From paolomail at noze.it Thu Jul 1 01:48:37 2004 From: paolomail at noze.it (paolo) Date: Tue Jul 6 16:41:36 2004 Subject: gpg --gen-key using /dev/urandom is possible? In-Reply-To: <20040628120645.N92142@willy_wonka> References: <1088063463.3241.1.camel@localhost> <87isdfsiku.fsf@wheatstone.g10code.de> <20040628120645.N92142@willy_wonka> Message-ID: <1088639317.5149.15.camel@antares.intranet.paologalati.it> Thanks for all replies, my system is standard linux distribution(gentoo). There's not a rndcontrol command on my linux box but the directory random, on /proc/sys/kernel, contains various parameters controlling the operation of the file /dev/random, i'll try to work with this to increase /dev/random. Modify the code is not a solution for me, the key generation script have to run on any linux box without patch. thanks, Paolo. Il lun, 2004-06-28 alle 18:11, Atom 'Smasher' ha scritto: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > depending on your OS, there should be a way to "hot-rod" your /dev/random. > > doug barton has a great how-to for doing this in freeBSD: > http://people.freebsd.org/~dougb/randomness.html > > the output from my /dev/random increased tremendously after following that > how-to... no more waiting for entropy... i had a script generate a > thousand keys (4096!), and not a single one had to wait for system > entropy. > > before doing that, even generating a single key on my desktop often > required waiting for entropy. > > > ...atom > > _________________________________________ > PGP key - http://atom.smasher.org/pgp.txt > 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 > ------------------------------------------------- > > "Fascism is capitalism in decay." > -- Nikolai Lenin > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.3.6 (FreeBSD) > Comment: What is this gibberish? > Comment: http://atom.smasher.org/links/#digital_signatures > > iEYEARECAAYFAkDgQzgACgkQnCgLvz19QePjiwCfVnnT6LKPnW6gp2yU1lwcetlK > RjEAnAvOjRYvDt+q5aohj11aVjVk+cxv > =huJf > -----END PGP SIGNATURE----- > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users From JPClizbe at comcast.net Thu Jul 1 02:13:42 2004 From: JPClizbe at comcast.net (John Clizbe) Date: Tue Jul 6 16:41:44 2004 Subject: GnuPG on Windows working with mailto keyservers? In-Reply-To: <200406300751.i5U7pkiw082167@gw.core> References: <200406300751.i5U7pkiw082167@gw.core> Message-ID: <40E35736.6010203@comcast.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Robert Golovniov wrote: > Hello gnupg-users, > > Can the Windows version of GnuPG be taught to work with the mailto > keyservers? Are there some guidelines for that? > get a recent tarball of the source and look in the keyserver directory. gpgkeys_mailto is a perl script that implements the mailto interface. You'll need to get versions of perl and sendmail for win32 if you don't already have them. If you're building your own GnuPG with MinGW/MSys, MSys provides a version of perl. - -- John P. Clizbe Inet: JPClizbe(a)comcast DOT nyet Golden Bear Networks PGP/GPG KeyID: 0x608D2A10 "Most men take the straight and narrow. A few take the road less traveled. I chose to cut through the woods." -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (Windows 2000 SP4) Comment: Annoy John Asscraft -- Use Strong Encyption Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA41c1HQSsSmCNKhARAsPeAJ9NWwT7tjw/OBPAU094/tg/d4j+dQCgmZ6k TZKPQYaMJwXTQ5enJoViDms= =tQEo -----END PGP SIGNATURE----- From howardjp at vocito.com Thu Jul 1 04:42:04 2004 From: howardjp at vocito.com (James P. Howard, II) Date: Tue Jul 6 16:42:11 2004 Subject: What does --export-secret-subkeys do? Message-ID: <20040701024204.GA14205@foxxy.triohost.com> What exactly happens when you use --export-secret-subkeys? From what I understand, the master signing key is disabled in the new secret key ring, but I would like to know more about how this works. Thank you, James -- James P. Howard, II -- howardjp@vocito.com http://www.jameshoward.us/ -- 202-390-4933 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20040630/5ae73f72/attachment.bin From jharris at widomaker.com Thu Jul 1 10:57:21 2004 From: jharris at widomaker.com (Jason Harris) Date: Tue Jul 6 16:42:40 2004 Subject: key count, 2004-06-06 (+ duplicates by short keyid) Message-ID: <20040606200843.GR2103@wilma.widomaker.com> As of Sun Jun 6 19:30:00 2004 UTC, there are 172029 v2/v3 pubkeys, 1844621 v4 pubkeys, 1858528 subkeys, and 1793 duplicate (short) keyids on keyserver.kjsl.com. The duplicates appear below, sorted in reverse by the number of duplicates per keyid and then by keyid. This automated listing is more current than my manual list at: http://keyserver.kjsl.com/~jharris/duplicate_keyids.html and hopefully includes all the keys listed in it. (short keyid # of duplicates) DEADBEEF 4 6FC52472 2 6E849BB2 2 61DCAD84 2 59518C3D 2 10337301 2 FFEA1A95 1 FF86E089 1 FF6A6CA0 1 FF5F9A8D 1 FF495AD7 1 FF48CD90 1 FEEB7515 1 FEDF1BB3 1 FECB35D4 1 FEA05E06 1 FE9F8A51 1 FE69E918 1 FE61A9AE 1 FE5077F1 1 FE35FFBF 1 FDC940E7 1 FD7DB54D 1 FD3E3C28 1 FD04D2C9 1 FCEF82E1 1 FC2AD841 1 FC16E008 1 FBEB0BD6 1 FBDA93F0 1 FBD826F1 1 FBC324F6 1 FBB4F7B8 1 FB159E0D 1 FB14C5C7 1 FAEBD5FC 1 FAE0A994 1 FADFCD89 1 FACCD6D9 1 FAA99F8C 1 FA97182E 1 FA6176B4 1 FA00F4C7 1 F9DF3BF9 1 F9D0D26C 1 F9B4FB55 1 F99B11F2 1 F9826058 1 F91B36F2 1 F8FFD2F6 1 F8CA5F37 1 F8C6AACB 1 F831179D 1 F821C7C3 1 F80BD0FC 1 F7D25A87 1 F7C8A4F6 1 F790CE44 1 F773DE29 1 F76D77B9 1 F752FF43 1 F7482D02 1 F6FD5F57 1 F6D3E297 1 F6C7674A 1 F62A9198 1 F62591B5 1 F6119336 1 F5DF448C 1 F5D9D05E 1 F592EC30 1 F57F15E6 1 F527C750 1 F50BABB6 1 F4E3451D 1 F4C14E0B 1 F4B16D4B 1 F49FF063 1 F49E7EA5 1 F437FBB6 1 F4313A10 1 F4158062 1 F4102A7E 1 F3FCA949 1 F3F1D119 1 F3B7DE70 1 F397F98F 1 F37CB526 1 F35EE110 1 F35427EF 1 F34A75EB 1 F32BA4E7 1 F2F6EE93 1 F2F69F23 1 F2EEFCAB 1 F2DE1C64 1 F29E66C6 1 F28D86F3 1 F283C630 1 F22B91C1 1 F22A0263 1 F21C6560 1 F1FE5367 1 F1CF1800 1 F1C3EE5F 1 F1ADA78C 1 F18E3037 1 F185844A 1 F13972CD 1 F0FF4CF9 1 F099168C 1 F092ABFF 1 F07BD1EC 1 F00001BA 1 EFE465C9 1 EFDB4DFF 1 EF4F7D9B 1 EF4B2B1B 1 EF36997B 1 EF1A0D9D 1 EF1334E3 1 EF045A4A 1 EEEBC3CA 1 EEB93047 1 EE921CC1 1 EE841041 1 EE74769A 1 EE6C909D 1 EE6A1D59 1 EE4E9CBE 1 EE4949C9 1 EE190C59 1 EDAAE59C 1 ED58D277 1 ECF84952 1 EC9E1DFB 1 EC5665F4 1 EC28990F 1 EC0B60A5 1 EBFE19B1 1 EBFCEE57 1 EBF7584B 1 EBF5437B 1 EBC1AD29 1 EB9A9B36 1 EB73A58F 1 EB59D2E5 1 EB41899C 1 EB2CB21A 1 EADAF319 1 EAC003F8 1 EABF58FA 1 EA493162 1 EA330727 1 EA1D232D 1 EA070B69 1 E9FD0549 1 E9D500CD 1 E9C3AE75 1 E98CCB7F 1 E97A51C2 1 E9328E33 1 E8DAC5E0 1 E8B3A39E 1 E8AC04AA 1 E88C93C7 1 E86DAA49 1 E84F4732 1 E84BD0F1 1 E8344447 1 E7F1ECA9 1 E7DBE6F0 1 E76723FE 1 E73407C9 1 E7207217 1 E71E928D 1 E7165CA8 1 E6F2E251 1 E6E9E432 1 E6D5DF42 1 E6CB1A65 1 E6856DE5 1 E6738B71 1 E60847F4 1 E5E310C9 1 E5C37E59 1 E5B0BB4F 1 E5526149 1 E5522013 1 E5518D56 1 E537F0FE 1 E52A5A90 1 E515AF36 1 E4FEF2C9 1 E4FC38AC 1 E4EBA0D5 1 E4E8E13A 1 E4D4A010 1 E4CBBC73 1 E4C1F455 1 E4BE7B9F 1 E4BD2401 1 E490B8AF 1 E48A7A7A 1 E481CE40 1 E46B98D5 1 E428B785 1 E415B338 1 E412528C 1 E4095839 1 E3F014C2 1 E3E9DFE1 1 E39AFA69 1 E36B0F9C 1 E35AA856 1 E33CE394 1 E320CC89 1 E31CF95D 1 E316E1C6 1 E2F9E87C 1 E2A654C2 1 E29BC79D 1 E269EE80 1 E22C01C1 1 E21A58C3 1 E210E9B1 1 E207DF53 1 E1E33DA3 1 E1A695D1 1 E1762D0A 1 E14758B7 1 E146913F 1 E1247F0C 1 E113492A 1 E0F33253 1 E0C1EF35 1 E0AEC5B2 1 E0261027 1 E023BC6A 1 E018A303 1 DFB2B0D0 1 DFB196B0 1 DF5D2870 1 DF480802 1 DF3E8ED0 1 DF160971 1 DEFCD2FB 1 DEED60C0 1 DEB38CFD 1 DEB36882 1 DEA0382F 1 DE5D2D89 1 DE4A83AE 1 DE3E6789 1 DE1C3DFA 1 DDB289D4 1 DDA3F71E 1 DD5E53C0 1 DCD2E949 1 DCA936D8 1 DC6F4AF5 1 DC3C73D1 1 DC294139 1 DBC8486E 1 DBACFFB8 1 DB612E04 1 DB54F1EE 1 DB5498C8 1 DB417E40 1 DB2FD68E 1 DB2E641C 1 DB13EFA4 1 DB127C12 1 DAFD9EEC 1 DAFCC82E 1 DABF1902 1 DAB62EDC 1 DA9240F5 1 DA83C1B0 1 DA68AA9B 1 DA602DD1 1 DA4741A2 1 DA3F9441 1 DA3E21F5 1 DA0516CE 1 D9FC04D7 1 D9C18885 1 D9B2495D 1 D977F7ED 1 D95D2131 1 D94B31F0 1 D94A5D84 1 D93ED534 1 D923B439 1 D8F23CA8 1 D8E61860 1 D8C8F3ED 1 D873C5A9 1 D856E1D3 1 D801ECFD 1 D79DA15F 1 D79842FB 1 D74C5F79 1 D74C546E 1 D747690B 1 D730FAAF 1 D730EEB9 1 D7289701 1 D7105B74 1 D70D2A7E 1 D6E0FD64 1 D6CE34D6 1 D6C2440E 1 D6B4889B 1 D669140C 1 D6603892 1 D64E3F6D 1 D642143E 1 D624D56A 1 D5DC1BF9 1 D5CF5A50 1 D5C96F11 1 D5B4A430 1 D5B47A46 1 D5A12271 1 D596E7D4 1 D5926B78 1 D58CB69D 1 D56C1743 1 D5276C2F 1 D50B5187 1 D4F76FE9 1 D4EC72AD 1 D4E3ECAE 1 D4B98B53 1 D49B0275 1 D483E12A 1 D42B9CB1 1 D420D5CE 1 D4135633 1 D3FA450C 1 D3D9FF2A 1 D3AE4BA1 1 D3ABD4E3 1 D37E3362 1 D3613155 1 D32F3547 1 D2B47918 1 D268335B 1 D24A2ABB 1 D23C47FE 1 D1C3696E 1 D1BD8CAD 1 D1AD0821 1 D1A0E42D 1 D111E820 1 D0FA3598 1 D0AFA10B 1 D09ECD9F 1 D0961561 1 D0422188 1 D040CACC 1 D03C17F9 1 D03B4865 1 D032E6A8 1 D02B940F 1 D00F2CDE 1 CFD28B45 1 CFA0C8B0 1 CF924D61 1 CF6B5950 1 CF62D0C4 1 CED37FF7 1 CEAC5C00 1 CE9FA937 1 CE7D0067 1 CDD050C3 1 CDC5A1B7 1 CDB07D73 1 CDAF7557 1 CD4F0C21 1 CD3891F1 1 CD20BD7D 1 CD07DC2C 1 CCFF0104 1 CC8C470A 1 CC66E722 1 CC12E8FB 1 CBFDDC1F 1 CBAC8696 1 CB649C90 1 CB501A68 1 CB12F02F 1 CAF09C61 1 CAC44D51 1 CAADAC28 1 CA7CA2A5 1 CA7BAB0A 1 CA57868A 1 CA0D9524 1 C9EFF417 1 C9EA8406 1 C9E73AC3 1 C9E1AF7E 1 C9E0C417 1 C99E9B78 1 C965C4A5 1 C9336CC9 1 C8D7DE5D 1 C8A2836F 1 C8632747 1 C8568F66 1 C8344E2E 1 C7A119B5 1 C7806863 1 C752847A 1 C7399C7A 1 C71C9220 1 C7138A01 1 C6C80B8D 1 C6C6E310 1 C68357E2 1 C663621A 1 C6501016 1 C62AD0A0 1 C603B705 1 C5FF0A21 1 C5DC8A3A 1 C5C76C81 1 C5B6107F 1 C5A196B9 1 C5334C52 1 C4F26949 1 C4D5167C 1 C4798E05 1 C4786479 1 C40DA8E8 1 C3EB7DE5 1 C3AEACC3 1 C3A66724 1 C38D2A3D 1 C3826A03 1 C34910D0 1 C33603C1 1 C31D3929 1 C30BC6E5 1 C2D3A6DA 1 C21F4F00 1 C1DC35BC 1 C13BF36E 1 C11F6F3B 1 C0BA470F 1 C07ED679 1 C008C0A6 1 BFB528B7 1 BFA35666 1 BF71BDF4 1 BF5A3D1A 1 BED13542 1 BEC507D1 1 BEC10F93 1 BEAE0747 1 BE7B3AA2 1 BE378C4F 1 BE283571 1 BE1B98D8 1 BD81AE64 1 BD6D1A49 1 BD0FD942 1 BD0C16C4 1 BCAAA04D 1 BC799D53 1 BC6102C6 1 BC56D27C 1 BC349218 1 BC233281 1 BC0A530B 1 BC047C0A 1 BBF961F9 1 BBDAD91B 1 BBD92EB1 1 BB44B70C 1 BB35C66D 1 BB34BB9B 1 BAFC0363 1 BAF40252 1 BAEF1196 1 BA6CD06E 1 BA45BDF6 1 BA099952 1 BA08D0D4 1 B9B71C4C 1 B99F8379 1 B9869872 1 B986484E 1 B902E268 1 B8D3D51F 1 B8B539C8 1 B8B1D870 1 B877EAF4 1 B86E1155 1 B847F1D1 1 B8384117 1 B8170D80 1 B813BF46 1 B7F26B77 1 B7EE92C6 1 B7D1ABBF 1 B7BD960F 1 B7A464F9 1 B77AC4C9 1 B7683091 1 B753388D 1 B73FDC72 1 B7373685 1 B6AF2183 1 B6A8B7DC 1 B6995831 1 B6746995 1 B671B1EE 1 B62F43F9 1 B5CB72B7 1 B5A431FC 1 B5984048 1 B58F6E0C 1 B57D2192 1 B554F710 1 B51F25AE 1 B509FFB3 1 B4AE8D20 1 B4A70D4D 1 B470FE8A 1 B46DC1B1 1 B44078FB 1 B3E99F8C 1 B3D737D6 1 B3D693F2 1 B3D0A7B0 1 B3CD9812 1 B3C99E28 1 B3B8C015 1 B36E4C28 1 B33CFFF0 1 B3148FD4 1 B301618A 1 B2FD738B 1 B2F84AED 1 B2964921 1 B2620BB7 1 B253A92C 1 B2324431 1 B2305050 1 B20D9A65 1 B1F3E29B 1 B1CC6BD0 1 B1BB3676 1 B18C014F 1 B1793A97 1 B173A7B4 1 B1699533 1 B163261F 1 B162429A 1 B13572B7 1 B12BFBCE 1 B12A9E03 1 B121F847 1 B1150D44 1 B1054E2B 1 B0DF3092 1 B0C41186 1 B0B12CAB 1 B0946332 1 B07C9D47 1 B059FF01 1 B0509FBE 1 AFD17D59 1 AF99F592 1 AF85FF26 1 AF62EB67 1 AF3E9638 1 AF275805 1 AEEB8B5B 1 AECE4A7A 1 AE7472A5 1 AE5871F3 1 AE55B221 1 AE433DE3 1 AE19E0C8 1 ADDD90C4 1 ADDA78BE 1 AD5D2D2B 1 AD1556E6 1 ACD658F0 1 ACAB37E1 1 ACA06F77 1 AC8AAEF9 1 AC879B8C 1 AC77066A 1 AC63A600 1 AC39BBA2 1 AC30B989 1 AC03601E 1 ABDAA3DA 1 ABAFAD6E 1 ABAA3C90 1 ABA3AE8F 1 AB145AD0 1 AB0DDDFB 1 AAB5538C 1 AA7DD5D9 1 AA6B8C07 1 AA6451DB 1 AA6330DE 1 AA2D3D51 1 A9F83387 1 A9E781C0 1 A9C747A7 1 A9C1DA04 1 A985450F 1 A956406D 1 A9117B51 1 A8CC5B8D 1 A8BF6085 1 A8B35D11 1 A8A369C9 1 A89E8BF2 1 A86F98CE 1 A7C3B5F9 1 A7B26A1A 1 A76D53F5 1 A768291F 1 A74300B3 1 A712FDC0 1 A710A4A7 1 A6ECA8F3 1 A6DE7508 1 A6DE1F89 1 A6C7836D 1 A6452044 1 A6371EFC 1 A5FC0936 1 A5DAF484 1 A5BF15B6 1 A5A2EDE5 1 A56E15A3 1 A55AAECF 1 A546C9E9 1 A52B06FB 1 A513EC05 1 A4C5A65D 1 A4B119CE 1 A4973A65 1 A48CA749 1 A480F8D3 1 A47C2E15 1 A459E563 1 A41D767D 1 A35FD3FC 1 A35EA3D1 1 A34B3553 1 A3166F17 1 A3146596 1 A2FD4AF7 1 A2CADC81 1 A2B9A085 1 A25837CC 1 A2120CD4 1 A2080434 1 A1FBC4DF 1 A1C71AC6 1 A1AB8452 1 A1A5917C 1 A1A4E5D2 1 A19EE6FA 1 A127B880 1 A1271B4E 1 A11DA8F2 1 A0C5B0D6 1 A0C2AC69 1 A0A12B52 1 A08C20BD 1 A076FB94 1 A04C4CB0 1 A03588F4 1 A00006C8 1 9FEFA726 1 9FD7A290 1 9FCB8F11 1 9FC561A1 1 9FBDD7A0 1 9FB3FAD2 1 9F4DD493 1 9F1C26AF 1 9F0B7674 1 9EDD895D 1 9EC3E1C1 1 9E8480BD 1 9E7A3BCB 1 9E66EAE6 1 9E2CB1AB 1 9E136429 1 9D886B88 1 9D701AD1 1 9D69CE01 1 9D5EC10D 1 9D5A28C5 1 9D41A5E0 1 9D311099 1 9D23D715 1 9CCD4C36 1 9C977DC6 1 9C797A33 1 9C62C238 1 9C2607DE 1 9C07D7E1 1 9BF76715 1 9BDC67B7 1 9BCCB299 1 9BC6E569 1 9B91477D 1 9B81FBEA 1 9B4A16A2 1 9B453F02 1 9B21CC3D 1 9B097544 1 9B01B926 1 9AEA8E7C 1 9AE95DB4 1 9ADC3F22 1 9AD2D787 1 9ACE8476 1 9AA829DD 1 9A6B2ED1 1 9A5FF152 1 9A2E7CF3 1 9A295B04 1 9A05C531 1 99F5A28D 1 99DC18FF 1 99C88F47 1 99BDA4A1 1 999F8048 1 9997BEFD 1 99827D58 1 99698A01 1 99659458 1 9939DA76 1 9910E565 1 98E9D53D 1 98E8562D 1 98B85A14 1 98B3C089 1 98AFE82E 1 98AB344B 1 988D16E5 1 987D847D 1 9857D0AC 1 98453972 1 97E11812 1 97DFB49B 1 97CB4AA7 1 97C54618 1 97C07C3C 1 97B02B9F 1 9765F187 1 975CA949 1 973C1033 1 972CE23B 1 96E8EEDA 1 96BC6AEE 1 96B31AB2 1 96B128E0 1 96935B9C 1 9686D87A 1 9680419D 1 967DC5DD 1 967885A6 1 9652ED31 1 965238F3 1 96348FD1 1 95EF1453 1 958BC6BA 1 9585AEE2 1 95063EB5 1 94E52A28 1 9488E5F9 1 947C42DF 1 9460EF34 1 942F97AC 1 941DCFCD 1 93CFD861 1 938883D3 1 93738FC3 1 9364F4F4 1 93157581 1 92EE7592 1 92C11F27 1 92987D92 1 928F323D 1 924F0AE6 1 9216F7C3 1 91A89703 1 9189AC99 1 917FAE6B 1 9150E5B0 1 9134EA18 1 9131544A 1 90EA2F9D 1 906E7BA0 1 903C18AE 1 9009BA70 1 9003D406 1 8FF8A5FE 1 8FD86BA7 1 8FA45433 1 8F4B50B0 1 8F4AAFE7 1 8F1DCFA4 1 8F1C5E0A 1 8F103CDE 1 8EC4070F 1 8EB3039C 1 8E9A7257 1 8E913541 1 8E813F21 1 8E6C5CB9 1 8E69EECE 1 8E5222DD 1 8DDFBFE6 1 8D89BF15 1 8D7EAD6B 1 8D56CB67 1 8D315505 1 8D0B88F3 1 8CFC045E 1 8CF85F2D 1 8CDECCCE 1 8CB97256 1 8C90A57F 1 8C8EB1F0 1 8C68A2D0 1 8BE42553 1 8B8D1E9D 1 8B5BEF71 1 8AAEE315 1 8A963CA6 1 8A34ABA7 1 8A20D87D 1 89F0B16D 1 89D7CB14 1 89B5EF29 1 89B5CEDD 1 898040B7 1 89694C4C 1 891F9237 1 88FBB364 1 88ED08C5 1 88EBF681 1 88E56929 1 88A2E2C9 1 88956A20 1 8884F4BA 1 8880D131 1 8844B415 1 880F1F45 1 878AB4DB 1 877A446F 1 876F1A2D 1 8767061F 1 87643D9E 1 875DD099 1 8736A158 1 87274DB7 1 87215224 1 86E9F8D4 1 86A8BA32 1 8695A967 1 866A3DAD 1 864387D5 1 8626AC55 1 86224F18 1 8615F33E 1 8601AF9C 1 85F53CA8 1 85ECA856 1 85E5A62A 1 85CFC6EF 1 85875053 1 8575A580 1 85490143 1 8545F21C 1 85365895 1 853654B5 1 84A24375 1 84800409 1 8472E971 1 846D581E 1 84499C79 1 843EBE20 1 843A3360 1 84006A4E 1 83E4CA95 1 83989776 1 838E25BF 1 834DA0A9 1 834733AC 1 833837CC 1 82892AA3 1 82677E75 1 8236BBFA 1 81DC42DD 1 81CAA485 1 8173F9A9 1 8162F90D 1 8104A699 1 8100C470 1 80A991E6 1 809E90F5 1 8092DA51 1 8053BF89 1 80474F32 1 8038ADD1 1 800DAA6E 1 7FFEDDFA 1 7FE905CC 1 7FC625DA 1 7FA098B3 1 7F937764 1 7F5EFE30 1 7F46702F 1 7F2FA038 1 7F0585F1 1 7EDBEC4E 1 7EA2E8EC 1 7E971FAE 1 7E785D53 1 7E5E91ED 1 7E334162 1 7E1D050E 1 7E0E2801 1 7E02424C 1 7DFB3738 1 7DDAB28F 1 7D688F15 1 7D4EC548 1 7D047EB3 1 7D01FA48 1 7CFF623B 1 7CC1E713 1 7C18488D 1 7BFE3FC1 1 7B6A2997 1 7B3FECA8 1 7B22F4FA 1 7B0F054F 1 7B0EC78E 1 7B08536A 1 7AE9EAC7 1 7AA7A28B 1 7A818722 1 7A4A5F53 1 7A0E8801 1 79A29990 1 798CF548 1 79780805 1 7974C95E 1 796B3439 1 7958AD6F 1 792F6885 1 78AC0AF8 1 787E18A4 1 78695CFD 1 784E6BBF 1 781E0E81 1 78130F32 1 77FCAE8E 1 77F476CC 1 77E19C76 1 77A3FBBB 1 779A9891 1 77984DDC 1 77486DCF 1 772B6551 1 76AE7175 1 768D627E 1 7688AA16 1 76781382 1 7649131D 1 764183DD 1 763C940C 1 7636F92E 1 760A972F 1 75CA9E60 1 75AA6352 1 758C6BC5 1 7543B782 1 74D35A55 1 74CD1041 1 74B8918F 1 7457B219 1 74303CA8 1 740F69ED 1 73C51AFC 1 73043469 1 7300B960 1 72F3AD39 1 72D98613 1 72D5E7B4 1 72CADA85 1 72B4D960 1 72A6A02D 1 728E84AD 1 72787E1C 1 722A7990 1 7208F11E 1 717161AE 1 716EB518 1 71668B91 1 71579DFD 1 71422425 1 70FFF9E2 1 70FC2835 1 70FA79A3 1 70F7362D 1 70DCD4F2 1 70D64C49 1 70AE18FC 1 708F21A0 1 70819317 1 705A7DBF 1 70555EB4 1 7027CBFA 1 6FF8AD8A 1 6FEE4A9D 1 6FE71551 1 6FE3B1F4 1 6FD1C1C4 1 6FCD8A93 1 6FCB62BB 1 6FC9E91D 1 6FAFC661 1 6FA09C8B 1 6F9C1DBE 1 6F57602C 1 6F4ABFC8 1 6F39F385 1 6F202346 1 6F1FD824 1 6F0747C6 1 6EA9656E 1 6E940539 1 6E3A63C3 1 6E269F33 1 6E03252F 1 6DC986EF 1 6D816342 1 6D4E678A 1 6D3C7479 1 6D3AF72C 1 6D20B645 1 6D0589F6 1 6CACA598 1 6CA05373 1 6C876CEC 1 6C7F11DE 1 6C66EC2F 1 6C6481CA 1 6C6133BD 1 6C32639E 1 6C1DC67B 1 6C1C1DB2 1 6C195A5F 1 6BFDB5B1 1 6BE64D50 1 6B8B4141 1 6B75150E 1 6B481AB2 1 6B3DC50C 1 6AF17EA7 1 6AAE7A60 1 6A8F3B36 1 6A4C83F3 1 69CF3E39 1 69CAA252 1 69C65B1B 1 69A97E35 1 69877383 1 696AF4E5 1 693BA922 1 6914D9E9 1 691281AA 1 68E65C33 1 68C746C5 1 68B9F2E1 1 689F0C80 1 68967AC6 1 68601497 1 67F71227 1 67F19C8D 1 67CFC0D4 1 67C0A6FE 1 67A39D11 1 679A7B31 1 6798ACDF 1 67800C7C 1 66FBDC22 1 66811C6E 1 666F51C8 1 65CCF300 1 65BFC16D 1 65B51E0D 1 657ACDEC 1 65516DAA 1 654BC86B 1 6538D16B 1 64D4C5A3 1 649701F6 1 6469923A 1 642DC3B5 1 6401A109 1 63DB2AC5 1 63BEB808 1 638D221A 1 6354A474 1 630D1137 1 630C2C80 1 63037F7F 1 62FD6545 1 62CAD444 1 62AA84B2 1 629EC328 1 6291B7B3 1 62464A3C 1 621FFE5D 1 6211000E 1 61F3445D 1 61D9DBEC 1 61BAD897 1 619F548A 1 61968F51 1 6195CC02 1 615B9A33 1 613BD2F9 1 6125A9AD 1 60E1FFD3 1 60DB165B 1 608BB3C9 1 60759D09 1 6062FDA2 1 60497BF4 1 603A161E 1 602ABD10 1 6017BDD7 1 60154CD5 1 5FB423B6 1 5FA63B8D 1 5F9F4379 1 5F4B6D40 1 5F33F7B7 1 5F2986D2 1 5F26D087 1 5F244ECA 1 5F1141A5 1 5EFD3DC1 1 5EE8F65A 1 5EE76F85 1 5EB90F67 1 5E986314 1 5E181A6D 1 5DF6AE1D 1 5DECF171 1 5DB5C01B 1 5D9EFC4D 1 5D7CD8AE 1 5D7C5207 1 5D460BB2 1 5D0E2861 1 5D0D8A0D 1 5CEDB0EF 1 5CE2CE5E 1 5CDC5684 1 5CC0B513 1 5CA46E7D 1 5C995945 1 5C8415AF 1 5C75D890 1 5BEE687D 1 5BEADB3D 1 5BE97622 1 5BE524E9 1 5BB03781 1 5BA36BE1 1 5B927374 1 5B3F9640 1 5AF343D0 1 5A8BE3F5 1 5A84B219 1 5A7B6A54 1 5A73C98E 1 5A62D6B1 1 5A1D8BD3 1 5A1A5201 1 59C25118 1 59BA6993 1 596B51FD 1 5958E083 1 5930BDC7 1 590C575C 1 58D766D1 1 5819CF01 1 580545C6 1 57C71C82 1 57A96C80 1 5798556B 1 5768246C 1 5767735F 1 5742B46E 1 57190CE2 1 56AC4D6B 1 569D00EC 1 567BA000 1 566CE73A 1 566AB279 1 55EBF239 1 55CBCAC2 1 55B2D6C2 1 55AD1433 1 55A49D93 1 553569BE 1 547E6907 1 54508B3B 1 544E17D6 1 53E0EEE4 1 53BFC700 1 53651DE3 1 532414CE 1 52E7B5EE 1 52E4D0DB 1 5214057B 1 51FD1E64 1 51FC68CA 1 51F7AA99 1 51F79498 1 51F3DD2B 1 51DE75E4 1 51AC728B 1 51A4488C 1 5188FF6D 1 5180DF5C 1 514A86F1 1 5113A93E 1 50C64A83 1 508728F1 1 506F036A 1 504B34F0 1 50238A9D 1 4FBAF1A6 1 4FA75F05 1 4F709D15 1 4F57456E 1 4F275C49 1 4EE218A7 1 4EE04BC9 1 4E999D75 1 4E54E46A 1 4E062DFC 1 4DDFC7CF 1 4DC90D11 1 4D9D72EA 1 4D5C52B1 1 4D34A0EF 1 4D2294BD 1 4D22032A 1 4D082587 1 4C621713 1 4C22B70B 1 4C1A7F18 1 4C0D1EC3 1 4BAE5061 1 4B99D24A 1 4B8FFF5D 1 4B82FC4C 1 4B63C3B2 1 4B35C392 1 4B2BE9F1 1 4B1B86E5 1 4B1202C0 1 4AF8FC3E 1 4ADD98C6 1 4ACD8F49 1 4A90AD06 1 4A8BEC8F 1 4A87734A 1 4A2B7F33 1 4A1E9476 1 49C60322 1 49BFBFD0 1 49561B91 1 49299FCD 1 490C5BCE 1 4903984A 1 48D8CDDE 1 48991887 1 48289587 1 4827DD7F 1 48229794 1 47FF0547 1 47E78BE8 1 47C6D5FA 1 47B81485 1 47B57B32 1 47A7606C 1 479B59A6 1 478BF40C 1 4781CE09 1 47773F6C 1 475DD6E1 1 4740FECC 1 472F50B5 1 46FADE2B 1 46E18F5F 1 46E09E1D 1 4650D196 1 46509089 1 463F7174 1 463C5060 1 45DD2581 1 45B283E1 1 45A6E792 1 45708711 1 456FF437 1 454208FC 1 45402B60 1 44F56AE5 1 44764DFB 1 44657857 1 444FCABD 1 4442A170 1 43BDC7E8 1 43B726C5 1 43A75E60 1 4386FD2D 1 4375BA12 1 43714484 1 4363B423 1 434B21F9 1 431C9CAF 1 4318F5A3 1 4318372B 1 42FE92FE 1 42FBC3DC 1 42F0A0A0 1 42619341 1 424AF333 1 421ADB86 1 41CCA7BE 1 41712E8E 1 41579935 1 4131A403 1 40B8AAA5 1 4085FA17 1 406A3EF1 1 40454420 1 40380DE6 1 402C84BD 1 3F924C4C 1 3F790C63 1 3F5E1D96 1 3F297F37 1 3F021CEE 1 3EF0FE84 1 3EED622B 1 3EDDE3E8 1 3E8A7ADC 1 3E7E6EDD 1 3E450097 1 3E0DE786 1 3E0A7183 1 3DFDF9F4 1 3DEC86EB 1 3DDAF9A4 1 3DD29D15 1 3DD1D416 1 3DCE5DE7 1 3DA44272 1 3D7D41E3 1 3D4AA34B 1 3D45029A 1 3D2A7407 1 3CED4507 1 3CEAFBFD 1 3CB0A5B0 1 3C8062DD 1 3C777CC5 1 3C338C6C 1 3C0BE998 1 3BECB6CD 1 3BE8B3FF 1 3BDFE03F 1 3BD632AF 1 3BB3B286 1 3B80E74C 1 3B693818 1 3B2948E9 1 3B1D9DF6 1 3B03BF01 1 3AE1ECD5 1 3AE04EAD 1 3ADE1B26 1 3AC7B6F9 1 3ABE47FC 1 3A882409 1 3A43827A 1 3A2F6830 1 3A2E2E9F 1 3A27D00C 1 39F5E107 1 39E6F085 1 39AD3E14 1 39AB7A89 1 39708D15 1 395B2E0C 1 3941360B 1 393A67EB 1 391CF57F 1 39199DBA 1 391627C5 1 38E95B78 1 38B514DA 1 38A4A841 1 38838E3F 1 385107B4 1 382EFDC3 1 381C352C 1 37EC15D0 1 37E204E2 1 37B7EB70 1 3791AA27 1 377FE07F 1 37193EE4 1 37020CA4 1 36F11F8D 1 366C5442 1 35AAA6B9 1 3584C3FE 1 3542CB68 1 3532B0CC 1 352F659A 1 34CAFEEA 1 34B3EBB4 1 34810F32 1 346D4282 1 34677F93 1 3463BA9C 1 345ED6CC 1 34596799 1 342AB185 1 341BA168 1 34143D7F 1 340B887F 1 33A19563 1 338D6FB9 1 335F5FF8 1 334FFCE3 1 32F9D082 1 32E78C9E 1 32C6C7E9 1 3298FECC 1 32443AE8 1 3218899B 1 320A5809 1 3203B408 1 31FB10F9 1 3174D7C6 1 3165E3DB 1 316366F5 1 311CEE01 1 3119C062 1 31017307 1 30C150CE 1 30AADF87 1 309B05DD 1 308D8740 1 304AE829 1 2FCBD9BC 1 2FB8C6A9 1 2F95EFD3 1 2F442E7C 1 2F3F47AD 1 2F2BE408 1 2F0764D8 1 2EFFAA0D 1 2EF88DD4 1 2ED6FC89 1 2EBAAE4C 1 2EB2FE5E 1 2E9859B0 1 2E478D2F 1 2E0EFE48 1 2DEC55D9 1 2DE973C3 1 2DE4A992 1 2D81B2FD 1 2D6D1CF3 1 2D0B163B 1 2CD059FB 1 2CC326B2 1 2CBB6E90 1 2C99011A 1 2C7893A8 1 2BF28C1C 1 2BE3033A 1 2BD61950 1 2BCCCDF9 1 2BB98F61 1 2BB42445 1 2BA4F30A 1 2BA1992A 1 2B4BC5C1 1 2B44CE3B 1 2B287ED5 1 2B143BCA 1 2AF489DA 1 2AB4E7E3 1 2AAC7244 1 2A83F1C6 1 2A82FD06 1 2A520B71 1 29B4CABF 1 299A88AC 1 29640C53 1 29476C7C 1 2946DEE2 1 29200DE5 1 2905288A 1 2904A433 1 28E9F1D6 1 28CE6BE5 1 28C3CC97 1 28B654FA 1 2860B957 1 282F5301 1 27EAC459 1 27C030C5 1 27B9ADB6 1 27848427 1 277A5385 1 276B7ABC 1 274B98A3 1 2737C04D 1 2724373D 1 26E6C236 1 26DE4D33 1 26C840ED 1 26C6E439 1 267DA49D 1 266B52ED 1 266353CE 1 265FDFF0 1 2652C53B 1 26486DD3 1 2617A882 1 25FBD1DB 1 25D89166 1 25D37C99 1 25C1D1C5 1 25C0A858 1 257018C3 1 2533ACAD 1 25058797 1 25022112 1 24CB26B9 1 24BBC063 1 249989A9 1 2468D45F 1 2435F628 1 2433B4CD 1 24318396 1 240498A9 1 239CF1EC 1 23826A9C 1 2359D67D 1 2331D852 1 2327F354 1 231926BC 1 229F7587 1 228E15F9 1 2289BA06 1 2275DD7D 1 225CA009 1 224C368B 1 223E9149 1 223C9DBD 1 223726AF 1 221EDC21 1 220DAA23 1 21A799A4 1 21A754A9 1 21A13B16 1 218D9BD4 1 214F783D 1 20EB5597 1 20DA8DA5 1 2053BF70 1 2051536F 1 201C2A70 1 201B55DF 1 1FF93337 1 1FF32DEE 1 1FE70BE2 1 1FDCA0D0 1 1FD5B72E 1 1FC376B6 1 1FBE7C43 1 1F79D1C6 1 1F43255F 1 1EFFBA41 1 1EDFAA11 1 1EA5D6B1 1 1E8E1B36 1 1E88BF71 1 1E3E0B8E 1 1E29E27C 1 1E1C8E52 1 1E0DDA12 1 1D8709F3 1 1D46E463 1 1CF177EE 1 1CE774F5 1 1C917B65 1 1C8CD39A 1 1C5A59AB 1 1BFBDAFE 1 1B9C2C77 1 1B389331 1 1B245ED7 1 1B0AD801 1 1A96577E 1 1A769744 1 1A6F4F8E 1 1A5665D6 1 1A25D86C 1 19EB7462 1 19E8AFFE 1 19980101 1 193979FE 1 192DFC86 1 191A566C 1 18FF24C5 1 181C7A86 1 18154164 1 17307658 1 171CAA4A 1 16F4289E 1 16F1BB82 1 16DD8FD5 1 16144C84 1 15EF5BF3 1 15B5D2CC 1 15AF5F92 1 159789FB 1 15529C79 1 15422EE3 1 14E5FA20 1 1493A535 1 1485F4E5 1 14795CCB 1 141A61C8 1 14031225 1 1400A529 1 13ED6FD7 1 13ED62A2 1 13E55141 1 13BAE516 1 13BA9CB7 1 136D6A40 1 136CAE4F 1 1328612C 1 132811C2 1 132294C2 1 13147802 1 12FFF8AB 1 126EB674 1 121062DE 1 11E4B0A8 1 11C545ED 1 11983878 1 1131B260 1 1126FC80 1 1109BB9C 1 107E8E01 1 10325C4C 1 10286889 1 0FEA3255 1 0FB6FE04 1 0F752DEB 1 0EB8D771 1 0E845B46 1 0E8315C8 1 0E76AD39 1 0E524168 1 0E04CB22 1 0DCB908F 1 0DC6BF21 1 0D53AFD5 1 0D4F6575 1 0D090C01 1 0CA7D261 1 0C5C53E1 1 0C38637F 1 0C0DFEFD 1 0C0DDFAA 1 0BFA074E 1 0BA85EB1 1 0B4A53CD 1 0B388C6F 1 0B13ED43 1 0AEB4BDE 1 0ADAAD89 1 0A9E090E 1 0A8BBB87 1 0A8A57EF 1 0A5CC571 1 0A503E41 1 0A35FDE3 1 0A163BCE 1 0A0F1541 1 09ECAD67 1 09D85B63 1 09804D87 1 0974755E 1 09612E92 1 094E7C4A 1 0932DECB 1 09256417 1 08B4322D 1 0884675A 1 086DE212 1 08666719 1 084ACEF8 1 08445403 1 08012EBC 1 07ED2832 1 07E6E55A 1 07E6C19B 1 07BC55B6 1 07AB8A93 1 07A65AC1 1 079BB351 1 077D28E1 1 0765885E 1 071355A9 1 070EE274 1 06DCE912 1 06318DBD 1 06269CC5 1 06238A9C 1 05EE0ADC 1 05E51435 1 0569BCB5 1 053C04CB 1 05038075 1 04F8B4D8 1 04BF290C 1 049E669F 1 04071F9F 1 03BB0A13 1 037DA89F 1 036F166E 1 036701B2 1 035CFDDC 1 0346CFC4 1 0332405D 1 02DA0278 1 02BA2FE0 1 028E5613 1 026F7782 1 024365B8 1 021E467B 1 02103F08 1 02054988 1 01FAE88B 1 01D6F21E 1 01D5548F 1 01681CF7 1 01307F03 1 0122F043 1 00FCC016 1 00E54666 1 00B57409 1 0073B461 1 00613384 1 00000001 1 -- Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it? jharris@widomaker.com _|_ web: http://keyserver.kjsl.com/~jharris/ Got photons? (TM), (C) 2004 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : /pipermail/attachments/20040701/88dbf5f5/attachment.bin From shavital at mac.com Thu Jul 1 12:05:58 2004 From: shavital at mac.com (Charly Avital) Date: Tue Jul 6 16:42:41 2004 Subject: Gpg 1.2.4 with The Bat 2.11 error In-Reply-To: <805586367.20040612132651@pd.jaring.my> References: <805586367.20040612132651@pd.jaring.my> Message-ID: <3FA37C50-CB46-11D8-8171-000393C2DC84@mac.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The problem might be: By default, gpg does not allow encryption to "untrusted" public keys. I don't know about TheBat! with gpg, whether it has an option to "trust all keys". If there is such an option in TB!, you could try signing, with your default key, the public keys of people you want to encrypt messages to. You can sign "locally" (lsign) if you don't want your signature to be exported. Charly Apple Mail.app, GnuPG 1.3.6, GPGMail 1.0.2, Mac OS X 10.3.4 Eudora X with R. Chang's AppleScripts. On Jun 12, 2004, at 1:26 AM, omn wrote: > Hello gnupg-users, > > I need help. > > I'm a newbie to gpg. I've already import all my pgp keys to gpg. When > I try to sign & encrypt to others using The Bat built-in gpg, I > receive following errors: > > gpg: mnman@pd.jaring.my: skipped: public key already present > gpg: D6506963: There is no indication that this key really belongs to > the owner > gpg: [stdin]: sign+encrypt failed: unusable public key > > I could only sign & encrypt to myself. > > My gpg.conf as below: > > default-key 0x0F8CFE9629D7378D > encrypt-to 0x0F8CFE9629D7378D > keyring c:\gnupg\pubring.gpg > secret-keyring c:\gnupg\secring.gpg > escape-from-lines > force-v3-sigs > rfc1991 > > What could be the source of error? > > Thanks in advance. > > > - -- > Best regards, > omn mailto:mnman@pd.jaring.my > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.4 (MingW32) > > iD8DBQFAypQJD4z+linXN40RAqsIAKCGHfEtXY59UIMPf641ZQSVC91nVQCbBlJT > cv3kgr/J1TL8367eGBUtho0= > =fYYU > -----END PGP SIGNATURE----- > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (Darwin) iD8DBQFA4+IR8SG5rMkbCF4RAnCAAJ0QRj/hcnfUPWRQeVdNXMEUAOheCgCeLITG PP9HHTC9WTm6wM28EjwiShA= =gNLI -----END PGP SIGNATURE----- From jharris at widomaker.com Thu Jul 1 15:25:28 2004 From: jharris at widomaker.com (Jason Harris) Date: Tue Jul 6 16:43:05 2004 Subject: key count, 2004-06-06 (+ duplicates by short keyid) Message-ID: <20040606200843.GR2103@wilma.widomaker.com> As of Sun Jun 6 19:30:00 2004 UTC, there are 172029 v2/v3 pubkeys, 1844621 v4 pubkeys, 1858528 subkeys, and 1793 duplicate (short) keyids on keyserver.kjsl.com. The duplicates appear below, sorted in reverse by the number of duplicates per keyid and then by keyid. This automated listing is more current than my manual list at: http://keyserver.kjsl.com/~jharris/duplicate_keyids.html and hopefully includes all the keys listed in it. (short keyid # of duplicates) DEADBEEF 4 6FC52472 2 6E849BB2 2 61DCAD84 2 59518C3D 2 10337301 2 FFEA1A95 1 FF86E089 1 FF6A6CA0 1 FF5F9A8D 1 FF495AD7 1 FF48CD90 1 FEEB7515 1 FEDF1BB3 1 FECB35D4 1 FEA05E06 1 FE9F8A51 1 FE69E918 1 FE61A9AE 1 FE5077F1 1 FE35FFBF 1 FDC940E7 1 FD7DB54D 1 FD3E3C28 1 FD04D2C9 1 FCEF82E1 1 FC2AD841 1 FC16E008 1 FBEB0BD6 1 FBDA93F0 1 FBD826F1 1 FBC324F6 1 FBB4F7B8 1 FB159E0D 1 FB14C5C7 1 FAEBD5FC 1 FAE0A994 1 FADFCD89 1 FACCD6D9 1 FAA99F8C 1 FA97182E 1 FA6176B4 1 FA00F4C7 1 F9DF3BF9 1 F9D0D26C 1 F9B4FB55 1 F99B11F2 1 F9826058 1 F91B36F2 1 F8FFD2F6 1 F8CA5F37 1 F8C6AACB 1 F831179D 1 F821C7C3 1 F80BD0FC 1 F7D25A87 1 F7C8A4F6 1 F790CE44 1 F773DE29 1 F76D77B9 1 F752FF43 1 F7482D02 1 F6FD5F57 1 F6D3E297 1 F6C7674A 1 F62A9198 1 F62591B5 1 F6119336 1 F5DF448C 1 F5D9D05E 1 F592EC30 1 F57F15E6 1 F527C750 1 F50BABB6 1 F4E3451D 1 F4C14E0B 1 F4B16D4B 1 F49FF063 1 F49E7EA5 1 F437FBB6 1 F4313A10 1 F4158062 1 F4102A7E 1 F3FCA949 1 F3F1D119 1 F3B7DE70 1 F397F98F 1 F37CB526 1 F35EE110 1 F35427EF 1 F34A75EB 1 F32BA4E7 1 F2F6EE93 1 F2F69F23 1 F2EEFCAB 1 F2DE1C64 1 F29E66C6 1 F28D86F3 1 F283C630 1 F22B91C1 1 F22A0263 1 F21C6560 1 F1FE5367 1 F1CF1800 1 F1C3EE5F 1 F1ADA78C 1 F18E3037 1 F185844A 1 F13972CD 1 F0FF4CF9 1 F099168C 1 F092ABFF 1 F07BD1EC 1 F00001BA 1 EFE465C9 1 EFDB4DFF 1 EF4F7D9B 1 EF4B2B1B 1 EF36997B 1 EF1A0D9D 1 EF1334E3 1 EF045A4A 1 EEEBC3CA 1 EEB93047 1 EE921CC1 1 EE841041 1 EE74769A 1 EE6C909D 1 EE6A1D59 1 EE4E9CBE 1 EE4949C9 1 EE190C59 1 EDAAE59C 1 ED58D277 1 ECF84952 1 EC9E1DFB 1 EC5665F4 1 EC28990F 1 EC0B60A5 1 EBFE19B1 1 EBFCEE57 1 EBF7584B 1 EBF5437B 1 EBC1AD29 1 EB9A9B36 1 EB73A58F 1 EB59D2E5 1 EB41899C 1 EB2CB21A 1 EADAF319 1 EAC003F8 1 EABF58FA 1 EA493162 1 EA330727 1 EA1D232D 1 EA070B69 1 E9FD0549 1 E9D500CD 1 E9C3AE75 1 E98CCB7F 1 E97A51C2 1 E9328E33 1 E8DAC5E0 1 E8B3A39E 1 E8AC04AA 1 E88C93C7 1 E86DAA49 1 E84F4732 1 E84BD0F1 1 E8344447 1 E7F1ECA9 1 E7DBE6F0 1 E76723FE 1 E73407C9 1 E7207217 1 E71E928D 1 E7165CA8 1 E6F2E251 1 E6E9E432 1 E6D5DF42 1 E6CB1A65 1 E6856DE5 1 E6738B71 1 E60847F4 1 E5E310C9 1 E5C37E59 1 E5B0BB4F 1 E5526149 1 E5522013 1 E5518D56 1 E537F0FE 1 E52A5A90 1 E515AF36 1 E4FEF2C9 1 E4FC38AC 1 E4EBA0D5 1 E4E8E13A 1 E4D4A010 1 E4CBBC73 1 E4C1F455 1 E4BE7B9F 1 E4BD2401 1 E490B8AF 1 E48A7A7A 1 E481CE40 1 E46B98D5 1 E428B785 1 E415B338 1 E412528C 1 E4095839 1 E3F014C2 1 E3E9DFE1 1 E39AFA69 1 E36B0F9C 1 E35AA856 1 E33CE394 1 E320CC89 1 E31CF95D 1 E316E1C6 1 E2F9E87C 1 E2A654C2 1 E29BC79D 1 E269EE80 1 E22C01C1 1 E21A58C3 1 E210E9B1 1 E207DF53 1 E1E33DA3 1 E1A695D1 1 E1762D0A 1 E14758B7 1 E146913F 1 E1247F0C 1 E113492A 1 E0F33253 1 E0C1EF35 1 E0AEC5B2 1 E0261027 1 E023BC6A 1 E018A303 1 DFB2B0D0 1 DFB196B0 1 DF5D2870 1 DF480802 1 DF3E8ED0 1 DF160971 1 DEFCD2FB 1 DEED60C0 1 DEB38CFD 1 DEB36882 1 DEA0382F 1 DE5D2D89 1 DE4A83AE 1 DE3E6789 1 DE1C3DFA 1 DDB289D4 1 DDA3F71E 1 DD5E53C0 1 DCD2E949 1 DCA936D8 1 DC6F4AF5 1 DC3C73D1 1 DC294139 1 DBC8486E 1 DBACFFB8 1 DB612E04 1 DB54F1EE 1 DB5498C8 1 DB417E40 1 DB2FD68E 1 DB2E641C 1 DB13EFA4 1 DB127C12 1 DAFD9EEC 1 DAFCC82E 1 DABF1902 1 DAB62EDC 1 DA9240F5 1 DA83C1B0 1 DA68AA9B 1 DA602DD1 1 DA4741A2 1 DA3F9441 1 DA3E21F5 1 DA0516CE 1 D9FC04D7 1 D9C18885 1 D9B2495D 1 D977F7ED 1 D95D2131 1 D94B31F0 1 D94A5D84 1 D93ED534 1 D923B439 1 D8F23CA8 1 D8E61860 1 D8C8F3ED 1 D873C5A9 1 D856E1D3 1 D801ECFD 1 D79DA15F 1 D79842FB 1 D74C5F79 1 D74C546E 1 D747690B 1 D730FAAF 1 D730EEB9 1 D7289701 1 D7105B74 1 D70D2A7E 1 D6E0FD64 1 D6CE34D6 1 D6C2440E 1 D6B4889B 1 D669140C 1 D6603892 1 D64E3F6D 1 D642143E 1 D624D56A 1 D5DC1BF9 1 D5CF5A50 1 D5C96F11 1 D5B4A430 1 D5B47A46 1 D5A12271 1 D596E7D4 1 D5926B78 1 D58CB69D 1 D56C1743 1 D5276C2F 1 D50B5187 1 D4F76FE9 1 D4EC72AD 1 D4E3ECAE 1 D4B98B53 1 D49B0275 1 D483E12A 1 D42B9CB1 1 D420D5CE 1 D4135633 1 D3FA450C 1 D3D9FF2A 1 D3AE4BA1 1 D3ABD4E3 1 D37E3362 1 D3613155 1 D32F3547 1 D2B47918 1 D268335B 1 D24A2ABB 1 D23C47FE 1 D1C3696E 1 D1BD8CAD 1 D1AD0821 1 D1A0E42D 1 D111E820 1 D0FA3598 1 D0AFA10B 1 D09ECD9F 1 D0961561 1 D0422188 1 D040CACC 1 D03C17F9 1 D03B4865 1 D032E6A8 1 D02B940F 1 D00F2CDE 1 CFD28B45 1 CFA0C8B0 1 CF924D61 1 CF6B5950 1 CF62D0C4 1 CED37FF7 1 CEAC5C00 1 CE9FA937 1 CE7D0067 1 CDD050C3 1 CDC5A1B7 1 CDB07D73 1 CDAF7557 1 CD4F0C21 1 CD3891F1 1 CD20BD7D 1 CD07DC2C 1 CCFF0104 1 CC8C470A 1 CC66E722 1 CC12E8FB 1 CBFDDC1F 1 CBAC8696 1 CB649C90 1 CB501A68 1 CB12F02F 1 CAF09C61 1 CAC44D51 1 CAADAC28 1 CA7CA2A5 1 CA7BAB0A 1 CA57868A 1 CA0D9524 1 C9EFF417 1 C9EA8406 1 C9E73AC3 1 C9E1AF7E 1 C9E0C417 1 C99E9B78 1 C965C4A5 1 C9336CC9 1 C8D7DE5D 1 C8A2836F 1 C8632747 1 C8568F66 1 C8344E2E 1 C7A119B5 1 C7806863 1 C752847A 1 C7399C7A 1 C71C9220 1 C7138A01 1 C6C80B8D 1 C6C6E310 1 C68357E2 1 C663621A 1 C6501016 1 C62AD0A0 1 C603B705 1 C5FF0A21 1 C5DC8A3A 1 C5C76C81 1 C5B6107F 1 C5A196B9 1 C5334C52 1 C4F26949 1 C4D5167C 1 C4798E05 1 C4786479 1 C40DA8E8 1 C3EB7DE5 1 C3AEACC3 1 C3A66724 1 C38D2A3D 1 C3826A03 1 C34910D0 1 C33603C1 1 C31D3929 1 C30BC6E5 1 C2D3A6DA 1 C21F4F00 1 C1DC35BC 1 C13BF36E 1 C11F6F3B 1 C0BA470F 1 C07ED679 1 C008C0A6 1 BFB528B7 1 BFA35666 1 BF71BDF4 1 BF5A3D1A 1 BED13542 1 BEC507D1 1 BEC10F93 1 BEAE0747 1 BE7B3AA2 1 BE378C4F 1 BE283571 1 BE1B98D8 1 BD81AE64 1 BD6D1A49 1 BD0FD942 1 BD0C16C4 1 BCAAA04D 1 BC799D53 1 BC6102C6 1 BC56D27C 1 BC349218 1 BC233281 1 BC0A530B 1 BC047C0A 1 BBF961F9 1 BBDAD91B 1 BBD92EB1 1 BB44B70C 1 BB35C66D 1 BB34BB9B 1 BAFC0363 1 BAF40252 1 BAEF1196 1 BA6CD06E 1 BA45BDF6 1 BA099952 1 BA08D0D4 1 B9B71C4C 1 B99F8379 1 B9869872 1 B986484E 1 B902E268 1 B8D3D51F 1 B8B539C8 1 B8B1D870 1 B877EAF4 1 B86E1155 1 B847F1D1 1 B8384117 1 B8170D80 1 B813BF46 1 B7F26B77 1 B7EE92C6 1 B7D1ABBF 1 B7BD960F 1 B7A464F9 1 B77AC4C9 1 B7683091 1 B753388D 1 B73FDC72 1 B7373685 1 B6AF2183 1 B6A8B7DC 1 B6995831 1 B6746995 1 B671B1EE 1 B62F43F9 1 B5CB72B7 1 B5A431FC 1 B5984048 1 B58F6E0C 1 B57D2192 1 B554F710 1 B51F25AE 1 B509FFB3 1 B4AE8D20 1 B4A70D4D 1 B470FE8A 1 B46DC1B1 1 B44078FB 1 B3E99F8C 1 B3D737D6 1 B3D693F2 1 B3D0A7B0 1 B3CD9812 1 B3C99E28 1 B3B8C015 1 B36E4C28 1 B33CFFF0 1 B3148FD4 1 B301618A 1 B2FD738B 1 B2F84AED 1 B2964921 1 B2620BB7 1 B253A92C 1 B2324431 1 B2305050 1 B20D9A65 1 B1F3E29B 1 B1CC6BD0 1 B1BB3676 1 B18C014F 1 B1793A97 1 B173A7B4 1 B1699533 1 B163261F 1 B162429A 1 B13572B7 1 B12BFBCE 1 B12A9E03 1 B121F847 1 B1150D44 1 B1054E2B 1 B0DF3092 1 B0C41186 1 B0B12CAB 1 B0946332 1 B07C9D47 1 B059FF01 1 B0509FBE 1 AFD17D59 1 AF99F592 1 AF85FF26 1 AF62EB67 1 AF3E9638 1 AF275805 1 AEEB8B5B 1 AECE4A7A 1 AE7472A5 1 AE5871F3 1 AE55B221 1 AE433DE3 1 AE19E0C8 1 ADDD90C4 1 ADDA78BE 1 AD5D2D2B 1 AD1556E6 1 ACD658F0 1 ACAB37E1 1 ACA06F77 1 AC8AAEF9 1 AC879B8C 1 AC77066A 1 AC63A600 1 AC39BBA2 1 AC30B989 1 AC03601E 1 ABDAA3DA 1 ABAFAD6E 1 ABAA3C90 1 ABA3AE8F 1 AB145AD0 1 AB0DDDFB 1 AAB5538C 1 AA7DD5D9 1 AA6B8C07 1 AA6451DB 1 AA6330DE 1 AA2D3D51 1 A9F83387 1 A9E781C0 1 A9C747A7 1 A9C1DA04 1 A985450F 1 A956406D 1 A9117B51 1 A8CC5B8D 1 A8BF6085 1 A8B35D11 1 A8A369C9 1 A89E8BF2 1 A86F98CE 1 A7C3B5F9 1 A7B26A1A 1 A76D53F5 1 A768291F 1 A74300B3 1 A712FDC0 1 A710A4A7 1 A6ECA8F3 1 A6DE7508 1 A6DE1F89 1 A6C7836D 1 A6452044 1 A6371EFC 1 A5FC0936 1 A5DAF484 1 A5BF15B6 1 A5A2EDE5 1 A56E15A3 1 A55AAECF 1 A546C9E9 1 A52B06FB 1 A513EC05 1 A4C5A65D 1 A4B119CE 1 A4973A65 1 A48CA749 1 A480F8D3 1 A47C2E15 1 A459E563 1 A41D767D 1 A35FD3FC 1 A35EA3D1 1 A34B3553 1 A3166F17 1 A3146596 1 A2FD4AF7 1 A2CADC81 1 A2B9A085 1 A25837CC 1 A2120CD4 1 A2080434 1 A1FBC4DF 1 A1C71AC6 1 A1AB8452 1 A1A5917C 1 A1A4E5D2 1 A19EE6FA 1 A127B880 1 A1271B4E 1 A11DA8F2 1 A0C5B0D6 1 A0C2AC69 1 A0A12B52 1 A08C20BD 1 A076FB94 1 A04C4CB0 1 A03588F4 1 A00006C8 1 9FEFA726 1 9FD7A290 1 9FCB8F11 1 9FC561A1 1 9FBDD7A0 1 9FB3FAD2 1 9F4DD493 1 9F1C26AF 1 9F0B7674 1 9EDD895D 1 9EC3E1C1 1 9E8480BD 1 9E7A3BCB 1 9E66EAE6 1 9E2CB1AB 1 9E136429 1 9D886B88 1 9D701AD1 1 9D69CE01 1 9D5EC10D 1 9D5A28C5 1 9D41A5E0 1 9D311099 1 9D23D715 1 9CCD4C36 1 9C977DC6 1 9C797A33 1 9C62C238 1 9C2607DE 1 9C07D7E1 1 9BF76715 1 9BDC67B7 1 9BCCB299 1 9BC6E569 1 9B91477D 1 9B81FBEA 1 9B4A16A2 1 9B453F02 1 9B21CC3D 1 9B097544 1 9B01B926 1 9AEA8E7C 1 9AE95DB4 1 9ADC3F22 1 9AD2D787 1 9ACE8476 1 9AA829DD 1 9A6B2ED1 1 9A5FF152 1 9A2E7CF3 1 9A295B04 1 9A05C531 1 99F5A28D 1 99DC18FF 1 99C88F47 1 99BDA4A1 1 999F8048 1 9997BEFD 1 99827D58 1 99698A01 1 99659458 1 9939DA76 1 9910E565 1 98E9D53D 1 98E8562D 1 98B85A14 1 98B3C089 1 98AFE82E 1 98AB344B 1 988D16E5 1 987D847D 1 9857D0AC 1 98453972 1 97E11812 1 97DFB49B 1 97CB4AA7 1 97C54618 1 97C07C3C 1 97B02B9F 1 9765F187 1 975CA949 1 973C1033 1 972CE23B 1 96E8EEDA 1 96BC6AEE 1 96B31AB2 1 96B128E0 1 96935B9C 1 9686D87A 1 9680419D 1 967DC5DD 1 967885A6 1 9652ED31 1 965238F3 1 96348FD1 1 95EF1453 1 958BC6BA 1 9585AEE2 1 95063EB5 1 94E52A28 1 9488E5F9 1 947C42DF 1 9460EF34 1 942F97AC 1 941DCFCD 1 93CFD861 1 938883D3 1 93738FC3 1 9364F4F4 1 93157581 1 92EE7592 1 92C11F27 1 92987D92 1 928F323D 1 924F0AE6 1 9216F7C3 1 91A89703 1 9189AC99 1 917FAE6B 1 9150E5B0 1 9134EA18 1 9131544A 1 90EA2F9D 1 906E7BA0 1 903C18AE 1 9009BA70 1 9003D406 1 8FF8A5FE 1 8FD86BA7 1 8FA45433 1 8F4B50B0 1 8F4AAFE7 1 8F1DCFA4 1 8F1C5E0A 1 8F103CDE 1 8EC4070F 1 8EB3039C 1 8E9A7257 1 8E913541 1 8E813F21 1 8E6C5CB9 1 8E69EECE 1 8E5222DD 1 8DDFBFE6 1 8D89BF15 1 8D7EAD6B 1 8D56CB67 1 8D315505 1 8D0B88F3 1 8CFC045E 1 8CF85F2D 1 8CDECCCE 1 8CB97256 1 8C90A57F 1 8C8EB1F0 1 8C68A2D0 1 8BE42553 1 8B8D1E9D 1 8B5BEF71 1 8AAEE315 1 8A963CA6 1 8A34ABA7 1 8A20D87D 1 89F0B16D 1 89D7CB14 1 89B5EF29 1 89B5CEDD 1 898040B7 1 89694C4C 1 891F9237 1 88FBB364 1 88ED08C5 1 88EBF681 1 88E56929 1 88A2E2C9 1 88956A20 1 8884F4BA 1 8880D131 1 8844B415 1 880F1F45 1 878AB4DB 1 877A446F 1 876F1A2D 1 8767061F 1 87643D9E 1 875DD099 1 8736A158 1 87274DB7 1 87215224 1 86E9F8D4 1 86A8BA32 1 8695A967 1 866A3DAD 1 864387D5 1 8626AC55 1 86224F18 1 8615F33E 1 8601AF9C 1 85F53CA8 1 85ECA856 1 85E5A62A 1 85CFC6EF 1 85875053 1 8575A580 1 85490143 1 8545F21C 1 85365895 1 853654B5 1 84A24375 1 84800409 1 8472E971 1 846D581E 1 84499C79 1 843EBE20 1 843A3360 1 84006A4E 1 83E4CA95 1 83989776 1 838E25BF 1 834DA0A9 1 834733AC 1 833837CC 1 82892AA3 1 82677E75 1 8236BBFA 1 81DC42DD 1 81CAA485 1 8173F9A9 1 8162F90D 1 8104A699 1 8100C470 1 80A991E6 1 809E90F5 1 8092DA51 1 8053BF89 1 80474F32 1 8038ADD1 1 800DAA6E 1 7FFEDDFA 1 7FE905CC 1 7FC625DA 1 7FA098B3 1 7F937764 1 7F5EFE30 1 7F46702F 1 7F2FA038 1 7F0585F1 1 7EDBEC4E 1 7EA2E8EC 1 7E971FAE 1 7E785D53 1 7E5E91ED 1 7E334162 1 7E1D050E 1 7E0E2801 1 7E02424C 1 7DFB3738 1 7DDAB28F 1 7D688F15 1 7D4EC548 1 7D047EB3 1 7D01FA48 