From julioesori at gmail.com  Sun May  1 05:34:01 2011
From: julioesori at gmail.com (insightfulmac)
Date: Sat, 30 Apr 2011 20:34:01 -0700 (PDT)
Subject: How to open Windows GPG encrypted files on Mac OS X
In-Reply-To: <31510136.post@talk.nabble.com>
References: <31510136.post@talk.nabble.com>
Message-ID: <31515316.post@talk.nabble.com>



Hi, All,

First of all, thanks for the answers!

After reviewing all answers, I have solved my problem! As Charly correctly
pointed out, there is a slightly difference between TXT files from Mac OS X
and Windows (basically Windows end-of-line is /R/F and Mac is /F)... As a
newbie in Mac OS X, I didn't know that...

The solution was to "convert" the Windows TXT file to the Mac OS X TXT
format. Then, GPGServices worked perfectly!

By the way: GPGServices is a very elegant solution! Better and simpler than
all frontends I have used in order to decrypt files in Windows...

Best regards!


insightfulmac wrote:
> 
> Hi,
> 
> I have been using GPG for Windows for some years. Recently I've bought a
> Mac. I've installed the GPG for Mac OSX, but the problem is that I am not
> able to open the old GPG for Windows encrypted files.
> 
> I have installed the GPGServices, so what I do is: open the Windows
> encrypted files on Mac using the TextWrangler text editor, selecting the
> encrypted text and choosing Services->OpenPGP Decrypt.
> 
> However, I always receive the following error: "Decryption failed. No
> decryptable text was found within the selection".
> 
> Does anyone know how can I decrypt Windows-GPG encrypted files on Mac OS
> X?
> 
> Thanks!!!!
> 

-- 
View this message in context: http://old.nabble.com/How-to-open-Windows-GPG-encrypted-files-on-Mac-OS-X-tp31510136p31515316.html
Sent from the GnuPG - User mailing list archive at Nabble.com.



From gnupg.user at seibercom.net  Sun May  1 13:58:07 2011
From: gnupg.user at seibercom.net (Jerry)
Date: Sun, 1 May 2011 07:58:07 -0400
Subject: How to open Windows GPG encrypted files on Mac OS X
In-Reply-To: <31515316.post@talk.nabble.com>
References: <31510136.post@talk.nabble.com>
	<31515316.post@talk.nabble.com>
Message-ID: <20110501075807.11ccfac3@scorpio>

On Sat, 30 Apr 2011 20:34:01 -0700 (PDT)
insightfulmac <julioesori at gmail.com> articulated:

> insightfulmac wrote:
> > 
> > Hi,
> > 
> > I have been using GPG for Windows for some years. Recently I've
> > bought a Mac. I've installed the GPG for Mac OSX, but the problem
> > is that I am not able to open the old GPG for Windows encrypted
> > files.
> > 
> > I have installed the GPGServices, so what I do is: open the Windows
> > encrypted files on Mac using the TextWrangler text editor,
> > selecting the encrypted text and choosing Services->OpenPGP Decrypt.
> > 
> > However, I always receive the following error: "Decryption failed.
> > No decryptable text was found within the selection".
> > 
> > Does anyone know how can I decrypt Windows-GPG encrypted files on
> > Mac OS X?
> > 
> > Thanks!!!!
> > 
> 
> Hi, All,
> 
> First of all, thanks for the answers!
> 
> After reviewing all answers, I have solved my problem! As Charly
> correctly pointed out, there is a slightly difference between TXT
> files from Mac OS X and Windows (basically Windows end-of-line
> is /R/F and Mac is /F)... As a newbie in Mac OS X, I didn't know
> that...
> 
> The solution was to "convert" the Windows TXT file to the Mac OS X TXT
> format. Then, GPGServices worked perfectly!
> 
> By the way: GPGServices is a very elegant solution! Better and
> simpler than all frontends I have used in order to decrypt files in
> Windows...
> 
> Best regards!

Please don't top post (corrected here). If you don't know what that
means, Google for it.

Windows, and DOS before it, uses a pair of CR and LF characters to
terminate lines. UNIX (Including Linux and FreeBSD) uses an LF
character only. The Apple Macintosh, finally, uses a CR character only.
In other words: a complete mess.

This has basically always been the norm. I have used many different
programs to convert between the multiple styles without incident. Many
modern applications, at least on a Windows platform, can transform
these different styles transparently for the end user. While I have no
experience with "GPGServices", I am wondering if that isn't something
that should be considered.

From the GPGServices web site:

<quote>
GPGServices is a plugin for the global OS X Services menu, which adds
the ability to almost any application (e.g. Safari, Finder, or
TextEdit) to use OpenPGP functionalities. In a nutshell:

    Any folder: sign and encrypt.
    Any file: verify, sign, import, encrypt, and decrypt.
    Any text selection: verify and import.
    Any text field: verify, sign, import, export, encrypt, and decrypt.

Please note that some of these features are still in development.
</quote>

I am assuming that the disclaimer there is to cover the fact that it
clearly does not work correctly for the above mentioned items when said
item(s) are created on different platforms.

Perhaps filing a request for the feature or bug report might be
appropriate.

-- 
Jerry ?
GNUPG.user at seibercom.net
_____________________________________________________________________
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: </pipermail/attachments/20110501/d476f169/attachment.pgp>

From zirconiumnzinc at gmail.com  Sun May  1 13:54:40 2011
From: zirconiumnzinc at gmail.com (zirconium)
Date: Sun, 1 May 2011 13:54:40 +0200
Subject: Displaying signature algorithms when doing --check-sigs, disabling
	algorithms for web of trust.
Message-ID: <BANLkTikSRbXpKSwLD7b4wNWpbdpxznAn4A@mail.gmail.com>

Hi

Is there a way to display hash algorithms along with public key
algoritms (and its lenght) of signatures when issuing "--check-sigs"
(or check in the "--edit-key" shell)?

I also would like to know if there is a way to force that GPG will not
accept signatures made with a certain hash or public key algorithms,
when calculating validity of keys trough web of trust?  In the case of
public key it should be possible to specify key length.


I didnt have luck finding answers to my questions in documentation,
only a partial solution to my second question:

There is an option "disable-pubkey-algo" that will totally disable
choosen public key algoritm, however it only works after doing
--check-trustdb with that option, otherwise it still accepts key
signatures (certifications) made with disabled algorithm, as a valid
signatures (for example when calculating key validity, or when doing
"--check-sigs"). It can create problems when changing from
"trust-model pgp" to "trust-model direct", beacuse as GPG says, there
is "no need for a trustdb check with `direct' trust model". But is
that really true that that there is no need for trustdb check? Im not
sure, but GPG doesnt allow that.

So while "disable-pubkey-algo" can be used to disable signatures made
with certain public key algorithm when calculating validity of keys
trough web of trust, there is no way to specify key length. Also there
is no such option for hash algorithms. No "disable-hash-algo" or
"disable-cert-digest-algo" or anything like that.



Could you point me to specific portions of documentation?
Thanks for help


From rjh at sixdemonbag.org  Sun May  1 18:00:21 2011
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Sun, 1 May 2011 12:00:21 -0400
Subject: How to open Windows GPG encrypted files on Mac OS X
In-Reply-To: <20110501075807.11ccfac3@scorpio>
References: <31510136.post@talk.nabble.com> <31515316.post@talk.nabble.com>
	<20110501075807.11ccfac3@scorpio>
Message-ID: <C9F67674-116A-4EAB-A810-BB8974C914E4@sixdemonbag.org>

> Windows, and DOS before it, uses a pair of CR and LF characters to
> terminate lines. UNIX (Including Linux and FreeBSD) uses an LF
> character only. The Apple Macintosh, finally, uses a CR character only.

Classic Mac OS used a CR only.  Mac OS X uses an LF just like the other Unices.  Given Classic was deprecated over a decade ago and EOLed almost that long ago, Classic can now be relegated to the dustbin of history.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 227 bytes
Desc: This is a digitally signed message part
URL: </pipermail/attachments/20110501/5c4e52c8/attachment.pgp>

From postmanmiler at gmail.com  Sun May  1 20:10:27 2011
From: postmanmiler at gmail.com (=?utf-8?B?0ILQvtGA0ZLQtSDQotC+0LTQvtGA0L7QstC40Zs=?=)
Date: Sun, 1 May 2011 20:10:27 +0200
Subject: gpgkeys: HTTP post error 7: couldn't connect: Not found
Message-ID: <20110501181027.GA4500@Allegro>

Newb here. My machine is having problems reaching keyservers unless they are specified
with their IP address. I can't resove hkp://* hostnames and I also can't reach ldap
servers either. (I compiled my gpg with ldap support but it says:
   gpgkeys: protocol `ldap' not supported
   gpg: no handler for keyserver scheme `ldap'
   gpg: keyserver search failed: Keyserver error
so I can't reach them too.)

I am using:
   gpg (GnuPG) 2.0.17
   libgcrypt 1.5.0-beta1

I am not behind a proxy, the other (Windows) computer that is on the same network as me is
reaching servers normal (so, it's probably not a router problem) and I tried reaching
several different servers (well, I tried all the servers that i found) and still no luck
on this machine.

When I try to upload my keys using:
   gpg --keyserver hkp://subkeys.pgp.net --send-keys 1E133339

this is the error that I am getting:
   gpg: sending key 1E133339 to hkp server subkeys.pgp.net
   : can't connect to `subkeys.pgp.net': host not found
   gpgkeys: HTTP post error 7: couldn't connect: Not found
   gpg: keyserver internal error
   gpg: keyserver send failed: Keyserver error

When that failed I tried this:
   gpg --keyserver-options "honor-http-proxy broken-http-proxy" --keyserver \
   hkp://subkeys.pgp.net  --send-keys 1E133339
   
I'm running Gentoo Linux 64bit and 2.6.38 kernel (with hardened patches).
I tried using different DNS nameservers, but still, my machine doesn't know how to resolve
hkp hostnames.


-- 
  . O . | Djordje Todorovic [aceofknaves at G_M_A_I_L .com] | O . O
  . . O | GPG-Key: 2048R/1E133339    (http://pgp.mit.edu)   | . O O
  O O O | BFF2 1C7F A70D ECCD FA8F C946 DB32 B498 1E13 3339 | . O .
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: </pipermail/attachments/20110501/dd8298f2/attachment.pgp>

From me at christran.in  Sun May  1 21:49:53 2011
From: me at christran.in (Christopher Tran)
Date: Sun, 1 May 2011 15:49:53 -0400
Subject: Syncing Keys between multiple computers?
Message-ID: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>

Whats the easiest way to keep GPG keys synced between my computers?  Like, I have my MacBook, which is usually my main machine, but I also have my netbook which I prefer carrying around and sometimes I update my key with User IDs on either machine but the only way I have thought of is to export and import every single time.  Is there an easier way?


Christopher Tran
http://christran.in/
84730CD9



-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3727 bytes
Desc: not available
URL: </pipermail/attachments/20110501/3a6e9f03/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 841 bytes
Desc: This is a digitally signed message part
URL: </pipermail/attachments/20110501/3a6e9f03/attachment-0001.pgp>

From John at enigmail.net  Mon May  2 01:51:06 2011
From: John at enigmail.net (John Clizbe)
Date: Sun, 01 May 2011 18:51:06 -0500
Subject: Syncing Keys between multiple computers?
In-Reply-To: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
Message-ID: <4DBDF1EA.2050608@enigmail.net>

Christopher Tran wrote:
> Whats the easiest way to keep GPG keys synced between my computers? Like, I
have my MacBook, which is usually my main machine, but I also have my netbook
which I prefer carrying around and sometimes I update my key with User IDs on
either machine but the only way I have thought of is to export and import every
single time. Is there an easier way?

The simplification is in /how/ you import the keys:

    gpg --import /path/to/other/secring.gpg

    gpg --import-options import-local-sigs --import /path/to/other/pubring.gpg

Do this first on one machine bringing over the changes from the other and then
repeat on the second machine. By importing the full keyring, there is no need
for the export step.

Note: this works for now. It is likely to change and break in some form
in the future.

An alternate strategy is to use portable storage such as an USB memory stick or
some other form of flash memory, and merge the keyring files onto that device
and then point GnuPG to look there for keys by editing gpg.conf.
-- 
John P. Clizbe                      Inet:   John (a) Enigmail DAWT net
FSF Assoc #995 / FSFE Fellow #1797  hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys at gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 886 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110501/f2c0f0b1/attachment.pgp>

From dshaw at jabberwocky.com  Mon May  2 02:12:37 2011
From: dshaw at jabberwocky.com (David Shaw)
Date: Sun, 1 May 2011 20:12:37 -0400
Subject: Syncing Keys between multiple computers?
In-Reply-To: <4DBDF1EA.2050608@enigmail.net>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
Message-ID: <7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>

On May 1, 2011, at 7:51 PM, John Clizbe wrote:

> Christopher Tran wrote:
>> Whats the easiest way to keep GPG keys synced between my computers? Like, I
> have my MacBook, which is usually my main machine, but I also have my netbook
> which I prefer carrying around and sometimes I update my key with User IDs on
> either machine but the only way I have thought of is to export and import every
> single time. Is there an easier way?
> 
> The simplification is in /how/ you import the keys:
> 
>    gpg --import /path/to/other/secring.gpg
> 
>    gpg --import-options import-local-sigs --import /path/to/other/pubring.gpg
> 
> Do this first on one machine bringing over the changes from the other and then
> repeat on the second machine. By importing the full keyring, there is no need
> for the export step.
> 
> Note: this works for now. It is likely to change and break in some form
> in the future.

The issue about future versions is that you probably won't be able to import a keyring file directly.  At the moment, a keyring file and the exported keyring format happen to be the same, but this is likely to change.  A method that should work equally well today and in the future is:

 gpg --export-secret-keys > my-secret-keyring.gpg
 gpg --export-options export-local-sigs --export > my-public-keyring.gpg

(copy the files over)

 gpg --import my-secret-keyring.gpg
 gpg --import-options import-local-sigs my-public-keyring.gpg

It's an export plus an import, but you don't need to explicitly state which key(s) you want to play with.  Just bring the whole ring over.

David



From dkg at fifthhorseman.net  Mon May  2 02:15:44 2011
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Sun, 01 May 2011 20:15:44 -0400
Subject: Syncing Keys between multiple computers?
In-Reply-To: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
Message-ID: <4DBDF7B0.8060600@fifthhorseman.net>

On 05/01/2011 03:49 PM, Christopher Tran wrote:
> Whats the easiest way to keep GPG keys synced between my computers?  Like, I have my MacBook, which is usually my main machine, but I also have my netbook which I prefer carrying around and sometimes I update my key with User IDs on either machine but the only way I have thought of is to export and import every single time.  Is there an easier way?

if your changes to your keys and user IDs aren't supposed to be secret,
(i.e. they are not non-exportable certifications, and you have not added
any new secret subkeys or primary keys) then you can just push your
updates to the keyservers when they happen:

 gpg --send $CHANGED_KEYID

and then when you switch to a different machine, you can just ensure
everything is up-to-date:

 gpg --refresh

These commands probably want a keyserver; so if you don't have a default
chosen already, add the following line to ~/.gnupg/gpg.conf (on both
machines):

 keyserver pool.sks-keyservers.net

If you change ownertrust, add new secret keys (either primary keys or
subkeys), or make non-exportable certifications, then you'll want to do
the export and import steps.  on the origin machine:

 gpg --export-ownertrust > ownertrust
 gpg --export-options export-local --export-secret-keys > secring
 gpg --export-options export-local --export-keys >pubring

and on the destinaton machine:

 gpg --import-ownertrust < ownertrust
 gpg --import-options import-local --import < secring
 gpg --import-options import-local --import < pubring

note that you might have some trouble updating your secret keys like
this, due to a known bug:

 https://bugs.g10code.com/gnupg/issue318

so if something changes in your secret key (e.g. new subkeys), you might
need to move the old secring out of the way or do more complicated
merges with gpgsplit (if you've had the misfortune of generating new
subkeys on both systems).

hth,

	--dkg


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110501/7b932385/attachment.pgp>

From shavital at mac.com  Mon May  2 06:33:24 2011
From: shavital at mac.com (Charly Avital)
Date: Mon, 02 May 2011 00:33:24 -0400
Subject: Slightly OFF TOPIC - Traffic analysis...in reverse?
In-Reply-To: <4DBDF7B0.8060600@fifthhorseman.net>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF7B0.8060600@fifthhorseman.net>
Message-ID: <4DBE3414.4000009@mac.com>

Hi,

in the avalanche of news about the [recently] late Osama Bin Laden, I
noticed a small item: the area where he was caught had been *also*
defined/pinpointed by the lack of cellular phone communications.

Go figure.





From John at enigmail.net  Mon May  2 08:15:47 2011
From: John at enigmail.net (John Clizbe)
Date: Mon, 02 May 2011 01:15:47 -0500
Subject: Slightly OFF TOPIC - Traffic analysis...in reverse?
In-Reply-To: <4DBE3414.4000009@mac.com>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>	<4DBDF7B0.8060600@fifthhorseman.net>
	<4DBE3414.4000009@mac.com>
Message-ID: <4DBE4C13.6050209@enigmail.net>

Charly Avital wrote:
> Hi,
> 
> in the avalanche of news about the [recently] late Osama Bin Laden, I
> noticed a small item: the area where he was caught had been *also*
> defined/pinpointed by the lack of cellular phone communications.

Among other anomalies at the compound: No cell traffic, no internet access,
burning trash instead of putting it out for pickup, etc...

-- 
John P. Clizbe                      Inet:   John (a) Enigmail DAWT net
FSF Assoc #995 / FSFE Fellow #1797  hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys at gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 886 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110502/358865b9/attachment.pgp>

From shavital at mac.com  Mon May  2 08:34:13 2011
From: shavital at mac.com (Charly Avital)
Date: Mon, 02 May 2011 02:34:13 -0400
Subject: Slightly OFF TOPIC - Traffic analysis...in reverse?
In-Reply-To: <4DBE4C13.6050209@enigmail.net>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF7B0.8060600@fifthhorseman.net> <4DBE3414.4000009@mac.com>
	<4DBE4C13.6050209@enigmail.net>
Message-ID: <4DBE5065.9090604@mac.com>

John Clizbe wrote the following on 5/2/11 2:15 AM:
> Charly Avital wrote:
>> Hi,
>>
>> in the avalanche of news about the [recently] late Osama Bin Laden, I
>> noticed a small item: the area where he was caught had been *also*
>> defined/pinpointed by the lack of cellular phone communications.
> 
> Among other anomalies at the compound: No cell traffic, no internet access,
> burning trash instead of putting it out for pickup, etc...

I heard later on about no internet access and burning trash. I also read
that the compound was located in a densely populated, almost urban area.

Maybe someone will learn from all this (if all this is genuine) that too
much isolation will make you stand out.

An an aside, and this is really off-topic, burning trash instead of
putting out for pickup is a standard and careful procedure in areas
where garbage pick up is not an alternative reliably available. To say
the least.





From alex at gpgtools.org  Mon May  2 11:28:16 2011
From: alex at gpgtools.org (Alexander Willner)
Date: Mon, 2 May 2011 11:28:16 +0200
Subject: How to open Windows GPG encrypted files on Mac OS X
In-Reply-To: <20110501075807.11ccfac3@scorpio>
References: <31510136.post@talk.nabble.com> <31515316.post@talk.nabble.com>
	<20110501075807.11ccfac3@scorpio>
Message-ID: <FC397C0B-9AFB-4B4E-BDB2-DE7BAA2DA19A@gpgtools.org>

Hi,

On 01.05.2011, at 13:58, Jerry wrote:
> The Apple Macintosh, finally, uses a CR character only.

As Robert wrote: OS X is using an LF character only

On 01.05.2011, at 13:58, Jerry wrote:
> I am assuming that the disclaimer there is to cover the fact that it
> clearly does not work correctly for the above mentioned items when said
> item(s) are created on different platforms.

From our point of view the issue lies in the TextWrangler code since it "destructively modifies all files it opens".

> Perhaps filing a request for the feature or bug report might be appropriate.

Here it is: http://gpgtools.lighthouseapp.com/projects/67607/tickets/48

Best regards, Alex


-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 243 bytes
Desc: This is a digitally signed message part
URL: </pipermail/attachments/20110502/998d672b/attachment.pgp>

From BruderB at cation.de  Mon May  2 11:34:47 2011
From: BruderB at cation.de (B)
Date: Mon, 02 May 2011 11:34:47 +0200
Subject: Is the OpenPGP model still useful?
In-Reply-To: <20110430003348.GA29359@squawkencluck.cosgrove.lan>
References: <9B6DEDE3-309A-437E-A373-2166A3EE2951@sixdemonbag.org>	<20110428150505.GB4219@rio.matrix>
	<4DBB0BFF.1060107@cation.de>
	<20110430003348.GA29359@squawkencluck.cosgrove.lan>
Message-ID: <4DBE7AB7.6040406@cation.de>


Simon Ward schrieb:
> On Fri, Apr 29, 2011 at 09:05:35PM +0200, B wrote:
>> By the way: Using OpenPGP with enigmail in Thunderbird, I miss a feature:
>> Usually the recipient rules work but if they fail (perhaps due to
>> background update of Thunderbird and not working plugin), I would like
>> to have a chance to see that the written message is going to be send
>> unencrypted BEFORE sending. Or vice vera: I want to see that a instantly
>> written message is going to be encrypted....
> 
> There is an option in Enigmail's expert settings to always confirm.
> 
> Simon
> 

Hej Simon,


thanks very much for your comment! I didn't know that setting yet.

But I'm lacking phantasy of how to use this for preventing me of sending
unencrypted in case that Enigmail does not work properly....

So, if it does not work, the confirmation request will not appear and
mail goes out unencrypted, doesn't it?

Regards,


Boris


From shavital at mac.com  Mon May  2 14:26:44 2011
From: shavital at mac.com (Charly Avital)
Date: Mon, 02 May 2011 08:26:44 -0400
Subject: How to open Windows GPG encrypted files on Mac OS X
In-Reply-To: <FC397C0B-9AFB-4B4E-BDB2-DE7BAA2DA19A@gpgtools.org>
References: <31510136.post@talk.nabble.com> <31515316.post@talk.nabble.com>
	<20110501075807.11ccfac3@scorpio>
	<FC397C0B-9AFB-4B4E-BDB2-DE7BAA2DA19A@gpgtools.org>
Message-ID: <4DBEA304.10105@mac.com>

Alexander Willner wrote the following on 5/2/11 5:28 AM:
> From our point of view the issue lies in the TextWrangler code since it "destructively modifies all files it opens".

The user insightfulmac <julioesori at gmail.com>
who originated the request in the gnupg-users list (How to open Windows
GPG encrypted files on MacOSX), solved his problem using TextWrangler:

> After reviewing all answers, I have solved my problem! As Charly correctly
> pointed out, there is a slightly difference between TXT files from Mac OS X
> and Windows (basically Windows end-of-line is /R/F and Mac is /F)... As a
> newbie in Mac OS X, I didn't know that...
> 
> The solution was to "convert" the Windows TXT file to the Mac OS X TXT
> format. Then, GPGServices worked perfectly!
> 
> By the way: GPGServices is a very elegant solution! Better and simpler than
> all frontends I have used in order to decrypt files in Windows...


I personally prefer BBEdit, but TextWrangler (released by the same
software house) can also solve the issue of converting line ends, that
was the problem of insightfulmac <julioesori at gmail.com>.

Regards,
Charly


From patrickbx at lavabit.com  Mon May  2 16:47:31 2011
From: patrickbx at lavabit.com (patrickbx at lavabit.com)
Date: Mon, 2 May 2011 10:47:31 -0400 (EDT)
Subject: Offline Master Key
Message-ID: <7206.205.174.22.25.1304347651.squirrel@lavabit.com>

Hi,

I have question on key management and was looking for some feedback.  My
issue is that I like the idea of having a Master signing key with no
expiration date and I want to store this key offline without the
inconvenience of using an offline computer every time i'd like to send a
signed/encrypted message.

My idea is to create a master signing key on an offline
computer(persistent live usb).  Then create two subkeys that have regular
expiration dates.  One encryption key and one additional "daily-use"
signing key.  I would post my master key in my signature and use it to
sign the sub-keys.  When sending mail I would use my daily use key to sign
my messages.  I would only access and use my master key when it is
necessary to sign other keys and update my sub keys. Would this create any
problems for those reading and verifying my emails?  Would it be necessary
to link to my key policy in my mail or would it be seamless that my sub
signing key is valid because it is signed by the master.

Thank you in advance for any help regarding my questions.  I'm still new
to gnupg, but I want to set it up right the first time.

Patrick




From gollo at fsfe.org  Mon May  2 16:54:03 2011
From: gollo at fsfe.org (Martin Gollowitzer)
Date: Mon, 2 May 2011 16:54:03 +0200
Subject: Offline Master Key
In-Reply-To: <7206.205.174.22.25.1304347651.squirrel@lavabit.com>
References: <7206.205.174.22.25.1304347651.squirrel@lavabit.com>
Message-ID: <20110502145403.GA11079@wingback.gollo.at>

Hi,

* patrickbx at lavabit.com <patrickbx at lavabit.com> [110502 16:50, 
  mID <7206.205.174.22.25.1304347651.squirrel at lavabit.com>]:

> Hi,
> 
> I have question on key management and was looking for some feedback.  My
> issue is that I like the idea of having a Master signing key with no
> expiration date and I want to store this key offline without the
> inconvenience of using an offline computer every time i'd like to send a
> signed/encrypted message.
> 
> My idea is to create a master signing key on an offline
> computer(persistent live usb).  Then create two subkeys that have regular
> expiration dates.  One encryption key and one additional "daily-use"
> signing key.  I would post my master key in my signature and use it to
> sign the sub-keys.  When sending mail I would use my daily use key to sign
> my messages.  I would only access and use my master key when it is
> necessary to sign other keys and update my sub keys. Would this create any
> problems for those reading and verifying my emails?  Would it be necessary
> to link to my key policy in my mail or would it be seamless that my sub
> signing key is valid because it is signed by the master.

If you follow the steps of the howto at [1] without using a smartcard
(i.e. you don't move the subkeys to a OpenPGP card, but keep them in the
keyring), this should work without problems. You can then sign and
decrypt files with the subkeys (if you do it right, people will encrypt
messages to the correct subkey *only*).

[1] http://wiki.fsfe.org/Card_howtos/Card_with_subkeys_using_backups

HTH

Martin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: </pipermail/attachments/20110502/c1436d58/attachment.pgp>

From mailinglisten at hauke-laging.de  Mon May  2 17:19:38 2011
From: mailinglisten at hauke-laging.de (Hauke Laging)
Date: Mon, 2 May 2011 17:19:38 +0200
Subject: Offline Master Key
In-Reply-To: <7206.205.174.22.25.1304347651.squirrel@lavabit.com>
References: <7206.205.174.22.25.1304347651.squirrel@lavabit.com>
Message-ID: <201105021719.38836.mailinglisten@hauke-laging.de>

Am Montag, 2. Mai 2011, 16:47:31 schrieb patrickbx at lavabit.com:

> My idea is to create a master signing key on an offline
> computer(persistent live usb).  Then create two subkeys that have regular
> expiration dates.  One encryption key and one additional "daily-use"
> signing key.

You can create the master key without any capability except for certification. 
It is theoretically possible to use several keys (main key and subkeys) within 
one key for signing and give the signatures different meanings (e.g. "daily 
use" vs. "high security") but I think that most people would not notice the 
difference. So IMHO the only reason for having several simultaneously valid 
keys with the same ability in one key is compatibility: Use the strongest key 
(and have the others use it) whenever possible, otherwise use the worse 
fallback.

I think it's a good idea to have signature and encryption keys of different 
quality but I would advice to use different main keys for that. That allows 
the others to understand the difference from a simple look at the UID (when 
using comments like "daily use" and "high security").


> Would this create any
> problems for those reading and verifying my emails?

No. Subkeys are a normal feature. The default configuration creates keys with 
a subkey (not for signing though). Nobody except you should be able to realize 
whether your master key is stored online or offline.


> Would it be necessary to link to my key policy in my mail

No but it makes sense (independently of this question) to link it in your 
self-signature. See the option --set-policy-url though in the default 
configuration this URL is not shown (just hinted by a "P").


> or would it be seamless that my sub
> signing key is valid because it is signed by the master.

Yes, that's the concept of OpenPGP.


Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110502/f1cfe021/attachment.pgp>

From dshaw at jabberwocky.com  Mon May  2 17:39:57 2011
From: dshaw at jabberwocky.com (David Shaw)
Date: Mon, 2 May 2011 11:39:57 -0400
Subject: Offline Master Key
In-Reply-To: <7206.205.174.22.25.1304347651.squirrel@lavabit.com>
References: <7206.205.174.22.25.1304347651.squirrel@lavabit.com>
Message-ID: <F3C46C3D-A5AA-4E9B-8777-26AC36B9B247@jabberwocky.com>

On May 2, 2011, at 10:47 AM, patrickbx at lavabit.com wrote:

> Hi,
> 
> I have question on key management and was looking for some feedback.  My
> issue is that I like the idea of having a Master signing key with no
> expiration date and I want to store this key offline without the
> inconvenience of using an offline computer every time i'd like to send a
> signed/encrypted message.
> 
> My idea is to create a master signing key on an offline
> computer(persistent live usb).  Then create two subkeys that have regular
> expiration dates.  One encryption key and one additional "daily-use"
> signing key.  I would post my master key in my signature and use it to
> sign the sub-keys.  When sending mail I would use my daily use key to sign
> my messages.  I would only access and use my master key when it is
> necessary to sign other keys and update my sub keys. Would this create any
> problems for those reading and verifying my emails?

No problems unless your correspondent is using a very old version of PGP that doesn't properly handle subkeys.  I wouldn't worry about that too much in 2011.

>  Would it be necessary
> to link to my key policy in my mail or would it be seamless that my sub
> signing key is valid because it is signed by the master.

It should be seamless.  This is a reasonably common thing to do.  I do it myself, in fact.

There is/was a HOWTO document for this method of handling keys written at one point.  I can't seem to find the link at the moment, but if someone has it handy, please do post it.

David



From dan at geer.org  Mon May  2 18:00:01 2011
From: dan at geer.org (dan at geer.org)
Date: Mon, 02 May 2011 12:00:01 -0400
Subject: Slightly OFF TOPIC - Traffic analysis...in reverse? 
In-Reply-To: Your message of "Mon, 02 May 2011 00:33:24 EDT."
	<4DBE3414.4000009@mac.com> 
Message-ID: <20110502160001.CD52333DCA@absinthe.tinho.net>


 | 
 | in the avalanche of news about the [recently] late Osama Bin Laden, I
 | noticed a small item: the area where he was caught had been *also*
 | defined/pinpointed by the lack of cellular phone communications.
 | 

I do not send CallerID (well, you know that I do but you
also know what I mean).  As it happens, everyone I call
assumes it is me as I am the only one who chooses that.

--dan



From jerome at jeromebaum.com  Mon May  2 17:14:09 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Mon, 2 May 2011 17:14:09 +0200
Subject: Offline Master Key
In-Reply-To: <7206.205.174.22.25.1304347651.squirrel@lavabit.com>
References: <7206.205.174.22.25.1304347651.squirrel@lavabit.com>
Message-ID: <BANLkTim7n9pVvyDOmP_GNv7ijASGrzzOKQ@mail.gmail.com>

On Mon, May 2, 2011 at 16:47, <patrickbx at lavabit.com> wrote:

> My idea is to create a master signing key on an offline
> computer(persistent live usb).  Then create two subkeys that have regular
> expiration dates.  One encryption key and one additional "daily-use"
> signing key.  I would post my master key in my signature and use it to
> sign the sub-keys.  When sending mail I would use my daily use key to sign
> my messages.  I would only access and use my master key when it is
> necessary to sign other keys and update my sub keys. Would this create any
> problems for those reading and verifying my emails?


If you are talking about actual sub-keys (not separate keys that are only
semantically "sub-keys"), then there is no problem. However, they might have
to get the latest key copy including the sub-keys to verify, and they
definitely need the encryption sub-key to encrypt.


> Would it be necessary
> to link to my key policy in my mail or would it be seamless that my sub
> signing key is valid because it is signed by the master.
>

An encryption sub-key is used to encrypt to the resp. uid on the master key.
A signing sub-key is implied to belong to the same uid as well. So, it's
seamless.

-- 
Jerome Baum

Telefon: +49-1578-8434336
E-Mail: jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110502/ee56572c/attachment.htm>

From John at enigmail.net  Mon May  2 18:13:21 2011
From: John at enigmail.net (John Clizbe)
Date: Mon, 02 May 2011 11:13:21 -0500
Subject: Offline Master Key
In-Reply-To: <F3C46C3D-A5AA-4E9B-8777-26AC36B9B247@jabberwocky.com>
References: <7206.205.174.22.25.1304347651.squirrel@lavabit.com>
	<F3C46C3D-A5AA-4E9B-8777-26AC36B9B247@jabberwocky.com>
Message-ID: <4DBED821.3060208@enigmail.net>

David Shaw wrote:
> 
> There is/was a HOWTO document for this method of handling keys written at one
> point.  I can't seem to find the link at the moment, but if someone has it
> handy, please do post it.

Adrian von Bidder's How-To, http://fortytwo.ch/gpg/subkeys, comes to mind.
It's linked on the GnuPG documentation How-To page,
http://www.gnupg.org/documentation/howtos.en.html, but the actual page is 404.

He was looking for someone to adopt the How-To back in 2006, but didn't receive
a response on the list that I saw.

Last crawl of the page at the "WayBack Machine":
http://replay.web.archive.org/20090609222126/http://fortytwo.ch/gpg/subkeys

-John
-- 
John P. Clizbe                      Inet:   John (a) Enigmail DAWT net
FSF Assoc #995 / FSFE Fellow #1797  hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys at gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 886 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110502/0519835b/attachment-0001.pgp>

From mailinglisten at hauke-laging.de  Mon May  2 19:06:00 2011
From: mailinglisten at hauke-laging.de (Hauke Laging)
Date: Mon, 2 May 2011 19:06:00 +0200
Subject: Offline Master Key
In-Reply-To: <4DBED821.3060208@enigmail.net>
References: <7206.205.174.22.25.1304347651.squirrel@lavabit.com>
	<F3C46C3D-A5AA-4E9B-8777-26AC36B9B247@jabberwocky.com>
	<4DBED821.3060208@enigmail.net>
Message-ID: <201105021906.05587.mailinglisten@hauke-laging.de>

Am Montag, 2. Mai 2011, 18:13:21 schrieb John Clizbe:

> He was looking for someone to adopt the How-To back in 2006, but didn't
> receive a response on the list that I saw.

I told him that I was willing to do that (not on the list but after happening 
to visit his page). I haven't finished that yet but I now increase the 
pressure on my by making this public. :-) Should be done by the end of the 
week. And if the result seems worth it then the new page may be linked (or 
published on the GnuPG site).


Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110502/b3255b43/attachment.pgp>

From noloader at gmail.com  Mon May  2 19:17:03 2011
From: noloader at gmail.com (Jeffrey Walton)
Date: Mon, 2 May 2011 13:17:03 -0400
Subject: Is the OpenPGP model still useful?
In-Reply-To: <4DBE7AB7.6040406@cation.de>
References: <9B6DEDE3-309A-437E-A373-2166A3EE2951@sixdemonbag.org>
	<20110428150505.GB4219@rio.matrix> <4DBB0BFF.1060107@cation.de>
	<20110430003348.GA29359@squawkencluck.cosgrove.lan>
	<4DBE7AB7.6040406@cation.de>
Message-ID: <BANLkTikK-=x+5kMq6DCZ_Ky3pTxv3Z+FSA@mail.gmail.com>

On Mon, May 2, 2011 at 5:34 AM, B <BruderB at cation.de> wrote:
>
> Simon Ward schrieb:
>> On Fri, Apr 29, 2011 at 09:05:35PM +0200, B wrote:
>>> By the way: Using OpenPGP with enigmail in Thunderbird, I miss a feature:
>>> Usually the recipient rules work but if they fail (perhaps due to
>>> background update of Thunderbird and not working plugin), I would like
>>> to have a chance to see that the written message is going to be send
>>> unencrypted BEFORE sending. Or vice vera: I want to see that a instantly
>>> written message is going to be encrypted....
>>
>> There is an option in Enigmail's expert settings to always confirm.
>>
>> [SNIP]
>
> But I'm lacking phantasy of how to use this for preventing me of sending
> unencrypted in case that Enigmail does not work properly....
>
If you run your mail server, you should be able to set up a secure
channel by having your MTA issue a STARTTLS command. The communication
from the originating MTA to your MTA will be secure (some hand
waiving). If the sender connects to his/her mail server securely (and
MTA's use TLS), then most opportunities for message inspection and
tampering should be remediated.

Jeff


From BruderB at cation.de  Mon May  2 19:27:56 2011
From: BruderB at cation.de (B)
Date: Mon, 02 May 2011 19:27:56 +0200
Subject: Is the OpenPGP model still useful?
In-Reply-To: <BANLkTikK-=x+5kMq6DCZ_Ky3pTxv3Z+FSA@mail.gmail.com>
References: <9B6DEDE3-309A-437E-A373-2166A3EE2951@sixdemonbag.org>	<20110428150505.GB4219@rio.matrix>	<4DBB0BFF.1060107@cation.de>	<20110430003348.GA29359@squawkencluck.cosgrove.lan>	<4DBE7AB7.6040406@cation.de>
	<BANLkTikK-=x+5kMq6DCZ_Ky3pTxv3Z+FSA@mail.gmail.com>
Message-ID: <4DBEE99C.30202@cation.de>


Jeffrey Walton schrieb:
> On Mon, May 2, 2011 at 5:34 AM, B <BruderB at cation.de> wrote:
>> Simon Ward schrieb:
>>> On Fri, Apr 29, 2011 at 09:05:35PM +0200, B wrote:
>>>> By the way: Using OpenPGP with enigmail in Thunderbird, I miss a feature:
>>>> Usually the recipient rules work but if they fail (perhaps due to
>>>> background update of Thunderbird and not working plugin), I would like
>>>> to have a chance to see that the written message is going to be send
>>>> unencrypted BEFORE sending. Or vice vera: I want to see that a instantly
>>>> written message is going to be encrypted....
>>> There is an option in Enigmail's expert settings to always confirm.
>>>
>>> [SNIP]
>> But I'm lacking phantasy of how to use this for preventing me of sending
>> unencrypted in case that Enigmail does not work properly....
>>
> If you run your mail server, you should be able to set up a secure
> channel by having your MTA issue a STARTTLS command. The communication
> from the originating MTA to your MTA will be secure (some hand
> waiving). If the sender connects to his/her mail server securely (and
> MTA's use TLS), then most opportunities for message inspection and
> tampering should be remediated.
> 

Hej Jeff,


thanks for your comment!

Your explanation has nothing to do with OpenPGP. Of course everybody
could or should use TLS against his server....

Boris




From kgo at grant-olson.net  Mon May  2 18:57:01 2011
From: kgo at grant-olson.net (Grant Olson)
Date: Mon, 02 May 2011 12:57:01 -0400
Subject: Offline Master Key
In-Reply-To: <4DBED821.3060208@enigmail.net>
References: <7206.205.174.22.25.1304347651.squirrel@lavabit.com>	<F3C46C3D-A5AA-4E9B-8777-26AC36B9B247@jabberwocky.com>
	<4DBED821.3060208@enigmail.net>
Message-ID: <4DBEE25D.9020202@grant-olson.net>

On 5/2/11 12:13 PM, John Clizbe wrote:
> David Shaw wrote:
>>
>> There is/was a HOWTO document for this method of handling keys written at one
>> point.  I can't seem to find the link at the moment, but if someone has it
>> handy, please do post it.
> 
> Adrian von Bidder's How-To, http://fortytwo.ch/gpg/subkeys, comes to mind.
> It's linked on the GnuPG documentation How-To page,
> http://www.gnupg.org/documentation/howtos.en.html, but the actual page is 404.
> 
> He was looking for someone to adopt the How-To back in 2006, but didn't receive
> a response on the list that I saw.
> 
> Last crawl of the page at the "WayBack Machine":
> http://replay.web.archive.org/20090609222126/http://fortytwo.ch/gpg/subkeys
> 
> -John
> 

This link provides much more detailed instructions.  Maybe this link can
replace the fortytwo.ch page on the main site.

http://tjl73.altervista.org/secure_keygen/en/index.html

-- 
Grant

"I am gravely disappointed. Again you have made me unleash my dogs of war."

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 570 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110502/16bbfe7c/attachment.pgp>

From Lists.gnupg at mephisto.fastmail.net  Mon May  2 20:49:01 2011
From: Lists.gnupg at mephisto.fastmail.net (Kevin Kammer)
Date: Mon, 2 May 2011 14:49:01 -0400
Subject: Conditional options directives
Message-ID: <20110502184901.GA6338@imac-6g2p.mgh.harvard.edu>

I think this post falls under the heading of "Feature Request," unless someone already knows how to accomplish the following.

I think it would be useful if there was a way to format the GnuPG options file to conditionally apply options, depending on the key used (or potentially, depending upon the values of other variables, though key or user ID seem to be the most likely candidates).

Let us suppose that we have more than one private key on our keychain. For this example, let's say we use one key to sign our personal email, and a different one to sign software packages we host on a company server. There may be settings in our gpg.conf file which should be different depending on the key we are using at the time. E.G. different URLs for retrieving keys, different comments, etc. This could be accomplished by saving different configuration files and specifying which one you want to use for any given operation with the --options flag, but wouldn't it be nice if the process could be automated? Not just nice, but much easier for other programs which interface with GnuPG, such as a mail plugin, for which there may be no convenient way to pass command line options.

So, what I am thinking of is semantically a little like a pre-processor directive...

#if (keyID == 123456)
      /* Use these options */
#elif (keyID == 789abc)
      /* Use some different options */
#else
      /* Fall back to a default set of options */
#endif

Obviously it wouldn't look like that in the gpg.conf file, but the model of conditional compilation gets the point accross (I hope).

Does anyone agree with me that this would be a good idea, or am I just crazy? Better yet, does anyone already implement some kind of conditional options parsing, using a technique which hasn't occured to me?

-- 
"Le hasard favorise l'esprit pr?par?."
                       --Louis Pasteur
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 719 bytes
Desc: not available
URL: </pipermail/attachments/20110502/88f0c6dc/attachment.pgp>

From jerome at jeromebaum.com  Mon May  2 21:00:56 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Mon, 2 May 2011 21:00:56 +0200
Subject: Conditional options directives
In-Reply-To: <20110502184901.GA6338@imac-6g2p.mgh.harvard.edu>
References: <20110502184901.GA6338@imac-6g2p.mgh.harvard.edu>
Message-ID: <BANLkTikAVVipf3mMsoiQ_CUGc69WrJg_dg@mail.gmail.com>

On Mon, May 2, 2011 at 20:49, Kevin Kammer <
Lists.gnupg at mephisto.fastmail.net> wrote:

> So, what I am thinking of is semantically a little like a pre-processor
> directive...
>
> #if (keyID == 123456)
>     /* Use these options */
> #elif (keyID == 789abc)
>     /* Use some different options */
> #else
>     /* Fall back to a default set of options */
> #endif
>
> Obviously it wouldn't look like that in the gpg.conf file, but the model of
> conditional compilation gets the point accross (I hope).
>
> Does anyone agree with me that this would be a good idea, or am I just
> crazy? Better yet, does anyone already implement some kind of conditional
> options parsing, using a technique which hasn't occured to me?


Sounds interesting. I would consider a kind of "lookup sequence" so you end
up with this:

.gnupg/
>   gnupg.conf
>   gnupg-key-01234567.conf
>   gnupg-key-0123456789abcdef.conf


etc.

That way, you can look at a single file to understand what will happen under
given circumstances, instead of having to parse through conditionals. I
don't think complicating the options format is a good idea. You end up with
stuff like this:

:(){ :|: & };:


Of course, you should *not* run this code. It will crash your system. I am
just demonstrating that when you allow obfuscated meaning in data or code,
Mallory will trick you into configuring your gnupg to send out all your
private keys to her.

-- 
Jerome Baum

Telefon: +49-1578-8434336
E-Mail: jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110502/af25d0b8/attachment.htm>

From an.nguyen.foss at gmail.com  Mon May  2 22:35:13 2011
From: an.nguyen.foss at gmail.com (An Nguyen)
Date: Tue, 3 May 2011 03:35:13 +0700
Subject: Syncing Keys between multiple computers?
In-Reply-To: <4DBDF1EA.2050608@enigmail.net>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
Message-ID: <BANLkTingy+AUt4UCc7YY48UCr03DWTuv6Q@mail.gmail.com>

Hi,

On Mon, May 2, 2011 at 6:51 AM, John Clizbe <John at enigmail.net> wrote:
>
> An alternate strategy is to use portable storage such as an USB memory stick or
> some other form of flash memory, and merge the keyring files onto that device
> and then point GnuPG to look there for keys by editing gpg.conf.

A little bit off-topic but maybe encrypting that USB (using dm-crypt
for e.g.) will add some extra security.

-- 
Nguy?n Ch?u An || An NGUYEN
Linux Technician & FOSS Advocate
-------
OpenPGP KeyID? 2048R/8F77A48C
Key Fingerprint???? 7652 B403 749F F173 227D 4865 FB71 EC95 8F77 A48C


From simon at bleah.co.uk  Tue May  3 00:35:14 2011
From: simon at bleah.co.uk (Simon Ward)
Date: Mon, 2 May 2011 23:35:14 +0100
Subject: Is the OpenPGP model still useful?
In-Reply-To: <4DBE7AB7.6040406@cation.de>
References: <9B6DEDE3-309A-437E-A373-2166A3EE2951@sixdemonbag.org>
	<20110428150505.GB4219@rio.matrix> <4DBB0BFF.1060107@cation.de>
	<20110430003348.GA29359@squawkencluck.cosgrove.lan>
	<4DBE7AB7.6040406@cation.de>
Message-ID: <20110502223514.GK6997@squawkencluck.cosgrove.lan>

On Mon, May 02, 2011 at 11:34:47AM +0200, B wrote:
> But I'm lacking phantasy of how to use this for preventing me of sending
> unencrypted in case that Enigmail does not work properly....
> 
> So, if it does not work, the confirmation request will not appear and
> mail goes out unencrypted, doesn't it?

If Enigmail is completely broken, or you?ve disabled the add?on, your
emails will not be signed or encrypted and the confirmation request will
not appear.

In a non?broken state with the confirmation option, the confirmation
dialog appears every time you hit send, regardless of whether the mail
is signed or encrypted, and informs you of the signing and encryption
status.

You might be able to verify yourself by choosing not to send the email
immediately (send later), then inspecting the mail in the Outbox.  I
cannot remember if messages saved in the Outbox are encrypted.

Simon
-- 
A complex system that works is invariably found to have evolved from a
simple system that works.?John Gall
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: </pipermail/attachments/20110502/11884ddb/attachment.pgp>

From John at enigmail.net  Tue May  3 00:54:35 2011
From: John at enigmail.net (John Clizbe)
Date: Mon, 02 May 2011 17:54:35 -0500
Subject: Conditional options directives
In-Reply-To: <20110502184901.GA6338@imac-6g2p.mgh.harvard.edu>
References: <20110502184901.GA6338@imac-6g2p.mgh.harvard.edu>
Message-ID: <4DBF362B.9050204@enigmail.net>

Kevin Kammer wrote:
> Let us suppose that we have more than one private key on our keychain. 

Safe bet.


> For this example, let's say we use one key to sign our personal email, and a 
> different one to sign software packages we host on a company server. There 
> may be settings in our gpg.conf file which should be different depending on 
> the key we are using at the time. E.G. different URLs for retrieving keys, 
> different comments, etc. This could be accomplished by saving different 
> configuration files and specifying which one you want to use for any given 
> operation with the --options flag, but wouldn't it be nice if the process 
> could be automated? 

Doesn't a separate config file automate things? I fear you may be attempting to
over-engineer a solution.

> Not just nice, but much easier for other programs which interface with GnuPG,
> such as a mail plugin, for which there may be no convenient way to pass
> command line options.

To use your example, I know of two ways email plugins communicate with GnuPG:
gpgme (Evolution, etc) or via some form of IPC (mozilla-mailnews/Enigmail,
mutt). Neither seem to have much difficulty communicating additional
(non-gpg.conf) options to gpg.

> So, what I am thinking of is semantically a little like a pre-processor
> directive...
> 
> #if (keyID == 123456) /* Use these options */ #elif (keyID == 789abc) /* Use
> some different options */ #else /* Fall back to a default set of options */ 
> #endif
> 
> Obviously it wouldn't look like that in the gpg.conf file, but the model of
> conditional compilation gets the point across (I hope).

I think the separate config file idea is superior.

> Does anyone agree with me that this would be a good idea, or am I just crazy?
> Better yet, does anyone already implement some kind of conditional options
> parsing, using a technique which hasn't occurred to me?

Not a mental health professional, but I'd venture that whether or not you are
crazy is orthogonal to whether this is a good idea, IMO, it isn't. I think it's
an unnecessary complication and more attack/error prone.

-- 
John P. Clizbe                      Inet:   John (a) Enigmail
FSF Assoc #995 / FSFE Fellow #1797  hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys at gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 886 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110502/c03a71b2/attachment.pgp>

From sean at srima.eu  Tue May  3 00:21:28 2011
From: sean at srima.eu (Sean Rima)
Date: Mon, 02 May 2011 23:21:28 +0100
Subject: Syncing Keys between multiple computers?
In-Reply-To: <7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>	<4DBDF1EA.2050608@enigmail.net>
	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
Message-ID: <4DBF2E68.7040409@srima.eu>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

On 02/05/2011 01:12, David Shaw wrote:
>> Note: this works for now. It is likely to change and break in some form
>> in the future.
> 
> The issue about future versions is that you probably won't be able to import a keyring file directly.  At the moment, a keyring file and the exported keyring format happen to be the same, but this is likely to change.  A method that should work equally well today and in the future is:
> 
>  gpg --export-secret-keys > my-secret-keyring.gpg
>  gpg --export-options export-local-sigs --export > my-public-keyring.gpg
> 
> (copy the files over)
> 
>  gpg --import my-secret-keyring.gpg
>  gpg --import-options import-local-sigs my-public-keyring.gpg
> 
> It's an export plus an import, but you don't need to explicitly state which key(s) you want to play with.  Just bring the whole ring over.
> 

Just throwing this to the mix, but what about services like dropbox and
point gnupg to the shared dropbox folder

Sean
- -- 
GSWoT and CaCert WOT Assurer

.tel  http://rima.tel/

I believe that every human has a finite number of
heartbeats. I don't intend to waste any of mine
running around doing exercises. - Neil Armstrong
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (MingW32)
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Contact Details http://rima.tel
Comment: My GPG Key http://sl.srima.eu/gpg

iHIEAREDADIFAk2/LmgrFIAAAAAAFQANcGthLWFkZHJlc3NAZ251cGcub3Jnc2Vh
bkBzcmltYS5ldQAKCRDJ1+LfaIt9mPTgAKCwP7EwGtgYEP++qSi/sals75yr2QCd
ESje11F/joxNkjsw9Xb2cJ71Qtg=
=mjkF
-----END PGP SIGNATURE-----


From aaron.toponce at gmail.com  Tue May  3 14:36:32 2011
From: aaron.toponce at gmail.com (Aaron Toponce)
Date: Tue, 3 May 2011 06:36:32 -0600
Subject: Syncing Keys between multiple computers?
In-Reply-To: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
Message-ID: <20110503123632.GD19307@poseidon.cocyt.us>

On Sun, May 01, 2011 at 03:49:53PM -0400, Christopher Tran wrote:
> Whats the easiest way to keep GPG keys synced between my computers?  Like, I have my MacBook, which is usually my main machine, but I also have my netbook which I prefer carrying around and sometimes I update my key with User IDs on either machine but the only way I have thought of is to export and import every single time.  Is there an easier way?

I keep my keys (as well as RC files, and other things) in a version control
system (VCS). I run Mutt as my primary MUA, which is configured with
OpenPGP. Whenever I encounter a newly signed message, I have GnuPG download
the public key to verify the message. As a result, I periodically "check
in" the changes, and push it to my repository. On the rest of the
computers, I pull down the changes from time-to-time, so everything is
up-to-date.

It could be of a concern to have your key on multiple installations, so
hopefully your passphrase is rock-solid, and loaded with entropy. Just in
case, every computer my key is on, is installed on an encrypted filesystem,
with a different rock-solid passphrase.

Anyway, I've found using a VCS for managing updates to my keys the best way
to go. Even if the public/private GPG keyrings are binaries, it works well,
and I don't have to worry about which keyring has the latest updates to
copy over.

--
. o .   o . o   . . o   o . .   . o .
. . o   . o o   o . o   . o o   . . o
o o o   . o .   . o o   o o .   o o o
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 527 bytes
Desc: Digital signature
URL: </pipermail/attachments/20110503/fd74870b/attachment.pgp>

From aaron.toponce at gmail.com  Tue May  3 14:31:02 2011
From: aaron.toponce at gmail.com (Aaron Toponce)
Date: Tue, 3 May 2011 06:31:02 -0600
Subject: Slightly OFF TOPIC - Traffic analysis...in reverse?
In-Reply-To: <4DBE3414.4000009@mac.com>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF7B0.8060600@fifthhorseman.net> <4DBE3414.4000009@mac.com>
Message-ID: <20110503123102.GC19307@poseidon.cocyt.us>

On Mon, May 02, 2011 at 12:33:24AM -0400, Charly Avital wrote:
> in the avalanche of news about the [recently] late Osama Bin Laden, I
> noticed a small item: the area where he was caught had been *also*
> defined/pinpointed by the lack of cellular phone communications.

Thanks for hijacking the thread!

--
. o .   o . o   . . o   o . .   . o .
. . o   . o o   o . o   . o o   . . o
o o o   . o .   . o o   o o .   o o o
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 527 bytes
Desc: Digital signature
URL: </pipermail/attachments/20110503/4ac21533/attachment.pgp>

From dkg at fifthhorseman.net  Tue May  3 17:50:46 2011
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Tue, 03 May 2011 11:50:46 -0400
Subject: Syncing Keys between multiple computers?
In-Reply-To: <4DBF2E68.7040409@srima.eu>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>	<4DBDF1EA.2050608@enigmail.net>	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu>
Message-ID: <4DC02456.1020501@fifthhorseman.net>

On 05/02/2011 06:21 PM, Sean Rima wrote:
> Just throwing this to the mix, but what about services like dropbox and
> point gnupg to the shared dropbox folder

I wouldn't consider this a reasonable approach if any secret keys are
involved.  Keep your secret keys private!  Dropbox exposes your secret
keys to dropbox employees (and anyone who can convince them to snoop):

http://paranoia.dubfire.net/2011/04/how-dropbox-sacrifices-user-privacy-for.html

Regards,

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110503/6ad9df5d/attachment.pgp>

From sean at srima.eu  Tue May  3 18:24:34 2011
From: sean at srima.eu (Sean Rima)
Date: Tue, 03 May 2011 17:24:34 +0100
Subject: Syncing Keys between multiple computers?
In-Reply-To: <4DC02456.1020501@fifthhorseman.net>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>	<4DBDF1EA.2050608@enigmail.net>	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu> <4DC02456.1020501@fifthhorseman.net>
Message-ID: <4DC02C42.1040403@srima.eu>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

On 03/05/2011 16:50, Daniel Kahn Gillmor wrote:
> On 05/02/2011 06:21 PM, Sean Rima wrote:
>> Just throwing this to the mix, but what about services like dropbox and
>> point gnupg to the shared dropbox folder
> 
> I wouldn't consider this a reasonable approach if any secret keys are
> involved.  Keep your secret keys private!  Dropbox exposes your secret
> keys to dropbox employees (and anyone who can convince them to snoop):
> 
> http://paranoia.dubfire.net/2011/04/how-dropbox-sacrifices-user-privacy-for.html
> 

I knew that dropbox could access stuff but was not fully aware of this.
Saying that my private keys are kept secure anyway on a USB key and not
my PC

Sean
- -- 
GSWoT and CaCert WOT Assurer

.tel  http://rima.tel/

I believe that every human has a finite number of
heartbeats. I don't intend to waste any of mine
running around doing exercises. - Neil Armstrong
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (MingW32)
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: Contact Details http://rima.tel
Comment: My GPG Key http://sl.srima.eu/gpg

iHIEAREDADIFAk3ALEIrFIAAAAAAFQANcGthLWFkZHJlc3NAZ251cGcub3Jnc2Vh
bkBzcmltYS5ldQAKCRDJ1+LfaIt9mKWXAKCgO2Q63703DJaAjB6+QbmsvWeYewCg
hR6gUGrzrfcjkW5o3gsVKN7+3/g=
=Jf1t
-----END PGP SIGNATURE-----


From jsd at cluttered.com  Thu May  5 01:01:44 2011
From: jsd at cluttered.com (Jon Drukman)
Date: Wed, 4 May 2011 23:01:44 +0000 (UTC)
Subject: scripting gpg
Message-ID: <loom.20110505T005937-765@post.gmane.org>

I need to do the following:

- when a new machine is created, automatically import a public key and give it
full trust

- be able to encrypt files with that public key without any interactive
prompting (from a shell script/cron job)

in other words, a machine has to go from virgin state (OS + software only) to
being able to encrypt and transmit encrypted files without any prompting or
other user interaction.

I know about the 'trust' command but I don't see any non-interactive way to
achieve that.  Alternatively, if the gpg binary would stop giving me the "It is
NOT certain that the key belongs to the person named
in the user ID.  If you *really* know what you are doing,
you may answer the next question with yes." prompt that would be fine too.

Are there some hidden command line options/environment variables I am missing?



From dshaw at jabberwocky.com  Thu May  5 02:13:25 2011
From: dshaw at jabberwocky.com (David Shaw)
Date: Wed, 4 May 2011 20:13:25 -0400
Subject: scripting gpg
In-Reply-To: <loom.20110505T005937-765@post.gmane.org>
References: <loom.20110505T005937-765@post.gmane.org>
Message-ID: <9DF7DE93-7F17-46DE-B46C-36EF9F7BF3FC@jabberwocky.com>

On May 4, 2011, at 7:01 PM, Jon Drukman wrote:

> I need to do the following:
> 
> - when a new machine is created, automatically import a public key and give it
> full trust
> 
> - be able to encrypt files with that public key without any interactive
> prompting (from a shell script/cron job)
> 
> in other words, a machine has to go from virgin state (OS + software only) to
> being able to encrypt and transmit encrypted files without any prompting or
> other user interaction.
> 
> I know about the 'trust' command but I don't see any non-interactive way to
> achieve that.  Alternatively, if the gpg binary would stop giving me the "It is
> NOT certain that the key belongs to the person named
> in the user ID.  If you *really* know what you are doing,
> you may answer the next question with yes." prompt that would be fine too.

You're looking for the "--trust-model always" option.  Add that to your options, and the trust model becomes "if it's on my keyring, it's fully trusted".  It's up to you to make sure that only keys that are fully trusted are on your keyring, of course. :)

David



From jsd at cluttered.com  Thu May  5 02:19:00 2011
From: jsd at cluttered.com (Jon Drukman)
Date: Thu, 5 May 2011 00:19:00 +0000 (UTC)
Subject: scripting gpg
References: <loom.20110505T005937-765@post.gmane.org>
	<9DF7DE93-7F17-46DE-B46C-36EF9F7BF3FC@jabberwocky.com>
Message-ID: <loom.20110505T021713-581@post.gmane.org>

David Shaw <dshaw <at> jabberwocky.com> writes:


> You're looking for the "--trust-model always" option.  Add that to your
options, and the trust model
> becomes "if it's on my keyring, it's fully trusted".  It's up to you to make
sure that only keys that are fully
> trusted are on your keyring, of course. :)


Awesome, thanks.  This works (php):

putenv('HOME=/tmp/gpg');
@mkdir('/tmp/gpg');
system("/usr/bin/gpg --batch --yes --import /sites/config/public_key.asc");
system("/usr/bin/gpg --batch --yes --no-ask-cert-level --trust-model always
--output $filename.gpg --encrypt --recipient $recipient $filename > /tmp/gpg.log
2>&1");





From jerome at jeromebaum.com  Thu May  5 02:44:14 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Thu, 5 May 2011 02:44:14 +0200
Subject: scripting gpg
In-Reply-To: <loom.20110505T021713-581@post.gmane.org>
References: <loom.20110505T005937-765@post.gmane.org>
	<9DF7DE93-7F17-46DE-B46C-36EF9F7BF3FC@jabberwocky.com>
	<loom.20110505T021713-581@post.gmane.org>
Message-ID: <BANLkTikG4Y53pJWszFUBN7LjhvwTWQxWKA@mail.gmail.com>

On Thu, May 5, 2011 at 02:19, Jon Drukman <jsd at cluttered.com> wrote:

> putenv('HOME=/tmp/gpg');
> @mkdir('/tmp/gpg');
>

At this point, you should be watching carefully. What if another user has
created this directory to spoof the key?

