From gantner at gmail.com Wed Jul 1 15:05:40 2009 From: gantner at gmail.com (Matt Gantner) Date: Wed, 1 Jul 2009 09:05:40 -0400 Subject: My public key block appears different on keyservers Message-ID: <6dd5b9ac0907010605y65b8b39ak2b3577e9191c9e89@mail.gmail.com> Hello. I have uploaded my public key (GnuPG v2.0.10 (Darwin)) via command line and copy / paste methods into keys.gnupg.net and pgpkeys.mit.edu and when I look up the key on the systems they are different. I have been looking at this problem for a few days and uploading my keys to servers. So far none have shown me the same key that I produce on my machine. Here are the public keys with enough info to see the difference. keys.gnupg.net: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: SKS 1.1.0 mQGiBEhZtL8RBACqrmsYj2U7VxEyWW36DLXfCt2qoRewdmT++GvUfYyu9RN3d2nK44SmxKFw 8uCa1WspSZuYpbDlS14y+4Ar4wf89DW5M7LF602v5uym4e6NiajT+q9DCi6P+wvLIFftgR7R . . . /shVjyh/iu7Bx2Lmqe/XmaliMw== =r14a -----END PGP PUBLIC KEY BLOCK----- keypgp.mit.edu -----BEGIN PGP PUBLIC KEY BLOCK----- Version: PGP Key Server 0.9.6 mQGiBEhZtL8RBACqrmsYj2U7VxEyWW36DLXfCt2qoRewdmT++GvUfYyu9RN3d2nK 44SmxKFw8uCa1WspSZuYpbDlS14y+4Ar4wf89DW5M7LF602v5uym4e6NiajT+q9D . . . bvyUKtbqAKCRbg0KVNDbvJJh8QBAioR0MF9MkACfZP7IVY8of4ruwcdi5qnv15mp YjM= =KWPX -----END PGP PUBLIC KEY BLOCK----- this is my public from my computer: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v2.0.10 (Darwin) mQGiBECfWS8RBADGQWXHmjwFI4cjg3J72/vtclQPUOLV+9JjBjwqZSvXjjABiuqG 6d72S/+s3NgT7Ou1dtFm9ZgbZNNl4IWZsFXkpYIV3OTU2Q56aV9JWJ5kD2XYKCUX . . . 0QCePWCt+1K/qeHQvn/3k6d9UBToYIw= =OCgw -----END PGP PUBLIC KEY BLOCK----- I have tried looking for a reason why this might be and my hypothesis is that the key server software is determining my public key based on it's coding and hence the differences. Have I mucked something up somewhere? Thanks for any suggestions or pointers to information. I appreciate it. From dshaw at jabberwocky.com Wed Jul 1 16:15:48 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Wed, 1 Jul 2009 10:15:48 -0400 Subject: My public key block appears different on keyservers In-Reply-To: <6dd5b9ac0907010605y65b8b39ak2b3577e9191c9e89@mail.gmail.com> References: <6dd5b9ac0907010605y65b8b39ak2b3577e9191c9e89@mail.gmail.com> Message-ID: On Jul 1, 2009, at 9:05 AM, Matt Gantner wrote: > Hello. > > I have uploaded my public key (GnuPG v2.0.10 (Darwin)) via command > line and copy / paste methods into keys.gnupg.net and pgpkeys.mit.edu > and when I look up the key on the systems they are different. I have > been looking at this problem for a few days and uploading my keys to > servers. So far none have shown me the same key that I produce on my > machine. Not a bug or a problem. OpenPGP keys can be represented in many different, but functionally equivalent, ways. Different keyservers may choose different packet length types, etc. In your particular case, it looks like they just chose different places to place line breaks in the ascii output. David From jesse200808+gpg-users at gmail.com Wed Jul 1 18:15:55 2009 From: jesse200808+gpg-users at gmail.com (Jesse Cheung) Date: Thu, 2 Jul 2009 00:15:55 +0800 Subject: My public key block appears different on keyservers In-Reply-To: References: <6dd5b9ac0907010605y65b8b39ak2b3577e9191c9e89@mail.gmail.com> Message-ID: <48b394a90907010915y70163c7dhf7476d7ea06996ac@mail.gmail.com> On Wed, Jul 1, 2009 at 10:15 PM, David Shaw wrote: > Not a bug or a problem. ?OpenPGP keys can be represented in many different, > but functionally equivalent, ways. ?Different keyservers may choose > different packet length types, etc. ?In your particular case, it looks like > they just chose different places to place line breaks in the ascii output. Hi David, that newline-placement was my first guess, but a closer look at the final three bytes (is that a CRC checksum ?) seems to tell a different story... Maybe the packet lengths are different? I know hardly anything about that detail > > David From steveo at syslang.net Wed Jul 1 21:01:58 2009 From: steveo at syslang.net (Steven W. Orr) Date: Wed, 01 Jul 2009 15:01:58 -0400 Subject: Helping a friend setting up with gpg and gpgoe Message-ID: <4A4BB2A6.3070406@syslang.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I got my friend to install WinPT which seems to include GnuPG. He created his keypair. He received my key and signed my key. He sent me my key back and he also sent me his key which I then signed and sent back to him. So far, so good. When he tried to send me a test message that was encrypted and signed, I had a problem. gpg command line and output:,/usr/bin/gpg2 --charset utf8 --batch --no-tty - --status-fd 2 -d --use-agent ,gpg: CRC error; 75B297 - DC375B,gpg: quoted printable character in armor - probably a buggy MTA has been used I then took the message and put it in its own file and re-ran the command: /usr/bin/gpg2 --charset utf8 --batch --no-tty --status-fd 2 -d \ --use-agent < msg Here's the output: [GNUPG:] ENC_TO 365AF334C8DCF2FD 16 0 [GNUPG:] USERID_HINT 365AF334C8DCF2FD Steven W. Orr [GNUPG:] NEED_PASSPHRASE 365AF334C8DCF2FD 448572E1F0BE3724 16 0 [GNUPG:] GOOD_PASSPHRASE gpg: encrypted with 2048-bit ELG key, ID C8DCF2FD, created 2009-05-01 "Steven W. Orr " [GNUPG:] BEGIN_DECRYPTION [GNUPG:] PLAINTEXT 62 1246469472 [GNUPG:] PLAINTEXT_LENGTH 5 ouyeegpg: Signature made Wed Jul 1 13:31:12 2009 EDT using DSA key ID 2DEAE0D9 [GNUPG:] SIG_ID 66jyI28aSXZdKfZZHPYxaaB6rxI 2009-07-01 1246469472 [GNUPG:] GOODSIG $fingerprint_and_address gpg: Good signature from $address [GNUPG:] VALIDSIG 39D66598BCB7627A7C232C3069F3AAFF2DEAE0D9 2009-07-01 1246469472 0 4 0 17 2 00 39D66598BCB7627A7C232C3069F3AAFF2DEAE0D9 [GNUPG:] TRUST_FULLY [GNUPG:] DECRYPTION_OKAY [GNUPG:] GOODMDC [GNUPG:] END_DECRYPTION Is there something obvious that he needs to do? Does he have to send 7-bit ASCII? I'm not sure how to proceed. TIA - -- Time flies like the wind. Fruit flies like a banana. Stranger things have .0. happened but none stranger than this. Does your driver's license say Organ ..0 Donor?Black holes are where God divided by zero. Listen to me! We are all- 000 individuals! What if this weren't a hypothetical question? steveo at syslang.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkpLsqYACgkQRIVy4fC+NyRYzwCfe54jIJeeOov4uCPLe9bZqc0k 1PUAn2LcDLCV9kmkoaoxEX6yTnCMRlrh =YPfP -----END PGP SIGNATURE----- From karlis.repsons at gmail.com Wed Jul 1 21:26:13 2009 From: karlis.repsons at gmail.com (=?utf-8?q?K=C4=81rlis_Repsons?=) Date: Wed, 1 Jul 2009 19:26:13 +0000 Subject: Anyone afraid of quantum computer? Message-ID: <200907011926.17448.Karlis.Repsons@gmail.com> Hello, its more a curiosity for me now, but I remember one university lecturer saying, that successful quantum computer would make public key cryptography useless. Some experiment here: http://www.physorg.com/news165418586.html Opinions on if we are likely to experience it, the public key demise? K. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: From rjh at sixdemonbag.org Wed Jul 1 23:22:13 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Wed, 01 Jul 2009 17:22:13 -0400 Subject: Anyone afraid of quantum computer? In-Reply-To: <200907011926.17448.Karlis.Repsons@gmail.com> References: <200907011926.17448.Karlis.Repsons@gmail.com> Message-ID: <4A4BD385.2020008@sixdemonbag.org> K?rlis Repsons wrote: > Opinions on if we are likely to experience it, the public key demise? Our largest superpositional computer can store about five qubits. We'd need to hit about 5000 qubits before public key cryptography would be in trouble, and about 10000 qubits before it would be in a lot of trouble. Once you see IBM put together a 3000-qubit computer, then will be the time to start worrying about public-key cryptography. At present, superpositional computation is science fiction. From jbruni at me.com Wed Jul 1 23:27:20 2009 From: jbruni at me.com (Joseph Oreste Bruni) Date: Wed, 01 Jul 2009 14:27:20 -0700 Subject: Anyone afraid of quantum computer? In-Reply-To: <200907011926.17448.Karlis.Repsons@gmail.com> References: <200907011926.17448.Karlis.Repsons@gmail.com> Message-ID: <4050E0E6-7C26-484D-82A9-1C754A49ECBB@me.com> On Jul 1, 2009, at 12:26 PM, K?rlis Repsons wrote: > Hello, > its more a curiosity for me now, but I remember one university > lecturer > saying, that successful quantum computer would make public key > cryptography > useless. Some experiment here: > http://www.physorg.com/news165418586.html > Opinions on if we are likely to experience it, the public key demise? More practically, harnessing the GPU's via something like OpenCL is probably closer to reality. From jan.suhr at privacyfoundation.de Thu Jul 2 00:43:25 2009 From: jan.suhr at privacyfoundation.de (Jan Suhr) Date: Thu, 02 Jul 2009 00:43:25 +0200 Subject: gpg2 does not detect smart card adapter Message-ID: <4A4BE68D.6030105@privacyfoundation.de> Hi! I am using the OpenPGP Card with a "Gemplus GemPC Twin 00 00" smart card adapter and it works fine with gnupg 1. But gnupg 2 does not find my smart card adapter and tells me "OpenPGP Karte ist nicht vorhanden: Umbekanntes IPC Kommando" (OpenPGP card ist not available: unknown IPC command). My system is Ubuntu and I used its gnupg(1) and gnupg2 packages. Also removing libccid and pcscd did not help. Any idea how to fix it? From steveo at syslang.net Thu Jul 2 03:57:02 2009 From: steveo at syslang.net (Steven W. Orr) Date: Wed, 01 Jul 2009 21:57:02 -0400 Subject: Solved: Helping a friend setting up with gpg and gpgoe In-Reply-To: <4A4BB2A6.3070406@syslang.net> References: <4A4BB2A6.3070406@syslang.net> Message-ID: <4A4C13EE.3050108@syslang.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 07/01/09 15:01, quoth Steven W. Orr: > I got my friend to install WinPT which seems to include GnuPG. He created his > keypair. He received my key and signed my key. He sent me my key back and he > also sent me his key which I then signed and sent back to him. So far, so good. > > When he tried to send me a test message that was encrypted and signed, I had a > problem. > > gpg command line and output:,/usr/bin/gpg2 --charset utf8 --batch --no-tty > --status-fd 2 -d --use-agent ,gpg: CRC error; 75B297 - DC375B,gpg: quoted > printable character in armor - probably a buggy MTA has been used > > I then took the message and put it in its own file and re-ran the command: > > /usr/bin/gpg2 --charset utf8 --batch --no-tty --status-fd 2 -d \ > --use-agent < msg > > Here's the output: > > [GNUPG:] ENC_TO 365AF334C8DCF2FD 16 0 > [GNUPG:] USERID_HINT 365AF334C8DCF2FD Steven W. Orr > [GNUPG:] NEED_PASSPHRASE 365AF334C8DCF2FD 448572E1F0BE3724 16 0 > [GNUPG:] GOOD_PASSPHRASE > gpg: encrypted with 2048-bit ELG key, ID C8DCF2FD, created 2009-05-01 > "Steven W. Orr " > [GNUPG:] BEGIN_DECRYPTION > [GNUPG:] PLAINTEXT 62 1246469472 > [GNUPG:] PLAINTEXT_LENGTH 5 > ouyeegpg: Signature made Wed Jul 1 13:31:12 2009 EDT using DSA key ID 2DEAE0D9 > [GNUPG:] SIG_ID 66jyI28aSXZdKfZZHPYxaaB6rxI 2009-07-01 1246469472 > [GNUPG:] GOODSIG $fingerprint_and_address > gpg: Good signature from $address > [GNUPG:] VALIDSIG 39D66598BCB7627A7C232C3069F3AAFF2DEAE0D9 2009-07-01 > 1246469472 0 4 0 17 2 00 39D66598BCB7627A7C232C3069F3AAFF2DEAE0D9 > [GNUPG:] TRUST_FULLY > [GNUPG:] DECRYPTION_OKAY > [GNUPG:] GOODMDC > [GNUPG:] END_DECRYPTION > > Is there something obvious that he needs to do? Does he have to send 7-bit > ASCII? I'm not sure how to proceed. > > TIA > I was able to solve the problem. I'm replying to the list for everyone and for all future generations. He was sending text and html as separate attachments. For reasons that are not completely clear to me, I was able to verify and decrypt the message from inside Thunderbird/Enigma by selecting: View->Message Body As->Plain text. So, people shou7ld always *send* plain text, but in case they don't, this trick may help the situation. - -- Time flies like the wind. Fruit flies like a banana. Stranger things have .0. happened but none stranger than this. Does your driver's license say Organ ..0 Donor?Black holes are where God divided by zero. Listen to me! We are all- 000 individuals! What if this weren't a hypothetical question? steveo at syslang.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkpME+0ACgkQRIVy4fC+NySB1ACePLJLgztm8GpjRX9a1PQPPziy fz4AniWMr9tBxdOyvImLfobLB7w/gcRk =Za8J -----END PGP SIGNATURE----- From jmoore3rd at bellsouth.net Thu Jul 2 05:09:14 2009 From: jmoore3rd at bellsouth.net (John W. Moore III) Date: Wed, 01 Jul 2009 23:09:14 -0400 Subject: Solved: Helping a friend setting up with gpg and gpgoe In-Reply-To: <4A4C13EE.3050108@syslang.net> References: <4A4BB2A6.3070406@syslang.net> <4A4C13EE.3050108@syslang.net> Message-ID: <4A4C24DA.2090804@bellsouth.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Steven W. Orr wrote: > He was sending text and html as separate attachments. For reasons that are > not completely clear to me, I was able to verify and decrypt the message from > inside Thunderbird/Enigma by selecting: View->Message Body As->Plain text. > > So, people shou7ld always *send* plain text, but in case they don't, this > trick may help the situation. This is because switching Thunderbird's View Setting to Plaintext is actually telling the MUA to 'convert' to plaintext which strips out _all_ HTML character encoding. This is a Thunderbird Setting and not an Enigmail Setting. It is for the benefit of folks who desire to never Open HTML Email. JOHN ;) Timestamp: Wednesday 01 Jul 2009, 23:08 --400 (Eastern Daylight Time) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10-svn5046: (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: http://www.gswot.org Comment: Personal Web Page: http://tinyurl.com/yzhbhx iQEcBAEBCgAGBQJKTCTXAAoJEBCGy9eAtCsPoO8H/1EUcR1bM1qA2cO8jddAY64J MEMIMZrHduS2qEVaE82AJa6P2Uv4eI8WVa9IZYWIYNHR/K1BKVqG5bRk8YYXNxWB 2xy+Jb5Ks8qI+8xYtLi11OkOp6Y8Bb3WU9K9emKCAe7+SKP+cUQarIsnTYvPLk/J gjqaLlHJKl8X3O8dpSQRwA9pO8HCmw+fIlWuH22cNHOtl5jb5hy//+9OpKctSsHX ZSh2eassbQrMJC8pN/1Q8Jv9WPXDlmf9xJZnmQVMyOkgT5SBQlIziRwKRZqxh2Ca A0EymtlDbVVyOc8EeBF6EMDCVo+SDFRXv7ejBkmjXViaFr3DIPKW+KGlAs9Z6Zk= =SRbn -----END PGP SIGNATURE----- From wk at gnupg.org Thu Jul 2 11:14:38 2009 From: wk at gnupg.org (Werner Koch) Date: Thu, 02 Jul 2009 11:14:38 +0200 Subject: gpg2 does not detect smart card adapter In-Reply-To: <4A4BE68D.6030105@privacyfoundation.de> (Jan Suhr's message of "Thu, 02 Jul 2009 00:43:25 +0200") References: <4A4BE68D.6030105@privacyfoundation.de> Message-ID: <874otva1kx.fsf@wheatstone.g10code.de> On Thu, 2 Jul 2009 00:43, jan.suhr at privacyfoundation.de said: > smart card adapter and tells me "OpenPGP Karte ist nicht vorhanden: > Umbekanntes IPC Kommando" (OpenPGP card ist not available: unknown IPC > command). My system is Ubuntu and I used its gnupg(1) and gnupg2 packages. Is the gpg-agent running? Run "gpg-agent" and it will tell you. Is the scdaemon installed? Run gpg-connect-agent 'SCD getinfo version' /bye This should display the version number of the scdaemon. Check permissions of the reader (/dev/bus/usb/NNN/MMM), you need to have write access If that is all fine, you need to enable debugging: Add these lines to ~/.gnupg/scdaemon.conf: debug 1024 debug 2048 log-file /foo/bar/scdaemon.log Restart scdaemon (Use "kill" or with the latest GnuPG versions: "gpgconf--reload scdaemon"). Salam-Shalom, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. From gantner at gmail.com Thu Jul 2 14:36:14 2009 From: gantner at gmail.com (Matt Gantner) Date: Thu, 2 Jul 2009 08:36:14 -0400 Subject: My public key block appears different on keyservers In-Reply-To: References: <6dd5b9ac0907010605y65b8b39ak2b3577e9191c9e89@mail.gmail.com> Message-ID: <6dd5b9ac0907020536v8b9b81y966d8f92f3039519@mail.gmail.com> I'm not terribly familiar PNG or GPG keys so bear with me. I am understanding your statement to be saying that the two keys are really the same asci text but the line breaks make them appear to be different. To test that I ran diff on the two keys and they are completely different text. Every line was different. So I am falling back to my theory that the key server software appears to make the public key different by the nature of its encoding when uploaded. I managed to set another computer up, with a second gpg identity. I encoded a message to my first identity using a public key from the gnupgp keyserver and was able to decrypt it successfully. So despite the variation in the asci text and length of the public key works. I am still curious however and wonder if anyone has a theory why these public keys change depending on the key server? Thanks for the responses and help. On Wed, Jul 1, 2009 at 10:15, David Shaw wrote: > On Jul 1, 2009, at 9:05 AM, Matt Gantner wrote: > >> Hello. >> >> I have uploaded my public key (GnuPG v2.0.10 (Darwin)) via command >> line and copy / paste methods into keys.gnupg.net and pgpkeys.mit.edu >> and when I look up the key on the systems they are different. I have >> been looking at this problem for a few days and uploading my keys to >> servers. So far none have shown me the same key that I produce on my >> machine. > > Not a bug or a problem. ?OpenPGP keys can be represented in many different, > but functionally equivalent, ways. ?Different keyservers may choose > different packet length types, etc. ?In your particular case, it looks like > they just chose different places to place line breaks in the ascii output. > > David > > From dshaw at jabberwocky.com Thu Jul 2 14:48:00 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Thu, 2 Jul 2009 08:48:00 -0400 Subject: My public key block appears different on keyservers In-Reply-To: <6dd5b9ac0907020536v8b9b81y966d8f92f3039519@mail.gmail.com> References: <6dd5b9ac0907010605y65b8b39ak2b3577e9191c9e89@mail.gmail.com> <6dd5b9ac0907020536v8b9b81y966d8f92f3039519@mail.gmail.com> Message-ID: <42AD130B-50A0-4299-933A-169004FC7972@jabberwocky.com> On Jul 2, 2009, at 8:36 AM, Matt Gantner wrote: > I'm not terribly familiar PNG or GPG keys so bear with me. > > I am understanding your statement to be saying that the two keys are > really the same asci text but the line breaks make them appear to be > different. No. I'm saying that line breaks are one of many ways that they can look different. On casual glance, it looked like that was the only difference. > To test that I ran diff on the two keys and they are completely > different text. Every line was different. So I am falling back to my > theory that the key server software appears to make the public key > different by the nature of its encoding when uploaded. > > I managed to set another computer up, with a second gpg identity. I > encoded a message to my first identity using a public key from the > gnupgp keyserver and was able to decrypt it successfully. So despite > the variation in the asci text and length of the public key works. > > I am still curious however and wonder if anyone has a theory why these > public keys change depending on the key server? As I said, OpenPGP keys can be represented in many different but functionally equivalent, ways. Different keyservers may choose different packet length types, etc. To torture an analogy, it's like the difference between "10" and "ten". They mean the same thing, but aren't literal matches for each other. There is no particular requirement that same key exported from two different servers match. Forget keyservers in fact - there is no particular requirement that the key file you import to GPG is the same key file you get on export. Like with the keyservers, it's the same key. It's just been rewritten. Don't worry about it. It's not a bug, and it's not a problem. David From dave.smith at st.com Thu Jul 2 15:00:15 2009 From: dave.smith at st.com (David SMITH) Date: Thu, 2 Jul 2009 14:00:15 +0100 Subject: My public key block appears different on keyservers In-Reply-To: <6dd5b9ac0907020536v8b9b81y966d8f92f3039519@mail.gmail.com> References: <6dd5b9ac0907010605y65b8b39ak2b3577e9191c9e89@mail.gmail.com> <6dd5b9ac0907020536v8b9b81y966d8f92f3039519@mail.gmail.com> Message-ID: <20090702130015.GD28779@bristol.st.com> On Thu, Jul 02, 2009 at 08:36:14AM -0400, Matt Gantner wrote: > I'm not terribly familiar PNG or GPG keys so bear with me. > > I am understanding your statement to be saying that the two keys are > really the same asci text but the line breaks make them appear to be > different. > > To test that I ran diff on the two keys and they are completely > different text. Every line was different. So I am falling back to my > theory that the key server software appears to make the public key > different by the nature of its encoding when uploaded. If you look at the two keys you posted, then the line lengths are different. However, they both contained the same text, The two webservers just chose to break the lines at different places, and I guess that the OpenPGP format allows the sender to vary the line length when ASCII-armouring a key. If you look at the two keys you posted, then the line lengths are different. However, they both contained the same text. The two keyservers just chose to break the lines at different places, and I guess that the OpenPGP format allows the sender to vary the line length when ASCII-armouring a key. ^^^ See what I mean? > I managed to set another computer up, with a second gpg identity. I > encoded a message to my first identity using a public key from the > gnupgp keyserver and was able to decrypt it successfully. So despite > the variation in the asci text and length of the public key works. > > I am still curious however and wonder if anyone has a theory why these > public keys change depending on the key server? Because the data "file" you download from the keyserver is not just a binary copy of the key - the key can be encoded in different ways, and there could also be other information encoded in there. For example: consider a file compressed with "gzip". gzip allows the user to specify the compression ratio required from -1 to -9 - the larger the number, the better compression ratio that it achieves, but the longer it takes to run. If you look at each of the compressed files individually, they will all look completely different (since they have been compressed in subtly different ways), but if you uncompress each of them with gunzip, they all end up producing the same result - the file which was originally compressed. The bottom line: Yes, the key arriving from the keyserver might not look the same in its ASCII-armoured form. Unless you see a problem with the key once it's been imported into GPG, don't worry about it. -- David Smith | Tel: +44 (0)1454 462380 Home: +44 (0)1454 616963 STMicroelectronics | Fax: +44 (0)1454 462305 Mobile: +44 (0)7932 642724 1000 Aztec West | TINA: 065 2380 GPG Key: 0xF13192F2 Almondsbury | Work Email: Dave.Smith at st.com BRISTOL, BS32 4SQ | Home Email: David.Smith at ds-electronics.co.uk From dkg at fifthhorseman.net Thu Jul 2 15:07:43 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Thu, 02 Jul 2009 09:07:43 -0400 Subject: My public key block appears different on keyservers In-Reply-To: <6dd5b9ac0907020536v8b9b81y966d8f92f3039519@mail.gmail.com> References: <6dd5b9ac0907010605y65b8b39ak2b3577e9191c9e89@mail.gmail.com> <6dd5b9ac0907020536v8b9b81y966d8f92f3039519@mail.gmail.com> Message-ID: <4A4CB11F.5020701@fifthhorseman.net> On 07/02/2009 08:36 AM, Matt Gantner wrote: > I am still curious however and wonder if anyone has a theory why these > public keys change depending on the key server? What you're referring to as a "public key" is actually a compound certificate which contains a public key and (potentially many) associated certifications. Internally, the certificate structure usually looks something like this: Primary public key (pub) +--User ID A | +---signature certifying that "User ID A" belongs with pub | +---another signature certifying the same thing | +---self-signature (by pub, over "A") including keyholder preferences | +---[more sigs ...] | +--User ID B | +---signature certifying that "User ID B" belongs with pub | +---another signature certifying the same thing | +---self-signature (by pub, over "B") including keyholder preferences | +---[more sigs ...] | +--Public key of subkey (sub) +---Binding signature by pub (certifies that sub belongs to pub) Different keyservers may have gotten different User IDs, different signatures, and different subkeys associated with this particular compound certificate at different times. And certain kinds of re-orderings within the certificate leave the certificate semantically unchanged. For example "User ID A" and all of its dependent signatures could be placed after "User ID B" without changing the meaning of the cert. Also, signatures associated with any single User ID or subkey can be re-ordered without changing the semantic content of the cert. If you're interested in exactly what is in the certificates you've downloaded, to see what the underlying differences are, you can use GnuPG to get a more human-readable form: gpg --list-packets < cert-from-keyserver0.gpg gpg --list-packets < cert-from-keyserver1.gpg The content of this output is still fairly complicated, but it's nothing that you won't be able to figure out by doing some serious digging through RFC 4880: http://tools.ietf.org/html/rfc4880 So the two compound certificates received may have different orderings of their internal elements, and some may even be missing some elements that others have (e.g. if a particular signature has not propagated from one keyserver to another yet). I think this could explain significant differences between the files you've downloaded from different keyservers. I hope this explanation is useful (and happy as always to receive corrections or clarifications if i've mixed anything up). Regards, --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From gantner at gmail.com Thu Jul 2 16:56:42 2009 From: gantner at gmail.com (matt gantner) Date: Thu, 2 Jul 2009 10:56:42 -0400 Subject: My public key block appears different on keyservers In-Reply-To: <20090702130015.GD28779@bristol.st.com> References: <6dd5b9ac0907010605y65b8b39ak2b3577e9191c9e89@mail.gmail.com> <6dd5b9ac0907020536v8b9b81y966d8f92f3039519@mail.gmail.com> <20090702130015.GD28779@bristol.st.com> Message-ID: <9F0898E6-2CAE-4FFA-A39A-8174079BD33A@gmail.com> Thanks for the feedback. The gzip example clarified what your meaning to me. My mental model incorrectly assumed that a public key was a non- changing form but I now see that the encoded key data takes different forms but results in the same informaton when analyized by gpg. via mobile device On Jul 2, 2009, at 9:00, David SMITH wrote: > On Thu, Jul 02, 2009 at 08:36:14AM -0400, Matt Gantner wrote: >> I'm not terribly familiar PNG or GPG keys so bear with me. >> >> I am understanding your statement to be saying that the two keys are >> really the same asci text but the line breaks make them appear to be >> different. >> >> To test that I ran diff on the two keys and they are completely >> different text. Every line was different. So I am falling back to my >> theory that the key server software appears to make the public key >> different by the nature of its encoding when uploaded. > > If you look at the two keys you posted, then the line lengths are > different. However, they both contained the same text, The two > webservers just chose to break the lines at different places, and > I guess that the OpenPGP format allows the sender to vary the line > length when ASCII-armouring a key. > > If you look at the two keys you posted, then the line > lengths are different. However, they both contained > the same text. The two keyservers just chose to break > the lines at different places, and I guess that the > OpenPGP format allows the sender to vary the line > length when ASCII-armouring a key. > > ^^^ See what I mean? > >> I managed to set another computer up, with a second gpg identity. I >> encoded a message to my first identity using a public key from the >> gnupgp keyserver and was able to decrypt it successfully. So despite >> the variation in the asci text and length of the public key works. >> >> I am still curious however and wonder if anyone has a theory why >> these >> public keys change depending on the key server? > > Because the data "file" you download from the keyserver is not just a > binary copy of the key - the key can be encoded in different ways, and > there could also be other information encoded in there. > > For example: consider a file compressed with "gzip". gzip allows the > user to specify the compression ratio required from -1 to -9 - the > larger the number, the better compression ratio that it achieves, but > the longer it takes to run. > > If you look at each of the compressed files individually, they will > all look completely different (since they have been compressed in > subtly different ways), but if you uncompress each of them with > gunzip, they all end up producing the same result - the file which > was originally compressed. > > The bottom line: Yes, the key arriving from the keyserver might not > look the same in its ASCII-armoured form. Unless you see a problem > with the key once it's been imported into GPG, don't worry about it. > > -- > David Smith | Tel: +44 (0)1454 462380 Home: +44 (0)1454 616963 > STMicroelectronics | Fax: +44 (0)1454 462305 Mobile: +44 (0)7932 642724 > 1000 Aztec West | TINA: 065 2380 GPG Key: 0xF13192F2 > Almondsbury | Work Email: Dave.Smith at st.com > BRISTOL, BS32 4SQ | Home Email: David.Smith at ds-electronics.co.uk From cpollock at embarqmail.com Fri Jul 3 06:04:03 2009 From: cpollock at embarqmail.com (Chris) Date: Thu, 02 Jul 2009 23:04:03 -0500 Subject: verifying rpms - public key not found Message-ID: <1246593844.28271.130.camel@localhost.localdomain> When trying to verify an rpm that I built and signed I get: [chris at localhost ~]$ gpg --check-sig /home/chris/ClamStuff/clamav-0.94.1-0.1.101mdk.i586.rpm gpg: using PGP trust model gpg: key 98E6705C: accepted as trusted key gpg: error reading key: public key not found This came from the fact that I'm trying to create Clamav rpms for Mandriva 2009.1 and I keep getting Pass phrase check failed after entering my pass phrase. I decided to check the sig on one I made last year and keep getting the above error. My ~/.gnupg folder looks like this: -rw-r--r-- 1 chris chris 2137 2009-01-02 20:24 cpollock.asc drwx------ 2 chris chris 4096 2009-02-26 17:37 dirmngr-cache.d/ -rw-r--r-- 1 chris chris 321 2009-02-08 11:19 dirmngr.conf -rw-r--r-- 1 chris chris 321 2009-02-08 11:06 dirmngr.conf.gpgconf.bak -rw-r--r-- 1 chris chris 851 2009-07-01 10:42 gpg-agent.conf -rw-r--r-- 1 chris chris 853 2009-02-08 11:19 gpg-agent.conf~ -rw-r--r-- 1 chris chris 853 2009-02-08 11:06 gpg-agent.conf.gpgconf.bak -rw-r--r-- 1 chris chris 9289 2009-02-06 19:59 gpg.conf -rw-r--r-- 1 chris chris 9178 2009-01-03 15:40 gpg.conf~ -rw-r--r-- 1 chris chris 9209 2009-01-02 20:21 gpg.conf.gpgconf.bak -rw-r--r-- 1 chris chris 432 2009-02-08 11:19 gpgsm.conf -rw-r--r-- 1 chris chris 422 2009-01-02 19:06 gpgsm.conf~ -rw-r--r-- 1 chris chris 432 2009-02-08 11:06 gpgsm.conf.gpgconf.bak drwxrwxr-x 2 chris chris 4096 2009-07-02 22:48 Hold/ srwxrwxr-x 1 chris chris 0 2009-02-08 11:19 log-socket= drwxrwxr-x 2 chris chris 4096 2009-01-03 22:18 private-keys-v1.d/ -rw------- 1 chris chris 6497756 2009-07-01 17:46 pubring.gpg -rw------- 1 chris chris 6497756 2009-07-01 17:10 pubring.gpg~ -rw-rw-r-- 1 chris chris 17087 2009-02-26 17:37 pubring.kbx -rw-rw-r-- 1 chris chris 18116 2009-02-26 17:37 pubring.kbx~ -rw------- 1 chris chris 600 2009-07-02 21:32 random_seed -rw-r--r-- 1 chris chris 327 2009-02-08 11:19 scdaemon.conf -rw-r--r-- 1 chris chris 327 2009-02-08 11:06 scdaemon.conf.gpgconf.bak -rw------- 1 chris chris 1311 2009-01-07 17:37 secring.gpg -rw------- 1 chris chris 1480 2009-07-01 17:46 trustdb.gpg What am I missing and I'm sure it's right in front of my eyes. Thanks for any suggestions. Chris -- KeyID 0xE372A7DA98E6705C -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part URL: From dkg at fifthhorseman.net Fri Jul 3 07:21:08 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Fri, 03 Jul 2009 01:21:08 -0400 Subject: verifying rpms - public key not found In-Reply-To: <1246593844.28271.130.camel@localhost.localdomain> References: <1246593844.28271.130.camel@localhost.localdomain> Message-ID: <4A4D9544.7040709@fifthhorseman.net> On 07/03/2009 12:04 AM, Chris wrote: > When trying to verify an rpm that I built and signed I get: > > [chris at localhost ~]$ gpg > --check-sig /home/chris/ClamStuff/clamav-0.94.1-0.1.101mdk.i586.rpm > gpg: using PGP trust model > gpg: key 98E6705C: accepted as trusted key > gpg: error reading key: public key not found --check-sig is for verifying certifications on keys, not for verifying signatures on arbitrary data. The man page isn't terribly clear about that if you didn't already know it though, unfortunately :( You're probably interested in something like gpg --verify, but i don't know exactly how signed .rpms work (i work with .debs mostly, which have external signatures), so hopefully someone else can pipe up with the specifics. hth, --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From shavital at mac.com Fri Jul 3 08:15:41 2009 From: shavital at mac.com (Charly Avital) Date: Fri, 03 Jul 2009 02:15:41 -0400 Subject: verifying rpms - public key not found In-Reply-To: <4A4D9544.7040709@fifthhorseman.net> References: <1246593844.28271.130.camel@localhost.localdomain> <4A4D9544.7040709@fifthhorseman.net> Message-ID: <4A4DA20D.1080404@mac.com> Daniel Kahn Gillmor wrote the following on 7/3/09 1:21 AM: [...] > You're probably interested in something like gpg --verify, but i don't > know exactly how signed .rpms work (i work with .debs mostly, which have > external signatures), so hopefully someone else can pipe up with the > specifics. If you signed your .rpm file with a detached signature, you might try: $ gpg --verify [path to]signature file [path to]signed file. Charly From lists at michel-messerschmidt.de Fri Jul 3 09:57:22 2009 From: lists at michel-messerschmidt.de (Michel Messerschmidt) Date: Fri, 3 Jul 2009 09:57:22 +0200 Subject: verifying rpms - public key not found In-Reply-To: <4A4D9544.7040709@fifthhorseman.net> References: <1246593844.28271.130.camel@localhost.localdomain> <4A4D9544.7040709@fifthhorseman.net> Message-ID: On Fri, July 3, 2009 07:21, Daniel Kahn Gillmor wrote: > On 07/03/2009 12:04 AM, Chris wrote: >> [chris at localhost ~]$ gpg >> --check-sig /home/chris/ClamStuff/clamav-0.94.1-0.1.101mdk.i586.rpm >> gpg: using PGP trust model >> gpg: key 98E6705C: accepted as trusted key >> gpg: error reading key: public key not found > > You're probably interested in something like gpg --verify, but i don't > know exactly how signed .rpms work (i work with .debs mostly, which have > external signatures), so hopefully someone else can pipe up with the > specifics. rpm provides its own verification command: rpm -v --checksig It won't succeed though if your key is only available in the gnupg keyring but was not imported into the rpm database - that's what the "rpm --import" command is used for). Michel From cpollock at embarqmail.com Fri Jul 3 16:02:19 2009 From: cpollock at embarqmail.com (Chris) Date: Fri, 03 Jul 2009 09:02:19 -0500 Subject: verifying rpms - public key not found In-Reply-To: References: <1246593844.28271.130.camel@localhost.localdomain> <4A4D9544.7040709@fifthhorseman.net> Message-ID: <1246629739.28271.220.camel@localhost.localdomain> On Fri, 2009-07-03 at 09:57 +0200, Michel Messerschmidt wrote: > On Fri, July 3, 2009 07:21, Daniel Kahn Gillmor wrote: > > On 07/03/2009 12:04 AM, Chris wrote: > >> [chris at localhost ~]$ gpg > >> --check-sig /home/chris/ClamStuff/clamav-0.94.1-0.1.101mdk.i586.rpm > >> gpg: using PGP trust model > >> gpg: key 98E6705C: accepted as trusted key > >> gpg: error reading key: public key not found > > > > You're probably interested in something like gpg --verify, but i don't > > know exactly how signed .rpms work (i work with .debs mostly, which have > > external signatures), so hopefully someone else can pipe up with the > > specifics. > > rpm provides its own verification command: > rpm -v --checksig > > It won't succeed though if your key is only available in the gnupg keyring > but was not imported into the rpm database - that's what the "rpm --import" > command is used for). > > > Michel > Thank you Michel, I was using the wrong command. [chris at localhost ~]$ rpm -v --checksig /home/chris/ClamStuff/clamav-0.94.1-0.1.101mdk.i586.rpm /home/chris/ClamStuff/clamav-0.94.1-0.1.101mdk.i586.rpm: Header V4 DSA signature: OK, key ID 98e6705c Header SHA1 digest: OK (bb1fc6b767ada68c62ee0c077aa44ccebfe0813d) MD5 digest: OK (90f2920ee1c6855c8657928d31a2dacd) V4 DSA signature: OK, key ID 98e6705c And now I see that when trying to sign an rpm I get: [chris at localhost ~]$ rpmbuild -bs -v --sign /home/chris/rpm/SPECS/clamav.spec Enter pass phrase: gpg: skipped "Chris Pollock (New email address as of 04/21/07) ": secret key not available gpg: signing failed: secret key not available Pass phrase check failed I'm confused now as to why it says this, --list-keys shows this: [chris at localhost ~]$ gpg --list-keys cpollock at embarqmail.com gpg: using character set `utf-8' gpg: using PGP trust model gpg: key 98E6705C: accepted as trusted key pub 1024D/98E6705C 2005-11-23 uid Chris Pollock (New email address as of 04/21/07) uid Chris Pollock sub 2048g/F5604046 2005-11-23 Thought I'd re-import my secret key and get this: gpg: sec 1024D/98E6705C 2005-11-23 Chris Pollock gpg: key 98E6705C: already in secret keyring gpg: Total number processed: 1 gpg: secret keys read: 1 gpg: secret keys unchanged: 1 Why is my old email address still shown? Chris -- KeyID 0xE372A7DA98E6705C -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part URL: From pri-jans at home.minuskel.de Fri Jul 3 09:07:51 2009 From: pri-jans at home.minuskel.de (pri-jans at home.minuskel.de) Date: Fri, 3 Jul 2009 09:07:51 +0200 (MEST) Subject: gpg2 does not detect smart card adapter Message-ID: <44863.195.145.148.246.1246604871.squirrel@home.minuskel.de> Hi! > Is the gpg-agent running? Run "gpg-agent" and it will tell you. yes, running and ready. > Is the scdaemon installed? Run Do you mean pcscd? Yes it is installed and running. > gpg-connect-agent 'SCD getinfo version' /bye Executing this command does not work. gpg-connect-agent says it got wrong arguments. Or do you mean to replace 'SCD getinfo version' by the version number of pcscd? > This should display the version number of the scdaemon. Check > permissions of the reader (/dev/bus/usb/NNN/MMM), you need to have write > access Non-root users have read access only - to any USB device. It guess that pcscd has root privileges; so this is fine? > If that is all fine, you need to enable debugging: Add these lines to > ~/.gnupg/scdaemon.conf: This file did not exist yet so I created it. > debug 1024 > debug 2048 > log-file /foo/bar/scdaemon.log > > Restart scdaemon (Use "kill" or with the latest GnuPG versions: > "gpgconf--reload scdaemon"). Is "/etc/init.d/pcscd restart" doing the same job? Regards Jan > > Salam-Shalom, > > Werner > > > > -- > Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. > > > From jan.suhr at privacyfoundation.de Fri Jul 3 17:33:56 2009 From: jan.suhr at privacyfoundation.de (Jan Suhr) Date: Fri, 03 Jul 2009 17:33:56 +0200 Subject: gpg2 does not detect smart card adapter In-Reply-To: <87k52q6tl7.fsf@wheatstone.g10code.de> References: <4A4BE68D.6030105@privacyfoundation.de> <874otva1kx.fsf@wheatstone.g10code.de> <44863.195.145.148.246.1246604811.squirrel@home.minuskel.de> <87k52q6tl7.fsf@wheatstone.g10code.de> Message-ID: <4A4E24E4.9080101@privacyfoundation.de> >>> gpg-connect-agent 'SCD getinfo version' /bye >> Executing this command does not work. gpg-connect-agent says it got >> wrong arguments. Or do you mean to replace 'SCD getinfo version' by > > See: > > $ gpg-connect-agent 'SCD getinfo version' /bye > D 2.0.13-svn5056 > OK > > Please give the exact error message. Anyway I think scdaemon is not > installed and thus gpg-agent can't run it. I get the following message: "Aufruf: gpg-connect-agent [Optionen] (-h f?r Hilfe)" What to do? >> Non-root users have read access only - to any USB device. It guess >> that pcscd has root privileges; so this is fine? > > If you are using pcscd, it needs access to the reader as well. If it is > really running under the root account, that should work. If you are > using the internal ccid-driver of scdameon, you (i.e. scdaemon) needs > write permissions to the smartcard reader device. Hopefully we will get this ok when the above problem is solved. >>> Restart scdaemon (Use "kill" or with the latest GnuPG versions: >>> "gpgconf--reload scdaemon"). >> Is "/etc/init.d/pcscd restart" doing the same job? > > Nope, pcscd and scdaemon are distinct programs. Scdaemon is part of > gpg-agent; the reload is only required to make it re-read thye > configuration file. > > > Shalom-Salam, > > Werner > -- Jan Suhr German Privacy Foundation e.V. https://www.privacyfoundation.de/ Anonymous e-mail: https://www.awxcnx.de/jansuhr.msg From jmoore3rd at bellsouth.net Fri Jul 3 17:37:28 2009 From: jmoore3rd at bellsouth.net (John W. Moore III) Date: Fri, 03 Jul 2009 11:37:28 -0400 Subject: verifying rpms - public key not found In-Reply-To: <1246629739.28271.220.camel@localhost.localdomain> References: <1246593844.28271.130.camel@localhost.localdomain> <4A4D9544.7040709@fifthhorseman.net> <1246629739.28271.220.camel@localhost.localdomain> Message-ID: <4A4E25B8.1080202@bellsouth.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Chris wrote: > Why is my old email address still shown? Is the UID with Your 'old' address still on Your Key? You may wish to Set Your new address as the Primary UID and then revoke the UID with the 'old' address. HTH JOHN ;) Timestamp: Friday 03 Jul 2009, 11:37 --400 (Eastern Daylight Time) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10-svn5046: (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: http://www.gswot.org Comment: Personal Web Page: http://tinyurl.com/yzhbhx iQEcBAEBCgAGBQJKTiW1AAoJEBCGy9eAtCsPy6EIAIRK8j1YBGDi5SxaLW/c/caA H1SZQEguI1cFXzBrUVp2Zt38x1UcqVdLPPHb9ZXgSWs5hRYGwvSY8wLUOmZTP3Dv dFwxhy0Ii0uuOPlmG/SjWe5d/4Ns5tezielJRZmhE6JZ5aCHvdjeMcgapLLkuvGS Qiyw9W8zlxtNRNU9/DWUBQpuiCwn0Z8UfKlNdYHMIvdPqfPoF7SVWN+nhwseLCZX yQGb+KOQKboOYwDTExXcrFr6/RtR/uqmjfIl7paoAqlu1gxbxV1n+VIBXeMnAOuO 49B2Cai/G+UpalEKIh32PaQloHKBW3TAjoTvEXuhQS6T2fxIf6gUR28eHShjBoA= =MtrV -----END PGP SIGNATURE----- From wk at gnupg.org Fri Jul 3 18:49:40 2009 From: wk at gnupg.org (Werner Koch) Date: Fri, 03 Jul 2009 18:49:40 +0200 Subject: gpg2 does not detect smart card adapter In-Reply-To: <4A4E24E4.9080101@privacyfoundation.de> (Jan Suhr's message of "Fri, 03 Jul 2009 17:33:56 +0200") References: <4A4BE68D.6030105@privacyfoundation.de> <874otva1kx.fsf@wheatstone.g10code.de> <44863.195.145.148.246.1246604811.squirrel@home.minuskel.de> <87k52q6tl7.fsf@wheatstone.g10code.de> <4A4E24E4.9080101@privacyfoundation.de> Message-ID: <87y6r54spn.fsf@wheatstone.g10code.de> On Fri, 3 Jul 2009 17:33, jan.suhr at privacyfoundation.de said: > I get the following message: > "Aufruf: gpg-connect-agent [Optionen] (-h f?r Hilfe)" That is a petty old version of GnuPG. You may want to resort to gpg-connect-agent and then enter at the prompt SCD GETINFO version BYE But better update gnupg or wait a few days until 2.0.13 will be released. Salam-Shalom, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. From jan.suhr at privacyfoundation.de Fri Jul 3 21:38:45 2009 From: jan.suhr at privacyfoundation.de (Jan Suhr) Date: Fri, 03 Jul 2009 21:38:45 +0200 Subject: gpg2 does not detect smart card adapter In-Reply-To: <87y6r54spn.fsf@wheatstone.g10code.de> References: <4A4BE68D.6030105@privacyfoundation.de> <874otva1kx.fsf@wheatstone.g10code.de> <44863.195.145.148.246.1246604811.squirrel@home.minuskel.de> <87k52q6tl7.fsf@wheatstone.g10code.de> <4A4E24E4.9080101@privacyfoundation.de> <87y6r54spn.fsf@wheatstone.g10code.de> Message-ID: <4A4E5E45.8090404@privacyfoundation.de> > and then enter at the prompt > > SCD GETINFO version > BYE I retrieve: "ERR 103 unknown command" > But better update gnupg or wait a few days until 2.0.13 will be > released. Okay. I was told that you also will release 1.4.10 with support for the OpenPGP Card V2. Do you have any schedule when this will be available? Regards Jan > Salam-Shalom, > > Werner > -- Jan Suhr German Privacy Foundation e.V. https://www.privacyfoundation.de/ Anonymous e-mail: https://www.awxcnx.de/jansuhr.msg From cpollock at embarqmail.com Sat Jul 4 03:19:44 2009 From: cpollock at embarqmail.com (Chris) Date: Fri, 03 Jul 2009 20:19:44 -0500 Subject: verifying rpms - public key not found In-Reply-To: <4A4E25B8.1080202@bellsouth.net> References: <1246593844.28271.130.camel@localhost.localdomain> <4A4D9544.7040709@fifthhorseman.net> <1246629739.28271.220.camel@localhost.localdomain> <4A4E25B8.1080202@bellsouth.net> Message-ID: <1246670384.28271.236.camel@localhost.localdomain> On Fri, 2009-07-03 at 11:37 -0400, John W. Moore III wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Chris wrote: > > > Why is my old email address still shown? > > Is the UID with Your 'old' address still on Your Key? You may wish to > Set Your new address as the Primary UID and then revoke the UID with the > 'old' address. > > HTH > > JOHN ;) Hi John, I found out the problem with after I was hit in the head with a 2x4, apparently something was wrong with my secring.gpg file. I copied from my backup over to the ~/.gnupg folder and everything looks ok again. I was even able to sign my clamav rpms: [chris at localhost i586]$ gpg -K gpg: using character set `utf-8' gpg: using PGP trust model gpg: key 98E6705C: accepted as trusted key /home/chris/.gnupg/secring.gpg ------------------------------ sec 1024D/98E6705C 2005-11-23 uid Chris Pollock uid Chris Pollock (New email address as of 04/21/07) ssb 2048g/F5604046 2005-11-23 [chris at localhost i586]$ rpm -v --checksig clamd-0.95.2-1mdv2009.1.i586.rpm clamd-0.95.2-1mdv2009.1.i586.rpm: Header V4 DSA signature: OK, key ID 98e6705c Header SHA1 digest: OK (975c02d67357a42e5698b3050deadae945434be7) MD5 digest: OK (424750ca8fe413cfc997cb41683c99cb) V4 DSA signature: OK, key ID 98e6705c Thanks again to you and everyone else who replied to this thread. One thing for sure backups definitely come in handy! Chris -- KeyID 0xE372A7DA98E6705C -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part URL: From t.eden at yahoo.com Sun Jul 5 14:45:47 2009 From: t.eden at yahoo.com (t eden) Date: Sun, 5 Jul 2009 05:45:47 -0700 (PDT) Subject: GPG Setup Message-ID: <958084.32297.qm@web56908.mail.re3.yahoo.com> I am rather new at gnupg and encryption. I have spent a good deal of time reading up on the subject. So, I think I understand what my setup should be, but would like input from the experts. :-) 1. Change to sha256. 2. Generate separate keys for signing, certifying, and encrypting. 3. Generate a revocation certificate. 4. Disable hibernation on all my machines to make sure passwords aren't saved to hibernation file.... (just kidding) Thank you so much for your comments. Here is my gpg.conf: ###+++--- GPGConf ---+++### utf8-strings keyserver hkp://keys.gnupg.net ###+++--- GPGConf ---+++### 05/28/09 17:27:21 Eastern Daylight Time # GPGConf edited this configuration file. # It will disable options before this marked block, but it will # never change anything below these lines. verbose ## --personal-digest-preferences string ## Set the list of personal digest preferences to string. Use gpg2--version to ## get a list of available algorithms. # personal-digest-preferences SHA256 personal-digest-preferences H8 H2 H10 H3 H9 H1 ##=========================================================================================== ## --default-preference-list "string" ## Set the list of default preferences to "string." This preference list is used for ## new keys and becomes the default for "setpref" in the edit menu. default-preference-list SHA512 SHA256 SHA384 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed ##=========================================================================================== enable-dsa2 # cert-digest-algo sha256 ask-cert-level comment "" -- ?????????????????????????????????? Email: t.eden at yahoo.com Vision without action is a daydream. Action without vision is a nightmare. ?????????????????????????????????? From shavital at mac.com Sun Jul 5 17:16:07 2009 From: shavital at mac.com (Charly Avital) Date: Sun, 05 Jul 2009 11:16:07 -0400 Subject: GPG Setup In-Reply-To: <958084.32297.qm@web56908.mail.re3.yahoo.com> References: <958084.32297.qm@web56908.mail.re3.yahoo.com> Message-ID: <4A50C3B7.1030102@mac.com> t eden wrote the following on 7/5/09 8:45 AM: > I am rather new at gnupg and encryption. I have spent a good deal of > time reading up on the subject. Hi, that's a refreshing (for me) start. > So, I think I understand what my setup > should be, but would like input from the experts. :-) Thanks God, I am no expert, but here are my 2? > > 1. Change to sha256. Good move. Some experts will tell SHA1 is "compromised" or "bound to be compromised", other experts will tell SHA1 is still OK. Which to my lay understanding, amounts to the same thing. So go for broke (for sure) and stay with SHA256. Some other experts will recommend SHA512, but one can't accommodate all experts. Personally, I switched to SHA256 quite a while ago. > > 2. Generate separate keys for signing, certifying, and encrypting. I understand you have generated a key that includes separate subkeys for encrypting, and for signing only. The primary key is surely good for certifying. > > 3. Generate a revocation certificate. Great. You have profited from your reading. > > 4. Disable hibernation on all my machines to make sure passwords aren't saved to hibernation file.... (just kidding). What I don't do is use the option offered by some systems that enable the user to "save" the passphrase for a certain duration. Such saving writes the passphrase to disk, not a good move. I use GPG2 with gpg-agent. gpg-agent does not save the passphrase, it caches it (encrypted) for a period of time set by the user. I tried to find your public on three or four separate servers, no luck. Did you upload it? Mind you, you are not bound to do it, unless you intend to sign your messages and expect the recipients to be able to verify your signature. Ditto for people who would like to encrypt to you. I have exceeded my 2?, sorry. It would help if you indicate some information about your system. About your gpg.conf file, I'll let the real experts in this forum to comment. And about Comment. I don't know what you mean when you have set your comment to read "", unless you have chosen not to display the real comment you want to use. If you are not going to insert any comment of your choice, I would suggest to comment that line in your gpg.conf: #comment "" Charly MacOS 10.5.7-MacBook Intel C2Duo 2GHz-GnuPG 1.4.9-MacGPG 2.0.12 TB 2.0.0.22+EM 0.95.7-Apple's Mail+GPGMail 1.2.0 (v56), Key: 0xA57A8EFA [snip] From jan.suhr at privacyfoundation.de Mon Jul 6 11:48:30 2009 From: jan.suhr at privacyfoundation.de (Jan Suhr) Date: Mon, 06 Jul 2009 11:48:30 +0200 Subject: gpg2 does not detect smart card adapter In-Reply-To: <4A4E5E45.8090404@privacyfoundation.de> References: <4A4BE68D.6030105@privacyfoundation.de> <874otva1kx.fsf@wheatstone.g10code.de> <44863.195.145.148.246.1246604811.squirrel@home.minuskel.de> <87k52q6tl7.fsf@wheatstone.g10code.de> <4A4E24E4.9080101@privacyfoundation.de> <87y6r54spn.fsf@wheatstone.g10code.de> <4A4E5E45.8090404@privacyfoundation.de> Message-ID: <4A51C86E.9030506@privacyfoundation.de> I installed gnupg 2.0.12 but this had no effect. Unfortunately the error is still the same. Please note that I did _not_ upgraded the required libraries but used the version which are provided in Ubuntu. Do you recommend to upgrade the required libraries as well? Any suggestion how to "fix" the error? Regards Jan Jan Suhr schrieb: >> and then enter at the prompt >> >> SCD GETINFO version >> BYE > > I retrieve: "ERR 103 unknown command" > >> But better update gnupg or wait a few days until 2.0.13 will be >> released. > > Okay. > > I was told that you also will release 1.4.10 with support for the > OpenPGP Card V2. Do you have any schedule when this will be available? > > Regards > Jan > >> Salam-Shalom, >> >> Werner >> > > -- Jan Suhr German Privacy Foundation e.V. https://www.privacyfoundation.de/ Anonymous e-mail: https://www.awxcnx.de/jansuhr.msg From ffuhr at gmx.de Tue Jul 7 08:55:39 2009 From: ffuhr at gmx.de (Friedrich Fuhr) Date: Tue, 7 Jul 2009 08:55:39 +0200 Subject: algorythm 11 mistake mac Message-ID: <7A2AAA33-7BCC-43BE-A6FF-8819BBF44E48@gmx.de> Hello to all. I have a Problem: When i try to send a signed mail message i get a window with the following text: internal failure: the hash algorithmus 11 is not allowed with rfc3156 the message couldn?t signed with gpg system: mac os x 10,5,6 gpgmail 1.2.0 gpgpreferences 1.2.2 macgpg 2-2.0.12 background: i made 2 new keys for 2 different email-adresses. i forgot the passphrase without having a revocation possibility i deleted both keys #then i made a new one with one of the addresses from this point on the mentioned above mistake happened. as long as i remembered my passphrase everything worked fine. what ca i do to solve the problem? may i uninstall everything? thank you very much for your patience and your help Friedrich Fuhr ffuhr at gmx.de -------------- next part -------------- An HTML attachment was scrubbed... URL: From shavital at mac.com Tue Jul 7 12:00:56 2009 From: shavital at mac.com (Charly Avital) Date: Tue, 07 Jul 2009 06:00:56 -0400 Subject: algorythm 11 mistake mac In-Reply-To: <7A2AAA33-7BCC-43BE-A6FF-8819BBF44E48@gmx.de> References: <7A2AAA33-7BCC-43BE-A6FF-8819BBF44E48@gmx.de> Message-ID: <4A531CD8.1050500@mac.com> Friedrich Fuhr wrote the following on 7/7/09 2:55 AM: > Hello to all. > I have a Problem: > When i try to send a signed mail message i get a window with the > following text: > > internal failure: the hash algorithmus 11 is not allowed with rfc3156 > the message couldn?t signed with gpg > > system: > mac os x 10,5,6 > gpgmail 1.2.0 > gpgpreferences 1.2.2 > macgpg 2-2.0.12 > > background: > > i made 2 new keys for 2 different email-adresses. > i forgot the passphrase without having a revocation possibility > i deleted both keys > #then i made a new one with one of the addresses > from this point on the mentioned above mistake happened. > as long as i remembered my passphrase everything worked fine. > > what ca i do to solve the problem? > may i uninstall everything? > > thank you very much for your patience > and your help > > > Friedrich Fuhr > ffuhr at gmx.de Hi Friedrich, Server server blackhole.pca.dfn.de shows: (1) Friedrich Fuhr 2048 bit DSA key 339FBBAE, created: 2009-07-03 (2) Friedrich Fuhr (Friedrich Fuhr (privat)) 1024 bit DSA key 911BEFC3, created: 2009-06-23 Some information about your public keys: Is key (1) the new one you generated after deleting (in your keyring) the previous two keys whose passphrase you had forgotten? Is this the key you are using now as your default key? Is key (2) valid, or have you deleted it (in your keyring)? Since you are using GPGPreferences, please go to System Preferences/GnuPG, click on the last bezel 'Expert'. This will display, in graphical form, the contents of your gpg.conf file. Please check whether 'rfc 3156' is enabled (the small square button at the left of rfc 3156 is marked. If it is, please unmark it. If you have already an option named simply 'gnupg', and the small square button is not marked, please mark it. If not, please add a new option, name it gnupg and enable it (use the square with the plus + sign at the bottom of the window. Please check what 'digest-also' you are using. If your key is 339FBBAE, I suggest you use SHA256, since that key is a DSA2 key, and it will enable you to use SHA256. Errors that mention 'algorithm 11' usually refer to algorithm H11 (SHA224), and *there might be* (I am not sure) some kind of problem between hash algorithm SHA224 and RFC 3156 (related to OpenPGP MIME). Again I insist: I am not sure about this SHA224 issue, but I remember that a few years ago, it created problems. But that was some time ago, and there shouldn't be any problems now. Finally, please note that there are specific mailing lists for GPGMail and MacGPG2 users. Charly From dshaw at jabberwocky.com Tue Jul 7 15:08:31 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Tue, 7 Jul 2009 09:08:31 -0400 Subject: algorythm 11 mistake mac In-Reply-To: <7A2AAA33-7BCC-43BE-A6FF-8819BBF44E48@gmx.de> References: <7A2AAA33-7BCC-43BE-A6FF-8819BBF44E48@gmx.de> Message-ID: <37BC3FFE-B3AA-4A37-A710-3B24CDEE6F7F@jabberwocky.com> On Jul 7, 2009, at 2:55 AM, Friedrich Fuhr wrote: > Hello to all. > I have a Problem: > When i try to send a signed mail message i get a window with the > following text: > > internal failure: the hash algorithmus 11 is not allowed with rfc3156 > the message couldn?t signed with gpg You need to contact the author of gpgmail. Algorithm 11 (SHA-224) is a later addition to the list of hashes in OpenPGP, but is perfectly allowable in RFC-3156 (PGP/MIME) messages. David From shavital at mac.com Tue Jul 7 16:37:07 2009 From: shavital at mac.com (Charly Avital) Date: Tue, 07 Jul 2009 10:37:07 -0400 Subject: algorythm 11 mistake mac In-Reply-To: <37BC3FFE-B3AA-4A37-A710-3B24CDEE6F7F@jabberwocky.com> References: <7A2AAA33-7BCC-43BE-A6FF-8819BBF44E48@gmx.de> <37BC3FFE-B3AA-4A37-A710-3B24CDEE6F7F@jabberwocky.com> Message-ID: <472F4889-5EAB-40C4-8010-8A4C71BE7BCC@mac.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Jul 7, 2009, at 9:08 AM, David Shaw wrote: > On Jul 7, 2009, at 2:55 AM, Friedrich Fuhr wrote: > >> Hello to all. >> I have a Problem: >> When i try to send a signed mail message i get a window with the >> following text: >> >> internal failure: the hash algorithmus 11 is not allowed with rfc3156 >> the message couldn?t signed with gpg > > You need to contact the author of gpgmail. Algorithm 11 (SHA-224) > is a later addition to the list of hashes in OpenPGP, but is > perfectly allowable in RFC-3156 (PGP/MIME) messages. > > David > I am using GPGMail to sign this message. I have had no problems using GPGMail till now. Charly My system: MacOS X 10.5.7 GPGMail 1.2.0 (v56) MacGPG2 2.0.12 -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.12 (Darwin) Comment: GnuPG for Privacy iQEcBAEBCAAGBQJKU12TAAoJEM3GMi2FW4PvfQMH/2nexqy2qcenBXHh+YP8EFyr jD7WYuOTvOVsRjpOQ5u1JNKM/sXxuETj/+XnnzJP0nlYcfK1IgYlfoJUDWjjR0m7 dSUvYKxliT3vWgjV7X2+ePopdhR/Xedyl3FkPk6DFxDYjf2D9RDZEvYNbi1RqtI4 /5G3VOaf1wxRX6RqbLCb+QCELwYJMwSw8bA1RaiD0Ukz8KFL5+SNjki4ut5/Ibdl PhB300z1yKz7FFyNN0RUh58pFrSy7qe+6LmvQRfxfHoGMYdagRGUcBKM8f+P8F9v imrZW+8prlhJu5daLx1N1OAxn7VPxRz5PjTcwDO5js4UAA18+eeSMBxgeVTxmD4= =o6Dr -----END PGP SIGNATURE----- From dshaw at jabberwocky.com Tue Jul 7 18:03:53 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Tue, 7 Jul 2009 12:03:53 -0400 Subject: algorythm 11 mistake mac In-Reply-To: <472F4889-5EAB-40C4-8010-8A4C71BE7BCC@mac.com> References: <7A2AAA33-7BCC-43BE-A6FF-8819BBF44E48@gmx.de> <37BC3FFE-B3AA-4A37-A710-3B24CDEE6F7F@jabberwocky.com> <472F4889-5EAB-40C4-8010-8A4C71BE7BCC@mac.com> Message-ID: <96686C4D-0AF3-47E5-8F8C-79C08CD25C48@jabberwocky.com> On Jul 7, 2009, at 10:37 AM, Charly Avital wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > > On Jul 7, 2009, at 9:08 AM, David Shaw wrote: > >> On Jul 7, 2009, at 2:55 AM, Friedrich Fuhr wrote: >> >>> Hello to all. >>> I have a Problem: >>> When i try to send a signed mail message i get a window with the >>> following text: >>> >>> internal failure: the hash algorithmus 11 is not allowed with >>> rfc3156 >>> the message couldn?t signed with gpg >> >> You need to contact the author of gpgmail. Algorithm 11 (SHA-224) >> is a later addition to the list of hashes in OpenPGP, but is >> perfectly allowable in RFC-3156 (PGP/MIME) messages. >> >> David >> > > I am using GPGMail to sign this message. > I have had no problems using GPGMail till now. You are using SHA-256. Try SHA-224. David From shavital at mac.com Tue Jul 7 19:49:46 2009 From: shavital at mac.com (Charly Avital) Date: Tue, 07 Jul 2009 13:49:46 -0400 Subject: algorythm 11 mistake mac In-Reply-To: <96686C4D-0AF3-47E5-8F8C-79C08CD25C48@jabberwocky.com> References: <7A2AAA33-7BCC-43BE-A6FF-8819BBF44E48@gmx.de> <37BC3FFE-B3AA-4A37-A710-3B24CDEE6F7F@jabberwocky.com> <472F4889-5EAB-40C4-8010-8A4C71BE7BCC@mac.com> <96686C4D-0AF3-47E5-8F8C-79C08CD25C48@jabberwocky.com> Message-ID: <9B961BB4-D38D-4561-A8FC-45F99410E2DB@mac.