From wk at gnupg.org Tue May 1 15:27:02 2007 From: wk at gnupg.org (Werner Koch) Date: Tue, 01 May 2007 15:27:02 +0200 Subject: using private key on removable media In-Reply-To: (Alex L. Mauer's message of "Sun\, 29 Apr 2007 22\:08\:51 -0500") References: Message-ID: <87y7k8r7x5.fsf@wheatstone.g10code.de> On Mon, 30 Apr 2007 05:08, hawke at hawkesnest.net said: > first, when trying to sign a key using this setup, gnupg decides by > looking only at the first keyring that 'secret key parts are not > available'. even though they are available from the second keyring. The concept of working with several keyrings will eventually be removed. This will solve your problem - although in a way you may not like ;-) Shalom-Salam, Werner From hawke at hawkesnest.net Tue May 1 17:11:04 2007 From: hawke at hawkesnest.net (Alex Mauer) Date: Tue, 01 May 2007 10:11:04 -0500 Subject: using private key on removable media In-Reply-To: <87y7k8r7x5.fsf__9384.39568640224$1178026486$gmane$org@wheatstone.g10code.de> References: <87y7k8r7x5.fsf__9384.39568640224$1178026486$gmane$org@wheatstone.g10code.de> Message-ID: Werner Koch wrote: >> first, when trying to sign a key using this setup, gnupg decides by >> looking only at the first keyring that 'secret key parts are not >> available'. even though they are available from the second keyring. > > The concept of working with several keyrings will eventually be removed. > This will solve your problem - although in a way you may not like ;-) Let me guess -- I won't be able to keep the primary secret key offline any more? -Alex Mauer "hawke" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 252 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20070501/b516d834/attachment.pgp From wk at gnupg.org Tue May 1 18:09:23 2007 From: wk at gnupg.org (Werner Koch) Date: Tue, 01 May 2007 18:09:23 +0200 Subject: using private key on removable media In-Reply-To: (Alex Mauer's message of "Tue\, 01 May 2007 10\:11\:04 -0500") References: <87y7k8r7x5.fsf__9384.39568640224$1178026486$gmane$org@wheatstone.g10code.de> Message-ID: <87r6q0plu4.fsf@wheatstone.g10code.de> On Tue, 1 May 2007 17:11, hawke at hawkesnest.net said: > Let me guess -- I won't be able to keep the primary secret key offline > any more? No, no. It is just so that the public keys will be moved to a file (called keybox) which allows to store meta data like fingerprints and such and make searching for keys far more effective. The current keyrings are actually very slow and there must be magic somewhere so that they work at all. The new format is already used by gpgsm (X.509) and as soon as it has been implemented for gpg2 trehre will be just one keybox for all kinds of public keys. Shalom-Salam, Werner From hawke at hawkesnest.net Tue May 1 23:32:46 2007 From: hawke at hawkesnest.net (Alex Mauer) Date: Tue, 01 May 2007 16:32:46 -0500 Subject: using private key on removable media In-Reply-To: <87r6q0plu4.fsf__24709.8195985474$1178035990$gmane$org@wheatstone.g10code.de> References: <87y7k8r7x5.fsf__9384.39568640224$1178026486$gmane$org@wheatstone.g10code.de> <87r6q0plu4.fsf__24709.8195985474$1178035990$gmane$org@wheatstone.g10code.de> Message-ID: Werner Koch wrote: > On Tue, 1 May 2007 17:11, hawke at hawkesnest.net said: > >> Let me guess -- I won't be able to keep the primary secret key offline >> any more? > > No, no. > > It is just so that the public keys will be moved to a file (called > keybox) which allows to store meta data like fingerprints and such and > make searching for keys far more effective. The current keyrings are > actually very slow and there must be magic somewhere so that they work > at all. I assume private keys will also use this keybox? Either way, I'm not sure that it's relevant to my initial complaint, that gpg doesn't look at all the information available to it before deciding whether an operation is possible. I hope it will help, and I look forward to the keybox format solving my complaint. -Alex Mauer "hawke" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 252 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20070501/c25b9292/attachment.pgp From wk at gnupg.org Wed May 2 09:27:50 2007 From: wk at gnupg.org (Werner Koch) Date: Wed, 02 May 2007 09:27:50 +0200 Subject: using private key on removable media In-Reply-To: (Alex Mauer's message of "Tue\, 01 May 2007 16\:32\:46 -0500") References: <87y7k8r7x5.fsf__9384.39568640224$1178026486$gmane$org@wheatstone.g10code.de> <87r6q0plu4.fsf__24709.8195985474$1178035990$gmane$org@wheatstone.g10code.de> Message-ID: <87tzuvn0qx.fsf@wheatstone.g10code.de> On Tue, 1 May 2007 23:32, hawke at hawkesnest.net said: > I assume private keys will also use this keybox? Either way, I'm not No. Private keys will be be managed by gpg-agent. gpg2 will then ask gpg-agent whether a private key for a given public key is available for use. This also includes smart card keys and such. The whole secret-key stub stuff we currently use with gpg2 will just go away as it will be gpg-agent's business to decide whether a private (sub)key is available. Salam-Shalom, Werner From cpollock at embarqmail.com Thu May 3 00:24:40 2007 From: cpollock at embarqmail.com (Chris) Date: Wed, 2 May 2007 17:24:40 -0500 Subject: [Possible SPAM] Re: UID changes (was Key Revocation) In-Reply-To: References: <462AF1C1.6010805@securemecca.net> Message-ID: <200705021724.53286.cpollock@embarqmail.com> On Sunday 22 April 2007 1:18 am, Robert J. Hansen wrote: > > Optionally, later on you can also do a (again, you have to pick > > whether to "revuid" or "deluid) (a "#" indicates a comment): > > This will not work if you've sent your key to a keyserver, as is > recommended. It will also not work if you've sent your key on to > others; if and when you send them your new key, your old UID will > persist. > > Revocation of the UID is preferred. > > > All, apologies for the late reply, but I've been fighting with my ISP/DSL provider about some changes they've made that are causing each mail I send to be tagged as [possible spam] via the new mail server, Synacor. Embarq's contract ran out with Earhlink and they decided to go with Synacor whom it seems has no clue about running Spamassassin. So, the best thing to do is when I get everything setup the way it should be is to revoke the cpollock at earthlink.net UID. pub 1024D/98E6705C 2005-11-23 uid Chris Pollock (New email address as of 04/21/07) uid Chris Pollock Thanks for all the help, and I apologize also if this reply is tagged with Synacor's spam markup. Chris -- Chris KeyID 0xE372A7DA98E6705C -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : /pipermail/attachments/20070502/b460f690/attachment.pgp From rjh at sixdemonbag.org Thu May 3 02:38:23 2007 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Wed, 2 May 2007 19:38:23 -0500 Subject: [Possible SPAM] Re: UID changes (was Key Revocation) In-Reply-To: <200705021724.53286.cpollock@embarqmail.com> References: <462AF1C1.6010805@securemecca.net> <200705021724.53286.cpollock@embarqmail.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 > pub 1024D/98E6705C 2005-11-23 > uid Chris Pollock (New email address as of 04/21/07) > > uid Chris Pollock No need to put the (New email...) comment in place. The rule of thumb is to assume that any UID that's (a) not been revoked and (b) is signed by someone you trust is a good one, and the others are all bad. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (Darwin) iFYEAREIAAYFAkY5Lv8ACgkQf2XByo0Cu7MsAQDeNt14hA+vJUsSYrDjzZ+WC9Qp 5CCi8kPEIoPP0wDdGQo1i6JyK5ak7y497pcIeHxrYPBTTyqzXItCH4kBHAQBAQgA BgUCRjku/wAKCRC3APSC/q+BCdF6B/4lxad1BP3+hMO4Z3ZfPKGRjmE0lcii2NsW ky9P4i9YU0DUDDvN51xsGIZ+wBawHUGYF6TtwnzpVJs/drXlxaTYrfNo+60EQENy G2/28o1do5x58g/tKYatrb1N8hgMj7YfRysmU+4tWuC1jq7hW9e+ky87Ydr8PAam q4M15WAzxoufcHRiH4OIuVOgt0131x5kvSxVUxAo0GXLu/VteNhr1X8L/JzgnZ6o xywi8n62Q2pMZke/6GY8fho8vUjQ1s+g5Iltv4alWaCbnFhYQAMzrx3LObl0Ktoz Pg2T4RkylBsuaF84q4mfmnkXT01c+CtKlLaiXEQoli10Tfe58jOS =68Qg -----END PGP SIGNATURE----- From TangoVu at srcp.com Thu May 3 22:10:39 2007 From: TangoVu at srcp.com (Vu, Tango) Date: Thu, 3 May 2007 15:10:39 -0500 Subject: decrypting a file with passphrase in the command as an option In-Reply-To: <87irbiw88k.fsf@wheatstone.g10code.de> Message-ID: <09198BF40D41B54BA641392D1F165684038352E5@CORPDALLMSG05.na.srcp.net> I tried to change the passphrase to blank but it keep giving me errors both in Key Manager and GPA (btw, I am using GPG for Windows). I then tried to create a new key with blank passphrase and it wont let me. How do I remove a passphrase insteading of changing it? -----Original Message----- From: gnupg-users-bounces at gnupg.org [mailto:gnupg-users-bounces at gnupg.org] On Behalf Of Werner Koch Sent: Friday, April 27, 2007 3:08 AM To: jjabour Cc: gnupg-users at gnupg.org Subject: Re: decrypting a file with passphrase in the command as an option On Thu, 19 Apr 2007 18:11, jjabour at nshs.edu said: > > please enter passphrase> ****** > and it works > I would like to put the passphrase in the command so I wont be prompted for > it. Can this be done? Yes, the option is descriped in the man page. But before you do that you should think about it. It is in almost all cases better to remove the passphrase from the key. We have this question here every few weeks. Salam-Shalom, Werner _______________________________________________ Gnupg-users mailing list Gnupg-users at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users This message (including any attachments) may contain confidential or otherwise privileged information and is intended only for the individual(s) to which it is addressed. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secured or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message or that arise as a result of e-mail transmission. If verification is required please request a hard-copy version from the sender. SOURCECORP, Incorporated www.srcp.com From wk at gnupg.org Fri May 4 13:48:43 2007 From: wk at gnupg.org (Werner Koch) Date: Fri, 04 May 2007 13:48:43 +0200 Subject: [Announce] Libgcrypt 1.3.0 (development) released Message-ID: <87r6pw95d0.fsf@wheatstone.g10code.de> Hello! We are pleased to announce the availability of Libgcrypt 1.3.0. This is the first release of a series of development versions ebentually leading to a new stable 1.4 series. Libgcrypt is a general purpose library of cryptographic building blocks. It is originally based on code used by GnuPG. It does not provide any implementaion of OpenPGP or other protocols. Thorough understanding of applied cryptography is required to use libgcrypt. Changes relative to 1.2.4 are: * Reading and writing the random seed file is now protected by a fcntl style file lock on systems that provide this function. * Support for SHA-224 and HMAC using SHA-384 and SHA-512. * Support for the SEED cipher. * Support for the Camellia cipher. Note that Camellia is disabled by default, and that enabling it changes the license of libgcrypt from LGPL to GPL. * Support for OFB encryption mode. * gcry_mpi_rshift does not anymore truncate the shift count. * Reserved algorithm ranges for use by applications. * Support for DSA2. * The new function gcry_md_debug should be used instead of the gcry_md_start_debug and gcry_md_stop_debug macros. * New configure option --enable-random-daemon to support a system wide random daemon. The daemon code is experimental and not yet very well working. It will eventually allow to keep a global random pool for the sake of short living processes. * Non executable stack support is now used by default on systems supporting it. * Support for Microsoft Windows. * Assembler support for the AMD64 architecture. * New configure option --enable-mpi-path for optimized builds. * Experimental support for ECDSA; should only be used for testing. * New control code GCRYCTL_PRINT_CONFIG to print the build configuration. Source code is hosted at the GnuPG FTP server and its mirrors as listed at http://www.gnupg.org/download/mirrors.html . On the primary server the source file and its digital signatures is: ftp://ftp.gnupg.org/gcrypt/alpha/libgcrypt/libgcrypt-1.3.0.tar.bz2 (922k) ftp://ftp.gnupg.org/gcrypt/alpha/libgcrypt/libgcrypt-1.3.0.tar.bz2.sig This file is bzip2 compressed. The SHA-1 checksum is: 38361925fef99715eccb8a1f73110ce2f3c3896a libgcrypt-1.3.0.tar.bz2 For help on developing with Libgcrypt you should send mail to the grcypt-devel mailing list [1]. Improving Libgcrypt is costly, but you can help! We are looking for organizations that find Libgcrypt useful and wish to contribute back. You can contribute by reporting bugs, improve the software [2], or by donating money. Commercial support contracts for Libgcrypt are available [3], and they help finance continued maintenance. g10 Code GmbH, a Duesseldorf based company, is currently funding Libgcrypt development. We are always looking for interesting development projects. Happy hacking, Werner [1] See http://www.gnupg.org/documentation/mailing-lists.html . [2] Note that copyright assignments to the FSF are required. [3] See the service directory at http://www.gnupg.org/service.html . -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 204 bytes Desc: not available Url : /pipermail/attachments/20070504/84497c9e/attachment.pgp -------------- next part -------------- _______________________________________________ Gnupg-announce mailing list Gnupg-announce at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce From rhedlind at bigfoot.com Fri May 4 15:13:29 2007 From: rhedlind at bigfoot.com (Richard Hedlind) Date: Fri, 04 May 2007 06:13:29 -0700 Subject: Invaild Key Message-ID: <463B3179.6000106@bigfoot.com> Hi, I new to OpenPGP and GNUPG and have created myself a problem. I'm using Thunderbird 2.0.0.0 and Enigmai. I originally loaded gpg4win-1.0.9 and created a key pair successfully,key id 0xC8D5E165 pub/sec.. I deleted the program in my testing and reload gpg4win. Now my key ID is 0x2AD07B94 pub/sec. My problem now is when I go to sign or encrypt my email I get the following error. "Send operation aborted. INV_RECP 0 0xC8D5E165 gpg command line and output: C:\\program file\\gnu\\gnupg\\gpg.exe --charset utf8 --batch --no tty -- status-fd2 --comments 'using gnupg with mozilla - http://enigmail.mozdev.org' -a -t -e --trust model always --encrypt-to 0xC8D5E165 -r 0x39B0DE242AD07B94 -u 0xC8D5E165 gpg: 0xC8D5E165: skipped: public key not found gpg: [stdin]: encryption failed: public key not found I have cleaned up the registry reload gpg4win and enigmail to no avail. Also when I reload and built new keys I used the same passphase that I used originally. I would like to get back to square one and get it working. Any and all help would be greatly appreciated. From me at psmay.com Fri May 4 18:29:01 2007 From: me at psmay.com (Peter S. May) Date: Fri, 04 May 2007 12:29:01 -0400 Subject: Invaild Key In-Reply-To: <463B3179.6000106@bigfoot.com> References: <463B3179.6000106@bigfoot.com> Message-ID: <463B5F4D.40300@psmay.com> Richard Hedlind wrote: > My problem now is when I go to sign or encrypt my email I get the > following error. "Send operation aborted. INV_RECP 0 0xC8D5E165 gpg > command line and output: C:\\program file\\gnu\\gnupg\\gpg.exe > --charset utf8 --batch --no tty -- status-fd2 --comments 'using gnupg > with mozilla - http://enigmail.mozdev.org' -a -t -e --trust model always > --encrypt-to 0xC8D5E165 -r 0x39B0DE242AD07B94 -u 0xC8D5E165 gpg: > 0xC8D5E165: skipped: public key not found gpg: [stdin]: encryption > failed: public key not found Sounds to me like perhaps you forgot to change the key ID associated with your account in Enigmail. In Thunderbird 1.x (possibly slightly different in Thunderbird 2) it's a matter of going to Edit > Account Settings, then finding "OpenPGP Security" under your mail account. If my guess is correct, you'd see the "Use specific OpenPGP key ID" radio button set with your old key ID (0xC8D5E165) in the field. From there, you could select your new key with the "Select Key ..." button, or you could just hit the "Use email address of this identity to identify OpenPGP key" setting instead. If that's already set to the right key, you might just have to suck it up and look under the hood--that is, check the console application to make sure what you're trying to do works from there. Good fortune PSM -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 252 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20070504/af5d529d/attachment.pgp From japnews at gmx.de Fri May 4 19:05:27 2007 From: japnews at gmx.de (Jan Jansen) Date: Fri, 04 May 2007 19:05:27 +0200 Subject: Invaild Key In-Reply-To: <463B3179.6000106@bigfoot.com> References: <463B3179.6000106@bigfoot.com> Message-ID: <463B67D7.40000@gmx.de> Hi, this might help: 1. Open the profile folder of Thunderbird. 