Use the appropriate command for creating a unique temporary directory.
Should be mktemp or similar.


> system("/usr/bin/gpg --batch --yes --import /sites/config/public_key.asc");
> system("/usr/bin/gpg --batch --yes --no-ask-cert-level --trust-model always
> --output $filename.gpg --encrypt --recipient $recipient $filename >
> /tmp/gpg.log
> 2>&1");


Again, what if the keyring is already in place? Could even be yourself --
you create the keyring once, import the public key at the time, then later
update the public key and import again -- now, which key to use?

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110505/b6d78b59/attachment.htm>

From makrober at gmail.com  Thu May  5 04:24:19 2011
From: makrober at gmail.com (M.R.)
Date: Thu, 05 May 2011 02:24:19 +0000
Subject: Storing secrets on other people's computers
In-Reply-To: <4DC02456.1020501@fifthhorseman.net>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>	<4DBDF1EA.2050608@enigmail.net>	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>	<4DBF2E68.7040409@srima.eu>
	<4DC02456.1020501@fifthhorseman.net>
Message-ID: <4DC20A53.7040902@gmail.com>

On 03/05/11 15:50, Daniel Kahn Gillmor wrote:

> Dropbox exposes your secret
> keys to dropbox employees (and anyone who can convince them to snoop):
>
> http://paranoia.dubfire.net/2011/04/how-dropbox-sacrifices-user-privacy-for.html

That article makes no sense at all.

a) Storing files containing your secret data on somebody else's
computer makes sense only if *you* encrypt the data beforehand,
completely independently from the person or organization that
you will give the files to store.

b) Your data can not be considered safely encrypted, unless encrypted
with a competently written program that had its source inspected by
you or someone you trust, on the computer that you control at the
time of encryption.

Once these two extremely straightforward principles are observed,
it is perfectly OK to give the files containing your secrets to
someone/anyone else for safekeeping, provided you have no problem
that it will be known to him, to all those that he cooperates with
and to all those that monitor the traffic between the two of you
that you have given *some* secrets away for safekeeping. To imply
that one such service is better or worse than another based on what
*they* do (or they say they do) in order to protect your secrets
is utter nonsense.

Marko R.



From jerome at jeromebaum.com  Thu May  5 05:34:03 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Thu, 5 May 2011 05:34:03 +0200
Subject: Storing secrets on other people's computers
In-Reply-To: <4DC20A53.7040902@gmail.com>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu> <4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
Message-ID: <BANLkTikrQ+COC1+xJyA=-f3sJssPFjy00Q@mail.gmail.com>

On Thu, May 5, 2011 at 04:24, M.R. <makrober at gmail.com> wrote:

> On 03/05/11 15:50, Daniel Kahn Gillmor wrote:
> Once these two extremely straightforward principles are observed,
> it is perfectly OK to give the files containing your secrets to
> someone/anyone else for safekeeping,


"perfectly OK" is quite an extreme thing to say, isn't it? Say you encrypted
the file with a cipher that is broken tomorrow (i.e. it becomes
computationally feasible to determine the plain-text given only the
cipher-text), then would you rather have someone else in possession of the
cipher-text, when you could opt not to?

Of course, that would prevent you from using any SaaS provider. There are
always trade-offs, and that's all I'm saying.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110505/80f253af/attachment.htm>

From rjh at sixdemonbag.org  Thu May  5 05:34:16 2011
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Wed, 4 May 2011 23:34:16 -0400
Subject: Storing secrets on other people's computers
In-Reply-To: <4DC20A53.7040902@gmail.com>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>	<4DBDF1EA.2050608@enigmail.net>	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>	<4DBF2E68.7040409@srima.eu>
	<4DC02456.1020501@fifthhorseman.net> <4DC20A53.7040902@gmail.com>
Message-ID: <634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>

> Once these two extremely straightforward principles are observed...

For the better part of a decade now I've volunteered to publish my private certificate in the _New York Times_ if someone will pay for the advertising space.  With a strong passphrase that's not known to anyone else, the private certificate is about as safe as can be.



From jerome at jeromebaum.com  Thu May  5 06:06:09 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Thu, 5 May 2011 06:06:09 +0200
Subject: Storing secrets on other people's computers
In-Reply-To: <634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu> <4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
	<634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>
Message-ID: <BANLkTikNgMEejH6sVyNowjvB6NLnOfkPJA@mail.gmail.com>

On Thu, May 5, 2011 at 05:34, Robert J. Hansen <rjh at sixdemonbag.org> wrote:

> > Once these two extremely straightforward principles are observed...
>
> For the better part of a decade now I've volunteered to publish my private
> certificate in the _New York Times_ if someone will pay for the advertising
> space.  With a strong passphrase that's not known to anyone else, the
> private certificate is about as safe as can be.
>

Go ahead. Send it to the list. Then offer a bounty for the guy who hands you
your secret key. That'll be worth so much more.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110505/13e35530/attachment-0001.htm>

From noloader at gmail.com  Thu May  5 06:23:16 2011
From: noloader at gmail.com (Jeffrey Walton)
Date: Thu, 5 May 2011 00:23:16 -0400
Subject: Storing secrets on other people's computers
In-Reply-To: <4DC20A53.7040902@gmail.com>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu> <4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
Message-ID: <BANLkTin0Wsg-d6sNc678b8=0Noyr8c0PUA@mail.gmail.com>

On Wed, May 4, 2011 at 10:24 PM, M.R. <makrober at gmail.com> wrote:
> On 03/05/11 15:50, Daniel Kahn Gillmor wrote:
>
>> Dropbox exposes your secret
>> keys to dropbox employees (and anyone who can convince them to snoop):
>>
>>
>> http://paranoia.dubfire.net/2011/04/how-dropbox-sacrifices-user-privacy-for.html
>
> That article makes no sense at all.
>
I was somewhat surprised at the article.

I think a typical user expects that a file is encrypted locally and
then securely transmitted to DropBox for storage. (I don't use
DropBox, but its what I expected). I don't believe anyone would expect
that DropBox transmits a plain text file and then encrypts the file at
its leisure and pleasure.

OT: I was just getting ready to audit DropBox via their public API for
another project. The article saved me a lot of time.

Jeff


From noloader at gmail.com  Thu May  5 07:08:19 2011
From: noloader at gmail.com (Jeffrey Walton)
Date: Thu, 5 May 2011 01:08:19 -0400
Subject: nothing so dramatic
In-Reply-To: <4DB98FB6.8010408@gmail.com>
References: <9B6DEDE3-309A-437E-A373-2166A3EE2951@sixdemonbag.org>
	<4DB87A61.2010602@gmail.com> <4DB9625A.8050107@sixdemonbag.org>
	<4DB96E66.2050700@vulcan.xs4all.nl> <4DB98FB6.8010408@gmail.com>
Message-ID: <BANLkTinMa-251uEddr0rkKNtQcWtW9RkmA@mail.gmail.com>

On Thu, Apr 28, 2011 at 12:03 PM, M.R. <makrober at gmail.com> wrote:
> On 28/04/11 13:40, Johan Wevers wrote:
>>
>> I'm not so sure. Especially for human rights activists in, say, Syrie or
>> Tibet, might not want the government to know when they are mailing with
>> foreign journalists.
>
> Quite probably, but I do not consider myself qualified to comment
> on trials and tribulations of human rights activists in faraway lands,
> or, for that matter, on this continent. My concern is the result of
> a much more mundane set of circumstances.
>
> When legal "pressure to decrypt" is discussed, almost universally
> the issue becomes that of the right not to self-incriminate.
> Implicitly, it is assumed that the proceedings are part of some
> segment of the criminal law. However, it is not in the criminal
> but in the civil litigation that the courts can (and nowadays
> increasingly do) issue Subpoena Duces Tecum ("production of evidence")
> for plain-text of one of the litigant's communications. No right not
> to self-incriminate applies in such case. Where the record exists
> (just for an-instance) in a monetary hefty divorce litigation that
> there was encrypted communication with a third party, reasonably
> suspected of interfering in the marriage, the request from the
> opposing side for such duces tecum would not be hard to obtain.
> But there has to be a "reasonable expectation of relevance"; i.e., encrypted
> communication with a specific and relevant individual.
> Without it, request would likely be treated as nothing but a fishing
> expedition and rejected. I can easily imagine similar cases where
> the other communicating party is not Alice (36-29-38) but Bob, your
> accountant or stockbroker.
>

"A federal judge has ordered a criminal defendant to decrypt his hard
drive by typing in his PGP passphrase so prosecutors can view the
unencrypted files, a ruling that raises serious concerns about
self-incrimination in an electronic age."

'Judge orders defendant to decrypt PGP-protected laptop',
http://news.cnet.com/8301-13578_3-10172866-38.html.


From papillion at gmail.com  Thu May  5 06:34:36 2011
From: papillion at gmail.com (Anthony Papillion)
Date: Wed, 4 May 2011 23:34:36 -0500
Subject: Storing secrets on other people's computers
In-Reply-To: <BANLkTin0Wsg-d6sNc678b8=0Noyr8c0PUA@mail.gmail.com>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu> <4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
	<BANLkTin0Wsg-d6sNc678b8=0Noyr8c0PUA@mail.gmail.com>
Message-ID: <BANLkTimhz+31O24hvquEGvQFuDfWAmowdg@mail.gmail.com>

The typical user most likely *does* believe files are locally
encrypted then sent to Dropbox. But isn't that still pretty
meaningless? If Dropbox is encrypting your file then you have to trust
that Dropbox either can't decrypt the file or that, if they can, they
would never under any circumstance compromise your security. One name:
HushMail.

If you don't encrypt it yourself using a tool that is *known* to be
secure then it really can't be trusted. Someone hacking a server is
really the least of your security worries.

Anthony


On 5/4/11, Jeffrey Walton <noloader at gmail.com> wrote:
> On Wed, May 4, 2011 at 10:24 PM, M.R. <makrober at gmail.com> wrote:
>> On 03/05/11 15:50, Daniel Kahn Gillmor wrote:
>>
>>> Dropbox exposes your secret
>>> keys to dropbox employees (and anyone who can convince them to snoop):
>>>
>>>
>>> http://paranoia.dubfire.net/2011/04/how-dropbox-sacrifices-user-privacy-for.html
>>
>> That article makes no sense at all.
>>
> I was somewhat surprised at the article.
>
> I think a typical user expects that a file is encrypted locally and
> then securely transmitted to DropBox for storage. (I don't use
> DropBox, but its what I expected). I don't believe anyone would expect
> that DropBox transmits a plain text file and then encrypts the file at
> its leisure and pleasure.
>
> OT: I was just getting ready to audit DropBox via their public API for
> another project. The article saved me a lot of time.
>
> Jeff
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>


-- 
Anthony Papillion
Lead Developer / Owner
Get real about your software/web development and IT Services
(918) 919-4624

Facebook: http://www.facebook.com/cajuntechie
My Blog:   http://www.cajuntechie.com


From rjh at sixdemonbag.org  Thu May  5 07:32:28 2011
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Thu, 5 May 2011 01:32:28 -0400
Subject: nothing so dramatic
In-Reply-To: <BANLkTinMa-251uEddr0rkKNtQcWtW9RkmA@mail.gmail.com>
References: <9B6DEDE3-309A-437E-A373-2166A3EE2951@sixdemonbag.org>
	<4DB87A61.2010602@gmail.com> <4DB9625A.8050107@sixdemonbag.org>
	<4DB96E66.2050700@vulcan.xs4all.nl> <4DB98FB6.8010408@gmail.com>
	<BANLkTinMa-251uEddr0rkKNtQcWtW9RkmA@mail.gmail.com>
Message-ID: <814D8E6C-C519-4EE7-BF43-06E2653AD777@sixdemonbag.org>

> "A federal judge has ordered a criminal defendant to decrypt his hard
> drive by typing in his PGP passphrase so prosecutors can view the
> unencrypted files, a ruling that raises serious concerns about
> self-incrimination in an electronic age."

That court's opinion was predicated on the fact Boucher had already waived his right against self-incrimination, and for that reason there was no constitutional violation.  It's sort of like testifying in court: the government can't force you to testify in your own criminal proceeding, but if you waive that right the government can cross-examine you.  Likewise, if you *voluntarily give the government your child porn*, you can't really claim that "I'm not going to provide the government with copies of that child porn, because that would incriminate me."

_Boucher_ is nowhere near the death knell for privacy that some people seem to think it is.

(ObDisclosure: a couple of years ago I helped prepare a law review article on _Boucher_.)



From aheinlein at gmx.com  Thu May  5 08:52:44 2011
From: aheinlein at gmx.com (Andreas Heinlein)
Date: Thu, 05 May 2011 08:52:44 +0200
Subject: Best practice for periodic key change?
Message-ID: <4DC2493C.4060403@gmx.com>

Hello,

I hope you can give me some advice on the following problem:

We have a OpenPGP key which we use for signing our software releases.
That key should be changed yearly and carry an expiration date to
enforce this change. However, for the signatures to be useful, the key
has to be signed by quite a lot of well-known people and institutions,
which means a considerable effort.

If we just regenerate the whole key every year, we would have to get all
these signatures again. I have a feeling that generating new subkeys
might be a solution, but I have never worked with subkeys before, so I
thought you could give me some advice what would be the best thing to do.

Thanks,
Andreas


From wk at gnupg.org  Thu May  5 11:19:30 2011
From: wk at gnupg.org (Werner Koch)
Date: Thu, 05 May 2011 11:19:30 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <4DC2493C.4060403@gmx.com> (Andreas Heinlein's message of "Thu,
	05 May 2011 08:52:44 +0200")
References: <4DC2493C.4060403@gmx.com>
Message-ID: <87fwottsgt.fsf@vigenere.g10code.de>

On Thu,  5 May 2011 08:52, aheinlein at gmx.com said:

> We have a OpenPGP key which we use for signing our software releases.
> That key should be changed yearly and carry an expiration date to
> enforce this change. However, for the signatures to be useful, the key
> has to be signed by quite a lot of well-known people and institutions,
> which means a considerable effort.

What I do is to prolong the expiration date shortly before the key
expires.  Further I use a smartcard to protect the signing key.  A
period key change is problematic because it confuses those who want to
verify the signatures.

BTW, the prolongation of the expiration time has showed (by means of a
lot of complaining mails) that many folks don't refresh the key from time
to time with the goal to retrieve revocation certificates.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.



From dkg at fifthhorseman.net  Thu May  5 15:15:40 2011
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Thu, 05 May 2011 09:15:40 -0400
Subject: Storing secrets on other people's computers
In-Reply-To: <634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>	<4DBDF1EA.2050608@enigmail.net>	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>	<4DBF2E68.7040409@srima.eu>	<4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
	<634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>
Message-ID: <4DC2A2FC.3060509@fifthhorseman.net>

On 05/04/2011 11:34 PM, Robert J. Hansen wrote:
> For the better part of a decade now I've volunteered to publish my private certificate in the _New York Times_ if someone will pay for the advertising space.  With a strong passphrase that's not known to anyone else, the private certificate is about as safe as can be.

The internet seems like a wider (and cheaper) distribution method than
the NYT.  So what are you waiting for?  I hereby volunteer to cover your
costs for posting your secret key to this mailing list :P

	--dkg

PS If Robert follows through on this, he certainly wouldn't be the only
person to publish his secret key.  Search for "BEGIN PGP PRIVATE KEY
BLOCK" in your favorite search engine.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110505/4bc53d84/attachment.pgp>

From rjh at sixdemonbag.org  Thu May  5 16:11:05 2011
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Thu, 05 May 2011 07:11:05 -0700
Subject: Storing secrets on other people's computers
In-Reply-To: <4DC2A2FC.3060509@fifthhorseman.net>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>	<4DBDF1EA.2050608@enigmail.net>	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>	<4DBF2E68.7040409@srima.eu>	<4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
	<634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>
	<4DC2A2FC.3060509@fifthhorseman.net>
Message-ID: <9b8c25c07216162fa1fe7382d4fe0ce7@localhost>

> The internet seems like a wider (and cheaper) distribution method than
> the NYT.  So what are you waiting for?  I hereby volunteer to cover your
> costs for posting your secret key to this mailing list :P

The instant a test costs someone money, they have a financial interest in
making sure the test is accurate.  This increases the credibility (to them)
of the results.  Or, put another way, if I do it for free few people but me
will be convinced.

If I for a second thought that by posting my (well-secured!) private
certificate to the Net I could convince people of the effectiveness of a
good passphrase, I'd do so.  But I'm just skeptical of people's willingness
to accept evidence they get for free.



From mailinglisten at hauke-laging.de  Thu May  5 17:07:27 2011
From: mailinglisten at hauke-laging.de (Hauke Laging)
Date: Thu, 5 May 2011 17:07:27 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <87fwottsgt.fsf@vigenere.g10code.de>
References: <4DC2493C.4060403@gmx.com> <87fwottsgt.fsf@vigenere.g10code.de>
Message-ID: <201105051707.27589.mailinglisten@hauke-laging.de>

Am Donnerstag, 5. Mai 2011, 11:19:30 schrieb Werner Koch:

> A
> period key change is problematic because it confuses those who want to
> verify the signatures.
> 
> BTW, the prolongation of the expiration time has showed (by means of a
> lot of complaining mails) that many folks don't refresh the key from time
> to time with the goal to retrieve revocation certificates.

What is the difference between these two options with respect to the point of 
confusion?

In my understanding people either refresh their keys often enough or not. If 
they do so then they have either old subkeys with renewed expiration date or 
completely new subkeys. In both cases the should not notice the update; the 
verification result is the same.

Are there people who check the subkey IDs of old and new signatures, get 
confused by a change despite of gpg saying it's all right (which IMHO demands 
they have not understood the concept of subkeys)?

BTW: Would it be a good idea for gpg to suggest the user to check for an 
updated version of the key (or do it automatically before if configured to do 
so) if it find an expired subkey? This would probably not work with the GUIs 
though (but might make the GUI developers offer a similar feature).


Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110505/d63bc93e/attachment-0001.pgp>

From wk at gnupg.org  Thu May  5 17:30:18 2011
From: wk at gnupg.org (Werner Koch)
Date: Thu, 05 May 2011 17:30:18 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <201105051707.27589.mailinglisten@hauke-laging.de> (Hauke
	Laging's message of "Thu, 5 May 2011 17:07:27 +0200")
References: <4DC2493C.4060403@gmx.com> <87fwottsgt.fsf@vigenere.g10code.de>
	<201105051707.27589.mailinglisten@hauke-laging.de>
Message-ID: <87y62lqi5x.fsf@vigenere.g10code.de>

On Thu,  5 May 2011 17:07, mailinglisten at hauke-laging.de said:

> Are there people who check the subkey IDs of old and new signatures, get 
> confused by a change despite of gpg saying it's all right (which IMHO demands 
> they have not understood the concept of subkeys)?

No they are confused that I signed a tarball with an expired key.  Well
expired according to their old copy of the key. 

> BTW: Would it be a good idea for gpg to suggest the user to check for an 
> updated version of the key (or do it automatically before if configured to do 
> so) if it find an expired subkey? This would probably not work with the GUIs 

Not for GPG but for the MUA they use.  It could be part of the error
message the MUA displays if no key or only an expired key was found.
For example a button "refresh key and retry".  It's all in GPGME.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.



From John at enigmail.net  Thu May  5 18:52:18 2011
From: John at enigmail.net (John Clizbe)
Date: Thu, 05 May 2011 11:52:18 -0500
Subject: Best practice for periodic key change?
In-Reply-To: <201105051707.27589.mailinglisten@hauke-laging.de>
References: <4DC2493C.4060403@gmx.com> <87fwottsgt.fsf@vigenere.g10code.de>
	<201105051707.27589.mailinglisten@hauke-laging.de>
Message-ID: <4DC2D5C2.10207@enigmail.net>

Hauke Laging wrote:
> 
> BTW: Would it be a good idea for gpg to suggest the user to check for an 
> updated version of the key (or do it automatically before if configured to do 
> so) if it find an expired subkey? This would probably not work with the GUIs 
> though (but might make the GUI developers offer a similar feature).

Hi, Hauke.

What you are suggesting sounds quite doable.

It sounds like a slight variation of the auto-key-retrieve keyserver-option. An
expired (sub)key could trigger the same code to refresh the key, maybe calling
the option auto-refresh-expired or something similar.

-John


-- 
John P. Clizbe                      Inet:   John (a) Enigmail DAWT net
FSF Assoc #995 / FSFE Fellow #1797  hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys at gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 886 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110505/98ebf7b4/attachment.pgp>

From jrollins at finestructure.net  Thu May  5 17:50:47 2011
From: jrollins at finestructure.net (Jameson Graef Rollins)
Date: Thu, 05 May 2011 08:50:47 -0700
Subject: Storing secrets on other people's computers
In-Reply-To: <4DC2A2FC.3060509@fifthhorseman.net>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu> <4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
	<634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>
	<4DC2A2FC.3060509@fifthhorseman.net>
Message-ID: <871v0d87u0.fsf@servo.factory.finestructure.net>

On Thu, 05 May 2011 09:15:40 -0400, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
> The internet seems like a wider (and cheaper) distribution method than
> the NYT.  So what are you waiting for?  I hereby volunteer to cover your
> costs for posting your secret key to this mailing list :P

Should we start a pot?

jamie.


From kgo at grant-olson.net  Thu May  5 19:30:46 2011
From: kgo at grant-olson.net (Grant Olson)
Date: Thu, 05 May 2011 13:30:46 -0400
Subject: Best practice for periodic key change?
In-Reply-To: <4DC2493C.4060403@gmx.com>
References: <4DC2493C.4060403@gmx.com>
Message-ID: <4DC2DEC6.1080501@grant-olson.net>

On 5/5/11 2:52 AM, Andreas Heinlein wrote:
> Hello,
> 
> I hope you can give me some advice on the following problem:
> 
> We have a OpenPGP key which we use for signing our software releases.
> That key should be changed yearly and carry an expiration date to
> enforce this change. However, for the signatures to be useful, the key
> has to be signed by quite a lot of well-known people and institutions,
> which means a considerable effort.
> 
> If we just regenerate the whole key every year, we would have to get all
> these signatures again. I have a feeling that generating new subkeys
> might be a solution, but I have never worked with subkeys before, so I
> thought you could give me some advice what would be the best thing to do.
> 
> Thanks,
> Andreas
> 

Some organizations create a master signing key, which is (supposedly)
kept secure and usually off-line.  That's used to sign the release keys.
 Then users sign the master key and/or see if the master key trusts the
key used to sign the release.

Like all the solutions proposed here, I have no idea how usable this
strategy is for people who try to verify software packages, but only
have a limited understanding of OpenPGP's trust model.

-- 
Grant

"I am gravely disappointed. Again you have made me unleash my dogs of war."


From jyard at ais.ucla.edu  Thu May  5 20:40:03 2011
From: jyard at ais.ucla.edu (Yard, John)
Date: Thu, 5 May 2011 11:40:03 -0700
Subject: simple gpg syntax question
In-Reply-To: <4DC2DEC6.1080501@grant-olson.net>
References: <4DC2493C.4060403@gmx.com> <4DC2DEC6.1080501@grant-olson.net>
Message-ID: <C90F497C267BBF4F9C6E06F672DBE39606935DFB7A@EM15.ad.ucla.edu>

Forgive the simple gpg syntax issue,

I have 

gpg --verbose --trust-model always --yes --armour --recipient XXXXX_UCLA --encrypt $T1 

which encrpts a file , I would like to sign it in the same command , I would like the output
to be $T1.asc 

if I sign it seperately :

gpg -u UCLA_XXXXXX2009 --sign ucla.asc

I will get ucla.asc.gpg as my signed output , I
Need to have $T1.asc as my output.

I am reverse engineering this system, I
have to emulate the behavior of the original.

So how can I 

gpg -u UCLA_XXXXXX2009 --sign ucla.asc

and have the output be ucla.asc ?

Thks,

JYard
UCLA


From mailinglisten at hauke-laging.de  Thu May  5 20:52:05 2011
From: mailinglisten at hauke-laging.de (Hauke Laging)
Date: Thu, 5 May 2011 20:52:05 +0200
Subject: simple gpg syntax question
In-Reply-To: <C90F497C267BBF4F9C6E06F672DBE39606935DFB7A@EM15.ad.ucla.edu>
References: <4DC2493C.4060403@gmx.com> <4DC2DEC6.1080501@grant-olson.net>
	<C90F497C267BBF4F9C6E06F672DBE39606935DFB7A@EM15.ad.ucla.edu>
Message-ID: <201105052052.06067.mailinglisten@hauke-laging.de>

Am Donnerstag, 5. Mai 2011, 20:40:03 schrieb Yard, John:

> which encrpts a file , I would like to sign it in the same command ,

This is done by putting --encrypt and --sign into a single command.


> I would like the output to be $T1.asc

This can be controlled by --output.


Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110505/650d53dd/attachment.pgp>

From dougb at dougbarton.us  Thu May  5 22:10:21 2011
From: dougb at dougbarton.us (Doug Barton)
Date: Thu, 05 May 2011 13:10:21 -0700
Subject: Best practice for periodic key change?
In-Reply-To: <4DC2493C.4060403@gmx.com>
References: <4DC2493C.4060403@gmx.com>
Message-ID: <4DC3042D.6050204@dougbarton.us>

On 05/04/2011 23:52, Andreas Heinlein wrote:
> We have a OpenPGP key which we use for signing our software releases.
> That key should be changed yearly and carry an expiration date to
> enforce this change.

What are you trying to accomplish by doing it this way? I've yet to see 
a good rationale for setting expiration dates on keys, but perhaps you 
can be the first. :)


-- 

	Nothin' ever doesn't change, but nothin' changes much.
			-- OK Go

	Breadth of IT experience, and depth of knowledge in the DNS.
	Yours for the right price.  :)  http://SupersetSolutions.com/



From John at enigmail.net  Thu May  5 22:17:40 2011
From: John at enigmail.net (John Clizbe)
Date: Thu, 05 May 2011 15:17:40 -0500
Subject: simple gpg syntax question
In-Reply-To: <C90F497C267BBF4F9C6E06F672DBE39606935DFB7A@EM15.ad.ucla.edu>
References: <4DC2493C.4060403@gmx.com> <4DC2DEC6.1080501@grant-olson.net>
	<C90F497C267BBF4F9C6E06F672DBE39606935DFB7A@EM15.ad.ucla.edu>
Message-ID: <4DC305E4.9050200@enigmail.net>

Yard, John wrote:
> Forgive the simple gpg syntax issue,
> 
> I have 
> 
> gpg --verbose --trust-model always --yes --armour --recipient XXXXX_UCLA
--encrypt $T1
> 
> which encrpts a file , I would like to sign it in the same command , I would
like the output to be $T1.asc
> 

gpg -v --yes --trust-model always -r XXXXX_UCLA -u <signing_key> -sea $T1

-v, --verbose
-r, --recipient
-u, --local-user-name (may be omitted if default-key specified in gpg.conf)
-s, --sign
-e, --encrypt
-a, --armor

.asc implies armored output. That option was the important missing piece.

The .gpg extension is usually used for binary OpenPGP files.

-John
U TX-Arlington

-- 
John P. Clizbe                      Inet:   John (a) Enigmail DAWT net,
FSF Assoc #995 / FSFE Fellow #1797  hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys at gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 886 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110505/267270e7/attachment.pgp>

From jyard at ais.ucla.edu  Thu May  5 22:30:32 2011
From: jyard at ais.ucla.edu (Yard, John)
Date: Thu, 5 May 2011 13:30:32 -0700
Subject: simple gpg syntax question
In-Reply-To: <4DC305E4.9050200@enigmail.net>
References: <4DC2493C.4060403@gmx.com> <4DC2DEC6.1080501@grant-olson.net>
	<C90F497C267BBF4F9C6E06F672DBE39606935DFB7A@EM15.ad.ucla.edu>
	<4DC305E4.9050200@enigmail.net>
Message-ID: <C90F497C267BBF4F9C6E06F672DBE39606935DFB81@EM15.ad.ucla.edu>

Thank you JYard 

-----Original Message-----
From: John Clizbe [mailto:John at enigmail.net] 
Sent: Thursday, May 05, 2011 1:18 PM
To: GnuPG Users
Cc: Yard, John
Subject: Re: simple gpg syntax question

Yard, John wrote:
> Forgive the simple gpg syntax issue,
> 
> I have 
> 
> gpg --verbose --trust-model always --yes --armour --recipient XXXXX_UCLA
--encrypt $T1
> 
> which encrpts a file , I would like to sign it in the same command , I would
like the output to be $T1.asc
> 

gpg -v --yes --trust-model always -r XXXXX_UCLA -u <signing_key> -sea $T1

-v, --verbose
-r, --recipient
-u, --local-user-name (may be omitted if default-key specified in gpg.conf)
-s, --sign
-e, --encrypt
-a, --armor

.asc implies armored output. That option was the important missing piece.

The .gpg extension is usually used for binary OpenPGP files.

-John
U TX-Arlington

-- 
John P. Clizbe                      Inet:   John (a) Enigmail DAWT net,
FSF Assoc #995 / FSFE Fellow #1797  hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys at gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"


From jerome at jeromebaum.com  Fri May  6 00:21:47 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Fri, 6 May 2011 00:21:47 +0200
Subject: scripting gpg
In-Reply-To: <BANLkTimwKsEGp2fcU8zC5jnRDFUczfq2fg@mail.gmail.com>
References: <loom.20110505T005937-765@post.gmane.org>
	<9DF7DE93-7F17-46DE-B46C-36EF9F7BF3FC@jabberwocky.com>
	<loom.20110505T021713-581@post.gmane.org>
	<BANLkTikG4Y53pJWszFUBN7LjhvwTWQxWKA@mail.gmail.com>
	<BANLkTimwKsEGp2fcU8zC5jnRDFUczfq2fg@mail.gmail.com>
Message-ID: <BANLkTin_JUDgO05y6ER+pR-s=Zurg-pL0Q@mail.gmail.com>

On Thu, May 5, 2011 at 19:21, Jon Drukman <jsd at cluttered.com> wrote:

> On Wed, May 4, 2011 at 5:44 PM, Jerome Baum <jerome at jeromebaum.com> wrote:
>
>> Again, what if the keyring is already in place? Could even be yourself --
>> you create the keyring once, import the public key at the time, then later
>> update the public key and import again -- now, which key to use?
>>
>
> In my testing it seems like if you import the same key over and over again,
> nothing bad happens.


Sorry should have been more clear. I was assuming you might at some point
want to swap in a new key.

Thanks for double checking my work!  Always good to get an extra pair of
> eyes on things.
>

Welcome!

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110506/408a88eb/attachment.htm>

From jerome at jeromebaum.com  Fri May  6 00:28:17 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Fri, 6 May 2011 00:28:17 +0200
Subject: Storing secrets on other people's computers
In-Reply-To: <9b8c25c07216162fa1fe7382d4fe0ce7@localhost>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu> <4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
	<634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>
	<4DC2A2FC.3060509@fifthhorseman.net>
	<9b8c25c07216162fa1fe7382d4fe0ce7@localhost>
Message-ID: <BANLkTinwFNjnehi6yp+UX2WZTsnSoghG6A@mail.gmail.com>

On Thu, May 5, 2011 at 16:11, Robert J. Hansen <rjh at sixdemonbag.org> wrote:

> Or, put another way, if I do it for free few people but me
> will be convinced.
>

So, put out a bounty.


> If I for a second thought that by posting my (well-secured!) private
> certificate to the Net I could convince people of the effectiveness of a
> good passphrase, I'd do so.


Posting the key here is free, you say. So, there is no contra. Just go post
it. Basic economics...

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110506/506f87ca/attachment.htm>

From jerome at jeromebaum.com  Fri May  6 00:31:09 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Fri, 6 May 2011 00:31:09 +0200
Subject: Storing secrets on other people's computers
In-Reply-To: <4DC2A2FC.3060509@fifthhorseman.net>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu> <4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
	<634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>
	<4DC2A2FC.3060509@fifthhorseman.net>
Message-ID: <BANLkTikkYsGH=kt-5r9XQe=E5jq7zbz1NQ@mail.gmail.com>

On Thu, May 5, 2011 at 15:15, Daniel Kahn Gillmor <dkg at fifthhorseman.net>wrote:

> PS If Robert follows through on this, he certainly wouldn't be the only
> person to publish his secret key.  Search for "BEGIN PGP PRIVATE KEY
> BLOCK" in your favorite search engine.
>

I do wonder how many of those are to make past signatures deniable, and how
many can be accounted to "I feel that my pass-phrase is safe".

For the latter, I don't get it -- it's not like keeping the key secret takes
a lot of effort -- but it does decrease your security ever so slightly.
Besides proving a point, why would you publish?

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110506/849726e2/attachment.htm>

From rjh at sixdemonbag.org  Fri May  6 00:43:47 2011
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Thu, 5 May 2011 18:43:47 -0400
Subject: Storing secrets on other people's computers
In-Reply-To: <BANLkTinwFNjnehi6yp+UX2WZTsnSoghG6A@mail.gmail.com>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu> <4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
	<634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>
	<4DC2A2FC.3060509@fifthhorseman.net>
	<9b8c25c07216162fa1fe7382d4fe0ce7@localhost>
	<BANLkTinwFNjnehi6yp+UX2WZTsnSoghG6A@mail.gmail.com>
Message-ID: <CDED8513-D987-4882-B080-27458C716E91@sixdemonbag.org>

> So, put out a bounty.

You're the one who's talking about basic economics, so let's apply some:

You want me to put my own money at risk (an incredibly small risk, yes, pretty close to epsilon: but not a zero risk) in order so other people can feel better about their GnuPG installations -- but not *you*, since you're apparently already convinced.

Makes perfect sense, economically speaking.  You don't bear the risk, so you have no incentives to consider -- much less accept the existence of! -- the downsides.  From my perspective, I have incentives to think about the downsides (including the drama downside: see below), and I think you're crazy.

> Posting the key here is free, you say. So, there is no contra. Just go post it. Basic economics...

First, I didn't say it.  Daniel said it.

Second, there is a contra: a good number of people will accuse me of pulling a stunt that really proves nothing, that a 64-character random hexstring password is orders of magnitude better than what people use in the real world, that it's a completely unrealistic test, etc.  And then, of course, there will be the people who will tell these people, "but that's not what he was claiming, he was only claiming that *with a good passphrase* it's safe."  And then there will be the people who are keeping quiet, rolling their eyes, and wondering why, why, why, I felt the need to open such a can of dramaworms.

In fact, I suspect there are already people *right now* who are rolling their eyes and wondering why I opened such a can of dramaworms.  In deference to them, I'm going to say nothing further about it.



From papillion at gmail.com  Fri May  6 00:45:18 2011
From: papillion at gmail.com (Anthony Papillion)
Date: Thu, 5 May 2011 17:45:18 -0500
Subject: Storing secrets on other people's computers
In-Reply-To: <BANLkTikkYsGH=kt-5r9XQe=E5jq7zbz1NQ@mail.gmail.com>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu> <4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
	<634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>
	<4DC2A2FC.3060509@fifthhorseman.net>
	<BANLkTikkYsGH=kt-5r9XQe=E5jq7zbz1NQ@mail.gmail.com>
Message-ID: <BANLkTin0ecW+CeMNGu2JhkGL=U463VF9bg@mail.gmail.com>

Does having possession of your secret key really make you less secure?
I mean the whole purpose of a passphrase is because you assume your
secret key is *not* safe simply being unprotected in your possession.
Law enforcement, hackers, even friends could *easily* get physical
access to your key so it's the passphrase that's of value.

I've actually thought about posting my key to Bittorrent in case I
ever lost it. It's economical and just as secure as sitting on my pc.
As long as you have a good passphrase, having physical possession of
your key gives an attacker no real advantage.

Anthony

On 5/5/11, Jerome Baum <jerome at jeromebaum.com> wrote:
> On Thu, May 5, 2011 at 15:15, Daniel Kahn Gillmor
> <dkg at fifthhorseman.net>wrote:
>
>> PS If Robert follows through on this, he certainly wouldn't be the only
>> person to publish his secret key.  Search for "BEGIN PGP PRIVATE KEY
>> BLOCK" in your favorite search engine.
>>
>
> I do wonder how many of those are to make past signatures deniable, and how
> many can be accounted to "I feel that my pass-phrase is safe".
>
> For the latter, I don't get it -- it's not like keeping the key secret takes
> a lot of effort -- but it does decrease your security ever so slightly.
> Besides proving a point, why would you publish?
>
> --
> Jerome Baum
>
> tel +49-1578-8434336
> email jerome at jeromebaum.com
> --
> PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
> PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
>

-- 
Sent from my mobile device

Anthony Papillion
Lead Developer / Owner
Get real about your software/web development and IT Services
(918) 919-4624

Facebook: http://www.facebook.com/cajuntechie
My Blog:   http://www.cajuntechie.com


From rjh at sixdemonbag.org  Fri May  6 00:46:29 2011
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Thu, 5 May 2011 18:46:29 -0400
Subject: Storing secrets on other people's computers
In-Reply-To: <BANLkTikkYsGH=kt-5r9XQe=E5jq7zbz1NQ@mail.gmail.com>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu> <4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
	<634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>
	<4DC2A2FC.3060509@fifthhorseman.net>
	<BANLkTikkYsGH=kt-5r9XQe=E5jq7zbz1NQ@mail.gmail.com>
Message-ID: <68C4B4DD-979A-4283-BC5B-A720BD57F186@sixdemonbag.org>

> For the latter, I don't get it -- it's not like keeping the key secret takes a lot of effort -- but it does decrease your security ever so slightly. Besides proving a point, why would you publish?

Because the _New York Times_ keeps records of all the papers it's ever published.  It can be seen as a highly effective, if low-tech, long-term archival solution.  Paperkey the private certificate, publish it in the NYT, verify the accuracy of the published certificate, and presto: your key is archived for the next 100+ years.

Honestly, half the reason why I volunteer to publish my certificate in the NYT is for precisely this reason.  I think it'd be kind of cool to (a) have the NYT be my data archive, and (b) get someone else to pay for it.  :)

(Assuming, of course, the NYT survives its current financial problems.  Which may be a very big if.)



From jerome at jeromebaum.com  Fri May  6 01:08:46 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Fri, 6 May 2011 01:08:46 +0200
Subject: Storing secrets on other people's computers
In-Reply-To: <BANLkTin0ecW+CeMNGu2JhkGL=U463VF9bg@mail.gmail.com>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu> <4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
	<634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>
	<4DC2A2FC.3060509@fifthhorseman.net>
	<BANLkTikkYsGH=kt-5r9XQe=E5jq7zbz1NQ@mail.gmail.com>
	<BANLkTin0ecW+CeMNGu2JhkGL=U463VF9bg@mail.gmail.com>
Message-ID: <BANLkTinb4OefAu8XvPFZycZgKm5-dqrJdQ@mail.gmail.com>

On Fri, May 6, 2011 at 00:45, Anthony Papillion <papillion at gmail.com> wrote:

> Does having possession of your secret key really make you less secure?
>

Yes.


> I mean the whole purpose of a passphrase is because you assume your
> secret key is *not* safe simply being unprotected in your possession.

Law enforcement, hackers, even friends could *easily* get physical
> access to your key so it's the passphrase that's of value.
>

You get practical security by adding more and more hurdles to get to your
data. Your password is -- hopefully -- a kind of "wall" they have to break
through. As is gaining access to your key.

A: They need your password to get at the data. Now your data is exactly as
secure as your password.

B: They need your password *and your keyfile* to get at the data. Now your
data is as secure as your password, and even further.

Of course, if there is a cost involved with keeping your keyfile secret --
and there is always *some* cost involved with everything -- then it becomes
a trade-off. See the email I'm about to post.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110506/14c95583/attachment-0001.htm>

From jerome at jeromebaum.com  Fri May  6 01:21:10 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Fri, 6 May 2011 01:21:10 +0200
Subject: Storing secrets on other people's computers
In-Reply-To: <68C4B4DD-979A-4283-BC5B-A720BD57F186@sixdemonbag.org>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu> <4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
	<634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>
	<4DC2A2FC.3060509@fifthhorseman.net>
	<BANLkTikkYsGH=kt-5r9XQe=E5jq7zbz1NQ@mail.gmail.com>
	<68C4B4DD-979A-4283-BC5B-A720BD57F186@sixdemonbag.org>
Message-ID: <BANLkTim-9fqzz-e3vSq3VVx_zkEARSfZ=w@mail.gmail.com>

On Fri, May 6, 2011 at 00:46, Robert J. Hansen <rjh at sixdemonbag.org> wrote:

> Because the _New York Times_ keeps records of all the papers it's ever
> published.  It can be seen as a highly effective, if low-tech, long-term
> archival solution.  Paperkey the private certificate, publish it in the NYT,
> verify the accuracy of the published certificate, and presto: your key is
> archived for the next 100+ years.
>

Now, this would be the kind of cost involved with keeping the key secret --
you have to archive it. I would consider that cost pretty small, but YMWV
("your mileage *will* vary"). As I said, as soon as there is any cost -- and
there is always a cost from a theoretical standpoint -- then there is a
trade-off.

That said, publishing it here should serve the purpose well -- gnupg-users
publicly archived, and the Internet Archive probably archives the public
archives, as does Google, etc. -- but(!) see below.


> Honestly, half the reason why I volunteer to publish my certificate in the
> NYT is for precisely this reason.  I think it'd be kind of cool to (a) have
> the NYT be my data archive, and (b) get someone else to pay for it.  :)
>

That's the caveat with publishing on the web -- you loose the coolness
factor. Besides what I said, I entirely agree and am entirely convinced -- I
just hate empty statements -- and it would be sooo cool to get a key
published.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110506/820e7c46/attachment.htm>

From jerome at jeromebaum.com  Fri May  6 01:31:36 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Fri, 6 May 2011 01:31:36 +0200
Subject: Storing secrets on other people's computers
In-Reply-To: <CDED8513-D987-4882-B080-27458C716E91@sixdemonbag.org>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu> <4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
	<634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>
	<4DC2A2FC.3060509@fifthhorseman.net>
	<9b8c25c07216162fa1fe7382d4fe0ce7@localhost>
	<BANLkTinwFNjnehi6yp+UX2WZTsnSoghG6A@mail.gmail.com>
	<CDED8513-D987-4882-B080-27458C716E91@sixdemonbag.org>
Message-ID: <BANLkTinyRrfmBaFeBS1XkMxuvSLzzKCKEA@mail.gmail.com>

On Fri, May 6, 2011 at 00:43, Robert J. Hansen <rjh at sixdemonbag.org> wrote:

> > So, put out a bounty.
>
> You're the one who's talking about basic economics, so let's apply some:
>
> You want me to put my own money at risk (an incredibly small risk, yes,
> pretty close to epsilon: but not a zero risk) in order so other people can
> feel better about their GnuPG installations -- but not *you*, since you're
> apparently already convinced.
>
> Makes perfect sense, economically speaking.  You don't bear the risk, so
> you have no incentives to consider -- much less accept the existence of! --
> the downsides.  From my perspective, I have incentives to think about the
> downsides (including the drama downside: see below), and I think you're
> crazy.
>

As for the drama downside, those people who are "rolling their eyes" are the
crazy ones -- crazy to roll their eyes just because we're having a nice
conversation.


> > Posting the key here is free, you say. So, there is no contra. Just go
> post it. Basic economics...
>
> First, I didn't say it.  Daniel said it.
>

Sorry about that one. Ignore the point then -- you obviously "get" economics
and I apologize for putting that "oh, he says something is free, must be a
really smart chap" label on you. :)

Totally OT, but can you think of an example that is entirely free? As in,
zero theoretical cost? (To put some boundaries on the question, let's assume
we consider only cost to oneself, not cost to society, and as soon as
there's a trade-off to be made -- of any kind -- it's obviously not "free".)

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110506/905d27a7/attachment.htm>

From jerome at jeromebaum.com  Fri May  6 01:32:41 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Fri, 6 May 2011 01:32:41 +0200
Subject: Storing secrets on other people's computers
In-Reply-To: <BANLkTinyRrfmBaFeBS1XkMxuvSLzzKCKEA@mail.gmail.com>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu> <4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
	<634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>
	<4DC2A2FC.3060509@fifthhorseman.net>
	<9b8c25c07216162fa1fe7382d4fe0ce7@localhost>
	<BANLkTinwFNjnehi6yp+UX2WZTsnSoghG6A@mail.gmail.com>
	<CDED8513-D987-4882-B080-27458C716E91@sixdemonbag.org>
	<BANLkTinyRrfmBaFeBS1XkMxuvSLzzKCKEA@mail.gmail.com>
Message-ID: <BANLkTikvGrTJPuud1pU00zRq2+Eip2Pquw@mail.gmail.com>

On Fri, May 6, 2011 at 01:31, Jerome Baum <jerome at jeromebaum.com> wrote:

>
>> > Posting the key here is free, you say. So, there is no contra. Just go
>> post it. Basic economics...
>>
>> First, I didn't say it.  Daniel said it.
>>
>
> Sorry about that one. Ignore the point then -- you obviously "get"
> economics and I apologize for putting that "oh, he says something is free,
> must be a really smart chap" label on you. :)
>

Hmm to clear that up, I don't mean to offend Daniel either -- he also didn't
say it's "free" -- he just implied it's extremely cheap.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110506/ec97c1bf/attachment.htm>

From jerome at jeromebaum.com  Fri May  6 01:33:53 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Fri, 6 May 2011 01:33:53 +0200
Subject: Storing secrets on other people's computers
In-Reply-To: <BANLkTikvGrTJPuud1pU00zRq2+Eip2Pquw@mail.gmail.com>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu> <4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
	<634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>
	<4DC2A2FC.3060509@fifthhorseman.net>
	<9b8c25c07216162fa1fe7382d4fe0ce7@localhost>
	<BANLkTinwFNjnehi6yp+UX2WZTsnSoghG6A@mail.gmail.com>
	<CDED8513-D987-4882-B080-27458C716E91@sixdemonbag.org>
	<BANLkTinyRrfmBaFeBS1XkMxuvSLzzKCKEA@mail.gmail.com>
	<BANLkTikvGrTJPuud1pU00zRq2+Eip2Pquw@mail.gmail.com>
Message-ID: <BANLkTinT_AXCe4C=fuUs_UdQEOuLmDoisA@mail.gmail.com>

>
> On Fri, May 6, 2011 at 01:32, Jerome Baum <jerome at jeromebaum.com> wrote:

On Fri, May 6, 2011 at 01:31, Jerome Baum <jerome at jeromebaum.com> wrote:
>
>>
>>> > Posting the key here is free, you say. So, there is no contra. Just go
>>> post it. Basic economics...
>>>
>>> First, I didn't say it.  Daniel said it.
>>>
>>
>> Sorry about that one. Ignore the point then -- you obviously "get"
>> economics and I apologize for putting that "oh, he says something is free,
>> must be a really smart chap" label on you. :)
>>
>
> Hmm to clear that up, I don't mean to offend Daniel either -- he also
> didn't say it's "free" -- he just implied it's extremely cheap.
>

When I post the second follow-up to my own email, it's time to go to sleep.
Here you go:

Or, put another way, if I do it for free few people but me
> will be convinced.


So, Robert did say it.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110506/3d14302c/attachment.htm>

From rjh at sixdemonbag.org  Fri May  6 01:43:32 2011
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Thu, 5 May 2011 19:43:32 -0400
Subject: Storing secrets on other people's computers
In-Reply-To: <BANLkTinyRrfmBaFeBS1XkMxuvSLzzKCKEA@mail.gmail.com>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu> <4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
	<634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>
	<4DC2A2FC.3060509@fifthhorseman.net>
	<9b8c25c07216162fa1fe7382d4fe0ce7@localhost>
	<BANLkTinwFNjnehi6yp+UX2WZTsnSoghG6A@mail.gmail.com>
	<CDED8513-D987-4882-B080-27458C716E91@sixdemonbag.org>
	<BANLkTinyRrfmBaFeBS1XkMxuvSLzzKCKEA@mail.gmail.com>
Message-ID: <E07DB453-BA7C-407A-88E6-4FB80321C5CF@sixdemonbag.org>

> Totally OT, but can you think of an example that is entirely free? As in, zero theoretical cost?

Space.  I'm perfectly happy to sell you a cubic meter of space somewhere within a lightyear of Betelgeuse.

Before anyone thinks I'm being sarcastic, I'm not.  That's a frank and honest answer to the question.  For something to have zero theoretical cost, it must be available in effectively infinite supply or else have no competing uses to which it can be put.  

A cubic meter of space near Betelgeuse meets both criteria: there's an incredibly mind-bogglingly huge supply of them (about 4.45 times 10**47 of them), and there's really nothing you can do with them (since first you'd have to get there).  Effectively infinite supply, zero competing purposes, equals a cost as close to zero as I know how to make.

Sometimes people talk about how "the best things in life are free," but these people have obviously never courted someone.  In my life I've chased a couple of women around and have the credit card bills to show for it.  Likewise, the love of your kids may be free, but saving for college costs a *fortune*.




From rjh at sixdemonbag.org  Fri May  6 01:48:07 2011
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Thu, 5 May 2011 19:48:07 -0400
Subject: Storing secrets on other people's computers
In-Reply-To: <BANLkTinT_AXCe4C=fuUs_UdQEOuLmDoisA@mail.gmail.com>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu> <4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
	<634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>
	<4DC2A2FC.3060509@fifthhorseman.net>
	<9b8c25c07216162fa1fe7382d4fe0ce7@localhost>
	<BANLkTinwFNjnehi6yp+UX2WZTsnSoghG6A@mail.gmail.com>
	<CDED8513-D987-4882-B080-27458C716E91@sixdemonbag.org>
	<BANLkTinyRrfmBaFeBS1XkMxuvSLzzKCKEA@mail.gmail.com>
	<BANLkTikvGrTJPuud1pU00zRq2+Eip2Pquw@mail.gmail.com>
	<BANLkTinT_AXCe4C=fuUs_UdQEOuLmDoisA@mail.gmail.com>
Message-ID: <9C1F4029-56D3-4492-AF09-5F119F53DC4D@sixdemonbag.org>

> When I post the second follow-up to my own email, it's time to go to sleep. Here you go:
> 
> Or, put another way, if I do it for free few people but me
> will be convinced.
> 
> So, Robert did say it.

Only if you assume that I meant "for free" as in "without cost to myself" -- which, as I hope my other message showed, is not what I believed to be true: there are downsides, not least of which being the potential dramaworms.  There I meant "for free" as in, no cost that I can see other people incurring (perhaps because I have no incentives to consider those potential costs).

Freedom from price is a subjective phenomena.

From me at christran.in  Fri May  6 00:49:01 2011
From: me at christran.in (Christopher Tran)
Date: Thu, 5 May 2011 18:49:01 -0400
Subject: Storing secrets on other people's computers
In-Reply-To: <68C4B4DD-979A-4283-BC5B-A720BD57F186@sixdemonbag.org>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu> <4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
	<634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>
	<4DC2A2FC.3060509@fifthhorseman.net>
	<BANLkTikkYsGH=kt-5r9XQe=E5jq7zbz1NQ@mail.gmail.com>
	<68C4B4DD-979A-4283-BC5B-A720BD57F186@sixdemonbag.org>
Message-ID: <10CCEC62-624C-4F7B-A635-12C5462E717B@christran.in>

How about putting it on to twitter so it can be archived into the LOC?

On May 5, 2011, at 6:46 PM, Robert J. Hansen wrote:

>> For the latter, I don't get it -- it's not like keeping the key secret takes a lot of effort -- but it does decrease your security ever so slightly. Besides proving a point, why would you publish?
> 
> Because the _New York Times_ keeps records of all the papers it's ever published.  It can be seen as a highly effective, if low-tech, long-term archival solution.  Paperkey the private certificate, publish it in the NYT, verify the accuracy of the published certificate, and presto: your key is archived for the next 100+ years.
> 
> Honestly, half the reason why I volunteer to publish my certificate in the NYT is for precisely this reason.  I think it'd be kind of cool to (a) have the NYT be my data archive, and (b) get someone else to pay for it.  :)
> 
> (Assuming, of course, the NYT survives its current financial problems.  Which may be a very big if.)
> 
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

Christopher Tran
http://christran.in/
84730CD9



-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3727 bytes
Desc: not available
URL: </pipermail/attachments/20110505/443254b3/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 881 bytes
Desc: This is a digitally signed message part
URL: </pipermail/attachments/20110505/443254b3/attachment.pgp>

From jerome at jeromebaum.com  Fri May  6 01:51:09 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Fri, 6 May 2011 01:51:09 +0200
Subject: Storing secrets on other people's computers
In-Reply-To: <E07DB453-BA7C-407A-88E6-4FB80321C5CF@sixdemonbag.org>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu> <4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
	<634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>
	<4DC2A2FC.3060509@fifthhorseman.net>
	<9b8c25c07216162fa1fe7382d4fe0ce7@localhost>
	<BANLkTinwFNjnehi6yp+UX2WZTsnSoghG6A@mail.gmail.com>
	<CDED8513-D987-4882-B080-27458C716E91@sixdemonbag.org>
	<BANLkTinyRrfmBaFeBS1XkMxuvSLzzKCKEA@mail.gmail.com>
	<E07DB453-BA7C-407A-88E6-4FB80321C5CF@sixdemonbag.org>
Message-ID: <BANLkTi=v5PYgH+iiX7gkGQgRCWyTgE6MNA@mail.gmail.com>

On Fri, May 6, 2011 at 01:43, Robert J. Hansen <rjh at sixdemonbag.org> wrote:

> > Totally OT, but can you think of an example that is entirely free? As in,
> zero theoretical cost?
>
> Space.  I'm perfectly happy to sell you a cubic meter of space somewhere
> within a lightyear of Betelgeuse.
>
> Before anyone thinks I'm being sarcastic, I'm not.  That's a frank and
> honest answer to the question.  For something to have zero theoretical cost,
> it must be available in effectively infinite supply or else have no
> competing uses to which it can be put.
>

As for a use: prestige?

Also, how about the admin cost of assigning the space?

Nonetheless, it gets incredibly close. I wonder if there might be a cost
involved with acquiring anything -- at the very least, you have to make the
decision to acquire it. But it might not be your decision. <insert long
discussion here about theoretical costs involved with owning something,
obtaining it, knowing that you own it, whether you need to know that you own
something in order to own it, etc.>

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110506/f2010b17/attachment.htm>

From rjh at sixdemonbag.org  Fri May  6 02:19:55 2011
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Thu, 5 May 2011 20:19:55 -0400
Subject: OT: Economics (was: Storing secrets...)
In-Reply-To: <BANLkTi=v5PYgH+iiX7gkGQgRCWyTgE6MNA@mail.gmail.com>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu> <4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
	<634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>
	<4DC2A2FC.3060509@fifthhorseman.net>
	<9b8c25c07216162fa1fe7382d4fe0ce7@localhost>
	<BANLkTinwFNjnehi6yp+UX2WZTsnSoghG6A@mail.gmail.com>
	<CDED8513-D987-4882-B080-27458C716E91@sixdemonbag.org>
	<BANLkTinyRrfmBaFeBS1XkMxuvSLzzKCKEA@mail.gmail.com>
	<E07DB453-BA7C-407A-88E6-4FB80321C5CF@sixdemonbag.org>
	<BANLkTi=v5PYgH+iiX7gkGQgRCWyTgE6MNA@mail.gmail.com>
Message-ID: <D290F0B0-CD3F-4783-802B-C438A3B37260@sixdemonbag.org>

> Nonetheless, it gets incredibly close. I wonder if there might be a cost involved with acquiring anything -- at the very least, you have to make the decision to acquire it.

Necessarily there must be.  Free trade depends on value differentials, after all.  If I have a candy bar that I think is worth $1, and you have $1 that you think is worth a candy bar, I keep my candy bar and you keep your money.  Neither of us has any incentive to make a trade: stasis results.  If I think the candy bar is worth $0.99, and you have $1 that you think is worth a candy bar, we're going to make the trade because it's in both of our interests to do so.

If both parties agree on the true value of something -- no matter what that value is -- trade doesn't happen.  For you to buy my cubic meter of space somewhere near Betelgeuse, even if I value it at nothing, you must value it at something.  And, as you've said, the prestige of owning a cubic meter of space near Betelgeuse might be worth an awful lot.



From jerome at jeromebaum.com  Fri May  6 02:33:03 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Fri, 6 May 2011 02:33:03 +0200
Subject: OT: Economics (was: Storing secrets...)
In-Reply-To: <D290F0B0-CD3F-4783-802B-C438A3B37260@sixdemonbag.org>
References: <FF73911B-F179-47DE-9A9F-852F2A4D782F@christran.in>
	<4DBDF1EA.2050608@enigmail.net>
	<7357B361-DA96-4156-9F36-B9012B768479@jabberwocky.com>
	<4DBF2E68.7040409@srima.eu> <4DC02456.1020501@fifthhorseman.net>
	<4DC20A53.7040902@gmail.com>
	<634EE34D-0BDF-423B-8ECC-06910951665F@sixdemonbag.org>
	<4DC2A2FC.3060509@fifthhorseman.net>
	<9b8c25c07216162fa1fe7382d4fe0ce7@localhost>
	<BANLkTinwFNjnehi6yp+UX2WZTsnSoghG6A@mail.gmail.com>
	<CDED8513-D987-4882-B080-27458C716E91@sixdemonbag.org>
	<BANLkTinyRrfmBaFeBS1XkMxuvSLzzKCKEA@mail.gmail.com>
	<E07DB453-BA7C-407A-88E6-4FB80321C5CF@sixdemonbag.org>
	<BANLkTi=v5PYgH+iiX7gkGQgRCWyTgE6MNA@mail.gmail.com>
	<D290F0B0-CD3F-4783-802B-C438A3B37260@sixdemonbag.org>
Message-ID: <BANLkTin27a6eYquz8cRdfaatvciiFKqyNw@mail.gmail.com>

On Fri, May 6, 2011 at 02:19, Robert J. Hansen <rjh at sixdemonbag.org> wrote:

> > Nonetheless, it gets incredibly close. I wonder if there might be a cost
> involved with acquiring anything -- at the very least, you have to make the
> decision to acquire it.
>
> Necessarily there must be.  Free trade depends on value differentials,
> after all.


How about outside of trade? Say I breathe air. There is cost and value
involved. Remove the cost, and I'd still breathe the air. Trade requires two
parties, but acquisition doesn't. Of course, that limits us to exchanges
involving only one party and "nature". That's where the cost to society
comes in, which I excluded from consideration.

Now, for breathing there are several types of cost involved. I am exchanging
energy (through muscle movement) for fresh air. Additionally, I have the
opportunity cost of breathing instead of, say, eating.

Assuming I don't want to eat all the time, and looking at it on a larger
scale, I am just gaining new energy. So, could it be that there is no cost
(to myself, not to society, and also not indirectly through society to me)
to breathing air? Or would you say a "larger scale" interpretation doesn't
cut it?

Also, want to take this off-list?

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110506/2b401e8a/attachment-0001.htm>

From noloader at gmail.com  Fri May  6 08:20:54 2011
From: noloader at gmail.com (Jeffrey Walton)
Date: Fri, 6 May 2011 02:20:54 -0400
Subject: Best practice for periodic key change?
In-Reply-To: <4DC3042D.6050204@dougbarton.us>
References: <4DC2493C.4060403@gmx.com>
	<4DC3042D.6050204@dougbarton.us>
Message-ID: <BANLkTi=wLF5v+Y3KQ9vNbbbOTpN8t4++dA@mail.gmail.com>

On Thu, May 5, 2011 at 4:10 PM, Doug Barton <dougb at dougbarton.us> wrote:
> On 05/04/2011 23:52, Andreas Heinlein wrote:
>>
>> We have a OpenPGP key which we use for signing our software releases.
>> That key should be changed yearly and carry an expiration date to
>> enforce this change.
>
> What are you trying to accomplish by doing it this way? I've yet to see a
> good rationale for setting expiration dates on keys, but perhaps you can be
> the first. :)
I would guess that Andreas is practicing Key Management
(http://www.cacr.math.uwaterloo.ca/hac/about/chap13.pdf). I've also
seen similar arise in compliance and auditing.