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA224 On Jul 7, 2009, at 12:03 PM, David Shaw wrote: > > [...] > You are using SHA-256. Try SHA-224. > > David > Here you go. Charly From GPGMail 1.2.0 (v56). -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.12 (Darwin) Comment: GnuPG for Privacy iQEcBAEBCwAGBQJKU4q7AAoJEM3GMi2FW4PvVhQIAIFYkg/WLbea7JmUCt3KMGGc kMNWGmb9hkT18MH86pXakb7AkjsK1OFmL+wcAOmPwbQ3tPiGUBylDl6Zp8BdN/X1 ArwT2Vv/Q0Wvoe8Dlw/qO+So/Thxe954gZe4ECkZk0Twj7sMgvF6rdVBLuTf8PK0 9HMUY13+XAL1bHEXufmGTpzVM0Mhv0cicbj0c6+HR0DNL+i9A4/ISvHM8aemp3zh vQ4MEoQ6ai90HRdTwBN5P5b49yB90h2GqN8XPLuWvIhmlrcoCBuoy755ZQlSPWGR AvP2DwsKzxsz4UoUYaq8ApztNYRwBUW/YL9cv1QZ/1E8oGMuwoCIcY5Il//YXNM= =Ylkg -----END PGP SIGNATURE----- From dshaw at jabberwocky.com Tue Jul 7 19:56:00 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Tue, 7 Jul 2009 13:56:00 -0400 Subject: algorythm 11 mistake mac In-Reply-To: <9B961BB4-D38D-4561-A8FC-45F99410E2DB@mac.com> References: <7A2AAA33-7BCC-43BE-A6FF-8819BBF44E48@gmx.de> <37BC3FFE-B3AA-4A37-A710-3B24CDEE6F7F@jabberwocky.com> <472F4889-5EAB-40C4-8010-8A4C71BE7BCC@mac.com> <96686C4D-0AF3-47E5-8F8C-79C08CD25C48@jabberwocky.com> <9B961BB4-D38D-4561-A8FC-45F99410E2DB@mac.com> Message-ID: <00F11D42-0261-4E73-99CB-E4EA4B879309@jabberwocky.com> On Jul 7, 2009, at 1:49 PM, Charly Avital wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA224 > > > On Jul 7, 2009, at 12:03 PM, David Shaw wrote: >> >> [...] > > >> You are using SHA-256. Try SHA-224. > > > Here you go. With PGP/MIME turned on. David From dkg at fifthhorseman.net Tue Jul 7 19:59:11 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Tue, 07 Jul 2009 13:59:11 -0400 Subject: algorythm 11 mistake mac In-Reply-To: <9B961BB4-D38D-4561-A8FC-45F99410E2DB@mac.com> References: <7A2AAA33-7BCC-43BE-A6FF-8819BBF44E48@gmx.de> <37BC3FFE-B3AA-4A37-A710-3B24CDEE6F7F@jabberwocky.com> <472F4889-5EAB-40C4-8010-8A4C71BE7BCC@mac.com> <96686C4D-0AF3-47E5-8F8C-79C08CD25C48@jabberwocky.com> <9B961BB4-D38D-4561-A8FC-45F99410E2DB@mac.com> Message-ID: <4A538CEF.7050301@fifthhorseman.net> On 07/07/2009 01:49 PM, Charly Avital wrote: > On Jul 7, 2009, at 12:03 PM, David Shaw wrote: >> You are using SHA-256. Try SHA-224. > Here you go. I think the difference here is that the OP is using PGP/MIME (hence the reference to RFC 3156), whereas Charly is using inline PGP. Charly, can you try one more time with SHA-224 and PGP/MIME to see if you can replicate the error? --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From shavital at mac.com Tue Jul 7 20:35:12 2009 From: shavital at mac.com (Charly Avital) Date: Tue, 07 Jul 2009 14:35:12 -0400 Subject: algorythm 11 mistake mac In-Reply-To: <00F11D42-0261-4E73-99CB-E4EA4B879309@jabberwocky.com> References: <7A2AAA33-7BCC-43BE-A6FF-8819BBF44E48@gmx.de> <37BC3FFE-B3AA-4A37-A710-3B24CDEE6F7F@jabberwocky.com> <472F4889-5EAB-40C4-8010-8A4C71BE7BCC@mac.com> <96686C4D-0AF3-47E5-8F8C-79C08CD25C48@jabberwocky.com> <9B961BB4-D38D-4561-A8FC-45F99410E2DB@mac.com> <00F11D42-0261-4E73-99CB-E4EA4B879309@jabberwocky.com> Message-ID: On Jul 7, 2009, at 1:56 PM, David Shaw wrote: > On Jul 7, 2009, at 1:49 PM, Charly Avital wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA224 >> >> >> On Jul 7, 2009, at 12:03 PM, David Shaw wrote: >>> >>> [...] >> >> >>> You are using SHA-256. Try SHA-224. >> >> >> Here you go. > > With PGP/MIME turned on. > > David > It fails: PGP Signing Failed Internal error: The hash algorithm '11' is not allowed by RFC3156. When I try it with Thunderbird+Enigmail, it works. So, as you write, GPGMail's author should be contacted. I have included GPGMail-users list in the distribution of this message. Thank you for your prompt feedback. Charly I am back to SHA256 -------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 522 bytes Desc: This is a digitally signed message part URL: From shavital at mac.com Tue Jul 7 21:06:40 2009 From: shavital at mac.com (Charly Avital) Date: Tue, 07 Jul 2009 15:06:40 -0400 Subject: algorythm 11 mistake mac In-Reply-To: <4A538CEF.7050301@fifthhorseman.net> References: <7A2AAA33-7BCC-43BE-A6FF-8819BBF44E48@gmx.de> <37BC3FFE-B3AA-4A37-A710-3B24CDEE6F7F@jabberwocky.com> <472F4889-5EAB-40C4-8010-8A4C71BE7BCC@mac.com> <96686C4D-0AF3-47E5-8F8C-79C08CD25C48@jabberwocky.com> <9B961BB4-D38D-4561-A8FC-45F99410E2DB@mac.com> <4A538CEF.7050301@fifthhorseman.net> Message-ID: <4A539CC0.4040505@mac.com> Daniel Kahn Gillmor wrote the following on 7/7/09 1:59 PM: > On 07/07/2009 01:49 PM, Charly Avital wrote: >> On Jul 7, 2009, at 12:03 PM, David Shaw wrote: >>> You are using SHA-256. Try SHA-224. >> Here you go. > > > I think the difference here is that the OP is using PGP/MIME (hence the > reference to RFC 3156), whereas Charly is using inline PGP. > > Charly, can you try one more time with SHA-224 and PGP/MIME to see if > you can replicate the error? > > --dkg > Hi Daniel, you're right. I already tested, and posted to the list. GPGMail signing fails when using SHA224 *and* OpenPGP/MIME. It works fine from Thunderbird+Enigmail. Charly From shavital at mac.com Tue Jul 7 22:45:12 2009 From: shavital at mac.com (Charly Avital) Date: Tue, 07 Jul 2009 16:45:12 -0400 Subject: algorithm 11 mistake mac In-Reply-To: <7A2AAA33-7BCC-43BE-A6FF-8819BBF44E48@gmx.de> References: <7A2AAA33-7BCC-43BE-A6FF-8819BBF44E48@gmx.de> Message-ID: On Jul 7, 2009, at 2:55 AM, Friedrich Fuhr wrote: > Hello to all. > I have a Problem: > When i try to send a signed mail message i get a window with the > following text: > > internal failure: the hash algorithmus 11 is not allowed with rfc3156 > the message couldn?t signed with gpg > > system: > mac os x 10,5,6 > gpgmail 1.2.0 > gpgpreferences 1.2.2 > macgpg 2-2.0.12 > > background: > > i made 2 new keys for 2 different email-adresses. > i forgot the passphrase without having a revocation possibility > i deleted both keys > #then i made a new one with one of the addresses > from this point on the mentioned above mistake happened. > as long as i remembered my passphrase everything worked fine. > > what ca i do to solve the problem? > may i uninstall everything? > > thank you very much for your patience > and your help > > > Friedrich Fuhr > ffuhr at gmx.de > According to previous posts and result of tests, it seems that the problem is with GPGMail signing with OpenPGP/MIME *and* SHA224. OpenPGP/MIME is set by default when sending a message with an attachment, or a multi-part message (e.g. HTML format). You'd better check your gpg.conf, and: disable the option digest-algo SHA224 and use instead: digest-algo SHA256 Best regards, Charly -------------- next part -------------- An HTML attachment was scrubbed... URL: From rjh at sixdemonbag.org Tue Jul 7 22:53:37 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 7 Jul 2009 16:53:37 -0400 Subject: algorithm 11 mistake mac In-Reply-To: References: <7A2AAA33-7BCC-43BE-A6FF-8819BBF44E48@gmx.de> Message-ID: > You'd better check your gpg.conf, and: > disable the option digest-algo SHA224 > > and use instead: > digest-algo SHA256 Please don't. Use "personal-digest-preferences SHA256" instead. digest-algo is an option for experts. Improperly used, you can seriously harm interoperability. From dshaw at jabberwocky.com Tue Jul 7 23:04:37 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Tue, 7 Jul 2009 17:04:37 -0400 Subject: algorithm 11 mistake mac In-Reply-To: References: <7A2AAA33-7BCC-43BE-A6FF-8819BBF44E48@gmx.de> Message-ID: <1A28E668-AACA-4F9E-9C54-5D169F0F7A86@jabberwocky.com> On Jul 7, 2009, at 4:45 PM, Charly Avital wrote: > According to previous posts and result of tests, it seems that the > problem is with GPGMail signing with OpenPGP/MIME *and* SHA224. > > OpenPGP/MIME is set by default when sending a message with an > attachment, or a multi-part message (e.g. HTML format). > > You'd better check your gpg.conf, and: > disable the option digest-algo SHA224 > > and use instead: > digest-algo SHA256 No, never use digest-algo. It is almost always the wrong answer, and causes a lot of pain and breakage in its wake. He likely doesn't have any digest-algo set anyway - his key is a 2048- bit DSA key, which defaults to SHA-224 as its hash. To override that, use "personal-digest-preferences sha256" in the gpg.conf file, but note that it may or may not work within gpgmail (it depends on how gpgmail picks digests), and also note that it's chopping sha256 down to 224 bits to fit. However you cut it, the proper fix here needs to be in gpgmail. David From mcse83 at hotmail.com Tue Jul 7 22:24:40 2009 From: mcse83 at hotmail.com (Sean Wilson) Date: Tue, 07 Jul 2009 21:24:40 +0100 Subject: Cant get Fellowship card to work Message-ID: Hello Everyone, I bought myself an SCM' SCR3340 ExpressCard smart card reader for my laptop. I also signed up for a Fellowship smart card at: http://fellowship.fsfe.org/card.en.html I run Vista with SP2 and I have GnuPG 1.4.9 installed. When I go to a command line and run the following command: gpg --card-status or gpg --card-edit I get the following error: gpg: detected reader `AKS ifdh 0' gpg: detected reader `AKS ifdh 1' gpg: detected reader `AKS VR 0' gpg: detected reader `Aladdin Token JC 0' gpg: detected reader `SCM Microsystems Inc. SCR3340 ExpressCard Reader 0' gpg: pcsc_connect failed: removed card (0x80100069) gpg: card reader not available gpg: OpenPGP card not available: general error I *know* my smart card reader has been installed correctly as I can see it in device manager. I have even updated to the latest drivers today and firmware. For some reason I just cant read my Fellowship card. Can anyone help please? Is it a hardware issue? An incompatible smart card reader? I have also just ordered 3 of the new OpenPGP cards (that supprt 3072 but keys) and I am REALLY hoping I dont have the same problem like I am with the Fellowship card ;-( Thank you. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5577 bytes Desc: S/MIME Cryptographic Signature URL: From rjh at sixdemonbag.org Tue Jul 7 23:32:26 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 7 Jul 2009 17:32:26 -0400 Subject: algorithm 11 mistake mac In-Reply-To: <1A28E668-AACA-4F9E-9C54-5D169F0F7A86@jabberwocky.com> References: <7A2AAA33-7BCC-43BE-A6FF-8819BBF44E48@gmx.de> <1A28E668-AACA-4F9E-9C54-5D169F0F7A86@jabberwocky.com> Message-ID: <6E54E142-3F2A-4B21-A845-B73B6BFA0381@sixdemonbag.org> > [I]t's chopping sha256 down to 224 bits to fit. As I understand things, this is largely (almost entirely) irrelevant. Am I mistaken? From dshaw at jabberwocky.com Wed Jul 8 00:02:42 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Tue, 7 Jul 2009 18:02:42 -0400 Subject: algorithm 11 mistake mac In-Reply-To: <6E54E142-3F2A-4B21-A845-B73B6BFA0381@sixdemonbag.org> References: <7A2AAA33-7BCC-43BE-A6FF-8819BBF44E48@gmx.de> <1A28E668-AACA-4F9E-9C54-5D169F0F7A86@jabberwocky.com> <6E54E142-3F2A-4B21-A845-B73B6BFA0381@sixdemonbag.org> Message-ID: <9C16EB08-8E61-46B6-B5E3-0D27EB0709D7@jabberwocky.com> On Jul 7, 2009, at 5:32 PM, Robert J. Hansen wrote: >> [I]t's chopping sha256 down to 224 bits to fit. > > As I understand things, this is largely (almost entirely) > irrelevant. Am I mistaken? Possibly. It depends on what you believe it is irrelevant for. A user using SHA-256 reasonably expects to get 256 bits worth of hash. It tends to be a surprise that GPG is silently lowering that to 224 bits behind the scenes (especially since the signature still identifies as SHA-256). It would be unfortunate, particularly on a public mailing list, to give the impression that using SHA-256 instead of SHA-224 with a DSA key built for 224 bits actually got you the requested 256 bits of hash. A more dramatic example would be someone using SHA-512 with such a DSA key. Despite the massive hash you are working with, you still only get to use 224 bits of it. It's an easy mistake to make, as this is not the case for RSA keys, which use whatever hash you like without any truncations. Or are you asking if there is there a significant difference between SHA-256 truncated to 224 bits and straight SHA-224 in terms of hash strength? If so, no, there really isn't. SHA-224 in fact *is* a truncated SHA-256 with a different initialization. David From rjh at sixdemonbag.org Wed Jul 8 00:10:07 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 7 Jul 2009 18:10:07 -0400 Subject: algorithm 11 mistake mac In-Reply-To: <9C16EB08-8E61-46B6-B5E3-0D27EB0709D7@jabberwocky.com> References: <7A2AAA33-7BCC-43BE-A6FF-8819BBF44E48@gmx.de> <1A28E668-AACA-4F9E-9C54-5D169F0F7A86@jabberwocky.com> <6E54E142-3F2A-4B21-A845-B73B6BFA0381@sixdemonbag.org> <9C16EB08-8E61-46B6-B5E3-0D27EB0709D7@jabberwocky.com> Message-ID: <2179B834-30D0-45A9-B824-EEB5330376B5@sixdemonbag.org> On Jul 7, 2009, at 6:02 PM, David Shaw wrote: > Or are you asking if there is there a significant difference between > SHA-256 truncated to 224 bits and straight SHA-224 in terms of hash > strength? If so, no, there really isn't. SHA-224 in fact *is* a > truncated SHA-256 with a different initialization. That's exactly what I was asking. Speaking for myself, I think it's preferable to use SHA-256 over SHA-224, even in instances where 32 bits of it are stripped -- mostly for interoperability reasons. But other people's mileage may vary. From dshaw at jabberwocky.com Wed Jul 8 00:23:17 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Tue, 7 Jul 2009 18:23:17 -0400 Subject: algorithm 11 mistake mac In-Reply-To: <2179B834-30D0-45A9-B824-EEB5330376B5@sixdemonbag.org> References: <7A2AAA33-7BCC-43BE-A6FF-8819BBF44E48@gmx.de> <1A28E668-AACA-4F9E-9C54-5D169F0F7A86@jabberwocky.com> <6E54E142-3F2A-4B21-A845-B73B6BFA0381@sixdemonbag.org> <9C16EB08-8E61-46B6-B5E3-0D27EB0709D7@jabberwocky.com> <2179B834-30D0-45A9-B824-EEB5330376B5@sixdemonbag.org> Message-ID: On Jul 7, 2009, at 6:10 PM, Robert J. Hansen wrote: > On Jul 7, 2009, at 6:02 PM, David Shaw wrote: >> Or are you asking if there is there a significant difference >> between SHA-256 truncated to 224 bits and straight SHA-224 in terms >> of hash strength? If so, no, there really isn't. SHA-224 in fact >> *is* a truncated SHA-256 with a different initialization. > > That's exactly what I was asking. Speaking for myself, I think it's > preferable to use SHA-256 over SHA-224, even in instances where 32 > bits of it are stripped -- mostly for interoperability reasons. But > other people's mileage may vary. You need to use what makes you happy, I guess. GPG doesn't care one way or the other, and this isn't one of those cases where doing the "wrong" thing will hurt you in a significant way. David From shavital at mac.com Wed Jul 8 08:30:37 2009 From: shavital at mac.com (Charly Avital) Date: Wed, 08 Jul 2009 02:30:37 -0400 Subject: Choice of signing hash. Message-ID: <4A543D0D.1040606@mac.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi, thank you David and Robert for your clarifications about the nature of hashes SHA224 and SHA256, and your recommendation of the syntax that should be used in gpg.conf. I have commented digest-algo and added personal-digest-preferences SHA256, and tested it from TB+Enigmail and GPGMail. I should have paid more attention to man gpg: - --personal-digest-preferences string Set the list of personal digest preferences to string, this list should be a string similar to the one printed by the command "pref" in the edit menu. This allows the user to factor in their own preferred algorithms when algorithms are chosen via recipi- ent key preferences. The most highly ranked digest algorithm in this list is algo used when signing without encryption (e.g. - --clearsign or --sign). The default value is SHA-1. - --digest-algo name Use name as the message digest algorithm. Running the program with the command --version yields a list of supported algo- rithms. In general, you do not want to use this option as it allows you to violate the OpenPGP standard. --personal-digest- preferences is the safe way to accomplish the same thing. By November 2005, I was instructed by someone in this list how to add a sign-only subkey of 2048 bits. It had to be a RSA subkey, because at the moment DSA2 was not yet available. That's the signing subkey I have been using since then. Thanks again for the information. Charly -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.12 (Darwin) Comment: GnuPG for Privacy Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEcBAEBCAAGBQJKVD0IAAoJEM3GMi2FW4PvGzUIAJJodUezq4EZb/Z0JpKrX7rx kn3QAw0HHpzseHUHEgPd2fiRizpnp8lusGyClvxIiFNOZNalPBmTcTpdKxbneHoV iTg2gU/oKj2wHEy3VA4AAAwtCZ6i+1xbJtuKyLVOWu0s3VXtIa3VQUVF/l0LALkG npTx54Z+nuxFjwn5eS7qXWrwpOwpCGpBvnNEfmM00vNXESlWHge+qJmdoxXIzdhw dg1KL8RH2lxvTrtU9g1uFjIDa3+4Od7bCMgI4j2x/Rp+Vrxu/Q7u6Bfe6VDoxLtW NhIYLYxHYMnJvWwhgruYh29BtD2NRnFm9z+ib9ylM75/zXV7vzz+CpBJjJvPLnQ= =mgY9 -----END PGP SIGNATURE----- From wk at gnupg.org Wed Jul 8 10:20:26 2009 From: wk at gnupg.org (Werner Koch) Date: Wed, 08 Jul 2009 10:20:26 +0200 Subject: Cant get Fellowship card to work In-Reply-To: (Sean Wilson's message of "Tue, 07 Jul 2009 21:24:40 +0100") References: Message-ID: <87ljmzy4ad.fsf@wheatstone.g10code.de> On Tue, 7 Jul 2009 22:24, mcse83 at hotmail.com said: > gpg: detected reader `AKS ifdh 0' > gpg: detected reader `AKS ifdh 1' > gpg: detected reader `AKS VR 0' > gpg: detected reader `Aladdin Token JC 0' > gpg: detected reader `SCM Microsystems Inc. SCR3340 ExpressCard Reader 0' > gpg: pcsc_connect failed: removed card (0x80100069) You have several readers installed. By default gpg uses the first one. Put this line into ~/.gnupg/gpg.conf : reader-port "SCM Microsystems Inc. SCR3340 ExpressCard Reader 0" I have not seen any reports about thsi reader; thus please report the outcome. > I have also just ordered 3 of the new OpenPGP cards (that supprt 3072 > but keys) and I am REALLY hoping I dont have the same problem like I am > with the Fellowship card ;-( You will have different problem ;-). gpg 1.4.9 does not yet support these cards. The forthcoming 1.4.10 will have at least limited support. In general I suggest to use GnuPG 2.0.12 plus the patches I recently posted (or under Windows gpg4win-2.0.0rc1 which already includes these patches). GnuPG 2.0.13 is also close to a release. Shalom-Salam, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. From madduck at madduck.net Mon Jul 6 10:21:05 2009 From: madduck at madduck.net (martin f krafft) Date: Mon, 6 Jul 2009 10:21:05 +0200 Subject: 8192bit RSA keys Message-ID: <20090706082105.GA11743@piper.oerlikon.madduck.net> Hey folks, Two years ago, there was a thread on this list, in which RSA key sizes >2048 were discussed [0]. In these two years, the crypto-world has been shaken up a bit, and computers got yet a bit more powerful. 0. http://lists.gnupg.org/pipermail/gnupg-users/2007-June/031285.html I am trying to decide whether I want to create myself a new RSA key and am looking at key lengths of 2k, 4k, and 8k. In theory, I'd like to use the 8k variant, simply because I postulate that my machines can handle it (I don't use GPG on a PDA/SmartPhone (yet)), but I don't know if this makes sense in practice. I understand RSA and I cannot imagine compatibility problems with other implementations, but I'd still like to reopen the issue and ask this list what they think about >2048bit keys, and 8192bit in particular. Thanks, -- martin | http://madduck.net/ | http://two.sentenc.es/ the unix philosophy basically involves giving you enough rope to hang yourself. and then some more, just to be sure. spamtraps: madduck.bogus at madduck.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: Digital signature (see http://martin-krafft.net/gpg/) URL: From e_senthilkumar at yahoo.com Tue Jul 7 18:08:04 2009 From: e_senthilkumar at yahoo.com (Senthilkumar .E) Date: Tue, 7 Jul 2009 09:08:04 -0700 (PDT) Subject: gnupg not building with gcc4 and --enable-minimal option Message-ID: <714548.18952.qm@web31815.mail.mud.yahoo.com> Hi, I am trying to build gnupg on a RHEL box. I am not able to build gnupg with gcc4. When I downgrade to gcc3 it is building. Looks like this a bug with configure (http://lists.gnupg.org/pipermail/gnupg-devel/2008-April/024364.html). Is it fixed on the latest gnupg version ? -Senthil -------------- next part -------------- An HTML attachment was scrubbed... URL: From wk at gnupg.org Wed Jul 8 12:54:32 2009 From: wk at gnupg.org (Werner Koch) Date: Wed, 08 Jul 2009 12:54:32 +0200 Subject: 8192bit RSA keys In-Reply-To: <20090706082105.GA11743@piper.oerlikon.madduck.net> (martin f. krafft's message of "Mon, 6 Jul 2009 10:21:05 +0200") References: <20090706082105.GA11743@piper.oerlikon.madduck.net> Message-ID: <87hbxnxx5j.fsf@wheatstone.g10code.de> On Mon, 6 Jul 2009 10:21, madduck at madduck.net said: > ask this list what they think about >2048bit keys, and 8192bit in ^^^^^^^ I see one eight miles high fence post with the rest of your areal protected by a tripwire. My position on that topic should be well enough known. Salam-Shalom, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. From rjh at sixdemonbag.org Wed Jul 8 14:18:03 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Wed, 08 Jul 2009 08:18:03 -0400 Subject: 8192bit RSA keys In-Reply-To: <20090706082105.GA11743@piper.oerlikon.madduck.net> References: <20090706082105.GA11743@piper.oerlikon.madduck.net> Message-ID: <4A548E7B.1030809@sixdemonbag.org> martin f krafft wrote: > Two years ago, there was a thread on this list, in which RSA key > sizes >2048 were discussed [0]. In these two years, the crypto-world > has been shaken up a bit, and computers got yet a bit more powerful. With respect to key sizes, nothing has changed since then. IMO, keys larger than 2kbit have no practical purpose for >95% of users. Keys larger than 4kbit have no practical purpose, period. From wk at gnupg.org Wed Jul 8 14:15:56 2009 From: wk at gnupg.org (Werner Koch) Date: Wed, 08 Jul 2009 14:15:56 +0200 Subject: gpg2 does not detect smart card adapter Message-ID: <87zlbfwetf.fsf@wheatstone.g10code.de> An embedded message was scrubbed... From: Werner Koch Subject: Re: gpg2 does not detect smart card adapter Date: Wed, 08 Jul 2009 14:15:07 +0200 Size: 1486 URL: -------------- next part -------------- -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. From dshaw at jabberwocky.com Wed Jul 8 15:29:26 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Wed, 8 Jul 2009 09:29:26 -0400 Subject: gnupg not building with gcc4 and --enable-minimal option In-Reply-To: <714548.18952.qm@web31815.mail.mud.yahoo.com> References: <714548.18952.qm@web31815.mail.mud.yahoo.com> Message-ID: On Jul 7, 2009, at 12:08 PM, Senthilkumar .E wrote: > Hi, > > I am trying to build gnupg on a RHEL box. I am not able to build > gnupg with gcc4. When I downgrade to gcc3 it is building. Looks like > this a bug with configure (http://lists.gnupg.org/pipermail/gnupg-devel/2008-April/024364.html > ). Is it fixed on the latest gnupg version ? What version of GPG are we talking about here? David From dshaw at jabberwocky.com Wed Jul 8 19:36:15 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Wed, 8 Jul 2009 13:36:15 -0400 Subject: 8192bit RSA keys In-Reply-To: <20090706082105.GA11743@piper.oerlikon.madduck.net> References: <20090706082105.GA11743@piper.oerlikon.madduck.net> Message-ID: <05883E7E-AF90-4C3D-ABEC-7C9ECE956954@jabberwocky.com> On Jul 6, 2009, at 4:21 AM, martin f krafft wrote: > Hey folks, > > Two years ago, there was a thread on this list, in which RSA key > sizes >2048 were discussed [0]. In these two years, the crypto-world > has been shaken up a bit, and computers got yet a bit more powerful. > > 0. http://lists.gnupg.org/pipermail/gnupg-users/2007-June/031285.html > > I am trying to decide whether I want to create myself a new RSA key > and am looking at key lengths of 2k, 4k, and 8k. In theory, I'd like > to use the 8k variant, simply because I postulate that my machines > can handle it (I don't use GPG on a PDA/SmartPhone (yet)), but > I don't know if this makes sense in practice. It depends on what you're protecting against. For most common cases, a 8192-bit RSA key is likely so vastly stronger than the rest of your environment that a smart attacker wouldn't bother to attack it. They'd just go after what they want via other attacks against you and/ or your environment. Mind you, the same thing is true for a 2048-bit RSA key as well. (I'd wager that for many people, the same thing is also true for a 512-bit RSA key). If you can get the same end result with a smaller key, you need to ask yourself what the big key actually buys you. If you're looking for a more immediate reason, though, note that if you make a RSA key larger than 2048 bits you can't use it with the spiffy new OpenPGP smartcard. David From dshaw at jabberwocky.com Wed Jul 8 19:49:29 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Wed, 8 Jul 2009 13:49:29 -0400 Subject: gnupg not building with gcc4 and --enable-minimal option In-Reply-To: <958450.13370.qm@web31813.mail.mud.yahoo.com> References: <958450.13370.qm@web31813.mail.mud.yahoo.com> Message-ID: <72CD5A5C-4B1A-4477-B8AC-DBA64991952B@jabberwocky.com> Please don't top-post. > > I am trying to build gnupg on a RHEL box. I am not able to build > gnupg with gcc4. When I downgrade to gcc3 it is building. Looks like > this a bug with configure (http://lists.gnupg.org/pipermail/gnupg-devel/2008-April/024364.html > ). Is it fixed on the latest gnupg version ? > > What version of GPG are we talking about here? On Jul 8, 2009, at 1:46 PM, Senthilkumar .E wrote: > gnupg-1.4.7 version has this problem Try the most recent 1.4.9. I believe this problem was fixed in 1.4.8. David From bmearns at ieee.org Wed Jul 8 18:56:11 2009 From: bmearns at ieee.org (Brian Mearns) Date: Wed, 8 Jul 2009 12:56:11 -0400 Subject: Opinions on RIPEMD vs SHA? Message-ID: <4df3a1330907080956x1d097ccdi2cc1c768c69c0c2d@mail.gmail.com> I'm considering making my default hash RIPEMD160: does anyone have any opinions on how this compares to SHA-2 algorithms in terms of both security and availability? I like the idea that RIPEMD was developed in an academic community instead of the NSA, but if there are genuine benefits to using SHA, I have no problem looking past this bit of romanticism. I'm especially curious if RIPEMD160 is commonly available in popular PGP clients. Thanks, -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net From jeandavid8 at verizon.net Wed Jul 8 20:05:36 2009 From: jeandavid8 at verizon.net (Jean-David Beyer) Date: Wed, 08 Jul 2009 14:05:36 -0400 Subject: 8192bit RSA keys In-Reply-To: <05883E7E-AF90-4C3D-ABEC-7C9ECE956954@jabberwocky.com> References: <20090706082105.GA11743@piper.oerlikon.madduck.net> <05883E7E-AF90-4C3D-ABEC-7C9ECE956954@jabberwocky.com> Message-ID: <4A54DFF0.3000409@verizon.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 David Shaw wrote: | On Jul 6, 2009, at 4:21 AM, martin f krafft wrote: | |> Hey folks, |> |> Two years ago, there was a thread on this list, in which RSA key |> sizes >2048 were discussed [0]. In these two years, the crypto-world |> has been shaken up a bit, and computers got yet a bit more powerful. |> |> 0. http://lists.gnupg.org/pipermail/gnupg-users/2007-June/031285.html |> |> I am trying to decide whether I want to create myself a new RSA key |> and am looking at key lengths of 2k, 4k, and 8k. In theory, I'd like |> to use the 8k variant, simply because I postulate that my machines |> can handle it (I don't use GPG on a PDA/SmartPhone (yet)), but |> I don't know if this makes sense in practice. | | It depends on what you're protecting against. For most common cases, | a 8192-bit RSA key is likely so vastly stronger than the rest of your | environment that a smart attacker wouldn't bother to attack it. | They'd just go after what they want via other attacks against you and/ | or your environment. Mind you, the same thing is true for a 2048-bit | RSA key as well. (I'd wager that for many people, the same thing is | also true for a 512-bit RSA key). If you can get the same end result | with a smaller key, you need to ask yourself what the big key actually | buys you. | | If you're looking for a more immediate reason, though, note that if | you make a RSA key larger than 2048 bits you can't use it with the | spiffy new OpenPGP smartcard. | Another reason is that even if increasing my key size to would increase my security in some sense, I do not want my GPG security to be so strong that the black hats would bypass it and torture the key out of me. - -- ~ .~. Jean-David Beyer Registered Linux User 85642. ~ /V\ PGP-Key: 9A2FC99A Registered Machine 241939. ~ /( )\ Shrewsbury, New Jersey http://counter.li.org ~ ^^-^^ 14:00:01 up 20 days, 49 min, 3 users, load average: 4.05, 4.34, 4.48 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org iD8DBQFKVN/vPtu2XpovyZoRAsT/AJ4k/O4O517+YH7KYaLevt28VFOT+wCeO5GW 9I/aKv70703nlIyx7PbfJow= =Trab -----END PGP SIGNATURE----- From dshaw at jabberwocky.com Wed Jul 8 21:16:11 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Wed, 8 Jul 2009 15:16:11 -0400 Subject: Opinions on RIPEMD vs SHA? In-Reply-To: <4df3a1330907080956x1d097ccdi2cc1c768c69c0c2d@mail.gmail.com> References: <4df3a1330907080956x1d097ccdi2cc1c768c69c0c2d@mail.gmail.com> Message-ID: <97F702E3-C930-4EF1-86D4-8572C3C7546D@jabberwocky.com> On Jul 8, 2009, at 12:56 PM, Brian Mearns wrote: > I'm considering making my default hash RIPEMD160: does anyone have any > opinions on how this compares to SHA-2 algorithms in terms of both > security and availability? I like the idea that RIPEMD was developed > in an academic community instead of the NSA, but if there are genuine > benefits to using SHA, I have no problem looking past this bit of > romanticism. I'm especially curious if RIPEMD160 is commonly available > in popular PGP clients. RIPEMD160 is nearly universally supported in popular PGP clients. It's been around for a long time. That said, you can't compare it to SHA-2. I believe your academia/NSA comparison is invalid (it's really just romanticism), but I'm not even going to bother to restart the common algorithm/peer review/more attacks/etc discussion that we've had a zillion times on this list, and instead jump right to the easy reason: RIPEMD160 is 160 bits long. SHA-2 is (at minimum) 224 bits long, and can go up to 512 bits long. 224 > 160. 