2. Open the file pref.js with a text editor. 3. Find lines similar to : user_pref("mail.identity.id1.pgpkeyId", "0xC8D5E165"); 4. Replace "0xC8D5E165" by "0x2AD07B94". 5. Save your changes. You can get the same effect by editing the point "OpenPGP-Security" in your Email-account settings. Jan > Hi, > I new to OpenPGP and GNUPG and have created myself a problem. > > I'm using Thunderbird 2.0.0.0 and Enigmai. I originally loaded > gpg4win-1.0.9 and created a key pair successfully,key id 0xC8D5E165 > pub/sec.. I deleted the program in my testing and reload gpg4win. > Now my key ID is 0x2AD07B94 pub/sec. > > My problem now is when I go to sign or encrypt my email I get the > following error. "Send operation aborted. INV_RECP 0 0xC8D5E165 gpg > command line and output: C:\\program file\\gnu\\gnupg\\gpg.exe > --charset utf8 --batch --no tty -- status-fd2 --comments 'using gnupg > with mozilla - http://enigmail.mozdev.org' -a -t -e --trust model always > --encrypt-to 0xC8D5E165 -r 0x39B0DE242AD07B94 -u 0xC8D5E165 gpg: > 0xC8D5E165: skipped: public key not found gpg: [stdin]: encryption > failed: public key not found > > > I have cleaned up the registry reload gpg4win and enigmail to no avail. > Also when I reload and built new keys I used the same passphase that I > used originally. I would like to get back to square one and get it working. > > Any and all help would be greatly appreciated. > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > From vesely at tana.it Sat May 5 11:41:26 2007 From: vesely at tana.it (Alessandro Vesely) Date: Sat, 05 May 2007 11:41:26 +0200 Subject: [Announce] Libgcrypt 1.3.0 (development) released In-Reply-To: <87r6pw95d0.fsf@wheatstone.g10code.de> References: <87r6pw95d0.fsf@wheatstone.g10code.de> Message-ID: <463C5146.2070906@tana.it> Werner Koch wrote: > [...] > Libgcrypt is a general purpose library of cryptographic building > blocks. It is originally based on code used by GnuPG. It does not > provide any implementaion of OpenPGP or other protocols. Thorough > understanding of applied cryptography is required to use libgcrypt. Are there plans to extend it so as to include those protocols? Otherwise, is it planned to turn gpgme into a library, or produce a library version of gpg itself? IMHO, the above would make it easier to implement GUIs plugins. Thanks in advance Ale From piotr.firlej at gmail.com Sat May 5 15:59:07 2007 From: piotr.firlej at gmail.com (Piotr Firlej) Date: Sat, 5 May 2007 15:59:07 +0200 Subject: need a lot of entropies - help me pls :) Message-ID: <5419f2d0705050659h7b0b5972k7f0db9af0639e142@mail.gmail.com> Hi! I'm new here, have subscribed to maillist coz have spent a lot of time on google and so on and there are few things I cannot pass thru with GPG and my own set up deadline is comming ;) My problem is I need to generate a lot of keys, up to 100 / hr and machine i wanna use for it doesn't do anything except keys generation but to do that i need a lot of entropies. Possibilities I have found is: 1) run something on machine I wanna use, that will generate entropies, i.e. light/temperature checker plugged to LPT or so to provide the same stuff to /dev/random as does keyboard/mouse moves 2) run Entropy Gathering Daemon Ad1) have no time to build it and even have no idea if that would work out Ad2) have installed EGD, have started egd.pl as an server, have recompilled GPG with --enable-static-rnd=egd there was no problem at all while compilation. Now when i try to generate key i get: gpg: WARNING: unsafe ownership on homedir `/kluczegpg2/.gnupg' gpg: invalid module `/usr/local/lib/gnupg/rndegd': /usr/local/lib/gnupg/rndegd: nie mo??na otworzy? pliku obiektu dzielonego: Nie ma takiego pliku ani katalogu last info means: cannot open file shared object: there is no such file or dir and that's true, there is not, i have no idea how and where to take it from to be able to put it there. In gnupg in sources i have /cypher where i can find module, but that doesn't help when i move it there.... any ideas guys? i stucked and have no idea what else could i do... maybe some other idea instead of EGD? i just need a lot of entropies :) Ciao :) -- Best regards, Piotr Firlej From piotr.firlej at gmail.com Sat May 5 21:03:02 2007 From: piotr.firlej at gmail.com (Piotr Firlej) Date: Sat, 5 May 2007 21:03:02 +0200 Subject: need a lot of entropies - help me pls :) In-Reply-To: <200705051816.54988.pg@futureware.at> References: <5419f2d0705050659h7b0b5972k7f0db9af0639e142@mail.gmail.com> <200705051816.54988.pg@futureware.at> Message-ID: <5419f2d0705051203p76f84725x499417314e2f23a0@mail.gmail.com> On 5/5/07, Philipp G?hring wrote: > Hi, Hi, thanks for reply, > Here you have a list of random number generators that are available on the > market: > http://www.cacert.at/cgi-bin/rngresults Nice list, i have been trying to use /dev/urandom, even have compiled gnupg with changes in configure file where i have changed all /dev/random /dev/srandom to /dev/urandom, but that doesn't help at all... have no other idea how to provide entropies to gnupg the any working way :( -- Pozdrawiam serdecznie, Piotr Firlej From wk at gnupg.org Sun May 6 09:44:07 2007 From: wk at gnupg.org (Werner Koch) Date: Sun, 06 May 2007 09:44:07 +0200 Subject: [Announce] Libgcrypt 1.3.0 (development) released In-Reply-To: <463C5146.2070906@tana.it> (Alessandro Vesely's message of "Sat\, 05 May 2007 11\:41\:26 +0200") References: <87r6pw95d0.fsf@wheatstone.g10code.de> <463C5146.2070906@tana.it> Message-ID: <873b2a5rco.fsf@wheatstone.g10code.de> On Sat, 5 May 2007 11:41, vesely at tana.it said: > Are there plans to extend it so as to include those protocols? No, this is not the goal of libcgrypt. > Otherwise, is it planned to turn gpgme into a library, or produce gpgme is a library. Salam-Shalom, Werner From vesely at tana.it Sun May 6 11:00:35 2007 From: vesely at tana.it (Alessandro Vesely) Date: Sun, 06 May 2007 11:00:35 +0200 Subject: [Announce] Libgcrypt 1.3.0 (development) released In-Reply-To: <873b2a5rco.fsf@wheatstone.g10code.de> References: <87r6pw95d0.fsf@wheatstone.g10code.de> <463C5146.2070906@tana.it> <873b2a5rco.fsf@wheatstone.g10code.de> Message-ID: <463D9933.3040107@tana.it> Werner Koch wrote: > On Sat, 5 May 2007 11:41, vesely at tana.it said: >> Otherwise, is it planned to turn gpgme into a library, or produce > > gpgme is a library. Ooops, yes, of course. I apologize for my illiteracy. I think you guessed I meant a standalone library, and no plan of gpgme development matched that idea. Thank you for you response anyway Ale From alex at bofh.net.pl Sun May 6 15:11:43 2007 From: alex at bofh.net.pl (Janusz A. Urbanowicz) Date: Sun, 6 May 2007 15:11:43 +0200 Subject: need a lot of entropies - help me pls :) In-Reply-To: <5419f2d0705051203p76f84725x499417314e2f23a0@mail.gmail.com> References: <5419f2d0705050659h7b0b5972k7f0db9af0639e142@mail.gmail.com> <200705051816.54988.pg@futureware.at> <5419f2d0705051203p76f84725x499417314e2f23a0@mail.gmail.com> Message-ID: <20070506131143.GC24528@hell.pl> On Sat, May 05, 2007 at 09:03:02PM +0200, Piotr Firlej wrote: > On 5/5/07, Philipp G?hring wrote: > >Hi, > Hi, thanks for reply, > > >Here you have a list of random number generators that are available on the > >market: > >http://www.cacert.at/cgi-bin/rngresults > > Nice list, i have been trying to use /dev/urandom, even have compiled > gnupg with changes in configure file where i have changed all > /dev/random /dev/srandom to /dev/urandom, but that doesn't help at > all... > /dev/urandom is bad for your security we could be more helpful if you told us what you're trying to accomplish in more general terms, maybe running keygen more than once a second isn't necessary -- JID: alex at hell.pl PGP: 0x46399138 From jbruni at mac.com Sun May 6 22:33:52 2007 From: jbruni at mac.com (Joseph Oreste Bruni) Date: Sun, 6 May 2007 13:33:52 -0700 Subject: need a lot of entropies - help me pls :) In-Reply-To: <20070506131143.GC24528@hell.pl> References: <5419f2d0705050659h7b0b5972k7f0db9af0639e142@mail.gmail.com> <200705051816.54988.pg@futureware.at> <5419f2d0705051203p76f84725x499417314e2f23a0@mail.gmail.com> <20070506131143.GC24528@hell.pl> Message-ID: <19CE9D9E-0B38-4773-BD30-446A4C941703@mac.com> On May 6, 2007, at 6:11 AM, Janusz A. Urbanowicz wrote: > On Sat, May 05, 2007 at 09:03:02PM +0200, Piotr Firlej wrote: >> On 5/5/07, Philipp G?hring wrote: >>> Hi, >> Hi, thanks for reply, >> >>> Here you have a list of random number generators that are >>> available on the >>> market: >>> http://www.cacert.at/cgi-bin/rngresults >> >> Nice list, i have been trying to use /dev/urandom, even have compiled >> gnupg with changes in configure file where i have changed all >> /dev/random /dev/srandom to /dev/urandom, but that doesn't help at >> all... >> > > /dev/urandom is bad for your security > Not always. Here is a portion of the man page from OS X: /dev/urandom is a compatibility nod to Linux. On Linux, /dev/ urandom will produce lower quality output if the entropy pool drains, while /dev/random will prefer to block and wait for additional entropy to be collected. With Yarrow, this choice and distinction is not necessary, and the two devices behave identically. You may use either. That said, it makes sense to know the system you're building on. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2508 bytes Desc: not available Url : /pipermail/attachments/20070506/f90af131/attachment.bin From mrwchandler84 at yahoo.com Sun May 6 21:37:17 2007 From: mrwchandler84 at yahoo.com (Donald Wayne Chandler) Date: Sun, 06 May 2007 14:37:17 -0500 Subject: Gnupg error Message-ID: <463E2E6D.9000509@yahoo.com> Hi, I'm posting this on multiple forums in the hope of getting my mistake corrected. I'm running Ubuntu 7.04, Thunderbird 2.0, Enigmail 0.95. It was working fine with gpg 1.4.6 or gpg 2.0.2. I installed gpg 2.0.3 yesterday, it was working fine. Today 1.4.6 and 2.0.3 both have errored out. Enigmail key management says "loading keys" but never does. Any encrypted and/or signed message times out without displaying. Any guidance will be appreciated. Please don't sign your message(s), I need to read them! ~$ gpg --list-keys gpg: checking the trustdb gpg: waiting for lock (held by 3150 - probably dead) ... ~$ gpg2 --list-keys gpg: checking the trustdb *** stack smashing detected ***: gpg2 terminated gpg: removing stale lockfile (created by 3150)Aborted (core dumped) ~$ gpg --version gpg (GnuPG) 1.4.6 Home: ~/.gnupg Supported algorithms: Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA Cypher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2 ~$ gpg2 --version gpg (GnuPG) 2.0.3 Home: ~/.gnupg Supported algorithms: Pubkey: RSA, ELG, DSA, ELG Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH Hash: MD5, SHA1, RIPEMD160, TIGER192, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3343 bytes Desc: S/MIME Cryptographic Signature Url : /pipermail/attachments/20070506/48ab7fe5/attachment.bin From mrwchandler84 at yahoo.com Mon May 7 00:24:50 2007 From: mrwchandler84 at yahoo.com (Donald Wayne Chandler) Date: Sun, 06 May 2007 17:24:50 -0500 Subject: Gnupg error [SOLVED] In-Reply-To: <463E2E6D.9000509@yahoo.com> References: <463E2E6D.9000509@yahoo.com> Message-ID: <463E55B2.9090805@yahoo.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Donald Wayne Chandler wrote: > Hi, I'm posting this on multiple forums in the hope of getting my > mistake corrected. > > I'm running Ubuntu 7.04, Thunderbird 2.0, Enigmail 0.95. It was working > fine with gpg 1.4.6 or gpg 2.0.2. I installed gpg 2.0.3 yesterday, it > was working fine. Today 1.4.6 and 2.0.3 both have errored out. I don't know the why, just the what. I deleted pubring.gpg.lock, secring.gpg.lock, and pubring.gpg.tmp from /.gnupg. Errors gone, I just don't know how I created them. - -=-=- ... There is no try. There is only do. Or do not. * TagZilla 0.066 * http://tagzilla.mozdev.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGPlWywJv9KA4qsBIRA+L4AKC3GcCexOdDSvrEtp/VxwqBA4UKkQCgko0Z CeFpxudEYtQK2p2YF0Bbch0= =W3Uz -----END PGP SIGNATURE----- -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3343 bytes Desc: S/MIME Cryptographic Signature Url : /pipermail/attachments/20070506/15c16f13/attachment.bin From jharris at widomaker.com Mon May 7 04:22:02 2007 From: jharris at widomaker.com (Jason Harris) Date: Sun, 6 May 2007 22:22:02 -0400 Subject: new (2007-04-29) keyanalyze results (+sigcheck) Message-ID: <20070507022202.GA756@wilma.widomaker.com> New keyanalyze results are available at: http://keyserver.kjsl.com/~jharris/ka/2007-04-29/ Signatures are now being checked using keyanalyze+sigcheck: http://dtype.org/~aaronl/ Earlier reports are also available, for comparison: http://keyserver.kjsl.com/~jharris/ka/ Even earlier monthly reports are at: http://dtype.org/keyanalyze/ SHA-1 hashes and sizes for all the "permanent" files: b1b9f153d7b6372c490ce3ac6b40817a881ea0ce 14761080 preprocess.keys 332a017366d48313b9ba21a8e1998dd2139530f6 8589800 othersets.txt e44eaabadd3623ed97c981df6e6caa04dbc24dfe 3535082 msd-sorted.txt dc586a32b7fe267eb37545fd6c673937b6cfde7b 2278 keyring_stats d76da935cf2e5ccd319bb1bd7a8b42fe2394d98e 1390239 msd-sorted.txt.bz2 9924dc3cd8e86ba8c141ccf2db5917b5f7586826 26 other.txt 393434537fd7d68242d6eee3aa1ff55dd865d431 1865983 othersets.txt.bz2 514a5a18918f8983a247a37c4ae749af0852b1e4 6016488 preprocess.keys.bz2 848d8d8f2b90b2053fd0ff0c7abf28af7e19ecb3 15302 status.txt b9b53c73579892f63c4ab3d816b951fa8feb57dc 194550 top1000table.html f9b1daa610ad2bb4ca401444a529a4ba60ef91fa 29638 top1000table.html.gz 25aa72776820f1d3fdfb8fe710ec63bb3c95c037 9783 top50table.html 2c6f44cf8045d4e5ae172ef84e1b22605251dc43 2529 D3/D39DA0E3 -- Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it? jharris at widomaker.com _|_ web: http://keyserver.kjsl.com/~jharris/ Got photons? (TM), (C) 2004 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 313 bytes Desc: not available Url : /pipermail/attachments/20070506/8d03e035/attachment-0001.pgp From shavital at mac.com Mon May 7 05:56:58 2007 From: shavital at mac.com (Charly Avital) Date: Mon, 07 May 2007 06:56:58 +0300 Subject: Gnupg error In-Reply-To: <463E2E6D.9000509@yahoo.com> References: <463E2E6D.9000509@yahoo.com> Message-ID: <463EA38A.90104@mac.