Re: Including public key
On 7/27/2011 10:25 PM, Len Cooley wrote: Well, let me ask you this. Is it useful/useless/ridiculous/orwhat to attach your public key as a sig at the end of an email, such as below? Unless you're trying to keep your key 'off the grid' I'd just send the key to the keyservers. Then people who use OpenPGP will retrieve the key based on your email's signature. People who don't care will just ignore your sig, which will be smaller than your full public key. If you are trying to keep the key 'off the grid' then you don't want to include it as a generic signature either. In general, it's best to get the key from a different source than your signed email. If your signature and key are in the same email, an attacker could have forged both. They could in other circumstances as well, but it's less likely for someone to forge both a public key on the keyservers (or your personal website, or your business card, etc), and a signature on a forged email. They need to compromise two lines of defense. -- Grant signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Including public key
On Thu, 28 Jul 2011 08:29, k...@grant-olson.net said: attacker could have forged both. They could in other circumstances as well, but it's less likely for someone to forge both a public key on the keyservers (or your personal website, or your business card, etc), and a signature on a forged email. They need to compromise two lines of defense. Why? Sending a key to a keyserver is cheap. The validity of the key needs to be established by different means; for example using the WoT. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Smartcard durability?
On Thu, 28 Jul 2011 05:56, r...@sixdemonbag.org said: Are there any particular problems the durability of a smartcard, particularly an OpenPGP card? Are there any damage concerns from wallet It is not different than with any other chip card. If you immerse the card into water only the contacts my corrode. Use an eraser to clean them. If you bend the card to strong the chip may get an microfissure and stop working. I have several chip cards in my purse for may years now without any problems. Granted most money cards still use the magstripe but at least my OpenPGP card and my RFID based season ticket are chip-only cards. As an alternative you may use an ID-000 (GSM card size) card along with an USB reader and put it on your key ring. I had one on mine for at least 4 years and it surived summer, winter, snow and sun without any problems. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
-BEGIN PGP SIGNED MESSAGE- In my entry on a related thread, I was thinking that one of the simpler ways to foil attacks on bank cards would be to make a smart card play dumb and accept any old pin (symmetric encryption key for a private key). That would (almost) force attackers to communicate with a bank on every trial, except there *might* be a way for attackers to get the public key for a pair off a card. Since attackers can't read the private key (at least not without frying or bridging key bits), they can't tell that it iz no longer based upon probable primes. The bank would come up with no such ID, or BAD signature, and they might be watching for a lot of noise like that. Now, I am thinking that for a card to reveal its public key more than once might actually be a weakness, however interoperable. A bank card does only hav to communicate with one other entity, so I am not sure that this can't be done with symmetric keys throughout. The other way iz to introduce increasing delays for bad PINs. I like my first impulse better, though, forcing attackers to actually use a badly decrypted private key to communicate with a bank. ___ That boy so horny, even the Crack of Dawn ain't safe! -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQCVAwUBTjFBYx47apzXdID2AQFP8wP/eT5sYDOjdgVRbuHOdbc8JkJ/1wG/d6nQ oW1SvdtXQjTnVDNEpcLop11ibTVqiCkddQTWXazso9B1CPwPAGIA+z6ipfFCYCBm DGp09oEZw9BO52Qhb09GwL+ykXxlgHUcx70rTNDlXM/GlusodQEPbkyFCQ+Dow3p +YffVJbfyyU= =Rs2c -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Including public key
-BEGIN PGP SIGNED MESSAGE- On 2011-07-27 8:25 PM, Len Cooley wrote: Well, let me ask you this. Is it useful/useless/ridiculous/orwhat to attach your public key as a sig at the end of an email, such as below? It depends on the environment of your receiver. Would they be subject to seeing your signature replaced? Do any policies concern the use of cryptography at their workplace or domicile, say in jail or in a country where Blackberry crypto is an issue (India, if I remember correctly)? Do they live in a country that accepted U.S. export restrictions on cryptography (probably Russia)? Is your recipient a public figure (about whom there might be motivation to pull a Murdoch) or an ex convict (about whom there might still be search warrants)? In any of the rejions where cryptography is controlled, it is a better idea (than simply sending a public key with no signatures on it other than yours) to be creative with the hash on your public key; perhaps telephone verification, perhaps you can personally meet someone on the web of trust. While the Physics of public key cryptography are air tight, it depends on signatures on your public key to become robust in the real world. I suspect that you are more likely to get those if you release your key on servers, and sign a lot of stuff that people consider important. Attaching a photo to your public key might help. So might putting a phone number on your public key. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQCVAwUBTjFNvx47apzXdID2AQEWCQQAkWqfrRfQYixNinxHY96rEawOrCcsRcHF aQDSq0knmwOXRggiQFLkb4iixFKV49hnbfbseDVHRv5cefdldJFuyetGhCruINQj yPesb3cNkyvnCBD8yN4YPkmPfGnDu+9EEaYyRqUSUu18S9q944Gm/m6t2q8LlLXh 9ogBDYNJfio= =FbUF -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Smartcard durability?