512 is very > 160. Unless you think SHA-2 is actually weaker than RIPEMD160 somehow, why would you not use it? David From wk at gnupg.org Wed Jul 8 21:33:16 2009 From: wk at gnupg.org (Werner Koch) Date: Wed, 08 Jul 2009 21:33:16 +0200 Subject: Opinions on RIPEMD vs SHA? In-Reply-To: <4df3a1330907080956x1d097ccdi2cc1c768c69c0c2d@mail.gmail.com> (Brian Mearns's message of "Wed, 8 Jul 2009 12:56:11 -0400") References: <4df3a1330907080956x1d097ccdi2cc1c768c69c0c2d@mail.gmail.com> Message-ID: <87d48bvukj.fsf@wheatstone.g10code.de> On Wed, 8 Jul 2009 18:56, bmearns at ieee.org said: > I'm considering making my default hash RIPEMD160: does anyone have any > opinions on how this compares to SHA-2 algorithms in terms of both Don't do that. RIPEMD160 is a pure European algorithm and by design not different than SHA-1; like most hash algorithms it is based on the same principles as MD4 is. There is no reason to believe that RIPEMD-160 is stronger than the SHA-1. If you want to do business with European governments you need to support RIPEMD-160 - well at least until last year. Since this year, SHA-256 is a requirement for most purposes. > security and availability? I like the idea that RIPEMD was developed > in an academic community instead of the NSA, but if there are genuine Well, if you look at the prominent people from that community you will notice strong links to the country's respective TLAs. > romanticism. I'm especially curious if RIPEMD160 is commonly available > in popular PGP clients. GnuPG might be the only OpenPGP implementation to support it. Salam-Shalom, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. From bmearns at ieee.org Wed Jul 8 22:20:53 2009 From: bmearns at ieee.org (Brian Mearns) Date: Wed, 8 Jul 2009 16:20:53 -0400 Subject: Opinions on RIPEMD vs SHA? In-Reply-To: <87d48bvukj.fsf@wheatstone.g10code.de> References: <4df3a1330907080956x1d097ccdi2cc1c768c69c0c2d@mail.gmail.com> <87d48bvukj.fsf@wheatstone.g10code.de> Message-ID: <4df3a1330907081320o15ac6743o63a3ae71c80154f1@mail.gmail.com> On Wed, Jul 8, 2009 at 3:33 PM, Werner Koch wrote: > On Wed, ?8 Jul 2009 18:56, bmearns at ieee.org said: > >> I'm considering making my default hash RIPEMD160: does anyone have any >> opinions on how this compares to SHA-2 algorithms in terms of both > > Don't do that. ?RIPEMD160 is a pure European algorithm and by design not > different than SHA-1; like most hash algorithms it is based on the same > principles as MD4 is. ?There is no reason to believe that RIPEMD-160 is > stronger than the SHA-1. > > If you want to do business with European governments you need to support > RIPEMD-160 - well at least until last year. ?Since this year, SHA-256 is > a requirement for most purposes. > >> security and availability? I like the idea that RIPEMD was developed >> in an academic community instead of the NSA, but if there are genuine > > Well, if you look at the prominent people from that community you will > notice strong links to the country's respective TLAs. > >> romanticism. I'm especially curious if RIPEMD160 is commonly available >> in popular PGP clients. > > GnuPG might be the only OpenPGP implementation to support it. > > > Salam-Shalom, > > ? Werner > > -- > Die Gedanken sind frei. ?Auschnahme regelt ein Bundeschgesetz. > > Thank you both for your input. I'll stick with SHA. -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net From jmoore3rd at bellsouth.net Wed Jul 8 21:55:37 2009 From: jmoore3rd at bellsouth.net (John W. Moore III) Date: Wed, 08 Jul 2009 15:55:37 -0400 Subject: 8192bit RSA keys In-Reply-To: <4A54DFF0.3000409@verizon.net> References: <20090706082105.GA11743@piper.oerlikon.madduck.net> <05883E7E-AF90-4C3D-ABEC-7C9ECE956954@jabberwocky.com> <4A54DFF0.3000409@verizon.net> Message-ID: <4A54F9B9.2090605@bellsouth.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Jean-David Beyer wrote: > Another reason is that even if increasing my key size to would increase my > security in some sense, I do not want my GPG security to be so strong that > the black hats would bypass it and torture the key out of me. Depending upon the sophistication of Your adversary, brute force may be the 'method of choice' even if You were using ROT-13. :-D JOHN ;) Timestamp: Wednesday 08 Jul 2009, 15:55 --400 (Eastern Daylight Time) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10-svn5046: (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: http://www.gswot.org Comment: Personal Web Page: http://tinyurl.com/yzhbhx iQEcBAEBCgAGBQJKVPm3AAoJEBCGy9eAtCsPgtgH/25b9+z5sFdPKGFt3Cs6LhD5 JIyCFugs6DUfTgiKBtgiBhsjwd2uQ3F9yhMykPRIkkIcQn6nCjQHbYMCCvUXlUry 2a7yaUwoOeuons93f5kUyq278nx88h6A71oe/RqC2g5yVdk7h6RdtkDKJhaPd4Yf BVpJjdU4dOTidxHIoBpr4tkkeHjOcr9M7rzSZ21LINnqvJpGEVNbSMaYDyWVEmRN OiBAaZfU8DDDXYciAzaZGl3JRjzmfawyU2q/PrWXkthUcvzFnhXPG7b20rRfW/oF fsHIZfF+4HdIaS5S9ox+/NaPSRSNtB/OFhFc08QtJ3wXz5bPqn6XYz6XOo6aex4= =Drlu -----END PGP SIGNATURE----- From dan at geer.org Wed Jul 8 22:18:24 2009 From: dan at geer.org (dan at geer.org) Date: Wed, 08 Jul 2009 16:18:24 -0400 Subject: 8192bit RSA keys In-Reply-To: Your message of "Wed, 08 Jul 2009 13:36:15 EDT." <05883E7E-AF90-4C3D-ABEC-7C9ECE956954@jabberwocky.com> Message-ID: <20090708201824.C5BDA33DAD@absinthe.tinho.net> > It depends on what you're protecting against. For most common cases, > a 8192-bit RSA key is likely so vastly stronger than the rest of your > environment that a smart attacker wouldn't bother to attack it. > They'd just go after what they want via other attacks against you and/ > or your environment. Mind you, the same thing is true for a 2048-bit > RSA key as well. (I'd wager that for many people, the same thing is > also true for a 512-bit RSA key). What a great idea for a metric! --dan From cpollock at embarqmail.com Thu Jul 9 03:25:46 2009 From: cpollock at embarqmail.com (Chris) Date: Wed, 08 Jul 2009 20:25:46 -0500 Subject: starting gpg-agent Message-ID: <1247102746.4843.7.camel@localhost.localdomain> Before switching to Gnome I was running KDE and gpg-agent apparently started automatically when the system was booted. Now that I'm running Gnome I've entered the following on the CLI: gpg-agent --daemon --use-standard-socket --log-file /home/chris/.gnupg/agent.log Using webmin I've setup several other apps such as fetchmail to start when the system requires a restart such as a new kernel is installed. I assume this will work also for gpg-agent? Chris -- KeyID 0xE372A7DA98E6705C -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part URL: From rjh at sixdemonbag.org Thu Jul 9 04:41:22 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Wed, 8 Jul 2009 22:41:22 -0400 Subject: Opinions on RIPEMD vs SHA? In-Reply-To: <4df3a1330907080956x1d097ccdi2cc1c768c69c0c2d@mail.gmail.com> References: <4df3a1330907080956x1d097ccdi2cc1c768c69c0c2d@mail.gmail.com> Message-ID: > I'm considering making my default hash RIPEMD160: does anyone have any > opinions on how this compares to SHA-2 algorithms in terms of both > security and availability? The new SHAs have the benefit of about a dozen years of cryptanalytic research behind them. RIPEMD160 is very similar to SHA-1, and the recent attacks against SHA-1 are likely applicable to RIPEMD160. Those same attacks do not apply against the newer SHAs. > I have no problem looking past this bit of romanticism. "Romanticism" is exactly the right word to use. > I'm especially curious if RIPEMD160 is commonly available > in popular PGP clients. Yes. It's been in PGP since 6.5.8, and in GnuPG since 1.0. (Probably since long before 1.0, but since 1.0 was the first official release, that's where I trace things back to.) From wk at gnupg.org Thu Jul 9 09:49:33 2009 From: wk at gnupg.org (Werner Koch) Date: Thu, 09 Jul 2009 09:49:33 +0200 Subject: starting gpg-agent In-Reply-To: <1247102746.4843.7.camel@localhost.localdomain> (cpollock@embarqmail.com's message of "Wed, 08 Jul 2009 20:25:46 -0500") References: <1247102746.4843.7.camel@localhost.localdomain> Message-ID: <87r5wquwhe.fsf@wheatstone.g10code.de> On Thu, 9 Jul 2009 03:25, cpollock at embarqmail.com said: > Before switching to Gnome I was running KDE and gpg-agent apparently > started automatically when the system was booted. Now that I'm running > Gnome I've entered the following on the CLI: > > gpg-agent --daemon --use-standard-socket > --log-file /home/chris/.gnupg/agent.log That should work. I have not tested --use-standard-socket a lot but it has been introduced just for this purpose. BTW, you don't need to set --log-file on the command line. You may at any time change it in gpg-agent.conf and give gpg-agent a HUP to reread most of the config file. As an alternative to HUP you may use "gpgconf --reload gpg-agent" > Using webmin I've setup several other apps such as fetchmail to start I have no experience with webmin. Shalom-Salam, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. From eocsor at gmail.com Thu Jul 9 11:39:57 2009 From: eocsor at gmail.com (Roscoe) Date: Thu, 9 Jul 2009 19:39:57 +1000 Subject: 8192bit RSA keys In-Reply-To: <05883E7E-AF90-4C3D-ABEC-7C9ECE956954@jabberwocky.com> References: <20090706082105.GA11743@piper.oerlikon.madduck.net> <05883E7E-AF90-4C3D-ABEC-7C9ECE956954@jabberwocky.com> Message-ID: On Thu, Jul 9, 2009 at 3:36 AM, David Shaw wrote: ... > If you're looking for a more immediate reason, though, note that if you make > a RSA key larger than 2048 bits you can't use it with the spiffy new OpenPGP > smartcard. Oh, something I've been for. Any more info? :) -- Roscoe From cpollock at embarqmail.com Thu Jul 9 13:27:04 2009 From: cpollock at embarqmail.com (Chris) Date: Thu, 09 Jul 2009 06:27:04 -0500 Subject: starting gpg-agent In-Reply-To: <87r5wquwhe.fsf@wheatstone.g10code.de> References: <1247102746.4843.7.camel@localhost.localdomain> <87r5wquwhe.fsf@wheatstone.g10code.de> Message-ID: <1247138824.4843.15.camel@localhost.localdomain> On Thu, 2009-07-09 at 09:49 +0200, Werner Koch wrote: > On Thu, 9 Jul 2009 03:25, cpollock at embarqmail.com said: > > Before switching to Gnome I was running KDE and gpg-agent apparently > > started automatically when the system was booted. Now that I'm running > > Gnome I've entered the following on the CLI: > > > > gpg-agent --daemon --use-standard-socket > > --log-file /home/chris/.gnupg/agent.log > > That should work. I have not tested --use-standard-socket a lot but it > has been introduced just for this purpose. > > BTW, you don't need to set --log-file on the command line. You may at > any time change it in gpg-agent.conf and give gpg-agent a HUP to reread > most of the config file. As an alternative to HUP you may use > "gpgconf --reload gpg-agent" > > > Using webmin I've setup several other apps such as fetchmail to start > > I have no experience with webmin. > > > Shalom-Salam, > > Werner > Thank you for the reply Werner, it's much appreciated. Chris -- KeyID 0xE372A7DA98E6705C -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part URL: From dshaw at jabberwocky.com Thu Jul 9 20:40:17 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Thu, 9 Jul 2009 14:40:17 -0400 Subject: 8192bit RSA keys In-Reply-To: References: <20090706082105.GA11743@piper.oerlikon.madduck.net> <05883E7E-AF90-4C3D-ABEC-7C9ECE956954@jabberwocky.com> Message-ID: <8C30B771-FD81-44A0-BA62-CB95AD219B1B@jabberwocky.com> On Jul 9, 2009, at 5:39 AM, Roscoe wrote: > On Thu, Jul 9, 2009 at 3:36 AM, David Shaw > wrote: > ... >> If you're looking for a more immediate reason, though, note that if >> you make >> a RSA key larger than 2048 bits you can't use it with the spiffy >> new OpenPGP >> smartcard. > > > Oh, something I've been for. Any more info? :) http://shop.kernelconcepts.de/product_info.php?cPath=1_26&products_id=42 They say they have the new cards in stock now. David From shanna at waident.com Thu Jul 9 22:15:32 2009 From: shanna at waident.com (shanna1017) Date: Thu, 9 Jul 2009 13:15:32 -0700 (PDT) Subject: Option to change location where encrypted files are saved? Message-ID: <24397928.post@talk.nabble.com> I have installed gnupg for a client along with gpgshell to make it easy for them to right click a file and sign and encrypt it. The one additional thing I'd like to do is configure it to save it to a network drive automatically instead of saving it in the same folder as the original unencrypted file. Does anybody know of a way to do this within gpgshell? -- View this message in context: http://www.nabble.com/Option-to-change-location-where-encrypted-files-are-saved--tp24397928p24397928.html Sent from the GnuPG - User mailing list archive at Nabble.com. From joelcsalomon at gmail.com Fri Jul 10 04:57:41 2009 From: joelcsalomon at gmail.com (Joel C. Salomon) Date: Thu, 09 Jul 2009 22:57:41 -0400 Subject: 8192bit RSA keys In-Reply-To: <20090706082105.GA11743@piper.oerlikon.madduck.net> References: <20090706082105.GA11743@piper.oerlikon.madduck.net> Message-ID: <4A56AE25.2030300@gmail.com> martin f krafft wrote: > ... 8192bit [keys]. http://xkcd.com/538/ ?Joel Salomon -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 195 bytes Desc: OpenPGP digital signature URL: From wk at gnupg.org Fri Jul 10 09:13:55 2009 From: wk at gnupg.org (Werner Koch) Date: Fri, 10 Jul 2009 09:13:55 +0200 Subject: 8192bit RSA keys In-Reply-To: <4A56AE25.2030300@gmail.com> (Joel C. Salomon's message of "Thu, 09 Jul 2009 22:57:41 -0400") References: <20090706082105.GA11743@piper.oerlikon.madduck.net> <4A56AE25.2030300@gmail.com> Message-ID: <87iqi1xb64.fsf@wheatstone.g10code.de> On Fri, 10 Jul 2009 04:57, joelcsalomon at gmail.com said: > martin f krafft wrote: >> ... 8192bit [keys]. > > http://xkcd.com/538/ No need to remember that URL; the online help tells you ;-) What keysize do you want? (2048) ? Enter the size of the key. The suggested default is usually a good choice. If you want to use a large key size, for example 4096 bit, please think again whether it really makes sense for you. You may want to view the web page http://www.xkcd.com/538/ . What keysize do you want? (2048) Salam-Shalom, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. From JPClizbe at tx.rr.com Fri Jul 10 10:12:42 2009 From: JPClizbe at tx.rr.com (John Clizbe) Date: Fri, 10 Jul 2009 03:12:42 -0500 Subject: 8192bit RSA keys In-Reply-To: <87iqi1xb64.fsf@wheatstone.g10code.de> References: <20090706082105.GA11743@piper.oerlikon.madduck.net> <4A56AE25.2030300@gmail.com> <87iqi1xb64.fsf@wheatstone.g10code.de> Message-ID: <4A56F7FA.5000709@tx.rr.com> Werner Koch wrote: > On Fri, 10 Jul 2009 04:57, joelcsalomon at gmail.com said: >> martin f krafft wrote: >>> ... 8192bit [keys]. >> >> http://xkcd.com/538/ > > No need to remember that URL; the online help tells you ;-) > OK then. How about /this/ one to illustrate >= 8k RSA keys in practical terms? http://failblog.org/2009/05/22/security-fail-5/ -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:pgp-public-keys at gingerbear.net?subject=HELP Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 679 bytes Desc: OpenPGP digital signature URL: From srivasta at ieee.org Fri Jul 10 05:52:07 2009 From: srivasta at ieee.org (Manoj Srivastava) Date: Thu, 09 Jul 2009 22:52:07 -0500 Subject: 8192bit RSA keys References: <20090706082105.GA11743@piper.oerlikon.madduck.net> <05883E7E-AF90-4C3D-ABEC-7C9ECE956954@jabberwocky.com> <8C30B771-FD81-44A0-BA62-CB95AD219B1B__40795.8856587813$1247165059$gmane$org@jabberwocky.com> Message-ID: <8763e1fb4o.fsf@anzu.internal.golden-gryphon.com> On Thu, Jul 09 2009, David Shaw wrote: > On Jul 9, 2009, at 5:39 AM, Roscoe wrote: > >> On Thu, Jul 9, 2009 at 3:36 AM, David Shaw >> wrote: >> ... >>> If you're looking for a more immediate reason, though, note that if >>> you make a RSA key larger than 2048 bits you can't use it with the >>> spiffy new OpenPGP smartcard. >> Oh, something I've been for. Any more info? :) > > http://shop.kernelconcepts.de/product_info.php?cPath=1_26&products_id=42 According to that page, it supports 3072 bit keys (which I understand is perhaps overkill). > They say they have the new cards in stock now. I just bought one :-) I have a 4096 bit RSA key -- can I create 2048 or 3072 bit subkeys and only copy these keys to the card? Or will the fact that the primary key is 4096 bits stymie the operation? manoj -- Everything is for sale; only the price is negotiable. Manoj Srivastava 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C From wk at gnupg.org Fri Jul 10 15:32:18 2009 From: wk at gnupg.org (Werner Koch) Date: Fri, 10 Jul 2009 15:32:18 +0200 Subject: 8192bit RSA keys In-Reply-To: <8763e1fb4o.fsf@anzu.internal.golden-gryphon.com> (Manoj Srivastava's message of "Thu, 09 Jul 2009 22:52:07 -0500") References: <20090706082105.GA11743@piper.oerlikon.madduck.net> <05883E7E-AF90-4C3D-ABEC-7C9ECE956954@jabberwocky.com> <8C30B771-FD81-44A0-BA62-CB95AD219B1B__40795.8856587813$1247165059$gmane$org@jabberwocky.com> <8763e1fb4o.fsf@anzu.internal.golden-gryphon.com> Message-ID: <87ljmwwtnh.fsf@wheatstone.g10code.de> On Fri, 10 Jul 2009 05:52, srivasta at ieee.org said: > I have a 4096 bit RSA key -- can I create 2048 or 3072 bit 4096 is in fact also supported but that would require major changes in GnuPG, thus this published limit of 3072 > subkeys and only copy these keys to the card? Or will the fact that the > primary key is 4096 bits stymie the operation? That works. However, 3072 bit signing had another bug which I fixed this morning. Thus you need to use the latest SVN. Salam-Shalom, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. From ingo.krabbe at eoa.de Fri Jul 10 16:12:42 2009 From: ingo.krabbe at eoa.de (Ingo Krabbe) Date: Fri, 10 Jul 2009 16:12:42 +0200 Subject: gnupg as ssh-agent Message-ID: <20090710141242.GB12391@krabbe> Hi, I now tried to use the gpg-agent as a ssh-agent too, as I always started both agents anyway. Now I wonder if I could also use my GnuPG Key as a key for a ssh session too, which would be quite convenient. Actually I wonder why the gpg-agent runs in ssh-agent mode, if the latter isn't possible, and further, why the latter shouldn't be possible as both keys are just containers for the same algortihm, though gpg supports more algorithms than ssh, at least for RSA and DSA keys this statement should hold. TIA Ingo Krabbe From benjamin at py-soft.co.uk Fri Jul 10 18:25:09 2009 From: benjamin at py-soft.co.uk (Benjamin Donnachie) Date: Fri, 10 Jul 2009 17:25:09 +0100 Subject: gnupg as ssh-agent In-Reply-To: <20090710141242.GB12391@krabbe> References: <20090710141242.GB12391@krabbe> Message-ID: <732076a80907100925s40facadg48717d1216651e8d@mail.gmail.com> 2009/7/10 Ingo Krabbe : > I now tried to use the gpg-agent as a ssh-agent too, as I always started both > agents anyway. ?Now I wonder if I could also use my GnuPG Key as a key for a > ssh session too, which would be quite convenient. man gpg-agent: [...] --enable-ssh-support Enable emulation of the OpenSSH Agent protocol. In this mode of operation, the agent does not only implement the gpg-agent protocol, but also the agent protocol used by OpenSSH (through a separate socket). Consequently, it should be possible to use the gpg-agent as a drop-in replacement for the well known ssh-agent. SSH Keys, which are to be used through the agent, need to be added to the gpg-agent initially through the ssh-add utility. When a key is added, ssh-add will ask for the password of the provided key file and send the unprotected key material to the agent; this causes the gpg-agent to ask for a passphrase, which is to be used for encrypting the newly received key and storing it in a gpg-agent specific directory. Once a key has been added to the gpg-agent this way, the gpg-agent will be ready to use the key. Note: in case the gpg-agent receives a signature request, the user might need to be prompted for a passphrase, which is necessary for decrypting the stored key. Since the ssh-agent protocol does not contain a mechanism for telling the agent on which display/terminal it is running, gpg-agent's ssh-support will use the TTY or X display where gpg-agent has been started. To switch this display to the current one, the following command may be used: echo UPDATESTARTUPTTY | gpg-connect-agent From ingo.krabbe at eoa.de Fri Jul 10 18:41:55 2009 From: ingo.krabbe at eoa.de (Ingo Krabbe) Date: Fri, 10 Jul 2009 18:41:55 +0200 Subject: gnupg as ssh-agent In-Reply-To: <732076a80907100925s40facadg48717d1216651e8d@mail.gmail.com> References: <20090710141242.GB12391@krabbe> <732076a80907100925s40facadg48717d1216651e8d@mail.gmail.com> Message-ID: <20090710164155.GA13598@ask> On Fri, Jul 10, 2009 at 05:25:09PM +0100, Benjamin Donnachie wrote: > 2009/7/10 Ingo Krabbe : > > I now tried to use the gpg-agent as a ssh-agent too, as I always started both > > agents anyway. ?Now I wonder if I could also use my GnuPG Key as a key for a > > ssh session too, which would be quite convenient. > > man gpg-agent: > > [...] > > --enable-ssh-support [...] > SSH Keys, which are to be used through the agent, need to be added > to the gpg-agent initially through the ssh-add utility. When a key is > added, ssh-add will ask for the password of the provided key file and > send the unprotected key material to the agent; this causes the > gpg-agent to ask for a passphrase, which is to be used for encrypting > the newly received key and storing it in a gpg-agent specific > directory. [...] Of course I read that (multiple times to find the hidden secret), but that doesn't answers the question, as I want to use my GnuPG Identity for the SSH Identity. I already ssh-add'ed my ssh keys and it worked. Now I want to add my GnuPG Key to the ssh-agent part and asked if this is possible. Actually both keys only contain RSA (in my case), so theoretically there's only the container format between both systems, as fas as I can say. What I'm searching for is one key container for all systems. Best regards, I n g o K r a b b e From dkg at fifthhorseman.net Fri Jul 10 18:58:16 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Fri, 10 Jul 2009 12:58:16 -0400 Subject: gnupg as ssh-agent In-Reply-To: <20090710164155.GA13598@ask> References: <20090710141242.GB12391@krabbe> <732076a80907100925s40facadg48717d1216651e8d@mail.gmail.com> <20090710164155.GA13598@ask> Message-ID: <4A577328.7010007@fifthhorseman.net> On 07/10/2009 12:41 PM, Ingo Krabbe wrote: > Of course I read that (multiple times to find the hidden secret), but that > doesn't answers the question, as I want to use my GnuPG Identity for the SSH > Identity. If you have an authentication-capable subkey on your OpenPGP key, you might be interested in monkeysphere (http://web.monkeysphere.info/), which has some tools for importing authentication-capable RSA subkeys into a running ssh-agent. i'm part of upstream on the monkeysphere project, and i recommend using OpenSSH's implementation of ssh-agent over any other implementation, including the implementation in gnupg-agent. The OpenSSH folks have done a really solid job for every day use. > Actually both keys only contain RSA (in my case), so theoretically there's > only the container format between both systems, as fas as I can say. What I'm > searching for is one key container for all systems. As far as i know, that doesn't exist yet, but i'd like to see it as well. -dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From tchitwoo at us.ibm.com Fri Jul 10 20:08:47 2009 From: tchitwoo at us.ibm.com (Thomas Chitwood) Date: Fri, 10 Jul 2009 12:08:47 -0600 Subject: Out of office Message-ID: I will be out of the office starting 07/10/2009 and will not return until 07/21/2009. I will respond to your message when I return. If this is an FTP emergency, Please contact Doyle Hatfield or Danny Barba or send and email to ftpit at us.ibm.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From ingo.krabbe at eoa.de Sat Jul 11 02:22:01 2009 From: ingo.krabbe at eoa.de (Ingo Krabbe) Date: Sat, 11 Jul 2009 02:22:01 +0200 Subject: gnupg as ssh-agent In-Reply-To: <4A577328.7010007@fifthhorseman.net> References: <20090710141242.GB12391@krabbe> <732076a80907100925s40facadg48717d1216651e8d@mail.gmail.com> <20090710164155.GA13598@ask> <4A577328.7010007@fifthhorseman.net> Message-ID: <20090711002201.GA15502@ask> On Fri, Jul 10, 2009 at 12:58:16PM -0400, Daniel Kahn Gillmor wrote: > On 07/10/2009 12:41 PM, Ingo Krabbe wrote: > > Of course I read that (multiple times to find the hidden secret), but that > > doesn't answers the question, as I want to use my GnuPG Identity for the SSH > > Identity. > > If you have an authentication-capable subkey on your OpenPGP key, you > might be interested in monkeysphere (http://web.monkeysphere.info/), > which has some tools for importing authentication-capable RSA subkeys > into a running ssh-agent. > > i'm part of upstream on the monkeysphere project, and i recommend using > OpenSSH's implementation of ssh-agent over any other implementation, > including the implementation in gnupg-agent. The OpenSSH folks have > done a really solid job for every day use. [from monkeyspere documentation] Then hand off the authentication subkey to the agent (Note: the GnuTLS library supports this operation as of version 2.6, but earlier versions do not): $ monkeysphere subkey-to-ssh-agent [eof monkeyspere documentation] Seems to do what I searched for somehow. I wonder what special preparations $ monkeysphere gen-subkey does to the subkey. From jan.suhr at privacyfoundation.de Sat Jul 11 10:06:56 2009 From: jan.suhr at privacyfoundation.de (Jan Suhr) Date: Sat, 11 Jul 2009 10:06:56 +0200 Subject: gpg2 does not detect smart card adapter In-Reply-To: <87vdm3weo1.fsf@wheatstone.g10code.de> References: <4A4BE68D.6030105@privacyfoundation.de> <874otva1kx.fsf@wheatstone.g10code.de> <44863.195.145.148.246.1246604811.squirrel@home.minuskel.de> <87k52q6tl7.fsf@wheatstone.g10code.de> <4A4E24E4.9080101@privacyfoundation.de> <87y6r54spn.fsf@wheatstone.g10code.de> <4A4E5E45.8090404@privacyfoundation.de> <4A51C86E.9030506@privacyfoundation.de> <87vdm3weo1.fsf@wheatstone.g10code.de> Message-ID: <4A584820.5060301@privacyfoundation.de> Hi Werner! In installed gnupg from svn so that "scdaemon --version" reports to be 2.0.13-svn5074. Unfortunately I experience the same behaviour. gpg-agent is up and running All files in /dev/bus/usb/NNN/MMM have write permissions. gpg-connect-agent 'SCD getinfo version' /bye replies: "ERR 103 unknown command" I get the same message when starting gpg-connect-agent first and entering "SCD getinfo version" afterwards. Thus I executed "gpgconf --reload scdaemon" but the previous error message remains. Doing a "ps xa" tells me that scdaemon is not running. So maybe "gpgconf --reload scdaemon" was not working? Thus I started "scdaemon --daemon" which seems to start the daemon. Still "gpg-connect-agent 'SCD getinfo version' /bye" tells me "ERR 103 unknown command". Any ideas are really appreciated. Regards Jan Werner Koch schrieb: > On Mon, 6 Jul 2009 11:48, jan.suhr at privacyfoundation.de said: >> I installed gnupg 2.0.12 but this had no effect. Unfortunately the error >> is still the same. > > For some reasons you are running an very old version of > scdaemon (< 2.0.5) > >> Please note that I did _not_ upgraded the required libraries but used >> the version which are provided in Ubuntu. Do you recommend to upgrade > > I don't know what version Ubuntu distributes. > > > Shalom-Salam, > > Werner > -- Jan Suhr German Privacy Foundation e.V. https://www.privacyfoundation.de/ Anonymous e-mail: https://www.awxcnx.de/jansuhr.msg From dkg at fifthhorseman.net Sat Jul 11 15:57:20 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Sat, 11 Jul 2009 09:57:20 -0400 Subject: gnupg as ssh-agent In-Reply-To: <20090711002201.GA15502@ask> References: <20090710141242.GB12391@krabbe> <732076a80907100925s40facadg48717d1216651e8d@mail.gmail.com> <20090710164155.GA13598@ask> <4A577328.7010007@fifthhorseman.net> <20090711002201.GA15502@ask> Message-ID: <4A589A40.2030007@fifthhorseman.net> On 07/10/2009 08:22 PM, Ingo Krabbe wrote: > [from monkeyspere documentation] > Then hand off the authentication subkey to the agent (Note: the GnuTLS library > supports this operation as of version 2.6, but earlier versions do not): > > $ monkeysphere subkey-to-ssh-agent > [eof monkeyspere documentation] hum, we're no longer relying on GnuTLS -- those docs should be updated! > Seems to do what I searched for somehow. I wonder what special preparations > $ monkeysphere gen-subkey > does to the subkey. All it does is to set the authentication-capable flag, use RSA of a requested length (it should default to gpg's default size). --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From e_senthilkumar at yahoo.com Wed Jul 8 19:46:38 2009 From: e_senthilkumar at yahoo.com (Senthilkumar .E) Date: Wed, 8 Jul 2009 10:46:38 -0700 (PDT) Subject: gnupg not building with gcc4 and --enable-minimal option In-Reply-To: Message-ID: <958450.13370.qm@web31813.mail.mud.yahoo.com> gnupg-1.4.7 version has this problem -Senthil --- On Wed, 8/7/09, David Shaw wrote: From: David Shaw Subject: Re: gnupg not building with gcc4 and --enable-minimal option To: "Senthilkumar .E" Cc: "GnuPG Users" Date: Wednesday, 8 July, 2009, 6:59 PM On Jul 7, 2009, at 12:08 PM, Senthilkumar .E wrote: > Hi, > > I am trying to build gnupg on a RHEL box. I am not able to build gnupg with gcc4. When I downgrade to gcc3 it is building. Looks like this a bug with configure (http://lists.gnupg.org/pipermail/gnupg-devel/2008-April/024364.html). Is it fixed on the latest gnupg version ? What version of GPG are we talking about here? David -------------- next part -------------- An HTML attachment was scrubbed... URL: From shanna at waident.com Wed Jul 8 21:38:10 2009 From: shanna at waident.com (shanna1017) Date: Wed, 8 Jul 2009 12:38:10 -0700 (PDT) Subject: Option to change location where encrypted files are saved? Message-ID: <24397928.post@talk.nabble.com> I have installed gnupg for a client along with gpgshell to make it easy for them to right click a file and sign and encrypt it. The one additional thing I'd like to do is configure it to save it to a network drive automatically instead of saving it in the same folder as the original unencrypted file. Does anybody know of a way to do this within gpgshell? -- View this message in context: http://www.nabble.com/Option-to-change-location-where-encrypted-files-are-saved--tp24397928p24397928.html Sent from the GnuPG - User mailing list archive at Nabble.com. From madduck at madduck.net Thu Jul 9 21:32:38 2009 From: madduck at madduck.net (martin f krafft) Date: Thu, 9 Jul 2009 21:32:38 +0200 Subject: 8192bit RSA keys In-Reply-To: <8C30B771-FD81-44A0-BA62-CB95AD219B1B@jabberwocky.com> References: <20090706082105.GA11743@piper.oerlikon.madduck.net> <05883E7E-AF90-4C3D-ABEC-7C9ECE956954@jabberwocky.com> <8C30B771-FD81-44A0-BA62-CB95AD219B1B@jabberwocky.com> Message-ID: <20090709193238.GC22430@piper.oerlikon.madduck.net> also sprach David Shaw [2009.07.09.2040 +0200]: > http://shop.kernelconcepts.de/product_info.php?cPath=1_26&products_id=42 > > They say they have the new cards in stock now. So they say key length up to 3k. Does that affect key generation only? If not, why wouldn't those cards be able to handle larger keys? -- martin | http://madduck.net/ | http://two.sentenc.es/ "with sufficient thrust, pigs fly just fine. however, this is not necessarily a good idea. it is hard to be sure where they are going to land, and it could be dangerous sitting under them as they fly overhead." -- rfc 1925 spamtraps: madduck.bogus at madduck.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: Digital signature (see http://martin-krafft.net/gpg/) URL: From madduck at madduck.net Fri Jul 10 16:04:09 2009 From: madduck at madduck.net (martin f krafft) Date: Fri, 10 Jul 2009 16:04:09 +0200 Subject: 3072 bit keys, smartcards and bugs (was: 8192bit RSA keys) In-Reply-To: <87ljmwwtnh.fsf@wheatstone.g10code.de> References: <20090706082105.GA11743@piper.oerlikon.madduck.net> <05883E7E-AF90-4C3D-ABEC-7C9ECE956954@jabberwocky.com> <8C30B771-FD81-44A0-BA62-CB95AD219B1B__40795.8856587813$1247165059$gmane$org@jabberwocky.com> <8763e1fb4o.fsf@anzu.internal.golden-gryphon.com> <87ljmwwtnh.fsf@wheatstone.g10code.de> Message-ID: <20090710140408.GA16840@lapse.rw.madduck.net> also sprach Werner Koch [2009.07.10.1532 +0200]: > > I have a 4096 bit RSA key -- can I create 2048 or 3072 bit > > 4096 is in fact also supported but that would require major > changes in GnuPG, thus this published limit of 3072 Could you give us a hint why GnuPG would need changing? > However, 3072 bit signing had another bug which I fixed this > morning. Thus you need to use the latest SVN. So 3072bit keys generated with GnuPG from Debian unstable are unusable, or unusable with the SmartCard? -- martin | http://madduck.net/ | http://two.sentenc.es/ "verbing weirds language." -- calvin spamtraps: madduck.bogus at madduck.