Jeff


From aheinlein at gmx.com  Fri May  6 08:22:45 2011
From: aheinlein at gmx.com (Andreas Heinlein)
Date: Fri, 06 May 2011 08:22:45 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <4DC3042D.6050204@dougbarton.us>
References: <4DC2493C.4060403@gmx.com> <4DC3042D.6050204@dougbarton.us>
Message-ID: <4DC393B5.60007@gmx.com>

Am 05.05.2011 22:10, schrieb Doug Barton:
> On 05/04/2011 23:52, Andreas Heinlein wrote:
>> We have a OpenPGP key which we use for signing our software releases.
>> That key should be changed yearly and carry an expiration date to
>> enforce this change.
>
> What are you trying to accomplish by doing it this way? I've yet to
> see a good rationale for setting expiration dates on keys, but perhaps
> you can be the first. :)
>
>
Well, there are several reasons.

The first is that there is always the chance that the key is cracked
brute-force. Remember that the x-zillion years which are often cited are
only an average. One might always be lucky and find the right one within
the first 0.0001% of keyspace, taking only a few days or weeks. Chance
is very low, but then almost every week someone wins the lottery... ;-)

More likely your key gets compromised some other way, e.g. it is stolen
from your computer by a trojan, a malicious website or whatever. A good
passphrase mitigates this risk somewhat, but most people choose
passphrases which are weaker and easier to brute-force than the actual key.

Here comes the third point; even if you notice your key was compromised,
you need to revoke it *and* make sure the revocation reaches all users
of your key. Like Werner said, many people never refresh their keys, so
expiring is indeed a way to force them to do that. ( I admit that, in
our case, even this will not help, since gpg will happily verify a
signature made by an expired key. It will tell you that it's expired,
but verify anyway. The 'hard' way would be to just refuse to do anything
with an expired key or even delete it automatically, but that's another
discussion).

Much depends on the use case you're using GPG for, there's another
discussion currently on this topic. Werner's approach still doesn't
satisfy me, as it doesn't protect you from someone else using your
(compromised) key as long as you don't notice it.

Andreas


From dougb at dougbarton.us  Fri May  6 09:47:57 2011
From: dougb at dougbarton.us (Doug Barton)
Date: Fri, 06 May 2011 00:47:57 -0700
Subject: Best practice for periodic key change?
In-Reply-To: <4DC393B5.60007@gmx.com>
References: <4DC2493C.4060403@gmx.com> <4DC3042D.6050204@dougbarton.us>
	<4DC393B5.60007@gmx.com>
Message-ID: <4DC3A7AD.9050106@dougbarton.us>

On 05/05/2011 23:22, Andreas Heinlein wrote:
> Like Werner said, many people never refresh their keys, so
> expiring is indeed a way to force them to do that. ( I admit that, in
> our case, even this will not help, since gpg will happily verify a
> signature made by an expired key. It will tell you that it's expired,
> but verify anyway. The 'hard' way would be to just refuse to do anything
> with an expired key or even delete it automatically, but that's another
> discussion).

Obviously you've thought through one side of the problem of key 
compromise (which I've snipped), but I'm not sure you've thought through 
the ramifications of what's going to happen after the bad guys get your 
key.

You create a key with an expiration date.
You sign stuff with it.
Users download your stuff, the signature, and your key, and verify the 
signature on your stuff. All good.

Now the bad guys get your key (oops!).
They sign malicious versions of your code, and upload it.
Users who still have your (now compromised) key will still be able to 
verify the signatures (as you pointed out). The tiny percentage of users 
who periodically refresh their keys, and care that the key has expired, 
_may_ notice something is wrong, probably not.

Even if the user doesn't already have the key, most keyservers don't 
hesitate to serve up keys that are expired, or even revoked.

There's also another element, the expiration date is irrelevant if the 
key is actually compromised. If Eve has your secret key she can simply 
update or remove the expiration date, and upload the new version of the 
public key to the public keyservers. So, I remain confused as to what 
purpose expiration dates on the keys will serve.

One could make an argument for creating new keys (or subkeys) on an 
annual basis with a comment to the effect of "This key is only valid for 
signatures created during calendar year 2011." However, asking users to 
parse that is likely to be more than they are able or willing to do. And 
even that can be trivially compromised if Eve changes the clock on her 
computer before generating the signature.

In short, rotating keys, with or without an expiration date _may_ add 
single-digit percentage points of security to your intended use, but 
you'd be far better off with a good management policy for your secret 
key (you've been given some good suggestions already) to reduce as much 
as possible the potential for having it compromised.


Good luck,

Doug

-- 

	Nothin' ever doesn't change, but nothin' changes much.
			-- OK Go

	Breadth of IT experience, and depth of knowledge in the DNS.
	Yours for the right price.  :)  http://SupersetSolutions.com/



From jsd at cluttered.com  Thu May  5 19:21:44 2011
From: jsd at cluttered.com (Jon Drukman)
Date: Thu, 5 May 2011 10:21:44 -0700
Subject: scripting gpg
In-Reply-To: <BANLkTikG4Y53pJWszFUBN7LjhvwTWQxWKA@mail.gmail.com>
References: <loom.20110505T005937-765@post.gmane.org>
	<9DF7DE93-7F17-46DE-B46C-36EF9F7BF3FC@jabberwocky.com>
	<loom.20110505T021713-581@post.gmane.org>
	<BANLkTikG4Y53pJWszFUBN7LjhvwTWQxWKA@mail.gmail.com>
Message-ID: <BANLkTimwKsEGp2fcU8zC5jnRDFUczfq2fg@mail.gmail.com>

On Wed, May 4, 2011 at 5:44 PM, Jerome Baum <jerome at jeromebaum.com> wrote:

> On Thu, May 5, 2011 at 02:19, Jon Drukman <jsd at cluttered.com> wrote:
>
>> putenv('HOME=/tmp/gpg');
>> @mkdir('/tmp/gpg');
>>
>
> At this point, you should be watching carefully. What if another user has
> created this directory to spoof the key?
>

There are no other users on this box, it has a default-deny firewall, and
password logins are disabled.  You need to be coming from my office with the
correct ssh key.


> system("/usr/bin/gpg --batch --yes --import /sites/config/public_key.asc");
>> system("/usr/bin/gpg --batch --yes --no-ask-cert-level --trust-model
>> always
>> --output $filename.gpg --encrypt --recipient $recipient $filename >
>> /tmp/gpg.log
>> 2>&1");
>
>
> Again, what if the keyring is already in place? Could even be yourself --
> you create the keyring once, import the public key at the time, then later
> update the public key and import again -- now, which key to use?
>
>
In my testing it seems like if you import the same key over and over again,
nothing bad happens.  gpg just ignores it:

% gpg --import /sites/config/public_key.asc
gpg: key 43B4963D: "[redacted]" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1


% gpg --import /sites/config/public_key.asc
gpg: key 43B4963D: "[redacted]" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

% gpg --list-keys
/Users/jsd/.gnupg/pubring.gpg
-----------------------------
pub   1024D/43B4963D 2002-04-10
uid                  [redacted]
sub   1024g/861E4AE2 2002-04-10

Thanks for double checking my work!  Always good to get an extra pair of
eyes on things.

-jsd-
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110505/43c324ef/attachment.htm>

From erica339 at safe-mail.net  Fri May  6 14:25:23 2011
From: erica339 at safe-mail.net (Erica3)
Date: Fri, 6 May 2011 05:25:23 -0700 (PDT)
Subject: I'm looking for a very beginnerfriendly gpg
Message-ID: <31558391.post@talk.nabble.com>


Hi everyone!

This might not be the right place, but I cross my fingers and hope that
someone here can help me or maybe give me a link to a better place to ask
this question. I've tried to find a forum for this, but I couldn't.
I'm looking for the most newbie-friendly, easiest-to-use version of gpg. No
writing commands, just clicking and if possible, I want to download and
install the whole thing at once and not have to put things (gpg and
interface?) together myself.
I would really appriciate any help and if there is a place where I can ask
stupid questions like this one, I would really like to know where it is...
:)
-- 
View this message in context: http://old.nabble.com/I%27m-looking-for-a-very-beginnerfriendly-gpg-tp31558391p31558391.html
Sent from the GnuPG - User mailing list archive at Nabble.com.



From rjh at sixdemonbag.org  Fri May  6 14:54:44 2011
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Fri, 6 May 2011 08:54:44 -0400
Subject: I'm looking for a very beginnerfriendly gpg
In-Reply-To: <31558391.post@talk.nabble.com>
References: <31558391.post@talk.nabble.com>
Message-ID: <AD14FC03-AF50-4672-8202-C4A1A24ABE71@sixdemonbag.org>

> This might not be the right place, but I cross my fingers and hope that
> someone here can help me or maybe give me a link to a better place to ask
> this question. I've tried to find a forum for this, but I couldn't.

You're in the right place, never fear.  There are a lot of people here who are happy to give you all manner of advice, but before we can begin we need a little more information.  :)

We need to know a little about your use case.  How do you plan on using GnuPG?  Will you be using it to encrypt your local files, will you be using it to encrypt emails?  Etc., etc.




From Lists.gnupg at mephisto.fastmail.net  Fri May  6 15:01:47 2011
From: Lists.gnupg at mephisto.fastmail.net (Kevin Kammer)
Date: Fri, 6 May 2011 09:01:47 -0400
Subject: I'm looking for a very beginnerfriendly gpg
In-Reply-To: <31558391.post@talk.nabble.com>
References: <31558391.post@talk.nabble.com>
Message-ID: <20110506130147.GA4948@imac-6g2p.mgh.harvard.edu>

On Fri, May 06, 2011 at 05:25:23AM -0700 Also sprach Erica3:
>
> I'm looking for the most newbie-friendly, easiest-to-use version of gpg. No
> writing commands, just clicking and if possible, I want to download and
> install the whole thing at once and not have to put things (gpg and
> interface?) together myself.

It would help if we knew what platform you're on (Linux? Mac? Windows?).

-- 
"Le hasard favorise l'esprit pr?par?."
                       --Louis Pasteur


From vedaal at nym.hush.com  Fri May  6 15:56:23 2011
From: vedaal at nym.hush.com (vedaal at nym.hush.com)
Date: Fri, 06 May 2011 09:56:23 -0400
Subject: very beginnerfriendly gpg
Message-ID: <20110506135624.0B2606F437@smtp.hushmail.com>

Erica3 erica339 at safe-mail.net wrote on
Fri May 6 14:25:23 CEST 2011 :

>I'm looking for the most newbie-friendly, easiest-to-use version 
of gpg. No writing commands, just clicking and if possible, I want 
to download and install the whole thing at once and not have to put 
things (gpg and interface?) together myself.

-----

if you're on windows, 
then this may be the closest to what you are looking for:

http://www.gpg4win.org/

get started and play with it, 
and ask anything you want in the gpg4win community or here,
and 
*welcome* to the world of openPGP encryption ;-)

vedaal



From dkg at fifthhorseman.net  Fri May  6 17:05:56 2011
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Fri, 06 May 2011 11:05:56 -0400
Subject: Best practice for periodic key change?
In-Reply-To: <4DC3A7AD.9050106@dougbarton.us>
References: <4DC2493C.4060403@gmx.com>
	<4DC3042D.6050204@dougbarton.us>	<4DC393B5.60007@gmx.com>
	<4DC3A7AD.9050106@dougbarton.us>
Message-ID: <4DC40E54.7090508@fifthhorseman.net>

On 05/06/2011 03:47 AM, Doug Barton wrote:
> There's also another element, the expiration date is irrelevant if the
> key is actually compromised. If Eve has your secret key she can simply
> update or remove the expiration date, and upload the new version of the
> public key to the public keyservers. So, I remain confused as to what
> purpose expiration dates on the keys will serve.

This is a critical observation.

expiration dates are safeguards against a key becoming inaccessible to
the legitimate keyholder -- not against compromise.

There are other safeguards against keys becoming inaccessible, including
a safely-stored revocation certificate.

Expiration dates have the advantage over revocation certificates that
you do not need to keep track of anything or maintain safe and secure
longterm storage.

A safely-stored revocation certificate *also* protects against key
compromise, though, so you really ought to have one anyway.  Consider
the expiration date as a safeguard against simultaneous loss (not
compromise) of the key and loss of the revocation certificate.

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110506/290666a6/attachment.pgp>

From mailinglisten at hauke-laging.de  Fri May  6 17:34:22 2011
From: mailinglisten at hauke-laging.de (Hauke Laging)
Date: Fri, 6 May 2011 17:34:22 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <4DC3A7AD.9050106@dougbarton.us>
References: <4DC2493C.4060403@gmx.com> <4DC393B5.60007@gmx.com>
	<4DC3A7AD.9050106@dougbarton.us>
Message-ID: <201105061734.27249.mailinglisten@hauke-laging.de>

Am Freitag, 6. Mai 2011, 09:47:57 schrieb Doug Barton:

> There's also another element, the expiration date is irrelevant if the
> key is actually compromised. If Eve has your secret key she can simply
> update or remove the expiration date, and upload the new version of the
> public key to the public keyservers.

That's not correct for subkeys and offline mainkeys as the good guys do it.

I admit that a subkey expiration date does not make much sense for low 
security mainkeys but it is quite useful for more secure environments.


Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110506/fbaf32b5/attachment.pgp>

From kloecker at kde.org  Fri May  6 21:48:03 2011
From: kloecker at kde.org (Ingo =?iso-8859-15?q?Kl=F6cker?=)
Date: Fri, 06 May 2011 21:48:03 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <201105051707.27589.mailinglisten@hauke-laging.de>
References: <4DC2493C.4060403@gmx.com> <87fwottsgt.fsf@vigenere.g10code.de>
	<201105051707.27589.mailinglisten@hauke-laging.de>
Message-ID: <201105062148.04108@thufir.ingo-kloecker.de>

On Thursday 05 May 2011, Hauke Laging wrote:
> Am Donnerstag, 5. Mai 2011, 11:19:30 schrieb Werner Koch:
> > A
> > period key change is problematic because it confuses those who want
> > to verify the signatures.
> > 
> > BTW, the prolongation of the expiration time has showed (by means
> > of a lot of complaining mails) that many folks don't refresh the
> > key from time to time with the goal to retrieve revocation
> > certificates.
> 
> What is the difference between these two options with respect to the
> point of confusion?

Unless I'm missing something the difference is as follows:
- With prolongation of the expiration time releases signed before the 
prolongation will keep having a valid signature.
- If one creates a new subkey then releases signed with the old expired 
subkey(s) will have an invalid signature. One would have to re-sign the 
old releases with the new subkey.


Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110506/9e1a8305/attachment.pgp>

From dougb at dougbarton.us  Fri May  6 22:37:12 2011
From: dougb at dougbarton.us (Doug Barton)
Date: Fri, 06 May 2011 13:37:12 -0700
Subject: Best practice for periodic key change?
In-Reply-To: <201105061734.27249.mailinglisten@hauke-laging.de>
References: <4DC2493C.4060403@gmx.com>
	<4DC393B5.60007@gmx.com>	<4DC3A7AD.9050106@dougbarton.us>
	<201105061734.27249.mailinglisten@hauke-laging.de>
Message-ID: <4DC45BF8.5070702@dougbarton.us>

On 05/06/2011 08:34, Hauke Laging wrote:
> Am Freitag, 6. Mai 2011, 09:47:57 schrieb Doug Barton:
>
>> There's also another element, the expiration date is irrelevant if the
>> key is actually compromised. If Eve has your secret key she can simply
>> update or remove the expiration date, and upload the new version of the
>> public key to the public keyservers.
>
> That's not correct for subkeys and offline mainkeys as the good guys do it.

I don't understand this response. What I'm saying is that if the key is 
compromised, expiration dates become irrelevant. Perhaps you could 
expand your response a bit?

> I admit that a subkey expiration date does not make much sense for low
> security mainkeys but it is quite useful for more secure environments.

How so? I still haven't seen an explanation of what benefit the 
expiration date provides.


Doug

-- 

	Nothin' ever doesn't change, but nothin' changes much.
			-- OK Go

	Breadth of IT experience, and depth of knowledge in the DNS.
	Yours for the right price.  :)  http://SupersetSolutions.com/



From kgo at grant-olson.net  Sun May  8 22:40:36 2011
From: kgo at grant-olson.net (Grant Olson)
Date: Sun, 08 May 2011 16:40:36 -0400
Subject: Fwd: Re: Best practice for periodic key change?
Message-ID: <4DC6FFC4.6000807@grant-olson.net>

Meant to sent on-list...

-------- Original Message --------
Subject: Re: Best practice for periodic key change?
Date: Sun, 08 May 2011 16:39:34 -0400
From: Grant Olson <kgo at grant-olson.net>
To: Ingo Kl?cker <kloecker at kde.org>

On 5/6/11 3:48 PM, Ingo Kl?cker wrote:
> On Thursday 05 May 2011, Hauke Laging wrote:
>> What is the difference between these two options with respect to the
>> point of confusion?
> 
> Unless I'm missing something the difference is as follows:
> - With prolongation of the expiration time releases signed before the 
> prolongation will keep having a valid signature.
> - If one creates a new subkey then releases signed with the old expired 
> subkey(s) will have an invalid signature. One would have to re-sign the 
> old releases with the new subkey.
> 

Nope.

The old releases won't have an invalid sig as long as the sig was made
before the expiration date.  Expiring a key now doesn't invalidate a sig
made yesterday.  Gpg will print out a note saying the key is expired,
but it's not as drastic as the error with a post-dated signature.

-- 
Grant

"I am gravely disappointed. Again you have made me unleash my dogs of war."



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 570 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110508/8560cb4e/attachment.pgp>

From jerome at jeromebaum.com  Fri May  6 22:48:26 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Fri, 6 May 2011 22:48:26 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <4DC45BF8.5070702@dougbarton.us>
References: <4DC2493C.4060403@gmx.com> <4DC393B5.60007@gmx.com>
	<4DC3A7AD.9050106@dougbarton.us>
	<201105061734.27249.mailinglisten@hauke-laging.de>
	<4DC45BF8.5070702@dougbarton.us>
Message-ID: <BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>

On Fri, May 6, 2011 at 22:37, Doug Barton <dougb at dougbarton.us> wrote:
>
>
> I don't understand this response. What I'm saying is that if the key is
> compromised, expiration dates become irrelevant.


Up to a point. If my key expired yesterday, no-one can forge a message with
that key and claim it's from today.

Just being nit-picky... :)

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110506/25c4c9c0/attachment.htm>

From kgo at grant-olson.net  Fri May  6 22:54:28 2011
From: kgo at grant-olson.net (Grant Olson)
Date: Fri, 06 May 2011 16:54:28 -0400
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com>
	<4DC393B5.60007@gmx.com>	<4DC3A7AD.9050106@dougbarton.us>	<201105061734.27249.mailinglisten@hauke-laging.de>	<4DC45BF8.5070702@dougbarton.us>
	<BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
Message-ID: <4DC46004.2090207@grant-olson.net>

On 5/6/11 4:48 PM, Jerome Baum wrote:
> On Fri, May 6, 2011 at 22:37, Doug Barton <dougb at dougbarton.us
> <mailto:dougb at dougbarton.us>> wrote:
> 
> 
>     I don't understand this response. What I'm saying is that if the key
>     is compromised, expiration dates become irrelevant.
> 
> 
> Up to a point. If my key expired yesterday, no-one can forge a message
> with that key and claim it's from today.
> 
> Just being nit-picky... :)
> 

Doug is saying that if the key's been compromised, and not lost, Eve can
create a new expiration date and push that to the keyservers.

-- 
Grant

"I am gravely disappointed. Again you have made me unleash my dogs of war."

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 570 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110506/5b822762/attachment.pgp>

From dougb at dougbarton.us  Fri May  6 22:56:07 2011
From: dougb at dougbarton.us (Doug Barton)
Date: Fri, 06 May 2011 13:56:07 -0700
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com> <4DC393B5.60007@gmx.com>
	<4DC3A7AD.9050106@dougbarton.us>
	<201105061734.27249.mailinglisten@hauke-laging.de>
	<4DC45BF8.5070702@dougbarton.us>
	<BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
Message-ID: <4DC46067.4090300@dougbarton.us>

On 05/06/2011 13:48, Jerome Baum wrote:
> On Fri, May 6, 2011 at 22:37, Doug Barton <dougb at dougbarton.us
> <mailto:dougb at dougbarton.us>> wrote:
>
>
>     I don't understand this response. What I'm saying is that if the key
>     is compromised, expiration dates become irrelevant.
>
>
> Up to a point. If my key expired yesterday, no-one can forge a message
> with that key and claim it's from today.

That's absolutely not true. New signatures can be created with expired 
keys, and as Werner pointed out new signatures can be created with keys 
that have had their expiration dates updated, and although a percentage 
of users may inquire about it, it's usually the "know just enough to be 
dangerous" contingent (I.e., those smart enough to know that the key is 
expired on their key ring, but not smart enough to refresh it). There 
may be a tiny percentage of users who are smart enough to do both, who 
would then realize that the signature is invalid. However given that the 
scenario you described (forgery, vs. key compromise) is so 
overwhelmingly unlikely to happen (at least in any kind of meaningful 
way) I'm not sure it's worth considering.

-- 

	Nothin' ever doesn't change, but nothin' changes much.
			-- OK Go

	Breadth of IT experience, and depth of knowledge in the DNS.
	Yours for the right price.  :)  http://SupersetSolutions.com/



From expires2011 at ymail.com  Fri May  6 23:02:51 2011
From: expires2011 at ymail.com (MFPA)
Date: Fri, 6 May 2011 22:02:51 +0100
Subject: Best practice for periodic key change?
In-Reply-To: <201105062148.04108@thufir.ingo-kloecker.de>
References: <4DC2493C.4060403@gmx.com> <87fwottsgt.fsf@vigenere.g10code.de>
	<201105051707.27589.mailinglisten@hauke-laging.de>
	<201105062148.04108@thufir.ingo-kloecker.de>
Message-ID: <13410420043.20110506220251@my_localhost>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Friday 6 May 2011 at 8:48:03 PM, in
<mid:201105062148.04108 at thufir.ingo-kloecker.de>, Ingo Kl?cker wrote:


> Unless I'm missing something the difference is as
> follows: - With prolongation of the expiration time
> releases signed before the  prolongation will keep
> having a valid signature. - If one creates a new subkey
> then releases signed with the old expired subkey(s)
> will have an invalid signature. One would have to
> re-sign the old releases with the new subkey.

Surely the signature on the old release would still be valid; it would
just be from a now-expired subkey instead of from the new and
currently-valid subkey. Or have I overlooked something?

- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

Of course it's a good idea - it's mine!
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNxGIFnhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pSkUD/3SU
IPu98qzm8wAsXVjnvwkn8rZD8x3Q5V9Xre3+uV5k2G6VEwDV75NXkG65pE4Ol/+c
4Ex7+qny7QhK+8xL2xyTsZGSVGZyYgsjkKlRTw2ocD64leu15Q9+RQxdR2ummqA5
9Z8XT3CWnkjGLHIKNNgey2xX8ZsHHIOKCXqdpfXM
=A0bx
-----END PGP SIGNATURE-----



From expires2011 at ymail.com  Fri May  6 23:07:58 2011
From: expires2011 at ymail.com (MFPA)
Date: Fri, 6 May 2011 22:07:58 +0100
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com> <4DC393B5.60007@gmx.com>
	<4DC3A7AD.9050106@dougbarton.us>
	<201105061734.27249.mailinglisten@hauke-laging.de>
	<4DC45BF8.5070702@dougbarton.us>
	<BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
Message-ID: <417913255.20110506220758@my_localhost>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Friday 6 May 2011 at 9:48:26 PM, in
<mid:BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g at mail.gmail.com>, Jerome Baum
wrote:


> If my key expired yesterday, no-one can
> forge a message with that key and claim it's from
> today.


Never heard of a system clock that was wrong?


- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

Was time invented by an Irishman named O'Clock?
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNxGMynhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pRC4EAJtX
H2825By7Iq5kehVu6s5XlpN7GFOMeIbsV/vjXRF3zg1jdIJtA/pvh5U+mnzDJn7U
X86OJUR/KArkrqBZi15fI95/CB/wfKEEdFVOT+o8y6XhI5pwRyugg+Im2L69/Yp7
E7pJ5TKQMucMsWCuTneUDJr+Lm+aLoaWaQ/ZZHxB
=JS9G
-----END PGP SIGNATURE-----



From jerome at jeromebaum.com  Fri May  6 23:18:29 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Fri, 6 May 2011 23:18:29 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <417913255.20110506220758@my_localhost>
References: <4DC2493C.4060403@gmx.com> <4DC393B5.60007@gmx.com>
	<4DC3A7AD.9050106@dougbarton.us>
	<201105061734.27249.mailinglisten@hauke-laging.de>
	<4DC45BF8.5070702@dougbarton.us>
	<BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
	<417913255.20110506220758@my_localhost>
Message-ID: <BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>

On Fri, May 6, 2011 at 23:07, MFPA <expires2011 at ymail.com> wrote:

> On Friday 6 May 2011 at 9:48:26 PM, in
> <mid:BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g at mail.gmail.com>, Jerome Baum
> wrote:
>
>
> > If my key expired yesterday, no-one can
> > forge a message with that key and claim it's from
> > today.
>
>
> Never heard of a system clock that was wrong?


I'll give a summary reply here for everyone stating it's still possible to
make that signature. It's possible if the master key is compromised. I was
assuming a sub-key with an expiration date. I haven't checked, but I pray
that sub-key expiration dates are signed with the master key. That sub-key,
by the way, was also the original context where I mentioned the forgery.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110506/fd101992/attachment.htm>

From dkg at fifthhorseman.net  Fri May  6 23:59:37 2011
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Fri, 06 May 2011 17:59:37 -0400
Subject: https://lists.gnupg.org X.509 certificate is expired
Message-ID: <4DC46F49.2090906@fifthhorseman.net>

When i point a web browser at https://lists.gnupg.org, i get a warning
that the server's X.509 certificate is expired (it has a CN of
trithemius.gnupg.org and several subjectAltNames, including
lists.gnupg.org).

I'm not a fan of the CA cartel, but it would be nice to have some
up-to-date way of verifying the server, especially for people already
well-connected in the web-of-trust.

If the administrator of the server would publish the host's key in an
OpenPGP certificate, and sign it, then we could verify it that way.
Here's a quick intro for how to do that:

 http://www.debian-administration.org/article/660/Publishing_host_services_to_OpenPGP_with_Monkeysphere

If this isn't acceptable for some reason, could you at least update the
certificate to one with a reasonable expiration date?

Thanks,

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110506/5da89f9a/attachment.pgp>

From expires2011 at ymail.com  Sat May  7 00:40:25 2011
From: expires2011 at ymail.com (MFPA)
Date: Fri, 6 May 2011 23:40:25 +0100
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com> <4DC393B5.60007@gmx.com>
	<4DC3A7AD.9050106@dougbarton.us>
	<201105061734.27249.mailinglisten@hauke-laging.de>
	<4DC45BF8.5070702@dougbarton.us>
	<BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
	<417913255.20110506220758@my_localhost>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
Message-ID: <175221688.20110506234025@my_localhost>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Friday 6 May 2011 at 10:18:29 PM, in
<mid:BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA at mail.gmail.com>, Jerome Baum
wrote:


>>> If my key expired yesterday, no-one can
>>> forge a message with that key and claim it's from
>>> today.

>> Never heard of a system clock that was wrong?

> I'll give a summary reply here for everyone stating
> it's still possible to make that signature. It's
> possible if the master key is compromised. I was
> assuming a sub-key with an expiration date.


It is trivial to make that signature without compromising the master
key.

Suppose your master key is secure and offline but Mallory has control
of your subkey that expired yesterday. Mallory can put their system
clock back 24hrs to sign and send a message, and then truthfully claim
the message was signed today. They can back up this claim with email
headers and server logs demonstrating the clock discrepancy.

Maybe implausible but definitely trivial.


- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

Ultimate consistency lies in being consistently inconsistent
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNxHjhnhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pa2QEALud
O9yvta6V10S80QQnSCHm70qYvUvgD5tIBi8WwPSDmtDN/jdOQuFJvxc5DfcrJY4d
xNk7+bDdAOoTuB42Sc+VHKx54GlKzqSKj4prg4LLOcZYzhoQCmOfMoGOeWCrKZ/0
k3HoSq9u3AyoYjj++VMf3CCXEjrfV+E8yJmVQVtZ
=WL/J
-----END PGP SIGNATURE-----



From jerome at jeromebaum.com  Sat May  7 01:01:30 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Sat, 7 May 2011 01:01:30 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <175221688.20110506234025@my_localhost>
References: <4DC2493C.4060403@gmx.com> <4DC393B5.60007@gmx.com>
	<4DC3A7AD.9050106@dougbarton.us>
	<201105061734.27249.mailinglisten@hauke-laging.de>
	<4DC45BF8.5070702@dougbarton.us>
	<BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
	<417913255.20110506220758@my_localhost>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
Message-ID: <BANLkTik+i0mL2fOzkZBzPt+yKOOjYcs_vw@mail.gmail.com>

On Sat, May 7, 2011 at 00:40, MFPA <expires2011 at ymail.com> wrote:

>
>
On Friday 6 May 2011 at 10:18:29 PM, in
> <mid:BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA at mail.gmail.com>, Jerome Baum
> wrote:
>
>
> >>> If my key expired yesterday, no-one can
> >>> forge a message with that key and claim it's from
> >>> today.
>
> Suppose your master key is secure and offline but Mallory has control
> of your subkey that expired yesterday. Mallory can put their system
> clock back 24hrs to sign and send a message, and then truthfully claim
> the message was signed today. They can back up this claim with email
> headers and server logs demonstrating the clock discrepancy.
>
> Maybe implausible but definitely trivial.


Okay, let me rephrase that. "claim it's from today" should have been "have
the signature date as today". That's how I would interpret such a claim.
Email headers don't really make a difference -- they would have signed it
yesterday and sent it today, but the message is still from yesterday.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110507/7bb7e441/attachment-0001.htm>

From jerome at jeromebaum.com  Sat May  7 01:11:06 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Sat, 7 May 2011 01:11:06 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTik+i0mL2fOzkZBzPt+yKOOjYcs_vw@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com> <4DC393B5.60007@gmx.com>
	<4DC3A7AD.9050106@dougbarton.us>
	<201105061734.27249.mailinglisten@hauke-laging.de>
	<4DC45BF8.5070702@dougbarton.us>
	<BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
	<417913255.20110506220758@my_localhost>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<BANLkTik+i0mL2fOzkZBzPt+yKOOjYcs_vw@mail.gmail.com>
Message-ID: <BANLkTimNq9nxpf23=pE2n0rR1sTnH3Aicw@mail.gmail.com>

On Sat, May 7, 2011 at 01:01, Jerome Baum <jerome at jeromebaum.com> wrote:

> Okay, let me rephrase that. "claim it's from today" should have been "have
> the signature date as today". That's how I would interpret such a claim.
> Email headers don't really make a difference -- they would have signed it
> yesterday and sent it today, but the message is still from yesterday.
>

Actually let me put this in context so you see what I mean. Say my sub-key
expired yesterday. Today, you come up to me and ask me to sign something
(say, a statement that I agree to specific contractual terms). Whoever is in
possession of my sub-key cannot sign that document as at the time that the
statement was made available to me for signing, the sub-key was already
invalid.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110507/1515ca7c/attachment.htm>

From expires2011 at ymail.com  Sat May  7 01:43:40 2011
From: expires2011 at ymail.com (MFPA)
Date: Sat, 7 May 2011 00:43:40 +0100
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTimNq9nxpf23=pE2n0rR1sTnH3Aicw@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com> <4DC393B5.60007@gmx.com>
	<4DC3A7AD.9050106@dougbarton.us>
	<201105061734.27249.mailinglisten@hauke-laging.de>
	<4DC45BF8.5070702@dougbarton.us>
	<BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
	<417913255.20110506220758@my_localhost>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<BANLkTik+i0mL2fOzkZBzPt+yKOOjYcs_vw@mail.gmail.com>
	<BANLkTimNq9nxpf23=pE2n0rR1sTnH3Aicw@mail.gmail.com>
Message-ID: <316401776.20110507004340@my_localhost>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Saturday 7 May 2011 at 12:11:06 AM, in
<mid:BANLkTimNq9nxpf23=pE2n0rR1sTnH3Aicw at mail.gmail.com>, Jerome Baum
wrote:


> Actually let me put this in context so you see what I
> mean.

I already see what you mean; I just happen to disagree. (-;



> Say my sub-key expired yesterday. Today, you come
> up to me and ask me to sign something (say, a statement
> that I agree to specific contractual terms). Whoever is
> in possession of my sub-key cannot sign that document
> as at the time that the statement was made available to
> me for signing, the sub-key was already invalid.

The timestamp of the signature proves nothing. It is merely the time
on the system clock when the signature was made. The system clock may
be correct or incorrect; in your scenario above, it looks like you set
it deliberately a day behind in an attempt to generate plausible
deniability for your signature.


- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

Ultimate consistency lies in being consistently inconsistent
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNxIe8nhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pkBMEAKrg
GwnIdzVfOnq/hx5Jn/fJ4qoky8jpQQke58wKSuioX68DgZfAbpf9o01PHowfzMHT
bS7JAbSJEV1R874A7lGVRaVnWekD7J9aCgVFp/EiN+ehUGK91357HO6d6fH9eNKS
RQvRiFNr/1x1tPGHEXHox26Vs2PJaEjs3wRBJMvJ
=sv0T
-----END PGP SIGNATURE-----



From expires2011 at ymail.com  Fri May  6 01:50:55 2011
From: expires2011 at ymail.com (MFPA)
Date: Fri, 6 May 2011 00:50:55 +0100
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTik+i0mL2fOzkZBzPt+yKOOjYcs_vw@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com> <4DC393B5.60007@gmx.com>
	<4DC3A7AD.9050106@dougbarton.us>
	<201105061734.27249.mailinglisten@hauke-laging.de>
	<4DC45BF8.5070702@dougbarton.us>
	<BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
	<417913255.20110506220758@my_localhost>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<BANLkTik+i0mL2fOzkZBzPt+yKOOjYcs_vw@mail.gmail.com>
Message-ID: <1749331456.20110506005055@my_localhost>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Saturday 7 May 2011 at 12:01:30 AM, in
<mid:BANLkTik+i0mL2fOzkZBzPt+yKOOjYcs_vw at mail.gmail.com>, Jerome Baum
wrote:


> Email
> headers don't really make a difference -- they would
> have signed it yesterday and sent it today, but the
> message is still from yesterday.

OK, when was this message signed?
When was it sent?
When did the server receive it?

- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

Zorba the Greek - before he zorbas you
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNwzflnhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5p3pAEAJcU
tllXwlRN7I9B3C2hNpGi40/Q52biJxpWLK2xXg4oaYGTzt6yF/eNHsUJX1uKioYi
V14k2wQfZVCZK47k9507vxYUEZQd8Pq6HtMEHWC5luwdpoNCU2Rceu28hFuvo+s4
JYcM6CQBvCAF8BVMhU+GQmkr8wIylCRXRh6Rqt0O
=ciXV
-----END PGP SIGNATURE-----



From mailinglisten at hauke-laging.de  Sat May  7 04:05:18 2011
From: mailinglisten at hauke-laging.de (Hauke Laging)
Date: Sat, 7 May 2011 04:05:18 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <201105062148.04108@thufir.ingo-kloecker.de>
References: <4DC2493C.4060403@gmx.com>
	<201105051707.27589.mailinglisten@hauke-laging.de>
	<201105062148.04108@thufir.ingo-kloecker.de>
Message-ID: <201105070405.19437.mailinglisten@hauke-laging.de>

Am Freitag, 6. Mai 2011, 21:48:03 schrieb Ingo Kl?cker:

> > What is the difference between these two options with respect to the
> > point of confusion?
> 
> Unless I'm missing something the difference is as follows:
> - With prolongation of the expiration time releases signed before the
> prolongation will keep having a valid signature.

I am a bit disappointed that it seems not to be possible to change this by an 
option. It seems to me that you have to parse text output which is not 
intended for parsing. There is no --with-colons for --verify, or do I just not 
notice such a feature?

Several people have mentioned that a signature does not become invalid by 
expiration of the key. That is formally correct an describes the GnuPG 
behaviour. But with regard to content in such a case there has to be an 
additional proof that the signature has been made before the key expired. This 
is a formal rule in e.g. the German signature law. If you want to use legally 
accepted signatures for proving documents then you have to sign both the 
document and the old signature by a new key (i.e. one with a later expiration 
date) before the old key expires.

I would prefer GnuPG to work this way: Make a signature by an expired key fail 
by (configured) default and add an option like --ignore-key-expiration which 
can be used for a second gpg call (after an external verification that the 
signature has been made in time).

And I would like to have a verification option for output intended for 
parsing.

We can have a long discussion about the interpretation of signatures by 
expired keys (apparently made before the expiration). But as there is IMHO no 
way to really make sure that you have the current version of a key (and thus 
all revocations) I regard an expiration date as a last line of defense. Thus I 
think that it does not make sense to (effectively) ignore such an expiration 
by default. Nobody is forced to set expiration dates. Newer subkeys are used 
automatically without the old ones being revoked or expired.


> - If one creates a new subkey then releases signed with the old expired
> subkey(s) will have an invalid signature.

That didn't make any sense to me so I checked that. This seems to be wrong. I 
have not noticed any change in the verification output (or exit code) between 
a valid subkey existing beside the expired one or not.


Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110507/550c7eaa/attachment.pgp>

From mailinglisten at hauke-laging.de  Sat May  7 04:33:24 2011
From: mailinglisten at hauke-laging.de (Hauke Laging)
Date: Sat, 7 May 2011 04:33:24 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <4DC45BF8.5070702@dougbarton.us>
References: <4DC2493C.4060403@gmx.com>
	<201105061734.27249.mailinglisten@hauke-laging.de>
	<4DC45BF8.5070702@dougbarton.us>
Message-ID: <201105070433.33673.mailinglisten@hauke-laging.de>

Am Freitag, 6. Mai 2011, 22:37:12 schrieb Doug Barton:

> > That's not correct for subkeys and offline mainkeys as the good guys do
> > it.
> 
> I don't understand this response. What I'm saying is that if the key is
> compromised, expiration dates become irrelevant. Perhaps you could
> expand your response a bit?

You have to tell apart two cases:

a) The mainkey is compromised.

b) The subkey is compromised.

If someone keeps his mainkey offline and well passphrase-protected then it is 
quite unlikely that the mainkey becomes compromised. If only the subkey gets 
compromised then it is not possible to change the subkey's expiration date. 
Thus your argument works for (a) only which can easily be prevented from 
happening.


> > I admit that a subkey expiration date does not make much sense for low
> > security mainkeys but it is quite useful for more secure environments.
> 
> How so? I still haven't seen an explanation of what benefit the
> expiration date provides.

That is a last line of defense as it is quite hard to be sure to have the 
current version of a key under normal circumstances. And it works for people 
who are lazy with key refreshing.

Of course, you cannot be sure when a subkey will become compromised. Probably 
you won't even notice. But a short life time limits the danger resulting from 
a compromised key.


Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110507/653452fb/attachment.pgp>

From kgo at grant-olson.net  Sat May  7 04:33:17 2011
From: kgo at grant-olson.net (Grant Olson)
Date: Fri, 06 May 2011 22:33:17 -0400
Subject: Best practice for periodic key change?
In-Reply-To: <201105070405.19437.mailinglisten@hauke-laging.de>
References: <4DC2493C.4060403@gmx.com>	<201105051707.27589.mailinglisten@hauke-laging.de>	<201105062148.04108@thufir.ingo-kloecker.de>
	<201105070405.19437.mailinglisten@hauke-laging.de>
Message-ID: <4DC4AF6D.3010309@grant-olson.net>

On 5/6/2011 10:05 PM, Hauke Laging wrote:
> 
> Several people have mentioned that a signature does not become invalid by 
> expiration of the key. That is formally correct an describes the GnuPG 
> behaviour. But with regard to content in such a case there has to be an 
> additional proof that the signature has been made before the key expired. This 
> is a formal rule in e.g. the German signature law. If you want to use legally 
> accepted signatures for proving documents then you have to sign both the 
> document and the old signature by a new key (i.e. one with a later expiration 
> date) before the old key expires.
> 

I know nothing about German laws, but that just doesn't sound right to me.

1) I digitally sign a document saying I owe you money.  The signing key
has an expiration date.

2) Key expires.  I do nothing.

3) The original document is invalidated.  I no longer owe you money?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 552 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110506/a621c2a7/attachment-0001.pgp>

From rick at ultracamdesigns.com  Sat May  7 09:24:17 2011
From: rick at ultracamdesigns.com (ricka)
Date: Sat, 7 May 2011 00:24:17 -0700 (PDT)
Subject: sending encrypted messages doesn't work
Message-ID: <31564451.post@talk.nabble.com>


I just downloaded a copy of gpg4win 2.1.0. I'm running win7 with outlook 2007
and have an exchange account. I can receive encrypted messages just fine and
can send signed messages, but I can't send encrypted messages. I get a
Undeliverable message with "Error is [0x80004005-00000000-00000000]" in the
text. I see in the readme file that there's a bug that prevents the sending
of messages with an exchange account. This seems to have been a problem for
a few years now. Is there a reasonable workaround and/or is this going to be
fixed any time soon?

Thanks,
...Rick
-- 
View this message in context: http://old.nabble.com/sending-encrypted-messages-doesn%27t-work-tp31564451p31564451.html
Sent from the GnuPG - User mailing list archive at Nabble.com.



From zirconiumnzinc at gmail.com  Sat May  7 12:51:58 2011
From: zirconiumnzinc at gmail.com (Tomasz Wozowicz)
Date: Sat, 7 May 2011 12:51:58 +0200
Subject: Displaying signature algorithms when doing --check-sigs,
	disabling algorithms for web of trust.
In-Reply-To: <BANLkTikSRbXpKSwLD7b4wNWpbdpxznAn4A@mail.gmail.com>
References: <BANLkTikSRbXpKSwLD7b4wNWpbdpxznAn4A@mail.gmail.com>
Message-ID: <BANLkTi=jWks+LUthV0Vm16NZL3RpoHbvFg@mail.gmail.com>

On Sun, May 1, 2011 at 1:54 PM, zirconium <zirconiumnzinc at gmail.com> wrote:
> Hi
>
> Is there a way to display hash algorithms along with public key
> algoritms (and its lenght) of signatures when issuing "--check-sigs"
> (or check in the "--edit-key" shell)?
>
> I also would like to know if there is a way to force that GPG will not
> accept signatures made with a certain hash or public key algorithms,
> when calculating validity of keys trough web of trust? ?In the case of
> public key it should be possible to specify key length.
>
>
> I didnt have luck finding answers to my questions in documentation,
> only a partial solution to my second question:
>
> There is an option "disable-pubkey-algo" that will totally disable
> choosen public key algoritm, however it only works after doing
> --check-trustdb with that option, otherwise it still accepts key
> signatures (certifications) made with disabled algorithm, as a valid
> signatures (for example when calculating key validity, or when doing
> "--check-sigs"). It can create problems when changing from
> "trust-model pgp" to "trust-model direct", beacuse as GPG says, there
> is "no need for a trustdb check with `direct' trust model". But is
> that really true that that there is no need for trustdb check? Im not
> sure, but GPG doesnt allow that.
>
> So while "disable-pubkey-algo" can be used to disable signatures made
> with certain public key algorithm when calculating validity of keys
> trough web of trust, there is no way to specify key length. Also there
> is no such option for hash algorithms. No "disable-hash-algo" or
> "disable-cert-digest-algo" or anything like that.
>
>
>
> Could you point me to specific portions of documentation?
> Thanks for help
>

Anyone willing to help? Please answer. Thanks


From mailinglisten at hauke-laging.de  Sat May  7 13:54:16 2011
From: mailinglisten at hauke-laging.de (Hauke Laging)
Date: Sat, 7 May 2011 13:54:16 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <4DC4AF6D.3010309@grant-olson.net>
References: <4DC2493C.4060403@gmx.com>
	<201105070405.19437.mailinglisten@hauke-laging.de>
	<4DC4AF6D.3010309@grant-olson.net>
Message-ID: <201105071354.22124.mailinglisten@hauke-laging.de>

Am Samstag, 7. Mai 2011, 04:33:17 schrieb Grant Olson:

> 1) I digitally sign a document saying I owe you money.  The signing key
> has an expiration date.
> 
> 2) Key expires.  I do nothing.
> 
> 3) The original document is invalidated.  I no longer owe you money?

Whether you owe me money does not depend on signing any documents in general. 
:-)  Documents are usually just a proof.

You can still claim that somebody owes you money but the document does not 
have the same legal value. What courts decide is another question...

But the fiscal authorities don't accept digital bills (probably the most 
frequent use of legally qualified signatures here) which are signed by expired 
keys only. You need a chain of signatures which prove that there was a non-
expired signature at any point in time.

For the same reason it makes sense to have digitally signed documents signed 
by another key (not just the document but the document together with the 
signature) at once when you get them. Because you cannot know whether and if a 
key will be revoked in the future. The moment it is revoked and you cannot 
prove the signatures being older than the revoke all signatures are dead.


Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110507/92488b87/attachment.pgp>

From jerome at jeromebaum.com  Sat May  7 13:59:42 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Sat, 7 May 2011 13:59:42 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <4DC4AF6D.3010309@grant-olson.net>
References: <4DC2493C.4060403@gmx.com>
	<201105051707.27589.mailinglisten@hauke-laging.de>
	<201105062148.04108@thufir.ingo-kloecker.de>
	<201105070405.19437.mailinglisten@hauke-laging.de>
	<4DC4AF6D.3010309@grant-olson.net>
Message-ID: <BANLkTi=ri2EHvCMG1L7nZpitPGg=tqmvYA@mail.gmail.com>

On Sat, May 7, 2011 at 04:33, Grant Olson <kgo at grant-olson.net> wrote:

> On 5/6/2011 10:05 PM, Hauke Laging wrote:
> >
> > Several people have mentioned that a signature does not become invalid by
> > expiration of the key. That is formally correct an describes the GnuPG
> > behaviour. But with regard to content in such a case there has to be an
> > additional proof that the signature has been made before the key expired.
> This
> > is a formal rule in e.g. the German signature law. If you want to use
> legally
> > accepted signatures for proving documents then you have to sign both the
> > document and the old signature by a new key (i.e. one with a later
> expiration
> > date) before the old key expires.
> >
>
> I know nothing about German laws, but that just doesn't sound right to me.
>
> 1) I digitally sign a document saying I owe you money.  The signing key
> has an expiration date.
>
> 2) Key expires.  I do nothing.
>
> 3) The original document is invalidated.  I no longer owe you money?


Do realize that it is necessary to resign from a practical standpoint (while
I don't agree about the implication to a signature from an expired sub-key,
yes you can set back your system clock), plus it's not the document that
makes you owe me money. You owe me the money and the document only testifies
this.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110507/91897d8f/attachment.htm>

From jerome at jeromebaum.com  Sat May  7 14:09:25 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Sat, 7 May 2011 14:09:25 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <316401776.20110507004340@my_localhost>
References: <4DC2493C.4060403@gmx.com> <4DC393B5.60007@gmx.com>
	<4DC3A7AD.9050106@dougbarton.us>
	<201105061734.27249.mailinglisten@hauke-laging.de>
	<4DC45BF8.5070702@dougbarton.us>
	<BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
	<417913255.20110506220758@my_localhost>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<BANLkTik+i0mL2fOzkZBzPt+yKOOjYcs_vw@mail.gmail.com>
	<BANLkTimNq9nxpf23=pE2n0rR1sTnH3Aicw@mail.gmail.com>
	<316401776.20110507004340@my_localhost>
Message-ID: <BANLkTimpo-Bwz38icRFC-CudrkH968fhZQ@mail.gmail.com>

On Sat, May 7, 2011 at 01:43, MFPA <expires2011 at ymail.com> wrote:

> On Saturday 7 May 2011 at 12:11:06 AM, in
> <mid:BANLkTimNq9nxpf23=pE2n0rR1sTnH3Aicw at mail.gmail.com>, Jerome Baum
> wrote:
>
> > Say my sub-key expired yesterday. Today, you come
> > up to me and ask me to sign something (say, a statement
> > that I agree to specific contractual terms). Whoever is
> > in possession of my sub-key cannot sign that document
> > as at the time that the statement was made available to
> > me for signing, the sub-key was already invalid.
>
> The timestamp of the signature proves nothing. It is merely the time
> on the system clock when the signature was made. The system clock may
> be correct or incorrect; in your scenario above, it looks like you set
> it deliberately a day behind in an attempt to generate plausible
> deniability for your signature.


Then I would say it is the recipients responsibility to only accept
"reasonable" signatures. As you say, it is only an "attempt" to generate
deniability -- nobody who's right in their mind would accept a signature on
a document that is dated before the document itself.

Assuming a responsible recipient, the expiration date makes sense. Yes, a
responsible recipient would refresh their keys. Yes, man-in-the-middle. The
expiration date makes a difference here.

MPFA wrote:

> OK, when was this message signed?
> When was it sent?
> When did the server receive it?


Exactly my point. The three timestamps are different (actually, there is a
fourth time, though not timestamp -- there's "when was this message signed"
and "when was this message allegedly signed). When it was sent and when it
was received wasn't what I meant with the "date of the message". That date
is when it was signed. But I have no idea of knowing when it was signed, so
I have to assume it is when it was allegedly signed -- and yes, this is a
problem under certain circumstances. However, there is at least one
circumstance where the expiration date *does* make a difference, which is
the document dated in the future relative to the signature timestamp, from a
then-already expired key. So in at least one case, the expiration date
helps. It is also not very expensive to have an expiration date. That was my
argument for usefulness.

Let's get a concrete idea of such a "document". Say I want a statement from
you that you legally have access to an email account today. Today is
2011-05-07. I have your key, with a signing sub-key that expired in 2010. I
refresh your key but Mallory manipulates the traffic and so a revocation
certificate wouldn't have helped. It's a good thing that your sub-key
expired, though, because I won't accept the signature from that sub-key as
I'm looking for an up-to-date statement. In fact, I'll probably want: "As of
2011-05-07, I legally have access to email at example.com". There is *no way* I
would accept that when the signature is dated in 2010.

Does that make my point more clear? I wasn't saying that under all
circumstances the expiration date helps. That would be crazy. I was saying
that there are circumstances where it does, and since the cost is so low,
that there is no point in not having them (assuming, of course, that you
separate master and sub-keys).

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110507/1986b8dc/attachment.htm>

From jerome at jeromebaum.com  Sat May  7 14:14:06 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Sat, 7 May 2011 14:14:06 +0200
Subject: sending encrypted messages doesn't work
In-Reply-To: <31564451.post@talk.nabble.com>
References: <31564451.post@talk.nabble.com>
Message-ID: <BANLkTimannKme89oxKuhynb101WkA9D-5g@mail.gmail.com>

On Sat, May 7, 2011 at 09:24, ricka <rick at ultracamdesigns.com> wrote:

>
> Is there a reasonable workaround (...)?
>

As a very temporary workaround, encrypt the plain-text and send the
encrypted text block (you know, "-----BEGIN ... ----- END"). Of course, that
looses all formatting and doesn't work for attachments.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110507/879d4728/attachment-0001.htm>

From jerome at jeromebaum.com  Sat May  7 14:15:05 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Sat, 7 May 2011 14:15:05 +0200
Subject: Displaying signature algorithms when doing --check-sigs,
	disabling algorithms for web of trust.
In-Reply-To: <BANLkTi=jWks+LUthV0Vm16NZL3RpoHbvFg@mail.gmail.com>
References: <BANLkTikSRbXpKSwLD7b4wNWpbdpxznAn4A@mail.gmail.com>
	<BANLkTi=jWks+LUthV0Vm16NZL3RpoHbvFg@mail.gmail.com>
Message-ID: <BANLkTimOn8m3XO7vHu3e9LtGm0Lf3oYaVg@mail.gmail.com>

On Sat, May 7, 2011 at 12:51, Tomasz Wozowicz <zirconiumnzinc at gmail.com>wrote:

> Anyone willing to help? Please answer. Thanks
>

I recall there was a long discussion on this including some hints on how it
is possible and whether or not it makes sense.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110507/1424dc9d/attachment.htm>

From expires2011 at ymail.com  Sat May  7 14:44:25 2011
From: expires2011 at ymail.com (MFPA)
Date: Sat, 7 May 2011 13:44:25 +0100
Subject: sending encrypted messages doesn't work
In-Reply-To: <BANLkTimannKme89oxKuhynb101WkA9D-5g@mail.gmail.com>
References: <31564451.post@talk.nabble.com>
	<BANLkTimannKme89oxKuhynb101WkA9D-5g@mail.gmail.com>
Message-ID: <898125414.20110507134425@my_localhost>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Saturday 7 May 2011 at 1:14:06 PM, in
<mid:BANLkTimannKme89oxKuhynb101WkA9D-5g at mail.gmail.com>, Jerome Baum
wrote:


> As a very temporary workaround, encrypt the plain-text
> and send the encrypted text block (you know,
> "-----BEGIN ... ----- END"). Of course, that looses all
> formatting and doesn't work for attachments.

Although, unless you use pgp/mime you will probably already be
encrypting the attachments before you attach them.


- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

Always be on the lookout for conspicuousness
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNxT6vnhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pImUEALj2
V7gZaKZ08+fcSrJEkEsaHUw5lWAolB9tNjZqaOA25ahGjQ6V7lZcr08cHvmqserf
vgHCVDGedxY6cDuwbroUVoXMdjO/rVZ4SZQvYPbf8nkPTSGGO/rq8H8B0/4PLA2n
1Z1+YLWwAonNeUquj7RNK5nHmsZnGAb/SQuBL/P+
=61Jg
-----END PGP SIGNATURE-----



From expires2011 at ymail.com  Sat May  7 15:54:21 2011
From: expires2011 at ymail.com (MFPA)
Date: Sat, 7 May 2011 14:54:21 +0100
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTimpo-Bwz38icRFC-CudrkH968fhZQ@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com> <4DC393B5.60007@gmx.com>
	<4DC3A7AD.9050106@dougbarton.us>
	<201105061734.27249.mailinglisten@hauke-laging.de>
	<4DC45BF8.5070702@dougbarton.us>
	<BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
	<417913255.20110506220758@my_localhost>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<BANLkTik+i0mL2fOzkZBzPt+yKOOjYcs_vw@mail.gmail.com>
	<BANLkTimNq9nxpf23=pE2n0rR1sTnH3Aicw@mail.gmail.com>
	<316401776.20110507004340@my_localhost>
	<BANLkTimpo-Bwz38icRFC-CudrkH968fhZQ@mail.gmail.com>
Message-ID: <1175774969.20110507145421@my_localhost>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Saturday 7 May 2011 at 1:09:25 PM, in
<mid:BANLkTimpo-Bwz38icRFC-CudrkH968fhZQ at mail.gmail.com>, Jerome Baum
wrote:

> Then I would say it is the recipients responsibility to
> only accept "reasonable" signatures.

Fair enough. "Reasonable" is subjective.



> As you say, it is
> only an "attempt" to generate deniability -- nobody
> who's right in their mind would accept a signature on a
> document that is dated before the document itself.

In which case your attempt to generate plausible deniability would
have fooled anybody "who's right in their mind" (because they all
believe the signature timestamp has some meaning besides being the
time/date your system clock happened to be set on when you created the
signature). I'm not sure I buy that.



> Assuming a responsible recipient, the expiration date
> makes sense. Yes, a responsible recipient would refresh
> their keys. Yes, man-in-the-middle. The expiration date
> makes a difference here.

In the edge-case scenario you described previously (where the key only
expired the previous day) I doubt it would make much difference. Even
the weak evidence of the email headers and server logs suggesting your
system clock had been incorrectly set a day behind could be enough to
make your deniability implausible.


> But I
> have no idea of knowing when it was signed, so I have
> to assume it is when it was allegedly signed

That was exactly my point.



> -- and
> yes, this is a problem under certain circumstances.
> However, there is at least one circumstance where the
> expiration date *does* make a difference, which is the
> document dated in the future relative to the signature
> timestamp, from a then-already expired key. So in at
> least one case, the expiration date helps.

A non-digital example of a document signed with a date in the future
is the post-dated cheque, which is supposed to be worthless until the
date written on it. Several people sent me cheques as wedding gifts,
which they dated with our wedding day but we received them during the
couple of weeks before. Most of those were banked the day after we
received them, rather than waiting until we returned from our
honeymoon. A bank clerk tried to refuse the last one I paid in on the
Friday afternoon before our wedding but I persisted and he accepted
it.

The date in the future should have made a difference to those cheques
but did not. (In the case of the last cheque that was queried, it made
no difference because it would be the Monday two days *after* the date
on the cheque that it was presented to the payee's branch for
payment.)

I suspect that fact of the signature timestamp and the key expiry date
being before the date stated on the document, is something it would be
unwise to rely upon in court. Especially if the other side produced an
"expert" witness who testified about the triviality of altering a
system clock.



> Let's get a concrete idea of such a "document". Say I
> want a statement from you that you legally have access
> to an email account today. Today is 2011-05-07. I have
> your key, with a signing sub-key that expired in 2010.
> I refresh your key but Mallory manipulates the traffic
> and so a revocation certificate wouldn't have helped.
> It's a good thing that your sub-key expired, though,
> because I won't accept the signature from that sub-key
> as I'm looking for an up-to-date statement. In fact,
> I'll probably want: "As of 2011-05-07, I legally have
> access to email at example.com". There is *no way* I would
> accept that when the signature is dated in 2010.

Several months out (because it expired last year) is different to your
previous case of several hours out (because it expired yesterday). I
could put the clock back exactly a year and some recipients may not
spot one digit being different, but they are more likely to notice
that than to notice the day being off (unless it occurs early in the
new year before they have got used to spotting the year without
thinking about it).



> Does that make my point more clear? I wasn't saying
> that under all circumstances the expiration date helps.
> That would be crazy. I was saying that there are
> circumstances where it does,

It helps to raise a question in the mind of the person viewing the
signature (if they spot it).



> and since the cost is so
> low, that there is no point in not having them
> (assuming, of course, that you separate master and
> sub-keys).

You can't assume.


- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

Life is a holiday. In the same way that glass is a liquid.
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNxU8TnhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pvD8EAIA6
yHvGXM/rrzbfEpsGMptqQcVNOTFPgH8xxqdJpVrvlu1OYZ3OhHiW4kQV+vGVIzn6
SWci1bAJ3sI15o9cBIRIRoiA4lJhh7JBkgsoQ4o/ToS0QncD16cjZ46nyhPTFVfD
HZfAxArfylJ6+603yA7xycf2Lh++2uzaQV4+wFtu
=97P4
-----END PGP SIGNATURE-----



From mailinglisten at hauke-laging.de  Sat May  7 16:06:16 2011
From: mailinglisten at hauke-laging.de (Hauke Laging)
Date: Sat, 7 May 2011 16:06:16 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <1175774969.20110507145421@my_localhost>
References: <4DC2493C.4060403@gmx.com>
	<BANLkTimpo-Bwz38icRFC-CudrkH968fhZQ@mail.gmail.com>
	<1175774969.20110507145421@my_localhost>
Message-ID: <201105071606.21732.mailinglisten@hauke-laging.de>

Am Samstag, 7. Mai 2011, 15:54:21 schrieb MFPA:

> > and since the cost is so
> > low, that there is no point in not having them
> > (assuming, of course, that you separate master and
> > sub-keys).
> 
> You can't assume.

You can very well if you don't claim that for all cases but use this 
assumption for distinguishung between a useful and a useless use if expiration 
dates. AFAIR noone here on the list has claimed that it makes sense (with 
respect to security) to use key expiration dates without offline mainkeys. 
That is an important point in the discussion.


Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110507/612a7690/attachment.pgp>

From jerome at jeromebaum.com  Sat May  7 17:03:19 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Sat, 7 May 2011 17:03:19 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <1175774969.20110507145421@my_localhost>
References: <4DC2493C.4060403@gmx.com> <4DC393B5.60007@gmx.com>
	<4DC3A7AD.9050106@dougbarton.us>
	<201105061734.27249.mailinglisten@hauke-laging.de>
	<4DC45BF8.5070702@dougbarton.us>
	<BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
	<417913255.20110506220758@my_localhost>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<BANLkTik+i0mL2fOzkZBzPt+yKOOjYcs_vw@mail.gmail.com>
	<BANLkTimNq9nxpf23=pE2n0rR1sTnH3Aicw@mail.gmail.com>
	<316401776.20110507004340@my_localhost>
	<BANLkTimpo-Bwz38icRFC-CudrkH968fhZQ@mail.gmail.com>
	<1175774969.20110507145421@my_localhost>
Message-ID: <BANLkTi=eRgk72ZXRB46DwkC_diM0ETgptQ@mail.gmail.com>

On Sat, May 7, 2011 at 15:54, MFPA <expires2011 at ymail.com> wrote:

> (snip huge email)
>

Next time can you read the whole email and reply to it as a whole?

As for signature checking, I stand by my point: Over here, signing a
document today and claiming on the signature that it was signed tomorrow is
going to be an offense (if there is a loss to a third party, of course -- a
lie isn't fraud until there is damage).