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Donald Wayne Chandler wrote the following on 5/6/07 10:37 PM: [...] > ~$ gpg --list-keys > gpg: checking the trustdb > gpg: waiting for lock (held by 3150 - probably dead) ... Suggest you open your ~/.gnupg directory, you should find a file named "trustdb.gpg.lock" (without the quotation marks). Delete it, it should solve that problem. > > ~$ gpg2 --list-keys > gpg: checking the trustdb > *** stack smashing detected ***: gpg2 terminated > gpg: removing stale lockfile (created by 3150)Aborted (core dumped) It seems to have solved itself "removing stale lockfile (created by 3150)... I had the same problem (twice) a couple of weeks ago, you might find more information of the list's archives, [...] -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.3 (Darwin) Comment: GnuPG for Privacy Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEVAwUBRj6jg83GMi2FW4PvAQihoAf7Bvew9OfuyaKA9ijiodENjf2Sz2KidJwG hWVP7bVjA1IswTJbCQUo5yrC2mAz33NvR9Z9EcreIGuKtXjXCzywT3dUBRGI6/4C KLPtMMosK4VUyTfGz7ujrkQqxn8X8JUnmF5z5MFFv3zkQ5ESMZgY714tpNlODYQN 1c9KynWNcZbf/0FCtUylSVU3xDflmTDVLv1VrAlJl76DQG+ktYZXH8HWPQfgoyv7 Kh2rMWIN24QC1Hwsc2v5QAuKkMYJM2MU2/M5x24UYtSF6KBjM1bATf1ym4c4i7e4 HZstw6qUzYyp6BYp7cXoOwfP7UCAgQi5wEaQffTnNQt1xY9VQyKYXQ== =W5qn -----END PGP SIGNATURE----- From berland at gmail.com Mon May 7 10:27:55 2007 From: berland at gmail.com (Jim Berland) Date: Mon, 7 May 2007 16:27:55 +0800 Subject: Extra key best solution for very insecure locations? Message-ID: Hello everybody, I'm trying to find the best solution for using GPG on a USB drive while travelling. I read the FAQ about subkeys which suggests to only use subkeys on insecure computers. As far as I understand this, though, anybody who got hold of my private subkeys would still be able to read all my previous mails. The document was obviously written with workplace computers and such in mind, rather than heavily infected Windows PCs in internet cafes. Is there a possibility to have an additional encryption subkey, that is not used until explicitly asked for by the user? That way I could ask people to encrypt to that subkey only while I'm on the road. Since I assume that this is not possible, the best solution I can think of is to have another mail alias for my domain with another key for it. It would be easy to ask people to use that email address for a while and with a helpful email program (e.g. Thunderbird + Enigmail) the key selection/download would be easy, too. I think this strategy is going to work well enough, but I still want to ask around, if there are other opinions and experiences. I am thinking about getting a smart card by the way, but I'm not sure how I feel about having to carry a card reader around. Furthermore you cannot count on having two USB ports on any computer. Thank you for any comments From dshaw at jabberwocky.com Mon May 7 15:11:06 2007 From: dshaw at jabberwocky.com (David Shaw) Date: Mon, 7 May 2007 09:11:06 -0400 Subject: Extra key best solution for very insecure locations? In-Reply-To: References: Message-ID: <20070507131106.GB3390@jabberwocky.com> On Mon, May 07, 2007 at 04:27:55PM +0800, Jim Berland wrote: > Hello everybody, > > I'm trying to find the best solution for using GPG on a USB drive > while travelling. > > I read the FAQ about subkeys which suggests to only use subkeys on > insecure computers. As far as I understand this, though, anybody who > got hold of my private subkeys would still be able to read all my > previous mails. The document was obviously written with workplace > computers and such in mind, rather than heavily infected Windows PCs > in internet cafes. > > Is there a possibility to have an additional encryption subkey, that > is not used until explicitly asked for by the user? That way I could > ask people to encrypt to that subkey only while I'm on the road. This is certainly possible. The catch is that I suspect you'll find that people don't know how or aren't able to encrypt to a particular subkey some of the time, and a different subkey the rest of the time. GnuPG does, but not all OpenPGP programs have the ability to pick which subkey to encrypt to. David From bahamut at digital-signal.net Mon May 7 16:58:47 2007 From: bahamut at digital-signal.net (Andrew Berg) Date: Mon, 07 May 2007 09:58:47 -0500 Subject: W32 version tries to write to /dev/null Message-ID: <463F3EA7.2080800@digital-signal.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 I used the -n switch to simulate signing and it returned an error saying that /dev/null doesn't exist. gpg -v -n -o "somefile" -s "someotherfile" returns gpg: can't create `/dev/null': No such file or directory gpg: signing failed: file create error GPG 1.4.7 (W32) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEVAwUBRj8+p/iOA0Bgp4/LAQMkRAf+OdKlzmR5w4nkt0CRiYW6ISoOT7LJoYrg 2y06fus00rl0/nWuBIsrVYt48TuJdhI7TDsYydn5cvfClNmCE9eyTBj/BwcmFd7h m7TVM9Hlqa2TVI5ljMZU4TrPH2d1NnYjkOMLKyfvfLF6z7IuPULUn0LJo5rsJfaN TBY4XuJcV7UEKEIA4HNhkVo10qV3ftiyNdGU17BdXrscgVHUFwSCbfj3PbsHq+Pc FpLJLaix9IGAm69Yl+AL13tczTN3F5wYTHbua0j+JMEMnDGEwIGHKdU1ERo9QxIN c5thukGCmut96YtYHHE2bYOgQSg+bdxwRlNK7GcoH4YYRb+BxKe/bA== =FcRR -----END PGP SIGNATURE----- From rjh at sixdemonbag.org Mon May 7 17:54:44 2007 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 7 May 2007 10:54:44 -0500 Subject: Extra key best solution for very insecure locations? In-Reply-To: References: Message-ID: <6483D59E-80EC-42EE-8A98-BBED9F9C8498@sixdemonbag.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 > I'm trying to find the best solution for using GPG on a USB drive > while travelling. The (regrettably) short version: there isn't one. Physical control of hardware is a prerequisite for the safe use of any security software. Without that physical control, you're taking some substantial risks. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (Darwin) iFYEAREIAAYFAkY/S8QACgkQf2XByo0Cu7NmKADfaeVfeB8vDLkJzH+h0sEtkZZR H26TcJ6sdefCRgDdEzJjQF/T83M6L5tMCNnMIW36sbPKl9eoW6nFNokBHAQBAQgA BgUCRj9LxAAKCRC3APSC/q+BCfERB/9VTYffSRQDKcvM+zPY914kxdDTYyemODud VEaAVcyEQ2qarBKNGsKSHzIqz6bx0NY+AWM6sog7rXFGnbtR3wS+twq2daf5uzBo Sa5u7Kc1IXy2sZi2Be1i7j9COh3QCxIFEzsZRCwyKTLVNtyeqvPkjxDN4biSQSEH RIK5vyDgzdo377RYQlfW65pNmQAFll3JxCF/IpiH3UymTIkcnYyu0lSiab+UA4sh VaA5Tv7yA1wVdCWmMMGBECqHrwDv3Av8Kio8xg25cfv3wKmrhf6byeytNKJA99L+ G5WXAurq2CZd4W7ZHB3re50fcEQ3Wv/JsWlR36KcG0j9UVa5nThW =ZVkZ -----END PGP SIGNATURE----- From vedaal at hush.com Mon May 7 18:15:31 2007 From: vedaal at hush.com (vedaal at hush.com) Date: Mon, 07 May 2007 12:15:31 -0400 Subject: Extra key best solution for very insecure locations? Message-ID: <20070507161536.95067C38A5@mailserver10.hushmail.com> Jim Berland berland at gmail.com wrote on Mon May 7 10:27:55 CEST 2007 >I'm trying to find the best solution for using GPG >on a USB drive while travelling. .... >insecure computers... >heavily infected Windows PCs >in internet cafes. there is a simple and relatively secure solution: [1] carry a small inexpensive laptop, but do not use it for internet, use it only to encrypt/decrypt/sign (a toshiba libretto is ideal, as it is the about the size of a videocassette, but (afaik) has been discontinued for non-Japanese markets) [2] transfer the encrypted material to the usb and e-mail it on the internet cafe computer, and transfer any encrypted replies back to the usb [3] use good anti-virus and anti-spyware programs to check your usb when you re-attach it to the laptop, ( i would recommend an inexpensive small usb (128 megs) kept wiped of all files, and used only for such transfers, it makes it easier to detect if 'anything extra' is put on the usb by the host computer) vedaal -- Click to lower your debt and consolidate your monthly expenses http://tagline.hushmail.com/fc/CAaCXv1QPRP1Nic407WkGFJijx2ys0Ss/ From wk at gnupg.org Mon May 7 20:56:54 2007 From: wk at gnupg.org (Werner Koch) Date: Mon, 07 May 2007 20:56:54 +0200 Subject: W32 version tries to write to /dev/null In-Reply-To: <463F3EA7.2080800@digital-signal.net> (Andrew Berg's message of "Mon\, 07 May 2007 09\:58\:47 -0500") References: <463F3EA7.2080800@digital-signal.net> Message-ID: <87ejls5uo9.fsf@wheatstone.g10code.de> On Mon, 7 May 2007 16:58, bahamut at digital-signal.net said: > gpg: can't create `/dev/null': No such file or directory > gpg: signing failed: file create error Fixed in my working copy by using /dev/nul instead. Also for gpg2. Shalom-Salam, Werner From rjh at sixdemonbag.org Tue May 8 04:49:40 2007 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 7 May 2007 21:49:40 -0500 Subject: PRZ hospitalized References: <01E62E43-AE04-4C73-926A-8C3440C963FA@callas.org> Message-ID: <5E811D30-2067-4E0E-AFBB-9975AF994BDB@sixdemonbag.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 According to Jon Callas, PRZ has been hospitalized for cardiac surgery. Callas says there's "no ... immediate danger, but they're pushing him into the hospital quicker than any reasonable person would like". I have no idea how to get well-wishings to him, but his email address is pretty widely known. So if you're of a mind to be kind, well, now's the time. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (Darwin) iFYEAREIAAYFAkY/5UQACgkQf2XByo0Cu7MGgQDggOLEi//IjlDtNVe0Pw2phhto gOTmdS44gMAAUQDfY1u1lf47Qtnr05LMC+MQ+HPJ1LHn9EV+LF1+UIkBHAQBAQgA BgUCRj/lRAAKCRC3APSC/q+BCYKcB/9ycwVtjjgpeXKPrmSwSINKmbQ3CrmoFE7+ l7Ma0hYLYEZ/rDoxGf29J++lJZSyO76kshVRwOXFsFqapkgP4wS8LMVQ78rO8WCw HApqIUwcnb+AkQdO8sRv+6cMvUi5MSvDDdhzfiNemXrWt/mJgCHKAH+LQz68vgAJ /1EVW142oVKQ4dahV4f93J2V2/caWRJRwo/4caWgYhQOdXdTKUCdR5L+1jlBrmUH 5zPwKhtkEKayEgLUeUgM0AddfxcSKhYV8+ADrBA/JvTiWvTWRHvJwyvv7+37qyrw 0ViifHkmFd5CeyRstafuAW6NuaMhP5Y99VLjtSiFnUPUGeMBBTjt =1Z3w -----END PGP SIGNATURE----- From burak.oguz at portakalteknoloji.com Tue May 8 10:38:21 2007 From: burak.oguz at portakalteknoloji.com (=?ISO-8859-9?Q?Burak_O=F0uz?=) Date: Tue, 08 May 2007 11:38:21 +0300 Subject: [gpgme+gpg-agent] How to use gpg-agent in daemon Message-ID: <464036FD.9030802@portakalteknoloji.com> Hi, I am working on a Linux daemon which will be using gpgme for crypto purposes and I need to use gpg-agent in my program. But when I start my daemon it detaches itself from the current console therefore I can not use gpg-agent. How can I make gpg-agent system wide for all users. Thanks in advance --- burak From wk at gnupg.org Tue May 8 13:35:13 2007 From: wk at gnupg.org (Werner Koch) Date: Tue, 08 May 2007 13:35:13 +0200 Subject: [gpgme+gpg-agent] How to use gpg-agent in daemon In-Reply-To: <464036FD.9030802@portakalteknoloji.com> ("Burak =?utf-8?Q?O?= =?utf-8?Q?=C4=9Fuz=22's?= message of "Tue\, 08 May 2007 11\:38\:21 +0300") References: <464036FD.9030802@portakalteknoloji.com> Message-ID: <87sla7tuoe.fsf@wheatstone.g10code.de> On Tue, 8 May 2007 10:38, burak.oguz at portakalteknoloji.com said: > purposes and I need to use gpg-agent in my program. But when I start my > daemon it detaches itself from the current console therefore I can not Well daemons keep it deep in their genes to detach themself. > use gpg-agent. How can I make gpg-agent system wide for all users. Although I doubt that this is a good idea, it is easy: chmod 777 $(echo $GPG_AGENT_INFO | cut -d: -f1) then make GPG_AGENT_INFO available to all users. Insted of 777 you should put all users into one group, chgrp the socket and chmod to 770. Salam-Shalom, Werner From bahamut at digital-signal.net Tue May 8 19:19:53 2007 From: bahamut at digital-signal.net (Andrew Berg) Date: Tue, 08 May 2007 12:19:53 -0500 Subject: W32 version tries to write to /dev/null In-Reply-To: <87ejls5uo9.fsf@wheatstone.g10code.de> References: <463F3EA7.2080800@digital-signal.net> <87ejls5uo9.fsf@wheatstone.g10code.de> Message-ID: <4640B139.7050708@digital-signal.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Werner Koch wrote: > On Mon, 7 May 2007 16:58, bahamut at digital-signal.net said: > >> gpg: can't create `/dev/null': No such file or directory >> gpg: signing failed: file create error > > Fixed in my working copy by using /dev/nul instead How would that help? /dev/nul can't exist on a Windows system either. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEVAwUBRkCxOfiOA0Bgp4/LAQM3FwgAlX296BiqMZmECGjlNcDlt4bImcfOYzXH ZVF0xV5JYuadC12VN38p7Pzi6eAJOgn/WAbaFNyN5gYdfnIEALi0RMT+Hd+4yngi jArSmJSEBqvtXqbKAlqqo+dBDIfTRufFs5Mpo+xc1V8xtJdFbOIks0s9Qz5sgE3X fC2joB5wkB2M6aU7DwF60jTwLU5ivMmleG27E+Jjlbm38zQF5NQ7ZG4lcD6hWAuO MiRy1EUajR6wNmQ/O+HqZgt3w5phDMk+cbZ69sU4Hp6B6ndd0AWe6X3NXvqOyuyQ XktuaGDkNZaJcGYLvLQDR3jIu6lWoBJrK4ADXiRT+7nuQEOn8Zt4+Q== =LJ28 -----END PGP SIGNATURE----- From alex at bofh.net.pl Tue May 8 23:25:52 2007 From: alex at bofh.net.pl (Janusz A. Urbanowicz) Date: Tue, 8 May 2007 23:25:52 +0200 Subject: Extra key best solution for very insecure locations? In-Reply-To: References: Message-ID: <20070508212552.GC28458@hell.pl> On Mon, May 07, 2007 at 04:27:55PM +0800, Jim Berland wrote: > Hello everybody, > > I'm trying to find the best solution for using GPG on a USB drive > while travelling. > > I read the FAQ about subkeys which suggests to only use subkeys on > insecure computers. As far as I understand this, though, anybody who > got hold of my private subkeys would still be able to read all my > previous mails. The document was obviously written with workplace > computers and such in mind, rather than heavily infected Windows PCs > in internet cafes. I suggest abandoning carrying the key, and taking a good look at hushmail.com. Alex -- JID: alex at hell.pl PGP: 0x46399138 od zwracania uwagi na detale s? lekarze, adwokaci, programi?ci i zegarmistrze -- Czerski From bahamut at digital-signal.net Wed May 9 00:01:43 2007 From: bahamut at digital-signal.net (Andrew Berg) Date: Tue, 08 May 2007 17:01:43 -0500 Subject: Extra key best solution for very insecure locations? In-Reply-To: <20070508212552.GC28458@hell.pl> References: <20070508212552.GC28458@hell.pl> Message-ID: <4640F347.9020803@digital-signal.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Janusz A. Urbanowicz wrote: > On Mon, May 07, 2007 at 04:27:55PM +0800, Jim Berland wrote: >> Hello everybody, >> >> I'm trying to find the best solution for using GPG on a USB drive >> while travelling. >> >> I read the FAQ about subkeys which suggests to only use subkeys on >> insecure computers. As far as I understand this, though, anybody who >> got hold of my private subkeys would still be able to read all my >> previous mails. The document was obviously written with workplace >> computers and such in mind, rather than heavily infected Windows PCs >> in internet cafes. > > I suggest abandoning carrying the key, and taking a good look at hushmail.com. Which is probably even less secure. In order to compromise a PGP-encrypted message (without breaking the encryption), one must have the private key and passphrase. In order to compromise Hushmail, one only needs the passphrase, which is easier to obtain remotely. The former requires a silent keylogger, knowledge of the key's existence, and a program that will silently copy the key. The former requires an IE data miner (not uncommon) unless the caf? owner has another browser like Firefox or Opera, or allows users to use a portable browser like Firefox Portable. A keylogger would work for the latter as well. Personally, I wouldn't take the risk on a machine that I consider insecure. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEVAwUBRkDzGviOA0Bgp4/LAQOHTAgApdF9UKbbhyXdU5OdLuSlYHQ2eZ+raWel vFvnjOFq9NkZIl4YOm8WuZi7Al5Xv7lRzebjcq+4nZOmRkBCY5JnD58bjPFUp4Yv /B84T/scOV9bfqN2X0BVAA5QMmmy0YQFL9LGPCguidVHO8NikgJpIVaGyBijOiHW p52AOXSgNrV6U5pLagJffRwnIWEMD+0UGu592YJ6ije9MUqUEN+v3hUQyw1HFtUf B2KWKQ+apZ3k5muoV0wPjmVPp8kHD65JVRUM90kWiZBRt9gDZzvIBfQwjGFWxhdg ciTFrn3Y9oXI9pQYsiJopHPKziQeSDLhvLpTfVq1pbfdvgkoSmgntg== =m4BO -----END PGP SIGNATURE----- From hhhobbit at securemecca.net Wed May 9 02:21:53 2007 From: hhhobbit at securemecca.net (Henry Hertz Hobbit) Date: Tue, 08 May 2007 18:21:53 -0600 Subject: W32 version tries to write to /dev/null In-Reply-To: References: Message-ID: <46411421.8070808@securemecca.net> Andrew Berg wrote: > Werner Koch wrote: > >>> On Mon, 7 May 2007 16:58, bahamut at digital-signal.net said: >>> >>> >>> gpg: can't create `/dev/null': No such file or directory >>> gpg: signing failed: file create error >>> >>> Fixed in my working copy by using /dev/nul instead > > How would that help? /dev/nul can't exist on a Windows > system either. But NUL (nul) does exist, at least for now: command 1> NUL 2>&1 I use it all the time in my BAT, VBS, JS and PL (PERL) script files. But almost none of those script files work properly any more with Vista because any time you wander into protected areas you need administration privileges. I am talking about NORMAL Vista accounts, nothing special. Actually, you can start an elevated shell on Vista to run the script, but that is a real pain if you made it so people could just double-click on script files to run them. Here is the article on NUL and redirection: http://support.microsoft.com/kb/110930 Just be sure if you are throwing it away, then throw it ALL away. If you don't, you will still see the message. I have NO idea whether it works the same in both scripts and inside C / C++ / C# programs. Windows is notorious for having scripting and binaries frequently behaving differently and you can't interspangle a script that calls a binary that in turn calls another script on pre-Vista Windows like you do on 'nix machines. Supposedly, the new PowerShell (PS1) scripting is going to make the mixing of binaries and scripts possible; hopefully NUL will be a first class object. BAT is gone on Vista, and PowerShell is Object shell scripting (with LOTS of gotchas). HHH From wk at gnupg.org Wed May 9 10:59:23 2007 From: wk at gnupg.org (Werner Koch) Date: Wed, 09 May 2007 10:59:23 +0200 Subject: W32 version tries to write to /dev/null In-Reply-To: <4640B139.7050708@digital-signal.net> (Andrew Berg's message of "Tue\, 08 May 2007 12\:19\:53 -0500") References: <463F3EA7.2080800@digital-signal.net> <87ejls5uo9.fsf@wheatstone.g10code.de> <4640B139.7050708@digital-signal.net> Message-ID: <87fy66cqz8.fsf@wheatstone.g10code.de> On Tue, 8 May 2007 19:19, bahamut at digital-signal.net said: > How would that help? /dev/nul can't exist on a Windows system either. Used to work with some old MSDOS version. Just checked, does not work with XP - I'll change it to just "nul". Salam-Shalom, Werner From pg at futureware.at Sat May 5 18:16:53 2007 From: pg at futureware.at (Philipp =?utf-8?q?G=C3=BChring?=) Date: Sat, 5 May 2007 18:16:53 +0200 Subject: need a lot of entropies - help me pls :) In-Reply-To: <5419f2d0705050659h7b0b5972k7f0db9af0639e142@mail.gmail.com> References: <5419f2d0705050659h7b0b5972k7f0db9af0639e142@mail.gmail.com> Message-ID: <200705051816.54988.pg@futureware.at> Hi, Here you have a list of random number generators that are available on the market: http://www.cacert.at/cgi-bin/rngresults You can filter the whole list for hardware/software and the speed you need. Best regards, Philipp G?hring From wk at gnupg.org Wed May 9 12:58:43 2007 From: wk at gnupg.org (Werner Koch) Date: Wed, 09 May 2007 12:58:43 +0200 Subject: [Announce] GnuPG 2.0.4 released Message-ID: <87lkfyb6vw.fsf@wheatstone.g10code.de> Hello! We are pleased to announce the availability of a new stable GnuPG-2 release: Version 2.0.4 This is maintenance release with a few minor enhancements. The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data, create digital signatures, help authenticating using Secure Shell and to provide a framework for public key cryptography. It includes an advanced key management facility and is compliant with the OpenPGP and S/MIME standards. GnuPG-2 has a different architecture than GnuPG-1 (e.g. 1.4.7) in that it splits up functionality into several modules. However, both versions may be installed alongside without any conflict. In fact, the gpg version from GnuPG-1 is able to make use of the gpg-agent as included in GnuPG-2 and allows for seamless passphrase caching. The advantage of GnuPG-1 is its smaller size and the lack of dependency on other modules at run and build time. We will keep maintaining GnuPG-1 versions because they are very useful for small systems and for server based applications requiring only OpenPGP support. GnuPG is distributed under the terms of the GNU General Public License (GPL). GnuPG-2 works best on GNU/Linux or *BSD systems. Getting the Software ==================== Please follow the instructions found at http://www.gnupg.org/download/ or read on: GnuPG 2.0.4 may be downloaded from one of the GnuPG mirror sites or direct from ftp://ftp.gnupg.org/gcrypt/gnupg/ . The list of mirrors can be found at http://www.gnupg.org/mirrors.html . Note, that GnuPG is not available at ftp.gnu.org. On the FTP server and ist mirrors you should find the following files in the gnupg/ directory: gnupg-2.0.4.tar.bz2 (3491k) gnupg-2.0.4.tar.bz2.sig GnuPG source compressed using BZIP2 and OpenPGP signature. gnupg-2.0.3-2.0.4.diff.bz2 (237k) A patch file to upgrade a 2.0.3 GnuPG source tree. This patch does not include updates of the language files. Note, that we don't distribute gzip compressed tarballs. Checking the Integrity ====================== In order to check that the version of GnuPG which you are going to install is an original and unmodified one, you can do it in one of the following ways: * If you already have a trusted version of GnuPG installed, you can simply check the supplied signature. For example to check the signature of the file gnupg-2.0.4.tar.bz2 you would use this command: gpg --verify gnupg-2.0.4.tar.bz2.sig This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by that signing key. Make sure that you have the right key, either by checking the fingerprint of that key with other sources or by checking that the key has been signed by a trustworthy other key. Note, that you can retrieve the signing key using the command finger wk ,at' g10code.com or using a keyserver like gpg --recv-key 1CE0C630 The distribution key 1CE0C630 is signed by the well known key 5B0358A2. If you get an key expired message, you should retrieve a fresh copy as the expiration date might have been prolonged. NEVER USE A GNUPG VERSION YOU JUST DOWNLOADED TO CHECK THE INTEGRITY OF THE SOURCE - USE AN EXISTING GNUPG INSTALLATION! * If you are not able to use an old version of GnuPG, you have to verify the SHA-1 checksum. Assuming you downloaded the file gnupg-2.0.4.tar.bz2, you would run the sha1sum command like this: sha1sum gnupg-2.0.4.tar.bz2 and check that the output matches the first line from the following list: cc230636bb4226f6d7ac2db9b259d8e7f5529f84 gnupg-2.0.4.tar.bz2 9f1ad40f88ef567498b07dab718defc2ac319c35 gnupg-2.0.3-2.0.4.diff.bz2 What's New =========== * The server mode key listing commands are now also working for systems without the funopen/fopencookie API. * PKCS#12 import now tries several encodings in case the passphrase was not utf-8 encoded. New option --p12-charset for gpgsm. * Improved the libgcrypt logging support in all modules. Internationalization ==================== GnuPG comes with support for 27 languages. Due to a lot of new and changed strings most translations are not entirely complete. The Swedish, Turkish, German and Russian translations close to be complete. Documentation ============= We are currently working on an installation guide to explain in more detail how to configure the new features. As of now the chapters on gpg-agent and gpgsm include brief information on how to set up the whole thing. Please watch the GnuPG website for updates of the documentation. In the meantime you may search the GnuPG mailing list archives or ask on the gnupg-users mailing lists for advise on how to solve problems. Many of the new features are around for several years and thus enough public knowledge is already available. KDE's KMail is the most prominent user of GnuPG. In fact it has been developed along with the Kmail folks. Mutt users might want to use the configure option "--enable-gpgme" and "set use_crypt_gpgme" in ~/.muttrc to make use of GnuPG-2 to enable S/MIME in addition to a reworked OpenPGP support. The manual is also available online in HTML format at http://www.gnupg.org/documentation/manuals/gnupg/ and as an PDF at http://www.gnupg.org/documentation/manuals/gnupg.pdf . Support ======= Improving GnuPG is costly, but you can help! We are looking for organizations that find GnuPG useful and wish to contribute back. You can contribute by reporting bugs, improve the software, or by donating money. Commercial support contracts for GnuPG are available, and they help finance continued maintenance. g10 Code GmbH, a Duesseldorf based company owned and headed by GnuPG's principal author, is currently funding GnuPG development. We are always looking for interesting development projects. The GnuPG service directory is available at: http://www.gnupg.org/service.html Thanks ====== We have to thank all the people who helped with this release, be it testing, coding, translating, suggesting, auditing, administering the servers, spreading the word or answering questions on the mailing lists. Happy Hacking, The GnuPG Team (David, Marcus, Werner and all other contributors) -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 196 bytes Desc: not available Url : /pipermail/attachments/20070509/6d957c08/attachment.pgp -------------- next part -------------- _______________________________________________ Gnupg-announce mailing list Gnupg-announce at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce From yochanon at localnet.com Thu May 10 07:08:50 2007 From: yochanon at localnet.com (John B) Date: Thu, 10 May 2007 00:08:50 -0500 Subject: Second problem...gpg or kgpg? In-Reply-To: <1177698249.11212.16.camel@linux.site> References: <200704060129.38524.yochanon@localnet.com> <1177698249.11212.16.camel@linux.site> Message-ID: <200705100008.50085.yochanon@localnet.com> On Fri 27 April 07 13:24, Carl wrote: > On Fri, 2007-04-06 at 01:29 -0500, John B wrote: > > Hi again, > > > > Out of the blue, it seems kgpg doesn't see my .gnupg directory. I > > opened it up the other day just to check something, and it showed no keys > > at all. I went into the settings and all it allows is to see my /home/me > > directory which has a couple of .asc keys(?) in it but had no gpg.conf > > file until I imported the .asc keys. > > Is there a way to fix what's going on? Has this happened to anyone > > else? I did absolutely nothing with gpg or kgpg...no updates (other than > > the SuSE security update 2 or 3 months ago IIRR) to either of them. Still > > with 1.4.1 I think it is and was working fine until I happened to see it > > the other day. Sorry I'm not too good at explaining myself, but if > > there's any more info needed, it's easier if someone asks me and then > > I'll know better what needs to be said about my problem. > > Which version Suse and version of KGPG. I do wish they would Seahorse > its better than kgpg SuSE 9.3 and Kgpg 1.2.1. I've never had a problem with kgpg before, in almost 4 years now, but if I can't figure out what's wrong all of a sudden with it like this, I'm going to look hard into that Seahorse, heh. -- "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." Benjamin Franklin "Those who hammer their guns into plows will plow for those who do not." Thomas Jefferson -- "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." Benjamin Franklin "Those who hammer their guns into plows will plow for those who do not." Thomas Jefferson From alon.barlev at gmail.com Thu May 10 06:55:38 2007 From: alon.barlev at gmail.com (Alon Bar-Lev) Date: Thu, 10 May 2007 07:55:38 +0300 Subject: [Announce] GnuPG 2.0.4 released In-Reply-To: <87lkfyb6vw.fsf@wheatstone.g10code.de> References: <87lkfyb6vw.fsf@wheatstone.g10code.de> Message-ID: <9e0cf0bf0705092155y8acb3dei68ef96303b992aa7@mail.gmail.com> On 5/9/07, Werner Koch wrote: > Hello! > > We are pleased to announce the availability of a new stable GnuPG-2 > release: Version 2.0.4 Hello Werner, What about some issues regarding the environment: http://bugs.gentoo.org/show_bug.cgi?id=165493 And issues regarding gpgme? https://bugs.g10code.com/gnupg/issue772 http://lists.gnupg.org/pipermail/gnupg-devel/2007-February/023676.html Regards, Alon Bar-Lev. From wk at gnupg.org Thu May 10 09:57:58 2007 From: wk at gnupg.org (Werner Koch) Date: Thu, 10 May 2007 09:57:58 +0200 Subject: [Announce] GnuPG 2.0.4 released In-Reply-To: <9e0cf0bf0705092155y8acb3dei68ef96303b992aa7@mail.gmail.com> (Alon Bar-Lev's message of "Thu\, 10 May 2007 07\:55\:38 +0300") References: <87lkfyb6vw.fsf@wheatstone.g10code.de> <9e0cf0bf0705092155y8acb3dei68ef96303b992aa7@mail.gmail.com> Message-ID: <87d519860p.fsf@wheatstone.g10code.de> On Thu, 10 May 2007 06:55, alon.barlev at gmail.com said: > What about some issues regarding the environment: > http://bugs.gentoo.org/show_bug.cgi?id=165493 I don't understand what this is about. If there is a generic problem with pinentry, please add it to our bug tracker. This seems to be gentoo problem. > And issues regarding gpgme? > https://bugs.g10code.com/gnupg/issue772 Where is the problem? It has been fixed. Salam-Shalom, Werner p.s. Your MUA does not honor the MFT header. From alon.barlev at gmail.com Thu May 10 10:10:30 2007 From: alon.barlev at gmail.com (Alon Bar-Lev) Date: Thu, 10 May 2007 11:10:30 +0300 Subject: [Announce] GnuPG 2.0.4 released In-Reply-To: <87d519860p.fsf@wheatstone.g10code.de> References: <87lkfyb6vw.fsf@wheatstone.g10code.de> <9e0cf0bf0705092155y8acb3dei68ef96303b992aa7@mail.gmail.com> <87d519860p.fsf@wheatstone.g10code.de> Message-ID: <9e0cf0bf0705100110o6102fd80hb3ceef747b6d8063@mail.gmail.com> On 5/10/07, Werner Koch wrote: > On Thu, 10 May 2007 06:55, alon.barlev at gmail.com said: > > > What about some issues regarding the environment: > > http://bugs.gentoo.org/show_bug.cgi?id=165493 > > I don't understand what this is about. If there is a generic problem > with pinentry, please add it to our bug tracker. This seems to be > gentoo problem. I tried to... but could not find anyway I can open issue in your bug tracker. Now I see I can... Strange... It