1 7CFF623B 1 7CC1E713 1 7C18488D 1 7BFE3FC1 1 7B6A2997 1 7B3FECA8 1 7B22F4FA 1 7B0F054F 1 7B0EC78E 1 7B08536A 1 7AE9EAC7 1 7AA7A28B 1 7A818722 1 7A4A5F53 1 7A0E8801 1 79A29990 1 798CF548 1 79780805 1 7974C95E 1 796B3439 1 7958AD6F 1 792F6885 1 78AC0AF8 1 787E18A4 1 78695CFD 1 784E6BBF 1 781E0E81 1 78130F32 1 77FCAE8E 1 77F476CC 1 77E19C76 1 77A3FBBB 1 779A9891 1 77984DDC 1 77486DCF 1 772B6551 1 76AE7175 1 768D627E 1 7688AA16 1 76781382 1 7649131D 1 764183DD 1 763C940C 1 7636F92E 1 760A972F 1 75CA9E60 1 75AA6352 1 758C6BC5 1 7543B782 1 74D35A55 1 74CD1041 1 74B8918F 1 7457B219 1 74303CA8 1 740F69ED 1 73C51AFC 1 73043469 1 7300B960 1 72F3AD39 1 72D98613 1 72D5E7B4 1 72CADA85 1 72B4D960 1 72A6A02D 1 728E84AD 1 72787E1C 1 722A7990 1 7208F11E 1 717161AE 1 716EB518 1 71668B91 1 71579DFD 1 71422425 1 70FFF9E2 1 70FC2835 1 70FA79A3 1 70F7362D 1 70DCD4F2 1 70D64C49 1 70AE18FC 1 708F21A0 1 70819317 1 705A7DBF 1 70555EB4 1 7027CBFA 1 6FF8AD8A 1 6FEE4A9D 1 6FE71551 1 6FE3B1F4 1 6FD1C1C4 1 6FCD8A93 1 6FCB62BB 1 6FC9E91D 1 6FAFC661 1 6FA09C8B 1 6F9C1DBE 1 6F57602C 1 6F4ABFC8 1 6F39F385 1 6F202346 1 6F1FD824 1 6F0747C6 1 6EA9656E 1 6E940539 1 6E3A63C3 1 6E269F33 1 6E03252F 1 6DC986EF 1 6D816342 1 6D4E678A 1 6D3C7479 1 6D3AF72C 1 6D20B645 1 6D0589F6 1 6CACA598 1 6CA05373 1 6C876CEC 1 6C7F11DE 1 6C66EC2F 1 6C6481CA 1 6C6133BD 1 6C32639E 1 6C1DC67B 1 6C1C1DB2 1 6C195A5F 1 6BFDB5B1 1 6BE64D50 1 6B8B4141 1 6B75150E 1 6B481AB2 1 6B3DC50C 1 6AF17EA7 1 6AAE7A60 1 6A8F3B36 1 6A4C83F3 1 69CF3E39 1 69CAA252 1 69C65B1B 1 69A97E35 1 69877383 1 696AF4E5 1 693BA922 1 6914D9E9 1 691281AA 1 68E65C33 1 68C746C5 1 68B9F2E1 1 689F0C80 1 68967AC6 1 68601497 1 67F71227 1 67F19C8D 1 67CFC0D4 1 67C0A6FE 1 67A39D11 1 679A7B31 1 6798ACDF 1 67800C7C 1 66FBDC22 1 66811C6E 1 666F51C8 1 65CCF300 1 65BFC16D 1 65B51E0D 1 657ACDEC 1 65516DAA 1 654BC86B 1 6538D16B 1 64D4C5A3 1 649701F6 1 6469923A 1 642DC3B5 1 6401A109 1 63DB2AC5 1 63BEB808 1 638D221A 1 6354A474 1 630D1137 1 630C2C80 1 63037F7F 1 62FD6545 1 62CAD444 1 62AA84B2 1 629EC328 1 6291B7B3 1 62464A3C 1 621FFE5D 1 6211000E 1 61F3445D 1 61D9DBEC 1 61BAD897 1 619F548A 1 61968F51 1 6195CC02 1 615B9A33 1 613BD2F9 1 6125A9AD 1 60E1FFD3 1 60DB165B 1 608BB3C9 1 60759D09 1 6062FDA2 1 60497BF4 1 603A161E 1 602ABD10 1 6017BDD7 1 60154CD5 1 5FB423B6 1 5FA63B8D 1 5F9F4379 1 5F4B6D40 1 5F33F7B7 1 5F2986D2 1 5F26D087 1 5F244ECA 1 5F1141A5 1 5EFD3DC1 1 5EE8F65A 1 5EE76F85 1 5EB90F67 1 5E986314 1 5E181A6D 1 5DF6AE1D 1 5DECF171 1 5DB5C01B 1 5D9EFC4D 1 5D7CD8AE 1 5D7C5207 1 5D460BB2 1 5D0E2861 1 5D0D8A0D 1 5CEDB0EF 1 5CE2CE5E 1 5CDC5684 1 5CC0B513 1 5CA46E7D 1 5C995945 1 5C8415AF 1 5C75D890 1 5BEE687D 1 5BEADB3D 1 5BE97622 1 5BE524E9 1 5BB03781 1 5BA36BE1 1 5B927374 1 5B3F9640 1 5AF343D0 1 5A8BE3F5 1 5A84B219 1 5A7B6A54 1 5A73C98E 1 5A62D6B1 1 5A1D8BD3 1 5A1A5201 1 59C25118 1 59BA6993 1 596B51FD 1 5958E083 1 5930BDC7 1 590C575C 1 58D766D1 1 5819CF01 1 580545C6 1 57C71C82 1 57A96C80 1 5798556B 1 5768246C 1 5767735F 1 5742B46E 1 57190CE2 1 56AC4D6B 1 569D00EC 1 567BA000 1 566CE73A 1 566AB279 1 55EBF239 1 55CBCAC2 1 55B2D6C2 1 55AD1433 1 55A49D93 1 553569BE 1 547E6907 1 54508B3B 1 544E17D6 1 53E0EEE4 1 53BFC700 1 53651DE3 1 532414CE 1 52E7B5EE 1 52E4D0DB 1 5214057B 1 51FD1E64 1 51FC68CA 1 51F7AA99 1 51F79498 1 51F3DD2B 1 51DE75E4 1 51AC728B 1 51A4488C 1 5188FF6D 1 5180DF5C 1 514A86F1 1 5113A93E 1 50C64A83 1 508728F1 1 506F036A 1 504B34F0 1 50238A9D 1 4FBAF1A6 1 4FA75F05 1 4F709D15 1 4F57456E 1 4F275C49 1 4EE218A7 1 4EE04BC9 1 4E999D75 1 4E54E46A 1 4E062DFC 1 4DDFC7CF 1 4DC90D11 1 4D9D72EA 1 4D5C52B1 1 4D34A0EF 1 4D2294BD 1 4D22032A 1 4D082587 1 4C621713 1 4C22B70B 1 4C1A7F18 1 4C0D1EC3 1 4BAE5061 1 4B99D24A 1 4B8FFF5D 1 4B82FC4C 1 4B63C3B2 1 4B35C392 1 4B2BE9F1 1 4B1B86E5 1 4B1202C0 1 4AF8FC3E 1 4ADD98C6 1 4ACD8F49 1 4A90AD06 1 4A8BEC8F 1 4A87734A 1 4A2B7F33 1 4A1E9476 1 49C60322 1 49BFBFD0 1 49561B91 1 49299FCD 1 490C5BCE 1 4903984A 1 48D8CDDE 1 48991887 1 48289587 1 4827DD7F 1 48229794 1 47FF0547 1 47E78BE8 1 47C6D5FA 1 47B81485 1 47B57B32 1 47A7606C 1 479B59A6 1 478BF40C 1 4781CE09 1 47773F6C 1 475DD6E1 1 4740FECC 1 472F50B5 1 46FADE2B 1 46E18F5F 1 46E09E1D 1 4650D196 1 46509089 1 463F7174 1 463C5060 1 45DD2581 1 45B283E1 1 45A6E792 1 45708711 1 456FF437 1 454208FC 1 45402B60 1 44F56AE5 1 44764DFB 1 44657857 1 444FCABD 1 4442A170 1 43BDC7E8 1 43B726C5 1 43A75E60 1 4386FD2D 1 4375BA12 1 43714484 1 4363B423 1 434B21F9 1 431C9CAF 1 4318F5A3 1 4318372B 1 42FE92FE 1 42FBC3DC 1 42F0A0A0 1 42619341 1 424AF333 1 421ADB86 1 41CCA7BE 1 41712E8E 1 41579935 1 4131A403 1 40B8AAA5 1 4085FA17 1 406A3EF1 1 40454420 1 40380DE6 1 402C84BD 1 3F924C4C 1 3F790C63 1 3F5E1D96 1 3F297F37 1 3F021CEE 1 3EF0FE84 1 3EED622B 1 3EDDE3E8 1 3E8A7ADC 1 3E7E6EDD 1 3E450097 1 3E0DE786 1 3E0A7183 1 3DFDF9F4 1 3DEC86EB 1 3DDAF9A4 1 3DD29D15 1 3DD1D416 1 3DCE5DE7 1 3DA44272 1 3D7D41E3 1 3D4AA34B 1 3D45029A 1 3D2A7407 1 3CED4507 1 3CEAFBFD 1 3CB0A5B0 1 3C8062DD 1 3C777CC5 1 3C338C6C 1 3C0BE998 1 3BECB6CD 1 3BE8B3FF 1 3BDFE03F 1 3BD632AF 1 3BB3B286 1 3B80E74C 1 3B693818 1 3B2948E9 1 3B1D9DF6 1 3B03BF01 1 3AE1ECD5 1 3AE04EAD 1 3ADE1B26 1 3AC7B6F9 1 3ABE47FC 1 3A882409 1 3A43827A 1 3A2F6830 1 3A2E2E9F 1 3A27D00C 1 39F5E107 1 39E6F085 1 39AD3E14 1 39AB7A89 1 39708D15 1 395B2E0C 1 3941360B 1 393A67EB 1 391CF57F 1 39199DBA 1 391627C5 1 38E95B78 1 38B514DA 1 38A4A841 1 38838E3F 1 385107B4 1 382EFDC3 1 381C352C 1 37EC15D0 1 37E204E2 1 37B7EB70 1 3791AA27 1 377FE07F 1 37193EE4 1 37020CA4 1 36F11F8D 1 366C5442 1 35AAA6B9 1 3584C3FE 1 3542CB68 1 3532B0CC 1 352F659A 1 34CAFEEA 1 34B3EBB4 1 34810F32 1 346D4282 1 34677F93 1 3463BA9C 1 345ED6CC 1 34596799 1 342AB185 1 341BA168 1 34143D7F 1 340B887F 1 33A19563 1 338D6FB9 1 335F5FF8 1 334FFCE3 1 32F9D082 1 32E78C9E 1 32C6C7E9 1 3298FECC 1 32443AE8 1 3218899B 1 320A5809 1 3203B408 1 31FB10F9 1 3174D7C6 1 3165E3DB 1 316366F5 1 311CEE01 1 3119C062 1 31017307 1 30C150CE 1 30AADF87 1 309B05DD 1 308D8740 1 304AE829 1 2FCBD9BC 1 2FB8C6A9 1 2F95EFD3 1 2F442E7C 1 2F3F47AD 1 2F2BE408 1 2F0764D8 1 2EFFAA0D 1 2EF88DD4 1 2ED6FC89 1 2EBAAE4C 1 2EB2FE5E 1 2E9859B0 1 2E478D2F 1 2E0EFE48 1 2DEC55D9 1 2DE973C3 1 2DE4A992 1 2D81B2FD 1 2D6D1CF3 1 2D0B163B 1 2CD059FB 1 2CC326B2 1 2CBB6E90 1 2C99011A 1 2C7893A8 1 2BF28C1C 1 2BE3033A 1 2BD61950 1 2BCCCDF9 1 2BB98F61 1 2BB42445 1 2BA4F30A 1 2BA1992A 1 2B4BC5C1 1 2B44CE3B 1 2B287ED5 1 2B143BCA 1 2AF489DA 1 2AB4E7E3 1 2AAC7244 1 2A83F1C6 1 2A82FD06 1 2A520B71 1 29B4CABF 1 299A88AC 1 29640C53 1 29476C7C 1 2946DEE2 1 29200DE5 1 2905288A 1 2904A433 1 28E9F1D6 1 28CE6BE5 1 28C3CC97 1 28B654FA 1 2860B957 1 282F5301 1 27EAC459 1 27C030C5 1 27B9ADB6 1 27848427 1 277A5385 1 276B7ABC 1 274B98A3 1 2737C04D 1 2724373D 1 26E6C236 1 26DE4D33 1 26C840ED 1 26C6E439 1 267DA49D 1 266B52ED 1 266353CE 1 265FDFF0 1 2652C53B 1 26486DD3 1 2617A882 1 25FBD1DB 1 25D89166 1 25D37C99 1 25C1D1C5 1 25C0A858 1 257018C3 1 2533ACAD 1 25058797 1 25022112 1 24CB26B9 1 24BBC063 1 249989A9 1 2468D45F 1 2435F628 1 2433B4CD 1 24318396 1 240498A9 1 239CF1EC 1 23826A9C 1 2359D67D 1 2331D852 1 2327F354 1 231926BC 1 229F7587 1 228E15F9 1 2289BA06 1 2275DD7D 1 225CA009 1 224C368B 1 223E9149 1 223C9DBD 1 223726AF 1 221EDC21 1 220DAA23 1 21A799A4 1 21A754A9 1 21A13B16 1 218D9BD4 1 214F783D 1 20EB5597 1 20DA8DA5 1 2053BF70 1 2051536F 1 201C2A70 1 201B55DF 1 1FF93337 1 1FF32DEE 1 1FE70BE2 1 1FDCA0D0 1 1FD5B72E 1 1FC376B6 1 1FBE7C43 1 1F79D1C6 1 1F43255F 1 1EFFBA41 1 1EDFAA11 1 1EA5D6B1 1 1E8E1B36 1 1E88BF71 1 1E3E0B8E 1 1E29E27C 1 1E1C8E52 1 1E0DDA12 1 1D8709F3 1 1D46E463 1 1CF177EE 1 1CE774F5 1 1C917B65 1 1C8CD39A 1 1C5A59AB 1 1BFBDAFE 1 1B9C2C77 1 1B389331 1 1B245ED7 1 1B0AD801 1 1A96577E 1 1A769744 1 1A6F4F8E 1 1A5665D6 1 1A25D86C 1 19EB7462 1 19E8AFFE 1 19980101 1 193979FE 1 192DFC86 1 191A566C 1 18FF24C5 1 181C7A86 1 18154164 1 17307658 1 171CAA4A 1 16F4289E 1 16F1BB82 1 16DD8FD5 1 16144C84 1 15EF5BF3 1 15B5D2CC 1 15AF5F92 1 159789FB 1 15529C79 1 15422EE3 1 14E5FA20 1 1493A535 1 1485F4E5 1 14795CCB 1 141A61C8 1 14031225 1 1400A529 1 13ED6FD7 1 13ED62A2 1 13E55141 1 13BAE516 1 13BA9CB7 1 136D6A40 1 136CAE4F 1 1328612C 1 132811C2 1 132294C2 1 13147802 1 12FFF8AB 1 126EB674 1 121062DE 1 11E4B0A8 1 11C545ED 1 11983878 1 1131B260 1 1126FC80 1 1109BB9C 1 107E8E01 1 10325C4C 1 10286889 1 0FEA3255 1 0FB6FE04 1 0F752DEB 1 0EB8D771 1 0E845B46 1 0E8315C8 1 0E76AD39 1 0E524168 1 0E04CB22 1 0DCB908F 1 0DC6BF21 1 0D53AFD5 1 0D4F6575 1 0D090C01 1 0CA7D261 1 0C5C53E1 1 0C38637F 1 0C0DFEFD 1 0C0DDFAA 1 0BFA074E 1 0BA85EB1 1 0B4A53CD 1 0B388C6F 1 0B13ED43 1 0AEB4BDE 1 0ADAAD89 1 0A9E090E 1 0A8BBB87 1 0A8A57EF 1 0A5CC571 1 0A503E41 1 0A35FDE3 1 0A163BCE 1 0A0F1541 1 09ECAD67 1 09D85B63 1 09804D87 1 0974755E 1 09612E92 1 094E7C4A 1 0932DECB 1 09256417 1 08B4322D 1 0884675A 1 086DE212 1 08666719 1 084ACEF8 1 08445403 1 08012EBC 1 07ED2832 1 07E6E55A 1 07E6C19B 1 07BC55B6 1 07AB8A93 1 07A65AC1 1 079BB351 1 077D28E1 1 0765885E 1 071355A9 1 070EE274 1 06DCE912 1 06318DBD 1 06269CC5 1 06238A9C 1 05EE0ADC 1 05E51435 1 0569BCB5 1 053C04CB 1 05038075 1 04F8B4D8 1 04BF290C 1 049E669F 1 04071F9F 1 03BB0A13 1 037DA89F 1 036F166E 1 036701B2 1 035CFDDC 1 0346CFC4 1 0332405D 1 02DA0278 1 02BA2FE0 1 028E5613 1 026F7782 1 024365B8 1 021E467B 1 02103F08 1 02054988 1 01FAE88B 1 01D6F21E 1 01D5548F 1 01681CF7 1 01307F03 1 0122F043 1 00FCC016 1 00E54666 1 00B57409 1 0073B461 1 00613384 1 00000001 1 -- Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it? jharris@widomaker.com _|_ web: http://keyserver.kjsl.com/~jharris/ Got photons? (TM), (C) 2004 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : /pipermail/attachments/20040701/88dbf5f5/attachment-0001.bin From rdmyers at MtPalomar.net Thu Jul 1 17:20:01 2004 From: rdmyers at MtPalomar.net (Rodney D. Myers) Date: Tue Jul 6 16:43:23 2004 Subject: list server problems Message-ID: <20040701082001.11cbe047@riverside> It seems that the gnupg.org mil server(s) is experiencing a week or so delay on sending mail out. So far this week, everything received from on the list is being sorted (on my machine with date filters), to my archive directory, since the date is over 10 days. -- Rodney D. Myers Registered Linux User #96112 ICQ#: AIM#: YAHOO: 18002350 mailman452 mailman42_5 They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. Ben Franklin - 1759 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20040701/8a20b4e6/attachment.bin From dshaw at jabberwocky.com Thu Jul 1 02:30:59 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Tue Jul 6 16:43:31 2004 Subject: Duplicated User IDs arisen In-Reply-To: <7fae93ff43426783ac07cb97d3145269@biglumber.com> References: <20040617041120.GA11294@jabberwocky.com> <7fae93ff43426783ac07cb97d3145269@biglumber.com> Message-ID: <20040701003058.GA10523@jabberwocky.com> On Thu, Jun 17, 2004 at 04:29:42AM -0000, Greg Sabino Mullane wrote: > > What do you plan on doing that SKS isn't already doing? > > SKS fixed all of the PKS bugs and corruptions, but given > > the parameters and limitations of a public keyserver network, > > it seems that many of the remaining problems are inherent > > in the architecture. > > Users will be able to edit their own keys, including removing > signatures, uids, and even the whole key if they desire. All > changes (and additions!) will be made only be the owner of the > key. That's the big change. ;) How is this different than just using a web server with keys on it? David -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 250 bytes Desc: not available Url : /pipermail/attachments/20040630/6c13f5e6/attachment.bin From douglist at anize.org Thu Jul 1 05:04:37 2004 From: douglist at anize.org (Douglas F. Calvert) Date: Tue Jul 6 16:43:42 2004 Subject: subkey types and preferences... Message-ID: <1088651077.12405.25.camel@liberate> Hello, Is there any consensus about which signing subkey type is better, RSA or DSA? And or for that matter El Gamal vs. RSA for encryption? What are the merits/drawbacks of the different key types? The next questions are about the preferences for keys: pub 1024D/C9541FB2 created: 2002-02-27 expires: never trust: u/u sub 4096g/0CA2DB2F created: 2002-02-27 expires: never (1). Douglas F. Calvert (2) [jpeg image of size 4350] Command> showpref pub 1024D/C9541FB2 created: 2002-02-27 expires: never trust: u/u (1). Douglas F. Calvert Cipher: AES, TWOFISH, CAST5, BLOWFISH, 3DES Digest: RIPEMD160, SHA1 Compression: ZLIB, ZIP, Uncompressed (2) [jpeg image of size 4350] Cipher: AES, CAST5, 3DES Digest: SHA1, RIPEMD160 Compression: ZLIB, ZIP, Uncompressed Features: MDC Why does my image uid have different preferences than my first UID? I imagine that it is because the uid was added with a newer version of gnupg. Should I update the preferences of ID 1 to match those of UID2? And while we are on the subject of preferences are there any other preferences that I should update? I generated a test key with 1.2.4 and the default preferences are: (1). default default Cipher: AES256, AES192, AES, CAST5, 3DES Digest: SHA1, RIPEMD160 Compression: ZLIB, ZIP, Uncompressed Features: MDC I generated a new key with 1.3.6 and the preferences are the same except for the addition of the keyserver no-modify setting. I am most concerned about security and the overwhelming majority of my communications are with people who use gnupg. With that in mind should I go with the default updpref or is there a set of preferences that would match my tin-foil hat better? Finally, I noticed that werner's key 57548DCD, has more than the normal two digest prefs that I have run across. Out of curiosity is there a good reason to have a short or long list of preferred ciphers/digests? Thanks a lot... --dfc -- Douglas F. Calvert Email: dfc@anize.org Spam Inbox: maudet@anize.org From sbutler at fchn.com Thu Jul 1 17:40:44 2004 From: sbutler at fchn.com (Steve Butler) Date: Tue Jul 6 16:43:51 2004 Subject: Batch run Sun/solaris Message-ID: <01DF810538D204458C5FF938CCA6C510028859@hermes.fchn.com> Try a couple --batch --no-tty Here is how I have cron type jobs invoke encryption: gpg --homedir $homedir --batch --no-tty --always-trust --recipient $1 \ --output "$2.$ext" --encrypt "$2" -----Original Message----- From: gnupg-users-bounces@gnupg.org [mailto:gnupg-users-bounces@gnupg.org]On Behalf Of Deiter Scott Sent: Thursday, June 03, 2004 7:50 AM To: gnupg-users@gnupg.org Subject: Batch run Sun/solaris We are very new to gnupg we are running gpg to send data to one of our banks. If the userid logs on and runs the script manually all is well. However during the execution with in the job scheduler we receive this error. gpg: cannot open `/dev/tty': No such device or address So what parm or environment variable can we set to get past this error. everything else is running rather well. From greg at turnstep.com Fri Jul 2 04:36:02 2004 From: greg at turnstep.com (Greg Sabino Mullane) Date: Tue Jul 6 16:43:54 2004 Subject: Duplicated User IDs arisen In-Reply-To: <20040630151526.GA23924@northernsecurity.net> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > Thats nice, but how are you planning to talk to other keyservers (PKS, SKS > for example) that doesnt have this restrictions? Or are you going to create > a seperate keyserver network? Probably so. The existing system has some underlying weaknesses that will probably necessitate another network. - -- Greg Sabino Mullane greg@turnstep.com PGP Key: 0x14964AC8 200407012236 -----BEGIN PGP SIGNATURE----- iD8DBQFA5MpsvJuQZxSWSsgRApdlAJ9lfkls8Os8NPDMKukVKtQnLjgdhgCeMmpx JpYC74oTjDDGokCDLmzN3Bk= =3lj5 -----END PGP SIGNATURE----- From boldyrev+nospam at cgitftp.uiggm.nsc.ru Thu Jul 1 00:25:09 2004 From: boldyrev+nospam at cgitftp.uiggm.nsc.ru (Ivan Boldyrev) Date: Tue Jul 6 16:43:58 2004 Subject: GnuPG on Windows working with mailto keyservers? References: <200406300751.i5U7pkiw082167@gw.core> Message-ID: <97rbr1x5fb.ln2@ibhome.cgitftp.uiggm.nsc.ru> On 8791 day of my life Robert Golovniov wrote: > Hello gnupg-users, > > Can the Windows version of GnuPG be taught to work with the mailto > keyservers? Are there some guidelines for that? May be, with Cygwin. You have to install sendmail/postfix/exim or something like that. MS Windows doesn't have own mail subsystem, so you have to emulate mail subsystem of Windows. I saw somewhere oversimplified mail transport agent, but I do not remember details... -- Ivan Boldyrev Outlook has performed an illegal operation and will be shut down. If the problem persists, contact the program vendor. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 188 bytes Desc: not available Url : /pipermail/attachments/20040701/a8a325ce/attachment.bin From offby1 at blarg.net Fri Jul 2 07:04:42 2004 From: offby1 at blarg.net (Eric Hanchrow) Date: Tue Jul 6 16:44:03 2004 Subject: What does `sig!3' mean in the output of `gpg --check-sigs'? Message-ID: <87eknvrod1.fsf@offby1.atm01.sea.blarg.net> In particular, what do the exclamation point and the 3 mean? As you might guess, I checked all the documentation I could find, and even looked at the source (which wasn't illuminating). -- "New York Minute" is a textbook example of a film created as a "vehicle" but without any ideas about where the vehicle should go. -- Roger Ebert From wk at gnupg.org Fri Jul 2 13:26:28 2004 From: wk at gnupg.org (Werner Koch) Date: Tue Jul 6 16:44:09 2004 Subject: 256 Bit Key In-Reply-To: (Dave Sorg's message of "Wed, 26 May 2004 22:37:55 -0400") References: Message-ID: <876596tztn.fsf@wheatstone.g10code.de> On Wed, 26 May 2004 22:37:55 -0400, Dave Sorg said: > If I use GPG (or PGP) to symetrically encrypt a file using the Twofish > algorithm, does it use a 256 bit key? I believe I gave it 256 bits of > latency. Also, are the ciphers used in CBC mode? If so, how many > blocks are chained together? Yes, OpenPGP defines the use of the 256 bit Twofish variant. I don't know what you mean by latency in this context. OpenPGP uses CFB. With CBC obviously all blocks are chained together. Shalom-Salam, Werner From wk at gnupg.org Fri Jul 2 14:18:08 2004 From: wk at gnupg.org (Werner Koch) Date: Tue Jul 6 16:44:12 2004 Subject: GNUPG - BRAZIL In-Reply-To: <40DCDD3F.5040301@sagraluzzatto.com.br> (Rodrigo Padula's message of "Fri, 25 Jun 2004 23:19:43 -0300") References: <40DCDD3F.5040301@sagraluzzatto.com.br> Message-ID: <87smcasiv3.fsf@wheatstone.g10code.de> On Fri, 25 Jun 2004 23:19:43 -0300, Rodrigo Padula said: > I would like to know how I do to contribute with the project GNUPG.ORG. The Brazilian translation is pretty outdated; having a new translator for this pt_BR.po would be appreciated. What about that? Werne From wk at gnupg.org Fri Jul 2 14:19:53 2004 From: wk at gnupg.org (Werner Koch) Date: Tue Jul 6 16:44:15 2004 Subject: GnuPG on Windows working with mailto keyservers? In-Reply-To: <200406300751.i5U7pkiw082167@gw.core> (Robert Golovniov's message of "Wed, 30 Jun 2004 10:43:04 +0300") References: <200406300751.i5U7pkiw082167@gw.core> Message-ID: <87oemysis6.fsf@wheatstone.g10code.de> On Wed, 30 Jun 2004 10:43:04 +0300, Robert Golovniov said: > Can the Windows version of GnuPG be taught to work with the mailto > keyservers? Are there some guidelines for that? It might be usable if you are able to setup a proper MTA; e.g. using the Cygwin environment. Shalom-Salam, Werner From cwsiv at keepandbeararms.com Fri Jul 2 20:08:02 2004 From: cwsiv at keepandbeararms.com (Carl William Spitzer IV) Date: Tue Jul 6 16:44:41 2004 Subject: gpg utils W9x vs. Linux In-Reply-To: <40AD3141.9050807@sbcglobal.net> References: <4096EC68.2040809@sbcglobal.net> <87pt9ix032.fsf@vigenere.g10code.de> <40AD3141.9050807@sbcglobal.net> Message-ID: <1085438778.3786.8.camel@linux.local> Yes keep the 6gb for win98 and put it on a caddy then get a WD for *nix. Put both caddys on the system that way you can mount the win98 system and do backup via the *nix. to boot the 98 just switch the drives. www.oclug.org CWSIV On Thu, 2004-05-20 at 15:29, Bill Turner wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Werner Koch wrote: > | On Mon, 03 May 2004 20:05:44 -0500, Bill Turner said: > | > | > |>2. If not, can someone recommend a good 'general gnupg' util, with > |>similar functionality to gpgshell, for the Linux side of the box? > | > | > | Don't known gpgshell but all www.winpt.org is probably the best choice > | for a Windows based key management (and more) tool. > | > | > | Werner > > Thanks Werner. Have it installed. For the moment have decided to go > solely with w98 till I get another hard drive at least. 6GB just isn't > very much. > > From dshaw at jabberwocky.com Fri Jul 2 20:31:54 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Tue Jul 6 16:44:43 2004 Subject: [Announce] GnuPG 1.3.6 released (development) In-Reply-To: <200405240901.LAA04267@vulcan.xs4all.nl> References: <20040522134540.GB13121@jabberwocky.com> <200405240901.LAA04267@vulcan.xs4all.nl> Message-ID: <20040524120713.GB17354@jabberwocky.com> On Mon, May 24, 2004 at 11:01:16AM +0200, Johan Wevers wrote: > David Shaw wrote: > > > * Support for the old quasi-1991 partial length encoding has been > > removed. > > Is this the reason I can't decrypt a file that has been conventionally > encrypted with pgp 2.6.3ia anymore with 1.3.6? I can decode the same > file with gpg 1.2.4 without problems. I don't think so. The quasi-1991 encoding was a leftover from the GnuPG 0.x days. It was nonstandard. If you are unable to handle 2.6.3 messages, that may be a bug. I'll try and duplicate your problem here. > Why is this support removed? One more code path. It was no longer needed since no program has generated this type of file for years. David From wk at gnupg.org Fri Jul 2 14:10:24 2004 From: wk at gnupg.org (Werner Koch) Date: Tue Jul 6 16:44:51 2004 Subject: GNUPG and cryptoex In-Reply-To: <40C3AA5800001329@dpo2w3p.servers.epost.de> (reiner dietrich's message of "Wed, 9 Jun 2004 11:16:23 +0200") References: <40C3AA5800001329@dpo2w3p.servers.epost.de> Message-ID: <871xjutxsf.fsf@wheatstone.g10code.de> On Wed, 9 Jun 2004 11:16:23 +0200, reiner dietrich said: > Is GNUPG and cryptoex not compatible? AFAIK, cryptoex suppots both, S/MIME and OpenPGP. Thus I guess the key you can't import is an S/MIME (X.509) one. If you can't import a public OpenPGP key into GnuPG you either hit a bug in GnuPG or that is not fully OpenPGP compatible or does not carry a self-signature. Werner From johanw at vulcan.xs4all.nl Fri Jul 2 21:08:40 2004 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Tue Jul 6 16:44:59 2004 Subject: [Announce] GnuPG 1.3.6 released (development) In-Reply-To: <20040522134540.GB13121@jabberwocky.com> from David Shaw at "May 22, 2004 09:45:40 am" Message-ID: <200405221613.SAA14906@vulcan.xs4all.nl> David Shaw wrote: > * Support for the old quasi-1991 partial length encoding has been > removed. This rang some alarm bells with me. I tested if I could use 1.3.6 to decode a file that has been conventionally encrypted with pgp 2.6.3ia, and this failed with 1.3.6. With 1.2.4 decryption worked fine. Why has this support been removed? -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From dfc at anize.org Thu Jul 1 20:43:46 2004 From: dfc at anize.org (Douglas F. Calvert) Date: Wed Jul 14 18:12:47 2004 Subject: lag time on mailing lists? Message-ID: <1088707426.12405.54.camel@liberate> Has anyone experienced any latency issues with messages being posted to the list? I sent a message yesterday that has not made it to the list: Jun 30 23:04:38 terminus postfix/smtpd[14643]: B075CB3C6B: client=syr-24-59-155-190.twcny.rr.com[24.59.155.190], sasl_method=PLAIN, sasl_username=doug Jun 30 23:04:38 terminus postfix/cleanup[14597]: B075CB3C6B: message-id=<1088651077.12405.25.camel@liberate> Jun 30 23:04:38 terminus postfix/qmgr[9440]: B075CB3C6B: from=, size=2775, nrcpt=1 (queue active) Jun 30 23:04:39 terminus postfix/lmtp[14226]: B075CB3C6B: to=, relay=127.0.0.1[127.0.0.1], delay=1, status=sent (250 2.6.0 Ok, id=13759-04-8, from MTA: 250 Ok: queued as 0DA4AB3C6E) Jun 30 23:04:39 terminus postfix/qmgr[9440]: B075CB3C6B: removed Jun 30 23:04:39 terminus postfix/smtpd[14229]: 0DA4AB3C6E: client=localhost[127.0.0.1] Jun 30 23:04:39 terminus postfix/cleanup[14597]: 0DA4AB3C6E: message-id=<1088651077.12405.25.camel@liberate> Jun 30 23:04:39 terminus postfix/qmgr[9440]: 0DA4AB3C6E: from=, size=3228, nrcpt=1 (queue active) Jun 30 23:04:39 terminus postfix/lmtp[14226]: B075CB3C6B: to=, relay=127.0.0.1[127.0.0.1], delay=1, status=sent (250 2.6.0 Ok, id=13759-04-8, from MTA: 250 Ok: queued as 0DA4AB3C6E) Jun 30 23:04:40 terminus postfix/smtp[14648]: 0DA4AB3C6E: to=, relay=ns1.u64.de[217.69.77.222], delay=1, status=sent (250 OK id=1BfrXV-0008V7-00) Jun 30 23:04:40 terminus postfix/qmgr[9440]: 0DA4AB3C6E: removed -- Douglas F. Calvert http://anize.org/dfc/ GPG Key: 0xC9541FB2 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : /pipermail/attachments/20040701/8faf5820/attachment.bin From beuc at gnu.org Sun Jul 4 16:14:50 2004 From: beuc at gnu.org (Sylvain Beucler) Date: Wed Jul 14 18:12:55 2004 Subject: How to use gpg-agent - RFC Message-ID: <20040704141450.GA30147@dink.mshome.net> Hello, I wrote some explanations on how to install and setup gpg-agent (attached). It is meant for the Savannah FAQ so as to help its users and above all tell them that such a tool do exist. I would like to know if you have any comments before I add it to the FAQ. Thanks, -- Sylvain -------------- next part -------------- Did you know? A GPG agent is available. People on the GnuPG mailing list recently pointed me that it is perfectly fine to use gpg-agent from v1.9.x (available in their CVS repository), along with your usual GPG > v1.2.x (that already has the functionnalities to talk with an agent). Here are some details on my installation (I used my laptop that runs RedHat GNU/Linux 7.3 as a test machine): * First, I installed some dependencies. - gettext v0.14.1 (ftp://ftp.gnu.org/gnu/gettext/gettext-0.14.1.tar.gz) ./configure --prefix=/usr && make && make install cp /usr/bin/gettext /bin/gettext - libgpg-error-0.7 (ftp://ftp.gnupg.org/gcrypt/alpha/libgpg-error/libgpg-error-0.7.tar.gz) libgcrypt-1.1.94 (ftp://ftp.gnupg.org/gcrypt/alpha/libgcrypt/libgcrypt-1.1.94.tar.gz) libassuan-0.6.6 (ftp://ftp.gnupg.org/gcrypt/alpha/libassuan/libassuan-0.6.6.tar.gz) libksba-0.9.7 (ftp://ftp.gnupg.org/gcrypt/alpha/libksba/libksba-0.9.7.tar.gz) ./configure && make && make install - pth-1.4.0 (ftp://ftp.gnu.org/gnu/pth/pth-1.4.0.tar.gz) ./configure --prefix=/usr && make && make install * Then I compiled gpg-agent: cvs -d:pserver:anoncvs@cvs.gnupg.org:/cvs/gnupg login # pass == anoncvs cvs -d:pserver:anoncvs@cvs.gnupg.org:/cvs/gnupg co -r V1-9-9 gnupg sh autogen.sh # maybe you will have to update your autotools ./configure make cd agent make install * Last, I compiled pinentry: cvs -d:pserver:anoncvs@cvs.gnupg.org:/cvs/aegypten login # pass == anoncvs cvs -d:pserver:anoncvs@cvs.gnupg.org:/cvs/aegypten co pinentry sh autogen.sh ./configure make make install Here is how to use gpg-agent in a simple way: echo "pinentry-program /usr/local/bin/pinentry-gtk" > ~/.gnupg/gpg-agent.conf # uses the GTK mode, the ncurses mode did not work for me eval `gpg-agent --daemon` # start the daemon gpg --sign -b --use-agent file.tar.gz # asked passphrase gpg --sign -b --use-agent file2.tar.gz # did not ask passphrase # ... killall gpg-agent # stop the daemon From elfyn at emcb.co.uk Mon Jul 5 10:23:04 2004 From: elfyn at emcb.co.uk (Elfyn McBratney) Date: Wed Jul 14 18:13:14 2004 Subject: [Savannah-hackers] How to use gpg-agent - RFC In-Reply-To: <20040704141450.GA30147@dink.mshome.net> References: <20040704141450.GA30147@dink.mshome.net> Message-ID: <1517.82.35.20.249.1089015784.squirrel@webmail.emcb.co.uk> [Apologies for the dupe. I forgot to actually attach the friggin' thing..] Sylvain Beucler said: > Hello, > > I wrote some explanations on how to install and setup gpg-agent > (attached). > It is meant for the Savannah FAQ so as to help its users and above all > tell them that such a tool do exist. > > I would like to know if you have any comments before I add it to the > FAQ. > > Thanks, Attached is a diff adding a few things. I know some of it is common sense for most of us hackers, but I can see new users on Savannah looking at this and thinking ``./configure?! errrrr??''. I left out the bit that this needs to be done from a shell, though ;o) -- Elfyn -------------- next part -------------- A non-text attachment was scrubbed... Name: sv-faq-gpg-agent.diff Type: application/octet-stream Size: 2298 bytes Desc: not available Url : /pipermail/attachments/20040705/143975a3/sv-faq-gpg-agent-0001.exe From Dieter.Guthmann at t-online.de Tue Jul 6 14:56:14 2004 From: Dieter.Guthmann at t-online.de (Dieter Guthmann) Date: Wed Jul 14 18:13:18 2004 Subject: geam-install failed (implicit declaration of 'strlen') Message-ID: <1089118476.40eaa10ca056e@modem.webmail.t-online.de> Hello, I've tried to install Geam on a LFS (Linux from Scratch) 5.1, but I've failed: - after "./configure" and "make" two (IMHO) very strange errors occured: ----8<--------------- xmalloc.c: In function `xstrdup': xmalloc.c:66: warning: implicit declaration of function `strlen' xmalloc.c:67: warning: implicit declaration of function `strcpy' --------------->8---- - I tried to include in xmalloc.c which allowed me to build the Package without error-messages, but "make check" failed here: ----8<--------------- checking simple proxing ... error connecting `localhost': Connection refused --------------->8---- Where is my fault? Thanks in advance. Rgds. Dieter Guthmann From atom at suspicious.org Tue Jul 6 18:54:51 2004 From: atom at suspicious.org (Atom 'Smasher') Date: Wed Jul 14 18:13:43 2004 Subject: subkey types and preferences... In-Reply-To: <1088651077.12405.25.camel@liberate> References: <1088651077.12405.25.camel@liberate> Message-ID: On Wed, 30 Jun 2004, Douglas F. Calvert wrote: > Hello, > Is there any consensus about which signing subkey type is better, RSA > or DSA? And or for that matter El Gamal vs. RSA for encryption? What are > the merits/drawbacks of the different key types? ============ it seems to be nearly all about personal preferences. personally, i think 1024 is a limiting factor of DSS and that it's usable lifetime is coming too close to an end; so i use a 4096 RSA primary key, with a DSA subkey that can be revoked and replaced when the time comes. some people will say that different algorithms are more secure, faster, better, etc... or that some algorithms can be broken... in reality, all of the algorithms used by gpg are good, and on any reasonably recent computer you won't notice any differences in speed when using reasonably sized keys. > The next questions are about the preferences for keys: > Why does my image uid have different preferences than my first UID? I > imagine that it is because the uid was added with a newer version of > gnupg. Should I update the preferences of ID 1 to match those of UID2? > And while we are on the subject of preferences are there any other > preferences that I should update? I generated a test key with 1.2.4 and > the default preferences are: ============= the preferences of the picture, AFAIK, aren't used by anything. there's nothing wrong with old default prefs, and you can update them whenever you like... just be aware that anytime you update prefs you generate a new self-sig; if a bunch of those find their way to the keyservers, you'll wind up with a bunch of self-sigs on your key... nothing to be concerned about, except for aesthetic reasons since all but the most recent self-sigs are ignored. > I am most concerned about security and the overwhelming majority of my > communications are with people who use gnupg. With that in mind should I > go with the default updpref or is there a set of preferences that would > match my tin-foil hat better? ================= there are a lot of people with tin-foil hats who argue both for and against the algorithms used by gpg... no two tin-foil hats are the same. put a copy of "applied cryptography" under your pillow... if you have a dream about the NSA breaking a cipher, don't use it. > Finally, I noticed that werner's key 57548DCD, has more than the normal > two digest prefs that I have run across. Out of curiosity is there a > good reason to have a short or long list of preferred ciphers/digests? =========== for now, most everything uses SHA1. if/when you update your prefs, i'd suggest adding the larger SHA variants... eventually they should come into common use. ...atom _________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 ------------------------------------------------- "If a baseball player slides into home plate and, right before the umpire rules if he is safe or out, the player says to the umpire - 'Here is $1,000.' What would we call that? We would call that a bribe. If a lawyer was arguing a case before a judge and said, 'Your honor before you decide on the guilt or innocence of my client, here is $1,000.' What would we call that? We would call that a bribe. But if an industry lobbyist walks into the office of a key legislator and hands her or him a check for $1,000, we call that a campaign contribution. We should call it a bribe." -- Janice Fine Dollars and Sense magazine From dshaw at jabberwocky.com Tue Jul 6 19:02:06 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Wed Jul 14 18:14:11 2004 Subject: subkey types and preferences... In-Reply-To: <1088651077.12405.25.camel@liberate> References: <1088651077.12405.25.camel@liberate> Message-ID: <20040706170206.GA18532@jabberwocky.com> On Wed, Jun 30, 2004 at 11:04:37PM -0400, Douglas F. Calvert wrote: > Hello, > Is there any consensus about which signing subkey type is better, RSA > or DSA? And or for that matter El Gamal vs. RSA for encryption? What are > the merits/drawbacks of the different key types? For signing, DSA signs faster and RSA verifies a signature a lot faster. This is likely to be a non-issue in the real world. If you like big keys, you'll probably prefer RSA which can have keys larger than the DSA 1024-bit limit. RSA can also use hashes of any size, while DSA is limited to 160 bits. DSA makes signatures that are small and non-annoying when attached to a email message. Big RSA keys make big, potentially annoying signatures. For me, that's a pretty good reason to use DSA if the intent is to sign email. For encryption, RSA is a lot faster to encrypt, but a little slower to decrypt. Again, this is a non-issue in the real world. It's important to understand that while there are a collection of minor points that make people like one pk algorithm over the other, in the real world, it doesn't really matter that much. Both algorithms are vastly stronger than most people need. Consider your attacker: if your adversary can only climb 10 feet, having a 10,000 foot wall around your house is just as good as a 10,005 foot wall. > The next questions are about the preferences for keys: > > pub 1024D/C9541FB2 created: 2002-02-27 expires: never trust: u/u > sub 4096g/0CA2DB2F created: 2002-02-27 expires: never > (1). Douglas F. Calvert > (2) [jpeg image of size 4350] > > Command> showpref > pub 1024D/C9541FB2 created: 2002-02-27 expires: never trust: u/u > (1). Douglas F. Calvert > Cipher: AES, TWOFISH, CAST5, BLOWFISH, 3DES > Digest: RIPEMD160, SHA1 > Compression: ZLIB, ZIP, Uncompressed > (2) [jpeg image of size 4350] > Cipher: AES, CAST5, 3DES > Digest: SHA1, RIPEMD160 > Compression: ZLIB, ZIP, Uncompressed > Features: MDC > > Why does my image uid have different preferences than my first UID? I > imagine that it is because the uid was added with a newer version of > gnupg. Yes. > Should I update the preferences of ID 1 to match those of UID2? Strictly if you want to. Since there is no current way to encrypt to a photo (that is, you can't say "gpg -r --encrypt"), preferences on a photo are currently a no-op. > And while we are on the subject of preferences are there any other > preferences that I should update? I generated a test key with 1.2.4 > and the default preferences are: > > (1). default default > Cipher: AES256, AES192, AES, CAST5, 3DES > Digest: SHA1, RIPEMD160 > Compression: ZLIB, ZIP, Uncompressed > Features: MDC > > I generated a new key with 1.3.6 and the preferences are the same except > for the addition of the keyserver no-modify setting. Not exactly. 1.2.x and 1.3.x both set keyserver no-modify. 1.3.x just shows you that it was set. > I am most concerned about security and the overwhelming majority of my > communications are with people who use gnupg. With that in mind should I > go with the default updpref or is there a set of preferences that would > match my tin-foil hat better? Generally speaking, the default set given via 'updpref' is the best one for reasons of strength and compatibility. People frequently argue whether (for example) Twofish (256) is stronger than AES (256). This is akin to the 10-foot wall example earlier. If you want to advertise the ability to handle any cipher algorithm, then it's fine to edit the list to put in whatever you like. Hash algorithm preferences work the same way: if you want to encourage people to use a particular hash when signing and encrypting to you, then feel free to override the default (SHA-1). Compression algorithms are purely your preference. David From linux at codehelp.co.uk Tue Jul 6 22:13:57 2004 From: linux at codehelp.co.uk (Neil Williams) Date: Wed Jul 14 18:14:24 2004 Subject: What does `sig!3' mean in the output of `gpg --check-sigs'? In-Reply-To: <87eknvrod1.fsf@offby1.atm01.sea.blarg.net> References: <87eknvrod1.fsf@offby1.atm01.sea.blarg.net> Message-ID: <200407062114.00788.linux@codehelp.co.uk> On Friday 02 July 2004 6:04, Eric Hanchrow wrote: > In particular, what do the exclamation point and the 3 mean? The exclamation mark is only produced on --check-sigs, it's absent on --list-sigs so it's an indication that the signature is good. All signatures with --check-sigs should have the ! because signatures made by keys not in your key ring are excluded. The digit is the indication of how much verification took place before signing - when you sign a key, GnuPG asks you how carefully you verified the key, 3 is the highest level - very careful checking. As the man page describes, this is a personal thing and one person's definition of 'very careful' might not match yours. Personally, I mean: I checked the fingerprint against a printed copy given to me face-to-face by the keyholder who proved his/her identity using recognised photo ID (passport, driving licence etc.) and the email address was verified by correspondence. 