13 -0700 : > tar -czf my_dir.tar . Strange name for a gzip'ped tar file, don't you think? ;) I'd rather use my_dir.tar.gz or even use bzip2: tar cjf my_dir.tar.bz2 . However, this will only work on GNU tar, I suppose. Alexander Skwar --=20 How to quote: http://learn.to/quote (german) http://quote.6x.to = (english) Homepage: http://www.iso-top.de | Jabber: askwar@charente.de iso-top.de - Die g=FCnstige Art an Linux Distributionen zu kommen Uptime: 2 days 15 hours 7 minutes CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, = is for the sole use of the intended recipient(s) and may contain = confidential and privileged information. Any unauthorized review, use, = disclosure or distribution is prohibited. If you are not the intended = recipient, please contact the sender by reply e-mail and destroy all = copies of the original message. From ivshekar@netcontinuum.com Wed Apr 17 18:15:01 2002 From: ivshekar@netcontinuum.com (Chandrasekhar I.V.) Date: Wed Apr 17 17:15:01 2002 Subject: verifying rsa signatures Message-ID: <3CBD93FE.C95E286B@netcontinuum.com> Does gnupg-1.0.6 have the support for verifying signatures generated thru RSA encryption of SHA1 hases? I dont see how i can specify a RSA public key to verify a digital signature generated by RSA. "gpg --import" doesnt allow me to import RSA public keys. My "gpg --version" however shows "PubKey RSA,...." Also the "gpg --gen-key" shows me no "RSA"option for the kind of key i want! ( i see only DSA&ElGamal, DSA and ElGamal options). The gnupg faq however says that RSA is included frm gnupg-1.0.3 and above versions! Anyone can help me out? thanks sekhar. From sbutler@fchn.com Wed Apr 17 18:33:01 2002 From: sbutler@fchn.com (Steve Butler) Date: Wed Apr 17 17:33:01 2002 Subject: verifying rsa signatures Message-ID: <9A86613AB85FF346BB1321840DB42B4B67D672@jupiter.fchn.com> I have imported RSA public keys sent to me by others using gpg --import. -----Original Message----- From: Chandrasekhar I.V. [mailto:ivshekar@netcontinuum.com] Sent: Wednesday, April 17, 2002 8:26 AM To: gnupg-users@gnupg.org Subject: verifying rsa signatures Does gnupg-1.0.6 have the support for verifying signatures generated thru RSA encryption of SHA1 hases? I dont see how i can specify a RSA public key to verify a digital signature generated by RSA. "gpg --import" doesnt allow me to import RSA public keys. My "gpg --version" however shows "PubKey RSA,...." Also the "gpg --gen-key" shows me no "RSA"option for the kind of key i want! ( i see only DSA&ElGamal, DSA and ElGamal options). The gnupg faq however says that RSA is included frm gnupg-1.0.3 and above versions! Anyone can help me out? thanks sekhar. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. From kuddel@informatik.uni-siegen.de Wed Apr 17 18:38:01 2002 From: kuddel@informatik.uni-siegen.de (Holger Schulz) Date: Wed Apr 17 17:38:01 2002 Subject: Error Message-ID: <44FB2CBC-5219-11D6-A900-00039381CB74@informatik.uni-siegen.de> Trying to decrypt a message of type -----BEGIN PGP MESSAGE----- Version: PGPfreeware 6.0.2i [...] -----END PGP MESSAGE----- I got the error message cipher algorithm 1 is unknown or disabled. I did not disable any algorithm. MacGPG is only useful if I can communicate with people who use PGP. As I understood that should be compatible. Thank you in advance. hs P.S,: My configuration: Powermac G4, MacOS X 10.1.3 (Build 5Q110), MacGPG 1.0.6 P.S.2: Could I get an CC: answer, please? Thanks hs From johanw@vulcan.xs4all.nl Wed Apr 17 18:47:02 2002 From: johanw@vulcan.xs4all.nl (Johan Wevers) Date: Wed Apr 17 17:47:02 2002 Subject: How do I achieve full compatibility In-Reply-To: <87u1qck96j.fsf@alberti.gnupg.de> from Werner Koch at "Apr 15, 2002 10:18:12 pm" Message-ID: <200204161848.UAA01290@vulcan.xs4all.nl> Werner Koch wrote: > No, because PGP is not OpenPGP compatible. 1.0.7 will come with a > --pgp6 switch to put all pgp 6 (and 7) workarounds under one > conevenience option. Nice (almost as nice as the --pgp2 switch - BTW, does the later complain when the idea plugin is not installed?). BTW, when do you expect 1.0.7? The last date I saw in this mailing list was near the end of march. -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From ivshekar@netcontinuum.com Wed Apr 17 19:14:01 2002 From: ivshekar@netcontinuum.com (Chandrasekhar I.V.) Date: Wed Apr 17 18:14:01 2002 Subject: verifying rsa signatures References: <9A86613AB85FF346BB1321840DB42B4B67D672@jupiter.fchn.com> Message-ID: <3CBDA1BC.6B65AC78@netcontinuum.com> Well, this is wht i get when i tried to import a RSA public key. >> gpg --import pub.pem gpg: Warning: using insecure memory! gpg: no valid OpenPGP data found. gpg: Total number processed: 0 Note that pub.pem is my RSA public key extracted frm a RSA private key.pem that i used to create the .sig file using RSA digital signature algo. Its not a pgp public key and it is created thru genrsa frm openssl. and i now want to verify this .sig using gpg tools. Does anything special need to be done enable RSA operations? Do we have to do sth to the .gnupg/options file? And assuming this operation had succeeded, how do i specify the rsa pubkey that i want to verify the rsa signature with? I see that "gnupg -verify x.sig x.txt" doesnt have the option to take in a specified key. Basically, can we, using gpg tools, verify the signatures generated thru RSA private key using, say, openssl rsa sign generation utilities? If we can, then can somebody guide me thru the steps please? thanks sekhar. Steve Butler wrote: > I have imported RSA public keys sent to me by others using gpg --import. > > -----Original Message----- > From: Chandrasekhar I.V. [mailto:ivshekar@netcontinuum.com] > Sent: Wednesday, April 17, 2002 8:26 AM > To: gnupg-users@gnupg.org > Subject: verifying rsa signatures > > Does gnupg-1.0.6 have the support for verifying signatures generated > thru RSA encryption of SHA1 hases? > I dont see how i can specify a RSA public key to verify a digital > signature generated by RSA. "gpg --import" doesnt allow me to import RSA > public keys. My "gpg --version" however shows "PubKey RSA,...." > Also the "gpg --gen-key" shows me no "RSA"option for the kind of key i > want! ( i see only DSA&ElGamal, DSA and ElGamal options). > The gnupg faq however says that RSA is included frm gnupg-1.0.3 and > above versions! > > Anyone can help me out? > > thanks > sekhar. > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. From sbutler@fchn.com Wed Apr 17 19:18:01 2002 From: sbutler@fchn.com (Steve Butler) Date: Wed Apr 17 18:18:01 2002 Subject: verifying rsa signatures Message-ID: <9A86613AB85FF346BB1321840DB42B4B67D673@jupiter.fchn.com> I'm not familiar with openssl. Can it export a public key into OpenPGP format? It sounds like the pub.pem is not in the correct format. Can you paste this to a public keyserver and have it downloadable? -----Original Message----- From: Chandrasekhar I.V. [mailto:ivshekar@netcontinuum.com] Sent: Wednesday, April 17, 2002 9:24 AM To: Steve Butler Cc: gnupg-users@gnupg.org Subject: Re: verifying rsa signatures Well, this is wht i get when i tried to import a RSA public key. >> gpg --import pub.pem gpg: Warning: using insecure memory! gpg: no valid OpenPGP data found. gpg: Total number processed: 0 Note that pub.pem is my RSA public key extracted frm a RSA private key.pem that i used to create the .sig file using RSA digital signature algo. Its not a pgp public key and it is created thru genrsa frm openssl. and i now want to verify this .sig using gpg tools. Does anything special need to be done enable RSA operations? Do we have to do sth to the .gnupg/options file? And assuming this operation had succeeded, how do i specify the rsa pubkey that i want to verify the rsa signature with? I see that "gnupg -verify x.sig x.txt" doesnt have the option to take in a specified key. Basically, can we, using gpg tools, verify the signatures generated thru RSA private key using, say, openssl rsa sign generation utilities? If we can, then can somebody guide me thru the steps please? thanks sekhar. Steve Butler wrote: > I have imported RSA public keys sent to me by others using gpg --import. > > -----Original Message----- > From: Chandrasekhar I.V. [mailto:ivshekar@netcontinuum.com] > Sent: Wednesday, April 17, 2002 8:26 AM > To: gnupg-users@gnupg.org > Subject: verifying rsa signatures > > Does gnupg-1.0.6 have the support for verifying signatures generated > thru RSA encryption of SHA1 hases? > I dont see how i can specify a RSA public key to verify a digital > signature generated by RSA. "gpg --import" doesnt allow me to import RSA > public keys. My "gpg --version" however shows "PubKey RSA,...." > Also the "gpg --gen-key" shows me no "RSA"option for the kind of key i > want! ( i see only DSA&ElGamal, DSA and ElGamal options). > The gnupg faq however says that RSA is included frm gnupg-1.0.3 and > above versions! > > Anyone can help me out? > > thanks > sekhar. > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. From ivshekar@netcontinuum.com Wed Apr 17 19:40:01 2002 From: ivshekar@netcontinuum.com (Chandrasekhar I.V.) Date: Wed Apr 17 18:40:01 2002 Subject: verifying rsa signatures References: <9A86613AB85FF346BB1321840DB42B4B67D673@jupiter.fchn.com> Message-ID: <3CBDA7D4.19CCFAEF@netcontinuum.com> Steve Butler wrote: > I'm not familiar with openssl. Can it export a public key into OpenPGP > format? It sounds like the pub.pem is not in the correct format. Can you > paste this to a public keyserver and have it downloadable? > - i guess openssl doesnt know the pgp format. I couldnt find any openssl's rsa utility to convert the rsa public key to OpenPGP format. Since i noticed in the gpg faq and my "gpg --version" that gpg has RSA support, i thought we should be able to verify the signatures generated by RSA algo using the rsa public key (i guess this is pkcs#1 format). Thats when i stumbled upon this that gpg doesnt allow me to import anything other than a key which is in open pgp format. So can we at all verify the rsa digital signature by using gpg -verify??! btw heres my pub.pem -----BEGIN PUBLIC KEY----- MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALUH5iVmecS7Rob2749Rj9A5guCepRoY 56ifd3pO8qpAPFGc9MrMQfwK9wLcFOJrTU4NB/K6U4W7SC6tOt9br1kCAwEAAQ== -----END PUBLIC KEY----- and the corresponding RSA private key -----BEGIN RSA PRIVATE KEY----- MIIBOgIBAAJBALUH5iVmecS7Rob2749Rj9A5guCepRoY56ifd3pO8qpAPFGc9MrM QfwK9wLcFOJrTU4NB/K6U4W7SC6tOt9br1kCAwEAAQJAN4hcyUxOPlNUp0JI6qYS f8WkqFMCQqcxKUEB3bsqJZ9arz0h/B/DkVsGt3/Bbog8RLtv3Thpo/Z4hkslpq6x IQIhAOCc8+BiUnUDCP3ruGEI6M5g8uXiARJQfkMvFTlEwxxDAiEAzlPi0xffxtih gD12TrbaRba1BOwL/OYvg/hQcW8k2jMCIDQpvyl5LBUoo0n1GFjQrOBg+4gPuJf8 QZZwtMkcAwPpAiEAlQHcFBtvzwlwSU8Z++ruY955iN54IeKTejmAzws3kCUCIDw1 hRDJqzHSjXD1GJvslfDUk+d5yZR3w6s/ytacrEOs -----END RSA PRIVATE KEY----- > > -----Original Message----- > From: Chandrasekhar I.V. [mailto:ivshekar@netcontinuum.com] > Sent: Wednesday, April 17, 2002 9:24 AM > To: Steve Butler > Cc: gnupg-users@gnupg.org > Subject: Re: verifying rsa signatures > > Well, this is wht i get when i tried to import a RSA public key. > >> gpg --import pub.pem > gpg: Warning: using insecure memory! > gpg: no valid OpenPGP data found. > gpg: Total number processed: 0 > > Note that pub.pem is my RSA public key extracted frm a RSA private key.pem > that i used to create the .sig file using RSA digital signature algo. Its > not a pgp public key and it is created thru genrsa frm openssl. and i now > want to verify this .sig using gpg tools. > Does anything special need to be done enable RSA operations? Do we have to > do sth to the .gnupg/options file? > And assuming this operation had succeeded, how do i specify the rsa pubkey > that i want to verify the rsa signature with? I see that "gnupg -verify > x.sig x.txt" doesnt have the option to take in a specified key. > > Basically, can we, using gpg tools, verify the signatures generated thru RSA > private key using, say, openssl rsa sign generation utilities? If we can, > then can somebody guide me thru the steps please? > > thanks > sekhar. > > Steve Butler wrote: > > > I have imported RSA public keys sent to me by others using gpg --import. > > > > -----Original Message----- > > From: Chandrasekhar I.V. [mailto:ivshekar@netcontinuum.com] > > Sent: Wednesday, April 17, 2002 8:26 AM > > To: gnupg-users@gnupg.org > > Subject: verifying rsa signatures > > > > Does gnupg-1.0.6 have the support for verifying signatures generated > > thru RSA encryption of SHA1 hases? > > I dont see how i can specify a RSA public key to verify a digital > > signature generated by RSA. "gpg --import" doesnt allow me to import RSA > > public keys. My "gpg --version" however shows "PubKey RSA,...." > > Also the "gpg --gen-key" shows me no "RSA"option for the kind of key i > > want! ( i see only DSA&ElGamal, DSA and ElGamal options). > > The gnupg faq however says that RSA is included frm gnupg-1.0.3 and > > above versions! > > > > Anyone can help me out? > > > > thanks > > sekhar. > > > > _______________________________________________ > > Gnupg-users mailing list > > Gnupg-users@gnupg.org > > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > > > CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, > is for the sole use of the intended recipient(s) and may contain > confidential and privileged information. Any unauthorized review, use, > disclosure or distribution is prohibited. If you are not the intended > recipient, please contact the sender by reply e-mail and destroy all copies > of the original message. > > CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. From sbutler@fchn.com Wed Apr 17 19:57:02 2002 From: sbutler@fchn.com (Steve Butler) Date: Wed Apr 17 18:57:02 2002 Subject: verifying rsa signatures Message-ID: <9A86613AB85FF346BB1321840DB42B4B67D674@jupiter.fchn.com> I'd never show my private key. Note, I did try to import BOTH your public and private keys!! Lucky for you that they are not in the OpenPG format. But somebody else may have openssl. So, you should consider your private key compromised at this point. Here is an export of a public RSA key. Note: Since this isn't my public key I have modified it in a few places so it will not be loadable. But, you can see that the format is different. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.0.6-2 (MingW32) mQENAzdAOQMAAAEIANQO/87tx+TG9ycFor672tB1LCGfuV4zziOBVoaD4E1SoDtH sD4wGSCTMObxoL7MsWjWb4WLCSJcKoHsATkrXuqBMD1gO1MFFYfEPubC3bpzFczz VCrUys3b0W//zysRyRI0fwqIxbdNewnDK2ZZJcIGUxtZVTGYqUC2+LuOUVOQgEGG Cx5zS2+5Ll2snQuu8FMYwpoE8AT/ZNaAR7aZAQ7nGZp+0THkxgMjaLcAi1krPACM A3wwFg6Rm9UebUyRoXitVM9i6Ym/3DRJ6WkwTSkaCyJ2izT60nJoLcOCASDKpStY YBLa/hRn+qr9E8/Sd/8QwmDs95UM+Qtp6cy9bjMABRG0JUhhbGluZnQxIENsaWVu dCA8aGFsaW5mdDFAaGV3aXR0LmNvbTFJARUDBRA3QDkD+Qtp6cy9bjMBAW4qCACf Dh8eNze3tTJ3gJG/DaamQHFGwQ5KKwIcm4lRaMo9jxTCp0onLm500KP62+GjKFXJ NdNxkJiH8MuRdrY7W+cgXsGzwcUnc/mFocYWCplV+swRdoKxKOnmw4ix9HU/ZBwg 4vqFXTSbEmGwOr3anNtQeMTrxzlOwEMaY6GX3cY9ScWa5FwCYiPUmo2zuV+6ycuv x0XGz3jd98nK3YS353ckgSyki1fxDd0f9xhpyuaK2ggiYfX/7FJAhsfjTf8sfRAY q4BTv80lD9LAFVM3ZBg2F/bzs9M-bsIwaJmqqwhIyvtA9jlHfB7SoRIE+0o/DZWD YBwUVkqlgidlZeT8hhS0 =TOUR -----END PGP PUBLIC KEY BLOCK----- -----Original Message----- From: Chandrasekhar I.V. [mailto:ivshekar@netcontinuum.com] Sent: Wednesday, April 17, 2002 9:50 AM To: Steve Butler Cc: gnupg-users@gnupg.org Subject: Re: verifying rsa signatures Steve Butler wrote: > I'm not familiar with openssl. Can it export a public key into OpenPGP > format? It sounds like the pub.pem is not in the correct format. Can you > paste this to a public keyserver and have it downloadable? > - i guess openssl doesnt know the pgp format. I couldnt find any openssl's rsa utility to convert the rsa public key to OpenPGP format. Since i noticed in the gpg faq and my "gpg --version" that gpg has RSA support, i thought we should be able to verify the signatures generated by RSA algo using the rsa public key (i guess this is pkcs#1 format). Thats when i stumbled upon this that gpg doesnt allow me to import anything other than a key which is in open pgp format. So can we at all verify the rsa digital signature by using gpg -verify??! btw heres my pub.pem -----BEGIN PUBLIC KEY----- MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALUH5iVmecS7Rob2749Rj9A5guCepRoY 56ifd3pO8qpAPFGc9MrMQfwK9wLcFOJrTU4NB/K6U4W7SC6tOt9br1kCAwEAAQ== -----END PUBLIC KEY----- and the corresponding RSA private key [snip] CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. From pta@psaconsultants.com Wed Apr 17 20:05:02 2002 From: pta@psaconsultants.com (Peter T. Abplanalp) Date: Wed Apr 17 19:05:02 2002 Subject: verifying rsa signatures In-Reply-To: <9A86613AB85FF346BB1321840DB42B4B67D674@jupiter.fchn.com> References: <9A86613AB85FF346BB1321840DB42B4B67D674@jupiter.fchn.com> Message-ID: <20020417170544.GA30807@psaconsultants.com> --SLDf9lqlvOQaIe6s Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Apr 17, 2002 at 09:57:53AM -0700, Steve Butler wrote: > I'd never show my private key. Note, I did try to import BOTH your public > and private keys!! Lucky for you that they are not in the OpenPG format. > But somebody else may have openssl. So, you should consider your private > key compromised at this point. that isn't true, is it? you would have to know tha pass phrase and if it was sufficiently long and random, the private key would do you no good. --=20 Peter Abplanalp Email: pta@psaconsultants.com PGP: pgp.mit.edu --SLDf9lqlvOQaIe6s Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8vatnggA8sH0iRXQRAvgjAKCz9wWrR+SC6iWR8LeKafkQkdNPDQCgn68P 8ZMF/1aRzQN0t2xD0dUJdRo= =AyuU -----END PGP SIGNATURE----- --SLDf9lqlvOQaIe6s-- From dshaw@jabberwocky.com Wed Apr 17 20:05:05 2002 From: dshaw@jabberwocky.com (David Shaw) Date: Wed Apr 17 19:05:05 2002 Subject: Error In-Reply-To: <44FB2CBC-5219-11D6-A900-00039381CB74@informatik.uni-siegen.de> References: <44FB2CBC-5219-11D6-A900-00039381CB74@informatik.uni-siegen.de> Message-ID: <20020417170614.GC665@akamai.com> On Wed, Apr 17, 2002 at 05:39:13PM +0200, Holger Schulz wrote: > I got the error message > > > cipher algorithm 1 is unknown or disabled. > > I did not disable any algorithm. MacGPG is only useful if I can > communicate with people who use PGP. As I understood that should be > compatible. The problem is you do not have the IDEA cipher installed. Read: http://macgpg.sourceforge.net/docs/howto-install-IDEA.txt.asc David -- David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +---------------------------------------------------------------------------+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson From cwsiv_home1@juno.com Wed Apr 17 20:07:01 2002 From: cwsiv_home1@juno.com (carl w spitzer) Date: Wed Apr 17 19:07:01 2002 Subject: Encrypt a whole directory in a single pass Message-ID: <20020417.100530.15631.0.cwsiv_home1@juno.com> As i remember there is a cross compatibility between TAR & WINZIP and between *ZIP & GZIP. There may even be TAR for Winblows if not it may be time to LILO as I do between the two OS. Find your local Linux Users group they can get you setup. SUSE 8 is due out 4-22. o _______________________________ o _____ | CWSIV_HOME1@JUNO.COM | .][__n_n_|DD[ ====_____ | M A R K L I N T R A I N S | > (________|__|_[_________]_|___________________________| _/oo OOOOO oo` ooo ooo 'o!o!o o!o!o` --------- Begin forwarded message ---------- From: "Anthony E. Greene" -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, Apr 15, 2002 at 02:20:47PM +0200, Edmund Lindmayer wrote: >I want to encrypt a all files in a directory with gpg --symmetric in a >single pass. Is this possible, and how to do it? On Windows, you will probably have to zip the directory first. On Linux, I recommend tar instead, because it keeps the permissions and ownership. Tony - -- Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: Linux. The choice of a GNU generation ________________________________________________________________ GET INTERNET ACCESS FROM JUNO! Juno offers FREE or PREMIUM Internet access for less! Join Juno today! For your FREE software, visit: http://dl.www.juno.com/get/web/. From cwsiv_home1@juno.com Wed Apr 17 20:08:01 2002 From: cwsiv_home1@juno.com (carl w spitzer) Date: Wed Apr 17 19:08:01 2002 Subject: Portable USE PGP/GNUPG Message-ID: <20020417.100530.15631.1.cwsiv_home1@juno.com> Actually I was hoping to run from CD but according to you I would have to install on each machine and for school reinstall because of weekly GHOSTing. That last is what I was hoping to avoid. o _______________________________ o _____ | CWSIV_HOME1@JUNO.COM | .][__n_n_|DD[ ====_____ | M A R K L I N T R A I N S | > (________|__|_[_________]_|___________________________| _/oo OOOOO oo` ooo ooo 'o!o!o o!o!o` --------- Begin forwarded message ---------- From: "Anthony E. Greene" -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, Apr 14, 2002 at 06:10:05PM -0700, carl w spitzer wrote: >Now that i have a burner can I setup either one or both programs to run >from CD assuming that the CDR at home has a different drive designation >than I would find on the road? I think GnuPG will run from a floppy if your keyrings are small. I think PGP has to be installed because of the DLLs it uses. Tony - -- Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: Linux. The choice of a GNU generation ________________________________________________________________ GET INTERNET ACCESS FROM JUNO! Juno offers FREE or PREMIUM Internet access for less! Join Juno today! For your FREE software, visit: http://dl.www.juno.com/get/web/. From ivshekar@netcontinuum.com Wed Apr 17 20:15:02 2002 From: ivshekar@netcontinuum.com (Chandrasekhar I.V.) Date: Wed Apr 17 19:15:02 2002 Subject: verifying rsa signatures References: <9A86613AB85FF346BB1321840DB42B4B67D674@jupiter.fchn.com> Message-ID: <3CBDB006.EC6A54C6@netcontinuum.com> Steve Butler wrote: > I'd never show my private key. Note, I did try to import BOTH your public > and private keys!! Lucky for you that they are not in the OpenPG format. > But somebody else may have openssl. So, you should consider your private > key compromised at this point. > -- well that was a temporary private/public pair that i generated specifically for experimental purpose, more specifically to check out if gpg does infact verify rsa digital signatures. So any hacker out there hoping to get sth out of this private key.. well bad luck ;) > Here is an export of a public RSA key. Note: Since this isn't my public > key I have modified it in a few places so it will not be loadable. But, you > can see that the format is different. > -- how did you generate this key? And is there any utility that converts RSA keys obtained frm openssl genrsa to the PGP versions? Also my "gpg --genkey" throws up the following options for key... gpg: Warning: using insecure memory! Please select what kind of key you want: (1) DSA and ElGamal (default) (2) DSA (sign only) (4) ElGamal (sign and encrypt) Your selection? Theres no RSA option! and my doubt still remains.. can we verify rsa digital signatures(obtained by RSA private key encryption of SHA1 hased messages in pkcs#1 format) using gpg tools?! Thanks sekhar. > > -----BEGIN PGP PUBLIC KEY BLOCK----- > Version: GnuPG v1.0.6-2 (MingW32) > > mQENAzdAOQMAAAEIANQO/87tx+TG9ycFor672tB1LCGfuV4zziOBVoaD4E1SoDtH > sD4wGSCTMObxoL7MsWjWb4WLCSJcKoHsATkrXuqBMD1gO1MFFYfEPubC3bpzFczz > VCrUys3b0W//zysRyRI0fwqIxbdNewnDK2ZZJcIGUxtZVTGYqUC2+LuOUVOQgEGG > Cx5zS2+5Ll2snQuu8FMYwpoE8AT/ZNaAR7aZAQ7nGZp+0THkxgMjaLcAi1krPACM > A3wwFg6Rm9UebUyRoXitVM9i6Ym/3DRJ6WkwTSkaCyJ2izT60nJoLcOCASDKpStY > YBLa/hRn+qr9E8/Sd/8QwmDs95UM+Qtp6cy9bjMABRG0JUhhbGluZnQxIENsaWVu > dCA8aGFsaW5mdDFAaGV3aXR0LmNvbTFJARUDBRA3QDkD+Qtp6cy9bjMBAW4qCACf > Dh8eNze3tTJ3gJG/DaamQHFGwQ5KKwIcm4lRaMo9jxTCp0onLm500KP62+GjKFXJ > NdNxkJiH8MuRdrY7W+cgXsGzwcUnc/mFocYWCplV+swRdoKxKOnmw4ix9HU/ZBwg > 4vqFXTSbEmGwOr3anNtQeMTrxzlOwEMaY6GX3cY9ScWa5FwCYiPUmo2zuV+6ycuv > x0XGz3jd98nK3YS353ckgSyki1fxDd0f9xhpyuaK2ggiYfX/7FJAhsfjTf8sfRAY > q4BTv80lD9LAFVM3ZBg2F/bzs9M-bsIwaJmqqwhIyvtA9jlHfB7SoRIE+0o/DZWD > YBwUVkqlgidlZeT8hhS0 > =TOUR > -----END PGP PUBLIC KEY BLOCK----- > > -----Original Message----- > From: Chandrasekhar I.V. [mailto:ivshekar@netcontinuum.com] > Sent: Wednesday, April 17, 2002 9:50 AM > To: Steve Butler > Cc: gnupg-users@gnupg.org > Subject: Re: verifying rsa signatures > > Steve Butler wrote: > > > I'm not familiar with openssl. Can it export a public key into OpenPGP > > format? It sounds like the pub.pem is not in the correct format. Can you > > paste this to a public keyserver and have it downloadable? > > > > - i guess openssl doesnt know the pgp format. I couldnt find any openssl's > rsa utility to convert the rsa public key to OpenPGP format. Since i > noticed in the gpg faq and my "gpg --version" that gpg has RSA support, i > thought we should be able to verify the signatures generated by RSA algo > using the rsa public key (i guess this is pkcs#1 format). > Thats when i stumbled upon this that gpg doesnt allow me to import anything > other than a key which is in open pgp format. So can we at all verify the > rsa digital signature by using gpg -verify??! > > btw heres my pub.pem > -----BEGIN PUBLIC KEY----- > MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALUH5iVmecS7Rob2749Rj9A5guCepRoY > 56ifd3pO8qpAPFGc9MrMQfwK9wLcFOJrTU4NB/K6U4W7SC6tOt9br1kCAwEAAQ== > -----END PUBLIC KEY----- > > and the corresponding RSA private key > > [snip] > > CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. From bart.martens@advalvas.be Wed Apr 17 20:15:06 2002 From: bart.martens@advalvas.be (Bart Martens) Date: Wed Apr 17 19:15:06 2002 Subject: keyserver index In-Reply-To: <31031820505400.01335@carpathia>; from manckaert@belgacom.net on Tue, Mar 18, 2031 at 08:50:53PM +0100 References: <31031820505400.01335@carpathia> Message-ID: <20020417193237.B1583@cable-195-162-214-68.upc.chello.be> On Tue, Mar 18, 2031 at 08:50:53PM +0100, Michael Anckaert wrote: > Hello, I would like to know if there is an index file of the available pgp > keyservers somewhere. If there isn't one, would it be of any use use if I > would maintain one? Maybe it can be usefull to newbies or if you can't find a > certain key on a server. There is such an index at http://www.pgpi.org/services/keys/keyservers/ From dshaw@jabberwocky.com Wed Apr 17 20:21:01 2002 From: dshaw@jabberwocky.com (David Shaw) Date: Wed Apr 17 19:21:01 2002 Subject: verifying rsa signatures In-Reply-To: <3CBDA1BC.6B65AC78@netcontinuum.com> References: <9A86613AB85FF346BB1321840DB42B4B67D672@jupiter.fchn.com> <3CBDA1BC.6B65AC78@netcontinuum.com> Message-ID: <20020417172157.GD665@akamai.com> On Wed, Apr 17, 2002 at 09:24:28AM -0700, Chandrasekhar I.V. wrote: > Well, this is wht i get when i tried to import a RSA public key. > >> gpg --import pub.pem > gpg: Warning: using insecure memory! > gpg: no valid OpenPGP data found. > gpg: Total number processed: 0 > > Note that pub.pem is my RSA public key extracted frm a RSA private > key.pem that i used to create the .sig file using RSA digital > signature algo. Its not a pgp public key and it is created thru > genrsa frm openssl. and i now want to verify this .sig using gpg > tools. PEM and PGP are not the same thing. While both use the RSA algorithm, nearly everything else is different. PEM keys and signatures are not directly usable by an OpenPGP program (and vice versa). David -- David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +---------------------------------------------------------------------------+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson From dshaw@jabberwocky.com Wed Apr 17 20:24:01 2002 From: dshaw@jabberwocky.com (David Shaw) Date: Wed Apr 17 19:24:01 2002 Subject: How do I achieve full compatibility In-Reply-To: <200204161848.UAA01290@vulcan.xs4all.nl> References: <87u1qck96j.fsf@alberti.gnupg.de> <200204161848.UAA01290@vulcan.xs4all.nl> Message-ID: <20020417172449.GE665@akamai.com> On Tue, Apr 16, 2002 at 08:48:30PM +0200, Johan Wevers wrote: > Werner Koch wrote: > > > No, because PGP is not OpenPGP compatible. 1.0.7 will come with a > > --pgp6 switch to put all pgp 6 (and 7) workarounds under one > > conevenience option. > > Nice (almost as nice as the --pgp2 switch - BTW, does the later complain > when the idea plugin is not installed?). If you try to use IDEA in 1.0.7 and the plugin is not installed, GnuPG prints: gpg: the IDEA cipher plugin is not present gpg: please see http://www.gnupg.org/why-not-idea.html for more information http://www.gnupg.org/why-not-idea.html has reasons not to use IDEA, and instructions on how to get it if the reasons don't apply to you. David -- David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +---------------------------------------------------------------------------+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson From sbutler@fchn.com Wed Apr 17 20:33:02 2002 From: sbutler@fchn.com (Steve Butler) Date: Wed Apr 17 19:33:02 2002 Subject: verifying rsa signatures Message-ID: <9A86613AB85FF346BB1321840DB42B4B67D677@jupiter.fchn.com> It got my heart pumping this morning anyway <>. That RSA key was generated by a client using PGP. It was shipped to me in the format I showed and I was able to import it into GnuPG. Can I verify digital signatures using gpg sent by this client? Yes. Does this client use "SHA1 hased messages in pkcs#1 format"? I don't know. Others will need to jump in here and help out regarding openssl. -----Original Message----- From: Chandrasekhar I.V. [mailto:ivshekar@netcontinuum.com] Sent: Wednesday, April 17, 2002 10:25 AM To: Steve Butler Cc: gnupg-users@gnupg.org Subject: Re: verifying rsa signatures [snip] CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. From athlonrobnf@cs.com Thu Apr 18 08:29:02 2002 From: athlonrobnf@cs.com (AthlonRob) Date: Thu Apr 18 07:29:02 2002 Subject: GPG Key Grabbing through a Proxy Message-ID: <001701c1e699$f4d180c0$7b00558b@robxp> ------=_NextPart_000_0014_01C1E65F.463D5230 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hi guys- I'm going nuts here. I can't get GPG to grab a key through my proxy and *re= ally* want this feature. If I can't get it working, I have to grab the keys= through PGP and FTP them over :-\ I'm running through a SOCKS4/5 proxy using tsocks. tsocks provides a seamle= ss connection through the proxy, in theory. In practice, it works for every= thing except GPG and my CS2K IMAP/SMTP servers. I've also tried running it through an HTTP proxy. When I export LD_PRELOAD=3D/lib/libtsocks.so before running it, I get the fo= llowing output: ~$ gpg --verify test.txt gpg: Warning: using insecure memory! gpg: Signature made Wed Apr 17 21:39:22 2002 PDT using DSA key ID XXXXXXXX gpg: requesting key XXXXXXXX from http://search.keyserver.net:11371 ... gpg: can't get key from keyserver: No such file or directory gpg: Can't check signature: public key not found If, instead of LD_PRELOAD, I use export http_proxy=3Drobxp:4480 (my HTTP pro= xy is at robxp, port 4480) I get this output: ~$ gpg --verify test.txt gpg: Warning: using insecure memory! gpg: Signature made Wed Apr 17 21:39:22 2002 PDT using DSA key ID XXXXXXXX gpg: requesting key XXXXXXXX from http://search.keyserver.net:11371 ... gpg: invalid $http_proxy: unsupported URI gpg: can't get key from keyserver: Operation not permitted gpg: Can't check signature: public key not found Which could mean I'm not setting my http proxy properly... lynx won't use it= , either. I'm really stumped. I could use some help if y'all have some ideas! :-) I'm running Slackware 8.1, the April 11th Beta (either Beta1 or halfway to B= eta2). I compiled GnuPG 1.0.6 myself from source and it works just fine so=20= long as I don't have to import the keys from keyservers! :-) Rob ------=_NextPart_000_0014_01C1E65F.463D5230 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable

Hi guys-
 
I'm going nuts here.  I can't get GPG=20= to grab=20 a key through my proxy and *really* want this feature.  If I can't get=20= it=20 working, I have to grab the keys through PGP and FTP them over =20 :-\
 
I'm running through a SOCKS4/5 proxy using=20 tsocks.  tsocks provides a seamless connection through the proxy, in=20 theory.  In practice, it works for everything except GPG and my CS2K=20 IMAP/SMTP servers.
 
I've also tried running it through an HTTP=20 proxy.
 
When I export LD_PRELOAD=3D/lib/libtsocks.s= o before=20 running it, I get the following output:
 
~$ gpg --verify test.txt
gpg: Warning: u= sing=20 insecure memory!
gpg: Signature made Wed Apr 17 21:39:22 2002 PDT using D= SA=20 key ID XXXXXXXX
gpg: requesting key XXXXXXXX from http://search.keyserver.net:11371=20 ...
gpg: can't get key from keyserver: No such file or directory
gpg:=20 Can't check signature: public key not found
If, instead of LD_PRELOAD, I use export=20 http_proxy=3Drobxp:4480 (my HTTP proxy is at robxp, port 4480) I get this=20 output:
 
~$ gpg --verify test.txt
gpg: Warning: u= sing=20 insecure memory!
gpg: Signature made Wed Apr 17 21:39:22 2002 PDT using D= SA=20 key ID XXXXXXXX
gpg: requesting key XXXXXXXX from http://search.keyserver.net:11371=20 ...
gpg: invalid $http_proxy: unsupported URI
gpg: can't get key from=20 keyserver: Operation not permitted
gpg: Can't check signature: public key= not=20 found
Which could mean I'm not setting my http pr= oxy=20 properly... lynx won't use it, either.
 
I'm really stumped.  I could use some=20= help if=20 y'all have some ideas!  :-)
 
I'm running Slackware 8.1, the April 11th B= eta=20 (either Beta1 or halfway to Beta2).  I compiled GnuPG 1.0.6 myself from= =20 source and it works just fine so long as I don't have to import the keys fro= m=20 keyservers!  :-)
 