The post-dated cheque doesn't say "I signed this in the future", but "only
accept this from that point in the future". That's a big difference. As for
the clerk, he's an idiot and probably liable for accepting it. It's not my
problem if people don't check the signature timestamp, I can only do my part
on making the date accurate -- plus maybe educating my recipient on checking
the timestamp.

As for the "expert" witness, you can bring in an expert to claim anything.
That doesn't change the facts and isn't relevant to this argument. You
assumption on what a court would decide is the kind of assumption you said I
can't make -- which, as Hauke points out, I didn't.

As for months vs. years, I wanted a clear example. Doesn't really make a
difference -- 1304780513 is different from 1304780514, and also different
from 1404780513. What's your point? That the guy checking my signature is
being careless by only checking the year? See the clerk point above.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110507/e1ac8bb2/attachment.htm>

From jeandavid8 at verizon.net  Sat May  7 19:16:20 2011
From: jeandavid8 at verizon.net (Jean-David Beyer)
Date: Sat, 07 May 2011 13:16:20 -0400
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTi=eRgk72ZXRB46DwkC_diM0ETgptQ@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com> <4DC393B5.60007@gmx.com>
	<4DC3A7AD.9050106@dougbarton.us>
	<201105061734.27249.mailinglisten@hauke-laging.de>
	<4DC45BF8.5070702@dougbarton.us>
	<BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
	<417913255.20110506220758@my_localhost>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<BANLkTik+i0mL2fOzkZBzPt+yKOOjYcs_vw@mail.gmail.com>
	<BANLkTimNq9nxpf23=pE2n0rR1sTnH3Aicw@mail.gmail.com>
	<316401776.20110507004340@my_localhost>
	<BANLkTimpo-Bwz38icRFC-CudrkH968fhZQ@mail.gmail.com>
	<1175774969.20110507145421@my_localhost>
	<BANLkTi=eRgk72ZXRB46DwkC_diM0ETgptQ@mail.gmail.com>
Message-ID: <4DC57E64.50404@verizon.net>

Jerome Baum wrote:
> On Sat, May 7, 2011 at 15:54, MFPA <expires2011 at ymail.com
> <mailto:expires2011 at ymail.com>> wrote:
> 
>     (snip huge email)
> 
> 
> Next time can you read the whole email and reply to it as a whole?
> 
> As for signature checking, I stand by my point: Over here, signing a
> document today and claiming on the signature that it was signed tomorrow
> is going to be an offense (if there is a loss to a third party, of
> course -- a lie isn't fraud until there is damage).
> 
> The post-dated cheque doesn't say "I signed this in the future", but
> "only accept this from that point in the future". That's a big
> difference. As for the clerk, he's an idiot and probably liable for
> accepting it. It's not my problem if people don't check the signature
> timestamp, I can only do my part on making the date accurate -- plus
> maybe educating my recipient on checking the timestamp.
> 
When I was on a grand jury, the prosecutor said that while the words of
the law made it illegal to write a post dated check (in this state),
that they did not prosecute for this unless there was intent to commit a
fraud, and that is difficult to prove.

A friend who worked at a bank said they never looked at the dates, but
cashed them when presented unless there were insufficient funds to honor
them. So there is no use in writing a post dated check unless the person
to whom it is presented holds on to it until the date.

As treasurer of a tax deductible organization, I use the date on the
check as the date of the donation except sometimes I do not. I do not
when it is dated something late in December, but postmarked mid January
or later. In that case, I use the postmark date.

So people writing pre-dated or post-date checks are wasting their time.

-- 
  .~.  Jean-David Beyer          Registered Linux User 85642.
  /V\  PGP-Key: 9A2FC99A         Registered Machine   241939.
 /( )\ Shrewsbury, New Jersey    http://counter.li.org
 ^^-^^ 13:10:01 up 21 days, 16:28, 3 users, load average: 4.57, 4.78, 5.01


From jerome at jeromebaum.com  Sat May  7 19:42:06 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Sat, 7 May 2011 19:42:06 +0200
Subject: [OT] Re: Best practice for periodic key change?
In-Reply-To: <4DC57E64.50404@verizon.net>
References: <4DC2493C.4060403@gmx.com> <4DC393B5.60007@gmx.com>
	<4DC3A7AD.9050106@dougbarton.us>
	<201105061734.27249.mailinglisten@hauke-laging.de>
	<4DC45BF8.5070702@dougbarton.us>
	<BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
	<417913255.20110506220758@my_localhost>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<BANLkTik+i0mL2fOzkZBzPt+yKOOjYcs_vw@mail.gmail.com>
	<BANLkTimNq9nxpf23=pE2n0rR1sTnH3Aicw@mail.gmail.com>
	<316401776.20110507004340@my_localhost>
	<BANLkTimpo-Bwz38icRFC-CudrkH968fhZQ@mail.gmail.com>
	<1175774969.20110507145421@my_localhost>
	<BANLkTi=eRgk72ZXRB46DwkC_diM0ETgptQ@mail.gmail.com>
	<4DC57E64.50404@verizon.net>
Message-ID: <BANLkTi=-c_xijTNE7+qyrLv06fJ2d7zDig@mail.gmail.com>

Hey not that any of this relates to the original question on digital
signatures, but interesting nonetheless so I guess let's keep it on the list
as OT.

On Sat, May 7, 2011 at 19:16, Jean-David Beyer <jeandavid8 at verizon.net>wrote:
>
> When I was on a grand jury, the prosecutor said that while the words of
> the law made it illegal to write a post dated check (in this state),
> that they did not prosecute for this unless there was intent to commit a
> fraud, and that is difficult to prove.
>

In that case we had a different understanding. Checks aren't common over
here and I never saw a post-dated check -- which I assumed is a check that
is meant to be available after a certain date -- not a check that is signed
incorrectly. However if it is common practice to post-date checks, then it
is reasonable not to prosecute as the date probably doesn't say "I signed
this check on the 5th" but rather just "5". It's then a matter of
interpretation, and common practice dictates interpretation here. I'd
interpret it as "I want this to be available after the 5th". Also see below
about prosecution.


> A friend who worked at a bank said they never looked at the dates, but
> cashed them when presented unless there were insufficient funds to honor
> them. So there is no use in writing a post dated check unless the person
> to whom it is presented holds on to it until the date.
>

It seems here that people who write "post-dated" checks the way you describe
them don't quite understand what that particular date means (or I
misunderstood you). What you describe is the signature date, and that date
is *supposed* to be the date when you signed it. Using a different date is
lying, but as you say it won't be prosecuted unless there is intended fraud
or actual damage. It isn't usually illegal to lie (there may be specific
exceptions e.g. checks), unless there is consequent damage. In fact, there
are laws that explicitly allow lying even with consequent damage -- think
anti-discrimination.


> As treasurer of a tax deductible organization, I use the date on the
> check as the date of the donation except sometimes I do not. I do not
> when it is dated something late in December, but postmarked mid January
> or later. In that case, I use the postmark date.
>

Obviously can't tell about the situation elsewhere but the donation date is
supposed to be the date when you received the donation. If it's a cashier's
check -- which apparently aren't allowed over here -- then it's the date you
received it (*maybe* postmark date). If it's a normal check, it would be the
date you cashed it in. The (non-cashier's) check itself isn't the actual
payment, it's just a paper slip that instructs the bank to do the payment.

However, YMMV.


> So people writing pre-dated or post-date checks are wasting their time.


Even if the checks had a field "don't cash in until", I would still agree
with you. At my bank, I left clear instructions on the deposit box card to
require gov. ID for anyone trying to access my deposit box. The second time
I accessed it (i.e. the first time after getting it) they were fine with
just my key, didn't even ask for ID of any kind. I pointed it out and the
clerk said "oh, well it should be highlighted so we don't overlook it" --
funny thing is, it's the only thing on the card besides access times, there
is an "ID" column on the card as it's apparently common to require ID, and
it was a clerk from the same branch who wrote it on the card originally.

Overall banks are much more sloppy than I'd expect/hope them to be.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110507/9a90a3c8/attachment.htm>

From expires2011 at ymail.com  Sat May  7 21:36:47 2011
From: expires2011 at ymail.com (MFPA)
Date: Sat, 7 May 2011 20:36:47 +0100
Subject: [OT] Re: Best practice for periodic key change?
In-Reply-To: <BANLkTi=-c_xijTNE7+qyrLv06fJ2d7zDig@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com> <4DC393B5.60007@gmx.com>
	<4DC3A7AD.9050106@dougbarton.us>
	<201105061734.27249.mailinglisten@hauke-laging.de>
	<4DC45BF8.5070702@dougbarton.us>
	<BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
	<417913255.20110506220758@my_localhost>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<BANLkTik+i0mL2fOzkZBzPt+yKOOjYcs_vw@mail.gmail.com>
	<BANLkTimNq9nxpf23=pE2n0rR1sTnH3Aicw@mail.gmail.com>
	<316401776.20110507004340@my_localhost>
	<BANLkTimpo-Bwz38icRFC-CudrkH968fhZQ@mail.gmail.com>
	<1175774969.20110507145421@my_localhost>
	<BANLkTi=eRgk72ZXRB46DwkC_diM0ETgptQ@mail.gmail.com>
	<4DC57E64.50404@verizon.net>
	<BANLkTi=-c_xijTNE7+qyrLv06fJ2d7zDig@mail.gmail.com>
Message-ID: <410205845.20110507203647@my_localhost>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Saturday 7 May 2011 at 6:42:06 PM, in
<mid:BANLkTi=-c_xijTNE7+qyrLv06fJ2d7zDig at mail.gmail.com>, Jerome Baum
wrote:

> Hey not that any of this relates to the original
> question on digital signatures, but interesting
> nonetheless so I guess let's keep it on the list as OT.

Since (like any other legal document) the date on a cheque is deemed
to be the date of the signature, it is a non-digital analogy to the
discussion about signature dates.



> In that case we had a different understanding. Checks
> aren't common over here and I never saw a post-dated
> check -- which I assumed is a check that is meant to be
> available after a certain date -- not a check that is
> signed incorrectly.

You are entirely correct in your assumption.



>> A friend who worked at a bank said they never looked
>> at the dates, but cashed them when presented unless
>> there were insufficient funds to honor them.

That failure to correctly scrutinise is fairly common, and often
allows people to cash cheques that have expired.



> It seems here that people who write "post-dated" checks
> the way you describe them don't quite understand what
> that particular date means (or I misunderstood you).
> What you describe is the signature date, and that date
> is *supposed* to be the date when you signed it. Using
> a different date is lying

A cheque is an instruction to your bank to pay an amount of money to
somebody if they present it for payment within six months of the date
it was signed. In order to instruct the bank to pay within six months
from a future date, you are simply preparing in advance an instruction
effective from that future date. The date on the cheque is the date
from which the signature is effective. It is non-standard but was very
common when cheques were in widespread use. There is no lying, fraud
or deception involved.



> , but as you say it won't be
> prosecuted unless there is intended fraud or actual
> damage.

It is not illegal here, or even unlawful. I have heard of it being
banned elsewhere but never heard a credible rationale as to why the
practice should not be allowed.



> At my bank, I left clear
> instructions

Giving clear instructions to a bank is usually a waste of time. They
generally fail to carry them out correctly, in my experience.


- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

A candle loses nothing by lighting another candle
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNxZ9knhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pWuMEAJmX
Qx6aFQywo49Dnsc/vk+HvWWEK2sPPNi+YRCcOrsA3XHygFGN7GAyv9udRfA8wLNJ
IoRjMeqCp7lHL7Ls+FniwBeaJSHxaTfxDwxQH6nevmG0kMxJ6YdGHSM0mcx2IlrF
756TThZGwthh+mTSKd49ksmDYwJo7vdjfcb30dZZ
=SVXo
-----END PGP SIGNATURE-----



From expires2011 at ymail.com  Sat May  7 21:43:38 2011
From: expires2011 at ymail.com (MFPA)
Date: Sat, 7 May 2011 20:43:38 +0100
Subject: Best practice for periodic key change?
In-Reply-To: <201105071606.21732.mailinglisten@hauke-laging.de>
References: <4DC2493C.4060403@gmx.com>
	<BANLkTimpo-Bwz38icRFC-CudrkH968fhZQ@mail.gmail.com>
	<1175774969.20110507145421@my_localhost>
	<201105071606.21732.mailinglisten@hauke-laging.de>
Message-ID: <1232142862.20110507204338@my_localhost>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Saturday 7 May 2011 at 3:06:16 PM, in
<mid:201105071606.21732.mailinglisten at hauke-laging.de>, Hauke Laging
wrote:


> Am Samstag, 7. Mai 2011, 15:54:21 schrieb MFPA:
>> You can't assume.

> You can very well if you don't claim that for all cases but use this
> assumption for distinguishung between a useful and a useless use if
> expiration dates. AFAIR noone here on the list has claimed that it
> makes sense (with respect to security) to use key expiration dates
> without offline mainkeys. That is an important point in the
> discussion.

At what point does it become safe to assume that an individual with
expiry dates on their subkeys keeps their master key securely offline?


- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

Raining cats and dogs is better than hailing taxis.
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNxaDynhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pdSUD/jTu
kidc9dx/CxOkkkt9vmi2NEkctq66dBkVPFbeWPHOVwQNafWNh+tnG9t2JTdgfDJZ
LP6TXw0tE8dJsNIXaZO4RfvQbtaYNqFVIVxd+jUoihAsROV+DYbAjrMv89lW2j9K
mJS4835oQludvIqrXQ6Yaw5voqhWYvWnTGcDs8Qh
=9FId
-----END PGP SIGNATURE-----



From jerome at jeromebaum.com  Sat May  7 21:50:45 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Sat, 7 May 2011 21:50:45 +0200
Subject: [OT] Re: Best practice for periodic key change?
In-Reply-To: <410205845.20110507203647@my_localhost>
References: <4DC2493C.4060403@gmx.com> <4DC393B5.60007@gmx.com>
	<4DC3A7AD.9050106@dougbarton.us>
	<201105061734.27249.mailinglisten@hauke-laging.de>
	<4DC45BF8.5070702@dougbarton.us>
	<BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
	<417913255.20110506220758@my_localhost>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<BANLkTik+i0mL2fOzkZBzPt+yKOOjYcs_vw@mail.gmail.com>
	<BANLkTimNq9nxpf23=pE2n0rR1sTnH3Aicw@mail.gmail.com>
	<316401776.20110507004340@my_localhost>
	<BANLkTimpo-Bwz38icRFC-CudrkH968fhZQ@mail.gmail.com>
	<1175774969.20110507145421@my_localhost>
	<BANLkTi=eRgk72ZXRB46DwkC_diM0ETgptQ@mail.gmail.com>
	<4DC57E64.50404@verizon.net>
	<BANLkTi=-c_xijTNE7+qyrLv06fJ2d7zDig@mail.gmail.com>
	<410205845.20110507203647@my_localhost>
Message-ID: <BANLkTi=Tg4Z7MkwTNZtwLHpjmHfFznwH3A@mail.gmail.com>

On Sat, May 7, 2011 at 21:36, MFPA <expires2011 at ymail.com> wrote:

> On Saturday 7 May 2011 at 6:42:06 PM, in
> <mid:BANLkTi=-c_xijTNE7+qyrLv06fJ2d7zDig at mail.gmail.com>, Jerome Baum
> wrote:



> > In that case we had a different understanding. Checks
> > aren't common over here and I never saw a post-dated
> > check -- which I assumed is a check that is meant to be
> > available after a certain date -- not a check that is
> > signed incorrectly.
>
> You are entirely correct in your assumption.
>

"Meant" as in, the guy who created the check form (i.e. someone from the
bank or the gov.) intended it this way. Not "meant" as in abused to be that
way.


> > It seems here that people who write "post-dated" checks
> > the way you describe them don't quite understand what
> > that particular date means (or I misunderstood you).
> > What you describe is the signature date, and that date
> > is *supposed* to be the date when you signed it. Using
> > a different date is lying
>
> A cheque is an instruction to your bank to pay an amount of money to
> somebody if they present it for payment within six months of the date
> it was signed.


Exactly.


> In order to instruct the bank to pay within six months
> from a future date, you are simply preparing in advance an instruction
> effective from that future date. The date on the cheque is the date
> from which the signature is effective.


Didn't you just say it's permitted within six months of *signing*? More
precisely, the signature can't be "effective", only the intent can be. That
intent is testified by your signature. But it is effective immediately. All
intent is effective as soon as it is expressed. It just may not apply under
given circumstances (i.e. before the post-date). However, as the check isn't
designed to carry a post-date, that is not the case here.


> It is non-standard but was very
> common when cheques were in widespread use. There is no lying, fraud
> or deception involved.
>

We weren't talking about fraud and deception. Only about lying -- rather,
telling an untruth, which you may or may not be doing intentionally. But it
is still an untruth if the form implies that the date is the dated the
signature was placed -- rather than an instruction to make the amount
available after that date.


> > , but as you say it won't be
> > prosecuted unless there is intended fraud or actual
> > damage.
>
> It is not illegal here, or even unlawful. I have heard of it being
> banned elsewhere but never heard a credible rationale as to why the
> practice should not be allowed.
>

As I said, lying isn't illegal. Try not to misquote me next time. Something
that isn't illegal obviously isn't prosecuted, which is the part that you
quoted.

As for post-dating checks, that's reasonable, but then add a field to the
check (rather, pray the banks might one day get smart).


> > At my bank, I left clear
> > instructions
>
> Giving clear instructions to a bank is usually a waste of time. They
> generally fail to carry them out correctly, in my experience.
>

At least if I can prove the clear instructions, they are then liable.
However, I agree that from my experience banks tend to be quite incompetent.
Still, hope dies last.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110507/7ced8d0e/attachment-0001.htm>

From expires2011 at ymail.com  Sat May  7 22:12:00 2011
From: expires2011 at ymail.com (MFPA)
Date: Sat, 7 May 2011 21:12:00 +0100
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTi=eRgk72ZXRB46DwkC_diM0ETgptQ@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com> <4DC393B5.60007@gmx.com>
	<4DC3A7AD.9050106@dougbarton.us>
	<201105061734.27249.mailinglisten@hauke-laging.de>
	<4DC45BF8.5070702@dougbarton.us>
	<BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
	<417913255.20110506220758@my_localhost>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<BANLkTik+i0mL2fOzkZBzPt+yKOOjYcs_vw@mail.gmail.com>
	<BANLkTimNq9nxpf23=pE2n0rR1sTnH3Aicw@mail.gmail.com>
	<316401776.20110507004340@my_localhost>
	<BANLkTimpo-Bwz38icRFC-CudrkH968fhZQ@mail.gmail.com>
	<1175774969.20110507145421@my_localhost>
	<BANLkTi=eRgk72ZXRB46DwkC_diM0ETgptQ@mail.gmail.com>
Message-ID: <386612905.20110507211200@my_localhost>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Saturday 7 May 2011 at 4:03:19 PM, in
<mid:BANLkTi=eRgk72ZXRB46DwkC_diM0ETgptQ at mail.gmail.com>, Jerome Baum
wrote:


> Next time can you read the whole email and reply to it
> as a whole?

It's generally better to read the whole email and then reply to
whichever points I have anything to say about. That way, it is fairly
easy to follow the discussion.



> The post-dated cheque doesn't say "I signed this in the
> future", but "only accept this from that point in the
> future". That's a big difference. As for the clerk,
> he's an idiot and probably liable for accepting it.

The (future) date on the cheque is simply the date from which the
signed instruction to pay takes effect.



> It's not my problem if people don't check the signature
> timestamp, I can only do my part on making the date
> accurate -- plus maybe educating my recipient on
> checking the timestamp.

Whether or not people check the signature timestamp, it still means
nothing more than "when I signed this, my signature clock was at this
date/time."



> You assumption on what
> a court would decide is the kind of assumption you said
> I can't make -- which, as Hauke points out, I didn't.

I made no such assumption, merely stated an opinion.



> As for months vs. years, I wanted a clear example.
> Doesn't really make a difference -- 1304780513 is
> different from 1304780514, and also different from
> 1404780513. What's your point?

It was months vs hours. My point was that a few hours one way or the
other, which was open to challenge in the light of the evidence about
an incorrectly set system clock at the time the document was emailed
back, was far less significant than a discrepancy of several months.

Of course, the absence of any evidence that the system clock was
correctly set when the signature was created makes the discussion a
purely academic exercise.

- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

If you can't convince them, confuse them.
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNxaeWnhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5p0JoEAIsV
/vnmisrR/w52U8YqEJu78z1iTXyUqiKWELh9C39h0MQsD4uwiaqQ8BITVNXW7NjO
e2i4iLYGZcN1rAGlRjrIZLX1TMXczqS40aQl4Pa/9btjCLkYxjPSOciVfXoIFTFs
6tdcPzP6tOyK31qKcPcoI/uwTuPyl4aboPu7AB7N
=AN5H
-----END PGP SIGNATURE-----



From kgo at grant-olson.net  Sat May  7 22:31:34 2011
From: kgo at grant-olson.net (Grant Olson)
Date: Sat, 07 May 2011 16:31:34 -0400
Subject: Best practice for periodic key change?
In-Reply-To: <201105071354.22124.mailinglisten@hauke-laging.de>
References: <4DC2493C.4060403@gmx.com>	<201105070405.19437.mailinglisten@hauke-laging.de>	<4DC4AF6D.3010309@grant-olson.net>
	<201105071354.22124.mailinglisten@hauke-laging.de>
Message-ID: <4DC5AC26.6000606@grant-olson.net>

On 5/7/2011 7:54 AM, Hauke Laging wrote:
> Am Samstag, 7. Mai 2011, 04:33:17 schrieb Grant Olson:
> 
>> 1) I digitally sign a document saying I owe you money.  The signing key
>> has an expiration date.
>>
>> 2) Key expires.  I do nothing.
>>
>> 3) The original document is invalidated.  I no longer owe you money?
> 
> Whether you owe me money does not depend on signing any documents in general. 
> :-)  Documents are usually just a proof.
> 
> You can still claim that somebody owes you money but the document does not 
> have the same legal value. What courts decide is another question...
> 

Yes, of course.

> But the fiscal authorities don't accept digital bills (probably the most 
> frequent use of legally qualified signatures here) which are signed by expired 
> keys only. You need a chain of signatures which prove that there was a non-
> expired signature at any point in time.
> 
> For the same reason it makes sense to have digitally signed documents signed 
> by another key (not just the document but the document together with the 
> signature) at once when you get them. Because you cannot know whether and if a 
> key will be revoked in the future. The moment it is revoked and you cannot 
> prove the signatures being older than the revoke all signatures are dead.
> 

Okay, now I understand.  It sounds like you're talking something like a
digital notarization.  That makes sense now.

-- 
Grant

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 552 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110507/6b02c94c/attachment.pgp>

From expires2011 at ymail.com  Sat May  7 22:38:48 2011
From: expires2011 at ymail.com (MFPA)
Date: Sat, 7 May 2011 21:38:48 +0100
Subject: [OT] Re: Best practice for periodic key change?
In-Reply-To: <BANLkTi=Tg4Z7MkwTNZtwLHpjmHfFznwH3A@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com> <4DC393B5.60007@gmx.com>
	<4DC3A7AD.9050106@dougbarton.us>
	<201105061734.27249.mailinglisten@hauke-laging.de>
	<4DC45BF8.5070702@dougbarton.us>
	<BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
	<417913255.20110506220758@my_localhost>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<BANLkTik+i0mL2fOzkZBzPt+yKOOjYcs_vw@mail.gmail.com>
	<BANLkTimNq9nxpf23=pE2n0rR1sTnH3Aicw@mail.gmail.com>
	<316401776.20110507004340@my_localhost>
	<BANLkTimpo-Bwz38icRFC-CudrkH968fhZQ@mail.gmail.com>
	<1175774969.20110507145421@my_localhost>
	<BANLkTi=eRgk72ZXRB46DwkC_diM0ETgptQ@mail.gmail.com>
	<4DC57E64.50404@verizon.net>
	<BANLkTi=-c_xijTNE7+qyrLv06fJ2d7zDig@mail.gmail.com>
	<410205845.20110507203647@my_localhost>
	<BANLkTi=Tg4Z7MkwTNZtwLHpjmHfFznwH3A@mail.gmail.com>
Message-ID: <1886439036.20110507213848@my_localhost>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Saturday 7 May 2011 at 8:50:45 PM, in
<mid:BANLkTi=Tg4Z7MkwTNZtwLHpjmHfFznwH3A at mail.gmail.com>, Jerome Baum
wrote:


> We weren't talking about fraud and deception. Only
> about lying -- rather, telling an untruth, which you
> may or may not be doing intentionally. But it is still
> an untruth if the form implies that the date is the
> dated the signature was placed -- rather than an
> instruction to make the amount available after that
> date.

Lying *is* deception. And your words "unless there is intended fraud"
appeared to me to be a reference to fraud.

As for the meaning of the date, whether it is supposed to mean the
date the signature was written or the date the instruction to pay
becomes effective or simply the date the cheque is issued to the payee
is unclear to me - and probably varies around the world. UK banks have
told me all three versions at various times. The one I heard
originally (and most often over the years) is the effective date of
the instruction to pay. YMMV.

Are we OT enough yet?


- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

During an eruption - move away from the volcano - not towards it
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNxa3lnhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5p5tUD/23X
qbYxg2mUvMtSE9xjGyn4ZybZI+cJstg/392D9Aqs8HQeIS9V7OQ34UHXPVZRngrS
LKAS2gLJe3Zh4nBsuQfe4UhEzg4MNiPs9D8d7YQJ9gY9cecU7xyc48gp3pRyRGVb
02Acup6iPjqmCBbOd+Vcwq2h8l62uf6bomFGb3if
=7P1o
-----END PGP SIGNATURE-----



From jerome at jeromebaum.com  Sat May  7 22:47:41 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Sat, 7 May 2011 22:47:41 +0200
Subject: [OT] Re: Best practice for periodic key change?
In-Reply-To: <1886439036.20110507213848@my_localhost>
References: <4DC2493C.4060403@gmx.com> <4DC393B5.60007@gmx.com>
	<4DC3A7AD.9050106@dougbarton.us>
	<201105061734.27249.mailinglisten@hauke-laging.de>
	<4DC45BF8.5070702@dougbarton.us>
	<BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
	<417913255.20110506220758@my_localhost>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<BANLkTik+i0mL2fOzkZBzPt+yKOOjYcs_vw@mail.gmail.com>
	<BANLkTimNq9nxpf23=pE2n0rR1sTnH3Aicw@mail.gmail.com>
	<316401776.20110507004340@my_localhost>
	<BANLkTimpo-Bwz38icRFC-CudrkH968fhZQ@mail.gmail.com>
	<1175774969.20110507145421@my_localhost>
	<BANLkTi=eRgk72ZXRB46DwkC_diM0ETgptQ@mail.gmail.com>
	<4DC57E64.50404@verizon.net>
	<BANLkTi=-c_xijTNE7+qyrLv06fJ2d7zDig@mail.gmail.com>
	<410205845.20110507203647@my_localhost>
	<BANLkTi=Tg4Z7MkwTNZtwLHpjmHfFznwH3A@mail.gmail.com>
	<1886439036.20110507213848@my_localhost>
Message-ID: <BANLkTimXenJmukZMUo8Z6UZpnSdc78Y=sA@mail.gmail.com>

On Sat, May 7, 2011 at 22:38, MFPA <expires2011 at ymail.com> wrote:

> On Saturday 7 May 2011 at 8:50:45 PM, in
> <mid:BANLkTi=Tg4Z7MkwTNZtwLHpjmHfFznwH3A at mail.gmail.com>, Jerome Baum
> wrote:
>
>
> > We weren't talking about fraud and deception. Only
> > about lying -- rather, telling an untruth, which you
> > may or may not be doing intentionally. But it is still
> > an untruth if the form implies that the date is the
> > dated the signature was placed -- rather than an
> > instruction to make the amount available after that
> > date.
>
> Lying *is* deception. And your words "unless there is intended fraud"
> appeared to me to be a reference to fraud.
>

So, you are now talking about appearances and intentions? Also, since when
is this a list where we discuss writing style? Didn't you say "Jerome Baum
wrote" above? I think you get my point.


> As for the meaning of the date, whether it is supposed to mean the
> date the signature was written or the date the instruction to pay
> becomes effective or simply the date the cheque is issued to the payee
> is unclear to me - and probably varies around the world. UK banks have
> told me all three versions at various times. The one I heard
> originally (and most often over the years) is the effective date of
> the instruction to pay. YMMV.
>

I would trust the fine print over any of these versions. That's what I meant
with banks being incompetent.  I might read through my fine print later to
find out. If I do, I'll post here.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110507/cf9570a9/attachment.htm>

From jerome at jeromebaum.com  Sat May  7 22:52:51 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Sat, 7 May 2011 22:52:51 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <1232142862.20110507204338@my_localhost>
References: <4DC2493C.4060403@gmx.com>
	<BANLkTimpo-Bwz38icRFC-CudrkH968fhZQ@mail.gmail.com>
	<1175774969.20110507145421@my_localhost>
	<201105071606.21732.mailinglisten@hauke-laging.de>
	<1232142862.20110507204338@my_localhost>
Message-ID: <BANLkTi=nwTMCChQ96OLpKHdMOVunSOqZgA@mail.gmail.com>

On Sat, May 7, 2011 at 21:43, MFPA <expires2011 at ymail.com> wrote:

> On Saturday 7 May 2011 at 3:06:16 PM, in
> <mid:201105071606.21732.mailinglisten at hauke-laging.de>, Hauke Laging
> wrote:
>
>
> > Am Samstag, 7. Mai 2011, 15:54:21 schrieb MFPA:
> >> You can't assume.
>
> > You can very well if you don't claim that for all cases but use this
> > assumption for distinguishung between a useful and a useless use if
> > expiration dates. AFAIR noone here on the list has claimed that it
> > makes sense (with respect to security) to use key expiration dates
> > without offline mainkeys. That is an important point in the
> > discussion.
>
> At what point does it become safe to assume that an individual with
> expiry dates on their subkeys keeps their master key securely offline?


I don't think you get what kind of assumption we are talking about. There
are two kinds:

1. I assume something is generally true, e.g.: I assume the world is around.

2. I assume something is true within this scope, so I don't have to restate
the precondition with every statement I make, e.g.: "assuming y < z, and z <
x, we can follow that y < x". It isn't really an argument to say "you can't
assume y < z, so the point is invalid".

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110507/2bc056a1/attachment-0001.htm>

From kloecker at kde.org  Sat May  7 22:56:14 2011
From: kloecker at kde.org (Ingo =?iso-8859-15?q?Kl=F6cker?=)
Date: Sat, 07 May 2011 22:56:14 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <13410420043.20110506220251@my_localhost>
References: <4DC2493C.4060403@gmx.com>
	<201105062148.04108@thufir.ingo-kloecker.de>
	<13410420043.20110506220251@my_localhost>
Message-ID: <201105072256.15008@thufir.ingo-kloecker.de>

On Friday 06 May 2011, MFPA wrote:
> Hi
> 
> 
> On Friday 6 May 2011 at 8:48:03 PM, in
> 
> <mid:201105062148.04108 at thufir.ingo-kloecker.de>, Ingo Kl?cker wrote:
> > Unless I'm missing something the difference is as
> > follows: - With prolongation of the expiration time
> > releases signed before the  prolongation will keep
> > having a valid signature. - If one creates a new subkey
> > then releases signed with the old expired subkey(s)
> > will have an invalid signature. One would have to
> > re-sign the old releases with the new subkey.
> 
> Surely the signature on the old release would still be valid; it
> would just be from a now-expired subkey instead of from the new and
> currently-valid subkey. Or have I overlooked something?

It depends on your definition of "valid". In my book a signature can 
only be valid if the corresponding key is valid. Expired keys are not 
valid (anymore).


Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110507/ff9dc08c/attachment.pgp>

From jerome at jeromebaum.com  Sat May  7 23:02:15 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Sat, 7 May 2011 23:02:15 +0200
Subject: [OT] Re: Best practice for periodic key change?
In-Reply-To: <BANLkTimXenJmukZMUo8Z6UZpnSdc78Y=sA@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com> <4DC393B5.60007@gmx.com>
	<4DC3A7AD.9050106@dougbarton.us>
	<201105061734.27249.mailinglisten@hauke-laging.de>
	<4DC45BF8.5070702@dougbarton.us>
	<BANLkTim3-DgY2NGVETevfJsXng8M5C2t0g@mail.gmail.com>
	<417913255.20110506220758@my_localhost>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<BANLkTik+i0mL2fOzkZBzPt+yKOOjYcs_vw@mail.gmail.com>
	<BANLkTimNq9nxpf23=pE2n0rR1sTnH3Aicw@mail.gmail.com>
	<316401776.20110507004340@my_localhost>
	<BANLkTimpo-Bwz38icRFC-CudrkH968fhZQ@mail.gmail.com>
	<1175774969.20110507145421@my_localhost>
	<BANLkTi=eRgk72ZXRB46DwkC_diM0ETgptQ@mail.gmail.com>
	<4DC57E64.50404@verizon.net>
	<BANLkTi=-c_xijTNE7+qyrLv06fJ2d7zDig@mail.gmail.com>
	<410205845.20110507203647@my_localhost>
	<BANLkTi=Tg4Z7MkwTNZtwLHpjmHfFznwH3A@mail.gmail.com>
	<1886439036.20110507213848@my_localhost>
	<BANLkTimXenJmukZMUo8Z6UZpnSdc78Y=sA@mail.gmail.com>
Message-ID: <BANLkTikppz9CZSBWG=aeLdNyS=Zohkn3nw@mail.gmail.com>

On Sat, May 7, 2011 at 22:47, Jerome Baum <jerome at jeromebaum.com> wrote:

> On Sat, May 7, 2011 at 22:38, MFPA <expires2011 at ymail.com> wrote:
>
>> As for the meaning of the date, whether it is supposed to mean the
>>
> date the signature was written or the date the instruction to pay
>> becomes effective or simply the date the cheque is issued to the payee
>> is unclear to me - and probably varies around the world. UK banks have
>> told me all three versions at various times. The one I heard
>> originally (and most often over the years) is the effective date of
>> the instruction to pay. YMMV.
>>
>
> I would trust the fine print over any of these versions. That's what I
> meant with banks being incompetent.  I might read through my fine print
> later to find out. If I do, I'll post here.
>

Per Art. 1 Nr. 5 ScheckG (German law regarding checks), the date on the
check is the date of issuing. Per Art. 28 there is no post-dating.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110507/ec7b4ef8/attachment.htm>

From expires2011 at ymail.com  Sat May  7 23:07:33 2011
From: expires2011 at ymail.com (MFPA)
Date: Sat, 7 May 2011 22:07:33 +0100
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTi=nwTMCChQ96OLpKHdMOVunSOqZgA@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com>
	<BANLkTimpo-Bwz38icRFC-CudrkH968fhZQ@mail.gmail.com>
	<1175774969.20110507145421@my_localhost>
	<201105071606.21732.mailinglisten@hauke-laging.de>
	<1232142862.20110507204338@my_localhost>
	<BANLkTi=nwTMCChQ96OLpKHdMOVunSOqZgA@mail.gmail.com>
Message-ID: <55320045.20110507220733@my_localhost>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Saturday 7 May 2011 at 9:52:51 PM, in
<mid:BANLkTi=nwTMCChQ96OLpKHdMOVunSOqZgA at mail.gmail.com>, Jerome Baum
wrote:

> I don't think you get what kind of assumption we are
> talking about. There are two kinds:

> 1. I assume something is generally true, e.g.: I assume
> the world is around.

> 2. I assume something is true within this scope, so I
> don't have to restate the precondition with every
> statement I make, e.g.: "assuming y < z, and z < x, we
> can follow that y < x". It isn't really an argument to
> say "you can't assume y < z, so the point is invalid".

I agree that in this specific instance we can assume y < z. I do not
agree that in general we can assume that an individual with expiry
dates on their subkeys keeps their master key securely offline.


- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

Don't ask me, I'm making this up as I go!
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNxbSdnhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pkxAD/Aoq
p02FGwAMlU0hQX1GZPUeIhG1SOuCwWvj0OHJQNiJFJUE4hu6v8jlSoEpL6/YUk8N
e2LTlTvjDwvf7KXPf5RDUtfC0EEQqo3CZYejAMDMerKS+9ni5b5oycerkoUHJ1Wu
fpQLLB8wo6zp0MG8Ur8Thf+o5FlvohLoXP+zlTQx
=BQFt
-----END PGP SIGNATURE-----



From kloecker at kde.org  Sat May  7 23:08:10 2011
From: kloecker at kde.org (Ingo =?iso-8859-15?q?Kl=F6cker?=)
Date: Sat, 07 May 2011 23:08:10 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <4DC6FF86.8000506@grant-olson.net>
References: <4DC2493C.4060403@gmx.com>
	<201105062148.04108@thufir.ingo-kloecker.de>
	<4DC6FF86.8000506@grant-olson.net>
Message-ID: <201105072308.11030@thufir.ingo-kloecker.de>

On Sunday 08 May 2011, Grant Olson wrote:
   ===============

You seem to send messages from the future. ;-)

> On 5/6/11 3:48 PM, Ingo Kl?cker wrote:
> > On Thursday 05 May 2011, Hauke Laging wrote:
> >> What is the difference between these two options with respect to
> >> the point of confusion?
> > 
> > Unless I'm missing something the difference is as follows:
> > - With prolongation of the expiration time releases signed before
> > the prolongation will keep having a valid signature.
> > - If one creates a new subkey then releases signed with the old
> > expired subkey(s) will have an invalid signature. One would have
> > to re-sign the old releases with the new subkey.
> 
> Nope.
> 
> The old releases won't have an invalid sig as long as the sig was
> made before the expiration date.  Expiring a key now doesn't
> invalidate a sig made yesterday.  Gpg will print out a note saying
> the key is expired, but it's not as drastic as the error with a
> post-dated signature.

Ahh. My bad. Thanks for the heads up. I wasn't aware of this difference 
between signatures made before and after the expiration date.


Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110507/2a4df9d3/attachment.pgp>

From jerome at jeromebaum.com  Sat May  7 23:10:50 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Sat, 7 May 2011 23:10:50 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <55320045.20110507220733@my_localhost>
References: <4DC2493C.4060403@gmx.com>
	<BANLkTimpo-Bwz38icRFC-CudrkH968fhZQ@mail.gmail.com>
	<1175774969.20110507145421@my_localhost>
	<201105071606.21732.mailinglisten@hauke-laging.de>
	<1232142862.20110507204338@my_localhost>
	<BANLkTi=nwTMCChQ96OLpKHdMOVunSOqZgA@mail.gmail.com>
	<55320045.20110507220733@my_localhost>
Message-ID: <BANLkTinqw-KnuSy-m_zUKjua8zEFG2emyg@mail.gmail.com>

On Sat, May 7, 2011 at 23:07, MFPA <expires2011 at ymail.com> wrote:

> On Saturday 7 May 2011 at 9:52:51 PM, in
> <mid:BANLkTi=nwTMCChQ96OLpKHdMOVunSOqZgA at mail.gmail.com>, Jerome Baum
> wrote:
>
> > I don't think you get what kind of assumption we are
> > talking about. There are two kinds:
>
> > 1. I assume something is generally true, e.g.: I assume
> > the world is around.
>
> > 2. I assume something is true within this scope, so I
> > don't have to restate the precondition with every
> > statement I make, e.g.: "assuming y < z, and z < x, we
> > can follow that y < x". It isn't really an argument to
> > say "you can't assume y < z, so the point is invalid".
>
> I agree that in this specific instance we can assume y < z. I do not
> agree that in general we can assume that an individual with expiry
> dates on their subkeys keeps their master key securely offline.


... which isn't what we were doing. Let me explain that again. Assuming
something "in general" is a type 1 assumption. We were doing a type 2
assumption -- assuming something to simply a point. It would become tedious
to keep writing "if the individual in question keeps their master key
securely offline" before each and every sentence.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110507/ffd97aff/attachment.htm>

From kloecker at kde.org  Sat May  7 23:15:24 2011
From: kloecker at kde.org (Ingo =?iso-8859-1?q?Kl=F6cker?=)
Date: Sat, 07 May 2011 23:15:24 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <175221688.20110506234025@my_localhost>
References: <4DC2493C.4060403@gmx.com>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
Message-ID: <201105072315.25120@thufir.ingo-kloecker.de>

On Saturday 07 May 2011, MFPA wrote:
> Hi
> 
> 
> On Friday 6 May 2011 at 10:18:29 PM, in
> <mid:BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA at mail.gmail.com>, Jerome Baum
> 
> wrote:
> >>> If my key expired yesterday, no-one can
> >>> forge a message with that key and claim it's from
> >>> today.
> >> 
> >> Never heard of a system clock that was wrong?
> > 
> > I'll give a summary reply here for everyone stating
> > it's still possible to make that signature. It's
> > possible if the master key is compromised. I was
> > assuming a sub-key with an expiration date.
> 
> It is trivial to make that signature without compromising the master
> key.
> 
> Suppose your master key is secure and offline but Mallory has control
> of your subkey that expired yesterday. Mallory can put their system
> clock back 24hrs to sign and send a message, and then truthfully
> claim the message was signed today. They can back up this claim with
> email headers and server logs demonstrating the clock discrepancy.

This explains why digital signatures with legally binding date often 
(always?) require a timestamp by a certified third party.


Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110507/03f29c1d/attachment-0001.pgp>

From expires2011 at ymail.com  Sat May  7 23:17:56 2011
From: expires2011 at ymail.com (MFPA)
Date: Sat, 7 May 2011 22:17:56 +0100
Subject: Best practice for periodic key change?
In-Reply-To: <201105072256.15008@thufir.ingo-kloecker.de>
References: <4DC2493C.4060403@gmx.com>
	<201105062148.04108@thufir.ingo-kloecker.de>
	<13410420043.20110506220251@my_localhost>
	<201105072256.15008@thufir.ingo-kloecker.de>
Message-ID: <609832602.20110507221756@my_localhost>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Saturday 7 May 2011 at 9:56:14 PM, in
<mid:201105072256.15008 at thufir.ingo-kloecker.de>, Ingo Kl?cker wrote:


> It depends on your definition of "valid". In my book a
> signature can  only be valid if the corresponding key
> is valid. Expired keys are not  valid (anymore).

I thought a key was incapable of making signatures with timestamps
beyond its expiry time but could still be used to verify signatures
that already existed.

- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

A wise man once said ..."I don't know."
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNxbcJnhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pPPgD/0Gw
4SINz9JbMTzdQdTe3KL5KkaoyK15RziImH0U3mvfYFRsfjm4+F+u8LwaiKHMZQmk
1tbJPy284qBHMMapxVh6uQToVRHZhmjwlO70SAKKcF42cDWiNwW6cLzm+0a9xB1Y
dqHxXECsPuJi7Ay52e5cvCMV7hL8xiqjKdrTKoLe
=UTKJ
-----END PGP SIGNATURE-----



From jerome at jeromebaum.com  Sat May  7 23:21:17 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Sat, 7 May 2011 23:21:17 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <201105072315.25120@thufir.ingo-kloecker.de>
References: <4DC2493C.4060403@gmx.com>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<201105072315.25120@thufir.ingo-kloecker.de>
Message-ID: <BANLkTinacQCd+mZ7fL1THLK55X2+u9g5-w@mail.gmail.com>

2011/5/7 Ingo Kl?cker <kloecker at kde.org>

> This explains why digital signatures with legally binding date often
> (always?) require a timestamp by a certified third party.
>

Not always (every statement of intent is binding, even w/out a notary), but
e.g. over here (Germany) for a digital signature to reach a certain level of
documentation, you will need a certification on the signature date -- even
if the date isn't important, the certification is there to confirm the key
was valid at the (actual) time of signing. BTW, the laws here enforce the
keys to have an expiration date to reach that level.

On digital signatures being legally binding, apparently a scanned bitmap of
your signature is enough to be "binding" (as would be no signature), just
that it isn't very strong documentation.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110507/519bc1f4/attachment.htm>

From jerome at jeromebaum.com  Sat May  7 23:22:33 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Sat, 7 May 2011 23:22:33 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <609832602.20110507221756@my_localhost>
References: <4DC2493C.4060403@gmx.com>
	<201105062148.04108@thufir.ingo-kloecker.de>
	<13410420043.20110506220251@my_localhost>
	<201105072256.15008@thufir.ingo-kloecker.de>
	<609832602.20110507221756@my_localhost>
Message-ID: <BANLkTimrObi47OttgoKKvEEOH-AyRooz_A@mail.gmail.com>

2011/5/7 MFPA <expires2011 at ymail.com>

> On Saturday 7 May 2011 at 9:56:14 PM, in
> <mid:201105072256.15008 at thufir.ingo-kloecker.de>, Ingo Kl?cker wrote:
>
>
> > It depends on your definition of "valid". In my book a
> > signature can  only be valid if the corresponding key
> > is valid. Expired keys are not  valid (anymore).
>
> I thought a key was incapable of making signatures with timestamps
> beyond its expiry time but could still be used to verify signatures
> that already existed.


Definitely. I get his point about rejecting them entirely though, as it is
(and that's what this dicussion is all about) difficult to verify the
(actual) signature time.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110507/e369060e/attachment.htm>

From expires2011 at ymail.com  Sat May  7 23:49:40 2011
From: expires2011 at ymail.com (MFPA)
Date: Sat, 7 May 2011 22:49:40 +0100
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTinacQCd+mZ7fL1THLK55X2+u9g5-w@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<201105072315.25120@thufir.ingo-kloecker.de>
	<BANLkTinacQCd+mZ7fL1THLK55X2+u9g5-w@mail.gmail.com>
Message-ID: <05433510.20110507224940@my_localhost>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Saturday 7 May 2011 at 10:21:17 PM, in
<mid:BANLkTinacQCd+mZ7fL1THLK55X2+u9g5-w at mail.gmail.com>, Jerome Baum
wrote:


> On digital signatures being legally binding, apparently
> a scanned bitmap of your signature is enough to be
> "binding" (as would be no signature), just that it
> isn't very strong documentation.

What is to stop that scanned bitmap of a person's signature being
applied to a document the individual has no knowledge about?


- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

What's another word for synonym?
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNxb6CnhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5p5E0D/2Km
Hd1UD7MJX7lATCE7mliY16m99P2R/KRpmaET1MhXTFCaxghXLKGgWgiOxeeaK1Zu
yPCQPsDOfPF85ujuwdp2fnAFH6IcYi+NT+1DxtmUEVTozdAVpjgfkXFR9290EwE9
VrdqymFv4itu+51rYIc8cLs+na33pHbcn/yNuPYo
=frVX
-----END PGP SIGNATURE-----



From rjh at sixdemonbag.org  Sat May  7 23:56:37 2011
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Sat, 07 May 2011 14:56:37 -0700
Subject: Best practice for periodic key change?
In-Reply-To: <05433510.20110507224940@my_localhost>
References: <4DC2493C.4060403@gmx.com>	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>	<175221688.20110506234025@my_localhost>	<201105072315.25120@thufir.ingo-kloecker.de>	<BANLkTinacQCd+mZ7fL1THLK55X2+u9g5-w@mail.gmail.com>
	<05433510.20110507224940@my_localhost>
Message-ID: <4DC5C015.7050800@sixdemonbag.org>

On 05/07/2011 02:49 PM, MFPA wrote:
> What is to stop that scanned bitmap of a person's signature being
> applied to a document the individual has no knowledge about?

Nothing.  That's the nature of physical signatures.

A physical signature binds tightly to the individual (handwriting being
hard to forge), but loosely to the document.

A digital signature binds loosely to the individual (certificate
repudiation being pretty easy), but tightly to the document.

This is one of the reasons why I generally dislike the way the word
"signature" gets abused in these discussions.  Comparisons to physical
signatures inevitably arise, and the two of them seem quite a bit more
dissimilar than alike.


From expires2011 at ymail.com  Sun May  8 00:07:10 2011
From: expires2011 at ymail.com (MFPA)
Date: Sat, 7 May 2011 23:07:10 +0100
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTimrObi47OttgoKKvEEOH-AyRooz_A@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com>
	<201105062148.04108@thufir.ingo-kloecker.de>
	<13410420043.20110506220251@my_localhost>
	<201105072256.15008@thufir.ingo-kloecker.de>
	<609832602.20110507221756@my_localhost>
	<BANLkTimrObi47OttgoKKvEEOH-AyRooz_A@mail.gmail.com>
Message-ID: <1686486157.20110507230710@my_localhost>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Saturday 7 May 2011 at 10:22:33 PM, in
<mid:BANLkTimrObi47OttgoKKvEEOH-AyRooz_A at mail.gmail.com>, Jerome Baum
wrote:

> Definitely. I get his point about rejecting them
> entirely though, as it is (and that's what this
> dicussion is all about) difficult to verify the
> (actual) signature time.

Maybe we could use something like
http://www.itconsult.co.uk/stamper.htm

- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

Gypsy Dwarf Escapes Prison: Small Medium at large
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNxcKTnhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pzGQD/ipu
LyjM5K28t279xg4t0OLLh81RbamxnPcJoja+V6/U2d9gzOQ/M63//qT6oz78GlHH
R2lXxnv9EEQhV27Q7sGBWezXQLj5wnIAJH6C/qcqEhNpe9SxO8unkMyWUTgZwlpg
tOCmo8S8kbmWOHKpQp4PoG3GUvPlWtgWtD3Ub819
=jhP/
-----END PGP SIGNATURE-----



From kgo at grant-olson.net  Sun May  8 00:26:58 2011
From: kgo at grant-olson.net (Grant Olson)
Date: Sat, 07 May 2011 18:26:58 -0400
Subject: Best practice for periodic key change?
In-Reply-To: <201105072308.11030@thufir.ingo-kloecker.de>
References: <4DC2493C.4060403@gmx.com>	<201105062148.04108@thufir.ingo-kloecker.de>	<4DC6FF86.8000506@grant-olson.net>
	<201105072308.11030@thufir.ingo-kloecker.de>
Message-ID: <4DC5C732.3080802@grant-olson.net>

On 5/7/2011 5:08 PM, Ingo Kl?cker wrote:
> On Sunday 08 May 2011, Grant Olson wrote:
>    ===============
> 
> You seem to send messages from the future. ;-)
> 

That's funny.

I wanted to make sure I wasn't lying before replying.  A little later I
was deploying code to some servers.  After the update the interface said
the servers were last updated two days ago.  I was freaking out for
about five minutes until I realized I changed my system clock.

-- 
Grant

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 552 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110507/e31b0aca/attachment-0001.pgp>

From jerome at jeromebaum.com  Sun May  8 03:13:00 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Sun, 8 May 2011 03:13:00 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <4DC5C015.7050800@sixdemonbag.org>
References: <4DC2493C.4060403@gmx.com>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<201105072315.25120@thufir.ingo-kloecker.de>
	<BANLkTinacQCd+mZ7fL1THLK55X2+u9g5-w@mail.gmail.com>
	<05433510.20110507224940@my_localhost>
	<4DC5C015.7050800@sixdemonbag.org>
Message-ID: <BANLkTinv7NvPG9gE1Fha+X+6ZkHzdXdRdg@mail.gmail.com>

On Sat, May 7, 2011 at 23:56, Robert J. Hansen <rjh at sixdemonbag.org> wrote:

> On 05/07/2011 02:49 PM, MFPA wrote:
> > What is to stop that scanned bitmap of a person's signature being
> > applied to a document the individual has no knowledge about?
>
> Nothing.  That's the nature of physical signatures.


I was talking about a digital signature though.

MFPA: I agree about the signature being very weak. I am just repeating what
German law says. This is from some brochure brought out by the BSI. It's
also quite a right interpretation -- they aren't assigning much strength to
it, it's what we have advanced and qualified electronic signatures for. The
bitmap scan is still digital though, and it is a signature. So, it is an
electronic signature. Makes sense, just don't accept it in court.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110508/fa29acfc/attachment.htm>

From jerome at jeromebaum.com  Sun May  8 03:16:33 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Sun, 8 May 2011 03:16:33 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTinv7NvPG9gE1Fha+X+6ZkHzdXdRdg@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<201105072315.25120@thufir.ingo-kloecker.de>
	<BANLkTinacQCd+mZ7fL1THLK55X2+u9g5-w@mail.gmail.com>
	<05433510.20110507224940@my_localhost>
	<4DC5C015.7050800@sixdemonbag.org>
	<BANLkTinv7NvPG9gE1Fha+X+6ZkHzdXdRdg@mail.gmail.com>
Message-ID: <BANLkTi=6zDTsYymc+bUTwPOM2AohJD2wfA@mail.gmail.com>

On Sun, May 8, 2011 at 03:13, Jerome Baum <jerome at jeromebaum.com> wrote:

> On Sat, May 7, 2011 at 23:56, Robert J. Hansen <rjh at sixdemonbag.org>wrote:
>
>> On 05/07/2011 02:49 PM, MFPA wrote:
>> > What is to stop that scanned bitmap of a person's signature being
>> > applied to a document the individual has no knowledge about?
>>
>> Nothing.  That's the nature of physical signatures.
>
>
> I was talking about a digital signature though.
>
> MFPA: I agree about the signature being very weak. I am just repeating what
> German law says. This is from some brochure brought out by the BSI. It's
> also quite a right interpretation -- they aren't assigning much strength to
> it, it's what we have advanced and qualified electronic signatures for. The
> bitmap scan is still digital though, and it is a signature. So, it is an
> electronic signature. Makes sense, just don't accept it in court.
>

You realized you might be referring to the "binding" part. As I like to
repeat, every statement of intent is binding. Signatures are just a kind of
documentation, and as I said, it's not very strong documentation.

"I offer you 10 dollars if you give me 10 euros, and this is valid for two
days from now." -- that statement of intent is legally binding (or it would
be, if I were being serious). You can hold me to that. The problem is, you
won't have much evidence I really made that statement and you'd have a hard
time dragging me to court for this anyway. That doesn't make the statement
less binding. Exceptions are found e.g. for home purchases, which AFAIK over
here need to be documented in writing/on paper.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110508/cf4c0be4/attachment.htm>

From dshaw at jabberwocky.com  Sun May  8 03:50:09 2011
From: dshaw at jabberwocky.com (David Shaw)
Date: Sat, 7 May 2011 21:50:09 -0400
Subject: Best practice for periodic key change?
In-Reply-To: <05433510.20110507224940@my_localhost>
References: <4DC2493C.4060403@gmx.com>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<201105072315.25120@thufir.ingo-kloecker.de>
	<BANLkTinacQCd+mZ7fL1THLK55X2+u9g5-w@mail.gmail.com>
	<05433510.20110507224940@my_localhost>
Message-ID: <D55F6A9D-9B09-42C7-A406-CC3E804676EE@jabberwocky.com>

On May 7, 2011, at 5:49 PM, MFPA wrote:

> On Saturday 7 May 2011 at 10:21:17 PM, in
> <mid:BANLkTinacQCd+mZ7fL1THLK55X2+u9g5-w at mail.gmail.com>, Jerome Baum
> wrote:
> 
> 
>> On digital signatures being legally binding, apparently
>> a scanned bitmap of your signature is enough to be
>> "binding" (as would be no signature), just that it
>> isn't very strong documentation.
> 
> What is to stop that scanned bitmap of a person's signature being
> applied to a document the individual has no knowledge about?

Nothing more than would stop someone from cutting and pasting (in the old scissors-and-paste sense of the term) a signature from one document to another, then copying the whole thing to make it look right.  It's just easier and looks better with a graphics program than with scissors and glue.

Incidentally, speaking of bitmap signatures - a "signature" made via a rubber stamp of a signature can be binding under certain circumstances as well (at least in the US - I don't know about elsewhere).

David



From jerome at jeromebaum.com  Sun May  8 03:56:18 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Sun, 8 May 2011 03:56:18 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <D55F6A9D-9B09-42C7-A406-CC3E804676EE@jabberwocky.com>
References: <4DC2493C.4060403@gmx.com>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<201105072315.25120@thufir.ingo-kloecker.de>
	<BANLkTinacQCd+mZ7fL1THLK55X2+u9g5-w@mail.gmail.com>
	<05433510.20110507224940@my_localhost>
	<D55F6A9D-9B09-42C7-A406-CC3E804676EE@jabberwocky.com>
Message-ID: <BANLkTikrr2Ri+eU64ZZUkMaKhZqibQTzTA@mail.gmail.com>

On Sun, May 8, 2011 at 03:50, David Shaw <dshaw at jabberwocky.com> wrote:
>
> Incidentally, speaking of bitmap signatures - a "signature" made via a
> rubber stamp of a signature can be binding under certain circumstances as
> well (at least in the US - I don't know about elsewhere).
>

Often enough you don't need an actual signature, at least in Germany.
Businesses that use a computer to generate invoices in batches just don't
add a signature, which doesn't make the document less valid. Funny enough
they'll add a sentence saying "this document was generated by an automated
computer system and is thus legal without signature" -- mostly because of
the misconception that a signature is normally "required" -- but even if it
weren't for the "automated computer system", the document would still be
"valid". Remember documents are for *documentation*, but it's the (statement
of) *intent* which is binding. At least in Germany.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110508/271e59d6/attachment.htm>

From rjh at sixdemonbag.org  Sun May  8 04:21:41 2011
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Sat, 07 May 2011 22:21:41 -0400
Subject: Best practice for periodic key change?
In-Reply-To: <D55F6A9D-9B09-42C7-A406-CC3E804676EE@jabberwocky.com>
References: <4DC2493C.4060403@gmx.com>	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>	<175221688.20110506234025@my_localhost>	<201105072315.25120@thufir.ingo-kloecker.de>	<BANLkTinacQCd+mZ7fL1THLK55X2+u9g5-w@mail.gmail.com>	<05433510.20110507224940@my_localhost>
	<D55F6A9D-9B09-42C7-A406-CC3E804676EE@jabberwocky.com>
Message-ID: <4DC5FE35.5080605@sixdemonbag.org>

On 05/07/2011 09:50 PM, David Shaw wrote:
> Incidentally, speaking of bitmap signatures - a "signature" made via 
> a rubber stamp of a signature can be binding under certain 
> circumstances as well (at least in the US - I don't know about 
> elsewhere).

Within the U.S., the standard doesn't involve signatures /qua/
signatures.  It involves making a mark on a document to express your
will.  A contract signed with a simple mark of "X" is still legally binding.

There's some hoary old story that was, once upon a time, taught in law
schools: but Dad went through law school fifty years ago, so maybe it's
fallen out of fashion.  It involved a lawsuit brought against a bank by
two farmers (in Vermont, I think).  The first farmer owed the second a
quantity of money, so the farmer picked up a grease pen and wrote on a
pumpkin, "Pay this man $10 from my checking account."  The second
farmer took it to the bank.  The bank refused to honor the check.  The
two Vermont farmers were too stubborn to budge: it was a valid legal
document and no rich banker was going to tell them otherwise.  The bank
refused to budge: if a *pumpkin* can become a valid check-writing
instrument, what will that do to their bookkeeping process?

The trial court ruled in favor of the farmers.

(Warning: secondhand information passed on from a source recalling a
story he heard fifty years ago.  I'm led to believe the legal principles
involved are still accurate in today's legal climate, but time and
memory may have made this story a bit apocryphal.)


From mailinglisten at hauke-laging.de  Sun May  8 04:34:52 2011
From: mailinglisten at hauke-laging.de (Hauke Laging)
Date: Sun, 8 May 2011 04:34:52 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <1232142862.20110507204338@my_localhost>
References: <4DC2493C.4060403@gmx.com>
	<201105071606.21732.mailinglisten@hauke-laging.de>
	<1232142862.20110507204338@my_localhost>
Message-ID: <201105080434.57614.mailinglisten@hauke-laging.de>

Am Samstag, 7. Mai 2011, 21:43:38 schrieb MFPA:

> At what point does it become safe to assume that an individual with
> expiry dates on their subkeys keeps their master key securely offline?

There is probability but no safety in this assumption. But it this relevant? 
How and whom is an expiration date supposed to protect? And what is the 
alternative?

The user of a non-expired public key does not have to cope with any 
disadvantage by checking the expiration date. The alternative would be to 
accept the key in any case. That would obviously not be a security advantage.

One might ask: Do users who observe expiration dates refresh their keyrings 
less often on average (due to false trust in the expiration feature)? Does it 
make sense for an attacker to replace non-expiring subkeys with expiring ones 
in order to reduce the refresh frequency of the ones being attacked by forged 
signatures? ;-)


But there is security for the owner of the key. He knows that his mainkey is 
stored safely offline so that nobody will ever meet forged subkeys of this 
key. Thus he safely protects himself and his communication partners from the 
use of expired keys. I theory. In practice the key owner does not know whether 
his communication partners observe the expiration date. But he gives them the 
chance to do so. The theoretical model is safe. Reality usually suffers from 
worse security problems than that.