0 means you make no particular claim as to how carefully you verified the key. 1 means you believe the key is owned by the person who claims to own it but you could not, or did not verify the key at all. This is useful for a "persona" verification, where you sign the key of a pseudonymous user. 2 means you did casual verification of the key. For example, this could mean that you verified that the key fingerprint and checked the user ID on the key against a photo ID. 3 means you did extensive verification of the key. For example, this could mean that you verified the key fingerprint with the owner of the key in person, and that you checked, by means of a hard to forge document with a photo ID (such as a passport) that the name of the key owner matches the name in the user ID on the key, and finally that you verified (by exchange of email) that the email address on the key belongs to the key owner. Note that the examples given above for levels 2 and 3 are just that: examples. In the end, it is up to you to decide just what "casual" and "extensive" mean to you. From this section of the manpage: --default-cert-check-level n -- Neil Williams ============= http://www.codehelp.co.uk/ http://www.dclug.org.uk/ http://www.isbn.org.uk/ http://sourceforge.net/projects/isbnsearch/ http://www.biglumber.com/x/web?qs=0x8801094A28BCB3E3 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: signature Url : /pipermail/attachments/20040706/2f876b7e/attachment-0001.bin From jharris at widomaker.com Wed Jul 7 00:37:10 2004 From: jharris at widomaker.com (Jason Harris) Date: Wed Jul 14 18:14:30 2004 Subject: key count, 2004-07-06 (+ duplicates by short keyid) Message-ID: <20040706223710.GN3286@wilma.widomaker.com> As of Tue Jul 6 22:18:52 2004 UTC, there are 172293 v2/v3 pubkeys, 1856928 v4 pubkeys, 1870716 subkeys, and 1813 duplicate (short) keyids on keyserver.kjsl.com. The duplicates appear below, sorted in reverse by the number of duplicates per keyid and then by keyid. This automated listing is more current than my manual list at: http://keyserver.kjsl.com/~jharris/duplicate_keyids.html and hopefully includes all the keys listed in it. (short keyid # of duplicates) DEADBEEF 4 6FC52472 2 6E849BB2 2 61DCAD84 2 59518C3D 2 10337301 2 FFEA1A95 1 FF86E089 1 FF6A6CA0 1 FF5F9A8D 1 FF495AD7 1 FF48CD90 1 FEEB7515 1 FEDF1BB3 1 FECB35D4 1 FEA05E06 1 FE9F8A51 1 FE69E918 1 FE61A9AE 1 FE5077F1 1 FE35FFBF 1 FDC940E7 1 FD7DB54D 1 FD3E3C28 1 FD04D2C9 1 FCEF82E1 1 FC2AD841 1 FC16E008 1 FBEB0BD6 1 FBDA93F0 1 FBD826F1 1 FBC324F6 1 FBB4F7B8 1 FB159E0D 1 FB14C5C7 1 FAEBD5FC 1 FAE0A994 1 FADFCD89 1 FACCD6D9 1 FAA99F8C 1 FA97182E 1 FA6176B4 1 FA00F4C7 1 F9DF3BF9 1 F9D0D26C 1 F9B4FB55 1 F99B11F2 1 F9826058 1 F91B36F2 1 F8FFD2F6 1 F8CA5F37 1 F8C6AACB 1 F831179D 1 F821C7C3 1 F80BD0FC 1 F7D25A87 1 F7C8A4F6 1 F790CE44 1 F773DE29 1 F76D77B9 1 F752FF43 1 F7482D02 1 F6FD5F57 1 F6D3E297 1 F6C7674A 1 F62A9198 1 F62591B5 1 F6119336 1 F5DF448C 1 F5D9D05E 1 F592EC30 1 F57F15E6 1 F527C750 1 F50BABB6 1 F4E3451D 1 F4C14E0B 1 F4B16D4B 1 F49FF063 1 F49E7EA5 1 F437FBB6 1 F4313A10 1 F4158062 1 F4102A7E 1 F3FCA949 1 F3F1D119 1 F3B7DE70 1 F397F98F 1 F37CB526 1 F35EE110 1 F35427EF 1 F34A75EB 1 F32BA4E7 1 F2F6EE93 1 F2F69F23 1 F2EEFCAB 1 F2DE1C64 1 F29E66C6 1 F28D86F3 1 F283C630 1 F22B91C1 1 F22A0263 1 F21C6560 1 F1FE5367 1 F1CF1800 1 F1C3EE5F 1 F1ADA78C 1 F18E3037 1 F185844A 1 F13972CD 1 F0FF4CF9 1 F099168C 1 F092ABFF 1 F07BD1EC 1 F00001BA 1 EFE465C9 1 EFDB4DFF 1 EF4F7D9B 1 EF4B2B1B 1 EF36997B 1 EF1A0D9D 1 EF1334E3 1 EF045A4A 1 EEEBC3CA 1 EEB93047 1 EE921CC1 1 EE841041 1 EE74769A 1 EE6C909D 1 EE6A1D59 1 EE4E9CBE 1 EE4949C9 1 EE190C59 1 EDAAE59C 1 ED58D277 1 ED47ADE6 1 ECF84952 1 EC9E1DFB 1 EC5665F4 1 EC28990F 1 EC0B60A5 1 EBFE19B1 1 EBFCEE57 1 EBF7584B 1 EBF5437B 1 EBC1AD29 1 EB9A9B36 1 EB73A58F 1 EB59D2E5 1 EB41899C 1 EB2CB21A 1 EADAF319 1 EAC003F8 1 EABF58FA 1 EA493162 1 EA330727 1 EA1D232D 1 EA070B69 1 E9FD0549 1 E9D500CD 1 E9C3AE75 1 E98CCB7F 1 E97A51C2 1 E9328E33 1 E8DAC5E0 1 E8B3A39E 1 E8AC04AA 1 E88C93C7 1 E86DAA49 1 E84F4732 1 E84BD0F1 1 E8344447 1 E7F1ECA9 1 E7DBE6F0 1 E76723FE 1 E73407C9 1 E7207217 1 E71E928D 1 E7165CA8 1 E6F2E251 1 E6E9E432 1 E6D5DF42 1 E6CB1A65 1 E6856DE5 1 E6738B71 1 E60847F4 1 E5E310C9 1 E5C37E59 1 E5B0BB4F 1 E5526149 1 E5522013 1 E5518D56 1 E537F0FE 1 E52A5A90 1 E515AF36 1 E4FEF2C9 1 E4FC38AC 1 E4EBA0D5 1 E4E8E13A 1 E4D4A010 1 E4CBBC73 1 E4C1F455 1 E4BE7B9F 1 E4BD2401 1 E490B8AF 1 E48A7A7A 1 E481CE40 1 E46B98D5 1 E428B785 1 E415B338 1 E412528C 1 E4095839 1 E3F014C2 1 E3E9DFE1 1 E39AFA69 1 E36B0F9C 1 E35AA856 1 E33CE394 1 E320CC89 1 E31CF95D 1 E316E1C6 1 E2F9E87C 1 E2A654C2 1 E29BC79D 1 E269EE80 1 E22C01C1 1 E21A58C3 1 E210E9B1 1 E207DF53 1 E1E33DA3 1 E1A695D1 1 E1762D0A 1 E14758B7 1 E146913F 1 E1247F0C 1 E113492A 1 E0F33253 1 E0C1EF35 1 E0AEC5B2 1 E0261027 1 E023BC6A 1 E018A303 1 DFB2B0D0 1 DFB196B0 1 DF5D2870 1 DF480802 1 DF3E8ED0 1 DF160971 1 DEFCD2FB 1 DEED60C0 1 DEB38CFD 1 DEB36882 1 DEA0382F 1 DE5D2D89 1 DE4A83AE 1 DE3E6789 1 DE1C3DFA 1 DDB289D4 1 DDA3F71E 1 DD5E53C0 1 DCD2E949 1 DCA936D8 1 DC6F4AF5 1 DC3C73D1 1 DC294139 1 DBC8486E 1 DBACFFB8 1 DB612E04 1 DB54F1EE 1 DB5498C8 1 DB417E40 1 DB2FD68E 1 DB2E641C 1 DB13EFA4 1 DB127C12 1 DAFD9EEC 1 DAFCC82E 1 DABF1902 1 DAB62EDC 1 DA9240F5 1 DA83C1B0 1 DA68AA9B 1 DA602DD1 1 DA4741A2 1 DA3F9441 1 DA3E21F5 1 DA0516CE 1 D9FC04D7 1 D9C18885 1 D9B2495D 1 D977F7ED 1 D95D2131 1 D94B31F0 1 D94A5D84 1 D93ED534 1 D923B439 1 D8F23CA8 1 D8E61860 1 D8C8F3ED 1 D873C5A9 1 D856E1D3 1 D801ECFD 1 D79DA15F 1 D79842FB 1 D74C5F79 1 D74C546E 1 D747690B 1 D730FAAF 1 D730EEB9 1 D7289701 1 D7105B74 1 D70D2A7E 1 D6E0FD64 1 D6CE34D6 1 D6C2440E 1 D6B4889B 1 D669140C 1 D6603892 1 D64E3F6D 1 D642143E 1 D624D56A 1 D5DC1BF9 1 D5CF5A50 1 D5C96F11 1 D5B4A430 1 D5B47A46 1 D5A12271 1 D596E7D4 1 D5926B78 1 D58CB69D 1 D56C1743 1 D5276C2F 1 D50B5187 1 D4F76FE9 1 D4EC72AD 1 D4E3ECAE 1 D4B98B53 1 D49B0275 1 D483E12A 1 D42B9CB1 1 D420D5CE 1 D4135633 1 D3FA450C 1 D3D9FF2A 1 D3AE4BA1 1 D3ABD4E3 1 D37E3362 1 D3613155 1 D32F3547 1 D2B47918 1 D268335B 1 D24A2ABB 1 D23C47FE 1 D1C3696E 1 D1BD8CAD 1 D1AD0821 1 D1A0E42D 1 D14B7826 1 D111E820 1 D0FA3598 1 D0AFA10B 1 D09ECD9F 1 D0961561 1 D0422188 1 D040CACC 1 D03C17F9 1 D03B4865 1 D032E6A8 1 D02B940F 1 D00F2CDE 1 CFD28B45 1 CFB9044D 1 CFA0C8B0 1 CF924D61 1 CF6B5950 1 CF62D0C4 1 CED37FF7 1 CEAC5C00 1 CE9FA937 1 CE7D0067 1 CDD050C3 1 CDC5A1B7 1 CDB07D73 1 CDAF7557 1 CD4F0C21 1 CD3891F1 1 CD20BD7D 1 CD07DC2C 1 CCFF0104 1 CC8C470A 1 CC66E722 1 CC12E8FB 1 CBFDDC1F 1 CBAC8696 1 CB649C90 1 CB501A68 1 CB12F02F 1 CAF09C61 1 CAC44D51 1 CAADAC28 1 CA7CA2A5 1 CA7BAB0A 1 CA57868A 1 CA0D9524 1 C9EFF417 1 C9EA8406 1 C9E73AC3 1 C9E1AF7E 1 C9E0C417 1 C99E9B78 1 C965C4A5 1 C9336CC9 1 C8D7DE5D 1 C8A2836F 1 C8632747 1 C8568F66 1 C8344E2E 1 C7A119B5 1 C7806863 1 C752847A 1 C7399C7A 1 C71C9220 1 C7138A01 1 C6C80B8D 1 C6C6E310 1 C68357E2 1 C663621A 1 C6501016 1 C62AD0A0 1 C603B705 1 C5FF0A21 1 C5DC8A3A 1 C5C76C81 1 C5B6107F 1 C5A196B9 1 C5334C52 1 C4F26949 1 C4D5167C 1 C4798E05 1 C4786479 1 C40DA8E8 1 C3EB7DE5 1 C3AEACC3 1 C3A66724 1 C38D2A3D 1 C3826A03 1 C34910D0 1 C33603C1 1 C31D3929 1 C30BC6E5 1 C2D3A6DA 1 C21F4F00 1 C1DC35BC 1 C13BF36E 1 C11F6F3B 1 C0BA470F 1 C07ED679 1 C008C0A6 1 BFB528B7 1 BFA35666 1 BF71BDF4 1 BF5A3D1A 1 BED13542 1 BEC507D1 1 BEC10F93 1 BEAE0747 1 BE7B3AA2 1 BE378C4F 1 BE283571 1 BE1B98D8 1 BD81AE64 1 BD6D1A49 1 BD0FD942 1 BD0C16C4 1 BCAAA04D 1 BC799D53 1 BC6102C6 1 BC56D27C 1 BC349218 1 BC233281 1 BC0A530B 1 BC047C0A 1 BBF961F9 1 BBDAD91B 1 BBD92EB1 1 BB44B70C 1 BB35C66D 1 BB34BB9B 1 BAFC0363 1 BAF40252 1 BAEF1196 1 BA6CD06E 1 BA45BDF6 1 BA099952 1 BA08D0D4 1 B9B71C4C 1 B99F8379 1 B9869872 1 B986484E 1 B902E268 1 B8D3D51F 1 B8B539C8 1 B8B1D870 1 B877EAF4 1 B86E1155 1 B847F1D1 1 B8384117 1 B8170D80 1 B813BF46 1 B7F26B77 1 B7EE92C6 1 B7D1ABBF 1 B7BD960F 1 B7A464F9 1 B77AC4C9 1 B7683091 1 B753388D 1 B73FDC72 1 B7373685 1 B6AF2183 1 B6A8B7DC 1 B6995831 1 B6746995 1 B671B1EE 1 B62F43F9 1 B6073B81 1 B5CB72B7 1 B5A431FC 1 B5984048 1 B58F6E0C 1 B57D2192 1 B554F710 1 B51F25AE 1 B509FFB3 1 B4AE8D20 1 B4A70D4D 1 B470FE8A 1 B46DC1B1 1 B44078FB 1 B3E99F8C 1 B3D737D6 1 B3D693F2 1 B3D0A7B0 1 B3CD9812 1 B3C99E28 1 B3B8C015 1 B36E4C28 1 B33CFFF0 1 B3148FD4 1 B301618A 1 B2FD738B 1 B2F84AED 1 B2964921 1 B2620BB7 1 B253A92C 1 B2324431 1 B2305050 1 B20D9A65 1 B1F3E29B 1 B1CC6BD0 1 B1BB3676 1 B18C014F 1 B1793A97 1 B173A7B4 1 B1699533 1 B163261F 1 B162429A 1 B13572B7 1 B12BFBCE 1 B12A9E03 1 B121F847 1 B1150D44 1 B1054E2B 1 B0DF3092 1 B0C41186 1 B0B12CAB 1 B0946332 1 B07C9D47 1 B059FF01 1 B0509FBE 1 AFD17D59 1 AF99F592 1 AF85FF26 1 AF62EB67 1 AF3E9638 1 AF275805 1 AEEB8B5B 1 AECE4A7A 1 AE7472A5 1 AE5871F3 1 AE55B221 1 AE433DE3 1 AE19E0C8 1 ADDD90C4 1 ADDA78BE 1 AD5D2D2B 1 AD1556E6 1 ACD658F0 1 ACAB37E1 1 ACA06F77 1 AC8AAEF9 1 AC879B8C 1 AC77066A 1 AC63A600 1 AC39BBA2 1 AC30B989 1 AC03601E 1 ABDAA3DA 1 ABAFAD6E 1 ABAA3C90 1 ABA3AE8F 1 AB145AD0 1 AB0DDDFB 1 AAB5538C 1 AAA40EFD 1 AA7DD5D9 1 AA6B8C07 1 AA6451DB 1 AA6330DE 1 AA2D3D51 1 A9F83387 1 A9E781C0 1 A9C747A7 1 A9C1DA04 1 A985450F 1 A956406D 1 A9117B51 1 A8CC5B8D 1 A8BF6085 1 A8B35D11 1 A8A369C9 1 A89E8BF2 1 A86F98CE 1 A7C3B5F9 1 A7B26A1A 1 A76D53F5 1 A768291F 1 A74300B3 1 A712FDC0 1 A710A4A7 1 A6ECA8F3 1 A6DE7508 1 A6DE1F89 1 A6C7836D 1 A6452044 1 A6371EFC 1 A5FC0936 1 A5DAF484 1 A5BF15B6 1 A5A2EDE5 1 A56E15A3 1 A55AAECF 1 A546C9E9 1 A52B06FB 1 A513EC05 1 A4C5A65D 1 A4B119CE 1 A4973A65 1 A48CA749 1 A480F8D3 1 A47C2E15 1 A459E563 1 A41D767D 1 A35FD3FC 1 A35EA3D1 1 A34B3553 1 A3166F17 1 A3146596 1 A2FD4AF7 1 A2CADC81 1 A2B9A085 1 A25837CC 1 A2120CD4 1 A2080434 1 A1FBC4DF 1 A1C71AC6 1 A1AB8452 1 A1A5917C 1 A1A4E5D2 1 A19EE6FA 1 A127B880 1 A1271B4E 1 A11DA8F2 1 A0C5B0D6 1 A0C2AC69 1 A0A12B52 1 A08C20BD 1 A076FB94 1 A04C4CB0 1 A03588F4 1 A0222644 1 A00006C8 1 9FEFA726 1 9FD7A290 1 9FCB8F11 1 9FC561A1 1 9FBDD7A0 1 9FB3FAD2 1 9F4DD493 1 9F1C26AF 1 9F0B7674 1 9EDD895D 1 9EC3E1C1 1 9E8480BD 1 9E7A3BCB 1 9E66EAE6 1 9E2CB1AB 1 9E136429 1 9D886B88 1 9D701AD1 1 9D69CE01 1 9D5EC10D 1 9D5A28C5 1 9D41A5E0 1 9D311099 1 9D23D715 1 9CCD4C36 1 9C977DC6 1 9C797A33 1 9C62C238 1 9C2607DE 1 9C07D7E1 1 9BF76715 1 9BDC67B7 1 9BCCB299 1 9BC6E569 1 9B91477D 1 9B81FBEA 1 9B4A16A2 1 9B453F02 1 9B21CC3D 1 9B097544 1 9B01B926 1 9AEA8E7C 1 9AE95DB4 1 9ADC3F22 1 9AD2D787 1 9ACE8476 1 9AA829DD 1 9A6B2ED1 1 9A5FF152 1 9A2E7CF3 1 9A295B04 1 9A05C531 1 99F5A28D 1 99DC18FF 1 99C88F47 1 99BDA4A1 1 999F8048 1 9997BEFD 1 99827D58 1 99698A01 1 99659458 1 9939DA76 1 99247DDD 1 991209EC 1 9910E565 1 98E9D53D 1 98E8562D 1 98B85A14 1 98B3C089 1 98AFE82E 1 98AB344B 1 988D16E5 1 987D847D 1 9857D0AC 1 98453972 1 97E11812 1 97DFB49B 1 97CB4AA7 1 97C54618 1 97C07C3C 1 97B02B9F 1 9765F187 1 975CA949 1 973C1033 1 972CE23B 1 96E8EEDA 1 96BC6AEE 1 96B31AB2 1 96B128E0 1 96935B9C 1 9686D87A 1 9680419D 1 967DC5DD 1 967885A6 1 9652ED31 1 965238F3 1 96348FD1 1 95EF1453 1 958BC6BA 1 9585AEE2 1 95063EB5 1 94E52A28 1 9488E5F9 1 947C42DF 1 9460EF34 1 942F97AC 1 941DCFCD 1 93CFD861 1 938883D3 1 93738FC3 1 9364F4F4 1 93157581 1 92EE7592 1 92C11F27 1 92987D92 1 928F323D 1 924F0AE6 1 9216F7C3 1 91A89703 1 9189AC99 1 917FAE6B 1 9150E5B0 1 9134EA18 1 9131544A 1 90EA2F9D 1 906E7BA0 1 903C18AE 1 9009BA70 1 9003D406 1 8FF8A5FE 1 8FD86BA7 1 8FA45433 1 8F4B50B0 1 8F4AAFE7 1 8F1DCFA4 1 8F1C5E0A 1 8F103CDE 1 8EC4070F 1 8EB3039C 1 8E9A7257 1 8E913541 1 8E813F21 1 8E6C5CB9 1 8E69EECE 1 8E5222DD 1 8DDFBFE6 1 8D89BF15 1 8D7EAD6B 1 8D56CB67 1 8D315505 1 8D0B88F3 1 8CFC045E 1 8CF85F2D 1 8CDECCCE 1 8CB97256 1 8C90A57F 1 8C8EB1F0 1 8C68A2D0 1 8BE42553 1 8B8D1E9D 1 8B5BEF71 1 8AAEE315 1 8A963CA6 1 8A34ABA7 1 8A20D87D 1 89F0B16D 1 89D7CB14 1 89B5EF29 1 89B5CEDD 1 898040B7 1 89694C4C 1 891F9237 1 88FBB364 1 88ED08C5 1 88EBF681 1 88E56929 1 88A2E2C9 1 88956A20 1 8884F4BA 1 8880D131 1 8844B415 1 880F1F45 1 878AB4DB 1 877A446F 1 876F1A2D 1 8767061F 1 87643D9E 1 875DD099 1 8736A158 1 87274DB7 1 87215224 1 86E9F8D4 1 86E2256A 1 86A8BA32 1 8695A967 1 866A3DAD 1 864387D5 1 8626AC55 1 86224F18 1 8615F33E 1 8601AF9C 1 85F53CA8 1 85ECA856 1 85E5A62A 1 85CFC6EF 1 85875053 1 8575A580 1 85490143 1 8545F21C 1 85365895 1 853654B5 1 84A24375 1 84800409 1 8472E971 1 846D581E 1 84499C79 1 843EBE20 1 843A3360 1 84006A4E 1 83E4CA95 1 83989776 1 838E25BF 1 834DA0A9 1 834733AC 1 833837CC 1 82892AA3 1 82677E75 1 8236BBFA 1 81DC42DD 1 81CAA485 1 8173F9A9 1 8162F90D 1 8104A699 1 8100C470 1 80A991E6 1 809E90F5 1 8092DA51 1 8053BF89 1 80474F32 1 8038ADD1 1 800DAA6E 1 800CCB74 1 7FFEDDFA 1 7FE905CC 1 7FC625DA 1 7FA098B3 1 7F937764 1 7F5EFE30 1 7F46702F 1 7F2FA038 1 7F0585F1 1 7EDBEC4E 1 7EA2E8EC 1 7E971FAE 1 7E785D53 1 7E5E91ED 1 7E334162 1 7E1D050E 1 7E0E2801 1 7E02424C 1 7DFB3738 1 7DDAB28F 1 7D688F15 1 7D4EC548 1 7D047EB3 1 7D01FA48 1 7CFF623B 1 7CC1E713 1 7C18488D 1 7BFE3FC1 1 7B6A2997 1 7B3FECA8 1 7B22F4FA 1 7B0F054F 1 7B0EC78E 1 7B08536A 1 7AE9EAC7 1 7AA7A28B 1 7A818722 1 7A4A5F53 1 7A0E8801 1 79A29990 1 798CF548 1 79780805 1 7974C95E 1 796B3439 1 7958AD6F 1 792F6885 1 78AC0AF8 1 787E18A4 1 78695CFD 1 784E6BBF 1 781E0E81 1 78130F32 1 77FCAE8E 1 77F476CC 1 77E19C76 1 77A3FBBB 1 779A9891 1 77984DDC 1 77486DCF 1 772B6551 1 76AE7175 1 768D627E 1 7688AA16 1 76781382 1 7649131D 1 764183DD 1 763C940C 1 7636F92E 1 760A972F 1 75CA9E60 1 75AA6352 1 758C6BC5 1 7543B782 1 74D35A55 1 74CD1041 1 74B8918F 1 7457B219 1 74303CA8 1 740F69ED 1 73C51AFC 1 73043469 1 7300B960 1 72F3AD39 1 72D98613 1 72D5E7B4 1 72CADA85 1 72B4D960 1 72A6A02D 1 728E84AD 1 72787E1C 1 722A7990 1 7208F11E 1 717161AE 1 716EB518 1 71668B91 1 71579DFD 1 71422425 1 70FFF9E2 1 70FC2835 1 70FA79A3 1 70F7362D 1 70DCD4F2 1 70D64C49 1 70AE18FC 1 708F21A0 1 70819317 1 705A7DBF 1 70555EB4 1 7027CBFA 1 6FF8AD8A 1 6FEE4A9D 1 6FE71551 1 6FE3B1F4 1 6FD1C1C4 1 6FCD8A93 1 6FCB62BB 1 6FC9E91D 1 6FAFC661 1 6FA09C8B 1 6F9C1DBE 1 6F57602C 1 6F4ABFC8 1 6F39F385 1 6F202346 1 6F1FD824 1 6F0747C6 1 6EA9656E 1 6E940539 1 6E3A63C3 1 6E269F33 1 6E03252F 1 6DC986EF 1 6DBB39BB 1 6D816342 1 6D4E678A 1 6D3C7479 1 6D3AF72C 1 6D20B645 1 6D0589F6 1 6CACA598 1 6CA05373 1 6C876CEC 1 6C7F11DE 1 6C66EC2F 1 6C6481CA 1 6C6133BD 1 6C32639E 1 6C1DC67B 1 6C1C1DB2 1 6C195A5F 1 6BFDB5B1 1 6BE64D50 1 6B8B4141 1 6B75150E 1 6B481AB2 1 6B3DC50C 1 6AF17EA7 1 6AAE7A60 1 6A8F3B36 1 6A4C83F3 1 69CF3E39 1 69CAA252 1 69C65B1B 1 69A97E35 1 69877383 1 696AF4E5 1 693BA922 1 6914D9E9 1 691281AA 1 68E65C33 1 68C746C5 1 68B9F2E1 1 689F0C80 1 68967AC6 1 68601497 1 6838130A 1 67F71227 1 67F19C8D 1 67CFC0D4 1 67C0A6FE 1 67A39D11 1 679A7B31 1 6798ACDF 1 67800C7C 1 66FBDC22 1 66811C6E 1 666F51C8 1 65CCF300 1 65BFC16D 1 65B51E0D 1 657ACDEC 1 65516DAA 1 654BC86B 1 6538D16B 1 64D4C5A3 1 649701F6 1 6469923A 1 642DC3B5 1 6401A109 1 63DB2AC5 1 63BEB808 1 638D221A 1 6354A474 1 630D1137 1 630C2C80 1 63037F7F 1 62FD6545 1 62CAD444 1 62AA84B2 1 629EC328 1 6291B7B3 1 62464A3C 1 621FFE5D 1 6211000E 1 61F3445D 1 61D9DBEC 1 61BAD897 1 619F548A 1 61968F51 1 6195CC02 1 615B9A33 1 613BD2F9 1 6125A9AD 1 60E1FFD3 1 60DB165B 1 608BB3C9 1 60759D09 1 6062FDA2 1 60497BF4 1 603A161E 1 602ABD10 1 6017BDD7 1 60154CD5 1 5FB423B6 1 5FA63B8D 1 5F9F4379 1 5F4B6D40 1 5F33F7B7 1 5F2986D2 1 5F26D087 1 5F244ECA 1 5F1141A5 1 5EFD3DC1 1 5EE8F65A 1 5EE76F85 1 5EB90F67 1 5E986314 1 5E181A6D 1 5DF6AE1D 1 5DECF171 1 5DB5C01B 1 5D9EFC4D 1 5D7CD8AE 1 5D7C5207 1 5D460BB2 1 5D0E2861 1 5D0D8A0D 1 5CEDB0EF 1 5CE2CE5E 1 5CDC5684 1 5CC0B513 1 5CA46E7D 1 5C995945 1 5C8415AF 1 5C75D890 1 5BEE687D 1 5BEADB3D 1 5BE97622 1 5BE524E9 1 5BB03781 1 5BA36BE1 1 5B927374 1 5B3F9640 1 5AF343D0 1 5A8BE3F5 1 5A84B219 1 5A7B6A54 1 5A73C98E 1 5A62D6B1 1 5A1D8BD3 1 5A1A5201 1 59C25118 1 59BA6993 1 596B51FD 1 5958E083 1 5930BDC7 1 590C575C 1 58D766D1 1 5819CF01 1 580545C6 1 57C71C82 1 57A96C80 1 5798556B 1 5768246C 1 5767735F 1 5742B46E 1 57190CE2 1 56AC4D6B 1 569D00EC 1 567BA000 1 566CE73A 1 566AB279 1 55EBF239 1 55CBCAC2 1 55B2D6C2 1 55AD1433 1 55A49D93 1 553569BE 1 547E6907 1 545EEE69 1 54508B3B 1 544E17D6 1 53E0EEE4 1 53BFC700 1 53651DE3 1 532414CE 1 52E7B5EE 1 52E4D0DB 1 5214057B 1 51FD1E64 1 51FC68CA 1 51F7AA99 1 51F79498 1 51F3DD2B 1 51DE75E4 1 51AC728B 1 51A4488C 1 5188FF6D 1 5180DF5C 1 514A86F1 1 5113A93E 1 50C64A83 1 508728F1 1 506F036A 1 504B34F0 1 50238A9D 1 4FBAF1A6 1 4FA75F05 1 4F709D15 1 4F57456E 1 4F275C49 1 4EE218A7 1 4EE04BC9 1 4E999D75 1 4E54E46A 1 4E062DFC 1 4DDFC7CF 1 4DC90D11 1 4D9D72EA 1 4D5C52B1 1 4D34A0EF 1 4D2294BD 1 4D22032A 1 4D082587 1 4C621713 1 4C22B70B 1 4C1A7F18 1 4C0D1EC3 1 4BAE5061 1 4B99D24A 1 4B8FFF5D 1 4B82FC4C 1 4B63C3B2 1 4B35C392 1 4B2BE9F1 1 4B1B86E5 1 4B1202C0 1 4AF8FC3E 1 4ADD98C6 1 4ACD8F49 1 4A90AD06 1 4A8BEC8F 1 4A87734A 1 4A2B7F33 1 4A1E9476 1 49C60322 1 49BFBFD0 1 49561B91 1 49299FCD 1 490C5BCE 1 4903984A 1 48D8CDDE 1 48991887 1 48289587 1 4827DD7F 1 48229794 1 47FF0547 1 47E78BE8 1 47C6D5FA 1 47B81485 1 47B57B32 1 47A7606C 1 479B59A6 1 478BF40C 1 4781CE09 1 47773F6C 1 475DD6E1 1 4740FECC 1 472F50B5 1 46FADE2B 1 46E18F5F 1 46E09E1D 1 4650D196 1 46509089 1 463F7174 1 463C5060 1 45DD2581 1 45B283E1 1 45A6E792 1 45708711 1 456FF437 1 454208FC 1 45402B60 1 44F56AE5 1 44764DFB 1 44657857 1 444FCABD 1 4442A170 1 43BDC7E8 1 43B726C5 1 43A75E60 1 4386FD2D 1 4375BA12 1 43714484 1 4363B423 1 434B21F9 1 431C9CAF 1 4318F5A3 1 4318372B 1 42FE92FE 1 42FBC3DC 1 42F0A0A0 1 42619341 1 424AF333 1 421ADB86 1 41CCA7BE 1 41712E8E 1 41579935 1 4131A403 1 40B8AAA5 1 4085FA17 1 406A3EF1 1 40454420 1 40380DE6 1 402C84BD 1 3F924C4C 1 3F790C63 1 3F5E1D96 1 3F42544A 1 3F297F37 1 3F021CEE 1 3EF0FE84 1 3EED622B 1 3EDDE3E8 1 3E8A7ADC 1 3E7E6EDD 1 3E450097 1 3E0DE786 1 3E0A7183 1 3DFDF9F4 1 3DEC86EB 1 3DDAF9A4 1 3DD29D15 1 3DD1D416 1 3DCE5DE7 1 3DA44272 1 3D7D41E3 1 3D4AA34B 1 3D45029A 1 3D2A7407 1 3CED4507 1 3CEAFBFD 1 3CB0A5B0 1 3C8062DD 1 3C777CC5 1 3C338C6C 1 3C0BE998 1 3BECB6CD 1 3BE8B3FF 1 3BDFE03F 1 3BD632AF 1 3BB3B286 1 3B80E74C 1 3B693818 1 3B2948E9 1 3B1D9DF6 1 3B03BF01 1 3AE1ECD5 1 3AE04EAD 1 3ADE1B26 1 3AC7B6F9 1 3ABE47FC 1 3A882409 1 3A43827A 1 3A2F6830 1 3A2E2E9F 1 3A27D00C 1 39F5E107 1 39E6F085 1 39AD3E14 1 39AB7A89 1 39708D15 1 395B2E0C 1 3941360B 1 393A67EB 1 391CF57F 1 39199DBA 1 391627C5 1 38E95B78 1 38B514DA 1 38A4A841 1 38838E3F 1 385107B4 1 382EFDC3 1 381C352C 1 37EC15D0 1 37E204E2 1 37B7EB70 1 3791AA27 1 377FE07F 1 37193EE4 1 37020CA4 1 36F11F8D 1 366C5442 1 35AAA6B9 1 3584C3FE 1 3542CB68 1 3532B0CC 1 352F659A 1 34CAFEEA 1 34B3EBB4 1 34810F32 1 346D4282 1 34677F93 1 3463BA9C 1 345ED6CC 1 34596799 1 342AB185 1 341BA168 1 34143D7F 1 340B887F 1 33A19563 1 338D6FB9 1 335F5FF8 1 334FFCE3 1 32F9D082 1 32E78C9E 1 32C6C7E9 1 3298FECC 1 32443AE8 1 3218899B 1 320A5809 1 3203B408 1 31FB10F9 1 3174D7C6 1 3165E3DB 1 316366F5 1 311CEE01 1 3119C062 1 31017307 1 30C150CE 1 30AADF87 1 309B05DD 1 308D8740 1 304AE829 1 2FCBD9BC 1 2FB8C6A9 1 2F95EFD3 1 2F442E7C 1 2F3F47AD 1 2F2BE408 1 2F0764D8 1 2EFFAA0D 1 2EF88DD4 1 2ED6FC89 1 2EBAAE4C 1 2EB2FE5E 1 2E9859B0 1 2E478D2F 1 2E0EFE48 1 2DEC55D9 1 2DE973C3 1 2DE4A992 1 2D81B2FD 1 2D6D1CF3 1 2D0B163B 1 2CD059FB 1 2CC326B2 1 2CBB6E90 1 2C99011A 1 2C7893A8 1 2BF28C1C 1 2BE3033A 1 2BD61950 1 2BCCCDF9 1 2BB98F61 1 2BB42445 1 2BA4F30A 1 2BA1992A 1 2B4BC5C1 1 2B44CE3B 1 2B287ED5 1 2B143BCA 1 2AF489DA 1 2AB4E7E3 1 2AAC7244 1 2A83F1C6 1 2A82FD06 1 2A520B71 1 29B4CABF 1 299A88AC 1 29640C53 1 29476C7C 1 2946DEE2 1 29200DE5 1 2905288A 1 2904A433 1 28E9F1D6 1 28CE6BE5 1 28C3CC97 1 28B654FA 1 2860B957 1 282F5301 1 2823A484 1 27EAC459 1 27C030C5 1 27B9ADB6 1 27848427 1 277A5385 1 276B7ABC 1 274B98A3 1 2737C04D 1 2724373D 1 26E6C236 1 26DE4D33 1 26C840ED 1 26C6E439 1 267DA49D 1 266B52ED 1 266353CE 1 265FDFF0 1 2652C53B 1 26486DD3 1 2617A882 1 25FBD1DB 1 25D89166 1 25D37C99 1 25C1D1C5 1 25C0A858 1 257018C3 1 2533ACAD 1 25058797 1 25022112 1 24CB26B9 1 24BBC063 1 249989A9 1 2468D45F 1 2435F628 1 2433B4CD 1 24318396 1 240498A9 1 239CF1EC 1 23826A9C 1 2359D67D 1 2331D852 1 2327F354 1 231926BC 1 229F7587 1 228E15F9 1 2289BA06 1 2275DD7D 1 225CA009 1 224C368B 1 223E9149 1 223C9DBD 1 223726AF 1 221EDC21 1 220DAA23 1 21AA86AF 1 21A799A4 1 21A754A9 1 21A13B16 1 218D9BD4 1 214F783D 1 20EB5597 1 20DA8DA5 1 2053BF70 1 2051536F 1 201C2A70 1 201B55DF 1 1FF93337 1 1FF32DEE 1 1FE70BE2 1 1FDCA0D0 1 1FD5B72E 1 1FC376B6 1 1FBE7C43 1 1F79D1C6 1 1F43255F 1 1EFFBA41 1 1EDFAA11 1 1EA5D6B1 1 1E8E1B36 1 1E88BF71 1 1E3E0B8E 1 1E29E27C 1 1E1C8E52 1 1E0DDA12 1 1D8709F3 1 1D46E463 1 1CF177EE 1 1CE774F5 1 1C917B65 1 1C8CD39A 1 1C5A59AB 1 1BFBDAFE 1 1B9C2C77 1 1B389331 1 1B245ED7 1 1B0AD801 1 1A96577E 1 1A769744 1 1A6F4F8E 1 1A5665D6 1 1A25D86C 1 19EB7462 1 19E8AFFE 1 19980101 1 194DCF69 1 193979FE 1 192DFC86 1 191A566C 1 18FF24C5 1 18EB05F4 1 181C7A86 1 18154164 1 17307658 1 171CAA4A 1 16F4289E 1 16F1BB82 1 16DD8FD5 1 16144C84 1 15EF5BF3 1 15B5D2CC 1 15AF5F92 1 159789FB 1 15529C79 1 15422EE3 1 14E5FA20 1 1493A535 1 1485F4E5 1 14795CCB 1 141A61C8 1 14031225 1 1400A529 1 13ED6FD7 1 13ED62A2 1 13E55141 1 13BAE516 1 13BA9CB7 1 136D6A40 1 136CAE4F 1 1328612C 1 132811C2 1 132294C2 1 13147802 1 12FFF8AB 1 126EB674 1 121062DE 1 11E4B0A8 1 11C545ED 1 11983878 1 1131B260 1 1126FC80 1 1109BB9C 1 107E8E01 1 10325C4C 1 10286889 1 0FEA3255 1 0FB6FE04 1 0F752DEB 1 0EB8D771 1 0E845B46 1 0E8315C8 1 0E76AD39 1 0E524168 1 0E04CB22 1 0DCB908F 1 0DC6BF21 1 0D53AFD5 1 0D4F6575 1 0D090C01 1 0CA7D261 1 0C5C53E1 1 0C38637F 1 0C0DFEFD 1 0C0DDFAA 1 0BFA074E 1 0BA85EB1 1 0B4A53CD 1 0B388C6F 1 0B13ED43 1 0AEB4BDE 1 0ADAAD89 1 0A9E090E 1 0A8BBB87 1 0A8A57EF 1 0A5CC571 1 0A503E41 1 0A35FDE3 1 0A163BCE 1 0A0F1541 1 09ECAD67 1 09D85B63 1 09804D87 1 0974755E 1 09612E92 1 094E7C4A 1 0932DECB 1 09256417 1 08B4322D 1 0884675A 1 086DE212 1 08666719 1 084ACEF8 1 08445403 1 08012EBC 1 07ED2832 1 07E6E55A 1 07E6C19B 1 07BC55B6 1 07AB8A93 1 07A65AC1 1 079BB351 1 077D28E1 1 0765885E 1 071355A9 1 070EE274 1 06DCE912 1 06318DBD 1 06269CC5 1 06238A9C 1 05EE0ADC 1 05E51435 1 059866B8 1 0569BCB5 1 053C04CB 1 05038075 1 04F8B4D8 1 04BF290C 1 04AE4096 1 049E669F 1 04071F9F 1 03BB0A13 1 037DA89F 1 036F166E 1 036701B2 1 035CFDDC 1 0346CFC4 1 0332405D 1 02DA0278 1 02BA2FE0 1 028E5613 1 026F7782 1 024365B8 1 021E467B 1 02103F08 1 02054988 1 01FAE88B 1 01D6F21E 1 01D5548F 1 01681CF7 1 01307F03 1 0122F043 1 00FCC016 1 00E54666 1 00B57409 1 0073B461 1 00613384 1 00000001 1 -- Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it? jharris@widomaker.com _|_ web: http://keyserver.kjsl.com/~jharris/ Got photons? (TM), (C) 2004 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : /pipermail/attachments/20040706/20e03af4/attachment-0001.bin From iam-est-hora-surgere at despammed.com Wed Jul 7 00:42:18 2004 From: iam-est-hora-surgere at despammed.com (Marcus Frings) Date: Wed Jul 14 18:14:32 2004 Subject: What does `sig!3' mean in the output of `gpg --check-sigs'? References: <87eknvrod1.fsf@offby1.atm01.sea.blarg.net> Message-ID: * Eric Hanchrow wrote: > In particular, what do the exclamation point and the 3 mean? As you > might guess, I checked all the documentation I could find, and even > looked at the source (which wasn't illuminating). Well, the number has the following meaning: ,---- | How carefully have you verified the key you are about to sign actually | belongs to the person named above? If you don't know what to answer, | enter "0". | | (0) I will not answer. (default) | (1) I have not checked at all. | (2) I have done casual checking. | (3) I have done very careful checking. `---- The exclamation mark: Don't know. :-) Anyone else? Regards, Marcus -- "Eines Tages werden diese Menschen daf?r b??en. Eines Tages werden sie daf?r in der H?lle brennen." From sanchezthecactus at yahoo.com Wed Jul 7 01:37:19 2004 From: sanchezthecactus at yahoo.com (Sanchez the Cactus) Date: Wed Jul 14 18:14:34 2004 Subject: Fwd: using gnupg with a secure ldap (ldaps) keyserver Message-ID: <20040706233719.35585.qmail@web12105.mail.yahoo.com> > Hi, > > I'm trying to use gnupg to send my key to my company's keyserver. The > URL > scheme for the keyserver is ldaps://ldap.company.com:636/ou=pgp > keys,dc=company,dc=com. Unfortunately, I can't figure out how to get > gpg to > recognize this url schema and connect successfully. If I set the > keyserver > option to be that url, i get: > > unable to execute program "gpgkeys_ldaps": No such file or directory > gpg: no handler for keyserver scheme "ldaps" > > if i change it to simply be ldap instead of ldaps, I get: > gpgkeys: internal LDAP bind error: Can't contact LDAP server > gpg: keyserver internal error > > > is there a way to get this working? It seems (according to google) like i > should be able to get it working with cvs/unstable gnupg, but that doesn't > work > either... > > Thanks, > -Joe > ps. sorry if this goes through twice, i was not subscribed to the list before, so trying again now that i'm subscribed. __________________________________ Do you Yahoo!? New and Improved Yahoo! Mail - 100MB free storage! http://promotions.yahoo.com/new_mail From avbidder at fortytwo.ch Wed Jul 7 09:08:58 2004 From: avbidder at fortytwo.ch (Adrian 'Dagurashibanipal' von Bidder) Date: Wed Jul 14 18:14:35 2004 Subject: Duplicated User IDs arisen In-Reply-To: <200406301908.26263.linux@codehelp.co.uk> References: <7fae93ff43426783ac07cb97d3145269@biglumber.com> <200406301908.26263.linux@codehelp.co.uk> Message-ID: <200407070909.02744@fortytwo.ch> On Wednesday 30 June 2004 20.08, Neil Williams wrote: [...] > Users would need some sort of login and then be able to upload a > changed key that would overwrite any existing copies. Easy: just sign the whole key upload. > Is it worth the bother? I'd certainly use it. There are a few signatures that are worthless on my key (signatures by 'leaf keys' that I know are not in use anymore, one person signed my key without verifying anything), so I would remove them from the published key. The important thing is: If a key is revoked, it stays revoked. Users can perhaps delete all signatures or add new key components, but the revocation cert (and the key parts that depends on) MUST NOT be deleted. Without this functionality, the keyserver is a security problem. Also: everybody must be able to upload a revocation certificate - perhaps I (as the key owner) have lost the secret key (or whatever is required to change a key on the keyserver) and am uploading the emergency revocation cert that I prepared for just this case. greetings -- vbi -- Operator! Trace this call and tell me where I am. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 331 bytes Desc: signature Url : /pipermail/attachments/20040707/7a872792/attachment.bin From kairaven at arcor.de Wed Jul 7 22:49:08 2004 From: kairaven at arcor.de (Kai Raven) Date: Wed Jul 14 18:14:52 2004 Subject: What does `sig!3' mean in the output of `gpg --check-sigs'? In-Reply-To: <87eknvrod1.fsf@offby1.atm01.sea.blarg.net> References: <87eknvrod1.fsf@offby1.atm01.sea.blarg.net> Message-ID: <20040707224908.4dd6e70a@matrix.localdomain.intern> Hi Eric, On Thu, 01 Jul 2004 22:04:42 -0700 you wrote: > In particular, what do the exclamation point and the 3 mean? As you > might guess, I checked all the documentation I could find, and even > looked at the source (which wasn't illuminating). I think it means a correct certificate with check-level 3: (3) I have done very careful checking. -- Ciao Kai WWW: http://kai.iks-jena.de/ Blog: http://rabenhorst.blogg.de/ GnuPG-Key: 0xD6E995A0 Jabber: kraven@unimatrix.homelinux.com From wk at gnupg.org Thu Jul 8 15:23:01 2004 From: wk at gnupg.org (Werner Koch) Date: Wed Jul 14 18:15:03 2004 Subject: What does --export-secret-subkeys do? In-Reply-To: <20040701024204.GA14205@foxxy.triohost.com> (James P. Howard, II's message of "Wed, 30 Jun 2004 22:42:04 -0400") References: <20040701024204.GA14205@foxxy.triohost.com> Message-ID: <87briqbpl6.fsf@wheatstone.g10code.de> On Wed, 30 Jun 2004 22:42:04 -0400, James P Howard, said: > What exactly happens when you use --export-secret-subkeys? From > what I understand, the master signing key is disabled in the new > secret key ring, but I would like to know more about how this Right, the private data of the primary key is not included in the output. Technically we use another protection algorithm to make applications believe that the private key parts are there, just not decodable. Of course we don't put any actual data into it, just the header to tell that it is protected using our special mode: if( sk->protect.s2k.mode >= 1000 ) { /* These modes are not possible in OpenPGP, we use them to implement our extensions, 101 can be seen as a private/experimental extension (this is not specified in rfc2440 but the same scheme is used for all other algorithm identifiers) */ iobuf_put(a, 101 ); iobuf_put(a, sk->protect.s2k.hash_algo ); iobuf_write(a, "GNU", 3 ); iobuf_put(a, sk->protect.s2k.mode - 1000 ); } ... if( sk->protect.s2k.mode == 1001 ) ; /* GnuPG extension - don't write a secret key at all */ else if( sk->is_protected && sk->version >= 4 ) { /* The secret key is protected - write it out as it is */ byte *p; assert( mpi_is_opaque( sk->skey[npkey] ) ); p = mpi_get_opaque( sk->skey[npkey], &i ); iobuf_write(a, p, i ); } Shalom-Salam, Werner From kyle at toehold.com Fri Jul 9 03:07:37 2004 From: kyle at toehold.com (Kyle Hasselbacher) Date: Wed Jul 14 18:15:19 2004 Subject: Wraparound with --enable-progress-filter Message-ID: <20040709010737.GG733@longshot.toehold.com> An embedded and charset-unspecified text was scrubbed... Name: msg.pgp Url: /pipermail/attachments/20040708/d0da64e2/msg.txt From mail at renelemme.de Sat Jul 10 14:23:08 2004 From: mail at renelemme.de (Rene Lemme) Date: Wed Jul 14 18:15:36 2004 Subject: GnuPG on PPC (WinMobile2003) Message-ID: <200407101423.27058.mail@renelemme.de> Hello Group, does anyone use GnuPG on a Pocket PC running with WinMobile2003 OS? I found the following software: http://www.symbolictools.de/public/pocketconsole/applications/gnupg/ What are your experience or do you use different software? Regards, ..ren? -- GnuPG Key-ID: BFCC946E www.renelemme.de $ cd /pub $ more beer -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: signature Url : /pipermail/attachments/20040710/bfb8fd54/attachment.bin From jharris at widomaker.com Mon Jul 12 05:26:39 2004 From: jharris at widomaker.com (Jason Harris) Date: Wed Jul 14 18:15:43 2004 Subject: new (2004-07-11) keyanalyze results (+sigcheck) Message-ID: <20040712032639.GV3286@wilma.widomaker.com> New keyanalyze results are available at: http://keyserver.kjsl.com/~jharris/ka/2004-07-11/ Signatures are now being checked using keyanalyze+sigcheck: http://dtype.org/~aaronl/ Earlier reports are also available, for comparison: http://keyserver.kjsl.com/~jharris/ka/ Even earlier monthly reports are at: http://dtype.org/keyanalyze/ SHA-1 hashes and sizes for all the "permanent" files: 25069b73f88f01f9146928fb9943602aaf0a7b35 9988596 preprocess.keys 54a0f9903676195a74636359355799af273f236b 6663327 othersets.txt 8cd009b719531ee7d41908320a4e7bd67759551d 2548844 msd-sorted.txt b0f152cbac2bff77aeed70a933fec6d7ac3e7b71 1484 index.html ab56d5b99ed4a286868ba5a90d0f7be240074f45 2289 keyring_stats 8cd009b719531ee7d41908320a4e7bd67759551d 2548844 msd-sorted.txt f85301d549f08d753496ebae9ed25c6f800e2de5 26 other.txt 430f923c661b4567fe0febfa7832a3356de5c270 1424022 othersets.txt.bz2 e9665c1bb265d64094a23784eccf11aa3c2a7576 4065411 preprocess.keys.bz2 d42b7e6adcedacfe8fa290d3ffb0879b5a262ac5 9734 status.txt 1910923e9a54cfac4b7a9d06014b39dcf6a14fa2 211790 top1000table.html ba231448db58ba603c7ff06dbd48964a2739e8ff 30595 top1000table.html.gz 5173db497bb0361758930e3a6ba81c6461633927 11103 top50table.html c50916813e2c98398769fae1b4384432de83d982 2539 D3/D39DA0E3 -- Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it? jharris@widomaker.com _|_ web: http://keyserver.kjsl.com/~jharris/ Got photons? (TM), (C) 2004 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : /pipermail/attachments/20040711/aad6a63c/attachment.bin From elfyn at emcb.co.uk Mon Jul 5 10:20:39 2004 From: elfyn at emcb.co.uk (Elfyn McBratney) Date: Wed Jul 14 18:16:18 2004 Subject: [Savannah-hackers] How to use gpg-agent - RFC In-Reply-To: <20040704141450.GA30147@dink.mshome.net> References: <20040704141450.GA30147@dink.mshome.net> Message-ID: <1357.82.35.20.249.1089015639.squirrel@webmail.emcb.co.uk> Hello, Sylvain Beucler said: > Hello, > > I wrote some explanations on how to install and setup gpg-agent > (attached). > It is meant for the Savannah FAQ so as to help its users and above all > tell them that such a tool do exist. > > I would like to know if you have any comments before I add it to the > FAQ. > > Thanks, Attached is a diff adding a few things. I know some of it is common sense for most of us hackers, but I can see new users on Savannah looking at this and thinking ``./configure?! errrrr??''. I left out the bit that this needs to be done from a shell, though ;o) -- Elfyn From rhardy at visi.com Fri Jul 9 11:05:58 2004 From: rhardy at visi.com (Tom Hardy) Date: Fri Jul 16 11:07:52 2004 Subject: UTF8 passphrase problem (I think) Message-ID: <20040709090558.GD8795@jeeves.decathlon> I just used kgpg to create a key pair on Suse 9.1, which uses UTF8 encoding, and it works fine. I imported a key pair I made last year on Suse 8.2, which used an 8859 encoding, and I can't enter a valid passphrase. Or rather the key pair was already present, I think. The same applies to two sets of keys on a floppy key ring made by PGP 5.0 back in 1998, One was made by 5.0, and the other was imported from 2.6 way back when. That was on a Windows machine. Can anyone explain what is going on? I think it is a UTF8 issue. I'm just getting started on gpg and kgpg after a long absense. -- Tom Hardy <*> rhardy@visi.com <*> http://www.visi.com/~rhardy Just don't create a file called -rf. --Larry Wall From atom at suspicious.org Wed Jul 14 18:31:00 2004 From: atom at suspicious.org (Atom 'Smasher') Date: Fri Jul 16 11:08:07 2004 Subject: lag time on mailing lists? In-Reply-To: <1088707426.12405.54.camel@liberate> References: <1088707426.12405.54.camel@liberate> Message-ID: <20040714122228.C26762@willy_wonka> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 1 Jul 2004, Douglas F. Calvert wrote: > Has anyone experienced any latency issues with messages being posted to > the list? I sent a message yesterday that has not made it to the list: ==================== i posted a few things 2 weeks ago, and your post is the first thing i've seen since then, that's come through the list. i thought the list was 100% dead, but i just checked the archives , and it seems that ~some~ stuff is getting to the list, and *not* getting to my inbox... some things that i sent didn't even make it that far. i'll consider this message to be a test... ...atom _________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 ------------------------------------------------- "I've always thought that underpopulated countries in Africa are vastly under-polluted." -- Lawrence Summers, chief economist of the World Bank, explaining why we should export toxic wastes to Third World countries -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures iEYEARECAAYFAkD1X84ACgkQnCgLvz19QePo1QCfYff6qW0b7xhuVS7M9afX/hwC SCgAn22dvBSh5Xj29y5dSCIjQ1E3X4Oo =79gK -----END PGP SIGNATURE----- From rodrigopadula at sagraluzzatto.com.br Wed Jul 14 19:31:38 2004 From: rodrigopadula at sagraluzzatto.com.br (Rodrigo Padula) Date: Fri Jul 16 11:08:35 2004 Subject: EXPORT / IMPORT PRIVATE KEY Message-ID: <40F56DFA.5050704@sagraluzzatto.com.br> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 How do I do to export my private key and import in another PC? - -- +================================================+ : RODRIGO PADULA DE OLIVEIRA : : (o- BACHARELANDO EM SISTEMAS DE INFORMA??O : : //\ FACULDADE METODISTA GRANBERY - FMG : : V_/_ : : PostgreSQL - PHP - Slackware - Java : +================================================+ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA9W360mHtsToThscRAgt0AJ9MJ2Ff275+B+vkaMFalazv9hQlpwCfRMCs HoMAnpq3v4rCdz9foL61Qkc= =HDSh -----END PGP SIGNATURE----- From dshaw at jabberwocky.com Wed Jul 14 23:47:28 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Fri Jul 16 11:09:01 2004 Subject: Fwd: using gnupg with a secure ldap (ldaps) keyserver In-Reply-To: <20040706233719.35585.qmail@web12105.mail.yahoo.com> References: <20040706233719.35585.qmail@web12105.mail.yahoo.com> Message-ID: <20040714214728.GB26214@jabberwocky.com> On Tue, Jul 06, 2004 at 04:37:19PM -0700, Sanchez the Cactus wrote: > > > Hi, > > > > I'm trying to use gnupg to send my key to my company's keyserver. The > > URL > > scheme for the keyserver is ldaps://ldap.company.com:636/ou=pgp > > keys,dc=company,dc=com. Unfortunately, I can't figure out how to get > > gpg to > > recognize this url schema and connect successfully. If I set the > > keyserver > > option to be that url, i get: > > > > unable to execute program "gpgkeys_ldaps": No such file or directory > > gpg: no handler for keyserver scheme "ldaps" > > > > if i change it to simply be ldap instead of ldaps, I get: > > gpgkeys: internal LDAP bind error: Can't contact LDAP server > > gpg: keyserver internal error > > > > > > is there a way to get this working? It seems (according to > > google) like i should be able to get it working with cvs/unstable > > gnupg, but that doesn't work either... GnuPG 1.3.6 (or the CVS version) can do ldaps, but it requires that you have OpenLDAP set up to do ldaps. OpenLDAP only does ldaps if you have OpenSSL installed. David From wk at gnupg.org Thu Jul 15 08:20:11 2004 From: wk at gnupg.org (Werner Koch) Date: Fri Jul 16 11:09:08 2004 Subject: Import *.p12 Keys into GnuPG fails In-Reply-To: <40E1576B.5030108@xfraggle.de> (Stefan Jaksch's message of "Tue, 29 Jun 2004 13:50:03 +0200") References: <40E1576B.5030108@xfraggle.de> Message-ID: <87y8ll94h0.fsf@wheatstone.g10code.de> On Tue, 29 Jun 2004 13:50:03 +0200, Stefan (The Fraggle) Jaksch said: > How can I convert the P12-format into OpenPGP? You can't pkcs#12 is usually used for X.509 key s which are not compatible with OpenPGP keys. gnupg 1.9 comes with support for X.509/CMS, though. Werner From wk at gnupg.org Thu Jul 15 08:23:13 2004 From: wk at gnupg.org (Werner Koch) Date: Fri Jul 16 11:09:13 2004 Subject: lag time on mailing lists? In-Reply-To: <1088707426.12405.54.camel@liberate> (Douglas F. Calvert's message of "Thu, 01 Jul 2004 14:43:46 -0400") References: <1088707426.12405.54.camel@liberate> Message-ID: <87u0w994by.fsf@wheatstone.g10code.de> On Thu, 01 Jul 2004 14:43:46 -0400, Douglas F Calvert said: > Has anyone experienced any latency issues with messages being posted to > the list? I sent a message yesterday that has not made it to the list: If you are not subscribed it sometakes takes a while for a moderator to go over the pending postsings and frankly some might actually gte drowned in tghe spam. There is also the problem of high load due to the spam filtering and it sometimes takes a while to process all messages from the mail queue. Werner From boldyrev+nospam at cgitftp.uiggm.nsc.ru Thu Jul 15 05:44:36 2004 From: boldyrev+nospam at cgitftp.uiggm.nsc.ru (Ivan Boldyrev) Date: Fri Jul 16 11:09:21 2004 Subject: subkey types and preferences... References: <1088651077.12405.25.camel@liberate> <20040706170206.GA18532@jabberwocky.com> Message-ID: <86bhs1xei4.ln2@ibhome.cgitftp.uiggm.nsc.ru> On 8798 day of my life David Shaw wrote: > Not exactly. 