Rob
------=_NextPart_000_0014_01C1E65F.463D5230-- From agreene@pobox.com Thu Apr 18 08:33:02 2002 From: agreene@pobox.com (Anthony E. Greene) Date: Thu Apr 18 07:33:02 2002 Subject: Encrypt a whole directory in a single pass In-Reply-To: <20020417.100530.15631.0.cwsiv_home1@juno.com>; from cwsiv_home1@juno.com on Wed, Apr 17, 2002 at 09:50:52AM -0700 References: <20020417.100530.15631.0.cwsiv_home1@juno.com> Message-ID: <20020418013406.E28910@cp5340> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Apr 17, 2002 at 09:50:52AM -0700, carl w spitzer wrote: >As i remember there is a cross compatibility between TAR & WINZIP and >between *ZIP & GZIP. There may even be TAR for Winblows if not it may be >time to LILO as I do between the two OS. Find your local Linux Users >group they can get you setup. SUSE 8 is due out 4-22. WinZip is not the only zip implementation for Windows. There are others, but they may not support tar. That is why I recommended ZIP for creating compressed archives on Windows. It is possible to use tar and gzip, but they are simply not as well supported and you don't get any significant benefit for your efforts. Tony - -- Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: Linux. The choice of a GNU generation -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene 0x6C94239D iD8DBQE8vlrCpCpg3WyUI50RAqu+AKDQZcj5c8DQ7HIHu1/OA5Eui4amhQCg89oK dpNwllTeN4lrm/aW+dbESNY= =KwYi -----END PGP SIGNATURE----- From agreene@pobox.com Thu Apr 18 08:44:01 2002 From: agreene@pobox.com (Anthony E. Greene) Date: Thu Apr 18 07:44:01 2002 Subject: Portable USE PGP/GNUPG In-Reply-To: <20020417.100530.15631.1.cwsiv_home1@juno.com>; from cwsiv_home1@juno.com on Wed, Apr 17, 2002 at 09:59:57AM -0700 References: <20020417.100530.15631.1.cwsiv_home1@juno.com> Message-ID: <20020418014541.F28910@cp5340> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Apr 17, 2002 at 09:59:57AM -0700, carl w spitzer wrote: >Actually I was hoping to run from CD but according to you I would have to >install on each machine and for school reinstall because of weekly >GHOSTing. That last is what I was hoping to avoid. Actually, you could just use GnuPG. It only uses the files in it's own directory. No system DLLs need to be installed. You could write some batch files to simplify using it, but it would definitely be a command line utility. You'd have to keep a command prompt window open to enter the commands. Tony - -- Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: Linux. The choice of a GNU generation -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene 0x6C94239D iD8DBQE8vl1+pCpg3WyUI50RAhlWAJ9qbi7JCFUE1Nka8k92jSwkq2QTMACfVBrS jcpTplYtxVIUZ2ukBQ2nhXI= =meNM -----END PGP SIGNATURE----- From dshaw@jabberwocky.com Thu Apr 18 09:01:02 2002 From: dshaw@jabberwocky.com (David Shaw) Date: Thu Apr 18 08:01:02 2002 Subject: GPG Key Grabbing through a Proxy In-Reply-To: <001701c1e699$f4d180c0$7b00558b@robxp> References: <001701c1e699$f4d180c0$7b00558b@robxp> Message-ID: <20020418060120.GD2068@akamai.com> On Wed, Apr 17, 2002 at 10:29:01PM -0700, AthlonRob wrote: > If, instead of LD_PRELOAD, I use export http_proxy=robxp:4480 (my > HTTP proxy is at robxp, port 4480) I get this output: > > ~$ gpg --verify test.txt > gpg: Warning: using insecure memory! > gpg: Signature made Wed Apr 17 21:39:22 2002 PDT using DSA key ID XXXXXXXX > gpg: requesting key XXXXXXXX from http://search.keyserver.net:11371 ... > gpg: invalid $http_proxy: unsupported URI > gpg: can't get key from keyserver: Operation not permitted > gpg: Can't check signature: public key not found > > Which could mean I'm not setting my http proxy properly... lynx > won't use it, either. Try exporting http_proxy as http://robxp:4480. Note the added "http://". David -- David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +---------------------------------------------------------------------------+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson From kuddel@informatik.uni-siegen.de Thu Apr 18 13:28:01 2002 From: kuddel@informatik.uni-siegen.de (Holger Schulz) Date: Thu Apr 18 12:28:01 2002 Subject: Error In-Reply-To: <20020417170614.GC665@akamai.com> Message-ID: <1F30E712-52B7-11D6-9EFC-00039381CB74@informatik.uni-siegen.de> On Wednesday, April 17, 2002, at 07:06 PM, David Shaw wrote: > The problem is you do not have the IDEA cipher installed. Read: > http://macgpg.sourceforge.net/docs/howto-install-IDEA.txt.asc > > That seems not to work [localhost:~] kuddel% curl -O http://www.gnupg.dk/contrib-dk/idea.c curl: (23) Failed writing body Thanks again hs From nicholas.dickens@human-anatomy.oxford.ac.uk Thu Apr 18 14:34:01 2002 From: nicholas.dickens@human-anatomy.oxford.ac.uk (Nicholas Dickens) Date: Thu Apr 18 13:34:01 2002 Subject: Importing gnupg secret keys into pgp In-Reply-To: <20020417170614.GC665@akamai.com> Message-ID: <002c01c1e6cd$1c5aee50$01000001@fgu062> I know this is the wrong way round to do this, but I've recently acquired a windows machine at work and am using outlook. The simplest way to get messages signed is to use pgp. But I can't seem to import my secret keys into it. Any ideas (or places to look), pgp to gnupg is pretty well covered... Nick -- Nicholas Dickens BSc ARCS MRC FGU, Department of Human Anatomy & Genetics, South Parks Road, Oxford, OX1 3QX, UK Tel: +44 1865 2 82650 http://fgu003.anat.ox.ac.uk:8080/ http://smart.ox.ac.uk/ -----Original Message----- From: gnupg-users-admin@gnupg.org [mailto:gnupg-users-admin@gnupg.org] On Behalf Of David Shaw Sent: 17 April 2002 18:06 To: Holger Schulz Cc: gnupg-users@gnupg.org Subject: Re: Error On Wed, Apr 17, 2002 at 05:39:13PM +0200, Holger Schulz wrote: > I got the error message > > > cipher algorithm 1 is unknown or disabled. > > I did not disable any algorithm. MacGPG is only useful if I can > communicate with people who use PGP. As I understood that should be > compatible. The problem is you do not have the IDEA cipher installed. Read: http://macgpg.sourceforge.net/docs/howto-install-IDEA.txt.asc David -- David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +----------------------------------------------------------------------- ----+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users From wk@gnupg.org Thu Apr 18 16:19:02 2002 From: wk@gnupg.org (Werner Koch) Date: Thu Apr 18 15:19:02 2002 Subject: Importing gnupg secret keys into pgp In-Reply-To: <002c01c1e6cd$1c5aee50$01000001@fgu062> ("Nicholas Dickens"'s message of "Thu, 18 Apr 2002 12:35:16 +0100") References: <002c01c1e6cd$1c5aee50$01000001@fgu062> Message-ID: <87pu0xcfdd.fsf@alberti.gnupg.de> On Thu, 18 Apr 2002 12:35:16 +0100, Nicholas Dickens said: > way to get messages signed is to use pgp. But I can't seem to import my > secret keys into it. Any ideas (or places to look), pgp to gnupg is > pretty well covered... Either set the passphrase using GnuPG to empty, export, import to pgp and set the passphrase again (for both copies of the secring?). Or better: gpg --s2k-cipher CAST5 --edit your_key_id and change the passphrase ("passwd") (you can use the same) so that CAST5 gets used as the cipher algorithm. Most versions of GnuPG use Blowfish which is not supported by PGP. Werner From Peter.Hegt@phidias.nl Thu Apr 18 16:39:02 2002 From: Peter.Hegt@phidias.nl (Hegt, Peter) Date: Thu Apr 18 15:39:02 2002 Subject: Importing gnupg secret keys into pgp Message-ID: Nicholas wrote: >> I know this is the wrong way round to do this, but I've recently acquired a windows machine at work and am using outlook. The simplest way to get messages signed is to use pgp. But I can't seem to import my secret keys into it ... << You could use the gdata.de gnupg plugin 4 outlook so u don't need pgp. to get the secret key into pgp: export the public key from gpg export the secret key from gpg use a editor to append them import into pgp. et voila -----Original Message----- From: Nicholas Dickens [mailto:nicholas.dickens@human-anatomy.oxford.ac.uk] Sent: donderdag 18 april 2002 13:35 To: gnupg-users@gnupg.org Subject: Importing gnupg secret keys into pgp I know this is the wrong way round to do this, but I've recently acquired a windows machine at work and am using outlook. The simplest way to get messages signed is to use pgp. But I can't seem to import my secret keys into it. Any ideas (or places to look), pgp to gnupg is pretty well covered... Nick -- Nicholas Dickens BSc ARCS MRC FGU, Department of Human Anatomy & Genetics, South Parks Road, Oxford, OX1 3QX, UK Tel: +44 1865 2 82650 http://fgu003.anat.ox.ac.uk:8080/ http://smart.ox.ac.uk/ -----Original Message----- From: gnupg-users-admin@gnupg.org [mailto:gnupg-users-admin@gnupg.org] On Behalf Of David Shaw Sent: 17 April 2002 18:06 To: Holger Schulz Cc: gnupg-users@gnupg.org Subject: Re: Error On Wed, Apr 17, 2002 at 05:39:13PM +0200, Holger Schulz wrote: > I got the error message > > > cipher algorithm 1 is unknown or disabled. > > I did not disable any algorithm. MacGPG is only useful if I can > communicate with people who use PGP. As I understood that should be > compatible. The problem is you do not have the IDEA cipher installed. Read: http://macgpg.sourceforge.net/docs/howto-install-IDEA.txt.asc David -- David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +----------------------------------------------------------------------- ----+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users From pta@psaconsultants.com Thu Apr 18 17:03:01 2002 From: pta@psaconsultants.com (Peter T. Abplanalp) Date: Thu Apr 18 16:03:01 2002 Subject: Importing gnupg secret keys into pgp In-Reply-To: References: Message-ID: <20020418140422.GA32574@psaconsultants.com> --YZ5djTAD1cGYuMQK Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable i've used the gdata plugin for outlook and it works nicely, anyway... as werner just answered on another thread, you might have problems with the encrypted passphrase from a gnupg secret key. gnupg appears to use blowfish which is not supported in pgp. the solution is to use gnupg to blank out the passphrase, import into pgp and then assign a new passphrase. another way is to make gnupg use a cypher that pgp supports so use: gpg --s2k-cipher CAST5 --edit your_key_id and then change your passphrase. thanks to werner for the answer in another thread. On Thu, Apr 18, 2002 at 03:39:02PM +0200, Hegt, Peter wrote: > Nicholas wrote: >=20 > >> > I know this is the wrong way round to do this, but I've recently > acquired a windows machine at work and am using outlook. The simplest > way to get messages signed is to use pgp. But I can't seem to import my > secret keys into it ... > << >=20 > You could use the gdata.de gnupg plugin 4 outlook so u don't need pgp. >=20 > to get the secret key into pgp: > export the public key from gpg > export the secret key from gpg > use a editor to append them > import into pgp. >=20 > et voila >=20 > -----Original Message----- > From: Nicholas Dickens > [mailto:nicholas.dickens@human-anatomy.oxford.ac.uk] > Sent: donderdag 18 april 2002 13:35 > To: gnupg-users@gnupg.org > Subject: Importing gnupg secret keys into pgp >=20 >=20 > I know this is the wrong way round to do this, but I've recently > acquired a windows machine at work and am using outlook. The simplest > way to get messages signed is to use pgp. But I can't seem to import my > secret keys into it. Any ideas (or places to look), pgp to gnupg is > pretty well covered... >=20 > Nick > =20 > -- > Nicholas Dickens BSc ARCS > =20 > MRC FGU, Department of Human Anatomy & Genetics, > South Parks Road, Oxford, OX1 3QX, UK > Tel: +44 1865 2 82650 > http://fgu003.anat.ox.ac.uk:8080/ > http://smart.ox.ac.uk/ > -----Original Message----- > From: gnupg-users-admin@gnupg.org [mailto:gnupg-users-admin@gnupg.org] > On Behalf Of David Shaw > Sent: 17 April 2002 18:06 > To: Holger Schulz > Cc: gnupg-users@gnupg.org > Subject: Re: Error >=20 > On Wed, Apr 17, 2002 at 05:39:13PM +0200, Holger Schulz wrote: > > I got the error message > >=20 > >=20 > > cipher algorithm 1 is unknown or disabled. > >=20 > > I did not disable any algorithm. MacGPG is only useful if I can=20 > > communicate with people who use PGP. As I understood that should be=20 > > compatible. >=20 > The problem is you do not have the IDEA cipher installed. Read: > http://macgpg.sourceforge.net/docs/howto-install-IDEA.txt.asc >=20 > David >=20 > --=20 > David Shaw | dshaw@jabberwocky.com | WWW > http://www.jabberwocky.com/ > +----------------------------------------------------------------------- > ----+ > "There are two major products that come out of Berkeley: LSD and > UNIX. > We don't believe this to be a coincidence." - Jeremy S. Anderson >=20 > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users >=20 >=20 >=20 > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users >=20 > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users --=20 Peter Abplanalp Email: pta@psaconsultants.com PGP: pgp.mit.edu --YZ5djTAD1cGYuMQK Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8vtJlggA8sH0iRXQRAsL4AJ4lF7Bs/FANuEkxLnP+O387xDJAegCeOXHB DQnH5AtitnKMjT7EXSpwH+A= =cc9E -----END PGP SIGNATURE----- --YZ5djTAD1cGYuMQK-- From shavital@mac.com Thu Apr 18 17:57:02 2002 From: shavital@mac.com (Charly Avital) Date: Thu Apr 18 16:57:02 2002 Subject: Importing gnupg secret keys into pgp In-Reply-To: <002c01c1e6cd$1c5aee50$01000001@fgu062> Message-ID: <649F28BA-52E4-11D6-8B25-000502C3C1E2@mac.com> The following workaround has served me to export secret keys created in GnuPG (Mac GPG) MacOS X, and import them in PGP 6.5.8 or 7.0.3 (Macintosh MacOS 9.1). - export the secret key in the Terminal, --armor. - copy from Terminal, paste into an e-mail message Eudora for MacOS X. - actually send the e-mail to myself. - receive the e-mail in Eudora 5.1r Macintosh OS 9.1 (in a different computer) - use the PGP plug-in for Eudora command "PGP Add Keys". - when I used, as recipient, PGP 6.5.8, the keypair showed a blank field opposite Cipher, in the Key Properties. PGP 6.5.8 supports only CAST, 3DES and IDEA. - when I used, as recipient, PGP 7.0.3, the keypair showed Cihper: AES-128. PGP 7.0.3 supports AES CAST Twofish 3DES and IDEA. - there was no need to change the passphrase before export. The same passphrase worked fine after import. I have no idea whether this workaround can be accomplished in a Windows environment. In a related topic (zeroing the passphrase): some Mac users have reported that when trying to export secret keys generated in PGP (MacOS 9.x.x), and import then into Mac PGP (GnuPG in MacOS X), an "algorithm 1 not supported. .." message was produced. Those were *not* RSA keys with IDEA. Zeroing the passphrase in PGP before export/import solved the problem. The passphrase was restored immediately in PGP, and entered in Mac GPG. I had no such problems when exporting keys created in PGP and importing them in Mac GPG. I can now use RSA/IDEA keys, after importing the IDEA module into GnuPG. Charly On Thursday, April 18, 2002, at 01:35 PM, Nicholas Dickens wrote: > I know this is the wrong way round to do this, but I've recently > acquired a windows machine at work and am using outlook. The simplest > way to get messages signed is to use pgp. But I can't seem to import my > secret keys into it. Any ideas (or places to look), pgp to gnupg is > pretty well covered... > > Nick > > -- > Nicholas Dickens BSc ARCS > > MRC FGU, Department of Human Anatomy & Genetics, > South Parks Road, Oxford, OX1 3QX, UK > Tel: +44 1865 2 82650 > http://fgu003.anat.ox.ac.uk:8080/ > http://smart.ox.ac.uk/ > [...] From nicholas.dickens@human-anatomy.oxford.ac.uk Thu Apr 18 18:53:01 2002 From: nicholas.dickens@human-anatomy.oxford.ac.uk (Nicholas Dickens) Date: Thu Apr 18 17:53:01 2002 Subject: Importing gnupg ... sorted! In-Reply-To: Message-ID: <004801c1e6f1$369b51a0$01000001@fgu062> Thanks everyone, I am going to experiment with various combinations but right now I've opted for the g-data plugin. Regards Nick -- Nicholas Dickens BSc ARCS MRC FGU, Department of Human Anatomy & Genetics, South Parks Road, Oxford, OX1 3QX, UK Tel: +44 1865 2 82650 http://fgu003.anat.ox.ac.uk:8080/ http://smart.ox.ac.uk/ From Kofi Grey" FROM: GREY KOFI ADMIN.SECRETARY STANDARD SECURITIES. ACCRA, GHANA. DEAR SIR, I do hope this letter will not come to you as a surprise. It was borne out of my desire to share a mutual business relationship with you . My name is GREY KOFI. A 47 years Ghanaian national, married with a wife and four children. I work as an administrative secretary in Standard Securities and Services Limited in Accra-Ghana. I got the information concerning you from the Ghana Chambers of Commerce and Industries after due consultation with my opinion adviser, I decided to contact you believing that by the grace of God, you will accept to be my partner in this business. I joined the services of this company in 1991 as office assistant and have been working with this company for nine years, within this period, I have worked with states and government functionaries who have been using Standard Securities to move huge sums of money U.S Dollars, Pounds Sterling, Foreign Tiakh(Cash)to their foreign partners. They bring in these consignments of money cash and secretly declare the contents as jewelry, Gold, Diamond, Precious stones, Family Treasure, Documents, etc. General Sanni Abacha of Nigeria(dead), Mobutu Sese Sekou of zaire (dead) Foday Sankoh of Sierra Leone,Babangida of Nigeria etc. All these people have hundreds of consignments deposited with Standard securities. Their foreign partners friends and relatives are claiming most of these consignments, but a lot of them are lying here unclaimed for as much as fifteen years. Nobody has ever come for them because in most cases, the documents! of deposits are never available to any body except the depositors but most of them are dead. Some time last year, Standard Security management changed the procedure of claims of consignments. As soon as one is able to supply answers all the test questions as contained in the secret files of any consignment, They consignment will be released to you upon demand from our safe storage. More than one hundred and twenty consignments belonging to Gen.Abacha, and Mobutu have been claimed in the past months. This is why I am soliciting for your co-operation and assistance. Gen. Abacha has 85 consignments deposited with several different names and codes. 35 have been claimed in the past 6 months. Since he died, the first son also died in a plane crash and the second son is facing trial for murderand embezzlement. The family members are under restricted arrest without communication.And can no longer tourch or ask of this consignments as the eyes of their goverment is on them and their consignment with us has overstayed their grace period I have finished every arrangement for you to come and claim consignment NO: 1201 containing US$ 9,000,000.00 and consignment NO: 1200 containing US$ 12,000,000.00. My duty is to supply you with all the information and documents by fax or email which you will use to deal directly with the management. The procedure is simple; You will apply officially to the Director of Operations of Standard Securities for the release of consignments NO; 1200 and NO.1201. They will demand some documents and Secret Codes. Reach me, I will supply you with every detailed information and you will fax it to them. As soon as they confirm it correct, they will invite you for collection. If you do not want to come to Accra, you can arrange with them to transfer the consignment to anywhere but united States of America on agreement. Nobody should ever know that I am involved in this deal except the Lawyer who will write an Agreement for us. I will suggest upon conclusion, 30% goes to you and 70% for me. At the successful completion of the deal, you will arrange for me and family to come over to your country. I am assuring you that this business have been arranged for years now. It is very secure and risk free. Reach me on kofigrey@yahoo.com for further explanation and directives on the procedure, God bless you. Yours Sincerely, GREY KOFI Get back to me via:kofigrey@yahoo.com From sbutler@fchn.com Thu Apr 18 19:54:01 2002 From: sbutler@fchn.com (Steve Butler) Date: Thu Apr 18 18:54:01 2002 Subject: Lost Cipher and Hash preferences Message-ID: <9A86613AB85FF346BB1321840DB42B4B67D68A@jupiter.fchn.com> One of our clients has a problem with PGP attempting to encrypt a file to us. It simply exists without an error message and with nothing encrypted. I looked at the preferences for their key versus the preferences for our key and noticed that our key is missing _all_ cipher and hash preferences! leo:/home/oracle > gpg --no-batch --edit fchn Secret key is available. pub 1024D/1B32D54B created: 2001-10-16 expires: never trust: f/u sub 2048g/5A2CEA48 created: 2001-10-16 expires: never (1). First Choice Health Network (FCHN) Command> showpref pub 1024D/1B32D54B created: 2001-10-16 expires: never trust: f/u (1). First Choice Health Network (FCHN) Command> quit How do I get the preferences back with GnuPG 1.06-2? The our client's public key shows: leo:/home/oracle > gpg --no-batch --edit VSP pub 1024D/03844E3A created: 2001-02-20 expires: never trust: -/q sub 4096g/210BFAEA created: 2001-02-20 expires: never (1). VSP Enterprise Command> showpref pub 1024D/03844E3A created: 2001-02-20 expires: never trust: -/q (1). VSP Enterprise Cipher: CAST5, 3DES, [1] Hash: Command> quit Thanks, --Steve Oracle Administrator First Choice Health CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. From dshaw@jabberwocky.com Thu Apr 18 20:12:01 2002 From: dshaw@jabberwocky.com (David Shaw) Date: Thu Apr 18 19:12:01 2002 Subject: Lost Cipher and Hash preferences In-Reply-To: <9A86613AB85FF346BB1321840DB42B4B67D68A@jupiter.fchn.com> References: <9A86613AB85FF346BB1321840DB42B4B67D68A@jupiter.fchn.com> Message-ID: <20020418171246.GC704@akamai.com> On Thu, Apr 18, 2002 at 09:53:25AM -0700, Steve Butler wrote: > One of our clients has a problem with PGP attempting to encrypt a file to > us. It simply exists without an error message and with nothing encrypted. > > I looked at the preferences for their key versus the preferences for our key > and noticed that our key is missing _all_ cipher and hash preferences! Hmm. This shouldn't make any difference - a key without preferences defaults to the safe values of 3DES & SHA1. What version of PGP is your client using? David -- David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +---------------------------------------------------------------------------+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson From sbutler@fchn.com Thu Apr 18 20:48:02 2002 From: sbutler@fchn.com (Steve Butler) Date: Thu Apr 18 19:48:02 2002 Subject: Lost Cipher and Hash preferences Message-ID: <9A86613AB85FF346BB1321840DB42B4B67D68E@jupiter.fchn.com> Get back to you on that. I have a query out to them. So far, this is all I have (other than looking at their and our public keys): "I was looking at your key and apparently you use GnuPGP. You will be the first group that I send data to that is using GPG. In a nutshell, I tried to encrypt your file, and it starts to, pulls up the banner info for your key, and then asks if I want to use this key. But when I say yes, it pauses, and then returns to the directory where the file resides. (when I use normal PGP it displays the filename with a .pgp extension - indicating a successful encryption.) When I look at the directory nothing is encrypted. "My question is this, do you have other clients that use PGP and send you encrypted data? If so, Is there a special way to import the key? Are there any special commands that I should use to encrypt the file. right now I just use the typical pgp -e ." -----Original Message----- [with appropriate snips] From: David Shaw [mailto:dshaw@jabberwocky.com] Sent: Thursday, April 18, 2002 10:13 AM On Thu, Apr 18, 2002 at 09:53:25AM -0700, Steve Butler wrote: > One of our clients has a problem with PGP attempting to encrypt a file to > and noticed that our key is missing _all_ cipher and hash preferences! Hmm. This shouldn't make any difference - a key without preferences defaults to the safe values of 3DES & SHA1. What version of PGP is your client using? CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. From sbutler@fchn.com Thu Apr 18 21:01:02 2002 From: sbutler@fchn.com (Steve Butler) Date: Thu Apr 18 20:01:02 2002 Subject: Lost Cipher and Hash preferences Message-ID: <9A86613AB85FF346BB1321840DB42B4B67D691@jupiter.fchn.com> The client is using version 7.0.1. CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. From kr6x@kr6x.com Thu Apr 18 23:47:02 2002 From: kr6x@kr6x.com (Leigh S. Jones, KR6X) Date: Thu Apr 18 22:47:02 2002 Subject: Encrypt a whole directory in a single pass References: <20020417.100530.15631.0.cwsiv_home1@juno.com> <20020418013406.E28910@cp5340> Message-ID: <006001c1e71a$61ff6ce0$963fca96@pacesetter.com> There are command-line implementations of gzip and tar that will do the job under Microsoft operating systems, although there are often limitations such as 8.3 filenames. WinZip will open tarfiles and gzip files, but will not create them. Generally, the "zip" format will be the format of choice on Microsoft operating systems while tar and gzip or "compress"/"uncompress" will be the archival method of choice on Unix and Linux. There is a "zip" implementation that is unique to Unix, producing files of a different format from WinZip and other Microsoft implementations. As of 1993, perhaps earlier, the zip implementation used widely on Unix (SunOS and others) included the capability to produce files that adhere to the zip formats from the Microsoft realm. More modern is the "bzip2" zip format that produces tighter compression yet but often seems to be available only on Unix/Linux computers although I know of no reason that the program couldn't be compiled under djgpp or similar to produce a Microsoft implementation. WinZip hasn't been supporting bzip2 in the past nor "compress"/" uncompress" outputs, although I haven't read the specs on the latest release of WinZip to see what might be added in new versions. Frankly, for most kinds of files, the output produced by WinZip will occupy more disk space than gzip or bzip2 files, with by far the best compression performance marks going to bzip2. Many of these tools provide for encryption as well as compression, although I'd generally have more confidence in the gpg and PGP encryption than in the zip tools if the security of the files was at risk. ----- Original Message ----- From: "Anthony E. Greene" To: Sent: Wednesday, April 17, 2002 22:34 Subject: Re: Encrypt a whole directory in a single pass > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Wed, Apr 17, 2002 at 09:50:52AM -0700, carl w spitzer wrote: > >As i remember there is a cross compatibility between TAR & WINZIP and > >between *ZIP & GZIP. There may even be TAR for Winblows if not it may be > >time to LILO as I do between the two OS. Find your local Linux Users > >group they can get you setup. SUSE 8 is due out 4-22. > > WinZip is not the only zip implementation for Windows. There are others, > but they may not support tar. That is why I recommended ZIP for creating > compressed archives on Windows. It is possible to use tar and gzip, but > they are simply not as well supported and you don't get any significant > benefit for your efforts. > > > Tony > - -- > Anthony E. Greene > OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D > AOL/Yahoo Chat: TonyG05 HomePage: > Linux. The choice of a GNU generation > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.6 (GNU/Linux) > Comment: Anthony E. Greene 0x6C94239D > > iD8DBQE8vlrCpCpg3WyUI50RAqu+AKDQZcj5c8DQ7HIHu1/OA5Eui4amhQCg89oK > dpNwllTeN4lrm/aW+dbESNY= > =KwYi > -----END PGP SIGNATURE----- > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > From newsletter2002@bergencapital.com Fri Apr 19 01:19:02 2002 From: newsletter2002@bergencapital.com (Wise Investments) Date: Fri Apr 19 00:19:02 2002 Subject: Tired of Losing $ in the Stock Market? Message-ID: <200204182125.g3ILPlj07574@level3.net> This is a MIME encoded message. --=_faa5b4376513a1cc1afee7600a0ed039 Content-Type: multipart/alternative; boundary="=_fd3e3db3467396217eab78196d3d2d1d" --=_fd3e3db3467396217eab78196d3d2d1d Content-Type: text/plain Content-Transfer-Encoding: base64 PGZvbnQgY29sb3I9J3JlZCcgZmFjZT0nYXJpYWwnPlRFU1RJTkcgVEVYVCBCQVNFRCBFTUFJTDwv Zm9udD4NCg0KaHR0cDovL3d3dy5iZXJnZW5jYXBpdGFsLmNvbQ== --=_fd3e3db3467396217eab78196d3d2d1d Content-Type: text/html Content-Transfer-Encoding: base64 PGh0bWw+DQo8aGVhZD4NCjx0aXRsZT5VbnRpdGxlZCBEb2N1bWVudDwvdGl0bGU+DQo8bWV0YSBo dHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD1pc28t ODg1OS0xIj4NCjwvaGVhZD4NCg0KPGJvZHkgYmdjb2xvcj0iI0ZGRkZGRiIgdGV4dD0iIzAwMDAw MCI+DQo8dGFibGUgd2lkdGg9IjUwMCIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBh ZGRpbmc9IjAiIGFsaWduPSJjZW50ZXIiPg0KICA8dHI+DQogICAgPHRkPg0KICAgICAgPHAgYWxp Z249ImNlbnRlciI+PGZvbnQgc2l6ZT0iNSIgY29sb3I9IiNGRjAwMDAiPioqKiBJTlZFU1QgV0lT RUxZICoqKjwvZm9udD48L3A+DQogICAgICA8cCBhbGlnbj0ibGVmdCI+KiBMZWFybiBob3cgdG8g ZWFybiBzdGVhZHkgaGlnaCBmaXhlZCByZXR1cm5zIHNvbWUgb2Ygd2hpY2ggDQogICAgICAgIG1h eSBiZSBGUkVFIGZyb20gRmVkZXJhbCBhbmQgU3RhdGUgVGF4ZXM8L3A+DQogICAgICA8cCBhbGln bj0ibGVmdCI+KiBIYXZlIHlvdSBhbHdheXMgYmVlbiBpbnRlcmVzdGVkIGluIHRoZSBpbnZlc3Rt ZW50IGFyZW5hIA0KICAgICAgICBidXQgd2VyZSB1bnN1cmUgb2YgaG93IHRvIGdldCBpbnZvbHZl ZD88L3A+DQogICAgICA8cCBhbGlnbj0iY2VudGVyIj48Yj5Zb3UncmUgTm90IEFsb25lICE8L2I+ PC9wPg0KICAgICAgPHA+VGhpcyBpcyB3aHkgZm9yIGEgTGltaXRlZCBUaW1lLCB3ZSBhcmUgb2Zm ZXJpbmcgYSBGUkVFIEludmVzdG1lbnQgTmV3c2xldHRlciANCiAgICAgICAgdG8gdGhvc2Ugd2hv IHF1YWxpZnkhIFlvdSB3aWxsIHJlY2lldmUgYWxsIG9mIHRoZSBpbmZvcm1hdGlvbiB5b3UgbmVl ZCANCiAgICAgICAgdG8gbWFrZSBpbmZvcm1lZCBkZWNpc2lvbnMgb24geW91ciBpbnZlc3RtZW50 cy4gV2UgY2FuIGFsc28gc2hvdyB5b3UgaG93IA0KICAgICAgICB0byBpbnZlc3QgaW4gdGhlIFN0 b2NrIE1hcmtldCB3aXRob3V0IHJpc2tpbmcgeW91ciBpbnZlc3RtZW50PC9wPg0KICAgICAgPHAg YWxpZ249ImNlbnRlciI+PGI+V2hhdCBEbyBJIEhhdmUgVG8gRG8gVG8gUXVhbGlmeT88L2I+PC9w Pg0KICAgICAgPHA+WW91IG11c3QgYmUgYXQgbGVhc3QgMjEgeWVhcnMgb2YgYWdlIGFuZCBVUyBy ZXNpZGVudC48L3A+DQogICAgICA8cCBhbGlnbj0iY2VudGVyIj48YSBocmVmPSJodHRwOi8vd3d3 LmJlcmdlbmNhcGl0YWwuY29tLyI+Q2xpY2sgSGVyZSBUbyANCiAgICAgICAgRmluZCBPdXQgTW9y ZTwvYT48L3A+DQogICAgICA8cD48Zm9udCBzaXplPSIxIj4qT2ZmZXIgTm90IFZhbGlkIHRvIFJl c2lkZW50cyBvZiBBSywgSEksIE5ELCBTRCwgYW5kIE9LLiBXZSByZXNwZWN0IHlvdXIgcHJpdmFj eSwgaWYgeW91IHByZWZlciBub3QgdG8gcmVjaWV2ZSBmdXR1cmUgZS1tYWlsIG1lc3NhZ2VzLCBw bGVhc2UgPGEgaHJlZj0iaHR0cDovLzE5OC4xMzkuNjYuMjQwL3JlbW92ZS9yZW1vdmUucGhwIj5j bGljayBoZXJlPC9hPi4NCiAgICAgIDwvZm9udD48L3A+PGltZyBzcmM9Imh0dHA6Ly93d3cuYmVy Z2VuY2FwaXRhbC5jb20vaW1hZ2VzL2JvYXJkcy5naWYiPg0KICAgICAgPC90ZD4NCiAgPC90cj4N CjwvdGFibGU+DQo8L2JvZHk+DQo8L2h0bWw+DQo= --=_fd3e3db3467396217eab78196d3d2d1d-- --=_faa5b4376513a1cc1afee7600a0ed039-- From athlonrobnf@cs.com Fri Apr 19 01:41:01 2002 From: athlonrobnf@cs.com (AthlonRob) Date: Fri Apr 19 00:41:01 2002 Subject: GPG Key Grabbing through a Proxy References: <001701c1e699$f4d180c0$7b00558b@robxp> <20020418060120.GD2068@akamai.com> Message-ID: <001a01c1e72a$434ce4c0$7b00558b@robxp> Thanks! That seems to have solved the problem, I think. Although none of the keys I try are being found on search.keyserver.net ... but they aren't showing in the web interface, either. One did come through ok, though. Rob ----- Original Message ----- From: "David Shaw" To: Sent: Wednesday, April 17, 2002 11:01 PM Subject: Re: GPG Key Grabbing through a Proxy > On Wed, Apr 17, 2002 at 10:29:01PM -0700, AthlonRob wrote: > > If, instead of LD_PRELOAD, I use export http_proxy=robxp:4480 (my > > HTTP proxy is at robxp, port 4480) I get this output: > > > > ~$ gpg --verify test.txt > > gpg: Warning: using insecure memory! > > gpg: Signature made Wed Apr 17 21:39:22 2002 PDT using DSA key ID XXXXXXXX > > gpg: requesting key XXXXXXXX from http://search.keyserver.net:11371 ... > > gpg: invalid $http_proxy: unsupported URI > > gpg: can't get key from keyserver: Operation not permitted > > gpg: Can't check signature: public key not found > > > > Which could mean I'm not setting my http proxy properly... lynx > > won't use it, either. > > Try exporting http_proxy as http://robxp:4480. Note the added > "http://". > > David > > -- > David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ > +--------------------------------------------------------------------------- + > "There are two major products that come out of Berkeley: LSD and UNIX. > We don't believe this to be a coincidence." - Jeremy S. Anderson > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > From karlsson@hal-pc.org Fri Apr 19 03:21:01 2002 From: karlsson@hal-pc.org (Brian M. Carlson) Date: Fri Apr 19 02:21:01 2002 Subject: keyserver index In-Reply-To: <31031820505400.01335@carpathia> References: <31031820505400.01335@carpathia> Message-ID: <20020419002217.GA2955@stonewall> --liOOAslEiF7prFVr Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Mar 18, 2031 at 08:50:53PM +0100, Michael Anckaert wrote: > Hello, I would like to know if there is an index file of the available pg= p=20 > keyservers somewhere. If there isn't one, would it be of any use use if I= =20 > would maintain one? Maybe it can be usefull to newbies or if you can't fi= nd a=20 > certain key on a server. =20 I have a bzip2'd one in csv format at . This *is* updated, an= d is being actively maintained. If you have any comments, I'd like to hear them. --=20 Brian M. Carlson OpenPGP: 0x351336B2DCA1913A --liOOAslEiF7prFVr Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6e-cvs (GNU/Linux) Comment: Ubi libertas, ibi patria. iQEVAwUBPL9jN+WR/8lWBVPnAQMDtAf9EB57N9vjzy8ptt+OEl5a+3cSjUTPSOyJ 9ZTUkiA4uNQ+VRpDKltuX8DagZnuOGvZGQtoei55Siy9ryMKM3SpJLARcYPuPRC8 s7wR4ZobE/iJ2M1KBkh1pCtdFEwzR8+Jr6sCxD6U5rXpf3NMMRwyhrC+slSkyWtO natItmDSqzPYwDKpkxMQyCA/oMr7zvQiGbyZBzS7uVV2JSfWXC3Dee+MVNNjMb/A e4U/+mKkVNbrOM28+alDb9TGUNPPKHmN/bPXK7+iGO2aN8ohUl45Q+iJu6iuOf3X a6Gid5EPvNPsrNeYvw9dlWoLEImq9qVAKlIAZ2ucBwwFrHCgOzIvfQ== =MayW -----END PGP SIGNATURE----- --liOOAslEiF7prFVr-- From martakashi@earthlink.net Fri Apr 19 04:51:02 2002 From: martakashi@earthlink.net (mobiusoj) Date: Fri Apr 19 03:51:02 2002 Subject: Tired of Losing $ in the Stock Market? In-Reply-To: <200204182125.g3ILPlj07574@level3.net> Message-ID: <5.1.0.14.0.20020418160327.00a43d80@pop.earthlink.net> --=====================_11893148==_.REL Content-Type: multipart/alternative; boundary="=====================_11893172==_.ALT" --=====================_11893172==_.ALT Content-Type: text/plain; charset="us-ascii"; format=flowed Did I sign up for free spam when I joined this list or is this just simply spam? At 05:25 PM 4/18/02 -0400, Wise Investments wrote: >*** INVEST WISELY *** > >* Learn how to earn steady high fixed returns some of which may be FREE >from Federal and State Taxes > >* Have you always been interested in the investment arena but were unsure >of how to get involved? > >You're Not Alone ! > >This is why for a Limited Time, we are offering a FREE Investment >Newsletter to those who qualify! You will recieve all of the information >you need to make informed decisions on your investments. We can also show >you how to invest in the Stock Market without risking your investment > >What Do I Have To Do To Qualify? > >You must be at least 21 years of age and US resident. > >Click Here To Find Out More > >*Offer Not Valid to Residents of AK, HI, ND, SD, and OK. We respect your >privacy, if you prefer not to recieve future e-mail messages, please >click here. >1d6396.jpg --=====================_11893172==_.ALT Content-Type: text/html; charset="us-ascii" Did I sign up for free spam when I joined this list or is this just simply spam? 

At 05:25 PM 4/18/02 -0400, Wise Investments wrote:

*** INVEST WISELY ***

* Learn how to earn steady high fixed returns some of which may be FREE from Federal and State Taxes

* Have you always been interested in the investment arena but were unsure of how to get involved?

You're Not Alone !

This is why for a Limited Time, we are offering a FREE Investment Newsletter to those who qualify! You will recieve all of the information you need to make informed decisions on your investments. We can also show you how to invest in the Stock Market without risking your investment

What Do I Have To Do To Qualify?

You must be at least 21 years of age and US resident.


*Offer Not Valid to Residents of AK, HI, ND, SD, and OK. We respect your privacy, if you prefer not to recieve future e-mail messages, please click here.
1d6396.jpg 
--=====================_11893172==_.ALT-- --=====================_11893148==_.REL Content-Type: image/jpeg; name="1d6396.jpg"; x-mac-type="4A504547"; x-mac-creator="4A565752" Content-ID: <5.1.0.14.0.20020418160327.00a43d80@pop.earthlink.net.0> Content-Transfer-Encoding: base64 Content-Disposition: inline; filename="1d6396.jpg" /9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEB AQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQH/2wBDAQEBAQEBAQEBAQEBAQEBAQEBAQEB AQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQH/wAARCAABAAEDASIA AhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQA AAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3 ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWm p6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEA AwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSEx BhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElK U1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3 uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD9mKKK K/41z8XP/9k= --=====================_11893148==_.REL-- From lhecking@nmrc.ie Fri Apr 19 12:19:02 2002 From: lhecking@nmrc.ie (Lars Hecking) Date: Fri Apr 19 11:19:02 2002 Subject: Tired of Losing $ in the Stock Market? In-Reply-To: <5.1.0.14.0.20020418160327.00a43d80@pop.earthlink.net> References: <200204182125.g3ILPlj07574@level3.net> <5.1.0.14.0.20020418160327.00a43d80@pop.earthlink.net> Message-ID: <20020419091942.GA3607@nmrc.ie> mobiusoj writes: > Did I sign up for free spam when I joined this list or is this just simply > spam? Then why the fuck did you repost the whole fucking thing to the list, including the part in html, and even attached a jpeg file to your reply? From Peter.Hegt@phidias.nl Fri Apr 19 13:01:01 2002 From: Peter.Hegt@phidias.nl (Hegt, Peter) Date: Fri Apr 19 12:01:01 2002 Subject: Tired of Losing $ in the Stock Market? Message-ID: Lars, Ok, You're upset, but there is no need to go swearing in public. Regards, Peter -----Original Message----- From: Lars Hecking [mailto:lhecking@nmrc.ie] Sent: vrijdag 19 april 2002 11:20 To: mobiusoj Cc: gnupg-users@gnupg.org Subject: Re: Tired of Losing $ in the Stock Market? mobiusoj writes: > Did I sign up for free spam when I joined this list or is this just simply > spam? Then why the fuck did you repost the whole fucking thing to the list, including the part in html, and even attached a jpeg file to your reply? _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users From bart.martens@advalvas.be Fri Apr 19 16:08:02 2002 From: bart.martens@advalvas.be (Bart Martens) Date: Fri Apr 19 15:08:02 2002 Subject: keyserver index In-Reply-To: <20020419002217.GA2955@stonewall>; from karlsson@hal-pc.org on Fri, Apr 19, 2002 at 12:22:17AM +0000 References: <31031820505400.01335@carpathia> <20020419002217.GA2955@stonewall> Message-ID: <20020419080249.B1930@cable-195-162-215-211.upc.chello.be> On Fri, Apr 19, 2002 at 12:22:17AM +0000, Brian M. Carlson wrote: > On Tue, Mar 18, 2031 at 08:50:53PM +0100, Michael Anckaert wrote: > > Hello, I would like to know if there is an index file of the available pgp > > keyservers somewhere. If there isn't one, would it be of any use use if I > > would maintain one? Maybe it can be usefull to newbies or if you can't find a > > certain key on a server. > > I have a bzip2'd one in csv format at > . This *is* updated, and is > being actively maintained. If you have any comments, I'd like to hear them. Yes, I'd put the list online somewhere, and ask for a link to it at www.pgpi.org . From agreene@pobox.com Fri Apr 19 16:36:01 2002 From: agreene@pobox.com (Anthony E. Greene) Date: Fri Apr 19 15:36:01 2002 Subject: keyserver index In-Reply-To: <20020419080249.B1930@cable-195-162-215-211.upc.chello.be>; from bart.martens@chello.be on Fri, Apr 19, 2002 at 08:02:49AM +0200 References: <31031820505400.01335@carpathia> <20020419002217.GA2955@stonewall> <20020419080249.B1930@cable-195-162-215-211.upc.chello.be> Message-ID: <20020419093703.A11844@cp5340> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, Apr 19, 2002 at 08:02:49AM +0200, Bart Martens wrote: >On Fri, Apr 19, 2002 at 12:22:17AM +0000, Brian M. Carlson wrote: >> >> I have a bzip2'd one in csv format at >> . This *is* >> updated, and is being actively maintained. If you have any comments, >> I'd like to hear them. > >Yes, I'd put the list online somewhere, and ask for a link to it at >www.pgpi.org . Online? You mean like posting it at the URL he posted? I agree that the second part is good idea. Why is the list bzipped? It's only 11k uncompressed. Posting it as plain text would make it more accessible to those who can't readily handle bzipped files. Tony - -- Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: Linux. The choice of a GNU generation -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene 0x6C94239D iD8DBQE8wB1xpCpg3WyUI50RAhdCAKDMcyR7QOsr1WjoL0rGrn2NdbPJNwCgzi5K vYLDsIHE8MwS6H5XAbuWU9o= =7W6n -----END PGP SIGNATURE----- From scott@phoenixtechie.com Sat Apr 20 00:22:02 2002 From: scott@phoenixtechie.com (Scott Woodward) Date: Fri Apr 19 23:22:02 2002 Subject: compiling win32 Message-ID: <001101c1e7e8$7758ecf0$0500000a@billuh> I read the directions and compiled everything but gnupg, when compiling that I get a missing library. What library is that, and what package is it in? /usr/local/lib/mingw32-cpd/i386--mingw32/bin/ld: cannot open -lws2_32: No such file or directory From steffen@michalek.de Sat Apr 20 01:24:02 2002 From: steffen@michalek.de (Steffen Michalek) Date: Sat Apr 20 00:24:02 2002 Subject: Export des =?iso-8859-15?q?Schl=FCssel=5Fpaares=5F=20zur?= Sicherung Message-ID: <200204200023.45430.steffen.michalek@gmx.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hallo! Ich benutze (seit gestern) GnuPA v0.4.3 unter Linux/KDE3. Bei der Erstellung des Schl=FCssels wurde mir in Aussicht gestellt, dass ich ihn sp=E4ter noch (auf Diskette) sichern k=F6nne. Nach der Anleitung sollte beim Exportieren eine Option w=E4hlbar sein, _beide_ Schl=FCssel abzuspeichern, die scheint es jedoch bei mir nicht zu geben. Wer kann mir helfen? Danke, Steffen Michalek - --=20 Steffen@michalek.de -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8wJjiU7ACdOZjuvoRAg7cAJ9edihEP6ZmfLj9+awgeYShssHjagCcDqaj Wozttm2/CpvqCoZUcyBbHEE=3D =3DaW/m -----END PGP SIGNATURE----- From kr6x@kr6x.com Sat Apr 20 02:23:01 2002 From: kr6x@kr6x.com (Leigh S. Jones, KR6X) Date: Sat Apr 20 01:23:01 2002 Subject: compiling win32 References: <001101c1e7e8$7758ecf0$0500000a@billuh> Message-ID: <00e201c1e7f9$56607700$963fca96@pacesetter.com> I'm probably going to have to conquer this issue myself pretty soon, so I'm curious what answer will arise. But my guess would be that the issue isn't figuring out which library you need to add, but instead figuring out which configure options you need to invoke prior to performing the "make". I'd bet that a quick search of the archives for this reflector would turn up an answer... That issue aside, I'm not sure why you're compiling this version for windows when it is available in a precompiled binary. Knowing that I'm going to need to compile it myself in the future makes it easier for me to understand that you may actually have a need yourself -- but it is already available. ----- Original Message ----- From: "Scott Woodward" To: Sent: Friday, April 19, 2002 14:23 Subject: compiling win32 > I read the directions and compiled everything but gnupg, when compiling that > I get a missing library. What library is that, and what package is it in? > > /usr/local/lib/mingw32-cpd/i386--mingw32/bin/ld: cannot open -lws2_32: No > such file or directory > > > > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > From scott@phoenixtechie.com Sat Apr 20 03:50:02 2002 From: scott@phoenixtechie.com (Scott Woodward) Date: Sat Apr 20 02:50:02 2002 Subject: compiling win32 References: <001101c1e7e8$7758ecf0$0500000a@billuh> <00e201c1e7f9$56607700$963fca96@pacesetter.com> Message-ID: <000701c1e805$769dad10$0500000a@billuh> I'm trying to compile the 1.0.6e version. I am *hoping* that the crash that occurs in windows 2000 when gpg is fed garbled data would be eliminated in this version. ----- Original Message ----- From: "Leigh S. Jones, KR6X" To: Sent: Friday, April 19, 2002 4:24 PM Subject: Re: compiling win32 > I'm probably going to have to conquer this issue myself > pretty soon, so I'm curious what answer will arise. > > But my guess would be that the issue isn't figuring out > which library you need to add, but instead figuring out > which configure options you need to invoke prior to > performing the "make". I'd bet that a quick search of the > archives for this reflector would turn up an answer... > > That issue aside, I'm not sure why you're compiling this > version for windows when it is available in a precompiled > binary. Knowing that I'm going to need to compile it > myself in the future makes it easier for me to understand > that you may actually have a need yourself -- but it is > already available. > > ----- Original Message ----- > From: "Scott Woodward" > To: > Sent: Friday, April 19, 2002 14:23 > Subject: compiling win32 > > > > I read the directions and compiled everything but gnupg, when compiling > that > > I get a missing library. What library is that, and what package is it in? > > > > /usr/local/lib/mingw32-cpd/i386--mingw32/bin/ld: cannot open -lws2_32: No > > such file or directory > > > > > > > > > > > > _______________________________________________ > > Gnupg-users mailing list > > Gnupg-users@gnupg.org > > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > From davis@zmm.ch Sat Apr 20 13:59:01 2002 From: davis@zmm.ch (davis@zmm.ch) Date: Sat Apr 20 12:59:01 2002 Subject: Download Message-ID: This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01C1E85B.1FCFE1F0 Content-Type: text/plain To whom it may concern I just downloaded the latest GnuPG version. I have a Celeron 500 CPU and use Winodws 2000. Unfortunately I could not install the programm after unzipping it. Do you know the problem? Thanks Davis ------_=_NextPart_001_01C1E85B.1FCFE1F0 Content-Type: text/html Content-Transfer-Encoding: quoted-printable

To whom it may = concern

I just downloaded the = latest GnuPG version. I have a Celeron 500 CPU and use = Winodws 2000. Unfortunately I could not install = the programm after unzipping it. Do you know the = problem?

 

Thanks

 

Davis

------_=_NextPart_001_01C1E85B.1FCFE1F0-- From smcmahon@eiv.com Sat Apr 20 16:32:01 2002 From: smcmahon@eiv.com (Shawn McMahon) Date: Sat Apr 20 15:32:01 2002 Subject: Automatic resyncing of keys? Message-ID: <20020420133257.GA5347@eiv.com> --82I3+IH0IqGh5yIs Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I'm sure this must have been asked before, but I'm not finding it in the archives or google: Is there a way to automatically re-retrieve all the keys I have in my keyring, to get any updated signatures that have been re-submitted, short of writing a script? If not, has somebody written that script already? --=20 Shawn McMahon | McMahon's Laws of Linux support: http://www.eiv.com | 1) There's more than one way to do it AIM: spmcmahonfedex, smcmahoneiv | 2) Somebody thinks your way is wrong --82I3+IH0IqGh5yIs Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjzBbgkACgkQEcl9bQ0RMt2V5QCgzBtqr3DSGavte+aEmquyU7FN 9tgAn0mGgplJlkyViJpFndBSKHxM81Gh =KxKY -----END PGP SIGNATURE----- --82I3+IH0IqGh5yIs-- From dshaw@jabberwocky.com Sat Apr 20 16:55:02 2002 From: dshaw@jabberwocky.com (David Shaw) Date: Sat Apr 20 15:55:02 2002 Subject: Automatic resyncing of keys? In-Reply-To: <20020420133257.GA5347@eiv.com> References: <20020420133257.GA5347@eiv.com> Message-ID: <20020420135545.GE662@akamai.com> On Sat, Apr 20, 2002 at 09:32:57AM -0400, Shawn McMahon wrote: > I'm sure this must have been asked before, but I'm not finding it in the > archives or google: > > Is there a way to automatically re-retrieve all the keys I have in my > keyring, to get any updated signatures that have been re-submitted, > short of writing a script? This is a feature in GnuPG 1.0.7. Use "gpg --refresh-keys". GnuPG 1.0.7 will be released soon. David -- David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +---------------------------------------------------------------------------+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson From ingo.kloecker@epost.de Sat Apr 20 16:56:01 2002 From: ingo.kloecker@epost.de (Ingo =?iso-8859-1?q?Kl=F6cker?=) Date: Sat Apr 20 15:56:01 2002 Subject: Automatic resyncing of keys? In-Reply-To: <20020420133257.GA5347@eiv.com> References: <20020420133257.GA5347@eiv.com> Message-ID: <200204201556.00033@erwin.ingo-kloecker.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Saturday 20 April 2002 15:32, Shawn McMahon wrote: > I'm sure this must have been asked before, but I'm not finding it in > the archives or google: > > Is there a way to automatically re-retrieve all the keys I have in my > keyring, to get any updated signatures that have been re-submitted, > short of writing a script? > > If not, has somebody written that script already? Try this: gpg --recv-keys `gpg --list-keys | grep ^pub | sed 's_[^/]*/\([0-9A-F]*\)= =2E*_\1_'` Regards, Ingo -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8wXNtGnR+RTDgudgRAiVXAKDc/B2xarFBScd0idvj16yWqyGtewCgvuJy D6vWu4pwlkANUL6WeDNkgo0=3D =3DBsO5 -----END PGP SIGNATURE----- From peter.schuller@infidyne.com Sat Apr 20 22:56:01 2002 From: peter.schuller@infidyne.com (Peter Schuller) Date: Sat Apr 20 21:56:01 2002 Subject: Download References: Message-ID: <00b401c1e8ae$04686ab0$b4ae70d4@prometheus2000> >To whom it may concern >I just downloaded the latest GnuPG version. I have a Celeron 500 CPU and use Winodws 2000. >Unfortunately I could not install the programm after unzipping it. Do you know the problem? The first step to getting help is describing what the problem is: (1) What are you doing? (2) What happened? (3) What did you think/want to happen? Are you having trouble unzipping it? Are you getting an error message? Without such information it is impossible to be of assistance. -- / Peter Schuller, InfiDyne Technologies HB PGP userID: 0xE9758B7D or 'Peter Schuller ' Key retrival: Send an E-Mail to getpgpkey@scode.org E-Mail: peter.schuller@infidyne.com Web: http://www.scode.org From jharris@widomaker.com Sat Apr 20 22:59:01 2002 From: jharris@widomaker.com (Jason Harris) Date: Sat Apr 20 21:59:01 2002 Subject: keyserver list updates Message-ID: <20020420200001.GA527@p5.widomaker.com> --cWoXeonUoKmBZSoM Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable The keyserver list at: http://jharris.cjb.net/keyserver.html has been updated again. The pgp.com keyserver has been down for a while and is now noted as such. (pgpkeys.mit.edu used to point to the pgp.com server, but has been repointed to pgp.mit.edu/CRYPTONOMICON.mit.edu.) The uni-paderborn server was renamed but turned up in a search at the main page for upb.de, so it has been added to the list. Also, links to the openpksd.org and pgpi.org keyserver lists have been added. Additions and corrections are always welcome. --=20 Jason Harris jharris@widomaker.com --cWoXeonUoKmBZSoM Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE8wci/SypIl9OdoOMRAh1fAKCCqCqblBWd+L1CHeALHEiUxZCEVACgyu+l 7K5VEoa+FJXlNH/2Ybb62QE= =+XEc -----END PGP SIGNATURE----- --cWoXeonUoKmBZSoM-- From mutz@kde.org Sat Apr 20 23:01:02 2002 From: mutz@kde.org (Marc Mutz) Date: Sat Apr 20 22:01:02 2002 Subject: Bug in GnuPG? Message-ID: <200204202158.55401@sendmail.mutz.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi! Am I doing something wrong or is this a GnuPG bug? echo -n ' ' | gpg --armor --sign --encrypt --textmode \ -u 0xdeadbeef --set-filename stdin -r 0xdeadbeef | gpg --decrypt | xxd 0000000: 883f 0305 013c c1c7 16de 8583 f8bd bfe8 .?...<.......... 0000010: 3811 0262 f600 9b04 6ce0 9ee7 64a8 77ed 8..b....l...d.w. 0000020: 7b5d 97f6 e3e1 8a56 e8f5 1000 9f51 51df {].....V.....QQ. 0000030: 7221 7c42 afd5 f5a1 5d4e a039 8306 ecf2 r!|B....]N.9.... 0000040: 4a J I'd expect either 0000000: 20 or 0000000: 0a . or something like that... ;-) Marc - --=20 Marc Mutz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8wch93oWD+L2/6DgRAnqeAKD44zijCM88gPljbmQ8YPiHGNYZKQCg/w/U 9sYKuSz5IJH2NxDZs/jfZRE=3D =3DsYil -----END PGP SIGNATURE----- From dcroshaw@cableone.net Sun Apr 21 07:00:01 2002 From: dcroshaw@cableone.net (David and Debby Croshaw) Date: Sun Apr 21 06:00:01 2002 Subject: help Message-ID: <003201c1e8e9$3a4af720$10997418@c1372430a> This is a multi-part message in MIME format. ------=_NextPart_000_002F_01C1E8B6.EF3367E0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable hi, i have a web site and i need to get a pgp key. i can find sites about = it, but nowhere with instructions on the steps i go through to do so. = can you help me? i would be very grateful. debby croshaw ------=_NextPart_000_002F_01C1E8B6.EF3367E0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
hi,
 