is not Gentoo problem, you have the same report at other distors: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=401957 I wish developers will stop saying this one... > > And issues regarding gpgme? > > https://bugs.g10code.com/gnupg/issue772 > > Where is the problem? It has been fixed. When, in which component gpg or gpgme? Very difficult to understand something from the description. It is in testing status for a long time. Alon From wk at gnupg.org Thu May 10 12:37:00 2007 From: wk at gnupg.org (Werner Koch) Date: Thu, 10 May 2007 12:37:00 +0200 Subject: [Announce] GnuPG 2.0.4 released In-Reply-To: <9e0cf0bf0705100110o6102fd80hb3ceef747b6d8063@mail.gmail.com> (Alon Bar-Lev's message of "Thu\, 10 May 2007 11\:10\:30 +0300") References: <87lkfyb6vw.fsf@wheatstone.g10code.de> <9e0cf0bf0705092155y8acb3dei68ef96303b992aa7@mail.gmail.com> <87d519860p.fsf@wheatstone.g10code.de> <9e0cf0bf0705100110o6102fd80hb3ceef747b6d8063@mail.gmail.com> Message-ID: <874pml7ynn.fsf@wheatstone.g10code.de> On Thu, 10 May 2007 10:10, alon.barlev at gmail.com said: > I tried to... but could not find anyway I can open issue in your bug tracker. > Now I see I can... Strange... Should be possible. The first spammer actually achieved it to :-(. > It is not Gentoo problem, you have the same report at other distors: > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=401957 Okay, that is a much clearer report. However, I am not able to replicate it. I am using the gtk2 pinentry for a year or so now. > When, in which component gpg or gpgme? > Very difficult to understand something from the description. > It is in testing status for a long time. gnupg/g10/ 2007-04-26 Marcus Brinkmann * passphrase.c (passphrase_to_dek): Write missing passphrase status message in case of cancellation. That's all AFAICS. Shalom-Salam, Werner From alon.barlev at gmail.com Thu May 10 12:46:31 2007 From: alon.barlev at gmail.com (Alon Bar-Lev) Date: Thu, 10 May 2007 13:46:31 +0300 Subject: [Announce] GnuPG 2.0.4 released In-Reply-To: <874pml7ynn.fsf@wheatstone.g10code.de> References: <87lkfyb6vw.fsf@wheatstone.g10code.de> <9e0cf0bf0705092155y8acb3dei68ef96303b992aa7@mail.gmail.com> <87d519860p.fsf@wheatstone.g10code.de> <9e0cf0bf0705100110o6102fd80hb3ceef747b6d8063@mail.gmail.com> <874pml7ynn.fsf@wheatstone.g10code.de> Message-ID: <9e0cf0bf0705100346n78ab450ayf3f6117561d30c42@mail.gmail.com> On 5/10/07, Werner Koch wrote: > Okay, that is a much clearer report. However, I am not able to > replicate it. I am using the gtk2 pinentry for a year or so now. I cannot replicate it too... It seem like a race condition... Alon. From dan at linux.it Wed May 9 16:37:54 2007 From: dan at linux.it (Daniele Cortesi) Date: Wed, 9 May 2007 16:37:54 +0200 Subject: Smartcard & expiring keys Message-ID: <20070509143754.GD6057@smtp.tiscali.it> Hello everybody, I have a question about GPG & smartcard with keys expiring after a limited period of time. Please address me directly in the answers because I'm not subscribed to the list. This is the situation: I use gpg with subkeys (sign & encrypt) on a smartcard, the main key is removed and saved offline. The subkeys expire after one year and now it's time to replace them. To do this operation I took the original keyring, with my complete secret key, and created two new keys with the "addcardkey" command, as usual with a one year lifetime. After that I removed again the secret keys from the working keyring and know I correctly have the new two key stubs in my working-keyring. Everything works fine. Let's get to the point: the next year, when this new keys will expire, I will have to create new keys and to do this I'll have to replace the keys on the smartcard which are not saved elsewhere. This means that after that operation I won't be able to read past encrypted messages anymore, am I correct? The only solution that comes to my mind is to NOT create the subkeys directly on the smartcard but to create them on the PC and then save them in the "master" keyring before moving them off the working-keyring into the smartcard. This way they will be always available in the "master" keyring. Is this to proper way to operate? Is there a better way to do the same? The idea of creating the keys off-smartcard seems to me a little stupid, as the smartcard was created for that. Maybe it's better to avoid limited lifetime on smartcard-keys? Thanks for any idea. Regards, dan -- JID: dan at jabber.linux.it (http://www.jabber.org) mailto:JID-"jabber." and remember: respect is everything . . . . . . . . . . . free your mind From yonaton at localnet.com Wed May 9 19:09:17 2007 From: yonaton at localnet.com (JB2) Date: Wed, 9 May 2007 12:09:17 -0500 Subject: Second problem...gpg or kgpg? In-Reply-To: <1177698249.11212.16.camel@linux.site> References: <200704060129.38524.yochanon@localnet.com> <1177698249.11212.16.camel@linux.site> Message-ID: <200705091209.17719.yonaton@localnet.com> On Fri 27 April 07 13:24, Carl wrote: > On Fri, 2007-04-06 at 01:29 -0500, John B wrote: > > Hi again, > > > > Out of the blue, it seems kgpg doesn't see my .gnupg directory. I > > opened it up the other day just to check something, and it showed no keys > > at all. I went into the settings and all it allows is to see my /home/me > > directory which has a couple of .asc keys(?) in it but had no gpg.conf > > file until I imported the .asc keys. > > Is there a way to fix what's going on? Has this happened to anyone > > else? I did absolutely nothing with gpg or kgpg...no updates (other than > > the SuSE security update 2 or 3 months ago IIRR) to either of them. Still > > with 1.4.1 I think it is and was working fine until I happened to see it > > the other day. Sorry I'm not too good at explaining myself, but if > > there's any more info needed, it's easier if someone asks me and then > > I'll know better what needs to be said about my problem. > > Which version Suse and version of KGPG. I do wish they would Seahorse > its better than kgpg SuSE 9.3 and Kgpg 1.2.1. I've never had a problem with kgpg before, in almost 4 years now, but if I can't figure out what's wrong all of a sudden with it like this, I'm going to look hard into that Seahorse, heh. -- "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." Benjamin Franklin "Those who hammer their guns into plows will plow for those who do not." Thomas Jefferson From bernhard at intevation.de Thu May 10 13:02:13 2007 From: bernhard at intevation.de (Bernhard Reiter) Date: Thu, 10 May 2007 13:02:13 +0200 Subject: gpgpgsm merging public kbx / exporting all keys Message-ID: <200705101302.16457.bernhard@intevation.de> Hi, having two machines I would want to merge my public x509 certificates from one to the other. Another use case would be backup purposes. What is the recommended way doing this? I found one and I believe this should be better documented. gpgsm --export >exported-x509-keys does not work. gpgsm: exporting more than one certificate is not possible in binary mode Oka so gpgsm --armor --export >exported-x509-keys and gpgsm --import exported-x509-keys works. While doing so I looked up the documentation "export [PATTERN]" and searching for PATTERN did not result into the section that explains how to select a user id. I suggest to add a sentence which contains "PATTERN" to this section. Also with gpg you can just gpg --import pubring.gpg which makes merging a lot easier. For the gpg trust-list there are command line options for exporting and importing. So I would suggest to add least add the example of the recommended way to the manual and textinfo documentation. I searched way to long to find this way. Best, Bernhard -- Managing Director - Owner: www.intevation.net (Free Software Company) Germany Coordinator: fsfeurope.org. Coordinator: www.Kolab-Konsortium.com. Intevation GmbH, Osnabr?ck, DE; Amtsgericht Osnabr?ck, HRB 18998 Gesch?ftsf?hrer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 1310 bytes Desc: not available Url : /pipermail/attachments/20070510/fc40c213/attachment.bin From mrwchandler84 at yahoo.com Thu May 10 20:33:14 2007 From: mrwchandler84 at yahoo.com (Donald Wayne Chandler) Date: Thu, 10 May 2007 13:33:14 -0500 Subject: Smartcard not recognized Message-ID: <4643656A.90208@yahoo.com> Hi, I've been unable to access my smartcard since switching to Linux. I'm running Ubuntu 7.04, Thunderbird 2.0, Enigmail 0.95, gpg 2.0.4 and gpg 1.4.7. I know Linux will support it, and would really appreciate some ideas on where the problem lies. :~$ gpg2 --card-status scdaemon[6606]: pcsc_transmit failed: not transacted (0x80100016) scdaemon[6606]: apdu_send_simple(0) failed: general error scdaemon[6606]: pcsc_transmit failed: not transacted (0x80100016) scdaemon[6606]: apdu_send_simple(0) failed: general error scdaemon[6606]: pcsc_transmit failed: not transacted (0x80100016) scdaemon[6606]: apdu_send_simple(0) failed: general error scdaemon[6606]: pcsc_transmit failed: not transacted (0x80100016) scdaemon[6606]: apdu_send_simple(0) failed: general error scdaemon[6606]: pcsc_transmit failed: not transacted (0x80100016) scdaemon[6606]: apdu_send_simple(0) failed: general error scdaemon[6606]: pcsc_transmit failed: not transacted (0x80100016) scdaemon[6606]: apdu_send_simple(0) failed: general error scdaemon[6606]: pcsc_transmit failed: not transacted (0x80100016) scdaemon[6606]: apdu_send_simple(0) failed: general error scdaemon[6606]: no supported card application found: General error gpg-agent[6605]: command learn failed: General error gpg: OpenPGP card not available: General error scdaemon[6606]: updating status of slot 0 to 0x0007 scdaemon[6606]: client pid is 6605, sending signal 12 :~$ scdaemon[6606]: scdaemon (GnuPG) 2.0.4 stopped :~$ gpg --card-status gpg: detected reader `Cherry XX33 00 00' gpg: pcsc_transmit failed: not transacted (0x80100016) gpg: apdu_send_simple(0) failed: general error Please insert the card and hit return or enter 'c' to cancel: gpg: pcsc_transmit failed: not transacted (0x80100016) gpg: apdu_send_simple(0) failed: general error Please insert the card and hit return or enter 'c' to cancel: c gpg: selecting openpgp failed: general error gpg: OpenPGP card not available: general error -- Donald Wayne Chandler mrwchandler84 at yahoo.com GPG KeyID: 0x4A00352C From hawke at hawkesnest.net Thu May 10 20:03:47 2007 From: hawke at hawkesnest.net (Alex Mauer) Date: Thu, 10 May 2007 13:03:47 -0500 Subject: Smartcard & expiring keys In-Reply-To: <20070509143754.GD6057__25584.8355046057$1178813200$gmane$org@smtp.tiscali.it> References: <20070509143754.GD6057__25584.8355046057$1178813200$gmane$org@smtp.tiscali.it> Message-ID: <46435E83.5070505@hawkesnest.net> Daniele Cortesi wrote: > > Let's get to the point: the next year, when this new keys will expire, I > will have to create new keys and to do this I'll have to replace the > keys on the smartcard which are not saved elsewhere. This means that > after that operation I won't be able to read past encrypted messages > anymore, am I correct? Correct. For this reason I for one do not use an encryption key on a smartcard; I use the smartcard only for signing and authentication. This also applies to damage/loss of the smartcard: once that privkey is gone you can't read emails encrypted with it. At the very least, it's probably better to generate the key outside of the smartcard and then import it. This way in addition to still being able to decrypt messages with an expired key, you also get a backup (which is of course relatively easy to keep offline: keep it on a USB key, print it out, whatever) -Alex Mauer "hawke" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 252 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20070510/d6376b76/attachment.pgp From rjh at sixdemonbag.org Fri May 11 04:56:52 2007 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 10 May 2007 21:56:52 -0500 Subject: Callas on PRZ Message-ID: "[PRZ is] out of surgery, doing well, and the doctors say he'll be better than he's been for ten years." Jon Callas, on ietf-openpgp I have no further information. Please keep PRZ in your thoughts, prayers, and superstitions, as appropriate to your beliefs and/or lack thereof. :) From wk at gnupg.org Fri May 11 10:29:56 2007 From: wk at gnupg.org (Werner Koch) Date: Fri, 11 May 2007 10:29:56 +0200 Subject: gpgpgsm merging public kbx / exporting all keys In-Reply-To: <200705101302.16457.bernhard@intevation.de> (Bernhard Reiter's message of "Thu\, 10 May 2007 13\:02\:13 +0200") References: <200705101302.16457.bernhard@intevation.de> Message-ID: <874pmj69vf.fsf@wheatstone.g10code.de> On Thu, 10 May 2007 13:02, bernhard at intevation.de said: > gpgsm --export >exported-x509-keys > does not work. > gpgsm: exporting more than one certificate is not possible in binary mode That is because most X.509 tools will take only the first ANS.1 object and ignore any concatenated objects. This is actually correct for an ASN.1 based system. There is no widely used standard for putting severeal keys int one object, thus we better allow only for one key. > gpgsm --armor --export >exported-x509-keys > and gpgsm --import exported-x509-keys works. ...no standard except for PEM encoded certificates - thus this works. > While doing so I looked up the documentation "export [PATTERN]" > and searching for PATTERN did not result into the section that > explains how to select a user id. I suggest to add a sentence > which contains "PATTERN" to this section. Reads now: `--export [PATTERN]' Export all certificates stored in the Keybox or those specified by the optional PATTERN. Those pattern consist of a list of user ids (*note how-to-specify-a-user-id::). When used along with the `--armor' option a few informational lines are prepended before each block. There is one limitation: As there is no commonly agreed upon way to pack more than one certificate into an ASN.1 structure, the binary export (i.e. without using `armor') works only for the export of one certificate. Thus it is required to specify a PATTERN which yields exactly one certificate. > Also with gpg you can just > gpg --import pubring.gpg which makes merging a lot easier. Most people here can guess my reply: No, no, no. This is an undocumented feature which works only due to the coincidence that the external and internal format is very similar. The inetrnal format may be changed at any time. The only way to access the keyrings is by using --import and export. > For the gpg trust-list there are command line options for exporting > and importing. So I would suggest to add least add the example > of the recommended way to the manual and textinfo documentation. You mean: Howto migrate a key from one system to the other? Well, I can add a short howto. The new GnuPG manual has anyway a section with hotwos. Salam-Shalom, Werner From peter at digitalbrains.com Fri May 11 14:53:26 2007 From: peter at digitalbrains.com (Peter Lebbing) Date: Fri, 11 May 2007 14:53:26 +0200 Subject: Secure text editor? Message-ID: <46446746.4000502@digitalbrains.