help unsubscribe

McKerracher, Priscilla Priscilla.McKerracher@jhuapl.edu
Tue Mar 12 13:28:01 2002


Please unsubscribe me.
SIG Section Supervisor
priscilla_mckerracher@jhuapl.edu
Johns Hopkins University
Applied Physics Laboratory
Johns Hopkins Road
Laurel, MD 20723
443-778-4474


-----Original Message-----
From: gnupg-users-request@gnupg.org
[mailto:gnupg-users-request@gnupg.org]
Sent: Tuesday, March 12, 2002 6:06 AM
To: gnupg-users@gnupg.org
Subject: Gnupg-users digest, Vol 1 #553 - 15 msgs


Send Gnupg-users mailing list submissions to
	gnupg-users@gnupg.org

To subscribe or unsubscribe via the World Wide Web, visit
	http://lists.gnupg.org/mailman/listinfo/gnupg-users
or, via email, send a message with subject or body 'help' to
	gnupg-users-request@gnupg.org

You can reach the person managing the list at
	gnupg-users-admin@gnupg.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Gnupg-users digest..."


Today's Topics:

   1. RE: unsubscribe me (Veronica Loell)
   2. IDs, signatures and all that stuff (Martin Christensen)
   3. Re: IDs, signatures and all that stuff (JanuszA.Urbanowicz)
   4. Re: IDs, signatures and all that stuff (Martin Christensen)
   5. File limit size?? >4G (Bob Metelsky)
   6. Cipher/hash for passphrase in PGP 7.0 (Ryan Malayter)
   7. Re: IDs, signatures and all that stuff (Mark Brown)
   8. (no subject) (Lgom347@cs.com)
   9. Re: Cipher/hash for passphrase in PGP 7.0 (Marc Mutz)
  10. Re: Keyservers problem (win32) (Bart Martens)
  11. Re: IDs, signatures and all that stuff (Martin Christensen)
  12. Re[2]: Keyservers problem (win32) (Jakob Breivik Grimstveit)
  13. scripts and include directories missing in 1.0.6 (Dan Stahlke)
  14. Re: scripts and include directories missing in 1.0.6
(=?iso-8859-1?Q?Armin_Sch=F6ch?=)
  15. Re: scripts and include directories missing in 1.0.6 (Werner Koch)

--__--__--

Message: 1
Date: Mon, 11 Mar 2002 15:27:04 +0100 (W. Europe Standard Time)
From: Veronica Loell <info@nakawe.se>
To: gnupg-users@gnupg.org
Subject: RE: unsubscribe me
Reply-To: info@nakawe.se
Organization: Nakawe data

Subscribing and unsubscribing can be done at the following adress, as noted 
in the introductory mail that I got when I subscribed... 
>http://lists.gnupg.org/mailman/listinfo/gnupg-users

The mail also says:
You can also make such adjustments via email by sending a message to:

  Gnupg-users-request@gnupg.org

with the word `help' in the subject or body (don't include the
quotes), and you will get back a message with instructions


I suggest that you try one of these things if you want to unsubscribe.


- Veronica Loell


--__--__--

Message: 2
To: gnupg-users@gnupg.org
Subject: IDs, signatures and all that stuff
From: Martin Christensen <factotum@gvdnet.dk>
Date: Mon, 11 Mar 2002 16:08:27 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Howdy!

I've been trying to make sense of signatures and multiple IDs. If
someone signs my public key and I subsequently create a new ID for
that key, then it is not the case that the new ID by transitivity is
signed by the signer. This makes perfect sense: if the signer can
verify my identity as Dr. Jekyll and signs that ID, that does not mean
that he will vouch for any Mr. Hyde IDs used for eating small children
afterwards.

But then people say that creating new IDs for an old key is better
than creating an entirely new key, since creating a new key means that
I have to start collecting signatures all over again. But by doing so,
will I be that much better helped? Sure, people can see that my
_other_ IDs have been signed, but that will require more than a quick
glance, which is more than many people will give to most keys.

Am I missing something here?