i have a web site and i need to get a = pgp=20 key.  i can find sites about it, but nowhere with instructions on = the steps=20 i go through to do so.  can you help me?  i would be very=20 grateful.  debby croshaw
------=_NextPart_000_002F_01C1E8B6.EF3367E0-- From jkane89@softhome.net Sun Apr 21 10:18:01 2002 From: jkane89@softhome.net (John Kane) Date: Sun Apr 21 09:18:01 2002 Subject: bug: can't sign zero-length data Message-ID: <3CC266F1.24236AC9@softhome.net> mm> echo -n ' ' | gpg --armor --sign --encrypt --textmode \ mm> -u 0xdeadbeef --set-filename stdin -r 0xdeadbeef |gpg --decrypt You're right. I get the same behavior using gpg 1.0.6-2 + WinXP, with a file consisting of one or more space characters and no trailing CRLF or non-whitespace characters. The problem goes away if I drop textmode and do -sea instead of -seat, but then it comes back again if I feed a zero-length empty file to gpg. The hash and signature don't properly verify when the plaintext gets canonicalized to the equivalent of zero-bytes-long. Instead of 'Good signature...', I get only 'encrypted with...' and 65 bytes of binary garbage to stdout. In fact, I think the sig packet might be getting parsed as bogus ciphertext instead of being recognized as a signature. Original 1.0.6 gives 72 garbage bytes instead of 65. (?) -- "You're only as original as the obscurity of your sources." -- Picasso From Gerd Ewald Sun Apr 21 11:35:01 2002 From: Gerd Ewald (Gerd Ewald) Date: Sun Apr 21 10:35:01 2002 Subject: help In-Reply-To: <003201c1e8e9$3a4af720$10997418@c1372430a> References: <003201c1e8e9$3a4af720$10997418@c1372430a> Message-ID: <602082955.20020421103634@pro-privacy.de> Hello David, On Sat, 20 Apr 2002 22:01:33 -0600 GMT your local time, which was 21.04.2002, 06:01 (GMT+0200) where I live, you wrote: [...] > i can find sites > about it, but nowhere with instructions on the steps i go through > to do so. [...] I guess you are using Windows as your MUA is "Microsoft Outlook Express 5.50.4133.2400". In this case try www.jfrisch.de There is an English translation of how to install GnuPG and a Windows-Frontend. If you are going to use PGP (Ver 6.5.x) you may want to look at www.pro-privacy.de where an English tutorial on PGP is published (It was written for TheBat!-Users, but it is useful for others as well). I remember another good site, but that is written in German, so I'm not sure whether this is of any help. http://home.arcor.de/kraven/pgp/pgp02aa.html HTH -- Best regards, Gerd ======================================================= Tutorial for using PGP with TheBat! www.pro-privacy.de ------------------------------------------------------- Does the name Pavlov ring a bell? ------------------------------------------------------- now playing: WDR2 :-) From gnupg@ddm.wox.org Sun Apr 21 19:21:02 2002 From: gnupg@ddm.wox.org (Dave Chapeskie) Date: Sun Apr 21 18:21:02 2002 Subject: Automatic resyncing of keys? In-Reply-To: <200204201556.00033@erwin.ingo-kloecker.de> References: <20020420133257.GA5347@eiv.com> <200204201556.00033@erwin.ingo-kloecker.de> Message-ID: <20020421162107.GA1217@ddm.wox.org> On Sat, Apr 20, 2002 at 03:55:57PM +0200, Ingo Kl=F6cker wrote: > On Saturday 20 April 2002 15:32, Shawn McMahon wrote: > > Is there a way to automatically re-retrieve all the keys I have in my > > keyring, to get any updated signatures that have been re-submitted, > > short of writing a script? > > > > If not, has somebody written that script already? >=20 > Try this: >=20 > gpg --recv-keys `gpg --list-keys | grep ^pub | sed 's_[^/]*/\([0-9A-F]*\)= .*_\1_'` As seen in the archives this is my prefered method which has many advantages over the above suggestion: gpg --with-colons --fast-list-mode --list-keys \ | awk -F: '$1=3D=3D"pub" {print $5}' \ | sort -u | xargs -n 20 gpg --recv-keys --=20 Dave Chapeskie OpenPGP Key ID: 0x3D2B6B34 From dshaw@jabberwocky.com Sun Apr 21 20:19:01 2002 From: dshaw@jabberwocky.com (David Shaw) Date: Sun Apr 21 19:19:01 2002 Subject: Lost Cipher and Hash preferences In-Reply-To: <9A86613AB85FF346BB1321840DB42B4B67D68E@jupiter.fchn.com> References: <9A86613AB85FF346BB1321840DB42B4B67D68E@jupiter.fchn.com> Message-ID: <20020421171949.GA12927@akamai.com> On Thu, Apr 18, 2002 at 10:48:38AM -0700, Steve Butler wrote: > Get back to you on that. I have a query out to them. So far, this is all I > have (other than looking at their and our public keys): > > "I was looking at your key and apparently you use GnuPGP. You will be the > first group that I send data to that is using GPG. In a nutshell, I tried to > encrypt your file, and it starts to, pulls up the banner info for your key, > and then asks if I want to use this key. But when I say yes, it pauses, and > then returns to the directory where the file resides. (when I use normal PGP > it displays the filename with a .pgp extension - indicating a successful > encryption.) When I look at the directory nothing is encrypted. > The client is using version 7.0.1 Hmm. I tried encrypting to your key here with 7.0.3 and all was well. I don't know what was exactly was changed between 7.0.1 and 7.0.3 (or if what was changed is relevant to this problem). That said, here are two things to try: 1) Add preferences to your key and give it to the customer to try again. You can add preferences by going to the --edit menu, using "delsig" to delete your self-signature, then using "sign" to re-sign it with itself. (gpg -u 1B32D54B --edit 1B32D54B) Make a backup first to be safe. :) 2) Ask your customer to upgrade (hard, I know). David -- David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +---------------------------------------------------------------------------+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson From ingo.kloecker@epost.de Sun Apr 21 20:20:02 2002 From: ingo.kloecker@epost.de (Ingo =?iso-8859-1?q?Kl=F6cker?=) Date: Sun Apr 21 19:20:02 2002 Subject: Automatic resyncing of keys? In-Reply-To: <20020421162107.GA1217@ddm.wox.org> References: <20020420133257.GA5347@eiv.com> <200204201556.00033@erwin.ingo-kloecker.de> <20020421162107.GA1217@ddm.wox.org> Message-ID: <200204211906.27709@erwin.ingo-kloecker.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sunday 21 April 2002 18:21, Dave Chapeskie wrote: > On Sat, Apr 20, 2002 at 03:55:57PM +0200, Ingo Kl=F6cker wrote: > > gpg --recv-keys `gpg --list-keys | grep ^pub | sed > > 's_[^/]*/\([0-9A-F]*\).*_\1_'` > > As seen in the archives this is my prefered method which has many > advantages over the above suggestion: > > gpg --with-colons --fast-list-mode --list-keys \ > =09| awk -F: '$1=3D=3D"pub" {print $5}' \ > =09| sort -u | xargs -n 20 gpg --recv-keys Many roads lead to Rome. My command line was the first thing I did come up with when I wanted to=20 update my keyring last Thursday. And it worked just fine. What's the purpose of the "sort -u"? Why do you sort the key ids? Regards, Ingo -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8wvGSGnR+RTDgudgRAuGAAKDhL2BdiC6duXBuNEVU/QdotgUGZACfZyYy 32WsseAxCdloSI4tnaZA3eU=3D =3DE7vK -----END PGP SIGNATURE----- From peter.kuhm@plus.at Mon Apr 22 03:26:02 2002 From: peter.kuhm@plus.at (Peter Kuhm) Date: Mon Apr 22 02:26:02 2002 Subject: CNN on PGP and alternatives Message-ID: <3.0.6.32.20020422022737.01189d20@mail.plus.at> http://www.cnn.com/2002/TECH/ptech/04/21/encryption.future.ap/index.html ---snip--- Keeping e-mail encryption alive [..] Alternative answers? The alternatives still need work. Authora, for instance, lacks compatibility with non-Microsoft e-mail software such as Eudora and Lotus Notes. Gnu is only a command-line program and needs a graphical interface to be attractive to the vast majority of users. A few interfaces, including Windows Privacy Tray, have been developed but none are as versatile or simple as Network Associates' program. The Gnu project "is the thing that comes close to what PGP from (Network Associates) was, and it's really not there yet," said David Del Torto, executive director of the CryptoRights Foundation, which promotes encryption for human rights workers. Zimmermann, who chairs the OpenPGP Alliance and works with som commercial distributors, thinks any viable alternative will also need extensive marketing. And if the PGP user base is to expand, he said, tools must be easier to use. [..] ---snap--- From rtilley@vt.edu Mon Apr 22 03:57:01 2002 From: rtilley@vt.edu (Brad Tilley) Date: Mon Apr 22 02:57:01 2002 Subject: CNN on PGP and alternatives In-Reply-To: <3.0.6.32.20020422022737.01189d20@mail.plus.at> References: <3.0.6.32.20020422022737.01189d20@mail.plus.at> Message-ID: <200204220058.ABI27433@zidane.cc.vt.edu> > Gnu is only a command-line program and needs a graphical interface > to be attractive to the vast majority of users. A few interfaces, including > Windows Privacy Tray, have been developed but none are as versatile > or simple as Network Associates' program. GPA works well for my needs, but it is nowhere near that level of refinement that Network Associates had reached with their GUI. I am a Linux user, so I may be a bit more computer literate than the average MS user. > The Gnu project "is the thing that comes close to what PGP from (Network > Associates) was, and it's really not there yet," said David Del Torto, > executive director of the CryptoRights Foundation, which promotes > encryption for human rights workers. I think gpg works well with email on Linux. I use it daily with KDE and Evolution, and the encryption it provides is almost transparent with either of these clients. I wish that there were more options for encrypting local files and directories through gpg, but I think one day there will be. > Zimmermann, who chairs the OpenPGP Alliance and works with som > commercial distributors, thinks any viable alternative will also need > extensive marketing. And if the PGP user base is to expand, he said, > tools must be easier to use. I think he should have said "Windows" tools must be easier to use, because that is the _big_ user base when it comes to PC systems and email clients. But if you think about it, no method of encryption is as transparent as they need to be (on any OS) in order for widespread public acceptance. From agreene@pobox.com Mon Apr 22 05:19:01 2002 From: agreene@pobox.com (Anthony E. Greene) Date: Mon Apr 22 04:19:01 2002 Subject: CNN on PGP and alternatives In-Reply-To: <200204220058.ABI27433@zidane.cc.vt.edu>; from rtilley@vt.edu on Sun, Apr 21, 2002 at 08:54:38PM -0400 References: <3.0.6.32.20020422022737.01189d20@mail.plus.at> <200204220058.ABI27433@zidane.cc.vt.edu> Message-ID: <20020421222057.D25628@cp5340> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, Apr 21, 2002 at 08:54:38PM -0400, Brad Tilley wrote: >I think gpg works well with email on Linux. I use it daily with KDE and >Evolution, and the encryption it provides is almost transparent with >either of these clients. I wish that there were more options for >encrypting local files and directories through gpg, but I think one day >there will be. It also integrates well with mutt and pine. It would be nice if you could right-click on a file in your file manager and have GPG encrypt be one of the options for all non-GPG files. GPG decrypt/verify would be an option for any file with a GPG MIME type. Tony - -- Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: Linux. The choice of a GNU generation -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene 0x6C94239D iD8DBQE8w3N/pCpg3WyUI50RAh6EAKDi8lsAAnq5OiHv8WZDpCWOso0L/gCg0jmw KoL5vQZUXCEkczwbNGw6o0Q= =8IvS -----END PGP SIGNATURE----- From tyketto@wizard.com Mon Apr 22 05:51:01 2002 From: tyketto@wizard.com (A Guy Called Tyketto) Date: Mon Apr 22 04:51:01 2002 Subject: CNN on PGP and alternatives In-Reply-To: <20020421222057.D25628@cp5340> References: <3.0.6.32.20020422022737.01189d20@mail.plus.at> <200204220058.ABI27433@zidane.cc.vt.edu> <20020421222057.D25628@cp5340> Message-ID: <20020422025144.GA5223@wizard.com> --pWyiEgJYm5f9v55/ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Apr 21, 2002 at 10:20:57PM -0400, Anthony E. Greene wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 >=20 > On Sun, Apr 21, 2002 at 08:54:38PM -0400, Brad Tilley wrote: > >I think gpg works well with email on Linux. I use it daily with KDE and > >Evolution, and the encryption it provides is almost transparent with > >either of these clients. I wish that there were more options for > >encrypting local files and directories through gpg, but I think one day > >there will be.=20 >=20 > It also integrates well with mutt and pine. It would be nice if you could > right-click on a file in your file manager and have GPG encrypt be one of > the options for all non-GPG files. GPG decrypt/verify would be an option > for any file with a GPG MIME type. Let's also not forget newsreaders as well. Tin and (I believe) slrn= =20 have support for GnuPG. Tin has it as a configurable option at compile time= .=20 GnuPG is a more operable and integral piece of work, than most people make = it=20 out to be. ;) BL. --=20 Brad Littlejohn | Email: tyketto@wizard.com Unix Systems Administrator, | tyketto@ozemail.com.au Web + NewsMaster, BOFH.. Smeghead! :) | http://www.wizard.com/~tyketto PGP: 1024D/E319F0BF 6980 AAD6 7329 E9E6 D569 F620 C819 199A E319 F0BF --pWyiEgJYm5f9v55/ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8w3q/yBkZmuMZ8L8RAriMAJ0X2SF0PhaqNi3ZkZUDcGzQVW4iAgCg4vmT zuA2zHiKkDcGKFxvEiAnRd4= =Aco1 -----END PGP SIGNATURE----- --pWyiEgJYm5f9v55/-- From kr6x@kr6x.com Mon Apr 22 07:28:01 2002 From: kr6x@kr6x.com (Leigh S. Jones) Date: Mon Apr 22 06:28:01 2002 Subject: Download References: Message-ID: <043b01c1e9b7$0f6a0d60$ede3c23f@KR6X.ORG> This is a multi-part message in MIME format. ------=_NextPart_000_0438_01C1E97C.6264BC30 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Having only just recently installed gpg on a Windows 2000 computer I can = say that there was nothing unusual about the installation. Now, first I'm going to assume that we use the same version of gpg -- = this is the gpg win32=20 binaries release version 1.0.6. inside of the zip file is gpg.exe, which = you can place on the directory "C:\winnt" on most installations of windows 2000. There's = nothing magic about this location, it's just one of the places that you can expect will = automatically be in the directory search path. Now you open a DOS prompt screen and type "gpg = -h" to get a description of the usage. Or is it "gpg --help"? Of course, you'll have to allow gpg to create a "c:\gnupg" directory and = populate it with some empty database files. To do this you first type something like = "gpg" to start up=20 gpg in the default mode, and it will do some complaining. You type = control- to get out of this mode. Pretty soon you are typing "gpg --list-keys" and gpg is = responding that=20 there are no keys to list or maybe it gives you an empty list or = something like that. Your first task with gpg is to create some keys for yourself, or import = them from your PGP keyring. GPG doesn't do any fancy installing of itself (Win32 binary version). = Oh, in the linux or Unix version you can expect to have to configure and compile the = program, but not with the binaries. Just run the program. It runs from the command = prompt. There=20 are lots of "options" and "commands" you need to be aware of. Get that = information=20 from the "GNU Privacy Handbook" found at www.gnupg.org under = "documents", from=20 the readme files and from the help screen. ----- Original Message -----=20 From: davis@zmm.ch=20 To: gnupg-users@gnupg.org=20 Sent: Saturday, April 20, 2002 4:04 AM Subject: Download To whom it may concern I just downloaded the latest GnuPG version. I have a Celeron 500 CPU = and use Winodws 2000. Unfortunately I could not install the programm = after unzipping it. Do you know the problem? =20 Thanks =20 Davis ------=_NextPart_000_0438_01C1E97C.6264BC30 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
Having only just recently installed gpg = on a=20 Windows 2000 computer I can say that there was
nothing unusual about the=20 installation.
 
Now, first I'm going to assume that we = use the same=20 version of gpg -- this is the gpg win32
binaries release version 1.0.6. inside = of the zip=20 file is gpg.exe, which you can place on the
directory "C:\winnt" on most = installations of=20 windows 2000.  There's nothing magic about
this location, it's just one of the = places that you=20 can expect will automatically be in the
directory search path.  Now you = open a DOS=20 prompt screen and type "gpg -h" to get a
description of the usage.  Or is = it "gpg=20 --help"?
 
Of course, you'll have to allow gpg to = create a=20 "c:\gnupg" directory and populate it with
some empty database files.  To do = this you=20 first type something like "gpg" to start up
gpg in the default mode, and it will do = some=20 complaining.  You type control-<C> to get out
of this mode.  Pretty soon you are = typing=20 "gpg --list-keys" and gpg is = responding that=20
there are no keys to list or maybe it = gives=20 you an empty list or something like=20 that.
Your first task with gpg is to create = some keys for=20 yourself, or import them from your
PGP keyring.
 
GPG doesn't do any fancy installing of = itself=20 (Win32 binary version).  Oh, in the linux
or Unix version you can expect to have = to configure=20 and compile the program, but not
with the binaries.  Just run the=20 program.  It runs from the command prompt.  There =
are lots of "options" and "commands" = you need to be=20 aware of.  Get that information
from the "GNU Privacy Handbook" found = at www.gnupg.org under "documents", = from=20
the readme files and from the help=20 screen.
----- Original Message -----
From:=20 davis@zmm.ch =
Sent: Saturday, April 20, 2002 = 4:04=20 AM
Subject: Download

To whom=20 it may concern

I just=20 downloaded the latest GnuPG version. I = have a=20 Celeron 500 CPU and use Winodws 2000. = Unfortunately=20 I could not install the programm after = unzipping it.=20 Do you know the problem?

 

Thanks

 