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello all, I want to have a text file with personal data in it, which I encrypt to myself, and decrypt to view and edit. However, to do that securely, I need an editor which will not leak the text in any way, so locking it's pages in memory so they won't be swapped out, and other angles of attack. In short, an editor written with security in mind, suitable for editing sensitive data. It's okay if it does that on plaintext files, I suppose, I can encrypt and wipe the original to get rid of that, or do I miss something there? My workstation runs Windows, but I think I would prefer a tool that works under Linux too (possibly under Cygwin in Windows). It would be cool if it integrated with GnuPG so I don't have to manually en- and decrypt, but it's not a demand unless, like I said, I missed some vector of attack. Does anybody know an editor that's up to the job? Regards, Peter Lebbing. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQCVAwUBRkRnRfqr/97I5g4/AQJXvAP9Hv9W42aZ1Ej3pJHEkGVg0IdvLAeqpTOr id8zJc3RBuGdFTLEroiGX7A522/mzkzqeaphB/M63si/w2Og2TMldCU3D5mR08pA Ytq4JjiH6DKC7nabJTl+3U9BpQ0lnkRe5gxpT0BcSM2domW90B5xMTFjNtu4qyND Zphitc/eHWM= =7hRv -----END PGP SIGNATURE----- From jbruni at mac.com Fri May 11 17:39:14 2007 From: jbruni at mac.com (Joseph Oreste Bruni) Date: Fri, 11 May 2007 08:39:14 -0700 Subject: Secure text editor? In-Reply-To: <46446746.4000502@digitalbrains.com> References: <46446746.4000502@digitalbrains.com> Message-ID: It is a requirement that the files themselves be encrypted individually or would it suffice to use an encrypted file system? Since you are only encrypting in place and not transferring the documents to another individual, there is probably no need to use public-key encryption. Any tool that does AES-128 or the like would suffice. On Mac OS X, I have the ability to use an encrypted disk image in which to store various documents, but I'm not aware of any editors that do explicit encryption/decryption as part of their read/write functions. On May 11, 2007, at 5:53 AM, Peter Lebbing wrote: > Hello all, > > I want to have a text file with personal data in it, which I > encrypt to > myself, and decrypt to view and edit. However, to do that securely, > I need > an editor which will not leak the text in any way, so locking it's > pages in > memory so they won't be swapped out, and other angles of attack. In > short, > an editor written with security in mind, suitable for editing > sensitive > data. It's okay if it does that on plaintext files, I suppose, I > can encrypt > and wipe the original to get rid of that, or do I miss something > there? > > My workstation runs Windows, but I think I would prefer a tool that > works > under Linux too (possibly under Cygwin in Windows). It would be > cool if it > integrated with GnuPG so I don't have to manually en- and decrypt, > but it's > not a demand unless, like I said, I missed some vector of attack. > > Does anybody know an editor that's up to the job? > > Regards, > > Peter Lebbing. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2508 bytes Desc: not available Url : /pipermail/attachments/20070511/9e92deae/attachment.bin From malayter at gmail.com Fri May 11 19:47:13 2007 From: malayter at gmail.com (Ryan Malayter) Date: Fri, 11 May 2007 12:47:13 -0500 Subject: Secure text editor? In-Reply-To: References: <46446746.4000502@digitalbrains.com> Message-ID: <5d7f07420705111047y99a0887h5a8dabd2dde68f57@mail.gmail.com> On 5/11/07, Joseph Oreste Bruni wrote: > It is a requirement that the files themselves be encrypted > individually or would it suffice to use an encrypted file system? It seems you really want/need a *full-disk* encryption solution, so that any temporary files and system pagefiles are also encrypted. We use the commercial PGP solution for that, but there are other options for Windows. The solutions are very OS-specific, though; on Linux there are quite a few free choices of varying complexity and quality. Truecrypt is somewhat cross-platform, and makes good encrypted file containers, but it won't encrypt the pagefile, or your system's security databases/password files (Linux or Windows). -- RPM ========================= All problems can be solved by diplomacy, but violence and treachery are equally effective, and more fun. -Anonymous From grove.jane at gmail.com Sat May 12 03:38:23 2007 From: grove.jane at gmail.com (jane grove) Date: Fri, 11 May 2007 20:38:23 -0500 Subject: Encrypt with key ID Message-ID: Hello, What is the GPG command to use a recipient's key ID to encrypt files? I tried the following command but it didn't work: gpg --batch -ea filename keyid Thanks! From JPClizbe at tx.rr.com Sat May 12 04:20:49 2007 From: JPClizbe at tx.rr.com (John Clizbe) Date: Fri, 11 May 2007 21:20:49 -0500 Subject: Encrypt with key ID In-Reply-To: References: Message-ID: <46452481.4050802@tx.rr.com> jane grove wrote: > Hello, > What is the GPG command to use a recipient's key ID to encrypt files? > I tried the following command but it didn't work: > gpg --batch -ea filename keyid Almost... gpg --batch -ea -r keyid filename repeat -r as often as needed. -- John P. Clizbe Inet: John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. PGP/GPG KeyID: 0x608D2A10/0x18BB373A "what's the key to success?" / "two words: good decisions." "what's the key to good decisions?" / "one word: experience." "how do i get experience?" / "two words: bad decisions." "Just how do the residents of Haiku, Hawai'i hold conversations?" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 662 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20070511/29fb879f/attachment-0001.pgp From z.himsel at gmail.com Mon May 14 00:32:42 2007 From: z.himsel at gmail.com (Zach Himsel) Date: Sun, 13 May 2007 18:32:42 -0400 Subject: Secure text editor? In-Reply-To: <46446746.4000502@digitalbrains.com> References: <46446746.4000502@digitalbrains.com> Message-ID: <8d5f78b30705131532o5cdd4d36rdeaa9ad2d994b8d0@mail.gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 5/11/07, Peter Lebbing wrote: > Does anybody know an editor that's up to the job? On 5/11/07, Joseph Oreste Bruni wrote: > Since you are only encrypting in place and not transferring the > documents to another individual, there is probably no need to use > public-key encryption. Any tool that does AES-128 or the like would > suffice. There is a small program called Locknote (tinyurl.com/25q3m2). It is a Windows executable (AFAIK it does not work on Linux, unless Wine would work). It is a simple text editor that encrypts itself when you close it. I'm not sure how secure it is, but it seems alright (256-bit AES symmetric). I just wanted to put that out there if you wanted to try it. Note: the executable file saves to itself (the editor itself is the document) so i'd make a backup of the original executable to make more docs. - -- Zach Himsel |_|0|_| ----------- OpenPGP Key: 0x9A1DFCAC ----------- |_|_|0| () I support the **ASCII Ribbon Campaign** |0|0|0| /\ (against html mail & proprietary attachments) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) - GPGshell v3.61 Comment: Zach Himsel iQEVAwUBRkeR/ra4sKCaHfysAQLZMwf9EBeXZSI809p/XKI7ouaQO3UgGUMmOUfu wiSiRSyssQrO6Nzgay+CXtunpGAKjwAgVxP8Qd5GPvq7Dx6U66Ajzn6uzJZN2NJ9 kImGIZl0YcXPxeBBB5x3RCvWreRjnaRDYcc8gqi/lHowEPA0ZVgI4a/FNNebJGo8 qRj7+VIafLHty6C1bMLM3th/QvhsEw1JOk8nm6EVMYhPJg6N89X8R2eJfwmWvbB+ 5+MJv2KdKcwMrNcCq/YHL3Juz1keBEgePdI0ZUu6/QJ0J2Jt+BbhkX2PLa/cMqYU YJH3YTjSGrESvfiRB/h4iyn1ct/5hEzWYHm1PGV/l5mGOe10ayHCqQ== =63jJ -----END PGP SIGNATURE----- From groups at caseyljones.net Mon May 14 10:44:51 2007 From: groups at caseyljones.net (Casey Jones) Date: Mon, 14 May 2007 01:44:51 -0700 Subject: Old PC as Hardware Security Module? Message-ID: <46482183.20004@caseyljones.net> Does anyone know of software available to make an old PC into something like a hardware security module. OpenHSM.org looks like what I want, but the site says they're still in the design phase, and the last update was in 2004. I can't stand the thought of storing my private key on my main computer. I use my main computer for things like web browsing and email, which I think puts its security in serious jeopardy. I think a separate computer which has only a single function, would be a valuable increase in security. I've been considering getting an OpenPGP Card, but there are three reasons I'm reluctant to. The main one is that I want something that will only do one signature or decryption at a time. That way if my machine is compromised, I'll only suffer one hit before I'll notice something's wrong. Can the OpenPGP Card be set to do one operation per pin entry when used with a card reader that has a keypad? This seems like such a useful feature to me that I'm surprised smart card manufacturers don't embed little buttons near the edge of the smart card. The second reason is that I generally prefer open source security software. It seems the OpenPGP Card relies on the proprietary BasicCard operating system. Finally, it looks like the OpenPGP Card costs about 26.4 Euros (about $36) shipped from Europe. That's a little high for me right now. There are two other minor issues. I'd prefer my keys be encrypted when not in use, so that if my device falls into the wrong hands, I won't have to worry too much. Does the OpenPGP Card encrypt the keys while stored on the card? Also, the OpenPGP Card appears to be from a german organization, like the one that developed the Java Anonymous Proxy, and was forced by the german government to back door the software. Does the german government still consider it legal to force programmers to back door their software? I heard they were appealing it, but I never heard how that all turned out. With governments accusing each other of stealing proprietary info and such, I think I'd like to just keep my private key private. Does anyone know if any other democratic governments consider it legal to force programmers to incorporate back doors? Thanks, Casey From email at sven-radde.de Mon May 14 12:16:21 2007 From: email at sven-radde.de (Sven Radde) Date: Mon, 14 May 2007 12:16:21 +0200 Subject: Old PC as Hardware Security Module? In-Reply-To: <46482183.20004@caseyljones.net> References: <46482183.20004@caseyljones.net> Message-ID: <464836F5.7050604@sven-radde.de> Hi! Casey Jones schrieb: > Does anyone know of software available to make an old PC into something > like a hardware security module. What about Knoppix? It supports GnuPG and you can easily have your keys on a (dedicated) USB drive while booting your (regular or dedicated) PC with Knoppix to do crypto operations. cu, Sven From thomas-ml at vollmeronline.de Mon May 14 10:31:07 2007 From: thomas-ml at vollmeronline.de (Thomas Vollmer) Date: Mon, 14 May 2007 10:31:07 +0200 Subject: Secure text editor? In-Reply-To: <46446746.4000502@digitalbrains.com> References: <46446746.4000502@digitalbrains.com> Message-ID: <200705141031.12150.thomas-ml@vollmeronline.de> On Freitag, 11. Mai 2007, Peter Lebbing wrote: > Hello all, Hi, > I want to have a text file with personal data in it, which I encrypt > to myself, and decrypt to view and edit. However, to do that securely, > I need an editor which will not leak the text in any way, so locking [...] > decrypt, but it's not a demand unless, like I said, I missed some > vector of attack. > > Does anybody know an editor that's up to the job? I use my standard text edit for this. It is vim with the gnupg plugin from Markus Braun ( http://vim.sourceforge.net/scripts/script.php?script_id=661 ) installed. Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part. Url : /pipermail/attachments/20070514/53e950a5/attachment.pgp From rjh at sixdemonbag.org Mon May 14 12:37:57 2007 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 14 May 2007 05:37:57 -0500 Subject: Old PC as Hardware Security Module? In-Reply-To: <46482183.20004@caseyljones.net> References: <46482183.20004@caseyljones.net> Message-ID: <95008D83-261C-4CC8-A1F8-2782CC33FE73@sixdemonbag.org> > Does anyone know of software available to make an old PC into > something > like a hardware security module. What particular type of HSM do you mean? > I can't stand the thought of storing my private key on my main > computer. > I use my main computer for things like web browsing and email, which I > think puts its security in serious jeopardy. I think a separate > computer > which has only a single function, would be a valuable increase in > security. I'm assuming you're doing something incredibly high-value, like storing nuclear weapon release codes or voting data or mortgage contracts or classified material or... etc. If that's the case, then you need to talk to a professional and not the sort of more or less anonymous advice you're likely to get from a mailing list. If you're not doing these incredibly high-value things, then you may want to rethink your threat model. This appears to be excessive overkill for most threat models I can imagine. I'm certainly not going to tell you that you shouldn't be doing these things. I don't know you and I don't know what you face. All that I'm doing is asking you to sit down and think critically about your model. I hope I can do that without sounding dismissive of your concerns. > I've been considering getting an OpenPGP Card, but there are three > reasons I'm reluctant to. The main one is that I want something that > will only do one signature or decryption at a time. That way if my > machine is compromised, I'll only suffer one hit before I'll notice > something's wrong. The OpenPGP card actually gives you a substantial advantage in this situation. Let's say that you're running GnuPG on a PC and I'm able to subvert the box. I put in a keylogger and snarf your passphrase. I also copy your private keyring and mailspool off the box. I can now read your mail without ever touching it, except to copy a couple of files and install a small app. You're none the wiser. Compare this to an OpenPGP card, where I have to find you in a dark alley and have a conversation with your kneecaps to get your card and PIN. You will most probably know that something has happened to you. > There are two other minor issues. I'd prefer my keys be encrypted when > not in use, so that if my device falls into the wrong hands, I won't > have to worry too much. Does the OpenPGP Card encrypt the keys while > stored on the card? To my understanding, the OpenPGP card is tamper-resistant. That's not to say it's tamper-proof, but it would require substantial work to get access. I would not worry too much if your card fell into the wrong hands, unless those wrong hands happen to belong to a First World intelligence service, a major international corporation, or some ambitious CompSci or EE graduate students. > Also, the OpenPGP Card appears to be from a german organization, like > the one that developed the Java Anonymous Proxy, and was forced by the > german government to back door the software. Does the german > government > still consider it legal to force programmers to back door their > software? You do know that Werner Koch, one of the central developers of GnuPG, is German, right? And that GnuPG at one point took some funding (long since spent) from the German government? If you're concerned about Germany involving itself in the crypto software business, you should probably not use GnuPG. That said, I am not concerned about this. > With governments accusing each other of stealing proprietary > info and such Governments accuse each other of stealing classified material. Corporations accuse each other of