It's a small sample to be sure, but I've been carrying my smartcard in my wallet for several months and it's held up just fine. It has a tiny bit of curvature to it now, but that's only noticeable if you lay it on something flat, and has no impact on its usage. (If it matters any, I carry my wallet in a front pocket -- I know some people sit on theirs which might be a bit worse for it.) David On Wed, Jul 27, 2011 at 11:56 PM, Robert J. Hansen r...@sixdemonbag.org wrote: Are there any particular problems the durability of a smartcard, particularly an OpenPGP card? Are there any damage concerns from wallet storage, for instance? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- David Tomaschik, RHCE, LPIC-1 System Administrator/Open Source Advocate OpenPGP: 0x5DEA789B http://systemoverlord.com da...@systemoverlord.com ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Including public key
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Thursday 28 July 2011 at 12:53:41 PM, in mid:4e314dc5.4000...@freenet.edmonton.ab.ca, Jay Litwyn wrote: Attaching a photo to your public key might help. So might putting a phone number on your public key. I'm not too convinced a photo would help much. I could create a key and include a photo obtained from the internet... A phone number would only help if the person ringing it knew you well enough to recognise your voice on the phone. Even then, somebody could record your voice and use it create an answerphone message... - -- Best regards MFPAmailto:expires2...@ymail.com A nod is as good as a wink to a blind bat! -BEGIN PGP SIGNATURE- iQE7BAEBCgClBQJOMWvKnhSAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pxMoEAJC2 t7Ylu9/3rT4ouuvPwD6xG4BG/UoCIAHyBwVf343b946PKbNByD1NIjZjknnzZKkK ER9ajFAxbx7LrT/0Eea1HQ04i74YOFMKnxgbHQ2avBulLWus8pjgEVZcBmEs+sQA /1cavrpZtfnqprJ7kyOdUcNmBUJ8oE90DE9TO3So =Rnur -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Including public key
-BEGIN PGP SIGNED MESSAGE- On 2011-07-28 8:01 AM, MFPA wrote: Hi On Thursday 28 July 2011 at 12:53:41 PM, in mid:4e314dc5.4000...@freenet.edmonton.ab.ca, Jay Litwyn wrote: Attaching a photo to your public key might help. So might putting a phone number on your public key. I'm not too convinced a photo would help much. I could create a key and include a photo obtained from the internet... Do not sign my photo until you see me in person, although it would be tricky to fake photo-id production on skype. Photo-id doesn't make very good single frames, but change the angle on television and those chrome things flicker and move... A phone number would only help if the person ringing it knew you well enough to recognise your voice on the phone. Even then, somebody could record your voice and use it create an answerphone message... That is what a signed mp3 in my comment is about, and just in case you do not follow links in message source [comments] very often... http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp (I will never call it a thumbprint or a fingerprint; key hash) Kleopatra won't handle that file...says no data, and gpg will handle it on a command line, making an mp3 out of it. Additionally, you can do a reverse lookup on my phone number and at least see if I am lying about my given and family names, according to a corporation that my library used to verify my identity. My bottom line is that photos and phone numbers do not hurt. ___ Quantum Mechanics do it on fields and in time. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQCVAwUBTjF+yR47apzXdID2AQFtwAP+Lqb7pQJzmkX8rS+vE6zR0VzEZGAFfhre fIC8Y87nms0oZqm3R/524et8uofveIi87qvVZZ+zdY64oku/bgqqnM0kQQhKUHEj pjMwuNE6APiOsNRDiDeEEgx5OPZSk+/THVlKI0JPOAvjEuv/ThAT9aQMm/RBrlyG e2xgTNyjM18= =2bpK -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Including public key