Davis

------=_NextPart_000_0438_01C1E97C.6264BC30-- From mutz@kde.org Mon Apr 22 10:58:01 2002 From: mutz@kde.org (Marc Mutz) Date: Mon Apr 22 09:58:01 2002 Subject: [OT] Re: CNN on PGP and alternatives In-Reply-To: <20020422025144.GA5223@wizard.com> References: <3.0.6.32.20020422022737.01189d20@mail.plus.at> <20020421222057.D25628@cp5340> <20020422025144.GA5223@wizard.com> Message-ID: <200204220954.48656@sendmail.mutz.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Monday 22 April 2002 04:51, A Guy Called Tyketto wrote: > Let's also not forget newsreaders as well. Tin and (I believe) = slrn > have support for GnuPG. Tin has it as a configurable option at compile > time. GnuPG is a more operable and integral piece of work, than most pe= ople > make it out to be. ;) Hmm? What do you want encryption for in news?? However, signing is supported by KNode, of course for GnuPG and PGP{2,5,6= }. :-) Marc - --=20 Marc Mutz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8w8HH3oWD+L2/6DgRAm/yAJ9m1Sw4Awxh/evtwX0/7kC9NBqP2wCg2/UJ QL0mH3kiVC8W9LE7wCliczs=3D =3DfLvt -----END PGP SIGNATURE----- From rabbi@quickie.net Mon Apr 22 11:14:01 2002 From: rabbi@quickie.net (Len Sassaman) Date: Mon Apr 22 10:14:01 2002 Subject: CNN on PGP and alternatives In-Reply-To: <20020421222057.D25628@cp5340> Message-ID: On Sun, 21 Apr 2002, Anthony E. Greene wrote: > It also integrates well with mutt and pine. It would be nice if you could Well, *nothing* really integrates well with pine, given its horrible filter interface. (This is the reason that I, as a pine user, cannot read PGP/MIME messages). --Len. From seb@wr.home.pl Mon Apr 22 12:07:02 2002 From: seb@wr.home.pl (Sebastian Kumos) Date: Mon Apr 22 11:07:02 2002 Subject: tar, gzip etc. in Windows [was: Re: Encrypt a whole directory in a single pass] Message-ID: Hi All, I installed Cygwin from Red Hat on my Windows machine and got bash + other shells and loads of unix utilities re-compiled for Win, including tar, gzip and bzip2. They have no file name limitations and work excellent! I also copied some exe files I needed plus appropriate DLL libs to another Win installation in order to use them as a 'raw' environment for simple operations on files like archiving, generating MD5 sums, copying, splitting, etc. They work fast & nice from the DOS command line.The files I generate are handled without problems in various unices. Try this if you need more flexibility in Windows. BTW, has anyone tried compiling gnupg under Cygwin? I can't try this at the moment. Cheers, seb From disastry@saiknes.lv Mon Apr 22 12:39:01 2002 From: disastry@saiknes.lv (disastry@saiknes.lv) Date: Mon Apr 22 11:39:01 2002 Subject: tar, gzip etc. in Windows [was: Re: Encrypt a whole directory in a single pass] Message-ID: <3CC3DA7F.7269B7A6@saiknes.lv> -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Sebastian Kumos wrote: > BTW, has anyone tried compiling gnupg under Cygwin? > I can't try this at the moment. > Cheers, > seb yes, for 1.0.6 you have to patch it (patch on my web page) but 1.0.6e compiles on Cygwin out of box :) __ Disastry http://disastry.dhs.org/ http://disastry.dhs.org/pgp <----PGP plugins for Netscape and MDaemon ^----PGP 2.6.3ia-multi05 (supports IDEA, CAST5, BLOWFISH, TWOFISH, AES, 3DES ciphers and MD5, SHA1, RIPEMD160, SHA2 hashes) -----BEGIN PGP SIGNATURE----- Version: Netscape PGP half-Plugin 0.15 by Disastry / PGPsdk v1.7.1 iQA/AwUBPMO9mDBaTVEuJQxkEQOujwCgk3MqJ7KRHxgdog969NLHvakq578AoO1a Ridj9DKGKJD4dJPHyV4zoI9O =uy1f -----END PGP SIGNATURE----- From agreene@pobox.com Mon Apr 22 14:29:01 2002 From: agreene@pobox.com (Anthony E. Greene) Date: Mon Apr 22 13:29:01 2002 Subject: CNN on PGP and alternatives In-Reply-To: ; from rabbi@quickie.net on Mon, Apr 22, 2002 at 01:15:20AM -0700 References: <20020421222057.D25628@cp5340> Message-ID: <20020422073010.B32093@cp5340> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, Apr 22, 2002 at 01:15:20AM -0700, Len Sassaman wrote: >On Sun, 21 Apr 2002, Anthony E. Greene wrote: > >> It also integrates well with mutt and pine. It would be nice if you could > >Well, *nothing* really integrates well with pine, given its horrible >filter interface. (This is the reason that I, as a pine user, cannot read >PGP/MIME messages). Given the fact that we're stuck using text/plain and processing the body of the message, pine's filters are very useful. With mutt, I have to ignore the software integration and fashion workarounds to be compatible with most other users. I use a pair of vim macros to clearsign or encrypt while editing. I use a procmail filter to change the MIME type of messages containing armor headers so that mutt will call GPG to process the message before displaying it -- much like pine's display filter. This won't really get any better until mailers that support PGP/MIME are used by more people. Tony - -- Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: Linux. The choice of a GNU generation -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene 0x6C94239D iD8DBQE8w/PppCpg3WyUI50RAt6LAJ9aHTE9wrRV6FZXt/o6jga42SWHTACg8VC1 cYoXxPp4ANaGtKZjxwX+MK4= =isSl -----END PGP SIGNATURE----- From jean-francois.paris@insalien.org Mon Apr 22 14:40:01 2002 From: jean-francois.paris@insalien.org (Jean-Francois PARIS) Date: Mon Apr 22 13:40:01 2002 Subject: Automatic resyncing of keys? In-Reply-To: <20020420133257.GA5347@eiv.com> References: <20020420133257.GA5347@eiv.com> Message-ID: <20020422133913.2d865d08.jean-francois.paris@insalien.org> --=.NK(I_xofI0'd5U Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit On Sat, 20 Apr 2002 09:32:57 -0400 Shawn McMahon wrote: > I'm sure this must have been asked before, but I'm not finding it in the > archives or google: > > Is there a way to automatically re-retrieve all the keys I have in my > keyring, to get any updated signatures that have been re-submitted, > short of writing a script? > > If not, has somebody written that script already? a small perl script. Also works with actionPerl on Windows ---- #!/usr/bin/perl $gnupg_exec="/usr/bin/gpg"; @keyidlist = (); open (GPG ,"$gnupg_exec --list-keys --with-colons |"); while ($ligne = ) { @champs = split(/:/,$ligne); if ($champs[0] eq "pub") { push(@keyidlist, $champs[4]); print("$champs[4] ajoutée\n"); } } foreach $id (@keyidlist) { system("$gnupg_exec --recv-key $id"); } ---- regards. -- ------------------------------------- Paris jean-francois \|/ ____ \|/ "@' / ,. \ `@" jean-francois.paris@insalien.org /_| \__/ |_\ jean-francois.paris@insa-lyon.fr \__U_/ ^^^^^^^^^^^^^^^^^^^^^^^^ CLE PUBLIQUE PGP&GPG DH/DSS ID: 0xBF4B709E Please note : this is a new key ----------- AIM mjediyoda Jabber rouge_@jabber.org ----------- PAGE WEB : http://mjediyoda.free.fr/ ------------------------------------- --=.NK(I_xofI0'd5U Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) iEYEARECAAYFAjzD9m8ACgkQpAouOb9LcJ6pkACfc8zxikctm7xrOAWkROMterCL jvUAmgPq1hA/d06i7OEeCCjnGLhHTksh =WWXQ -----END PGP SIGNATURE----- --=.NK(I_xofI0'd5U-- From hideki@allcity.net Mon Apr 22 15:37:01 2002 From: hideki@allcity.net (Hideki Saito) Date: Mon Apr 22 14:37:01 2002 Subject: 1.0.6e symmetrically encrypted signed message fails to decrypt Message-ID: <200204221238.g3MCc5e17876@server-1.visp.net> The following message is encrypted using the passphrase "Test" It is encrypted using the option -csa Can anyone decrypt this message using the passphrase above on GnuPG 1.0.6e? -----BEGIN PGP MESSAGE----- Version: GnuPG v1.0.6e (MingW32) jA0EAwMCK2t7qAMeqMZgyXXaceyqpXuJ/bhLWlq4X0qM4+TRaaQEiYFNfhAyIvZY dTOod40IlwnjSH19hpD7AQui5zYa96hSszWsMwTgf7jK2u8hv5FrP/K5MqGzrskF jIjeDs2PKZxevhKpQNr2xVq4OetppYfJTLMqfuQiqnCPTKPHH+s= =CLHa -----END PGP MESSAGE----- Confirmed on Win32 compilation. This does decrypt on PGP. -- Hideki Saito mailto:hideki@allcity.net From hideki@allcity.net Mon Apr 22 15:59:01 2002 From: hideki@allcity.net (Hideki Saito) Date: Mon Apr 22 14:59:01 2002 Subject: 1.0.6e symmetrically encrypted signed message fails to decrypt In-Reply-To: <200204221238.g3MCc5e17876@server-1.visp.net> References: <200204221238.g3MCc5e17876@server-1.visp.net> Message-ID: <200204221259.g3MCxZe31243@server-1.visp.net> Investigated further...hmm, w32's not handling stdin's right...it worked fine when I saved the file then decrypt the file, or through the mailer...hmm... >The following message is encrypted using the passphrase "Test" > >It is encrypted using the option -csa > >Can anyone decrypt this message using the passphrase above on GnuPG >1.0.6e? > >-----BEGIN PGP MESSAGE----- >Version: GnuPG v1.0.6e (MingW32) > >jA0EAwMCK2t7qAMeqMZgyXXaceyqpXuJ/bhLWlq4X0qM4+TRaaQEiYFNfhAyIvZY >dTOod40IlwnjSH19hpD7AQui5zYa96hSszWsMwTgf7jK2u8hv5FrP/K5MqGzrskF >jIjeDs2PKZxevhKpQNr2xVq4OetppYfJTLMqfuQiqnCPTKPHH+s= >=CLHa >-----END PGP MESSAGE----- > >Confirmed on Win32 compilation. >This does decrypt on PGP. > >-- >Hideki Saito mailto:hideki@allcity.net > >_______________________________________________ >Gnupg-users mailing list >Gnupg-users@gnupg.org >http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Hideki Saito mailto:hideki@allcity.net From Weimer@CERT.Uni-Stuttgart.DE Mon Apr 22 16:55:01 2002 From: Weimer@CERT.Uni-Stuttgart.DE (Florian Weimer) Date: Mon Apr 22 15:55:01 2002 Subject: Automatic resyncing of keys? In-Reply-To: <20020420135545.GE662@akamai.com> (David Shaw's message of "Sat, 20 Apr 2002 09:55:45 -0400") References: <20020420133257.GA5347@eiv.com> <20020420135545.GE662@akamai.com> Message-ID: <87hem3j0ra.fsf@CERT.Uni-Stuttgart.DE> David Shaw writes: > This is a feature in GnuPG 1.0.7. Use "gpg --refresh-keys". --refresh-keys seems to import new keys with the same user ID as present keys, BTW. -- Florian Weimer Weimer@CERT.Uni-Stuttgart.DE University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/ RUS-CERT +49-711-685-5973/fax +49-711-685-5898 From kr6x@kr6x.com Mon Apr 22 17:07:02 2002 From: kr6x@kr6x.com (Leigh S. Jones) Date: Mon Apr 22 16:07:02 2002 Subject: 1.0.6e symmetrically encrypted signed message fails to decrypt References: <200204221238.g3MCc5e17876@server-1.visp.net> Message-ID: <04fb01c1ea07$f7ee8840$ede3c23f@KR6X.ORG> Can you read this? No problem. ----- Original Message ----- From: "Hideki Saito" To: Sent: Monday, April 22, 2002 5:38 AM Subject: 1.0.6e symmetrically encrypted signed message fails to decrypt > The following message is encrypted using the passphrase "Test" > > It is encrypted using the option -csa > > Can anyone decrypt this message using the passphrase above on GnuPG > 1.0.6e? > > -----BEGIN PGP MESSAGE----- > Version: GnuPG v1.0.6e (MingW32) > > jA0EAwMCK2t7qAMeqMZgyXXaceyqpXuJ/bhLWlq4X0qM4+TRaaQEiYFNfhAyIvZY > dTOod40IlwnjSH19hpD7AQui5zYa96hSszWsMwTgf7jK2u8hv5FrP/K5MqGzrskF > jIjeDs2PKZxevhKpQNr2xVq4OetppYfJTLMqfuQiqnCPTKPHH+s= > =CLHa > -----END PGP MESSAGE----- > > Confirmed on Win32 compilation. > This does decrypt on PGP. > > -- > Hideki Saito mailto:hideki@allcity.net > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users From kr6x@kr6x.com Mon Apr 22 17:12:02 2002 From: kr6x@kr6x.com (Leigh S. Jones) Date: Mon Apr 22 16:12:02 2002 Subject: tar, gzip etc. in Windows [was: Re: Encrypt a whole directory in a single pass] References: Message-ID: <050301c1ea08$af117780$ede3c23f@KR6X.ORG> I've used cygwin to make/compile gnupg now. Had to include a few options on the "./configure" command line to make it all compile. It worked. But, oddly enough, I needed to take care in its use. The win32 binaries that I'd placed in the C:\Winnt directory were being called instead of the desired version, resulting in the use of the wrong keyrings. Networking didn't work quite right. ----- Original Message ----- From: "Sebastian Kumos" To: Sent: Monday, April 22, 2002 3:08 AM Subject: tar, gzip etc. in Windows [was: Re: Encrypt a whole directory in a single pass] > Hi All, > > I installed Cygwin from Red Hat on my Windows machine > and got bash + other shells and loads of unix utilities > re-compiled for Win, including tar, gzip and bzip2. > They have no file name limitations and work excellent! > I also copied some exe files I needed plus appropriate > DLL libs to another Win installation in order to use > them as a 'raw' environment for simple operations on > files like archiving, generating MD5 sums, copying, > splitting, etc. They work fast & nice from the DOS command > line.The files I generate are handled without problems in > various unices. > Try this if you need more flexibility in Windows. > > BTW, has anyone tried compiling gnupg under Cygwin? > I can't try this at the moment. > > Cheers, > > seb > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users From sbutler@fchn.com Mon Apr 22 17:13:02 2002 From: sbutler@fchn.com (Steve Butler) Date: Mon Apr 22 16:13:02 2002 Subject: Lost Cipher and Hash preferences Message-ID: <9A86613AB85FF346BB1321840DB42B4B67D6B9@jupiter.fchn.com> It is getting more interesting. The customer was able to encrypt using the key on a *doze box. It's their Unix box that doesn't like the key! I followed the steps to add preferences. No preferences were added. Do I understand that v1.07 will have the ability to directly change the preferences? -----Original Message----- From: David Shaw [mailto:dshaw@jabberwocky.com] Sent: Sunday, April 21, 2002 10:20 AM [snip] Hmm. I tried encrypting to your key here with 7.0.3 and all was well. I don't know what was exactly was changed between 7.0.1 and 7.0.3 (or if what was changed is relevant to this problem). That said, here are two things to try: 1) Add preferences to your key and give it to the customer to try again. You can add preferences by going to the --edit menu, using "delsig" to delete your self-signature, then using "sign" to re-sign it with itself. (gpg -u 1B32D54B --edit 1B32D54B) [snip] CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. From sbutler@fchn.com Mon Apr 22 17:23:02 2002 From: sbutler@fchn.com (Steve Butler) Date: Mon Apr 22 16:23:02 2002 Subject: 1.0.6e symmetrically encrypted signed message fails to decrypt Message-ID: <9A86613AB85FF346BB1321840DB42B4B67D6BA@jupiter.fchn.com> I was able to decrypt it (and read it) using 1.0.6-2 with the WinPT interface. -----Original Message----- From: Hideki Saito [mailto:hideki@allcity.net] Sent: Monday, April 22, 2002 5:39 AM To: gnupg-users@gnupg.org Subject: 1.0.6e symmetrically encrypted signed message fails to decrypt The following message is encrypted using the passphrase "Test" It is encrypted using the option -csa Can anyone decrypt this message using the passphrase above on GnuPG 1.0.6e? -----BEGIN PGP MESSAGE----- Version: GnuPG v1.0.6e (MingW32) jA0EAwMCK2t7qAMeqMZgyXXaceyqpXuJ/bhLWlq4X0qM4+TRaaQEiYFNfhAyIvZY dTOod40IlwnjSH19hpD7AQui5zYa96hSszWsMwTgf7jK2u8hv5FrP/K5MqGzrskF jIjeDs2PKZxevhKpQNr2xVq4OetppYfJTLMqfuQiqnCPTKPHH+s= =CLHa -----END PGP MESSAGE----- Confirmed on Win32 compilation. This does decrypt on PGP. -- Hideki Saito mailto:hideki@allcity.net _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. From Thorsten.Delbrouck@guardeonic.com Mon Apr 22 17:25:02 2002 From: Thorsten.Delbrouck@guardeonic.com (Thorsten.Delbrouck@guardeonic.com) Date: Mon Apr 22 16:25:02 2002 Subject: help Message-ID: <93659FED3BE2D411A92400508BAD48BB011D8B26@mchp542a.muc.infineon.com> Hi (David and) Debby :-) > i can find sites about it, but nowhere with instructions You might want to have a look at http://www.winpt.org/ ("WinPT (Windows Privacy Tray) is a taskbar utility (...)"). Once installed this will lead you through a graphical key-generation process ("Key Manager / Key / Generate"). And check http://www.winpt.org/gpgoedoc.html ("GPGOE is an Outlook Express plug-in for GnuPG created by Timo Schulz (...)"). regards, /tdk -- Thorsten Delbrouck-Konetzko From wk@gnupg.org Mon Apr 22 17:29:02 2002 From: wk@gnupg.org (Werner Koch) Date: Mon Apr 22 16:29:02 2002 Subject: 1.0.6e symmetrically encrypted signed message fails to decrypt In-Reply-To: <200204221238.g3MCc5e17876@server-1.visp.net> (Hideki Saito's message of "Mon, 22 Apr 2002 05:38:30 -0700") References: <200204221238.g3MCc5e17876@server-1.visp.net> Message-ID: <874ri34xhk.fsf@alberti.gnupg.de> On Mon, 22 Apr 2002 05:38:30 -0700, Hideki Saito said: > Can anyone decrypt this message using the passphrase above on GnuPG > 1.0.6e? Sure: :symkey enc packet: version 4, cipher 3, s2k 3, hash 2 salt 2b6b7ba8031ea8c6, count 96 :encrypted data packet: length: 117 :compressed packet: algo=1 :onepass_sig packet: keyid E1530DF9105D2549 version 3, sigclass 00, digest 2, pubkey 17, last=1 :literal data packet: mode b, created 1019478848, name="", raw data: 20 bytes :signature packet: algo 17, keyid E1530DF9105D2549 version 3, created 1019478854, md5len 5, sigclass 00 digest algo 2, begin of digest f3 dd data: [160 bits] data: [159 bits] From wk@gnupg.org Mon Apr 22 17:33:02 2002 From: wk@gnupg.org (Werner Koch) Date: Mon Apr 22 16:33:02 2002 Subject: 1.0.6e symmetrically encrypted signed message fails to decrypt In-Reply-To: <200204221259.g3MCxZe31243@server-1.visp.net> (Hideki Saito's message of "Mon, 22 Apr 2002 06:00:00 -0700") References: <200204221238.g3MCc5e17876@server-1.visp.net> <200204221259.g3MCxZe31243@server-1.visp.net> Message-ID: <87y9ff3iqc.fsf@alberti.gnupg.de> On Mon, 22 Apr 2002 06:00:00 -0700, Hideki Saito said: > Investigated further...hmm, w32's not handling stdin's right...it > worked fine when I saved the file then decrypt the file, or through Just check that there is a setmode call in iobuf_open. Hmmm, can't debug right now. Werner From Thorsten.Delbrouck@guardeonic.com Mon Apr 22 18:05:02 2002 From: Thorsten.Delbrouck@guardeonic.com (Thorsten.Delbrouck@guardeonic.com) Date: Mon Apr 22 17:05:02 2002 Subject: 1.0.6e symmetrically encrypted signed message fails to decryp t Message-ID: <93659FED3BE2D411A92400508BAD48BB011D8B28@mchp542a.muc.infineon.com> > The following message is encrypted using the passphrase "Test" > > "Can you read this?" Dunno if this is of any interest to you, but decrypting with NAIs PGP Desktop Suite 7.1 works fine, too. regards, /tdk -- Thorsten Delbrouck-Konetzko From wk@gnupg.org Mon Apr 22 18:11:01 2002 From: wk@gnupg.org (Werner Koch) Date: Mon Apr 22 17:11:01 2002 Subject: Lost Cipher and Hash preferences In-Reply-To: <9A86613AB85FF346BB1321840DB42B4B67D6B9@jupiter.fchn.com> ("Steve Butler"'s message of "Mon, 22 Apr 2002 07:12:42 -0700") References: <9A86613AB85FF346BB1321840DB42B4B67D6B9@jupiter.fchn.com> Message-ID: <87ofgb3gxf.fsf@alberti.gnupg.de> On Mon, 22 Apr 2002 07:12:42 -0700, Steve Butler said: > Do I understand that v1.07 will have the ability to directly change the > preferences? Yes. Werner From smcmahon@eiv.com Mon Apr 22 18:12:01 2002 From: smcmahon@eiv.com (Shawn McMahon) Date: Mon Apr 22 17:12:01 2002 Subject: [OT] Re: CNN on PGP and alternatives In-Reply-To: <200204220954.48656@sendmail.mutz.com> References: <3.0.6.32.20020422022737.01189d20@mail.plus.at> <20020421222057.D25628@cp5340> <20020422025144.GA5223@wizard.com> <200204220954.48656@sendmail.mutz.com> Message-ID: <20020422151328.GE22869@eiv.com> --phCU5ROyZO6kBE05 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable begin Marc Mutz quotation: >=20 > Hmm? What do you want encryption for in news?? Obfuscating the sender and receiver. Especially the receiver. It's about managing information leakage and confusing traffic analysis. --=20 Shawn McMahon | McMahon's Laws of Linux support: http://www.eiv.com | 1) There's more than one way to do it AIM: spmcmahonfedex, smcmahoneiv | 2) Somebody thinks your way is wrong --phCU5ROyZO6kBE05 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjzEKJcACgkQEcl9bQ0RMt1cuwCfUC8n4RA8ll6KnF6HyM7FrMMP OaAAoP4se+oB31kLGRP1X7PURDRR+k5c =q4ba -----END PGP SIGNATURE----- --phCU5ROyZO6kBE05-- From graham.todd@ntlworld.com Mon Apr 22 18:20:01 2002 From: graham.todd@ntlworld.com (Graham) Date: Mon Apr 22 17:20:01 2002 Subject: GnuPG 1.0.6e Message-ID: <20020422152129.HSYN29981.mta07-svc.ntlworld.com@there> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Is this a Linux distribution, and where can we get it? - -- Graham GPG Key ID: E935DB9D -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Please sign and encrypt for internet privacy iD8DBQE8xCuoIwtBZOk1250RAhcWAKD+TtIYCjnM9wfPa4tk504n9329kwCaA8k3 zltw/6LNamUghzR1vTZ/Phw= =naa6 -----END PGP SIGNATURE----- From AthlonRobNF@cs.com Mon Apr 22 20:33:02 2002 From: AthlonRobNF@cs.com (AthlonRob) Date: Mon Apr 22 19:33:02 2002 Subject: 1.0.6e symmetrically encrypted signed message fails to decrypt In-Reply-To: <200204221238.g3MCc5e17876@server-1.visp.net> References: <200204221238.g3MCc5e17876@server-1.visp.net> Message-ID: <200204221032.00508.AthlonRobNF@CS.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Monday 22 April 2002 05:38 am, Hideki Saito wrote: > Message was signed by Hideki Saito (Key ID: > 0x105D2549). The signature is valid, but the key's validity is unknown. > > > Can you read this? > > > > End of signed message Yes. It decrypted just perfectly. Using KMail (quit snickering Mutt users!= =20 lol) and GnuPG 1.0.6 (not sure about the e at the end). Rob -----BEGIN PGP SIGNATURE----- Comment: Key ID 0x838E01ED - Available from www.keyserver.net iD8DBQE8xEkQhm6KEoOOAe0RAiYLAJ93yrNggKVvPlEVMLDa4TSPl5LC0wCeKzPL 9AO/Jf+OgYonnXg5AFVhxts=3D =3DhCvx -----END PGP SIGNATURE----- From cwsiv_home1@juno.com Mon Apr 22 21:32:02 2002 From: cwsiv_home1@juno.com (carl w spitzer) Date: Mon Apr 22 20:32:02 2002 Subject: Importing gnupg secret keys into pgp References: <002c01c1e6cd$1c5aee50$01000001@fgu062> <87pu0xcfdd.fsf@alberti.gnupg.de> Message-ID: <20020422.113012.14879.2.cwsiv_home1@juno.com> What about PGP263ai i thought that supported Blowfish, Twofish IDEA, RSA and about 6 more?? o _______________________________ o _____ | CWSIV_HOME1@JUNO.COM | .][__n_n_|DD[ ====_____ | M A R K L I N T R A I N S | > (________|__|_[_________]_|___________________________| _/oo OOOOO oo` ooo ooo 'o!o!o o!o!o` On Thu, 18 Apr 2002 15:20:46 +0200 Werner Koch writes: >On Thu, 18 Apr 2002 12:35:16 +0100, Nicholas Dickens said: > >> way to get messages signed is to use pgp. But I can't seem to import my >> secret keys into it. Any ideas (or places to look), pgp to gnupg is >> pretty well covered... > >Either set the passphrase using GnuPG to empty, export, import to pgp >and set the passphrase again (for both copies of the secring?). > >Or better: > >gpg --s2k-cipher CAST5 --edit your_key_id > >and change the passphrase ("passwd") (you can use the same) so that >CAST5 gets used as the cipher algorithm. Most versions of GnuPG use >Blowfish which is not supported by PGP. > > Werner ________________________________________________________________ GET INTERNET ACCESS FROM JUNO! Juno offers FREE or PREMIUM Internet access for less! Join Juno today! For your FREE software, visit: http://dl.www.juno.com/get/web/. From jharris@widomaker.com Mon Apr 22 23:11:02 2002 From: jharris@widomaker.com (Jason Harris) Date: Mon Apr 22 22:11:02 2002 Subject: keyserver list updates In-Reply-To: <20020420200001.GA527@p5.widomaker.com> References: Message-ID: <20020422201110.GA317@p5.widomaker.com> --BXVAT5kNtrzKuDFl Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Apr 22, 2002 at 07:21:16AM -0400, Kroening, David wrote: > This doens't seem to be a running webserver. > dk You are the only one who continues to have problems, so I can only conclude that it is a problem on your end. I routinely access the site with three different browsers on FreeBSD. Try accessing it directly at: http://galileo.spaceports.com/~jharris/ Beyond that, you'll have to have some professionals on your end get involved. I'm using a free hosting service, so there isn't much else I can do. Sorry. (BTW, the sooner you quit using M$ products, the better off you will be. :) Heck, your mailer doesn't even maintain threading, making it harder for people to find the original message. I think I added the correct header (manually) to reenable threading, though...) Is anyone else having problems accessing the site? > The keyserver list at: >=20 > http://jharris.cjb.net/keyserver.html >=20 > has been updated again. The pgp.com keyserver has been down for a while --=20 Jason Harris jharris@widomaker.com --BXVAT5kNtrzKuDFl Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE8xG5SSypIl9OdoOMRAppUAJ45q3YCDcROCD9tsi4OH9OAbLrU2wCgzmmD KJh0wTn2+BKtYoA4enFvCqs= =yz/P -----END PGP SIGNATURE----- --BXVAT5kNtrzKuDFl-- From dshaw@jabberwocky.com Tue Apr 23 00:05:02 2002 From: dshaw@jabberwocky.com (David Shaw) Date: Mon Apr 22 23:05:02 2002 Subject: Automatic resyncing of keys? In-Reply-To: <87hem3j0ra.fsf@CERT.Uni-Stuttgart.DE> References: <20020420133257.GA5347@eiv.com> <20020420135545.GE662@akamai.com> <87hem3j0ra.fsf@CERT.Uni-Stuttgart.DE> Message-ID: <20020422210550.GB16829@akamai.com> On Mon, Apr 22, 2002 at 03:55:53PM +0200, Florian Weimer wrote: > David Shaw writes: > > > This is a feature in GnuPG 1.0.7. Use "gpg --refresh-keys". > > --refresh-keys seems to import new keys with the same user ID as > present keys, BTW. Are you using 1.0.6e? Can you show me an example? I don't doubt you, but it's hard to imagine how this could be since the keyservers work on numerical key ids, and GnuPG naturally couldn't know the keyid of a key that wasn't already in its keyring. Is it possible what you saw what a new user ID showing up on an existing key? David -- David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +---------------------------------------------------------------------------+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson From ndogg@geekhead.org Tue Apr 23 04:04:02 2002 From: ndogg@geekhead.org (Rene Horn) Date: Tue Apr 23 03:04:02 2002 Subject: EudoraGPG frontend? Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Has anyone used the EudoraGPG frontend? I don't used Eudora, but some of my friends do and I would like for them to start using some sort of encryption. I don't want to use PGP since it's not free and I don't understand all the implications of its redistribution. How easy is it to install this on Eudora? - -- Alternate email addresses: hornr18@uwosh.edu, hawkdogg@whoever.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8xLMrZ99F7WbWfQARApmkAJ42Yfo1sHAe2669YrZ9u7QqalHBhgCcD8pt UlQ8eFEanNHkk4vdrdb8byw= =+CAt -----END PGP SIGNATURE----- From volker.gaibler@urz.uni-heidelberg.de Tue Apr 23 05:13:01 2002 From: volker.gaibler@urz.uni-heidelberg.de (Volker Gaibler) Date: Tue Apr 23 04:13:01 2002 Subject: Revocation problem with keyserver Message-ID: <20020423041213.A2471@gina.local> Hello! I wanted to change my encryption subkey and therefore revoke my old subkey. I read the hints given in earlier questions but it doesn't work. GPG doesn't accept my public key being imported for revocation as Steve Butler wrote on Thu, 7 Mar 2002. I get the following error message: gpg: requesting key 86ECAC0B from wwwkeys.eu.pgp.net ... gpg: key 86ECAC0B: no valid user IDs gpg: this may be caused by a missing self-signature gpg: Total number processed: 1 gpg: w/o user IDs: 1 But the key on the keyserver was created by GPG 1.0.6 and so is self-signed by default. (my key id is 86ECAC0B) Trying to add the new subkey to the keyserver via gpg --send-key results in an ok message but the key on the keyserver is not updated. Adding via web interface shows Key block in add request contained no new keys, userid's, or signatures. Your key block contained 1 format errors, which were treated as if the erroneous elements hadn't been part of your submission. The last error was on key 0xa82a9e56: Key block corrupt: more than one signature on subkey Can this be a keyserver problem or am I doing something awfully wrong? Thanks in advance. Volker -- Volker Gaibler contact: http://www.volker-gaibler.de mail@volker-gaibler.de OpenPGP key: 0x86ECAC0B +---------------------------------------------------------------------+ From dshaw@jabberwocky.com Tue Apr 23 06:02:02 2002 From: dshaw@jabberwocky.com (David Shaw) Date: Tue Apr 23 05:02:02 2002 Subject: Lost Cipher and Hash preferences In-Reply-To: <9A86613AB85FF346BB1321840DB42B4B67D6B9@jupiter.fchn.com> References: <9A86613AB85FF346BB1321840DB42B4B67D6B9@jupiter.fchn.com> Message-ID: <20020423030239.GB662@akamai.com> On Mon, Apr 22, 2002 at 07:12:42AM -0700, Steve Butler wrote: > It is getting more interesting. The customer was able to encrypt using the > key on a *doze box. It's their Unix box that doesn't like the key! > > I followed the steps to add preferences. No preferences were added. Oops - sorry, I was thinking 1.0.7 in my head :( To get back to your original problem, what version of PGP are they using on their Unix box? David -- David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +---------------------------------------------------------------------------+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson From andriash@telus.net Tue Apr 23 08:39:01 2002 From: andriash@telus.net (Nick Andriash) Date: Tue Apr 23 07:39:01 2002 Subject: Lost Cipher and Hash preferences In-Reply-To: <9A86613AB85FF346BB1321840DB42B4B67D6B9@jupiter.fchn.com> References: <9A86613AB85FF346BB1321840DB42B4B67D6B9@jupiter.fchn.com> Message-ID: <20020422223413.E88E.ANDRIASH@telus.net> Hello Steve Butler, On Monday, April 22 2002 at 07:12 AM PDT, you wrote: > It is getting more interesting. The customer was able to encrypt using the > key on a *doze box. Just what do you mean by "*doze" box? The GnuPG Users List is just that. It is NOT a Unix List. There are many of us here that use the Windows OS and are happy with it. I wish Members like yourself would stop this kind of OS bashing nonsense!! Grow UP!! -- Nick Andriash Courtenay, B.C. Canada From shavital@mac.com Tue Apr 23 08:58:01 2002 From: shavital@mac.com (Charly Avital) Date: Tue Apr 23 07:58:01 2002 Subject: Revocation problem with keyserver In-Reply-To: <20020423041213.A2471@gina.local> References: <20020423041213.A2471@gina.local> Message-ID: Hi, I cannot answer your question (keyserver problem, or else), but I can add the following information, hoping this might help:. 1. Importing your key 0x86ECAC0B with PGP 7.0.3 (Mac version): - fp DEAB AF7A 9269 02E3 7BD1 570C 0AB2 6373 86EC AC0B - signed with [same key] 0x86ECAC0B on April 23, 2002. This signature is dimmed, which in PGP's graphic convention indicates "bad or invalid signature" - signed with same key on April 14, 2002. Signature dimmed, same as in previous. - signed with same key on December 5, 2001. This signature appears to be valid, it shows a valid exportable signature icon. - two subkeys: - valid from April 3, 2002. Expires: never. Size: 2048 - valid from December 5, 2001. Expires: never. Size: 1024 Notes: the key is actually imported into PGP's keyring. The key does not show the red X, which stands for "revoked" in PGP's convention. 2. Trying to import that key using Mac GPG 1.0.6 shows: gpg: requesting key 86ECAC0B from wwwkeys.us.pgp.net ... gpg: key 86ECAC0B: invalid subkey binding gpg: key 86ECAC0B: no valid user IDs gpg: this may be caused by a missing self-signature gpg: Total number processed: 1 gpg: w/o user IDs: 1 [The key was not imported into gpg's keyring] [As indicated above, PGP shows a valid signature in that key. 3. Both imports were done at approximately the same time (less than one minute difference), using the same keyserver. 4. In a similar case, a few days ago, a macgpg-users subscriber reported having revoked the subkey (one and only) in his key. Later, that key, when imported in PGP 7.0.3 (Mac) showed a red X (both in the key row, and in the key's subkey. The red X is the mark for a revoked key. The one and only self signature was dimmed. There was no other signature in that key. Mac GPG's output was: gpg: requesting key FDB85841 from wwwkeys.us.pgp.net ... gpg: key FDB85841: no valid user IDs gpg: this may be caused by a missing self-signature gpg: Total number processed: 1 gpg: w/o user IDs: 1 The key could not be imported into GPG. I am far too lacking in formal computer science knowledge, but I have been using PGP (Mac) since versions 2.x.x, and Mac GPG only since October 2001. Therefore I wouldn't venture conclusions. What I understand from the above, is that in Mr. Gaibler's example, the key's subkey was *not* revoked, and that two "bad or invalid " signatures were added to the key and uploaded to a keyserver. I really don't know whether that means that these are, in fact, signatures revoked by the key owner. Another fact is that the key cannot be imported into gpg, precluding its use by gpg users, but it has been imported in a PGP 7.0.3 keyring, where it doesn't show as revoked. Theoretically, it means that I could not use that key, in gpg, to encrypt a message to Mr. Gaibler. I don't know whether I could use it, in PGP. But could a message signed with that key be verified in gpg, who would only access the key in the keyserver, and verify the signature without actually importing the key? That's what PGP does. Charly At 4:12 AM +0200 4/23/02, Volker Gaibler wrote: >Hello! > >I wanted to change my encryption subkey and therefore revoke my old >subkey. I read the hints given in earlier questions but it doesn't >work. GPG doesn't accept my public key being imported for revocation >as Steve Butler wrote on Thu, 7 Mar 2002. I get the following >error message: > > gpg: requesting key 86ECAC0B from wwwkeys.eu.pgp.net ... > gpg: key 86ECAC0B: no valid user IDs > gpg: this may be caused by a missing self-signature > gpg: Total number processed: 1 > gpg: w/o user IDs: 1 > >But the key on the keyserver was created by GPG 1.0.6 and so is >self-signed by default. (my key id is 86ECAC0B) > >Trying to add the new subkey to the keyserver via gpg --send-key >results in an ok message but the key on the keyserver is not updated. >Adding via web interface shows > > Key block in add request contained no new > keys, userid's, or signatures. > Your key block contained 1 format errors, > which were treated as if the erroneous elements > hadn't been part of your submission. > The last error was on key 0xa82a9e56: > Key block corrupt: more than one signature on subkey > >Can this be a keyserver problem or am I doing something awfully wrong? > >Thanks in advance. >Volker > > > >-- > Volker Gaibler contact: > http://www.volker-gaibler.de mail@volker-gaibler.de > OpenPGP key: 0x86ECAC0B >+---------------------------------------------------------------------+ > >_______________________________________________ >Gnupg-users mailing list >Gnupg-users@gnupg.org >http://lists.gnupg.org/mailman/listinfo/gnupg-users From mikko.moilanen@reimari.net Tue Apr 23 09:47:01 2002 From: mikko.moilanen@reimari.net (Mikko Moilanen) Date: Tue Apr 23 08:47:01 2002 Subject: Freedom of speech(was: Cipher etc.) In-Reply-To: <20020422223413.E88E.ANDRIASH@telus.net>; from andriash@telus.net on Mon, Apr 22, 2002 at 10:39:50PM -0700 References: <9A86613AB85FF346BB1321840DB42B4B67D6B9@jupiter.fchn.com> <20020422223413.E88E.ANDRIASH@telus.net> Message-ID: <20020423093516.C2481@rossi> On Mon, Apr 22, 2002 at 10:39:50PM -0700, Nick Andriash wrote: > Hello Steve Butler, > > On Monday, April 22 2002 at 07:12 AM PDT, you wrote: > > > It is getting more interesting. The customer was able to encrypt using the > > key on a *doze box. > > Just what do you mean by "*doze" box? The GnuPG Users List is just that. > It is NOT a Unix List. There are many of us here that use the Windows OS > and are happy with it. I wish Members like yourself would stop this kind > of OS bashing nonsense!! Grow UP!! I wish you wake up to realize that there is something else which just *works*. I recommend you to search some group where people treats Microsoft as you like, if you cant stand terms what people use about it. I call it what I want and so do others. I can stand it if you say Microsoft as an higher os. But I cant stand that you begin to threaten my and others freefom of speech. Say what you want, I will say what I want. -- -----BEGIN GEEK CODE BLOCK----- Version: 3.12 (vanilla) Comment: For info see www.geekcode.com or http://baldor.ath.cx:2000 GH/O>CS$ ds>! s: a28>a+++ C++ UL>++++ P+ L+++>++++ E--- W++ N++(+++) o-- K- w-->! O-- M- V?(-) PS+ PE++(--) Y+>++ PGP++>+++ t+ 5-- X- R !tv b+ DI-- D++ G e* h r--- y+ ------END GEEK CODE BLOCK------ From Thorsten.Delbrouck@guardeonic.com Tue Apr 23 10:00:01 2002 From: Thorsten.Delbrouck@guardeonic.com (Thorsten.Delbrouck@guardeonic.com) Date: Tue Apr 23 09:00:01 2002 Subject: Problems decrypting Message-ID: <93659FED3BE2D411A92400508BAD48BB011D8B2E@mchp542a.muc.infineon.com> Hi, recently I received a message that was encrypted to 9 recipients (one of them being me) using "CryptoEx" [1]. I was able to decrypt it using NAIs Desktop Suite 7.1 (Windows 2K) without a problem, but I could not decrypt it using GnuPG 1.0.6-2 (win32) (w/ WinPT 0.5.9) -- it just spit out the error message "No secret key available" followed by a Key ID that doesn't belong to one of my keys. Apart from that I noticed that PGP 7.1 shows a message box like this -------------- Message was encrypted to the following public keys: <...> (n unknown keys) -------------- Applied to the same message GnuPG (w/ WinPT) fires up the same info-box but it looks like -------------- Message was encrypted to the following public keys: -------------- Do you have any ideas? Is there any additional information you need? Thanks a lot for you help! regards, /tdk [1]: http://www.cryptoex.com/technology/cryptoex/cryptoex_outlook.asp?LANG=us -- Thorsten Delbrouck-Konetzko From graham.todd@ntlworld.com Tue Apr 23 10:38:01 2002 From: graham.todd@ntlworld.com (Graham) Date: Tue Apr 23 09:38:01 2002 Subject: Freedom of speech(was: Cipher etc.) In-Reply-To: <20020423093516.C2481@rossi> References: <9A86613AB85FF346BB1321840DB42B4B67D6B9@jupiter.fchn.com> <20020422223413.E88E.ANDRIASH@telus.net> <20020423093516.C2481@rossi> Message-ID: <20020423073917.UVSN20036.mta06-svc.ntlworld.com@there> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday 23 April 2002 7:35 am, Mikko Moilanen wrote: > I recommend you to search some group where people treats Microsoft as > you like, if you cant stand terms what people use about it. I call it > what I want and so do others. I can stand it if you say Microsoft as > an higher os. But I cant stand that you begin to threaten my and > others freefom of speech. What a crass reply! This is a GnuPG mailing list: GnuPG is on a number of OS, not just Linux. This is nothing to do with any one OS being "better" than any other (I use Linux totally, but I am willing to accept that Windows does somethings better than Linux), this is nothing to do with freedom of speech (anyway, freedom doesn't give you licence, it gives you more reason to act responsibly), it is more about being polite to others on the list. Which, unless I am very much mistaken, is one of the rules of this list. >Say what you want, I will say what I want. Certainly, providing it is polite and not insulting. We are all entitled to differing points of view, however distasteful those views may appear to others. But if you want to express those views in an insulting manner, please do it elsewhere and not on this list. - -- Graham GPG Key ID: E935DB9D -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Please sign and encrypt for internet privacy iD8DBQE8xRDXIwtBZOk1250RAuhRAKDdjO0rCoc/X9nJsRB8fdDoOst7BwCfayj0 FWYnT4ymN6gqa7wsbVPCyCs= =7Un7 -----END PGP SIGNATURE----- From info@nakawe.se Tue Apr 23 11:12:02 2002 From: info@nakawe.se (Veronica Loell) Date: Tue Apr 23 10:12:02 2002 Subject: Freedom of speech(was: Cipher etc.) Message-ID: <200204230812.KAA22069@d1o907.telia.com> I definately agree with Graham, but wanted to add my own thoughts. I think it's safe to say that the original comment was not "bashing". If you have the same program installed on different OS:es, whether it is totally different one's or different versions of the same OS you will have different problems, a bug that appears in one OS will not nessecarily show up in all OS:es. Hence it is a good step towards solving a problem to know what kind of platform it occurs on, I would think? This said, try not to take peoples comments as an offence, even though it might seem like it to you. This sort of thing is what starts wars and other ugly things. Also one person saying something that you consider offensive is no reason to start acting in the same manner. If you do, you really have no right to complain about how the person was acting, since you do the same thing yourself. Just my two cents... - Veronica Loell >Subject: Re: Freedom of speech(was: Cipher etc.) > From: Graham > Date: Tue, 23 Apr 2002 08:44:07 +0100 > To: gnupg-users@gnupg.org > >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >On Tuesday 23 April 2002 7:35 am, Mikko Moilanen wrote: > >> I recommend you to search some group where people treats Microsoft as >> you like, if you cant stand terms what people use about it. I call it >> what I want and so do others. I can stand it if you say Microsoft as >> an higher os. But I cant stand that you begin to threaten my and >> others freefom of speech. > >What a crass reply! This is a GnuPG mailing list: GnuPG is on a number >of OS, not just Linux. This is nothing to do with any one OS being >"better" than any other (I use Linux totally, but I am willing to >accept that Windows does somethings better than Linux), this is nothing >to do with freedom of speech (anyway, freedom doesn't give you licence, >it gives you more reason to act responsibly), it is more about being >polite to others on the list. > >Which, unless I am very much mistaken, is one of the rules of this list. > >>Say what you want, I will say what I want. > >Certainly, providing it is polite and not insulting. We are all >entitled to differing points of view, however distasteful those views >may appear to others. But if you want to express those views in an >insulting manner, please do it elsewhere and not on this list. >- -- > >Graham >GPG Key ID: E935DB9D > >-----BEGIN PGP SIGNATURE----- >Version: GnuPG v1.0.6 (GNU/Linux) >Comment: Please sign and encrypt for internet privacy > >iD8DBQE8xRDXIwtBZOk1250RAuhRAKDdjO0rCoc/X9nJsRB8fdDoOst7BwCfayj0 >FWYnT4ymN6gqa7wsbVPCyCs= >=7Un7 >-----END PGP SIGNATURE----- > >_______________________________________________ >Gnupg-users mailing list >Gnupg-users@gnupg.org >http://lists.gnupg.org/mailman/listinfo/gnupg-users From justinrt@bellsouth.net Tue Apr 23 11:50:01 2002 From: justinrt@bellsouth.net (Justin Troutman) Date: Tue Apr 23 10:50:01 2002 Subject: Freedom of speech(was: Cipher etc.) References: <200204230812.KAA22069@d1o907.telia.com> Message-ID: <004c01c1eaa3$978c2ec0$7d609d42@oemcomputer> ----- Original Message ----- From: Veronica Loell To: Sent: Tuesday, April 23, 2002 5:15 AM Subject: Re: Freedom of speech(was: Cipher etc.) > I definately agree with Graham, but wanted to add my own thoughts. > Same here. > I think it's safe to say that the original comment was not "bashing". > If you have the same program installed on different OS:es, whether > it is totally different one's or different versions of the same OS > you will have different problems, a bug that appears in one OS will > not nessecarily show up in all OS:es. Hence it is a good step towards > solving a problem to know what kind of platform it occurs on, I would > think? > Of course. That is a great tactic to realize and deploy. > This said, try not to take peoples comments as an offence, even though > it might seem like it to you. This sort of thing is what starts wars > and other ugly things. > > Also one person saying something that you consider offensive is no > reason to start acting in the same manner. If you do, you really have > no right to complain about how the person was acting, since you do > the same thing yourself. > > Just my two cents... > > - Veronica Loell Well said, Veronica. I responded to a flame war on sci.crypt the other day, with a long, drawn-out similar approach, as to how flaming really serves no purpose, rather than boasting pride. In doing so, you miss out on key things that could help narrow down the problem and potentially help solving it. Let's keep the mailing list clean and to the point. Let's discuss and learn, not flame. So, go with Graham's and Veronica's advice and start now. There's no better time to do so. A few more cents... Justin T. From wk@gnupg.org Tue Apr 23 11:51:01 2002 From: wk@gnupg.org (Werner Koch) Date: Tue Apr 23 10:51:01 2002 Subject: Problems decrypting In-Reply-To: <93659FED3BE2D411A92400508BAD48BB011D8B2E@mchp542a.muc.infineon.com> (Thorsten.Delbrouck@guardeonic.com's message of "Tue, 23 Apr 2002 09:00:45 +0200") References: <93659FED3BE2D411A92400508BAD48BB011D8B2E@mchp542a.muc.infineon.com> Message-ID: <87hem2ztgu.fsf@alberti.gnupg.de> On Tue, 23 Apr 2002 09:00:45 +0200, Thorsten Delbrouck said: > (one of them being me) using "CryptoEx" [1]. I was able to decrypt > it using NAIs Desktop Suite 7.1 (Windows 2K) without a problem, but > I could not decrypt it using GnuPG 1.0.6-2 (win32) (w/ WinPT 0.5.9) > -- it just spit out the error message "No secret key available" > followed by a Key ID that doesn't belong to one of my keys. Are you sure that you have the secret-key imported into GnuPG? Run GnuPG with the option -v so it gives you a more verbose output. Run gpg --list-packets on the message and send me the results privatly - it won't show any confidential information just the things a eavesdropper can collect. Werner From hideki@allcity.net Tue Apr 23 12:24:02 2002 From: hideki@allcity.net (Hideki Saito) Date: Tue Apr 23 11:24:02 2002 Subject: 1.0.6e symmetrically encrypted signed message fails to decrypt In-Reply-To: <87y9ff3iqc.fsf@alberti.gnupg.de> References: <200204221238.g3MCc5e17876@server-1.visp.net> <200204221259.g3MCxZe31243@server-1.visp.net> <87y9ff3iqc.fsf@alberti.gnupg.de> Message-ID: <200204230924.g3N9Oke22137@server-1.visp.net> You mean the one invoked by HAVE_DOSISH_SYSTEM and then USE_SETMODE define's, right? Looks like it is getting called... >On Mon, 22 Apr 2002 06:00:00 -0700, Hideki Saito said: > >> Investigated further...hmm, w32's not handling stdin's right...it >> worked fine when I saved the file then decrypt the file, or through > >Just check that there is a setmode call in iobuf_open. Hmmm, can't >debug right now. > > Werner > > >_______________________________________________ >Gnupg-users mailing list >Gnupg-users@gnupg.org >http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Hideki Saito mailto:hideki@allcity.net From andriash@telus.net Tue Apr 23 15:32:02 2002 From: andriash@telus.net (Nick Andriash) Date: Tue Apr 23 14:32:02 2002 Subject: Freedom of speech(was: Cipher etc.) In-Reply-To: <200204230812.KAA22069@d1o907.telia.com> References: <200204230812.KAA22069@d1o907.telia.com> Message-ID: <20020423053213.5A58.ANDRIASH@telus.net> Hello Veronica, On Tuesday, April 23 2002 at 02:15 AM PDT, you wrote: > Also one person saying something that you consider offensive is no > reason to start acting in the same manner. If you do, you really have > no right to complain about how the person was acting, since you do > the same thing yourself. Point made... Point taken... My apologies to the List. -- Nick Andriash Courtenay, B.C. Canada From wk@gnupg.org Tue Apr 23 15:55:01 2002 From: wk@gnupg.org (Werner Koch) Date: Tue Apr 23 14:55:01 2002 Subject: 1.0.6e symmetrically encrypted signed message fails to decrypt In-Reply-To: <200204230924.g3N9Oke22137@server-1.visp.net> (Hideki Saito's message of "Tue, 23 Apr 2002 02:25:20 -0700") References: <200204221238.g3MCc5e17876@server-1.visp.net> <200204221259.g3MCxZe31243@server-1.visp.net> <87y9ff3iqc.fsf@alberti.gnupg.de> <200204230924.g3N9Oke22137@server-1.visp.net> Message-ID: <87ofgay3lg.fsf@alberti.gnupg.de> On Tue, 23 Apr 2002 02:25:20 -0700, Hideki Saito said: > You mean the one invoked by HAVE_DOSISH_SYSTEM and then USE_SETMODE > define's, right? Yep > Looks like it is getting called... Good. werner From rtilley@vt.edu Tue Apr 23 16:18:02 2002 From: rtilley@vt.edu (R. Bradley Tilley) Date: Tue Apr 23 15:18:02 2002 Subject: Another GnuPG Article Message-ID: <200204231302.AJR72480@dagger.cc.vt.edu> Goto the url below and look for "SECURITY: MandrakeSecure.net: Using GnuPG" http://linuxtoday.com/ -- Brad From sbutler@fchn.com Tue Apr 23 17:26:01 2002 From: sbutler@fchn.com (Steve Butler) Date: Tue Apr 23 16:26:01 2002 Subject: Lost Cipher and Hash preferences Message-ID: <9A86613AB85FF346BB1321840DB42B4B67D6C5@jupiter.fchn.com> Didn't realize that *doze and *nix were bashing. While the workstation and the PC at home are *doze box, the database server is a *nix box. Sorry that I touched a sensitive nerve. I have GnuPG running on both the workstation (with WinPT) and the main database server. -----Original Message----- From: Nick Andriash [mailto:andriash@telus.net] Sent: Monday, April 22, 2002 10:40 PM To: GnuPG Users Subject: Re: Lost Cipher and Hash preferences Hello Steve Butler, On Monday, April 22 2002 at 07:12 AM PDT, you wrote: > It is getting more interesting. The customer was able to encrypt using the > key on a *doze box. Just what do you mean by "*doze" box? The GnuPG Users List is just that. It is NOT a Unix List. There are many of us here that use the Windows OS and are happy with it. I wish Members like yourself would stop this kind of OS bashing nonsense!! Grow UP!! -- Nick Andriash Courtenay, B.C. Canada _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. From agreene@pobox.com Tue Apr 23 20:34:02 2002 From: agreene@pobox.com (Anthony E. Greene) Date: Tue Apr 23 19:34:02 2002 Subject: Lost Cipher and Hash preferences In-Reply-To: <9A86613AB85FF346BB1321840DB42B4B67D6C5@jupiter.fchn.com>; from sbutler@fchn.com on Tue, Apr 23, 2002 at 07:25:22AM -0700 References: <9A86613AB85FF346BB1321840DB42B4B67D6C5@jupiter.fchn.com> Message-ID: <20020423133400.C8239@asmoweb.hqda.pentagon.mil> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, Apr 23, 2002 at 07:25:22AM -0700, Steve Butler wrote: >Didn't realize that *doze and *nix were bashing. While the workstation and >the PC at home are *doze box, the database server is a *nix box. Sorry that >I touched a sensitive nerve. I didn't see it as bashing either. UNIX folks live in a world where there are lots of slightly different versions around, different enough that you actually need to say *nix when you are talking about something that applies to all versions. Windows world is much more homogeneous, so that reference was probably not familiar. Although I'd argue that Win* probably meets your intent a little better. Tony - -- Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: Linux: the choice of a GNU Generation. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene 0x6C94239D iD8DBQE8xZsDpCpg3WyUI50RAmMDAJ9WGfC4O+kSaQ7S3LlfXsJh2+tTDACg14o6 ywoRetgIh4gpLHuEw5w7Xmo= =t6vJ -----END PGP SIGNATURE----- From dshaw@jabberwocky.com Tue Apr 23 23:42:02 2002 From: dshaw@jabberwocky.com (David Shaw) Date: Tue Apr 23 22:42:02 2002 Subject: Revocation problem with keyserver In-Reply-To: <20020423041213.A2471@gina.local> References: <20020423041213.A2471@gina.local> Message-ID: <20020423204311.GD14216@akamai.com> On Tue, Apr 23, 2002 at 04:12:13AM +0200, Volker Gaibler wrote: > Hello! > > I wanted to change my encryption subkey and therefore revoke my old > subkey. I read the hints given in earlier questions but it doesn't > work. [..] > Can this be a keyserver problem or am I doing something awfully wrong? This looks like a classic example of the "keyserver ate my key" bug. Most keyservers on the net today cannot deal with multiple subkeys and will respond by corrupting the key instead. Hopefully the new generation of keyservers will come along soon and solve this problem. In the meantime, don't use the keyserver network to distribute your key. David -- David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +---------------------------------------------------------------------------+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson From karlsson@hal-pc.org Wed Apr 24 01:08:01 2002 From: karlsson@hal-pc.org (Brian M. Carlson) Date: Wed Apr 24 00:08:01 2002 Subject: Revocation problem with keyserver In-Reply-To: <20020423204311.GD14216@akamai.com> References: <20020423041213.A2471@gina.local> <20020423204311.GD14216@akamai.com> Message-ID: <20020423220937.GA1535@stonewall> --zhXaljGHf11kAtnf Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Apr 23, 2002 at 04:43:11PM -0400, David Shaw wrote: > On Tue, Apr 23, 2002 at 04:12:13AM +0200, Volker Gaibler wrote: > > Hello! > >=20 > > I wanted to change my encryption subkey and therefore revoke my old > > subkey. I read the hints given in earlier questions but it doesn't=20 > > work. >=20 > [..] >=20 > > Can this be a keyserver problem or am I doing something awfully wrong? >=20 > This looks like a classic example of the "keyserver ate my key" bug. > Most keyservers on the net today cannot deal with multiple subkeys and > will respond by corrupting the key instead. >=20 > Hopefully the new generation of keyservers will come along soon and > solve this problem. In the meantime, don't use the keyserver network > to distribute your key. >=20 > David It isn't necessary to not distribute your key. There are safe servers. They= are ldap://horowitz.surfnet.nl:11370, which uses the PGP Certificate Server (it does not accept ElGamal type 20 keys) and x-hkp://gnv.us.ks.cryptnet.net:11= 371, which is running cksd. --=20 Brian M. Carlson OpenPGP: 0x351336B2DCA1913A --zhXaljGHf11kAtnf Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6e (GNU/Linux) Comment: Ubi libertas, ibi patria. iQEVAwUBPMXboOWR/8lWBVPnAQPa3QgAv048Oj/FUa1N2IDYuKYOkp1Ec5cMASSI 5rCbyV9VCLmJm/IW8D/Id8mECs5I2fBIz0sGB90cnBeFGvPHjh0YCFL3Hhq29+rp xYTnZ/HpbODHbmJ3kmrNUR3bMGOPR/EsgV5R8fYV/842LJFs0pcUhZXCMvcAk2tq MmKttQq44/nJ5rkqK/pKlMYccvf+ZPBcQjJM4nRDi9FLcGGo1++i5+QpWBIwEPP8 PNMf+Y5kVis9Alh2BQGH+33BydSjWXRX/R9JPYqSsG+j/CB4AlxfodphN2Csp5fX KZ5j/6+zOiZeN0VDwJ85Me/Eb6C29U4waLhOlGM3WqHe15EnqBYF6w== =KgCJ -----END PGP SIGNATURE----- --zhXaljGHf11kAtnf-- From dshaw@jabberwocky.com Wed Apr 24 01:17:01 2002 From: dshaw@jabberwocky.com (David Shaw) Date: Wed Apr 24 00:17:01 2002 Subject: Revocation problem with keyserver In-Reply-To: <20020423220937.GA1535@stonewall> References: <20020423041213.A2471@gina.local> <20020423204311.GD14216@akamai.com> <20020423220937.GA1535@stonewall> Message-ID: <20020423221741.GA13707@akamai.com> On Tue, Apr 23, 2002 at 10:09:37PM +0000, Brian M. Carlson wrote: > On Tue, Apr 23, 2002 at 04:43:11PM -0400, David Shaw wrote: > > This looks like a classic example of the "keyserver ate my key" bug. > > Most keyservers on the net today cannot deal with multiple subkeys and > > will respond by corrupting the key instead. > > > > Hopefully the new generation of keyservers will come along soon and > > solve this problem. In the meantime, don't use the keyserver network > > to distribute your key. > It isn't necessary to not distribute your key. There are safe > servers. They are ldap://horowitz.surfnet.nl:11370, which uses the > PGP Certificate Server (it does not accept ElGamal type 20 keys) and > x-hkp://gnv.us.ks.cryptnet.net:11371, which is running cksd. I'm not saying don't distribute your key - I'm saying to provide it in a non-keyserver place. The problem with the two or three good keyservers out there are that they synchronize with the bad ones. If a key is sent to a bad one first, then it is likely that the good ones will get a corrupted copy of the corrupted copy of the key via synchronization. David -- David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +---------------------------------------------------------------------------+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson From engage@n0sq.net Wed Apr 24 02:27:02 2002 From: engage@n0sq.net (engage) Date: Wed Apr 24 01:27:02 2002 Subject: trouble with receiving PGP 7.0.3 encrypted files Message-ID: <200204232327.g3NNRY727766@n0sq.net> I can't seem to decrypt files from users of this version of PGP. Kmail te= lls=20 me that I don't have the secret key. Saving the file and then trying to=20 decrypt from the command line gives me 2 messages: =20 gpg: CRC error; 598caf - dc3598 gpg: quoted printable character in armor - probably a buggy MTA has been = used PGP 6.5.8 encrypted files decrypts just fine.=20 Sending the PGP 7.0.3 encrypted file to my Windows machine where I have P= GP=20 6.5.8 and then trying to decrypt brings up a box stating: "An error has=20 occurred : ascii armor input incomplete". The PGPlog box shows the signat= ure=20 status good though. Is it really an MTA problem?=20 Mandrake 8.1, Sendmail 8.11.6-3mdk From folligy@gmx.net Wed Apr 24 03:33:01 2002 From: folligy@gmx.net (folligy@gmx.net) Date: Wed Apr 24 02:33:01 2002 Subject: Merging secret keyrings Message-ID: <8506.1019608472@www49.gmx.net> Hi everybody, how can I merge two secrings? I've got an old one (with my old secret key) and a new one (with my new secret key) but I can't export the secret key from the old one and import to the new one because the primary key is already present there: gpg: key 14DCBC1F: already in secret keyring Can i merge them somehow else? Frank Ollig -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net From hideki@allcity.net Wed Apr 24 10:24:01 2002 From: hideki@allcity.net (Hideki Saito) Date: Wed Apr 24 09:24:01 2002 Subject: [pretest issue] Genearated key compatibility issue Message-ID: <200204240725.g3O7PVe15264@server-1.visp.net> I have found the issue that the adding photo to the key causes the resulting key to be "invalid" from the viewpoint of keyserver. But, this can be actually performed in the following methods: 1. Add photo on GnuPG 2. Import public key into PGP (presumably, any version, verified on 6.5.8ckt) 3. Export from PGP 4. Add exported key to the keyserver. Verified on 1.0.6e... -- Hideki Saito mailto:hideki@allcity.net From wk@gnupg.org Wed Apr 24 11:13:02 2002 From: wk@gnupg.org (Werner Koch) Date: Wed Apr 24 10:13:02 2002 Subject: trouble with receiving PGP 7.0.3 encrypted files In-Reply-To: <200204232327.g3NNRY727766@n0sq.net> (engage's message of "Tue, 23 Apr 2002 17:27:34 -0600") References: <200204232327.g3NNRY727766@n0sq.net> Message-ID: <87hem1v7gx.fsf@alberti.gnupg.de> On Tue, 23 Apr 2002 17:27:34 -0600, engage said: > Is it really an MTA problem? It might also due to a buggy MUA - maybe it recodes the file and thereby messing up the armor (double base64 encoding?) Werner From Fabian.Rodriguez@Toxik.com Wed Apr 24 15:41:01 2002 From: Fabian.Rodriguez@Toxik.com (Toxik - Fabian Rodriguez) Date: Wed Apr 24 14:41:01 2002 Subject: Encrypting to different UIDs ? Use of subkeys ? In-Reply-To: <200204231302.AJR72480@dagger.cc.vt.edu> Message-ID: Hello, I'd like to know if it makes any difference to encrypt data to different UIDs of the same key. This may not make sense, but I am using WinPT and all UIDs of a key are presented when choosing a key to encrypt to. I think it's rather confusing, but wanted to make sure. And another more general question, does this apply to subkeys ? What would be the use of creating/having subkeys ? The FAQ only mentions "use in an automated environment" (4.14). Thanks for any information, Fabián Rodríguez - Toxik Technologies, Inc. www.toxik.com · (514) 528-6945 @221 OpenPGP: 0x5AF2A4D5 From dshaw@jabberwocky.com Wed Apr 24 16:07:01 2002 From: dshaw@jabberwocky.com (David Shaw) Date: Wed Apr 24 15:07:01 2002 Subject: Encrypting to different UIDs ? Use of subkeys ? In-Reply-To: References: <200204231302.AJR72480@dagger.cc.vt.edu> Message-ID: <20020424130549.GB14119@akamai.com> On Wed, Apr 24, 2002 at 08:39:43AM -0400, Toxik - Fabian Rodriguez wrote: > Hello, > > I'd like to know if it makes any difference to encrypt data to different > UIDs of the same key. This may not make sense, but I am using WinPT and all > UIDs of a key are presented when choosing a key to encrypt to. I think it's > rather confusing, but wanted to make sure. Believe it or not, it can make a difference although it usually does not. Each different UID can have a different set of preferences attached, which influence how the data is encrypted to you. For example, say you use the same key for home and work. At home you like AES, BLOWFISH, and 3DES. Your work requires TWOFISH, CAST5, and 3DES. If you set the preferences properly, someone encrypting to your home address would then use a different cipher than someone encrypting to your work address. All that said, people usually have the same preferences for all user IDs and so in that case it does not matter. > And another more general question, does this apply to subkeys ? What would > be the use of creating/having subkeys ? The FAQ only mentions "use in an > automated environment" (4.14). Preferences do not attach to subkeys, but multiple subkeys in general would of course mean a different key to encrypt to. David -- David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +---------------------------------------------------------------------------+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson From Marie-Noelle.Baechler@hospvd.ch Wed Apr 24 18:32:02 2002 From: Marie-Noelle.Baechler@hospvd.ch (Marie-Noelle Baechler) Date: Wed Apr 24 17:32:02 2002 Subject: Replacing PGP (Freeware 7.0.3) by gnuPG + gpgSHELL In-Reply-To: References: <200204231302.AJR72480@dagger.cc.vt.edu> Message-ID: <5.1.0.14.2.20020424171312.00a3a150@hola.hospvd.ch> Hello, I would like to replace PGP freeware 7.0.3 by gnuPG and GPGshell. I am using Windows Me with 256MB RAM. When I try to import my keys, I get an error message (number 53) telling me that gpgSHELL does not find the file I supplied and which has been exported from PGP Keys. Does anybody knows what is happening? Thank you in advance Marie-Noelle Baechler From Thorsten.Delbrouck@guardeonic.com Wed Apr 24 19:13:01 2002 From: Thorsten.Delbrouck@guardeonic.com (Thorsten.Delbrouck@guardeonic.com) Date: Wed Apr 24 18:13:01 2002 Subject: Replacing PGP (Freeware 7.0.3) by gnuPG + gpgSHELL Message-ID: <93659FED3BE2D411A92400508BAD48BB011D8B41@mchp542a.muc.infineon.com> > I would like to replace PGP freeware 7.0.3 by gnuPG > and GPGshell. I don't know if this is any help, but I recently replaced PGP 7.1 with GnuPG+WinPT any did not experience any of the problems you describe. If you are not tied to GPGShell for some reason I'd suggest you give WinPT a try (http://www.winpt.org/download.html, 0.5.9 works fine with me). regards, /tdk -- Thorsten Delbrouck-Konetzko From andriash@telus.net Wed Apr 24 22:01:01 2002 From: andriash@telus.net (Nick Andriash) Date: Wed Apr 24 21:01:01 2002 Subject: Replacing PGP (Freeware 7.0.3) by gnuPG + gpgSHELL In-Reply-To: <5.1.0.14.2.20020424171312.00a3a150@hola.hospvd.ch> References: <5.1.0.14.2.20020424171312.00a3a150@hola.hospvd.ch> Message-ID: <20020424115924.F874.ANDRIASH@telus.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Marie-Noelle Baechler, On Wednesday, April 24 2002 at 08:32 AM PDT, you wrote: > I would like to replace PGP freeware 7.0.3 by gnuPG > and GPGshell. I will send you a Help File off-list that we provide on the PGP-Basics List that outlines installation of GnuPG with GPGShell. If you follow the instructions you shouldn't run into any problems at all. - -- Nick Andriash Courtenay, B.C. Canada -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (MingW32) - GPGshell v2.28 iD8DBQE8xwDv2usvuTvKfdIRAhyTAKCI6NEfJlMT+aHcifX31i1Z5+0RygCfWU85 y0K3PuhqGn+iRyGdxSQJ39c= =46xq -----END PGP SIGNATURE----- From webmaster@awn.com Wed Apr 24 22:41:02 2002 From: webmaster@awn.com (Mike Dunlop) Date: Wed Apr 24 21:41:02 2002 Subject: I am trying to setup a PHP encrypt/decrypt system and... Message-ID: I am trying to implement a php mechanism that will use GNUPG to encode a password which will then be stored in a MySQL database. I don't quite understand the keys (public vs private), so I am wondering what is the most simple way to decode the password? Do I need a key for that? NOTE: We have root access on our server and only the admin (me) needs decyption ability (end-users don't need decyption ability...)] Any help is much appreciated. Thanks Mike Dunlop From tracy_d@xypro.com Wed Apr 24 22:44:01 2002 From: tracy_d@xypro.com (Tracy Ding) Date: Wed Apr 24 21:44:01 2002 Subject: A question ? Message-ID: <32E0F1DAB878D511826D00A0CCD7949203EE4D@xypro.com> Dear Sir, I have a question to ask about gnupg. Currently I am doing to create a Gnupg for Tandem OSS. I downloaded the source codes from your site and compile them. I made some changes to pass the compiler. Now it runs ok in OSS and can create, import, export keys. What I found is that I couldn't import keys between Mingw32 version (PC) and Unix version (OSS). The error message is "a missing self-signature" "User id not found". That means the public keys created in OSS only be exchanged in OSS, not even for OpenPGP. Any your opinion is appreciated. Tracy Ding > -----Original Message----- > From: Werner Koch [SMTP:wk@gnupg.org] > Sent: Wednesday, April 24, 2002 12:41 PM > To: Tracy Ding > Subject: Re: A question ? > > On Wed, 24 Apr 2002 10:12:03 -0700, Tracy Ding said: > > > Dear Werner, > > I have a question to ask about gnupg. > > What I found is that I couldn't import keys between Mingw32 version (PC) > and > > Unix version (OSS). > > Please direct questions to the gnupg-users@gnupg.org mailing liste. > > Thanks. > > Werner From volker.gaibler@urz.uni-heidelberg.de Thu Apr 25 02:22:02 2002 From: volker.gaibler@urz.uni-heidelberg.de (Volker Gaibler) Date: Thu Apr 25 01:22:02 2002 Subject: Revocation problem with keyserver In-Reply-To: References: <20020423041213.A2471@gina.local> Message-ID: <20020425012237.B1958@gina.local> Hi, > 1. Importing your key 0x86ECAC0B with PGP 7.0.3 (Mac version): > - fp DEAB AF7A 9269 02E3 7BD1 570C 0AB2 6373 86EC AC0B > - signed with [same key] 0x86ECAC0B on April 23, 2002. This signature is > dimmed, which in PGP's graphic convention indicates "bad or invalid > signature" > - signed with same key on April 14, 2002. Signature dimmed, same as in > previous. > - signed with same key on December 5, 2001. This signature appears to be > valid, it shows a valid exportable signature icon. > - two subkeys: > - valid from April 3, 2002. Expires: never. Size: 2048 > - valid from December 5, 2001. Expires: never. Size: 1024 That's quite funny because I thought that the 2048bit subkey is not included in the corrupted key entry. GnuPG with --list-packets shows just 1024bit keys for the keyservers (wwwkeys.eu.pgp.net, www.keyserver.net, ...) Volker -- Volker Gaibler contact: http://www.volker-gaibler.de mail@volker-gaibler.de OpenPGP key: 0x86ECAC0B +---------------------------------------------------------------------+ From engage@n0sq.net Thu Apr 25 05:09:02 2002 From: engage@n0sq.net (engage) Date: Thu Apr 25 04:09:02 2002 Subject: trouble with receiving PGP 7.0.3 encrypted files In-Reply-To: <87hem1v7gx.fsf@alberti.gnupg.de> References: <200204232327.g3NNRY727766@n0sq.net> <87hem1v7gx.fsf@alberti.gnupg.de> Message-ID: <200204250209.g3P29N700974@n0sq.net> On Wednesday 24 April 2002 02:14 am, Werner Koch wrote: > On Tue, 23 Apr 2002 17:27:34 -0600, engage said: > > Is it really an MTA problem? > > It might also due to a buggy MUA - maybe it recodes the file and > thereby messing up the armor (double base64 encoding?) > > Werner It doesn't seem to affect PGP 6.5.8 so I would expect PGP 7.0.3 to decryp= t=20 OK. I don't like Evolution but I'll try that out & see if things work out= =20 better. From dbergstein@comcast.net Thu Apr 25 06:57:01 2002 From: dbergstein@comcast.net (David R. Bergstein) Date: Thu Apr 25 05:57:01 2002 Subject: Replacing PGP (Freeware 7.0.3) by gnuPG + gpgSHELL In-Reply-To: <5.1.0.14.2.20020424171312.00a3a150@hola.hospvd.ch> Message-ID: Have you tried exporting the PGP 7.0.3 keys as ascii armored files? If not, the native pgp binary format may be causing some issues when importing these keys to GnuPG. David R. Bergstein Systems Engineer and Blues Musician - http://mywebpages.comcast.net/dbergstein/ Heart of Blue - bookings on-line at http://www.heartofblue.com OpenPGP Public Key 0xE1F138CA - For info see http://www.gnupg.org Key fingerprint = C86E CA2A 4171 AC73 91D7 3DCE 8832 D764 E1F1 38CA -----Original Message----- From: gnupg-users-admin@gnupg.org [mailto:gnupg-users-admin@gnupg.org]On Behalf Of Marie-Noelle Baechler Sent: Wednesday, April 24, 2002 11:33 AM To: gnupg-users@gnupg.org Subject: Replacing PGP (Freeware 7.0.3) by gnuPG + gpgSHELL Hello, I would like to replace PGP freeware 7.0.3 by gnuPG and GPGshell. I am using Windows Me with 256MB RAM. When I try to import my keys, I get an error message (number 53) telling me that gpgSHELL does not find the file I supplied and which has been exported from PGP Keys. Does anybody knows what is happening? Thank you in advance Marie-Noelle Baechler _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users From dfc@anize.org Thu Apr 25 08:13:01 2002 From: dfc@anize.org (Douglas Calvert) Date: Thu Apr 25 07:13:01 2002 Subject: trouble with receiving PGP 7.0.3 encrypted files In-Reply-To: <200204250209.g3P29N700974@n0sq.net> References: <200204232327.g3NNRY727766@n0sq.net> <87hem1v7gx.fsf@alberti.gnupg.de> <200204250209.g3P29N700974@n0sq.net> Message-ID: <1019711640.27886.43.camel@allevil> --=-JS/Spr/Jp3eAvFYbteiF Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Wed, 2002-04-24 at 22:09, engage wrote: > On Wednesday 24 April 2002 02:14 am, Werner Koch wrote: > > On Tue, 23 Apr 2002 17:27:34 -0600, engage said: > > > Is it really an MTA problem? > > > > It might also due to a buggy MUA - maybe it recodes the file and > > thereby messing up the armor (double base64 encoding?) > > > > Werner >=20 > It doesn't seem to affect PGP 6.5.8 so I would expect PGP 7.0.3 to decryp= t=20 > OK. I don't like Evolution but I'll try that out & see if things work out= =20 > better. >=20 >=20 I have seen evo do some nasty things to pgp messages. And I have also seen some troubles with 7.0.3 and evo. If you have them send you the file as an attachment it should work fine. Is there a version string at the begining of the asc file? One time there was not when i received a message from 7.0.3. I don't know who took it out. The problem is evo I am almost sure... --=20 + Douglas Calvert http://anize.org/dfc + | Key Id 0xC9541FB2 http://anize.org/dfc-keys.asc | | http://imissjerry.org http://whoownsthisidea.org | +-| 0817 30D4 82B6 BB8D 5E66 06F6 B796 073D C954 1FB2 |-+ --=-JS/Spr/Jp3eAvFYbteiF Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQA8x5CYt5YHPclUH7IRAqkdAJ9k3H8h4yN8yi/kTl/Rw8zEf6bZ7ACggwX/ x7LqlPZNCkv6M04q7cJC63M= =z4RJ -----END PGP SIGNATURE----- --=-JS/Spr/Jp3eAvFYbteiF-- From disastry@saiknes.lv Thu Apr 25 11:44:02 2002 From: disastry@saiknes.lv (disastry@saiknes.lv) Date: Thu Apr 25 10:44:02 2002 Subject: Encrypting to different UIDs ? Use of subkeys ? Message-ID: <3CC7C20D.7ED1A0B1@saiknes.lv> -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 David Shaw wrote: > > On Wed, Apr 24, 2002 at 08:39:43AM -0400, Toxik - Fabian Rodriguez wrote: > > > And another more general question, does this apply to subkeys ? What would > > be the use of creating/having subkeys ? The FAQ only mentions "use in an > > automated environment" (4.14). > > Preferences do not attach to subkeys, but multiple subkeys in general > would of course mean a different key to encrypt to. > David RFC2440 (and bis04 too) allows subkeys to have preferences (see 12.1.) I can even send you a key with preferences in subkey binding signature. but I think these preferences are ignored by PGP/GPG __ Disastry http://disastry.dhs.org/ http://disastry.dhs.org/pgp <----PGP plugins for Netscape and MDaemon ^----PGP 2.6.3ia-multi06 (supports IDEA, CAST5, BLOWFISH, TWOFISH, AES, 3DES ciphers and MD5, SHA1, RIPEMD160, SHA2 hashes) -----BEGIN PGP SIGNATURE----- Version: Netscape PGP half-Plugin 0.15 by Disastry / PGPsdk v1.7.1 iQA+AwUBPMeloDBaTVEuJQxkEQNdHACghJmrWqi9SG58+ol6TRgdst+vDCoAmJmL GOi3awmNI+eVHeavCHmXaQU= =tNc1 -----END PGP SIGNATURE----- From Marie-Noelle.Baechler@hospvd.ch Thu Apr 25 12:06:02 2002 From: Marie-Noelle.Baechler@hospvd.ch (Marie-Noelle Baechler) Date: Thu Apr 25 11:06:02 2002 Subject: Replacing PGP (Freeware 7.0.3) by gnuPG + gpgSHELL In-Reply-To: <20020424115924.F874.ANDRIASH@telus.net> References: <5.1.0.14.2.20020424171312.00a3a150@hola.hospvd.ch> <5.1.0.14.2.20020424171312.00a3a150@hola.hospvd.ch> Message-ID: <5.1.0.14.2.20020425110555.00a36520@hola.hospvd.ch> Thank you very much for your instructions. Now, everything works fine. Best regards Marie-Noelle Baechler From Marie-Noelle.Baechler@hospvd.ch Thu Apr 25 12:11:01 2002 From: Marie-Noelle.Baechler@hospvd.ch (Marie-Noelle Baechler) Date: Thu Apr 25 11:11:01 2002 Subject: Replacing PGP (Freeware 7.0.3) by gnuPG + gpgSHELL In-Reply-To: References: <5.1.0.14.2.20020424171312.00a3a150@hola.hospvd.ch> Message-ID: <5.1.0.14.2.20020425110745.00a376e0@hola.hospvd.ch> > Have you tried exporting the PGP 7.0.3 keys as ascii > armored files? If not, the native pgp binary format > may be causing some issues when importing these keys > to GnuPG. Thank you for your suggestion. They were exported as ASCII armored files. I succeded when I imported my keys through a dos box. Maybe, some options for import are missing in the GPGKeys module of GPGshell. It is also possible that placing the key file in the gnuPG directory was important. Marie-Noëlle Baechler From Marie-Noelle.Baechler@hospvd.ch Thu Apr 25 12:13:01 2002 From: Marie-Noelle.Baechler@hospvd.ch (Marie-Noelle Baechler) Date: Thu Apr 25 11:13:01 2002 Subject: Replacing PGP (Freeware 7.0.3) by gnuPG + gpgSHELL In-Reply-To: <93659FED3BE2D411A92400508BAD48BB011D8B41@mchp542a.muc.infi neon.com> Message-ID: <5.1.0.14.2.20020425111202.00a3edd0@hola.hospvd.ch> > > I don't know if this is any help, but I > recently replaced PGP 7.1 with GnuPG+WinPT > any did not experience any of the problems > you describe. Thank you for your suggestion. I finally succeeded using my keys whith GPGshell, by importing them directly into GnuPG through a DOS box. But I'll look at WinPT anyway. Regards Marie-Noëlle Baechler From spong@freedom.org Thu Apr 25 12:18:01 2002 From: spong@freedom.org (Matt Spong) Date: Thu Apr 25 11:18:01 2002 Subject: keyserver access on Win2k Message-ID: <3CC7CA99.8020702@freedom.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi I'm trying to get GnuPG 1.0.6-2 to retrieve a key from a keyserver in Windows 2000 (using the binary package found on www.gnupg.org). Whenever I try to request a key, though, it gives me an error (instantly... it's not even trying to query the keyserver): (~/c/gnupg) 5:18am spong@deadzone> ./gpg.exe --recv-keys 0x12345678 gpg: requesting key 12345678 from wwwkeys.pgp.net ... gpg: write failed: ec=87 gpg: can't get key from keyserver: No error This works fine with the same version of GnuPG on Linux, but not on Win2k. Does anybody else have this problem? Is there a workaround or a fix? thanks Matt - -- Matt Spong http://www.forkbomb.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6-2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE8x8qZ9cWdso9liPMRAiedAJ0a9aeizLrrLutl+vQ5CAx39lhpZgCfZeyj UMzMHd77MAB9S+fD6qImi7c= =bCjZ -----END PGP SIGNATURE----- From Fabian.Rodriguez@Toxik.com Thu Apr 25 16:55:01 2002 From: Fabian.Rodriguez@Toxik.com (Toxik - Fabian Rodriguez) Date: Thu Apr 25 15:55:01 2002 Subject: Replacing PGP (Freeware 7.0.3) by gnuPG + gpgSHELL In-Reply-To: <5.1.0.14.2.20020425111202.00a3edd0@hola.hospvd.ch> Message-ID: Hi, I'm using gpg 1.0.6, command line, win2k. I'd like to know how to determine if my signature on somebody else's key is exportable or not (it's already signed, but I don't remember). If it isn't, is there a way to make it exportable ? Thanks in advance, Fabián Rodríguez - Toxik Technologies, Inc. www.toxik.com · (514) 528-6945 @221 OpenPGP: 0x5AF2A4D5 From kr6x@kr6x.com Thu Apr 25 17:11:01 2002 From: kr6x@kr6x.com (Leigh S. Jones) Date: Thu Apr 25 16:11:01 2002 Subject: keyserver access on Win2k References: <3CC7CA99.8020702@freedom.org> Message-ID: <05dd01c1ec64$000e5ab0$ede3c23f@KR6X.ORG> I was having trouble making gpg for W32 talk to keyservers on both winnt and win2k. Probably would have had the same problem on win9x. Linux worked fine. It's probably a protocol problem. You have to use http servers -- port 80 -- only, no LDAP, etc. Worked it out when I let WinPT take over for me calling gpg and suddenly there were keyservers that worked... ----- Original Message ----- From: "Matt Spong" To: Sent: Thursday, April 25, 2002 2:21 AM Subject: keyserver access on Win2k > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi > > I'm trying to get GnuPG 1.0.6-2 to retrieve a key from a keyserver in > Windows 2000 (using the binary package found on www.gnupg.org). > Whenever I try to request a key, though, it gives me an error > (instantly... it's not even trying to query the keyserver): > > (~/c/gnupg) 5:18am spong@deadzone> ./gpg.exe --recv-keys 0x12345678 > gpg: requesting key 12345678 from wwwkeys.pgp.net ... > gpg: write failed: ec=87 > gpg: can't get key from keyserver: No error > > This works fine with the same version of GnuPG on Linux, but not on > Win2k. Does anybody else have this problem? Is there a workaround or a > fix? > > thanks > Matt > > - -- > Matt Spong > http://www.forkbomb.net > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.6-2 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQE8x8qZ9cWdso9liPMRAiedAJ0a9aeizLrrLutl+vQ5CAx39lhpZgCfZeyj > UMzMHd77MAB9S+fD6qImi7c= > =bCjZ > -----END PGP SIGNATURE----- > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users From twoaday@freakmail.de Thu Apr 25 17:42:01 2002 From: twoaday@freakmail.de (Timo Schulz) Date: Thu Apr 25 16:42:01 2002 Subject: keyserver access on Win2k In-Reply-To: <05dd01c1ec64$000e5ab0$ede3c23f@KR6X.ORG> References: <3CC7CA99.8020702@freedom.org> <05dd01c1ec64$000e5ab0$ede3c23f@KR6X.ORG> Message-ID: <20020425144344.GC715@daredevil.joesixpack.net> On Thu Apr 25 2002; 07:17, Leigh S. Jones wrote: > I was having trouble making gpg for W32 talk to keyservers on both > winnt and win2k. Probably would have had the same problem on > win9x. Linux worked fine. It's probably a protocol problem. You This problem only occures on WNT/W2K machines, with W9X it works. We used the newer Winsock library (V2) but it doesn't seem that this solved the problem. But we're working on a solution for NT based operating systems. > Worked it out when I let WinPT take over for me calling gpg and > suddenly there were keyservers that worked... WinPT does *not* call GPG for keyserver requests. It has its own code for talking to HKP keyservers. That is why it also works on WNT/W2K. Timo From twoaday@freakmail.de Thu Apr 25 17:42:06 2002 From: twoaday@freakmail.de (Timo Schulz) Date: Thu Apr 25 16:42:06 2002 Subject: keyserver access on Win2k In-Reply-To: <05dd01c1ec64$000e5ab0$ede3c23f@KR6X.ORG> References: <3CC7CA99.8020702@freedom.org> <05dd01c1ec64$000e5ab0$ede3c23f@KR6X.ORG> Message-ID: <20020425144344.GC715@daredevil.joesixpack.net> On Thu Apr 25 2002; 07:17, Leigh S. Jones wrote: > I was having trouble making gpg for W32 talk to keyservers on both > winnt and win2k. Probably would have had the same problem on > win9x. Linux worked fine. It's probably a protocol problem. You This problem only occures on WNT/W2K machines, with W9X it works. We used the newer Winsock library (V2) but it doesn't seem that this solved the problem. But we're working on a solution for NT based operating systems. > Worked it out when I let WinPT take over for me calling gpg and > suddenly there were keyservers that worked... WinPT does *not* call GPG for keyserver requests. It has its own code for talking to HKP keyservers. That is why it also works on WNT/W2K. Timo From wk@gnupg.org Thu Apr 25 18:23:01 2002 From: wk@gnupg.org (Werner Koch) Date: Thu Apr 25 17:23:01 2002 Subject: Replacing PGP (Freeware 7.0.3) by gnuPG + gpgSHELL In-Reply-To: ("Toxik - Fabian Rodriguez"'s message of "Thu, 25 Apr 2002 09:53:56 -0400") References: Message-ID: <87u1pz6bsn.fsf@alberti.gnupg.de> On Thu, 25 Apr 2002 09:53:56 -0400, "Toxik said: > I'd like to know how to determine if my signature on somebody else's key is > exportable or not (it's already signed, but I don't remember). Not easily: export the key and run gpg --list-packets on it. You should see a signature subpacket like this hashed subpkt 4 len 2 (not exportable) for non-exportable signatures. With 1.0.7 you will see a line: sig 2 L A50283F1 2002-04-19 pgp2.6.3-test-key where the L indicates such a signature. > If it isn't, is there a way to make it exportable ? 1.0.7 will do so. Werner From Mark Scott Thu Apr 25 18:53:01 2002 From: Mark Scott (Mark Scott) Date: Thu Apr 25 17:53:01 2002 Subject: ADV: WARNING - A SPAM Robot harvested your email address! Message-ID: ------=_CFVrbgBd_7inVwYP9_MA Content-Type: text/plain Content-Transfer-Encoding: 8bit Dear Email user, Your email address gnupg-users@gnupg.org was harvested by a SPAM robot. It got your address from the webpage http://lists.gnupg.org You can stop this from happening, click here http://63.241.136.161/ec10067/ Sincerely, Mark Scott Anti-Spam Services If you wish not to receive notices like these, reply with REMOVE in the subject line ------=_CFVrbgBd_7inVwYP9_MA Content-Type: text/html Content-Transfer-Encoding: 8bit Dear Email user,