1.2.x and 1.3.x both set keyserver no-modify. 1.3.x > just shows you that it was set. What do 'no-modify' and 'MDC' flags mean? -- Ivan Boldyrev Onions have layers. Unix has layers too. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 188 bytes Desc: not available Url : /pipermail/attachments/20040715/a165cc2e/attachment.bin From pweis at zaphod.pweis.com Fri Jul 16 13:57:16 2004 From: pweis at zaphod.pweis.com (Philipp Weis) Date: Fri Jul 16 13:54:10 2004 Subject: Calculated trust and ownertrust of signatures Message-ID: <20040716115716.GA6298@zaphod.pweis.com> Hi, is there a way to see the trust values of all signatures on a key? I would expect "gpg --listsigs --with-colons" to show both the calculated trust and the ownertrust with each signature line, but this is apperently not the case. doc/DETAILS says the ownertrust value is only shown for public keys. Why not for signatures? Is it possible to activate this somehow? Trust information on signatures would be highly useful if you want to examine the trust paths to a certain key. Philipp -- Philipp Weis pweis@pweis.com Freiburg, Germany http://pweis.com/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : /pipermail/attachments/20040716/9f150681/attachment.bin From dshaw at jabberwocky.com Fri Jul 16 16:36:52 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Fri Jul 16 16:33:54 2004 Subject: subkey types and preferences... In-Reply-To: <86bhs1xei4.ln2@ibhome.cgitftp.uiggm.nsc.ru> References: <1088651077.12405.25.camel@liberate> <20040706170206.GA18532@jabberwocky.com> <86bhs1xei4.ln2@ibhome.cgitftp.uiggm.nsc.ru> Message-ID: <20040716143651.GA13525@jabberwocky.com> On Thu, Jul 15, 2004 at 10:44:36AM +0700, Ivan Boldyrev wrote: > On 8798 day of my life David Shaw wrote: > > Not exactly. 1.2.x and 1.3.x both set keyserver no-modify. 1.3.x > > just shows you that it was set. > > What do 'no-modify' and 'MDC' flags mean? no-ks-modify is a flag that asks keyservers to not accept changes to your key (i.e. new signatures) unless they came from you. No public keyserver actually honors this flag, but it's part of the OpenPGP standard so we allow setting it. MDC is a modification detection code. It protects messages against certain modification attacks. David From eddie at roosenmaallen.com Fri Jul 16 18:51:10 2004 From: eddie at roosenmaallen.com (Eddie Roosenmaallen) Date: Fri Jul 16 18:47:47 2004 Subject: EXPORT / IMPORT PRIVATE KEY In-Reply-To: <40F56DFA.5050704@sagraluzzatto.com.br> References: <40F56DFA.5050704@sagraluzzatto.com.br> Message-ID: <40F8077E.90400@roosenmaallen.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, To export your secret keys, use: gpg --export-secret-key -a > secret.key and to import them again: gpg --import secret.key Peace, Eddie Rodrigo Padula wrote: > How do I do to export my private key and import in another PC? > _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.5 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFA+Ad9tGGqbMwazQURAgW6AKDLR7U56hNxSxKHTwanrnBrlGgy+wCdF+uQ rlCXJKjia41i9cZbFo0Dn5Y= =IX5y -----END PGP SIGNATURE----- From sanchezthecactus at yahoo.com Fri Jul 16 18:58:40 2004 From: sanchezthecactus at yahoo.com (Sanchez the Cactus) Date: Fri Jul 16 18:55:32 2004 Subject: Fwd: using gnupg with a secure ldap (ldaps) keyserver In-Reply-To: <20040714214728.GB26214@jabberwocky.com> Message-ID: <20040716165840.90539.qmail@web12102.mail.yahoo.com> --- David Shaw wrote: > On Tue, Jul 06, 2004 at 04:37:19PM -0700, Sanchez the Cactus wrote: > > > > > Hi, > > > > > > I'm trying to use gnupg to send my key to my company's keyserver. The > > > URL > > > scheme for the keyserver is ldaps://ldap.company.com:636/ou=pgp > > > keys,dc=company,dc=com. Unfortunately, I can't figure out how to get > > > gpg to > > > recognize this url schema and connect successfully. If I set the > > > keyserver > > > option to be that url, i get: > > > > > > unable to execute program "gpgkeys_ldaps": No such file or directory > > > gpg: no handler for keyserver scheme "ldaps" > > > > > > if i change it to simply be ldap instead of ldaps, I get: > > > gpgkeys: internal LDAP bind error: Can't contact LDAP server > > > gpg: keyserver internal error > > > > > > > > > is there a way to get this working? It seems (according to > > > google) like i should be able to get it working with cvs/unstable > > > gnupg, but that doesn't work either... > > GnuPG 1.3.6 (or the CVS version) can do ldaps, but it requires that > you have OpenLDAP set up to do ldaps. OpenLDAP only does ldaps if you > have OpenSSL installed. > > David > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > when I try with GnuPG 1.3.6 linked against OpenLDAP linked against either GNUTLS or OpenSSL, i get the following error: ./gpg -v --keyserver "ldaps://ldap.company.com/ou=pgp keys,dc=company,dc=com" --search-keys keymaster gpg: NOTE: THIS IS A DEVELOPMENT VERSION! gpg: It is only intended for test purposes and should NOT be gpg: used in a production environment or with production keys! gpg: WARNING: using insecure memory! gpg: please see http://www.gnupg.org/faq.html for more information gpgkeys: unable to make SSL connection: not supported by the NAI LDAP keyserver gpg: key "keymaster" not found on keyserver gpg: keyserver internal error gpg: keyserver search failed: keyserver error is the "NAI LDAP keyserver" not supported by GnuPG, or is there some other way to make GnuPG access it? Thanks again, -Joe __________________________________ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail From dshaw at jabberwocky.com Fri Jul 16 20:48:10 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Fri Jul 16 20:45:07 2004 Subject: Fwd: using gnupg with a secure ldap (ldaps) keyserver In-Reply-To: <20040716165840.90539.qmail@web12102.mail.yahoo.com> References: <20040714214728.GB26214@jabberwocky.com> <20040716165840.90539.qmail@web12102.mail.yahoo.com> Message-ID: <20040716184809.GA15672@jabberwocky.com> On Fri, Jul 16, 2004 at 09:58:40AM -0700, Sanchez the Cactus wrote: > when I try with GnuPG 1.3.6 linked against OpenLDAP linked against either > GNUTLS or OpenSSL, i get the following error: > > ./gpg -v --keyserver "ldaps://ldap.company.com/ou=pgp keys,dc=company,dc=com" > --search-keys keymaster > gpg: NOTE: THIS IS A DEVELOPMENT VERSION! > gpg: It is only intended for test purposes and should NOT be > gpg: used in a production environment or with production keys! > gpg: WARNING: using insecure memory! > gpg: please see http://www.gnupg.org/faq.html for more information > gpgkeys: unable to make SSL connection: not supported by the NAI LDAP keyserver > > gpg: key "keymaster" not found on keyserver > gpg: keyserver internal error > gpg: keyserver search failed: keyserver error > > > > is the "NAI LDAP keyserver" not supported by GnuPG, or is there some > other way to make GnuPG access it? It's not that GnuPG doesn't support it. The keyserver itself doesn't support ldaps. GnuPG supports both ldaps and ldap using TLS. The old NAI keyserver supports neither. If you want to communicate with the NAI keyserver, you have to turn off ldaps or TLS. I think there is some confusion here. What exactly are you doing? That is, where did you get this server? What software is it running? What do you get if you run: ldapsearch -h ldap.company.com -P2 -x -b "cn=pgpServerInfo" -s base cn=pgpServerInfo David From dshaw at jabberwocky.com Fri Jul 16 21:45:04 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Fri Jul 16 21:42:03 2004 Subject: Calculated trust and ownertrust of signatures In-Reply-To: <20040716115716.GA6298@zaphod.pweis.com> References: <20040716115716.GA6298@zaphod.pweis.com> Message-ID: <20040716194504.GA16179@jabberwocky.com> On Fri, Jul 16, 2004 at 01:57:16PM +0200, Philipp Weis wrote: > Hi, > > is there a way to see the trust values of all signatures on a key? I > would expect "gpg --listsigs --with-colons" to show both the > calculated trust and the ownertrust with each signature line, but this > is apperently not the case. > > doc/DETAILS says the ownertrust value is only shown for public keys. > Why not for signatures? Is it possible to activate this somehow? > > Trust information on signatures would be highly useful if you want to > examine the trust paths to a certain key. I'm not quite sure I understand what you are trying to do. There is no ownertrust on signatures. David From sambitnanda at yahoo.com Sat Jul 17 00:43:11 2004 From: sambitnanda at yahoo.com (Sambit Nanda) Date: Sat Jul 17 00:40:32 2004 Subject: $RANDFILE Message-ID: <20040716224311.78433.qmail@web53008.mail.yahoo.com> I download the bin of gnupg for AIX and installed in $HOME/usr/local I also confgured the EGD and running the deamon, I never see it is creating any thing to $RANDFILE and .rand file? Cab you please tell me what i am missing?. ===== Thanks, Sambit Nanda 203-553-3424 (O) From pweis at pweis.com Sat Jul 17 00:53:49 2004 From: pweis at pweis.com (Philipp Weis) Date: Sat Jul 17 00:50:40 2004 Subject: Calculated trust and ownertrust of signatures In-Reply-To: <20040716194504.GA16179@jabberwocky.com> References: <20040716115716.GA6298@zaphod.pweis.com> <20040716194504.GA16179@jabberwocky.com> Message-ID: <20040716225349.GA10743@zaphod.pweis.com> On 16 Jul 2004, David Shaw wrote: > On Fri, Jul 16, 2004 at 01:57:16PM +0200, Philipp Weis wrote: > > is there a way to see the trust values of all signatures on a key? I > > would expect "gpg --listsigs --with-colons" to show both the > > calculated trust and the ownertrust with each signature line, but this > > is apperently not the case. > > > > doc/DETAILS says the ownertrust value is only shown for public keys. > > Why not for signatures? Is it possible to activate this somehow? > > > > Trust information on signatures would be highly useful if you want to > > examine the trust paths to a certain key. > > I'm not quite sure I understand what you are trying to do. There is > no ownertrust on signatures. I should have been more clear on that. I am talking about the trust value of the people that signed a certain key. Let's say I want to know how much I can trust A's key. Suppose A's key has two signatures from people I trust marginally. All I get from GnuPG is a calculated trust value for A's key, but I'd like some more information here. I looking for someting like "B, C and D signed A's key, and B and D are trusted marginally." I could do this by looking up every person that signed the key, but maybe there is a more elegant way. Or maybe I should just write a small tool to do this. -- Philipp Weis pweis@pweis.com Freiburg, Germany http://pweis.com/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : /pipermail/attachments/20040717/a729ddb7/attachment.bin From iam-est-hora-surgere at despammed.com Sat Jul 17 01:32:17 2004 From: iam-est-hora-surgere at despammed.com (Marcus Frings) Date: Sat Jul 17 01:29:10 2004 Subject: lag time on mailing lists? References: <1088707426.12405.54.camel@liberate> <87u0w994by.fsf@wheatstone.g10code.de> Message-ID: * Werner Koch wrote: > On Thu, 01 Jul 2004 14:43:46 -0400, Douglas F Calvert said: >> Has anyone experienced any latency issues with messages being posted to >> the list? I sent a message yesterday that has not made it to the list: Yes, I also noticed this. A mail (actually it's a news posting for me) from me took more than one week to show up in the list. > If you are not subscribed it sometakes takes a while for a moderator > to go over the pending postsings and frankly some might actually gte > drowned in tghe spam. I read this list and write to it via gmane.org so I would like to ask if it's possible to make mails coming from gmane.org automatically mark as subscribed. Gmane users must follow a TMDA-like procedure before their mails will be sent through the gateway to the list. Thus I believe there isn't coming spam from the gateway to the list. > There is also the problem of high load due to the spam filtering and Huh? I read some very high traffic mailing lists which use SA as spam filter and there mails reach the list much faster. > it sometimes takes a while to process all messages from the mail > queue. This reason is more understandable. Regards, Marcus -- "Um einen D?mon zu rufen, mu? man seinen Namen wissen. Einst haben die Menschen davon getr?umt, und jetzt ist es auf andere Weise Wirklichkeit geworden. Das wei?t du, Case. Es ist deine Aufgabe, die Namen von Programmen zu erfahren, die langen, formellen Namen, Namen, die die Besitzer zu verbergen suchen." From boldyrev+nospam at cgitftp.uiggm.nsc.ru Sat Jul 17 02:52:36 2004 From: boldyrev+nospam at cgitftp.uiggm.nsc.ru (Ivan Boldyrev) Date: Sat Jul 17 15:03:54 2004 Subject: subkey types and preferences... References: <1088651077.12405.25.camel@liberate> <20040706170206.GA18532@jabberwocky.com> <86bhs1xei4.ln2@ibhome.cgitftp.uiggm.nsc.ru> <20040716143651.GA13525@jabberwocky.com> Message-ID: <1s9ms1xdn6.ln2@ibhome.cgitftp.uiggm.nsc.ru> On 8807 day of my life David Shaw wrote: >> What do 'no-modify' and 'MDC' flags mean? > > no-ks-modify is a flag that asks keyservers to not accept changes to > your key (i.e. new signatures) unless they came from you. No public > keyserver actually honors this flag, but it's part of the OpenPGP > standard so we allow setting it. What is "from me"? Changes signed with my key? Or some other kind of authentification may be provided by server? Or it is not specified by standard? -- Ivan Boldyrev Onions have layers. Unix has layers too. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 188 bytes Desc: not available Url : /pipermail/attachments/20040717/384fe405/attachment.bin From dshaw at jabberwocky.com Sat Jul 17 16:34:08 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Sat Jul 17 16:31:17 2004 Subject: subkey types and preferences... In-Reply-To: <1s9ms1xdn6.ln2@ibhome.cgitftp.uiggm.nsc.ru> References: <1088651077.12405.25.camel@liberate> <20040706170206.GA18532@jabberwocky.com> <86bhs1xei4.ln2@ibhome.cgitftp.uiggm.nsc.ru> <20040716143651.GA13525@jabberwocky.com> <1s9ms1xdn6.ln2@ibhome.cgitftp.uiggm.nsc.ru> Message-ID: <20040717143408.GA24624@jabberwocky.com> On Sat, Jul 17, 2004 at 07:52:36AM +0700, Ivan Boldyrev wrote: > On 8807 day of my life David Shaw wrote: > >> What do 'no-modify' and 'MDC' flags mean? > > > > no-ks-modify is a flag that asks keyservers to not accept changes to > > your key (i.e. new signatures) unless they came from you. No public > > keyserver actually honors this flag, but it's part of the OpenPGP > > standard so we allow setting it. > > What is "from me"? Changes signed with my key? Or some other kind of > authentification may be provided by server? Or it is not specified by > standard? Not specified. The actual language in the standard says: the key holder requests that this key only be modified or updated by the key holder or an administrator of the key server. David -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 250 bytes Desc: not available Url : /pipermail/attachments/20040717/bbb88659/attachment.bin From sambitnanda at yahoo.com Sat Jul 17 17:43:41 2004 From: sambitnanda at yahoo.com (Sambit Nanda) Date: Sat Jul 17 17:41:03 2004 Subject: $RANDFILE Message-ID: <20040717154341.10197.qmail@web53005.mail.yahoo.com> I am sorry to ask this question again, i did not receive any response to my last emial. I installed gnupg on AIX with EGD , I am running thr EGD daemon, i never see any update to my $RANDFILE, it is still in 0 byte, so while trying to create the certificate using open SSL i am getting PRNG not seeded error. Can any one guide me pls. what to do . ===== Thanks, Sambit Nanda 203-553-3424 (O) From herbert at linuxhacker.at Mon Jul 19 06:39:18 2004 From: herbert at linuxhacker.at (Herbert Straub) Date: Mon Jul 19 06:36:42 2004 Subject: The GNU Privacy Handbook Message-ID: <1090211958.40fb50765aa3f@mail-mobilmail.fibcon.fiber-connect.at> Hallo, the German translation of this handbook does'nt contain equal parts in the section: 3. Key Management / Key-Integrity: The example in the english version: chloe% gpg --edit-key chloe Secret key is available. pub 1024D/26B6AAE1 created: 1999-06-15 expires: never trust: -/u sub 2048g/0CF8CB7A created: 1999-06-15 expires: never sub 1792G/08224617 created: 1999-06-15 expires: 2002-06-14 sub 960D/B1F423E7 created: 1999-06-15 expires: 2002-06-14 (1) Chloe (Jester) (2) Chloe (Plebian) Command> check uid Chloe (Jester) sig! 26B6AAE1 1999-06-15 [self-signature] uid Chloe (Plebian) sig! 26B6AAE1 1999-06-15 [self-signature] As expected, the signing key for each signature is the master signing key with key ID 0x26B6AAE1. And now the same section in the german version: chloe$ gpg --edit-key chloe geheimer Schl?ssel ist vorhanden. pub 1024D/1B087D04 created: 2000-06-07 expires: never trust: -/u sub 2048g/6A3E902A created: 2000-06-07 expires: never sub 1792G/7D5D4DAE created: 2000-06-07 expires: 2002-06-07 sub 960D/C0A27DBE created: 2000-06-07 expires: 2002-06-07 (1) Chloe (Journalistin) (2) Chloe (Freie Autorin) Befehl> check uid Chloe (Journalistin) sig! 1B087D04 2000-06-07 [Eigenbeglaubigung] uid Chloe (Freie Autorin) sig! 1B087D04 2000-06-07 [Eigenbeglaubigung] Wie erwartet, wird f?r jede Unterschrift der prim?re Schl?ssel mit der Schl?ssel-ID 0x26B6AAE1 genommen. Look at the Key 0x26B6AAE1. The german version does'nt have it. I think, this is a error. I tried to send a mail to: (specified in the header of the german book vesion), but this address does'nt exist. Thanks Herbert Straub If, it is an error, then this little Patch correct the error (cvs diff with gph) Index: keymanag.sgml =================================================================== RCS file: /cvs/gph/gph/de/keymanag.sgml,v retrieving revision 1.3 diff -u -r1.3 keymanag.sgml --- keymanag.sgml 28 Aug 2000 21:54:40 -0000 1.3 +++ keymanag.sgml 16 Jul 2004 13:21:19 -0000 @@ -202,7 +202,7 @@ chloe$ gpg --edit-key chloe geheimer Schl?ssel ist vorhanden. -pub 1024D/1B087D04 created: 2000-06-07 expires: never trust: -/u +pub 1024D/26B6AAE1 created: 2000-06-07 expires: never trust: -/u sub 2048g/6A3E902A created: 2000-06-07 expires: never sub 1792G/7D5D4DAE created: 2000-06-07 expires: 2002-06-07 sub 960D/C0A27DBE created: 2000-06-07 expires: 2002-06-07 Best Regards Herbert Straub From avbidder at fortytwo.ch Mon Jul 19 09:16:28 2004 From: avbidder at fortytwo.ch (Adrian 'Dagurashibanipal' von Bidder) Date: Mon Jul 19 09:20:36 2004 Subject: $RANDFILE In-Reply-To: <20040717154341.10197.qmail@web53005.mail.yahoo.com> References: <20040717154341.10197.qmail@web53005.mail.yahoo.com> Message-ID: <200407190916.28410@fortytwo.ch> [cc:ed just to be sure you receive that] On Saturday 17 July 2004 17.43, Sambit Nanda wrote: > I am sorry to ask this question again, i did not > receive any response to my last emial. Which was 17h ago. Wow. Of course, everybody here just waits for your questions and will run to answer them within two minutes of them appearing in their INBOXes. Mailing lists do not work that way. Before stating a question a second time, wait at least 3 or 4 days. Also, people will be more inclined to answer if you tell what you already tried to do to fix the problem. Did you search in google (with what keywords?) and not find an answer? Where in which manual would you have expected an answer and didn't find one? Have a nice week -- vbi -- Oficio ajeno, dinero cuesta. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 331 bytes Desc: signature Url : /pipermail/attachments/20040719/728846cf/attachment.bin From wk at gnupg.org Mon Jul 19 17:24:02 2004 From: wk at gnupg.org (Werner Koch) Date: Mon Jul 19 17:23:22 2004 Subject: The GNU Privacy Handbook In-Reply-To: <1090211958.40fb50765aa3f@mail-mobilmail.fibcon.fiber-connect.at> (Herbert Straub's message of "Mon, 19 Jul 2004 06:39:18 +0200") References: <1090211958.40fb50765aa3f@mail-mobilmail.fibcon.fiber-connect.at> Message-ID: <87zn5wrpf1.fsf@wheatstone.g10code.de> On Mon, 19 Jul 2004 06:39:18 +0200, Herbert Straub said: > the German translation of this handbook does'nt contain equal parts in the > section: 3. Key Management / Key-Integrity: It is independent from the English version. IIRC, the glossary is even much larger. Keys are real keys created for writing the translation. > I tried to send a mail to: (specified in the header of > the german book vesion), but this address does'nt exist. The list has been shut down due to inactivity. gnupg-doc@gnupg.org should still exists. Werner From mirekgoebel at web.de Tue Jul 20 09:36:49 2004 From: mirekgoebel at web.de (=?iso-8859-1?Q? Mirek=20G=F6bel ?=) Date: Tue Jul 20 09:34:09 2004 Subject: Revocation Certificate Message-ID: <1270332948@web.de> I could yet not figure out, what a revocation certificate does. What is a revocation certificate for? What can I do with it? Why is it important? I am very thankful for helping answers, M.G. ____________________________________________________ Aufnehmen, abschicken, nah sein - So einfach ist WEB.DE Video-Mail: http://freemail.web.de/?mc=021200 From avbidder at fortytwo.ch Tue Jul 20 11:08:02 2004 From: avbidder at fortytwo.ch (Adrian 'Dagurashibanipal' von Bidder) Date: Tue Jul 20 11:05:05 2004 Subject: Revocation Certificate In-Reply-To: <1270332948@web.de> References: <1270332948@web.de> Message-ID: <200407201108.11639@fortytwo.ch> On Tuesday 20 July 2004 09.36, Mirek G?bel wrote: > I could yet not figure out, what a revocation certificate does. > > What is a revocation certificate for? > What can I do with it? > Why is it important? Please do at least *some* research before just asking mailing lists. is the very first hit on a google search on gpg introduction revocation, and it actually explains what a revocation cert does. greetings -- vbi -- Never say "OOPS!" always say "Ah, Interesting!" -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 331 bytes Desc: signature Url : /pipermail/attachments/20040720/4fcda86c/attachment.bin From linux at codehelp.co.uk Tue Jul 20 11:13:07 2004 From: linux at codehelp.co.uk (Neil Williams) Date: Tue Jul 20 11:09:44 2004 Subject: Revocation Certificate In-Reply-To: <1270332948@web.de> References: <1270332948@web.de> Message-ID: <200407201013.10435.linux@codehelp.co.uk> On Tuesday 20 July 2004 8:36, Mirek G?bel wrote: > I could yet not figure out, what a revocation certificate does. http://www.dclug.org.uk/linux_doc/startgnupg.html#revoke > What is a revocation certificate for? To revoke a specific key - it is generated in advance so that if you later forget the passphrase you can still revoke the key. (Although you can't do anything else with the key). It is an external file, usually, a simple text file that gpg can import. It is created using the secret key, so you must have the passphrase when you create it, hence why you create it in advance. :-) > What can I do with it? Revoke the key that generated the certificate. Nothing else. > Why is it important? Because it does not require the passphrase to import the file and revoke the key - you must take great care about how you store the certificate. Anyone who gets hold of your revocation certificate can revoke your key and there would be nothing you could do to stop it. Also because without a certificate, if you forget the passphrase to your key it will languish on the keyservers forever as a seemingly active key. No key can be revoked without either the passphrase (and secret key) or the revocation certificate (no secret key needed). If you still know your passphrase and your key is compromised, it still needs to be revoked and a certificate will still need to be created, imported and the updated key sent to keyservers. A stored certificate is just there in case you forget the passphrase or lose the secret key in some hard disc drama. (You must have a backup secret key if you want to continue using the key.) Revocation is about helping others - when you know the key is unusable/compromised, revocation lets everyone else know too. -- Neil Williams ============= http://www.codehelp.co.uk/ http://www.dclug.org.uk/ http://www.isbn.org.uk/ http://sourceforge.net/projects/isbnsearch/ http://www.biglumber.com/x/web?qs=0x8801094A28BCB3E3 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: signature Url : /pipermail/attachments/20040720/e7ade978/attachment.bin From eleuteri at myrealbox.com Tue Jul 20 12:26:06 2004 From: eleuteri at myrealbox.com (David Picon Alvarez) Date: Tue Jul 20 12:23:02 2004 Subject: Revocation Certificate References: <1270332948@web.de> Message-ID: <006601c46e43$f8824e50$1e453cd5@enterprise> > What is a revocation certificate for? It is a secure way to say "I am no longer going to use this key, and if someone does it's not me". > What can I do with it? You can securely "unbind" your key from your identity, for example if your key gets compromised. > Why is it important? If your key is compromise and your attacker deletes it from your system (or if you simply lose it) your key will continue to be bound to your identity until and unless you revoke it. --David. From raineyj at WALCOINTL.com Tue Jul 20 15:43:16 2004 From: raineyj at WALCOINTL.com (raineyj@WALCOINTL.com) Date: Tue Jul 20 15:39:18 2004 Subject: Permission denied on --gen-key Message-ID: <46F5403E4B8AD711AA470002B3A9E61D2F4002@mail.walcointl.com> New to GPG, I've searched the archives and FAQ, but found no reference to help me with this error. My apologies if I have overlooked the answer to my dilemma. The result of my doing a "--gen-key" command is as follows: gpg: no writable public keyring found: eof Key generation failed: eof gpg: can't create 'c:\gnupg/random_seed': Permission denied I've opened the permissions to full access and checked location and existance of the files. I'm sure this is a small issue, but any help and suggestions is greatly appreciated. From shantanu at chrd.in2cable.net Tue Jul 20 21:05:52 2004 From: shantanu at chrd.in2cable.net (Dr. Shantanu Nagarkatti) Date: Tue Jul 20 21:03:27 2004 Subject: GPGrelay configuration problem Message-ID: <6.1.1.1.0.20040721002601.01d48418@chrd.in2cable.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I am a new user of GnuPG and seem to be having trouble configuring GPGrelay to work with 2 email accounts. I have current editions of GnuPG, GPGshell and GPGrelay. My operating system is Windows XP I use OE latest version for the GPGrelay I am trying to configure two email addresses surgeon@nagarkatti.com and the present one to work with GPGrelay When I try to configure the second SMTP and POP with GPGrelay, I get a message saying the port is already taken According to the GPGrelay web site on installation, I should change the port 32025 to 33025 when I add another SMTP and the port 32110 to 33110. This should enable another email connection through GPGrelay on Windows XP. The problem is that the GPGrelay says that the 32025 port is already taken when I add another SMTP. It also says the port 32110 is already taken when I try to add another POP3. Unfortunately, when I do this, OE says that it is unable to connect with 33025 and also 33110 ports. I have tried this a dozen times by now. How do you connect more than one POP and SMTP through GPGrelay? Shantanu ***************************** It wasn't until quite late in life that I discovered how easy it is to say, 'I don't know'. - - somerset maughm -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (MingW32) iD8DBQFA/Wz8Vhdqw/5vqNIRAooNAJ9DgfZLoYtO5UpSlI7Nu0HMSsJBggCfTjNA kWmXJa8hoN0w33wKXSy7TqE= =XbyV -----END PGP SIGNATURE----- -------------- next part -------------- --- Outgoing mail is certified Virus Free. If your scanner discovers a virus please inform me at once. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.718 / Virus Database: 474 - Release Date: 7/9/2004 From tv at beamnet.de Tue Jul 20 22:22:47 2004 From: tv at beamnet.de (Thomas Viehmann) Date: Tue Jul 20 22:19:39 2004 Subject: gpg --edit-key when the key has many signatures Message-ID: <40FD7F17.90608@beamnet.de> Hi, sometimes when editing a key (in order to sign a specific uid associated with the key) it takes quite a while until the command prompt shows. It seems to be related to the number of signatures on the key and occurs also when only the key to be signed and the signing key are in the public keyring. Is there a way to speed this up? I've tried the various --no-XXX and --skip-... switches, but didn't find anything that matches. Kind regards and TIA Thomas P.S.: I'd appreciate being CC'ed in replys. -- Thomas Viehmann, From lists at kcoates.com Tue Jul 20 23:40:52 2004 From: lists at kcoates.com (Kevin Coates) Date: Tue Jul 20 23:38:01 2004 Subject: GPGrelay configuration problem In-Reply-To: <6.1.1.1.0.20040721002601.01d48418@chrd.in2cable.net> References: <6.1.1.1.0.20040721002601.01d48418@chrd.in2cable.net> Message-ID: <197267044.20040720174052@nospam.kcoates.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Dr., On Wed, 21 Jul 2004 00:35:52 +0530 (3:05 PM here), Dr. Shantanu Nagarkatti [DSN] wrote in : DSN> How do you connect more than one POP and SMTP through GPGrelay? Each POP port and SMTP port must have a unique port number that matches what you have configured in your email client. DSN> According to the GPGrelay web site on installation, I should change DSN> the port 32025 to 33025 when I add another SMTP and the port 32110 to DSN> 33110. This should enable another email connection through GPGrelay on DSN> Windows XP. acct# smtp pop3 1 32025 32110 2 33025 33025 These ports must match what's in you mail client. So for account 1, the pop port in the mail client would be 32110 which would match the pop port in GPGrelay then the remote port in GPGrelay would be 110 which is the normal pop port. I'm not sure how high the port numbers can go. I tend to use lower numbers and it works fine for me. smtp/pop 625/6110 525/5110 425/4110 So the inbound POP data from your ISP would be: ==>Incoming mail==>GPGR port in 110/GPGR port out 6110==> Eudora port in 6110 For outbound smtp mail: Eudora smtp port 625==>GPGR port in 625/GPGR port out 25==>ISP If you have a second account it must have different port numbers assigned and not match the 6110/625 used above. The "Remote Port" field in GPGR's Relay Configuration Screen for POP and SMTP should be 110/25 as these can be shared and be the same for each account. The Local Port field must be unique and different for each account. Pardon the lousy schematic. I'm no artist. Hopefully, you'll get the idea. - -- Kevin Coates Dewitt, NY USA ________________________________________________________________ (see kludges for my pgp key) -----BEGIN PGP SIGNATURE----- iD8DBQFA/ZFovZSrVDqOXK0RAjwNAKCGCqswg0WLBxDNxuPKVbAi5ULDXgCdErr/ 9AgmTRU+/lYje5aVmeasrcw= =P/A+ -----END PGP SIGNATURE----- From dshaw at jabberwocky.com Tue Jul 20 23:45:04 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Tue Jul 20 23:42:03 2004 Subject: gpg --edit-key when the key has many signatures In-Reply-To: <40FD7F17.90608@beamnet.de> References: <40FD7F17.90608@beamnet.de> Message-ID: <20040720214504.GA823@jabberwocky.com> On Tue, Jul 20, 2004 at 10:22:47PM +0200, Thomas Viehmann wrote: > Hi, > > sometimes when editing a key (in order to sign a specific uid associated > with the key) it takes quite a while until the command prompt shows. It > seems to be related to the number of signatures on the key and occurs > also when only the key to be signed and the signing key are in the > public keyring. How long is "quite a while"? How many is a "number of signatures"? David From shantanu at chrd.in2cable.net Wed Jul 21 04:18:11 2004 From: shantanu at chrd.in2cable.net (Dr. Shantanu Nagarkatti) Date: Wed Jul 21 04:15:48 2004 Subject: Gnupg-users Digest, Vol 10, Issue 10 In-Reply-To: References: Message-ID: <6.1.1.1.0.20040721073435.01d47368@chrd.in2cable.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Kevin, Thanks for your reply. I have already configured for OE as I pointed out: The problem is that the GPGrelay says that the 32025 port is already taken when I add another SMTP. It also says the port 32110 is already taken when I try to add another POP3. According to the GPGrelay web site on installation, I should change the local port 32025 to 33025 when I add another SMTP and the local port 32110 to 33110. This should enable another email connection through GPGrelay on Windows XP. Unfortunately, when I do this, OE says that it is unable to connect with 33025 and also 33110 ports. The remote ports for GPGrelay are 110/25 for the POP/SMTP The local ports as described above are exactly as recommended on the GPPrelay web site. Thank you being there. Shantanu ********************************** I have yet to see any problem, which, when you looked at it the right way, did not become still more complicated. *************************************** At 03:08 AM 7/21/2004, you wrote: So the inbound POP data from your ISP would be: ==>Incoming mail==>GPGR port in 110/GPGR port out 6110==> Eudora port in 6110 For outbound smtp mail: Eudora smtp port 625==>GPGR port in 625/GPGR port out 25==>ISP If you have a second account it must have different port numbers assigned and not match the 6110/625 used above. The "Remote Port" field in GPGR's Relay Configuration Screen for POP and SMTP should be 110/25 as these can be shared and be the same for each account. The Local Port field must be unique and different for each account. Pardon the lousy schematic. I'm no artist. Hopefully, you'll get the idea. - - -- Kevin Coates Dewitt, NY USA -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (MingW32) iD8DBQFA/dHnwjYrt15y/40RAopYAJ9N1J58Mo2qF4GcwxVhU1WmeToJBwCfQelz Trc6x7Ltpl4HQGVibfhjlHk= =QDd4 -----END PGP SIGNATURE----- -------------- next part -------------- --- Outgoing mail is certified Virus Free. If your scanner discovers a virus please inform me at once. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.718 / Virus Database: 474 - Release Date: 7/9/2004 From lists at kcoates.com Wed Jul 21 07:21:28 2004 From: lists at kcoates.com (Kevin Coates) Date: Wed Jul 21 07:18:31 2004 Subject: Gnupg-users Digest, Vol 10, Issue 10 In-Reply-To: <6.1.1.1.0.20040721073435.01d47368@chrd.in2cable.net> References: <6.1.1.1.0.20040721073435.01d47368@chrd.in2cable.net> Message-ID: <49601322.20040721012128@nospam.kcoates.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Dr., On Wed, 21 Jul 2004 07:48:11 +0530 (10:18 PM here), Dr. Shantanu Nagarkatti [DSN] wrote: DSN> Unfortunately, when I do this, OE says that it is unable to DSN> connect with 33025 and also 33110 ports. I'm presuming that the ports for the first accounts POP and SMTP are different than the second accounts POP and SMTP connections. If that's the case, try using different port numbers for the second connection. You aren't restricted as long as you don't used any ports reserved for some other function. For your second connection, make its POP 5510 and its SMTP 525. These port numbers work here. Keep your first account's port assignments the same as you have now (port 32025/32110). - -- Kevin Coates Dewitt, NY USA ________________________________________________________________ (see kludges for my pgp key) -----BEGIN PGP SIGNATURE----- iD8DBQFA/f1dvZSrVDqOXK0RAt8oAKC4kxPkDCD95KwmvMCAXhX03RSyWwCfcZYb hiYkKLyALRYMc1LngDIxJOU= =I1gG -----END PGP SIGNATURE----- From tv at beamnet.de Wed Jul 21 08:40:49 2004 From: tv at beamnet.de (Thomas Viehmann) Date: Wed Jul 21 08:37:40 2004 Subject: gpg --edit-key when the key has many signatures In-Reply-To: <20040720214504.GA823@jabberwocky.com> References: <40FD7F17.90608@beamnet.de> <20040720214504.GA823@jabberwocky.com> Message-ID: <40FE0FF1.7020707@beamnet.de> David Shaw wrote: > On Tue, Jul 20, 2004 at 10:22:47PM +0200, Thomas Viehmann wrote: >>sometimes when editing a key (in order to sign a specific uid associated >>with the key) it takes quite a while until the command prompt shows. It >>seems to be related to the number of signatures on the key and occurs >>also when only the key to be signed and the signing key are in the >>public keyring. > How long is "quite a while"? 