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: Digital signature (see http://martin-krafft.net/gpg/) URL: From gerry.lowry at abilitybusinesscomputerservices.com Tue Jul 14 16:16:48 2009 From: gerry.lowry at abilitybusinesscomputerservices.com (gerry_lowry (alliston ontario canada (705) 250-0112)) Date: Tue, 14 Jul 2009 10:16:48 -0400 Subject: ESSL exploit: http://www.eweek.com/c/a/Security/Security-Researchers-Exploit-Vulnerability-in-Handling-of-EV-SSL-Certificates ~~ F.Y.I. (OT) Message-ID: <8DEEAA12943545D3A635704F38BF38C0@zentrumvegan> http://www.eweek.com/c/a/Security/Security-Researchers-Exploit-Vulnerability-in-Handling-of-EV-SSL-Certificates VERY SCARY; public wireless is especially very vulnerable. "Imagine you have a user who is on a public Wi-Fi access point at a caf?, and he's logging into his bank account and his bank uses EV SSL," Zusman said. "So he logs in, he sees that green glow and he assumes that because he sees that green glow he's secure [and] everything is fine. But just next to him is an attacker who's either compromised that wireless network or has set up a rogue access point to trick the victim into connecting to it and now he serves as a man in the middle." This article leads me to revise my conclusion to my earlier week of research into SSL certificates. "The vulnerability in the way browsers treat EV SSL certificates makes them no more valuable than the cheapest SSL certificate, the researchers say." g. From hans-georg.buennig at atosorigin.com Fri Jul 17 15:32:24 2009 From: hans-georg.buennig at atosorigin.com (hans-georg.buennig at atosorigin.com) Date: Fri, 17 Jul 2009 15:32:24 +0200 Subject: gnugp for wm5 Message-ID: <042AD763FA258A468A6815756CAB046B0293F8CB@DEDUX001.deuser.de.intra> Hi, can anybody tell me, where can i download gnupg for Windows Mobile ? The link on the gnupg Page is broken. Thanks HG ________________________________________________________________________________________________________________________ Atos Origin GmbH, Theodor-Althoff-Stra?e 47, D-45133 Essen, Postfach 100 123, D-45001 Essen Telefon: +49 201 4305 0, Fax: +49 201 4305 689095, www.atosorigin.de ING Bank AG, Frankfurt/Main: Konto 001 014 0937, BLZ 500 210 00, Swift / BIC INGBDEFF, IBAN DE74 5002 1000 0010 1409 37 Gesch?ftsf?hrer: Winfried Holz, Handelsregister Essen HRB 19354, Ust.-ID.-Nr.: DE147861238 ________________________________________________________________________________________________________________________ From hawke at hawkesnest.net Sat Jul 18 02:40:26 2009 From: hawke at hawkesnest.net (Alex Mauer) Date: Fri, 17 Jul 2009 19:40:26 -0500 Subject: gnupg as ssh-agent In-Reply-To: <4A577328.7010007__15068.9901704483$1247245182$gmane$org@fifthhorseman.net> References: <20090710141242.GB12391@krabbe> <732076a80907100925s40facadg48717d1216651e8d@mail.gmail.com> <20090710164155.GA13598@ask> <4A577328.7010007__15068.9901704483$1247245182$gmane$org@fifthhorseman.net> Message-ID: Daniel Kahn Gillmor wrote: > If you have an authentication-capable subkey on your OpenPGP key, you > might be interested in monkeysphere (http://web.monkeysphere.info/), > which has some tools for importing authentication-capable RSA subkeys > into a running ssh-agent. Why is it that GnuPG can expose an authentication-capable subkey from an OpenPGP smartcard via OpenSSH, but can't expose an authentication-capable subkey from its keyring? Or can it, but I'm doing something completely wrong? -Alex Mauer "hawke" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 260 bytes Desc: OpenPGP digital signature URL: From classpath at arcor.de Sat Jul 18 15:15:56 2009 From: classpath at arcor.de (Morten Gulbrandsen) Date: Sat, 18 Jul 2009 15:15:56 +0200 Subject: how to Sign a PDF with thawte x.509 S/MIME certificate Message-ID: <4A61CB0C.4080501@arcor.de> it says here: http://www.gnupg.org/ Version 2 of GnuPG also provides support for S/MIME. Project Aegypten developed the S/MIME functionality in GnuPG 2. my question, can I sign a document or a pdf file with Version 2 of GnuPG ? === http://help.adobe.com/en_US/Reader/8.0/help.html?content=WS58a04a822e3e50102bd615109794195ff-7d48.html http://tinyurl.com/2jjy6v Sign a PDF You can sign a PDF to indicate your approval. A PDF can be signed more than once and by more than one person. When you sign a document, your digital signature appears in the signature field. The appearance of the signature depends on options you choose. The actual information for your digital signature is embedded in the PDF. Only PDFs with Reader Rights enabled can be signed. === can I also sign and encrypt ? AES256? Sincerely yours, Morten Gulbrandsen ????????????? _____________________________________________________________________ Java programmer, C++ programmer CAcert Assurer, GSWoT introducer, thawte Notary Gossamer Spider Web of Trust http://www.gswot.org Please consider the environment before printing this e-mail! -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3739 bytes Desc: S/MIME Cryptographic Signature URL: From db111 at freemail.hu Sun Jul 19 12:11:05 2009 From: db111 at freemail.hu (Csabi) Date: Sun, 19 Jul 2009 12:11:05 +0200 (CEST) Subject: How to verify lot of .sig files in lot of subdirectories with script Message-ID: Hi! Can somebody help me? I have lot of subdirectories containing program source code compressed files and their signature files. For example: .tar.gz and .tar.gz.sig How do i verify lot of .sig files in lot of subdirectories with one script under Linux? When i want to verify one .sig file i must give a complete path and filename to GNUPG and *.sig is not operate... I havent Linux shell script programming knowledge to resolve the problem: the script search all .sig files in all subdirectory and call GNUPG to verify. Sincerely, Csabi From jh at jameshoward.us Sun Jul 19 14:43:02 2009 From: jh at jameshoward.us (James P. Howard, II) Date: Sun, 19 Jul 2009 08:43:02 -0400 Subject: How to verify lot of .sig files in lot of subdirectories with script In-Reply-To: References: Message-ID: <4A6314D6.4080105@jameshoward.us> On Sun Jul 19 2009 06:11:05 GMT-0400 (EDT) , Csabi wrote: > I have lot of subdirectories containing program source code > compressed files and their signature files. For example: name> .tar.gz and version>.tar.gz.sig How do i verify lot of .sig files in lot of > subdirectories with one script under Linux? When i want to verify one > .sig file i must give a complete path and filename to GNUPG and *.sig > is not operate... I havent Linux shell script programming knowledge > to resolve the problem: the script search all .sig files in all > subdirectory and call GNUPG to verify. The simplest way to do this is to run this in the top level directory: find . -name *.sig -print0 | xargs -n1 -0 gpg --verify -v The first part grabs a list of .sig files and the second part runs GPG on each sequentially. The -v forces GPG to list is assumption on the file to be verified and as a result, you can see the signature following the name. More complex variants on this may be possible. James -- James P. Howard, II, MPA jh at jameshoward.us -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 163 bytes Desc: OpenPGP digital signature URL: From lists at michel-messerschmidt.de Sun Jul 19 15:08:12 2009 From: lists at michel-messerschmidt.de (Michel Messerschmidt) Date: Sun, 19 Jul 2009 15:08:12 +0200 Subject: How to verify lot of .sig files in lot of subdirectories with script In-Reply-To: References: Message-ID: <20090719130811.GA6252@ryu.matrix> On Sun, Jul 19, 2009 at 12:11:05PM +0200, Csabi wrote: > I have lot of subdirectories containing program source code compressed > files and their signature files. > For example: .tar.gz and > .tar.gz.sig > How do i verify lot of .sig files in lot of subdirectories with one > script under Linux? One solution is to execute this bash one-liner in the top level directory of your source code archives: for i in `find . -name '*tar.gz'`; do if [ -e ${i}.sig ]; then echo "Signature verification for $i:"; gpg --verify ${i}.sig $i; fi; done Note that archives without detached signature file (.sig) won't be checked. From Sejla.Kalinic at unicreditgroup.zaba.hr Sun Jul 19 16:02:36 2009 From: Sejla.Kalinic at unicreditgroup.zaba.hr (Sejla Kalinic) Date: Sun, 19 Jul 2009 16:02:36 +0200 Subject: =?ISO-8859-2?Q?Godi=B9nji_odmor?= Message-ID: I will be out of the office starting 18.07.2009 and will not return until 11.08.2009. Disclaimer : Ova elektroni?ka poruka je povjerljiva i mo?e sadr?avati povla?tene informacije. Ako niste nazna?eni primatelj, niste ovla?teni ?itati, printati, pohraniti, obra?ivati ili priop?avati ovu poruku. Ako ste ovu poruku primili gre?kom, molimo Vas da o tome odmah obavijestite po?iljatelja i izbri?ete ovu poruku, njene privitke i kopije. Zagreba?ka banka d.d. ne preuzima nikakvu odgovornost s obzirom na bilo koju mogu?u neto?nost bilo kojeg podatka koji je sadr?an u ovoj poruci ako takav podatak nije povezan s registriranim predmetom poslovanja Zagreba?ke banke d.d. Stajali?ta izra?ena u ovoj poruci ne odra?avaju nu?no slu?bena stajali?ta Zagreba?ke banke d.d. Hvala! This e-mail is confidential and may also contain privileged information. If you are not the intended recipient, you are not authorised to read, print, save, process or disclose this message. If you have received this message by mistake, please inform the sender immediately and delete this e-mail, its attachments and any copies. Zagrebacka banka d.d. does not take any responsibility with regards to any possible inaccuracy of any data contained in this e-mail if such data do not relate to the registered operations of Zagrebacka banka d.d. The opinions expressed in this e-mail do not necessarily reflect the official positions of Zagrebacka banka d.d.. Thank you! From foad0128 at gmail.com Mon Jul 20 10:09:03 2009 From: foad0128 at gmail.com (Nix) Date: Mon, 20 Jul 2009 10:09:03 +0200 Subject: gpg -u problem Message-ID: Hello, I have a problem with gpg (GnuPG) 1.4.9 I got three keys. I receive a crypted file and when i want to decrypt gpg don't want to use another key than the default. i use this commande gpg -u 5E95FE19 -d 00poap/gpg Can you help me plz. pub 1024D/118A9D3A 2008-12-11 uid popo > sub 1024g/95C66EC4 2008-12-11 pub 2048R/5E95FE19 2009-07-17 uid mimi at mimi.com mimi at mimi.com pub 1024D/DFA3B1C5 2009-07-17 uid pupu > sub 2048g/6E4448D5 2009-07-17 Have a nice day. -------------- next part -------------- An HTML attachment was scrubbed... URL: From roam at ringlet.net Mon Jul 20 12:08:52 2009 From: roam at ringlet.net (Peter Pentchev) Date: Mon, 20 Jul 2009 13:08:52 +0300 Subject: gpg -u problem In-Reply-To: References: Message-ID: <20090720100852.GA968@straylight.m.ringlet.net> On Mon, Jul 20, 2009 at 10:09:03AM +0200, Nix wrote: > Hello, > > I have a problem with gpg (GnuPG) 1.4.9 > > I got three keys. I receive a crypted file and when i want to decrypt gpg > don't want to use another key than the default. > > i use this commande > > gpg -u 5E95FE19 -d 00poap/gpg > > Can you help me plz. That should be "gpg -k 5E95FE19 -d 00poap/gpg", not "-u". Either use -u 'Real Name' or -k keyid; in this case, 5E95FE19 is the key ID, not the user ID attached to this key. G'luck, Peter -- Peter Pentchev roam at ringlet.net roam at space.bg roam at FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 What would this sentence be like if it weren't self-referential? -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 196 bytes Desc: not available URL: From alexanderbertram at gmail.com Mon Jul 20 10:07:54 2009 From: alexanderbertram at gmail.com (Alexander Bertram) Date: Mon, 20 Jul 2009 10:07:54 +0200 Subject: OpenPGP Smartcard and MacOS Message-ID: Dear Sir or Madam, I would like to use my OpenPGP Smartcard with MacOS. I have some experience to manage this Smartcard in a Windows Environment, with the help of Thunderbird and its Add-On ENIGMAIL. Among Windows there was no difficulty to generate a keypair on a Smartcard, I did not even have to use any command line syntax... I have already installed these programs in Mac OS too, but unfortunately do not encounter any Option to manage a Smartcard. I am using my old KOBIL USB Smartcard-Reader (secOVID Reader plus) with pin pad that should be sufficient (it already worked fine with Thunderbird/Enigmail in Windows). Do I maybe have to use some other programs? Does anyone have an idea how to solve this issue? - how can I generate an asymmetric keypair on an OpenPGP Smartcard on an Mac OS X Environment ? - do I need any other Driver/Progs? - are there any Live-Linux Systems that unite all the necessary programs in one OS? I appreciate for any help, Alex -------------- next part -------------- An HTML attachment was scrubbed... URL: From reynt0 at cs.albany.edu Mon Jul 20 22:07:11 2009 From: reynt0 at cs.albany.edu (reynt0) Date: Mon, 20 Jul 2009 16:07:11 -0400 (EDT) Subject: OpenPGP Smartcard and MacOS In-Reply-To: References: Message-ID: On Mon, 20 Jul 2009, Alexander Bertram wrote: . . . > - how can I generate an asymmetric keypair on an OpenPGP > Smartcard on an Mac OS X Environment ? . . . Maybe this should be a separate thread, but I'll ask here since it may affect the poster's activities. Beginning with OS 10.4, Apple's EULA (maybe some Microsoft too, I don't know those EULAs) includes wording that can be interpreted as saying that they claim the right for themselves or their associates to take any information they want from your computer at any time they want. The OS 10.5 EULA adds wording that may be saying they can change your Mac's programs anyway they want anytime they want. There has been some discussion about the 10.4 EULA at . Could your computer's memory contents be saved while you are en/decrypting, and then sent off to someone? Could the gpg executable be modified to let people evesdrop or something? And all OK according to the EULA? From benjamin at py-soft.co.uk Mon Jul 20 22:34:39 2009 From: benjamin at py-soft.co.uk (Benjamin Donnachie) Date: Mon, 20 Jul 2009 21:34:39 +0100 Subject: OpenPGP Smartcard and MacOS In-Reply-To: References: Message-ID: <732076a80907201334m1b37def4x97e55b8c0332f73f@mail.gmail.com> 2009/7/20 Alexander Bertram : > I would like to use my OpenPGP Smartcard with MacOS. Take a look at MacGPG2 - http://macgpg2.sourceforge.net Ben From dkg at fifthhorseman.net Mon Jul 20 23:22:52 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Mon, 20 Jul 2009 17:22:52 -0400 Subject: gnupg as ssh-agent In-Reply-To: References: <20090710141242.GB12391@krabbe> <732076a80907100925s40facadg48717d1216651e8d@mail.gmail.com> <20090710164155.GA13598@ask> <4A577328.7010007__15068.9901704483$1247245182$gmane$org@fifthhorseman.net> Message-ID: <4A64E02C.2020608@fifthhorseman.net> On 07/17/2009 08:40 PM, Alex Mauer wrote: > Daniel Kahn Gillmor wrote: > >> If you have an authentication-capable subkey on your OpenPGP key, you >> might be interested in monkeysphere (http://web.monkeysphere.info/), >> which has some tools for importing authentication-capable RSA subkeys >> into a running ssh-agent. > > Why is it that GnuPG can expose an authentication-capable subkey from an > OpenPGP smartcard via OpenSSH, but can't expose an > authentication-capable subkey from its keyring? I haven't been able to get the one OpenPGP smartcard i've fooled around with to work (maybe i have a crappy reader), so i can't comment on whether GnuPG can actually expose that through it's ssh-agent emulation. The monkeysphere package i described above actually *can't* send a key from the GPG smartcard through to a separate (non-gpg-agent) ssh-agent, though -- it extracts the relevant subkey, transforms its RSA key material to a form that ssh-agent can read, and hands it off directly. > Or can it, but I'm doing something completely wrong? I've never been able to convince gpg-agent to treat a gpg key as key for ssh-agent myself, but perhaps Werner or David can comment on whether that's actually possible or intended. I agree it would be a useful feature, but i prefer OpenSSH's ssh-agent implementation over the gpg-agent implementation of the same protocol. --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From bxstover at yahoo.co.uk Tue Jul 21 16:02:19 2009 From: bxstover at yahoo.co.uk (Ben Stover) Date: Tue, 21 Jul 2009 16:02:19 +0200 Subject: When will be precompiled binaries for v2.0.x and Windows available? Message-ID: Hi, on the GnuPG download page it is written that GnuPG v2.0.12 is already available. http://www.gnupg.org/download/ However the latest available precompiled binary version for Windows seems to be only v1.4.9 Ok there are instructions on how to compile the source with MingW. But I am not used to setup the whole compiling development and it seems to me very cumbersome especially if every user has to brew its own binary. Is there really no precompiled binary version for Windows (maybe on another page) ? Regards Ben From jmoore3rd at bellsouth.net Tue Jul 21 17:26:55 2009 From: jmoore3rd at bellsouth.net (John W. Moore III) Date: Tue, 21 Jul 2009 11:26:55 -0400 Subject: When will be precompiled binaries for v2.0.x and Windows available? Message-ID: <4A65DE3F.4070502@bellsouth.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Ben Stover wrote: > Is there really no precompiled binary version for Windows (maybe on another page) ? gpg4win JOHN ;) Timestamp: Tuesday 21 Jul 2009, 11:26 --400 (Eastern Daylight Time) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10-svn5068: (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: http://www.gswot.org Comment: Personal Web Page: http://tinyurl.com/yzhbhx iQEcBAEBCgAGBQJKZd47AAoJEBCGy9eAtCsPJfoH/iV29peplD0P8LsyLC/jv7U1 xM6/RTEs+U9fWPVini+ew41XLOkUZ3OHtZcSWrnRiR2CVX1ctLVXhnZ3Dn0wX78z N5uG+xiMuzat8VPMhKqj4f4gdogxhVCw31XKtzi4eCWm4CLMyzri5Uvd1OyVMcO/ fxs7sOIzl5XqUG4vAH9YcmlGa3zFvMDpE/X4iWryms4p2iTfRI63Q+D6p++SMGIy 8A6PCGq2v2WIatHrj9kk2TMxEMfyeYVc8v9HPmfnOaNiim0wQSPK8gMIaeMm47j6 FyYtIRS5PtQwaWZzEaHMlTpviGXxutzhtuhHDqtT+CUh3YC2HZBtFUzYfDAKapA= =tJt7 -----END PGP SIGNATURE----- From wk at gnupg.org Wed Jul 22 16:57:08 2009 From: wk at gnupg.org (Werner Koch) Date: Wed, 22 Jul 2009 16:57:08 +0200 Subject: Required patches for the OpenPG card v2.0 In-Reply-To: (Patrick Brunschwig's message of "Sat, 18 Jul 2009 18:36:05 +0200") References: <87hby6vrun.fsf@wheatstone.g10code.de> Message-ID: <87my6w22bf.fsf@wheatstone.g10code.de> On Sat, 18 Jul 2009 18:36, patrick at mozilla-enigmail.org said: > have the wrong card inserted (e.g. for decryption), gpg 1.4.9 responds > with these status messages: > > [GNUPG:] ENC_TO 12A7990DF2541241 1 0 > [GNUPG:] CARDCTRL 3 D2760001240101010001000000460000 > [GNUPG:] CARDCTRL 1 D2760001240102000005000000700000 > [GNUPG:] SC_OP_FAILURE > [GNUPG:] BEGIN_DECRYPTION > [GNUPG:] DECRYPTION_FAILED > > > Version 2.0.12+ only responds with this: > [GNUPG:] ENC_TO 12A7990DF2541241 1 0 > [GNUPG:] BEGIN_DECRYPTION > [GNUPG:] DECRYPTION_FAILED > [GNUPG:] END_DECRYPTION Yo used 1.4.9 without scdaemon support; if you would have used it with gpg-agent/scdaemon, the output would be similar to: [GNUPG:] ENC_TO 10B671F6860B1CFE 1 0 [GNUPG:] CARDCTRL 3 [GNUPG:] SC_OP_FAILURE [GNUPG:] BEGIN_DECRYPTION [GNUPG:] DECRYPTION_FAILED [GNUPG:] END_DECRYPTION Thus the CARDCTRL 1 is also missing. I changed gpg2 to emit: [GNUPG:] ENC_TO 10B671F6860B1CFE 1 0 [GNUPG:] CARDCTRL 3 D2760001240101010001000003470000 [GNUPG:] SC_OP_FAILURE [GNUPG:] BEGIN_DECRYPTION [GNUPG:] DECRYPTION_FAILED [GNUPG:] END_DECRYPTION Which is basically the same. It just adds the s/n of the current card to CARDCTRL 3. The question now is what to do with the cardctrl values used on a standalone gpg: CARDCTRL 1 = Request insertion of a card. Serialnumber may be given to request a specific card. CARDCTRL 2 = Request removal of a card. With scdaemon handling all access to the cards, including the PIN question, it would make sense to have scdaemon ask for inserting the right card as well. To allow for a bit of unattended operation this needs to be suppressed if --batrch is given to gpg. Do you see any problem with such an approach? Salam-Shalom, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. From jh at jameshoward.us Wed Jul 22 21:59:17 2009 From: jh at jameshoward.us (James P. Howard, II) Date: Wed, 22 Jul 2009 15:59:17 -0400 Subject: Question about authentication subkeys and SSH Message-ID: <4A676F95.9030807@jameshoward.us> I have created a 2048-bit RSA subkey that is authentication only. I'd like to use this with SSH. A bit of Googling suggests this cannot be used directly unless it is on a smart card, but it isn't clear. Have I correctly interpreted this? Thank you, James -- James P. Howard, II, MPA jh at jameshoward.us -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 163 bytes Desc: OpenPGP digital signature URL: From allen.schultz at gmail.com Wed Jul 22 20:43:04 2009 From: allen.schultz at gmail.com (Allen Schultz) Date: Wed, 22 Jul 2009 12:43:04 -0600 Subject: Optimal Corporate GnuPG Use (Was: [Enigmail] Multiple email addresses) In-Reply-To: <4A675840.1040101@metrocast.net> References: <4A674574.4010102@earthlights.net> <4A675840.1040101@metrocast.net> Message-ID: <4A675DB8.80509@gmail.com> Phil Stracchino wrote: > Taistealaiche wrote: >> Hi, >> I'm not sure if these questions belong on this list so please inform >> me if I'm wrong. > > They're really PGP/GnuPG/OpenPGP questions, not Enigmail questions. > >> 1) Is it possible, in the case of an organisation, to have one Public >> Key which can be tied to several different email addreses? > > Yes, trivially. Though I'm not entirely certain why you would want to > do such a thing. > >> 2) If the above is possible, is it also possible for each email >> address to have a separate passphrase for that key? > > Yes. Though I'm not certain why you would want to do such a thing. > >> 3) If both of the above are possible, could someone very kindly >> explain how to do it? > > It's really quite simple. Create the key as you normally would, > distribute it to the people you intent to have it, then have each holder > use the normal key management tools to change the key passphrase on it > from the original passphrase to their own chosen passphrase. > > Though, as noted above, I'm not certain why you would want to do such a > thing, and don't see what you could gain by it. First, I do apologize for the cross posting, but this came up in the enigmail mailing group. It's off topic there, so I'll ask my question here. Second, I do apologize for not trimming this message, as this hold his original questions/situation info. For this user's situation, would it be better to have each individual have their own key signed by a company root key? Or is there another model best suited for his needs? -- Allen Schultz GPG Key Info: pub 3072R/DAD4736B 2009-05-20 Key fingerprint = 16AD EFE1 D68F C8A8 B086 68CD 1A35 85C7 DAD4 736B uid Allen Schultz (aldaek) uid [jpeg image of size 6128] sub 2048R/F55651E0 2009-05-20 [expires: 2010-05-20] sub 2048R/5687B83E 2009-05-20 [expires: 2010-05-20] -------------- next part -------------- A non-text attachment was scrubbed... Name: allen_schultz.vcf Type: text/x-vcard Size: 589 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 551 bytes Desc: OpenPGP digital signature URL: From dkg at fifthhorseman.net Wed Jul 22 22:12:34 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Wed, 22 Jul 2009 16:12:34 -0400 Subject: Question about authentication subkeys and SSH In-Reply-To: <4A676F95.9030807@jameshoward.us> References: <4A676F95.9030807@jameshoward.us> Message-ID: <4A6772B2.5000802@fifthhorseman.net> On 07/22/2009 03:59 PM, James P. Howard, II wrote: > I have created a 2048-bit RSA subkey that is authentication only. I'd > like to use this with SSH. A bit of Googling suggests this cannot be > used directly unless it is on a smart card, but it isn't clear. Have I > correctly interpreted this? You can use such a subkey without a smartcard by using software provided by the monkeysphere project: http://web.monkeysphere.info/ Assuming this is the only authentication-capable subkey on your only gpg secret key, you'd simply do: monkeysphere subkey-to-ssh-agent which would load the key into the agent for use. You can pass additional parameters to ssh-add at the end of the argument list. For example, if you want to ensure that the key is only held by the agent for an hour, do: monkeysphere subkey-to-ssh-agent -t 3600 hope this helps, --dkg (one of the monkeysphere developers) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From jh at jameshoward.us Wed Jul 22 23:50:04 2009 From: jh at jameshoward.us (James P. Howard, II) Date: Wed, 22 Jul 2009 17:50:04 -0400 Subject: Question about authentication subkeys and SSH In-Reply-To: <4A6772B2.5000802@fifthhorseman.net> References: <4A676F95.9030807@jameshoward.us> <4A6772B2.5000802@fifthhorseman.net> Message-ID: <4A67898C.60200@jameshoward.us> On Wed Jul 22 2009 16:12:34 GMT-0400 (EDT) , Daniel Kahn Gillmor wrote: > On 07/22/2009 03:59 PM, James P. Howard, II wrote: >> I have created a 2048-bit RSA subkey that is authentication only. >> I'd like to use this with SSH. A bit of Googling suggests this >> cannot be used directly unless it is on a smart card, but it isn't >> clear. Have I correctly interpreted this? > > You can use such a subkey without a smartcard by using software > provided by the monkeysphere project: > > http://web.monkeysphere.info/ > > Assuming this is the only authentication-capable subkey on your only > gpg secret key, you'd simply do: > > monkeysphere subkey-to-ssh-agent > > which would load the key into the agent for use. You can pass > additional parameters to ssh-add at the end of the argument list. > For example, if you want to ensure that the key is only held by the > agent for an hour, do: > > monkeysphere subkey-to-ssh-agent -t 3600 That looks like the missing link I was searching for! Thank you. -- James P. Howard, II, MPA jh at jameshoward.us -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 163 bytes Desc: OpenPGP digital signature URL: From noiano at x-privat.org Thu Jul 23 19:24:39 2009 From: noiano at x-privat.org (Noiano) Date: Thu, 23 Jul 2009 19:24:39 +0200 Subject: When will be precompiled binaries for v2.0.x and Windows available? In-Reply-To: <4A65DE3F.4070502__139.788972637866$1248190171$gmane$org@bellsouth.net> References: <4A65DE3F.4070502__139.788972637866$1248190171$gmane$org@bellsouth.net> Message-ID: John W. Moore III ha scritto: > Ben Stover wrote: > >> Is there really no precompiled binary version for Windows (maybe on another page) ? > > gpg4win > > JOHN ;) > Timestamp: Tuesday 21 Jul 2009, 11:26 --400 (Eastern Daylight Time) will there ever be a gnupg.org windows build for 2.x version From erik at lotspeich.org Fri Jul 24 22:37:21 2009 From: erik at lotspeich.org (Erik Lotspeich) Date: Fri, 24 Jul 2009 15:37:21 -0500 Subject: Question About Accumulated Bad Signatures in Public Key Message-ID: <4A6A1B81.8050509@lotspeich.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, The public key that I use for work has accumulated various "bad signatures". To be honest, I don't know how these signatures got there. Anyway, I can use GPG to "clean" the public key and remove them. Public key servers do not seem to scrub or clean public keys. Is it a reasonable thing to delete the public key and re-add it? This doesn't seem to be something that most public keyservers allow or recommend. Or is it normal for bad signatures to accumulate over the years and it is to be expected. Note that in my case the bad signatures are redundant since there are good, valid, signatures in addition to the valid bad ones by those individuals. I hope that I've explained this clearly. I've searched on the Internet and I haven't seen a definitive answer. Regards, Erik -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iEYEARECAAYFAkpqG4EACgkQY21D/n6bGwfTWACeOen2Lf9oz+EM9l/gWQKfaF/b gCQAnjabVPSx0X0aR6Gpe3XtRhjXly3t =BaAG -----END PGP SIGNATURE----- From dkg at fifthhorseman.net Sat Jul 25 00:49:07 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Fri, 24 Jul 2009 18:49:07 -0400 Subject: Question About Accumulated Bad Signatures in Public Key In-Reply-To: <4A6A1B81.8050509@lotspeich.org> References: <4A6A1B81.8050509@lotspeich.org> Message-ID: <4A6A3A63.4090607@fifthhorseman.net> On 07/24/2009 04:37 PM, Erik Lotspeich wrote: > Public key servers do not seem to scrub or clean public keys. Is it a > reasonable thing to delete the public key and re-add it? This doesn't > seem to be something that most public keyservers allow or recommend. Or > is it normal for bad signatures to accumulate over the years and it is > to be expected. There is no good reason for bad signatures to show up in the first place, but there is no good way for keyservers to drop them either, if they do show up (by error or by malice). Here's why. Signatures are marked by a shorthand identifier of what key has made them. This ID is the last 64 bits of the key fingerprint. Technically, this identifier is part of an "Issuer subpacket", and it's not even required to be included in the signature, though well-formed signatures do have them. (see http://tools.ietf.org/html/rfc4880#section-5.2.3.5 ) Key fingerprints (160 bits) themselves aren't technically guaranteed to be unique, but for all practical purposes, they currently are. But the last 64 bits are certainly not guaranteed to be unique, and deliberate collisions could probably even be generated by well-financed groups. So consider a few possible scenarios keyservers must face upon receipt of a signature over the first User ID of key 0123456789ABCDEF, which contains an Issuer subpacket claiming it is issued by key DEADBEEFDEADBEEF: * say the keyserver doesn't currently know of any key where the last 64 bits of the fingerprint match DEADBEEFDEADBEEF: should it ignore the signature and discard it? or should it store it for use by people who have a copy of that public key even if it's not on the keyservers? * say the keyserver *does* know of a key where the last 64 bits match DEADBEEFDEADBEEF, *and* the keyserver has the capability to cryptographically verify the signature (an unusual keyserver these days -- most don't at the moment). If the signature doesn't validate, what should it do? it's possible that the signature was made by a *different* DEADBEEFDEADBEEF key that the keyserver doesn't know about. Now should it ignore the signature and discard it? Does this make sense why the keyservers haven't bothered to discard the "bad" signatures? They can't tell a bad sig from a sig from a key they've never seen before. You might also consider reading these pages: http://www.rossde.com/PGP/pgp_keyserv.html http://pgp.mit.edu/faq.html The Q&A on them about deleting keys from keyservers is similarly relevant to questions about removing specific signatures from the keyservers. If you're interested in more discussion about the way that keyservers work, you should join the SKS development list : http://lists.nongnu.org/mailman/listinfo/sks-devel SKS has become the dominant free OpenPGP keyserver software, and there is active development and discussion on that list about how a modern keyserver can and should function. --dkg PS fwiw, if you're concerned about busted signatures on FA2C849B, i only see one such bad sig (from 9E8E7BFC in january of this year) when i fetch the relevant keys from the public keyserver network. That's not too bad. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From jmoore3rd at bellsouth.net Sat Jul 25 01:36:58 2009 From: jmoore3rd at bellsouth.net (John W. Moore III) Date: Fri, 24 Jul 2009 19:36:58 -0400 Subject: Question About Accumulated Bad Signatures in Public Key In-Reply-To: <4A6A1B81.8050509@lotspeich.org> References: <4A6A1B81.8050509@lotspeich.org> Message-ID: <4A6A459A.4090307@bellsouth.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Erik Lotspeich wrote: > Hi, > > The public key that I use for work has accumulated various "bad > signatures". To be honest, I don't know how these signatures got there. > Anyway, I can use GPG to "clean" the public key and remove them. > > Public key servers do not seem to scrub or clean public keys. Is it a > reasonable thing to delete the public key and re-add it? This doesn't > seem to be something that most public keyservers allow or recommend. Or > is it normal for bad signatures to accumulate over the years and it is > to be expected. > > Note that in my case the bad signatures are redundant since there are > good, valid, signatures in addition to the valid bad ones by those > individuals. > > I hope that I've explained this clearly. I've searched on the Internet > and I haven't seen a definitive answer. The simple & direct Answer is that anything that gets recorded on Keyservers _stays_ there forever. :-\ There is *no* was to delete a Key from the Public Keyservers. JOHN ;) Timestamp: Friday 24 Jul 2009, 19:36 --400 (Eastern Daylight Time) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10-svn5085: (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: http://www.gswot.org Comment: Personal Web Page: http://tinyurl.com/yzhbhx iQEcBAEBCgAGBQJKakWXAAoJEBCGy9eAtCsPWvAH/3Q4pOZ/6URxQw0gi22+zOUw gwaqDYC/Vu96UoF+DCFV6/ucL4x1YvynnXPwrDBaxNLF5iGXP9Lgbr4CR26uS6t7 VYEhL0w3o+kXPFdqW1k3ZGHNrLiENPr6r9DQ8IlJ1g4l3fCwsABStqjExUS6nxyU kEbpD7zQUc24dbLVsyygdoacFAyBgPP+8SCkmtpFf7K3+sdLTrBvkI5/O/uQH6dx RpvfkK5XlbeRzwTfaVDk3MHuBBDlU1MOz3C1ALQmifNtux83BrwlNpGbjwMPj471 cRfO2oT4cyo18NoXgQ3I66EXZdgwAMPonjptZqwrVGsh7xpvUMGQhn7lp+X5xVE= =HSQ/ -----END PGP SIGNATURE----- From srivasta at ieee.org Sun Jul 26 08:38:22 2009 From: srivasta at ieee.org (Manoj Srivastava) Date: Sun, 26 Jul 2009 01:38:22 -0500 Subject: 8192bit RSA keys References: <20090706082105.GA11743@piper.oerlikon.madduck.net> <05883E7E-AF90-4C3D-ABEC-7C9ECE956954@jabberwocky.com> <8C30B771-FD81-44A0-BA62-CB95AD219B1B__40795.8856587813$1247165059$gmane$org@jabberwocky.com> <8763e1fb4o.fsf@anzu.internal.golden-gryphon.com> <87ljmwwtnh.fsf__10484.2094042853$1247233395$gmane$org@wheatstone.g10code.de> Message-ID: <87ab2sgd9d.fsf@anzu.internal.golden-gryphon.com> On Fri, Jul 10 2009, Werner Koch wrote: > On Fri, 10 Jul 2009 05:52, srivasta at ieee.org said: > >> I have a 4096 bit RSA key -- can I create 2048 or 3072 bit > > 4096 is in fact also supported but that would require major changes in > GnuPG, thus this published limit of 3072 > >> subkeys and only copy these keys to the card? Or will the fact that the >> primary key is 4096 bits stymie the operation? > > That works. > > However, 3072 bit signing had another bug which I fixed this morning. > Thus you need to use the latest SVN. I can report that 2048 bit RSA subkeys can be generated on the machine, transferred to the version 2 card, and they work. However, working with gnupg2 from Thursday VCS, 3072 bit keys can be created, transferred to the card, and may encrypt files, but decrypting the file failed with a cryptic "card error". I am now happy with my 2048 bit keys :-) manoj -- UNIX was half a billion (500000000) seconds old on Tue Nov 5 00:53:20 1985 GMT (measuring since the time(2) epoch). -- Andy Tannenbaum Manoj Srivastava 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 488 bytes Desc: not available URL: From jh at jameshoward.us Mon Jul 27 03:40:27 2009 From: jh at jameshoward.us (James P. Howard, II) Date: Sun, 26 Jul 2009 21:40:27 -0400 Subject: Encryption keys in the OpenPGP spec Message-ID: <4A6D058B.7090302@jameshoward.us> I am trying to understand the differences in key types and looking at encryption keys in particular. RFC 4880 has this to say on the matter of key flags: 0x04 - This key may be used to encrypt communications. 0x08 - This key may be used to encrypt storage. So, my first question is why is there a distinction between the two types of encryption? Also, looking in GnuPG 1.4.9, I see this in g10/keygen.c: if (use & PUBKEY_USAGE_ENC) buf[0] |= 0x04 | 0x08; Which suggests, quite strongly, that the distinction is irrelevant. Why GnuPG ignore the different encryption key types? Thank you, James -- James P. Howard, II, MPA jh at jameshoward.us -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 163 bytes Desc: OpenPGP digital signature URL: From dshaw at jabberwocky.com Mon Jul 27 05:09:18 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Sun, 26 Jul 2009 23:09:18 -0400 Subject: Encryption keys in the OpenPGP spec In-Reply-To: <4A6D058B.7090302@jameshoward.us> References: <4A6D058B.7090302@jameshoward.us> Message-ID: On Jul 26, 2009, at 9:40 PM, James P. Howard, II wrote: > I am trying to understand the differences in key types and looking at > encryption keys in particular. RFC 4880 has this to say on the matter > of key flags: > > 0x04 - This key may be used to encrypt communications. > > 0x08 - This key may be used to encrypt storage. > > So, my first question is why is there a distinction between the two > types of encryption? > > Also, looking in GnuPG 1.4.9, I see this in g10/keygen.c: > > if (use & PUBKEY_USAGE_ENC) > buf[0] |= 0x04 | 0x08; > > Which suggests, quite strongly, that the distinction is irrelevant. > Why > GnuPG ignore the different encryption key types? Because it is difficult (or nearly impossible) to determine the difference from the perspective of GnuPG. That is, I as a person know what I'm encrypting and what I plan on doing with it, but GnuPG just sees bits. As a general-purpose OpenPGP tool, GnuPG pretty much needs to treat both communications and storage as the same thing. Other tools for more specific environments may "know" what their usage is and can treat this differently. This is expected behavior - the OpenPGP standard even mentions it: Note however, that it is a thorny issue to determine what is "communications" and what is "storage". This decision is left wholly up to the implementation; the authors of this document do not claim any special wisdom on the issue and realize that accepted opinion may change. David From rjh at sixdemonbag.org Mon Jul 27 05:20:49 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Sun, 26 Jul 2009 23:20:49 -0400 Subject: Encryption keys in the OpenPGP spec In-Reply-To: <4A6D058B.7090302@jameshoward.us> References: <4A6D058B.7090302@jameshoward.us> Message-ID: <0D940FE1-BC60-4BBA-9DE5-8E4438601078@sixdemonbag.org> > So, my first question is why is there a distinction between the two > types of encryption? It is conceivable there may exist some highly niche areas which need the ability to definitively say, "this encryption key may only be used for this purpose, and that encryption key may only be used for that purpose." The spec allows these users to make those sorts of statements. > Which suggests, quite strongly, that the distinction is irrelevant. > Why > GnuPG ignore the different encryption key types? It doesn't suggest the distinction is irrelevant -- only that GnuPG doesn't enforce a distinction. The spec requires some behavior, and other behavior is left up to implementors to decide whether, and how, to implement it. For users who need the sorts of guarantees mentioned in my first para, they need to use a different product than GnuPG. That's not a bad thing: different software packages are aimed at different groups of users. From michael.griffiths at arc-intl.com Mon Jul 27 11:25:05 2009 From: michael.griffiths at arc-intl.com (arcintl) Date: Mon, 27 Jul 2009 02:25:05 -0700 (PDT) Subject: IT Department having the secure key. Message-ID: <24668288.post@talk.nabble.com> i wish to setup GNUpg for my work (i am the IT Administrator) but i have a few questions. First: if the user creates a key and then leaves the company. assuming he/she didnt tell anyone the pass phrase and was the only key used, are those files locked for ever? if this is so my idea was the IT department (i.e. me) create the keys for all my users and use a complete random password for all, then backup those keys. then issue them to the user and allow them to change the pass phrase to something they prefer. then if the user leaves we can use the originally backed up key with the original password to decrypt the files they encrypted. will this work? i know it may sound like a security risk and ruin the whole point of encrypting in the first place but this is the only way i can think of safe gaurding the companies data (not users data). Also have another question. if a users key is compromised i.e. someone knows their pass phrase. should the user just change the pass phrase or should a new key be generated? and if a new key is needed will all the files that were encrypted with the old key be in danger of be decrypted or be totally useless without the old key? Sorry if this has been answered before or a dumb question. i am new to this stuff. -- View this message in context: http://www.nabble.com/IT-Department-having-the-secure-key.-tp24668288p24668288.html Sent from the GnuPG - User mailing list archive at Nabble.com. From ingo.krabbe at eoa.de Mon Jul 27 12:33:17 2009 From: ingo.krabbe at eoa.de (Ingo Krabbe) Date: Mon, 27 Jul 2009 12:33:17 +0200 Subject: IT Department having the secure key. In-Reply-To: <24668288.post@talk.nabble.com> References: <24668288.post@talk.nabble.com> Message-ID: <20090727103317.GD20991@ask> On Mon, Jul 27, 2009 at 02:25:05AM -0700, arcintl wrote: > > i wish to setup GNUpg for my work (i am the IT Administrator) but i have a > few questions. good idea > > First: if the user creates a key and then leaves the company. assuming > he/she didnt tell anyone the pass phrase and was the only key used, are > those files locked for ever? Actually those files aren't locked but possibly encrypted, which is most times even better than deleting them. So noone will have access to them who doesn't own the key. > if this is so my idea was the IT department (i.e. me) create the keys for > all my users and use a complete random password for all, then backup those > keys. then issue them to the user and allow them to change the pass phrase > to something they prefer. then if the user leaves we can use the originally > backed up key with the original password to decrypt the files they > encrypted. You have to distinguish two or three things: 1. Passwords and keys. When you use asymmetric encryption, you don't need a password to decrypt a file, but you need the key (that is actually nothing else then quite a long password) but: The password or the key that encrypted the file is another one then you need to decrypt it (asymmetric) 2. You could store the same key multiple times, secured by different passwords, or even without a password at all. Everyone who has access to the key and the password to use the key (ofc) can decrypt the data. 3. GnuPG is a distributed system in contrast to SSL Ciphers, that are assymmetric as well but need a centralized keyserver to prove the validity of the key. > will this work? i know it may sound like a security risk and ruin the whole > point of encrypting in the first place but this is the only way i can think > of safe gaurding the companies data (not users data). You should think twice, and then again, of how you store and distribute the keys and how you secure them. Finally you will get maximum security from GnuPG: But, as long as you aren't 100% sure what you are doing: Have a backup. For example the problem is: If you create the keys for your users, you will have to transfer them to the users, which makes a bit of unsureness of who listens on the transfer lines. And: You can only encrypt the files for one key. So only one user will have access to the files (owns the files), as long as you don't share the keys. For example you can introduce company wide keys or deparmtement keys and distribute them to anyone, who should have access. > Also have another question. > > if a users key is compromised i.e. someone knows their pass phrase. should > the user just change the pass phrase or should a new key be generated? and > if a new key is needed will all the files that were encrypted with the old > key be in danger of be decrypted or be totally useless without the old key? Right. Assumed that you use one key for a group of users and encrypt the file with this key, if anyone can get access to this key stored for any user, he will get access to the encrypted files. But you need to have access to both: The key file and the password. It's like a banking card and the PIN number. If you own just one of them, you don't have access to the account. But if you can copy the bank card and you can crack the pin you will have access. > Sorry if this has been answered before or a dumb question. i am new to this > stuff. I hope I could push you somewhat forward with your questions. bye, ikrabbe From michael.griffiths at arc-intl.com Sun Jul 26 18:26:41 2009 From: michael.griffiths at arc-intl.com (arcintl) Date: Sun, 26 Jul 2009 09:26:41 -0700 (PDT) Subject: IT Department having the secure key. Message-ID: <24668288.post@talk.nabble.com> i wish to setup GNUpg for my work (i am the IT Administrator) but i have a few questions. First: if the user creates a key and then leaves the company. assuming he/she didnt tell anyone the pass phrase and was the only key used, are those files locked for ever? if this is so my idea was the IT department (i.e. me) create the keys for all my users and use a complete random password for all, then backup those keys. then issue them to the user and allow them to change the pass phrase to something they prefer. then if the user leaves we can use the originally backed up key with the original password to decrypt the files they encrypted. will this work? i know it may sound like a security risk and ruin the whole point of encrypting in the first place but this is the only way i can think of safe gaurding the companies data (not users data). Also have another question. if a users key is compromised i.e. someone knows their pass phrase. should the user just change the pass phrase or should a new key be generated? and if a new key is needed will all the files that were encrypted with the old key be in danger of be decrypted or be totally useless without the old key? Sorry if this has been answered before or a dumb question. i am new to this stuff. -- View this message in context: http://www.nabble.com/IT-Department-having-the-secure-key.-tp24668288p24668288.html Sent from the GnuPG - User mailing list archive at Nabble.com. From dkg at fifthhorseman.net Mon Jul 27 14:29:10 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Mon, 27 Jul 2009 08:29:10 -0400 Subject: IT Department having the secure key. In-Reply-To: <20090727103317.GD20991@ask> References: <24668288.post@talk.nabble.com> <20090727103317.GD20991@ask> Message-ID: <4A6D9D96.30108@fifthhorseman.net> Hi Ingo-- This is a well-thought-out response, but there are some nagging, nit-picky details that i'm not sure are what you meant: On 07/27/2009 06:33 AM, Ingo Krabbe wrote: > 3. GnuPG is a distributed system in contrast to SSL Ciphers, that are > assymmetric as well but need a centralized keyserver to prove the validity of > the key. I think you mean to contrast OpenPGP certificates with X.509 certificates here, not GnuPG with SSL. It is possible to use OpenPGP certificates with recent versions of TLS under some implementations: http://tools.ietf.org/html/rfc5081 > For example the problem is: If you create the keys for your users, you will have > to transfer them to the users, which makes a bit of unsureness of who listens on > the transfer lines. If the OP works in a traditional office, then transferring the keys to the users via a pendrive (or other variation of sneakernet) is a pretty reasonable way to avoid this concern > And: You can only encrypt the files for one key. So only one user will have > access to the files (owns the files), as long as you don't share the keys. For > example you can introduce company wide keys or deparmtement keys and distribute > them to anyone, who should have access. You actually can encrypt files to more than one OpenPGP key, so that anyone holding any of the recipient keys can decrypt the data. Maybe this approach would be useful for the OP? If, as IT administrator, you have the opportunity to configure your users' ~/.gnupg/gpg.conf, you could add a line like recipient 0xDEADBEEFDEADBEEF to specify that all encryptions will automatically be encrypted to a key that you retain for the kind of emergency recovery scenarios you describe. --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From jrhendri at maine.rr.com Mon Jul 27 13:52:05 2009 From: jrhendri at maine.rr.com (Jim Hendrick) Date: Mon, 27 Jul 2009 07:52:05 -0400 Subject: IT Department having the secure key. In-Reply-To: <24668288.post@talk.nabble.com> Message-ID: <20090727115208817.ORUD17500@hrndva-omta04.mail.rr.com> Although it is controversial, look into key escrow. One possibility is to allow (require via policy?) users to encrypt data to a single central escrow key (that you store offline) in addition to any other keys they use. Then if recovery is required, the escrow key can be used to decrypt the data. The policies and procedures for use of this *must* be well defined up front. How and under what circumstances this is used, etc. Otherwise you risk losing the trust of your users. One possibility is to encrypt the escrow private key, storing the passphrase separately from the key so that two parties are required to recover data (e.g. put the key on a CD or USB stick in one safe, put the passphrase in a sealed envelope in a different safe) Just thoughts. Jim -----Original Message----- From: gnupg-users-bounces at gnupg.org [mailto:gnupg-users-bounces at gnupg.org] On Behalf Of arcintl Sent: Sunday, July 26, 2009 12:27 PM To: gnupg-users at gnupg.org Subject: IT Department having the secure key. i wish to setup GNUpg for my work (i am the IT Administrator) but i have a few questions. First: if the user creates a key and then leaves the company. assuming he/she didnt tell anyone the pass phrase and was the only key used, are those files locked for ever? if this is so my idea was the IT department (i.e. me) create the keys for all my users and use a complete random password for all, then backup those keys. then issue them to the user and allow them to change the pass phrase to something they prefer. then if the user leaves we can use the originally backed up key with the original password to decrypt the files they encrypted. will this work? i know it may sound like a security risk and ruin the whole point of encrypting in the first place but this is the only way i can think of safe gaurding the companies data (not users data). Also have another question. if a users key is compromised i.e. someone knows their pass phrase. should the user just change the pass phrase or should a new key be generated? and if a new key is needed will all the files that were encrypted with the old key be in danger of be decrypted or be totally useless without the old key? Sorry if this has been answered before or a dumb question. i am new to this stuff. -- View this message in context: http://www.nabble.com/IT-Department-having-the-secure-key.-tp24668288p246682 88.html Sent from the GnuPG - User mailing list archive at Nabble.com. _______________________________________________ Gnupg-users mailing list Gnupg-users at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users From rjh at sixdemonbag.org Mon Jul 27 15:26:25 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Mon, 27 Jul 2009 09:26:25 -0400 Subject: IT Department having the secure key. In-Reply-To: <20090727115208817.ORUD17500@hrndva-omta04.mail.rr.com> References: <20090727115208817.ORUD17500@hrndva-omta04.mail.rr.com> Message-ID: > One possibility is to allow (require via policy?) users to encrypt > data to a > single central escrow key (that you store offline) in addition to > any other > keys they use. Then if recovery is required, the escrow key can be > used to > decrypt the data. This sounds quite a bit like the Additional Decryption Key (ADK) feature of PGP. It's worth noting that (a) PGP's ADK feature is not quite what people want to believe it is, and (b) is covered by a software patent held by PGP Corporation. If someone's interested in pursuing this route, it would be a good idea to speak to a good patent lawyer. From ingo.krabbe at eoa.de Mon Jul 27 15:41:38 2009 From: ingo.krabbe at eoa.de (Ingo Krabbe) Date: Mon, 27 Jul 2009 15:41:38 +0200 Subject: IT Department having the secure key. In-Reply-To: <4A6D9D96.30108@fifthhorseman.net> References: <24668288.post@talk.nabble.com> <20090727103317.GD20991@ask> <4A6D9D96.30108@fifthhorseman.net> Message-ID: <20090727134138.GG20991@ask> On Mon, Jul 27, 2009 at 08:29:10AM -0400, Daniel Kahn Gillmor wrote: > Hi Ingo-- > > This is a well-thought-out response, but there are some nagging, > nit-picky details that i'm not sure are what you meant: > > On 07/27/2009 06:33 AM, Ingo Krabbe wrote: > > 3. GnuPG is a distributed system in contrast to SSL Ciphers, that are > > assymmetric as well but need a centralized keyserver to prove the validity of > > the key. > > I think you mean to contrast OpenPGP certificates with X.509 > certificates here, not GnuPG with SSL. It is possible to use OpenPGP > certificates with recent versions of TLS under some implementations: > > http://tools.ietf.org/html/rfc5081 Yes, true, I didn't remeber that X.509 early in the morning. > > > For example the problem is: If you create the keys for your users, you will have > > to transfer them to the users, which makes a bit of unsureness of who listens on > > the transfer lines. > > If the OP works in a traditional office, then transferring the keys to > the users via a pendrive (or other variation of sneakernet) is a pretty > reasonable way to avoid this concern True also, I just wanted to mention that transferring keys is something to be though about. > > > And: You can only encrypt the files for one key. So only one user will have > > access to the files (owns the files), as long as you don't share the keys. For > > example you can introduce company wide keys or deparmtement keys and distribute > > them to anyone, who should have access. > > You actually can encrypt files to more than one OpenPGP key, so that > anyone holding any of the recipient keys can decrypt the data. Maybe > this approach would be useful for the OP? As far as I know you can keep multiple different encrypted copies of a file, but one copy of the file will only have one encryption. Assumed that you don't want to waste space. I just see that you can encrypt for multiple keys, but you will increase the space needed for the file copy, don't you? I mean if you encrypt a file f.txt to f.txt.gpg with 10 recipients, you will have a f.txt.gpg that contains f.txt 10 times encrypted in 10 different ways. Maybe I'm wrong about this point, but I can't think about an encryption strategy with mixed recipients. bye, ingo From dshaw at JABBERWOCKY.COM Mon Jul 27 16:33:23 2009 From: dshaw at JABBERWOCKY.COM (David Shaw) Date: Mon, 27 Jul 2009 10:33:23 -0400 Subject: IT Department having the secure key. In-Reply-To: <24668288.post@talk.nabble.com> References: <24668288.post@talk.nabble.com> Message-ID: On Jul 27, 2009, at 5:25 AM, arcintl wrote: > i wish to setup GNUpg for my work (i am the IT Administrator) but i > have a > few questions. > > First: if the user creates a key and then leaves the company. assuming > he/she didnt tell anyone the pass phrase and was the only key used, > are > those files locked for ever? If "locked" you mean "unavailable to anyone other than a keyholder" then yes, they are effectively locked forever. (Assuming you mean that the user actually encrypted the files - just creating a key doesn't encrypt files, of course). > if this is so my idea was the IT department (i.e. me) create the > keys for > all my users and use a complete random password for all, then backup > those > keys. then issue them to the user and allow them to change the pass > phrase > to something they prefer. then if the user leaves we can use the > originally > backed up key with the original password to decrypt the files they > encrypted. > > will this work? i know it may sound like a security risk and ruin > the whole > point of encrypting in the first place but this is the only way i > can think > of safe gaurding the companies data (not users data). This will work (it's basically key escrow). It's a risk (keep track of your backups!), but everything carries some level of risk. The trick is to manage your level of risk to what you are comfortable with. Note that schemes like this presume an honest user from the start. They are not effective against a malicious employe who wants to cause harm (which is not necessarily an issue, but worth mentioning). > Also have another question. > > if a users key is compromised i.e. someone knows their pass phrase. > should > the user just change the pass phrase or should a new key be generated? It depends. If only the passphrase is compromised (i.e. the attacker didn't get the key file also) then changing the passphrase is sufficient. If the attacker got both the key and the passphrase, then a new key must be generated. The problem here (alas) is that it is often difficult to tell whether an attacker got just the passphrase, just the key file, or both. It's often easier and more prudent to assume that if the attacker got anything, they got both. David From dshaw at JABBERWOCKY.COM Mon Jul 27 16:34:12 2009 From: dshaw at JABBERWOCKY.COM (David Shaw) Date: Mon, 27 Jul 2009 10:34:12 -0400 Subject: IT Department having the secure key. In-Reply-To: <4A6D9D96.30108@fifthhorseman.net> References: <24668288.post@talk.nabble.com> <20090727103317.GD20991@ask> <4A6D9D96.30108@fifthhorseman.net> Message-ID: <9DEE055F-90E7-414C-9E9F-B6203E87063E@jabberwocky.com> On Jul 27, 2009, at 8:29 AM, Daniel Kahn Gillmor wrote: >> And: You can only encrypt the files for one key. So only one user >> will have >> access to the files (owns the files), as long as you don't share >> the keys. For >> example you can introduce company wide keys or deparmtement keys >> and distribute >> them to anyone, who should have access. > > You actually can encrypt files to more than one OpenPGP key, so that > anyone holding any of the recipient keys can decrypt the data. Maybe > this approach would be useful for the OP? > > If, as IT administrator, you have the opportunity to configure your > users' ~/.gnupg/gpg.conf, you could add a line like > > recipient 0xDEADBEEFDEADBEEF > > to specify that all encryptions will automatically be encrypted to a > key > that you retain for the kind of emergency recovery scenarios you > describe. I'd use "encrypt-to" instead of "recipient", but basically, yes, that will work. It's a reasonably common solution for the problem. This is similar in effect to PGP.com's additional decryption key (the ADK has better granularity as it works on a per-key basis, but the concept is the same). However, note that this (and the ADK) both are only really effective with an honest user. If a user wants to manipulate their key to remove the ADK (which is trivial) or edit their gpg.conf to remove the extra encrypt-to line, then you'd need a more central (and not under user control) way to guard against trouble. For example, if we're just talking about email, you could tweak your mail server to check to see if the extra recipient was present and if not, reject the message, etc. I believe the PGP folks have some variant of this ability, but you'd have to ask them for the details. David From dshaw at jabberwocky.com Mon Jul 27 16:49:54 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Mon, 27 Jul 2009 10:49:54 -0400 Subject: IT Department having the secure key. In-Reply-To: <20090727134138.GG20991@ask> References: <24668288.post@talk.nabble.com> <20090727103317.GD20991@ask> <4A6D9D96.30108@fifthhorseman.net> <20090727134138.GG20991@ask> Message-ID: Somehow this thread mutated into being on both gnupg-devel and gnupg- users. I'm only replying to gnupg-users. Let's try to keep it on one list. On Jul 27, 2009, at 9:41 AM, Ingo Krabbe wrote: >> You actually can encrypt files to more than one OpenPGP key, so that >> anyone holding any of the recipient keys can decrypt the data. Maybe >> this approach would be useful for the OP? > > As far as I know you can keep multiple different encrypted copies of > a file, but > one copy of the file will only have one encryption. Assumed that > you don't want > to waste space. I just see that you can encrypt for multiple keys, > but you will > increase the space needed for the file copy, don't you? > > I mean if you encrypt a file f.txt to f.txt.gpg with 10 recipients, > you will > have a f.txt.gpg that contains f.txt 10 times encrypted in 10 > different ways. > Maybe I'm wrong about this point, but I can't think about an > encryption strategy > with mixed recipients. OpenPGP supports multiple recipients. 