Your email address gnupg-users@gnupg.org was harvested by a Spam robot. It got your address from the webpage
http://lists.gnupg.org


You can stop this from happening, Click Here

Sincerely,
Mark Scott
Anti-Spam Services
If you wish not to receive notices like these, reply with REMOVE in the suject line
------=_CFVrbgBd_7inVwYP9_MA-- From Gerd Ewald Thu Apr 25 20:16:01 2002 From: Gerd Ewald (Gerd Ewald) Date: Thu Apr 25 19:16:01 2002 Subject: [OT] ADV: WARNING - A SPAM Robot harvested your email address! In-Reply-To: References: Message-ID: <741350291.20020425190052@pro-privacy.de> Hello Mark, On 25 Apr 2002 08:53:00 -0700 GMT your local time, which was 25.04.2002, 17:53 (GMT+0200) where I live, you wrote: [...] > Your email address gnupg-users@gnupg.org was harvested by a SPAM > robot. It > got your address from the webpage > http://lists.gnupg.org > You can stop this from happening, click here > http://63.241.136.161/ec10067/ WOW! That is a clever way to start to harvest mail-address ;-) Did not know this way before. I hope no one replied ;-) SCNR -- Best regards, Gerd ======================================================= Tutorial for using PGP with TheBat! www.pro-privacy.de ------------------------------------------------------- They that give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. (Benjamin Franklin) ------------------------------------------------------- now playing: WDR2 :-) From kr6x@kr6x.com Thu Apr 25 21:12:01 2002 From: kr6x@kr6x.com (Leigh S. Jones, KR6X) Date: Thu Apr 25 20:12:01 2002 Subject: keyserver access on Win2k References: <3CC7CA99.8020702@freedom.org> <05dd01c1ec64$000e5ab0$ede3c23f@KR6X.ORG> <20020425144344.GC715@daredevil.joesixpack.net> Message-ID: <003301c1ec84$d8cb39c0$963fca96@pacesetter.com> Thanks! That's interesting information. ----- Original Message ----- From: "Timo Schulz" To: Sent: Thursday, April 25, 2002 07:43 Subject: Re: keyserver access on Win2k > On Thu Apr 25 2002; 07:17, Leigh S. Jones wrote: > > > I was having trouble making gpg for W32 talk to keyservers on both > > winnt and win2k. Probably would have had the same problem on > > win9x. Linux worked fine. It's probably a protocol problem. You > > This problem only occures on WNT/W2K machines, with W9X it works. > We used the newer Winsock library (V2) but it doesn't seem that this > solved the problem. But we're working on a solution for NT based > operating systems. > > > > Worked it out when I let WinPT take over for me calling gpg and > > suddenly there were keyservers that worked... > > WinPT does *not* call GPG for keyserver requests. It has its own code > for talking to HKP keyservers. That is why it also works on WNT/W2K. > > > Timo > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > From Vincent von Kaenel Fri Apr 26 05:22:01 2002 From: Vincent von Kaenel (Vincent von Kaenel) Date: Fri Apr 26 04:22:01 2002 Subject: using the same key from PGP and GPG Message-ID: Hello, I have 2 computers, one Linux server and on Window PC. I would like to share the same encryption key form both platforms. On the Linux box, I'm using GPG 1.06 and from the PC box, I'm using Eudora with PGP 7.03. I tried to generate a key from GPG and export it to the PC box and encrypt/decrypt from both platforms. It appears that the PGP version cannot decrypt a message encrypted from the box. I got an error "Bad packet" on the PGP version. I tried different version of the export command, including changing the gpg -a --s2k-cipher-algo 3des --compress-algo 1 --rfc1991 --export-secret-keys proposed in the FAQ of GNUPG. It did not work, I still get the bad packet error. I did also the other way experiment, meaning generating keys on the pgp box and exporting them to the GNUPG box and that seemed to work just fine. Since I'm more confident in the open source software than in the PGP version, I would really like to be able to generate my keys with GNUPG and exporting both the private and public keys to the PC. Does someone has a solution to this issue? Regards Vincent -- ------------------------------------------------------- Vincent von Kaenel From khairil@basisbay.com Fri Apr 26 05:59:01 2002 From: khairil@basisbay.com (Khairil) Date: Fri Apr 26 04:59:01 2002 Subject: Missing 0x when looking up keys Message-ID: <009601c1ece7$7e08f000$40c812ac@Khairil> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Still new to gpg. The tools are still rought, but it would be great to use it as a standard at my company. Most of the keyservers I know, need to have the 0x prefix in front of the keyID when looking up keys. GPG doesn't seem to do this automatically. Is there an option or something that makes gpg add in the 0x by default when looking up key ID's? Using gpg 1.06-02 (win32) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6-2 (MingW32) - GPGshell v2.28 Comment: For info see http://www.gnupg.org iEYEARECAAYFAjzI7JsACgkQDAqnLW/+/X8w5QCdFUU8wy5eVLCmqWfuR8+HV4Cl pdcAn1Km8VY6EHnDqykQTFhGL9MavU+E =bB7x -----END PGP SIGNATURE----- From agreene@pobox.com Fri Apr 26 07:46:01 2002 From: agreene@pobox.com (Anthony E. Greene) Date: Fri Apr 26 06:46:01 2002 Subject: Missing 0x when looking up keys In-Reply-To: <009601c1ece7$7e08f000$40c812ac@Khairil>; from khairil@basisbay.com on Thu, Apr 25, 2002 at 10:58:56PM -0700 References: <009601c1ece7$7e08f000$40c812ac@Khairil> Message-ID: <20020426004648.A31732@cp5340.verizon.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 25-Apr-2002/22:58 -0700, Khairil wrote: >Most of the keyservers I know, need to have the 0x prefix in >front of the keyID when looking up keys. GPG doesn't seem to do >this automatically. I know that the "0x" is not displayed to the user during the key lookup, but the lookup works with pksd, OKS, and Cryptnet servers. The lookup is done on port 11371 using the Horowitz Key Protocol, so what is shown to the user is not necessarily what is sent to the server. Tony - -- Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: Linux. The choice of a GNU generation -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene 0x6C94239D iD8DBQE8yNuypCpg3WyUI50RAnTQAKC65jSbhx2+TUD/wi+EaJxU8HDY2wCgnAh6 aEgkN1r2JbIPetNJDqRCrCY= =Mm57 -----END PGP SIGNATURE----- From shavital@mac.com Fri Apr 26 07:52:01 2002 From: shavital@mac.com (Charly Avital) Date: Fri Apr 26 06:52:01 2002 Subject: using the same key from PGP and GPG In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 7:23 PM -0700 4/25/02, Vincent von Kaenel wrote: >Hello, > >I have 2 computers, one Linux server and on Window PC. I would like to >share the same encryption key form both platforms. On the Linux box, I'm >using GPG 1.06 and from the PC box, I'm using Eudora with PGP 7.03. > +++++In a similar situation, I have a Mac running PGP 7.0.3, and a PowerBook Running gpg 1.0.6 (with the IDEA module). >I tried to generate a key from GPG and export it to the PC box and >encrypt/decrypt from both platforms. It appears that the PGP version cannot >decrypt a message encrypted from the box. I got an error "Bad >packet" on the PGP version. +++++I had problems trying to have PGP 7.0.3 accept the secret key generated in GPG (no problems with the public key), but I found a workaround. When trying to decrypt, in PGP 7.0.3, a message encrypted in the GPG computer, I got error messages, ranging from "bad session key", to "bad packets", depending on the application used with PGP 7.0.3 (Eudora, Netscape). The problem was solved when I set GPG's options to openpgp (RFC 2440). Messages decrypted without problems or error messages or any kind. There were still problems with authentication of clear signed messages (not uncommon), which were solved (only partially, depending upon the recipient's e-mail client) with the proper sig configuration in the options (force-v3-sigs). >I tried different version of the export command, including changing the > > gpg -a --s2k-cipher-algo 3des --compress-algo 1 --rfc1991 >--export-secret-keys > >proposed in the FAQ of GNUPG. It did not work, I still get the bad packet >error. ++++I'm not literate enough in gpg to comment on the above. Maybe the problem is not with the key itself, but with gpg's options configuration. That was, apparently, the situation in my configuration. >I did also the other way experiment, meaning generating keys on the pgp >box and exporting them to the GNUPG box and that seemed to work just fine. +++++I had no problems either, especially after importing the IDEA module. >Since I'm more confident in the open source software than in the PGP >version, I would really like to be able to generate my keys with GNUPG and >exporting both the private and public keys to the PC. > >Does someone has a solution to this issue? +++++Just for testing purposes, I have generated more than one keypair in GnuPG,and exported them to PGP, without any further problems, after the options configuration. Hopes this helps. Charly Composed in Eudora 5.1.1b23 and signed with Richard Chang's AppleScripts -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (Darwin) Comment: GnuPG for Privacy iD8DBQE8yOsjhv+DadPoCWERAqe+AJ448NEIPl+sEOBY+XX5kfnXtTrklQCfQv/K c9CpJ6zG9cwWbq/yjLuyJ64= =g2cJ -----END PGP SIGNATURE----- From kr6x@kr6x.com Fri Apr 26 08:27:01 2002 From: kr6x@kr6x.com (Leigh S. Jones) Date: Fri Apr 26 07:27:01 2002 Subject: using the same key from PGP and GPG References: Message-ID: <086901c1ece3$f86451e0$ede3c23f@KR6X.ORG> I don't seem to be having any trouble exporting keys from gpg 1.06 to PGP 7.03. I think I blundered into setting up the gpg "options" file with a set of choices that allow me to export my keys -- both secret and public -- from one to the other (either direction) and encrypt/decrypt either direction and sign/verify either direction. Admittedly, I've limited my testing to methods that I actually intend using. I do not "sign", I "clearsign". I do not "encrypt", I "encrypt ASCII-armored". I export my keys as ASCII-armored files. This does not mean that the other methods, just that I haven't tested the other methods. And, the substantial majority of my testing has been done using Windows NT. This has all been tested on a Sun system with Solaris, on An HP system running HPUX, on a Cygwin bash shell, on Linux, and on Windows 2000 as well, but generally only a few tests were performed on each platform. The majority of the testing effort done was intended to verify that the keyring files from one platform could be used on the other platforms with simple replacement of files, and that text files that have been clearsigned using gpg could be verified on PGP 7.03 under Windows NT. Throughout the effort (which was necessary for a project at my work) the only problem uncovered was difficulty accessing keyservers using 1.0.6 Win32 binary versions, and this problem was not important to the project. A few tiny oddities were revealed: Relating to the use of WinPT to view key properties, when the keys exported from PGP included a photograph, often the photograph title would apparently be taken by WinPT to be a user ID. But I'm presently enjoying the use of WinPT, and I'll probably make the move to gpg.exe and WinPT.exe complete with the deletion of PGP from my systems soon. The gpg/WinPT combination of software has some limitations -- primarily that the level of integration of PGP with e-mail tools like Outlook and Outlook Express is very good and gpg doesn't quite meet this standard -- but I generally prefer signing/verifying or encrypting/decrypting the clipboard rather than in a buffer within the e-mail tool. This is probably a poor practice when you're connected to a large windows network because windows has features aimed at pulling data off of the clipboard on one system and putting it on another system, and I'm not quite convinced that there isn't a security issue there. Using a TCP (forwarded) network eliminates this outside of the local network because the windows stuff can't be forwarded. For me, --openpgp, sha1 hash, and --s2k-cipher-algo 3des, options were all called out in my successful options file. Unfortunately, I don't have a copy of the good options file at the moment -- I'll have to put it on the list tomorrow. I think I abondoned the RFC1991 and --force-v3-sigs options as being out of date, and used CAST symmetric key encryption in PGP. ----- Original Message ----- From: "Vincent von Kaenel" To: Sent: Thursday, April 25, 2002 7:23 PM Subject: using the same key from PGP and GPG > Hello, > > I have 2 computers, one Linux server and on Window PC. I would like to > share the same encryption key form both platforms. On the Linux box, I'm > using GPG 1.06 and from the PC box, I'm using Eudora with PGP 7.03. > > I tried to generate a key from GPG and export it to the PC box and > encrypt/decrypt from both platforms. It appears that the PGP version cannot > decrypt a message encrypted from the box. I got an error "Bad > packet" on the PGP version. > > I tried different version of the export command, including changing the > > gpg -a --s2k-cipher-algo 3des --compress-algo 1 --rfc1991 > --export-secret-keys > > proposed in the FAQ of GNUPG. It did not work, I still get the bad packet > error. > > I did also the other way experiment, meaning generating keys on the pgp > box and exporting them to the GNUPG box and that seemed to work just fine. > > Since I'm more confident in the open source software than in the PGP > version, I would really like to be able to generate my keys with GNUPG and > exporting both the private and public keys to the PC. > > Does someone has a solution to this issue? > > Regards > > Vincent > > -- > ------------------------------------------------------- > > Vincent von Kaenel > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users From surricani@surricani.cjb.net Fri Apr 26 17:11:01 2002 From: surricani@surricani.cjb.net (surricani@surricani.cjb.net) Date: Fri Apr 26 16:11:01 2002 Subject: (no subject) Message-ID: <200204261411.g3QEBmF54563@mail.cjb.net> How I can export my secret key? I can't do it... I try to do the command --export-secret-key MyNAme > File but when I try to import it The program do nothing.... Help!!! From sbutler@fchn.com Fri Apr 26 18:05:01 2002 From: sbutler@fchn.com (Steve Butler) Date: Fri Apr 26 17:05:01 2002 Subject: (no subject) Message-ID: <9A86613AB85FF346BB1321840DB42B4B67D6E8@jupiter.fchn.com> Did you use the --allow-secret-key-import option on the import? -----Original Message----- From: surricani@surricani.cjb.net [mailto:surricani@surricani.cjb.net] Sent: Friday, April 26, 2002 7:12 AM To: gnupg-users@gnupg.org Subject: (no subject) How I can export my secret key? I can't do it... I try to do the command --export-secret-key MyNAme > File but when I try to import it The program do nothing.... Help!!! _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. From kr6x@kr6x.com Fri Apr 26 18:20:01 2002 From: kr6x@kr6x.com (Leigh S. Jones, KR6X) Date: Fri Apr 26 17:20:01 2002 Subject: (no subject) References: <200204261411.g3QEBmF54563@mail.cjb.net> Message-ID: <007001c1ed36$13991160$963fca96@pacesetter.com> With gnupg you don't use your name to identify the key to be exported. First use > gpg --list-secret-keys and read the 8 digit number representing the key you want to export (it usually follows "sec 1024D/" or similar) then do > gpg -o secret_key.asc --armor --export-secret-key 0x######## and while you're at it do > gpg -o public_key.asc --armor --export 0x######## ----- Original Message ----- From: To: Sent: Friday, April 26, 2002 07:11 Subject: (no subject) > How I can export my secret key? I can't do it... > I try to do the command --export-secret-key MyNAme > File but when I try to import it The program do nothing.... > Help!!! > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > From kr6x@kr6x.com Fri Apr 26 19:02:01 2002 From: kr6x@kr6x.com (Leigh S. Jones, KR6X) Date: Fri Apr 26 18:02:01 2002 Subject: using the same key from PGP and GPG References: <200204261411.g3QEBmF54563@mail.cjb.net> <007001c1ed36$13991160$963fca96@pacesetter.com> Message-ID: <00bc01c1ed3b$db63f8e0$963fca96@pacesetter.com> Here's the promised options file (the one that I've been using to allow keys and encrypted/signed data to interoperate with PGP 7.03. Clearly there are some alternate choices -- you might use cipher-algo CAST5 in lieu of 3DES, or s2k-digest-algo MD5 in lieu of SHA1, etc., and still be able to interoperate with PGP. compress-algo 1 cipher-algo 3des s2k-cipher-algo 3des s2k-digest-algo SHA1 escape-from-lines lock-once keyserver http://wwwkeys.us.pgp.net honor-http-proxy openpgp --allow-secret-key-import These won't work with the earlier versions of PGP (<= 5), where the --rfc1991 option must be set instead of openpgp and --force-v3-sigs. There were really a lot of different versions of PGP with different requirements. There is information on some web sites I've seen that is helpful with older versions of PGP, and some information in the gpg distribution tar file that is also informative. And, again, you'll probably need to encrypt to something other than idea in PGP (unless you're outside of the US where the American idea patent isn't in effect and have equipped your gpg with the idea plug-in) -- a good suggestion would be CAST -- and in windows you'd set this under (from the tray menu) (tab) . From manckaert@belgacom.net Fri Apr 26 20:37:01 2002 From: manckaert@belgacom.net (Michael Anckaert) Date: Fri Apr 26 19:37:01 2002 Subject: strange email Message-ID: <31032820353801.00825@carpathia> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, this doesn't really has anything to do with gpg, but I just got this email: Your mail to 'Gnupg-users' with the subject Spice girls' vocal concert Is being held until the list moderator can review it for approval. The reason it is being held: Message body is too big: 206921 bytes but there's a limit of 40 KB Either the message will get posted to the list, or you will receive notification of the moderator's decision. _______________________________________________ Gnupg-devel mailing list Gnupg-devel@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-devel I came from the gnupg-devel mailinglist and was sent to the gnupg-users list. I did not send any email to this list and certainly not about the Spice Girls......Yuk :( - -- LINUX: The Choice of a GNU Generation... - ---------------------------------------------- Michael Anckaert manckaert@belgacom.net http://galileo.spaceports.com/~xantor Public gpg key: xantor Public gpg key-id: 360AC4A6 - ---------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAnMvgJcACgkQ+99tlzYKxKbTDACffE9GuytpWo4oOAQK8QN7O4qJ RLIAn0Z7S4Ky3OX2jJDK7DtaAW3rlB75 =XBiI -----END PGP SIGNATURE----- From kr6x@kr6x.com Fri Apr 26 21:38:02 2002 From: kr6x@kr6x.com (Leigh S. Jones, KR6X) Date: Fri Apr 26 20:38:02 2002 Subject: strange email References: <31032820353801.00825@carpathia> Message-ID: <010e01c1ed51$b613cf50$963fca96@pacesetter.com> I didn't pay much attention when I received it, but someone put a message out purportedly from the list saying that the e-mail addresses from users had been hijacked. That being the case, you've may possibly have received this message because someone who wanted to publicize the Spice girls concert impersonated you while sending a message to the list. Without impersonating a list member, the promoter wouldn't have a chance of getting his message through. Sounds like a case for tighter moderation controls for a while. ----- Original Message ----- From: "Michael Anckaert" To: Sent: Friday, March 28, 2031 12:35 Subject: strange email > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hello, > this doesn't really has anything to do with gpg, but I just got this email: > > > > > Your mail to 'Gnupg-users' with the subject > > Spice girls' vocal concert > > Is being held until the list moderator can review it for approval. > > The reason it is being held: > > Message body is too big: 206921 bytes but there's a limit of 40 KB > > Either the message will get posted to the list, or you will receive > notification of the moderator's decision. > > _______________________________________________ > Gnupg-devel mailing list > Gnupg-devel@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-devel > > > > I came from the gnupg-devel mailinglist and was sent to the gnupg-users list. > I did not send any email to this list and certainly not about the Spice > Girls......Yuk :( > > > - -- > LINUX: The Choice of a GNU Generation... > - ---------------------------------------------- > Michael Anckaert > manckaert@belgacom.net > http://galileo.spaceports.com/~xantor > > Public gpg key: xantor > Public gpg key-id: 360AC4A6 > - ---------------------------------------------- > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.6 (GNU/Linux) > Comment: For info see http://www.gnupg.org > > iEYEARECAAYFAnMvgJcACgkQ+99tlzYKxKbTDACffE9GuytpWo4oOAQK8QN7O4qJ > RLIAn0Z7S4Ky3OX2jJDK7DtaAW3rlB75 > =XBiI > -----END PGP SIGNATURE----- > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > From dreihauer4710u46@yahoo.de Sat Apr 27 00:52:02 2002 From: dreihauer4710u46@yahoo.de (dreihauer4710u46@yahoo.de) Date: Fri Apr 26 23:52:02 2002 Subject: Free Teens und Junge Girls.... Message-ID: <008d55b12b7d$1483e8a2$6dc33ea1@rrpbyc> Hi! Hol Dir die freeteen.exe !!! Hol sie dir hier !!!! - Nie gesehene Show - Super huebsche Maedels - Die besten Livecams - Die schaerfsten Teen-Videos.... http://usuarios.lycos.es/vogelel/sex/ Schau mal rein.... tolle Show und prickelnde Erotik UND HIER GIBTS BRITNEY SPEARS NACKT !!! http://usuarios.lycos.es/vogelel/ --------------------------------------- FREEMAIL:..... http://www.erohitz.to 3182tVAB2-886YVmo6949wcnM7-880UXRz2092uOfj3-019hVHY2302HrRn9-994l60 From manckaert@belgacom.net Sat Apr 27 13:54:02 2002 From: manckaert@belgacom.net (Michael Anckaert) Date: Sat Apr 27 12:54:02 2002 Subject: Key created in the future Message-ID: <02033009130000.00792@carpathia> -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Hello, I recently had some problems with my linux clock so I corrected it and now everytime i want to encrypt something, gpg refuses to do it because one of my keys was created in the future. I didn't find any option to change the key's creation date, so I deleted it and made a new subkey. My question now is: did this alter something to my public key, so I need to send it to a keyserver again? I don't think so, but I just want to be sure. - -- LINUX: The Choice of a GNU Generation... - ---------------------------------------------- Michael Anckaert manckaert@belgacom.net http://galileo.spaceports.com/~xantor Public gpg key: xantor Public gpg key-id: 360AC4A6 - ---------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iQQeBAEUAwAGBQI8pXPgAAoJEFZ5JtnMX7gEFlUP/0wmgjC4pN5HxYSyJvcW0fnq R6RxEBkvakUSDCykz6Rwu9FaHlWbVxgyulHGWoOnKInw2cAjD9+VVmvLO3uYb5+o WRzU9bHXyWpopZKWpDjY7DpRAJ3oIfzaXH3RNiDBXu87XthNTHNMuiqI4cyKwYA3 5xeIfU8ydDFUnTRNZ9JTt40QUmsvKULu8mlGNyZP2/O+/eugQsPZZ4NHaAAXj6Np d7h7fGdN0wEE3U/whr6b/Z7x+uKMFPLTrREZLv6pV+j1s6531FgfUN4xDdd/I/CV rqLtfddFgNVdEfN/PR1tvvGIZw2V4qmoqBaS1nUZeTVHbL2uApK1bcmJ7uFHDKJQ xv2PzW/5k+H/cz+uTNoMwNEccrL3vjbI/PpgPKn23IaYb/GLOL6kmISfB0VVIEXi 0yyrOCkerQCIe3UU9l6rL5IAXupe/CFZW3Woy76ynhl3eIMjIWgcGB9ZZBKW74rP 7txIP31ShmRNHUg+iuBta4cuTlCESltTQgGMHhicTWTG4i/F49ZO8hyZVRMz1k7T OCB/sqT1QKzzHNFj/bAcBQTqglmyTFfwzWU6QazWG6ZW7AR34nFG6xaXzcQ+Ouh8 rQdsvGnIf4CuTSaylKn5ZMZFY54j+uwiGXuHeFqtvNxKpAhIzKi5X4Ny8gjyrS1m XvuymzS3q8TLzFYJuN/UD/9b6+VS6scE5Q7AWEvq5ZKuWxF+/q/3u4OS8JiH/O8p +pxgO5H2hlldbto6KPynKV4YvmKFqz60/p8tCAz51YDYl/0oq/RXMpZTY5fZsR3S BYqN3NuOzC42e6ci2mk7wVuxcOe1idsEFGSwGeXmsLzpC/fbNxMBu+jprc7dzyyX S2ColoAb/MWy+BOdl+mRxTSQAVb0POYwVjOKSFIr6Lkv6aIULMqJN5LBjJuIZR3l rmMrC8QiIxnPM1DKOBH+kGj9w8Z5ttjUD4fwGQnUPOVoz8Aga27kMQ8W0xiSJamL BLE4yUa+j1qGuHqMuxMlKZ+y0+OnwKpDbdqeS/9pCBFImS9t5gbDtVPVdeg2f21y A0KY+k5ltsTfJmx4iE1uSlfQ8GyUi3nBk6v434ruYdsyrvWuI5eRve0ejKe/Bsg+ 64Ycj9oHRtQvME91f9o4Kg8/6ktuuejddozIqeVdfSvyExdHXOMr/0NVJzUIFoX8 GlkfdecrTYAiJtADZrviedzlwHkr+7HDfiVUyLZKwMIESzirTlDhV86kXxafaLhj z8vLyU5aMH31SeueFi3QCTG7ZXm85p6xk3zZ++zhY9Z3TpkUaU5V7PG5BCVaELDq z8tZC0DXLUEfnEJBYc6jce9+ImdX6pXPy63Mim2D2QKi/RSFeEs8rFrKOXPAJioG Ug== =kCLe -----END PGP SIGNATURE----- From engage@n0sq.net Sat Apr 27 20:08:02 2002 From: engage@n0sq.net (engage) Date: Sat Apr 27 19:08:02 2002 Subject: trouble with receiving PGP 7.0.3 encrypted files In-Reply-To: <87hem1v7gx.fsf@alberti.gnupg.de> References: <200204232327.g3NNRY727766@n0sq.net> <87hem1v7gx.fsf@alberti.gnupg.de> Message-ID: <200204271708.g3RH86712774@n0sq.net> Well, I had PGP 7.0.3 users send their e-mail to another service and I=20 retrieved those messages with both Kmail and Evolution (GPG 1.0.6). I can= 't=20 decrypt the messages with those MUA's but I can decrypt PGP 7.0.3 message= s=20 with Eudora/PGP6.5.8. On Wednesday 24 April 2002 02:14 am, Werner Koch wrote: > On Tue, 23 Apr 2002 17:27:34 -0600, engage said: > > Is it really an MTA problem? > > It might also due to a buggy MUA - maybe it recodes the file and > thereby messing up the armor (double base64 encoding?) > > Werner > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users From karlsson@hal-pc.org Sat Apr 27 21:39:02 2002 From: karlsson@hal-pc.org (Brian M. Carlson) Date: Sat Apr 27 20:39:02 2002 Subject: v4 self-sigs on a v3 key Message-ID: <20020427184005.GA10138@stonewall> --zYM0uCDKw75PZbzx Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I recently wanted to upgrade my v3 RSA key of 2048 bits (0x560553e7) to have v4 self-signatures, so that I could set uids primary, have preferences, use mdc, etc. I originally had openpgp and force-v4-certs in my options file. W= hen I tried to edit my key, even with --expert, and found that updpref did not work (it ignored me), I tried again without openpgp. I finally found that t= he only way to update a v3 self-sig to v4 was to delete the self-sig, sign the uid again (which was then a v4 self-sig), and use updpref. I also found that any new uids that were created automatically had v4 self-sigs. Is there any easier way to do this, or am I missing something? If not, could you patch the (probably minimal) lines of code that do this. I would, but I don't have the copyright assignment stuff. BTW, the updated key, for anyone that is interested is on . Thanks, --=20 Brian M. Carlson OpenPGP: 0x351336B2DCA1913A --zYM0uCDKw75PZbzx Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6f-cvs (GNU/Linux) Comment: Ubi libertas, ibi patria. iQEVAwUBPMrwhOWR/8lWBVPnAQNa8wf/XWS3DO7Nvnpdqim9Jme1Mf/6dqDVAg/q ZCEhZjQXozBwUVImd+fpIHHblE7kMcyHi1SzeQYIY+htwxTX/hMKidab5sEKL0KP zdwlWE3J2BHnAe4ea5aQJSvVQM6HcZu7YEDc4vq5kpf/2dLxnj3AqFhNKXV5Nuw8 AqTV61He92QTiM7bGeFaScVnci+n1zqW+g4YeEda/JEOmlzsxlAe7Wpg97v0paTN l4qR0hqgJjj0VzQZ6FQoXCM0VEvJBv1AjSRyNLh+fzreiiiduaxLZOuUqoWqqKo9 sXhjf+EB1wXJGQ9TULrfG6mRG+eKcBgALrNsne5l1/VsDQ+JqbLbXA== =Iv95 -----END PGP SIGNATURE----- --zYM0uCDKw75PZbzx-- From Darxus@chaosreigns.com Sat Apr 27 21:44:01 2002 From: Darxus@chaosreigns.com (Darxus@chaosreigns.com) Date: Sat Apr 27 20:44:01 2002 Subject: keyserver problems with my key - "Key block corrupt: more than one signature on subkey" Message-ID: <20020427144453.S2259@oblivion.chaosreigns.com> --RD6GsZsdEJvsf78O Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable A few days ago I was planning to meet someone to exchange fingerprints to sign keys. We were attempting to exchange encrypted passwords beforehand to confirm in person, when he told me that the copy of my key he downloaded from a keyserver was not useable. I have been able to replicate the problem, and the verbose output follows. I would really appreciate input. I suspect the problem is related to these self-signatures: sub 1024g/2EEAB976 2000-09-05 sig 0E9FF879 2000-09-05 Darxus sig 0E9FF879 2000-10-09 Darxus =2E.which I have guessed is a result of originally generating the key with = an expiration date, and later removing the expiration date. My public key can be downloaded from http://www.chaosreigns.com/darxus.asc $ gpg --list-key 0E9FF879 pub 1024D/0E9FF879 2000-09-05 Darxus sub 1024g/2EEAB976 2000-09-05 $ gpg --version gpg (GnuPG) 1.0.6 Copyright (C) 2001 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. Home: ~/.gnupg Supported algorithms: Cipher: IDEA, 3DES, CAST5, BLOWFISH, RIJNDAEL, RIJNDAEL192, RIJNDAEL256, TW= OFISH Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA, ELG Hash: MD5, SHA1, RIPEMD160 $ gpg --verbose --always-trust --recipient 0E9FF879 --encrypt test.text gpg: using secondary key 2EEAB976 instead of primary key 0E9FF879 gpg: No trust check due to --always-trust option gpg: reading from `test.text' gpg: writing to `test.text.gpg' gpg: ELG-E/TWOFISH encrypted for: 2EEAB976 Darxus $ gpg --verbose --keyserver pgp.mit.edu --send-key 0E9FF879 Public Key Server -- Add