3 Minutes 5 Seconds > How many is a "number of signatures"? A total of 3300 signatures on 16 uids. (That's on a notebook with Pentium M 1.5 with Debian.) Regards T. -- Thomas Viehmann, From sn8421 at sbc.com Mon Jul 19 14:59:47 2004 From: sn8421 at sbc.com (NANDA, SAMBIT (SNETCOMM)) Date: Wed Jul 21 09:58:14 2004 Subject: Looking for help AIX 5.1 gnupg $RANDFIILE Message-ID: I installed gnupg 1.2.5 on aix 5.1 with gcc, did not get any problem, I installed EGD also, and running EGD with egd.pl ~/.gnupg/entropy, I never found it is creating any changes to my $RANDFILE or $HOME/.rand file, I still do not understand why ? Can any one please help. Thanks Sam Sambit Nanda(S.A) http://reportsrv.asi.sbc.com [203)-553-3424(O) (203)-821-6186[p] RESTRICTED - PROPRIETARY INFORMATION The Information contained herein is for use only by authorized employees of SBC Services, Inc., and authorized Affiliates of SBC Services, Inc., and is not for general distribution within or outside the respective companies. From sambitnanda at yahoo.com Sat Jul 17 00:28:21 2004 From: sambitnanda at yahoo.com (Sambit Nanda) Date: Wed Jul 21 10:00:29 2004 Subject: $RANDFILE Message-ID: <20040716222821.82607.qmail@web53007.mail.yahoo.com> I installed the bin og gpg on aix on my $HOME/usr/local the EGD also confugred/install after that sucessfully, I noticed it is never creating or making any changes to $RANDFILE, can any one please infom me why ? ===== Thanks, Sambit Nanda 203-553-3424 (O) From wk at gnupg.org Wed Jul 21 10:39:58 2004 From: wk at gnupg.org (Werner Koch) Date: Wed Jul 21 10:38:24 2004 Subject: lag time on mailing lists? In-Reply-To: (Marcus Frings's message of "Sat, 17 Jul 2004 01:32:17 +0200") References: <1088707426.12405.54.camel@liberate> <87u0w994by.fsf@wheatstone.g10code.de> Message-ID: <87oem9g3dt.fsf@wheatstone.g10code.de> On Sat, 17 Jul 2004 01:32:17 +0200, Marcus Frings said: > I read this list and write to it via gmane.org so I would like to ask if > it's possible to make mails coming from gmane.org automatically mark as > subscribed. Gmane users must follow a TMDA-like procedure before > their OTOH, this is a good address to be used by spam then. I hesitate to allow this we have already seen spam slipped through using faked addresses. > Huh? I read some very high traffic mailing lists which use SA as spam > filter and there mails reach the list much faster. Under high load we can't send them out immediately put need to queue them up. Shalom-Salam, Werner From wk at gnupg.org Wed Jul 21 10:49:07 2004 From: wk at gnupg.org (Werner Koch) Date: Wed Jul 21 10:48:23 2004 Subject: lag time on mailing lists? In-Reply-To: <20040716145826.GP733@longshot.toehold.com> (Kyle Hasselbacher's message of "Fri, 16 Jul 2004 09:58:27 -0500") References: <1088707426.12405.54.camel@liberate> <87u0w994by.fsf@wheatstone.g10code.de> <20040716145826.GP733@longshot.toehold.com> Message-ID: <87k6wxg2yk.fsf@wheatstone.g10code.de> On Fri, 16 Jul 2004 09:58:27 -0500, Kyle Hasselbacher said: > while" to mean "two weeks"). The message that started this thread says > "July 1" on it, but it arrived at my inbox July 14. I replied, and I got Sorry, I have no logs for July 1 anymore. > mm.gnupg-users@trithemius.gnupg.org > pipe delivery process timed out On the 14 and 15th we had a few of these panics: 2004-07-14 19:59:33 1Bko2V-0003uX-00 Creation of pipe failed: Too many open files in system Sorry, Werner From dshaw at jabberwocky.com Wed Jul 21 13:35:04 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Wed Jul 21 13:32:02 2004 Subject: gpg --edit-key when the key has many signatures In-Reply-To: <40FE0FF1.7020707@beamnet.de> References: <40FD7F17.90608@beamnet.de> <20040720214504.GA823@jabberwocky.com> <40FE0FF1.7020707@beamnet.de> Message-ID: <20040721113504.GC4266@jabberwocky.com> On Wed, Jul 21, 2004 at 08:40:49AM +0200, Thomas Viehmann wrote: > David Shaw wrote: > > On Tue, Jul 20, 2004 at 10:22:47PM +0200, Thomas Viehmann wrote: > >>sometimes when editing a key (in order to sign a specific uid associated > >>with the key) it takes quite a while until the command prompt shows. It > >>seems to be related to the number of signatures on the key and occurs > >>also when only the key to be signed and the signing key are in the > >>public keyring. > > > How long is "quite a while"? > 3 Minutes 5 Seconds > > > How many is a "number of signatures"? > A total of 3300 signatures on 16 uids. > > (That's on a notebook with Pentium M 1.5 with Debian.) Check something for me - you say there are 16 uids. Do an --edit-key on this key and count them. Then do a --list-keys on this key and again count the uids. Do all the numbers match? Also, is --list-keys really slow like --edit-key or is it fast? If --list-keys is fast, then check if --check-sigs on this key is slow. There are two good possible reasons why this key is slow for you, and I'm trying to nail down which one. David From mtaylor at grove4.demon.co.uk Wed Jul 21 13:43:18 2004 From: mtaylor at grove4.demon.co.uk (Martin Taylor) Date: Wed Jul 21 13:40:19 2004 Subject: Problems with keys Message-ID: I have recently installed GnuPG 1.2.4 on a Windows XP SP1 system, and am having problems. When attempting to import a key (using GPGShell v3.10), I get the following message: gpg: [don't know]: invalid packet (ctb=2d) gpg: read_block: read error: invalid packet gpg: import from `C:\Documents and Settings\Martin\My Documents\Non-RE\PGP\msrc. asc' failed: invalid keyring gpg: Total number processed: 0 The keys concerned should be totally valid: they were previously installed on a Nullify 1.2.2 build. I have also confirmed the problem by downloading Microsoft's public key: same thing happens. I am able to generate a new key, at least. Does any possible cause for this problem spring to mind? -- Martin Taylor From linux at codehelp.co.uk Wed Jul 21 19:49:10 2004 From: linux at codehelp.co.uk (Neil Williams) Date: Wed Jul 21 19:45:48 2004 Subject: Problems with keys In-Reply-To: References: Message-ID: <200407211849.15122.linux@codehelp.co.uk> On Wednesday 21 July 2004 12:43, Martin Taylor wrote: > I have recently installed GnuPG 1.2.4 on a Windows XP SP1 system, and am > having problems. When attempting to import a key (using GPGShell v3.10), > I get the following message: Is this a binary file or an ASCII file? How was it transferred between platforms / machines? Sometimes these things can go wrong when you transfer it as ASCII when it's binary. If you have the list of key ID's the best way is to now get updated versions from the keyservers - outdated keys from an old file are not much use to anyone. > The keys concerned should be totally valid: they were previously > installed on a Nullify 1.2.2 build. I have also confirmed the problem by > downloading Microsoft's public key: same thing happens. Use gpg --keyserver subkeys.pgp.net --recv-keys keyID instead. -- Neil Williams ============= http://www.codehelp.co.uk/ http://www.dclug.org.uk/ http://www.isbn.org.uk/ http://sourceforge.net/projects/isbnsearch/ http://www.biglumber.com/x/web?qs=0x8801094A28BCB3E3 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: signature Url : /pipermail/attachments/20040721/f74e07af/attachment-0001.bin From tv at beamnet.de Wed Jul 21 21:05:24 2004 From: tv at beamnet.de (Thomas Viehmann) Date: Wed Jul 21 21:02:13 2004 Subject: gpg --edit-key when the key has many signatures In-Reply-To: <20040721113504.GC4266@jabberwocky.com> References: <40FD7F17.90608@beamnet.de> <20040720214504.GA823@jabberwocky.com> <40FE0FF1.7020707@beamnet.de> <20040721113504.GC4266@jabberwocky.com> Message-ID: <40FEBE74.3060909@beamnet.de> David Shaw wrote: > Check something for me - you say there are 16 uids. Do an --edit-key > on this key and count them. Then do a --list-keys on this key and > again count the uids. Do all the numbers match? No, they're 16 uids in the list and 8 on edit, as one might expect from these figures, all uid's are there twice. > Also, is --list-keys really slow like --edit-key or is it fast? If > --list-keys is fast, then check if --check-sigs on this key is slow. list keys is fast, check sigs is fast. > There are two good possible reasons why this key is slow for you, and > I'm trying to nail down which one. Yeah, thanks, it looks like it's got something to do with the uids, right? Kind regards Thomas -- Thomas Viehmann, From dshaw at jabberwocky.com Wed Jul 21 21:45:47 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Wed Jul 21 21:42:49 2004 Subject: gpg --edit-key when the key has many signatures In-Reply-To: <40FEBE74.3060909@beamnet.de> References: <40FD7F17.90608@beamnet.de> <20040720214504.GA823@jabberwocky.com> <40FE0FF1.7020707@beamnet.de> <20040721113504.GC4266@jabberwocky.com> <40FEBE74.3060909@beamnet.de> Message-ID: <20040721194547.GA11286@jabberwocky.com> On Wed, Jul 21, 2004 at 09:05:24PM +0200, Thomas Viehmann wrote: > David Shaw wrote: > > Check something for me - you say there are 16 uids. Do an --edit-key > > on this key and count them. Then do a --list-keys on this key and > > again count the uids. Do all the numbers match? > No, they're 16 uids in the list and 8 on edit, as one might expect from > these figures, all uid's are there twice. > > > Also, is --list-keys really slow like --edit-key or is it fast? If > > --list-keys is fast, then check if --check-sigs on this key is slow. > list keys is fast, check sigs is fast. > > > There are two good possible reasons why this key is slow for you, and > > I'm trying to nail down which one. > Yeah, thanks, it looks like it's got something to do with the uids, right? Yep. You've been caught by a keyserver bug. Sometimes keyservers duplicate user IDs, signatures and all. GnuPG knows about this bug, so when you use --edit-key, it checks for duplicate user IDs and collapses them into one. This takes some time when there are a lot of signatures. The answer is to --edit-key the key, wait until you get a prompt, and then just enter "save". This saves the key in the fixed state and now --edit-key should be fast again. However, note that the keyserver may well give you duplicate user IDs again the next time you refresh the key... Which keyserver do you use? David From tv at beamnet.de Wed Jul 21 22:03:37 2004 From: tv at beamnet.de (Thomas Viehmann) Date: Wed Jul 21 22:00:27 2004 Subject: gpg --edit-key when the key has many signatures In-Reply-To: <20040721194547.GA11286@jabberwocky.com> References: <40FD7F17.90608@beamnet.de> <20040720214504.GA823@jabberwocky.com> <40FE0FF1.7020707@beamnet.de> <20040721113504.GC4266@jabberwocky.com> <40FEBE74.3060909@beamnet.de> <20040721194547.GA11286@jabberwocky.com> Message-ID: <40FECC19.70505@beamnet.de> David Shaw wrote: > On Wed, Jul 21, 2004 at 09:05:24PM +0200, Thomas Viehmann wrote: > However, note that the keyserver may well give you duplicate user IDs > again the next time you refresh the key... > Which keyserver do you use? I use (don't ask me why) pgp.earth.li. Are there keyservers that don't / tend less to send duplicate uids? Is there a way to get gnupg to repair keys non-interactively? Kind regards Thomas -- Thomas Viehmann, From iam-est-hora-surgere at despammed.com Wed Jul 21 23:54:59 2004 From: iam-est-hora-surgere at despammed.com (Marcus Frings) Date: Wed Jul 21 23:52:00 2004 Subject: gpg --edit-key when the key has many signatures References: <40FD7F17.90608@beamnet.de> <20040720214504.GA823@jabberwocky.com> <40FE0FF1.7020707@beamnet.de> <20040721113504.GC4266@jabberwocky.com> <40FEBE74.3060909@beamnet.de> <20040721194547.GA11286@jabberwocky.com> <40FECC19.70505@beamnet.de> Message-ID: * Thomas Viehmann wrote: > Are there keyservers that don't / tend less to send duplicate uids? I'm quite happy with subkeys.pgp.net and keyserver.kjsl.com which never caused duplicate UIDs. blackhole.pca.dfn.de and pgp.zdv.uni-main.de seem to be affected of the keyserver bug. Regards, Marcus PS: Still waiting for your signatures in my keys. -- I think I need a new T-shirt. On the front it will say | Philip Hazel on "Of course, my version is somewhat outdated..." | exim-users and on the back it will say | Mon, 10 May 2004 "...but it is Debian's latest stable release." | 14:30:13 +0100 (BST) From iam-est-hora-surgere at despammed.com Thu Jul 22 00:04:58 2004 From: iam-est-hora-surgere at despammed.com (Marcus Frings) Date: Thu Jul 22 00:01:51 2004 Subject: gpg --edit-key when the key has many signatures References: <40FD7F17.90608@beamnet.de> <20040720214504.GA823@jabberwocky.com> <40FE0FF1.7020707@beamnet.de> <20040721113504.GC4266@jabberwocky.com> <40FEBE74.3060909@beamnet.de> <20040721194547.GA11286@jabberwocky.com> <40FECC19.70505@beamnet.de> Message-ID: * Marcus Frings wrote: > caused duplicate UIDs. blackhole.pca.dfn.de and pgp.zdv.uni-main.de seem Ups! ^ + z Regards, Marcus -- "SCHEISSE! Zwotes Schraubenger?usch in 76?. Kommt schnell n?her!" From shane at tekhed.com Thu Jul 22 04:59:58 2004 From: shane at tekhed.com (Shane Harsch) Date: Thu Jul 22 04:56:05 2004 Subject: Import pubkey issue Message-ID: <40FF2DAE.5060202@tekhed.com> I'm having difficulty importing this public key: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQBNAzCBRskAAAECALx5DbNKnPbPCbSMb/F/7zH6GojwL0g0dA6FdAMrm9LHT8Tp SfXYww8Wlq7K9ouNVVHvugA0PdJSvJ96V5Qb1I0ABRG0C0lyb255IEdhbWVz =lM3X -----END PGP PUBLIC KEY BLOCK----- I'm running gnupg 1.2.4 on Windows XP Pro SP1a. I have generated my public and secret keys. When I import the key I get the following: C:\gnupg>gpg --import iGpubkey.txt gpg: key 941BD48D: no valid user IDs gpg: this may be caused by a missing self-signature gpg: Total number processed: 1 gpg: w/o user IDs: 1 The key is a public PGP key (v 2.6.2). The first time I ran it the key imported, but without a uid. I tried adding one, but am confused as to how to associate a uid with a particular subkey, so I deleted the uid, and then deleted the subkey. Now the key won't import at all. Since this is a PGP key, is this even possible? Thanks. From heiko.teichmeier at sw-meerane.de Thu Jul 22 06:57:31 2004 From: heiko.teichmeier at sw-meerane.de (Heiko Teichmeier) Date: Thu Jul 22 06:55:31 2004 Subject: [Enigmail] Proxy =?iso-8859-1?q?didn=B4t_work?= In-Reply-To: <40FDF6DB.10206@sw-meerane.de> References: <40FDF6DB.10206@sw-meerane.de> Message-ID: <40FF493B.5000101@sw-meerane.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 These messages going outer the thread, because the return-mail-adress are set Heiko Teichmeier schrieb: > Hello Jan-Peter, > Thanks for your answer. > I miss at your description the gpg.conf-option: > > keyserver-options auto-key-retrieve > > These option must set to use the auto key retrieving. OK I?ve entered it my new gpg.conf now looks so keyserver-options --honor-http-proxy keyserver-options auto-key-retrieve > > A other question is the operating system you use. I had problems with > this enigmail-function at win-XP. This problem is present in this time, > because I has not enough time to search the problem. > To test the function in your situation without enigmail, decrypt or > verify the text of the mail at the command-line. Store the complete text > from begin to end of the signed or encrypted message to a textfile. Then > you use (without the pub-key at your keyring) the command: > gpg --decrypt your-file-name > or > gpg --decrypt-files your-file-names > or > gpg --verify your-file-name I use Win98SE and because Enigmail functions right if I connect directly to the Internet it couldn?t be a Problem of gpg I think. Signatur - ------------------------- Hallo Leute Jan-Peter R?hmann Gubkower Str. 7 Tel.: +49 (038205) 65484 18195 Prangendorf FAX: +49 (038205) 65212 Deutschland MOBIL: +49 (0160) 95455975 ICQ: 58269548 EMail (Privat) jan-peter.ruehmann@debitel.net EMail (Firma) jan-peter.ruehmann.external@eads.com HP: http://home.debitel.net/user/jan-peter.ruehmann/ - ------------------------- Protection By The Ya-Right Network Virus Protection Team. Last Updated: Thu, Oct 17 9:42:03 PM EST 2002 -500 (GMT) Scanning for, 107,753 viruses, trojans and many variants. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (MingW32) Comment: keys at: http://www.sw-meerane.de/telefonliste.html iD8DBQFA/0k7PUJoyhqxajsRAuTwAKCaWhQcnhvYXOVRcAk6q2H04r0nDwCfcpNd KJCdpWrNXVAleYgFP1OW2vA= =aHQs -----END PGP SIGNATURE----- -------------- next part -------------- A non-text attachment was scrubbed... Name: heiko.teichmeier.vcf Type: text/x-vcard Size: 390 bytes Desc: not available Url : /pipermail/attachments/20040722/cd6732f3/heiko.teichmeier.bin From atom at suspicious.org Thu Jul 22 07:17:44 2004 From: atom at suspicious.org (Atom 'Smasher') Date: Thu Jul 22 07:15:03 2004 Subject: Import pubkey issue In-Reply-To: <40FF2DAE.5060202@tekhed.com> References: <40FF2DAE.5060202@tekhed.com> Message-ID: <20040722010622.F326@willy_wonka> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 > I'm having difficulty importing this public key: > > -----BEGIN PGP PUBLIC KEY BLOCK----- > Version: 2.6.2 > > mQBNAzCBRskAAAECALx5DbNKnPbPCbSMb/F/7zH6GojwL0g0dA6FdAMrm9LHT8Tp > SfXYww8Wlq7K9ouNVVHvugA0PdJSvJ96V5Qb1I0ABRG0C0lyb255IEdhbWVz > =lM3X > -----END PGP PUBLIC KEY BLOCK----- ================= Public key creation time - Sun Oct 15 17:37:13 UTC 1995 hehe, that key might be older than some of the people on this list ;) try importing with this: gpg --import --allow-non-selfsigned-uid from the man page: --allow-non-selfsigned-uid --no-allow-non-selfsigned-uid Allow the import and use of keys with user IDs which are not self-signed. This is not recommended, as a non self-signed user ID is trivial to forge. --no-allow-non-selfsigned-uid disables. hope that works and make sense. btw, that's a 512 bit key. keys that size have been ~publicly~ cracked. http://homepages.cwi.nl/~kik/persb-UK.html ...atom _________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 ------------------------------------------------- "The Final Act of the Uruguay Round, marking the conclusion of the most ambitious trade negotiation of our century, will give birth - in Morocco - to the World Trade Organization, the third pillar of the New World Order, along with the United Nations and the International Monetary Fund." -- Part of full-page advertisement by the government of Morocco in The New York Times (April 1994) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures iQEcBAEBCAAGBQJA/039AAoJEAx/d+cTpVcibnEH/RK5Y8WDcNIs5dSIZGvgE/DH SNhTuSRhXiOVo87kM/iJ323mVoPhl9dHoWxsRiVJsC4OMZunfQhZtxL0J7qOq4no rSCY++jV2PnT6BYCkwlZ0ygaCkikyc/54bO116JfenQSIXTh5jLaAAd0D+rg96j2 MaAOjTh0iwSU0bqoV3htBb1aGDu4Q4HQv1pWDzazaZU6XkC8Qt8eWSIj3p5GbDkH CW7S+vUIEhXQzOnR7WbbFzUlL2IN3zgNEFUMvZMvSwlSF7DxbAspxvSWf/6Edh3r 1nvHUj8YhiiIk+aIU0ISE827zGJ3hiSpYgMO9fbkdaFJycmVN+jHphRRfcq5M6o= =j21z -----END PGP SIGNATURE----- From mab at PCSTechnologies.com Wed Jul 21 23:55:02 2004 From: mab at PCSTechnologies.com (Marty Becker) Date: Thu Jul 22 08:06:32 2004 Subject: gpg: decryption failed: bad key Message-ID: I am a newbie with gpg. I have created a key pair and sent the public key to my trading partner. I used all the defaults. My trading partner sent me their public key. They can decrypt the stuff I send to them, but when I try to decrypt the stuff they send to me, I get: [root@ftp1 outbound]# gpg --decrypt -o x o.lveo.20040721140521.pgp gpg: NOTE: secret key 6116A9F8 is NOT protected. gpg: decryption failed: bad key [root@ftp1 outbound]# The "6116A9F8" is shown with my key "PcsTech1" in the gpg -list-keys. They are using PGP this is the top of their public key: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: McAfee E-Business Server v7.1.1 - Full License They are using this to encrypt the files: pgp --encrypt $PREPGPDIR/$FILE_NAME --user "PcsTech1" --output $POSTPGPD IR/$FILE_NAME > $MAIL_FILE 2>&1 Does anyone have an idea of what the "bad key" message means and how I can correct this ? Thanks in advance ! ************************************* ************************************* Marty Becker PCS Technologies, Inc. 4250 Wissahickon Ave. Phila., PA 19129 (215) 226-2220 (215) 226-2339 fax ************************************* From dshaw at jabberwocky.com Thu Jul 22 14:52:06 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Thu Jul 22 14:49:05 2004 Subject: gpg --edit-key when the key has many signatures In-Reply-To: <40FECC19.70505@beamnet.de> References: <40FD7F17.90608@beamnet.de> <20040720214504.GA823@jabberwocky.com> <40FE0FF1.7020707@beamnet.de> <20040721113504.GC4266@jabberwocky.com> <40FEBE74.3060909@beamnet.de> <20040721194547.GA11286@jabberwocky.com> <40FECC19.70505@beamnet.de> Message-ID: <20040722125205.GA13749@jabberwocky.com> On Wed, Jul 21, 2004 at 10:03:37PM +0200, Thomas Viehmann wrote: > David Shaw wrote: > > On Wed, Jul 21, 2004 at 09:05:24PM +0200, Thomas Viehmann wrote: > > However, note that the keyserver may well give you duplicate user IDs > > again the next time you refresh the key... > > Which keyserver do you use? > I use (don't ask me why) pgp.earth.li. > Are there keyservers that don't / tend less to send duplicate uids? It might not be pgp.earth.li that did it - since keyservers sync with each other, any brokenness often replicates quickly to other servers. I'm not sure which particular keyserver software had (or has) this bug. > Is there a way to get gnupg to repair keys non-interactively? The upcoming GnuPG 1.2.5 repairs keys automatically on import so you don't need to do it when the key is edited. David From luke.xu at fmglobal.com Thu Jul 22 15:17:05 2004 From: luke.xu at fmglobal.com (Xu, Luke) Date: Thu Jul 22 15:14:31 2004 Subject: Primary user Message-ID: <278093EBD79A354EBE0A80D7C46715C901D503@JOHNEXCHP06.corp.fmglobal.com> Hi, I am new to GNUPG/PGP and need some help. I am in the process of setting up a ftp job with a new partner. When I tried to sign the public key from that partner, PGP is asking me to provide a passphrase for somebody left the company already. Does this mean PGP is currently using this user's key as the primary user ID? How can I switch to use my key? What's the best approach to solve this problem? Any help is greatly appreciated. Luke Xu Windows Server Technologies FM Global 401.275.3000 x 1337 Luke.Xu@FMGlobal.com From shavital at mac.com Thu Jul 22 16:37:27 2004 From: shavital at mac.com (Charly Avital) Date: Thu Jul 22 16:34:51 2004 Subject: Primary user In-Reply-To: <278093EBD79A354EBE0A80D7C46715C901D503@JOHNEXCHP06.corp.fmglobal.com> References: <278093EBD79A354EBE0A80D7C46715C901D503@JOHNEXCHP06.corp.fmglobal.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 If a key is being used, with a passphrase known to somebody that left the company, a new key should be generated; or the same key could be used after changing the passphrase (provided you know the "old" passphrase), revoking the person's user ID, and adding whatever new user ID is required. Better generate a new key. It will not mention the user ID of the person who left the company, and you will be able to set a completely new passphrase. If you are using PGP, set the key you want to use for signing as the Default Key, using the graphic interface commands. If you are using GnuPG, you should set that key as the default key in your gpg.conf file: default-key [long Key ID] Charly On Jul 22, 2004, at 9:17 AM, Xu, Luke wrote: > Hi, > > I am new to GNUPG/PGP and need some help. I am in the process of > setting > up a ftp job with a new partner. When I tried to sign the public key > from that partner, PGP is asking me to provide a passphrase for > somebody > left the company already. Does this mean PGP is currently using this > user's key as the primary user ID? How can I switch to use my key? > What's the best approach to solve this problem? > > Any help is greatly appreciated. > > Luke Xu > > Windows Server Technologies > FM Global > 401.275.3000 x 1337 > Luke.Xu@FMGlobal.com > > > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (Darwin) iD8DBQFA/9E38SG5rMkbCF4RAhzYAKCn5HOu7c5LdvsSytevzzswpbIDpQCfW4En f1E9sR9OeRluOuU5GlRnxgg= =xLfS -----END PGP SIGNATURE----- From rhardy at visi.com Fri Jul 9 11:05:58 2004 From: rhardy at visi.com (Tom Hardy) Date: Thu Jul 22 17:24:39 2004 Subject: UTF8 passphrase problem (I think) Message-ID: <20040709090558.GD8795@jeeves.decathlon> I just used kgpg to create a key pair on Suse 9.1, which uses UTF8 encoding, and it works fine. I imported a key pair I made last year on Suse 8.2, which used an 8859 encoding, and I can't enter a valid passphrase. Or rather the key pair was already present, I think. The same applies to two sets of keys on a floppy key ring made by PGP 5.0 back in 1998, One was made by 5.0, and the other was imported from 2.6 way back when. That was on a Windows machine. Can anyone explain what is going on? I think it is a UTF8 issue. I'm just getting started on gpg and kgpg after a long absense. -- Tom Hardy <*> rhardy@visi.com <*> http://www.visi.com/~rhardy Just don't create a file called -rf. --Larry Wall From atom at suspicious.org Thu Jul 22 18:16:56 2004 From: atom at suspicious.org (Atom 'Smasher') Date: Thu Jul 22 18:13:56 2004 Subject: UTF8 passphrase problem (I think) In-Reply-To: <20040709090558.GD8795@jeeves.decathlon> References: <20040709090558.GD8795@jeeves.decathlon> Message-ID: <20040722114123.J326@willy_wonka> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 hhmmm... still no answers on this? are there any characters in the passphrase that might be "special"? have you tried accessing the key in another UTF8 environment? kgpg? what are the chances that you forgot the correct passphrase? did you use the keys regularly? is it possible that caps-lock was on either when the keys were created or now that you're trying to use them? not that i think this would help, but did you try entering ^J and/or ^M before hitting ? did you use ^V immediately before other control (or special) characters? ...atom _________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 ------------------------------------------------- "The thing that bugs me is that the people think the FDA (Food and Drug Administration) is protecting them. It isn't. What the FDA is doing and what the public thinks it's doing are as different as night and day." -- Dr Ley, former Commissioner of the FDA -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures iQEcBAEBCAAGBQJA/+h9AAoJEAx/d+cTpVcibaoIAKMKL1J7KM0vdBnX+hN/+1bu U2bxpo78Kghy14JRaQbfRKKF73m5HAY6SrjVP58F7VCM7g9vCFaTg6pd7CG+DYNM CXdMMTuW8ueWFEJDNHRq819w8uEDpZyhhjHT2v60cWiqK7jWRaqNn9Y5iVy/ZQwo fHcerFJD9/NQEzDF4TK/u84eHwBaXx1a41vOYNvQ5tIjVRxr/PYMETsuvrkOgu8P UqxjcuhxJv0hRhfRQt7+3dKFQRJBmfETDdnE7Gx/DbeoMI70tkMV2eVllyreHW8M kz225VkyXgAczh+xfOqqwZODTe8BaWu/ds7bZMQL74p8omJE3Mzxr53o6eGQYHY= =2Dif -----END PGP SIGNATURE----- From rhardy at visi.com Thu Jul 22 19:51:41 2004 From: rhardy at visi.com (Tom Hardy) Date: Thu Jul 22 19:51:46 2004 Subject: UTF8 passphrase problem (I think) In-Reply-To: <20040722114123.J326@willy_wonka> References: <20040709090558.GD8795@jeeves.decathlon> <20040722114123.J326@willy_wonka> Message-ID: <20040722175141.GA6917@visi.com> On Thu, Jul 22, 2004 at 12:16:56PM -0400, Atom 'Smasher' wrote: > hhmmm... still no answers on this? > are there any characters in the passphrase that might be "special"? It should all be in the ASCII range. It doesn't appear that UTF-8 should be the problem, but it was the only thing I could think of, and I don't believe I clearly understand everything the gpg man page has to say about character sets. When did gpg make the switch to UTF internal encoding? Would it be a problem if gpg inherited keyrings from before the switch? The two Windows keys were imported by directly reading *.pgp, *.pkr. and *.skr files. The key from last year resided in a *.gpg file that the current gpg simply inherited during the latest system upgrade. > have you tried accessing the key in another UTF8 environment? kgpg? I currently have one home computer. Two of the keys were created under kgpg; only the last one under the the UTF8 environment, and that's the one that works. The two old ones were created under Windows in about 1998. They fail the same way as the kgpg one from last year, passphrase not accepted. As I quickly ran into limits using kgpg and/or wasn't sure it wasn't interfering, I tried gpg --edit-key with adduid to produce the failures as well as the success. > what are the chances that you forgot the correct passphrase? I've checked it as carefully as I know how. It is a quote from a book, the same for all keys. > did you use the keys regularly? I used the one from pgp 5.0 quite regularly in 1998; the one from 2.6 and last year's gpg one were just experiments. > is it possible that caps-lock was on either when the keys were created or > now that you're trying to use them? Just tried that. :-) > not that i think this would help, but did you try entering ^J and/or ^M > before hitting ? did you use ^V immediately before other control > (or special) characters? Just tried that (^M and ^J), too. It appears they are treated just like enter, terminating the sequence. I don't know the significance of ^V; in any case I didn't use it, and I have only printable ASCII characters in the passphrase. I'll try turning off UTF-8 systemwide once I figure out how. There is supposed to be a script to do it which I just have to find and read about. The old ones are on public servers as 0xD2E6A4B8, and 0xBC0E8015. The new ones are privately held for now. -- Tom Hardy <*> rhardy@visi.com <*> http://www.visi.com/~rhardy Just don't create a file called -rf. --Larry Wall From atom at suspicious.org Thu Jul 22 20:04:58 2004 From: atom at suspicious.org (Atom 'Smasher') Date: Thu Jul 22 20:01:54 2004 Subject: UTF8 passphrase problem (I think) In-Reply-To: <20040722175141.GA6917@visi.com> References: <20040709090558.GD8795@jeeves.decathlon> <20040722114123.J326@willy_wonka> <20040722175141.GA6917@visi.com> Message-ID: <20040722140405.V326@willy_wonka> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 are the keys usable for signing and decryption? is the problem only when you try to edit them? ...atom _________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 ------------------------------------------------- "Not a single war has been fought by vegetarians." -- Akbarali Jetha -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures iQEcBAEBCAAGBQJBAAHOAAoJEAx/d+cTpVciHCgIAKVPZAWX9kk+I/OhPLLBp0Re xQ2VjQhelN1B9dzCgzh6wHKmJVgJMgGtoXouMCedQMc11v6wVE6NzWwrR0hgDsux a9cZ0LQ93piUBQ/H7gTSk5VhapUORmbtr8YHE3I4BNvi+VTHUitglXCxmKbNAXBz NkpN9dPZxKOa/W53aPL0tMfZiWrwUzUAXccMX1Ccc+bnJ+XX5R8kP4aO5v43CilN 2lhGT4Jkn978jaxr0WSS6GLVIV17dfdFXaT1Q84td7zMkDXmA5vS5iVqq0vKKS7N iD3LdB/ZVzJzFmDAjZTgzZ10UOwpfWw2eLopvUYZioGhMz4AJPgGReLZAnPA9dM= =RvyQ -----END PGP SIGNATURE----- From vedaal at hush.com Thu Jul 22 21:02:01 2004 From: vedaal at hush.com (vedaal@hush.com) Date: Thu Jul 22 20:58:56 2004 Subject: UTF8 passphrase problem (I think) Message-ID: <200407221902.i6MJ24Zr004939@mailserver3.hushmail.com> Tom Hardy wrote: > I currently have one home computer. Two of the keys were created >under kgpg; only the last one under the the UTF8 environment, and >that's the one that works. The two old ones were created under >Windows in about 1998. >They fail the same way as the kgpg one from last year, passphrase not >accepted. do you have the IDEA module, and the option to load it, enabled? the pgp 2.6 key will not do anything that requires a passphrase without IDEA loaded, (although you can still encrypt to it and use it to verify) the pgp 5.0 key, if it is an RSA key, will also need IDEA (-btw // feature request, is it possible for gnupg to alert users with an error message that would indicate this type of problem, i.e., something like: " gpg: the symmetric algorithm used to protect this secret key is not available " ) with Respect, vedaal Concerned about your privacy? Follow this link to get secure FREE email: http://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger http://www.hushmail.com/services-messenger?l=434 Promote security and make money with the Hushmail Affiliate Program: http://www.hushmail.com/about-affiliate?l=427 From atom at suspicious.org Thu Jul 22 21:34:50 2004 From: atom at suspicious.org (Atom 'Smasher') Date: Thu Jul 22 21:31:50 2004 Subject: UTF8 passphrase problem (I think) In-Reply-To: <200407221902.i6MJ24Zr004939@mailserver3.hushmail.com> References: <200407221902.i6MJ24Zr004939@mailserver3.hushmail.com> Message-ID: <20040722152204.D326@willy_wonka> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Thu, 22 Jul 2004 vedaal@hush.com wrote: ========== i didn't think of the possibility that it's an IDEA encrypted key.... if you have pgpdump, try this... gpg --export-secret-key {key-id} | pgpdump | less towards the very top (with the encrypted secret key stuff, before the preferences) you'll see "Sym alg". what is it? ...atom _________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 ------------------------------------------------- "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- Benjamin Franklin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures iQEcBAEBCAAGBQJBABbeAAoJEAx/d+cTpVci3SEIAIxo2tBHEbfoJJatDyh8kNS5 qR68//yda28rrVE6aWYmU3oKWATOjxLufOBIB9YtuQQ0wJmM6+1Dm8dGcSntY7Bb olMjq07ngkJGjma6S7eiepsWWnkgbGBpPpDuUZ5SjyAYc4eLedHMhZo9s8zdJaPm 2hwIc6LbkyOPxb7fUMIvgI7fEJ8njWFhlcAKq7vXhQPQm2zhBnaoDkcfrcTY47E/ RJXuhw2FKNuGAz0naVByMPWbo1BMaR+EWwlGI0vr6EkXWko88Lbxb8NXxoEzfmUw nLUR6SEJWiNnraBmO0ocR5nZx1vc5cVQ5zGuDN31mpkqsf05BT0Np9C9/KNwyb4= =Q50G -----END PGP SIGNATURE----- From sanchezthecactus at yahoo.com Thu Jul 22 22:43:43 2004 From: sanchezthecactus at yahoo.com (Sanchez the Cactus) Date: Thu Jul 22 22:53:32 2004 Subject: Fwd: using gnupg with a secure ldap (ldaps) keyserver In-Reply-To: <20040716184809.GA15672@jabberwocky.com> Message-ID: <20040722204343.19739.qmail@web12102.mail.yahoo.com> --- David Shaw wrote: > On Fri, Jul 16, 2004 at 09:58:40AM -0700, Sanchez the Cactus wrote: > > > when I try with GnuPG 1.3.6 linked against OpenLDAP linked against either > > GNUTLS or OpenSSL, i get the following error: > > > > ./gpg -v --keyserver "ldaps://ldap.company.com/ou=pgp > keys,dc=company,dc=com" > > --search-keys keymaster > > gpg: NOTE: THIS IS A DEVELOPMENT VERSION! > > gpg: It is only intended for test purposes and should NOT be > > gpg: used in a production environment or with production keys! > > gpg: WARNING: using insecure memory! > > gpg: please see http://www.gnupg.org/faq.html for more information > > gpgkeys: unable to make SSL connection: not supported by the NAI LDAP > keyserver > > > > gpg: key "keymaster" not found on keyserver > > gpg: keyserver internal error > > gpg: keyserver search failed: keyserver error > > > > > > > > is the "NAI LDAP keyserver" not supported by GnuPG, or is there some > > other way to make GnuPG access it? > > It's not that GnuPG doesn't support it. The keyserver itself doesn't > support ldaps. GnuPG supports both ldaps and ldap using TLS. The old > NAI keyserver supports neither. If you want to communicate with the > NAI keyserver, you have to turn off ldaps or TLS. > > I think there is some confusion here. What exactly are you doing? > That is, where did you get this server? What software is it running? > What do you get if you run: > > ldapsearch -h ldap.company.com -P2 -x -b "cn=pgpServerInfo" -s base > cn=pgpServerInfo > > David that command gives: # extended LDIF # # LDAPv2 # base with scope base # filter: cn=pgpServerInfo # requesting: ALL # # search result search: 2 result: 32 No such object # numResponses: 1 anything else I try returns the same thing, but I don't know much/anything about LDAP, so I'm not sure what types of things I should be searching for. Trying ldapsearch with the -Z option (which, I believe, tries SSL), returns: ldap_start_tls: Connect error (91) additional info: Error in the certificate. ldap_bind: Local error (82) additional info: Error in the certificate. However, the ldap server is running phpLDAPadmin on an https:// port, so maybe if i describe the left tree, you can tell me what to try to search for using ldapsearch. The top level item is a computer icon with the label: ldap.company.com ( schema | search | refresh | create | info | import | logout ) are all links immediately below that. The only child of the computer is a globe icon with the label: dc=company,dc=com the globe has the following children: cn=Manager cn=pgpprefs ou=Group ou=People ou=PGP Keys I'll just comment on what appear to be the interesting ones: cn=pgpprefs has no child nodes. clicking on it gives the following entry attributes: cn: pgpprefs objectClass: pgpProfile ou=PGP Keys has the following children: cn=PGPServerInfo, which has the following entry attributes: cn=PGPServerInfo objectClass=pgpserverinfo pgpBaseKeySpaceDN=ou=PGP Keys,dc=company,dc=com pgpSoftware=OpenLDAP slapd pgpVersion=2.1.23.8 and a number of pgpCertID=XXXXXXXX entries, which contain the pgp keys, uids, etc as entry attribute Any ideas how I can get openldap to see these things? Thanks, -Joe __________________________________ Do you Yahoo!? Vote for the stars of Yahoo!'s next ad campaign! http://advision.webevents.yahoo.com/yahoo/votelifeengine/ From rhardy at visi.com Fri Jul 23 00:53:49 2004 From: rhardy at visi.com (Tom Hardy) Date: Fri Jul 23 03:07:41 2004 Subject: UTF8 passphrase problem (I think) References: <200407221902.i6MJ24Zr004939@mailserver3.hushmail.com> <20040722152204.D326@willy_wonka> Message-ID: <1111461.FmSQRajRmH@visi.com> Atom 'Smasher' wrote: > i didn't think of the possibility that it's an IDEA encrypted key.... > > if you have pgpdump, try this... > gpg --export-secret-key {key-id} | pgpdump | less > > towards the very top (with the encrypted secret key stuff, before the > preferences) you'll see "Sym alg". what is it? > I had to get and install pgpdump. I don't have IDEA but it appears that should only affect the 2.6 key (and see note below). E4042B72 Created 2004-07-09 with UTF system DSA Sym alg - CAST5(sym 3) o This works for signing and for adduid. 