As you may remember I promote both an implicit and an explicit solution of 
this problem (not knowing enough about others' key handling) here from time to 
time:

a) Write a key policy describing this, too. Make this document available 
online and put its URL in all your certifications (including your selfsig) and 
signatures (policy URL). Have everyone who certifies your key sign this 
document (because this cannot beforged by someone who gets access to your 
key). The problem: You have to read this document. GnuPG cannot do this for 
you.

b) Define some standard notations which give this information. From time to 
time I give courses for OpenPGP beginners in an organization I am a member of. 
We create two keys for them, one for playing around and lerning to use GnuPG 
and a more secure one. When I certify these keys I add a notation 
"offline at ourdomain=yes". So anyone using our certifications and understanding 
both offline keys and notations (so probably noone) can know how these keys 
are used ? OK, nearly: How there were supposed to be used. There could be a 
different term for keys which have been created elsewhere but are claimed to 
be offline keys. "offline-claimed at ourdomain=yes" or something like that.

If there was a standard for this GnuPG could be extended to allow for a 
configuration  taking this into account. The extreme version: "Trust 
certifications of others only if they are offline keys."

And as I am dreaming: With a notation for identifying all subkeys (thus 
extending a certification from UIDs to subkeys) the first hurdle for getting 
GnuPG / OpenPGP compliant with German signature law (at least on the 
theoretical level) would be taken.


Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110508/3d5c724e/attachment-0001.pgp>

From dshaw at jabberwocky.com  Sun May  8 04:53:15 2011
From: dshaw at jabberwocky.com (David Shaw)
Date: Sat, 7 May 2011 22:53:15 -0400
Subject: Best practice for periodic key change?
In-Reply-To: <4DC5FE35.5080605@sixdemonbag.org>
References: <4DC2493C.4060403@gmx.com>	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>	<175221688.20110506234025@my_localhost>	<201105072315.25120@thufir.ingo-kloecker.de>	<BANLkTinacQCd+mZ7fL1THLK55X2+u9g5-w@mail.gmail.com>	<05433510.20110507224940@my_localhost>
	<D55F6A9D-9B09-42C7-A406-CC3E804676EE@jabberwocky.com>
	<4DC5FE35.5080605@sixdemonbag.org>
Message-ID: <858960B9-A694-4B93-B5F4-BB4A0264F862@jabberwocky.com>

On May 7, 2011, at 10:21 PM, Robert J. Hansen wrote:

> On 05/07/2011 09:50 PM, David Shaw wrote:
>> Incidentally, speaking of bitmap signatures - a "signature" made via 
>> a rubber stamp of a signature can be binding under certain 
>> circumstances as well (at least in the US - I don't know about 
>> elsewhere).
> 
> Within the U.S., the standard doesn't involve signatures /qua/
> signatures.  It involves making a mark on a document to express your
> will.  A contract signed with a simple mark of "X" is still legally binding.

Yes.  I was referring to the UCC, where they define the term "signature" fairly expansively as a signed name, a trade name, or pretty much any other mark.  The intent to authenticate is the point, not that fact that it's a written name, signed name, or other scribble.

I knew a man (a lawyer, as it happened) who always signed documents with several loops in a row.  When I asked him why he didn't use a "real" signature (i.e. why he didn't sign his name), he just grinned and said "Who's to say this isn't my signature?"   My own signature is sufficiently unreadable that it could safely be described as a "mark".

David



From jerome at jeromebaum.com  Sun May  8 04:57:28 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Sun, 8 May 2011 04:57:28 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <1686486157.20110507230710@my_localhost>
References: <4DC2493C.4060403@gmx.com>
	<201105062148.04108@thufir.ingo-kloecker.de>
	<13410420043.20110506220251@my_localhost>
	<201105072256.15008@thufir.ingo-kloecker.de>
	<609832602.20110507221756@my_localhost>
	<BANLkTimrObi47OttgoKKvEEOH-AyRooz_A@mail.gmail.com>
	<1686486157.20110507230710@my_localhost>
Message-ID: <BANLkTi=+mA9+v0ZUPUtBSvbv7Hmx2MdOTQ@mail.gmail.com>

On Sun, May 8, 2011 at 00:07, MFPA <expires2011 at ymail.com> wrote:

> Maybe we could use something like
> http://www.itconsult.co.uk/stamper.htm


I checked the newsgroup (only through Google, last posting from '05) and
don't see the signatures being posted anymore. Can anyone confirm this?

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110508/ec5b491b/attachment.htm>

From jerome at jeromebaum.com  Sun May  8 05:04:43 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Sun, 8 May 2011 05:04:43 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <858960B9-A694-4B93-B5F4-BB4A0264F862@jabberwocky.com>
References: <4DC2493C.4060403@gmx.com>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<201105072315.25120@thufir.ingo-kloecker.de>
	<BANLkTinacQCd+mZ7fL1THLK55X2+u9g5-w@mail.gmail.com>
	<05433510.20110507224940@my_localhost>
	<D55F6A9D-9B09-42C7-A406-CC3E804676EE@jabberwocky.com>
	<4DC5FE35.5080605@sixdemonbag.org>
	<858960B9-A694-4B93-B5F4-BB4A0264F862@jabberwocky.com>
Message-ID: <BANLkTi=uoztTFNyGJj+JO0B1znwQ68RKEA@mail.gmail.com>

On Sun, May 8, 2011 at 04:53, David Shaw <dshaw at jabberwocky.com> wrote:

> I knew a man (a lawyer, as it happened) who always signed documents with
> several loops in a row.  When I asked him why he didn't use a "real"
> signature (i.e. why he didn't sign his name), he just grinned and said
> "Who's to say this isn't my signature?"   My own signature is sufficiently
> unreadable that it could safely be described as a "mark".
>

Speaking of which, there was
this<http://www.nytimes.com/2011/04/28/us/28cursive.html>article
recently on how people aren't learning cursive writing anymore and
this makes (physical) signature verification more difficult. My signature is
a semi-readable cursive "Jerome Baum" (read: "Jer~~~ B~~~" ;) ) so I should
be safe, but I'm wondering how secure it actually is? Anybody know a good
article on physical signature security? I know the analyses are all about
writing speed and pressure but it would be good to see this "dumbed down"
for casual reading.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110508/08c49ccf/attachment.htm>

From dshaw at jabberwocky.com  Sun May  8 05:15:28 2011
From: dshaw at jabberwocky.com (David Shaw)
Date: Sat, 7 May 2011 23:15:28 -0400
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTi=+mA9+v0ZUPUtBSvbv7Hmx2MdOTQ@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com>
	<201105062148.04108@thufir.ingo-kloecker.de>
	<13410420043.20110506220251@my_localhost>
	<201105072256.15008@thufir.ingo-kloecker.de>
	<609832602.20110507221756@my_localhost>
	<BANLkTimrObi47OttgoKKvEEOH-AyRooz_A@mail.gmail.com>
	<1686486157.20110507230710@my_localhost>
	<BANLkTi=+mA9+v0ZUPUtBSvbv7Hmx2MdOTQ@mail.gmail.com>
Message-ID: <9AC0755F-421C-4D6B-B011-7DD58D6BBFF4@jabberwocky.com>

On May 7, 2011, at 10:57 PM, Jerome Baum wrote:

> On Sun, May 8, 2011 at 00:07, MFPA <expires2011 at ymail.com> wrote:
> Maybe we could use something like
> http://www.itconsult.co.uk/stamper.htm
> 
> I checked the newsgroup (only through Google, last posting from '05) and don't see the signatures being posted anymore. Can anyone confirm this? 

They're certainly still coming up on alt.security.pgp.  Here is the one for last week: http://groups.google.com/group/alt.security.pgp/browse_thread/thread/8f29de04c2ddd19b#

David

From jerome at jeromebaum.com  Sun May  8 05:24:16 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Sun, 8 May 2011 05:24:16 +0200
Subject: Fwd: Best practice for periodic key change?
In-Reply-To: <9AC0755F-421C-4D6B-B011-7DD58D6BBFF4@jabberwocky.com>
References: <4DC2493C.4060403@gmx.com>
	<201105062148.04108@thufir.ingo-kloecker.de>
	<13410420043.20110506220251@my_localhost>
	<201105072256.15008@thufir.ingo-kloecker.de>
	<609832602.20110507221756@my_localhost>
	<BANLkTimrObi47OttgoKKvEEOH-AyRooz_A@mail.gmail.com>
	<1686486157.20110507230710@my_localhost>
	<BANLkTi=+mA9+v0ZUPUtBSvbv7Hmx2MdOTQ@mail.gmail.com>
	<9AC0755F-421C-4D6B-B011-7DD58D6BBFF4@jabberwocky.com>
Message-ID: <BANLkTinUtng3yPg1B7oVJK2d0VwVgnWKtQ@mail.gmail.com>

Hey Matthew,

http://www.itconsult.co.uk/stamper/stampinf.htm refers
to comp.security.pgp.announce but I can't find recent postings there (only
some references to the newsgroup being closed). If that's true, you might
want to update the page.

---------- Forwarded message ----------
From: David Shaw <dshaw at jabberwocky.com>
Date: Sun, May 8, 2011 at 05:15
Subject: Re: Best practice for periodic key change?
To: Jerome Baum <jerome at jeromebaum.com>
Cc: MFPA <expires2011 at ymail.com>, Jerome Baum on GnuPG-Users <
gnupg-users at gnupg.org>


On May 7, 2011, at 10:57 PM, Jerome Baum wrote:

> On Sun, May 8, 2011 at 00:07, MFPA <expires2011 at ymail.com> wrote:
> Maybe we could use something like
> http://www.itconsult.co.uk/stamper.htm
>
> I checked the newsgroup (only through Google, last posting from '05) and
don't see the signatures being posted anymore. Can anyone confirm this?

They're certainly still coming up on alt.security.pgp.  Here is the one for
last week:
http://groups.google.com/group/alt.security.pgp/browse_thread/thread/8f29de04c2ddd19b#

David



-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110508/b0395f9c/attachment.htm>

From dshaw at jabberwocky.com  Sun May  8 05:32:04 2011
From: dshaw at jabberwocky.com (David Shaw)
Date: Sat, 7 May 2011 23:32:04 -0400
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTi=uoztTFNyGJj+JO0B1znwQ68RKEA@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<201105072315.25120@thufir.ingo-kloecker.de>
	<BANLkTinacQCd+mZ7fL1THLK55X2+u9g5-w@mail.gmail.com>
	<05433510.20110507224940@my_localhost>
	<D55F6A9D-9B09-42C7-A406-CC3E804676EE@jabberwocky.com>
	<4DC5FE35.5080605@sixdemonbag.org>
	<858960B9-A694-4B93-B5F4-BB4A0264F862@jabberwocky.com>
	<BANLkTi=uoztTFNyGJj+JO0B1znwQ68RKEA@mail.gmail.com>
Message-ID: <36D36E47-4CFC-4E43-BE69-515E1CF54B41@jabberwocky.com>

On May 7, 2011, at 11:04 PM, Jerome Baum wrote:

> On Sun, May 8, 2011 at 04:53, David Shaw <dshaw at jabberwocky.com> wrote:
> I knew a man (a lawyer, as it happened) who always signed documents with several loops in a row.  When I asked him why he didn't use a "real" signature (i.e. why he didn't sign his name), he just grinned and said "Who's to say this isn't my signature?"   My own signature is sufficiently unreadable that it could safely be described as a "mark".
> 
> Speaking of which, there was this article recently on how people aren't learning cursive writing anymore and this makes (physical) signature verification more difficult. My signature is a semi-readable cursive "Jerome Baum" (read: "Jer~~~ B~~~" ;) ) so I should be safe, but I'm wondering how secure it actually is? Anybody know a good article on physical signature security? I know the analyses are all about writing speed and pressure but it would be good to see this "dumbed down" for casual reading.

I bookmarked this at one point: www.thomasgroganfde.com/pdf/Article_Protect_Identity.pdf

He gives a few recommendations (cross your own lines frequently, consistency is important, think about using a different signature for legal matters vs correspondence, etc).  How good the advice is I couldn't say, but I found it and some other documents on the site interesting reading.

David



From expires2011 at ymail.com  Sun May  8 14:50:36 2011
From: expires2011 at ymail.com (MFPA)
Date: Sun, 8 May 2011 13:50:36 +0100
Subject: Best practice for periodic key change?
In-Reply-To: <201105080434.57614.mailinglisten@hauke-laging.de>
References: <4DC2493C.4060403@gmx.com>
	<201105071606.21732.mailinglisten@hauke-laging.de>
	<1232142862.20110507204338@my_localhost>
	<201105080434.57614.mailinglisten@hauke-laging.de>
Message-ID: <1359636868.20110508135036@my_localhost>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Sunday 8 May 2011 at 3:34:52 AM, in
<mid:201105080434.57614.mailinglisten at hauke-laging.de>, Hauke Laging
wrote:


> There is probability but no safety in this assumption.

I have no idea what is the probability. I have seen no figures
relating to what fraction of people using subkeys with expiry dates
claim to keep their master keys offline.



> But it this relevant?

This depends on whether/how the validity of the assumption affects
your threat model.



> How and whom is an expiration date supposed to protect?

Mainly the key's owner, but could also protect others from relying on
signatures from a compromised key for which they have not received a
revocation certificate.



> And what is the alternative?.

I don't know. Expiry dates serve a purpose but cannot be relied upon,
because system clock times/dates cannot be relied upon and a signature
with a timestamp during the key's validity period is a valid openPGP
signature. This may be addressed by using a trusted timestamp service.



> One might ask: Do users who observe expiration dates
> refresh their keyrings less often on average (due to
> false trust in the expiration feature)? Does it make
> sense for an attacker to replace non-expiring subkeys
> with expiring ones in order to reduce the refresh
> frequency of the ones being attacked by forged
> signatures? ;-)

That's an interesting thought experiment.

> But there is security for the owner of the key. He
> knows that his mainkey is stored safely offline so that
> nobody will ever meet forged subkeys of this key. Thus
> he safely protects himself and his communication
> partners from the use of expired keys.

Could a modified version of "HOW TO MIGRATE A (SUB)KEY INTO A NEW KEY"
http://atom.smasher.org/gpg/gpg-migrate.txt be used to substitute one
of your subkeys with another of the same type and size? Or what would
be the implications of an attacker migrating your subkeys to another
master key?



> As you may remember I promote both an implicit and an
> explicit solution of this problem (not knowing enough
> about others' key handling) here from time to time:

[snipped]

That is very thorough.



> If there was a standard for this GnuPG could be
> extended to allow for a configuration  taking this into
> account. The extreme version: "Trust  certifications of
> others only if they are offline keys."

That does seem extreme but it depends on the threat model.



> And as I am dreaming: With a notation for identifying
> all subkeys (thus extending a certification from UIDs
> to subkeys) the first hurdle for getting GnuPG /
> OpenPGP compliant with German signature law (at least
> on the  theoretical level) would be taken.

Would that mean a certification of a particular UID on a key was not
valid in conjunction with subkeys that were not present on the copy of
the key you signed? If so, wouldn't that discourage people from using
short-life subkeys because they would need to obtain signatures on new
ones? Or have I misunderstood?


- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

Humility is no substitute for a good personality.
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNxpG8nhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pT7sEALNB
lErOSpojvDTD7ngm22Q3IC5UvUmQy1cRnpJh6coShgROBNrCW6dDgOv39yi6/VH2
sNKM9LyqWt1XU+fhmVX/uS2nlFgh0VysYfyYjNs81bLSHmkYc771tZLl4jhK9zUf
+GWXxe0AQ7hVukQcRbtT/tj23ThWdQNfSwroZO2O
=Tuwx
-----END PGP SIGNATURE-----



From expires2011 at ymail.com  Sun May  8 14:59:56 2011
From: expires2011 at ymail.com (MFPA)
Date: Sun, 8 May 2011 13:59:56 +0100
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTi=6zDTsYymc+bUTwPOM2AohJD2wfA@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<201105072315.25120@thufir.ingo-kloecker.de>
	<BANLkTinacQCd+mZ7fL1THLK55X2+u9g5-w@mail.gmail.com>
	<05433510.20110507224940@my_localhost>
	<4DC5C015.7050800@sixdemonbag.org>
	<BANLkTinv7NvPG9gE1Fha+X+6ZkHzdXdRdg@mail.gmail.com>
	<BANLkTi=6zDTsYymc+bUTwPOM2AohJD2wfA@mail.gmail.com>
Message-ID: <1225431026.20110508135956@my_localhost>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Sunday 8 May 2011 at 2:16:33 AM, in
<mid:BANLkTi=6zDTsYymc+bUTwPOM2AohJD2wfA at mail.gmail.com>, Jerome Baum
wrote:


> "I offer you 10 dollars if you give me 10 euros, and
> this is valid for two days from now." -- that statement
> of intent is legally binding (or it would be, if I were
> being serious). You can hold me to that. The problem
> is, you won't have much evidence I really made that
> statement and you'd have a hard time dragging me to
> court for this anyway. That doesn't make the statement
> less binding.

- From a practical standpoint, it is less binding if it cannot be
enforced. Just my opinion. (-;


- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

An idealist is a person who helps other people to be prosperous
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNxpPXnhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pSMQD/iyJ
PwDW1QZe1IphsBjjYttsZHSSM90F+HLYjCouYgxUPD9ALe4vXYdXlpm7nBMtZNgX
OsQYn4n+9LuCHOgJ8E487Fk8j9r2QPK+Lu1z72rDyqXd4hafCywCfTq0/8A61T6d
Pfjh1vyYFbpMTlAKUBINbGgpRCqdd3oGBbN1482X
=JqIv
-----END PGP SIGNATURE-----



From expires2011 at ymail.com  Sun May  8 15:12:16 2011
From: expires2011 at ymail.com (MFPA)
Date: Sun, 8 May 2011 14:12:16 +0100
Subject: Best practice for periodic key change?
In-Reply-To: <4DC5FE35.5080605@sixdemonbag.org>
References: <4DC2493C.4060403@gmx.com>
	<BANLkTin2w8LJxYGHV3_5NpFbsiBhrP96XA@mail.gmail.com>
	<175221688.20110506234025@my_localhost>
	<201105072315.25120@thufir.ingo-kloecker.de>
	<BANLkTinacQCd+mZ7fL1THLK55X2+u9g5-w@mail.gmail.com>
	<05433510.20110507224940@my_localhost>
	<D55F6A9D-9B09-42C7-A406-CC3E804676EE@jabberwocky.com>
	<4DC5FE35.5080605@sixdemonbag.org>
Message-ID: <886173435.20110508141216@my_localhost>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Sunday 8 May 2011 at 3:21:41 AM, in
<mid:4DC5FE35.5080605 at sixdemonbag.org>, Robert J. Hansen wrote:


> The trial court ruled in favor of the farmers.

I remember literature from my bank saying that cheques did not need to
be on their printed form so long as all the required details were
included. Complete with cartoon illustrations, they cited examples of
an oil drum, an egg, and a cow! They also warned they would levy
additional handling charges...


- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

Humility is no substitute for a good personality.
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNxpa2nhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5p/Q8D/iSo
iggYUCYhBJbA6IgJWcA+KOxA85mNUsbws2ztlOBcRLbF62IUeEXvDYF3vW7IpTSn
TGCaTw7rwvAgPyMNUOIy2yGs5HDOFvzSDE0a68s/t2YbE6842on/ZhkFRzSyeZqL
JvCWj+nA/OneHEuZzW0kL/J7hIqty9QQRM2l7crt
=TbWB
-----END PGP SIGNATURE-----



From wk at gnupg.org  Sun May  8 17:18:33 2011
From: wk at gnupg.org (Werner Koch)
Date: Sun, 08 May 2011 17:18:33 +0200
Subject: https://lists.gnupg.org X.509 certificate is expired
In-Reply-To: <4DC46F49.2090906@fifthhorseman.net> (Daniel Kahn Gillmor's
	message of "Fri, 06 May 2011 17:59:37 -0400")
References: <4DC46F49.2090906@fifthhorseman.net>
Message-ID: <87aaexqkza.fsf@vigenere.g10code.de>

On Fri,  6 May 2011 23:59, dkg at fifthhorseman.net said:
> When i point a web browser at https://lists.gnupg.org, i get a warning
> that the server's X.509 certificate is expired (it has a CN of
> trithemius.gnupg.org and several subjectAltNames, including
> lists.gnupg.org).

Quite possible; I don't care too much.  The TLS connection is "only"
used to protect the password of mailman's admin interface.

> If this isn't acceptable for some reason, could you at least update the
> certificate to one with a reasonable expiration date?

I'll update it in the next days.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.



From MichaelQuigley at TheWay.Org  Mon May  9 17:39:53 2011
From: MichaelQuigley at TheWay.Org (MichaelQuigley at TheWay.Org)
Date: Mon, 9 May 2011 11:39:53 -0400
Subject: 2.16.840.1.113733.1.7.1.1 
In-Reply-To: <mailman.21515.1304820509.2574.gnupg-users@gnupg.org>
Message-ID: <OF4E3C5F7E.82B6A38A-ON8525788B.00552F6F-8525788B.00560D09@TheWay.ORG>

> ----- Message from "Robert J. Hansen" <rjh at sixdemonbag.org> on Sat, 
> 07 May 2011 22:21:41 -0400 -----
> 
> To:
> 
> gnupg-users at gnupg.org
> 
> Subject:
> 
> Re: Best practice for periodic key change?
> 
> On 05/07/2011 09:50 PM, David Shaw wrote:
> > Incidentally, speaking of bitmap signatures - a "signature" made via 
> > a rubber stamp of a signature can be binding under certain 
> > circumstances as well (at least in the US - I don't know about 
> > elsewhere).
> 
> Within the U.S., the standard doesn't involve signatures /qua/
> signatures.  It involves making a mark on a document to express your
> will.  A contract signed with a simple mark of "X" is still legally 
binding.
> 
> There's some hoary old story that was, once upon a time, taught in law
> schools: but Dad went through law school fifty years ago, so maybe it's
> fallen out of fashion.  It involved a lawsuit brought against a bank by
> two farmers (in Vermont, I think).  The first farmer owed the second a
> quantity of money, so the farmer picked up a grease pen and wrote on a
> pumpkin, "Pay this man $10 from my checking account."  The second
> farmer took it to the bank.  The bank refused to honor the check.  The
> two Vermont farmers were too stubborn to budge: it was a valid legal
> document and no rich banker was going to tell them otherwise.  The bank
> refused to budge: if a *pumpkin* can become a valid check-writing
> instrument, what will that do to their bookkeeping process?
> 
> The trial court ruled in favor of the farmers.
> 
> (Warning: secondhand information passed on from a source recalling a
> story he heard fifty years ago.  I'm led to believe the legal principles
> involved are still accurate in today's legal climate, but time and
> memory may have made this story a bit apocryphal.)
> 
> 

That's interesting.  I heard a very similar story where the "check" was 
written on a piece of tree bark.

I believe the "Check 21" legislation (intended to bring check-banking into 
the 21st century) has changed all that.  The pumpkin might still be a 
legally binding contract, but I think today banks only deal with 
electronic images of checks.  There's a whole bunch of regulations related 
to what constitutes a check.

I know that we can accept checks from other countries where the 
regulations are different.  But the processing fees for special handling 
are quite high.

(I also need to present a disclaimer--I am not a lawyer.  I just work with 
our Accounts Payable folks to produce checks that make it through the U.S. 
banking system.)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110509/caba0c69/attachment.htm>

From mailinglisten at hauke-laging.de  Mon May  9 18:09:00 2011
From: mailinglisten at hauke-laging.de (Hauke Laging)
Date: Mon, 9 May 2011 18:09:00 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <1359636868.20110508135036@my_localhost>
References: <4DC2493C.4060403@gmx.com>
	<201105080434.57614.mailinglisten@hauke-laging.de>
	<1359636868.20110508135036@my_localhost>
Message-ID: <201105091809.05423.mailinglisten@hauke-laging.de>

Am Sonntag, 8. Mai 2011, 14:50:36 schrieb MFPA:
> Mainly the key's owner, but could also protect others from relying on
> signatures from a compromised key for which they have not received a
> revocation certificate.

Right. The problem: Protection you don't know of. So seriously this additional 
protection will not be taken into account (unless you happen to have more 
information about the key handling).


> Could a modified version of "HOW TO MIGRATE A (SUB)KEY INTO A NEW KEY"
> http://atom.smasher.org/gpg/gpg-migrate.txt be used to substitute one
> of your subkeys with another of the same type and size? Or what would
> be the implications of an attacker migrating your subkeys to another
> master key?

That would be useless. The result would be that the attacked user (if he had 
imported the master key with the migrated subkey) would believe that a 
signature has been made by the attacker instead of the person whom he has 
stolen the key from. If an attacker wants somebody to believe that he has made 
a signature than he can trivially make one. No need to steal keys for that.

When encrypting  there would be no difference if you don't address the subkey 
directly but the main key or one of the UIDs.


> > And as I am dreaming: With a notation for identifying
> > all subkeys (thus extending a certification from UIDs
> > to subkeys) the first hurdle for getting GnuPG /
> > OpenPGP compliant with German signature law (at least
> > on the  theoretical level) would be taken.
> 
> Would that mean a certification of a particular UID on a key was not
> valid in conjunction with subkeys that were not present on the copy of
> the key you signed?

Yes. That were not present or not signed. Like with UIDs.


> If so, wouldn't that discourage people from using
> short-life subkeys because they would need to obtain signatures on new
> ones? Or have I misunderstood?

That is correct but there would be no need for short-life subkeys any more. 
The problem is that German / EU signature law requires a legally fully trusted 
key to be created in hardware which he can never be read from. So the so 
called qualified signatures can be made with smartcards only. Thus the 
certification authorities are not allowed so certify today's mainkeys because 
you can create valid subkeys outside smartcards with them without the CA being 
part of that.

IMHO there are only two possibilities for making (a new version of) OpenPGP 
signature law compatible:

a) The CA creates a mainkey and subkeys. The mainkey is destroyed immediately 
afterwards. That might be legally acceptable but has not much in common with 
PGP any more.

b) It is made possible to prevent the transfer of the validity of a mainkey to 
a subkey. Either my disallowing subkeys at all (in the certification) or by 
requiring explicit certifications for subkeys. When certifying a key you would 
have to decide whether you make a certification of the old type (for the 
mainkey and then the mainkey is allowed to do everything) or of the new one. 
This new type of certification would not be allowed to be backward compatible. 
if it was then old software might regard an explicit subkey certification as a 
normal one and thus accept subkeys without explicit certification.


Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110509/c0e52551/attachment.pgp>

From expires2011 at ymail.com  Mon May  9 19:51:12 2011
From: expires2011 at ymail.com (MFPA)
Date: Mon, 9 May 2011 18:51:12 +0100
Subject: Best practice for periodic key change?
In-Reply-To: <201105091809.05423.mailinglisten@hauke-laging.de>
References: <4DC2493C.4060403@gmx.com>
	<201105080434.57614.mailinglisten@hauke-laging.de>
	<1359636868.20110508135036@my_localhost>
	<201105091809.05423.mailinglisten@hauke-laging.de>
Message-ID: <255152156.20110509185112@my_localhost>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Monday 9 May 2011 at 5:09:00 PM, in
<mid:201105091809.05423.mailinglisten at hauke-laging.de>, Hauke Laging
wrote:


> Am Sonntag, 8. Mai 2011, 14:50:36 schrieb MFPA:
>> Mainly the key's owner, but could also protect others from relying on
>> signatures from a compromised key for which they have not received a
>> revocation certificate.

> Right. The problem: Protection you don't know of. So
> seriously this additional protection will not be taken
> into account (unless you happen to have more
> information about the key handling).

I meant the protection other users derive because the compromised subkey
expired and the attacker cannot keep making signatures with it.


>> Could a modified version of "HOW TO MIGRATE A (SUB)KEY
>> INTO A NEW KEY"
>> http://atom.smasher.org/gpg/gpg-migrate.txt be used to
>> substitute one of your subkeys with another of the
>> same type and size? Or what would be the implications
>> of an attacker migrating your subkeys to another
>> master key?

> That would be useless. The result would be that the
> attacked user (if he had imported the master key with
> the migrated subkey) would believe that a signature has
> been made by the attacker instead of the person whom he
> has stolen the key from.

Could that be a form of attack? Bob and Mallory sign a contract of
some kind - it transpires the contract benefits Bob - Mallory tries to
make it look as if Bob had not signed.



> The problem is that German
> / EU signature law requires a legally fully trusted key
> to be created in hardware which he can never be read
> from. So the so called qualified signatures can be made
> with smartcards only. Thus the certification
> authorities are not allowed so certify today's mainkeys
> because you can create valid subkeys outside smartcards
> with them without the CA being part of that.

Sounds like vested interests calling the shots.



> IMHO there are only two possibilities for making (a new
> version of) OpenPGP signature law compatible:

There is a third way: amend the law so that the Web of Trust is used
instead of the CAs.


- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

Look, it's a hat! It's not going to hurt you.
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNyCmZnhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5po0AD/iuB
L6eK+ZSvFteIFxU1cMg6iEPAzKQNuRA9AheQtKUox/cTEoIPLx0MUpZuRP+JWy86
8VUe5TytuDuFilz5dC7VQOofZfVfyp5pJMWBeO/aJ/wLvBtL20ty4jyk8pwjeA6H
Uf/2x/qil1p881Bgv9VkW8j/RQQH4rkUyT1Z9Fcz
=qWQU
-----END PGP SIGNATURE-----



From Pramod.R at target.com  Mon May  9 14:43:06 2011
From: Pramod.R at target.com (Pramod.R)
Date: Mon, 9 May 2011 07:43:06 -0500
Subject: Problem with the pgp to gpg key migration
Message-ID: <2225D816DF89824D9DE3D8163420E90E74838DC0A4@TLEMLMBX15P.email.target.com>

Hi,

I tried migrating the public and the private key from the pgp(6.5.8) keyring to the gpg(1.4.11) by following the below commands:


1)      Tried exporting the private and the public key from pgp using the commands:
pgp -kx " " pubkey.pgp
                                pgp -kx " " sec.pgp ~/.pgp/secring.skr


2)      Tried importing these two keys into the gpg using the below commands:
gpg --import pubkey.pgp
gpg --allow-secret-key-import --allow-non-selfsigned-uid -import sec.pgp


3)      When I tried comparing the pgp keyring with the newly created gpg keyring (using the commands: gpg --list-key), I found that all the keys have been migrated except two of my self-generated pgp keys.

4)      When I also tried encrypting a plain text using pgp using my self-created pgp and then decrypting this using the gpg (after migrating the keyring as explained above), I got an error saying that gpg: decryption failed: secret key not available, which obviously because I cannot see my own keys in the new gpg keyring.


Please let me know if I'm missing anything here. Also do let me know if the above problem makes any sense or if you would need any other information.


Warm Regards,
Pramod R | Analyst, BI | FRS- Decision Systems & Support | *Target Corporation India | Bangalore| +91 988 630 0519 | +91 804 017 2416

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110509/76b34e1b/attachment.htm>

From mailinglisten at hauke-laging.de  Tue May 10 03:42:47 2011
From: mailinglisten at hauke-laging.de (Hauke Laging)
Date: Tue, 10 May 2011 03:42:47 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <255152156.20110509185112@my_localhost>
References: <4DC2493C.4060403@gmx.com>
	<201105091809.05423.mailinglisten@hauke-laging.de>
	<255152156.20110509185112@my_localhost>
Message-ID: <201105100342.53461.mailinglisten@hauke-laging.de>

Am Montag, 9. Mai 2011, 19:51:12 schrieb MFPA:

> Could that be a form of attack? Bob and Mallory sign a contract of
> some kind - it transpires the contract benefits Bob - Mallory tries to
> make it look as if Bob had not signed.

That would not work for several reasons which arise not from technical aspects 
but the circumstances:

a) Usually the contract mentions the partners. Mallory would have to claim 
that somebody else had signed that though that obviously does not make any 
sense. Furthermore this other one would deny that.

b) It would be obvious that the secret key of the subkey has been stolen. That 
would be a huge risk for the one who has stolen it. He would have to stand up 
in public and state: "Only two people can have stolen the key. One of them is 
me." I am not experienced with criminals but I really doubt that this sounds 
interesting to them.

c) Mallory cannot have created signatures before he stole the key. Bob usually 
has created a lot. Everyone who claims to have seen a signature of the key in 
question by Mallory  before the (probably unknown) date of theft is at serious 
risk to be proven to have lied in court. This would be possible with very new 
keys only.


> There is a third way: amend the law so that the Web of Trust is used
> instead of the CAs.

This is not about the source of trust IMHO. I think that the major aim of the 
law is to prevent the stealing of keys because that would reduce the trust in 
digital signatures in an amount a modern society cannot afford. Thus the law 
requires hardware protection. Whether a hardware-protected key is certified by 
a CA or (strongly enough) by a WoT is less important.


Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110510/3518fb13/attachment.pgp>

From jerome at jeromebaum.com  Tue May 10 06:01:59 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Tue, 10 May 2011 06:01:59 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <201105091809.05423.mailinglisten@hauke-laging.de>
References: <4DC2493C.4060403@gmx.com>
	<201105080434.57614.mailinglisten@hauke-laging.de>
	<1359636868.20110508135036@my_localhost>
	<201105091809.05423.mailinglisten@hauke-laging.de>
Message-ID: <BANLkTinmnvXR_UONeeWC1gDy9xmu4AB0jg@mail.gmail.com>

On Mon, May 9, 2011 at 18:09, Hauke Laging <mailinglisten at hauke-laging.de>wrote:

> IMHO there are only two possibilities for making (a new version of) OpenPGP
> signature law compatible:
>
> a) The CA creates a mainkey and subkeys. The mainkey is destroyed
> immediately
> afterwards. That might be legally acceptable but has not much in common
> with
> PGP any more.
>
> b) It is made possible to prevent the transfer of the validity of a mainkey
> to
> a subkey. Either my disallowing subkeys at all (in the certification) or by
> requiring explicit certifications for subkeys. When certifying a key you
> would
> have to decide whether you make a certification of the old type (for the
> mainkey and then the mainkey is allowed to do everything) or of the new
> one.
> This new type of certification would not be allowed to be backward
> compatible.
> if it was then old software might regard an explicit subkey certification
> as a
> normal one and thus accept subkeys without explicit certification.


c) Program the smart-card so it doesn't sign sub-keys? I'm not familiar with
the internals of smart-card implementations but the OpenPGP sub-key
signatures are of a different type than the data signatures. The smart-card
can probably recognize if it's inadvertently signing a sub-key.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110510/803629f8/attachment.htm>

From dkg at fifthhorseman.net  Tue May 10 06:18:15 2011
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Tue, 10 May 2011 00:18:15 -0400
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTinmnvXR_UONeeWC1gDy9xmu4AB0jg@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com>	<201105080434.57614.mailinglisten@hauke-laging.de>	<1359636868.20110508135036@my_localhost>	<201105091809.05423.mailinglisten@hauke-laging.de>
	<BANLkTinmnvXR_UONeeWC1gDy9xmu4AB0jg@mail.gmail.com>
Message-ID: <4DC8BC87.7040408@fifthhorseman.net>

On 05/10/2011 12:01 AM, Jerome Baum wrote:
> c) Program the smart-card so it doesn't sign sub-keys? I'm not familiar with
> the internals of smart-card implementations but the OpenPGP sub-key
> signatures are of a different type than the data signatures. The smart-card
> can probably recognize if it's inadvertently signing a sub-key.

I doubt it -- the bytestring signed during OpenPGP key+userid
certifications has a different prefix than the bytestring signed during
a data signature.

But i think the data signed by a hardware implementation is a digest of
the bytestring, not the bytestring itself.  I don't think a smartcard
would be able to tell the prefix of the underlying bytestring from the
digest it receives as a signature request.

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110510/71f32efa/attachment.pgp>

From jerome at jeromebaum.com  Tue May 10 06:32:40 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Tue, 10 May 2011 06:32:40 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <4DC8BC87.7040408@fifthhorseman.net>
References: <4DC2493C.4060403@gmx.com>
	<201105080434.57614.mailinglisten@hauke-laging.de>
	<1359636868.20110508135036@my_localhost>
	<201105091809.05423.mailinglisten@hauke-laging.de>
	<BANLkTinmnvXR_UONeeWC1gDy9xmu4AB0jg@mail.gmail.com>
	<4DC8BC87.7040408@fifthhorseman.net>
Message-ID: <BANLkTinP8-C9CHuDt0R1ajsEFDR=Yeic4A@mail.gmail.com>

On Tue, May 10, 2011 at 06:18, Daniel Kahn Gillmor <dkg at fifthhorseman.net>wrote:

> On 05/10/2011 12:01 AM, Jerome Baum wrote:
> > c) Program the smart-card so it doesn't sign sub-keys? I'm not familiar
> with
> > the internals of smart-card implementations but the OpenPGP sub-key
> > signatures are of a different type than the data signatures. The
> smart-card
> > can probably recognize if it's inadvertently signing a sub-key.
>
> I doubt it -- the bytestring signed during OpenPGP key+userid
> certifications has a different prefix than the bytestring signed during
> a data signature.
>
> But i think the data signed by a hardware implementation is a digest of
> the bytestring, not the bytestring itself.  I don't think a smartcard
> would be able to tell the prefix of the underlying bytestring from the
> digest it receives as a signature request.


Is that an implementation problem? i.e. is it possible to write an
implementation that does distinguish, or is it technically impossible w/out
processing the entire data on-card?

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110510/b9c565d0/attachment-0001.htm>

From dkg at fifthhorseman.net  Tue May 10 06:41:09 2011
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Tue, 10 May 2011 00:41:09 -0400
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTinP8-C9CHuDt0R1ajsEFDR=Yeic4A@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com>	<201105080434.57614.mailinglisten@hauke-laging.de>	<1359636868.20110508135036@my_localhost>	<201105091809.05423.mailinglisten@hauke-laging.de>	<BANLkTinmnvXR_UONeeWC1gDy9xmu4AB0jg@mail.gmail.com>	<4DC8BC87.7040408@fifthhorseman.net>
	<BANLkTinP8-C9CHuDt0R1ajsEFDR=Yeic4A@mail.gmail.com>
Message-ID: <4DC8C1E5.5020401@fifthhorseman.net>

On 05/10/2011 12:32 AM, Jerome Baum wrote:
> Is that an implementation problem? i.e. is it possible to write an
> implementation that does distinguish, or is it technically impossible w/out
> processing the entire data on-card?

As i understand the process, i think it would be necessary to pass all
the data through the card in order to for the card to know which type of
signature it was making.

I know nothing of the details of how these cards are implemented,
though.  Maybe they do this already?  it seems like performance would be
problematic if you were signing something like a multi-MiB document,
given the speed of most smartcards.

Maybe one of the folks with experience implementing these devices can
give more concrete details?

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110510/0731b3a8/attachment.pgp>

From kgo at grant-olson.net  Tue May 10 07:01:01 2011
From: kgo at grant-olson.net (Grant Olson)
Date: Tue, 10 May 2011 01:01:01 -0400
Subject: Best practice for periodic key change?
In-Reply-To: <4DC8C1E5.5020401@fifthhorseman.net>
References: <4DC2493C.4060403@gmx.com>	<201105080434.57614.mailinglisten@hauke-laging.de>	<1359636868.20110508135036@my_localhost>	<201105091809.05423.mailinglisten@hauke-laging.de>	<BANLkTinmnvXR_UONeeWC1gDy9xmu4AB0jg@mail.gmail.com>	<4DC8BC87.7040408@fifthhorseman.net>	<BANLkTinP8-C9CHuDt0R1ajsEFDR=Yeic4A@mail.gmail.com>
	<4DC8C1E5.5020401@fifthhorseman.net>
Message-ID: <4DC8C68D.7090008@grant-olson.net>

On 5/10/2011 12:41 AM, Daniel Kahn Gillmor wrote:
> On 05/10/2011 12:32 AM, Jerome Baum wrote:
>> Is that an implementation problem? i.e. is it possible to write an
>> implementation that does distinguish, or is it technically impossible w/out
>> processing the entire data on-card?
> 
> As i understand the process, i think it would be necessary to pass all
> the data through the card in order to for the card to know which type of
> signature it was making.
> 
> I know nothing of the details of how these cards are implemented,
> though.  Maybe they do this already?  it seems like performance would be
> problematic if you were signing something like a multi-MiB document,
> given the speed of most smartcards.
> 
> Maybe one of the folks with experience implementing these devices can
> give more concrete details?
> 
> 	--dkg

I can confirm.  The cards only get the hash and sign that.  The trouble
is the the "smart" cards are pretty dumb by modern standards.  They
don't actually know much about OpenPGP itself, they basically just do
RSA signing, encryption, and decryption.  gpg passes the minimal
operations off to the card in very simple APDU commands.

The smartcard spec itself doesn't even acknowledge the difference
between a certification sig vs a normal sig.  And even with a valid
smart-card, you still need to retrieve the public key from the
keyservers when setting up your card.  The whole public key is just too
much info to store on the card.

This is pure speculation on my part, but now that the chip-cards aren't
that powerful, and the even less powerful contact-less smart-cards are
becoming more popular, I don't expect the standard to get much more
sophisticated in the near future.  Maybe ECC gets added in the new spec,
but I can't see the stuff you guys are talking about hitting the 3.0
standard.

-- 
Grant

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 552 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110510/eb93cf46/attachment.pgp>

From jerome at jeromebaum.com  Tue May 10 07:10:42 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Tue, 10 May 2011 07:10:42 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <4DC8C68D.7090008@grant-olson.net>
References: <4DC2493C.4060403@gmx.com>
	<201105080434.57614.mailinglisten@hauke-laging.de>
	<1359636868.20110508135036@my_localhost>
	<201105091809.05423.mailinglisten@hauke-laging.de>
	<BANLkTinmnvXR_UONeeWC1gDy9xmu4AB0jg@mail.gmail.com>
	<4DC8BC87.7040408@fifthhorseman.net>
	<BANLkTinP8-C9CHuDt0R1ajsEFDR=Yeic4A@mail.gmail.com>
	<4DC8C1E5.5020401@fifthhorseman.net>
	<4DC8C68D.7090008@grant-olson.net>
Message-ID: <BANLkTim1SAU2ODu4nRGSoFJNDjMvxMHdug@mail.gmail.com>

On Tue, May 10, 2011 at 07:01, Grant Olson <kgo at grant-olson.net> wrote:

> On 5/10/2011 12:41 AM, Daniel Kahn Gillmor wrote:
> > Maybe one of the folks with experience implementing these devices can
> > give more concrete details?
>
> I can confirm.  The cards only get the hash and sign that.  The trouble
> is the the "smart" cards are pretty dumb by modern standards.  They
> don't actually know much about OpenPGP itself, they basically just do
> RSA signing, encryption, and decryption.  gpg passes the minimal
> operations off to the card in very simple APDU commands.
>
> The smartcard spec itself doesn't even acknowledge the difference
> between a certification sig vs a normal sig.  And even with a valid
> smart-card, you still need to retrieve the public key from the
> keyservers when setting up your card.  The whole public key is just too
> much info to store on the card.
>
> This is pure speculation on my part, but now that the chip-cards aren't
> that powerful, and the even less powerful contact-less smart-cards are
> becoming more popular, I don't expect the standard to get much more
> sophisticated in the near future.  Maybe ECC gets added in the new spec,
> but I can't see the stuff you guys are talking about hitting the 3.0
> standard.
>

So given that, I guess we could still distinguish between a master key
signature and a sub-key signature, to conform w/ signature laws? e.g. an
option for GnuPG: reject-subkey-signatures -- then an installation w/ this
option set would validate only master key signatures, practically forbidding
signing sub-keys. No need to change OpenPGP for this.

The CA would then sign the master key that is generated on-card, and the
certification just won't apply to the sub-keys. Does this solve the "all
signatures _must_ be generated on-card" issue?

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110510/4b771f24/attachment.htm>

From kgo at grant-olson.net  Tue May 10 07:30:33 2011
From: kgo at grant-olson.net (Grant Olson)
Date: Tue, 10 May 2011 01:30:33 -0400
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTim1SAU2ODu4nRGSoFJNDjMvxMHdug@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com>
	<201105080434.57614.mailinglisten@hauke-laging.de>
	<1359636868.20110508135036@my_localhost>
	<201105091809.05423.mailinglisten@hauke-laging.de>
	<BANLkTinmnvXR_UONeeWC1gDy9xmu4AB0jg@mail.gmail.com>
	<4DC8BC87.7040408@fifthhorseman.net>
	<BANLkTinP8-C9CHuDt0R1ajsEFDR=Yeic4A@mail.gmail.com>
	<4DC8C1E5.5020401@fifthhorseman.net>
	<4DC8C68D.7090008@grant-olson.net>
	<BANLkTim1SAU2ODu4nRGSoFJNDjMvxMHdug@mail.gmail.com>
Message-ID: <4DC8CD79.1070606@grant-olson.net>

On 5/10/2011 1:10 AM, Jerome Baum wrote:
> On Tue, May 10, 2011 at 07:01, Grant Olson <kgo at grant-olson.net
> <mailto:kgo at grant-olson.net>> wrote:
> 
>     On 5/10/2011 12:41 AM, Daniel Kahn Gillmor wrote:
>     > Maybe one of the folks with experience implementing these devices can
>     > give more concrete details?
> 
>     I can confirm.  The cards only get the hash and sign that.  The trouble
>     is the the "smart" cards are pretty dumb by modern standards.  They
>     don't actually know much about OpenPGP itself, they basically just do
>     RSA signing, encryption, and decryption.  gpg passes the minimal
>     operations off to the card in very simple APDU commands.
> 
>     The smartcard spec itself doesn't even acknowledge the difference
>     between a certification sig vs a normal sig.  And even with a valid
>     smart-card, you still need to retrieve the public key from the
>     keyservers when setting up your card.  The whole public key is just too
>     much info to store on the card.
> 
>     This is pure speculation on my part, but now that the chip-cards aren't
>     that powerful, and the even less powerful contact-less smart-cards are
>     becoming more popular, I don't expect the standard to get much more
>     sophisticated in the near future.  Maybe ECC gets added in the new spec,
>     but I can't see the stuff you guys are talking about hitting the 3.0
>     standard.
> 
> 
> So given that, I guess we could still distinguish between a master key
> signature and a sub-key signature, to conform w/ signature laws? e.g. an
> option for GnuPG: reject-subkey-signatures -- then an installation w/
> this option set would validate only master key signatures, practically
> forbidding signing sub-keys. No need to change OpenPGP for this.
> 
> The CA would then sign the master key that is generated on-card, and the
> certification just won't apply to the sub-keys. Does this solve the "all
> signatures _must_ be generated on-card" issue?
> 
>

I haven't been totally following this thread, but...

The card itself only has one Signature key slot.  If you generate this
key on-board, that will be both the certification key and the signing
key.  If you migrate a signing sub-key, you'll still have an offline
master key.  The card itself doesn't know if you have a signing subkey
or not.  It just knows, "This is the signing key I use."

If you generate all keys on-card, you only have a master
Certification/Signing key, along with (optionally) one encryption and
one authentication key.

If you didn't generate the keys on-card, and have an offline master key,
the card itself won't know about it, but the certificate will still
imply that the on-card signing key isn't the master key, since the card
only allows one signing key and don't know the difference.

But there's no way to prove that the keys were originally generated
on-card, and weren't imported from a software private key where there
was never a separate master certification key.

I think a 'generated on card' flag is something that you could probably
fit into the constraints of a smart-card spec, if this is all you need.
 But at least in the US, you'd probably need some sort of
certification/approval process (like the NIST lab) to demonstrate to the
government that you're actually setting this flag correctly.  The same
way PGP Corp software has some government approvals that gpg will never
have.

-- 
Grant

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 552 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110510/f7869a16/attachment.pgp>

From jerome at jeromebaum.com  Tue May 10 07:35:37 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Tue, 10 May 2011 07:35:37 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <4DC8CD79.1070606@grant-olson.net>
References: <4DC2493C.4060403@gmx.com>
	<201105080434.57614.mailinglisten@hauke-laging.de>
	<1359636868.20110508135036@my_localhost>
	<201105091809.05423.mailinglisten@hauke-laging.de>
	<BANLkTinmnvXR_UONeeWC1gDy9xmu4AB0jg@mail.gmail.com>
	<4DC8BC87.7040408@fifthhorseman.net>
	<BANLkTinP8-C9CHuDt0R1ajsEFDR=Yeic4A@mail.gmail.com>
	<4DC8C1E5.5020401@fifthhorseman.net>
	<4DC8C68D.7090008@grant-olson.net>
	<BANLkTim1SAU2ODu4nRGSoFJNDjMvxMHdug@mail.gmail.com>
	<4DC8CD79.1070606@grant-olson.net>
Message-ID: <BANLkTincoeVrXBLynOQk1Oq4c-VcKZSmRw@mail.gmail.com>

On Tue, May 10, 2011 at 07:30, Grant Olson <kgo at grant-olson.net> wrote:

> But there's no way to prove that the keys were originally generated
> on-card, and weren't imported from a software private key where there
> was never a separate master certification key.
>

AFAIK, the CAs over here will just supply a card. There is no question of
whether the key is generated on-card or not -- the CA confirms this
implicitly with their certification of "this is a valid signing key per
applicable signature laws".

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110510/aebba3fb/attachment-0001.htm>

From kgo at grant-olson.net  Tue May 10 07:42:08 2011
From: kgo at grant-olson.net (Grant Olson)
Date: Tue, 10 May 2011 01:42:08 -0400
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTincoeVrXBLynOQk1Oq4c-VcKZSmRw@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com>
	<201105080434.57614.mailinglisten@hauke-laging.de>
	<1359636868.20110508135036@my_localhost>
	<201105091809.05423.mailinglisten@hauke-laging.de>
	<BANLkTinmnvXR_UONeeWC1gDy9xmu4AB0jg@mail.gmail.com>
	<4DC8BC87.7040408@fifthhorseman.net>
	<BANLkTinP8-C9CHuDt0R1ajsEFDR=Yeic4A@mail.gmail.com>
	<4DC8C1E5.5020401@fifthhorseman.net>
	<4DC8C68D.7090008@grant-olson.net>
	<BANLkTim1SAU2ODu4nRGSoFJNDjMvxMHdug@mail.gmail.com>
	<4DC8CD79.1070606@grant-olson.net>
	<BANLkTincoeVrXBLynOQk1Oq4c-VcKZSmRw@mail.gmail.com>
Message-ID: <4DC8D030.2040102@grant-olson.net>

On 5/10/2011 1:35 AM, Jerome Baum wrote:
> On Tue, May 10, 2011 at 07:30, Grant Olson <kgo at grant-olson.net
> <mailto:kgo at grant-olson.net>> wrote:
> 
>     But there's no way to prove that the keys were originally generated
>     on-card, and weren't imported from a software private key where there
>     was never a separate master certification key.
> 
> 
> AFAIK, the CAs over here will just supply a card. There is no question
> of whether the key is generated on-card or not -- the CA confirms this
> implicitly with their certification of "this is a valid signing key per
> applicable signature laws". 
> 

Okay, yeah, if the CA sets up the card, authenticates it with their
signing key, and ships it to you, then there would never be a separate
master key, no problem there.  I get the feeling the card won't like it
if you try to create a software signing key, but I'm not sure how that
will work.  I do have a spare card here if you want me to test this.

-- 
Grant

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 552 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110510/6f225962/attachment.pgp>

From jerome at jeromebaum.com  Tue May 10 08:04:15 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Tue, 10 May 2011 08:04:15 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <4DC8D030.2040102@grant-olson.net>
References: <4DC2493C.4060403@gmx.com>
	<201105080434.57614.mailinglisten@hauke-laging.de>
	<1359636868.20110508135036@my_localhost>
	<201105091809.05423.mailinglisten@hauke-laging.de>
	<BANLkTinmnvXR_UONeeWC1gDy9xmu4AB0jg@mail.gmail.com>
	<4DC8BC87.7040408@fifthhorseman.net>
	<BANLkTinP8-C9CHuDt0R1ajsEFDR=Yeic4A@mail.gmail.com>
	<4DC8C1E5.5020401@fifthhorseman.net>
	<4DC8C68D.7090008@grant-olson.net>
	<BANLkTim1SAU2ODu4nRGSoFJNDjMvxMHdug@mail.gmail.com>
	<4DC8CD79.1070606@grant-olson.net>
	<BANLkTincoeVrXBLynOQk1Oq4c-VcKZSmRw@mail.gmail.com>
	<4DC8D030.2040102@grant-olson.net>
Message-ID: <BANLkTi=xLcwiHvb6csBTyiAkAGnWYpQBcA@mail.gmail.com>

On Tue, May 10, 2011 at 07:42, Grant Olson <kgo at grant-olson.net> wrote:

> On 5/10/2011 1:35 AM, Jerome Baum wrote:
> > AFAIK, the CAs over here will just supply a card. There is no question
> > of whether the key is generated on-card or not -- the CA confirms this
> > implicitly with their certification of "this is a valid signing key per
> > applicable signature laws".
> >
>
> Okay, yeah, if the CA sets up the card, authenticates it with their
> signing key, and ships it to you, then there would never be a separate
> master key, no problem there.  I get the feeling the card won't like it
> if you try to create a software signing key, but I'm not sure how that
> will work.  I do have a spare card here if you want me to test this.
>

I see no possibility, from a theoretical perspective, of signing only
on-card keys (per signature laws) from a distance -- apart from some other
secret stored on the card. In either case, the CA needs to initialize the
card itself.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110510/cf5b5978/attachment.htm>

From aheinlein at gmx.com  Tue May 10 08:37:59 2011
From: aheinlein at gmx.com (Andreas Heinlein)
Date: Tue, 10 May 2011 08:37:59 +0200
Subject: Problem with the pgp to gpg key migration
In-Reply-To: <2225D816DF89824D9DE3D8163420E90E74838DC0A4@TLEMLMBX15P.email.target.com>
References: <2225D816DF89824D9DE3D8163420E90E74838DC0A4@TLEMLMBX15P.email.target.com>
Message-ID: <4DC8DD47.2070801@gmx.com>

Am 09.05.2011 14:43, schrieb Pramod.R:
>
> Hi,
>
>  
>
> I tried migrating the public and the private key from the pgp(6.5.8)
> keyring to the gpg(1.4.11) by following the below commands:
>
>
> 1)      Tried exporting the private and the public key from pgp using
> the commands:
>
> pgp -kx " " pubkey.pgp
>
>                                 pgp -kx " " sec.pgp ~/.pgp/secring.skr
>
>  
>
> 2)      Tried importing these two keys into the gpg using the below
> commands:
>
> gpg --import pubkey.pgp
>
> gpg --allow-secret-key-import --allow-non-selfsigned-uid --import sec.pgp
>
>  
>
First of all, it is not always necessary to "migrate" keyrings. Renaming
then to pubring.gpg resp. secring.gpg and putting them in ~/.gnupg
(under Unix) or wherever your GPG keyrings go, should work.
If for some reason that doesn't work for you, you can also try importing
the two PGP keyrings directly, with gpg --import
pubring.pkr/secring.skr. "--allow-secret-key-import" is obsolete, as the
man page states.
>
> 3)      When I tried comparing the pgp keyring with the newly created
> gpg keyring (using the commands: gpg --list-key), I found that all the
> keys have been migrated except two of my self-generated pgp keys.
>
For the secret keys to show up, that should be --list-secret-keys, IIRC.
>
> 4)      When I also tried encrypting a plain text using pgp using my
> self-created pgp and then decrypting this using the gpg (after
> migrating the keyring as explained above), I got an error saying that
> gpg: decryption failed: secret key not available, which obviously
> because I cannot see my own keys in the new gpg keyring.
>
>
> Please let me know if I'm missing anything here. Also do let me know
> if the above problem makes any sense or if you would need any other
> information.
>
>
When importing secret keys, you need to manually set owner trust in GPG
or import the trust values as well with --import-ownertrust. That should
not affect decrypting, though.

Bye,
Andreas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110510/46810d7f/attachment.htm>

From jerome at jeromebaum.com  Tue May 10 08:05:16 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Tue, 10 May 2011 08:05:16 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <4DC8D030.2040102@grant-olson.net>
References: <4DC2493C.4060403@gmx.com>
	<201105080434.57614.mailinglisten@hauke-laging.de>
	<1359636868.20110508135036@my_localhost>
	<201105091809.05423.mailinglisten@hauke-laging.de>
	<BANLkTinmnvXR_UONeeWC1gDy9xmu4AB0jg@mail.gmail.com>
	<4DC8BC87.7040408@fifthhorseman.net>
	<BANLkTinP8-C9CHuDt0R1ajsEFDR=Yeic4A@mail.gmail.com>
	<4DC8C1E5.5020401@fifthhorseman.net>
	<4DC8C68D.7090008@grant-olson.net>
	<BANLkTim1SAU2ODu4nRGSoFJNDjMvxMHdug@mail.gmail.com>
	<4DC8CD79.1070606@grant-olson.net>
	<BANLkTincoeVrXBLynOQk1Oq4c-VcKZSmRw@mail.gmail.com>
	<4DC8D030.2040102@grant-olson.net>
Message-ID: <BANLkTinTDmxf6=aBJOmhQ7Z7SukFW2k0Fw@mail.gmail.com>

On Tue, May 10, 2011 at 07:42, Grant Olson <kgo at grant-olson.net> wrote:

> Okay, yeah, if the CA sets up the card, authenticates it with their
> signing key, and ships it to you, then there would never be a separate
> master key, no problem there.  I get the feeling the card won't like it
> if you try to create a software signing key, but I'm not sure how that
> will work.  I do have a spare card here if you want me to test this.
>

Oh, and yes please do test it -- practical results are helpful.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110510/0687766e/attachment.htm>

From Mike_Acker at charter.net  Tue May 10 11:54:59 2011
From: Mike_Acker at charter.net (Mike Acker)
Date: Tue, 10 May 2011 05:54:59 -0400
Subject: PGP and "Smart" Cards
In-Reply-To: <4DC8C68D.7090008@grant-olson.net>
References: <4DC2493C.4060403@gmx.com>	<201105080434.57614.mailinglisten@hauke-laging.de>	<1359636868.20110508135036@my_localhost>	<201105091809.05423.mailinglisten@hauke-laging.de>	<BANLkTinmnvXR_UONeeWC1gDy9xmu4AB0jg@mail.gmail.com>	<4DC8BC87.7040408@fifthhorseman.net>	<BANLkTinP8-C9CHuDt0R1ajsEFDR=Yeic4A@mail.gmail.com>	<4DC8C1E5.5020401@fifthhorseman.net>
	<4DC8C68D.7090008@grant-olson.net>
Message-ID: <4DC90B73.2050204@charter.net>

The Basic Error is in giving the merchant your credit card number.

You are spreading that number all over Boston and the thugs are gonna grab it and
help themselves.  The only surprising thing is that this doesn't happen more
often.  All that a thug needs is a Merchant Account with PCI and he can start
using all the Credit Card numbers he wants to buy on the black market forums. 
Run off a few million bucks and head for Bulgaria. AK-47s are on sale there this
week only ( tee hee ) .

Corrected Thinking: DO NOT GIVE OUT YOUR CARD NUMBER.

Smart Card Technology -- or your iPhone can make this possible.

Instead of you giving the merchant your account number the merchant should send
an invoice to your Smart Card -- or to the PCI App in your iPhone

Your Smart Card -- or the PCI App in your iPhone -- could then encrypt the
invoice together with authorization for payment and forward this cipher text back
to the merchant's Point of Sale Terminal (POST).  The merchant would NOT be able
to decrypt this cipher text as it would be encrypted to the PCI: to the financial
institution that issued your SmartCard.  The POST would forward the cipher text
to the PCI.  The PCI would decrypt the cipher text and verify your signature.  On
approval PCI would forward a paid copy of the invoice back to the POST and an EFT
credit to the Merchant's account and an equal EFT debit to your account.  The
POST prints the paid invoice and off you go with your new egg beater and don't
forget the receipt ( called the paid invoice here ) .