Martin

- -- 
Homepage:       http://www.cs.auc.dk/~factotum/
GPG public key: http://www.cs.auc.dk/~factotum/gpgkey.txt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Using Mailcrypt+GnuPG <http://www.gnupg.org>

iEYEARECAAYFAjyMyGsACgkQYu1fMmOQldXLWQCdEPEqTOcgIDCAsIYN13n/+DrU
twsAn3DaIYRApoW8VLjD603JSaVnUolv
=I/A5
-----END PGP SIGNATURE-----


--__--__--

Message: 3
Subject: Re: IDs, signatures and all that stuff
To: Martin Christensen <factotum@gvdnet.dk>
Date: Mon, 11 Mar 2002 16:13:04 +0100 (CET)
CC: gnupg-users@gnupg.org
From: Janusz A. Urbanowicz <alex@bofh.torun.pl>

Martin Christensen wrote/napisa=B3[a]/schrieb:
> But then people say that creating new IDs for an old key is better
> than creating an entirely new key, since creating a new key means that
> I have to start collecting signatures all over again. But by doing so,
> will I be that much better helped? Sure, people can see that my
> _other_ IDs have been signed, but that will require more than a quick
> glance, which is more than many people will give to most keys.
>=20
> Am I missing something here?

I believe that you miss teh fact that key trust is calculated on per-key and
not on per-user ID basis.

Alex
--=20
C _-=3D-_ H| Janusz A. Urbanowicz | ALEX3-RIPE | SF-F Framling |         | =
  *  =09
 ; (_O : +-------------------------------------------------------------+ --=
+~|=09
 ! &~) ? | P=B3yn=B1=E6 chc=EA na Wsch=F3d, za Suez, gdzie jest dobrem ka=
=BFde z=B3o | l_|/=09
A ~-=3D-~ O| Gdzie przykaza=F1 brak dziesi=EAciu, a pi=E6 mo=BFna a=BF po d=
no;     |   |  =20


--__--__--

Message: 4
To: gnupg-users@gnupg.org
Subject: Re: IDs, signatures and all that stuff
From: Martin Christensen <factotum@gvdnet.dk>
Date: Mon, 11 Mar 2002 17:04:30 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "Janusz" == Janusz A Urbanowicz <alex@bofh.torun.pl> writes:
Janusz> I believe that you miss teh fact that key trust is calculated
Janusz> on per-key and not on per-user ID basis.

Wouldn't that mean that I could create ad hoc bogus IDs for causing
general mayhem?

Martin

- -- 
Homepage:       http://www.cs.auc.dk/~factotum/
GPG public key: http://www.cs.auc.dk/~factotum/gpgkey.txt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Using Mailcrypt+GnuPG <http://www.gnupg.org>

iEYEARECAAYFAjyM1Y4ACgkQYu1fMmOQldW5rgCePYJP0P1yFrlM7sIGigvuNzbB
akMAn0Q2aW64/lNUiJCDFv1LawkGm1/X
=nUBt
-----END PGP SIGNATURE-----


--__--__--

Message: 5
Date: Mon, 11 Mar 2002 11:27:42 -0500
From: Bob Metelsky <bob@cps92.com>
Organization: Continuum Performance Systems
To: gnupg-users@gnupg.org
Subject: File limit size?? >4G

Hello All

    Do we know if there is a limit on file sizes? I have a 4 + Gig file
that Im encrypting , the file allegedly encrypts without error but when
I decrypt
I get the following error(s)

invalid packet ctb=72
invalid packet ctb=69

Warning encrypted message has been manipulated!
dont know invalid packet ctb=70

Any suggestions???
many thanks in advance
bob






--__--__--

Message: 6
From: Ryan Malayter <rmalayter@bai.org>
To: "'gnupg-users@gnupg.org'" <gnupg-users@gnupg.org>
Subject: Cipher/hash for passphrase in PGP 7.0
Date: Mon, 11 Mar 2002 10:55:24 -0600

Does anybody know what hash algorithm and symmetric cipher PGP v7.x uses on
private key material? I've tried many combinations of different cipher/hash
algorithms, but I can only seem to export a secret key and use it
successfully in PGP 7.x when it has *no* passphrase.

I've tried Blowfish/RIPEMD-160 (the GnuPG default), and all the combinations
of 3des, CAST, RIJNDAEL and SHA1, with no success.