07cf11c6 Created 2003-09-16 under Linux/8859 DSA Sym alg - CAST5(sym 3) o Passphrase no good for signing or adduid. I think I should concentrate on this one and figure out why the passphrase isn't working. d2e6a4b8 Created 1998-06-23 with Windows/PGP5 DSA Sym alg - CAST5(sym 3) o Passphrase no good. If I can get 07cf11c6 to work, this one should too. bc0e8015 Created 1998-07-04 with Windows/2.6 RSA Sym alg - IDEA(sym 1) o This is the only one that uses IDEA. If I understand correctly, I will need the IDEA module to revoke it, presuming I can get the passphrase working even so. Revoking would be sufficient. Actually, I still have 2.6.2, Linux version instead of Windows version, but I suppose I would have to export/import to get a working key ring? More reading.... -- Tom Hardy <*> rhardy@visi.com <*> http://www.visi.com/~rhardy Just don't create a file called -rf. --Larry Wall From atom at suspicious.org Fri Jul 23 05:18:02 2004 From: atom at suspicious.org (Atom 'Smasher') Date: Fri Jul 23 05:15:06 2004 Subject: UTF8 passphrase problem (I think) In-Reply-To: <1111461.FmSQRajRmH@visi.com> References: <200407221902.i6MJ24Zr004939@mailserver3.hushmail.com> <20040722152204.D326@willy_wonka> <1111461.FmSQRajRmH@visi.com> Message-ID: <20040722224647.Q326@willy_wonka> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 for the keys that you're having problems with, have you tried to change (or reset) the passphrase using --edit-key (passwd, save)?? if it fails, what's the failure message? does it give you three tries to enter the passphrase? try that first... then.... hold on tight... 1) backup your keyrings. 2) make a junk directory: mkdir ~/junk 3) export the problem keys from the old keyring to the "junk" directory: gpg --export {key-id} | gpg --home ~/junk --import gpg --export-secret-key {key-id} | gpg --home ~/junk --import if that fails, what's the error message? 4) you now have the public and private (problem) keys in a new keyring. edit the new keyring and try to reset the passphrase (passwd, save): gpg --home ~/junk --edit-key {key-id} if that fails, what's the error message? 5) *if* that works, then purge the keys from the old keyring and import from the "junk" keyring: gpg --home ~/junk --export | gpg --import gpg --home ~/junk --export-secret-keys | gpg --import i actually don't have high hopes for this, but it *might* do the trick... or at least reveal some error messages that might point in the right direction. depending on your error message, i'm beginning to suspect that you may have lost the passphrases. did you do anything weird with uppercase/ lowercase letters? or substituting numbers for letters? or anything weird with spaces or punctuation? ...atom _________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 ------------------------------------------------- "We've got to pause and ask ourselves: How much clean air do we need?" -- Lee Iacocca, former president of Chrysler Motor Corp -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures iQEcBAEBCAAGBQJBAINyAAoJEAx/d+cTpVciqvQIALkImLt7dAVxKsEe5WWPlil0 9WW3ZdsJ5+Icub88bTLwmDMaOAU5pifi9exZv27G7gKh1GW2xLrisHsJx9B2PAca DJss0BXqq1fpyxac4hOZA+uzD0LXZZmt7QDoFlGgw5Ag24jm8jMgzK/XRmngUrcX VBwCoU7w3C7DC4XQjEyBqEmN5kDdREaWNjmr2d84BTBchqhLcxz8UZCLa7qSiCSS TFAbXm7SSMNUQY6Lh97QhmLVo05CwxEIDEVhy4K3f1tvdwOzBbSnzoRVbHFUrrFh i/Fm/DereVqgqIrx/i4ORpD79Jp9sCvhH5UFpI3tJhsmHQa3iItukAALqUE7uL4= =3lRg -----END PGP SIGNATURE----- From Holger.Sesterhenn at smgwtest.aachen.utimaco.de Fri Jul 23 08:53:57 2004 From: Holger.Sesterhenn at smgwtest.aachen.utimaco.de (Holger Sesterhenn) Date: Fri Jul 23 08:51:26 2004 Subject: UTF8 passphrase problem (I think) In-Reply-To: <1111461.FmSQRajRmH@visi.com> References: <200407221902.i6MJ24Zr004939@mailserver3.hushmail.com> <20040722152204.D326@willy_wonka> <1111461.FmSQRajRmH@visi.com> Message-ID: <4100B605.70903@smgwtest.aachen.utimaco.de> Hi Tom, >>i didn't think of the possibility that it's an IDEA encrypted key.... If a key is older than 1999 and it is an RSA key the possibilty is not that small, especially if it is created with PGP 5.x ;-) > 07cf11c6 Created 2003-09-16 under Linux/8859 DSA Sym alg - CAST5(sym 3) > > o Passphrase no good for signing or adduid. I think I should > concentrate on this one and figure out why the passphrase isn't > working. This is strange. > d2e6a4b8 Created 1998-06-23 with Windows/PGP5 DSA Sym alg - CAST5(sym 3) > o Passphrase no good. If I can get 07cf11c6 to work, this one should > too. I am not sure but using CAST5 as the sym algo for encryption does not necessarly mean your passphrase is encrypted using CAST5, too. I have not dig into the source of PGP 5 but there has been some discussions on this point a few month ago (David?). PGP 5 can encrypt messages (and the passphrase of course) using IDEA even if the key is of version 4 (DSA/ElGamal or RSA V4) like yours. > bc0e8015 Created 1998-07-04 with Windows/2.6 RSA Sym alg - IDEA(sym 1) > > o This is the only one that uses IDEA. Have you ever tried to use the evaluation version of PGP to clear the passphrases, export the keys and import them with GnuPG? Or use the old PGP for linux version? (5.x) -- Best Regards, Holger Sesterhenn Internet http://www.utimaco.com From Holger.Sesterhenn at smgwtest.aachen.utimaco.de Fri Jul 23 11:28:48 2004 From: Holger.Sesterhenn at smgwtest.aachen.utimaco.de (Holger Sesterhenn) Date: Fri Jul 23 11:26:13 2004 Subject: Signatur type 0x30, Certification revocation signatures Message-ID: <4100DA50.8010004@smgwtest.aachen.utimaco.de> Hi, I do some tests with key/uid revocation. Calling 'gpg --edit' I use the commands 'revuid' on a uid and 'revsig' on the self signature of the same uid. The result (using --list-packets) seems to be 2 additional signatures of type 0x30 on this uid. Looks like there a two ways to get the same effect (revoke this uid). Correct? -- Best Regards, Holger Sesterhenn http://www.utimaco.com From dshaw at jabberwocky.com Fri Jul 23 19:07:00 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Fri Jul 23 19:03:59 2004 Subject: Signatur type 0x30, Certification revocation signatures In-Reply-To: <4100DA50.8010004@smgwtest.aachen.utimaco.de> References: <4100DA50.8010004@smgwtest.aachen.utimaco.de> Message-ID: <20040723170700.GF13749@jabberwocky.com> On Fri, Jul 23, 2004 at 11:28:48AM +0200, Holger Sesterhenn wrote: > Hi, > > I do some tests with key/uid revocation. > > Calling 'gpg --edit' I use the commands 'revuid' on a uid and 'revsig' > on the self signature of the same uid. The result (using --list-packets) > seems to be 2 additional signatures of type 0x30 on this uid. > > Looks like there a two ways to get the same effect (revoke this uid). > > Correct? Yes. Revoking a self-signature effectively revokes that user ID. "revuid" and "revsig" on a self-signature are identical. David From tv at beamnet.de Fri Jul 23 20:41:49 2004 From: tv at beamnet.de (Thomas Viehmann) Date: Fri Jul 23 20:38:35 2004 Subject: gpg --edit-key when the key has many signatures In-Reply-To: <20040722125205.GA13749@jabberwocky.com> References: <40FD7F17.90608@beamnet.de> <20040720214504.GA823@jabberwocky.com> <40FE0FF1.7020707@beamnet.de> <20040721113504.GC4266@jabberwocky.com> <40FEBE74.3060909@beamnet.de> <20040721194547.GA11286@jabberwocky.com> <40FECC19.70505@beamnet.de> <20040722125205.GA13749@jabberwocky.com> Message-ID: <41015BED.9080104@beamnet.de> David Shaw wrote: [...] OK, at Marcus suggestion I tried subkeys.pgp.net and didn't have any problems with that. Thanks so much for tracking down the problem, kind regards Thomas -- Thomas Viehmann, From rhardy at visi.com Fri Jul 23 22:01:12 2004 From: rhardy at visi.com (Tom Hardy) Date: Fri Jul 23 22:06:56 2004 Subject: UTF8 passphrase problem (I think) References: <200407221902.i6MJ24Zr004939@mailserver3.hushmail.com> <20040722152204.D326@willy_wonka> <1111461.FmSQRajRmH@visi.com> <20040722224647.Q326@willy_wonka> Message-ID: <3261806.mrqRWAnMFu@visi.com> Atom 'Smasher' wrote: > for the keys that you're having problems with, have you tried to > change (or reset) the passphrase using --edit-key (passwd, save)?? if > it fails, what's the failure message? does it give you three tries to > enter the passphrase? Passwd fails the same way as adduid. Jumping ahead a bit by showing the edit attempt on the exported version: tom@jeeves:~> gpg --home ~/gpg-junk/ --edit-key 07cf11c6 gpg: WARNING: unsafe permissions on homedir "/home/tom/gpg-junk/" gpg (GnuPG) 1.2.4; Copyright (C) 2003 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. Secret key is available. gpg: checking the trustdb gpg: no ultimately trusted keys found pub 1024D/07CF11C6 created: 2003-09-16 expires: never trust: -/- sub 1024g/4EA3E9C5 created: 2003-09-16 expires: never (1). Tom Hardy Command> passwd Key is protected. You need a passphrase to unlock the secret key for user: "Tom Hardy " 1024-bit DSA key, ID 07CF11C6, created 2003-09-16 gpg: Invalid passphrase; please try again ... You need a passphrase to unlock the secret key for user: "Tom Hardy " 1024-bit DSA key, ID 07CF11C6, created 2003-09-16 gpg: Invalid passphrase; please try again ... You need a passphrase to unlock the secret key for user: "Tom Hardy " 1024-bit DSA key, ID 07CF11C6, created 2003-09-16 Can't edit this key: bad passphrase Command> q > try that first... then.... hold on tight... > > 1) backup your keyrings. > > 2) make a junk directory: > mkdir ~/junk ~/gpg-junk, as shown above. > 3) export the problem keys from the old keyring to the "junk" > directory: > gpg --export {key-id} | gpg --home ~/junk --import > gpg --export-secret-key {key-id} | gpg --home ~/junk --import > if that fails, what's the error message? Interesting thing here, when I tried pasting and editing your example I got stuff like this: tom@jeeves:~> gpg?--export?{07cf11c6}?|?gpg?--home?~/gpg-junk?--import bash: gpg?--export?{07cf11c6}?: command not found bash: ?gpg?--home?~/gpg-junk?--import: No such file or directory But when I typed it all directly, it worked. Shows, I guess, that character encoding can be non-obvious. I have your mail available on a news spool. I opened it in a hex editor and the relevant part is all ASCII; spaces are 0x20. I copied my pasted version into the hex editor; spaces are 0xa0. I copied my typed version in and spaces are 0x20. I'm not sure of the significance, but I do suspect I am having problems with the encoding, after all. > > 4) you now have the public and private (problem) keys in a new > keyring. edit the new keyring and try to reset the passphrase (passwd, > save): > gpg --home ~/junk --edit-key {key-id} > if that fails, what's the error message? As shown above. I tried both before and after exporting; same result. > > 5) *if* that works, then purge the keys from the old keyring and > import from the "junk" keyring: > gpg --home ~/junk --export | gpg --import > gpg --home ~/junk --export-secret-keys | gpg --import > > i actually don't have high hopes for this, but it *might* do the > trick... or at least reveal some error messages that might point in > the right direction. depending on your error message, i'm beginning to > suspect that you may have lost the passphrases. did you do anything > weird with uppercase/ lowercase letters? or substituting numbers for > letters? or anything weird with spaces or punctuation? No. I used mostly lowercase, some uppercase, some punctuation, all ASCII. I don't think I've forgotten the passphrase. Or do you mean gpg could have lost the passphrase? If so, I still have the original PGP 5 keyrings on a DOS formatted floppy, and I've never used the GPG one from last year, so I could just get rid of it, but it could be helpful in working out what is going on. I'll keep it for now. I also found a script, /bin/unicode_stop. Tried it and it made no difference, but here it is anyway: #!/bin/sh # stop unicode TTY=`/usr/bin/tty` case $TTY in /dev/console|/dev/tty[0-9]*) ;; *) echo "unicode_stop skipped on $TTY" exit 0 ;; esac kbd_mode -a echo -n -e '\033%@' # "dumpkeys | loadkeys --unicode" which is called in "unicode_start" # cannot be reverted, therefore we have to load the keyboard mapping again # if it could be sucessfully saved in "unicode_start": test -r $HOME/.kbd/.keymap_sv && loadkeys $HOME/.kbd/.keymap_sv -- Tom Hardy <*> rhardy@visi.com <*> http://www.visi.com/~rhardy Just don't create a file called -rf. --Larry Wall From atom at suspicious.org Fri Jul 23 22:58:42 2004 From: atom at suspicious.org (Atom 'Smasher') Date: Fri Jul 23 22:55:47 2004 Subject: UTF8 passphrase problem (I think) In-Reply-To: <3261806.mrqRWAnMFu@visi.com> References: <200407221902.i6MJ24Zr004939@mailserver3.hushmail.com> <20040722152204.D326@willy_wonka> <1111461.FmSQRajRmH@visi.com> <20040722224647.Q326@willy_wonka> <3261806.mrqRWAnMFu@visi.com> Message-ID: <20040723165619.W326@willy_wonka> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Fri, 23 Jul 2004, Tom Hardy wrote: > Interesting thing here, when I tried pasting and editing your example I > got stuff like this: > > tom@jeeves:~> gpgÿÿ--exportÿÿ{07cf11c6}ÿÿ|ÿÿgpgÿÿ--homeÿÿ~/gpg-junkÿÿ--import > bash: gpgÿÿ--exportÿÿ{07cf11c6}ÿÿ: command not found > bash: ÿÿgpgÿÿ--homeÿÿ~/gpg-junkÿÿ--import: No such file or directory > > But when I typed it all directly, it worked. Shows, I guess, that > character encoding can be non-obvious. I have your mail available on a > news spool. I opened it in a hex editor and the relevant part is all > ASCII; spaces are 0x20. I copied my pasted version into the hex > editor; spaces are 0xa0. I copied my typed version in and spaces are > 0x20. I'm not sure of the significance, but I do suspect I am having > problems with the encoding, after all. ===================== and you do have spaces in your passphrase, right? i would try editing the keys on a different machine... or, maybe load up a knoppix-like OS from CD and try editing your keys on that. ...atom _________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 ------------------------------------------------- "I believe that banking institutions are more dangerous to our liberties than standing armies." -- Thomas Jefferson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures iQEcBAEBCAAGBQJBAXwNAAoJEAx/d+cTpVcigWcH/jh59OgmtQJK6+8x1Ja6m76Z 5YZ40WZFv3/qHOeQj160lnvSTAWOn0af34reuD+0tib+Ci1AVV2K+Zkeg71jmI4n u+4sczu9NLIkrxkQAMtY29anFv5CRVQSIafHnfIGX2FzB83h/w3UlqSCP6U8qW/5 NiHGhhQFNQeRfDi0cUWXebosbGiyjHrvGygRDtWeur21rl7Cdczg3Vobq7Y4dbtG s2Rx2x7pMCep+tzWF3Nzgi6gbaVLLdYPSbt8NPxhfK0Qsf+dma7a+yCll+4NcSaP 71m105+Zn7eQ12s67Fd0H7c4Aiy8IYMC8lq6ockOwsjYOzjwiJ62VGS85uVU0Tk= =QBRC -----END PGP SIGNATURE----- From rhardy at visi.com Sat Jul 24 00:43:17 2004 From: rhardy at visi.com (Tom Hardy) Date: Sat Jul 24 00:46:33 2004 Subject: UTF8 passphrase problem (I think) References: <200407221902.i6MJ24Zr004939@mailserver3.hushmail.com> <20040722152204.D326@willy_wonka> <1111461.FmSQRajRmH@visi.com> <20040722224647.Q326@willy_wonka> <3261806.mrqRWAnMFu@visi.com> <20040723165619.W326@willy_wonka> Message-ID: <2215579.KRrg4pBzoY@visi.com> Atom 'Smasher' wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On Fri, 23 Jul 2004, Tom Hardy wrote: > >> Interesting thing here, when I tried pasting and editing your example >> I got stuff like this: >> >> tom@jeeves:~> >> gpg??--export??{07cf11c6}??|??gpg??--home??~/gpg-junk??--import bash: >> gpg??--export??{07cf11c6}??: command not found bash: >> ??gpg??--home??~/gpg-junk??--import: No such file or directory >> >> But when I typed it all directly, it worked. Shows, I guess, that >> character encoding can be non-obvious. Ulp! Well it was non-obvious when I sent it off, and when it came back to me too. 0xA0, or no-break space in 8859-1 on my news spool, and which ain't even supposed be possible under UTF-8--it indicates a continuation byte. Mutt shows it as "??", two bytes. I can't wait to see what Mutt says you said. (I get the digest.) You quoted me with 0xFFFF, another impossible UTF encoding, or a pair of "y"'s with diaeresis under 8859-1, on my news spool. [...] > and you do have spaces in your passphrase, right? Yup. The matter is still not explained, but the next step is obvious... > > i would try editing the keys on a different machine... or, maybe load > up a knoppix-like OS from CD and try editing your keys on that. Well, I can still boot into Win98--I guess I need to dig up a copy of PGP or GPG for it. And then to send some feedback to Suse, depending on how things go. -- Tom Hardy <*> rhardy@visi.com <*> http://www.visi.com/~rhardy Just don't create a file called -rf. --Larry Wall From rhardy at visi.com Sat Jul 24 02:34:32 2004 From: rhardy at visi.com (Tom Hardy) Date: Sat Jul 24 03:42:47 2004 Subject: UTF8 passphrase problem (I think) References: <200407221902.i6MJ24Zr004939@mailserver3.hushmail.com> <20040722152204.D326@willy_wonka> <1111461.FmSQRajRmH@visi.com> <4100B605.70903@smgwtest.aachen.utimaco.de> Message-ID: <1912480.hDNxTVv7Hd@visi.com> Holger Sesterhenn wrote: > Hi Tom, > [...] > Have you ever tried to use the evaluation version of PGP to clear the > passphrases, export the keys and import them with GnuPG? > > Or use the old PGP for linux version? (5.x) > I just downloaded PGP 5.0 source and binary RPM's from somewhere on the net. :-) Haven't done anything with them--don't know I can trust 'em. Do you have anything like an official source for PGP for linux? On the other hand, I'm pretty sure I have PGP 5.0 for Windows around here somewhere, I'll just have to rummage around for it. Thanks. -- Tom Hardy <*> rhardy@visi.com <*> http://www.visi.com/~rhardy Just don't create a file called -rf. --Larry Wall From miernik at ctnet.pl Sun Jul 25 23:29:31 2004 From: miernik at ctnet.pl (Miernik) Date: Sun Jul 25 23:37:35 2004 Subject: where is the format of --list-sigs explained? Message-ID: <20040725212931.1614.0.NOFFLE%miernik@ctnet.pl.local> Where is the format of gpg --list-sigs explained? I cannot find it anywhere. What doesn D, R and g mean (as in pub 1024D/ABC292D1)? What do these flags mean: sig 3 P sig 3 R sig 3 PN sig 3 X Can there be any other flags there? -- Miernik _________________________ xmpp:miernik@amessage.info ___________________/__ tel: +48888299997 __/ mailto:miernik@ctnet.pl http://www.miernik.ctnet.pl/ From atom at suspicious.org Mon Jul 26 00:17:13 2004 From: atom at suspicious.org (Atom 'Smasher') Date: Mon Jul 26 00:14:10 2004 Subject: where is the format of --list-sigs explained? In-Reply-To: <20040725212931.1614.0.NOFFLE%miernik@ctnet.pl.local> References: <20040725212931.1614.0.NOFFLE%miernik@ctnet.pl.local> Message-ID: <20040725180318.B326@willy_wonka> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Sun, 25 Jul 2004, Miernik wrote: > Where is the format of gpg --list-sigs explained? > > I cannot find it anywhere. > > What doesn D, R and g mean (as in pub 1024D/ABC292D1)? ==================== D = DSA signing key (or subkey) g = elgamal encryption subkey R = RSA signing and/or encryption key (or subkey) > What do these flags mean: > > sig 3 P > sig 3 R > sig 3 PN > sig 3 X > > Can there be any other flags there? ====================== from the man page... --list-sigs [names] Same as --list-keys, but the signatures are listed too. For each signature listed, there are several flags in between the "sig" tag and keyid. These flags give additional information about each signature. From left to right, they are the numbers 1-3 for certificate check level (see --default-cert-check-level), "L" for a local or non-exportable signature (see --lsign-key), "R" for a nonRevocable signature (see --nrsign-key), "P" for a signature that contains a policy URL (see --cert-policy-url), "N" for a signature that contains a notation (see --cert-notation), and "X" for an eXpired signature (see --ask-cert-expire). ...atom _________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 ------------------------------------------------- "Never attribute to malice that which is adequately explained by stupidity." -- Napoleon Bonaparte -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures iQEcBAEBCAAGBQJBBDFuAAoJEAx/d+cTpVcixWYH/A1A+mG7H5haSzR6My5SX3bA CDGRDsslojG3MIeZP5G/PIHgYo/NtUuKXCxk7SYmIj33kT3EZ4A16yGqd2fb1Ws/ ez3bRWcZk3hldOrZTC1x+kJcBNmQfMZivFZvvCMaQMevIGZyJVVXfzxuUGlquD2L H7iVwWDhnVcr2RkOl0RWsgbs7nCwmXARSRTTHdckW6NjV+o/65w+BYUUhiGuKMZD m6S+y6L/AUzJzOItpGbDOS6aqgAGchlQnBDtB4hrgI7DMlFnVdx7kQhLmEv4Gze0 0WJVrmYE/ZkWymyzGLBwGw0mnks80LiN5Uqoo7xlS8zxerzo5iHharMhbO6xw6I= =nsBC -----END PGP SIGNATURE----- From jharris at widomaker.com Mon Jul 26 00:56:01 2004 From: jharris at widomaker.com (Jason Harris) Date: Mon Jul 26 00:53:13 2004 Subject: new (2004-07-25) keyanalyze results (+sigcheck) Message-ID: <20040725225600.GM3286@wilma.widomaker.com> New keyanalyze results are available at: http://keyserver.kjsl.com/~jharris/ka/2004-07-25/ Signatures are now being checked using keyanalyze+sigcheck: http://dtype.org/~aaronl/ Earlier reports are also available, for comparison: http://keyserver.kjsl.com/~jharris/ka/ Even earlier monthly reports are at: http://dtype.org/keyanalyze/ SHA-1 hashes and sizes for all the "permanent" files: 3b026af0945191092bdf7458dd34f5655a7f5e16 10107972 preprocess.keys 2c99316b5d8797011a7fdd5afc7f42acc8a3a7c4 6729318 othersets.txt 9d0c9a5d25a3d33e115fccc1352b6faa562a7251 2587366 msd-sorted.txt b0f152cbac2bff77aeed70a933fec6d7ac3e7b71 1484 index.html 87f663fa82b1dbe6b7dcc4e6303860b3922ff6fa 2289 keyring_stats ee218463307036a0093f248847ec9913566822e7 1019224 msd-sorted.txt.bz2 b28357402791e2c1750fcf6ea7bed939c5fb0f66 26 other.txt d2d0091502bb6cefb35dd88e2ea9fdfe5d8a7bf5 1436727 othersets.txt.bz2 8e97672279a6bfbe03eefb371c93b7d576dde0da 4111519 preprocess.keys.bz2 8b1db5dd536d0dd1fe1f294525c95a3513d985c6 10066 status.txt 6042b15dbc23d8e8c259c8b0f47de321ea177d98 211747 top1000table.html c3a12342443bbc7f186e35fbcf449dc19275edeb 30617 top1000table.html.gz c5e3976e4d8ed93be1c293058917880563bae882 11018 top50table.html 3346c9b44dbda208d6d7cad2feace90482c86be3 2539 D3/D39DA0E3 -- Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it? jharris@widomaker.com _|_ web: http://keyserver.kjsl.com/~jharris/ Got photons? (TM), (C) 2004 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : /pipermail/attachments/20040725/54004bd1/attachment.bin From mnman at pd.jaring.my Mon Jul 26 14:29:45 2004 From: mnman at pd.jaring.my (omn) Date: Mon Jul 26 14:26:46 2004 Subject: could not encrypt to 29 keys using gpgshell Message-ID: <708552391.20040726202945@pd.jaring.my> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello gnupg-users, I have problem using gpgshell. When I want to encrypt n sign to 29 group members keys using gpgtray current window, I received following message: "bad command or file name". I could encrypt n sign to 28 members keys. Anybody using gpgshell encounter this problem ? By the way I use gnupg 1.2.4 and gpgshell 3.20. OS Windows ME. - -- Best regards, omn mailto:mnman@pd.jaring.my -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (MingW32) - GPGshell v3.20 iD8DBQFBBPkJD4z+linXN40RAgXPAKDVTx5TCmaIVn1H5JNvOzztGGiW1QCgp6Bo +jSunSRQ/ey2g5Dyn+kijpU= =07QG -----END PGP SIGNATURE----- From jas at extundo.com Mon Jul 26 20:51:01 2004 From: jas at extundo.com (Simon Josefsson) Date: Mon Jul 26 20:47:58 2004 Subject: gpg 1.9.10 confused about default user id? Message-ID: In my ~/.gnupg/gpg.conf I have 'default-key B565716F'. When I try to sign a key, gpg things it should use an expired and disabled key of mine instead. See below. How can I get it to use my current key? gpg 1.2 work fine. jas@latte:~$ gpg2 --edit-key C14EB282 Secure memory is not locked into core gpg (GnuPG) 1.9.10-cvs; Copyright (C) 2004 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. gpg: NOTE: THIS IS A DEVELOPMENT VERSION! gpg: It is only intended for test purposes and should NOT be gpg: used in a production environment or with production keys! pub 1024D/C14EB282 created: 2003-08-25 expires: never trust: unknown validity: unknown sub 1024g/7287A947 created: 2003-08-25 expires: never (1). Pav Lucistnik (2) Pav Lucistnik (3) Jan Hornyak Command> sign Really sign all user IDs? y pub 1024D/C14EB282 created: 2003-08-25 expires: never trust: unknown validity: unknown Primary key fingerprint: 2622 B7E3 7DA5 5C53 2079 855B 9ED7 583F C14E B282 Pav Lucistnik Pav Lucistnik Jan Hornyak How carefully have you verified the key you are about to sign actually belongs to the person named above? If you don't know what to answer, enter "0". (0) I will not answer. (default) (1) I have not checked at all. (2) I have done casual checking. (3) I have done very careful checking. Your selection? (enter '?' for more information): 3 Are you really sure that you want to sign this key with your key: "Simon Josefsson " (5C980097) I have checked this key very carefully. Really sign? ^C ... jas@latte:~$ gpg2 --edit-key 5C980097 Secure memory is not locked into core gpg (GnuPG) 1.9.10-cvs; Copyright (C) 2004 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. gpg: NOTE: THIS IS A DEVELOPMENT VERSION! gpg: It is only intended for test purposes and should NOT be gpg: used in a production environment or with production keys! Secret key is available. pub 1024D/5C980097 created: 2001-04-10 expires: 2002-04-10 trust: unknown validity: expired *** This key has been disabled sub 768g/368A26A6 created: 2001-04-10 expires: 2002-04-10 (1). Simon Josefsson (2) Simon Josefsson (3) Simon Josefsson (4) Simon Josefsson Command> quit From atom at suspicious.org Fri Jul 23 06:08:30 2004 From: atom at suspicious.org (Atom 'Smasher') Date: Mon Jul 26 21:23:15 2004 Subject: Cryptographers and U.S. Immigration Message-ID: <20040723000559.L326@willy_wonka> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ...atom _________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 ------------------------------------------------- "When the government fears the people, you have liberty. When the people fear the government, you have tyranny." --Thomas Jefferson <<<<<<<<<<<<<<<<<<<<<<<<<< http://www.schneier.com/crypto-gram-0407.html#3 Cryptographers and U.S. Immigration Seems like cryptographers are being questioned when they enter the U.S. these days. Recently I received this (anonymous) comment: "It seems that the U.S. State Department has a keen interest in foreign cryptographers: Yesterday I tried to renew my visa to the States, and after standing in line and getting fingerprinted, my interviewer, upon hearing that my company sells [a cryptography product], informed me that "due to new regulations," Washington needs to approve my visa application, and that to do so, they need to know exactly which companies I plan to visit in the States, points of contact, etc. etc. Quite a change from my last visa application, for which I didn't even have to show up." I'm curious if any of my foreign readers have similar stories. There are international cryptography conferences held in the United States all the time. It would be a shame if they lost much of their value because of visa regulations. #### -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures iQEcBAEBCAAGBQJBAI9EAAoJEAx/d+cTpVcibb0IAIPYNzglmGiNyBLP4ogd5bI8 bSUCTLLIHkp4+dOKuxcuoNTagsNBfDC1Ny1BCL60grW5yoY0hiS1SzY+aw2/VrHg 6DEJVtXTSae/oEZv/czlVJsvI+U+OBD2JqlXIyFiayfR1R6yMVoMrX3RVyB7UklG 3a10ehfuY+pKkZa6JwYlM+TGxrNNCR5UOoNV1TdL40oLBTb0uFs+WG2tY+KYuypO ChdyAsTlBQw7b6rGRoOti93Wi4XxkFH39cFxDfRIG8Ah+J2QkRjwFrO+aUwCG7ds SjBfjV1kBWsXChS+vfzZBmwvGwZx3EDKfpBecybokyvV1jpdugyiRnV/UPERnro= =ytcR -----END PGP SIGNATURE----- From wk at gnupg.org Tue Jul 27 09:08:21 2004 From: wk at gnupg.org (Werner Koch) Date: Tue Jul 27 09:08:22 2004 Subject: [Announce] GnuPG 1.2.5 released Message-ID: Hello! We are pleased to announce the availability of a new stable GnuPG release: Version 1.2.5 The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It is a complete and free replacement of PGP and can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. This is mainly a bug fix release; for details see the "What's New" section below. Getting the Software ==================== Please follow the instructions found at http://www.gnupg.org/download/ or read on: GnuPG 1.2.5 may be downloaded from one of the GnuPG mirror sites or direct from ftp://ftp.gnupg.org/gcrypt . The list of mirrors can be found at http://www.gnupg.org/mirrors.html . Note, that GnuPG is not available at ftp.gnu.org. On the mirrors you should find the following files in the *gnupg* directory: gnupg-1.2.5.tar.bz2 (2430k) gnupg-1.2.5.tar.bz2.sig GnuPG source compressed using BZIP2 and OpenPGP signature. gnupg-1.2.5.tar.gz (3559k) gnupg-1.2.5.tar.gz.sig GnuPG source compressed using GZIP and OpenPGP signature. gnupg-1.2.4-1.2.5.diff.gz (979k) A patch file to upgrade a 1.2.4 GnuPG source. This file is signed; you have to use GnuPG > 0.9.5 to verify the signature. GnuPG has a feature to allow clear signed patch files which can still be processed by the patch utility. Select one of them. To shorten the download time, you probably want to get the BZIP2 compressed file. Please try another mirror if exceptional your mirror is not yet up to date. In the *binary* directory, you should find these files: gnupg-w32cli-1.2.5.zip (1468k) gnupg-w32cli-1.2.5.zip.sig GnuPG compiled for Microsoft Windows and OpenPGP signature. Note that this is a command line version and comes without a graphical installer tool. You have to use an UNZIP utility to extract the files and install them manually. The included file README.W32 has further instructions. Checking the Integrity ====================== In order to check that the version of GnuPG which you are going to install is an original and unmodified one, you can do it in one of the following ways: * If you already have a trusted version of GnuPG installed, you can simply check the supplied signature. For example to check the signature of the file gnupg-1.2.4.tar.bz2 you would use this command: gpg --verify gnupg-1.2.5.tar.bz2.sig This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by that signing key. Make sure that you have the right key, either by checking the fingerprint of that key with other sources or by checking that the key has been signed by a trustworthy other key. Note, that you can retrieve the signing key using "finger wk 'at' g10code.com" or "dd9jn 'at' gnu.org" or using the keyservers. I recently prolonged the expiration date; thus you might need a fresh copy of that key. Never use a GnuPG version you just downloaded to check the integrity of the source - use an existing GnuPG installation! * If you are not able to use an old version of GnuPG, you have to verify the MD5 checksum. Assuming you downloaded the file gnupg-1.2.5.tar.bz2, you would run the md5sum command like this: md5sum gnupg-1.2.5.tar.bz2 and check that the output matches the first line from the following list: 9109ff94f7a502acd915a6e61d28d98a gnupg-1.2.5.tar.gz e4991e46fde52b216410ef0f485b4217 gnupg-1.2.5.tar.bz2 d591cb58a7bc81d4e5572260ba2cd595 gnupg-1.2.4-1.2.5.diff.gz 3d93d73942117c4c0182cb15e01de70f gnupg-w32cli-1.2.5.zip Upgrade Information =================== If you are upgrading from a version prior to 1.0.7, you should run the script tools/convert-from-106 once. Please note also that due to a bug in versions prior to 1.0.6 it may not be possible to downgrade to such versions unless you apply the patch http://www.gnupg.org/developer/gpg-woody-fix.txt . If you have any problems, please see the FAQ and the mailing list archive at http://lists.gnupg.org. Please direct questions to the gnupg-users@gnupg.org mailing list. What's New =========== Here is a list of major user visible changes since 1.2.4: * New --ask-cert-level/--no-ask-cert-level option to turn on and off the prompt for signature level when signing a key. Defaults to on. * New --min-cert-level option to disregard key signatures that are under a specified level. Defaults to 1 (i.e. don't disregard anything). * New --max-output option to limit the amount of plaintext output generated by GnuPG. This option can be used by programs which call GnuPG to process messages that may result in plaintext larger than the calling program is prepared to handle. This is sometimes called a "Decompression Bomb". * New --list-config command for frontends and other programs that call GnuPG. See doc/DETAILS for the specifics of this. * New --gpgconf-list command for internal use by the gpgconf utility from gnupg 1.9.x. * Some performance improvements with large keyrings. See --enable-key-cache=SIZE in the README file for details. * Some portability fixes for the OpenBSD/i386, HPPA, and AIX platforms. * Simplified Chinese translation. Internationalization ==================== GnuPG comes with support for 28 languages: American English Indonesian (id) Bela-Russian (be)[*] Italian (it) Catalan (ca)[*] Japanese (ja)[*] Czech (cs) Polish (pl) Danish (da)[*] Brazilian Portuguese (pt_BR)[*] Dutch (nl) Portuguese (pt)[*] Esperanto (eo)[*] Romanian (ro) Estonian (et) Russian (ru) Finnish (fi) Slovak (sk) French (fr) Spanish (es) Galician (gl)[*] Swedish (sv)[*] German (de) Traditional Chinese (zh_TW)[*] Greek (el) Simplified Chinese (zh_CN) Hungarian (hu) Turkish (tr) Languages marked with [*] were not updated for this release and you may notice untranslated messages. Many thanks to the translators for their ongoing support of GnuPG. Future Directions ================= GnuPG 1.2.x is the current stable branch and won't undergo any serious changes. We will just fix bugs and add compatibility fixes as required. GnuPG 1.3.x is the version were we do most new stuff and it will lead to the next stable version 1.4 not too far away. GnuPG 1.9.x is next generation GnuPG. This version merged the code From the Aegypten project and thus it includes the gpg-agent, a smartcard daemon and gpg's S/MIME cousin gpgsm. The design is different to the previous versions and we may not support all ancient systems - thus POSIX compatibility will be an absolute requirement for supported platforms. 1.9 is based on an somewhat older 1.3 code and will peacefully coexist with other GnuPG versions. Happy Hacking, The GnuPG Team (David, Stefan, Timo and Werner) -- Werner Koch The GnuPG Experts http://g10code.com Free Software Foundation Europe http://fsfeurope.org -------------- next part -------------- _______________________________________________ Gnupg-announce mailing list Gnupg-announce@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce From hgr at vabo.cz Tue Jul 27 09:42:03 2004 From: hgr at vabo.cz (Ladislav Hagara) Date: Tue Jul 27 09:40:00 2004 Subject: GnuPG 1.2.5 - make install Message-ID: <4106074B.5097706E@vabo.cz> Howdy, just trying to install GnuPG 1.2.5 and got this error during "make install": mkdir -p -- /usr/local/libexec/gnupg /bin/sh ../scripts/mkinstalldirs /usr/local/libexec/gnupg make[2]: Nothing to be done for `install-data-am'. make[2]: Leaving directory `/tmp/A/gnupg-1.2.5/keyserver' make[1]: Leaving directory `/tmp/A/gnupg-1.2.5/keyserver' Making install in po make[1]: Entering directory `/tmp/A/gnupg-1.2.5/po' /bin/sh `case "../scripts/mkinstalldirs" in /*) echo "../scripts/mkinstalldirs" ;; *) echo "../../scripts/mkinstalldirs" ;; esac` /usr/local/share ../../scripts/mkinstalldirs: ../../scripts/mkinstalldirs: No such file or directory make[1]: *** [install-data-yes] Error 127 make[1]: Leaving directory `/tmp/A/gnupg-1.2.5/po' make: *** [install-recursive] Error 1 - lace - From wk at gnupg.org Tue Jul 27 09:42:37 2004 From: wk at gnupg.org (Werner Koch) Date: Tue Jul 27 09:56:31 2004 Subject: [Announce] GnuPG 1.2.5 released Message-ID: <871xixkiaa.fsf@wheatstone.g10code.de> [reposted due to the Mailman garbled signature] Hello! We are pleased to announce the availability of a new stable GnuPG release: Version 1.2.5 The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It is a complete and free replacement of PGP and can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. This is mainly a bug fix release; for details see the "What's New" section below. Getting the Software ==================== Please follow the instructions found at http://www.gnupg.org/download/ or read on: GnuPG 1.2.5 may be downloaded from one of the GnuPG mirror sites or direct from ftp://ftp.gnupg.org/gcrypt . The list of mirrors can be found at http://www.gnupg.org/mirrors.html . Note, that GnuPG is not available at ftp.gnu.org. On the mirrors you should find the following files in the *gnupg* directory: gnupg-1.2.5.tar.bz2 (2430k) gnupg-1.2.5.tar.bz2.sig GnuPG source compressed using BZIP2 and OpenPGP signature. gnupg-1.2.5.tar.gz (3559k) gnupg-1.2.5.tar.gz.sig GnuPG source compressed using GZIP and OpenPGP signature. gnupg-1.2.4-1.2.5.diff.gz (979k) A patch file to upgrade a 1.2.4 GnuPG source. This file is signed; you have to use GnuPG > 0.9.5 to verify the signature. GnuPG has a feature to allow clear signed patch files which can still be processed by the patch utility. Select one of them. To shorten the download time, you probably want to get the BZIP2 compressed file. Please try another mirror if exceptional your mirror is not yet up to date. In the *binary* directory, you should find these files: gnupg-w32cli-1.2.5.zip (1468k) gnupg-w32cli-1.2.5.zip.sig GnuPG compiled for Microsoft Windows and OpenPGP signature. Note that this is a command line version and comes without a graphical installer tool. You have to use an UNZIP utility to extract the files and install them manually. The included file README.W32 has further instructions. Checking the Integrity ====================== In order to check that the version of GnuPG which you are going to install is an original and unmodified one, you can do it in one of the following ways: * If you already have a trusted version of GnuPG installed, you can simply check the supplied signature. For example to check the signature of the file gnupg-1.2.4.tar.bz2 you would use this command: gpg --verify gnupg-1.2.5.tar.bz2.sig This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by that signing key. Make sure that you have the right key, either by checking the fingerprint of that key with other sources or by checking that the key has been signed by a trustworthy other key. Note, that you can retrieve the signing key using "finger wk 'at' g10code.com" or "dd9jn 'at' gnu.org" or using the keyservers. I recently prolonged the expiration date; thus you might need a fresh copy of that key. Never use a GnuPG version you just downloaded to check the integrity of the source - use an existing GnuPG installation! * If you are not able to use an old version of GnuPG, you have to verify the MD5 checksum. Assuming you downloaded the file gnupg-1.2.5.tar.bz2, you would run the md5sum command like this: md5sum gnupg-1.2.5.tar.bz2 and check that the output matches the first line from the following list: 9109ff94f7a502acd915a6e61d28d98a gnupg-1.2.5.tar.gz e4991e46fde52b216410ef0f485b4217 gnupg-1.2.5.tar.bz2 d591cb58a7bc81d4e5572260ba2cd595 gnupg-1.2.4-1.2.5.diff.gz 3d93d73942117c4c0182cb15e01de70f gnupg-w32cli-1.2.5.zip Upgrade Information =================== If you are upgrading from a version prior to 1.0.7, you should run the script tools/convert-from-106 once. Please note also that due to a bug in versions prior to 1.0.6 it may not be possible to downgrade to such versions unless you apply the patch http://www.gnupg.org/developer/gpg-woody-fix.txt . If you have any problems, please see the FAQ and the mailing list archive at http://lists.gnupg.org. Please direct questions to the gnupg-users@gnupg.org mailing list. What's New =========== Here is a list of major user visible changes since 1.2.4: * New --ask-cert-level/--no-ask-cert-level option to turn on and off the prompt for signature level when signing a key. Defaults to on. * New --min-cert-level option to disregard key signatures that are under a specified level. Defaults to 1 (i.e. don't disregard anything). * New --max-output option to limit the amount of plaintext output generated by GnuPG. This option can be used by programs which call GnuPG to process messages that may result in plaintext larger than the calling program is prepared to handle. This is sometimes called a "Decompression Bomb". * New --list-config command for frontends and other programs that call GnuPG. See doc/DETAILS for the specifics of this. * New --gpgconf-list command for internal use by the gpgconf utility from gnupg 1.9.x. * Some performance improvements with large keyrings. See --enable-key-cache=SIZE in the README file for details. * Some portability fixes for the OpenBSD/i386, HPPA, and AIX platforms. * Simplified Chinese translation. Internationalization ==================== GnuPG comes with support for 28 languages: American English Indonesian (id) Bela-Russian (be)[*] Italian (it) Catalan (ca)[*] Japanese (ja)[*] Czech (cs) Polish (pl) Danish (da)[*] Brazilian Portuguese (pt_BR)[*] Dutch (nl) Portuguese (pt)[*] Esperanto (eo)[*] Romanian (ro) Estonian (et) Russian (ru) Finnish (fi) Slovak (sk) French (fr) Spanish (es) Galician (gl)[*] Swedish (sv)[*] German (de) Traditional Chinese (zh_TW)[*] Greek (el) Simplified Chinese (zh_CN) Hungarian (hu) Turkish (tr) Languages marked with [*] were not updated for this release and you may notice untranslated messages. Many thanks to the translators for their ongoing support of GnuPG. Future Directions ================= GnuPG 1.2.x is the current stable branch and won't undergo any serious changes. We will just fix bugs and add compatibility fixes as required. GnuPG 1.3.x is the version were we do most new stuff and it will lead to the next stable version 1.4 not too far away. GnuPG 1.9.x is next generation GnuPG. This version merged the code From the Aegypten project and thus it includes the gpg-agent, a smartcard daemon and gpg's S/MIME cousin gpgsm. The design is different to the previous versions and we may not support all ancient systems - thus POSIX compatibility will be an absolute requirement for supported platforms. 