Public Key Server -- Add

Key block in add request contained no new
keys, userid's, or signatures.
Your key block contained 1 format errors,
which were treated as if the erroneous elements
hadn't been part of your submission.
The last error was on key 0x5537ee81:
Key block corrupt: more than one signature on subkey
gpg: success sending to `pgp.mit.edu' (status=3D200) $ gpg --verbose --no-default-keyring --keyring ./temp.gpg --keyserver pgp.m= it.edu --recv-key 0E9FF879 gpg: ./temp.gpg: keyring created gpg: requesting key 0E9FF879 from pgp.mit.edu ... gpg: armor header: Version: 5.0 gpg: armor header: Comment: PGP Key Server 0.9.4+patch2 gpg: pub 1024D/0E9FF879 2000-09-05 Darxus gpg: key 0E9FF879: public key imported gpg: Total number processed: 1 gpg: imported: 1 $ gpg --always-trust --verbose --no-default-keyring --keyring ./temp.gpg --= recipient 0E9FF879 --encrypt test.text gpg: 0E9FF879: skipped: unusable public key gpg: test.text: encryption failed: unusable public key $ gpg --list-sigs 0E9FF879 pub 1024D/0E9FF879 2000-09-05 Darxus sig 0E9FF879 2000-09-05 Darxus sig FE3821D9 2000-09-11 darxus@op.net sig D31DE851 2000-09-11 Nathaniel E. Barwell sig 69350CFC 2000-10-05 Pete Foley sig EB281E23 2000-09-21 Alexander Shinn sig 67A7B584 2000-10-05 Walter C. Mankowski sig D9367DD8 2000-10-05 George E McNeal Jr (george) sig 5AA5BCDF 2000-09-21 Michael J. Leone sig 80675E65 2000-09-22 Leonard D. Rosenthol sig E4642C01 2000-09-28 Bill Jonas (This address preferred) sig 140BF9C1 2000-11-22 Nathaniel E. Barwell sig 70210CAA 2000-11-30 N-Tropy (Flint Heart) sig 8060510A 2000-12-08 Chris Beggy sig 7994A571 2000-12-09 Tony Dominello (Tony) sig 0C3F6A8E 2000-12-11 David A Nurse sig 7EC535F3 2000-12-17 lx sig 116F0CBD 2000-12-17 Bill Jonas sig 52703839 2001-01-04 Mike Phillips sig E57369CC 2001-06-07 Michael Bevilacqua sig 54DA9506 2001-01-08 Joseph B. Welsh (Work E-Mail) sig 0E9FF879 2000-10-09 Darxus sig DB7F41B4 2001-07-12 Brian Epstein sig F1AE6BBC 2001-06-19 M. Jackson Wilkinson sig 343BB2A7 2001-07-13 Adam Schaible (aka kb3edk) sig 0E6FC266 2000-09-09 Mental sig 5D8EB927 2001-07-18 Jason Stelzer sig 19BC76F8 2001-08-02 Ian Reinhart Geiser (geiseri) sig C1A6C2DC 2001-08-02 Zachary C Whitley sig 7262954A 2001-08-02 John Beck sig 0CF9091A 2001-08-08 gabriel rosenkoetter sig 52AC566B 2001-02-16 Michael C. Toren (MCT) sig 2AB165F9 2002-02-23 Paul L. Snyder sig 55FF8CEF 2001-12-09 Kristin Hill sig F0A0A919 2002-02-20 Jason Nocks sig 8477626F 2002-04-19 Mike Joseph sig 56C84DC3 2002-04-17 Elizabeth Krumbach sig CBAC94EA 2002-04-19 Michael Bevilacqua sig 8DAC6BEA 2001-06-08 Kevin Mudrick (darkspur) sig 742B67FE 2002-04-19 Eric Allan Lucas sig 2BA48C46 2002-04-19 John J Lavin Jr sig FE4BC82F 2002-04-19 Danita M. Fries sig D72CB41E 2002-04-25 Christophe Barbe sub 1024g/2EEAB976 2000-09-05 sig 0E9FF879 2000-09-05 Darxus sig 0E9FF879 2000-10-09 Darxus --=20 "Blessed are the cracked, for they shall let in the light." http://www.ChaosReigns.com --RD6GsZsdEJvsf78O Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8yvGlf7Wwvg6f+HkRAkMKAJ9TJmb33HZJ/YgCVUN6pqkIqRUmzQCfTwF2 Rvk8yMEEK6ZVce6cO4NOcMg= =4ZHa -----END PGP SIGNATURE----- --RD6GsZsdEJvsf78O-- From wk@gnupg.org Sun Apr 28 00:23:01 2002 From: wk@gnupg.org (Werner Koch) Date: Sat Apr 27 23:23:01 2002 Subject: [Mark Wall ] Message-ID: <87lmb8al8o.fsf@alberti.gnupg.de> -------------------- Start of forwarded message -------------------- Date: Wed, 24 Apr 2002 11:06:59 -0500 To: gnupg-users-admin@gnupg.org From: Mark Wall Hello! Please redirect if this was incorrectly addressed. I was unable to find archived mailing list messages, so I have 3 simple GnuPG questions: Can GnuPG: 1. completely erase/"shred" origninals after encryption? 2. encrypt/decrypt binary files? 3. encrypt/decrypt filled directories or multiple files in one shot? Thank you, Mark Wall ----------- HHMI/UT Southwestern Med. Ctr. 5323 Harry Hines Blvd. Dallas, TX 75390-9050 -------------------- End of forwarded message -------------------- From kr6x@kr6x.com Sun Apr 28 05:06:01 2002 From: kr6x@kr6x.com (Leigh S. Jones) Date: Sun Apr 28 04:06:01 2002 Subject: [Mark Wall ] References: <87lmb8al8o.fsf@alberti.gnupg.de> Message-ID: <007901c1ee5a$36275820$ede3c23f@KR6X.ORG> Hello Mark: 1 -- no 2 -- yes 3 -- no Expanded answers: 1) Although gpg is a program written primarily for Gnu/Linux systems, it has been laboriously adapted to multiple platforms. Linux and Unix systems are occasionally quite different, and there may be no guarantee that a file image on disk that has been overwritten will actually be overwritten. On many platforms an update to a file will be written to a new location on the disk, leaving the old image on disk unchanged. Overwriting a file with random data to obliterate all traces of a file from the disk image has to be done by programs that are written for particular platforms using very low level commands. Look for a program that is written for your particular platform (Linux, Unix -- of a particular release, Windows, etc.) that offers this capability. For instance, because there may be an interest in this capability, future releases of programs like WinPT might include this feature (it doesn't include the capability right now). Of course, some platforms already include commands that will obliterate all data from one file or another on disk already. 2) GnuPG doesn't care whether the file is text or binary. 3) Tough question. Coming from the Unix/Linux world, GnuPG assumes a certain level of sophistication among its users. Unix/Linux users can usually write quick scripts that satisfy the need to perform multiple operations like this one very quickly. To make this possible, GnuPG's default encrypting/decrypting capability channels input into it through "stdin" and channels output out through "stdout". This is like encrypting the keyboard entries and sending the output to the screen. Then the operating system "pipe" and "redirect" features (usually the "|" and ">" characters on the command line are used) will direct input and output from whatever files are required. Building scripts from "ls -1" and "args" commands allows whole directories to be encrypted. Decryption is more difficult. For each file decrypted, GnuPG will usually prompt for a password. If it's not important to decrypt whole directories at once, this might not be a problem. But it would be a problem to be forced to enter your password a few hundred times to decrypt a directory. On Unix/Linux systems, the GnuPG Agent program can sometimes help. There are security problems associated with GnuPG Agent on systems where shared use of the system is part of the reality. At my work there is an extensive network of Sun systems. Each system allows anyone to log on. No one needs to be at the particular system to log onto it. Nothing flags a user that someone else has logged onto his desktop Sun system, except perhaps the response by the system to "who" commands. Almost all user data is written to a user's home directory, and all user's home directories are on a server and never locally stored -- in fact it nearly takes root privileges to put anything onto your own Sun computer. In such an environment, use of GnuPG Agent would compromise a password. One might be able to get away with it, but it wouldn't be wise. Often add-in programs can help where the native capability is weak. For instance, on windows systems there is a program named WinPT that can make it possible to encrypt multiple files. I wouldn't recommend using WinPT for encrypting large directories at a time quite yet, but perhaps a dozen small files at once is quite practical. They are still working bugs out of WinPT, but it's a great start for making GnuPG a real good tool on windows. Check the archives of the gnupg-users list for a program I wrote for Borland C that interfaces with the windows version of gpg to make multiple accesses of a password. The program was written for signing, but decrypting would only require a tiny rewrite. A batch file could call this program. ----- Original Message ----- From: "Werner Koch" To: Sent: Saturday, April 27, 2002 2:24 PM Subject: [Mark Wall ] > > -------------------- Start of forwarded message -------------------- > Date: Wed, 24 Apr 2002 11:06:59 -0500 > To: gnupg-users-admin@gnupg.org > From: Mark Wall > > Hello! > > Please redirect if this was incorrectly addressed. I was unable to > find archived mailing list messages, so I have 3 simple GnuPG > questions: > > Can GnuPG: > > 1. completely erase/"shred" origninals after encryption? > 2. encrypt/decrypt binary files? > 3. encrypt/decrypt filled directories or multiple files in one shot? > > > Thank you, > > Mark Wall > ----------- > HHMI/UT Southwestern Med. Ctr. > 5323 Harry Hines Blvd. > Dallas, TX 75390-9050 > > > > > -------------------- End of forwarded message -------------------- > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users From dshaw@jabberwocky.com Sun Apr 28 05:27:02 2002 From: dshaw@jabberwocky.com (David Shaw) Date: Sun Apr 28 04:27:02 2002 Subject: keyserver problems with my key - "Key block corrupt: more than one signature on subkey" In-Reply-To: <20020427144453.S2259@oblivion.chaosreigns.com> References: <20020427144453.S2259@oblivion.chaosreigns.com> Message-ID: <20020428022528.GB13707@akamai.com> On Sat, Apr 27, 2002 at 02:44:53PM -0400, Darxus@chaosreigns.com wrote: > A few days ago I was planning to meet someone to exchange fingerprints to > sign keys. We were attempting to exchange encrypted passwords beforehand > to confirm in person, when he told me that the copy of my key he downloaded > from a keyserver was not useable. I have been able to replicate the > problem, and the verbose output follows. I would really appreciate input. > > I suspect the problem is related to these self-signatures: > > sub 1024g/2EEAB976 2000-09-05 > sig 0E9FF879 2000-09-05 Darxus > sig 0E9FF879 2000-10-09 Darxus > > ..which I have guessed is a result of originally generating the key with an > expiration date, and later removing the expiration date. > > My public key can be downloaded from http://www.chaosreigns.com/darxus.asc Your guess is right. Your key was unusable because the subkey had expired. The HKP keyservers, including the pgp.mit.edu keyserver, cannot handle an expiration time update on a subkey and will refuse to accept it. There is not much you can do, unfortunately, unless you want to contact each keyserver operator and get them to replace your key individually. This gets complex quickly with the keyservers synchronizing with each other. Try one of the CKS keyservers. They do not have this problem. http://keyserver.cryptnet.net/ One warning - do not try and make a new subkey with no expiration date. The HKP keyservers will mangle keys with multiple subkeys and render all of the subkeys unusable. David -- David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +---------------------------------------------------------------------------+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson From rdgreeson@hot.rr.com Sun Apr 28 05:52:02 2002 From: rdgreeson@hot.rr.com (Robert Greeson) Date: Sun Apr 28 04:52:02 2002 Subject: PGP Failed to Initialize Message-ID: I'm a rookie at this, so my problem is I installed GnuPG encryption on my online store website through agora.cgi. When and order comes through, I get the following error message: PGP Never Executed. Something went wrong. Does this mean I have a path wrong somewhere, or am I forgetting something. Any help would be appreciated. Thanks, Robert Greeson rdgreeson@hot.rr.com From manckaert@belgacom.net Sun Apr 28 11:39:02 2002 From: manckaert@belgacom.net (Michael Anckaert) Date: Sun Apr 28 10:39:02 2002 Subject: PGP Failed to Initialize In-Reply-To: References: Message-ID: <02030610402201.00833@carpathia> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sunday 28 April 2002 04:58, you wrote: > I'm a rookie at this, so my problem is I installed GnuPG encryption on my > online store website through agora.cgi. When and order comes through, I > get the following error message: PGP Never Executed. Something went wrong. > > Does this mean I have a path wrong somewhere, or am I forgetting something. > > Any help would be appreciated. > > Thanks, > > Robert Greeson > rdgreeson@hot.rr.com If the scrips says that PGP never executed, you could have tried to use the pgp binary and not the gpg binary. pgp is Pretty Good Privacy, gpg is Gnu Privacy Guard. Maybe you have mistaken the two. - -- LINUX: The Choice of a GNU Generation... - ---------------------------------------------- Michael Anckaert manckaert@belgacom.net http://galileo.spaceports.com/~xantor Public gpg key-id: 360AC4A6 - ---------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjyF5BMACgkQ+99tlzYKxKbYZQCgjT01qQnmj6dC14sFiAxKQQzI su8AniX/rwMwGWQ/ITECr1J0WJ9swxgm =aWQi -----END PGP SIGNATURE----- From avbidder@fortytwo.ch Sun Apr 28 13:25:01 2002 From: avbidder@fortytwo.ch (Adrian 'Dagurashibanipal' von Bidder) Date: Sun Apr 28 12:25:01 2002 Subject: trouble with receiving PGP 7.0.3 encrypted files In-Reply-To: <1019711640.27886.43.camel@allevil> References: <200204232327.g3NNRY727766@n0sq.net> <87hem1v7gx.fsf@alberti.gnupg.de> <200204250209.g3P29N700974@n0sq.net> <1019711640.27886.43.camel@allevil> Message-ID: <1019989542.4474.3.camel@zaphod> --=-9/UHShlGZ6nslWY5/xwQ Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Thu, 2002-04-25 at 07:14, Douglas Calvert wrote: > I have seen evo do some nasty things to pgp messages.[...] The problem is= =20 > evo I am almost sure... Yep. And, unfortunately, the evo people apparently don't regard gpg support very important - some gpg bug reports are quite old, and most issues that, imho, stem from using gpg the wrong way get closed with 'NOTXIMIAN' because developers think it's a gpg problem. (And even if it is a gpg problem, the bug oughtn't be just closed.) :-( I'll keep looking at sylpheed, but so far evo is still winning (palm pilot sync support), so I haven't switched yet. cheers -- vbi --=-9/UHShlGZ6nslWY5/xwQ Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEABECAAYFAjzLziYACgkQFDhRaJIIJIE1wQCfQxqXOurT2zJ98Jl+GfUAhqkF 2qYAnAnl9D6JzwSS7BWmmldP0jJ3R7DK =AOOv -----END PGP SIGNATURE----- --=-9/UHShlGZ6nslWY5/xwQ-- From saravn@mozdev.org Sun Apr 28 15:42:02 2002 From: saravn@mozdev.org (R. Saravanan) Date: Sun Apr 28 14:42:02 2002 Subject: SIGEXPIRED question Message-ID: <3CCBEC69.72799A4F@mozdev.org> Hi, Under what circumstances is a SIGEXPIRED status line emitted? The DETAILS file in the GnuPG distribution says the following: SIGEXPIRED The signature key has expired. No arguments yet. However, I find that even if the signature key has not expired, SIGEXPIRED is emitted if there is another expired key in the key ring with the same user id as the signature key. Is this the correct behaviour? Saravanan From mutz@kde.org Sun Apr 28 19:16:01 2002 From: mutz@kde.org (Marc Mutz) Date: Sun Apr 28 18:16:01 2002 Subject: trouble with receiving PGP 7.0.3 encrypted files In-Reply-To: <1019989542.4474.3.camel@zaphod> References: <200204232327.g3NNRY727766@n0sq.net> <1019711640.27886.43.camel@allevil> <1019989542.4474.3.camel@zaphod> Message-ID: <200204281507.36598@sendmail.mutz.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sunday 28 April 2002 12:25, Adrian 'Dagurashibanipal' von Bidder wrote: > I'll keep looking at sylpheed, but so far evo is still winning (palm > pilot sync support), so I haven't switched yet. Please consider KMail, too. It has the best OpenPGP integration you will find in any (Linux) mailer. Furthermore, the right people for the job are working to make it even better for KDE3.1 (ie. adding PGP/MIME support). For the organizer part, consider KOrganizer and for the palm pilot part consider KPilot ;-) Marc - -- Marc Mutz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8y/QW3oWD+L2/6DgRAu2rAJ9ufK4mpheq/JXk4yHaFmIRJ/7nKgCfch1E VA2is5MYOSo2bC+1RSqqcVU= =w/ql -----END PGP SIGNATURE----- From gnupg-users@gnupg.org Mon Apr 29 02:28:02 2002 From: gnupg-users@gnupg.org (Calum Selkirk) Date: Mon Apr 29 01:28:02 2002 Subject: trouble with receiving PGP 7.0.3 encrypted files In-Reply-To: <200204281507.36598@sendmail.mutz.com> References: <200204232327.g3NNRY727766@n0sq.net> <1019711640.27886.43.camel@allevil> <1019989542.4474.3.camel@zaphod> <200204281507.36598@sendmail.mutz.com> Message-ID: <20020428232743.GQ786@panix.com> * Marc Mutz [mutz@kde.org] [2002-04-28 15:07 +0200]: > > Please consider KMail, too. It has the best OpenPGP integration you > will find in any (Linux) mailer. Furthermore, the right people for the > job are working to make it even better for KDE3.1 (ie. adding PGP/MIME > support). > How (exactly) does kmail have "the best OpenPGP integration"? .. considering mutt has had PGP/MIME for some time now. Thats more of a "shameless opinion" calum From folligy@gmx.net Mon Apr 29 08:27:01 2002 From: folligy@gmx.net (folligy@gmx.net) Date: Mon Apr 29 07:27:01 2002 Subject: Can we combine secret keyrings? Message-ID: <2816.1020058073@www59.gmx.net> Hi, I'm searching for a way to combine two secrings. I've got an old one (with an old secret subkey from my old PC) and a new one (with my new secret subkey) but I can't export the secret key from the old one and import to the new one because the primary key is already present there and gpg is complaining about this. The DSA primary key is in both keyrings. I just want to import the old secret encryption subkey into the new secret keyring. gpg: key 14DCBC1F: already in secret keyring Can i merge them somehow else? I did the following: gpg -a -o secfile.asc --export-secret-key 0x14DCBC1F gpg --allow-secret-key-import --import secfile.asc Frank Ollig -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net From mutz@kde.org Mon Apr 29 13:55:01 2002 From: mutz@kde.org (Marc Mutz) Date: Mon Apr 29 12:55:01 2002 Subject: trouble with receiving PGP 7.0.3 encrypted files In-Reply-To: <20020428232743.GQ786@panix.com> References: <200204232327.g3NNRY727766@n0sq.net> <200204281507.36598@sendmail.mutz.com> <20020428232743.GQ786@panix.com> Message-ID: <200204291254.36221@sendmail.mutz.com> =2D----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Monday 29 April 2002 01:27, Calum Selkirk wrote: > How (exactly) does kmail have "the best OpenPGP integration"? .. > considering mutt has had PGP/MIME for some time now. Thats more of a > "shameless opinion" Just _try_ it. ;-) Marc =2D --=20 Marc Mutz =2D----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8zSZr3oWD+L2/6DgRAg9iAKCCjt6boyVNfBSylfGrszgnA8we8gCgjg8p qGGhccoPNWPvL91lG1p6lyw=3D =3DDba4 =2D----END PGP SIGNATURE----- From jayachristina@hotmail.com Mon Apr 29 15:09:01 2002 From: jayachristina@hotmail.com (Jaya Christina) Date: Mon Apr 29 14:09:01 2002 Subject: GnuPG + Java Message-ID: Hi *, The following code is giving an error usage: gpg [options] [filename] when the -r is jaya christina in double quotes. When I give same in single quotes also I get the same error.Same error for without quotes.Any idea anybody?? If the -r is a single name in double or single quotes like 'jaya' the error is : A recepient with name "jaya" is available. gpg: 'Kalibra'--armor: skipped: public key not found gpg: input.txt: encryption failed: public key not found import java.io.*; public class GnuPGTest{ public static void main(String[] arg){ Process p; try{ String exec = "gpg -r Kalibra On Web --armor --yes --batch --output output.gpg --encrypt input.txt" ; p = Runtime.getRuntime().exec(exec); p.waitFor(); InputStream is = p.getErrorStream(); String stream = ""; while(is.available()!=0){ stream += (char)is.read(); } System.out.println(stream ); }catch(Exception io){ System.out.println("Error creating process. IOException encrypt" + io); } }} Ciao, Jaya Christina From NelsonA@Budd.ThyssenKrupp.Com Mon Apr 29 23:17:01 2002 From: NelsonA@Budd.ThyssenKrupp.Com (Nelson, Andy) Date: Mon Apr 29 22:17:01 2002 Subject: Error while trying to encrypt Message-ID: <474A6E9EC11FE749B71D16CE034A12050C6379@BLMMAIL2K.buddcompany.thyssenkrupp.com> This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01C1EFBA.D082A189 Content-Type: text/plain; charset="iso-8859-1" Hi all, Receiving the following error when trying to encrypt a file with someone's public key Could not find a valid trust path to the key. Let's see whether we can assign some missing owner trust values. No path leading to one of our keys found. **then it list the contents of the key** It is NOT certain that the key belongs to its owner. If you *really* know what you are doing, you may answer the next question with yes Anyone seen this before??? Thanks, Andy ******************************************************************* This email and any files transmitted with it are confidential and is intended solely for the use of the individual or entity to whom they are addressed. If you have received this E-mail in error please notify the system manager. This foot- note also confirms that this email message has been swept by MIMEsweeper in accordance with The Budd Company E-Mail Policy. ********************************************************************** ------_=_NextPart_001_01C1EFBA.D082A189 Content-Type: text/html; charset="iso-8859-1" Error while trying to encrypt

Hi all,

Receiving the following error when trying to encrypt a file with someone's public key



Could not find a valid trust path to the key.  Let's see whether we
can assign some missing owner trust values.

No path leading to one of our keys found.

**then it list the contents of the key**

It is NOT certain that the key belongs to its owner.
If you *really* know what you are doing, you may answer
the next question with yes


Anyone seen this before???

Thanks,
Andy



*******************************************************************
This email and any files transmitted with it are confidential
and is intended solely for the use of the individual or entity
to whom they are addressed. If you have received this
E-mail in error please notify the system manager. This foot-
note also confirms that this email message has been swept
by MIMEsweeper in accordance with The Budd Company
E-Mail Policy.
**********************************************************************
 ------_=_NextPart_001_01C1EFBA.D082A189-- From agreene@pobox.com Mon Apr 29 23:38:02 2002 From: agreene@pobox.com (Anthony E. Greene) Date: Mon Apr 29 22:38:02 2002 Subject: Error while trying to encrypt In-Reply-To: <474A6E9EC11FE749B71D16CE034A12050C6379@BLMMAIL2K.buddcompany.thyssenkrupp.com> References: <474A6E9EC11FE749B71D16CE034A12050C6379@BLMMAIL2K.buddcompany.thyssenkrupp.com> Message-ID: <20020429203855.GB2478@asmodb.hqda.pentagon.mil> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 29-Apr-2002/16:16 -0400, "Nelson, Andy" wrote: >Receiving the following error when trying to encrypt a file with someone's >public key [snip] That just means that you have not signed the key (thereby telling GPG that you're sure it belongs to the purported owner). So GPG is telling you that it's not sure who the key belongs to, and asking if you're sure you want to use it. If you're sure of who a key belongs to, then sign it. If not, then don't and GPG will ask you each time if you're sure you want to use a key that you're not sure about. If you don't care who any key belongs to, then you can add "always-trust" to your options file or "--always-trust" to the command line. Tony - -- Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: Linux: the choice of a GNU Generation. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene 0x6C94239D iD8DBQE8za9WpCpg3WyUI50RAoupAKCMafNgJQQtHdYH83/8SBsvljQgowCgo7Uu p2WY7Qf60WfDYTR/pSnJKCY= =Y3oD -----END PGP SIGNATURE----- From bart.martens@advalvas.be Tue Apr 30 02:14:01 2002 From: bart.martens@advalvas.be (Bart Martens) Date: Tue Apr 30 01:14:01 2002 Subject: Error while trying to encrypt In-Reply-To: <474A6E9EC11FE749B71D16CE034A12050C6379@BLMMAIL2K.buddcompany.thyssenkrupp.com>; from NelsonA@Budd.ThyssenKrupp.Com on Mon, Apr 29, 2002 at 04:16:58PM -0400 References: <474A6E9EC11FE749B71D16CE034A12050C6379@BLMMAIL2K.buddcompany.thyssenkrupp.com> Message-ID: <20020430013154.A5222@cable-195-162-214-146.upc.chello.be> On Mon, Apr 29, 2002 at 04:16:58PM -0400, Nelson, Andy wrote: > Hi all, > > Receiving the following error when trying to encrypt a file with someone's > public key > > > > Could not find a valid trust path to the key. Let's see whether we > can assign some missing owner trust values. > > No path leading to one of our keys found. > > **then it list the contents of the key** > > It is NOT certain that the key belongs to its owner. > If you *really* know what you are doing, you may answer > the next question with yes > > > Anyone seen this before??? > > Thanks, > Andy Yes. You should read the text at http://www.pgpi.org/doc/pgpintro/ or some other introduction to PGP, to fully understand concepts like the "web of trust" en "trust path". The paragraph at http://www.pgpi.org/doc/pgpintro/#p17 is relevant for your question. From bart.martens@advalvas.be Tue Apr 30 02:38:01 2002 From: bart.martens@advalvas.be (Bart Martens) Date: Tue Apr 30 01:38:01 2002 Subject: Error while trying to encrypt In-Reply-To: <20020429203855.GB2478@asmodb.hqda.pentagon.mil>; from agreene@pobox.com on Mon, Apr 29, 2002 at 04:38:55PM -0400 References: <474A6E9EC11FE749B71D16CE034A12050C6379@BLMMAIL2K.buddcompany.thyssenkrupp.com> <20020429203855.GB2478@asmodb.hqda.pentagon.mil> Message-ID: <20020430015614.B5222@cable-195-162-214-146.upc.chello.be> On Mon, Apr 29, 2002 at 04:38:55PM -0400, Anthony E. Greene wrote: > On 29-Apr-2002/16:16 -0400, "Nelson, Andy" wrote: > >Receiving the following error when trying to encrypt a file with someone's > >public key > [snip] > > That just means that you have not signed the key [...] That is not entirely correct. A missing trust path is not the same as missing your signature on the key. > If you're sure of who a key belongs to, then sign it. Correct. More precisely, if you are 100% sure. :-) > If not, then don't > and GPG will ask you each time if you're sure you want to use a key that > you're not sure about. Not entirely correct. You don't have to sign the key. A trust path is sufficient. > If you don't care who any key belongs to, then you can add "always-trust" > to your options file or "--always-trust" to the command line. I would not recommend the use of that option in this context, and not to beginning gpg users. Bart Martens From agreene@pobox.com Tue Apr 30 03:36:01 2002 From: agreene@pobox.com (Anthony E. Greene) Date: Tue Apr 30 02:36:01 2002 Subject: Error while trying to encrypt In-Reply-To: <20020430015614.B5222@cable-195-162-214-146.upc.chello.be>; from bart.martens@chello.be on Tue, Apr 30, 2002 at 01:56:14AM +0200 References: <474A6E9EC11FE749B71D16CE034A12050C6379@BLMMAIL2K.buddcompany.thyssenkrupp.com> <20020429203855.GB2478@asmodb.hqda.pentagon.mil> <20020430015614.B5222@cable-195-162-214-146.upc.chello.be> Message-ID: <20020429203704.A12557@cp5340.verizon.net> gpg: Invalid passphrase; please try again ... -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 30-Apr-2002/01:56 +0200, Bart Martens wrote: >On Mon, Apr 29, 2002 at 04:38:55PM -0400, Anthony E. Greene wrote: >> On 29-Apr-2002/16:16 -0400, "Nelson, Andy" wrote: >> >Receiving the following error when trying to encrypt a file with someone's >> >public key >> [snip] >> >> That just means that you have not signed the key [...] > >That is not entirely correct. A missing trust path is not the same as >missing your signature on the key. True. An oversight based on the practical experience that the WoT is so thin for most of us that unsigned keys are much more a fact of life than trust paths. >> If you're sure of who a key belongs to, then sign it. > >Correct. More precisely, if you are 100% sure. :-) A judgement call. People generally use different criteria for local sigs than for published ones. It's also reasonable to use different criteria for "pen pals" than for people I intend to do business with. >> If you don't care who any key belongs to, then you can add "always-trust" >> to your options file or "--always-trust" to the command line. > >I would not recommend the use of that option in this context, and not to >beginning gpg users. I wouldn't recommend it for anything but scripted operations where the sender is not a person, and therefore cannot sign a key in any meaningful way. Tony - -- Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: Linux. The choice of a GNU generation -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene 0x6C94239D iD8DBQE8zecrpCpg3WyUI50RAs+VAJoCXtBiJzVuyVv+8hOEQXcgWetgeQCggOvX 2tbMZdvSIIP0kOj9rXLg3qo= =fzpP -----END PGP SIGNATURE----- From douglist@anize.org Tue Apr 30 05:38:01 2002 From: douglist@anize.org (Douglas F. Calvert) Date: Tue Apr 30 04:38:01 2002 Subject: Error while trying to encrypt, Or: how to improve your web of trust In-Reply-To: <20020429203704.A12557@cp5340.verizon.net> References: <474A6E9EC11FE749B71D16CE034A12050C6379@BLMMAIL2K.buddcompany.thyssenkrupp.c om> <20020429203855.GB2478@asmodb.hqda.pentagon.mil> <20020430015614.B5222@cable-195-162-214-146.upc.chello.be> <20020429203704.A12557@cp5340.verizon.net> Message-ID: <1020134353.17648.98.camel@allevil> --=-B3d2b8VLmpRvrGuGTqQ6 Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Hello, Two great resources for improving your web of trust have appeared on the net lately. There is a website similar to debians key signing page and a mailing list for announcing key signing availability. The web page is best for letting others know that you live in city, state, country and are always available for signings. The mailing list is very helpful for announcing a travel plan to a certain city and finding out if anyone is interested. There is a certain bit of overlap for both resources but the mailing list is very low volume so i recommend signing up for both.=20 Website: http://www.biglumber.com Mailing List: http://lists.alt.org/mailman/listinfo/keysignings Also check out any decent computer conference. There will be two fairly large key signings in ottawa this summer, one for linuxsymposium.org and one for debian conf2. Any usenix conference always has a key signing bof and most computer security conferences will have something too.=20 Once finals are over I will put up a good resource for all of these questions at: http://www.anize.org/dfc/gpg.html I will also put an entry in the FAQ for these questions. I am just waiting for access, but werner is busy getting 1.0.7 out the door so I am just waiting for things to cool down for him before I bother him. Plus, (most importantly) I don't have the time right now to do anything that i would be happy with... =20 --=20 + Douglas Calvert http://anize.org/dfc + | Key Id 0xC9541FB2 http://anize.org/dfc-keys.asc | | http://imissjerry.org http://whoownsthisidea.org | +-| 0817 30D4 82B6 BB8D 5E66 06F6 B796 073D C954 1FB2 |-+ --=-B3d2b8VLmpRvrGuGTqQ6 Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQA8zgPRt5YHPclUH7IRAp6OAJ0QHxaJESDLDa8egJhO4Kt7dbWKZgCfbDCT Uzg6bYdgWNJlQR87K7stPrg= =6vO/ -----END PGP SIGNATURE----- --=-B3d2b8VLmpRvrGuGTqQ6-- From itisthecon@hotmail.com Tue Apr 30 09:00:01 2002 From: itisthecon@hotmail.com (safd asfdaf) Date: Tue Apr 30 08:00:01 2002 Subject: problem about the system clock Message-ID: hello all, after i ceate a key at my server i find that my system clock has fast several hours. after i have adjusted my system clock i find that when i edit my key , it display this: gpg: DBG: updating area of type 101 gpg: key has been created 28640 seconds in future (time warp or clock problem) gpg: key DFE71A56.59: created in future (time warp or clock problem) pub 1024D/DFE71A56 created: 2002-04-30 expires: never trust: -/? sub 2048g/AEDC37CE created: 2002-04-30 expires: never (1) tAng jUn (con) (INSECURE!) so i deleted the directory .gnupg at my home and re-create my key, but after i'v created my key , when list the keys , it still display INSECURE!, .gnupg@natd1#gpg --list-keys /home/thecon/.gnupg/pubring.gpg ------------------------------- pub 1024D/51DBEEF5 2002-04-30 tAng jUn (con) (INSECURE!) sub 2048g/39787B95 2002-04-30 ^^^^^^^^^ who can help me? thanks a lot. _________________________________________________________________ ÓëÁª»úµÄÅóÓѽøÐн»Á÷£¬ÇëʹÓà MSN Messenger: http://messenger.microsoft.com/cn From wk@gnupg.org Tue Apr 30 13:40:02 2002 From: wk@gnupg.org (Werner Koch) Date: Tue Apr 30 12:40:02 2002 Subject: [Announce] GnuPG 1.0.7 released Message-ID: <87sn5dqz2c.fsf@alberti.gnupg.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello! The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It is a complete and free replacement of PGP and can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. This new release has a lot of features beyond OpenPGP which will be included in a soon to be published RFC2440 successor. Version 1.0.7 has been released yesterday and is available at most mirrors (see below) now. If you can't get it from a mirror, use the primary location: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.0.7.tar.gz (2.3MB) ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.0.7.tar.gz.sig Due to some new translations and the work we did over the last 11 months, the diff against 1.0.6 is somewhat large: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.0.6-1.0.7.diff.gz (1.3MB) MD5 checksums of the above files are: d8b36d4dfd213a1a1027b1877acbc897 gnupg-1.0.7.tar.gz 99d92e0658972b42868d7564264797ad gnupg-1.0.6-1.0.7.diff.gz Some new things in this version: * Secret keys are now stored and exported in a new format which uses SHA-1 for integrity checks. This format renders the Rosa/Klima attack useless. Other OpenPGP implementations might not yet support this, so the option --simple-sk-checksum creates the old vulnerable format. * The default cipher algorithm for encryption is now CAST5, default hash algorithm is SHA-1. This will give us better interoperability with other OpenPGP implementations. * Symmetric encrypted messages now use a fixed file size if possible. This is a tradeoff: it breaks PGP 5, but fixes PGP 2, 6, and 7. Note this was only an issue with RFC-1991 style symmetric messages. * Photographic user ID support. This uses an external program to view the images. * Enhanced keyserver support via keyserver "plugins". GnuPG comes with plugins for the NAI LDAP keyserver as well as the HKP email keyserver. It retains internal support for the HKP HTTP keyserver. * Nonrevocable signatures are now supported. If a user signs a key nonrevocably, this signature cannot be taken back so be careful! * Multiple signature classes are usable when signing a key to specify how carefully the key information (fingerprint, photo ID, etc) was checked. * --pgp2 mode automatically sets all necessary options to ensure that the resulting message will be usable by a user of PGP 2.x. * --pgp6 mode automatically sets all necessary options to ensure that the resulting message will be usable by a user of PGP 6.x. * Signatures may now be given an expiration date. When signing a key with an expiration date, the user is prompted whether they want their signature to expire at the same time. * Revocation keys (designated revokers) are now supported if present. There is currently no way to designate new keys as designated revokers. * Permissions on the .gnupg directory and its files are checked for safety. * --expert mode enables certain silly things such as signing a revoked user id, expired key, or revoked key. * Some fixes to build cleanly under Cygwin32. * New tool gpgsplit to split OpenPGP data formats into packets. * New option --preserve-permissions. * Subkeys created in the future are not used for encryption or signing unless the new option --ignore-valid-from is used. * Revoked user-IDs are not listed unless signatures are listed too or we are in verbose mode. * There is no default comment string with ascii armors anymore except for revocation certificates and --enarmor mode. * The command "primary" in the edit menu can be used to change the primary UID, "setpref" and "updpref" can be used to change the preferences. * Fixed the preference handling; since 1.0.5 they were erroneously matched against against the latest user ID and not the given one. * RSA key generation. * Merged Stefan's patches for RISC OS in. See comments in scripts/build-riscos. * It is now possible to sign and conventional encrypt a message (-cs). * The MDC feature flag is supported and can be set by using the "updpref" edit command. * The status messages GOODSIG and BADSIG are now returning the primary UID, encoded using %XX escaping (but with spaces left as spaces, so that it should not break too much) * Support for GDBM based keyrings has been removed. * The entire keyring management has been revamped. * The way signature stati are store has changed so that v3 signatures can be supported. To increase the speed of many operations for existing keyrings you can use the new --rebuild-keydb-caches command. * The entire key validation process (trustdb) has been revamped. See the man page entries for --update-trustdb, --check-trustdb and --no-auto-check-trustdb. * --trusted-keys is again obsolete, --edit can be used to set the ownertrust of any key to ultimately trusted. * A subkey is never used to sign keys. * Read only keyrings are now handled as expected. Please read the man page entries for the options --update-trustdb and - --check-trustdb. To get the best performance out of larger keyrings, it is suggested that you run the new command "gpg --rebuild-keydb-caches" once. We tried to make the migration to 1.0.7 as smooth as possible, but it might be good idea to backup your keyrings and the trustdb (gpg - --export-ownertrust) first. Please note that due to a bug in prior versions, it won't be possible to downgrade to 1.0.6 unless you use the GnuPG version which comes with Debian's Woody release or you apply the patch http://www.gnupg.org/developer/gpg-woody-fix.txt . Most new features and a lot of bug fixes are due to David Shaw; he greatly helped to improve GnuPG and put a lot of work into solving a lot of little interoperability problems with PGP. Many thanks to him and to all the other folks who helped with this release. See http://www.gnupg.org/docs-mls.html for a list of GnuPG related mailing lists. If you have any question you should direct them to mailing list gnupg-users@gnupg.org . Salaam-Shalom, Werner p.s. Here is a list of sites mirroring ftp://ftp.gnupg.org/gcrypt/ Please use them if you can; new releases should show up on these servers within a day. This mirror list is also available at http://www.gnupg.org/mirrors.html Australia ftp://ftp.planetmirror.com/pub/gnupg/ http://ftp.planetmirror.com/pub/gnupg/ ftp://mirror.aarnet.edu.au/pub/gnupg/ Austria ftp://gd.tuwien.ac.at/privacy/gnupg/ http://gd.tuwien.ac.at/privacy/gnupg/ ftp://ftp.enemy.org/pub/crypto/gnupg/ Belgium ftp://openbsd.rug.ac.be/pub/gcrypt/ ftp://gnupg.x-zone.org/pub/gnupg Czechia ftp://ftp.gnupg.cz/pub/gcrypt Denmark ftp://sunsite.dk/pub/security/gcrypt/ Finland ftp://ftp.jyu.fi/pub/crypt/gcrypt/ ftp://trumpetti.atm.tut.fi/gcrypt/ http://trumpetti.atm.tut.fi/gcrypt/ rsync://trumpetti.atm.tut.fi/gcrypt/ France ftp://ftp.strasbourg.linuxfr.org/pub/gnupg/ Germany ftp://ftp.franken.de/pub/crypt/mirror/ftp.gnupg.org/gcrypt/ ftp://ftp.freenet.de/pub/ftp.gnupg.org/pub/gcrypt/ Greece ftp://ftp.linux.gr/pub/crypto/gnupg/ ftp://hal.csd.auth.gr/mirrors/gnupg/ Hungary ftp://ftp.kfki.hu/pub/packages/security/gnupg/ Iceland ftp://ftp.hi.is/pub/mirrors/gnupg/ Ireland ftp://ftp.compsoc.com/pub/gnupg/ Italy ftp://ftp.linux.it/pub/mirrors/gnupg/ ftp://ftp3.linux.it/pub/mirrors/gnupg/ Japan ftp://pgp.iijlab.net/pub/gnupg/ ftp://ftp.ring.gr.jp/pub/net/gnupg/ http://www.ring.gr.jp/pub/net/gnupg/ ftp://ftp.ayamura.org/pub/gnupg/ Korea ftp://ftp.snu.ac.kr/pub/security/gnupg/ Poland ftp://sunsite.icm.edu.pl/pub/security/gnupg/ Spain ftp://dimonieta.udg.es/mirror/gnupg Sweden ftp://ftp.stacken.kth.se/pub/crypto/gnupg/ ftp://ftp.sunet.se:/pub/security/gnupg/ Switzerland ftp://sunsite.cnlab-switch.ch/mirror/gcrypt/ Taiwan ftp://coda.nctu.edu.tw/Security/gcrypt United Kingdom ftp://ftp.net.lut.ac.uk/gcrypt/ ftp://ftp.mirror.ac.uk/sites/ftp.gnupg.org/pub/gcrypt/ http://www.mirror.ac.uk/sites/ftp.gnupg.org/pub/gcrypt/ United States ftp://ftp.exobit.org/pub/security/gnupg -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE8zmw4bH7huGIcwBMRAiLTAKCPlh37pJ1wo50gMJaCk1zRribWQwCguLkj knSn9gpfR1rzqTQTgT5oyy8= =lQMf -----END PGP SIGNATURE----- _______________________________________________ Gnupg-announce mailing list Gnupg-announce@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce From kr6x@kr6x.com Tue Apr 30 17:04:02 2002 From: kr6x@kr6x.com (Leigh S. Jones) Date: Tue Apr 30 16:04:02 2002 Subject: Fw: [Announce] GnuPG 1.0.7 released Message-ID: <040301c1f050$f71bf8e0$ede3c23f@KR6X.ORG> Congratulations on this marvelous achievement, Werner! ----- Original Message ----- From: "Werner Koch" To: Sent: Tuesday, April 30, 2002 3:07 AM Subject: [Announce] GnuPG 1.0.7 released > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hello! > > The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication > and data storage. It is a complete and free replacement of PGP and > can be used to encrypt data and to create digital signatures. It > includes an advanced key management facility and is compliant with the > proposed OpenPGP Internet standard as described in RFC2440. This new > release has a lot of features beyond OpenPGP which will be included in > a soon to be published RFC2440 successor. > > Version 1.0.7 has been released yesterday and is available at most > mirrors (see below) now. If you can't get it from a mirror, use the > primary location: > > ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.0.7.tar.gz (2.3MB) > ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.0.7.tar.gz.sig > > Due to some new translations and the work we did over the last 11 > months, the diff against 1.0.6 is somewhat large: > > ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.0.6-1.0.7.diff.gz (1.3MB) > > MD5 checksums of the above files are: > > d8b36d4dfd213a1a1027b1877acbc897 gnupg-1.0.7.tar.gz > 99d92e0658972b42868d7564264797ad gnupg-1.0.6-1.0.7.diff.gz > > Some new things in this version: > > * Secret keys are now stored and exported in a new format which > uses SHA-1 for integrity checks. This format renders the > Rosa/Klima attack useless. Other OpenPGP implementations might > not yet support this, so the option --simple-sk-checksum creates > the old vulnerable format. > > * The default cipher algorithm for encryption is now CAST5, > default hash algorithm is SHA-1. This will give us better > interoperability with other OpenPGP implementations. > > * Symmetric encrypted messages now use a fixed file size if > possible. This is a tradeoff: it breaks PGP 5, but fixes PGP 2, > 6, and 7. Note this was only an issue with RFC-1991 style > symmetric messages. > > * Photographic user ID support. This uses an external program to > view the images. > > * Enhanced keyserver support via keyserver "plugins". GnuPG comes > with plugins for the NAI LDAP keyserver as well as the HKP email > keyserver. It retains internal support for the HKP HTTP > keyserver. > > * Nonrevocable signatures are now supported. If a user signs a > key nonrevocably, this signature cannot be taken back so be > careful! > > * Multiple signature classes are usable when signing a key to > specify how carefully the key information (fingerprint, photo > ID, etc) was checked. > > * --pgp2 mode automatically sets all necessary options to ensure > that the resulting message will be usable by a user of PGP 2.x. > > * --pgp6 mode automatically sets all necessary options to ensure > that the resulting message will be usable by a user of PGP 6.x. > > * Signatures may now be given an expiration date. When signing a > key with an expiration date, the user is prompted whether they > want their signature to expire at the same time. > > * Revocation keys (designated revokers) are now supported if > present. There is currently no way to designate new keys as > designated revokers. > > * Permissions on the .gnupg directory and its files are checked > for safety. > > * --expert mode enables certain silly things such as signing a > revoked user id, expired key, or revoked key. > > * Some fixes to build cleanly under Cygwin32. > > * New tool gpgsplit to split OpenPGP data formats into packets. > > * New option --preserve-permissions. > > * Subkeys created in the future are not used for encryption or > signing unless the new option --ignore-valid-from is used. > > * Revoked user-IDs are not listed unless signatures are listed too > or we are in verbose mode. > > * There is no default comment string with ascii armors anymore > except for revocation certificates and --enarmor mode. > > * The command "primary" in the edit menu can be used to change the > primary UID, "setpref" and "updpref" can be used to change the > preferences. > > * Fixed the preference handling; since 1.0.5 they were erroneously > matched against against the latest user ID and not the given one. > > * RSA key generation. > > * Merged Stefan's patches for RISC OS in. See comments in > scripts/build-riscos. > > * It is now possible to sign and conventional encrypt a message (-cs). > > * The MDC feature flag is supported and can be set by using > the "updpref" edit command. > > * The status messages GOODSIG and BADSIG are now returning the primary > UID, encoded using %XX escaping (but with spaces left as spaces, > so that it should not break too much) > > * Support for GDBM based keyrings has been removed. > > * The entire keyring management has been revamped. > > * The way signature stati are store has changed so that v3 > signatures can be supported. To increase the speed of many > operations for existing keyrings you can use the new > --rebuild-keydb-caches command. > > * The entire key validation process (trustdb) has been revamped. > See the man page entries for --update-trustdb, --check-trustdb > and --no-auto-check-trustdb. > > * --trusted-keys is again obsolete, --edit can be used to set the > ownertrust of any key to ultimately trusted. > > * A subkey is never used to sign keys. > > * Read only keyrings are now handled as expected. > > > Please read the man page entries for the options --update-trustdb and > - --check-trustdb. To get the best performance out of larger keyrings, > it is suggested that you run the new command "gpg --rebuild-keydb-caches" > once. We tried to make the migration to 1.0.7 as smooth as possible, > but it might be good idea to backup your keyrings and the trustdb (gpg > - --export-ownertrust) first. > > Please note that due to a bug in prior versions, it won't be possible > to downgrade to 1.0.6 unless you use the GnuPG version which comes > with Debian's Woody release or you apply the patch > http://www.gnupg.org/developer/gpg-woody-fix.txt . > > Most new features and a lot of bug fixes are due to David Shaw; he > greatly helped to improve GnuPG and put a lot of work into solving a > lot of little interoperability problems with PGP. Many thanks to him > and to all the other folks who helped with this release. > > See http://www.gnupg.org/docs-mls.html for a list of GnuPG related > mailing lists. If you have any question you should direct them to > mailing list gnupg-users@gnupg.org . > > > Salaam-Shalom, > > Werner > > > p.s. > Here is a list of sites mirroring ftp://ftp.gnupg.org/gcrypt/ > Please use them if you can; new releases should show up on these > servers within a day. This mirror list is also available at > http://www.gnupg.org/mirrors.html > > Australia > > ftp://ftp.planetmirror.com/pub/gnupg/ > http://ftp.planetmirror.com/pub/gnupg/ > ftp://mirror.aarnet.edu.au/pub/gnupg/ > > Austria > > ftp://gd.tuwien.ac.at/privacy/gnupg/ > http://gd.tuwien.ac.at/privacy/gnupg/ > ftp://ftp.enemy.org/pub/crypto/gnupg/ > > Belgium > > ftp://openbsd.rug.ac.be/pub/gcrypt/ > ftp://gnupg.x-zone.org/pub/gnupg > > Czechia > > ftp://ftp.gnupg.cz/pub/gcrypt > > Denmark > > ftp://sunsite.dk/pub/security/gcrypt/ > > Finland > > ftp://ftp.jyu.fi/pub/crypt/gcrypt/ > ftp://trumpetti.atm.tut.fi/gcrypt/ > http://trumpetti.atm.tut.fi/gcrypt/ > rsync://trumpetti.atm.tut.fi/gcrypt/ > > France > > ftp://ftp.strasbourg.linuxfr.org/pub/gnupg/ > > Germany > > ftp://ftp.franken.de/pub/crypt/mirror/ftp.gnupg.org/gcrypt/ > ftp://ftp.freenet.de/pub/ftp.gnupg.org/pub/gcrypt/ > > Greece > > ftp://ftp.linux.gr/pub/crypto/gnupg/ > ftp://hal.csd.auth.gr/mirrors/gnupg/ > > Hungary > > ftp://ftp.kfki.hu/pub/packages/security/gnupg/ > > Iceland > > ftp://ftp.hi.is/pub/mirrors/gnupg/ > > Ireland > > ftp://ftp.compsoc.com/pub/gnupg/ > > Italy > > ftp://ftp.linux.it/pub/mirrors/gnupg/ > ftp://ftp3.linux.it/pub/mirrors/gnupg/ > > Japan > > ftp://pgp.iijlab.net/pub/gnupg/ > ftp://ftp.ring.gr.jp/pub/net/gnupg/ > http://www.ring.gr.jp/pub/net/gnupg/ > ftp://ftp.ayamura.org/pub/gnupg/ > > Korea > > ftp://ftp.snu.ac.kr/pub/security/gnupg/ > > Poland > > ftp://sunsite.icm.edu.pl/pub/security/gnupg/ > > Spain > > ftp://dimonieta.udg.es/mirror/gnupg > > Sweden > > ftp://ftp.stacken.kth.se/pub/crypto/gnupg/ > ftp://ftp.sunet.se:/pub/security/gnupg/ > > Switzerland > > ftp://sunsite.cnlab-switch.ch/mirror/gcrypt/ > > Taiwan > > ftp://coda.nctu.edu.tw/Security/gcrypt > > United Kingdom > > ftp://ftp.net.lut.ac.uk/gcrypt/ > ftp://ftp.mirror.ac.uk/sites/ftp.gnupg.org/pub/gcrypt/ > http://www.mirror.ac.uk/sites/ftp.gnupg.org/pub/gcrypt/ > > United States > > ftp://ftp.exobit.org/pub/security/gnupg > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.7 (GNU/Linux) > > iD8DBQE8zmw4bH7huGIcwBMRAiLTAKCPlh37pJ1wo50gMJaCk1zRribWQwCguLkj > knSn9gpfR1rzqTQTgT5oyy8= > =lQMf > -----END PGP SIGNATURE----- > > > _______________________________________________ > Gnupg-announce mailing list > Gnupg-announce@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-announce > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users From samael-gnupg@lists.manxome.org Tue Apr 30 18:14:01 2002 From: samael-gnupg@lists.manxome.org (Ricardo SIGNES) Date: Tue Apr 30 17:14:01 2002 Subject: [Announce] GnuPG 1.0.7 released In-Reply-To: <87sn5dqz2c.fsf@alberti.gnupg.de> References: <87sn5dqz2c.fsf@alberti.gnupg.de> Message-ID: <20020430151452.GD1933@manxome.org> --0vzXIDBeUiKkjNJl Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Apr 30, 2002 at 12:07:55PM +0200, Werner Koch wrote: > The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication > and data storage. It is a complete and free replacement of PGP and > can be used to encrypt data and to create digital signatures. It > includes an advanced key management facility and is compliant with the > proposed OpenPGP Internet standard as described in RFC2440. This new > release has a lot of features beyond OpenPGP which will be included in > a soon to be published RFC2440 successor. First, to echo a previous replier, congratulations! I am very happy with GnuPG, and it looks like this version has made huge leaps. Now... that's also a problem, in my mind, because the difference between 1.= 0.6 and 1.0.5 was chiefly a bugfix. (There were also some translation changes = and a minor keyserver client change.) What defines a second-order version? Is the versioning of GnuPG meaningful other than the apparent odd/even overloading of the middle digit? I didn't find any documentation of this on gnupg.org It's nice to be able to see that a version number has changed significantly= and know, then, that the changes in the software are likewise significant. Per= haps this version should have been 1.2.0? =20 Thanks. --=20 rjbs --0vzXIDBeUiKkjNJl Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjzOtOwACgkQDIxbLaZ099M/FACfTXmE2A2druF7yi8pKmllcem8 Og4An1foFVkNWEafoHhnAAcNEHp/dZYJ =13ES -----END PGP SIGNATURE----- --0vzXIDBeUiKkjNJl-- From alex.buell@munted.org.uk Tue Apr 30 18:49:02 2002 From: alex.buell@munted.org.uk (Alex Buell) Date: Tue Apr 30 17:49:02 2002 Subject: [Announce] GnuPG 1.0.7 released In-Reply-To: <20020430151452.GD1933@manxome.org> Message-ID: On Tue, 30 Apr 2002, Ricardo SIGNES wrote: > First, to echo a previous replier, congratulations! I am very happy > with GnuPG, and it looks like this version has made huge leaps. I was hoping that 1.0.7 would be able to import public keys generated with PGP 7.0.3. How do I do that, I really need to be able to do this? :-( -- I'm an infojunkie. http://www.munted.org.uk (updated 30 April 2002) From rtilley@vt.edu Tue Apr 30 19:11:01 2002 From: rtilley@vt.edu (Brad Tilley) Date: Tue Apr 30 18:11:01 2002 Subject: [Announce] GnuPG 1.0.7 released In-Reply-To: <20020430151452.GD1933@manxome.org> References: <87sn5dqz2c.fsf@alberti.gnupg.de> <20020430151452.GD1933@manxome.org> Message-ID: <200204301555.AKA74595@dagger.cc.vt.edu> I love gpg. I use it everday with kmail. GPA is a great front-end too. I don't care what the naysayers say! I have only one wish: recursive directory encryption natively built-in to gpg. Outside of that, I think GNUpg is perfect! Keep up the good work guys! On Tuesday 30 April 2002 11:14, Ricardo SIGNES wrote: > On Tue, Apr 30, 2002 at 12:07:55PM +0200, Werner Koch wrote: > > The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication > > and data storage. It is a complete and free replacement of PGP and > > can be used to encrypt data and to create digital signatures. It > > includes an advanced key management facility and is compliant with the > > proposed OpenPGP Internet standard as described in RFC2440. This new > > release has a lot of features beyond OpenPGP which will be included in > > a soon to be published RFC2440 successor. > > First, to echo a previous replier, congratulations! I am very happy with > GnuPG, and it looks like this version has made huge leaps. > > Now... that's also a problem, in my mind, because the difference between > 1.0.6 and 1.0.5 was chiefly a bugfix. (There were also some translation > changes and a minor keyserver client change.) > > What defines a second-order version? Is the versioning of GnuPG meaningful > other than the apparent odd/even overloading of the middle digit? I didn't > find any documentation of this on gnupg.org > > It's nice to be able to see that a version number has changed significantly > and know, then, that the changes in the software are likewise significant. > Perhaps this version should have been 1.2.0? > > Thanks. -- Brad From wk@gnupg.org Tue Apr 30 19:35:02 2002 From: wk@gnupg.org (Werner Koch) Date: Tue Apr 30 18:35:02 2002 Subject: [Announce] GnuPG 1.0.7 released In-Reply-To: (Alex Buell's message of "Tue, 30 Apr 2002 16:49:20 +0100 (BST)") References: Message-ID: <87d6whnnw7.fsf@alberti.gnupg.de> On Tue, 30 Apr 2002 16:49:20 +0100 (BST), Alex Buell said: > I was hoping that 1.0.7 would be able to import public keys generated with > PGP 7.0.3. How do I do that, I really need to be able to do this? :-( gpg --import yourkey.asc if this fails becuase PGP used IDEA for encryption, change the passphrase to empty with PGP, import and change the passphrase back. I think this is in the FAQ. Werner From pplf@wanadoo.fr Tue Apr 30 19:35:07 2002 From: pplf@wanadoo.fr (pplf) Date: Tue Apr 30 18:35:07 2002 Subject: GnuPG 1.0.7 trustdb problem References: <87sn5dqz2c.fsf@alberti.gnupg.de> Message-ID: <3CCEC815.8000303@wanadoo.fr> Hello, I have upgraded from 1.0.6 to 1.0.7 and I have a problem with my trustdb. My personal keys are untrusted ! I suppose it is neccessary to rebuild the trustdb ? What is the best command to do that without losing my old 1.0.6 parameters ? Thanks, pplf -- French OpenPGP page "OpenPGP en francais" http://www.openpgp.fr.st pplf@wanadoo.fr From rabbi@quickie.net Tue Apr 30 19:49:02 2002 From: rabbi@quickie.net (Len Sassaman) Date: Tue Apr 30 18:49:02 2002 Subject: keyserver problems with my key - "Key block corrupt: more than one signature on subkey" In-Reply-To: <20020427144453.S2259@oblivion.chaosreigns.com> Message-ID: This is a problem with the Horowitz keyservers. pksd doesn't understand what to do with multiple subkeys, and munges them (usually by deleting all but one of the subkeys, and dumping the subkey binding signatures (all of them) on the remaining subkey. Yuck. You may wish to discontinue use of the pksd servers. On Sat, 27 Apr 2002 Darxus@chaosreigns.com wrote: > A few days ago I was planning to meet someone to exchange fingerprints to > sign keys. We were attempting to exchange encrypted passwords beforehand > to confirm in person, when he told me that the copy of my key he downloaded > from a keyserver was not useable. I have been able to replicate the > problem, and the verbose output follows. I would really appreciate input. > > I suspect the problem is related to these self-signatures: > > sub 1024g/2EEAB976 2000-09-05 > sig 0E9FF879 2000-09-05 Darxus > sig 0E9FF879 2000-10-09 Darxus > > ..which I have guessed is a result of originally generating the key with an > expiration date, and later removing the expiration date. > > My public key can be downloaded from http://www.chaosreigns.com/darxus.asc > > $ gpg --list-key 0E9FF879 > pub 1024D/0E9FF879 2000-09-05 Darxus > sub 1024g/2EEAB976 2000-09-05 > > $ gpg --version > gpg (GnuPG) 1.0.6 > Copyright (C) 2001 Free Software Foundation, Inc. > This program comes with ABSOLUTELY NO WARRANTY. > This is free software, and you are welcome to redistribute it > under certain conditions. See the file COPYING for details. > > Home: ~/.gnupg > Supported algorithms: > Cipher: IDEA, 3DES, CAST5, BLOWFISH, RIJNDAEL, RIJNDAEL192, RIJNDAEL256, TWOFISH > Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA, ELG > Hash: MD5, SHA1, RIPEMD160 > > $ gpg --verbose --always-trust --recipient 0E9FF879 --encrypt test.text > gpg: using secondary key 2EEAB976 instead of primary key 0E9FF879 > gpg: No trust check due to --always-trust option > gpg: reading from `test.text' > gpg: writing to `test.text.gpg' > gpg: ELG-E/TWOFISH encrypted for: 2EEAB976 Darxus > > $ gpg --verbose --keyserver pgp.mit.edu --send-key 0E9FF879 > Public Key Server -- Add