Regards,
	-ryan-


--__--__--

Message: 7
Date: Mon, 11 Mar 2002 17:28:07 +0000
From: Mark Brown <broonie@sirena.org.uk>
To: gnupg-users@gnupg.org
Subject: Re: IDs, signatures and all that stuff


--xaMk4Io5JJdpkLEb
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Mar 11, 2002 at 05:04:30PM +0100, Martin Christensen wrote:

> >>>>> "Janusz" =3D=3D Janusz A Urbanowicz <alex@bofh.torun.pl> writes:

> Janusz> I believe that you miss teh fact that key trust is calculated
> Janusz> on per-key and not on per-user ID basis.

> Wouldn't that mean that I could create ad hoc bogus IDs for causing
> general mayhem?

Not really.  The trust he's talking about is not for your IDs, it's for
trusting your signatures on other people's keys.  If you've got two IDs
on your key, one very widely signed and one not signed except by
yourself your signature on other people's keys will still come into play
on the web of trust even though your second ID might not be verifiable.

--=20
"You grabbed my hand and we fell into it, like a daydream - or a fever."

--xaMk4Io5JJdpkLEb
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8jOknJ2Vo11xhU60RArtVAJ90eDDUb17Ftce/Cu2nUO3WE9bdJgCg8F/4
hyh/v5jhNOVFKBy8IopxFTI=
=AxVz
-----END PGP SIGNATURE-----

--xaMk4Io5JJdpkLEb--


--__--__--

Message: 8
From: Lgom347@cs.com
Date: Mon, 11 Mar 2002 13:39:35 EST
Subject: (no subject)
To: gnupg-users@gnupg.org

My Windows 98 claims to be missing file: C:\PROGRA~1\CARBON~1\ccw32.vxd. Can

someone help me fix this problem.


--__--__--

Message: 9
Date: Mon, 11 Mar 2002 19:57:40 +0100
From: Marc Mutz <mutz@kde.org>
Subject: Re: Cipher/hash for passphrase in PGP 7.0
To: Ryan Malayter <rmalayter@bai.org>,
 "'gnupg-users@gnupg.org'" <gnupg-users@gnupg.org>
Organization: KDE

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Monday 11 March 2002 17:55, Ryan Malayter wrote:
> Does anybody know what hash algorithm and symmetric cipher PGP v7.x
> uses on private key material?

The problem is the cipher. It's IDEA.

> I've tried many combinations of
> different cipher/hash algorithms, but I can only seem to export a
> secret key and use it successfully in PGP 7.x when it has *no*
> passphrase.

You hit the nail on the head, as we say in Germany.

Marc

- -- 
Marc Mutz <mutz@kde.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8jP4k3oWD+L2/6DgRAgWXAJ9HHQ6/5L2mSerlMsdA1a6rSYxtSwCfYUVS
dtbiWcgwZccP40IqHmvFQzw=
=KFs5
-----END PGP SIGNATURE-----



--__--__--

Message: 10
Date: Mon, 11 Mar 2002 20:24:52 +0100
From: Bart Martens <bart.martens@chello.be>
To: Jakob Breivik Grimstveit <jakob@grimstveit.net>
Cc: gnupg-users@gnupg.org
Subject: Re: Keyservers problem (win32)
Reply-To: bart.martens@advalvas.be

On Mon, Mar 11, 2002 at 08:41:52AM +0100, Jakob Breivik Grimstveit wrote:
> Whenever  trying  to  access  the  keyservers  using gpg, i only get the
> following   answer  (both  at  home  using  dialup  and  on  work  using
> broadband):
> 
> > Sending key(s) 0x545E2819 to server search.keyserver.net:11371 ...
> >
> > gpg: write failed: ec=87
> > gpg: can't connect to `search.keyserver.net:11371': No error
> >
> > Press any key to continue . . .
> 
> Why is that?

Other keyservers work fine, like wwwkeys.pgp.net .
I have a similar problem here, also with search.keyserver.net, but not
allways.
See:

bart@cable-195-162-215-141:~$ gpg --keyserver search.keyserver.net
--recv-key FBA6ECF1
gpg: requesting key FBA6ECF1 from search.keyserver.net ...
gpg: [fd 5]: read error: Connection reset by peer
gpg: no valid OpenPGP data found.
gpg: read_block: read error: invalid keyring
gpg: Total number processed: 0
bart@cable-195-162-215-141:~$ gpg --keyserver search.keyserver.net
--recv-key FBA6ECF1
gpg: requesting key FBA6ECF1 from search.keyserver.net ...
gpg: key FBA6ECF1: not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
bart@cable-195-162-215-141:~$ 

As you can see, the first time it failed, the second time it succeeds. I'm
going to trace this, when I have some spare time. For now I use
wwwkeys.pgp.net
as the default keyserver (in ~/.gnupg/options).

Bart Martens




--__--__--

Message: 11
To: gnupg-users@gnupg.org
Subject: Re: IDs, signatures and all that stuff
From: Martin Christensen <factotum@gvdnet.dk>
Date: Mon, 11 Mar 2002 20:34:15 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "Mark" == Mark Brown <broonie@sirena.org.uk> writes:
>> Wouldn't that mean that I could create ad hoc bogus IDs for causing
>> general mayhem?
Mark> Not really.  The trust he's talking about is not for your IDs,
Mark> it's for trusting your signatures on other people's keys.  If
Mark> you've got two IDs on your key, one very widely signed and one
Mark> not signed except by yourself your signature on other people's
Mark> keys will still come into play on the web of trust even though
Mark> your second ID might not be verifiable.

I'm starting to feel rather stupid now, like a fairly intelligent
bloke such as myself _should_ grok this model without even blinking. I
wonder, then, how Joe Luser then is expected to understand a word of
it, especially given an assumed very low interest in technical matters
by default.

Anyway, I digress.

I am failing to see a couple of things here. Signatures are the glue
of the web of trust model, and trust is calculated on a per-key basis,
not on a per-ID basis. Then what is the point in signing IDs? But on
the other hand, if there's no signing on a per-ID basis, then, after
getting a number of signatures, someone might create bogus IDs.

I don't think that I'm mixing up trust and signatures here... but who
knows? Signatures should be all about verifying people's identities,
but in creating a new ID, how do I avoid having to have that
particular signed all over again[1]? Needless to say, pulling keys out
of the web of trust is a Bad Thing(tm), but that doesn't seem to be
the argument that most people make when they tell you to make a new ID
rather than a new key. The current system makes relatively good sense,
but to me it doesn't seem to make _perfect_ sense. ARGH!

Martin


[1] I guess that once someone has signed your key once, and therefore
should trust that you are who you say you are, then, because they
trust your key, they'll not be reluctant to sign a reasonable new ID.

- -- 
Homepage:       http://www.cs.auc.dk/~factotum/
GPG public key: http://www.cs.auc.dk/~factotum/gpgkey.txt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Using Mailcrypt+GnuPG <http://www.gnupg.org>

iEYEARECAAYFAjyNBrcACgkQYu1fMmOQldXENgCfdwG4ylntuPqhEc1glOaqRHvw
v3wAoLuAQ6TAsITeTQO1xsZdrvP5PoVE
=hdPS
-----END PGP SIGNATURE-----


--__--__--

Message: 12
Date: Mon, 11 Mar 2002 20:44:44 +0100
From: Jakob Breivik Grimstveit <jakob@grimstveit.net>
Reply-To: Jakob Breivik Grimstveit <jakob@grimstveit.net>
To: bart.martens@advalvas.be
CC: gnupg-users@gnupg.org
Subject: Re[2]: Keyservers problem (win32)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 11.03.2002 20:24, Bart Martens wrote the following:

> On Mon, Mar 11, 2002 at 08:41:52AM +0100, Jakob Breivik Grimstveit wrote:

>> Whenever  trying  to  access the keyservers using gpg, i only get the
>> following  answer  (both  at  home  using  dialup  and  on work using
>> broadband):
>>
>> > Sending key(s) 0x545E2819 to server search.keyserver.net:11371 ...
>> >
>> > gpg: write failed: ec=87
>> > gpg: can't connect to `search.keyserver.net:11371': No error
>> >
>> > Press any key to continue . . .
>>
>> Why is that?

> Other  keyservers  work  fine, like wwwkeys.pgp.net . I have a similar
> problem here, also with search.keyserver.net, but not allways. See:

Well,  it always happens for me, on to seperate computers (WinXP & W2k),
on different internet connections (dialup & broadband).

> As you can see, the first time it failed, the second time it succeeds.
> I'm  going  to  trace this, when I have some spare time. For now I use
> wwwkeys.pgp.net as the default keyserver (in ~/.gnupg/options).

I  tried.  15  times.  Every  time  I  get the same response "No error".
Satisfying message :).


- --
Vyrdsamt...
- - Jakob Breivik Grimstveit, jakob@grimstveit.net, www.grimstveit.net
- - Morvikbotn 341, 5122 Morvik. Tlf: 55195667, 48298152, PGP:0xB68BA32F
- - System Integrator, Star Shipping, jakob.grimstveit@starshipping.com

I never get lost, just momentarily disoriented.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (MingW32)
Comment: For info see http://www.gnupg.org

iD8DBQE8jQktTJM+uVReKBkRAtEUAJ0fbTJvU1On3d5SfqxCv/S76QR2FQCcDgdv
wIyW54EEaWL88PEVkXcYaC8=
=gRV8
-----END PGP SIGNATURE-----



--__--__--

Message: 13
Date: Mon, 11 Mar 2002 17:03:15 -0900
From: Dan Stahlke <dan@40hex.org>
To: gnupg-users@gnupg.org
Subject: scripts and include directories missing in 1.0.6
Reply-To: dan@40hex.org

The scripts/ and include/ are missing in gnupg-1.0.6.tar.gz, preventing 
compilation.  Gpg compiles just fine if I use gnupg-1.0.5 and the 1.0.6 
patch file.


--__--__--

Message: 14
Date: Tue, 12 Mar 2002 07:50:39 +0000 (GMT)
From: =?iso-8859-1?Q?Armin_Sch=F6ch?= <schoech@iap-kborn.de>
Reply-To: <schoech@iap-kborn.de>
To: Dan Stahlke <dan@40hex.org>
cc: <gnupg-users@gnupg.org>
Subject: Re: scripts and include directories missing in 1.0.6

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Dan !

> The scripts/ and include/ are missing in gnupg-1.0.6.tar.gz, preventing
> compilation.

Where did you get the archieve from ? I downloaded it from
www.gnupg.org a couple of days ago and it worked just fine. I can
email it to you privately if you want me to (it's about 1.9MB); just
tell me on my private mail.

Thanks,
Armin

- --=20
Am Hasenberg 26         office: Institut f=FCr Atmosph=E4renphysik
D-18209 Bad Doberan             Schloss-Stra=DFe 6
Tel. ++49-(0)38203/42137        D-18225 K=FChlungsborn / GERMANY
Email: schoech@iap-kborn.de     Tel. +49-(0)38293-68-102
WWW: http://armins.cjb.net/     Fax. +49-(0)38293-68-50
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: Weitere Infos: siehe http://www.gnupg.org

iD8DBQE8jbNPG8Xv4GxznLoRArw5AKCFOGWPE1yRlc7a/KBAXhorQzCa4ACgyPnp
trGUdquNvHBx2X6puCcfdOM=3D
=3D3rDy
-----END PGP SIGNATURE-----




--__--__--

Message: 15
To: dan@40hex.org
Cc: gnupg-users@gnupg.org
Subject: Re: scripts and include directories missing in 1.0.6
From: Werner Koch <wk@gnupg.org>
Date: Tue, 12 Mar 2002 11:26:48 +0100

On Mon, 11 Mar 2002 17:03:15 -0900, Dan Stahlke said:

> The scripts/ and include/ are missing in gnupg-1.0.6.tar.gz,

No:

$ tar tzvf gnupg-1.0.6.tar.gz | grep include
-rw-r--r-- 1000/1000     25742 2001-04-27 16:42:25 gnupg-1.0.6/acinclude.m4
drwxrwxr-x 1000/1000         0 2001-05-29 08:59:18 gnupg-1.0.6/include/
-rw-rw-r-- 1000/1000       100 1999-02-20 21:45:39
gnupg-1.0.6/include/distfiles

Done on the FTP server.  From where did you get your copy or are you
just short on local disk space?

  Werner




--__--__--

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users


End of Gnupg-users Digest