stealing proprietary material. > Does anyone know if any other democratic governments consider it legal > to force programmers to incorporate back doors? Force? No, I can't think of a single one. Not even the UK's ridiculous Regulation of Investigatory Powers Act (RIPA) went that far. On the other hand, they can certainly attempt to persuade. Patriotism, vanity, greed, fear... there are many ways to motivate someone to cooperate with you. Governments are generally very good at persuasion. From rjh at sixdemonbag.org Mon May 14 13:45:32 2007 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 14 May 2007 06:45:32 -0500 Subject: Old PC as Hardware Security Module? In-Reply-To: <871whjhc1w.fsf@mocca.josefsson.org> References: <46482183.20004@caseyljones.net> <95008D83-261C-4CC8-A1F8-2782CC33FE73@sixdemonbag.org> <871whjhc1w.fsf@mocca.josefsson.org> Message-ID: > What prevents the keylogger in your first example to snarf the PIN > code > for the OpenPGP card and send decryption requests to the OpenPGP card, > using the PIN code, in the background, possibly remotely controlled > over > the network? There exist cryptographic smart cards you can actually be safe against this kind of attack with. They're pretty cool. I don't know if the OpenPGP card is one of them or not, but it's at least possible with a smartcard. It's not possible with a PC-controlled setup--at least, not without a ton of specialized hardware. > I think smart cards in general are somewhat over-rated. You have no > idea what they are signing, and the authorization control (PIN > code) is > easy to get by with a trojan. My objection to smartcards is more on the basis of RSA-1024 being too short for long-term security, but hey. The question isn't whether smart cards are secure--nothing that's got that much RAM and processor power ever is--but whether smart cards are a security improvement. On that one, I think they have the potential to bring substantial amounts of win to certain kinds of environments. To other kinds of environments, they don't. C'est la vie. From groups at caseyljones.net Mon May 14 14:14:22 2007 From: groups at caseyljones.net (Casey Jones) Date: Mon, 14 May 2007 05:14:22 -0700 Subject: Old PC as Hardware Security Module? In-Reply-To: <95008D83-261C-4CC8-A1F8-2782CC33FE73@sixdemonbag.org> References: <46482183.20004@caseyljones.net> <95008D83-261C-4CC8-A1F8-2782CC33FE73@sixdemonbag.org> Message-ID: <4648529E.9050103@caseyljones.net> Robert J. Hansen wrote: >> Does anyone know of software available to make an old PC into something >> like a hardware security module. > > What particular type of HSM do you mean? Basically I'm looking for something that does what the OpenPGP Card does, but with a button to limit signatures and decryptions. It could be implemented as just an application on a regular operating system running on a dedicated computer. I'm not willing to pay for something with intricate physical anti-tampering protection like the typical professional HSMs. I might try making a variation of the open-openpgp-card. My version might be USB or it might be like one of those homemade smart cards that are longer than a regular smart card so they can use a regular thickness microcontroller sticking out on the end. One like that would have room for a button. It would also save me having to boot a separate computer when I wanted to use it. >> I can't stand the thought of storing my private key on my main computer. >> I use my main computer for things like web browsing and email, which I >> think puts its security in serious jeopardy. I think a separate computer >> which has only a single function, would be a valuable increase in >> security. > > I'm assuming you're doing something incredibly high-value, like storing > nuclear weapon release codes or voting data or mortgage contracts or > classified material or... etc. If that's the case, then you need to > talk to a professional and not the sort of more or less anonymous advice > you're likely to get from a mailing list. > > If you're not doing these incredibly high-value things, then you may > want to rethink your threat model. This appears to be excessive > overkill for most threat models I can imagine. It seems to me that there is a very significant chance that my system could get owned some time. I don't think it takes much more than a zero day exploit in Firefox combined with a visit to the wrong site to get rooted. An exploit for Thunderbird in an email could also do it. Or worse, a buffer overflow in the tcp/ip stack like the one in OpenBSD recently. I don't know, but I'd think it would be common practice for a root kit to install a keylogger and to send off copies of the private keys. Does that threat model make me paranoid? I don't think it does, but then paranoids often can't tell. >> I've been considering getting an OpenPGP Card, but there are three >> reasons I'm reluctant to. The main one is that I want something that >> will only do one signature or decryption at a time. That way if my >> machine is compromised, I'll only suffer one hit before I'll notice >> something's wrong. > > The OpenPGP card actually gives you a substantial advantage in this > situation. > > Let's say that you're running GnuPG on a PC and I'm able to subvert the > box. I put in a keylogger and snarf your passphrase. I also copy your > private keyring and mailspool off the box. I can now read your mail > without ever touching it, except to copy a couple of files and install a > small app. You're none the wiser. > > Compare this to an OpenPGP card, where I have to find you in a dark > alley and have a conversation with your kneecaps to get your card and > PIN. You will most probably know that something has happened to you. The OpenPGP Card is a valuable addition to security. But even with the OpenPGP Card, everything encrypted to your key on your computer could be exposed, even by an automated rootkit. And if you get targeted personally, signatures could be made from your key without your authorization. >> There are two other minor issues. I'd prefer my keys be encrypted when >> not in use, so that if my device falls into the wrong hands, I won't >> have to worry too much. Does the OpenPGP Card encrypt the keys while >> stored on the card? > > To my understanding, the OpenPGP card is tamper-resistant. That's not > to say it's tamper-proof, but it would require substantial work to get > access. I would not worry too much if your card fell into the wrong > hands, unless those wrong hands happen to belong to a First World > intelligence service, a major international corporation, or some > ambitious CompSci or EE graduate students. Yes, smart cards have pretty decent tamper protection for a low security application like mine. Although when I read Kommerling and Kuhn's 1999 article http://www.cl.cam.ac.uk/~mgk25/sc99-tamper.pdf I was a little surprised how easily lightly-protected dies can be compromised. >> Also, the OpenPGP Card appears to be from a german organization, like >> the one that developed the Java Anonymous Proxy, and was forced by the >> german government to back door the software. Does the german government >> still consider it legal to force programmers to back door their >> software? > > You do know that Werner Koch, one of the central developers of GnuPG, is > German, right? And that GnuPG at one point took some funding (long > since spent) from the German government? I suspected by his name that he was German. I thought he might be well informed on the issue, and would comment. I'm not too worried about GnuPG because it's open source. But apparently the OpenPGP Card isn't. > If you're concerned about Germany involving itself in the crypto > software business, you should probably not use GnuPG. That said, I am > not concerned about this. What makes you think the German government won't order the OpenPGP Card to be compromised? Either by FSFE or by ZeitControl. Hopefully they've got a law, or at least court precedent against that now. >> With governments accusing each other of stealing proprietary >> info and such > > Governments accuse each other of stealing classified material. > Corporations accuse each other of stealing proprietary material. I heard the EU accused the US of using Echelon to steal designs for windmills. I wouldn't be surprised if lots of countries do such things. From simon at josefsson.org Mon May 14 14:04:46 2007 From: simon at josefsson.org (Simon Josefsson) Date: Mon, 14 May 2007 14:04:46 +0200 Subject: Old PC as Hardware Security Module? In-Reply-To: (Robert J. Hansen's message of "Mon\, 14 May 2007 06\:45\:32 -0500") References: <46482183.20004@caseyljones.net> <95008D83-261C-4CC8-A1F8-2782CC33FE73@sixdemonbag.org> <871whjhc1w.fsf@mocca.josefsson.org> Message-ID: <87bqgnfw69.fsf@mocca.josefsson.org> "Robert J. Hansen" writes: >> What prevents the keylogger in your first example to snarf the PIN >> code >> for the OpenPGP card and send decryption requests to the OpenPGP card, >> using the PIN code, in the background, possibly remotely controlled >> over >> the network? > > There exist cryptographic smart cards you can actually be safe > against this kind of attack with. They're pretty cool. How do they work? I'd expect them to have a button, to authorize signing or decryption, but without a display, you still have no idea what you really sign or decrypt. /Simon From simon at josefsson.org Mon May 14 13:36:27 2007 From: simon at josefsson.org (Simon Josefsson) Date: Mon, 14 May 2007 13:36:27 +0200 Subject: Old PC as Hardware Security Module? In-Reply-To: <95008D83-261C-4CC8-A1F8-2782CC33FE73@sixdemonbag.org> (Robert J. Hansen's message of "Mon\, 14 May 2007 05\:37\:57 -0500") References: <46482183.20004@caseyljones.net> <95008D83-261C-4CC8-A1F8-2782CC33FE73@sixdemonbag.org> Message-ID: <871whjhc1w.fsf@mocca.josefsson.org> "Robert J. Hansen" writes: >> I've been considering getting an OpenPGP Card, but there are three >> reasons I'm reluctant to. The main one is that I want something that >> will only do one signature or decryption at a time. That way if my >> machine is compromised, I'll only suffer one hit before I'll notice >> something's wrong. > > The OpenPGP card actually gives you a substantial advantage in this > situation. > > Let's say that you're running GnuPG on a PC and I'm able to subvert > the box. I put in a keylogger and snarf your passphrase. I also > copy your private keyring and mailspool off the box. I can now read > your mail without ever touching it, except to copy a couple of files > and install a small app. You're none the wiser. > > Compare this to an OpenPGP card, where I have to find you in a dark > alley and have a conversation with your kneecaps to get your card and > PIN. You will most probably know that something has happened to you. What prevents the keylogger in your first example to snarf the PIN code for the OpenPGP card and send decryption requests to the OpenPGP card, using the PIN code, in the background, possibly remotely controlled over the network? Alternatively, if you think remotely controlling the trojan is difficult, let it iterate through your mail spool and send decryption requests to collect all session keys, and then send the mail spool and the session keys to you. I think smart cards in general are somewhat over-rated. You have no idea what they are signing, and the authorization control (PIN code) is easy to get by with a trojan. To be secure with smart cards, I think you'll need a separate single-purpose device that show you what it is going to sign, and signs it only after getting some credential (e.g., PIN), using its own trusted input device. And there should be no caching of the PIN code, or at least authorization should be required when the PIN cache is accessed. The protocol to the single-purpose device would actually be quite similar to what you would use to a 'old PC acting as HSM' device. The protocol is similar to a serialized PKCS#11 interface with the What You See Is What You Sign extensions. /Simon From groups at caseyljones.net Mon May 14 14:28:40 2007 From: groups at caseyljones.net (Casey Jones) Date: Mon, 14 May 2007 05:28:40 -0700 Subject: Old PC as Hardware Security Module? In-Reply-To: <464836F5.7050604@sven-radde.de> References: <46482183.20004@caseyljones.net> <464836F5.7050604@sven-radde.de> Message-ID: <464855F8.40807@caseyljones.net> Sven Radde wrote: > Casey Jones schrieb: >> Does anyone know of software available to make an old PC into something >> like a hardware security module. > > What about Knoppix? > It supports GnuPG and you can easily have your keys on a (dedicated) USB > drive while booting your (regular or dedicated) PC with Knoppix to do > crypto operations. Yes, I'll probably do something like that for a while. It's less convenient because I'll have to be transferring files back and forth manually. But if used with a removeable drive, it would probably be more secure than having it plugged into my main computer by ethernet or serial cable. Especially if I compose and read encrypted messages on it as well. From wk at gnupg.org Mon May 14 15:04:36 2007 From: wk at gnupg.org (Werner Koch) Date: Mon, 14 May 2007 15:04:36 +0200 Subject: Old PC as Hardware Security Module? In-Reply-To: <46482183.20004@caseyljones.net> (Casey Jones's message of "Mon\, 14 May 2007 01\:44\:51 -0700") References: <46482183.20004@caseyljones.net> Message-ID: <87iravwo7v.fsf@wheatstone.g10code.de> On Mon, 14 May 2007 10:44, groups at caseyljones.net said: > something's wrong. Can the OpenPGP Card be set to do one operation per > pin entry when used with a card reader that has a keypad? This seems Yes, use the command "forcesig" in the --card-edit menu to toggle this feature. However it does not help you if the host has been compromised and the admin PIN is know. You can always bypass the requirement to use the keypad. With some social engineering this make it easy to get control over the card. > software. It seems the OpenPGP Card relies on the proprietary BasicCard > operating system. Finally, it looks like the OpenPGP Card costs about That is indeed very unfortunate but we have found no other way to deliver a fast card. For allmost all fast chips you need to sign an NDA which does not allow you to implement a fully free solution. Building your own chip is possible but they would be very expensive. And no, a Java Card does not help securitwise as you don't have access to the firmware. > 26.4 Euros (about $36) shipped from Europe. That's a little high for me > right now. What about an aggregated order or to figure out a company in the US to distribute the cards? > not in use, so that if my device falls into the wrong hands, I won't > have to worry too much. Does the OpenPGP Card encrypt the keys while > stored on the card? No, that does not make sense - the standard security features of the chip are employed to make probing the chip difficult and expensive. > Also, the OpenPGP Card appears to be from a german organization, like That is not correct. I have developed the specs along with Achim Peitig of a Paderborn card vendor. Achim wrote the implementation. It was done all on our own money and for our fun. Only later the BSI (The German federal IT security agency) mentioned this card as a good example of a usable smart card without