10 recipients do not require 10x the space of 1 recipient, instead, you end up with a single encryption of the data, and then a small encrypted session key per recipient. So encrypting to 10 recipients is a bit larger than encrypting to 1 recipient, but it is nowhere near as large as encrypting to 10 recipients individually. Any of the recipients can decrypt the data. David From dkg at fifthhorseman.net Mon Jul 27 16:54:20 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Mon, 27 Jul 2009 10:54:20 -0400 Subject: IT Department having the secure key. In-Reply-To: <20090727134138.GG20991@ask> References: <24668288.post@talk.nabble.com> <20090727103317.GD20991@ask> <4A6D9D96.30108@fifthhorseman.net> <20090727134138.GG20991@ask> Message-ID: <4A6DBF9C.8030509@fifthhorseman.net> On 07/27/2009 09:41 AM, Ingo Krabbe wrote: > I mean if you encrypt a file f.txt to f.txt.gpg with 10 recipients, you will > have a f.txt.gpg that contains f.txt 10 times encrypted in 10 different ways. > Maybe I'm wrong about this point, but I can't think about an encryption strategy > with mixed recipients. I believe the way that it works is that the content of the file is encrypted with a symmetric cipher (against a randomly-generated session key). Then, the session key itself is encrypted to the relevant asymmetric key, and placed in a "Public-Key Encrypted Session Key Packet": http://tools.ietf.org/html/rfc4880#section-5.1 So if you encrypt a file to multiple public keys, the encrypted data only grows by the size of one additional Public-Key Encrypted Session Key Packet per recipient (about 0.5KB, depending on the algorithms used). If you're encrypting a 500K file, an extra ESK packet isn't much overhead. --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From jh at jameshoward.us Mon Jul 27 17:15:53 2009 From: jh at jameshoward.us (James P. Howard, II) Date: Mon, 27 Jul 2009 11:15:53 -0400 Subject: Encryption keys in the OpenPGP spec In-Reply-To: References: <4A6D058B.7090302@jameshoward.us> Message-ID: <4A6DC4A9.7000408@jameshoward.us> On Sun Jul 26 2009 23:09:18 GMT-0400 (EST) , David Shaw wrote: > Because it is difficult (or nearly impossible) to determine the > difference from the perspective of GnuPG. That is, I as a person > know what I'm encrypting and what I plan on doing with it, but GnuPG > just sees bits. As a general-purpose OpenPGP tool, GnuPG pretty much > needs to treat both communications and storage as the same thing. > Other tools for more specific environments may "know" what their > usage is and can treat this differently. > > This is expected behavior - the OpenPGP standard even mentions it: > > Note however, that it is a thorny issue to determine what is > "communications" and what is "storage". This decision is left wholly > up to the implementation; the authors of this document do not claim > any special wisdom on the issue and realize that accepted opinion may > change. I noticed this, too. But since I also do not claim any special wisdom on the issue, I was hoping someone would. Since we all seem to agree that communication and storage is difficult to distinguish, can someone suggest why different keys may be desired in different circumstances? James -- James P. Howard, II, MPA jh at jameshoward.us -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 163 bytes Desc: OpenPGP digital signature URL: From dshaw at jabberwocky.com Mon Jul 27 17:35:38 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Mon, 27 Jul 2009 11:35:38 -0400 Subject: Encryption keys in the OpenPGP spec In-Reply-To: <4A6DC4A9.7000408@jameshoward.us> References: <4A6D058B.7090302@jameshoward.us> <4A6DC4A9.7000408@jameshoward.us> Message-ID: <94072F72-1813-4B27-BB7A-50EF48DA9271@jabberwocky.com> On Jul 27, 2009, at 11:15 AM, James P. Howard, II wrote: > On Sun Jul 26 2009 23:09:18 GMT-0400 (EST) , David Shaw > wrote: > >> Because it is difficult (or nearly impossible) to determine the >> difference from the perspective of GnuPG. That is, I as a person >> know what I'm encrypting and what I plan on doing with it, but GnuPG >> just sees bits. As a general-purpose OpenPGP tool, GnuPG pretty much >> needs to treat both communications and storage as the same thing. >> Other tools for more specific environments may "know" what their >> usage is and can treat this differently. >> >> This is expected behavior - the OpenPGP standard even mentions it: >> >> Note however, that it is a thorny issue to determine what is >> "communications" and what is "storage". This decision is left wholly >> up to the implementation; the authors of this document do not claim >> any special wisdom on the issue and realize that accepted opinion may >> change. > > I noticed this, too. But since I also do not claim any special wisdom > on the issue, I was hoping someone would. Since we all seem to agree > that communication and storage is difficult to distinguish, can > someone > suggest why different keys may be desired in different circumstances? As one of the authors of the document, I have already disclaimed any special wisdom ;) A contrived example: say you are in an environment where you do both email (communications) and archiving data (storage). You make a new email (i.e. communications) subkey every year or so because you take that key with you and want to make sure any exposure is limited. You only make a new archiving (i.e. storage) subkey every 10 years because of the inconvenience. Given those two use cases, you'd want the ability to differentiate. A better answer is that the ability is there in the standard as a tool in the toolbox. Whether the need to differentiate comes for legal reasons (long-term storage needing a particular key type or size as per regulation), or for convenience (as in my example), or for some other reason altogether doesn't matter. The ability is in the standard in case someone wants to make use of it. David From hamilric at us.ibm.com Mon Jul 27 20:07:48 2009 From: hamilric at us.ibm.com (Richard Hamilton) Date: Mon, 27 Jul 2009 12:07:48 -0600 Subject: AUTO: Richard Hamilton is out of the office (returning 07/28/2009) Message-ID: I am out of the office until 07/28/2009. I am out of the office until July 28th 2009. If this is a production problem, please call the solution center at 918-573-2336 or email Bob Olson at Robert.Olson at williams.com. I will have limited mail and cell phone access. Note: This is an automated response to your message "Re: IT Department having the secure key." sent on 7/27/09 8:54:20. This is the only notification you will receive while this person is away. -------------- next part -------------- An HTML attachment was scrubbed... URL: From faramir.cl at gmail.com Mon Jul 27 19:50:11 2009 From: faramir.cl at gmail.com (Faramir) Date: Mon, 27 Jul 2009 13:50:11 -0400 Subject: IT Department having the secure key. In-Reply-To: <24668288.post@talk.nabble.com> References: <24668288.post@talk.nabble.com> Message-ID: <4A6DE8D3.30209@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 arcintl escribi?: ... > First: if the user creates a key and then leaves the company. assuming > he/she didnt tell anyone the pass phrase and was the only key used, are > those files locked for ever? Right, without access to the secret key, it is not possible to decrypt the files. > if this is so my idea was the IT department (i.e. me) create the keys for > all my users and use a complete random password for all, then backup those > keys. then issue them to the user and allow them to change the pass phrase > to something they prefer. then if the user leaves we can use the originally > backed up key with the original password to decrypt the files they > encrypted. I think that is called key escrow. To prevent abuse on the backup, maybe you can keep it encrypted with symmetric encryption, and maybe use a secret sharing scheme, like Shamir's Secret Sharing Scheme Take a look at http://point-at-infinity.org/ssss/ and at http://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing > will this work? i know it may sound like a security risk and ruin the whole > point of encrypting in the first place but this is the only way i can think > of safe gaurding the companies data (not users data). Well, I think while the backup is stored safely, it would not be too risky... but what if the one knowing the passphrase of the backup leaves the company? That's why I suggested using something like SSSS. > Also have another question. > > if a users key is compromised i.e. someone knows their pass phrase. should > the user just change the pass phrase or should a new key be generated? and > if a new key is needed will all the files that were encrypted with the old > key be in danger of be decrypted or be totally useless without the old key? I think (but I may be wrong) that it is suggested to revoke the key and generate a new one, just in case. By the way, it is a good idea to don't delete revoked keys, they will be needed to decrypt files (or messages) encrypted to that old key... Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJKbejTAAoJEMV4f6PvczxAEzEH/3loCsEgj053rh7dczJ6Anpl rVM8hRjbYuRReCbUx7KUrMyXJ3I5uB3I2k3xOE3a0q0VnGgdsG7IAxqdJrJLk+w/ gJBbk+y+3lCGoQu+McbMUwu00e5zQ5uRWGReeuyqCTOrQgFo1I5qzG0hC0L5UAw8 wu0SM5u4fhX7YTnrKOyK3Z5yE3LXWI5C0UT4CL9wJoVeYqPdYVuLyduRKRUdegUj /5aBUSiMnq4QLeQfxlLu4DO8MWL5cd9VyiY7loBxNKklhInhWfmclm1UebuRJzj/ mMM2uVjBBzaLQ7HJKvPSGwoLcZ+bJjlUdtDxPHgPY3TTjIxiokRtgA/sBKPbDc0= =wwTp -----END PGP SIGNATURE----- From jan.suhr at privacyfoundation.de Wed Jul 29 17:14:04 2009 From: jan.suhr at privacyfoundation.de (Jan Suhr) Date: Wed, 29 Jul 2009 17:14:04 +0200 Subject: Changing GPG's default key type? Message-ID: <4A70673C.2050506@privacyfoundation.de> For my understanding GnuPG is standard conform and creates a "DSA primary key (1024 bits - not "DSA2") with an Elgamal subkey per default." It was discussed in May to change this standard to 2048-bit RSA key: http://www.imc.org/ietf-openpgp/mail-archive/msg33227.html I am planing to create some new keys which will be used for the next couple of years. Therefore I am wondering if it is a good idea to create 2048-bit RSA keys already although it is not standard (yet). So potentially it could cause incompatibility issues. I suppose most of the correspondents (>90%) use GnuPG and thus should not have any problems with the keys. Do you have further information about the coming standard key type? Are there any other obstacles or implications to consider and what is your advice? Thanks and regards Jan From addw at phcomp.co.uk Wed Jul 29 11:27:09 2009 From: addw at phcomp.co.uk (Alain Williams) Date: Wed, 29 Jul 2009 10:27:09 +0100 Subject: gpg - what are the strange characters ? Message-ID: <20090729092709.GP23052@phcomp.co.uk> I have been generating GPG keys, when it does it GPG prints out strings of '+.-<>' (see below). What are these characters, I can see that it is trying to show progress, but what do the different characters mean ? I am running CentOS 5, so the version of gnupg is 1.4.5 I did have a look at the source. My first mistake was to download the latest version, the messages that I was looking for to locate it were in gnypg-1.4 and there abouts, but not in gnupg-2.0.7. Well: the meanings are progress and the characters mean different things depending on what sort of encryption algorithm you have chosen and quite what that is doing at the moment... things that not very clear (to me at least). elgamal: . when it gets some random bits. when generating a key ''Generate a random secret exponent k from prime p, so that k is relatively prime to p-1.'' + k < (p-1) - k > 0 . k is relatively prime to (p-1) dsa: . when it gets some random bits. Generate a random secret exponent k less than q + k < q - k > 0 primegen: ! allocate new primes - goto next try > nprime < pbits 20 times < nprime > pbits 20 times ^ iteration of loop creating a generator . (o/p several places), not a prime, failed 10 times at finding a prime : Starting with a new random value + May be a prime The above lack of understanding not helped by the sparse commenting techniques used in the code :-( All in the cipher/ directory. Does what I learned leave me any the wiser ? Not at all. Do take the above with a shovel full of salt. If anyone can show me to be wrong: a) I would not be surprised b) I would be interested in a clearer description of what is going on Regards We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. +++++++++++++++.+++++..+++++.+++++.++++++++++.+++++.....++++++++++.+++++.+++++++++++++++.++++++++++++++++++++++++++++++.++++++++++.+++++++++++++++>.++++++++++.>+++++.......................<+++++.........+++++ Not enough random bytes available. Please do some other work to give the OS a chance to collect more entropy! (Need 283 more bytes) We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. +++++++++++++++.+++++++++++++++++++++++++.+++++..+++++..++++++++++.++++++++++.+++++.++++++++++.+++++.++++++++++.+++++++++++++++.++++++++++..+++++.++++++++++.+++++>++++++++++....>.+++++.................+++++^^^ -- Alain Williams Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 http://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: http://www.phcomp.co.uk/contact.php Past chairman of UKUUG: http://www.ukuug.org/ #include From ml at mareichelt.de Thu Jul 30 14:14:27 2009 From: ml at mareichelt.de (markus reichelt) Date: Thu, 30 Jul 2009 14:14:27 +0200 Subject: FYI: Keysigning Party at FrOSCon 2009 in Sankt Augustin (August 22nd) Message-ID: <20090730121427.GA19201@tatooine.rebelbase.local> Hi, for those interested, there's going to be a keysigning party at FrOSCon 2009 in Sankt Augustin on August 22nd, 12:30h: http://ksp.froscon.org/ Deadline for key submission is Thursday, August 20th 2009. More info about the conference is online at http://www.froscon.org/ -- left blank, right bald -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: not available URL: From bmearns at ieee.org Thu Jul 30 14:33:40 2009 From: bmearns at ieee.org (Brian Mearns) Date: Thu, 30 Jul 2009 08:33:40 -0400 Subject: Public key crypto by hand Message-ID: <4df3a1330907300533l611a55a6yb0a31b18f2f088b5@mail.gmail.com> Sorry, this is a bit of topic. But I wonder if anyone knows of a public key system that can realistically be done by pencil and paper. I realize anything a computer can calculate could conceivably be done by hand, but I'm looking for something realistic. I don't consider raising very large numbers to very large powers realistic. Thanks, -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net From hrickards at l33tmyst.com Thu Jul 30 14:44:18 2009 From: hrickards at l33tmyst.com (Harry Rickards) Date: Thu, 30 Jul 2009 13:44:18 +0100 Subject: Public key crypto by hand In-Reply-To: <4df3a1330907300533l611a55a6yb0a31b18f2f088b5@mail.gmail.com> References: <4df3a1330907300533l611a55a6yb0a31b18f2f088b5@mail.gmail.com> Message-ID: <4A7195A2.8090400@l33tmyst.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Brian Mearns wrote: > Sorry, this is a bit of topic. But I wonder if anyone knows of a > public key system that can realistically be done by pencil and paper. > I realize anything a computer can calculate could conceivably be done > by hand, but I'm looking for something realistic. I don't consider > raising very large numbers to very large powers realistic. > > Thanks, > -Brian > I asked the same thing (I think it was this list) a couple of months ago. The best thing I found was http://sergematovic.tripod.com/rsa1.html. - -- Thanks Harry Rickards GPG Key Info: pub 1024R/58449F6F 2009-06-12 uid Harry Rickards (OpenPGP Card) sub 1024R/D775CCEE 2009-06-12 sub 1024R/9394048C 2009-06-12 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iJwEAQECAAYFAkpxlaIACgkQ+9DWHFhEn2/RMQP+Ou+X1dIN/9ccehw/mcm3N0o6 3uj/oncb9L8NaAopOR0HyiGxU5DV3/k94WBde1ThYn+WS77O7TjkPLfhLRNfFaxz jTAXiMKW583KmwI9A/tB2i3AAulyz/T0noogOsE4relLRTJPsxuDsFGx4yP/6WpZ Ppu3KHecMQJ6okHe4JY= =fJKj -----END PGP SIGNATURE----- From rjh at sixdemonbag.org Thu Jul 30 14:45:19 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 30 Jul 2009 08:45:19 -0400 Subject: Public key crypto by hand In-Reply-To: <4df3a1330907300533l611a55a6yb0a31b18f2f088b5@mail.gmail.com> References: <4df3a1330907300533l611a55a6yb0a31b18f2f088b5@mail.gmail.com> Message-ID: > Sorry, this is a bit of topic. But I wonder if anyone knows of a > public key system that can realistically be done by pencil and paper. > I realize anything a computer can calculate could conceivably be done > by hand, but I'm looking for something realistic. I don't consider > raising very large numbers to very large powers realistic. I am aware of none, and there are some good theoretical reasons to think there are none. That said, beware of all theories: when theory conflicts with the real world, theory must give way. From bmearns at ieee.org Thu Jul 30 15:30:47 2009 From: bmearns at ieee.org (Brian Mearns) Date: Thu, 30 Jul 2009 09:30:47 -0400 Subject: Public key crypto by hand In-Reply-To: <4A7195A2.8090400@l33tmyst.com> References: <4df3a1330907300533l611a55a6yb0a31b18f2f088b5@mail.gmail.com> <4A7195A2.8090400@l33tmyst.com> Message-ID: <4df3a1330907300630t23ade90bw7e2e77ac0e55670a@mail.gmail.com> On Thu, Jul 30, 2009 at 8:44 AM, Harry Rickards wrote: [clipped 7/30/2009 9:26:46 AM] > Brian Mearns wrote: >> Sorry, this is a bit of topic. But I wonder if anyone knows of a >> public key system that can realistically be done by pencil and paper. >> I realize anything a computer can calculate could conceivably be done >> by hand, but I'm looking for something realistic. I don't consider >> raising very large numbers to very large powers realistic. >> >> Thanks, >> -Brian >> > I asked the same thing (I think it was this list) a couple of months > ago. The best thing I found was http://sergematovic.tripod.com/rsa1.html. > > - -- > Thanks > Harry Rickards > > GPG Key Info: > pub 1024R/58449F6F 2009-06-12 > uid Harry Rickards (OpenPGP Card) > sub 1024R/D775CCEE 2009-06-12 > sub 1024R/9394048C 2009-06-12 [clipped 7/30/2009 9:26:58 AM] -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thanks, Harry. Interesting page, but I don't think primes on the order of 3 and 11 really qualify as secure, which was pretty much what I figured would be the case: anything that can reasonably be done by hand wouldn't be secure. Oh well. Pad locks it is. =) - -Brian - -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) iQEcBAEBAgAGBQJKcaBhAAoJEHOUulIkSI7cauYH/0aKd4ytkq7Fq5jxemSREbsg laK1AmG28cNi+JDUxdshMsVfz7QjBw9WmENq9VvcaxkHRynN05hT3f7z4upnbSfq EbLyqDZJsn2B5iTFJt008+09GMiZBUCnwDrh5MQpxeWWKxdM0NXuJZRmCIpMCzZ6 wZUxpZ1ce7Yx1PsdpVtq5XwFBvFweF9qAwoXl7tWpdUwD03SmrO/ntv/WMLc3cNE 2ZQzkPhmufG8XhYxSeQ+72ftD1dSKKWlYjqCic8va9J6mWsw6wEGJjZ5bLXdP9c+ kzrCiKJPjlaJzScrC5NdzfDoGXVCvIQDxG7W9ZbWFgtxPpTCI6PHwFiK79Im1kw= =otX/ -----END PGP SIGNATURE----- From dave.smith at st.com Thu Jul 30 15:57:06 2009 From: dave.smith at st.com (David SMITH) Date: Thu, 30 Jul 2009 14:57:06 +0100 Subject: Public key crypto by hand In-Reply-To: <4df3a1330907300630t23ade90bw7e2e77ac0e55670a@mail.gmail.com> References: <4df3a1330907300533l611a55a6yb0a31b18f2f088b5@mail.gmail.com> <4A7195A2.8090400@l33tmyst.com> <4df3a1330907300630t23ade90bw7e2e77ac0e55670a@mail.gmail.com> Message-ID: <20090730135706.GQ21517@bristol.st.com> On Thu, Jul 30, 2009 at 09:30:47AM -0400, Brian Mearns wrote: > Thanks, Harry. Interesting page, but I don't think primes on the > order of 3 and 11 really qualify as secure, which was pretty much > what I figured would be the case: anything that can reasonably be > done by hand wouldn't be secure. Your answer implies that you are looking for something that you would actually use, rather than just a pen-and-paper demo for instruction purposes. In this case, whilst it's not exactly "public key cryptography", even the simplest algorithms are cryptographically secure with a one-time pad. Of course, you then have the key exchange problem. -- David Smith | Tel: +44 (0)1454 462380 Home: +44 (0)1454 616963 STMicroelectronics | Fax: +44 (0)1454 462305 Mobile: +44 (0)7932 642724 1000 Aztec West | TINA: 065 2380 GPG Key: 0xF13192F2 Almondsbury | Work Email: Dave.Smith at st.com BRISTOL, BS32 4SQ | Home Email: David.Smith at ds-electronics.co.uk From schot at A-Eskwadraat.nl Thu Jul 30 16:24:52 2009 From: schot at A-Eskwadraat.nl (Jeroen Schot) Date: Thu, 30 Jul 2009 16:24:52 +0200 Subject: WHIRLPOOL patch for GnuPG 2 Message-ID: <20090730142452.GA27652@A-Eskwadraat.nl> Hi, Some time ago there was a question about support for the WHIRLPOOL hash in GnuPG. I thought it wouldn't be to difficult since libgcrypt already implements WHIRLPOOL. Attached is a patch against the current svn (r5101). If it gets mangled by the mailing list it is also available as download[1]. [1]: http://schot.a-eskwadraat.nl/files/gpg-r5101-whirlpool.diff Regards, -- Jeroen Schot -------------- next part -------------- A non-text attachment was scrubbed... Name: gpg-r5101-whirlpool.diff Type: text/x-diff Size: 22362 bytes Desc: not available URL: From vedaal at hush.com Thu Jul 30 17:37:02 2009 From: vedaal at hush.com (vedaal at hush.com) Date: Thu, 30 Jul 2009 11:37:02 -0400 Subject: Public key crypto by hand Message-ID: <20090730153702.3FF41B8056@smtp.hushmail.com> Brian Mearns wrote: >if anyone knows of a >public key system that can realistically be done by pencil and paper ... >anything that can reasonably be >done by hand wouldn't be secure. >Oh well. Pad locks it is. =) don't know of any 'public key' systems, but there are 'by hand' systems that are described as secure http://www.schneier.com/solitaire.html the problems with a 'by hand' system are: - getting a sufficiently 'random' key, - being able to share it with a correspondent, - and being able to change it with each message try asking on sci.crypt David Wagner is a respected cryptographer who occasionally answers interesting crypto questions for the other posters there, some are very helpful and some are not at all and some vary ... ;-) vedaal any ads or links below this message are added by hushmail without my endorsement or awareness of the nature of the link From rjh at sixdemonbag.org Thu Jul 30 19:44:10 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 30 Jul 2009 13:44:10 -0400 Subject: Public key crypto by hand In-Reply-To: <20090730153702.3FF41B8056@smtp.hushmail.com> References: <20090730153702.3FF41B8056@smtp.hushmail.com> Message-ID: > don't know of any 'public key' systems, > but there are 'by hand' systems that are described as secure > > http://www.schneier.com/solitaire.html We've known since '99 that Solitaire is weak, thanks to the work of Paul Crowley. From gerry.lowry at abilitybusinesscomputerservices.com Thu Jul 30 19:55:26 2009 From: gerry.lowry at abilitybusinesscomputerservices.com (gerry_lowry (alliston ontario canada (705) 250-0112)) Date: Thu, 30 Jul 2009 13:55:26 -0400 Subject: Public key crypto by hand References: <20090730153702.3FF41B8056@smtp.hushmail.com> Message-ID: <204068B4B81C4D82B90DC5D77D448A65@zentrumvegan> http://www.schneier.com/solitaire.html "solitaire" is done with cards, it was used by two men in jail, both characters in Neal Stephenson's "Cryptonomicon" ... imo a novel worth reading ... Bruce Schneier invented the game at Stephenson's request AFAIK. gerry From gerry.lowry at abilitybusinesscomputerservices.com Thu Jul 30 20:02:54 2009 From: gerry.lowry at abilitybusinesscomputerservices.com (gerry_lowry (alliston ontario canada (705) 250-0112)) Date: Thu, 30 Jul 2009 14:02:54 -0400 Subject: Public key crypto by hand References: <20090730153702.3FF41B8056@smtp.hushmail.com> Message-ID: <52967463A990498B99CFF61D777FA25A@zentrumvegan> Robert wrote in part that "We've known since '99 that Solitaire is weak, thanks to the work of Paul Crowley". It was, however, sufficient as a plot device in "Cryptonomicon". Even simple systems like pig-latin are sufficient as long as they are more sophisticated than those from whom one wishes to safeguard information. From mearns.b at gmail.com Thu Jul 30 20:12:45 2009 From: mearns.b at gmail.com (Brian Mearns) Date: Thu, 30 Jul 2009 14:12:45 -0400 Subject: Public key crypto by hand In-Reply-To: <4df3a1330907301106n5cf2418dtaea4abd0f6256ffe@mail.gmail.com> References: <20090730153702.3FF41B8056@smtp.hushmail.com> <52967463A990498B99CFF61D777FA25A@zentrumvegan> <4df3a1330907301106n5cf2418dtaea4abd0f6256ffe@mail.gmail.com> Message-ID: <4df3a1330907301112k79b4c049o5b707cd1a5334b46@mail.gmail.com> On Thu, Jul 30, 2009 at 2:06 PM, Brian Mearns wrote: > On Thu, Jul 30, 2009 at 2:02 PM, gerry_lowry (alliston ontario canada > (705) 250-0112) > wrote: >> Robert wrote in part that ?"We've known since '99 that Solitaire is weak, thanks to the work of Paul Crowley". >> >> It was, however, sufficient as a plot device in "Cryptonomicon". >> >> Even simple systems like pig-latin are sufficient as long as they are more sophisticated than those >> from whom one wishes to safeguard information. >> > > Thanks, Gerry. I'm familiar with the system and the book (which was > excellent). But Bruce Schneier still claims on this site that the > cipher is reasonable strong, and now that I've heard otherwise I'm > seeking more information. > > -Brian > Replying to myself, I found Crowley's site detailing the bias in solitaire: http://www.ciphergoth.org/crypto/solitaire/ I only really have a basic understanding of crypto, nothing deeply mathematical enough to understand how this actually effects the strength of the cipher. Would anyone care to explain this at all? Thanks, -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net From rjh at sixdemonbag.org Thu Jul 30 20:04:37 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 30 Jul 2009 14:04:37 -0400 Subject: Public key crypto by hand In-Reply-To: <204068B4B81C4D82B90DC5D77D448A65@zentrumvegan> References: <20090730153702.3FF41B8056@smtp.hushmail.com> <204068B4B81C4D82B90DC5D77D448A65@zentrumvegan> Message-ID: <3E47859A-BD4C-40DE-97DD-65A7AF3B9360@sixdemonbag.org> > "solitaire" is done with cards, it was used by two men in jail, > both characters in Neal Stephenson's "Cryptonomicon" ... > imo a novel worth reading ... Bruce Schneier invented > the game at Stephenson's request AFAIK. Solitaire has some serious problems, and is not a public-key algorithm. The original poster specifically requested public-key algorithms, not conventional crypto which can be done by hand. From rjh at sixdemonbag.org Thu Jul 30 20:41:53 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 30 Jul 2009 14:41:53 -0400 Subject: Public key crypto by hand In-Reply-To: <52967463A990498B99CFF61D777FA25A@zentrumvegan> References: <20090730153702.3FF41B8056@smtp.hushmail.com> <52967463A990498B99CFF61D777FA25A@zentrumvegan> Message-ID: <5C5BB126-83A5-46E5-B866-70D3DF61FB35@sixdemonbag.org> > Even simple systems like pig-latin are sufficient as long as they > are more sophisticated than those > from whom one wishes to safeguard information. The danger comes from assuming you're more sophisticated than the people who want your information. From vedaal at hush.com Thu Jul 30 22:17:19 2009 From: vedaal at hush.com (vedaal at hush.com) Date: Thu, 30 Jul 2009 16:17:19 -0400 Subject: new AES 256 vulnerability Message-ID: <20090730201719.81D71B8056@smtp.hushmail.com> a new attack has been found against AES - 256 http://www.schneier.com/blog/archives/2009/07/another_new_aes.html it only works against 10 round AES-256 (which normally has 16 rounds) (am not overly worried, still use IDEA when encrypting for diehard pgp2.x e-mailers, and that has 5 of 8 rounds broken ;-) )) but as AES is the default gnupg block cipher of choice, am just bringing it to people's attention here vedaal any ads or links below this message are added by hushmail without my endorsement or awareness of the nature of the link From rjh at sixdemonbag.org Thu Jul 30 22:27:52 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 30 Jul 2009 16:27:52 -0400 Subject: new AES 256 vulnerability In-Reply-To: <20090730201719.81D71B8056@smtp.hushmail.com> References: <20090730201719.81D71B8056@smtp.hushmail.com> Message-ID: <7EAECE48-02E3-4E74-B5A7-3D3A16024C4B@sixdemonbag.org> > (am not overly worried, > still use IDEA when encrypting for diehard pgp2.x e-mailers, and > that has 5 of 8 rounds broken ;-) )) 6. From gerry.lowry at abilitybusinesscomputerservices.com Thu Jul 30 22:35:54 2009 From: gerry.lowry at abilitybusinesscomputerservices.com (gerry_lowry (alliston ontario canada (705) 250-0112)) Date: Thu, 30 Jul 2009 16:35:54 -0400 Subject: Public key crypto by hand References: <20090730153702.3FF41B8056@smtp.hushmail.com> <52967463A990498B99CFF61D777FA25A@zentrumvegan> <5C5BB126-83A5-46E5-B866-70D3DF61FB35@sixdemonbag.org> Message-ID: Robert, you are absolutely 100% correct when you write: "The danger comes from assuming you're more sophisticated than the people who want your information." The television show "So you think you are smarter than a fifth grader" proves your point time and time again. g. From dshaw at jabberwocky.com Thu Jul 30 22:46:10 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Thu, 30 Jul 2009 16:46:10 -0400 Subject: new AES 256 vulnerability In-Reply-To: <20090730201719.81D71B8056@smtp.hushmail.com> References: <20090730201719.81D71B8056@smtp.hushmail.com> Message-ID: <26C0C86E-3D3A-4669-A375-339D511F61C8@jabberwocky.com> On Jul 30, 2009, at 4:17 PM, vedaal at hush.com wrote: > a new attack has been found against AES - 256 > > http://www.schneier.com/blog/archives/2009/07/another_new_aes.html > > it only works against 10 round AES-256 (which normally has 16 > rounds) It breaks 11 rounds of 14. David From allen.schultz at gmail.com Thu Jul 30 23:09:32 2009 From: allen.schultz at gmail.com (Allen Schultz) Date: Thu, 30 Jul 2009 15:09:32 -0600 Subject: GPGShell caught with malware? Message-ID: <3f34f8420907301409i64766c15v6a3e28f7d72096c4@mail.gmail.com> I recently installed Comodo AntiVirus and it said that GPGShell had a malware called "daisy-2297 at 31780980". But could not find any details about this. Is there a GPGShell like program that does the same job as GPGShell? Allen From ml at mareichelt.de Thu Jul 30 23:41:27 2009 From: ml at mareichelt.de (markus reichelt) Date: Thu, 30 Jul 2009 23:41:27 +0200 Subject: new AES 256 vulnerability In-Reply-To: <7EAECE48-02E3-4E74-B5A7-3D3A16024C4B@sixdemonbag.org> References: <20090730201719.81D71B8056@smtp.hushmail.com> <7EAECE48-02E3-4E74-B5A7-3D3A16024C4B@sixdemonbag.org> Message-ID: <20090730214127.GK17083@tatooine.rebelbase.local> * "Robert J. Hansen" wrote: > >(am not overly worried, still use IDEA when encrypting for diehard > >pgp2.x e-mailers, and that has 5 of 8 rounds broken ;-) )) > > 6. 