-- 
/MIKE


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 292 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110510/6101de9a/attachment-0001.pgp>

From akajain at gmail.com  Tue May 10 08:32:24 2011
From: akajain at gmail.com (Aakash)
Date: Tue, 10 May 2011 16:32:24 +1000
Subject: PGP Help Require Basic
Message-ID: <BANLkTi=wbBc++u-V8MN9iTnU1uvXA4B0Zg@mail.gmail.com>

Hi folks,

Well, I have got to encrypt/decrypt the files using Open PGP. Now I have got
PGP key block and Pgp KEY from other party. I have also installed GPG on my
local machine.

but i really dont have any idea what to do next. Please let me know what to
do with PGP key (0xAJ7A9B41) and PGP key block (this is very strange text).

something like this

-----BEGIN PGP PUBLIC KEY BLOCK-----

Version: PGP 7.0



mQGiBDvhv4gRBAD3Yy7eNlvXLPCFWc8/qKe8wCYp7HkY54jvbxUbvcvdzFfVhy1A

69hMzDc3Yn2+Q1tXT36bibQa2vvh6ak

AY/fA/0Yib5WP68WC29GMSxfasKaG+7eSWlBvxpcnCKmOGRGngtxAtycuqfS3rX9

0fkFTcaBN2YIGarBWeYoF2H401Ntxi1
ib5WP68WC29GMSxfasKaG+7eSWlBvxpcnCKmOGRGngtxAtycuqfS3rX9

0fkFTcaBN2YIGarBWeYoF2H401Ntxi1
ib5WP68WC29GMSxfasKaG+7eSWlBvxpcnCKmOGRGngtxAtycuqfS3rX9

0fkFTcaBN2YIGarBWeYoF2H401Ntxi1

bIIhgTJhoxBcQZU6RQhbkSrkBZJ2JUu71

XOXHSR+oCOEMSnV+4WJPP3bt0hDM5nGnnA0vTJj6+g0ZSyYck7QXdGVzdCA8dGVz

=mqES

-----END PGP PUBLIC KEY BLOCK-----





please help.


kind regards,
AJ
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110510/2e51fb62/attachment.htm>

From turbo at bayour.com  Tue May 10 13:30:58 2011
From: turbo at bayour.com (Turbo Fredriksson)
Date: Tue, 10 May 2011 13:30:58 +0200
Subject: GPG Problem - invalid radix64 character
References: <73ABC2051D2F3049A1DB4E0D94E0EDF9022F76583B@ESESSCMS0352.eemea.ericsson.se>
Message-ID: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>

I needed to move lots of data from one site to another across
europe. I got a huge disk and archived all data onto that using
something like (simplified):

	find | cpio -o | gpg -e | split - /disk/archive.

To extract the data again, it's just as simple:

	cat `find /disk/archive.* | sort` | gpg -d | cpio -i

This have worked perfectly for a number of these data moves
I've done over the last few months...


But this last one gave me a problem when trying to unpack
it:

	gpg: invalid radix64 character D0 skipped
	gpg: invalid radix64 character 00 skipped
	gpg: invalid radix64 character AD skipped
	gpg: invalid radix64 character DE skipped
	[these four lines repeats for a while]
	gpg: [don't know]: invalid packet (ctb=73)
	gpg: mdc_packet with invalid encoding
	gpg: decryption failed: Invalid packet
	gpg: [don't know]: invalid packet (ctb=36)
	gpg: no valid OpenPGP data found.
	cpio: premature end of file


There's 1498 4GB files, and I managed to extract 792GB before
this failure. But since the archive files is in ASCII armor,
there's no telling in which file the problem lies!

I'm currently looking for '^-|.*:|^$' in the files, but
so far nothing...


1. What character is D0, 00, AD and DE? What can I look for
    (to try to diagnose the problem/file)

2. Is there ANYTHING I can do to get my data, exept making a
    new archive (which, for various reasons, take about
    two-three weeks)?



I've googled this problem, but most (if not all) get this
when/if receiving an ASCII armor via mail which messes
things up. I doubt very much that's the problem here, since
I'm using the exact, identical file I started with, not a
copy (which is the result of mailing it)...



From Lists.gnupg at mephisto.fastmail.net  Tue May 10 15:01:12 2011
From: Lists.gnupg at mephisto.fastmail.net (Kevin Kammer)
Date: Tue, 10 May 2011 09:01:12 -0400
Subject: PGP Help Require Basic
In-Reply-To: <BANLkTi=wbBc++u-V8MN9iTnU1uvXA4B0Zg@mail.gmail.com>
References: <BANLkTi=wbBc++u-V8MN9iTnU1uvXA4B0Zg@mail.gmail.com>
Message-ID: <20110510130112.GA8519@imac-6g2p.mgh.harvard.edu>

On Tue, May 10, 2011 at 04:32:24PM +1000 Also sprach Aakash:
> Hi folks,
> 
> Well, I have got to encrypt/decrypt the files using Open PGP. Now I have got
> PGP key block and Pgp KEY from other party. I have also installed GPG on my
> local machine.
> 
> but i really dont have any idea what to do next. Please let me know what to
> do with PGP key (0xAJ7A9B41) and PGP key block (this is very strange text).
> 


Have you considered reading the GnuPG user guide? The user guide
contains detailed instructions on how to use GnuPG, and is available in
several languages:

http://www.gnupg.org/documentation/guides.html

-- 
"Le hasard favorise l'esprit pr?par?."
                      --Louis Pasteur


From mailinglisten at hauke-laging.de  Tue May 10 15:26:30 2011
From: mailinglisten at hauke-laging.de (Hauke Laging)
Date: Tue, 10 May 2011 15:26:30 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTim1SAU2ODu4nRGSoFJNDjMvxMHdug@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com> <4DC8C68D.7090008@grant-olson.net>
	<BANLkTim1SAU2ODu4nRGSoFJNDjMvxMHdug@mail.gmail.com>
Message-ID: <201105101526.35921.mailinglisten@hauke-laging.de>

Am Dienstag, 10. Mai 2011, 07:10:42 schrieb Jerome Baum:

> an option for GnuPG: reject-subkey-signatures

> No need to change OpenPGP for this.

This is possible only if it is safe for old implementations. I see one option 
for that: A signature notation for this purpose could be defined and this 
notation could be marked critical. The standard says:

"If a subpacket is encountered that is marked critical but is unknown to the 
evaluating software, the evaluator SHOULD consider the signature to be in 
error."

I don't understand whether this refers to the packet type or the packet 
content. If an implementation knows what a notation is (and shows it) but does 
not know the meaning of the new standardized notation what is it supposed to 
do according to RFC 4880? Generate an error saying "I don't understand what 
this notation is about" or signal success saying "I recognize this as a 
notation. (And I don't care about its content.)"?

If the recognition refers to the content then it's easy. There would be the 
practical problem left to check how the (relevant) implementations behave. 
It's no use if you are theoretically right but it is trivial to trick people 
into acceptance of wrong signatures because an often used software does not 
work right.

A safe solution should be to define a new packet type. That might be a generic 
"notation with critical content" type. This would behave like a notation with 
the difference that the recognition check is extended to the content (if this 
packet is marked critical?).

But if the standard is extended then it makes more sense to have subkeys 
certified explicitly instead of forbidding the acceptance of normal subkeys in 
general.


> The CA would then sign the master key that is generated on-card, and the
> certification just won't apply to the sub-keys. Does this solve the "all
> signatures _must_ be generated on-card" issue?

In theory. The practice problem remains: Do "all" implementations behave that 
way.


Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110510/de074369/attachment.pgp>

From mailinglisten at hauke-laging.de  Tue May 10 16:04:32 2011
From: mailinglisten at hauke-laging.de (Hauke Laging)
Date: Tue, 10 May 2011 16:04:32 +0200
Subject: PGP Help Require Basic
In-Reply-To: <BANLkTi=wbBc++u-V8MN9iTnU1uvXA4B0Zg@mail.gmail.com>
References: <BANLkTi=wbBc++u-V8MN9iTnU1uvXA4B0Zg@mail.gmail.com>
Message-ID: <201105101604.32611.mailinglisten@hauke-laging.de>

Am Dienstag, 10. Mai 2011, 08:32:24 schrieb Aakash:

> Well, I have got to encrypt/decrypt the files using Open PGP. Now I have
> got PGP key block and Pgp KEY from other party. I have also installed GPG
> on my local machine.
> 
> but i really dont have any idea what to do next. Please let me know what to
> do with PGP key (0xAJ7A9B41) and PGP key block (this is very strange text).

For the typical use of GnuPG you need two keys:

a) yours (consisting of a public key and a private key)

b) the one of your communication partner (public key only)

You have to import the public key oth the other one. And you have to create 
(or import) your own private key.

For information how this is done and how encryption / decryption is done after 
you got your keys working you should have a look at some documentation as you 
have been hinted at.


Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110510/7340eed7/attachment.pgp>

From jerome at jeromebaum.com  Tue May 10 17:55:58 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Tue, 10 May 2011 17:55:58 +0200
Subject: Best practice for periodic key change?
In-Reply-To: <BANLkTik8KY_Veacngd4U4KbiX8NWRQKvyA@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com> <4DC8C68D.7090008@grant-olson.net>
	<BANLkTim1SAU2ODu4nRGSoFJNDjMvxMHdug@mail.gmail.com>
	<201105101526.35921.mailinglisten@hauke-laging.de>
	<BANLkTik8KY_Veacngd4U4KbiX8NWRQKvyA@mail.gmail.com>
Message-ID: <BANLkTi=P_CT-zRk1BMie8VqpF1_Qg5oXnA@mail.gmail.com>

I don't see why it would need a standards change, or why the option can't
be, well, optional. We aren't trying to force all gpg installations to
conform, but to make it possible to configure an installation to conform.
Normal gpg should continue to function.

(Mobile/Handy)

Am 10.05.2011 15:33 schrieb "Hauke Laging" <mailinglisten at hauke-laging.de>:

Am Dienstag, 10. Mai 2011, 07:10:42 schrieb Jerome Baum:


> an option for GnuPG: reject-subkey-signatures

> No need to change OpenPGP for this.
This is possible only if it is safe for old implementations. I see one
option
for that: A signature notation for this purpose could be defined and this
notation could be marked critical. The standard says:

"If a subpacket is encountered that is marked critical but is unknown to the
evaluating software, the evaluator SHOULD consider the signature to be in
error."

I don't understand whether this refers to the packet type or the packet
content. If an implementation knows what a notation is (and shows it) but
does
not know the meaning of the new standardized notation what is it supposed to
do according to RFC 4880? Generate an error saying "I don't understand what
this notation is about" or signal success saying "I recognize this as a
notation. (And I don't care about its content.)"?

If the recognition refers to the content then it's easy. There would be the
practical problem left to check how the (relevant) implementations behave.
It's no use if you are theoretically right but it is trivial to trick people
into acceptance of wrong signatures because an often used software does not
work right.

A safe solution should be to define a new packet type. That might be a
generic
"notation with critical content" type. This would behave like a notation
with
the difference that the recognition check is extended to the content (if
this
packet is marked critical?).

But if the standard is extended then it makes more sense to have subkeys
certified explicitly instead of forbidding the acceptance of normal subkeys
in
general.



> The CA would then sign the master key that is generated on-card, and the
> certification just wo...
In theory. The practice problem remains: Do "all" implementations behave
that
way.



Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814

_______________________________________________
Gnupg-users mailing list
Gnupg-users at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110510/3f83c5f9/attachment-0001.htm>

From vedaal at nym.hush.com  Tue May 10 19:34:14 2011
From: vedaal at nym.hush.com (vedaal at nym.hush.com)
Date: Tue, 10 May 2011 13:34:14 -0400
Subject: Problem with the pgp to gpg key migration
Message-ID: <20110510173414.1A84614DBD0@smtp.hushmail.com>

Pramod.R Pramod.R at target.com wrote on
Mon May 9 14:43:06 CEST 2011 :

>1)      Tried exporting the private and the public key from pgp 
using the commands:
pgp -kx " " pubkey.pgp                               
pgp -kx " " sec.pgp ~/.pgp/secring.skr


pgp commandline makes it extremely difficult to extract a secret 
key.

the -kx commands extract only public keys,
(there was a workaround that Disastry showed me once many years 
ago, but i forgot it :-((  since it has been easier to just use the 
following gnupg command) :

gpg --import secring.skr

and gnupg will import both the public and secret keys


(n.b.  if anyone knows the proper pgp commandline syntax to extract 
a pgp secret key from the keyring, please post)

Thanks,

vedaal



From mwood at IUPUI.Edu  Tue May 10 19:54:43 2011
From: mwood at IUPUI.Edu (Mark H. Wood)
Date: Tue, 10 May 2011 13:54:43 -0400
Subject: PGP and "Smart" Cards
In-Reply-To: <4DC90B73.2050204@charter.net>
References: <4DC2493C.4060403@gmx.com>
	<201105080434.57614.mailinglisten@hauke-laging.de>
	<1359636868.20110508135036@my_localhost>
	<201105091809.05423.mailinglisten@hauke-laging.de>
	<BANLkTinmnvXR_UONeeWC1gDy9xmu4AB0jg@mail.gmail.com>
	<4DC8BC87.7040408@fifthhorseman.net>
	<BANLkTinP8-C9CHuDt0R1ajsEFDR=Yeic4A@mail.gmail.com>
	<4DC8C1E5.5020401@fifthhorseman.net>
	<4DC8C68D.7090008@grant-olson.net> <4DC90B73.2050204@charter.net>
Message-ID: <20110510175443.GD3289@IUPUI.Edu>

Good luck.  The merchants don't seem to care, and the banks still
think that the name of my third-grade teacher is some kind of closely
guarded secret.  It's not going to happen unless required by law or in
response to some hugely expensive (and successful) class actions
against card issuers.  The customer is the only one with a compelling
incentive to change the system.

-- 
Mark H. Wood, Lead System Programmer   mwood at IUPUI.Edu
Asking whether markets are efficient is like asking whether people are smart.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: </pipermail/attachments/20110510/4f73c001/attachment.pgp>

From lopaki at gmail.com  Tue May 10 20:31:55 2011
From: lopaki at gmail.com (Scott Lambdin)
Date: Tue, 10 May 2011 14:31:55 -0400
Subject: PGP and "Smart" Cards
In-Reply-To: <20110510175443.GD3289@IUPUI.Edu>
References: <4DC2493C.4060403@gmx.com>
	<201105080434.57614.mailinglisten@hauke-laging.de>
	<1359636868.20110508135036@my_localhost>
	<201105091809.05423.mailinglisten@hauke-laging.de>
	<BANLkTinmnvXR_UONeeWC1gDy9xmu4AB0jg@mail.gmail.com>
	<4DC8BC87.7040408@fifthhorseman.net>
	<BANLkTinP8-C9CHuDt0R1ajsEFDR=Yeic4A@mail.gmail.com>
	<4DC8C1E5.5020401@fifthhorseman.net>
	<4DC8C68D.7090008@grant-olson.net> <4DC90B73.2050204@charter.net>
	<20110510175443.GD3289@IUPUI.Edu>
Message-ID: <BANLkTimSL1tAVfVmj0ssL4koY1bRzKNzOw@mail.gmail.com>

On Tue, May 10, 2011 at 1:54 PM, Mark H. Wood <mwood at iupui.edu> wrote:

>  The customer is the only one with a compelling
> incentive to change the system.
>
Why?  Are not the Pay Card companies on the hook for most of the losses?



>
> --
> Mark H. Wood, Lead System Programmer   mwood at IUPUI.Edu
> Asking whether markets are efficient is like asking whether people are
> smart.
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
>


-- 
?Until we have the courage to recognize cruelty for what it is?whether its
victim is human or animal ?we cannot expect things to be much better in this
world. We cannot have peace among men whose hearts delight in killing any
living creature.??Rachel Carson, Silent Spring
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110510/461ac349/attachment.htm>

From harningt at gmail.com  Tue May 10 20:36:28 2011
From: harningt at gmail.com (Thomas Harning Jr.)
Date: Tue, 10 May 2011 14:36:28 -0400
Subject: PGP and "Smart" Cards
In-Reply-To: <BANLkTimSL1tAVfVmj0ssL4koY1bRzKNzOw@mail.gmail.com>
References: <4DC2493C.4060403@gmx.com>
	<201105080434.57614.mailinglisten@hauke-laging.de>
	<1359636868.20110508135036@my_localhost>
	<201105091809.05423.mailinglisten@hauke-laging.de>
	<BANLkTinmnvXR_UONeeWC1gDy9xmu4AB0jg@mail.gmail.com>
	<4DC8BC87.7040408@fifthhorseman.net>
	<BANLkTinP8-C9CHuDt0R1ajsEFDR=Yeic4A@mail.gmail.com>
	<4DC8C1E5.5020401@fifthhorseman.net>
	<4DC8C68D.7090008@grant-olson.net> <4DC90B73.2050204@charter.net>
	<20110510175443.GD3289@IUPUI.Edu>
	<BANLkTimSL1tAVfVmj0ssL4koY1bRzKNzOw@mail.gmail.com>
Message-ID: <BANLkTi=uu_ESXbLAqpRjap-6YB2mDdnZvA@mail.gmail.com>

On Tue, May 10, 2011 at 2:31 PM, Scott Lambdin <lopaki at gmail.com> wrote:
>
>
> On Tue, May 10, 2011 at 1:54 PM, Mark H. Wood <mwood at iupui.edu> wrote:
>>
>> ?The customer is the only one with a compelling
>> incentive to change the system.
>
> Why?? Are not the Pay Card companies on the hook for most of the losses?
They have determined the losses are less than the cost of educating
and implementing these intelligent plans, in the US at least.

-- 
Thomas Harning Jr.
Support my wife, Jenn, as she runs her first 10k, donations
appreciated... every dollar helps!
http://www.akidagain.org/site/TR/Cincinnati5k10k2011/General?px=1127201&pg=personal&fr_id=1140


From vedaal at nym.hush.com  Tue May 10 22:00:25 2011
From: vedaal at nym.hush.com (vedaal at nym.hush.com)
Date: Tue, 10 May 2011 16:00:25 -0400
Subject: Problem with the pgp to gpg key migration
Message-ID: <20110510200025.4894C14DBCF@smtp.hushmail.com>

Pramod.R Pramod.R at target.com wrote on
Mon May 9 14:43:06 CEST 2011 :

>1)      Tried exporting the private and the public key from pgp 
using the commands:
pgp -kx " " pubkey.pgp
pgp -kx " " sec.pgp ~/.pgp/secring.skr

-----

remembered the workaround:

[1] copy secring.skr to a different location
[2] confirm that it is openable by the following command:

pgp -kv (pathway to new location)secring.skr 


if pgp lists the secret keys, then do the following:

pgp -kxa keyname exportfilename.asc (pathway to new 
location)secring.skr

the resulting file, exportfilename.asc,  will have both the private 
and public pgp keyblocks


n.b.

if these are RSA keys, then you either need the IDEA module in 
gnupg, or need to first remove the passphrase and then export the 
key from pgp and then import then into gnupg


vedaal



From jyard at ais.ucla.edu  Wed May 11 03:43:16 2011
From: jyard at ais.ucla.edu (Yard, John)
Date: Tue, 10 May 2011 18:43:16 -0700
Subject: secret key not available
Message-ID: <C90F497C267BBF4F9C6E06F672DBE39606935DFBB3@EM15.ad.ucla.edu>

I exported a key that was needed by a bank
from a pgp 6.5.8 secret keyring and inported into
gpg using -import .

Now when I sign using that key I get
'signing failed: secret key not available'.

In gpg I see the key when I do a gpg -list-keys,
But don't see it when I do a gpg -list-secret-keys.

When I cat the exported key asc block It describes itself
as a public key.

Any clues as to what I need to do. I see this key on my pgp
Public and secret keyrings....

JYard
UCLA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110510/3daed123/attachment.htm>

From dougb at dougbarton.us  Wed May 11 05:14:17 2011
From: dougb at dougbarton.us (Doug Barton)
Date: Tue, 10 May 2011 20:14:17 -0700
Subject: secret key not available
In-Reply-To: <C90F497C267BBF4F9C6E06F672DBE39606935DFBB3@EM15.ad.ucla.edu>
References: <C90F497C267BBF4F9C6E06F672DBE39606935DFBB3@EM15.ad.ucla.edu>
Message-ID: <4DC9FF09.8050608@dougbarton.us>

On 05/10/2011 18:43, Yard, John wrote:
> I exported a key that was needed by a bank
> from a pgp 6.5.8 secret keyring

...

> When I cat the exported key asc block It describes itself
> as a public key.

So I think you've described the problem ... you didn't export the secret 
key, you exported the public one.


-- 

	Nothin' ever doesn't change, but nothin' changes much.
			-- OK Go

	Breadth of IT experience, and depth of knowledge in the DNS.
	Yours for the right price.  :)  http://SupersetSolutions.com/



From zirconiumnzinc at gmail.com  Wed May 11 13:33:34 2011
From: zirconiumnzinc at gmail.com (Tomasz Wozowicz)
Date: Wed, 11 May 2011 13:33:34 +0200
Subject: Displaying signature algorithms when doing --check-sigs,
	disabling algorithms for web of trust.
In-Reply-To: <BANLkTimOn8m3XO7vHu3e9LtGm0Lf3oYaVg@mail.gmail.com>
References: <BANLkTikSRbXpKSwLD7b4wNWpbdpxznAn4A@mail.gmail.com>
	<BANLkTi=jWks+LUthV0Vm16NZL3RpoHbvFg@mail.gmail.com>
	<BANLkTimOn8m3XO7vHu3e9LtGm0Lf3oYaVg@mail.gmail.com>
Message-ID: <BANLkTimCBKnYUZJqjUAbNi0M-YtjQKBV=w@mail.gmail.com>

Hi again
I have problems with finding that message with search engine. Do you
remember when that disscusion took place? At least the year?

On Sat, May 7, 2011 at 2:15 PM, Jerome Baum <jerome at jeromebaum.com> wrote:
> On Sat, May 7, 2011 at 12:51, Tomasz Wozowicz <zirconiumnzinc at gmail.com>
> wrote:
>>
>> Anyone willing to help? Please answer. Thanks
>
> I recall there was a long discussion on this including some hints on how it
> is possible and whether or not it makes sense.
> --
> Jerome Baum
> tel +49-1578-8434336
> email?jerome at jeromebaum.com
> --
> PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
> PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
>


From lists at mgreg.com  Thu May 12 04:49:04 2011
From: lists at mgreg.com (lists at mgreg.com)
Date: Wed, 11 May 2011 22:49:04 -0400
Subject: How do I list all recipient of a message (including myself)?
Message-ID: <6C0BDA71-FD0A-4C30-AE59-50D5FB8E4F6D@mgreg.com>

Hi All,

I am writing application in which I need to know if a GnuPG encrypted message was sent to me.  It seems that whenever you list the recipients of a message it will list every recipient but you -- even if you're one of them.  Surely there's a way to reveal whether or not you're one of those recipients...?

Regards,

Michael

From shavital at mac.com  Thu May 12 06:11:57 2011
From: shavital at mac.com (Charly Avital)
Date: Thu, 12 May 2011 00:11:57 -0400
Subject: How do I list all recipient of a message (including myself)?
In-Reply-To: <6C0BDA71-FD0A-4C30-AE59-50D5FB8E4F6D@mgreg.com>
References: <6C0BDA71-FD0A-4C30-AE59-50D5FB8E4F6D@mgreg.com>
Message-ID: <4DCB5E0D.3080409@mac.com>

lists at mgreg.com <6C0BDA71-FD0A-4C30-AE59-50D5FB8E4F6D at mgreg.com> wrote
on 5/11/11 10:49:04 PM:
> Hi All,
> 
> I am writing application in which I need to know if a GnuPG encrypted message was sent to me.  It seems that whenever you list the recipients of a message it will list every recipient but you -- even if you're one of them.  Surely there's a way to reveal whether or not you're one of those recipients...?
> 
> Regards,
> 
> Michael

You can try this, but I don't know how to integrate it into your
application:

- launch Terminal and type gpg. This will output:
gpg: Go ahead and type your message ...

- copy/page the encrypted message. If it was encrypted to your public
key, your will be prompted to enter your passphrase. After you enter it,
the output will display to which user IDs and public keys the message
was encrypted, like:
---------
You need a passphrase to unlock the secret key for
user: "Charly Avital <shavital at mac.com>"
4096-bit RSA key, ID 02345678, created 2011-03-26 (main key ID ABCDEF1)

[and after you type in the passphrase]:

gpg: encrypted with [the second recipient's key]
      [the second recipient's user ID]
gpg: encrypted with 4096-bit RSA key, ID 02345678, created 2011-03-26
      "Charly Avital <shavital at mac.com>"
--------

Charly




From jerome at jeromebaum.com  Thu May 12 06:07:02 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Thu, 12 May 2011 06:07:02 +0200
Subject: Displaying signature algorithms when doing --check-sigs,
	disabling algorithms for web of trust.
In-Reply-To: <BANLkTimCBKnYUZJqjUAbNi0M-YtjQKBV=w@mail.gmail.com>
References: <BANLkTikSRbXpKSwLD7b4wNWpbdpxznAn4A@mail.gmail.com>
	<BANLkTi=jWks+LUthV0Vm16NZL3RpoHbvFg@mail.gmail.com>
	<BANLkTimOn8m3XO7vHu3e9LtGm0Lf3oYaVg@mail.gmail.com>
	<BANLkTimCBKnYUZJqjUAbNi0M-YtjQKBV=w@mail.gmail.com>
Message-ID: <BANLkTikLK=N_rp3KqTo4VDBeuuQy745rAA@mail.gmail.com>

On Wed, May 11, 2011 at 13:33, Tomasz Wozowicz <zirconiumnzinc at gmail.com>wrote:

> Hi again
> I have problems with finding that message with search engine. Do you
> remember when that disscusion took place? At least the year?


This Apr, subject was: "Updating signature cert-level". For whether it makes
sense, read the discussion. For the solution, to quote:

GnuPG supports reading a trust "map" generated by an external process that
> can use whatever trust rules it likes.


I think he's referring to import-ownertrust in combination with trust-model
direct.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110512/226e4ef5/attachment.htm>

From jerome at jeromebaum.com  Thu May 12 06:11:14 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Thu, 12 May 2011 06:11:14 +0200
Subject: How do I list all recipient of a message (including myself)?
In-Reply-To: <6C0BDA71-FD0A-4C30-AE59-50D5FB8E4F6D@mgreg.com>
References: <6C0BDA71-FD0A-4C30-AE59-50D5FB8E4F6D@mgreg.com>
Message-ID: <BANLkTinEDZMzdnVAzGE0Jjyx1yGTZ8Ce5A@mail.gmail.com>

On Thu, May 12, 2011 at 04:49, lists at mgreg.com <lists at mgreg.com> wrote:
>
> I am writing application in which I need to know if a GnuPG encrypted
> message was sent to me.  It seems that whenever you list the recipients of a
> message it will list every recipient but you -- even if you're one of them.
>  Surely there's a way to reveal whether or not you're one of those
> recipients...?
>

There doesn't seem to be a with-colons version of this, but it's a start:

$ gpg -vv --list-only cron.log.gpg
> :pubkey enc packet: version 3, algo 1, keyid 0000000000000000
>         data: [2048 bits]
> gpg: public key is 00000000
> :encrypted data packet:
>         length: unknown
>         mdc_method: 2


Normally, the key IDs would be in there of course, I just always throw them.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110512/eac8827f/attachment.htm>

From roam at ringlet.net  Thu May 12 12:07:37 2011
From: roam at ringlet.net (Peter Pentchev)
Date: Thu, 12 May 2011 13:07:37 +0300
Subject: How do I list all recipient of a message (including myself)?
In-Reply-To: <BANLkTinEDZMzdnVAzGE0Jjyx1yGTZ8Ce5A@mail.gmail.com>
References: <6C0BDA71-FD0A-4C30-AE59-50D5FB8E4F6D@mgreg.com>
	<BANLkTinEDZMzdnVAzGE0Jjyx1yGTZ8Ce5A@mail.gmail.com>
Message-ID: <20110512100737.GC3445@straylight.ringlet.net>

On Thu, May 12, 2011 at 06:11:14AM +0200, Jerome Baum wrote:
> On Thu, May 12, 2011 at 04:49, lists at mgreg.com <lists at mgreg.com> wrote:
> >
> > I am writing application in which I need to know if a GnuPG encrypted
> > message was sent to me.  It seems that whenever you list the recipients of a
> > message it will list every recipient but you -- even if you're one of them.
> >  Surely there's a way to reveal whether or not you're one of those
> > recipients...?
> >
> 
> There doesn't seem to be a with-colons version of this, but it's a start:
> 
> $ gpg -vv --list-only cron.log.gpg

Well, there's always gpg --list-packets --with-colons, which outputs
something like:

:pubkey enc packet: version 3, algo 1, keyid 08D014DED0B337AA
        data: [4095 bits]
:pubkey enc packet: version 3, algo 16, keyid 921EB6497074473C
        data: [1024 bits]
        data: [1021 bits]
:encrypted data packet:
        length: 69
        mdc_method: 2
:compressed packet: algo=2
:literal data packet:
        mode b (62), created 1305194688, name="foo.txt",
        raw data: 4 bytes

...so just look for the "pubkey enc packet" lines, get the key IDs and
possibly pass them through another round of "gpg --list-keys --with-colons"
or something.

G'luck,
Peter

-- 
Peter Pentchev	roam at ringlet.net roam at FreeBSD.org peter at packetscale.com
PGP key:	http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint	FDBA FD79 C26F 3C51 C95E  DF9E ED18 B68D 1619 4553
If I were you, who would be reading this sentence?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: </pipermail/attachments/20110512/fb0e4f3c/attachment.pgp>

From 5111 at logica.com  Thu May 12 17:48:18 2011
From: 5111 at logica.com (pjcs)
Date: Thu, 12 May 2011 08:48:18 -0700 (PDT)
Subject: More than 1 secret key: how do I specify which one --sign uses?
Message-ID: <31603622.post@talk.nabble.com>


I have 3 secret keys in my keyring for different purposes.  If I --sign a
document, is there any way to specify which key is to be used?
-- 
View this message in context: http://old.nabble.com/More-than-1-secret-key%3A-how-do-I-specify-which-one---sign-uses--tp31603622p31603622.html
Sent from the GnuPG - User mailing list archive at Nabble.com.



From dkg at fifthhorseman.net  Thu May 12 20:34:08 2011
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Thu, 12 May 2011 14:34:08 -0400
Subject: More than 1 secret key: how do I specify which one --sign uses?
In-Reply-To: <31603622.post@talk.nabble.com>
References: <31603622.post@talk.nabble.com>
Message-ID: <4DCC2820.2000701@fifthhorseman.net>

On 05/12/2011 11:48 AM, pjcs wrote:
> 
> I have 3 secret keys in my keyring for different purposes.  If I --sign a
> document, is there any way to specify which key is to be used?

The man page suggests --default-key or --local-user:


>       --default-key name
>               Use name as the default key to sign with. If this option is  not
>               used,  the  default  key  is  the  first key found in the secret
>               keyring.  Note that -u or --local-user overrides this option.
 [...]
>       --local-user name
>        -u     Use  name  as  the key to sign with. Note that this option over?
>               rides --default-key.

hth,

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110512/a2e53e5f/attachment.pgp>

From turbo at bayour.com  Fri May 13 11:55:25 2011
From: turbo at bayour.com (Turbo Fredriksson)
Date: Fri, 13 May 2011 11:55:25 +0200
Subject: Fwd: GPG Problem - invalid radix64 character
References: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>
Message-ID: <F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>

*bump*

Begin forwarded message:

> I needed to move lots of data from one site to another across
> europe. I got a huge disk and archived all data onto that using
> something like (simplified):
>
> 	find | cpio -o | gpg -e | split - /disk/archive.
>
> To extract the data again, it's just as simple:
>
> 	cat `find /disk/archive.* | sort` | gpg -d | cpio -i
>
> This have worked perfectly for a number of these data moves
> I've done over the last few months...
>
>
> But this last one gave me a problem when trying to unpack
> it:
>
> 	gpg: invalid radix64 character D0 skipped
> 	gpg: invalid radix64 character 00 skipped
> 	gpg: invalid radix64 character AD skipped
> 	gpg: invalid radix64 character DE skipped
> 	[these four lines repeats for a while]
> 	gpg: [don't know]: invalid packet (ctb=73)
> 	gpg: mdc_packet with invalid encoding
> 	gpg: decryption failed: Invalid packet
> 	gpg: [don't know]: invalid packet (ctb=36)
> 	gpg: no valid OpenPGP data found.
> 	cpio: premature end of file
>
>
> There's 1498 4GB files, and I managed to extract 792GB before
> this failure. But since the archive files is in ASCII armor,
> there's no telling in which file the problem lies!
>
> I'm currently looking for '^-|.*:|^$' in the files, but
> so far nothing...
>
>
> 1. What character is D0, 00, AD and DE? What can I look for
>   (to try to diagnose the problem/file)
>
> 2. Is there ANYTHING I can do to get my data, exept making a
>   new archive (which, for various reasons, take about
>   two-three weeks)?
>
>
>
> I've googled this problem, but most (if not all) get this
> when/if receiving an ASCII armor via mail which messes
> things up. I doubt very much that's the problem here, since
> I'm using the exact, identical file I started with, not a
> copy (which is the result of mailing it)...

-- 
Ehhhhm - The battle cry of the cronical masturbater.
- Charlie Harper



From jerome at jeromebaum.com  Fri May 13 12:08:35 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Fri, 13 May 2011 12:08:35 +0200
Subject: GPG Problem - invalid radix64 character
In-Reply-To: <F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>
References: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>
	<F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>
Message-ID: <BANLkTik1ezyG6=mtzaw1SZCQxsdL2v+i7g@mail.gmail.com>

On Fri, May 13, 2011 at 11:55, Turbo Fredriksson <turbo at bayour.com> wrote:

> *bump*
>
> Begin forwarded message:
>
>
> But this last one gave me a problem when trying to unpack
>> it:
>>
>>        gpg: invalid radix64 character D0 skipped
>>        gpg: invalid radix64 character 00 skipped
>>        gpg: invalid radix64 character AD skipped
>>        gpg: invalid radix64 character DE skipped
>>        [these four lines repeats for a while]
>>        gpg: [don't know]: invalid packet (ctb=73)
>>        gpg: mdc_packet with invalid encoding
>>        gpg: decryption failed: Invalid packet
>>        gpg: [don't know]: invalid packet (ctb=36)
>>        gpg: no valid OpenPGP data found.
>>        cpio: premature end of file
>>
>>
>> There's 1498 4GB files, and I managed to extract 792GB before
>> this failure. But since the archive files is in ASCII armor,
>> there's no telling in which file the problem lies!
>>
>> I'm currently looking for '^-|.*:|^$' in the files, but
>> so far nothing...
>>
>>
>> 1. What character is D0, 00, AD and DE? What can I look for
>>  (to try to diagnose the problem/file)
>>
>
You can look for D0, 00, AD and DE.


> 2. Is there ANYTHING I can do to get my data, exept making a
>>  new archive (which, for various reasons, take about
>>  two-three weeks)?
>>
>
First find the offending file, then you'll know your options.


> I've googled this problem, but most (if not all) get this
>> when/if receiving an ASCII armor via mail which messes
>> things up. I doubt very much that's the problem here, since
>> I'm using the exact, identical file I started with, not a
>> copy (which is the result of mailing it)...
>>
>
But the files are ASCII armored and messed up, right? You should still try
out the suggestions you found. It's possible your file got corrupt even if
it's "the exact, identifcal file [you] started with" -- think bit rot.

Personally I'd first find the file that's causing the problem, by looking
for those bytes. It's more difficult to solve a problem when you can't see
it.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110513/9cd0111d/attachment.htm>

From turbo at bayour.com  Fri May 13 12:42:40 2011
From: turbo at bayour.com (Turbo Fredriksson)
Date: Fri, 13 May 2011 12:42:40 +0200
Subject: GPG Problem - invalid radix64 character
In-Reply-To: <BANLkTik1ezyG6=mtzaw1SZCQxsdL2v+i7g@mail.gmail.com>
References: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>
	<F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>
	<BANLkTik1ezyG6=mtzaw1SZCQxsdL2v+i7g@mail.gmail.com>
Message-ID: <810CB15E-5E68-43A0-9659-34866DCEFCDD@bayour.com>

On 13 maj 2011, at 12.08, Jerome Baum wrote:

> 1. What character is D0, 00, AD and DE? What can I look for
>  (to try to diagnose the problem/file)
>
> You can look for D0, 00, AD and DE.

Doh! I assumed that these where some code characters (meaning it's
something else in the actuall file).


Looking for these (egrep 'D0|00|AD|DE') basically gives me every single
line! They are everywhere, even in the very first file (which extracted
without any problems).

>  2. Is there ANYTHING I can do to get my data, exept making a
>  new archive (which, for various reasons, take about
>  two-three weeks)?
>
> First find the offending file, then you'll know your options.

Any (other) idea how I do that?

> I've googled this problem, but most (if not all) get this
> when/if receiving an ASCII armor via mail which messes
> things up. I doubt very much that's the problem here, since
> I'm using the exact, identical file I started with, not a
> copy (which is the result of mailing it)...
>
> But the files are ASCII armored and messed up, right?

They are ASCII armored, but I can't find a reason why they should
be messed up.

The commandline(s) are simple enough and doesn't ... rewrite anything
(other the 'transference' of clear text data to encrypted data by  
gpg), there
is no compression involved in any of the pipes and they are on a RAID5
with XFS,


I usually hate it myself when people say 'it used to work' and/or 'it  
worked
before', but this setup have been thoroughly tested and verified and I'm
not a noob, not even with PGP/GnuPG...

> You should still try out the suggestions you found. It's possible  
> your file got corrupt even if it's "the exact, identifcal file [you]  
> started with" -- think bit rot.

To be honnest, I've heard about that before, but in my 20 years with  
Linux/Unix,
I never, ever encountered it :). Data is always the same as the one  
you put there.

Exept:

	1. FS errors (noticable one way or the other)
	2. Disk errors (also noticable one way or the other)
	3. Pipe (Command line) or program/application errors (possible GPG
		problem/bug?)

> Personally I'd first find the file that's causing the problem, by  
> looking for those bytes. It's more difficult to solve a problem when  
> you can't see it.
>
> -- 
> Jerome Baum
>
> tel +49-1578-8434336
> email jerome at jeromebaum.com
> -- 
> PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
> PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
>

--
If something's hard to do, then it's not worth doing.
- Homer Simpson

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110513/0ed829ef/attachment.htm>

From jerome at jeromebaum.com  Fri May 13 13:04:30 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Fri, 13 May 2011 13:04:30 +0200
Subject: GPG Problem - invalid radix64 character
In-Reply-To: <810CB15E-5E68-43A0-9659-34866DCEFCDD@bayour.com>
References: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>
	<F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>
	<BANLkTik1ezyG6=mtzaw1SZCQxsdL2v+i7g@mail.gmail.com>
	<810CB15E-5E68-43A0-9659-34866DCEFCDD@bayour.com>
Message-ID: <BANLkTinQ450A0sBXJzzyvtEguCCBwxzSpw@mail.gmail.com>

On Fri, May 13, 2011 at 12:42, Turbo Fredriksson <turbo at bayour.com> wrote:

> On 13 maj 2011, at 12.08, Jerome Baum wrote:
>
> 1. What character is D0, 00, AD and DE? What can I look for
>>>  (to try to diagnose the problem/file)
>>>
>>
> You can look for D0, 00, AD and DE.
>
>
> Doh! I assumed that these where some code characters (meaning it's
> something else in the actuall file).
>
>
> Looking for these (egrep 'D0|00|AD|DE') basically gives me every single
> line! They are everywhere, even in the very first file (which extracted
> without any problems).
>

Should have been clearer. D0 here is character 208, etc. "D0" (the string)
is okay, what gpg is screaming about is that D0 as a byte isn't a valid
Base64 character.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110513/a281b6c6/attachment.htm>

From venture37 at gmail.com  Sat May 14 18:12:56 2011
From: venture37 at gmail.com (Sevan / Venture37)
Date: Sat, 14 May 2011 17:12:56 +0100
Subject: Key generation on card fails with key sizes larger than 1024 bits
Message-ID: <BANLkTi=Y=2yqLXxwJLgCw4JHgB7qJ2AreQ@mail.gmail.com>

Hiya,
I purchased a v2 OpenPGP card for use with a SCM SCR335 card reader,
attempting to generate keys larger than 1024 bits fails, I've been
able to reproduce this consistently on MacOS 10.6.6, FreeBSD &
OpenBSD.
I was successfully able to complete the key generation process on
Windows, but the card was unreadable afterwards.
I had a brief attempt on OpenSUSE with gnupg 2.0.16 but that failed
flat out to even give me the card-status.

ccd_transceive_failed: (0x1000a)
apdu_send_simple(0) failed: card I/O error

I've set debug-all in my gpg-agent & scdaemon config files to get
better answers,
Attempting to generate 3072 bit keys l get an ERR 100663404 Card error <SCD>
Switching to 2048 bit keys, I can generate a signature key
successfully, then it fails after that,  switching down to 1024bit for
all keys results in the process completing successfully.

Any ideas on why the process fails?

Regards

Sevan / Venture37


From zirconiumnzinc at gmail.com  Sat May 14 22:42:17 2011
From: zirconiumnzinc at gmail.com (Tomasz Wozowicz)
Date: Sat, 14 May 2011 22:42:17 +0200
Subject: Displaying signature algorithms when doing --check-sigs, disabling
	algorithms for web of trust.
In-Reply-To: <BANLkTi=YL+pNp-y6LG4QvhEBtEUQZX0sww@mail.gmail.com>
References: <BANLkTikSRbXpKSwLD7b4wNWpbdpxznAn4A@mail.gmail.com>
	<BANLkTi=jWks+LUthV0Vm16NZL3RpoHbvFg@mail.gmail.com>
	<BANLkTimOn8m3XO7vHu3e9LtGm0Lf3oYaVg@mail.gmail.com>
	<BANLkTimCBKnYUZJqjUAbNi0M-YtjQKBV=w@mail.gmail.com>
	<BANLkTikLK=N_rp3KqTo4VDBeuuQy745rAA@mail.gmail.com>
	<BANLkTi=YL+pNp-y6LG4QvhEBtEUQZX0sww@mail.gmail.com>
Message-ID: <BANLkTinWx5PqSmrHhHiwapPgFpYn6sdNaA@mail.gmail.com>

On Thu, May 12, 2011 at 6:07 AM, Jerome Baum <jerome at jeromebaum.com> wrote:
> On Wed, May 11, 2011 at 13:33, Tomasz Wozowicz <zirconiumnzinc at gmail.com>
> wrote:
>>
>> Hi again
>> I have problems with finding that message with search engine. Do you
>> remember when that disscusion took place? At least the year?
>
> This Apr, subject was: "Updating signature cert-level". For whether it makes
> sense, read the discussion. For the solution, to quote:
>>
>> GnuPG supports reading a trust "map" generated by an external process that
>> can use whatever trust rules it likes.
>
> I think he's referring to import-ownertrust in combination with trust-model
> direct.
> --
> Jerome Baum
> tel +49-1578-8434336
> email?jerome at jeromebaum.com
> --
> PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
> PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
>

Thanks ?Jerome.
"GnuPG supports reading a trust "map" generated by an external process
that can use whatever trust rules it likes."
This requires another piece of software (or programming skills). I
don't know of any software that does this, and i lack programming
skills. So this solution is not for me :(
I'm not a cryptographer, however I think that those issues are
serious, because as we know, algorithms that are now considered
secure, will probably become broken one day. While this most likely is
not going to happen overnight, suddenly and unexpectedly, it could be
still good for users to enforce their policy regarding minimal
strenght of algorithms accepted by their web or trust., or if person
is using "direct" trust model, it could be useful when person is doing
--check-sigs (or check in the --edit-key shell), to display
signatures, along with their algorithms, and signers key/uid validity,
to have enough confidence when setting validity of keys/uids signed by
other people. Of course new versions of GnuPG could enforce minimal
strength of algorithms, however it doesn't allow users to decide about
confidence/security level, so in my opinion GnuPG should only set sane
defaults. Also it will allow someone who ?is still using older version
of GnuPG for some reason (like older packages in distributions
repository) to use strong enough algorithms to verify authenticity of
new software.

Should i crosspost the first message of this thread and this one to
gnupg-devel? Or maybe i should contact Mr. Koch directly?
Werner if you read this thread please reply. Thanks.


From wk at gnupg.org  Mon May 16 11:24:57 2011
From: wk at gnupg.org (Werner Koch)
Date: Mon, 16 May 2011 11:24:57 +0200
Subject: How do I list all recipient of a message (including myself)?
In-Reply-To: <6C0BDA71-FD0A-4C30-AE59-50D5FB8E4F6D@mgreg.com>
	(lists@mgreg.com's message of "Wed, 11 May 2011 22:49:04 -0400")
References: <6C0BDA71-FD0A-4C30-AE59-50D5FB8E4F6D@mgreg.com>
Message-ID: <87sjsfvvyu.fsf@vigenere.g10code.de>

On Thu, 12 May 2011 04:49, lists at mgreg.com said:

> I am writing application in which I need to know if a GnuPG encrypted
> message was sent to me.  It seems that whenever you list the
> recipients of a message it will list every recipient but you -- even
> if you're one of them.  Surely there's a way to reveal whether or not
> you're one of those recipients...?

$ fortune | gpg2 -er alpha at example -r bravo at example >x
[...]
$ gpg2 --status-fd 1 --with-colons --list-only --batch x
[GNUPG:] ENC_TO 5381EA4EE29BA37F 16 0
[GNUPG:] ENC_TO 6AE6D7EE46A871F8 16 0
[GNUPG:] ENC_TO B58845F7F409CD54 1 0
[GNUPG:] BEGIN_DECRYPTION
[GNUPG:] END_DECRYPTION

The ENC_TO lines show you the recipients:

    ENC_TO  <long_keyid>  <keytype>  <keylength>
	The message is encrypted to this LONG_KEYID.  KEYTYPE is the
	numerical value of the public key algorithm or 0 if it is not
	known, KEYLENGTH is the length of the key or 0 if it is not
	known (which is currently always the case).  Gpg prints this
	line always; Gpgsm only if it knows the certificate.

The first line above is for the bravo key, the second line for the alpha
key and the third line is my own encryption key.  If a hidden recipient
(option -R) is used you see 0000000000000000 for the long keyid.


Shalom-Salam,

   Werner


-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.



From wk at gnupg.org  Mon May 16 11:30:36 2011
From: wk at gnupg.org (Werner Koch)
Date: Mon, 16 May 2011 11:30:36 +0200
Subject: Displaying signature algorithms when doing --check-sigs,
	disabling algorithms for web of trust.
In-Reply-To: <BANLkTinWx5PqSmrHhHiwapPgFpYn6sdNaA@mail.gmail.com> (Tomasz
	Wozowicz's message of "Sat, 14 May 2011 22:42:17 +0200")
References: <BANLkTikSRbXpKSwLD7b4wNWpbdpxznAn4A@mail.gmail.com>
	<BANLkTi=jWks+LUthV0Vm16NZL3RpoHbvFg@mail.gmail.com>
	<BANLkTimOn8m3XO7vHu3e9LtGm0Lf3oYaVg@mail.gmail.com>
	<BANLkTimCBKnYUZJqjUAbNi0M-YtjQKBV=w@mail.gmail.com>
	<BANLkTikLK=N_rp3KqTo4VDBeuuQy745rAA@mail.gmail.com>
	<BANLkTi=YL+pNp-y6LG4QvhEBtEUQZX0sww@mail.gmail.com>
	<BANLkTinWx5PqSmrHhHiwapPgFpYn6sdNaA@mail.gmail.com>
Message-ID: <87oc33vvpf.fsf@vigenere.g10code.de>

On Sat, 14 May 2011 22:42, zirconiumnzinc at gmail.com said:

> Werner if you read this thread please reply. Thanks.

I don't understand the context, what was your question?  How to disable a
certain algorithm? (--disable-cipher NAME).

I recall that there was a long thread abouth something with signature
algorithms; I didn't followed that one.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.



From turbo at bayour.com  Mon May 16 14:04:33 2011
From: turbo at bayour.com (Turbo Fredriksson)
Date: Mon, 16 May 2011 14:04:33 +0200
Subject: GPG Problem - invalid radix64 character
In-Reply-To: <BANLkTinQ450A0sBXJzzyvtEguCCBwxzSpw@mail.gmail.com>
References: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>
	<F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>
	<BANLkTik1ezyG6=mtzaw1SZCQxsdL2v+i7g@mail.gmail.com>
	<810CB15E-5E68-43A0-9659-34866DCEFCDD@bayour.com>
	<BANLkTinQ450A0sBXJzzyvtEguCCBwxzSpw@mail.gmail.com>
Message-ID: <5A6ACD14-1B72-439F-ADB4-C28CD6751840@bayour.com>

I now managed to find the problematic line(s).

archive1.0280
5470206000 d0 00 ad de d0 00 ad de d0 00 ad de d0 00 ad de
5470207000 d1 00 ad de d1 00 ad de d1 00 ad de d1 00 ad de

These are the only lines I've found so far...


Now, what does this mean?! :)

--
Build a man a fire, and he will be warm for the night.
Set a man on fire and he will be warm for the rest of his life.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110516/e41c7eeb/attachment.htm>

From jerome at jeromebaum.com  Mon May 16 15:46:48 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Mon, 16 May 2011 15:46:48 +0200
Subject: GPG Problem - invalid radix64 character
In-Reply-To: <5A6ACD14-1B72-439F-ADB4-C28CD6751840@bayour.com>
References: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>
	<F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>
	<BANLkTik1ezyG6=mtzaw1SZCQxsdL2v+i7g@mail.gmail.com>
	<810CB15E-5E68-43A0-9659-34866DCEFCDD@bayour.com>
	<BANLkTinQ450A0sBXJzzyvtEguCCBwxzSpw@mail.gmail.com>
	<5A6ACD14-1B72-439F-ADB4-C28CD6751840@bayour.com>
Message-ID: <BANLkTin_bwkYmL7ykd0k4G5aHkyFWhqxoQ@mail.gmail.com>

On Mon, May 16, 2011 at 14:04, Turbo Fredriksson <turbo at bayour.com> wrote:

> I now managed to find the problematic line(s).
>
> archive1.0280
> 5470206000 d0 00 ad de d0 00 ad de d0 00 ad de d0 00 ad de
> 5470207000 d1 00 ad de d1 00 ad de d1 00 ad de d1 00 ad de
>
> These are the only lines I've found so far...
>
>
> Now, what does this mean?! :)
>

Run it through xxd.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110516/075af294/attachment.htm>

From turbo at bayour.com  Mon May 16 17:32:17 2011
From: turbo at bayour.com (Turbo Fredriksson)
Date: Mon, 16 May 2011 17:32:17 +0200
Subject: GPG Problem - invalid radix64 character
In-Reply-To: <BANLkTin_bwkYmL7ykd0k4G5aHkyFWhqxoQ@mail.gmail.com>
References: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>
	<F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>
	<BANLkTik1ezyG6=mtzaw1SZCQxsdL2v+i7g@mail.gmail.com>
	<810CB15E-5E68-43A0-9659-34866DCEFCDD@bayour.com>
	<BANLkTinQ450A0sBXJzzyvtEguCCBwxzSpw@mail.gmail.com>
	<5A6ACD14-1B72-439F-ADB4-C28CD6751840@bayour.com>
	<BANLkTin_bwkYmL7ykd0k4G5aHkyFWhqxoQ@mail.gmail.com>
Message-ID: <5E12BCCA-0524-486A-87BC-0113D51E80EE@bayour.com>

On 16 maj 2011, at 15.46, Jerome Baum wrote:

> On Mon, May 16, 2011 at 14:04, Turbo Fredriksson <turbo at bayour.com>  
> wrote:
> I now managed to find the problematic line(s).
>
> archive1.0280
> 5470206000 d0 00 ad de d0 00 ad de d0 00 ad de d0 00 ad de
> 5470207000 d1 00 ad de d1 00 ad de d1 00 ad de d1 00 ad de
>
> These are the only lines I've found so far...
>
>
> Now, what does this mean?! :)
>
> Run it through xxd.


I managed to find the offending part in the original file (see  
attachment).


Now, I tried to just remove the binary chars, but that ended up with a  
line
which is shorter than the others which I doubt will work (it would  
take me
almost a day to find out - slow USB1 disks), so any idea on how to  
proceed
would be much appreciated.

--
Geologists recently discovered that "earthquakes" are nothing more than
Bruce Schneier and Chuck Norris communicating via a roundhouse
kick-based cryptosystem.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110516/28c6e4cd/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: archive.0280.snippet
Type: application/octet-stream
Size: 3109 bytes
Desc: not available
URL: </pipermail/attachments/20110516/28c6e4cd/attachment.obj>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110516/28c6e4cd/attachment-0001.htm>

From zirconiumnzinc at gmail.com  Mon May 16 17:43:36 2011
From: zirconiumnzinc at gmail.com (Tomasz Wozowicz)
Date: Mon, 16 May 2011 17:43:36 +0200
Subject: Displaying signature algorithms when doing --check-sigs,
	disabling algorithms for web of trust.
In-Reply-To: <87oc33vvpf.fsf@vigenere.g10code.de>
References: <BANLkTikSRbXpKSwLD7b4wNWpbdpxznAn4A@mail.gmail.com>
	<BANLkTi=jWks+LUthV0Vm16NZL3RpoHbvFg@mail.gmail.com>
	<BANLkTimOn8m3XO7vHu3e9LtGm0Lf3oYaVg@mail.gmail.com>
	<BANLkTimCBKnYUZJqjUAbNi0M-YtjQKBV=w@mail.gmail.com>
	<BANLkTikLK=N_rp3KqTo4VDBeuuQy745rAA@mail.gmail.com>
	<BANLkTi=YL+pNp-y6LG4QvhEBtEUQZX0sww@mail.gmail.com>
	<BANLkTinWx5PqSmrHhHiwapPgFpYn6sdNaA@mail.gmail.com>
	<87oc33vvpf.fsf@vigenere.g10code.de>
Message-ID: <BANLkTimBSkzOjHyVgg7MJG6+gxygacprtg@mail.gmail.com>

On Mon, May 16, 2011 at 11:30 AM, Werner Koch <wk at gnupg.org> wrote:
> On Sat, 14 May 2011 22:42, zirconiumnzinc at gmail.com said:
>
>> Werner if you read this thread please reply. Thanks.
>
> I don't understand the context, what was your question? ?How to disable a
> certain algorithm? (--disable-cipher NAME).
>
> I recall that there was a long thread abouth something with signature
> algorithms; I didn't followed that one.
>
>
> Salam-Shalom,
>
> ? Werner
>
> --
> Die Gedanken sind frei. ?Ausnahmen regelt ein Bundesgesetz.
>
>



Hi Werner, thanks for replying. I will cite myself:

Is there a way to display hash algorithms along with public key
algoritms (and its lenght) of signatures when issuing "--check-sigs"
(or check in the "--edit-key" shell)?

I also would like to know if there is a way to force that GPG will not
accept signatures made with a certain hash or public key algorithms,
when calculating validity of keys trough web of trust?  In the case of
public key it should be possible to specify key length.


I didnt have luck finding answers to my questions in documentation,
only a partial solution to my second question:

There is an option "disable-pubkey-algo" that will totally disable
choosen public key algoritm, however it only works after doing
--check-trustdb with that option, otherwise it still accepts key
signatures (certifications) made with disabled algorithm, as a valid
signatures (for example when calculating key validity, or when doing
"--check-sigs"). It can create problems when changing from
"trust-model pgp" to "trust-model direct", beacuse as GPG says, there
is "no need for a trustdb check with `direct' trust model". But is
that really true that that there is no need for trustdb check? Im not
sure, but GPG doesnt allow that.

So while "disable-pubkey-algo" can be used to disable signatures made
with certain public key algorithm when calculating validity of keys
trough web of trust, there is no way to specify key length. Also there
is no such option for hash algorithms. No "disable-hash-algo" or
"disable-cert-digest-algo" or anything like that.


From jerome at jeromebaum.com  Mon May 16 18:35:30 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Mon, 16 May 2011 18:35:30 +0200
Subject: GPG Problem - invalid radix64 character
In-Reply-To: <5E12BCCA-0524-486A-87BC-0113D51E80EE@bayour.com>
References: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>
	<F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>
	<BANLkTik1ezyG6=mtzaw1SZCQxsdL2v+i7g@mail.gmail.com>
	<810CB15E-5E68-43A0-9659-34866DCEFCDD@bayour.com>
	<BANLkTinQ450A0sBXJzzyvtEguCCBwxzSpw@mail.gmail.com>
	<5A6ACD14-1B72-439F-ADB4-C28CD6751840@bayour.com>
	<BANLkTin_bwkYmL7ykd0k4G5aHkyFWhqxoQ@mail.gmail.com>
	<5E12BCCA-0524-486A-87BC-0113D51E80EE@bayour.com>
Message-ID: <BANLkTinR+at4hiFxc+fV5jHs__Yxr5ttNw@mail.gmail.com>

On Mon, May 16, 2011 at 17:32, Turbo Fredriksson <turbo at bayour.com> wrote:

> Now, I tried to just remove the binary chars, but that ended up with a line
> which is shorter than the others which I doubt will work (it would take me
> almost a day to find out - slow USB1 disks), so any idea on how to proceed
> would be much appreciated.
>

Most likely won't work. Data definitely looks corrupted. Can you reduce the
size of the overall data, so there's less to work with?

In the worst case, you may be looking at loosing everything from the
corruption point onwards, assuming some kind of stream compression. This is
IIRC the default for GnuPG when it encrypts. Otherwise you may be able to
recover all but this part by just filling in zeroes ("A" IIRC). Haven't
looked in too much detail at the data but it looks like there's many, many
bytes filled with scrap so looks like more than one line. So, start at the
beginning of scrapped data (with a copy, of course), fill in "A"s until you
reach the 76 (or 80) limit, fill in a line break, continue with "A"s, repeat
until nothing left.

GnuPG may choke on an incorrect checksum, but there should be an override
option or it might just spit out the file anyway.

For the future, look at alternative ways to run this backup. Why
ascii-armor? Why gpg? Encrypting w/ gpg has a huge potential for data loss
in case of corruption -- of even a single bit. This isn't really an issue
with gpg, it simply doesn't _by default_ operate in a manner designed for
this. You may be able to tweak it, but how about this instead:

1. Encrypt your data symmetrically using a salt -- openssl enc using openssl
rand output as key file.
2. Split encrypted data.
3. Encrypt key file using gpg, or whatever you want to do with it.
4. Transmit (possibly ascii-armor each split file).

I find gpg is very well-suited for the tasks it's designed for. I don't
think this kind of backup falls into that category.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110516/2e309ce9/attachment.htm>

From steve.strobel at link-comm.com  Mon May 16 19:32:15 2011
From: steve.strobel at link-comm.com (Steve Strobel)
Date: Mon, 16 May 2011 11:32:15 -0600
Subject: Why is "--allow-non-selfsigned-uid" needed to import this key?
Message-ID: <0MXqFb-1QA8tp2yyF-00WuCE@mrelay.perfora.net>

I am using gnupg to encrypt and sign a file transferred from a 
server to an embedded client.  I generated a 2048 bit RSA keypair on 
the server (using gpg V1.4.6) with "gpg --gen-key" and got the output:


        gpg: key CBF38289 marked as ultimately trusted
        public and secret key created and signed.


I exported it with "
gpg --output test-key.gpg --export --armor 
CBF38289", transferred the file to the client and tried to import it 
using gpg V1.4.11 (the embedded device doesn't have a real-time clock):


        root:~> gpg --import test-key.gpg
        gpg: key CBF38289 was created 137948617 seconds in the future (time warp or clock problem)
        gpg: key CBF38289 was created 137948617 seconds in the future (time warp or clock problem)
        gpg: key CBF38289: no valid user IDs
        gpg: this may be caused by a missing self-signature
        gpg: Total number processed: 1
        gpg:           w/o user IDs: 1

I can import it using the "--allow-non-selfsigned-uid" option:

        root:~> gpg --import --allow-non-selfsigned-uid test-key.gpg
        gpg: key CBF38289 was created 137948550 seconds in the future (time warp or clock problem)
        gpg: key CBF38289 was created 137948550 seconds in the future (time warp or clock problem)
        gpg: key CBF38289: accepted non self-signed user ID "Test User (do not use) <test_user at gmail.com>"
        gpg: key CBF38289 was created 137948550 seconds in the future (time warp or clock problem)
        gpg: key CBF38289: public key "Test User (do not use) <test_user at gmail.com>" imported
        gpg: Total number processed: 1
        gpg:               imported: 1  (RSA: 1)

I have tried a variety of things but been unable to get import to 
work without using "--allow-non-selfsigned-uid".  When the key was 
created, the output indicated it was signed.  When I edit it, the 
output looks like this:

        Secret key is available.

        pub  2048R/CBF38289  created: 2011-05-16  expires: never       usage: SC
                             trust: ultimate      validity: ultimate
        [ultimate] (1). Test User (do not use) <test_user at gmail.com>

What am I missing?  I presume that there security implications of using 
"--allow-non-selfsigned-uid"?  Thanks for any suggestions.