>

Public Key Server -- Add

> 

> Key block in add request contained no new
> keys, userid's, or signatures.
> Your key block contained 1 format errors,
> which were treated as if the erroneous elements
> hadn't been part of your submission.
> The last error was on key 0x5537ee81:
> Key block corrupt: more than one signature on subkey
>
> gpg: success sending to `pgp.mit.edu' (status=200) > > $ gpg --verbose --no-default-keyring --keyring ./temp.gpg --keyserver pgp.mit.edu --recv-key 0E9FF879 > gpg: ./temp.gpg: keyring created > gpg: requesting key 0E9FF879 from pgp.mit.edu ... > gpg: armor header: Version: 5.0 > gpg: armor header: Comment: PGP Key Server 0.9.4+patch2 > gpg: pub 1024D/0E9FF879 2000-09-05 Darxus > gpg: key 0E9FF879: public key imported > gpg: Total number processed: 1 > gpg: imported: 1 > > $ gpg --always-trust --verbose --no-default-keyring --keyring ./temp.gpg --recipient 0E9FF879 --encrypt test.text > gpg: 0E9FF879: skipped: unusable public key > gpg: test.text: encryption failed: unusable public key > > $ gpg --list-sigs 0E9FF879 > pub 1024D/0E9FF879 2000-09-05 Darxus > sig 0E9FF879 2000-09-05 Darxus > sig FE3821D9 2000-09-11 darxus@op.net > sig D31DE851 2000-09-11 Nathaniel E. Barwell > sig 69350CFC 2000-10-05 Pete Foley > sig EB281E23 2000-09-21 Alexander Shinn > sig 67A7B584 2000-10-05 Walter C. Mankowski > sig D9367DD8 2000-10-05 George E McNeal Jr (george) > sig 5AA5BCDF 2000-09-21 Michael J. Leone > sig 80675E65 2000-09-22 Leonard D. Rosenthol > sig E4642C01 2000-09-28 Bill Jonas (This address preferred) > sig 140BF9C1 2000-11-22 Nathaniel E. Barwell > sig 70210CAA 2000-11-30 N-Tropy (Flint Heart) > sig 8060510A 2000-12-08 Chris Beggy > sig 7994A571 2000-12-09 Tony Dominello (Tony) > sig 0C3F6A8E 2000-12-11 David A Nurse > sig 7EC535F3 2000-12-17 lx > sig 116F0CBD 2000-12-17 Bill Jonas > sig 52703839 2001-01-04 Mike Phillips > sig E57369CC 2001-06-07 Michael Bevilacqua > sig 54DA9506 2001-01-08 Joseph B. Welsh (Work E-Mail) > sig 0E9FF879 2000-10-09 Darxus > sig DB7F41B4 2001-07-12 Brian Epstein > sig F1AE6BBC 2001-06-19 M. Jackson Wilkinson > sig 343BB2A7 2001-07-13 Adam Schaible (aka kb3edk) > sig 0E6FC266 2000-09-09 Mental > sig 5D8EB927 2001-07-18 Jason Stelzer > sig 19BC76F8 2001-08-02 Ian Reinhart Geiser (geiseri) > sig C1A6C2DC 2001-08-02 Zachary C Whitley > sig 7262954A 2001-08-02 John Beck > sig 0CF9091A 2001-08-08 gabriel rosenkoetter > sig 52AC566B 2001-02-16 Michael C. Toren (MCT) > sig 2AB165F9 2002-02-23 Paul L. Snyder > sig 55FF8CEF 2001-12-09 Kristin Hill > sig F0A0A919 2002-02-20 Jason Nocks > sig 8477626F 2002-04-19 Mike Joseph > sig 56C84DC3 2002-04-17 Elizabeth Krumbach > sig CBAC94EA 2002-04-19 Michael Bevilacqua > sig 8DAC6BEA 2001-06-08 Kevin Mudrick (darkspur) > sig 742B67FE 2002-04-19 Eric Allan Lucas > sig 2BA48C46 2002-04-19 John J Lavin Jr > sig FE4BC82F 2002-04-19 Danita M. Fries > sig D72CB41E 2002-04-25 Christophe Barbe > sub 1024g/2EEAB976 2000-09-05 > sig 0E9FF879 2000-09-05 Darxus > sig 0E9FF879 2000-10-09 Darxus > > > -- > "Blessed are the cracked, for they shall let in the light." > http://www.ChaosReigns.com > --Len. From wk@gnupg.org Tue Apr 30 20:19:02 2002 From: wk@gnupg.org (Werner Koch) Date: Tue Apr 30 19:19:02 2002 Subject: GnuPG 1.0.7 trustdb problem In-Reply-To: <3CCEC815.8000303@wanadoo.fr> (pplf's message of "Tue, 30 Apr 2002 18:36:37 +0200") References: <87sn5dqz2c.fsf@alberti.gnupg.de> <3CCEC815.8000303@wanadoo.fr> Message-ID: <878z75nlvc.fsf@alberti.gnupg.de> On Tue, 30 Apr 2002 18:36:37 +0200, pplf said: > I have upgraded from 1.0.6 to 1.0.7 and I have a problem with my trustdb. > My personal keys are untrusted ! check with gpg --edit-key that your keys are ultimately trusted, it not use the command "trust" to change the trust. gpg should then remind you to run "gpg --check-trustdb". Alternatively you can run "gpg --update-trustdb". > What is the best command to do that without losing my old 1.0.6 parameters ? gpg migrates the trustdb but because the ultimately rusted keys are not anymore implicity deduced by the existance of a secret key, you have to set them again as ultimately trusted. Hmmm, nobody mentined that problem with the pre-releases ;-) Werner From mutz@kde.org Tue Apr 30 20:26:01 2002 From: mutz@kde.org (Marc Mutz) Date: Tue Apr 30 19:26:01 2002 Subject: GnuPG 1.0.7 trustdb problem In-Reply-To: <3CCEC815.8000303@wanadoo.fr> References: <87sn5dqz2c.fsf@alberti.gnupg.de> <3CCEC815.8000303@wanadoo.fr> Message-ID: <200204301924.11834@sendmail.mutz.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday 30 April 2002 18:36, pplf wrote: > Hello, > > I have upgraded from 1.0.6 to 1.0.7 and I have a problem with my trustdb. > My personal keys are untrusted ! > > I suppose it is neccessary to rebuild the trustdb ? No. You need to edit you key and set it explicitly to ultimate trust. it's no longer done implicitly, only because the seckey happens to be available. Whoever is in charge of the FAQ: This will come up very often the next days. Better update the FAQ ;-) We'll hopefully have it in the KMail FAQ soon, too.q > What is the best command to do that without losing my old 1.0.6 parameters gpg --rebuild-keydb-caches Marc - -- Marc Mutz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE8ztM73oWD+L2/6DgRAjW8AKDru3V5Ni+GSSS8Zfq2OTMQWDpdIQCgp21L MQbX/Dgz6WvoTdbYgMPrERQ= =pvK3 -----END PGP SIGNATURE----- From kr6x@kr6x.com Tue Apr 30 20:40:02 2002 From: kr6x@kr6x.com (Leigh S. Jones, KR6X) Date: Tue Apr 30 19:40:02 2002 Subject: import public keys generated with PGP 7.0.3 References: Message-ID: <009701c1f06e$46ee84b0$963fca96@pacesetter.com> I've been successful importing both public and private keys from PGP6 and PGP7 including 7.0.3 into gnupg 1.0.6 for some time now. My first suggestion is to set the preferred encryption algorithm within PGP to "CAST", perhaps this might have to be done before creating your key (I'm not sure of this) but certainly before exporting. Export the key from PGP-Keys by highlighting it and selecting . Save file as type ASCII (*.asc). If you need to export the private key, check the appropriate box. When you get the key into gpg, you may have to trim off some user ID "images" with the command gpg --edit-key 0x######## before the keys will be usable. It's usually a good idea to remove any user ID's you are not going to use as well, if there are multiple IDs on the key. WinPT seems to have a little trouble with extra user ID's. See the gpg man pages for info on using the --edit-key command. At least in 1.0.6 you started the --edit-key mode, then selected a user ID number by typing "uid 2" or similar, then performed a delete operation by typing "deluid". Looks like my first "make" operation of gpg-1.0.7 was successful on Sun Solaris 2.5 (sparc) with gpg and gnu make. Now to test the new release. ----- Original Message ----- From: "Alex Buell" To: "GnuPG - Mailing List" Sent: Tuesday, April 30, 2002 08:49 Subject: Re: [Announce] GnuPG 1.0.7 released > On Tue, 30 Apr 2002, Ricardo SIGNES wrote: > > > First, to echo a previous replier, congratulations! I am very happy > > with GnuPG, and it looks like this version has made huge leaps. > > I was hoping that 1.0.7 would be able to import public keys generated with > PGP 7.0.3. How do I do that, I really need to be able to do this? :-( > > -- > I'm an infojunkie. > > http://www.munted.org.uk (updated 30 April 2002) > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > From agreene@pobox.com Tue Apr 30 20:58:02 2002 From: agreene@pobox.com (Anthony E. Greene) Date: Tue Apr 30 19:58:02 2002 Subject: GnuPG 1.0.7 trustdb problem In-Reply-To: <3CCEC815.8000303@wanadoo.fr> References: <87sn5dqz2c.fsf@alberti.gnupg.de> <3CCEC815.8000303@wanadoo.fr> Message-ID: <20020430175912.GB5005@asmodb.hqda.pentagon.mil> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 30-Apr-2002/18:36 +0200, pplf wrote: >I have upgraded from 1.0.6 to 1.0.7 and I have a problem with my trustdb. >My personal keys are untrusted ! Please go back and read the message you replied to. It is all explained in that message. - -- Anthony E. Greene OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: Linux: the choice of a GNU Generation. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene 0x6C94239D iD8DBQE8zttspCpg3WyUI50RAn6sAKCabEa0gCBrAYyZDFwz859Ws3b5EgCfR3do q0o79gX/vf5DhwrOkntuU3I= =Cta3 -----END PGP SIGNATURE----- From mike.kirkland@ndchealth.com Tue Apr 30 22:31:01 2002 From: mike.kirkland@ndchealth.com (Kirkland, Mike # IHTUL) Date: Tue Apr 30 21:31:01 2002 Subject: need precompiled idea.c module for tru64 unix V5.1 Message-ID: <4242F92CA015D5119B9600600834014241A258@claven.cistech.com> Hi everyone, I am having problems compiling the idea.c module on my compaq DS10 workstation running tru64 unix version 5.1 and using gnupg 1.0.6. If anyone has idea.c compiled on this platform and version, please = contact / email it to me. Thanks, Mike Kirkland Unix System Administrator National Data Corporation Phone: (918) 481-2817 Fax: (918) 481-4275 mike.kirkland@ndchealth.com NDC=AE| HEALTH 6100 South Yale Avenue Suite 1900 Tulsa, OK 74136 "This E-mail message is for the sole use of the intended recipient(s) = and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not = the intended recipient, please contact the sender by reply E-mail, and = destroy all copies of the original message." From keith@nullify.org Tue Apr 30 22:52:01 2002 From: keith@nullify.org (Keith Ray) Date: Tue Apr 30 21:52:01 2002 Subject: Nullify's GnuPG 1.0.7 Release 1 Message-ID: <1020196330.3ccef5ea4c1d1@mail.nullify.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Nullify's GnuPG 1.0.7 Release 1 DESCRIPTION =========== A binary release of GnuPG for Windows 95/98/Me/NT/2k/XP that includes DLL extensions for the IDEA cipher and the Tiger and SHA-2 hashes. It has been compiled from the official source with the following patch: * RSA v3 Key Generation Patch - Enables GPG to generate RSA v3 keys - Enables GPG to generate RSA v4 sign and encrypt keys DOWNLOAD ======== Available for download from: http://www.nullify.org/ -----BEGIN PGP SIGNATURE----- iD8DBQE8zvSxBxrjkHkmmhIRAlvQAJ43d/5VVbLDdxeuYxoPXrFzF+ruhQCdH4l/ B/XmwsyzZnygEPRP2lyzzlY= =DeJZ -----END PGP SIGNATURE----- From sbutler@fchn.com Tue Apr 30 23:31:01 2002 From: sbutler@fchn.com (Steve Butler) Date: Tue Apr 30 22:31:01 2002 Subject: Makefile errors? Message-ID: <9A86613AB85FF346BB1321840DB42B4BDF27A0@jupiter.fchn.com> This is a multi-part message in MIME format. ------=_NextPart_000_4A230_01C1F04B.778605D0 x-gfisavedcharset: iso-8859-1 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit > Last 5 lines of output from make are below. Is this normal? > > gpgkeys_ldap.c:788: `keylist' undeclared (first use in this function) > gpgkeys_ldap.c:791: `keyptr' undeclared (first use in this function) > make[2]: *** [gpgkeys_ldap.o] Error 1 > make[1]: *** [all-recursive] Error 1 > make: *** [all] Error 2 > > Since I suspect _not_ <>, I'm attaching a gzip tar file containing: > tar -tvzf fchn.tar.gz > -rw-r--r-- oracle/dba 54764 2002-04-30 13:07:34 config.log > -rw-r--r-- oracle/dba 9142 2002-04-30 13:07:03 config.lst > -rwxr-xr-x oracle/dba 46169 2002-04-30 13:07:01 config.status > -rw-r--r-- oracle/dba 8036 2002-04-30 13:08:01 make.err > -rw-r--r-- oracle/dba 1952 2002-04-30 13:08:01 make.lst > > Found config.log and config.status. Created config.lst by redirecting > stdlist. > > Created make.lst and make.err by redirecting stdlist and stderr > (respectively). > > <> > > This was done on a RedHat 6.2EE Linux O/S on a Compaq DL580. > > I'll try this over on a SuSE 7.2 box (also Compaq DL580). > > --Steve > > Oracle Administrator > First Choice Health Network > CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ------=_NextPart_000_4A230_01C1F04B.778605D0 Content-Disposition: attachment; filename="fchn.tar.gz" Content-Type: application/octet-stream; name="fchn.tar.gz"; name="fchn.tar.gz" Content-Transfer-Encoding: base64 H4sIAGX8zjwAA+Q9a3fbtpL9evUrsElvY6eRxBcA0mlyj5O4WZ9Nk5zYvb27TVehKEhizYfKhx3n dv/7DkBKAkhQD6e3WXt1WjsCBoMZYDCYGQDjIE2m4WwQpbOv/mUfwzQM4jhfGfChBCu/DRNbFEMd dYiN4YdBAN4kGH+FjH8dSetPmRd+htBXaeYHEeuGm4z9P4OcP/tzPg9zNA0jhoI0KfwwyZGfXKOY 5bk/YzlaZOmkDNgEja8BIl4AZJajqzn87mVlkoTJjLcEGSoz9ggVKfLDCZqwcTmb8bpwuq5GsX8B KH0UhzDoF2zQ650W6MrPUZAxv6g6mSXlQkKJzIExoI94j8Gcw/ZmLGHZEvrl6x/RcVmkHB5ZA2wN EDpNLtPAL8I04RTHfjJBUZgw0biH0NdoMFyj7/Xu30f91Qfdv88L3kZ+MU2zGLBVBSpEb57mReLH DD1BEUsH02CeDKCvXikK+zGUh8Qly+8ZfLcG1sB0+qY5iKZ5Hi+WdTnUvQqT8uOy4BIK7pvo7Ie3 6Lxk6HiRIdNFpneEyZHpoJMX58iCddPrDcs8G47DZFg3XEDDMrlI0qukJ5f/A/HPuq6q9DMYT+VT 07xCKyD6F6vaFW4OACN4yT4OZ6zIr/MwmaYSAB8dUdTEr1AX+8GcT4sWYElDmkfskkV6DGUSXoI0 Mh2G3tvj83+H7wLTBcvGLEtz3upIlEQgIVH1dVW2+sc/TPMdqb6mi2L46+RC84UDfsxmI9ALElr+ r8HRcJ7GbFhplGG1goqhOzAHZA2aC9CG+K0E8HkKslmwvMg1IlgL4UqIjzzXO0Kc4Sf3Bo8H9x6L 5cNbD/J5T5L2I7niaLU6krRA07RMJjJKzzpCX/8NRtC0qFRuGjb0FcxZcMGX97gMowkCEShYjIrr BVNAMT1CGcvLqDgSstVfBP2Iy3ofVrkCSRwJKZefTpzU3RWniyWcoORBVjuxet6OWE1LphR0BKiz Z2cvhG4EnTMGRQo6tPCjSGlF7TX+lXDXgKgfKLCu3MPVnBVzltUDzZLLMEuTmCUFAr2d+4nChmVJ A37NcqWOGA3CY//qQoGgMGBCDtYktmBciZFWpWdrKOdKH+WgJ9DX//zh+D9O/kduYpt2J8WOtY1i x9lAjQP6UqaG7x8w3kUYoAykPo1RDAsT5gv2rDJXxtGh1hrvhE19+IdS7xENo4AEpVM0nLDLYd0D zFHGfithwTF5cZnYwJ1sY8PtRs4+FizJYWvLu3Gb3UKAlSFd4vbznMUguVk9IrBFg/bRI7e8buS2 pZt+FqcZbOuln026aXbMNdokVaqwqcEKP9CrF8dv0QW7zlkG2wAsu4JlUz9g3b3wJdBFPNHJLu+G xX4Y7dePLD7NfijW9BMmQVROwKT5FIXjbrwu7hwld4PQBP7CH4dRWIRsg9h4bhdyYminIAV15HOF BwMkTEeW9fMFC8IpLLFFmhVCTKH/H0ADcBNTGQhiGp392ToNuFGPEOx0DjnRTu1OCpUapBMtVdBy 9TQLFEVO+VbV0KdNEFfCr9ZZhtncaZ6vLHDE7R4YXhWeChxgKNS16Duhi5IS9pin3+AemwV53xp4 YIcQpSXXCmKvN9Riq0Z42cT0jvkTThWfbnAfMlB1lf0TjjmLff47tGEbzdhk7hfVVjqU+x+Kpj2O fkmtXA32rucZtukMhW2MDkSlCSaUBeMVMT9nhyqtWM/Cckz+3mQBSo9Az81KMfcgzB/6f3/AZQCc EzBoZwoaezlAplKMmxuUNEP1toHSsliUhdrMroiCz8oeg2+cKgWMaFmSlYA/SBu4PZ2C52pMIu0q zS5ytRV0NRhqsHk6Ekyzc7FZpqXTFVdMbCkB2OB5TUdjiE3L7lAHUEUaw8w+sqAshO7Jy+k0/KiC u/Wcp6vh3TLUYIZo+cQSTWqF16AoHf/KgkJHDV1KYKDS0CTB1a5BUzZMlVEBoewe6DIXNi9MO3eQ 11OvIOCW7A6UCaOyTZnF14QY236+bq2SaNvalk6n8WNZ2t2eU+kHAVuA8u8rYmMRb8VEf7aRDWpp ieH78RY2uB7XtHTdTjZsE8tk9d9YWtKqr0dA2MLnfizLMpClMZty7+9DzB6oOF2NEkJTsE7AcAAv c5b5MQ9yHPXuh9ME9A8ajYJFVOb8/x4QME9hB41Z7z5LJuFUxu20vJq8uI6E8VCbJtyWEBEXvg0r TbFkuoG0qXVUQjthC+iYJcH1Gntjz8Om17kfYstVfMQrrrSzMqm12yJjMAYBy/NUEXOMl2J+Is+B AkK0aw+7dGtL7qv5wShJE/YxBJMqKQbgWL9OQROAuyHiajCYkzAD7QBmsNLWs3eeTxG/gt5sdG8F eg+muZ4bUQgTng/mUul3TcKeyt0T21CGGrhUqh28jXmCtVqTUHdrS77objhshA/5XsNGqPPHDRu1 cGOlLFgWKRCO1TL7WjBYFw9oQbVc9rzIKh0RJqgfBYs0V3cbuhJZae9bKiBZAy0bo2ovXJEQTaBH PxERoRA4kDqJIpgMYA2s5owVZZbAcJuwFYeFcKtLRQFST2cxbZolStwdZqk3fIjegMGYhVDDA9XA rFW5ZIkfccRFyoM7IhB9mYYTAKrU6gChh0OuGZuKkbvUWYLuPb+3VIzQx09C4cHg+1wfBz7/Ar2A cTibw0+/ADHleqcaCRFP4urMF/SArhXuRQGzxONrAJigsMjX5uaazqu05AG0IgSz1F8souuKTtHx arYPDh/3oPced7TgS++fPaUKIf5/TYrxuCd7RpZr0C7Dym0FWIT7BuMoGYvpovLjEsa4g8qhIh5L Q02PznI9p6snz2j2NPr+9NXJ6M3335+dnI+enZ6foUs/KtkO3Xgr+27j3rqE5jvxlZ/xgwqQXTYF aZ2H8DOAFVqgp0/QVTgp5nzyGkHBz2sKg56HnyqhyDL/Gn1Ip9NRMQrzkeBLuBoJm/lFeKk2Xdmi u64cz9hl5az1W36dDznBOVdtCIT9OZ8YkFIfvBVOJNcAiG+nLOfCaj18SGzUh8UepBnXyCCkXMT5 IgHIBzAsYQySy10eTtCr43cvxdSOzvkyHDPkcVOQgsVKXOxQikEmHwkMYKYGYMOnMezg334rHTDF fv5bybLKy/RzSSBz0RDaLWkBSoXtremkXvMaug4ODgSrh8DVd98hYh0KBr9FrfLDHhIrX52+nw9k bH9FlulQx7WJ5aEnTxC1zN5f/lKfSXzzDdLDOpTDmocr0L9Bp0eob/7SXO2bV7hH6D4LgmqNHY9H qDfbwR7VOqSeKykY4ihVHm0u+2oo+OLfecXbwrnflUGA1pnrtsHX1UYGAcTRtnS79JptKrHaHU8D wDmgmt1fexpgm9TaHAS3TQ93BsFty2jOwCQNxml60S/SfuwnCqzdFYS1hcumoJn6v3FdNFgonFm4 c6gs0kGJVYANoUB63XR4zfHOZ3HEtQxHAr/TSJEcW47fqagco+nywMT1pYlLYgXcJpo5S2LUf6aA OfJGtzxgA/oqB09t2I4N2dhw9hB1bOhccxubZpNGSeLR+98R9+X6YEIy9CAf/vfgIfr5+NnzFy9P z85//OkX9P7g59Fx/7/8/qdflv8w+t4vD98ffj18b6L35nDxAL1/usapDhU2tcsIU3s323T5zxho bTKsVUE2MTpPJUAlt3QQ9xWnYPuGyXJX4UeY8bghPMTeQ6+COtfpVSh2vuRcwCajpYp2rlPiNtdF ZQFyIa6uaaC3p8/lFtSR1Fl/2qzFdtttr44JroHpj/ygoD+5Tvw4VBQfJaQe/Wro+z9Fj9aRbevp Nyb6vYd2/szAnhHBMLC2n64iwWqHumCnrYToBREbaPaakcpo4i9GYQI+kvDY+Fe5gWvtuCaqpvzX GGzyfgQEpdFlM5AJ+LTrw+Wnds29TwGwdcEx23U6T2dtF7dCRuA98bMyBYqaijPMbz0MtYBu0yPu AnWMVjw485MoHCswjtlywjVQWIqBaKpJc+89fn12CrbonPkTmIamoeIYlGwJfTiGqxtpx1zFMbcI QmPGHVMb1oRi56i+59SYa0dEpDUtvM7DUcdquW+c1LVeqGKz9egoDXGtQnfSoY6lDcRB8TbbFEB0 gu8o1xV4UKe2NhUYz2zacEnNSp+DpVlcX3JTx9HGe1ilAK2zSsGq2GaVAohuO3VsWYU35stu6fAw 4b6iDOPwQ92dyRfWUpsIhxsgm8l3TO2cOpZk5Gmoc5pLT/JaFUC8h8HkiIC0hhiy7SwDQHRnGY5D OzVkBw88VnabWSgmoCVvNQMZ/PMWM1BdqLnFDFQzcJvXcZgUt14VFZMwuc2KqExC4OH2MOA2bwuJ gKIMspfv7+h9fwebW6nHppZ6bHVTj+1m/IcHtxvkY7IP+VjnbTmYm9xbyCe6qz6OuFjXRb7bvK/B r8CI0HLEb4KrUkSMHQ/RmjwRvalDTI35qgJojVdidV4+AwFs+kAVJwoMdW7Ih95DIK5GtFQArWAR r1uwXNqMzugMDM/svFCpwaDTDJsweK0j3RkrFvz1C8i4Akismw2opxdZj7ibB9SjuhN2x3PNbmZa 3sxS1ONYiT1g07qZmIP60Ik5FFsdLidU6fjHphw4UvnAJtZdaO243vQqHGd+do2sgcnvDSTsSrnq hE05gt/syGsqZj+bfVKkB4u7Vhv9egDR6TNsWZ2XhDQ9R2EcFvkX6pu/iGFfpu8kGrXtqT+t91io zi/TNyiqCZt+sb6bmnZvDC1fak8MGl29Lw3gUy/8zI//jEG0nGb3U5ZOR2UCAnShhJWwxXfLm6hX S7uLQjHZuFkAgJ4dr/NsRMcOf9B3h/gBdoKru8EHm4V3hJHyjjByVybkTsxHzOJFsLi+A4yUScNS v518LMqCJZe3n4+c3Rk+Khv/DrBS3I2lDvZzMM/uBh9+zoL4Dqgt4GVS3g0+irSMbj8jRc54JpLb z8hoxCNLI3F7/M5wU4UAwukd0MY1Rwn7eOumx2695AihVjFabOdmpwHQUHcagG28+TQAALTsO0Zn JB6LuyJtNtCEBZGfiZROCrizxxUW7IhrY/A9CoNCxI95yFH08kF086B6BlW/kxiKssH8iF99XmTs MkzLXKaEP+1YNlSI2vN9GnBNd3n5JD3gqAN3T6Wymtqn9XMm3UMn6YUT1NavNSYHo9HZ+Yvno9Eh +v13qXDV7rBXnfXVc3EgfvFHIpNH1fuoh+hhmIzL6aP6UFB8vYZJ4E9m1jBpWShA/PsS6vAxUBbl TOnqQJQKevd5D4HF6ezq2fbqBmj9zmsDM/yG1x/JkkwTbV5cT6JR5IPm5Hmy+B3x529enJydnCuN PHKzJeto3+1jbGgOV1UA7TkNNjsPIjFuXa9+9Xz0w8nZ2fHLkzMFcPWgdE9msKO7OYdFXpiNzGDd lTWMSfdZEKbyvbnlodPrV2ddWVMwli8YNrFpswStUr3MWFGATHaiJp1vF7A4UW6cHI1hiURqDJys bhd3xsCJpZUU4nTHwAlunjDyQ7gVNwmnRe2DmjebeXGArSGOai4dKgDaXAqYdN9wxRQ31+ckqFlS wLxdhbjJC/W0UuwaW6TY1V68xG53Cg7sWk1e4nw2jVW0WLotsc721YZTErOJeKEGSD7g34DMM5qX eD5qxtiTU0ytsGkgidF6XjYOc8VEIKbZfozdBrIkwWjX2vJiWz5AgM2/DelIpo05sNxHKL1QAFpv oAK/8KN0ltcPJes3YIoiIKb8wA4FYIT4sE8jliIWIbBgWIGmMC8RCicoLNCvPuwtaAH/FaNn7+An yi9RIUcZiNXSHzC6POvemL9pYAoovpn1Cw115h8Ub7Z+AUCnkYhI9KEXeGK3byexIk+Di3ShoLbp ze5vQEPdvgjFm+9vENvV3d8gttd5f4M4rdQykyhd8Pfj/P3IJFJg3R3tA96wpZKguXakHW+zlQAA 2tHA3bmyCDWaArf5JQVx7e4hcp2mTtKcIhOXdgtMG8PSFGvg2Jo7hLjaJwt79g6GaRx+ob419z42 Y2jdpdvpuQTxupPiEc9t37BtvAighpwaRlNtNxlr3VCkRveTCWq4srHWSOuQhzOeXWIOdrp4gS61 E7mwdvVBAVrnS1OxATWXnHLrkYr8WJqWtrT18nwXSqXTdKfz63wEzESwXBRXNkxqHgdzpF9P1CR7 MIpOEzQtk0Ag/8AdtwdHCjJ+9XaVWoG/jwv9KPxUETMJ88DPJjn6IIToQZVfbpGKLB/LRK6NjAtU bK2a8aHbR5bqR7bbsqemYnhwF9VPWK6AWNYesQkqcnG1aRCptzZTb2kv49H1tv0HzJbF7ZoPSQpT AYaUEBvwXw6mYQaUVZlRUCHyiNdIDlutD078YC63DicsKcJpyD0i7gDxJ5VQnCbRNfwIWAuDyPvG kawoBVvHXyyYn+VAwKDdpy6n1jicPVDHac8kTDDg+2UTUrNt1B+1ur6+9LQd5VhCT9Gz/zw/Gb15 9+LkHfq3J+jZ6cvRyesXp8ev1/ENnrMH2KvFcd24iqBsiphQW3bwo7AolENCattN9cyjHGIJAr8K 5D5v4raJnQg8fuBd3UjuRPPPkjuBYS+5W7/y21WcbHun5C11CpMRuNqjszc/vnt+Aj00JGkVFWxL 2EoANRJ2vxS54vg416lVgD/ggO+f6fSAlx8+3hxyozbtykxLbbdpnJf5HAZdJz6OsUdqH+qYOusa ip1tStPRb8NO980/6thNp7qM0jqI3OSC7KP6He3zTijeqvodbSYX6nTfDqdO63Z4aRIdD3gfs2bb QhaewQfo6UbrWLT+rHUsMOy1jvFKQHZdx463SxD/T1jHMMy6ZQzFW1cxtp2uVYzbPpdtaQVnn2RE WwWHO8MfoKebCQ5v/XmCwzHsJzirNbmr4GBs/B8RHNvSCo5tbRccOULVEJxWjK5MuKvBU67wbUCG JeY+6p9YWvVPrK3qn2gz2lKR76VDcRLFlVpmdutmxV295dspNNNgzdW+7YNir+OFDXVNXRoI6so7 mqXUtPzlFTNhoqLex6YDaF2cm7pb8xxQV78RuhucdvXtV2tWVEZcw9nxHEI3J9BaRx4Uk445gSpd fM01iGQrOUoNbe3OS1a4raGAetbukwLQuogdFGvil8qkuKahW2SuaXbaGK6p5K1vTUqTE2uVLvYm s2JpI6yuuHqhnxVx/aLdwpavJThqTcvyk3lpMWRb3h5TY2sz77gipL15amxbt9JgXXcasa6tHN1p p6bFDjZ3PPLSzg82tUSKv0Oinx+sDXS52JbCf65Sg5veaZVkUCQYrbfKHTMNupjus6yw9lgAircu K6wXW9KZBN8Vm5P6VCdn7EKFwZ8zVUSruV2i09wqgFYxkm697RK3yczlIgNtLVuSLrU+YwuF1rot 1KW6rPUqgFb8aHcmLJe2/gzEaJIuMnXz2SMz85KbYWmYwyJeDIPg7MdfLXo6SPUWs/LnxsTfz+uL v5o3lPvnQikMPX6/B1iZsozx5Kv8L1/U9PLI2D5Znt29szzDWJEdrN3hQ3RW/aGu+nwIiFwawKO8 KMco9vnfkhAXZ+bpgk3LCMz3KbtaZ1bOqwyz1d994glteQf86he6Cot5dYWn5psnUUZjFqVXyyTR q1Tgec4ykQL8/1PeaWlYqoKDh9ND8a3hPgDB56tH2FH9CLuaqLx2zLiiquU1/9/2vv0hjWRZeH89 /BVzkHOIXgFBxEeWvRJEw42Kn2D2EbM4wqicAMNhGJNsNvdv/6qqe3q6Z7oH0CR3d49sVrFe/a6u 7q6u5o2BwfBGk6GDOWLRfLHShu/tjx51HdZAjdNW++c25KqN0YFDGXj/2+7NfBtbHE+r+yySMFBB ijitzewp+feRmG43qApQqNMRtBU9ijjAvgOJDmxPNFDg/GY9Y52sy+tBdowLcQKbkt5VQBe2GxgO HBf6ryUtn3Z2jJ4+OzvF6GnbZNBXTrV2dspLbPXvUEi/uH7bKWuO5dU5a0dvzu5sGc8Kd3a244uM 2MnSzq45eqdGwj38eKcK2NmZd1QKJDCLcdbFHhrY2VlauUFDLnU0wPPzg7Ey1L6wW4oaOsivUGwt GEVQO2VSeIt4A1PwiqQpk8JYaPi2zYZovCj3f96y7Ean/yDiRqRIuxubRiNidyNmxQZSojWzWzRn ZrdU1ETbonlIoSo/om53S1u6ugVwct0Cga5ud0uV5YoTufq1NP/UcyZ/mcqYDt8/tmVlM7M1sr2j R5iZkP6G2cxk2V3WypSqeEFFDDW1yKHat7IyWbGfjMzY4ya8Vv6jbUxWDQYTkyN1FiZDLWZgqlpF MSr0SmWg3uR8pFbpT/qNrddfU6tgfv8T1QqW+0mvxPRKUC3/6YoF68GsWQhrUC2I+xq6ZYaXKuzZ 7K9jjUYvWS8pIBKU709UFzvRs6qRMxq5yltWu5vFR5zt7G5qD3gBrDngVQl0W7+7m+bjXU1p8LrJ YOS4N33741+nSFPfs2//Kk3kQXkoYuJfpDw9DLrW5R3vkWWSzK/Zq7PjncZjzK9N3JMymV9Krpc2 wsIKX9gI21nE0epbGWFK6Z9MMdUUi1XOf7RBptSGwSxTaXTGmUKxoImmqCHVRNuMnV3CNB5d/m0+ 6uzy1t0s2xeP0j9JZ5c8v8trnmW396Gu/khnl7zcTzpH1TlStfxHaxteDwY9E2B1GobjFtQtZePZ pUa32PhK4+yRqkU7hlWzazc54D4Q6HzA1LJEzLV4Yab2wHP+ImXRB7xfUggshm9ipuuft06kAC1/ kRLpIkAmiijHvA/e24PZRLllulveWuoWeqRCytrr/rtl3TsgKoHO9263bH4FxFCa8l+kLN7g1u5F ImT9ycsDM35vZHvv/iIlmsJk/hcpymQwcf4iRcGVwZ+zKDuxMD/v+rDuUJZuW6WlXYKlpVu91r74 sfWYpRuFDjMu3Vh+l166bYkX3hddupV3F7m0/c2WbqzcT0u3yNItrJb/7KUbqwfT0o1jtUs3hltw 6UZ3OvVLt62K5vDgbhq17rd2FgyopNOVcy5/7tJ78Vcs0e6DQk8wEY+5AcokLHMDlHHoQk/MlDih uxRrEIEPKtjO1pIacKuy0P1k9dIo1Lzp0mjkEzSTNbt/rsPP7iGvog89m3ejdLciX8dS+2alEg0o MMI9UZlke+MR/RK4tXPx9kZytK/dbW08gt3tkvGu3C55+8ZCRFJ5sG9eT2GIKwb97qPOh3f158O7 GGpKexsLULqDreLGxlbR0D6Aq+jeaIq9ewyEu8bzZZ0Uje/40jKYp3dUxva8OJlIA6vpgHsxD3Jk 2l1umGKWd5cap0GWfjDXSqR5isp9Rph/YNYYYFyldzB74hPpwbStcm0u8bonkuvsYICX573viTS6 8QdwOWZlpFCbG7F3JKHPDSa9SFNvFrfnNvWm9gYiwOXwjtGups+Adzf6ZhnY2tSokuZZvXt+0jyg 50HfQwN7/rWH0Wbxkv9sBpNaVMzOIxQMsO/qNAzCTSoGcXodQ1FaTMUtl3Sas/3ypHvcqr8iQ+se hpl9rex2Ad/WEjc8kVzfF8tb8+54Ak1FNx8AfMcYhxaQsXgJuG3gjsASvB/01LJQuGaToHhgZtAw /ocCExfplVub83vllvbmEMArCb2SLtSai2MN3N5sqHKY3+osbmzHQ9tOBhYul0bQ0JLNr3LJ5599 d6zW4vZ21J74LfosIhDtbM2toO1dfXvvFBPaeycWihV0/NCeOc3xYFbqsrCfv6ks4sLX3CH6m2UY p/prYAhPDs+KFHrNTsEoDaXEMQ6lnDo2rZDyfIcgz5f2qZUVK6f/WCsriD33x2MeVTLkgxUUwybw pjpkQ+MsDdMsxYAf4x3w64+qLOsZbWBYtIGxapXyW6V1oHZ6Pi4NcEkHtmq9dXrYPOrixfI2GrVV KwS+bNQOGudtFXjcPH0Vo6y3Tk5qpwdtBvwhWhtWCtYXQ8fN3/TuxvmeO0qlFDzUZgXHvajNE5i4 sYBzyDA8eGFB2okrKPOD8RxiHxbziwqG0booaW8wAY2+KPVtcWNR0nfOR8+Z3i8uO2S4ndziH11Y Cw1n7tJs0lgyMfXd3qLZmrnu0FuUGFXawjWP2ihJMk1Rgpph72JkOxQxjWNxQgbdfGePb0Vwa4kU 45PA9PSOaQfsJYPNnQp+ucvZ/X4x38bNGoRLoOXEjPxhVAwDLS2mFBdTeoCYzbiYzWXFDL27wc0s IigALidqqhM1fZAosDGjVc1Ai4i5dcbOdNDD7znbG+XYkkcSJkH1MwefFepo3Fr39nSARmDCbEHz hN3r9u67uI3Zr2YHlZ1KbtLLkcWUg5khK+O7tH+XQAU/XMgoGCRdgFazMBvKqLE3i8BYOGOQSL8D OO4KdaWIvQqTM77v1utdzwFwBEbBTiLQw+PaUVtDzeA6jrMzE0+A0XNpGXS0xweGBAKEhkeq/zif jNTwYnx7E6uE03CykMMmXgUb4UZ7tCu/+6W0oYzFV6eMSPHIloaCRRqoZseuAqc3ze0uXiL24lzM EScOV7wLYzLFkxhxRuUZbA1aeVZag4ds6qGmErDoN3E4e/BZC8cHlPUI34AwMYRPJWjRgSuNFslc 8LUoceFAi9VmkjtrxZqKX8bQMuAFag2CnR3EJWGbachH9kQP7d4MPjh9sJEmE11Ts+dt43DJ3SaO xPNmDZRemI3DyTNLBx5r8sOed9XCmbOMFsUuHmhR/OEJDS7w0NCiAmcHDRJmSx1U347hW5x63N1U C+/7eno6w9BibpiO0GC0PZJdWNWBPUefNN6siiPEFTINir0UGUfc6/XLfZKC4RGp4ghyGtKDJ5Eh CrN/l59PdkvdooK7s+8dmOLvu2xDJAnXpV0SlYIOqNnscKfDsH1hxIUVzlFQLDqp1jMGg9CAZe9M mZAwJkxi0UgKyqOnoNGmx41oOjPgnJEL9avFgVJJKKo36/cMcLAvjTxQAUYc1I8Jh1N4Es6USTAA BxND2RFJ0ePNaO8uCQkjyYxNqDr2Yokex85p9Dg25HS98jdN1blo9BrN7NBoSyBCqb2J6w0+SNos