7 - raise? fold? -- left blank, right bald -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: not available URL: From lionel at mamane.lu Fri Jul 31 00:14:40 2009 From: lionel at mamane.lu (Lionel Elie Mamane) Date: Fri, 31 Jul 2009 00:14:40 +0200 Subject: Changing GPG's default key type? In-Reply-To: <4A70673C.2050506@privacyfoundation.de> References: <4A70673C.2050506@privacyfoundation.de> Message-ID: <20090730221440.GA16712@capsaicin.mamane.lu> On Wed, Jul 29, 2009 at 05:14:04PM +0200, Jan Suhr wrote: > For my understanding GnuPG is standard conform and creates a "DSA > primary key (1024 bits - not "DSA2") with an Elgamal subkey per > default." > It was discussed in May to change this standard to 2048-bit RSA key: > http://www.imc.org/ietf-openpgp/mail-archive/msg33227.html > I am planing to create some new keys which will be used for the next > couple of years. Therefore I am wondering if it is a good idea to > create 2048-bit RSA keys already although it is not standard (yet). Yes, it is. RSA keys are marginally safer, and in my view of the world, DSA keys were introduced in the OpenPGP world (GnuPG and PGP and friends) only / mostly for historical reasons that don't apply anymore, namely that RSA was patented and DSA/DH/ElGamal was not (the patent had expired). The patent for RSA has now been expired for a few years (since 2003) and has actually been releases prior to expiration back in 2000. RSA keys are in very wide use nowadays. > So potentially it could cause incompatibility issues. Only people using rather old versions of GnuPG or PGP (from 1997-2000) will have any trouble with RSA keys. If they use GnuPG, they can install a plug-in that will enable RSA for them. I don't know if a similar option is available for PGP. > Do you have further information about the coming standard key type? > Are there any other obstacles or implications to consider and what > is your advice? For a key to be used only for a couple of years, it may not be worth the bother, but you can make it a bit stronger by following the directions in http://ekaia.org/blog/2009/05/10/creating-new-gpgkey/ http://www.debian-administration.org/users/dkg/weblog/48 The difference in security between not following these directions and following them may very well be irrelevant for you, because the weakest link in your security may be elsewhere (e.g. penetration of your computer or home). -- Lionel From rjh at sixdemonbag.org Fri Jul 31 01:06:08 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 30 Jul 2009 19:06:08 -0400 Subject: Changing GPG's default key type? In-Reply-To: <20090730221440.GA16712@capsaicin.mamane.lu> References: <4A70673C.2050506@privacyfoundation.de> <20090730221440.GA16712@capsaicin.mamane.lu> Message-ID: <53E67100-E349-4418-98FE-F88E59107611@sixdemonbag.org> > The patent for RSA has now been expired for a few > years (since 2003) The patent never expired. It was due to expire in September 2000; in August 2000 the patentholders released it into the public domain. Some people (myself included) think they did this in order to prevent the media coverage of patent-expiration celebrations. I was really looking forward to the party Network Associates (then the owner of PGP) was throwing, and then got cancelled. > Only people using rather old versions of GnuPG or PGP (from 1997-2000) > will have any trouble with RSA keys. If they use GnuPG, they can > install a plug-in that will enable RSA for them. I don't know if a > similar option is available for PGP. No; only people using OpenPGP applications that don't support RSA will have problems. This is potentially quite a lot of people. The last time I tallied it up there were at least ten different OpenPGP implementations, and some of them only support the bare minimum required. From gerry.lowry at abilitybusinesscomputerservices.com Fri Jul 31 01:57:42 2009 From: gerry.lowry at abilitybusinesscomputerservices.com (gerry-lowry (alliston ontario canada 705-250-0112)) Date: Thu, 30 Jul 2009 19:57:42 -0400 Subject: GPGShell caught with malware? In-Reply-To: <3f34f8420907301409i64766c15v6a3e28f7d72096c4@mail.gmail.com> References: <3f34f8420907301409i64766c15v6a3e28f7d72096c4@mail.gmail.com> Message-ID: <73E5BBF04BB64A8A9C4B6432D343BBDB@Musket.ca> Check a site like Symantec on how to send it to them ... AFAIK, they should be able to verify whether it's a real virus of just a false positive. gerry ----- Original Message ----- From: "Allen Schultz" To: "gnupg-users" Sent: Thursday, July 30, 2009 5:09 PM Subject: GPGShell caught with malware? I recently installed Comodo AntiVirus and it said that GPGShell had a malware called "daisy-2297 at 31780980". But could not find any details about this. Is there a GPGShell like program that does the same job as GPGShell? Allen From dkg at fifthhorseman.net Fri Jul 31 02:46:38 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Thu, 30 Jul 2009 20:46:38 -0400 Subject: list of OpenPGP implementations [was: Re: Changing GPG's default key type?] In-Reply-To: <53E67100-E349-4418-98FE-F88E59107611@sixdemonbag.org> References: <4A70673C.2050506@privacyfoundation.de> <20090730221440.GA16712@capsaicin.mamane.lu> <53E67100-E349-4418-98FE-F88E59107611@sixdemonbag.org> Message-ID: <4A723EEE.7000608@fifthhorseman.net> On 07/30/2009 07:06 PM, Robert J. Hansen wrote: > No; only people using OpenPGP applications that don't support RSA will > have problems. This is potentially quite a lot of people. The last > time I tallied it up there were at least ten different OpenPGP > implementations, and some of them only support the bare minimum required. Have you had the opportunity to publish this tally someplace? Even if it was out-of-date and lacked deployment estimates, it would be useful to have this information collected where folks could see it. --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From dkg at fifthhorseman.net Fri Jul 31 02:50:53 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Thu, 30 Jul 2009 20:50:53 -0400 Subject: gpg - what are the strange characters ? In-Reply-To: <20090729092709.GP23052@phcomp.co.uk> References: <20090729092709.GP23052@phcomp.co.uk> Message-ID: <4A723FED.4080809@fifthhorseman.net> Hi Alain-- On 07/29/2009 05:27 AM, Alain Williams wrote: > I have been generating GPG keys, when it does it GPG prints out strings of '+.-<>' (see below). > > What are these characters, I can see that it is trying to show progress, but what do > the different characters mean ? [...] > I did have a look at the source. You can find some documentation of the intended significance of this output in the file named DETAILS. look for the section called "Key generation". hth, --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From dshaw at jabberwocky.com Fri Jul 31 03:20:02 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Thu, 30 Jul 2009 21:20:02 -0400 Subject: Changing GPG's default key type? In-Reply-To: <53E67100-E349-4418-98FE-F88E59107611@sixdemonbag.org> References: <4A70673C.2050506@privacyfoundation.de> <20090730221440.GA16712@capsaicin.mamane.lu> <53E67100-E349-4418-98FE-F88E59107611@sixdemonbag.org> Message-ID: <01500646-124C-4069-A6CA-706254F8CAE6@jabberwocky.com> On Jul 30, 2009, at 7:06 PM, Robert J. Hansen wrote: > No; only people using OpenPGP applications that don't support RSA > will have problems. This is potentially quite a lot of people. The > last time I tallied it up there were at least ten different OpenPGP > implementations, and some of them only support the bare minimum > required. There is theory and then there is practice. In theory, there are some people who can't handle RSA as the standard doesn't require it. In practice (and especially given that the original poster commented that 90% of the people he plans on communicating with use GnuPG anyway), that number is vanishingly small. PGP in one form or another owns most of the OpenPGP market. GnuPG owns most of the rest. I wouldn't worry all that much. David From dshaw at jabberwocky.com Fri Jul 31 03:20:13 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Thu, 30 Jul 2009 21:20:13 -0400 Subject: Changing GPG's default key type? In-Reply-To: <4A70673C.2050506@privacyfoundation.de> References: <4A70673C.2050506@privacyfoundation.de> Message-ID: <5DAAAAFA-D2DC-49F5-A4B1-C91E2E21CFBB@jabberwocky.com> On Jul 29, 2009, at 11:14 AM, Jan Suhr wrote: > For my understanding GnuPG is standard conform and creates a "DSA > primary key (1024 bits - not "DSA2") with an Elgamal subkey per > default." > > It was discussed in May to change this standard to 2048-bit RSA key: > http://www.imc.org/ietf-openpgp/mail-archive/msg33227.html > > I am planing to create some new keys which will be used for the next > couple of years. Therefore I am wondering if it is a good idea to > create > 2048-bit RSA keys already although it is not standard (yet). So > potentially it could cause incompatibility issues. I suppose most of > the > correspondents (>90%) use GnuPG and thus should not have any problems > with the keys. > > Do you have further information about the coming standard key type? > Are > there any other obstacles or implications to consider and what is your > advice? There is nothing particularly special about the change. RSA keys are part of the OpenPGP standard just as DSA is. The difference is that DSA is a required part of the standard, and RSA is optional. The reasons behind this are at least partly historical, and no longer apply. Nevertheless, RSA is still optional. So yes, it is true that there could be an OpenPGP implementation out there that does not support RSA. In practice, however, I'd be very surprised if you had any problems. Even more so since you say that over 90% of your correspondents use GnuPG. Personally, I've used a RSA key since 2002 and have never had even a single instance of someone not being able to use my key because their OpenPGP program didn't implement RSA. In short, I wouldn't worry about it. Use either DSA or RSA, and you should be fine. David From rjh at sixdemonbag.org Fri Jul 31 03:23:51 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 30 Jul 2009 21:23:51 -0400 Subject: list of OpenPGP implementations [was: Re: Changing GPG's default key type?] In-Reply-To: <4A723EEE.7000608@fifthhorseman.net> References: <4A70673C.2050506@privacyfoundation.de> <20090730221440.GA16712@capsaicin.mamane.lu> <53E67100-E349-4418-98FE-F88E59107611@sixdemonbag.org> <4A723EEE.7000608@fifthhorseman.net> Message-ID: <58AAFB22-DCF2-4944-9B2A-87BB5B3F9884@sixdemonbag.org> > Have you had the opportunity to publish this tally someplace? Wikipedia has a pretty good list, last I checked. If you're really interested, check there; my list will not be as comprehensive. Deployment numbers are both hard to come by and misleading. GnuPG is probably overwhelmingly the largest, since it comes standard with pretty much every Linux distro; but there it's used principally for package authentication, and few people use it directly. By comparison, McAfee is a niche player, but they're pretty big in the enterprise -- when Network Associates sold off (abandoned) the PGP desktop suite, they retained the right to sell PGP to enterprise customers. Hence, McAfee may be a much bigger player than people think. From rjh at sixdemonbag.org Fri Jul 31 03:26:03 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 30 Jul 2009 21:26:03 -0400 Subject: Changing GPG's default key type? In-Reply-To: <01500646-124C-4069-A6CA-706254F8CAE6@jabberwocky.com> References: <4A70673C.2050506@privacyfoundation.de> <20090730221440.GA16712@capsaicin.mamane.lu> <53E67100-E349-4418-98FE-F88E59107611@sixdemonbag.org> <01500646-124C-4069-A6CA-706254F8CAE6@jabberwocky.com> Message-ID: <54FF60DD-9D1D-4B41-AF3B-D7703D2E3324@sixdemonbag.org> > There is theory and then there is practice. I missed the original poster's qualification that 90% of his correspondents used GnuPG. Given that, I'll agree with you on this: RSA won't be a problem. From dshaw at jabberwocky.com Fri Jul 31 03:51:52 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Thu, 30 Jul 2009 21:51:52 -0400 Subject: list of OpenPGP implementations [was: Re: Changing GPG's default key type?] In-Reply-To: <58AAFB22-DCF2-4944-9B2A-87BB5B3F9884@sixdemonbag.org> References: <4A70673C.2050506@privacyfoundation.de> <20090730221440.GA16712@capsaicin.mamane.lu> <53E67100-E349-4418-98FE-F88E59107611@sixdemonbag.org> <4A723EEE.7000608@fifthhorseman.net> <58AAFB22-DCF2-4944-9B2A-87BB5B3F9884@sixdemonbag.org> Message-ID: <03E26F8F-EEAB-463F-ACF0-711D815CBC06@jabberwocky.com> On Jul 30, 2009, at 9:23 PM, Robert J. Hansen wrote: > Hence, McAfee may be a much bigger player than people think. Is that an example of a potential problem implementation? Note that the McAfee product does support RSA (not surprising, given its ancestry). David From rjh at sixdemonbag.org Fri Jul 31 04:06:35 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Thu, 30 Jul 2009 22:06:35 -0400 Subject: list of OpenPGP implementations [was: Re: Changing GPG's default key type?] In-Reply-To: <03E26F8F-EEAB-463F-ACF0-711D815CBC06@jabberwocky.com> References: <4A70673C.2050506@privacyfoundation.de> <20090730221440.GA16712@capsaicin.mamane.lu> <53E67100-E349-4418-98FE-F88E59107611@sixdemonbag.org> <4A723EEE.7000608@fifthhorseman.net> <58AAFB22-DCF2-4944-9B2A-87BB5B3F9884@sixdemonbag.org> <03E26F8F-EEAB-463F-ACF0-711D815CBC06@jabberwocky.com> Message-ID: <2EBCC8E6-A20B-44E0-B72A-27BCBFA91290@sixdemonbag.org> > Is that an example of a potential problem implementation? Note that > the McAfee product does support RSA (not surprising, given its > ancestry). I don't know. There are a wide number of implementations with various degrees of conformance, RFC4880 is fairly new and there's no guarantee vendors have caught up with it, old systems continue to be used despite our wishes (look at how many 6.5.8 users are out there), and so forth and so forth. My judgment is that it's wise to keep some healthy skepticism about what optional bits of the spec are broadly-supported. I think the instant I tell someone "everything uses RSA," they're going to come back and say "well, my bank uses FooBarBazQuuzPGP, and they can't read my traffic," Murphy's Law being what it is and all. Reasonable people may certainly disagree with my judgment. :) From dshaw at jabberwocky.com Fri Jul 31 06:22:52 2009 From: dshaw at jabberwocky.com (David Shaw) Date: Fri, 31 Jul 2009 00:22:52 -0400 Subject: list of OpenPGP implementations [was: Re: Changing GPG's default key type?] In-Reply-To: <2EBCC8E6-A20B-44E0-B72A-27BCBFA91290@sixdemonbag.org> References: <4A70673C.2050506@privacyfoundation.de> <20090730221440.GA16712@capsaicin.mamane.lu> <53E67100-E349-4418-98FE-F88E59107611@sixdemonbag.org> <4A723EEE.7000608@fifthhorseman.net> <58AAFB22-DCF2-4944-9B2A-87BB5B3F9884@sixdemonbag.org> <03E26F8F-EEAB-463F-ACF0-711D815CBC06@jabberwocky.com> <2EBCC8E6-A20B-44E0-B72A-27BCBFA91290@sixdemonbag.org> Message-ID: <47BED05C-476C-4C3B-840D-1138D34DE22A@jabberwocky.com> On Jul 30, 2009, at 10:06 PM, Robert J. Hansen wrote: >> Is that an example of a potential problem implementation? Note >> that the McAfee product does support RSA (not surprising, given its >> ancestry). > > I don't know. > > There are a wide number of implementations with various degrees of > conformance, RFC4880 is fairly new and there's no guarantee vendors > have caught up with it, old systems continue to be used despite our > wishes (look at how many 6.5.8 users are out there), and so forth > and so forth. RSA was not added in RFC-4880. It dates back to PGP 5 (1997-ish), and was first formalized (in the RFC sense) in RFC-2440 in 1998. It's been in a RFC for 10+ years now. Of course, it's been optional for all that time as well. Your comment is similar to the logic that we used when deciding about making the RSA the new default key type: DSA-1024 wasn't cutting it any longer for both length reasons and also the inability to use larger hashes as it is locked to 160 bits (SHA-1 / RIPEMD160). The two best options we saw were either DSA2 by default (required by the spec, but only added in RFC-4880 and so not as widely supported as RSA), or RSA (not required by the spec, but very widely supported). A major reason we didn't choose DSA2 was because it wasn't widely supported enough. It turned out later that the PGP people made the same decision for their product, and I actually found one product that supports RSA but not DSA (yes, I know that makes them noncompliant, but nevertheless they do exist). Security (actually most things in engineering) is about balancing various competing interests and issues. Personally, I weigh the ability to use a larger key with a larger hash more than I do the knowledge that I might find some implementation that doesn't like my key someday (I haven't actually found such an implementation yet, but such an implementation could be written and be perfectly OpenPGP compliant). Others may not weigh things the same way, and GnuPG serves them as well - they can create whatever key type works for their particular balance. Incidentally, a nice side benefit of RSA is the ability to store a key on a smartcard. I wasn't a major fan of the previous generation of cards as you couldn't easily carry it with you unless you knew you had a smartcard reader where you were going. The new cards can be punched for use in a SIM type reader, so the card plus the reader is the same size as a USB "thumb drive" stick. The smaller form factor makes a dramatic improvement in the user experience for me. David From rjh at sixdemonbag.org Fri Jul 31 06:35:37 2009 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Fri, 31 Jul 2009 00:35:37 -0400 Subject: list of OpenPGP implementations [was: Re: Changing GPG's default key type?] In-Reply-To: <47BED05C-476C-4C3B-840D-1138D34DE22A@jabberwocky.com> References: <4A70673C.2050506@privacyfoundation.de> <20090730221440.GA16712@capsaicin.mamane.lu> <53E67100-E349-4418-98FE-F88E59107611@sixdemonbag.org> <4A723EEE.7000608@fifthhorseman.net> <58AAFB22-DCF2-4944-9B2A-87BB5B3F9884@sixdemonbag.org> <03E26F8F-EEAB-463F-ACF0-711D815CBC06@jabberwocky.com> <2EBCC8E6-A20B-44E0-B72A-27BCBFA91290@sixdemonbag.org> <47BED05C-476C-4C3B-840D-1138D34DE22A@jabberwocky.com> Message-ID: <78700A46-FC01-4415-8B45-CF37DD1CAEF1@sixdemonbag.org> > RSA was not added in RFC-4880. It dates back to PGP 5 (1997-ish), > and was first formalized (in the RFC sense) in RFC-2440 in 1998. > It's been in a RFC for 10+ years now. Of course, it's been optional > for all that time as well. Yes; it was more a general statement about why when talking about general interoperability with unknown clients I avoid optional bits or bits newly-added to the standard, rather than a statement about RSA's support in PGP. > Personally, I weigh the ability to use a larger key with a larger > hash more than I do the knowledge that I might find some > implementation that doesn't like my key someday (I haven't actually > found such an implementation yet, but such an implementation could > be written and be perfectly OpenPGP compliant). Generally, I agree with you. My own key is DSA2, for example. But I think that in the main, the advice of looking towards interoperability is a good one, especially if you don't know the capabilities of other clients. Reasonable people may certainly disagree with me on this. There's a strong case to be made that by shifting to new implementations pressure gets applied to users of outdated implementations to upgrade. From faramir.cl at gmail.com Fri Jul 31 07:48:52 2009 From: faramir.cl at gmail.com (Faramir) Date: Fri, 31 Jul 2009 01:48:52 -0400 Subject: GPGShell caught with malware? In-Reply-To: <3f34f8420907301409i64766c15v6a3e28f7d72096c4@mail.gmail.com> References: <3f34f8420907301409i64766c15v6a3e28f7d72096c4@mail.gmail.com> Message-ID: <4A7285C4.4050509@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Allen Schultz escribi?: > I recently installed Comodo AntiVirus and it said that GPGShell had a > malware called "daisy-2297 at 31780980". But could not find any details If I'm not wrong, Comodo Antivirus is the newest of their products, and I would expect some false positives from it. Was it the installer, or some of the installed files. There are websites running a battery of antiviruses, you submit the file and it is scaned with a lot of AVs. It it passes, I'd consider it a false positive. Of course it is always possible it is actually a virus, and Comodo AV the only AV capable of detecting it... > about this. Is there a GPGShell like program that does the same job as > GPGShell? There are several GUIs for gpg, like WinPT. I have not really tried them. Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJKcoXEAAoJEMV4f6PvczxAKXgH/idScujCbXSzDaygN7OO4Oud UyL35c8QUVAtaIPUaDoqwl6J8htcG3FThjPlYLkX3ZM74L1dOe7Yl5L/ol4Ho8uX n/b9h/SdSNZjgrMH9mAKFyfeL14+hAHiimXTtK/Vp76hI1arOGZa7ZBBQJf9u0se /33cQJRs7qVo35vR4Ipl2dlesy7fD5USB80z6cE4SMdUaMNLj7T6sQu7TWzr7hk5 tawvRXVVT2prXGv43fFeFG6xVzghSWJrLyQCm8NMGhJnlVUb3fKTCLjvuIFJLIf1 Z99LANE5kWTXpNTXVktFq2snNWXCVqWnaXQQMzUuJ5PsFPeYFYa9LIIRojU7jSU= =EKdM -----END PGP SIGNATURE----- From faramir.cl at gmail.com Fri Jul 31 08:12:09 2009 From: faramir.cl at gmail.com (Faramir) Date: Fri, 31 Jul 2009 02:12:09 -0400 Subject: GPGShell caught with malware? In-Reply-To: <73E5BBF04BB64A8A9C4B6432D343BBDB@Musket.ca> References: <3f34f8420907301409i64766c15v6a3e28f7d72096c4@mail.gmail.com> <73E5BBF04BB64A8A9C4B6432D343BBDB@Musket.ca> Message-ID: <4A728B39.4000804@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 gerry-lowry (alliston ontario canada 705-250-0112) escribi?: > Check a site like Symantec on how to send it to them ... AFAIK, they should be able to verify > whether it's a real virus of just a false positive. Take a look at http://virusscan.jotti.org/en I think it uses 21 different AVs to check the files... Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJKcos5AAoJEMV4f6PvczxAp0EH/R1wtFDuEIx7JwlnSGpz8etl QAZVKNrJbRSSTjZNoBWBXK7enwGDZX/p3AtOFhqTiBJr7HRhcL85cUxhWg82ayNp zWM78/abdxpFpGhMp53oMI2LzouWpGOrW3d1DKLlg+qWFlKLTk4O5v0lNmG7wFk6 nT68J6x/fntO1Qu8y1IuETcyPqh5h/t6bZ7oHBPlHP6Z83CWXzivKMok/JInlW3H 8aV0v9v2h4bjkQap+VKx0+zSCc20XSCd7gjYgjhUp9bqx2FKFWQUW1878J5TFqkk Q/N1Nj1pAASD12c7YQF4t35x/k/ab/OJc6rCsAsar/mbxj9ILV+LA7DZYxdT4fw= =guV/ -----END PGP SIGNATURE----- From henkdebruijn at gswot.org Fri Jul 31 08:48:21 2009 From: henkdebruijn at gswot.org (Henk M. de Bruijn) Date: Fri, 31 Jul 2009 08:48:21 +0200 Subject: GPGShell caught with malware? In-Reply-To: <3f34f8420907301409i64766c15v6a3e28f7d72096c4@mail.gmail.com> References: <3f34f8420907301409i64766c15v6a3e28f7d72096c4@mail.gmail.com> Message-ID: <1346255275.20090731084821@gswot.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Thu, 30 Jul 2009, at 15:09:32 [GMT -0600] (which was 23:09 where I live) Allen Schultz wrote: > I recently installed Comodo AntiVirus and it said that GPGShell had a > malware called "daisy-2297 at 31780980". But could not find any details > about this. Is there a GPGShell like program that does the same job as > GPGShell? I have never experienced anything like this. I am using Norton Internet Security 2009. - From which website did you download? - -- Met vriendelijke groet, Henk M. de Bruijn _________________________________________________________________________ The Bat! Natural Email System 4.2.9.4 on Microsoft? Windows Vista? Home Premium Versie 6.0.6001 Service Pack 1 Build 6001 Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz, 2333 MHz,4 core('s),4 logic processors AntispamSniper for The Bat! Pro 3.0.1.5 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10-svn-5099hm-29-07-2009 (x86_64-pc-Msys/MingW32) iQEcBAEBCAAGBQJKcpODAAoJEBHuy+60ZN0PuioH/0cR8QEwtuLnQIRV6ETTUzLv v5bAIn97l0+/5og4c6s03dOJ/q1kgjScn/MatwyB1sm26n7q8fKFTILFTm4r31IE d9/ErVTSqVo/aCHRRf89fdxCQaOcGp6bVhLBydvdXz3UknK+gdmDkBkQLcB92VIH +RbjHnAOdaBLczzuAodU2UfW3n7+wyydWUMTUAUY1P51TOwinArQsquFssTac3mD 5iA9AFmWHB1cK0EfmOpKduTBTJ1aMb4Zt6GYz78w2kZn3u9VBWWKK3GEPZhpFF59 nxyT6wRFJY78oLwiNmcB43yPjc+3dqq/WvcTCw+49Jjx4kDObGUgNXhUOZBFwBo= =r602 -----END PGP SIGNATURE----- From jmoore3rd at bellsouth.net Fri Jul 31 14:21:18 2009 From: jmoore3rd at bellsouth.net (John W. Moore III) Date: Fri, 31 Jul 2009 08:21:18 -0400 Subject: GPGShell caught with malware? In-Reply-To: <4A728B39.4000804@gmail.com> References: <3f34f8420907301409i64766c15v6a3e28f7d72096c4@mail.gmail.com> <73E5BBF04BB64A8A9C4B6432D343BBDB@Musket.ca> <4A728B39.4000804@gmail.com> Message-ID: <4A72E1BE.2050408@bellsouth.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Faramir wrote: > Take a look at http://virusscan.jotti.org/en > > I think it uses 21 different AVs to check the files... Virus Total is another multiple A/V site. Upload the suspect File and receive checks against 31 A/V engines. JOHN ;) Timestamp: Friday 31 Jul 2009, 08:21 --400 (Eastern Daylight Time) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10-svn5099: (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: http://www.gswot.org Comment: Personal Web Page: http://tinyurl.com/yzhbhx iQEcBAEBCgAGBQJKcuG8AAoJEBCGy9eAtCsPdyIH/0VLyolvlaLevv84T3F9kGDO J39GUblSozjGEtRVRT7jLBofy8hKxGiQ5fZgQfJmOffSWnOsjDitpUm8qZvvxdc6 ZfmYMB0MvZfFeRFI+ZYrB1kfFideWJ8ZGubc0LgKwzLzBaRYVUnaDAi+1djBpbi9 57poYwhh7CFgQ4OW6pbawNWSWvYlwqSVP3x1IBYw2ZEfGwB36CBI5TeqfymlbISR mWU7lZEpWKFpIFf6vMW3R9HRlvGLpOQDP+gcMjBe/CNN/7GcfOWOo78lKPb4Gn45 T6CjhWPZC6/9VHdIvGNlwLtB6JeBkeN0B6We8v/GNpBEbJP4fzblgYJV34WFt/k= =N8VJ -----END PGP SIGNATURE----- From george.reich at crowncork.com Fri Jul 31 15:21:31 2009 From: george.reich at crowncork.com (Reich, George) Date: Fri, 31 Jul 2009 09:21:31 -0400 Subject: latest stable version of GnuPG that decrypts Adobe PDF files Message-ID: <1622E7367DEDB448A71E24C6DAD8A91E0C8FA2A6@A901US71.crowncork.com> Hello, Can anyone suggest the latest stable version of GnuPG that successfully does decryption for Adobe PDF files? And if so, are there installation instructions for that version? Thanks, George Reich Crown Americas, LLC Electronic Business (215) 856-5446 -------------- next part -------------- An HTML attachment was scrubbed... URL: From patelritesh at gmail.com Fri Jul 31 21:40:07 2009 From: patelritesh at gmail.com (Ritesh Patel) Date: Fri, 31 Jul 2009 15:40:07 -0400 Subject: GnuPG 1.4.5 brokes my trustdb.gpg Message-ID: <78bab1780907311240g652585cfxa4e39841268f81c5@mail.gmail.com> Hello, I was using GnuPG 1.2.1. I have 15 keyrings setup using GnuPG 1.2.1 and I singed those users public key my my private key. I can successfully encrypt a message and send those user, if I use GnuPG 1.2.1. Now I upgraded GnuPG to 1.4.5. I can encrypt message using GnuPG 1.4.5 for those old keyrings and trustdb.gpg But when I try to setup new keyring for a new user (by importing client's public key in a new keyring), my all previous keyring and their trust gets broken. When I try to encrypt message for the previous client (who's keyring and trust are setup using 1.2.1) I get following error message: gpg: F5255893: There is no assurance this key belongs to the named user gpg: [stdin]: sign+encrypt failed: unusable public key Please help. thanks -------------- next part -------------- An HTML attachment was scrubbed... URL: From jbruni at me.com Fri Jul 31 22:43:34 2009 From: jbruni at me.com (Joseph Oreste Bruni) Date: Fri, 31 Jul 2009 13:43:34 -0700 Subject: GnuPG 1.4.5 brokes my trustdb.gpg In-Reply-To: <78bab1780907311240g652585cfxa4e39841268f81c5@mail.gmail.com> References: <78bab1780907311240g652585cfxa4e39841268f81c5@mail.gmail.com> Message-ID: <50720172674856588946434524326625921632-Webmail@me.com> You probably just need to set ultimate trust on your own key. Once you do that, all the keys you've signed should be considered valid. -Joe On Friday, July 31, 2009, at 12:40PM, "Ritesh Patel" wrote: >_______________________________________________ >Gnupg-users mailing list >Gnupg-users at gnupg.org >http://lists.gnupg.org/mailman/listinfo/gnupg-users > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From filosottile.carne.tritata at gmail.com Fri Jul 31 22:15:40 2009 From: filosottile.carne.tritata at gmail.com (FiloSottile) Date: Fri, 31 Jul 2009 22:15:40 +0200 Subject: Needed help Message-ID: <4A7350EC.40500@gmail.com> I have this situation pub 1024D/01A82A13 created: 2008-09-21 expires: mai utilizzo: SCA sub* 2048g/E159FB03 created: 2008-09-21 expires: mai utilizzo: E i have the secret key 01A82A13, but not E159FB03 what should i do? (replace subkey with other, remove it - the result is that i can't encrypt) what does SCA and E mean? how can i change them? Thanks, FiloSottile From dkg at fifthhorseman.net Fri Jul 31 23:51:07 2009 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Fri, 31 Jul 2009 17:51:07 -0400 Subject: Needed help In-Reply-To: <4A7350EC.40500@gmail.com> References: <4A7350EC.40500@gmail.com> Message-ID: <4A73674B.1010606@fifthhorseman.net> On 07/31/2009 04:15 PM, FiloSottile wrote: > I have this situation > > pub 1024D/01A82A13 created: 2008-09-21 expires: mai utilizzo: SCA > sub* 2048g/E159FB03 created: 2008-09-21 expires: mai utilizzo: E > > i have the secret key 01A82A13, but not E159FB03 > what should i do? (replace subkey with other, remove it - the result is > that i can't encrypt) Probably you mean to say that you are unable to decrypt, right? If you've lost the secret part of that subkey somehow, material encrypted to it is gone for good. But you can still move forward: Your best short-term bet is to revoke your subkey and add a new one. try: gpg --edit-key 01A82A13 then within that subshell, you're interested in the subcommands "revkey" and "addkey". Note that before you "revkey", you'll want to explictly select the subkey first. And when you addkey, you want to choose either "Elgamal (encrypt only)" or "RSA (encrypt only)" to make sure you make another encrpytion-capable subkey. So the commands you might want to run probably look something like: key 1 revkey addkey 6 Be sure to read and understand the prompts before committing to anything! when it's all done and you like the changes, do: save Finally, you'll want to publish the new subkey and the revocation of the old one: gpg --keyserver keys.gnupg.net --send 01A82A13 > what does SCA and E mean? how can i change them? These are Key Usage Flags. SCA means that your primary key is to be used only for the following activities: Signing (signing text and binary documents) Certifying (signing other people's key/userID bindings) Authentication (identifying you in some context, e.g. SSH) E measn that your subkey is to be used for Encrypted communications and/or storage. hth, --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 890 bytes Desc: OpenPGP digital signature URL: From judicaruso61 at yahoo.com Wed Jul 29 15:48:26 2009 From: judicaruso61 at yahoo.com (Judi Caruso) Date: Wed, 29 Jul 2009 09:48:26 -0400 Subject: Help with downloading GnuPG Message-ID: <4A70532A.40705@yahoo.com> Hi, I am taking an IT class and learning about encryption. We were given instructions to download the add on for Thunderbird/Windows Vista - GNUPG/Enigmail. Everywhere I have search has lead me to www.gnupg.org where I don't understand how to download in the binary fashion or what that means.. in terms of this program. I do not see a download button to click. I am sure it is something easy but I don't see it could you help me get started with a download for my computer... Thank You Judi Caruso From filippo at bovonesas.it Fri Jul 31 22:13:23 2009 From: filippo at bovonesas.it (Filippo V) Date: Fri, 31 Jul 2009 22:13:23 +0200 Subject: Needed help Message-ID: <4A735063.5010204@bovonesas.it> I have this situation pub 1024D/01A82A13 created: 2008-09-21 expires: mai utilizzo: SCA sub* 2048g/E159FB03 created: 2008-09-21 expires: mai utilizzo: E i have the secret key 01A82A13, but not E159FB03 what should i do? (replace subkey with other, remove it - the result is that i can't encrypt) what does SCA and E mean? how can i change them?