1.9 is based on an somewhat older 1.3 code and will peacefully coexist with other GnuPG versions. Happy Hacking, The GnuPG Team (David, Stefan, Timo and Werner) -- Werner Koch The GnuPG Experts http://g10code.com Free Software Foundation Europe http://fsfeurope.org -------------- next part -------------- _______________________________________________ Gnupg-announce mailing list Gnupg-announce@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce From lists at digitallyimpressed.com Tue Jul 27 11:18:32 2004 From: lists at digitallyimpressed.com (Rainer Bendig) Date: Tue Jul 27 11:15:21 2004 Subject: GnuPG 1.2.5 - make install In-Reply-To: <4106074B.5097706E@vabo.cz> References: <4106074B.5097706E@vabo.cz> Message-ID: <20040727091831.GA6622@localhost> Ladislav Hagara wrote on Tue Jul 27, 2004 at 09:42:03AM +0200: > ../../scripts/mkinstalldirs: ../../scripts/mkinstalldirs: No such file That was in the CVs-Tee also, just copy or move the /usr/src/gpg*/scripts dir to /usr/src and it should work. I just tried to copy the folder, not to move... -- so long, Rainer Bendig aka mindz PGP/GPG key (ID: 0xB406202E) http://DigitallyImpressed.com Get it from wwwkeys.de.pgp.net for contacting me take a look on http://digitallyimpressed.com/contact From hgr at vabo.cz Tue Jul 27 12:03:24 2004 From: hgr at vabo.cz (Ladislav Hagara) Date: Tue Jul 27 12:01:20 2004 Subject: GnuPG 1.2.5 - make install References: <4106074B.5097706E@vabo.cz> <20040727091831.GA6622@localhost> Message-ID: <4106286C.1FBFB521@vabo.cz> > > ../../scripts/mkinstalldirs: ../../scripts/mkinstalldirs: No such file > That was in the CVs-Tee also, just copy or move the /usr/src/gpg*/scripts > dir to /usr/src and it should work. I just tried to copy the folder, > not to move... Thanks. It would be fine if this was corrected and gnupg-1.2.5 was repackaged. - lace - From pitrp at wg78.de Tue Jul 27 12:09:24 2004 From: pitrp at wg78.de (Peter Prohaska) Date: Tue Jul 27 12:07:53 2004 Subject: GnuPG 1.2.5 - make install In-Reply-To: <20040727091831.GA6622@localhost> References: <4106074B.5097706E@vabo.cz> <20040727091831.GA6622@localhost> Message-ID: <20040727100924.GA17196@wg78.homeunix.net> On Tue, Jul 27, 2004 at 11:18:32AM +0200, Rainer Bendig wrote: > Ladislav Hagara wrote on Tue Jul 27, 2004 at 09:42:03AM +0200: > > ../../scripts/mkinstalldirs: ../../scripts/mkinstalldirs: No such file > That was in the CVs-Tee also, just copy or move the /usr/src/gpg*/scripts > dir to /usr/src and it should work. I just tried to copy the folder, > not to move... Or you can change the "mkinstalldirs = ..." line in `./po/Makefile.in.in' (in your srcdir) to get if fixed before building. MKINSTALLDIRS = @MKINSTALLDIRS@ mkinstalldirs = $(MKINSTALLDIRS) Then the normal configure, make... regards, peter. From MagicFab at FabianRodriguez.com Tue Jul 27 17:30:30 2004 From: MagicFab at FabianRodriguez.com (F. Rodriguez) Date: Tue Jul 27 17:27:45 2004 Subject: Sending signed emails to a large list Message-ID: <41067516.9070807@FabianRodriguez.com> Hello, I'd like to know if there are other ways to send email-merged messages that are signed using OpenPGP ? So far I use an SMTP proxy such as GPG-relay ( http://sites.inka.de/tesla/gpgrelay.html ) combined with a Fletmail, a mailing list manager (client-based, not server) . Although primitive, Fletmail under Windows does the job. I am looking for existing Linux-based solutions before creating one. Maybe something along the lines of PHPList + ..? What would be other ways of doing this ? -- Fabi?n Rodr?guez Montreal, QC, Canada http://www.fabianrodriguez.com/email -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 252 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20040727/b3d11349/signature.bin From DHill at StudentLoan.org Tue Jul 27 17:40:22 2004 From: DHill at StudentLoan.org (David Hill) Date: Tue Jul 27 17:37:47 2004 Subject: folder security problem with random_seed Message-ID: We have installed GnuPG and our keys on the network. Unfortunately random_seed requires excessive permissions, since it seems to be destroyed and recreated during each command, we need to grant read/write/update/delete permissions to that folder for all GnuPG users. If the random_seed file could be relocated to the users local temp folder or to a common writeable location on the network then we would be able to lock the security of the GnuPG installation down to just read access. Dave Hill dhill@studentloan.org Iowa Student Loan Liquidity Corp. 515-273-7241 Fax 515-243-0714 From DHill at StudentLoan.org Tue Jul 27 17:43:56 2004 From: DHill at StudentLoan.org (David Hill) Date: Tue Jul 27 17:41:17 2004 Subject: folder security problem with random_seed Message-ID: We have installed GnuPG and our keys on the network. Unfortunately random_seed requires excessive permissions, since it seems to be destroyed and recreated during each command, we need to grant read/write/update/delete permissions to that folder for all GnuPG users. If the random_seed file could be relocated to the users local temp folder or to a common writeable location on the network then we would be able to lock the security of the GnuPG installation down to just read access. Dave Hill dhill@studentloan.org Iowa Student Loan Liquidity Corp. 515-273-7241 Fax 515-243-0714 From vedaal at hush.com Tue Jul 27 17:59:23 2004 From: vedaal at hush.com (vedaal@hush.com) Date: Tue Jul 27 17:56:16 2004 Subject: [Announce] GnuPG 1.2.5 released // update to man.page Message-ID: <200407271559.i6RFxQxT001462@mailserver2.hushmail.com> minor correction to the man.page , in the following section: INTEROPERABILITY WITH OTHER OPENPGP PROGRAMS ====[begin quote]=============================== For example, as of this writing, no (unhacked) version of PGP supports the BLOWFISH cipher algorithm. If you use it, no PGP user will be able to decrypt your message. The same thing applies to the ZLIB compression algorithm. ====[end quote]================================= pgp 8.1 supports blowfish and zlib, and decrypts messages done in gnupg using both of these. also, 8.1 now recognizes signatures from gnupg signing subkeys, which prior versions did not vedaal Concerned about your privacy? Follow this link to get secure FREE email: http://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger http://www.hushmail.com/services-messenger?l=434 Promote security and make money with the Hushmail Affiliate Program: http://www.hushmail.com/about-affiliate?l=427 From shantanu at chrd.in2cable.net Tue Jul 27 18:21:16 2004 From: shantanu at chrd.in2cable.net (Dr. Shantanu Nagarkatti) Date: Tue Jul 27 18:19:10 2004 Subject: Upgrading GNUPG after Nullify installation Message-ID: <6.1.2.0.0.20040727214841.01df0a68@chrd.in2cable.net> Hi, For windows users, Nullify is the easiest install. How does one upgrade to GNUPG 1.2.5 after the Nullify install? Shantanu **************************** Non omnia possumus omnes - Not all of us are able to do all things -(Virgil) **************************** -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : /pipermail/attachments/20040727/75e124a1/attachment.bin From wk at gnupg.org Tue Jul 27 18:51:05 2004 From: wk at gnupg.org (Werner Koch) Date: Tue Jul 27 18:53:26 2004 Subject: gpg 1.9.10 confused about default user id? In-Reply-To: (Simon Josefsson's message of "Mon, 26 Jul 2004 20:51:01 +0200") References: Message-ID: <87bri1fl6u.fsf@wheatstone.g10code.de> On Mon, 26 Jul 2004 20:51:01 +0200, Simon Josefsson said: > In my ~/.gnupg/gpg.conf I have 'default-key B565716F'. When I try to > sign a key, gpg things it should use an expired and disabled key of > mine instead. See below. How can I get it to use my current key? > gpg 1.2 work fine. Please use gpg 1.2 or 1.3 - gpg2 is not yet up to the state of the other branches. Our plan is to get 1.4 out and then start working on the gpg part of 1.9. You don't have a gpg.conf-1.9 in ~/.gnupg, right? Werner From richard at sheflug.co.uk Tue Jul 27 19:19:42 2004 From: richard at sheflug.co.uk (Richard Ibbotson) Date: Tue Jul 27 19:16:10 2004 Subject: GnuPG 1.2.5 - make install In-Reply-To: <20040727091831.GA6622@localhost> References: <4106074B.5097706E@vabo.cz> <20040727091831.GA6622@localhost> Message-ID: Hi > Ladislav Hagara wrote on Tue Jul 27, 2004 at 09:42:03AM +0200: > > ../../scripts/mkinstalldirs: ../../scripts/mkinstalldirs: No such file > That was in the CVs-Tee also, just copy or move the /usr/src/gpg*/scripts > dir to /usr/src and it should work. I just tried to copy the folder, > not to move... cp /usr/src/gpg*/scripts /usr/src Says .... cp: cannot stat `/usr/src/gpg*/scripts': No such file or directory Did I do something wrong ? Richard From vedaal at hush.com Tue Jul 27 19:30:57 2004 From: vedaal at hush.com (vedaal@hush.com) Date: Tue Jul 27 19:27:51 2004 Subject: Upgrading GNUPG after Nullify installation Message-ID: <200407271730.i6RHUxtI021944@mailserver2.hushmail.com> Dr. Shantanu Nagarkatti shantanu at chrd.in2cable.net wrote: >How does one upgrade to GNUPG 1.2.5 after the Nullify install? fairly pain-free: [1] make a new directory for 1.2.5, and unzip the binaries into the new directory (*not* into the root gnupg directory where Nullify is installed now) [2] copy the following files fom the 1.2.5 directory into the c:\gnupg directory that has the Nullify install: (a)gpg.exe (b)gpgv.exe (c)gpgsplit.exe when prompted to over-ride files of the same name in the Nullify install in c:\gnupg, allow it to be done that's it ;-) no registry changes are necessary, and IDEA will still work. no re-booting necessary vedaal Concerned about your privacy? Follow this link to get secure FREE email: http://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger http://www.hushmail.com/services-messenger?l=434 Promote security and make money with the Hushmail Affiliate Program: http://www.hushmail.com/about-affiliate?l=427 From sanchezthecactus at yahoo.com Tue Jul 27 19:58:12 2004 From: sanchezthecactus at yahoo.com (Sanchez the Cactus) Date: Tue Jul 27 19:55:12 2004 Subject: Fwd: using gnupg with a secure ldap (ldaps) keyserver In-Reply-To: <20040716184809.GA15672@jabberwocky.com> Message-ID: <20040727175812.69726.qmail@web12103.mail.yahoo.com> I've played around with this some more, and after editing ldap.conf to include the line: TLS_REQCERT allow I can now run: ldapsearch -h ldap.2wire.com -P3 -x -b "dc=company,dc=com" objectClass=pgpkeyinfo -Z successfully, and it returns the pgp keys. Is there another step I have to take to get gpg 1.3.x to recognize the keys now? Thanks, -Joe --- David Shaw wrote: > On Fri, Jul 16, 2004 at 09:58:40AM -0700, Sanchez the Cactus wrote: > > > when I try with GnuPG 1.3.6 linked against OpenLDAP linked against either > > GNUTLS or OpenSSL, i get the following error: > > > > ./gpg -v --keyserver "ldaps://ldap.company.com/ou=pgp > keys,dc=company,dc=com" > > --search-keys keymaster > > gpg: NOTE: THIS IS A DEVELOPMENT VERSION! > > gpg: It is only intended for test purposes and should NOT be > > gpg: used in a production environment or with production keys! > > gpg: WARNING: using insecure memory! > > gpg: please see http://www.gnupg.org/faq.html for more information > > gpgkeys: unable to make SSL connection: not supported by the NAI LDAP > keyserver > > > > gpg: key "keymaster" not found on keyserver > > gpg: keyserver internal error > > gpg: keyserver search failed: keyserver error > > > > > > > > is the "NAI LDAP keyserver" not supported by GnuPG, or is there some > > other way to make GnuPG access it? > > It's not that GnuPG doesn't support it. The keyserver itself doesn't > support ldaps. GnuPG supports both ldaps and ldap using TLS. The old > NAI keyserver supports neither. If you want to communicate with the > NAI keyserver, you have to turn off ldaps or TLS. > > I think there is some confusion here. What exactly are you doing? > That is, where did you get this server? What software is it running? > What do you get if you run: > > ldapsearch -h ldap.company.com -P2 -x -b "cn=pgpServerInfo" -s base > cn=pgpServerInfo > > David > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > __________________________________ Do you Yahoo!? Yahoo! Mail - Helps protect you from nasty viruses. http://promotions.yahoo.com/new_mail From wk at gnupg.org Tue Jul 27 19:44:14 2004 From: wk at gnupg.org (Werner Koch) Date: Tue Jul 27 20:07:00 2004 Subject: [Announce] gnupg 1.2.5 build instruction update Message-ID: <877jspfiq9.fsf@wheatstone.g10code.de> Uv, qhr gb n ceboyrz jvgu gur trggrkg vafgnyyngvba ba gur ohvyq znpuvar n yvggyr naablvat oht jvyy qvfgheo gur ohvyq cebprff bs TahCT 1.2.5 jura qbvat gur "znxr vafgnyy": ../../fpevcgf/zxvafgnyyqvef: ../../fpevcgf/zxvafgnyyqvef: Ab fhpu svyr be qverpgbel znxr[1]: *** [vafgnyy-qngn-lrf] Reebe 127 Gurer vf n fvzcyr jbexnebhaq ubjrire: Vafgrnq bs "znxr vafgnyy" hfr znxr vafgnyy zxvafgnyyqvef=`cjq`/fpevcgf/zxvafgnyyqvef naq vg fubhyq jbex nf rkcrpgrq. Nygubhtu V nyjnlf cercner qvfgevohgvbaf hfvat "znxr qvfgpurpx", V boivbhfyl sbetbg gb qb n znahny vafgnyy gb qrgrpg aba-ICNGU eryngrq ohvyq ceboyrzf. Fbzrbar fubhyq unir abgvprq naq ercbegrq guvf oht jvgu gur ynfg eryrnfr pnaqvqngr, juvpu va snpg jnf nyfb nssrpgrq ol vg. Unccl Unpxvat, Jreare -- Jreare Xbpu Gur TahCT Rkcregf uggc://t10pbqr.pbz Serr Fbsgjner Sbhaqngvba Rhebcr uggc://sfsrhebcr.bet _______________________________________________ Gnupg-announce mailing list Gnupg-announce@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce From wk at gnupg.org Tue Jul 27 19:55:06 2004 From: wk at gnupg.org (Werner Koch) Date: Tue Jul 27 20:16:26 2004 Subject: [Announce] GnuPG 1.2.5 build instruction update Message-ID: <873c3dfi85.fsf@wheatstone.g10code.de> [Okay, its not my day. I accidently hit C-c r right before sending the mail.] Hi, due to a problem with the gettext installation on the build machine a little annoying bug will disturb the build process of GnuPG 1.2.5 when doing the "make install": ../../scripts/mkinstalldirs: ../../scripts/mkinstalldirs: No such file or directory make[1]: *** [install-data-yes] Error 127 There is a simple workaround however: Instead of "make install" use make install mkinstalldirs=`pwd`/scripts/mkinstalldirs and it should work as expected. Although I always prepare distributions using "make distcheck", I obviously forgot to do a manual install to detect non-VPATH related build problems. Someone should have noticed and reported this bug with the last release candidate, which in fact was also affected by it. Salve Gnus, Werner -- Werner Koch The GnuPG Experts http://g10code.com Free Software Foundation Europe http://fsfeurope.org _______________________________________________ Gnupg-announce mailing list Gnupg-announce@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce From jas at extundo.com Tue Jul 27 19:13:16 2004 From: jas at extundo.com (Simon Josefsson) Date: Tue Jul 27 20:17:43 2004 Subject: gpg 1.9.10 confused about default user id? In-Reply-To: <87bri1fl6u.fsf@wheatstone.g10code.de> (Werner Koch's message of "Tue, 27 Jul 2004 18:51:05 +0200") References: <87bri1fl6u.fsf@wheatstone.g10code.de> Message-ID: Werner Koch writes: > On Mon, 26 Jul 2004 20:51:01 +0200, Simon Josefsson said: > >> In my ~/.gnupg/gpg.conf I have 'default-key B565716F'. When I try to >> sign a key, gpg things it should use an expired and disabled key of >> mine instead. See below. How can I get it to use my current key? >> gpg 1.2 work fine. > > Please use gpg 1.2 or 1.3 - gpg2 is not yet up to the state of the > other branches. Our plan is to get 1.4 out and then start working on > the gpg part of 1.9. Ok! I tried, and 1.3 works fine. > You don't have a gpg.conf-1.9 in ~/.gnupg, right? Nope. Thanks. From dshaw at jabberwocky.com Tue Jul 27 20:44:41 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Tue Jul 27 20:41:38 2004 Subject: Fwd: using gnupg with a secure ldap (ldaps) keyserver In-Reply-To: <20040727175812.69726.qmail@web12103.mail.yahoo.com> References: <20040716184809.GA15672@jabberwocky.com> <20040727175812.69726.qmail@web12103.mail.yahoo.com> Message-ID: <20040727184440.GC9859@jabberwocky.com> On Tue, Jul 27, 2004 at 10:58:12AM -0700, Sanchez the Cactus wrote: > I've played around with this some more, and after editing ldap.conf to include > the line: > TLS_REQCERT allow > > I can now run: > ldapsearch -h ldap.2wire.com -P3 -x -b "dc=company,dc=com" > objectClass=pgpkeyinfo -Z > > successfully, and it returns the pgp keys. > > Is there another step I have to take to get gpg 1.3.x to recognize the keys > now? I don't know. I'm still trying to understand what you set up, and using what LDAP schema from where. Is this the PGP schema? If so, it should work with GnuPG as well. If it isn't the PGP schema, then it won't work no matter what you try. David From shantanu at chrd.in2cable.net Tue Jul 27 20:45:04 2004 From: shantanu at chrd.in2cable.net (Dr. Shantanu Nagarkatti) Date: Tue Jul 27 20:42:48 2004 Subject: Upgrading after Nullify In-Reply-To: References: Message-ID: <6.1.2.0.0.20040728000955.01da9118@chrd.in2cable.net> Thanks. What happens if I unzip and extract ALL the files into the existing GNUPG root directory? Shantanu ************************** Men learn while they teach. - seneca, a.d. 63 **************************** At 11:37 PM 7/27/2004, you wrote: >Dr. Shantanu Nagarkatti shantanu at chrd.in2cable.net wrote: > > >How does one upgrade to GNUPG 1.2.5 after the Nullify install? > >fairly pain-free: > >[1] make a new directory for 1.2.5, and unzip the binaries into the new >directory >(*not* into the root gnupg directory where Nullify is installed now) > >[2] copy the following files fom the 1.2.5 directory into the c:\gnupg >directory that has the Nullify install: > >(a)gpg.exe >(b)gpgv.exe >(c)gpgsplit.exe > >when prompted to over-ride files of the same name in the Nullify install >in c:\gnupg, allow it to be done > >that's it ;-) > > >no registry changes are necessary, >and IDEA will still work. > >no re-booting necessary > > >vedaal From vedaal at hush.com Tue Jul 27 21:07:24 2004 From: vedaal at hush.com (vedaal@hush.com) Date: Tue Jul 27 21:04:14 2004 Subject: Upgrading after Nullify Message-ID: <200407271907.i6RJ7OqR043367@mailserver2.hushmail.com> Dr. Shantanu Nagarkatti shantanu at chrd.in2cable.net wrote: > What happens if I unzip and extract ALL the files into the existing GNUPG root directory? i tried this once many versions ago, and developed a registry bug, and gnupg would not work correctly i don't remember the details, but think that the problem file was in the 1.2.x tht was not present in the Nullify version also, i *need* IDEA, as my oldest key, is a pgp2.x v3 key, and is still the only some that some pgp2.x users trust, the 1.2.5 doesn't have the IDEA module and library, and trying to just copy the whole thing into c:\gnupg before un-installing the Nullify build, causes problems (but it's been a long time since i did it that way, so am not sure) vedaal Concerned about your privacy? Follow this link to get secure FREE email: http://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger http://www.hushmail.com/services-messenger?l=434 Promote security and make money with the Hushmail Affiliate Program: http://www.hushmail.com/about-affiliate?l=427 From sanchezthecactus at yahoo.com Tue Jul 27 22:59:43 2004 From: sanchezthecactus at yahoo.com (Sanchez the Cactus) Date: Tue Jul 27 22:56:35 2004 Subject: Fwd: using gnupg with a secure ldap (ldaps) keyserver In-Reply-To: <20040727184440.GC9859@jabberwocky.com> Message-ID: <20040727205943.11354.qmail@web12102.mail.yahoo.com> --- David Shaw wrote: > I don't know. I'm still trying to understand what you set up, and > using what LDAP schema from where. Is this the PGP schema? If so, it > should work with GnuPG as well. If it isn't the PGP schema, then it > won't work no matter what you try. > > David > Unfortunately, I didn't set up the server, and our IT dept is less than enthusiastic about supporting us on linux. So, as of right now, I have no idea where the schema came from, but will try to find out. However, I did manage to get a command similar to the one you asked for to run successfully, maybe it can help explain what the setup is: $ ldapsearch -h ldap.company.com -P3 -x -b "cn=pgpServerInfo,ou=pgp keys,dc=company,dc=com" -Z -s base cn=pgpServerInfo # extended LDIF # # LDAPv3 # base with scope base # filter: cn=pgpServerInfo # requesting: ALL # # PGPServerInfo, PGP Keys, company.com dn: cn=PGPServerInfo,ou=PGP Keys,dc=company,dc=com cn: PGPServerInfo objectClass: pgpserverinfo pgpSoftware: OpenLDAP slapd pgpVersion: 2.1.23.8 pgpBaseKeySpaceDN: ou=PGP Keys,dc=company,dc=com # search result search: 3 result: 0 Success # numResponses: 2 # numEntries: 1 __________________________________ Do you Yahoo!? New and Improved Yahoo! Mail - 100MB free storage! http://promotions.yahoo.com/new_mail From JPClizbe at comcast.net Tue Jul 27 23:12:11 2004 From: JPClizbe at comcast.net (John Clizbe) Date: Tue Jul 27 23:09:33 2004 Subject: Upgrading GNUPG after Nullify installation In-Reply-To: <6.1.2.0.0.20040727214841.01df0a68@chrd.in2cable.net> References: <6.1.2.0.0.20040727214841.01df0a68@chrd.in2cable.net> Message-ID: <4106C52B.8040107@comcast.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dr. Shantanu Nagarkatti wrote: > > Hi, > > For windows users, Nullify is the easiest install. > > How does one upgrade to GNUPG 1.2.5 after the Nullify install? > > Shantanu > Extract the .EXE to the root directory, *.MO to the LOcale directory, everything else to the Doc directory - -- John P. Clizbe Inet: JPClizbe(a)comcast DOT nyet Golden Bear Networks PGP/GPG KeyID: 0x608D2A10 "Most men take the straight and narrow. A few take the road less traveled. I chose to cut through the woods." -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (Windows 2000 SP4) Comment: When cryptography is outlawed, b25seSBvdXRsYXdzIHdpbGwgdXNlIG Comment: Annoy John Asscraft -- Use Strong Encryption. Comment: It's YOUR right - for the time being. Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFBBsUqHQSsSmCNKhARAgahAJ0Z7ULgsn9LcnTxKpNXJMCYIVV3HQCgwU1o 534mEJvIPqN4Xbkxulh9hns= =u5uT -----END PGP SIGNATURE----- From johanw at vulcan.xs4all.nl Tue Jul 27 19:45:16 2004 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Tue Jul 27 23:12:36 2004 Subject: GnuPG 1.2.5 - make install In-Reply-To: <20040727091831.GA6622@localhost> from Rainer Bendig at "Jul 27, 2004 11:18:32 am" Message-ID: <200407271745.TAA10277@vulcan.xs4all.nl> Rainer Bendig wrote: >Ladislav Hagara wrote on Tue Jul 27, 2004 at 09:42:03AM +0200: >> ../../scripts/mkinstalldirs: ../../scripts/mkinstalldirs: No such file The same happened with 1.2.5rc2. I reported it on this list, as did someone else, but apparently no action has been taken. >That was in the CVs-Tee also, just copy or move the /usr/src/gpg*/scripts >dir to /usr/src and it should work. I just tried to copy the folder, >not to move... Huh? What scripts dir? -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From dshaw at jabberwocky.com Tue Jul 27 23:43:41 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Tue Jul 27 23:40:35 2004 Subject: Fwd: using gnupg with a secure ldap (ldaps) keyserver In-Reply-To: <20040727205943.11354.qmail@web12102.mail.yahoo.com> References: <20040727184440.GC9859@jabberwocky.com> <20040727205943.11354.qmail@web12102.mail.yahoo.com> Message-ID: <20040727214341.GF9859@jabberwocky.com> On Tue, Jul 27, 2004 at 01:59:43PM -0700, Sanchez the Cactus wrote: > # PGPServerInfo, PGP Keys, company.com > dn: cn=PGPServerInfo,ou=PGP Keys,dc=company,dc=com > cn: PGPServerInfo > objectClass: pgpserverinfo > pgpSoftware: OpenLDAP slapd > pgpVersion: 2.1.23.8 > pgpBaseKeySpaceDN: ou=PGP Keys,dc=company,dc=com Interesting. What happens if you do: ldapsearch -h ldap.company.com -x -P3 -s base -b "" '(objectClass=*)' namingcontexts Now that you made the certificate change on the server, did you try using GnuPG again? gpg --keyserver ldap://ldap.company.com --search-keys whatever David From sanchezthecactus at yahoo.com Wed Jul 28 00:03:55 2004 From: sanchezthecactus at yahoo.com (Sanchez the Cactus) Date: Wed Jul 28 00:00:47 2004 Subject: Fwd: using gnupg with a secure ldap (ldaps) keyserver In-Reply-To: <20040727214341.GF9859@jabberwocky.com> Message-ID: <20040727220355.30126.qmail@web12108.mail.yahoo.com> --- David Shaw wrote: > On Tue, Jul 27, 2004 at 01:59:43PM -0700, Sanchez the Cactus wrote: > > > # PGPServerInfo, PGP Keys, company.com > > dn: cn=PGPServerInfo,ou=PGP Keys,dc=company,dc=com > > cn: PGPServerInfo > > objectClass: pgpserverinfo > > pgpSoftware: OpenLDAP slapd > > pgpVersion: 2.1.23.8 > > pgpBaseKeySpaceDN: ou=PGP Keys,dc=company,dc=com > > Interesting. What happens if you do: > > ldapsearch -h ldap.company.com -x -P3 -s base -b "" '(objectClass=*)' > namingcontexts > > Now that you made the certificate change on the server, did you try > using GnuPG again? > > gpg --keyserver ldap://ldap.company.com --search-keys whatever > > David # extended LDIF # # LDAPv3 # base <> with scope base # filter: (objectClass=*) # requesting: namingcontexts # # dn: namingContexts: dc=company,dc=com # search result search: 3 result: 0 Success # numResponses: 2 # numEntries: 1 I've been trying to debug this a little myself in gpgkeys_ldap.c from 1.3.6: it appears that 2 things are happening: 1) the check at for !real_ldap (in the if(use_ssl) block of main) is called before find_basekeyspacedn() is called, so real_ldap is set to 0, and it prints out the first of the two not supported by the NAI LDAP keyserver errors. for now, i've just changed !real_ldap to real_ldap, but I know that's not the right solution. 2) find_basekeyspacedn() isn't working... the call: vals=ldap_get_values(ldap,si_res,"pgpBaseKeySpaceDN"); is returning NULL, but I haven't had a chance to look into it more yet, though it is using the context of "dc=company,dc=com", which I think is not the right one. -Joe __________________________________ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail From dshaw at jabberwocky.com Wed Jul 28 00:46:00 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Wed Jul 28 00:42:55 2004 Subject: Fwd: using gnupg with a secure ldap (ldaps) keyserver In-Reply-To: <20040727220355.30126.qmail@web12108.mail.yahoo.com> References: <20040727214341.GF9859@jabberwocky.com> <20040727220355.30126.qmail@web12108.mail.yahoo.com> Message-ID: <20040727224600.GG9859@jabberwocky.com> On Tue, Jul 27, 2004 at 03:03:55PM -0700, Sanchez the Cactus wrote: > 1) the check at for !real_ldap (in the if(use_ssl) block of main) is > called before find_basekeyspacedn() is called, so real_ldap is set > to 0, and it prints out the first of the two not supported by the > NAI LDAP keyserver errors. for now, i've just changed !real_ldap to > real_ldap, but I know that's not the right solution. Yes, ignore that for now. It's not the main problem. > 2) find_basekeyspacedn() isn't working... the call: > vals=ldap_get_values(ldap,si_res,"pgpBaseKeySpaceDN"); is returning > NULL, but I haven't had a chance to look into it more yet, though it > is using the context of "dc=company,dc=com", which I think is not > the right one. No, it should be something like "o=PGP Keys", or at least including the "PGP Keys" as part of the string. It's pretty clear what is going wrong, but it is not clear whether this is a problem with your LDAP server setup or in gpgkeys_ldap. I think you said this was set up by your IT dept for PGP users as well. Does it work with PGP? David From johanw at vulcan.xs4all.nl Wed Jul 28 00:25:15 2004 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Wed Jul 28 00:54:16 2004 Subject: [Announce] GnuPG 1.2.5 build instruction update In-Reply-To: <873c3dfi85.fsf@wheatstone.g10code.de> from Werner Koch at "Jul 27, 2004 07:55:06 pm" Message-ID: <200407272225.AAA01145@vulcan.xs4all.nl> Werner Koch wrote: >Someone should have noticed and reported this bug with the last release >candidate, which in fact was also affected by it. I did, but I got no reply. -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From sanchezthecactus at yahoo.com Wed Jul 28 01:07:50 2004 From: sanchezthecactus at yahoo.com (Sanchez the Cactus) Date: Wed Jul 28 01:04:42 2004 Subject: Fwd: using gnupg with a secure ldap (ldaps) keyserver In-Reply-To: <20040727224600.GG9859@jabberwocky.com> Message-ID: <20040727230750.37729.qmail@web12108.mail.yahoo.com> --- David Shaw wrote: > On Tue, Jul 27, 2004 at 03:03:55PM -0700, Sanchez the Cactus wrote: > > > 1) the check at for !real_ldap (in the if(use_ssl) block of main) is > > called before find_basekeyspacedn() is called, so real_ldap is set > > to 0, and it prints out the first of the two not supported by the > > NAI LDAP keyserver errors. for now, i've just changed !real_ldap to > > real_ldap, but I know that's not the right solution. > > Yes, ignore that for now. It's not the main problem. > > > 2) find_basekeyspacedn() isn't working... the call: > > vals=ldap_get_values(ldap,si_res,"pgpBaseKeySpaceDN"); is returning > > NULL, but I haven't had a chance to look into it more yet, though it > > is using the context of "dc=company,dc=com", which I think is not > > the right one. > > No, it should be something like "o=PGP Keys", or at least including > the "PGP Keys" as part of the string. It's pretty clear what is going > wrong, but it is not clear whether this is a problem with your LDAP > server setup or in gpgkeys_ldap. > > I think you said this was set up by your IT dept for PGP users as > well. Does it work with PGP? > > David Yes, it does work with PGP on windows. Hardcoding the context to "ou=PGP Keys,dc=company,dc=com" makes it work. So either gpgkeys_ldap needs to know this, or the server needs to provide that information somehow. Not sure how PGP manages to figure it out. Thanks, -Joe __________________________________ Do you Yahoo!? Yahoo! Mail is new and improved - Check it out! http://promotions.yahoo.com/new_mail From dshaw at jabberwocky.com Wed Jul 28 01:49:28 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Wed Jul 28 01:46:23 2004 Subject: Fwd: using gnupg with a secure ldap (ldaps) keyserver In-Reply-To: <20040727230750.37729.qmail@web12108.mail.yahoo.com> References: <20040727224600.GG9859@jabberwocky.com> <20040727230750.37729.qmail@web12108.mail.yahoo.com> Message-ID: <20040727234928.GA12711@jabberwocky.com> On Tue, Jul 27, 2004 at 04:07:50PM -0700, Sanchez the Cactus wrote: > > > 2) find_basekeyspacedn() isn't working... the call: > > > vals=ldap_get_values(ldap,si_res,"pgpBaseKeySpaceDN"); is returning > > > NULL, but I haven't had a chance to look into it more yet, though it > > > is using the context of "dc=company,dc=com", which I think is not > > > the right one. > > > > No, it should be something like "o=PGP Keys", or at least including > > the "PGP Keys" as part of the string. It's pretty clear what is going > > wrong, but it is not clear whether this is a problem with your LDAP > > server setup or in gpgkeys_ldap. > > > > I think you said this was set up by your IT dept for PGP users as > > well. Does it work with PGP? > > > > David > > Yes, it does work with PGP on windows. Hardcoding the context to "ou=PGP > Keys,dc=company,dc=com" makes it work. So either gpgkeys_ldap needs to know > this, or the server needs to provide that information somehow. Not sure how > PGP manages to figure it out. Check your slapd.conf file. In the section for the pgp keys, there should be a line that looks something like: suffix "ou=PGP Keys,dc=DOMAIN,dc=COM" Does that exist? Also, since it works from PGP on windows, can you check something: in the PGP options dialog, click on the "servers" tab. Double click on the entry for your keyserver. Is there anything in the "Base DN" field? David From sanchezthecactus at yahoo.com Wed Jul 28 02:19:08 2004 From: sanchezthecactus at yahoo.com (Sanchez the Cactus) Date: Wed Jul 28 02:15:58 2004 Subject: Fwd: using gnupg with a secure ldap (ldaps) keyserver In-Reply-To: <20040727234928.GA12711@jabberwocky.com> Message-ID: <20040728001908.40927.qmail@web12102.mail.yahoo.com> --- David Shaw wrote: > On Tue, Jul 27, 2004 at 04:07:50PM -0700, Sanchez the Cactus wrote: > > > > > 2) find_basekeyspacedn() isn't working... the call: > > > > vals=ldap_get_values(ldap,si_res,"pgpBaseKeySpaceDN"); is returning > > > > NULL, but I haven't had a chance to look into it more yet, though it > > > > is using the context of "dc=company,dc=com", which I think is not > > > > the right one. > > > > > > No, it should be something like "o=PGP Keys", or at least including > > > the "PGP Keys" as part of the string. It's pretty clear what is going > > > wrong, but it is not clear whether this is a problem with your LDAP > > > server setup or in gpgkeys_ldap. > > > > > > I think you said this was set up by your IT dept for PGP users as > > > well. Does it work with PGP? > > > > > > David > > > > Yes, it does work with PGP on windows. Hardcoding the context to "ou=PGP > > Keys,dc=company,dc=com" makes it work. So either gpgkeys_ldap needs to > know > > this, or the server needs to provide that information somehow. Not sure > how > > PGP manages to figure it out. > > Check your slapd.conf file. In the section for the pgp keys, there > should be a line that looks something like: > > suffix "ou=PGP Keys,dc=DOMAIN,dc=COM" > > Does that exist? > > Also, since it works from PGP on windows, can you check something: in > the PGP options dialog, click on the "servers" tab. Double click on > the entry for your keyserver. Is there anything in the "Base DN" > field? > > David The PGP "Base DN" field contains: "ou=pgp keys,dc=company,dc=com". I'll ask IT about the sldap.conf file. -Joe __________________________________ Do you Yahoo!? Y! Messenger - Communicate in real time. Download now. http://messenger.yahoo.com From lists at digitallyimpressed.com Wed Jul 28 02:23:36 2004 From: lists at digitallyimpressed.com (Rainer Bendig) Date: Wed Jul 28 02:20:26 2004 Subject: GnuPG 1.2.5 - make install In-Reply-To: References: <4106074B.5097706E@vabo.cz> <20040727091831.GA6622@localhost> Message-ID: <20040728002336.GA16115@localhost> Richard Ibbotson wrote on Tue Jul 27, 2004 at 06:19:42PM +0100: > cp /usr/src/gpg*/scripts /usr/src > cp: cannot stat `/usr/src/gpg*/scripts': No such file or directory > Did I do something wrong ? /usr/src is the way most distrubutors tell their users to save the sources and build them. Of course you need to change this to the path you have choosen. Maybe the gpg* has also to change to whatever you chose. But whatever - there was a better way shown up to the list. -- so long, Rainer Bendig aka mindz PGP/GPG key (ID: 0xB406202E) http://DigitallyImpressed.com Get it from wwwkeys.de.pgp.net for contacting me take a look on http://digitallyimpressed.com/contact From servie_platon at yahoo.com Wed Jul 28 07:09:11 2004 From: servie_platon at yahoo.com (InHisGrip) Date: Wed Jul 28 07:06:30 2004 Subject: Error 127 Message-ID: <20040728050911.21534.qmail@web41002.mail.yahoo.com> Hi everyone, I don't know if someone has asked this question before? I was trying to compile gnupg-1.2.5.tar.gz which I downloaded from a mirror site of gnupg.org and I got an Error 127 result. I use Fedora Core 2 for my linux distro. First, I downloaded a tar-ball from a mirror site of gnupg. Then, I did # md5sum gnupg-1.2.5.tar.gz and I got an output match. So I proceed to compile: # cd /usr/local/src # tar xvzf gnupg-1.2.5.tar.gz # ./configure # make # make install And from here on, I got the error message --> Error 127, install recursive Error 1... Has this error happened because initially, I have a gnupg 1.2.4-2.1.rpm and I have forgotten to rpm -e the old rpm of gnupg? Or is this because the tar-ball I downloaded is corrupted? Do you guys have any idea as to what went wrong here? Hope to hear from you soon. Thanks in advance. InHisGrip, Servie __________________________________ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail From wk at gnupg.org Wed Jul 28 09:31:03 2004 From: wk at gnupg.org (Werner Koch) Date: Wed Jul 28 09:33:28 2004 Subject: GnuPG 1.2.5 - make install In-Reply-To: <200407271745.TAA10277@vulcan.xs4all.nl> (Johan Wevers's message of "Tue, 27 Jul 2004 19:45:16 +0200 (MET DST)") References: <200407271745.TAA10277@vulcan.xs4all.nl> Message-ID: <87d62gd1vs.fsf@wheatstone.g10code.de> On Tue, 27 Jul 2004 19:45:16 +0200 (MET DST), Johan Wevers said: > The same happened with 1.2.5rc2. I reported it on this list, as did someone > else, but apparently no action has been taken. I don't have it in my mail folders but found it at lists.gnupg.org. After some investigations it turned out that your mail as well as some others were uucp to my machine but it happened that on the same day I moved all my mail stuff to my new laptop and obviously I missed some mails still pending in the mail queue of my old machine after stopping the uucico and the MTA. I apologize for claiming nobody took the time to try our RC2. Thanks, Werner From hgr at vabo.cz Wed Jul 28 10:16:33 2004 From: hgr at vabo.cz (Ladislav Hagara) Date: Wed Jul 28 10:14:33 2004 Subject: Error 127 References: <20040728050911.21534.qmail@web41002.mail.yahoo.com> Message-ID: <410760E1.E3C02A95@vabo.cz> > And from here on, I got the error message --> Error > 127, install recursive Error 1... See http://lists.gnupg.org/pipermail/gnupg-announce/2004q3/000173.html - lace - From mail at renelemme.de Wed Jul 28 13:40:41 2004 From: mail at renelemme.de (Rene Lemme) Date: Wed Jul 28 13:37:29 2004 Subject: GnuPG on PPC (WinMobile2003) In-Reply-To: <200407101423.27058.mail@renelemme.de> References: <200407101423.27058.mail@renelemme.de> Message-ID: <200407281340.41932.mail@renelemme.de> Nobody using GnuPG on a PPC? Regards, ..ren? Am Samstag, 10. Juli 2004 14:23 schrieb Rene Lemme: > Hello Group, > > does anyone use GnuPG on a Pocket PC running with WinMobile2003 OS? > > I found the following software: > http://www.symbolictools.de/public/pocketconsole/applications/gnupg >/ > > What are your experience or do you use different software? > > Regards, > > ..ren? -- GnuPG Key-ID: BFCC946E www.renelemme.de -- From mail at renelemme.de Wed Jul 28 13:47:27 2004 From: mail at renelemme.de (Rene Lemme) Date: Wed Jul 28 13:44:13 2004 Subject: GnuPG on PPC (WinMobile2003) Message-ID: <200407281347.38514.mail@renelemme.de> Hello Group, does anyone use GnuPG on a Pocket PC running with WinMobile2003 OS? I found the following software: http://www.symbolictools.de/public/pocketconsole/applications/gnupg/ What are your experience or do you use different software? Regards, ..ren? -- GnuPG Key-ID: BFCC946E www.renelemme.de -- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: signature Url : /pipermail/attachments/20040728/47ebffd4/attachment-0001.bin From dshaw at jabberwocky.com Wed Jul 28 17:33:40 2004 From: dshaw at jabberwocky.com (David Shaw) Date: Wed Jul 28 17:30:37 2004 Subject: Fwd: using gnupg with a secure ldap (ldaps) keyserver In-Reply-To: <20040728001908.40927.qmail@web12102.mail.yahoo.com> References: <20040727234928.GA12711@jabberwocky.com> <20040728001908.40927.qmail@web12102.mail.yahoo.com> Message-ID: <20040728153339.GA22308@jabberwocky.com> On Tue, Jul 27, 2004 at 05:19:08PM -0700, Sanchez the Cactus wrote: > > > Yes, it does work with PGP on windows. Hardcoding the context to "ou=PGP > > > Keys,dc=company,dc=com" makes it work. So either gpgkeys_ldap needs to > > know > > > this, or the server needs to provide that information somehow. Not sure > > how > > > PGP manages to figure it out. > > > > Check your slapd.conf file. In the section for the pgp keys, there > > should be a line that looks something like: > > > > suffix "ou=PGP Keys,dc=DOMAIN,dc=COM" > > > > Does that exist? > > > > Also, since it works from PGP on windows, can you check something: in > > the PGP options dialog, click on the "servers" tab. Double click on > > the entry for your keyserver. Is there anything in the "Base DN" > > field? > > > > David > > The PGP "Base DN" field contains: "ou=pgp keys,dc=company,dc=com". > I'll ask IT about the sldap.conf file. Okay, this explains what is going on. Both GnuPG and PGP use a LDAP feature to autodetect where the keys are stored in a given server. PGP has the ability to override the autodetection and force a particular base DN to search in. GnuPG only works with the autodetected value. I think the ability to override the base DN is useful, so I'll add that to the next GnuPG release. In the meantime, you can either arrange for the autodetection to work properly (with 'suffix "ou=pgp keys,dc=company,dc=com"' in your slapd.conf file), which would work for both PGP and GnuPG, or just hardcode that as your base DN in gpgkeys_ldap.c until the next release. David From hgr at vabo.cz Wed Jul 28 19:44:01 2004 From: hgr at vabo.cz (Ladislav Hagara) Date: Wed Jul 28 19:42:01 2004 Subject: Error 127 - Problem Fixed References: <20040728164253.85597.qmail@web41015.mail.yahoo.com> Message-ID: <4107E5E1.7AC0081C@vabo.cz> > My questions are: See http://www.gnupg.org/(en)/documentation/faqs.html ;-)) > 2. Is there also a gnupg for windows tool that I can use to encrypt my > email before sending it out in the internet, assuming I ssh the output > from my linux box to my widows PC? http://www.gnupg.org/(en)/related_software/frontends.html#win - lace - From johanw at vulcan.xs4all.nl Wed Jul 28 20:47:07 2004 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Wed Jul 28 19:44:34 2004 Subject: GnuPG 1.2.5 - make install In-Reply-To: <87d62gd1vs.fsf@wheatstone.g10code.de> from Werner Koch at "Jul 28, 2004 09:31:03 am" Message-ID: <200407281847.UAA00363@vulcan.xs4all.nl> Werner Koch wrote: >I don't have it in my mail folders but found it at lists.gnupg.org. > >After some investigations it turned out that your mail as well as some >others were uucp to my machine but it happened that on the same day I >moved all my mail stuff to my new laptop and obviously I missed some >mails still pending in the mail queue of my old machine after stopping >the uucico and the MTA. Does that mean that this also would have occurred if I CCed you instead of sending it to gnupg-users only? Do I have to CC you for messages I send to the mailinglist too, like I do now? Personally I find that a bit annoying since I'll get them twice. >I apologize for claiming nobody took the time to try our RC2. That's OK. Will you put a 1.2.5a or 1.2.5-1 online, or will this have to wait for 1.2.6 (if a 1.2.6 is in the planning anyway)? -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From wk at gnupg.org Wed Jul 28 20:00:41 2004 From: wk at gnupg.org (Werner Koch) Date: Wed Jul 28 20:03:27 2004 Subject: GnuPG 1.2.5 - make install In-Reply-To: <200407281847.UAA00363@vulcan.xs4all.nl> (Johan Wevers's message of "Wed, 28 Jul 2004 20:47:07 +0200 (MET DST)") References: <200407281847.UAA00363@vulcan.xs4all.nl> Message-ID: <87oem0au5y.fsf@wheatstone.g10code.de> On Wed, 28 Jul 2004 20:47:07 +0200 (MET DST), Johan Wevers said: > sending it to gnupg-users only? Do I have to CC you for messages I send to > the mailinglist too, like I do now? Personally I find that a bit annoying No, no. The mails simply got lost on my site. May happen anyway from time to time due to spam :-( > That's OK. Will you put a 1.2.5a or 1.2.5-1 online, or will this have to > wait for 1.2.6 (if a 1.2.6 is in the planning anyway)? 1.2.6 in a couple of days. Werner From servie_platon at yahoo.com Thu Jul 29 17:30:17 2004 From: servie_platon at yahoo.com (InHisGrip) Date: Thu Jul 29 17:27:36 2004 Subject: Error 127 - Problem Fixed In-Reply-To: <4107E5E1.7AC0081C@vabo.cz> Message-ID: <20040729153017.49687.qmail@web41009.mail.yahoo.com> Hi Lace, Thanks a lot for directing me to the right links and howto's. Appreciate it.... More power and good luck to you and to GnuPG group! Again, thank you. InHisGrip, Servie --- Ladislav Hagara wrote: > > My questions are: > > See > http://www.gnupg.org/(en)/documentation/faqs.html > ;-)) > > > 2. Is there also a gnupg for windows tool that I > can use to encrypt my > > email before sending it out in the internet, > assuming I ssh the output > > from my linux box to my widows PC? > > http://www.gnupg.org/(en)/related_software/frontends.html#win > > - lace - > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > __________________________________ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail From servie_platon at yahoo.com Fri Jul 30 03:43:17 2004 From: servie_platon at yahoo.com (InHisGrip) Date: Fri Jul 30 03:40:37 2004 Subject: Can't locate public key or pubring.gpg Message-ID: <20040730014317.78789.qmail@web41009.mail.yahoo.com> Hi folks, I compiled successfully gnupg-1.2.5.tar.gz. I followed the instructions on the gnupg handbook from generating a new key pair to generating a revocation certificate which all worked fine. However, when I went on to the section exchanging keys and exporting public key I could not get any improvement. If I do the command: # gpg --list-keys, I get only pub and sub. I don't see anything in the output: pubring.gpg. Did I do something wrong during the compile though I throught everything was fine? I could not find the public key so that I could export it or copy it to my windows machine. Any tips would be highly appreciated. Thanks in advance. InHisGrip, Servie __________________________________ Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! http://promotions.yahoo.com/new_mail From atom at suspicious.org Fri Jul 30 05:39:15 2004 From: atom at suspicious.org (Atom 'Smasher') Date: Fri Jul 30 05:36:36 2004 Subject: Can't locate public key or pubring.gpg In-Reply-To: <20040730014317.78789.qmail@web41009.mail.yahoo.com> References: <20040730014317.78789.qmail@web41009.mail.yahoo.com> Message-ID: <20040729233026.G45133@willy_wonka> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 > I compiled successfully gnupg-1.2.5.tar.gz. I followed > the instructions on the gnupg handbook from generating > a new key pair to generating a revocation certificate > which all worked fine. > > However, when I went on to the section exchanging keys > and exporting public key I could not get any > improvement. > > If I do the command: # gpg --list-keys, I get only pub > and sub. I don't see anything in the output: > pubring.gpg. > > Did I do something wrong during the compile though I > throught everything was fine? I could not find the > public key so that I could export it or copy it to my > windows machine. > > Any tips would be highly appreciated. Thanks in > advance. ========================== i'm assuming that you have a linux or unix type machine... in the above command, the prompt is a pound sign. are you running this as root? off topic, but it's usually best to avoid running things as root unless you have to. anyway, what happens if you do: gpg --list-keys or: gpg -a --export reading between the lines, it seems that you might be confused about exporting keys and listing keys... if you run the command above, it might make more sense. if it doesn't make more sense then let us know what error messages you get. ...atom _________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 ------------------------------------------------- "If someone created a database of all primes, won't he be able to use that database to break public-key algorithms? Yes, but he can't do it. If you could store one gigabyte of information on a drive weighing one gram, then a list of just the 512-bit primes would weigh so much that it would exceed the Chandrasekhar limit and collapse into a black hole... so you couldn't retrieve the data anyway" -- Bruce Schneier, Applied Cryptography -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures iQEcBAEBCAAGBQJBCcLqAAoJEAx/d+cTpVcirloIAJ6KMILf1wiDOYsazOtWLhXE vzy/UU+uCkIp+XGre2DqaFgSFJdBY4yZIY5BAfEhJHf6bI6WJvZV0CGLFFTgNPlg 8Zo0A5emFCQEPo73JnE3npAiEtJdlpJptfdnB0p3v6w+dX3YpwRRRwstj4Xx7LXF 68+1729bPP6NQjTuN0elc74/dKhloy9wykP8UW0qmnh0xfrcjxXxXE2Ui5m58F4L tWQQAmlUyiAtYAMs4/iPBdYGcllccivt0ts6lpGg00v8qe3wHS+7csVlSfRWd/BG FIvytzz/Y4DJdMO3Vv/no5xdy+5OXUpEY+DdUlGIyChP00ywNNveKg434YUjs4U= =Qp+y -----END PGP SIGNATURE----- From atom at suspicious.org Fri Jul 30 05:49:44 2004 From: atom at suspicious.org (Atom 'Smasher') Date: Fri Jul 30 05:46:40 2004 Subject: Can't locate public key or pubring.gpg In-Reply-To: <20040729233026.G45133@willy_wonka> References: <20040730014317.78789.qmail@web41009.mail.yahoo.com> <20040729233026.G45133@willy_wonka> Message-ID: <20040729234157.J45133@willy_wonka> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 btw, you should find you keyrings by doing this: ls ~/.gnupg but that's not something you'll need to do in order to use gpg. ...atom _________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 ------------------------------------------------- "As long as I am mayor of this city the great industries are secure. We hear about constitutional rights, free speech and the free press. Every time I hear these words I say to myself, 'That man is a Red, that man is a Communist'. You never hear a real American talk like that." -- Frank Hague, Mayor, Jersey City, NJ Addressing the Jersey City Chamber of Commerce, 12 Jan 1938 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures iQEcBAEBCAAGBQJBCcVdAAoJEAx/d+cTpVciB2kH/jyZMvFfjlCq4QOTUbaCtpTU pvxkQfck5VaxXLo7vXp+MxbGGKijkYs1W0JstVQbuuApwv51mqePnf94jniAve59 D2EoNyog+zt0H5G7W7PcjwjJVlDkIMUnWpBShnGgWtnSjTsJQSCrn2M9YifXXcU1 DR+cljkaG+HXshddNHzhHl+X6yr+TwtBH2ZReide0hwmkwLHm7HVLCqu1Aurln2d rTCETe9WNoA2nOFjyqhsuV3yvUlKQU5WhOR/5fipQa0I39h8i+gwWrvOEfYGzrde 07loHedj/w56q6DqJ8K1/UMVgZQ6zJPHg0tf8HNJLoDwcw//Ty1D6LuEUlnYDUE= =AdMK -----END PGP SIGNATURE----- From jan-peter.ruehmann at debitel.net Fri Jul 30 07:30:20 2004 From: jan-peter.ruehmann at debitel.net (=?ISO-8859-1?Q?Jan-Peter_R=FChmann?=) Date: Fri Jul 30 07:28:00 2004 Subject: GPG via Proxy =?iso-8859-1?q?isn=B4t_working?= Message-ID: <4109DCEC.6000404@debitel.net> Hello I?m Trying to use GnuPG over an HTTP_PROXY But it isn?t working, over the direct RAS access (local) it works but not via the Proxy. I?ve setted the "HTTP_PROXY" Variable in my "Autoexec.bat". SET HTTP_PROXY=192.168.1.10:80 And have the following "gpg.conf" keyserver-options honor-http-proxy auto-key-retrieve include-subkeys GnuPG is installed in C:\Programme\GnuPG and the Path is entered in the "PATH" in my "Autoexec.bat". SET PATH=C:\WINDOWS;C:\WINDOWS\COMMAND;c:\Perl\bin; C:\PROGRA~1\ATITEC~1\ATICON~1;C:\F-PROT; C:\Programme\GemeinsameDateien\GIS;C:\watcom\BINNT; C:\watcom\BINW\Tools;C:\Novell\Client32;C:\watcom\BINW; C:\PROGRA~1\GEMEIN~1\ULEADS~1\MPEG; C:\PROGRA~1\GRISOFT\AVG6;c:\progra~1\gemein~1\gtk\2.0\bin; C:\Progra~1\GnuPG I?m using Windows98SE German Language the Sambar Proxy and the Sygate Personal Firewall on my Server. Sambar works as HTTP_PROXY on Port 80 Sygate allows only outgoing connections for Sambar on all Ports and all Protocolls no incomming smtp is allowed. inthe intranet is everythin for everyone allowed. what can I do to make it work? Thank you. Jan-Peter R?hmann Protection By The Ya-Right Network Virus Protection Team. Last Updated: Thu, Oct 17 9:42:03 PM EST 2002 -500 (GMT) Scanning for, 107,753 viruses, trojans and many variants. From heiko.teichmeier at sw-meerane.de Fri Jul 30 11:24:11 2004 From: heiko.teichmeier at sw-meerane.de (Heiko Teichmeier) Date: Fri Jul 30 11:21:27 2004 Subject: GPG via Proxy =?iso-8859-1?q?isn=B4t_working?= In-Reply-To: <4109DCEC.6000404@debitel.net> References: <4109DCEC.6000404@debitel.net> Message-ID: <410A13BA.60806@sw-meerane.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 You must set in environment too: ================================ SET ENIGMAIL_PASS_ENV=HTTP_PROXY to get the environment to enigmail. In gpg.conf must set too: ========================= keyserver x-hkp://blackhole.pca.dfn.de (or the server that you use) But, I have problems with this option too, in this time with win-XP, mozilla 1.6, gpg 1.2.4. At my win98 machines it works fine. Jan-Peter R?hmann schrieb: > Hello I?m Trying to use GnuPG over an HTTP_PROXY But it isn?t working, > over the direct RAS access (local) it works but not via the Proxy. > > I?ve setted the "HTTP_PROXY" Variable in my "Autoexec.bat". > > SET HTTP_PROXY=192.168.1.10:80 > > And have the following "gpg.conf" > > keyserver-options honor-http-proxy auto-key-retrieve include-subkeys > > GnuPG is installed in C:\Programme\GnuPG and the Path is entered in the > "PATH" in my "Autoexec.bat". > > SET PATH=C:\WINDOWS;C:\WINDOWS\COMMAND;c:\Perl\bin; > C:\PROGRA~1\ATITEC~1\ATICON~1;C:\F-PROT; > C:\Programme\GemeinsameDateien\GIS;C:\watcom\BINNT; > C:\watcom\BINW\Tools;C:\Novell\Client32;C:\watcom\BINW; > C:\PROGRA~1\GEMEIN~1\ULEADS~1\MPEG; > C:\PROGRA~1\GRISOFT\AVG6;c:\progra~1\gemein~1\gtk\2.0\bin; > C:\Progra~1\GnuPG > > I?m using Windows98SE German Language the Sambar Proxy and the Sygate > Personal Firewall on my Server. > > Sambar works as HTTP_PROXY on Port 80 > Sygate allows only outgoing connections for Sambar on all Ports and all > Protocolls no incomming smtp is allowed. inthe intranet is everythin for > everyone allowed. > > what can I do to make it work? > > Thank you. > > Jan-Peter R?hmann > > > Protection By The Ya-Right Network Virus Protection Team. > Last Updated: Thu, Oct 17 9:42:03 PM EST 2002 -500 (GMT) > Scanning for, 107,753 viruses, trojans and many variants. > > > > > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > MfG Stadtwerke Meerane GmbH Teichmeier Netzmeister NB Elt ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Tel: +49 3764 791720 Fax: +49 3764 791719 http://www.sw-meerane.de ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (MingW32) Comment: keys at: http://www.sw-meerane.de/telefonliste.html iD8DBQFBChO6PUJoyhqxajsRAqhCAJ9nveWN2iE7dBDHC2OwvDobM5pLKgCfeG9i T/JU0OLCc3Tmc1l7SujW/bo= =MCiv -----END PGP SIGNATURE----- -------------- next part -------------- A non-text attachment was scrubbed... Name: heiko.teichmeier.vcf Type: text/x-vcard Size: 391 bytes Desc: not available Url : /pipermail/attachments/20040730/f80f4aa2/heiko.teichmeier-0002.bin -------------- next part -------------- A non-text attachment was scrubbed... Name: heiko.teichmeier.vcf Type: text/x-vcard Size: 390 bytes Desc: not available Url : /pipermail/attachments/20040730/f80f4aa2/heiko.teichmeier-0003.bin From servie_platon at yahoo.com Fri Jul 30 13:03:20 2004 From: servie_platon at yahoo.com (InHisGrip) Date: Fri Jul 30 13:00:44 2004 Subject: Can't locate public key or pubring.gpg - followup In-Reply-To: <20040729233026.G45133@willy_wonka> Message-ID: <20040730110320.57031.qmail@web41015.mail.yahoo.com> Hi Atom, Thanks for the reply. Initially, I intend to use gnupg to encrypt and sign or maybe just sign my emails because I wanted to make sure that the email gets received by the intended party as really coming from me. But I have a lot of questions in mind since I am new to gnupg. For instance, 1. Can I make my keys from /home/servie logged in root? Or shall I just logout of root and login using ordinary account and make myself another set of keys? 2. Can I just mv ~/.gnupg to /home/servie? And log in as user servie and be able to encrypt and sign. 3. Initially, I'd like to sign and encrypt attached file from my linux box and scp or ssh the file from this box to my windows machine in my small home network so that I could send an email with this attachment. Is there a better way to do this? I find that all gnupg experts who has emails replied to this user group has their email signed. I tried a windows frontend WinPT but it is hard to use especially with clipboard. Is there a fast way to sign or encrypt emails from windows? How do you customize your email so that all outgoing emails get a begin pgp signed message and end with the gnupg users list below? It's really cool and nice looking. My account is yahoo. And final question, any tips in sending encrypting files across the internet using gnupg on top of scp or ssh? I just need some ideas? Thanks a lot! Special mention also to John who also helped out. InHisGrip, Servie --- Atom 'Smasher' wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > > I compiled successfully gnupg-1.2.5.tar.gz. I > followed > > the instructions on the gnupg handbook from > generating > > a new key pair to generating a revocation > certificate > > which all worked fine. > > > > However, when I went on to the section exchanging > keys > > and exporting public key I could not get any > > improvement. > > > > If I do the command: # gpg --list-keys, I get only > pub > > and sub. I don't see anything in the output: > > pubring.gpg. > > > > Did I do something wrong during the compile though > I > > throught everything was fine? I could not find the > > public key so that I could export it or copy it to > my > > windows machine. > > > > Any tips would be highly appreciated. Thanks in > > advance. > ========================== > > i'm assuming that you have a linux or unix type > machine... > > in the above command, the prompt is a pound sign. > are you running this as > root? off topic, but it's usually best to avoid > running things as root > unless you have to. > > anyway, what happens if you do: > gpg --list-keys > or: > gpg -a --export > > reading between the lines, it seems that you might > be confused about > exporting keys and listing keys... if you run the > command above, it might > make more sense. if it doesn't make more sense then > let us know what error > messages you get. > > > ...atom > > _________________________________________ > PGP key - http://atom.smasher.org/pgp.txt > 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 > ------------------------------------------------- > > "If someone created a database of all primes, > won't he be > able to use that database to break public-key > algorithms? > Yes, but he can't do it. If you could store one > gigabyte > of information on a drive weighing one gram, then > a list > of just the 512-bit primes would weigh so much > that it > would exceed the Chandrasekhar limit and collapse > into a > black hole... so you couldn't retrieve the data > anyway" > -- Bruce Schneier, Applied Cryptography > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.3.6 (FreeBSD) > Comment: What is this gibberish? > Comment: > http://atom.smasher.org/links/#digital_signatures > > iQEcBAEBCAAGBQJBCcLqAAoJEAx/d+cTpVcirloIAJ6KMILf1wiDOYsazOtWLhXE > vzy/UU+uCkIp+XGre2DqaFgSFJdBY4yZIY5BAfEhJHf6bI6WJvZV0CGLFFTgNPlg > 8Zo0A5emFCQEPo73JnE3npAiEtJdlpJptfdnB0p3v6w+dX3YpwRRRwstj4Xx7LXF > 68+1729bPP6NQjTuN0elc74/dKhloy9wykP8UW0qmnh0xfrcjxXxXE2Ui5m58F4L > tWQQAmlUyiAtYAMs4/iPBdYGcllccivt0ts6lpGg00v8qe3wHS+7csVlSfRWd/BG > FIvytzz/Y4DJdMO3Vv/no5xdy+5OXUpEY+DdUlGIyChP00ywNNveKg434YUjs4U= > =Qp+y > -----END PGP SIGNATURE----- > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > __________________________________ Do you Yahoo!? New and Improved Yahoo! Mail - Send 10MB messages! http://promotions.yahoo.com/new_mail From atom at suspicious.org Fri Jul 30 19:01:31 2004 From: atom at suspicious.org (Atom 'Smasher') Date: Mon Aug 2 16:17:21 2004 Subject: Can't locate public key or pubring.gpg - followup In-Reply-To: <20040730110320.57031.qmail@web41015.mail.yahoo.com> References: <20040730110320.57031.qmail@web41015.mail.yahoo.com> Message-ID: <20040730123328.W45133@willy_wonka> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Fri, 30 Jul 2004, InHisGrip wrote: > Thanks for the reply. ==================== you got that part working? > Initially, I intend to use gnupg to encrypt and sign > or maybe just sign my emails because I wanted to make > sure that the email gets received by the intended > party as really coming from me. > > But I have a lot of questions in mind since I am new > to gnupg. > > For instance, > > 1. Can I make my keys from /home/servie logged in > root? Or shall I just logout of root and login using > ordinary account and make myself another set of keys? ================ make another set of keys as user 'xyz'. you can use "--export-secret-key {key-id}" to export secret keys, and a secret key be in more than one keyring. this is probably the best way for you to use both IDs with both users. in each users ~/.gnupg/gpg.conf just add a line like this: default-key 0xD9F57808 to determine the key that that account will use as a default. if you're using the ~other~ key, use "-u user". > 2. Can I just mv ~/.gnupg to /home/servie? And log in > as user servie and be able to encrypt and sign. ================= most things, esp checking mail, should NOT be done as root when it can be avoided. you don't have to move the directory or it's contents in order to copy the keys. > 3. Initially, I'd like to sign and encrypt attached > file from my linux box and scp or ssh the file from > this box to my windows machine in my small home > network so that I could send an email with this > attachment. > > Is there a better way to do this? I find that all > gnupg experts who has emails replied to this user > group has their email signed. ==================== if i'm moving files between machines and i just want to make sure that they didn't get borked in transit, i'll check the hash on both machines. another option is to use your linux box for email. > I tried a windows frontend WinPT but it is hard to use > especially with clipboard. Is there a fast way to > sign or encrypt emails from windows? How do you > customize your email so that all outgoing emails get a > begin pgp signed message and end with the gnupg users > list below? It's really cool and nice looking. My > account is yahoo. =================== ??? i don't know anything about windoze, but if you're using gpg regularly, look into an MUA that can work with it. cut-n-paste is not reliable. > And final question, any tips in sending encrypting > files across the internet using gnupg on top of scp or > ssh? I just need some ideas? =============== ssh is encrypted, so you don't need gpg to protect the connection between two machines. if you're concern is the file after it gets to the other machine, then encrypt the file and scp the encrypted file... of course, if you don't trust the integrity of that machine, then you shouldn't be entering passphrases into it. ...atom _________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 ------------------------------------------------- "All animals are equal, but some more than others." -- George Orwell -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures iQEcBAEBCAAGBQJBCn7wAAoJEAx/d+cTpVci8l8H/02jV+yJGE9V3A1MNHJPa5ED sX76KJ6yIFuUqD5EXaohRFyJm8aeX6TkvkY7Ip6z6AnYfLlZtwgrMh1RNVNUHVQA Vr2I1H1k6HmU1XapP3Fz4e0am9lJIPHxFDU8co7baUrRHH3c7rpfrfrpdt0yeYW6 4ooLBdTnWdbuswIK8+Ks/VLBDHgknfJi0IoHA5lhcxcgY/okqeVpUxWt5Jw8+ibC WUcL40OWryboR0J7JFTSSu1CHbFCaFUoIpgeXmx2q2sZSLaRMQCqGfUm50dW4pVt 6MJVJUbtQBtE0tpeZ2uxBoOP1W2chXx3kROccf9pDIbWXJZ8WvfnBohH8rjWPxA= =+CD7 -----END PGP SIGNATURE----- From linux at codehelp.co.uk Fri Jul 30 19:06:36 2004 From: linux at codehelp.co.uk (Neil Williams) Date: Mon Aug 2 16:17:31 2004 Subject: Can't locate public key or pubring.gpg - followup In-Reply-To: <20040730110320.57031.qmail@web41015.mail.yahoo.com> References: <20040730110320.57031.qmail@web41015.mail.yahoo.com> Message-ID: <200407301806.40589.linux@codehelp.co.uk> On Friday 30 July 2004 12:03, InHisGrip wrote: > Initially, I intend to use gnupg to encrypt and sign > or maybe just sign my emails Then you need an email client that is security-aware - specifically PGP / GnuPG aware. On Linux, that's KMail, Mutt, Mozilla Thunderbird, Mozilla Mail and others. On Windows you want Eudora or Mozilla Thunderbird / Mozilla Mail. Mozilla on either platform needs the Enigmail plugin - don't know much about enigmail on Windows except that it works. Mozilla Thunderbird/Mail with enigmail also works on MacOSX. > 1. Can I make my keys from /home/servie logged in > root? Yes. You need access to the keys as an ordinary user so if you copy the files, make sure you use chown to set it to the username instead of root. If the username is servie, you'd need: # chown -R servie.servie .gnupg/ (Some Linux distros may require servie.staff or servie.users) Then logout of root (never a good idea to be in root) and copy the files. To prevent warnings from GnuPG, check the permissions on each file before and after the copy, use chmod to change. > Or shall I just logout of root and login using > ordinary account and make myself another set of keys? No point, you've got perfectly usable keys, just not the permission to access them as a user. > 2. Can I just mv ~/.gnupg to /home/servie? Yes, IF you change the ownership of the files once they are in /home/servie as root - you can't use files that are still owned by root when logged in as a user. Use ls -l to show the ownership and chown to change. > And log in > as user servie and be able to encrypt and sign. Once the files are readable by servie, yes. > 3. Initially, I'd like to sign and encrypt attached > file from my linux box and scp or ssh the file from > this box to my windows machine in my small home > network so that I could send an email with this > attachment. > Is there a better way to do this? Yes. 1. Sort out your GNU/Linux internet connection and send from GNU/Linux. 2. Sort out your Windows installation and sign within Windows. > I tried a windows frontend WinPT but it is hard to use > especially with clipboard. Only because you are using the wrong email client. > Is there a fast way to > sign or encrypt emails from windows? A competent email client is the first requirement. > list below? It's really cool and nice looking. My > account is yahoo. Now, see, that's where it goes pear-shaped. Using yahoo or any webmail service with signed emails is a PITA. Get a decent email client and sign automatically - it's just a case of entering the passphrase once in a while. The client does the rest. > And final question, any tips in sending encrypting > files across the internet using gnupg on top of scp or > ssh? I just need some ideas? I'd say one or t'other. Sending a file encrypted with GnuPG over an SSH connection is overkill. If SSH isn't good enough, just use GnuPG. If GnuPG isn't good enough, don't use the internet to send it! P.S. PLEASE strip unnecessary lines from your replies. Poor quoting will put people off helping you. -- Neil Williams ============= http://www.codehelp.co.uk/ http://www.dclug.org.uk/ http://www.isbn.org.uk/ http://sourceforge.net/projects/isbnsearch/ http://www.biglumber.com/x/web?qs=0x8801094A28BCB3E3 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: signature Url : /pipermail/attachments/20040730/a3776719/attachment.bin From johanw at vulcan.xs4all.nl Fri Jul 30 19:48:55 2004 From: johanw at vulcan.xs4all.nl (Johan Wevers) Date: Mon Aug 2 16:17:38 2004 Subject: Can't locate public key or pubring.gpg In-Reply-To: <20040729233026.G45133@willy_wonka> from "Atom 'Smasher'" at "Jul 29, 2004 11:39:15 pm" Message-ID: <200407301748.TAA00587@vulcan.xs4all.nl> Atom 'Smasher' wrote: > "If someone created a database of all primes, won't he be > able to use that database to break public-key algorithms? > Yes, but he can't do it. If you could store one gigabyte > of information on a drive weighing one gram, then a list > of just the 512-bit primes would weigh so much that it > would exceed the Chandrasekhar limit and collapse into a > black hole... so you couldn't retrieve the data anyway" > -- Bruce Schneier, Applied Cryptography Sorry for being off-topic, but I hope Bruce Schneier knows more about cryptography than about astrophysics. The Chandrasekhar limit is the limit after which a white dwarf collapses into a neutron star. The limit after which a neutron star collapses into a black hole is known as the Oppenheimer-Volkoff limit. -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html From rhardy at visi.com Sat Jul 31 03:33:42 2004 From: rhardy at visi.com (Tom Hardy) Date: Mon Aug 2 16:18:26 2004 Subject: UTF8 passphrase problem (I think) References: <20040709090558.GD8795@jeeves.decathlon> Message-ID: <4067197.yn2dc77YhS@visi.com> Tom Hardy wrote: > I just used kgpg to create a key pair on Suse 9.1, which uses UTF8 > encoding, and it works fine. > > I imported a key pair I made last year on Suse 8.2, which used an 8859 > encoding, and I can't enter a valid passphrase. Or rather the key > pair was already present, I think. > Just a note--I have a Windows copy of PGP 5 and intend to try resetting passphrases next time I reboot, and also to learn a bit more about UTF-8 and the current situation, but due to a suddenly hectic schedule I'll delay it for at least a week. Besides, I hate rebooting. :-) I'll be sure to report back the results. [...] -- Tom Hardy <*> rhardy@visi.com <*> http://www.visi.com/~rhardy Just don't create a file called -rf. --Larry Wall From Seppo.Laaksonen at digia.com Fri Jul 30 16:41:34 2004 From: Seppo.Laaksonen at digia.com (Seppo Laaksonen) Date: Wed Aug 4 09:59:46 2004 Subject: gpg: malformed CRC Message-ID: <8DB48D9E-E236-11D8-AD7D-000393CE2D60@digia.com> Hi, Upgraded to gnupg 1.2.5 running on MacOS X 10.3. Now I have problems in decrypting some of the incoming messages. This could be totally unrelated with the 1.2.5. The simple decryption error message is "gpg: malformed CRC". The same message decrypts just fine using commercial PGP 7.0. Here is what happens. [SeponTiBook1GHz:~] slaakso% uname -a Darwin SeponTiBook1GHz.local 7.4.0 Darwin Kernel Version 7.4.0: Wed May 12 16:58:24 PDT 2004; root:xnu/xnu-517.7.7.obj~7/RELEASE_PPC Power Macintosh powerpc [SeponTiBook1GHz:~] slaakso% gpg --version gpg (GnuPG) 1.2.5 Copyright (C) 2004 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. Home: ~/.gnupg Supported algorithms: Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA, ELG Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH Hash: MD5, SHA1, RIPEMD160, SHA256 Compression: Uncompressed, ZIP, ZLIB, BZIP2 [SeponTiBook1GHz:~] slaakso% pbpaste | gpg --decrypt --debug-all gpg: reading options from `/Users/slaakso/.gnupg/gpg.conf' gpg: DBG: iobuf-1.0: open `[stdin]' fd=0 gpg: DBG: iobuf-1.0: underflow: req=8192 gpg: DBG: iobuf-1.0: underflow: got=2148 rc=0 gpg: DBG: armor-filter: control: 5 gpg: DBG: iobuf-1.1: push `armor_filter' gpg: DBG: armor-filter: control: 5 gpg: DBG: iobuf chain: 1.1 `armor_filter' filter_eof=0 start=0 len=0 gpg: DBG: iobuf chain: 1.0 `file_filter(fd)' filter_eof=0 start=0 len=2148 gpg: DBG: armor-filter: control: 1 gpg: DBG: iobuf-1.1: underflow: req=8192 gpg: DBG: armor-filter: control: 3 gpg: malformed CRC gpg: DBG: iobuf-1.1: underflow: got=1526 rc=15 gpg: DBG: parse_packet(iob=1): type=10 length=3 (parse.mainproc.c.1152) gpg: DBG: parse_packet(iob=1): type=1 length=526 (new_ctb) (parse.mainproc.c.1152) gpg: DBG: mpi_alloc(2048) gpg: DBG: mpi_alloc_limb_space(2048) gpg: DBG: mpi_alloc(2048) gpg: DBG: mpi_alloc_limb_space(2048) gpg: DBG: free_packet() type=1 gpg: DBG: mpi_free gpg: DBG: dummy m_size called gpg: DBG: mpi_free_limb_space of size 0 gpg: DBG: mpi_free gpg: DBG: dummy m_size called gpg: DBG: mpi_free_limb_space of size 0 gpg: DBG: parse_packet(iob=1): type=1 length=526 (new_ctb) (parse.mainproc.c.1152) gpg: DBG: mpi_alloc(2048) gpg: DBG: mpi_alloc_limb_space(2048) gpg: DBG: mpi_alloc(2048) gpg: DBG: mpi_alloc_limb_space(2048) gpg: DBG: free_packet() type=1 gpg: DBG: mpi_free gpg: DBG: dummy m_size called gpg: DBG: mpi_free_limb_space of size 0 gpg: DBG: mpi_free gpg: DBG: dummy m_size called gpg: DBG: mpi_free_limb_space of size 0 gpg: DBG: parse_packet(iob=1): type=9 length=460 (new_ctb) (parse.mainproc.c.1152) gpg: DBG: free_packet() type=9 gpg: DBG: iobuf-1.1: error gpg: DBG: iobuf-1.1: close `armor_filter' gpg: DBG: armor-filter: control: 2 gpg: DBG: iobuf-1.0: close `file_filter(fd)' random usage: poolsize=600 mixed=0 polls=0/0 added=0/0 outmix=0 getlvl1=0/0 getlvl2=0/0 secmem usage: 0/0 bytes in 0/0 blocks of pool 0/32768 Am I missing something here? Any clues what could be wrong? -- Seppo