TBzR/WGXvbGjJI6YYR+mM/qBT1TE0L91lb06BQ/2f5etdrq44xjDgRU1tbuwlOmO3L4P65PQaES0 B3JvJZh7/S+yu0TGJ/bsrnt00j46POlUs5FHtxSiRWhOTyT8eGTlXijos8b5sUQwcaZDBd9unB6c 1JoBjYdEnjPu4z6JQvjTUaPTafwk5yZ42Euh4+9gSWQcYuV6gnDq3nZrP76qZkf2+3cKFFYc1Szb rVXgB636i1brVbfT6p7UTuV+EEVDJpsxfPO0c/yi2W4BJ739pSDx6wyWX5SwBnNeOz1uvqhmQQVC 31EIemDfKR0kgDIFpUBH9juH/aCFiMTE4jV3g2ieqOar2bIJi2E+56A5zY6JhoIeV7MlgQeVgRtG XfcGrPNZ9xomg2q2Upbxt0P32sZV7ejaHXKzznP6Vm5s5Rwre5nNeoVf82vWm9qL+sFRs925+PGt dfnsTbeW+8XO/fY2+LKR2327drmaKVwWrctiYYKccjoU35Ny48nNKFCUT2wsE85z/WnPieJ5vtFj Y+r13KlCwBaCCbpIXikmkYHaxTrsqu1LYIr+Fgezx3uqWXQBiyDwEaQ4g9pLjFjWAxLR82h4L5Hw PLBVsEQVOn+EyHodlOoEN+nHvQHMPmInBaUGY2skrC56v1URIOyXntt3pDEyCrQ2Z6F2G/FxNXMD 8Dd/JVaTCzTrwFiklAL0PYwa6WVVXio6tEB0r8uefalm2fMtEsr5gA5O3T6uVwegTnI/DtdzDJjj QIlaLHGn4RaAQJJdypxSgnWhgic7BWnQ6JDWjQoBGA59nDhhLobuMXWGji1Wa4KQfBK65JPQhekT aySSFn97oItVaUD5xYoJs1kyYaTuHEfKnfl2FtbX2OezWBG7WGBUjocekbigSYDXofWA2ELB5DlF aJgPUd2rUBB4O5PAWkHRjU2+1xn6jGi3P2nnM3ha4KxWfwVdy0pTscMnB143ztvN1qmVprOx9IPp 1acLAmjj6ACA9VeNTve0dgLSJAaK4Nw6PGwD8kWz07Yq5TD1c5iNay+QoM05QX7hGJVpKAIRIKF7 0HiNE/BB68RKF2BhxU/B9YQXCqUfJaXXsoPjvrAgL2uvG932z+1u5+ezRrv7Uodqd2odDaZzAJaB Dg5lPIrDTxonrfOfTfSapKGmTJnqHAAyDr84han3IA6vHR+36jUTfNGCmaSDcXiGyq35SyNW5pPa WSzR86Nf4kKOmyfQVTRwyCD0lhj89NjUYidUKm2lHTQOH9+OpmrAnnJWO6+dxFGHDeijF6fo4tI4 iCGh/tpGLCDrP+qgjaOmFnyhBeuJNbTQS8/qZz/HwBenmqY8u+g0Tl/HKqJhgLK2jNezLkGo/frL cx201m7UT2JZAczBhQ7aaV0cR8GddqMG4qPgLuub9dbFaceAY52ieRjLL8efwiopNo7rLaU66G9I 5bTdYWZJpMfXIIHTw1aXPy0fGxGhOSEr5FPSqvjoebydO5pcHdQNCBgMB3KNXbSB+GfQtM06eUZA +WOyjuFf66xxKiGS9K1pCImixzCdxvlJUwPXqIdzGE7NI1QO7GVNkSHU5M2jY0ga5ov6ce1cGW3H zU4HJLHn+bovW+1YxVy0X7bOO6R2QJHEsMct0BZxJKpFGv2Q9mkDZk0UYpWMeFDsVtmIxUTmoBnN TkTJtBuNV61onl/TdBwviqF5Dlvnr2IidMAfAYa6MxGpw8HwapyftzTj3qAj2o3YmO9gx651Ojrl oVMGujkKtOBJ63VMVeGIaZ5AjR/UYpkB3PkFjkqN4jun2S02EeJuRQx6Xmu2dQmbplgo1SFmSjNB BsNpYVX8Y63ZOYvPCQgux4Q0j2r1DlqMccTZeat+UmvHmhcttNgc0jzTlKkWq5cTchBd2DpLmqXR u1Zv6L1UJ+/ADRf0xSH0Sxhg543jRk1pHxJGAgInVlV1IrjewhoBpa3TnaGNG1PEpxc/cVw8vyFf t9mqd7BbpyTnPXYJb+Ov5qQn3Ja+urPek7fUk7fUH8Nb6jvNh6cx9GY67Jf5bOC1lnL5uw34bFe2 lN8bG6VipVL5bmO7XNnc2i5vlbeBvljZ3v7O2vh6WQo/Pl7ctKzv2D1mM13/2v4W2fnWH+F6Tt5T eGkF7z/jhlc+n7die9QpQY+nb0uQ82fbF2egeEHWi/aBhVvAoD2vh3gpkk6BkFVzMpSK3QdhhXLG 94OpO6aryKBZPXtMiZOTunKXwH7/DhH4Oy4LD10whIpnZT6d1F41PifKeNZD98P+akwYXkXGET3o BVch2AEgjlnfo4zBcLX94SyeBbwX6t5Y0g4Wu8H6b9+Bau3HMhTho4nVo+vMC7GF9yr4GSXdgp7P x07krVvfnvZjKeHFrSgDXpM+PgDrWfhMszvuN3bPWSyrKMHB48aHi+BX6vrkK71Qtnm19uyJfT0Y DmYDJ16x2uK60CXRKdXCS7Uz+N+Z5ryJ0xvcQK/AjXlqIxAd+GB7JlHaTin6nracy42J214P4fBL hdet4GQm6K6W688m/gyp7Tx81zeSxEeON8bmeO9Qb8N4Cx7nAXS0HuhqNlmAVJ+ef3Mz+IBEKgke n/dmElpTlTxB3yN1JeILBNk1ZhTPme1ez5lAI+RutZXozT4OqasE1zZ9j5m32HzIAUmFHOL862PI qGuGO/c9dqWpP+Y1O5k66EXmeJ475dRWrqFmBc/uFfWJgGhumZ8Eu3vEnCd09U491h7KTepOWNfV v7SoExLf5E96qxElVMoRCfTaIzf45zFHk3/wDLOArqfLXG7v2nXf5WZubmSPdTm4sf+NB/v5yVCH 5fwl9NfVtsHtaIidAPHsRoiOCsqYk8o4HinFI3+PkAEIRxS7wuVhDFRCaZjH+nkXuyCMMOw5vE+g SYFn5tp8se6CKdECybHOmnWky93Al1hHZxryoxU5vCSG+JmmmpJw4mGdGv/Uj1TutSIqSPFlUWmZ JwdSsm8qtnbabsLQ4JFkRAfUKVipHpgi4cysysZBf4703DGnyqEJ705HfHnp6ZuGXS0gm4u+RYod PhGurxZxgd+g39jL4wYkercZkMxUSOQ05SlwYzTnCSgMyCCUgBZJrhd6mXSCr0UFr3UxpwaDZI6c V4X6+TuabzOV5IKemFf01p43/0anw2MebqeUL2Lcg7HzXjM1Ulmnt78ZqoH5iZqQ5AZqQAb+nKbe RBVs7hBgqSzQg80VK3flxzYSDily3TTkSLlRoadQLlXolQvdhjCh8EKEEeebcQlsJi5+7UCPoxsB WhTz8Ddo6iQU70X6pjbmhPnHG1HMrd6E7vtGFHqya3HcY10/mUrXhpIIxOWgJCK8XqTXouhwZMZY LDSRjfMTmdUios83d5SKaYLA04sibfEzTm1JpINOo7rD887llonc/yZxxce0HbnMG4Y5alUhaYzE PS2duHulH0Lk0qtYdQwUGaAL0n2Q0oo56qqk5AiLdPQlxMECHHcacO0iSIr50s665UZM5J4NxrV7 66H5cy0McFaXVs+z+jZ0QsuBNfPQggW2M7NuoCRDa9DHMFz/sqErWBP4N+u+OIeflndv4ftCEcUU XtkyqQx+b0df++QfzmzHvn4oG+y9x04TQSc3dB/mh7/AVGpOIdmQNPOFFqWg0ZqWwmbSi4qEFGSe rNYdjGlYUFIV0uF7dO4MLsXKCgrbh/Hn76wkK4/5SsI6GTHMYTLSq0HtWNzrTzemmSOgTBFvXnQk TKYoVhLT2CwlormDrUVZiSWA1Y71GScrGeQMNNNMTAonKhtkYJnnCwmokqQsIUqQ7ug2Bmh/gbsd Lrs7wC6ZahuPXw/Tz7nsTq5OIvlvz12SmAcdfzJam1nEaLNqxMgPFSenqzxGPNdIZhFIk42vRAGe Y7Slhu+n2o0Qdu1QhxI3BueZZ+YsaVdK3K7Fe7Ymc1jc6DURsNvApimJ3TLVYpWb2rpS85vBOhS7 /a0VS1dnTZmVF5WJzXcTZEq3gBMz2lzTPaE7ssuW+k6N9zMNy3d+AdeEDe7gGqpmrE8Qb7EYupZt MNfYXWtd2wjXe22bYqMbLdNI2EjtKFH2cR5rmwSxB6MpJcQUNGWKIvXpKzEIo2cs9yIx7ozM2ohx xvYXgcsM+xpygLX5Qlj0M30P0Yc1Q1oWwEwm/s28+dbXBBMThKGPjzE0l+qCMDfo1GLhphYMNLVY iKmFgkstGlZqoYBSS4SSWjqI1JLhoxYKHLVgyKjFgkUtGiZqrsvTQs5Oj3ZzerSD06Ndmx7t1PRF 3Jm+iCPTo12YHuO8lKBCzlodOv1bRM2kYGDzdJR+FwtaXQ+0I60U9ixxu8h6FvNaWSXuA3bwRBHi saDAyf0m9qzpuA9z6gf87dz2rdng1pmyJNvkC2JioiRg7WYXremoX6xsWKP+VkrryfVA/x+5yr6c WOWD/l/bW1t6/6/iZqm4WZT8vwBeLJU3nvy/vsln5e8W7e55d6kV6wgHpI3OtLY/c0eiYwpHXBgO +RR5+vLg9APmuAR2IDvAxYOinj+dou0VsLDNY2CrCzcBOkLGANh9vyc7+oL8dXSOuPGH3Hy59m9h tXCbWpEpBh47YWauiy5ZnIMZeip7My+fShFb9cbGdxHaLxvHx9XMJ+7QS3/meJE/041krzsY38Oi g0LzpDMbVmY/nYIEXzjWCxefIpH8A1KQEguPOrbSmU+/tF92+X3H/4Kly+e09c9/Ws8c0ONYGd7d qvUDOWuN/eHQKv3wz+Jzeh0DRn5IA3+cXhwf108OqnspZ6gm8KKmTQG+YfRXcs0wpyFTpW4GWKZT fIXCvWH+UsJvJp+ywR5xqldO786FZDfS1u/ooZL11vNrby4vC2/X17NXKSy882GCXhN7VvbymX25 mjUmDhKRtoo/UvRCRQhjLYM5mo6s3A21ZCbDf+UhX8FX0tiUqR9kCORjOA4i1HJgIKQUZkjkZQUf OOnR0yP/8ulQAkwX6mAH/3N0dvbcuobeSB2aqt5eZb5J1vUqdrURPt/A5yoShucNPaDBR0ymDj2M cG8PB316PYKJhDXIBL0RPHR/QL3uWc8YopTfKK/mQY5o6Bup4CLLmM6BO86yxyCgtPYM1zfP8Vy2 T3C8aE1vwpB4YoH6HY67XjXbm1i5SRa7Gat4CUUVhyiofuptw/Gi1RjIGI6lBlUSBJmLtGiKOkLQ +7qTaprXBI27Nqs63OSDDvweX5OBLuwNqKNChp8dtlpV+P85p4Cv5jFg4wkphgGgn1K+GTTsiSt0 BDT2B54NrQhaJBMQWXj9BR9joUzCoMS/+WD8e5VGGSA/EVm1/txifij053PrsyynjhdlFUkE0cki hCyNADF5dGFHFYggvUTEqCIREpNZpytvqlCC6aUSShVLoIhcqI0LvNQUqUeEGeoSUZH6RFA8v63j 41onlmMGNeSZISO5ZsCY/NOLk8Z5sx6Rz6F6+RypyufAmHxxCVNNIADrUxCBIJQkAiimAT26edhO ke7DLW/Lm9g9mDxhzJEGGzvvUXXgdDpGv63ewHNgrp/dgaZxp31nSrPCeFjNprIpkFRNW3/LEIRG af3grNZ5KQ8TBpFLwSCaAjBEdU/knQEo26gYrAqM4eAuDQ/jkhabDurmQmQTQd0sUDYFoot/ZZGv WcwbF+2GxbmyCI8sttVFdXTxnA6Kyo4PsbDB8ligSM0DIrri3dOujCOr2r3Y2jNKVNIRlSJEmzqi TZkoWH9GyMRaNbbGjBBOY4RsJRkh4yvO+Dpxz7ywFDXJPRyxMrnvcq4ovpUssUJMp7h9yEJ2pi9T l1cZspSy7Jh6PBuADcfMYPg5dUcW7usOCWj3ejCM2LYLzkYpg12cukDpexYYnm9aZ3gRsv3WeoML 2rf5fB4Xprm7dSuXu3OGE742pbMnZrAgdJ09uUZvKwP1a6QOzt8FdQAY+6NrZxph6SMLWc0sAWZh gG3jgo2BRXLJ6YvKyVfKuRyoDLKj4ONP+mjMsspBcx5wvJRsM5AMTg+NT4D3B+yNBhSCIqtY2Dd7 ncbJGSrgt7oHpKT6ZosMuRLZOgSlkEw2iB4vlZ/lk9xUPZagt5fKyBoqSsPHckjFAVE6GtghFTPn IjRBlw3JAkgqdU4vmIENy3wovocvOVy/IeH+7djPu9PbH/Jp3pd5P8DezG5Tqhca6W5luDVMa7N8 +KLjOjOEaY0IGPReqfGk2H1MqGV6AC/wBL9MX6axMJOPU3pLsLi7W1rHn5v0s0w/t+hnhX7u0M/d dau0sbFBP4upw6njWG33ZvYeXRIPXX/cp2pZt5rjXp5dH1WL4fWmgwn55twgr8d5ySy0TOJSt4N7 BzeF6NgNX2hC7wrPC3yUoRDrVn+AR42wYHBoFh25ffRJHsyggr1prz+YVvOp5mm7g+ZbWuNCnsZ5 +cYau6zTYg741Q9WpZhBMPmDEfqeT97ojT117/EdyOB60Ao7z85b1ouPMt27sfseVxdMK713TCnk sUcgU5dL9GAB+v6O5i6czTIrOGdvpPouNCo6v1mZIowYGmJr1TW26QUiWFPD4hGXhukPmWIal4cf Lp+9+bWKQdqqsHQMSTGSU5SUCKuXz/JAzYlpGmDfwGjo+6PRR7AoRGpp8QfIS1uZT8X/SsOy/XOE 9zk+MZdbW6Xfa6uwpqK+Av/G7gw9X5i0deggolpgYeVhXV/D2uSjhV0C9eRkOOgNmFBcAfLjLC/P ILGKpHUFpep4di8VrcAV66VNm3u3wWKcjxeUJxTr75KSDb+HX8W34Av/zX6x9mEr+im/ms33PeQR bYFFkQb6sZvjezj0HaT5pCjSTAwaZTruBE5e+2Iq+p1/X8Nvry05fxlFN6Wf80vngQRe1LtVvjBG 3Uhvql47s/cOtA+fHXFABuqfSD/Bf0EKODXtFYul4s4ee5lxz7JH11AKF/QFq36YhIupDkx0MM9v cKFZdh6HewADco9i03aantRRZH8hqaXn1Is/Wc+oEoqrvDZgTfsZ/wVVAuX9nX3B33e6+iS7JVab bJ5H3j41RZ+zsl2zvYCM1NPv7Av/zX5x8nCUyVfuq+mMcgMfhnhqzggJWowXB76Kb8EXU5L8Qn+Y aHDDf26yNAgDZSAezWXaQttt8A0p3sD+GM2b2/HgN3w29Av2nMcLntN5LFZyKCJ2EGZIsJu5YAxn YjCsRs5CaixoATqCZgu1rR9+CPdhUz1YO0LprO+/t7q1eqN1+H8UNoIbog+LF6F0YG3wiEhv08aQ yMggbUCJTAREASYy0R1pjDBx9QzdV+kFYVg++/QlN16VN+lgpOCObfHfV6kUr/oVtDROm52cSNNz enwvPpWqnRw0zrqd84tGNU22oe1/wKjh1TSznTww29htripZMeSWQ23e5eDMJ/blcwqWtsiZ+SSh PxfwShQYVjZDBVDvDkye1EGtUztonmPYvSqDpMgzKdIDceUQ75aSRRLvtGndDKvM12mx6rZWE3VX SEd6Kq1sO8xjjhAzCepWxTwRUWomQ9nfmCciQswkyHsi8wSotIw/so0yT0SMnEmRN1/miVBpGX98 v2aeFB1HVJa60bO4xCifSS5a1stLZVxMprzJNE+SSsv41X2peRKi1EyGspk1T0SEmPehyAbYvD4U JWdS0hkMlj4cd9EVPC0JIa0bCmF6OUodliV/N4+XUe1RWQIOzo/qZwEBjIxLCHh4kwa7UJKQQGmH coQal8hV/tJy/CVpKPIdr4X4JXLemMFeZchutMxC2mBRprG2NvFdbG4UwVRIh2uBDt+LzwgJJtWC 3IsY3WQCMdOHlvBiwdgH+biexJM6BIrZRr61jIjBzBkRUNp3WgdhtNKnI9nx/b0diVyBsQLAHGrD bEhP1ONVFodt0+PmASScZ5v8QfLkE49mIfN+vhM7BuhROLhlMR+unZ7N41eg9fthNnVGzvAjSLoe /GZPQTAuEsD2aPvjVtsq54v5TTp9y0RNanHUJnb9pYHL9/7F1r8yxtXds5gA3mMMIoIOFt1ci4mh 4WcQwkaquvMWExD0e4MMMVBiO3PsWLHO1sa2tI8qXgtfpyXrneuy0+jBzGObrvYQd6Eczws9IPKp DF+4/Z76hJmc2hMri520y0zmaua/n1t4+jqFRpqNJugoQH04IxFlrQ3Bq+3sWatolaziplXcSn1W sv/Mw4W9s2qhbFEC1scAwi5RpGB8feqcnIFtVy0A+DPL62hSvXrmo2u1tbG9jTkbvcPqwMVn7t9Q 14yl0PN+ok9asW2vgCFoFnKLAHnkB8EgfQ5JfbZE5UCCocxMJpdhEe4AFc0G+ikj+yqwc+5AG6Ea 6dljHNq9hEYkI5UlRqrEqEiwQskqV6Y22ShfwYflg328YKeV7Z0zo5y8Bu5wS4+NfUUU6gFaE93h 21tjj1/TQlUDqoQO0qPx64RzpuJ2IgtNS14UZ1N3hnFU7FsbxYISIfua6S62v+vhDiUqFVqOoCf2 TPLV4Ys78k1B95LC+n5hf7/w3PIK++vBt/XnM2uWKezjLwCwL5mCV3hzefnP9bcF+Fm4RYWMXPso 4jn7BiLoG6MnMYWs9QO2bgFzksdEv//+klZH3vo++QIBE9vWInoES4uY/XWxcBHoABOuiiSUe4uP 8cD4Gnuogbu4VNtf99Y/wH+CDNKDzoOylfUSgAWJZ6DxZCKwJBCpo+MoQcrXYVJ52EIsTPCjR8Hi VRpnFoog+j62oBOhAoUX5gkrREcE85qccUOmBUlwzVYVwqGCyh32ZUJqkigNbpHExNy4Ao+6WkUD RGB5lHsKMb+/TvsJMVyndp6E5u5b++u0DxFDs0jQnNnS07y4ODpvnLXOO/vreLpDpMHRTtitwvcv 98POFr6SJAHll0gkcKP+stWtRwGQ89xYBXUkGjy477YbGLG80zrfX98TmIPGYRt4DyjMaDBtC+xx 8wVi6Xny3PA3tRj76zEn20g5exOfEUXg986470JzTnoRhAsljQvD6klKjKovnhaBNUkRXJ8Sq/Ok tHirxFPjCE16HKNPkR9Ddc/OW0fntRPs4hz0OUbTrp83zzqJJLhnIxNYuZFVKZejnTU6DAzdv/FT o/GT3I9aL/6HAOHIrNUpujCmSar6s1W4c0dOgbnqFiiZHEkt8OmxQMd1MCflchgWy+6p+rl20Wlh P3yERH7YqYjEwGuPE4lxwBSRzLp9nFBmEQuxmEsM4vxwoZhLRXXWTkD1PVzeTJoS+AFp17sDNT5P DCfOSZO26MegTc/kHs+zlnkWprBq5XpWzguL8eOr/XWM3SUgGIyMtapU1mC/NAY8rB23Abqigl/A cGgf19ov99cvJZWIZuL+er7vTDypafAxk+Zp47x70jpo8FRWjHieoIqXGeqgxG97oZpg7zyDtoWq b5Ws3I9QEaEiPuDYkJw/8SyBgufNVLlg63T5fAsqKzLxIvLfPliMsuQ61ACWYX8damDk9p2qks+z M0rAyjVCtdI4P+ZTexCvLqxO5UG3/fVx2DdZbGsFH6tXHU20bg9r/w97E8xrloCJyPMMF5MbxUdl Rh6aS8w3EszNOBHFesVZs9s663SjTXl6IlUnxXQTqKOzo1eNn9tdDMYJDcF3HzFamjQ02Ft/XIYS Hy0mBwk7rVAS2x0VZOxNvP11Fj8t0tcMSPbUjFScI6Cql4r76x+dcEQBjF7HkOgwhvrpcVulY48j SvXBwqGEwucRBC8aShRBoBRJN/F3A8F6w1goAvHionmMDzXUjy8O8NEFyDSQKt0Bc51IUIdZ+biF DWz1vPztyLX6Nvvl0C/HZb+G7BcjcWb062ZKv24ZbtBnvxjuX0zKmOEm/BcGWeHf6Jd3T79mJEjO UzCbK/CjkxatKf9IecUKZaaoAoL8y6AzOeMTyveEsj2hXE8o0xPK84SyPKEcTyjDE8rvhLI7odxO KLMTyuskyCp9wZ+Q0Qnlc+JKGWhfwGCQINIRGqwwlcUcToaiAeT6b5xC08BwdMY9O+yfJ6/47Ani oIhisn7Hp0xYHnlK5WBH7LRaMNteHB42f4LptgG/5HUDe0Tm6PTi7KgL2WicognYjk6fJrLYhHrw 8ylu1XXFVKUJ+BgjhmmmKyY+tnplkSVlLcHaWdzID+sKX4No1rv15tlLmHY5WXAjL+/SnTz4xW7l wZdRf8vIjW0ks0cv9MlZp+dxOB+UgLPFLg8qWh6q7rzWrbVPupFui8h2VP/zWifbuvsLPlkVnV7i FNG55ZfIkKmft9pt3Ao9ax7jzBeVGMUr8pijAG4wtSfDwYztd+HO0WDmMy/CwRiDQw1mTs4j34jJ wOk5Ho8Y0feCs/wVy8MQgCKEKfN15fEG1+H3Owd3qw4GtwPo11arfVgo0g7sy7PcxU+4LQVTz8j+ 0PXwccvB2PGq5R0GRcjN1L6tFiGVUyYXYz9zn146o2WU1w4jOoRRMyMPexawI04Js2Y1E00ROI+R x76ZYdbtOTLQC4RndS/MaW/U96roiknefBmF7rlFx+fhBaQMy7SVu6VtSnEBiW3SpYtgRDOKz/3n Fn2HjH/+d9pSN9akfTasKOaNFFw/4rKW474ZKPn8O974UsmU3Kq1wW72RDKB+6OONfGnE9cT9+CG 9rUzpG7AAddgcvTuuE8Kc1bGg5iZK6R4E9yj9Sesq2KHZHGXkedZdIv2aj/Lb2+tM4QQQ36IYr/3 euq+99iVLp4RZRCs5uVCeEw8Us3eu3SAw7Zcg9MHC495gA8vc15jiBrO/Yw2t7N76EdV2H9j536r 5X7pvg2+0MO6+4W/X2dxexz9edQaX5VaKpeRBga2Ik9C7CX/xvwzgh4ZbiX/Te6naXoA+MYyy01z wbwlVW45Be4Fs5Aw3rvU0c08U2UW67+s4lVIiaM7wzpxCMSBHHLCX8AUG9hXYZ+mQ8RF6kkd0NAa KZJwM4BOYNiuF440/KaMtac6NOHw5ydcHzKcDA+1PuxRg7vQaca+w7Qxv4iXdv0Zkr3Zg9W/9Duf z799m14PjheZpz859Acc6LaSF86vYabQzw7aam2P/9xbs9A5dzDGa8F0j4LC9/Iatqgf8n6nwLlE WIOKu6uiSL/zM4b1N7/uvV3boxusEb4Epr38GnLwQ2rK37dKDJJSShYw4OUmxaWY3ahGT/R95noO tsL+zJ10xV+o1IKtkX02XfrXwcHVwPH4JIIeWnSzhfrwT1IW96zsT+iX/ebXwtvL1UKBvuD/a4W1 TNa6/N26FOXUMBYKl6tIvRjlIgLxyrFKlKefdCE5j1jFKe535hUgC/o9FUxH2cKvUuEuC5dS8eB7 pvDJ8iBfxcJz6994fAeaB3Qm8iAtK1l+bR5VsphVgwCvAIg8gqgnBaqCygHNRdfppEIFh6EKPi/p kU+SvxzhaRTR3W50Av7vPf51Fe/GDsa9KXWKwEVD+5EJ80BJ3RKA5KxfFSkxfeTxJ53xuBX68RVe KMwWLi+zz+k4/Sdy2STO58zJ9HlwCrufvuImC9ciqqgUmxLb7wYT66DVtvpTvMQxcXqE+O89tUAq NxUPC5iKlygj/VFQ2DhxePgsUabRMYAdKqtwYlLdSOi2I1cQKJq9TlFNF5ii4PUXXMT/9TJfQCWR 5gWuWel8vpCmQe3YvbvIebQiMy+ScWeerIdCEkkbFWgArIP09VvqfOElciWjQiCblEQDMe3Dmia/ yqaw4GYMq7roxIdS0ootxxILdZlglYy5GI1UbyBQKlBG0scwd1IzaLq+ZA8wgbwoak09T+nSDkod 3jQ5d4b2DPqiNbFnd6IFAnKeSW0KKY14lV6dB1i1czUfDuxMbGT3usHNJEEd5FfGBWkpNEFiQdt9 kLQP6JoPOUXZRPy5KhtbUjiekDHutqUlqjDvLIvFFggTTnF7CpZMzizrgdGAIRkmUwwNTtGBwcC+ EndVsvz1JeXq5rNB3smvswuPJMkPdIyzum5NHHeC7uUUOuIaDfLpZDrwmL0OOe3vEQ98CmvClwIm pLmBVEI397UCtmCQxy6ZQNW0SQDZRmE/5yYCn9OW+oj4HqRV1BAvaWZd8BVs4J1EHmzMQqObZfxW J3tPaDZ1nHXLxfXNe6ggjmRr8mmP0NzY4HkGOaCKcBrYY4YxhjANVBenEUvVoI/fWML4y62yThZa hYE6F71/NawV0JfXnjtEW+lZz8bLrdCaMF3k6IUdMJQ8i7IisQTBOdKZmzS7tR7v1qVN4WjIHYVu BtjzRC2B8X2T4J2YzDTHKTHMKquIG1F+Rf+EZFLEESxUVOFiLb0QjSnDuXwpwaEiiymlgkFm2/Wn PccgVLDKwj1HlRAadFEhukbZrPwhGuVmINqDX55hC78r1pl0/mF8l6Tw6xvrb2/XXqNnBX2rFj6l vMLe2mXmGauv1b21wl7hOQd+YsDPEjBYEAjQr/w6ZpUEXqIAtDiJOFNgJBIBgcA82ZulkjYJcGsv orv21zMRSOhBxJclGTEPhn4M0qolo0x90RNehud/MGRa1hmoV2Dae+agE6W6rA72LvBxsmAyURaV i8xto3srECKSlW0ksWXCUlHSYSC0lbgbcegLyA78I86AbJ9H2dXBTZ8JRgalKQh/gepK1yzcYrZe sF9163Xt+KJhHcDa/D1tOK0wBG5i4S33ycQa2b2pyx342GvAfVotMk5OyOJls3mUkdJ12DxlHK0E 9vScRDq20sHjwpQiiUvTDqZH9437tSoZs894P1zh3xgTfuWILFG/qGbx7/xaZv2yuHJZYtB6NWux bwfVLPSBLMuOb2EoeaiOFX8M8igHadobxsaaTW16Qs66HtoYj4n2lHW5pXz6hnxerpJs9pecVR+y yjPJRF5uMrjIrB9k1rxDw52an/ZorL/KHo1en2Azxicu5aXoBxnJT2bbImbb9sbOH8JCeDLb5EYp Ff8QjfIgsw2bjcXKwfOYYKKhgFuyt3tgWmVjBgtTnDBKUuLqqoMnRiQwmKPC2EJ0EQjacozHoJ49 /cgDCjq3U2dipZn9uCJNrPy4DUabNjxiM3JkxZi8dQwrMrI/BrEGLcjADBMu0LJ7LyVrfc7Dnezp TLcQzwgajTOrN5ym9ugnnQj2a5+58yj784X6Z/1zmrwA2fFh/+Cz4OK+pQGX8idwkddgnOtbpoXO Dfz5kYAzBqp/Lsb4GkcHQFN/1eiQ90DAqwVD6pqEow+riuT1iPrnSjleU+foeIi+AK22kg8DAnIi 4iTHs4R0kHD3oPG6y+7jBOJMGJAnPXadLPHCLPJCJ9M3CW13DuqBJRZIi8N0jUZuee2f212Mf9ju vgy49fBECehAohEgg838nQP02YhwK8AEXryNEOOVgUbek8ZJ6/znCK8KnJNurM5UqJEbOqOuyqPg pBoD2niNSUAj78VpEygjvCrQyMucGSO8KnAOr4bzK/aOx5T1qNE5w9iUzV8aCnsMbu5fJ7UztW8J gLmWzo9+idavBDLyHTdPQDVGOFWgmRf9phpRXgVo5D091iqPKNhcR9QHomNQASb1jIPGYbxnSMA/ nM55TI9EhYrXlk40ilaBGyUcgpUDqeEDMo0DRYYGY5YCQ6BtEKNByXLIzLIUpxfZDhNGn37fi1Zl yoZWaIV+KcMuGOP1H9WSyaAkndE4asYYQ1gi54WG82IRTk2SC6WoSXB+ejBBntXPfo5OmiHMzHlx GtOIEsjId3bRaZy+VvhkkHm8NGJ8MiiJj2m/KKsMTdAOseqRQUlapf7yPKpTBCiRr9Zu1E/OYrwy OIn/4CLGK0BJfJ3WxXGUMYQZOTvtRg0KpnAqMCNnl02G9dbFaUdhjyPmyWD6unn4s05OBDlP1mnj J212QrjZEsRbHwqvBNFxERpvp7ZFkjFQ/TO9h2qY7WtQstPDVpc/QazO+lqk2XIIQ3irYqJw7ZKR eW2fHgveKCRJd3Wida7AjJwHdR1vBJpgZb04UHu8BNFx4XWYwEkenfyhVwXsRpQ578fwr3XWOFXz rkJ13I9cIT7GZhEdKmJdRsBmXdE4P2lGuVXgl7Zrz8GEaR6h+RowRiH1z/jGb7yaccHbPDqGioFl fP24dh5aR2acLgvHzU4HMtk4PWjWTrsvW+FYN2HMjdd+2TrvkDUOdrHahBrUn9BYuzhu4Q0OXQHj GO3wgKUcWb/QQKeNgy5Vi2g4M7L+uTRXVvPUKKkZTlXxnawoMZbEJCjELSpprjhF5o6+Zx22G41X LaXCZZCxR76mzTi1pRTYV1FEh63zV2peBcCc0xjT6wW4gtu0cW4NZq4Uo5AFZIAZ0zg/b8WMSgn4 NczYdiNmTgqQWdHjFFzrdNTMRqBfwRh9yCYNLHdOWq/V5YECSzRcmicw3A5qat3GEUkyzi/a0oGA Dpq0uDmnfSG1rlSoeXsKb26rrDLIyHdea7bV/EqQr7gFB33gEOs12jEkYNLWVmCmKOwx+FdaSP5Y a3bOIit0BZbIWY7xlefltnlUq3ekIyMdNIn77LxVP6m1X0X5VXhCHzlVCxsCzFsDzTO1ckNAQp+o RTq/AJhHPG5oqeM9hHy1g5El57s/ib2Gxcc3sOOVIkGT6/SlbgtUgmoXzvzZbTC/D2ECBEPnvHHc qIVqaQ6BSSZLnz/LLcvSIExLRKSqt3CcwKo5skbU48yLxNhhpRacsMQ9vfiJk8aOE+KoBfLRbbbq nWNDbmTkt+nLdBmRHA/0zgvMF0/4Lii9n3Dmzk9obd/31VN8Xz3F99VTfD+oS189xffVU3xfPcWX ub5lWlH3AD/uMeAHLSvz6VwDfL3HgC88BpSEtY4BvsljwBceA0pNaR0DfJPHgB/3GJClGfwCfKPH gK/zGDBJvDCLvNDJ9E1CY3s/vmY/SNtoQtnKp3u+wWMgWYI0A/r6iTGBXz6oE9wKMIFXOqgLeWWg kVdxDvBf6IBz0o3VmQo1ckdcAwL2KDipxkLnAKnGJKCRV7E4fJ0ZYuZVnAMCXhU4h1fD+RV7x2PK Gl2W+IblSkL/Ctaeom8JgLmWQvcAUUsSyMinOAf4L3RAM6+8iSp4FaCRN+IaEHBHweY6kp0DRD0p wKSeEToHSD1DAv7hdM5jemTUM0BWtArcKCHuFxDI0GDMUuJuAUKMBiXL0RiCkhX2RdY0j7HqggEe +AZIY16AkhSGcA2QGENYIueFhvNiEU5NkgulqElwfnqya4A0Y4YwM2foGyAYJZCRT/INCPhkkHmw NGJ8MiiJT9rPkVhlaIJqiFWPDEpSKYFvgKRQBCiRT/ILkHllcBJ/4Bsg8QpQEp/YjZUYQ5iRU3YN CDgVmJEz5hUQsMcR82SoHgERORHkPFnCLSAiJoSbzUDhHCAswBCi44r6BvhxdwFfdheIT/U6jwAx 5WuRZrMh4hYgxETh2vWi6hzgx9wFEnVXJ1rnCszIqToGBLwRaIKJFTgHhPaVgOi4TD4BvtldICHv imOAyLsK1XE/cnn4GIMl4hcQ62fz+BXPAKEsFOCXNmojzgF+zF3Al9wFlGo2uQT4Ce4C2iwYnAJ8 o7tAQuPFfQJEE2pQfzZLLe4RIEoXx2jHhtEdwE/yFfADX4EkWc1To6RmOE/F97CM/gAaQSFuUUlz xSkyd/TdSnIMEIa/BDJ2R9kvIGBUYF9FC4mjdZFXATDnNMb0egGuuEdAwK3BzJViFLKADMUtQDLQ JODXsGEDxwApRQEya3nFK0CoeRX6FSzRh2zPyH4B0vonhCVaLYpLgGy6qIgkGZJXgCRAhiatbCSv AGllI0PNG1OhY4DYmJJARr7QMyBgkyBfcfNNcQuQOoYETNrUUnwCpF0tFf6VVpGyX4AY/DIskbMc 4yvPy63iFSByq0KTuBWfAIlfhSf0kVO1sCHAvC/QPFMrNwQk9IlapPMLgHnEi/NeMd5DyFc7Elly vvszGGuqS4BcIxI0uUJf6nY+Jah2yZzoB+DPcxQwymTpy/4AvslRwLg41DoD+AmOAgnLw9gZpRac sLiNeQOEq9w4aoF8SL4A8dzISFmWtx7rVCLUjT4Q1HphzfqntVZY/3qD4E8f4E8XWSoSWIoFtYBk 5srGEH0oN82rUjziKAXhENJEZJoFMp0gmAI+iNhW2IoxkmhbLhJNC2h6+AyoF0YeUsTK0XyVICWx +CE7mzt7Uvgiz/LHvTt7fOv0dTFDjIRBqEkpmgmQPgVI/qMHSOad6XFBklnHegqU/EcNlCwF7efK xhYB+PATzB5Ceyh44o3H6ZM0mKLDospvxTr3WeisMBif57m9AWlUjDJHyOBtDk04NUvMIBRJzZ/0 g9d9Z4MRVJI9mrDRKP60fkjnC/Qtd1eEqom9Qx4GEGSvzMvxA41R5oh04Rhz2DuBbH5oNEbrUdio xaKvpXR6fHdrD+MFvqP4ZkGcKSEY5+UMz5JOsS/OyeOlSa+LTDVcSlRjTWbDd+rjvHvWIdY9RaVy wRBKCF61GPP8IFbUU8OxgWVl9tOJ/c4Bg4aHpPY+juix83zYvto5jtXVA+Y4mTF5jotSLiLwMXMc E/SnnOPU+Y23WTjJsZKpk5xMZHwOQBB9m6kuSO5pvlvkYQBeW9rXATjuEU8EqNJ17wRoyIL0kh8K iGR8kdcCTFHrQW8F84pGr8vxEyPEPE0TU/iQCqlHO9CLONImrucNrofQGGF0zBnUnG3d2dM+zTNY XcNxsHgJ0xV1FlVDmElg0GRHcHAqzVyzW96NxjqkvArWmauRPD9g4oJC5s09MYOk3jo5qZ0eKDaJ 0SQJiP8gVokw3qhOuC7hIXRzRWs1FSxsw1eB2do2jeOcijliUVGjTy8FwtOZ0Q1XuNj3MDerOD4n 9nRGmhPX4XFMUABk5m9dOZD939lQzPz+e/Yq0M9BZYU93bIoPGT2V3q0GHNkrVUtmO6sFZicv+di f7DkPqtGG27gM2M99kIfXR9hj6O5N1YokkIDI0GQ+yACM0mY+uMx2mdX+Jh0FkcQexK5ekWFGVN5 Cr8yIDR8AafFwkRkD9szfDuEkaVjUZF/hHnO8uk5NnvsDUrvxtN164JCWV47PIoldkUgGvedqddz pw7254lN20og4yKSoYvEvKCy501UEJmSFH4UxzKJY+DefccifM/eD0APXDs9Gzeo2NYWvQE3GE2G mIg9mUxd1OL0Dt2KRZsWZOo+Y1JXcfAOZrAs6c18exiG5EYxVDaPhiEP2svHoFxM6uYFqXuA0bB2 CZ9MwfrElayn4gsFDt8buu4k9TevwOgLqb/BX+PU3/jf1rVFBIyY/f6sSa8QTyCscEuy+UTfL1yK CihkRZfIFm6zAn+BiAuCXYngxFzpez5/Ri+cHEGveTOPTYZhtFzRhmIzQepyUKfhCzTpjKxcYgOU yFG52P4HMiKUh1aVlMhwkAdk6Yd/FnnuWVJhKGg1f+EmYHbFIvMpC4KipUjxt+jYg3R8Ig30XAkm 34jC1qkz9lk0ErlgCO1PVllSxHAK5r1qjMnNzY9/gIL/xz+CiNzsIyL2siydtUSrDhyPR7EVeglj dd+KLVFSWxIK/yVkVtLOQCnFn0a7q/8vHwestN6iGTUvUQWbioayFcQaJINljDFGzUGxiRQIQFsQ OdMRVvMDUErSa/8Aq+4ft0rKK1ZzTDvHuIuRK+WLm1xN4S4y7u+DPHofoBsvbpR3ayPCG2cJ3zeM yCXNGoFVg2jWcnnDVlPZla7G3qgyviIlaiUT7Wv4KaytyqyatCIMa2pa4vWrOYxKv45EBI9wFniz Fs5aHRqmGN8/Ht9bfktJpk4rRFIboOlIWi8hFL0iCFspqqMSE+PKMl34daXQT/Ov7ImFTADAB4vW iToTVmPhnxZOMuuM5DIDKh8W9JerBMU1dZomkEUqinTkl66SQFEkVYmg0VdJkBerWphqqjodFRMt i0682EvFj16J4rwQoG6LG3SUdwfmLx1KB4DZaGJ9//1RcYOOpBc7v8JTsZXBDd4MZueS500850Qv 4PM2mjc85DlI5S6jaA6me3uF4eC6QPdtC0MX5FKJBDU9JI4+wUCsUsfJ+Pvp88hetk5E2pxkha9z DZnMfOrbMxsf5JmfxcwnSJpI5+VSkhqSshrsdl+ftJlVoM96of1z+zJz3DpqnkrMYrVu4PrfQl4i HvcHNyn+CxoZLHr+BDHFjcfni3F/MXhK5hpjxo/7vSk+Y90P+w4p+LOhg5oZFp9oedn8we/ZFMfD PVjjuKQY4QyKy1M0smyYb/FpZ2QGBlhwQG7B/sW1iDMVRjOKYUZ/z+07uDvvjxw8NJ4OnfGz1Wq1 SN2OlxYfuwc7sw7WfVYAGz91ODCfjVK2oSLTUUoA5tMp3vlxWIwmgwL8n7O9UY6Plx/koZIKjzzD ESUPJf2JJ1MbIYdybpkKFbqckmhgFcVOOkb3SqoqMpoaqStMCHVG9BAi2BLYCLYENnA/4Lunz5/h g8vwvDOdfs00NoobG5Vy+bsN+GxXtpTfGxvF7S3EbZcrm1vwo1wE+uLm5sZ31sbXzFTwAT1jTy3r OxeUydAx0/Wv7W+RnW/9AbOcL+56Q78frINuJ7fvnI9ed9i3J/neXmlnL1XwvWmBUxUIfre3uVHa s2A5CbqX9hRBE8OC0bGuXjjTxtDBF+izZsb39hS3gvbwwRHPGQ167hAUP6hQ9O1xb1Bv+70Z7tP4 Y5gSDIIq+hx8NiVckRLGGVXex7qzPczM7OPEwWQ9WDfatzDTDGEq0YvbLuqTPz6onZ3g0yy3jiEj yPlFamC79EVLtLOxXIUi/ZdLvlwq65Nvu7131/6NPhPE9SUqs7xlKP2aIeGtL1v6LcN4Mib/Rdu+ vLW1ZPJbXzT5bUPlD/vd4bUz7TpjtOu6s6k99jCWUHcydXuGrG1/2YYxjfMga31niawVv2jWvuwA 3DINQEMf2CrtLke/udwI29pcrk9ubRomBCP99pL0O8vRl5esz/KS5V1SY21tGXqykX45lbS1tbkk /ZL1U1myvJUly1tZsryVJctbWba8S/aHypL936TZjPRL1s/2kuNre8nxtbNk/e8sWZ+7S/a33SXr c3fJ9tpdsj53l6vPysZy5a2YDPAk+i83XVU2lqsOov+CyReXGw0Pov+S2V1usDyI/ktmdzldWSku Z4ssTV/6oqZWpbScqqiUlhxqS5pOlSVNoUp5yd6xpClUWdI0qGwtWT9bS5Z3SdOgsuRUX1ly6q4s ORVXtqG9rvCPrn8z7nqOPe3ddXtZ6MTQSafsKfkbf0zeWtbUwcfUyYNGAA1iDcXEIB2mnCzZM7cr upzPHp91Qw9IyvqS86lpP8VIv6RS2Fk2P8vpvO3Scp2M6L+cjtwuLadjtpdcvm4vqVO3N5esjk1D flZN9MuNjG3Tctckv7xkecvL6cjt8pLda0mdvb21XHffXnK5uJ2g4yOb4gmzmYZSDAnq+9zFysNz 06vBGBTZYMx1mR14VJK+S5a11PCKCEKHHKExr26dWRew2b0oWREnsaup42XJVZJr22c3g6k3o6u0 5F84CLXvqlbCswZ6LkoSBn1nPBvcDJwpHmVOHXQdAzA9bO6Oe45WinBkFxkfkF8kzAceZCSvT/sK WR6XfVHjQ+dmlsOTbcudOFOb7SzTfTD0sIRq8qR2cG5unN4sLtAwxLEfxIhxuXfFJrwHF6FUghSv 7Nls+vBWLOG+3RVk+BESQDVc9Vwfu/tDZaBJeNX3J85w4D1czCbVKpgJD5ZQVhZm6KMwdYd4Ybx3 53jBicPYHefQkgiNkMQxyM0a7TCkrfZHDUMm4VFDQd3v/wJDoWzS/rqhUK7sPH4olNG8elQ3Lu+U Hj2YyjuPHwpq3xnZg3G819Bux6N6jbpfgjEN6FSXXXc1tmtlwzBLszO4WNNuoxF7BZBHjept3HpD KZPZEs2LDhBvSm/3rLW1NeuNItJ9azUo+0VGVQyo7OEwN3V6/tQb3DsqUUgRwEt/aFcY8v8YerOv mUay/8fGZqW8Eff/KD35f3yLD7a/ZSkdOuzsjfHMIa+88G7EVeHOHTkFVlvMmTBHD5lkUyc23bzG h19gmIEKH4aDaxlJBWTNhrynLgxZYGU+huSSiobgFSSUzYdkx459v1wKaoZ/Gw6uH5hhZP26GWYp qBn2Z4OH1jCyft0MsxTUDI8mgwfmFzi/bnYpATW3vcHkzpk+MMOMmeWZDS97xERtPkYUcScUH1IJ amBzyRpQklm2+gJmtQZnrjv0HliBxPt125wnoeb5trjxwBwD59fNLyWg5hZtFWd6/+BuKvizKX5D NqsaVVnLvf4XiInA3awFCgkrsApG4GWq70zoqlY2D9+8gkJ7BsSz0SSJpIM0JGXk9p3qba9nFa4H 44J3Z+XzBa83HUxmXgHQsLyYACES5A7o4gC/kPbSyjXzwf/sR7C1g/7MuVsr1ypZuR+x3nI96yq4 PqOWVtzPyOYL2SsV97A2kypYzKpL8Gf/0Lbj0+fp8/R5+jx9nj5Pn6fP0+fp8/R5+jx9nj5Pn6fP 0+fp8/R5+jx9nj5Pn6fP0+fp8/R5+jx9nj5Pn6fP0+fp8/R5+jx9/u8+/x9vAUTGAAgCAA== ------=_NextPart_000_4A230_01C1F04B.778605D0-- From sbutler@fchn.com Tue Apr 30 23:41:01 2002 From: sbutler@fchn.com (Steve Butler) Date: Tue Apr 30 22:41:01 2002 Subject: MakeFile on SuSE 7.2 -- OK Message-ID: <9A86613AB85FF346BB1321840DB42B4BDF27A1@jupiter.fchn.com> It appears the problem is just on the RedHat 6.2EE platform. v1.0.7 compiled clean and installed on SuSE 7.2 --Steve Oracle Administrator First Choice Health Network CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. From dshaw@jabberwocky.com Tue Apr 30 23:44:01 2002 From: dshaw@jabberwocky.com (David Shaw) Date: Tue Apr 30 22:44:01 2002 Subject: Makefile errors? In-Reply-To: <9A86613AB85FF346BB1321840DB42B4BDF27A0@jupiter.fchn.com> References: <9A86613AB85FF346BB1321840DB42B4BDF27A0@jupiter.fchn.com> Message-ID: <20020430204518.GA4533@akamai.com> On Tue, Apr 30, 2002 at 01:30:55PM -0700, Steve Butler wrote: > > Last 5 lines of output from make are below. Is this normal? The tar you sent clears it up: /usr/include/ldap.h:302: parse error before `BerElement' /usr/include/ldap.h:302: warning: no semicolon at end of struct or union /usr/include/ldap.h:306: parse error before `}' (a few dozen more ldap.h errors follow). What version of OpenLDAP are you using? You need OpenLDAP to compile the LDAP keyserver code, but if you don't want to update your OpenLDAP installation, you can configure GnuPG with the '--disable-ldap' flag. David -- David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +---------------------------------------------------------------------------+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson From dshaw@jabberwocky.com Tue Apr 30 23:59:02 2002 From: dshaw@jabberwocky.com (David Shaw) Date: Tue Apr 30 22:59:02 2002 Subject: MakeFile on SuSE 7.2 -- OK In-Reply-To: <9A86613AB85FF346BB1321840DB42B4BDF27A1@jupiter.fchn.com> References: <9A86613AB85FF346BB1321840DB42B4BDF27A1@jupiter.fchn.com> Message-ID: <20020430210011.GC4533@akamai.com> On Tue, Apr 30, 2002 at 01:41:02PM -0700, Steve Butler wrote: > It appears the problem is just on the RedHat 6.2EE platform. > > v1.0.7 compiled clean and installed on SuSE 7.2 SuSE 7.2 probably has a newer OpenLDAP than RH 6.2EE does. David -- David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +---------------------------------------------------------------------------+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson