Re: hashed user IDs redux [was: Re: Creating a key bearing no user ID]
On 28/01/12 20:34, MFPA wrote: Or is the point that searching on the email address doesn't find the key, you have to search for the fingerprint (and the UID doesn't contain the email address at all, not even obscured)? Yes, exactly. The UID just says Anonymous or whatever you want it to say. or would the user need to just search for 0EE5BE979282D80B9F7540F1CCD2ED94D21739E9 to get the key? Yes. Either the user needs to be this savvy, or his tools (MUA, or GnuPG) needs to recognise the special form e-mail address and do this. To automate it, either the MUA or GnuPG needs to recognise the special form e-mail address, but no other changes are necessary (f.e. the keyserver can stay the same). By the way, the way I see it, the e-mail address really exists. You can mail to dkg--noenum-0ee5be979282d80b9f7540f1ccd2ed94d2173...@fifthhorseman.net and it arrives. Demanding the MUA to automatically strip it and mail d...@fifthhorseman.net instead really hinders adoption. I assumed Hauke Laging's high-entropy e-mail address variant also needed the e-mail address to actually exist, otherwise I don't see how that variation could meet the requirements, namely that possession of the e-mail address is enough to get someones public key. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs redux [was: Re: Creating a key bearing no user ID]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Friday 27 January 2012 at 2:20:23 PM, in mid:20120127142023.gc6...@iupui.edu, Mark H. Wood wrote: A difficulty here is that spamming is fairly specific, while privacy (it seems to me) is huge, amorphous, and defined differently by different people. The aspect of privacy relevant to this discussion is pretty specific too: selective sharing of personal information. - -- Best regards MFPAmailto:expires2...@rocketmail.com An idealist is a person who helps other people to be prosperous -BEGIN PGP SIGNATURE- iQCVAwUBTyVi4aipC46tDG5pAQq3ogQAoUeXkvFFSMvQ3VI7Vz9TwiR9cSACEitt egYSvcePXCzQP3XI3kPxeU2OZ/fw/b14uB7bRvlK+GEeKnBYt4sOeZd9uW64ESIK wcBuy9tYyUj1HxSiYHRN6zjJnUtDMMHXLt3Km4CfFyA5waCcp5iO+G0JqLYYXVJW umqi4Xe00Eo= =PniH -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs redux [was: Re: Creating a key bearing no user ID]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Friday 27 January 2012 at 1:29:07 AM, in mid:4f21fde3.30...@sixdemonbag.org, Robert J. Hansen wrote: The use is correct. Spamming is what someone does once they have your private information: harvesting is the act of collecting. Far worse things than spamming can happen with your private information. One windmill at a time, my ingenious gentleman of La Mancha. I see the two as just one issue: protecting a string of text. On 1/26/2012 6:41 PM, MFPA wrote: Why would a spammer network bother to generate email addresses and submit them as keyserver queries, rather than just sending spam out to them all? I have been waiting for you to realize this. *Even if you solve the key enumeration problem, you solve nothing.* It doesn't get you anything, because the email enumeration problem is just as bad. Random spamming is quite another thing from actually knowing an individual's personal contact details: their email addresses, the names they use, which email address is used with which name. And yet, my two unlisted cell phones both routinely get robocalls and telemarketers. They, too, work by enumeration. At least they are calling random numbers rather than specifically targeting you personally. In the UK, these unsolicited calls are massively reduced by registering the number with the telephone preference service. You still get occasional calls from organisations not covered or not complying, and you get some silent calls because some callers' equipment checks the numbers they generate against the list only if the call is answered. I believe you have something similar in the US https://www.donotcall.gov/ - -- Best regards MFPAmailto:expires2...@rocketmail.com Pain is inevitable, but misery is optional. -BEGIN PGP SIGNATURE- iQCVAwUBTyV326ipC46tDG5pAQoFYAP9EkzNgXqmb80MU2VSzb+ryRYvl+uuMq6h 8vkA62zGVOavYNSLXwEKH9oX+psA0pXsncbViCJfHnUh3GFV4/wgmi15W7c9gCy3 TsoYkpCBoDCTQB4yUE538XFjJKGr8qe/TNkTpnP7YOy6cpvKul6soKvu8hlsF8pP 6HJwqvQWIUQ= =yGXG -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: hashed user IDs redux [was: Re: Creating a key bearing no user ID]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Saturday 28 January 2012 at 6:29:10 PM, in mid:4f243e76.2090...@tx.rr.com, John Clizbe wrote: To repeat: OpenPGP and the keyserver network were NEVER designed to operate in the manner you wish. I doubt they ever will operate in that manner. You cannot blind a UID from other UIDs on a certificate. The day keyservers selectively return certificate information is the day the keyservers no longer are trusted. I was not suggesting the information be selectively returned. The whole key would be returned; any UIDs that contained digests instead of plaintext would reveal no information to the user. Like Rob, I'm done. There is no more to explain. Adios. Sayonara. Goodbye. Fair enough. - -- Best regards MFPAmailto:expires2...@rocketmail.com Dogs look up to us. Cats look down on us. Pigs treat us as equals. -BEGIN PGP SIGNATURE- iQCVAwUBTyV6Q6ipC46tDG5pAQr7bgQAjzdGeruaLYZa2HVj1LU3QFaTyC5v3A1h QTvQY8ZYBK0Ca0UKwiIVu3WPodba8zV0GL7Zw10LGlNLQH0dNGK0YHy0kzc7NHxH dMrKNgLghnvt1LYaaOQgzmxs0HKcwuvco5KSQ+v12JeyGWQSrORm3qxkvH0tAjeQ xQHaARhbBT8= =jVJf -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Why hashed User IDs is not the solution to User ID enumeration (was: Re: Creating a key bearing no user ID)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Saturday 28 January 2012 at 6:21:25 AM, in mid:f4fa1857-0e07-407c-b80a-eb74e4fe8...@jabberwocky.com, David Shaw wrote: It does not support it. With keyserver.pgp.com, it's sort of as if no-modify is always on, but in a limited sense: the keyserver will only allow new user IDs or a new key from the key owner (though enforced via who can read email at your address, rather than cryptographically), but it allows anyone whose key is on keyserver.pgp.com to sign a key and send the update to the keyserver. So you can always sign someone else's key if you desire. Does the key you are adding your signature to have to already be on keyserver.pgp.com? - -- Best regards MFPAmailto:expires2...@rocketmail.com My mind works like lightning... one brilliant flash and it's gone -BEGIN PGP SIGNATURE- iQCVAwUBTyV7c6ipC46tDG5pAQqRsQP+KXxe9/EQ0tHDwmRMIdNNF/9zrM3/vtIa Wq/e6VYiXIMoNFfmI+VCr4Gs6f/I5Yi4UYStk9S+TQRxAvK32EzebVVP1gw+MqrV JFFPV5p/cbOdOP+/bNJPuWO9uck07fILpAZhoJ8FNESUVUn2AV3tLAnCTKOoDra6 igVOGjXCwQQ= =TS/Z -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
OpenPGP card stopped working
Hi, after several years without any issue my openpgp card stopped working today on my Ubuntu Lucid system. gpg --card-status just returns: gpg --card-status gpg: selecting openpgp failed: ec=6.108 gpg: OpenPGP card not available: general error I am using an omnikey cardman 4040 reader. This is what I have done so far: 1.) checked that the kernel driver cm4040_cs for cardman 4040 driver is loaded 2.) checked that gpg-agent is running: 3.) started the pcscd which is normally not required, than started pcsc_scan. pcsc_scan detects openpgp as the inserted smartcard. pcsc_scan detect insert/remove of the openpgp card 4.) inserted a brand new openpgp card, but the error stays the same 5.) replaced the cardman 4040 reader with a new 4040 reader, but the error stays the same I am out of ideas, and google did not help further. Can someone please give me a hint, how I can make my openpgp card working again. Thanks for your help. Regards, Klaus ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: OpenPGP card stopped working
Klaus Layer klaus.la...@gmx.de wrote on 29.01.2012: Hi, after several years without any issue my openpgp card stopped working today on my Ubuntu Lucid system. gpg --card-status just returns: gpg --card-status gpg: selecting openpgp failed: ec=6.108 gpg: OpenPGP card not available: general error I am using an omnikey cardman 4040 reader. This is what I have done so far: 1.) checked that the kernel driver cm4040_cs for cardman 4040 driver is loaded 2.) checked that gpg-agent is running: 3.) started the pcscd which is normally not required, than started pcsc_scan. pcsc_scan detects openpgp as the inserted smartcard. pcsc_scan detect insert/remove of the openpgp card 4.) inserted a brand new openpgp card, but the error stays the same 5.) replaced the cardman 4040 reader with a new 4040 reader, but the error stays the same Ok, I resolved the issue. I added verbose debug 1024 debug-ccid-driver log-file /home/user/scdaemon.log to ~/.gnupg/scdaemon.conf and found out that the permissions of /dev/cmx0 did no longer allow others to r/w to the device. Somehow the udev rules to set scard group for /dev/cmx0 vanished from my system. After recreating a rules file /etc/udev/rules.d/40-gnupg.rules with SUBSYSTEM==cardman_4040, GROUP=scard, MODE=0660 it works again. Regards, Klaus signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
RE: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org
Dear Michael (Yetto), M.A.Y.: It isn't for the greater good if the onus to please the few (or the one) is placed on the many. Michael, if the few care more about being above the many, than the needs of the many, does that not lead to disparity? The many are not all as knowledgeable as the Yettos of this world ... the many get excluded technologically; technologically disparity is akin to economic disparity ... if Warren Buffet can reach out to the rich, then the techie~~astute can reach out to the techie~~challenged. Henri David Thoreau, paraphrased: if one person is more right that her/his neighbours, then that person constitutes a majority of one. - AFAIK, there is no such thing as a standard signature AFAIK. if there were, on would expect to find it more consistently here gnupg-users@gnupg.org. M.A.Y.: standard sig delimiter (newline dash dash space newline). I'm assuming that by sig, you mean signature and not tagline. The following are recent examples of non-standard signatures: __ Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. __ Kind regards, Christian --- . . . common/t-sexputil -- 1.7.8.3 __ *** Robert J. Hansen ***{ no signature } also: PGP signature __ Cheers, Remco __ vedaal __ --dkg __ --dan __ /Holger __ -- FWIW Gerry (Lowry) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org
On 2012-01-30 02:19, gerry lowry +1 705 250-0112 alliston ontario canada wrote: Michael, if the few care more about being above the many, than the needs of the many, does that not lead to disparity? The many are not all as knowledgeable as the Yettos of this world ... the many get excluded technologically; technologically disparity is akin to economic disparity ... if Warren Buffet can reach out to the rich, then the techie~~astute can reach out to the techie~~challenged. This part wraps and looks really ugly in my email client. Please fix. -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA -- nameserver 217.79.186.148 nameserver 178.63.26.172 http://opennicproject.org/ -- No situation is so dire that panic cannot make it worse. signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Monday 30 January 2012 at 1:19:57 AM, in mid:00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com, gerry lowry +1 705 250-0112 alliston ontario canada wrote: AFAIK, there is no such thing as a standard signature AFAIK. But there is a standard signature delimiter or cut mark. Many mail clients cut the message at that delimiter when replying, so that when trimming quotes you don't need to delete the signature text yourself. if there were, on would expect to find it more consistently here gnupg-users@gnupg.org. Looking through recent postings, the signature delimiter seems to appear in about half of the messages on this list. - -- Best regards MFPAmailto:expires2...@rocketmail.com Raining cats and dogs is better than hailing taxis. -BEGIN PGP SIGNATURE- iQCVAwUBTyX38aipC46tDG5pAQoKFQP/c09WEaG9Wwg0+UJ/G2k286gPP7E2WejC aeoKkE7f2Pm4Y+9CM06bzDO6zKbwL89wnmgMilaxbPEFI0UHXYHRhkVj1zDT5j+2 izUPB+RtQgEGVUTsL0WlHk9EAC87OHp6mIJRVOO/44oSOAagvDam0FLMvBv2QkC/ TxsCV3bTPfM= =mtla -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org
On Mon, 30 Jan 2012 01:52:44 + MFPA articulated: On Monday 30 January 2012 at 1:19:57 AM, in mid:00b101ccdeed$493a6180$dbaf2480$@abilitybusinesscomputerservices.com, gerry lowry +1 705 250-0112 alliston ontario canada wrote: AFAIK, there is no such thing as a standard signature AFAIK. But there is a standard signature delimiter or cut mark. Many mail clients cut the message at that delimiter when replying, so that when trimming quotes you don't need to delete the signature text yourself. if there were, on would expect to find it more consistently here gnupg-users@gnupg.org. Looking through recent postings, the signature delimiter seems to appear in about half of the messages on this list. - -- Best regards MFPAmailto:expires2...@rocketmail.com Interestingly enough, your Sig Delimiter is bonked. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [META] please start To: with gnupg-users@gnupg.org, i.e.: To: gnupg-users@gnupg.org
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Monday 30 January 2012 at 2:13:48 AM, in mid:20120129211348.2b49cc7b@scorpio, Jerry wrote: On Mon, 30 Jan 2012 01:52:44 + MFPA articulated: Looking through recent postings, the signature delimiter seems to appear in about half of the messages on this list. - -- Best regards MFPA mailto:expires2...@rocketmail.com Interestingly enough, your Sig Delimiter is bonked. That is an unfortunate consequence of signing my message with GnuPG; all lines lose trailing spaces and any line beginning with a dash gets prefixed with a dash and a space. - -- Best regards MFPAmailto:expires2...@rocketmail.com A wise man once said ...I don't know. -BEGIN PGP SIGNATURE- iQCVAwUBTyX/GKipC46tDG5pAQpVOAP/eJRNC5e+76P46c9WsPUT7HXZXkYdTu2e BSOxN2cSrG9FCkQ3hQ6NMjj70rIpWBHNxCrEKT9N2X3+aecCdOudiVdfwkCreYWl sVYScS6F0L3K9/exfxq7jk+jRKj/RdHKC5uOCeDkur5gSQ5gZ4bnXAgatzy94Ow+ 7yn/B9jogxk= =9K8M -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users