Steve



---
Steve Strobel
Link Communications, Inc.
1035 Cerise Rd
Billings, MT 59101-7378
(406) 245-5002 ext 102
(406) 245-4889 (fax)
WWW: http://www.link-comm.com
MailTo:steve.strobel at link-comm.com



From rjh at sixdemonbag.org  Mon May 16 20:50:19 2011
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Mon, 16 May 2011 11:50:19 -0700
Subject: Why is "--allow-non-selfsigned-uid" needed to import this
	=?UTF-8?Q?key=3F?=
In-Reply-To: <0MXqFb-1QA8tp2yyF-00WuCE@mrelay.perfora.net>
References: <0MXqFb-1QA8tp2yyF-00WuCE@mrelay.perfora.net>
Message-ID: <68e9afb2a154cf21095bd8bb83227bfe@localhost>

On Mon, 16 May 2011 11:32:15 -0600, Steve Strobel
<steve.strobel at link-comm.com> wrote:
>         root:~> gpg --import test-key.gpg
>         gpg: key CBF38289 was created 137948617 seconds in the future
>         (time warp or clock problem)

This is exactly what it sounds like: according to your certificate, it was
created about five and a half months from now.[1]  To GnuPG, that sounds
like something's hinky and it refuses to allow it to be imported.  You've
managed to get around it by telling GnuPG, "listen, fine, strip off the
hinky signature: /now/ will you accept it?"

And in that case, sure, GnuPG will: but the consequence of it is you've
got a UID that's missing a signature.  Hence, "allow-nonselfsigned-uid"
must be passed on the command line.




[1] As an undergraduate Prof. Hill once mused to me, "Math is funny.  You
tell someone how many seconds are in a year, they forget it immediately. 
You tell them that accurate to half a percent there are pi seconds in a
nanocentury and they remember it for life."  He was right, I've never
forgotten, and that's made it easy to remember there are 31.4 million (3.14
* 10**7) seconds in a year.  13.8 million / 31.4 million = 137/314 = 0.44
of a year, * 12 = five and a half months, more or less.  Not really
relevant to GnuPG, but a handy factoid for timestamp calculations, if you
ever need to do them in a hurry.




From expires2011 at ymail.com  Mon May 16 22:32:13 2011
From: expires2011 at ymail.com (MFPA)
Date: Mon, 16 May 2011 21:32:13 +0100
Subject: GPG Problem - invalid radix64 character
In-Reply-To: <5A6ACD14-1B72-439F-ADB4-C28CD6751840@bayour.com>
References: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>
	<F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>
	<BANLkTik1ezyG6=mtzaw1SZCQxsdL2v+i7g@mail.gmail.com>
	<810CB15E-5E68-43A0-9659-34866DCEFCDD@bayour.com>
	<BANLkTinQ450A0sBXJzzyvtEguCCBwxzSpw@mail.gmail.com>
	<5A6ACD14-1B72-439F-ADB4-C28CD6751840@bayour.com>
Message-ID: <272663716.20110516213213@my_localhost>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Monday 16 May 2011 at 1:04:33 PM, in
<mid:5A6ACD14-1B72-439F-ADB4-C28CD6751840 at bayour.com>, Turbo
Fredriksson wrote:


> Build a man a fire, and he will be warm for the
> night. Set a man on fire and he will be warm for the
> rest of his life.

Priceless (-:




- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

Never interrupt me when I'm trying to interrupt you.
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJN0YnTnhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5prJED/37p
3xMeUOXQKN/v5loJos6gvxP8EApHJqGdRLaAccx6JK7XjPvEYp+dvfRSQeNBDHTk
n+qqznqaDgjgZrlL2Pk92owMZ1xXf79ceSyhFJdVdQQ4yvGpwJYHW+S1lXNSW8fn
5PcnGjNGcVgzutbYvHzsHFL/Wzw5lKD8yhUEJ5rr
=FJLT
-----END PGP SIGNATURE-----



From faramir.cl at gmail.com  Tue May 17 00:26:52 2011
From: faramir.cl at gmail.com (Faramir)
Date: Mon, 16 May 2011 18:26:52 -0400
Subject: GPG Problem - invalid radix64 character
In-Reply-To: <BANLkTinR+at4hiFxc+fV5jHs__Yxr5ttNw@mail.gmail.com>
References: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>	<F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>	<BANLkTik1ezyG6=mtzaw1SZCQxsdL2v+i7g@mail.gmail.com>	<810CB15E-5E68-43A0-9659-34866DCEFCDD@bayour.com>	<BANLkTinQ450A0sBXJzzyvtEguCCBwxzSpw@mail.gmail.com>	<5A6ACD14-1B72-439F-ADB4-C28CD6751840@bayour.com>	<BANLkTin_bwkYmL7ykd0k4G5aHkyFWhqxoQ@mail.gmail.com>	<5E12BCCA-0524-486A-87BC-0113D51E80EE@bayour.com>
	<BANLkTinR+at4hiFxc+fV5jHs__Yxr5ttNw@mail.gmail.com>
Message-ID: <4DD1A4AC.3070701@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

El 16-05-2011 12:35, Jerome Baum escribi?:
...
> In the worst case, you may be looking at loosing everything from the
> corruption point onwards, assuming some kind of stream compression. This
> is IIRC the default for GnuPG when it encrypts. Otherwise you may be
...

> For the future, look at alternative ways to run this backup. Why
> ascii-armor? Why gpg? Encrypting w/ gpg has a huge potential for data
> loss in case of corruption -- of even a single bit. This isn't really an
> issue with gpg, it simply doesn't _by default_ operate in a manner
> designed for this. You may be able to tweak it, but how about this instead:

  I don't have an knowledge about compression algos, so I assume you are
right. However, we can disable GPG's compression to avoid that problem.
What is the advantage of encrypting data with OpenSSL over GPG?

  Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBCAAGBQJN0aSsAAoJEMV4f6PvczxAv64H/3AQuDMVDh3A5HQ+f85VPCfA
4+jtVeEoTMxLXVXoWoh4+OrZev+Wiyo/zEDIu3RpRs1o/EV7kmZUcFslZebeHbkr
laSqcBlJvcKhfknKnERkNb/oKBBxF+AsUhyi2P6GGc+3lvAQUx+F+0i/IJ6Y0Bix
F4Q4kVf8OU1tJC0G5Tr5c65tiEXakRhrjj0Cdf2ZTevG4WzGq87NGPaN6NoNXUaO
fJtQeYCvpaqTDyX4KDV0W/cQpDd2AnBMHATo7u5dfNA8aH5lF9+M2wfgsvuIL0jr
0rqkhcndeKwG2a25dk1eR3mG61/Y+5ZvBq7YCfMM678cRgvTJjtrvj5uoKg6AP0=
=7/bT
-----END PGP SIGNATURE-----


From jerome at jeromebaum.com  Tue May 17 00:35:35 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Tue, 17 May 2011 00:35:35 +0200
Subject: GPG Problem - invalid radix64 character
In-Reply-To: <4DD1A4AC.3070701@gmail.com>
References: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>
	<F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>
	<BANLkTik1ezyG6=mtzaw1SZCQxsdL2v+i7g@mail.gmail.com>
	<810CB15E-5E68-43A0-9659-34866DCEFCDD@bayour.com>
	<BANLkTinQ450A0sBXJzzyvtEguCCBwxzSpw@mail.gmail.com>
	<5A6ACD14-1B72-439F-ADB4-C28CD6751840@bayour.com>
	<BANLkTin_bwkYmL7ykd0k4G5aHkyFWhqxoQ@mail.gmail.com>
	<5E12BCCA-0524-486A-87BC-0113D51E80EE@bayour.com>
	<BANLkTinR+at4hiFxc+fV5jHs__Yxr5ttNw@mail.gmail.com>
	<4DD1A4AC.3070701@gmail.com>
Message-ID: <BANLkTiknwkvCOsBr999czWMXWCk00aytiQ@mail.gmail.com>

On Tue, May 17, 2011 at 00:26, Faramir <faramir.cl at gmail.com> wrote:

>  I don't have an knowledge about compression algos, so I assume you are
> right. However, we can disable GPG's compression to avoid that problem.
> What is the advantage of encrypting data with OpenSSL over GPG?
>

More control over what's happening -- which can be a good or a bad thing, as
it also takes more work to get things done. It's really that OpenSSL and GPG
were made for different purposes and I think you're stretching GPG very far
if you want to encrypt big streams of data. That's more something OpenSSL
was made for.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110517/9c484e76/attachment-0001.htm>

From meiry242 at gmail.com  Tue May 17 08:05:49 2011
From: meiry242 at gmail.com (Meir Yanovich)
Date: Tue, 17 May 2011 09:05:49 +0300
Subject: can i use gnupg in commercial application ?
Message-ID: <BANLkTi=4s0Kxo+B=u9VM9-seGmLtKJ94nw@mail.gmail.com>

if yes , can i add it to my installer ?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110517/ae6162a6/attachment.htm>

From noloader at gmail.com  Tue May 17 09:07:26 2011
From: noloader at gmail.com (Jeffrey Walton)
Date: Tue, 17 May 2011 03:07:26 -0400
Subject: can i use gnupg in commercial application ?
In-Reply-To: <BANLkTi=4s0Kxo+B=u9VM9-seGmLtKJ94nw@mail.gmail.com>
References: <BANLkTi=4s0Kxo+B=u9VM9-seGmLtKJ94nw@mail.gmail.com>
Message-ID: <BANLkTimg-gs+o=N0GXjHMbm=xiBKp075Eg@mail.gmail.com>

On Tue, May 17, 2011 at 2:05 AM, Meir Yanovich <meiry242 at gmail.com> wrote:
> if yes , can i add it to my installer ?
http://lmgtfy.com/?q=gnupg+license


From wk at gnupg.org  Tue May 17 11:04:47 2011
From: wk at gnupg.org (Werner Koch)
Date: Tue, 17 May 2011 11:04:47 +0200
Subject: Why is "--allow-non-selfsigned-uid" needed to import this key?
In-Reply-To: <0MXqFb-1QA8tp2yyF-00WuCE@mrelay.perfora.net> (Steve Strobel's
	message of "Mon, 16 May 2011 11:32:15 -0600")
References: <0MXqFb-1QA8tp2yyF-00WuCE@mrelay.perfora.net>
Message-ID: <8739kdu28g.fsf@vigenere.g10code.de>

On Mon, 16 May 2011 19:32, steve.strobel at link-comm.com said:
>
>         root:~> gpg --import test-key.gpg
>         gpg: key CBF38289 was created 137948617 seconds in the future (time warp or clock problem)


Try the option --ignore-time-conflict .


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.



From wk at gnupg.org  Tue May 17 11:09:28 2011
From: wk at gnupg.org (Werner Koch)
Date: Tue, 17 May 2011 11:09:28 +0200
Subject: GPG Problem - invalid radix64 character
In-Reply-To: <BANLkTiknwkvCOsBr999czWMXWCk00aytiQ@mail.gmail.com> (Jerome
	Baum's message of "Tue, 17 May 2011 00:35:35 +0200")
References: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>
	<F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>
	<BANLkTik1ezyG6=mtzaw1SZCQxsdL2v+i7g@mail.gmail.com>
	<810CB15E-5E68-43A0-9659-34866DCEFCDD@bayour.com>
	<BANLkTinQ450A0sBXJzzyvtEguCCBwxzSpw@mail.gmail.com>
	<5A6ACD14-1B72-439F-ADB4-C28CD6751840@bayour.com>
	<BANLkTin_bwkYmL7ykd0k4G5aHkyFWhqxoQ@mail.gmail.com>
	<5E12BCCA-0524-486A-87BC-0113D51E80EE@bayour.com>
	<BANLkTinR+at4hiFxc+fV5jHs__Yxr5ttNw@mail.gmail.com>
	<4DD1A4AC.3070701@gmail.com>
	<BANLkTiknwkvCOsBr999czWMXWCk00aytiQ@mail.gmail.com>
Message-ID: <87y625sng7.fsf@vigenere.g10code.de>

On Tue, 17 May 2011 00:35, jerome at jeromebaum.com said:

> were made for different purposes and I think you're stretching GPG very far
> if you want to encrypt big streams of data. That's more something OpenSSL

As a Unix tool GPG is designed to work on arbitrary data lengths.  The
problem is mereley that at one point gpg needs to see the end of the
data to check the signature (or at least the MDC).  Thus the command pairs

  tar cf - . | gpg -er foo | tooltosenddata

  tooltorecvdata | gpg --batch | tar xf -

should always work.  scp is much easier, though.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.



From max.van.power at gmail.com  Tue May 17 12:20:08 2011
From: max.van.power at gmail.com (gronfuzius)
Date: Tue, 17 May 2011 03:20:08 -0700 (PDT)
Subject: ksba_cms_set_enc_val failed: Invalid S-expression
Message-ID: <31636516.post@talk.nabble.com>


I want to encrypt files with an X.509 public key DSA 1024 bits. With public
test keays it works fine. But when I try it with the one I need to use in
production the following error occures:

ksba_cms_set_enc_val failed: Invalid S-expression

I'm totally puzzled. I'm no encryption expert either. I user gpgsm -e -r
certname file.pdf >file.pdf.encrypt.

version is gnupg for windows 2.1.0.

Can somebody help?
-- 
View this message in context: http://old.nabble.com/ksba_cms_set_enc_val-failed%3A-Invalid-S-expression-tp31636516p31636516.html
Sent from the GnuPG - User mailing list archive at Nabble.com.



From turbo at bayour.com  Tue May 17 14:16:43 2011
From: turbo at bayour.com (Turbo Fredriksson)
Date: Tue, 17 May 2011 14:16:43 +0200
Subject: GPG Problem - invalid radix64 character
In-Reply-To: <BANLkTinR+at4hiFxc+fV5jHs__Yxr5ttNw@mail.gmail.com>
References: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>
	<F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>
	<BANLkTik1ezyG6=mtzaw1SZCQxsdL2v+i7g@mail.gmail.com>
	<810CB15E-5E68-43A0-9659-34866DCEFCDD@bayour.com>
	<BANLkTinQ450A0sBXJzzyvtEguCCBwxzSpw@mail.gmail.com>
	<5A6ACD14-1B72-439F-ADB4-C28CD6751840@bayour.com>
	<BANLkTin_bwkYmL7ykd0k4G5aHkyFWhqxoQ@mail.gmail.com>
	<5E12BCCA-0524-486A-87BC-0113D51E80EE@bayour.com>
	<BANLkTinR+at4hiFxc+fV5jHs__Yxr5ttNw@mail.gmail.com>
Message-ID: <B59BE06C-5DB4-481A-A30A-6C49683902DC@bayour.com>

On 16 maj 2011, at 18.35, Jerome Baum wrote:

> So, start at the beginning of scrapped data (with a copy, of  
> course), fill in "A"s until you reach the 76 (or 80) limit, fill in  
> a line break, continue with "A"s, repeat until nothing left.

That was a lot more difficult than it sounded!! :)

I tried vi, emacs, sed, tr and finaly perl (!!). Perl finaly managed  
to find and replace the
faulty characters...

Something in the TERM I guess...


But the last part didn't end up at the 64 char limit the other lines  
have. Instead, the last
char on that line is at position 15. Would that be a problem?

> GnuPG may choke on an incorrect checksum, but there should be an  
> override option or it might just spit out the file anyway.

Are you thinking about the '--ignore-crc-error' option?

--
You know, boys, a nuclear reactor is a lot like a woman.
You just have to read the manual and press the right buttons
- Homer Simpson



From wk at gnupg.org  Tue May 17 14:22:53 2011
From: wk at gnupg.org (Werner Koch)
Date: Tue, 17 May 2011 14:22:53 +0200
Subject: ksba_cms_set_enc_val failed: Invalid S-expression
In-Reply-To: <31636516.post@talk.nabble.com> (gronfuzius's message of "Tue, 17
	May 2011 03:20:08 -0700 (PDT)")
References: <31636516.post@talk.nabble.com>
Message-ID: <878vu5sehu.fsf@vigenere.g10code.de>

On Tue, 17 May 2011 12:20, max.van.power at gmail.com said:
> I want to encrypt files with an X.509 public key DSA 1024 bits. With public

I once did some test with DSA under X.509 but that was all.  It is very
likely that it won't work in a real environment.  Virtually nobody is
using DSA with X.509.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.



From wk at gnupg.org  Tue May 17 14:43:27 2011
From: wk at gnupg.org (Werner Koch)
Date: Tue, 17 May 2011 14:43:27 +0200
Subject: Key generation on card fails with key sizes larger than 1024 bits
In-Reply-To: <BANLkTi=Y=2yqLXxwJLgCw4JHgB7qJ2AreQ@mail.gmail.com> (Sevan's
	message of "Sat, 14 May 2011 17:12:56 +0100")
References: <BANLkTi=Y=2yqLXxwJLgCw4JHgB7qJ2AreQ@mail.gmail.com>
Message-ID: <87zkmlqyz4.fsf@vigenere.g10code.de>

On Sat, 14 May 2011 18:12, venture37 at gmail.com said:

> I purchased a v2 OpenPGP card for use with a SCM SCR335 card reader,
> attempting to generate keys larger than 1024 bits fails, I've been

This should definitely work.  To help you we need more input:

What version of GnuPG are you running (gpg --version)? 
Are you using pcscd? (it seems not).

> I've set debug-all in my gpg-agent & scdaemon config files to get

Add 

  verbose
  debug 1024
  debug-ccid-driver
  log-file /foo/bar/scdaemon.log

to ~/.gnupg/scdaemon.conf .  This will give you a more detailed debug
output.


Salam-Shalom,

   Werner


-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.



From jerome at jeromebaum.com  Tue May 17 14:48:57 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Tue, 17 May 2011 14:48:57 +0200
Subject: GPG Problem - invalid radix64 character
In-Reply-To: <5C306D44-F287-496F-9BB4-6E81DC69F50D@bayour.com>
References: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>
	<F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>
	<BANLkTik1ezyG6=mtzaw1SZCQxsdL2v+i7g@mail.gmail.com>
	<810CB15E-5E68-43A0-9659-34866DCEFCDD@bayour.com>
	<BANLkTinQ450A0sBXJzzyvtEguCCBwxzSpw@mail.gmail.com>
	<5A6ACD14-1B72-439F-ADB4-C28CD6751840@bayour.com>
	<BANLkTin_bwkYmL7ykd0k4G5aHkyFWhqxoQ@mail.gmail.com>
	<5E12BCCA-0524-486A-87BC-0113D51E80EE@bayour.com>
	<BANLkTinR+at4hiFxc+fV5jHs__Yxr5ttNw@mail.gmail.com>
	<95467D81-3368-45E6-AA83-E8F1815B365F@bayour.com>
	<BANLkTik3eQAb=XNPWtmvoHNsf9g8hO=Uvw@mail.gmail.com>
	<5C306D44-F287-496F-9BB4-6E81DC69F50D@bayour.com>
Message-ID: <BANLkTinCJJ-D6j+yW7RaxiDywybGvavscA@mail.gmail.com>

On Tue, May 17, 2011 at 14:22, Turbo Fredriksson <turbo at bayour.com> wrote:

> On 16 maj 2011, at 21.11, Jerome Baum wrote:
>
> On Mon, May 16, 2011 at 19:08, Turbo Fredriksson <turbo at bayour.com> wrote:
>
>>  I've locked at some encrypted FS's, but none of them where secure enough.
>>
>
> In what sense? Can you elaborate? See also my comment below.
>
>
> Didn't allow big enough keys of good algorithms for one...
>

IIRC, OpenSSL places no limit on key-size. However, try "openssl genrsa
16384" and see how long that takes...


> I would suggest you just symmetrically encrypt the data. If you really need
>>> public-key encryption, use gpg to encrypt the key-file. The theoretical
>>> security is about the same, and practically the significant factors will be
>>> where you store your key, what temp files you leave around, etc.
>>
>>
> It was many years since I looked at encryption, so I've forgot most of what
> I once learned (never actually needed it :). But isn't symmetric encryption
> 'easy' to crack? Given enough CPU?
>

Not at all. In fact, most public-key crypto systems will symmetrically
encrypt your data with a random session key and only asymmetrically encrypt
the session key. This is a Good Thing in performance and security terms --
performance because AES tends to be faster than RSA (for instance), and
security because this method has been extensively studied.


> I find it hard to believe that anything would be better than a 3072 bit DSA
> key
> with a 4096 bit ELG key which expires in a month... ?
>

Those are very absolute numbers and the statement is very strong. In
practice it's much more about key management than about key-size. Personally
I opted for a 4096-bit RSA key, which is a somewhat arbitrary choice based
on my gut and the intended duration of the key. Others go for 2048 bits,
some go for a DSA master key, etc. -- it's just a matter of preference and
in most cases you should be focusing your efforts elsewhere.

As Werner has correctly pointed out, you _can_ use gpg for this task. I
would personally still opt for OpenSSL, though. It feels like the right tool
for this, and gpg seems designed more for block data than streams, more for
communication than personal encryption, etc. -- there's lots of WoT stuff
built-in that you get with the package and may never use, which OpenSSL
doesn't have. etc.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110517/2a00812c/attachment-0001.htm>

From jerome at jeromebaum.com  Tue May 17 14:52:09 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Tue, 17 May 2011 14:52:09 +0200
Subject: GPG Problem - invalid radix64 character
In-Reply-To: <B59BE06C-5DB4-481A-A30A-6C49683902DC@bayour.com>
References: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>
	<F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>
	<BANLkTik1ezyG6=mtzaw1SZCQxsdL2v+i7g@mail.gmail.com>
	<810CB15E-5E68-43A0-9659-34866DCEFCDD@bayour.com>
	<BANLkTinQ450A0sBXJzzyvtEguCCBwxzSpw@mail.gmail.com>
	<5A6ACD14-1B72-439F-ADB4-C28CD6751840@bayour.com>
	<BANLkTin_bwkYmL7ykd0k4G5aHkyFWhqxoQ@mail.gmail.com>
	<5E12BCCA-0524-486A-87BC-0113D51E80EE@bayour.com>
	<BANLkTinR+at4hiFxc+fV5jHs__Yxr5ttNw@mail.gmail.com>
	<B59BE06C-5DB4-481A-A30A-6C49683902DC@bayour.com>
Message-ID: <BANLkTinHQRmMeO_ti4B_v0ZbZt+8WKW9zQ@mail.gmail.com>

On Tue, May 17, 2011 at 14:16, Turbo Fredriksson <turbo at bayour.com> wrote:

> But the last part didn't end up at the 64 char limit the other lines have.
> Instead, the last
> char on that line is at position 15. Would that be a problem?


It doesn't sound good but just go ahead and try. How long does a single run
take? I'd say just start the run right now -- you can do other stuff while
it's running (e.g. looking further into the file), so just start it and move
on.

GnuPG may choke on an incorrect checksum, but there should be an override
>> option or it might just spit out the file anyway.
>>
>
> Are you thinking about the '--ignore-crc-error' option?
>

Yes, that was it.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110517/a4e2556d/attachment.htm>

From rjh at sixdemonbag.org  Tue May 17 15:13:31 2011
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Tue, 17 May 2011 09:13:31 -0400
Subject: can i use gnupg in commercial application ?
In-Reply-To: <BANLkTi=4s0Kxo+B=u9VM9-seGmLtKJ94nw@mail.gmail.com>
References: <BANLkTi=4s0Kxo+B=u9VM9-seGmLtKJ94nw@mail.gmail.com>
Message-ID: <4DD2747B.4070406@sixdemonbag.org>

On 5/17/2011 2:05 AM, Meir Yanovich wrote:
> if yes , can i add it to my installer ?

The answer is, "yes, so long as you comply with the terms of Version 3.0
of the GNU General Public License."


From steve.strobel at link-comm.com  Mon May 16 22:12:42 2011
From: steve.strobel at link-comm.com (Steve Strobel)
Date: Mon, 16 May 2011 14:12:42 -0600
Subject: Why is "--allow-non-selfsigned-uid" needed to import this
  key?
In-Reply-To: <68e9afb2a154cf21095bd8bb83227bfe@localhost>
References: <0MXqFb-1QA8tp2yyF-00WuCE@mrelay.perfora.net>
	<68e9afb2a154cf21095bd8bb83227bfe@localhost>
Message-ID: <0LfCG8-1PtfLR19Eu-00ojKL@mrelay.perfora.net>

At 12:50 PM 5/16/2011, Robert J. Hansen wrote:
>On Mon, 16 May 2011 11:32:15 -0600, Steve Strobel
><steve.strobel at link-comm.com> wrote:
> >         root:~> gpg --import test-key.gpg
> >         gpg: key CBF38289 was created 137948617 seconds in the future
> >         (time warp or clock problem)
>
>This is exactly what it sounds like: according to your certificate, it was
>created about five and a half months from now.[1]  To GnuPG, that sounds
>like something's hinky and it refuses to allow it to be imported.  You've
>managed to get around it by telling GnuPG, "listen, fine, strip off the
>hinky signature: /now/ will you accept it?"
>
>And in that case, sure, GnuPG will: but the consequence of it is you've
>got a UID that's missing a signature.  Hence, "allow-nonselfsigned-uid"
>must be passed on the command line.

Thanks for the tip.  Just setting the date on the embedded device 
before importing the key made it work without "--allow-non-selfsigned-uid".

That still leaves me without a straightforward solution, though.  The 
embedded device doesn't have a battery-backed clock and doesn't need 
one.  It will sometimes have Internet access and could potentially 
use NTP when available to set the date.  That seems like a lot of 
extra complexity just to import a key.  The user interface doesn't 
make it easy to ask the user for the date.  What would the security 
implications be of just setting the clock to a fixed future date 
before importing the key?

[1] As an undergraduate Prof. Hill once mused to me, "Math is funny.  You
>tell someone how many seconds are in a year, they forget it immediately.
>You tell them that accurate to half a percent there are pi seconds in a
>nanocentury and they remember it for life."  He was right, I've never
>forgotten, and that's made it easy to remember there are 31.4 million (3.14
>* 10**7) seconds in a year.  13.8 million / 31.4 million = 137/314 = 0.44
>of a year, * 12 = five and a half months, more or less.  Not really
>relevant to GnuPG, but a handy factoid for timestamp calculations, if you
>ever need to do them in a hurry.

That is a great way to remember.  Now if remembering names was just as easy...

Thanks again,
Steve


---
Steve Strobel
Link Communications, Inc.
1035 Cerise Rd
Billings, MT 59101-7378
(406) 245-5002 ext 102
(406) 245-4889 (fax)
WWW: http://www.link-comm.com
MailTo:steve.strobel at link-comm.com



From steve.strobel at link-comm.com  Tue May 17 16:31:20 2011
From: steve.strobel at link-comm.com (Steve Strobel)
Date: Tue, 17 May 2011 08:31:20 -0600
Subject: Why is "--allow-non-selfsigned-uid" needed to import this
  key?
In-Reply-To: <8739kdu28g.fsf@vigenere.g10code.de>
References: <0MXqFb-1QA8tp2yyF-00WuCE@mrelay.perfora.net>
	<8739kdu28g.fsf@vigenere.g10code.de>
Message-ID: <0MV6gv-1QCqO42tRd-00YmFQ@mrelay.perfora.net>


>On Mon, 16 May 2011 19:32, steve.strobel at link-comm.com said:
> >         root:~> gpg --import test-key.gpg
> >         gpg: key CBF38289 was created 137948617 seconds in the 
> future (time warp or clock problem)

At 03:04 AM 5/17/2011, Werner Koch wrote:
>Try the option --ignore-time-conflict .

That works perfectly.  Thanks a bunch.

Steve



---
Steve Strobel
Link Communications, Inc.
1035 Cerise Rd
Billings, MT 59101-7378
(406) 245-5002 ext 102
(406) 245-4889 (fax)
WWW: http://www.link-comm.com
MailTo:steve.strobel at link-comm.com



From wk at gnupg.org  Tue May 17 17:04:27 2011
From: wk at gnupg.org (Werner Koch)
Date: Tue, 17 May 2011 17:04:27 +0200
Subject: Why is "--allow-non-selfsigned-uid" needed to import this key?
In-Reply-To: <0LfCG8-1PtfLR19Eu-00ojKL@mrelay.perfora.net> (Steve Strobel's
	message of "Mon, 16 May 2011 14:12:42 -0600")
References: <0MXqFb-1QA8tp2yyF-00WuCE@mrelay.perfora.net>
	<68e9afb2a154cf21095bd8bb83227bfe@localhost>
	<0LfCG8-1PtfLR19Eu-00ojKL@mrelay.perfora.net>
Message-ID: <8762p9qsg4.fsf@vigenere.g10code.de>

On Mon, 16 May 2011 22:12, steve.strobel at link-comm.com said:

> easy to ask the user for the date.  What would the security
> implications be of just setting the clock to a fixed future date
> before importing the key?

I can see no problems from GnuPG's perspective.  I suggest to start with
a fixed date way before 2038.  There is also an option
--ignore-valid-drom which pertains to the selection of subkeys.  Check
the man page.


Shalom-Salam,

   Werner


-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.



From shavital at mac.com  Tue May 17 18:37:11 2011
From: shavital at mac.com (Charly Avital)
Date: Tue, 17 May 2011 12:37:11 -0400
Subject: Why is "--allow-non-selfsigned-uid" needed to import this key?
In-Reply-To: <8762p9qsg4.fsf@vigenere.g10code.de>
References: <0MXqFb-1QA8tp2yyF-00WuCE@mrelay.perfora.net>
	<68e9afb2a154cf21095bd8bb83227bfe@localhost>
	<0LfCG8-1PtfLR19Eu-00ojKL@mrelay.perfora.net>
	<8762p9qsg4.fsf@vigenere.g10code.de>
Message-ID: <4DD2A437.2090705@mac.com>

Werner Koch <8762p9qsg4.fsf at vigenere.g10code.de> wrote on 5/17/11
5:04:27 PM:
> I can see no problems from GnuPG's perspective.  I suggest to start with
> a fixed date way before 2038.  There is also an option
> --ignore-valid-drom which pertains to the selection of subkeys.  Check
> the man page.

Did you mean (copy-paste from the man page):

--ignore-valid-from
GnuPG  normally  does  not select and use subkeys created in the
future.  This option allows  the use  of  such  keys  and  thus
exhibits the pre-1.0.7 behaviour. You should not use this option unless
you there is some clock problem. See also --ignore-time-conflict for
timestamp issues with signatures.


Charly



From dkg at fifthhorseman.net  Tue May 17 19:36:39 2011
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Tue, 17 May 2011 13:36:39 -0400
Subject: bug: gpg fails to allow update of OpenPGP certification after
	expiration
Message-ID: <4DD2B227.3040003@fifthhorseman.net>

My certification on a key+userID recently expired.  I went to re-certify
it, and gpg failed to allow the re-certification, with the following
interaction:

> "foo (redacted)" was already signed by key D21739E9
> Your current signature on "foo (redacted)"
> has expired.
> Do you want to issue a new signature to replace the expired one? (y/N) y
> Nothing to sign with key D21739E9
> 
> Key not changed so no update needed.

Note that no additional certification was added.

There were two certifications by D21739E9 on the key in question already:

 A) one certification from 2008 with no expiration date
 B) a certification from 2010 with an expiration date in early 2011

Given the OpenPGP standard, B should supercede A.

It appears that what happens is that when the user says "y" to the
prompt, gpg effectively deletes signature B from the temporary view of
local keyring, leaving it with A.  It then decides that A is sufficient,
and declines to do anything.  Since no changes have been made, it
doesn't even save the updated local keyring.

I have two workarounds:

0) manually delete A from my local keyring first, with something like:

 gpg --edit-key $KEYID
  1
  delsig

1) use gpg's --expert flag to force my way through.

I note that if i use either of these methods to create a new
certification, then my local keyring ends up without (B) at all (though
it is of course re-fetchable from the public keyservers).  I consider
this is surprising behavior, though given that i'm in workaround
territory, i suppose any surprises should be expected.

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110517/d08f29d3/attachment.pgp>

From venture37 at gmail.com  Tue May 17 19:39:25 2011
From: venture37 at gmail.com (Sevan / Venture37)
Date: Tue, 17 May 2011 18:39:25 +0100
Subject: Key generation on card fails with key sizes larger than 1024 bits
In-Reply-To: <87zkmlqyz4.fsf@vigenere.g10code.de>
References: <BANLkTi=Y=2yqLXxwJLgCw4JHgB7qJ2AreQ@mail.gmail.com>
	<87zkmlqyz4.fsf@vigenere.g10code.de>
Message-ID: <BANLkTi=Dj0wzfZDQmkD4-a_BuJtukQmLyQ@mail.gmail.com>

Hi Werner

On 17 May 2011 13:43, Werner Koch <wk at gnupg.org> wrote:
> On Sat, 14 May 2011 18:12, venture37 at gmail.com said:
>
>> I purchased a v2 OpenPGP card for use with a SCM SCR335 card reader,
>> attempting to generate keys larger than 1024 bits fails, I've been
>
> This should definitely work. ?To help you we need more input:
>
> What version of GnuPG are you running (gpg --version)?

gpg (GnuPG) 2.0.17
libgcrypt 1.4.6
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA
Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128,
        CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

> Are you using pcscd? (it seems not).

No, I assumed I didn't need to as the reader works fine with the
internal CCID driver (I can fetch card status, edit card details &
generate 1024bit keyson the card)
I have the first reader listed on:
http://www.gnupg.org/howtos/card-howto/en/smartcard-howto-single.html#id2503342

scdaemon.log output on FreeBSD:
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver: T=1: waittime
extension of bwi=100
scdaemon[95141]: chan_7 -> S PROGRESS card_busy w 0 0
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver: PC_to_RDR_XfrBlock:
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver:   dwLength ..........: 5
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver:   bSlot .............: 0
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver:   bSeq ..............: 123
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver:   bBWI
..............: 0x04
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver:
wLevelParameter ...: 0x0000
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver:   [0010]  00 E3 01 64 86
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver: RDR_to_PC_DataBlock:
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver:   dwLength ..........: 5
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver:   bSlot .............: 0
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver:   bSeq ..............: 123
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver:   bStatus ...........: 0
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver:
bChainParameter ...: 0x04
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver:   [0010]  00 C3 01 64 A6
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver: T=1: S-block
request received cmd=3
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver: T=1: waittime
extension of bwi=100
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver: PC_to_RDR_XfrBlock:
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver:   dwLength ..........: 5
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver:   bSlot .............: 0
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver:   bSeq ..............: 124
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver:   bBWI
..............: 0x04
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver:
wLevelParameter ...: 0x0000
2011-05-17 17:55:44 scdaemon[95141] DBG: ccid-driver:   [0010]  00 E3 01 64 86
2011-05-17 17:55:49 scdaemon[95141] DBG: ccid-driver: usb_bulk_read
error: Device busy
2011-05-17 17:55:49 scdaemon[95141] ccid_transceive failed: (0x1000a)
2011-05-17 17:55:49 scdaemon[95141] apdu_send_simple(0) failed: card I/O error
2011-05-17 17:55:49 scdaemon[95141] generating key failed
2011-05-17 17:55:49 scdaemon[95141] operation genkey result: Card error
scdaemon[95141]: chan_7 -> ERR 100663404 Card error <SCD>
2011-05-17 17:55:49 scdaemon[95141] DBG: ccid-driver: usb_bulk_read
error: Device busy
2011-05-17 17:55:49 scdaemon[95141] DBG: ccid-driver: USB: CALLING
USB_CLEAR_HALT
2011-05-17 17:55:51 scdaemon[95141] DBG: ccid-driver: usb_bulk_read
error: Device busy
2011-05-17 17:55:51 scdaemon[95141] DBG: ccid-driver: USB: RETRYING
bulk_in AGAIN
2011-05-17 17:55:51 scdaemon[95141] DBG: ccid-driver: bulk-in seqno
does not match (127/125)
scdaemon[95141]: chan_7 <- RESTART
scdaemon[95141]: chan_7 -> OK


On OpenBSD:
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver: PC_to_RDR_XfrBlock:
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   dwLength ..........: 17
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   bSlot .............: 0
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   bSeq ..............: 124
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   bBWI
..............: 0x04
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:
wLevelParameter ...: 0x0000
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   [0010]  00 40
0D 00 20 00
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   [0016]  83 08
31 32 33 34 35 36 37 38 EE
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver: RDR_to_PC_DataBlock:
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   dwLength ..........: 6
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   bSlot .............: 0
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   bSeq ..............: 124
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   bStatus ...........: 0
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:
bChainParameter ...: 0x04
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   [0010]  00 00
02 90 00 92
2011-05-17 19:12:41 scdaemon[13770] please wait while key is being generated ...
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver: PC_to_RDR_XfrBlock:
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   dwLength ..........: 15
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   bSlot .............: 0
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   bSeq ..............: 125
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   bBWI
..............: 0x04
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:
wLevelParameter ...: 0x0000
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   [0010]  00 00
0B 00 47 80
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   [0016]  00 00
00 02 B6 00 08 00 70
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver: RDR_to_PC_DataBlock:
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   dwLength ..........: 5
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   bSlot .............: 0
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   bSeq ..............: 125
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   bStatus ...........: 0
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:
bChainParameter ...: 0x04
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   [0010]  00 C3 01 64 A6
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver: T=1: S-block
request received cmd=3
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver: T=1: waittime
extension of bwi=100
scdaemon[13770]: chan_7 -> S PROGRESS card_busy w 0 0
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver: PC_to_RDR_XfrBlock:
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   dwLength ..........: 5
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   bSlot .............: 0
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   bSeq ..............: 126
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   bBWI
..............: 0x04
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:
wLevelParameter ...: 0x0000
2011-05-17 19:12:41 scdaemon[13770] DBG: ccid-driver:   [0010]  00 E3 01 64 86
2011-05-17 19:12:48 scdaemon[13770] DBG: ccid-driver: usb_bulk_read
error: Connection timed out
2011-05-17 19:12:48 scdaemon[13770] ccid_transceive failed: (0x1000a)
2011-05-17 19:12:48 scdaemon[13770] apdu_send_simple(0) failed: card I/O error
2011-05-17 19:12:48 scdaemon[13770] generating key failed
2011-05-17 19:12:48 scdaemon[13770] operation genkey result: Card error
scdaemon[13770]: chan_7 -> ERR 100663404 Card error <SCD>
2011-05-17 19:12:48 scdaemon[13770] DBG: ccid-driver: bulk-in seqno
does not match (127/126)


From singapore_citizen_mr_teo_en_ming at yahoo.com.sg  Tue May 17 20:42:18 2011
From: singapore_citizen_mr_teo_en_ming at yahoo.com.sg (Singapore Citizen Mr. Teo En Ming (Zhang Enming))
Date: Wed, 18 May 2011 02:42:18 +0800
Subject: An Invitation to Neuroscientists and Physicists: Singapore Citizen
	Mr. Teo En Ming (Zhang Enming) Reports First Hand Account of Mind
	Intrusion and Mind Reading
Message-ID: <4DD2C18A.3090606@yahoo.com.sg>

16 May 2011 Monday 7:28 P.M. Singapore Time
For Immediate Release

SINGAPORE, SINGAPORE - Singapore Citizen Mr. Teo En Ming (Zhang Enming) 
would like to report first hand account of mind intrusion and mind 
reading. I have been hearing voices for quite some time now but I have 
not been able to identify the persons physically. A number of 
un-identified persons have intruded into my mind and they are able to 
read my thoughts. I could not explain the mechanism by which these 
un-identified persons have been reading my mind at the moment but there 
is definitely a scientific explanation for it. I know very clearly that 
I am not suffering from schizophrenia at all.

I am fully aware that no common man would believe me except the select 
few scientific researchers working in top secret government projects and 
the human guinea pigs who are being experimented on. One of the 
possibilities is that I have a microchip implanted into my brain, 
possibly when I was an infant. It may take a few years, a few decades, 
or even a few centuries before mind reading is finally brought to light 
before the general public.

I would like to invite neuroscientists, engineers and physicists to 
speak on the scientific explanation behind mind intrusion and mind reading.

Please remember what Singapore Citizen Mr. Teo En Ming (Zhang Enming) 
have said. Mark my words. You will know the truth in future. It is no 
longer a conspiracy theory. I can affirm that it (mind intrusion and 
mind reading) is indeed happening to me.


Yours truly,
Singapore Citizen Mr. Teo En Ming (Zhang Enming) 
Dip(Mechatronics)(Singapore Polytechnic) BEng(Hons)(Mechanical 
Engineering)(National University of Singapore)
Singapore Identity Card No/NRIC: S78*6*2*H
Toa Payoh Lorong 5, Singapore
Mobile Phone: +65-8369-2618


From andre at amorim.me  Tue May 17 23:07:36 2011
From: andre at amorim.me (Andre Amorim)
Date: Tue, 17 May 2011 22:07:36 +0100
Subject: An Invitation to Neuroscientists and Physicists: Singapore
	Citizen Mr. Teo En Ming (Zhang Enming) Reports First Hand Account of
	Mind Intrusion and Mind Reading
In-Reply-To: <4DD2C18A.3090606@yahoo.com.sg>
References: <4DD2C18A.3090606@yahoo.com.sg>
Message-ID: <BANLkTi=cBGNo8aGB+MpSnL1t5Gj5GPdT7A@mail.gmail.com>

It's Called INCEPTION !

Cheers!
--AA

On 17 May 2011 19:42, Singapore Citizen Mr. Teo En Ming (Zhang Enming)
<singapore_citizen_mr_teo_en_ming at yahoo.com.sg> wrote:
> 16 May 2011 Monday 7:28 P.M. Singapore Time
> For Immediate Release
>
> SINGAPORE, SINGAPORE - Singapore Citizen Mr. Teo En Ming (Zhang Enming)
> would like to report first hand account of mind intrusion and mind reading.
> I have been hearing voices for quite some time now but I have not been able
> to identify the persons physically. A number of un-identified persons have
> intruded into my mind and they are able to read my thoughts. I could not
> explain the mechanism by which these un-identified persons have been reading
> my mind at the moment but there is definitely a scientific explanation for
> it. I know very clearly that I am not suffering from schizophrenia at all.
>
> I am fully aware that no common man would believe me except the select few
> scientific researchers working in top secret government projects and the
> human guinea pigs who are being experimented on. One of the possibilities is
> that I have a microchip implanted into my brain, possibly when I was an
> infant. It may take a few years, a few decades, or even a few centuries
> before mind reading is finally brought to light before the general public.
>
> I would like to invite neuroscientists, engineers and physicists to speak on
> the scientific explanation behind mind intrusion and mind reading.
>
> Please remember what Singapore Citizen Mr. Teo En Ming (Zhang Enming) have
> said. Mark my words. You will know the truth in future. It is no longer a
> conspiracy theory. I can affirm that it (mind intrusion and mind reading) is
> indeed happening to me.
>
>
> Yours truly,
> Singapore Citizen Mr. Teo En Ming (Zhang Enming) Dip(Mechatronics)(Singapore
> Polytechnic) BEng(Hons)(Mechanical Engineering)(National University of
> Singapore)
> Singapore Identity Card No/NRIC: S78*6*2*H
> Toa Payoh Lorong 5, Singapore
> Mobile Phone: +65-8369-2618
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>



-- 
Gnupg key: 02375205
Fingerprint: F7CD D181 943B 0453 8668 ?AF16 84E9 7565 0237 5205


From jeandavid8 at verizon.net  Wed May 18 00:04:10 2011
From: jeandavid8 at verizon.net (Jean-David Beyer)
Date: Tue, 17 May 2011 18:04:10 -0400
Subject: An Invitation to Neuroscientists and Physicists: Singapore	Citizen
	Mr. Teo En Ming (Zhang Enming) Reports First Hand Account of	Mind
	Intrusion and Mind Reading
In-Reply-To: <BANLkTi=cBGNo8aGB+MpSnL1t5Gj5GPdT7A@mail.gmail.com>
References: <4DD2C18A.3090606@yahoo.com.sg>
	<BANLkTi=cBGNo8aGB+MpSnL1t5Gj5GPdT7A@mail.gmail.com>
Message-ID: <4DD2F0DA.5010308@verizon.net>

Andre Amorim wrote:
> It's Called INCEPTION !
> 
I thought it was callee SPAM !

If I thought the O.P. would even read this, I might suggest he resume
his medication.

If I believed he was not schizophrenic, I would refer him to this web
site: http://www.biomindsuperpowers.com/Pages/intro.html
Ingo Swann, whose site it is, is not a kook nor is he a nut. He has been
closely involved in scientific investigations of what are usually called
psychic phenomena since the early 1970s, if not before. Many of these
studies were done at Stanford Research Institute, under the sponsorship
of various 3-letter agencies.

Studying that web site (there are hundreds of pages) would show that
"psychic" phenomena have been known since at least 400 B.C.E., and have
been scientifically investigated since about 1875, or a little earlier,
by quite reputable scientists. Mind reading, better known as telepathy
has been shown statistically significant, as have remote viewing, and
related phenomena. There are dozens of books on these subjects by
people, some of whom worked in this area for the U.S.Military.

If the O.P. is serious, he could do some research on this on the
Internet. But encryption, such as by using gpg, will not be a defense
from "attacks" of this kind.

-- 
  .~.  Jean-David Beyer          Registered Linux User 85642.
  /V\  PGP-Key: 9A2FC99A         Registered Machine   241939.
 /( )\ Shrewsbury, New Jersey    http://counter.li.org
 ^^-^^ 17:50:01 up 31 days, 21:08, 3 users, load average: 5.10, 4.95, 4.87


From turbo at bayour.com  Wed May 18 01:27:45 2011
From: turbo at bayour.com (Turbo Fredriksson)
Date: Wed, 18 May 2011 01:27:45 +0200
Subject: Fwd: An Invitation to Neuroscientists and Physicists:
	Singapore	Citizen Mr. Teo En Ming (Zhang Enming) Reports First
	Hand Account of	Mind Intrusion and Mind Reading
References: <1647CA33-6D96-4B71-B81A-07D9FF7DBCAF@bayour.com>
Message-ID: <7FF29691-24DE-4353-B64A-A84A1E4259CE@bayour.com>

[a list that doesn't set/change Reply-To.]

Begin forwarded message:

> From: Turbo Fredriksson <turbo at bayour.com>
> Date: on 18 maj 2011 01.24.17 GMT+02:00
> To: Jean-David Beyer <jeandavid8 at verizon.net>
> Subject: Re: An Invitation to Neuroscientists and Physicists:  
> Singapore	Citizen Mr. Teo En Ming (Zhang Enming) Reports First Hand  
> Account of	Mind Intrusion and Mind Reading
>
> On 18 maj 2011, at 00.04, Jean-David Beyer wrote:
>
>> If the O.P. is serious, he could do some research on this on the
>> Internet. But encryption, such as by using gpg, will not be a defense
>> from "attacks" of this kind.
>
>
> Yeah.. I mean, where would he put the public/private keys!? They can't
> BOTH be in his head (someone could just read his mind to get the  
> private
> one, right?)...
>
> And waking up in the morning, having to input the passphrase to unlock
> the brain. Before the coffey!?
>
> Wouldn't work for me, that for sure...
>
> -- 
> I love deadlines. I love the whooshing noise they make as they go by.
> - Douglas Adams
>

--
You know, boys, a nuclear reactor is a lot like a woman.
You just have to read the manual and press the right buttons
- Homer Simpson



From rjh at sixdemonbag.org  Wed May 18 01:58:07 2011
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Tue, 17 May 2011 19:58:07 -0400
Subject: An Invitation to Neuroscientists and Physicists
In-Reply-To: <BANLkTi=cBGNo8aGB+MpSnL1t5Gj5GPdT7A@mail.gmail.com>
References: <4DD2C18A.3090606@yahoo.com.sg>
	<BANLkTi=cBGNo8aGB+MpSnL1t5Gj5GPdT7A@mail.gmail.com>
Message-ID: <4DD30B8F.20106@sixdemonbag.org>

On 5/17/2011 5:07 PM, Andre Amorim wrote:
> It's Called INCEPTION !

There are two major possibilities here: either the poster is correct, or
the poster is incorrect.  If correct, he deserves our compassion for the
troubles others are inflicting upon him.  If incorrect, he deserves our
compassion for the troubles his own mind is inflicting upon him.

Either way, let's show a little polite discretion.  Thanks.  :)



From aa.lucelio at gmail.com  Wed May 18 01:56:51 2011
From: aa.lucelio at gmail.com (=?ISO-8859-1?Q?Luc=E9lio_Gomes_de_Freitas?=)
Date: Tue, 17 May 2011 20:56:51 -0300
Subject: GPG keys listed are not correct.
Message-ID: <4DD30B43.8020209@gmail.com>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Dear GnuPG staff,

I have Virtualbox-4.0.6 installed ok on my Linux machine, but on
updating to the newest one . . . .
I got the following messages using(KDE) kpackage kit:

===================================================
1 -> The GPG keys listed for the "Fedora 14 - x86_64 - VirtualBox"
repository are already installed but they are not correct for this
package.
2 -> Check that the correct key URLs are configured for this repository.
===================================================

Sorry for this question but:
How to install the correct GPG keys for this package?
where are the correct key URLs, and where to configure it? Please.

Ps. Besides Virtualbox I have installed Firefox & Thunderbird.

Thanks.

- -- 
Luc?lio Gomes de Freitas
ETFCSF-> U.G.F.-> P.U.C.(RJ)
Eng?, Analista Suporte(Free Mind).
Email: aa.lucelio at gmail.com
Tel: 55 0XX 21 85964911
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iF4EAREIAAYFAk3TCz0ACgkQENqGaHfBA/dtfQEAtEyOMSFvrMku6EUamE8PfxUv
OxZPKrnUYwriGwXxN30A/0sdExL3/kGrYKldW9hfdrP3LTOF3nYFKMfwcDijaTdc
=9Nue
-----END PGP SIGNATURE-----



From dkg at fifthhorseman.net  Wed May 18 03:16:25 2011
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Tue, 17 May 2011 21:16:25 -0400
Subject: GPG keys listed are not correct.
In-Reply-To: <4DD30B43.8020209@gmail.com>
References: <4DD30B43.8020209@gmail.com>
Message-ID: <4DD31DE9.4070805@fifthhorseman.net>

Hi Lucelio--

On 05/17/2011 07:56 PM, Luc?lio Gomes de Freitas wrote:
> I have Virtualbox-4.0.6 installed ok on my Linux machine, but on
> updating to the newest one . . . .
> I got the following messages using(KDE) kpackage kit:
 [...]
> Sorry for this question but:
> How to install the correct GPG keys for this package?
> where are the correct key URLs, and where to configure it? Please.

I think you'll need to ask these questions to either the kpackage kit
folks (whatever that is) or the Fedora folks; gpg just provides the
tools these projects use to verify their software downloads; the gnupg
project doesn't distribute their particular keys.

Note: if these problems arose from running something from the command
line (i don't know if you were using a GUI package manager or a command
within a terminal emulator), you might want to provide more context for
whoever you contact next.

Here are some useful tips for getting troubleshooting help for working
from the command line:

  https://support.mayfirst.org/wiki/terminal_transcripts

Regards,

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110517/966bbee7/attachment.pgp>

From larry-lists at maxqe.com  Wed May 18 03:30:57 2011
From: larry-lists at maxqe.com (Larry Brower)
Date: Tue, 17 May 2011 20:30:57 -0500
Subject: GPG keys listed are not correct.
In-Reply-To: <4DD30B43.8020209@gmail.com>
References: <4DD30B43.8020209@gmail.com>
Message-ID: <4DD32151.5040001@maxqe.com>

On 05/17/2011 06:56 PM, Luc?lio Gomes de Freitas wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> Dear GnuPG staff,
> 
> I have Virtualbox-4.0.6 installed ok on my Linux machine, but on
> updating to the newest one . . . .
> I got the following messages using(KDE) kpackage kit:
> 
> ===================================================
> 1 -> The GPG keys listed for the "Fedora 14 - x86_64 - VirtualBox"
> repository are already installed but they are not correct for this
> package.
> 2 -> Check that the correct key URLs are configured for this repository.
> ===================================================
> 
> Sorry for this question but:
> How to install the correct GPG keys for this package?
> where are the correct key URLs, and where to configure it? Please.
> 
> Ps. Besides Virtualbox I have installed Firefox & Thunderbird.
> 
> Thanks.
> 


Are you just trying to update virtualbox or Fedora in general ?

If Fedora, have you verified that the GPG key's for that release are
installed?

You might want to reference https://fedoraproject.org/keys

If it is just that one RPM you are trying to update and the key is
failing I would suggest contacting the packager of Virtualbox or making
an inquiry on the Fedora Users Mailing list which you can join at
https://admin.fedoraproject.org/mailman/listinfo/users





From marcio.barbado at gmail.com  Wed May 18 19:54:20 2011
From: marcio.barbado at gmail.com (Marcio B. Jr.)
Date: Wed, 18 May 2011 14:54:20 -0300
Subject: Still OT: NLP (was: Re: An Invitation to Neuroscientists and
	Physicists)
Message-ID: <BANLkTikW7CCBHE926sYF4H_Y9TZn0nZArA@mail.gmail.com>

Hacking the mind for fun and profit:
http://phrack.org/issues.html?issue=67&id=15#article


On Tue, May 17, 2011 at 8:58 PM, Robert J. Hansen <rjh at sixdemonbag.org> wrote:
> On 5/17/2011 5:07 PM, Andre Amorim wrote:
>> It's Called INCEPTION !
>
> There are two major possibilities here: either the poster is correct, or
> the poster is incorrect. ?If correct, he deserves our compassion for the
> troubles others are inflicting upon him. ?If incorrect, he deserves our
> compassion for the troubles his own mind is inflicting upon him.
>
> Either way, let's show a little polite discretion. ?Thanks. ?:)
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>




Marcio Barbado, Jr.


From wk at gnupg.org  Wed May 18 22:19:31 2011
From: wk at gnupg.org (Werner Koch)
Date: Wed, 18 May 2011 22:19:31 +0200
Subject: Key generation on card fails with key sizes larger than 1024 bits
In-Reply-To: <BANLkTi=Dj0wzfZDQmkD4-a_BuJtukQmLyQ@mail.gmail.com> (Sevan's
	message of "Tue, 17 May 2011 18:39:25 +0100")
References: <BANLkTi=Y=2yqLXxwJLgCw4JHgB7qJ2AreQ@mail.gmail.com>
	<87zkmlqyz4.fsf@vigenere.g10code.de>
	<BANLkTi=Dj0wzfZDQmkD4-a_BuJtukQmLyQ@mail.gmail.com>
Message-ID: <87fwob92y4.fsf@vigenere.g10code.de>

On Tue, 17 May 2011 19:39, venture37 at gmail.com said:

> No, I assumed I didn't need to as the reader works fine with the
> internal CCID driver (I can fetch card status, edit card details &
> generate 1024bit keyson the card)

Sure, it is the reader I used for many years.  I am currently using a
3310 or so.

> scdaemon.log output on FreeBSD:

Is there a chance that you can test it on a Linux box?  It looks pretty
much like an USB stack problem or a problem with libusb.  If I find the
time I can test it on kfreebsd 8.2.

You may also install pcscd and use disable-ccid-driver in scdaemon.conf
to check a different CCID implementation.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.



From jhs at berklix.com  Wed May 18 21:35:18 2011
From: jhs at berklix.com (Julian H. Stacey)
Date: Wed, 18 May 2011 21:35:18 +0200
Subject: Still OT: NLP (was: Re: An Invitation to Neuroscientists and
	Physicists) 
In-Reply-To: Your message "Wed, 18 May 2011 14:54:20 -0300."
	<BANLkTikW7CCBHE926sYF4H_Y9TZn0nZArA@mail.gmail.com> 
Message-ID: <201105181935.p4IJZIoM005464@fire.js.berklix.net>

Please stop discussing Spam.

Cheers,
Julian
-- 
Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com
 Mail plain text;  Not quoted-printable, Not HTML, Not base 64.
 Reply below text sections not at top, to avoid breaking cumulative context.


From venture37 at gmail.com  Thu May 19 00:26:21 2011
From: venture37 at gmail.com (Sevan / Venture37)
Date: Wed, 18 May 2011 23:26:21 +0100
Subject: Key generation on card fails with key sizes larger than 1024 bits
In-Reply-To: <87fwob92y4.fsf@vigenere.g10code.de>
References: <BANLkTi=Y=2yqLXxwJLgCw4JHgB7qJ2AreQ@mail.gmail.com>
	<87zkmlqyz4.fsf@vigenere.g10code.de>
	<BANLkTi=Dj0wzfZDQmkD4-a_BuJtukQmLyQ@mail.gmail.com>
	<87fwob92y4.fsf@vigenere.g10code.de>
Message-ID: <BANLkTin0JkoP0o8PxL5n7KGTGJ8wimndzA@mail.gmail.com>

Hi Werner

On 18 May 2011 21:19, Werner Koch <wk at gnupg.org> wrote:
> On Tue, 17 May 2011 19:39, venture37 at gmail.com said:
>
>> No, I assumed I didn't need to as the reader works fine with the
>> internal CCID driver (I can fetch card status, edit card details &
>> generate 1024bit keyson the card)
>
> Sure, it is the reader I used for many years. ?I am currently using a
> 3310 or so.
>
>> scdaemon.log output on FreeBSD:
>
> Is there a chance that you can test it on a Linux box? ?It looks pretty
> much like an USB stack problem or a problem with libusb. ?If I find the
> time I can test it on kfreebsd 8.2.
>
> You may also install pcscd and use disable-ccid-driver in scdaemon.conf
> to check a different CCID implementation.

I will try & give a Linux distro a spin but it's a  catch 22 situation
on the BSD front, it could likely be a USB stack problem, certainly
for FreeBSD, the implementation of libusb has diverged/lagged (i'm not
sure which tbh) where anything that depends on a recent version of
libusb is broken on anything newer than FreeBSD 7.x, this includes
pcscd which can't be built with USB support on newer versions.
However, I have just managed to pick up a Gemalto pcmcia card reader
(lenovo part # 41N3004) so I can give that a try instead, as soon as
I've worked out how to get it working with pcscd.


Sevan


From wk at gnupg.org  Thu May 19 09:59:55 2011
From: wk at gnupg.org (Werner Koch)
Date: Thu, 19 May 2011 09:59:55 +0200
Subject: Key generation on card fails with key sizes larger than 1024 bits
In-Reply-To: <BANLkTin0JkoP0o8PxL5n7KGTGJ8wimndzA@mail.gmail.com> (Sevan's
	message of "Wed, 18 May 2011 23:26:21 +0100")
References: <BANLkTi=Y=2yqLXxwJLgCw4JHgB7qJ2AreQ@mail.gmail.com>
	<87zkmlqyz4.fsf@vigenere.g10code.de>
	<BANLkTi=Dj0wzfZDQmkD4-a_BuJtukQmLyQ@mail.gmail.com>
	<87fwob92y4.fsf@vigenere.g10code.de>
	<BANLkTin0JkoP0o8PxL5n7KGTGJ8wimndzA@mail.gmail.com>
Message-ID: <87y6236ryc.fsf@vigenere.g10code.de>

On Thu, 19 May 2011 00:26, venture37 at gmail.com said:

> for FreeBSD, the implementation of libusb has diverged/lagged (i'm not
> sure which tbh) where anything that depends on a recent version of
> libusb is broken on anything newer than FreeBSD 7.x, this includes
> pcscd which can't be built with USB support on newer versions.

This might as weel be the problem with the internal CCID driver.  The
last time I tested an USB reader on my laptop was with 7.0 I think.

> However, I have just managed to pick up a Gemalto pcmcia card reader
> (lenovo part # 41N3004) so I can give that a try instead, as soon as

Please let me know - I have one here but never tested it.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.



From turbo at bayour.com  Thu May 19 11:46:24 2011
From: turbo at bayour.com (Turbo Fredriksson)
Date: Thu, 19 May 2011 11:46:24 +0200
Subject: GPG Problem - invalid radix64 character
In-Reply-To: <BANLkTinHQRmMeO_ti4B_v0ZbZt+8WKW9zQ@mail.gmail.com>
References: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>
	<F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>
	<BANLkTik1ezyG6=mtzaw1SZCQxsdL2v+i7g@mail.gmail.com>
	<810CB15E-5E68-43A0-9659-34866DCEFCDD@bayour.com>
	<BANLkTinQ450A0sBXJzzyvtEguCCBwxzSpw@mail.gmail.com>
	<5A6ACD14-1B72-439F-ADB4-C28CD6751840@bayour.com>
	<BANLkTin_bwkYmL7ykd0k4G5aHkyFWhqxoQ@mail.gmail.com>
	<5E12BCCA-0524-486A-87BC-0113D51E80EE@bayour.com>
	<BANLkTinR+at4hiFxc+fV5jHs__Yxr5ttNw@mail.gmail.com>
	<B59BE06C-5DB4-481A-A30A-6C49683902DC@bayour.com>
	<BANLkTinHQRmMeO_ti4B_v0ZbZt+8WKW9zQ@mail.gmail.com>
Message-ID: <DF14562B-3E12-4008-87A0-5B9440B54B25@bayour.com>

On 17 maj 2011, at 14.52, Jerome Baum wrote:

> On Tue, May 17, 2011 at 14:16, Turbo Fredriksson <turbo at bayour.com>  
> wrote:
> But the last part didn't end up at the 64 char limit the other lines  
> have. Instead, the last
> char on that line is at position 15. Would that be a problem?
>
> It doesn't sound good but just go ahead and try. How long does a  
> single run take? I'd say just start the run right now -- you can do  
> other stuff while it's running (e.g. looking further into the file),  
> so just start it and move on.

That didn't work unfortunatly :(

----- s n i p -----
gpg: [don't know]: invalid packet (ctb=49)
gpg: mdc_packet with invalid encoding
gpg: decryption failed: Invalid packet
gpg: [don't know]: invalid packet (ctb=0b)
gpg: no valid OpenPGP data found.
cpio: premature end of file
----- s n i p -----

--
Imagine you're an idiot and then imagine you're in the government.
Oh, sorry. Now I'm repeating myself
- Mark Twain

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110519/9fe186bd/attachment.htm>

From lists at chrispoole.com  Thu May 19 13:07:40 2011
From: lists at chrispoole.com (Chris Poole)
Date: Thu, 19 May 2011 12:07:40 +0100
Subject: Temporarily remember passphrase?
Message-ID: <BANLkTikdjK4c15N_d_v0FaCq2bvJcT5KWw@mail.gmail.com>

Hi

I often decrypt several files in quick succession (with a simple script).

Is it possible to have gpg remember my passphrase, only very
temporarily? (Perhaps for 10 seconds or so.)

I've looked into gpg-agent, and tried using the --use-agent option
with gpg, but I can't find much documentation on the matter, or even
whether or not this is the best approach.


Thanks

Chris Poole


From jerome at jeromebaum.com  Fri May 20 02:13:51 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Fri, 20 May 2011 02:13:51 +0200
Subject: GPG Problem - invalid radix64 character
In-Reply-To: <DF14562B-3E12-4008-87A0-5B9440B54B25@bayour.com>
References: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>
	<F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>
	<BANLkTik1ezyG6=mtzaw1SZCQxsdL2v+i7g@mail.gmail.com>
	<810CB15E-5E68-43A0-9659-34866DCEFCDD@bayour.com>
	<BANLkTinQ450A0sBXJzzyvtEguCCBwxzSpw@mail.gmail.com>
	<5A6ACD14-1B72-439F-ADB4-C28CD6751840@bayour.com>
	<BANLkTin_bwkYmL7ykd0k4G5aHkyFWhqxoQ@mail.gmail.com>
	<5E12BCCA-0524-486A-87BC-0113D51E80EE@bayour.com>
	<BANLkTinR+at4hiFxc+fV5jHs__Yxr5ttNw@mail.gmail.com>
	<B59BE06C-5DB4-481A-A30A-6C49683902DC@bayour.com>
	<BANLkTinHQRmMeO_ti4B_v0ZbZt+8WKW9zQ@mail.gmail.com>
	<DF14562B-3E12-4008-87A0-5B9440B54B25@bayour.com>
Message-ID: <BANLkTi=gRU5YxCuPE=j=6BtkVr+XUS=z4Q@mail.gmail.com>

On Thu, May 19, 2011 at 11:46, Turbo Fredriksson <turbo at bayour.com> wrote:

> On 17 maj 2011, at 14.52, Jerome Baum wrote:
>
> On Tue, May 17, 2011 at 14:16, Turbo Fredriksson <turbo at bayour.com> wrote:
>
>> But the last part didn't end up at the 64 char limit the other lines have.
>> Instead, the last
>> char on that line is at position 15. Would that be a problem?
>
>
> It doesn't sound good but just go ahead and try. How long does a single run
> take? I'd say just start the run right now -- you can do other stuff while
> it's running (e.g. looking further into the file), so just start it and move
> on.
>
>
> That didn't work unfortunatly :(
>
> ----- s n i p -----
> gpg: [don't know]: invalid packet (ctb=49)
>
> gpg: mdc_packet with invalid encoding
> gpg: decryption failed: Invalid packet
> gpg: [don't know]: invalid packet (ctb=0b)
>
> gpg: no valid OpenPGP data found.
> cpio: premature end of file
> ----- s n i p -----
>

Well this is definitely taking a lot of resources. Are you able to recreate
the data from the original?

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110520/7abda0b2/attachment-0001.htm>

From kgo at grant-olson.net  Fri May 20 02:27:38 2011
From: kgo at grant-olson.net (Grant Olson)
Date: Thu, 19 May 2011 20:27:38 -0400
Subject: Temporarily remember passphrase?
In-Reply-To: <BANLkTikdjK4c15N_d_v0FaCq2bvJcT5KWw@mail.gmail.com>
References: <BANLkTikdjK4c15N_d_v0FaCq2bvJcT5KWw@mail.gmail.com>
Message-ID: <4DD5B57A.7060103@grant-olson.net>

On 5/19/2011 7:07 AM, Chris Poole wrote:
> Hi
> 
> I often decrypt several files in quick succession (with a simple script).
> 
> Is it possible to have gpg remember my passphrase, only very
> temporarily? (Perhaps for 10 seconds or so.)
> 
> I've looked into gpg-agent, and tried using the --use-agent option
> with gpg, but I can't find much documentation on the matter, or even
> whether or not this is the best approach.
> 

Yes you want to use gpg-agent.  What OS are you on?  You might need to
install gpg2 if you're on Linux or Mac.

-- 
Grant

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 552 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110519/483fa991/attachment.pgp>

From bd9439 at att.com  Wed May 25 01:41:35 2011
From: bd9439 at att.com (DUELL, BOB (ATTCINW))
Date: Tue, 24 May 2011 23:41:35 +0000
Subject: Installing new version of gpg
In-Reply-To: <4DD5B57A.7060103@grant-olson.net>
References: <BANLkTikdjK4c15N_d_v0FaCq2bvJcT5KWw@mail.gmail.com>
	<4DD5B57A.7060103@grant-olson.net>
Message-ID: <AC5F423B9AB19C43BE62C86BAF8113CC083AAB@WABOTH9MSGUSR8C.ITServices.sbc.com>

Hi,

Forgive me for what is probably a very simple question, but I am upgrading gpg on my UNIX server from 1.2.6 to 1.4.11.

When I originally installed gpg, I installed everything to the default locations (/usr/local)  For this release, I used the "configure PREFIX" option to specify a new install location so I can test.  So rather than have everything written to /usr/local I chose to install into /opt/app/gnupg-1.4.11, which now has four sub directory (bin, lib, libexec, and share).

All well and good, but what do I need to do to run the new version?  In other words, do I just enter:

$ /opt/app/gnupg-1.4.11/bin/gpg whatever

Will that recognize the "parent" directory to access all the other files?

Finally, assuming everything works well (as I'm sure it will), can I easily "install" this new version by deleting the previous files from /usr/local and creating symbolic links to the new location?

Thank you in advance,

Bob



From rjh at sixdemonbag.org  Wed May 25 01:47:30 2011
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Tue, 24 May 2011 19:47:30 -0400
Subject: Installing new version of gpg
In-Reply-To: <AC5F423B9AB19C43BE62C86BAF8113CC083AAB@WABOTH9MSGUSR8C.ITServices.sbc.com>
References: <BANLkTikdjK4c15N_d_v0FaCq2bvJcT5KWw@mail.gmail.com>	<4DD5B57A.7060103@grant-olson.net>
	<AC5F423B9AB19C43BE62C86BAF8113CC083AAB@WABOTH9MSGUSR8C.ITServices.sbc.com>
Message-ID: <4DDC4392.1070605@sixdemonbag.org>

On 5/24/2011 7:41 PM, DUELL, BOB (ATTCINW) wrote:
> Forgive me for what is probably a very simple question, but I am
> upgrading gpg on my UNIX server from 1.2.6 to 1.4.11.

No forgiveness necessary.  Simple, straightforward questions are always
nice.  :)

> All well and good, but what do I need to do to run the new version?
> In other words, do I just enter:
> 
> $ /opt/app/gnupg-1.4.11/bin/gpg whatever
> 
> Will that recognize the "parent" directory to access all the other
> files?

It's hard to say definitively without looking at your particular system.
That said, speaking generally this will work fine.

> Finally, assuming everything works well (as I'm sure it will), can I
> easily "install" this new version by deleting the previous files from
> /usr/local and creating symbolic links to the new location?

Yep!


From bd9439 at att.com  Wed May 25 18:55:33 2011
From: bd9439 at att.com (DUELL, BOB (ATTCINW))
Date: Wed, 25 May 2011 16:55:33 +0000
Subject: Installing new version of gpg
In-Reply-To: <4DDC4392.1070605@sixdemonbag.org>
References: <BANLkTikdjK4c15N_d_v0FaCq2bvJcT5KWw@mail.gmail.com>
	<4DD5B57A.7060103@grant-olson.net>
	<AC5F423B9AB19C43BE62C86BAF8113CC083AAB@WABOTH9MSGUSR8C.ITServices.sbc.com>
	<4DDC4392.1070605@sixdemonbag.org>
Message-ID: <AC5F423B9AB19C43BE62C86BAF8113CC0840C9@WABOTH9MSGUSR8C.ITServices.sbc.com>

A few more questions:

I imagine I need to create these symbolic links:

ln -s /opt/app/gnupg-1.4.11/bin/gpg       /usr/local/bin/gpg
ln -s /opt/app/gnupg-1.4.11/bin/gpg-zip   /usr/local/bin/gpg-zip
ln -s /opt/app/gnupg-1.4.11/bin/gpgsplit  /usr/local/bin/gpgsplit
ln -s /opt/app/gnupg-1.4.11/bin/gpgv      /usr/local/bin/gpgv

But should I also create these?

ln -s /opt/app/gnupg-1.4.11/libexec/gnupg /usr/local/libexec/gnupg
ln -s /opt/app/gnupg-1.4.11/share/gnupg   /usr/local/share/gnupg

And what about these existing files (copies of which are in /usr/local today):

/usr/local/share/locale
/usr/local/lib/charset.alias

And finally, what about these (which do not exist in /usr/local/share today):

/opt/app/gnupg-1.4.11/share/info
/opt/app/gnupg-1.4.11/share/man

I appreciate the help!

Bob

BTW - Although I have rarely posted to this list, it is one of the most interesting discussion groups I follow.  I've been reading it for about five years (since I first installed gpg) and although most of the conversation is way over my head, I learn something new almost every day.

-----Original Message-----
From: gnupg-users-bounces at gnupg.org [mailto:gnupg-users-bounces at gnupg.org] On Behalf Of Robert J. Hansen
Sent: Tuesday, May 24, 2011 4:48 PM
To: gnupg-users at gnupg.org
Subject: Re: Installing new version of gpg

On 5/24/2011 7:41 PM, DUELL, BOB (ATTCINW) wrote:
> Forgive me for what is probably a very simple question, but I am
> upgrading gpg on my UNIX server from 1.2.6 to 1.4.11.

No forgiveness necessary.  Simple, straightforward questions are always
nice.  :)

> All well and good, but what do I need to do to run the new version?
> In other words, do I just enter:
> 
> $ /opt/app/gnupg-1.4.11/bin/gpg whatever
> 
> Will that recognize the "parent" directory to access all the other
> files?

It's hard to say definitively without looking at your particular system.
That said, speaking generally this will work fine.

> Finally, assuming everything works well (as I'm sure it will), can I
> easily "install" this new version by deleting the previous files from
> /usr/local and creating symbolic links to the new location?

Yep!

_______________________________________________
Gnupg-users mailing list
Gnupg-users at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users


From janne.inkila at iki.fi  Wed May 25 19:27:18 2011
From: janne.inkila at iki.fi (=?ISO-8859-1?Q?Janne_Inkil=E4?=)
Date: Wed, 25 May 2011 20:27:18 +0300
Subject: GnuPG language setting
Message-ID: <4DDD3BF6.9090402@iki.fi>

 From where GnuPG takes its language setting in Windows, exactly?

I am having a problem with GnuPG text ui-language. My windows is in 
english, but GnuPG is in swedish. I know I can fix this issue with 
lang=en enviroinment variable, but I am having this wrong language 
problem in several other software also. Regional settings (Control 
Panel\Clock, Language, and Region) in control panel are what I desire, 
but no affect with this. I believe my computer vendor (HP) made some 
customization to the operating system installation package and broke 
something. My os is Windows 7 64b.

-- 
janne.inkila at iki.fi
jpi @ freenode irc network



From gnupg at bbs.srima.ie  Wed May 25 17:55:32 2011
From: gnupg at bbs.srima.ie (gnupg at bbs.srima.ie)
Date: 25 May 2011 15:55:32 GMT
Subject: Installing new version of gpg
Message-ID: <00301b.b986f0.bbs.srima.ie@localhost>

From: bd9439 at att.com
To: gnupg

From: "DUELL, BOB (ATTCINW)" <bd9439 at att.com>
To: "Robert J. Hansen" <rjh at sixdemonbag.org>, "gnupg-users at gnupg.org"
        <gnupg-users at gnupg.org>

A few more questions:

I imagine I need to create these symbolic links:

ln -s /opt/app/gnupg-1.4.11/bin/gpg       /usr/local/bin/gpg
ln -s /opt/app/gnupg-1.4.11/bin/gpg-zip   /usr/local/bin/gpg-zip
ln -s /opt/app/gnupg-1.4.11/bin/gpgsplit  /usr/local/bin/gpgsplit
ln -s /opt/app/gnupg-1.4.11/bin/gpgv      /usr/local/bin/gpgv

But should I also create these?

ln -s /opt/app/gnupg-1.4.11/libexec/gnupg /usr/local/libexec/gnupg
ln -s /opt/app/gnupg-1.4.11/share/gnupg   /usr/local/share/gnupg

And what about these existing files (copies of which are in /usr/local today):

/usr/local/share/locale
/usr/local/lib/charset.alias

And finally, what about these (which do not exist in /usr/local/share today):

/opt/app/gnupg-1.4.11/share/info
/opt/app/gnupg-1.4.11/share/man

I appreciate the help!

Bob

BTW - Although I have rarely posted to this list, it is one of the most
interesting discussion groups I follow.  I've been reading it for about five
years (since I first installed gpg) and although most of the conversation is
way over my head, I learn something new almost every day.

-----Original Message-----
From: gnupg-users-bounces at gnupg.org [mailto:gnupg-users-bounces at gnupg.org] On
Behalf Of Robert J. Hansen
Sent: Tuesday, May 24, 2011 4:48 PM
To: gnupg-users at gnupg.org
Subject: Re: Installing new version of gpg

On 5/24/2011 7:41 PM, DUELL, BOB (ATTCINW) wrote:
> Forgive me for what is probably a very simple question, but I am
> upgrading gpg on my UNIX server from 1.2.6 to 1.4.11.

No forgiveness necessary.  Simple, straightforward questions are always
nice.  :)

> All well and good, but what do I need to do to run the new version?
> In other words, do I just enter:
>
> $ /opt/app/gnupg-1.4.11/bin/gpg whatever
>
> Will that recognize the "parent" directory to access all the other
> files?

It's hard to say definitively without looking at your particular system.
That said, speaking generally this will work fine.

> Finally, assuming everything works well (as I'm sure it will), can I
> easily "install" this new version by deleting the previous files from
> /usr/local and creating symbolic links to the new location?

Yep!

_______________________________________________
Gnupg-users mailing list
Gnupg-users at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

_______________________________________________
Gnupg-users mailing list
Gnupg-users at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users


From gnupg at bbs.srima.ie  Wed May 25 16:55:32 2011
From: gnupg at bbs.srima.ie (gnupg at bbs.srima.ie)
Date: 25 May 2011 14:55:32 GMT
Subject: Installing new version of gpg
Message-ID: <b0301c.b97ef0.bbs.srima.ie@localhost>

From: gnupg at bbs.srima.ie
To: gnupg

From: gnupg at bbs.srima.ie
To: gnupg-users at gnupg.org

From: bd9439 at att.com
To: gnupg

From: "DUELL, BOB (ATTCINW)" <bd9439 at att.com>
To: "Robert J. Hansen" <rjh at sixdemonbag.org>, "gnupg-users at gnupg.org"
        <gnupg-users at gnupg.org>

A few more questions:

I imagine I need to create these symbolic links:

ln -s /opt/app/gnupg-1.4.11/bin/gpg       /usr/local/bin/gpg
ln -s /opt/app/gnupg-1.4.11/bin/gpg-zip   /usr/local/bin/gpg-zip
ln -s /opt/app/gnupg-1.4.11/bin/gpgsplit  /usr/local/bin/gpgsplit
ln -s /opt/app/gnupg-1.4.11/bin/gpgv      /usr/local/bin/gpgv

But should I also create these?

ln -s /opt/app/gnupg-1.4.11/libexec/gnupg /usr/local/libexec/gnupg
ln -s /opt/app/gnupg-1.4.11/share/gnupg   /usr/local/share/gnupg

And what about these existing files (copies of which are in /usr/local today):

/usr/local/share/locale
/usr/local/lib/charset.alias

And finally, what about these (which do not exist in /usr/local/share today):

/opt/app/gnupg-1.4.11/share/info
/opt/app/gnupg-1.4.11/share/man

I appreciate the help!

Bob

BTW - Although I have rarely posted to this list, it is one of the most
interesting discussion groups I follow.  I've been reading it for about five
years (since I first installed gpg) and although most of the conversation is
way over my head, I learn something new almost every day.

-----Original Message-----
From: gnupg-users-bounces at gnupg.org [mailto:gnupg-users-bounces at gnupg.org] On
Behalf Of Robert J. Hansen
Sent: Tuesday, May 24, 2011 4:48 PM
To: gnupg-users at gnupg.org
Subject: Re: Installing new version of gpg

On 5/24/2011 7:41 PM, DUELL, BOB (ATTCINW) wrote:
> Forgive me for what is probably a very simple question, but I am
> upgrading gpg on my UNIX server from 1.2.6 to 1.4.11.

No forgiveness necessary.  Simple, straightforward questions are always
nice.  :)

> All well and good, but what do I need to do to run the new version?
> In other words, do I just enter:
>
> $ /opt/app/gnupg-1.4.11/bin/gpg whatever
>
> Will that recognize the "parent" directory to access all the other
> files?

It's hard to say definitively without looking at your particular system.
That said, speaking generally this will work fine.

> Finally, assuming everything works well (as I'm sure it will), can I
> easily "install" this new version by deleting the previous files from
> /usr/local and creating symbolic links to the new location?

Yep!

_______________________________________________
Gnupg-users mailing list
Gnupg-users at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

_______________________________________________
Gnupg-users mailing list
Gnupg-users at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

_______________________________________________
Gnupg-users mailing list
Gnupg-users at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users


From wk at gnupg.org  Thu May 26 13:54:05 2011
From: wk at gnupg.org (Werner Koch)
Date: Thu, 26 May 2011 13:54:05 +0200
Subject: GnuPG language setting
In-Reply-To: <4DDD3BF6.9090402@iki.fi> ("Janne =?utf-8?Q?Inkil=C3=A4=22's?=
	message of "Wed, 25 May 2011 20:27:18 +0300")
References: <4DDD3BF6.9090402@iki.fi>
Message-ID: <87pqn565k2.fsf@vigenere.g10code.de>

On Wed, 25 May 2011 19:27, janne.inkila at iki.fi said:

> I am having a problem with GnuPG text ui-language. My windows is in
> english, but GnuPG is in swedish. I know I can fix this issue with
> lang=en enviroinment variable, but I am having this wrong language
> problem in several other software also. Regional settings (Control
> Panel\Clock, Language, and Region) in control panel are what I desire,

GnuPG 2.0 uses this code:

  /* Use native Win32 API locale ID.  */
  lcid = GetThreadLocale ();

  /* Strip off the sorting rules, keep only the language part.  */
  langid = LANGIDFROMLCID (lcid);

  /* Split into language and territory part.  */
  primary = PRIMARYLANGID (langid);
  sub = SUBLANGID (langid);

You may override it by setting an environment variable, for example

   set LANG=en

If you use something like en_US, only the part before the underscore is
used.  

GnuPG 2.1 (the development branch) uses very similar code.  IIRC, 1.4.x
also uses similar code.

You may also look for the sv.mo file below the GnuPG directory and
delete it.


Shalom-Salam,

   Werner


-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.



From rjh at sixdemonbag.org  Thu May 26 15:17:27 2011
From: rjh at sixdemonbag.org (Robert J. Hansen)
Date: Thu, 26 May 2011 09:17:27 -0400
Subject: Installing new version of gpg
In-Reply-To: <AC5F423B9AB19C43BE62C86BAF8113CC0840C9@WABOTH9MSGUSR8C.ITServices.sbc.com>
References: <BANLkTikdjK4c15N_d_v0FaCq2bvJcT5KWw@mail.gmail.com>	<4DD5B57A.7060103@grant-olson.net>	<AC5F423B9AB19C43BE62C86BAF8113CC083AAB@WABOTH9MSGUSR8C.ITServices.sbc.com>
	<4DDC4392.1070605@sixdemonbag.org>
	<AC5F423B9AB19C43BE62C86BAF8113CC0840C9@WABOTH9MSGUSR8C.ITServices.sbc.com>
Message-ID: <4DDE52E7.8060200@sixdemonbag.org>

On 5/25/2011 12:55 PM, DUELL, BOB (ATTCINW) wrote:
> A few more questions:

It's hard to give concrete answers without seeing your particular
installation, so please consider these to be semi-educated guesses
rather than things I know to be correct.  :)

> But should I also create these?

No.  You never launch these directly: GnuPG launches them -- and GnuPG
knows where they're located.

> And what about these existing files (copies of which are in
> /usr/local today):

Well, the GnuPG you have in /usr/local no longer needs them -- but it's
possible other software you have in /usr/local relies on it, so I'd
suggest keeping them until/unless you know for a fact nothing else needs it.

> And finally, what about these (which do not exist in /usr/local/share
> today):

Don't need to worry about them.  I'd keep them, myself, but if you
delete them it won't impair GnuPG's functioning.


From cannewilson at googlemail.com  Thu May 26 20:06:07 2011
From: cannewilson at googlemail.com (Anne Wilson)
Date: Thu, 26 May 2011 19:06:07 +0100
Subject: I can't stop encryption being done with a wrong key
Message-ID: <201105261906.08020.cannewilson@googlemail.com>

I have a friend whose gpg key became corrupt.  He created a new key, and I 
imported it.  Then we discovered that KMail insists on trying to encrypt using 
the old key, even though I have changed his addressbook entry to reflect the 
new key.

At this point we thought it was a KMail issue, so I moved to Thunderbird for 
answering his mail.  Signed mail in both directions is no problem.  He can 
send an encrypted message and I can read it.  The new key is fine.  However, 
when I send an encrypted message to him we hit the rocks.

In Thunderbird I have only a minimal addressbook.  I set his record to use the 
new key for encryption, and I can't see any way that Thunderbird should know 
about the old key.  However, the test email I sent him was signed by the RSA 
subkey of his old key.

Can someone please explain to me how this could be happening, and what I need 
to do to correct it?  Should I remove his old key from my keyring?  If I do, I 
assume that I won't be able to read his older messages.

Thanks

Anne
-- 
New to KDE Software? - get help from http://userbase.kde.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110526/c48d882e/attachment.pgp>

From shavital at mac.com  Thu May 26 21:26:39 2011
From: shavital at mac.com (Charly Avital)
Date: Thu, 26 May 2011 15:26:39 -0400
Subject: I can't stop encryption being done with a wrong key
In-Reply-To: <201105261906.08020.cannewilson@googlemail.com>
References: <201105261906.08020.cannewilson@googlemail.com>
Message-ID: <4DDEA96F.6000705@mac.com>

Anne Wilson wrote on 5/26/11 2:06 PM:
> I have a friend whose gpg key became corrupt.  He created a new key, and I 
> imported it.  Then we discovered that KMail insists on trying to encrypt using 
> the old key, even though I have changed his addressbook entry to reflect the 
> new key.
> 
> At this point we thought it was a KMail issue, so I moved to Thunderbird for 
> answering his mail.  Signed mail in both directions is no problem.

That's normal.
You are verifying your friend's signature with the new public key he
created and that you imported.
Your friend is verifying your signature with your public key that is
valid and in use.

> He can 
> send an encrypted message and I can read it.  The new key is fine.

When your friend encrypts a message to you, he is using your existing
public key. This has nothing to do with your friend's new key.

> However, 
> when I send an encrypted message to him we hit the rocks.
> 
> In Thunderbird I have only a minimal addressbook.  I set his record to use the 
> new key for encryption, and I can't see any way that Thunderbird should know 
> about the old key.  However, the test email I sent him was signed by the RSA 
> subkey of his old key.

I can't remember how KMail sets the usage of keys. I'm a Mac user, but I
have "dabbled" occasionally in Linux and some of KMail.

In Thunderbird, key usage is set in 'Per Recipient rules', that is not
the Address Book.
> 
> Can someone please explain to me how this could be happening, and what I need 
> to do to correct it?  Should I remove his old key from my keyring?  If I do, I 
> assume that I won't be able to read his older messages.


You don't have to remove his "old" public key from your keyring.

You have to edit "Per Recipient Rules" so that your friend's new public
key (in your public keyring) is linked to his User ID (e-mail address),
and used to encrypt to him.

In Thunderbird's menu please go to OpenPGP/Edit Per-Recipient Rules,
that will launch the "Per-Recipient Rules Editor". Use the search field
to search for the entry that corresponds to your friend's user ID (his
e-mail address) or choose it manually at your convenience, click
'Modify' and make the necessary adjustments to choose your friend's new
public key as the key that will be used to encrypt to him.

Your quoted posted was composed using:
User-Agent: KMail/1.13.7 (Linux/2.6.35.13-91.fc14.i686.PAE; KDE/4.6.3;
i686; ;	), and not Thunderbird.

HTH
Charly
(Testing Shredder 3.4a1pre for Mac).


From bd9439 at att.com  Thu May 26 21:03:02 2011
From: bd9439 at att.com (DUELL, BOB (ATTCINW))
Date: Thu, 26 May 2011 19:03:02 +0000
Subject: Installing new version of gpg
In-Reply-To: <4DDE52E7.8060200@sixdemonbag.org>
References: <BANLkTikdjK4c15N_d_v0FaCq2bvJcT5KWw@mail.gmail.com>
	<4DD5B57A.7060103@grant-olson.net>
	<AC5F423B9AB19C43BE62C86BAF8113CC083AAB@WABOTH9MSGUSR8C.ITServices.sbc.com>
	<4DDC4392.1070605@sixdemonbag.org>
	<AC5F423B9AB19C43BE62C86BAF8113CC0840C9@WABOTH9MSGUSR8C.ITServices.sbc.com>
	<4DDE52E7.8060200@sixdemonbag.org>
Message-ID: <AC5F423B9AB19C43BE62C86BAF8113CC086B5A@WABOTH9MSGUSR8C.ITServices.sbc.com>

Perfect, that's useful.  I see now I should copy the man pages to /usr/local/man so they'll be visible to everyone.  Also, to be save, I'll rename the existing binaries just in case (I'm a bit paranoid).

To recap, I'll run these commands to "install" my new version:

mv /usr/local/bin/gpg       /usr/local/bin/gpg_old
mv /usr/local/bin/gpgsplit  /usr/local/bin/gpgsplit_old
mv /usr/local/bin/gpgv      /usr/local/bin/gpgv_old

ln -s /opt/app/apps/gnupg-1.4.11/bin/gpg       /usr/local/bin/gpg
ln -s /opt/app/apps/gnupg-1.4.11/bin/gpg-zip   /usr/local/bin/gpg-zip
ln -s /opt/app/apps/gnupg-1.4.11/bin/gpgsplit  /usr/local/bin/gpgsplit
ln -s /opt/app/apps/gnupg-1.4.11/bin/gpgv      /usr/local/bin/gpgv

cp /opt/app/apps/gnupg-1.4.11/share/man/man1/* /usr/local/man/man1
cp /opt/app/apps/gnupg-1.4.11/share/man/man7/* /usr/local/man/man7

Thanks so much!  The whole thing was much easier than I anticipated,

Bob


-----Original Message-----
From: Robert J. Hansen [mailto:rjh at sixdemonbag.org] 
Sent: Thursday, May 26, 2011 6:17 AM
To: DUELL, BOB (ATTCINW)
Cc: gnupg-users at gnupg.org
Subject: Re: Installing new version of gpg

On 5/25/2011 12:55 PM, DUELL, BOB (ATTCINW) wrote:
> A few more questions:

It's hard to give concrete answers without seeing your particular
installation, so please consider these to be semi-educated guesses
rather than things I know to be correct.  :)

> But should I also create these?

No.  You never launch these directly: GnuPG launches them -- and GnuPG
knows where they're located.

> And what about these existing files (copies of which are in
> /usr/local today):

Well, the GnuPG you have in /usr/local no longer needs them -- but it's
possible other software you have in /usr/local relies on it, so I'd
suggest keeping them until/unless you know for a fact nothing else needs it.

> And finally, what about these (which do not exist in /usr/local/share
> today):

Don't need to worry about them.  I'd keep them, myself, but if you
delete them it won't impair GnuPG's functioning.

From groups at caseyljones.net  Fri May 27 00:04:30 2011
From: groups at caseyljones.net (Casey Jones)
Date: Thu, 26 May 2011 15:04:30 -0700
Subject: GPG Problem - invalid radix64 character
In-Reply-To: <DF14562B-3E12-4008-87A0-5B9440B54B25@bayour.com>
References: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>	<F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>	<BANLkTik1ezyG6=mtzaw1SZCQxsdL2v+i7g@mail.gmail.com>	<810CB15E-5E68-43A0-9659-34866DCEFCDD@bayour.com>	<BANLkTinQ450A0sBXJzzyvtEguCCBwxzSpw@mail.gmail.com>	<5A6ACD14-1B72-439F-ADB4-C28CD6751840@bayour.com>	<BANLkTin_bwkYmL7ykd0k4G5aHkyFWhqxoQ@mail.gmail.com>	<5E12BCCA-0524-486A-87BC-0113D51E80EE@bayour.com>	<BANLkTinR+at4hiFxc+fV5jHs__Yxr5ttNw@mail.gmail.com>	<B59BE06C-5DB4-481A-A30A-6C49683902DC@bayour.com>	<BANLkTinHQRmMeO_ti4B_v0ZbZt+8WKW9zQ@mail.gmail.com>
	<DF14562B-3E12-4008-87A0-5B9440B54B25@bayour.com>
Message-ID: <4DDECE6E.8060100@caseyljones.net>

In the future, instead of GPG or OpenSSL I would suggest an encrypted 
filesystem such as an encrypted folder or partition or Truecrypt volume. 
The advantage of those is that a single bit error is likely to only 
affect one file. If you archive the files before transferring them to 
your encrypted volume, you should archive each 4GB file individually, 
again so that one bit error will only effect one file.

Another kind of archive software to look into is the kind often used on 
binary newsgroups where the archive is split into parts and the parts 
contain error CORRECTING code.

When working with such large amounts of data (or even small amounts) you 
should keep in mind that computer RAM is surprisingly error prone. About 
one in three good quality computers has several memory errors per year 
(the other two out of three tend to have no detected errors). You may 
want to invest in error correcting memory.

Hard drive error rates and speeds can degrade dramatically in the 
presence of excessive sound and vibrations. Other nearby hard drives and 
CD drives can be a problem. Many hard drive enclosures are poorly 
designed in this respect. For best reliability, your drives need to at 
least have rubber mount isolation and sometimes blocking of sound from 
nearby hard drives. CD drives can produce vibrations so bad that basic 
shock mounts can not dampen them sufficiently, so don't run the CD drive 
if error free transfers are critical. But if you rubber mount your hard 
drives, keep in mind that they will loose the metal heat sink effect, 
and so you need to pay extra attention to ventilation and watch out for 
overheating.


From aheinlein at gmx.com  Fri May 27 08:10:58 2011
From: aheinlein at gmx.com (Andreas Heinlein)
Date: Fri, 27 May 2011 08:10:58 +0200
Subject: I can't stop encryption being done with a wrong key
In-Reply-To: <4DDEA96F.6000705@mac.com>
References: <201105261906.08020.cannewilson@googlemail.com>
	<4DDEA96F.6000705@mac.com>
Message-ID: <4DDF4072.1040503@gmx.com>

Am 26.05.2011 21:26, schrieb Charly Avital:
> In Thunderbird, key usage is set in 'Per Recipient rules', that is not
> the Address Book.
>> > 
>> > Can someone please explain to me how this could be happening, and what I need 
>> > to do to correct it?  Should I remove his old key from my keyring?  If I do, I 
>> > assume that I won't be able to read his older messages.
> You don't have to remove his "old" public key from your keyring.
>
> You have to edit "Per Recipient Rules" so that your friend's new public
> key (in your public keyring) is linked to his User ID (e-mail address),
> and used to encrypt to him.
Thunderbird (or the enigmail extension you're most likely speaking of)
uses the mail addresses on the keys UID to choose which key to use. If
there is more than one key with the same mail address on the keyring,
engimails behaviour becomes somewhat unpredictable and sometimes chooses
the old key, sometimes the new one.

You could either override it with explicit recipient rules, or remove
the old key from the keyring. Since you said the old key became
"corrupt", I see no point in keeping it anyway.

Andreas


From wk at gnupg.org  Fri May 27 10:09:43 2011
From: wk at gnupg.org (Werner Koch)
Date: Fri, 27 May 2011 10:09:43 +0200
Subject: GPG Problem - invalid radix64 character
In-Reply-To: <4DDECE6E.8060100@caseyljones.net> (Casey Jones's message of
	"Thu, 26 May 2011 15:04:30 -0700")
References: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>
	<F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>
	<BANLkTik1ezyG6=mtzaw1SZCQxsdL2v+i7g@mail.gmail.com>
	<810CB15E-5E68-43A0-9659-34866DCEFCDD@bayour.com>
	<BANLkTinQ450A0sBXJzzyvtEguCCBwxzSpw@mail.gmail.com>
	<5A6ACD14-1B72-439F-ADB4-C28CD6751840@bayour.com>
	<BANLkTin_bwkYmL7ykd0k4G5aHkyFWhqxoQ@mail.gmail.com>
	<5E12BCCA-0524-486A-87BC-0113D51E80EE@bayour.com>
	<BANLkTinR+at4hiFxc+fV5jHs__Yxr5ttNw@mail.gmail.com>
	<B59BE06C-5DB4-481A-A30A-6C49683902DC@bayour.com>
	<BANLkTinHQRmMeO_ti4B_v0ZbZt+8WKW9zQ@mail.gmail.com>
	<DF14562B-3E12-4008-87A0-5B9440B54B25@bayour.com>
	<4DDECE6E.8060100@caseyljones.net>
Message-ID: <878vts5zug.fsf@vigenere.g10code.de>

On Fri, 27 May 2011 00:04, groups at caseyljones.net said:

> volume. The advantage of those is that a single bit error is likely to
> only affect one file. If you archive the files before transferring

FWIW, it is the same as with OpenPGP.  The used CFB mode re-syncs after
soon after the bad block.  However, to avoid willfully manipulation we
use a checksum over the entire data to detect this (the MDC); the option
--ignore-mdc-error may be used to ignore a bad checksum.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.



From jerome at jeromebaum.com  Fri May 27 10:48:16 2011
From: jerome at jeromebaum.com (Jerome Baum)
Date: Fri, 27 May 2011 10:48:16 +0200
Subject: GPG Problem - invalid radix64 character
In-Reply-To: <878vts5zug.fsf@vigenere.g10code.de>
References: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>
	<F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>
	<BANLkTik1ezyG6=mtzaw1SZCQxsdL2v+i7g@mail.gmail.com>
	<810CB15E-5E68-43A0-9659-34866DCEFCDD@bayour.com>
	<BANLkTinQ450A0sBXJzzyvtEguCCBwxzSpw@mail.gmail.com>
	<5A6ACD14-1B72-439F-ADB4-C28CD6751840@bayour.com>
	<BANLkTin_bwkYmL7ykd0k4G5aHkyFWhqxoQ@mail.gmail.com>
	<5E12BCCA-0524-486A-87BC-0113D51E80EE@bayour.com>
	<BANLkTinR+at4hiFxc+fV5jHs__Yxr5ttNw@mail.gmail.com>
	<B59BE06C-5DB4-481A-A30A-6C49683902DC@bayour.com>
	<BANLkTinHQRmMeO_ti4B_v0ZbZt+8WKW9zQ@mail.gmail.com>
	<DF14562B-3E12-4008-87A0-5B9440B54B25@bayour.com>
	<4DDECE6E.8060100@caseyljones.net>
	<878vts5zug.fsf@vigenere.g10code.de>
Message-ID: <BANLkTimPYL49ca9OcYqt277S8g_x3b5N1A@mail.gmail.com>

On Fri, May 27, 2011 at 10:09, Werner Koch <wk at gnupg.org> wrote:

> On Fri, 27 May 2011 00:04, groups at caseyljones.net said:
>
> > volume. The advantage of those is that a single bit error is likely to
> > only affect one file. If you archive the files before transferring
>
> FWIW, it is the same as with OpenPGP.  The used CFB mode re-syncs after
> soon after the bad block.  However, to avoid willfully manipulation we
> use a checksum over the entire data to detect this (the MDC); the option
> --ignore-mdc-error may be used to ignore a bad checksum.
>

There is still a compression step by default though, right? I know gzip has
recovery features now, but chances are the compression will get in your way
anyway. Not that I'd consider an encrypted file-system preferable, just
saying.

-- 
Jerome Baum

tel +49-1578-8434336
email jerome at jeromebaum.com
-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110527/f35a735a/attachment-0001.htm>

From cannewilson at googlemail.com  Fri May 27 17:19:25 2011
From: cannewilson at googlemail.com (Anne Wilson)
Date: Fri, 27 May 2011 16:19:25 +0100
Subject: I can't stop encryption being done with a wrong key
In-Reply-To: <4DDF4072.1040503@gmx.com>
References: <201105261906.08020.cannewilson@googlemail.com>
	<4DDEA96F.6000705@mac.com> <4DDF4072.1040503@gmx.com>
Message-ID: <201105271619.26390.cannewilson@googlemail.com>

On Friday 27 May 2011 07:10:58 Andreas Heinlein wrote:
> Am 26.05.2011 21:26, schrieb Charly Avital:
> > In Thunderbird, key usage is set in 'Per Recipient rules', that is not
> > the Address Book.
> > 
> >> > Can someone please explain to me how this could be happening, and what
> >> > I need to do to correct it?  Should I remove his old key from my
> >> > keyring?  If I do, I assume that I won't be able to read his older
> >> > messages.
> > 
> > You don't have to remove his "old" public key from your keyring.
> > 
> > You have to edit "Per Recipient Rules" so that your friend's new public
> > key (in your public keyring) is linked to his User ID (e-mail address),
> > and used to encrypt to him.
> 
> Thunderbird (or the enigmail extension you're most likely speaking of)
> uses the mail addresses on the keys UID to choose which key to use. If
> there is more than one key with the same mail address on the keyring,
> engimails behaviour becomes somewhat unpredictable and sometimes chooses
> the old key, sometimes the new one.
> 
> You could either override it with explicit recipient rules, or remove
> the old key from the keyring. Since you said the old key became
> "corrupt", I see no point in keeping it anyway.
> 
I eventually found where I could disable the key both in Thunderbird and in 
KMail, so all is now well.

Thanks to all who answered.

Anne
-- 
New to KDE Software? - get help from http://userbase.kde.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110527/4a9fa5c7/attachment.pgp>

From dkg at fifthhorseman.net  Fri May 27 17:50:17 2011
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Fri, 27 May 2011 11:50:17 -0400
Subject: I can't stop encryption being done with a wrong key
In-Reply-To: <201105271619.26390.cannewilson@googlemail.com>
References: <201105261906.08020.cannewilson@googlemail.com>	<4DDEA96F.6000705@mac.com>
	<4DDF4072.1040503@gmx.com>
	<201105271619.26390.cannewilson@googlemail.com>
Message-ID: <4DDFC839.6030701@fifthhorseman.net>

On 05/27/2011 11:19 AM, Anne Wilson wrote:
> I eventually found where I could disable the key both in Thunderbird and in 
> KMail, so all is now well.

I'm glad you got it resolved!  I think this is more of a demonstration
that fixing this to do the Right Thing by default in gpg itself would
have been a boon to both kmail and enigmail (and any other frontends).

If you have thoughts on what gpg should have done in the first place,
there's an open bug report titled "better heuristic for choosing an
encryption key based on a User ID":

  https://bugs.g10code.com/gnupg/issue1143

You might want to add comments there describing your preferred behavior.

Regards,

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110527/2edba8cb/attachment.pgp>

From Pramod.R at target.com  Fri May 27 14:24:04 2011
From: Pramod.R at target.com (Pramod.R)
Date: Fri, 27 May 2011 07:24:04 -0500
Subject: Question regarding the migration of the pgp keyring to gpg
In-Reply-To: <F7DA7539-03C8-47F4-8993-E3BBD10E8821@jabberwocky.com>
References: <2225D816DF89824D9DE3D8163420E90E7459655917@TLEMLMBX15P.email.target.com>
	<F7DA7539-03C8-47F4-8993-E3BBD10E8821@jabberwocky.com>
Message-ID: <2225D816DF89824D9DE3D8163420E90E748493CAC0@TLEMLMBX15P.email.target.com>

Hi David,

Thanks so much for your response on this.

Now, when I tried decrypting a pgp encrypted file through a gpg (using the gpg --decrypt command), I'm running into this problem of "idea encryption (0) failed" even when I tried compiling one of the idea.c that I downloaded, using the command: gcc -Wall -O2 -shared -fPIC -DBIG_ENDIAN_HOST -o idea idea.c

I came across one of your posts in the below link where you mentioned that you edited the idea.c for the "endianness" and got it working:

http://markmail.org/message/gmev3dorhh7xa5nt#query:+page:1+mid:omfowi5jah2w2xxt+state:results

Could you please let send me the latest version of the idea.c that has taken care of this problem?

Thanks so much in advance as this would mean so much for me..

Let me know if you need any clarity on my question...

Warm Regards,
Pramod R?

-----Original Message-----
From: David Shaw [mailto:dshaw at jabberwocky.com] 
Sent: Friday, April 15, 2011 7:02 PM
To: Pramod.R
Cc: gnupg-users at gnupg.org
Subject: Re: Question regarding the migration of the pgp keyring to gpg

On Apr 15, 2011, at 1:23 AM, Pramod.R wrote:

> Hi,
>  
> We are migrating from pgp 6.5.8 to gpg 1.4.11. I  had a question regarding the migration of the public keys and the private keys:
>  
> Is there a way where I could migrate the entire key ring at one go? I'm currently extracting my keys from pgp using the pgp -dx <key-id> command and then importing each of these into the gpg. Is there one single command which would help me migrate the entire key ring at once?

Yes.  PGP 6.5.8 keyring files are directly importable into GnuPG.  Just find your pubring.pkr and secring.skr files and do:

  gpg --import /path/to/pubring.pkr
  gpg --import /path/to/secring.skr

That will import all of the keys at once.

David



From dkg at fifthhorseman.net  Sat May 28 01:16:03 2011
From: dkg at fifthhorseman.net (Daniel Kahn Gillmor)
Date: Fri, 27 May 2011 19:16:03 -0400
Subject: A better way to think about passwords
In-Reply-To: <4DAB6E96.1030403@dougbarton.us>
References: <4DAB6E96.1030403@dougbarton.us>
Message-ID: <87mxi7ag5o.fsf@fifthhorseman.net>

On Sun, 17 Apr 2011 15:49:58 -0700, Doug Barton <dougb at dougbarton.us> wrote:
> Summary: A 3-word password (e.g., "quick brown fox") is secure against
> cracking attempts for 2,537 years.
> 
> http://www.baekdal.com/tips/password-security-usability

A computational linguist's rebuttal to Baekdal's post:

 http://trochee.net/2011/05/fragments-will-not-save-us/

The takeaway: Baekdal's analysis only holds for extremely na?ve brute
force attempts.  Please don't assume that all attackers will be so
na?ve.

        --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 965 bytes
Desc: not available
URL: </pipermail/attachments/20110527/83c0f85c/attachment.pgp>

From andre at amorim.me  Sat May 28 01:25:22 2011
From: andre at amorim.me (Andre Amorim)
Date: Sat, 28 May 2011 00:25:22 +0100
Subject: A better way to think about passwords
In-Reply-To: <87mxi7ag5o.fsf@fifthhorseman.net>
References: <4DAB6E96.1030403@dougbarton.us> <87mxi7ag5o.fsf@fifthhorseman.net>
Message-ID: <BANLkTin9cm1Junp6NqLwV9tW7xVX9ypPBg@mail.gmail.com>

Just "blood-thing" about linguist reminds-me "language acquisition" anyways ....

On 28 May 2011 00:16, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
> On Sun, 17 Apr 2011 15:49:58 -0700, Doug Barton <dougb at dougbarton.us> wrote:
>> Summary: A 3-word password (e.g., "quick brown fox") is secure against
>> cracking attempts for 2,537 years.
>>
>> http://www.baekdal.com/tips/password-security-usability
>
> A computational linguist's rebuttal to Baekdal's post:
>
> ?http://trochee.net/2011/05/fragments-will-not-save-us/
>
> The takeaway: Baekdal's analysis only holds for extremely na?ve brute
> force attempts. ?Please don't assume that all attackers will be so
> na?ve.
>
> ? ? ? ?--dkg
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
>



-- 
Gnupg key: 02375205
Fingerprint: F7CD D181 943B 0453 8668 ?AF16 84E9 7565 0237 5205


From cannewilson at googlemail.com  Sat May 28 12:20:23 2011
From: cannewilson at googlemail.com (Anne Wilson)
Date: Sat, 28 May 2011 11:20:23 +0100
Subject: I can't stop encryption being done with a wrong key
In-Reply-To: <4DDFC839.6030701@fifthhorseman.net>
References: <201105261906.08020.cannewilson@googlemail.com>
	<201105271619.26390.cannewilson@googlemail.com>
	<4DDFC839.6030701@fifthhorseman.net>
Message-ID: <201105281120.23762.cannewilson@googlemail.com>

On Friday 27 May 2011 16:50:17 you wrote:
> On 05/27/2011 11:19 AM, Anne Wilson wrote:
> > I eventually found where I could disable the key both in Thunderbird and
> > in KMail, so all is now well.
> 
> I'm glad you got it resolved!  I think this is more of a demonstration
> that fixing this to do the Right Thing by default in gpg itself would
> have been a boon to both kmail and enigmail (and any other frontends).
> 
> If you have thoughts on what gpg should have done in the first place,
> there's an open bug report titled "better heuristic for choosing an
> encryption key based on a User ID":
> 
>   https://bugs.g10code.com/gnupg/issue1143
> 
> You might want to add comments there describing your preferred behavior.
> 
> Regards,
> 
> 	--dkg

To be honest, I'm not sure that it is the fault of gpg.  To my mind, both 
Thunderbird and KMail should always respect the preference marked as the 
default key for the user in question.  It seems to me that it is more of a job 
for the address book interface, to ask for the default key and whether older 
keys are to be disabled. Or am I misunderstanding again - is that part 
actually handled by gpg?

I'll add to the bug report mentioned above.

Thanks

Anne
-- 
New to KDE Software? - get help from http://userbase.kde.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110528/4269cb7f/attachment.pgp>

From cannewilson at googlemail.com  Sat May 28 12:48:28 2011
From: cannewilson at googlemail.com (Anne Wilson)
Date: Sat, 28 May 2011 11:48:28 +0100
Subject: I can't stop encryption being done with a wrong key
In-Reply-To: <4DDFC839.6030701@fifthhorseman.net>
References: <201105261906.08020.cannewilson@googlemail.com>
	<201105271619.26390.cannewilson@googlemail.com>
	<4DDFC839.6030701@fifthhorseman.net>
Message-ID: <201105281148.28399.cannewilson@googlemail.com>

On Friday 27 May 2011 16:50:17 you wrote:
> If you have thoughts on what gpg should have done in the first place,
> there's an open bug report titled "better heuristic for choosing an
> encryption key based on a User ID":
> 
>   https://bugs.g10code.com/gnupg/issue1143
> 
> You might want to add comments there describing your preferred behavior.

Slight problem - I created an account but can't see any way to add comments.  
Sorry - I'm used to bugzilla, but obviously this is quite different.

Anne
-- 
New to KDE Software? - get help from http://userbase.kde.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110528/ccc568e9/attachment.pgp>

From wk at gnupg.org  Sun May 29 19:58:50 2011
From: wk at gnupg.org (Werner Koch)
Date: Sun, 29 May 2011 19:58:50 +0200
Subject: GPG Problem - invalid radix64 character
In-Reply-To: <BANLkTimPYL49ca9OcYqt277S8g_x3b5N1A@mail.gmail.com> (Jerome
	Baum's message of "Fri, 27 May 2011 10:48:16 +0200")
References: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>
	<F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>
	<BANLkTik1ezyG6=mtzaw1SZCQxsdL2v+i7g@mail.gmail.com>
	<810CB15E-5E68-43A0-9659-34866DCEFCDD@bayour.com>
	<BANLkTinQ450A0sBXJzzyvtEguCCBwxzSpw@mail.gmail.com>
	<5A6ACD14-1B72-439F-ADB4-C28CD6751840@bayour.com>
	<BANLkTin_bwkYmL7ykd0k4G5aHkyFWhqxoQ@mail.gmail.com>
	<5E12BCCA-0524-486A-87BC-0113D51E80EE@bayour.com>
	<BANLkTinR+at4hiFxc+fV5jHs__Yxr5ttNw@mail.gmail.com>
	<B59BE06C-5DB4-481A-A30A-6C49683902DC@bayour.com>
	<BANLkTinHQRmMeO_ti4B_v0ZbZt+8WKW9zQ@mail.gmail.com>
	<DF14562B-3E12-4008-87A0-5B9440B54B25@bayour.com>
	<4DDECE6E.8060100@caseyljones.net>
	<878vts5zug.fsf@vigenere.g10code.de>
	<BANLkTimPYL49ca9OcYqt277S8g_x3b5N1A@mail.gmail.com>
Message-ID: <871uzh5qxx.fsf@vigenere.g10code.de>

On Fri, 27 May 2011 10:48, jerome at jeromebaum.com said:

> There is still a compression step by default though, right? I know gzip has

Right.  I forgot to mention that.  Unless gpg figures that the data is
already compressed, it will be compressed before encryption. 


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.



From sattva at pgpru.com  Mon May 30 12:16:38 2011
From: sattva at pgpru.com (Vlad "SATtva" Miller)
Date: Mon, 30 May 2011 17:16:38 +0700
Subject: GPG Problem - invalid radix64 character
In-Reply-To: <871uzh5qxx.fsf@vigenere.g10code.de>
References: <A317B266-A850-448A-9E56-1A540F94E2C6@bayour.com>	<F37AFA0E-10CA-415D-9B48-05FA3DB4D870@bayour.com>	<BANLkTik1ezyG6=mtzaw1SZCQxsdL2v+i7g@mail.gmail.com>	<810CB15E-5E68-43A0-9659-34866DCEFCDD@bayour.com>	<BANLkTinQ450A0sBXJzzyvtEguCCBwxzSpw@mail.gmail.com>	<5A6ACD14-1B72-439F-ADB4-C28CD6751840@bayour.com>	<BANLkTin_bwkYmL7ykd0k4G5aHkyFWhqxoQ@mail.gmail.com>	<5E12BCCA-0524-486A-87BC-0113D51E80EE@bayour.com>	<BANLkTinR+at4hiFxc+fV5jHs__Yxr5ttNw@mail.gmail.com>	<B59BE06C-5DB4-481A-A30A-6C49683902DC@bayour.com>	<BANLkTinHQRmMeO_ti4B_v0ZbZt+8WKW9zQ@mail.gmail.com>	<DF14562B-3E12-4008-87A0-5B9440B54B25@bayour.com>	<4DDECE6E.8060100@caseyljones.net>	<878vts5zug.fsf@vigenere.g10code.de>	<BANLkTimPYL49ca9OcYqt277S8g_x3b5N1A@mail.gmail.com>
	<871uzh5qxx.fsf@vigenere.g10code.de>
Message-ID: <4DE36E86.4030208@pgpru.com>

Werner Koch:
> On Fri, 27 May 2011 10:48, jerome at jeromebaum.com said:
> 
>> There is still a compression step by default though, right? I know gzip has
> 
> Right.  I forgot to mention that.  Unless gpg figures that the data is
> already compressed, it will be compressed before encryption. 

Or unless compression is disabled explicitly with "--compress-algo none".

-- 
Vlad "SATtva" Miller
3d viz | security & privacy consulting
www.vladmiller.info | www.pgpru.com



From makrober at gmail.com  Mon May 30 23:10:58 2011
From: makrober at gmail.com (M.R.)
Date: Mon, 30 May 2011 21:10:58 +0000
Subject: GnuPG language setting
In-Reply-To: <87pqn565k2.fsf@vigenere.g10code.de>
References: <4DDD3BF6.9090402@iki.fi> <87pqn565k2.fsf@vigenere.g10code.de>
Message-ID: <4DE407E2.9030907@gmail.com>

I wish application developers would understand
a simple fact: language choice can't be computer-wide,
it must be *application specific*.

Mark R.



From johanw at vulcan.xs4all.nl  Mon May 30 23:32:27 2011
From: johanw at vulcan.xs4all.nl (Johan Wevers)
Date: Mon, 30 May 2011 23:32:27 +0200
Subject: GnuPG language setting
In-Reply-To: <4DE407E2.9030907@gmail.com>
References: <4DDD3BF6.9090402@iki.fi> <87pqn565k2.fsf@vigenere.g10code.de>
	<4DE407E2.9030907@gmail.com>
Message-ID: <4DE40CEB.9060707@vulcan.xs4all.nl>

On 30-05-2011 23:10, M.R. wrote:

> I wish application developers would understand
> a simple fact: language choice can't be computer-wide,
> it must be *application specific*.

I would more say user-specific. Multiple users on the same machine might
want a different language for their applications. Users wanting
different languages for different applications might be there but I
think this is much rarer.

-- 
Met vriendelijke groet,

Johan Wevers



From wk at gnupg.org  Tue May 31 10:12:26 2011
From: wk at gnupg.org (Werner Koch)
Date: Tue, 31 May 2011 10:12:26 +0200
Subject: GnuPG language setting
In-Reply-To: <4DE407E2.9030907@gmail.com> (M. R.'s message of "Mon, 30 May
	2011 21:10:58 +0000")
References: <4DDD3BF6.9090402@iki.fi> <87pqn565k2.fsf@vigenere.g10code.de>
	<4DE407E2.9030907@gmail.com>
Message-ID: <87y61n1e6t.fsf@vigenere.g10code.de>

On Mon, 30 May 2011 23:10, makrober at gmail.com said:
> I wish application developers would understand
> a simple fact: language choice can't be computer-wide,
> it must be *application specific*.

Language choice is user specific, however users may start applications
with other language setting (cf. envvar LANG).  All modern systems (~15
years and more) use sensible defaults and allow switching to other
languages.  In fact at least on GNU systems you may do this even on a
per thread base.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.



From janne.inkila at iki.fi  Tue May 31 14:14:50 2011
From: janne.inkila at iki.fi (=?ISO-8859-1?Q?Janne_Inkil=E4?=)
Date: Tue, 31 May 2011 15:14:50 +0300
Subject: GnuPG language setting
In-Reply-To: <4DE407E2.9030907@gmail.com>
References: <4DDD3BF6.9090402@iki.fi> <87pqn565k2.fsf@vigenere.g10code.de>
	<4DE407E2.9030907@gmail.com>
Message-ID: <4DE4DBBA.6040801@iki.fi>

31.5.2011 0:10, M.R. kirjoitti:
> I wish application developers would understand
> a simple fact: language choice can't be computer-wide,
> it must be *application specific*.
>

In my case it is very hard to find the place where to change this 
setting in os. I know I can override this with lang=en env setting. I 
have checked all the settings in Windows 7 control panel and made some 
digging in to the registry, but failed so far.

-- 
janne.inkila at iki.fi



From onemailid4mailinglists at edpnet.be  Tue May 31 15:22:56 2011
From: onemailid4mailinglists at edpnet.be (Olivier N.)
Date: Tue, 31 May 2011 15:22:56 +0200
Subject: Bad CA certificate & Invalid card ?
Message-ID: <4DE4EBB0.6040700@edpnet.be>

Hello!

I'm a newbie GPG user. I'm using Linux Mint Debian Edition and GPG2.
(see enf of email for version info)

Trying to use gpg2 for the first time I get several error messages :

<code>
$ gpg2 --gen-key
[...]
You need a Passphrase to protect your secret key.

gpg: problem with the agent: Bad CA certificate
gpg: problem with the agent: Invalid card
gpg: Key generation canceled.
</code>

What mean ?Bad CA certificate? and ?Invalid card??
How can I solve these problems?

Thanks in advance for your help!

Olivier


<code>
$ uname -a
Linux my-desktop 2.6.38-2-686 #1 SMP Thu Apr 7 05:24:21 UTC 2011 i686 GNU/Linux

$ gpg2 --version
gpg (GnuPG) 2.0.17
libgcrypt 1.4.6
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA
Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, 
        CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
</code>


From saharyousefi82 at yahoo.com  Mon May 30 20:21:13 2011
From: saharyousefi82 at yahoo.com (sahar yousefi)
Date: Mon, 30 May 2011 11:21:13 -0700 (PDT)
Subject: help
Message-ID: <60609.30329.qm@web162011.mail.bf1.yahoo.com>

Hello
I'm working on asymmetric keys for encryption and decryption of files. I am going to encrypt data on sender PC using receiver's public key and send encrypted data to receiver in order to decrypt it using its private key.
?I have two PCs (A and B). I created a (public key, private key) on A and sent its public key to B. the public key is attached. Then I tried to encrypt a dir using "gpgdir" command. But I encountered below error. I'm wondered why gpg is looking for A's private key? Whenever we don?t want B knows the private key? How can I fix it?
?
============================================
# gpgdir --verbose -K el_ghasemi at yahoo.com -e /home/yousefi/Desktop/a
[+] import_perl_modules(): The @INC array:
/usr/local/lib64/perl5/site_perl/5.10.0/x86_64-linux-thread-multi
/usr/local/lib/perl5/site_perl/5.10.0
/usr/lib64/perl5/vendor_perl/5.10.0/x86_64-linux-thread-multi
/usr/lib/perl5/vendor_perl/5.10.0
/usr/lib/perl5/vendor_perl
/usr/lib64/perl5/5.10.0/x86_64-linux-thread-multi
/usr/lib/perl5/5.10.0
/usr/lib/perl5/site_perl
.
[+] Executing: gpgdir --verbose -K el_ghasemi at yahoo.com -e /home/yousefi/Desktop/a
??? Using GnuPG key: el_ghasemi at yahoo.com
??? Enter password (for initial encrypt/decrypt test)
Password: 21961363
?
[+] test_mode(): Encrypt/Decrypt test of gpgdir_test.2902
[+] test_mode(): Created gpgdir_test.2902
Reading passphrase from file descriptor 9??? 
?
pub? 1024R/18EA55AA 2011-05-30 ghasemi (this is a encrypt test) <el_ghasemi at yahoo.com>
?Primary key fingerprint: C4F9 1073 B733 C752 C18C? EF81 1BFC 4C86 58C0 723B
????? Subkey fingerprint: D953 4E49 13CA 998C BF0F? 3CE5 7E3A 9360 18EA 55AA
?
It is NOT certain that the key belongs to the person named
in the user ID.? If you *really* know what you are doing,
you may answer the next question with yes.
?
Use this key anyway? (y/N) y
gpg: 18EA55AA: There is no assurance this key belongs to the named user
[+] test_mode(): Successful encrypt of gpgdir_test.2902
Reading passphrase from file descriptor 9??? 
??? GnuPG errors:
gpg: encrypted with 1024-bit RSA key, ID 18EA55AA, created 2011-05-30
????? "ghasemi (this is a encrypt test) <el_ghasemi at yahoo.com>"
gpg: decryption failed: secret key not available
??? GnuPG status:
[GNUPG:] ENC_TO 7E3A936018EA55AA 1 0
[GNUPG:] NO_SECKEY 7E3A936018EA55AA
[GNUPG:] BEGIN_DECRYPTION
[GNUPG:] DECRYPTION_FAILED
[GNUPG:] END_DECRYPTION
[*] Created zero-size file: gpgdir_test.2902
??? Bad password? Try with --verbose at /usr/bin/gpgdir line 642.
?
Best regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110530/ab384a48/attachment-0001.htm>