vendor lock in. > the one that developed the Java Anonymous Proxy, and was forced by the > german government to back door the software. Does the german government JAP has not been backdoored but the organisations running a JAP server have the ability to log the IP addresses. The case you have in mind is that the lists of IP addresses have been handed over to the prosecution authorities. IIRC, they have not been forced to do this but did this voluntary. That is basically the same as with a TOR server: It is possible to log things to help the prosecution but no sane person wouild do this. My company is running a heavy loaded exit node (allium.gnupg.org) and we get about one request a fortnight to tell the IP address. Obviously we don't do that and usually a few minutes talk is today sufficient to explain them that this is an anoymizer server and that there is no chance to get to the IP address of the previous node. > still consider it legal to force programmers to back door their > software? I heard they were appealing it, but I never heard how that There is no way to force backdoors in software. Only ISPs (larger than about 1000 clients) are required to have that expensive wiretapping rig available - in case of a court order to set one. And well, they need to keep the client name and the assigned IP addrersses on file for too much time. But that has nothing to do with beeing forced to backdoor software. > Does anyone know if any other democratic governments consider it legal > to force programmers to incorporate back doors? Before answering that we need to agree on what countries are still democratic ;-) Shalom-Salam, Werner From groups at caseyljones.net Mon May 14 16:15:10 2007 From: groups at caseyljones.net (Casey Jones) Date: Mon, 14 May 2007 07:15:10 -0700 Subject: Old PC as Hardware Security Module? In-Reply-To: <87iravwo7v.fsf@wheatstone.g10code.de> References: <46482183.20004@caseyljones.net> <87iravwo7v.fsf@wheatstone.g10code.de> Message-ID: <46486EEE.4020209@caseyljones.net> Werner Koch wrote: > On Mon, 14 May 2007 10:44, groups at caseyljones.net said: >> something's wrong. Can the OpenPGP Card be set to do one operation per >> pin entry when used with a card reader that has a keypad? This seems > > Yes, use the command "forcesig" in the --card-edit menu to toggle this > feature. However it does not help you if the host has been compromised > and the admin PIN is know. You can always bypass the requirement to use > the keypad. With some social engineering this make it easy to get > control over the card. That sounds great. If I understand correctly, you rarely need to use the admin PIN, so it would be unlikely to be compromised. For example you could use the admin pin only after booting from a CD. >> not in use, so that if my device falls into the wrong hands, I won't >> have to worry too much. Does the OpenPGP Card encrypt the keys while >> stored on the card? > > No, that does not make sense - the standard security features of the > chip are employed to make probing the chip difficult and expensive. Why doesn't it make sense? The chip's security features make it fairly secure. But having the keys encrypted on the card would make it highly secure. As long as the passphrase hadn't been captured, like after being lost, stolen, or confiscated. >> Also, the OpenPGP Card appears to be from a german organization, like > > That is not correct. I have developed the specs along with Achim Peitig > of a Paderborn card vendor. Achim wrote the implementation. It was > done all on our own money and for our fun. Only later the BSI (The > German federal IT security agency) mentioned this card as a good example > of a usable smart card without vendor lock in. Can the person who loads the software onto the cards be given orders by the German court? >> the one that developed the Java Anonymous Proxy, and was forced by the >> german government to back door the software. Does the german government > > JAP has not been backdoored but the organisations running a JAP server > have the ability to log the IP addresses. OK, not backdoored, just compromised. > The case you have in mind is > that the lists of IP addresses have been handed over to the prosecution > authorities. IIRC, they have not been forced to do this but did this > voluntary. According to this article http://www.theregister.co.uk/2003/08/21/net_anonymity_service_backdoored/ it was mandated by the courts. ...the JAP team replied to the thread, admitting that there is now a "crime detection function" in the system mandated by the courts. But they defended their decision: "What was the alternative? Shutting down the service? The security apparatchiks would have appreciated that - anonymity in the Internet and especially AN.ON are a thorn in their side anyway." > That is basically the same as with a TOR server: It is > possible to log things to help the prosecution but no sane person wouild > do this. Are the authors of the Java Anonymous Proxy not sane? If they would do it, why not ZeitControl? > My company is running a heavy loaded exit node > (allium.gnupg.org) and we get about one request a fortnight to tell the > IP address. Obviously we don't do that and usually a few minutes talk > is today sufficient to explain them that this is an anoymizer server and > that there is no chance to get to the IP address of the previous node. What will you do if the court orders you to turn on logging, hand over the logs, and keep it secret? From bahamut at digital-signal.net Mon May 14 16:32:10 2007 From: bahamut at digital-signal.net (Andrew Berg) Date: Mon, 14 May 2007 09:32:10 -0500 Subject: Old PC as Hardware Security Module? In-Reply-To: <95008D83-261C-4CC8-A1F8-2782CC33FE73@sixdemonbag.org> References: <46482183.20004@caseyljones.net> <95008D83-261C-4CC8-A1F8-2782CC33FE73@sixdemonbag.org> Message-ID: <464872EA.1090901@digital-signal.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Robert J. Hansen wrote: >> I've been considering getting an OpenPGP Card, but there are >> three reasons I'm reluctant to. The main one is that I want >> something that will only do one signature or decryption at a >> time. That way if my machine is compromised, I'll only suffer one >> hit before I'll notice something's wrong. > > The OpenPGP card actually gives you a substantial advantage in this > situation. > > Let's say that you're running GnuPG on a PC and I'm able to subvert > the box. I put in a keylogger and snarf your passphrase. I also > copy your private keyring and mailspool off the box. I can now > read your mail without ever touching it, except to copy a couple of > files and install a small app. You're none the wiser. > > Compare this to an OpenPGP card, where I have to find you in a dark > alley and have a conversation with your kneecaps to get your card > and PIN. You will most probably know that something has happened > to you. If you have enough physical access and time to compromise a Linux box, install a stealthy keylogger and then harvest the logs at a later time, all without being caught, I think you can snoop around and find the card and compromise it. Then again, I don't see how you would have access to the mail if you get the card and its PIN, even if you don't get caught, without access to either box or the mailserver of the email provider assigned to your victim (and in the case of the latter, you'd only likely have access to new mails anyway). -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEVAwUBRkhy6viOA0Bgp4/LAQMD1QgA0b/+0Snz4UH/7McPZ6L0jMbzOmfyTq01 FfYkrVDRSJ4bAW2J63FAedJ/gEdNisyNgu76I6rsTB1WTg3bKQ3t8NkqauRBRUEn bXnAkMH952kNCPaoNNDfLsVBkRb5buXYQTJGXqR6Cji/VY2b+IMwAMQC45bGgHBK T/N3TZ6imuwG80pmha48StRdyXdXS3YYH7m6ZswAWnzl4P8EleMSUe6nyCarPTeN 3R3g2rvPjQLLA2gIR6lxL4A//g+Un7lwvegdsSNgzoA3mIePKmpAdPwiIAESPqYL aRRozgseOjXnt5ip8Z0oBAJnt4+xaQ16NvI38LaCt0rc+eP21BNixw== =W5n1 -----END PGP SIGNATURE----- From grove.jane at gmail.com Mon May 14 17:07:39 2007 From: grove.jane at gmail.com (jane grove) Date: Mon, 14 May 2007 10:07:39 -0500 Subject: Encrypt with key ID In-Reply-To: <46452481.4050802@tx.rr.com> References: <46452481.4050802@tx.rr.com> Message-ID: Thanks, John. However, when I use the command "gpg --batch -ea -r keyid filename", I got an "encryption failed: unusable public key" error message. Interestingly, when I use the command without batch mode like "gpg -ea -r keyid filename", I'm able to encrypt the file. So the batch mode is having problems. How can I encrypt the file using recipient public keyid correctly in batch mode? Thanks, On 5/11/07, John Clizbe wrote: > jane grove wrote: > > Hello, > > What is the GPG command to use a recipient's key ID to encrypt files? > > I tried the following command but it didn't work: > > gpg --batch -ea filename keyid > > Almost... > > gpg --batch -ea -r keyid filename > > repeat -r as often as needed. > > > > -- > John P. Clizbe Inet: John (a) Mozilla-Enigmail.org > You can't spell fiasco without SCO. PGP/GPG KeyID: 0x608D2A10/0x18BB373A > "what's the key to success?" / "two words: good decisions." > "what's the key to good decisions?" / "one word: experience." > "how do i get experience?" / "two words: bad decisions." > > "Just how do the residents of Haiku, Hawai'i hold conversations?" > > > From me at psmay.com Mon May 14 18:28:07 2007 From: me at psmay.com (Peter S. May) Date: Mon, 14 May 2007 12:28:07 -0400 Subject: Secure text editor? In-Reply-To: <46446746.4000502@digitalbrains.com> References: <46446746.4000502@digitalbrains.com> Message-ID: <46488E17.3040209@psmay.com> Peter Lebbing wrote: > I want to have a text file with personal data in it, which I encrypt to > myself, and decrypt to view and edit. However, to do that securely, I need > an editor which will not leak the text in any way, so locking it's pages in > memory so they won't be swapped out, and other angles of attack. > ... > My workstation runs Windows, but I think I would prefer a tool that works > under Linux too (possibly under Cygwin in Windows). Some of the other respondents so far seem to have missed the part where you mentioned locking pages in memory. I've been curious about this myself; is there any text editor in existence that locks itself from being paged out to the swap space? If there isn't, why not? Anyway, my guess is that no such self-contained Windows-based solution exists, since even gpg can't lock its memory in Windows. It would be a lot more _possible_ to make one for a Linux-based system, but I haven't heard of one myself. Either way, I thought I'd heard somewhere that even locked memory can get written to disk if the operator decides to enter hibernate mode... (Developers familiar with swap-locked memory: I'd appreciate at least a short explanation of how it works to someone who understands ISO C but not necessarily OS-specific APIs. Can stack memory be locked, or only heap memory? Would there be any way to load a whole, full-featured text editor, such as the 1.8MiB vim on my machine, entirely into locked RAM without screwing something up?) As one of the other readers noted, however, one way to counteract any such problem is to install a whole-disk encryption solution. That way, even if what you've got is paged out to disk, nobody can get to it while the machine is off. I can think of imperfections with this system as well, but they're not terribly significant. On Linux, swap space is its own partition, which makes it possible to do crazier things with it, such as run whole-volume encryption on the partition with a session key randomly generated at each startup--so that the moment you shut down it becomes garbage even if you don't shut down properly. I myself simply make sure I have a filesystem on my machine that's capable of causing shred -uz to work as prescribed (ext3 with no journaling) and give the swap partition an occasional stir with shred. Anyone who can get past that is fairly likely to be able to do worse things with my system. (A script I wrote and still use acts a whole lot like crontab, complete with -l and -e flags: It consults mktemp for a filename to use, decrypts to it, runs whatever is in my VISUAL/EDITOR env on it, signs and re-encrypts back to its original location, and runs shred -uz on the temp file. It's not leakproof, but it at least makes attacks nontrivial. It makes a handy password stasher and has singlehandedly broken my habit of using anything but randomly-generated passwords on most websites. :-D Needless to say, this isn't a smart thing to do unless the encrypted file is backed up regularly...) Anyway, decide how likely or unlikely an attack is before expending too much effort on this one. :-) M2C PSM -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 252 bytes Desc: OpenPGP digital signature Url : /pipermail/attachments/20070514/9feff17b/attachment-0001.pgp From zvrba at globalnet.hr Mon May 14 16:21:54 2007 From: zvrba at globalnet.hr (Zeljko Vrba) Date: Mon, 14 May 2007 16:21:54 +0200 Subject: Old PC as Hardware Security Module? In-Reply-To: References: <46482183.20004@caseyljones.net> <95008D83-261C-4CC8-A1F8-2782CC33FE73@sixdemonbag.org> <871whjhc1w.fsf@mocca.josefsson.org> Message-ID: <87zm471o59.fsf@globalnet.hr> "Robert J. Hansen" writes: >> >> What prevents the keylogger in your first example to snarf the PIN >> code >> for the OpenPGP card and send decryption requests to the OpenPGP card, >> using the PIN code, in the background, possibly remotely controlled >> over >> the network? > > There exist cryptographic smart cards you can actually be safe > against this kind of attack with. They're pretty cool. I don't know > Smart-card has nothing to do with it. It's the OS who has to defend against such type of attack. AFAIK, no wide-spread OS does it today. On linux, you can strace any application and see all I/O done by the program. On Windows you have even more powerful debugging/interception API. Windows is slightly better here because an administrator can revoke the "Debug Privilege" from a user account. Thus, the user can't debug its own programs, but neither the trojans can, so it makes running sensitive applications slightly safer. As long as OS allows ptrace/equivalent calls which inspect and modify data and code in another process, there's NO WAY to prevent this attack. Not even separate PIN entry device helps, because the trojan may still attach itself to (eg.) GnuPG executable and modify data (eg. to-be signed hash) in memory before it's sent to the smart-card. Intel had once a whitepaper on LaGrande technology where every application would be cryptographically protected *in hardware* from any other application. Each app would have cryptographically protected channel with I/O devices, and even memory regions. Such environment would fully protect applications like GnuPG. But, AFAIK, it remained only a whitepaper. > > The question isn't whether smart cards are secure--nothing that's got > that much RAM and processor power ever is--but whether smart cards > are a security improvement. > My personal opinion is that, at the current state of "security" in today's OS-es, smart cards give just a false sense of security in typical usage scenarios (= when used on a general-purpose, networked workstation). From rjh at sixdemonbag.org Mon May 14 18:37:21 2007 From: rjh at sixdemonbag.org (Robert J. Hansen) Dat