On 28 July 2011 16:01, MFPA expires2...@ymail.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Thursday 28 July 2011 at 12:53:41 PM, in mid:4e314dc5.4000...@freenet.edmonton.ab.ca, Jay Litwyn wrote: Attaching a photo to your public key might help. So might putting a phone number on your public key. I'm not too convinced a photo would help much. I could create a key and include a photo obtained from the internet... A phone number would only help if the person ringing it knew you well enough to recognise your voice on the phone. Even then, somebody could record your voice and use it create an answerphone message... It's now possible to put a photo, phone number etc on your home page, and also put your public key there. That's what I do. For this I use my OpenPGP key together with some HTML5. It's quite a new system, but supported by the W3C and on it's way to becoming a standard. For more info see the video at: http://webid.info/ - -- Best regards MFPA mailto:expires2...@ymail.com A nod is as good as a wink to a blind bat! -BEGIN PGP SIGNATURE- iQE7BAEBCgClBQJOMWvKnhSAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pxMoEAJC2 t7Ylu9/3rT4ouuvPwD6xG4BG/UoCIAHyBwVf343b946PKbNByD1NIjZjknnzZKkK ER9ajFAxbx7LrT/0Eea1HQ04i74YOFMKnxgbHQ2avBulLWus8pjgEVZcBmEs+sQA /1cavrpZtfnqprJ7kyOdUcNmBUJ8oE90DE9TO3So =Rnur -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Including public key
-BEGIN PGP SIGNED MESSAGE- On 2011-07-28 10:08 AM, Melvin Carvalho wrote: On 28 July 2011 16:01, MFPA expires2...@ymail.com wrote: Hi On Thursday 28 July 2011 at 12:53:41 PM, in mid:4e314dc5.4000...@freenet.edmonton.ab.ca, Jay Litwyn wrote: Attaching a photo to your public key might help. So might putting a phone number on your public key. I'm not too convinced a photo would help much. I could create a key and include a photo obtained from the internet... A phone number would only help if the person ringing it knew you well enough to recognise your voice on the phone. Even then, somebody could record your voice and use it create an answerphone message... It's now possible to put a photo, phone number etc on your home page, and also put your public key there. That's what I do. For this I use my OpenPGP key together with some HTML5. The only reason I am not using HTML5, yet, iz because it requires knowing CSS to set link, vlink, and alink colours. What you are talking about only requires HTML 3.2 (which haz been a standard for ten years, and even now there is a portion of internet traffic from I.E.6.), which supports colour in body tags, while HTML5 does not; yet another standard that is not backward compatible. Not recognizing a public key from stamper is being not backward compatible. A signed photo means a *bit more* than photos on facebook. A signed phone number means a *bit more* than a link to your phone company. That is especially true when three identifiers are linked to the same key, separately, so that you don't need to know all four (voice, name, face, and e-mail address), and so that you can let other people confirm only what they've experienced, az in perhaps they should not feel qualified to sign my given and family names, yet they're confident of my e-mail address. In my case, that iz likely, because I yuuz only screen names on USENET. The bit more is potential for privacy, and insulation against identity theft. Someone could simply copy your web site and change a few things to steal your identity, at least until you found out and complained to their ISP. That's why void appears in my public key. Neither PGP 10, nor gpg were going to allow me to leave my given and family names blank; separate, and yet _linked_ elements of identification. It's quite a new system, but supported by the W3C and on it's way to becoming a standard. For more info see the video at: http://webid.info/ Like I said, it is more authentic and therefore more useful when pieces of your identity are linked in dijital signatures. It would be a bit tricky to do that with HTML. You could do it with PDF, because there iz a standard for signatures (and probably compound signatures) on PDF. There isn't one for HTML, AFAIK, that doesn't require s/mime or some complicated and little-used piece of HTTPS or HTTPD. ___ Line for Darth Vader in Star Wars to sanitize: (Exhale, Inhale) Luke, you are my bastard! -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQCVAwUBTjGnFR47apzXdID2AQEoCwP9EVxC4OeoqZ4wIQvKHwMRezh8ytLQYEo9 pTfbjuE3zwqzge+Aj9U2OjgKSfWq3GFYmQ59QBMNUtaGT2pVP1n3RIFsuYEr+1XY cem6oL0cyMT8X0e198J7sy9bC//TD8NaEkPOW5p1D8YzeFuKOSc2LeHuyCjnU4Ox I+9YK8TtA2s= =q4aO -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Including public key
On 28/07/11 20:15, Jay Litwyn wrote: In my case, that iz likely, because I yuuz only screen names on USENET. yuuz? That's where I draw the line. This mailing list is for communication, not showing your 1337 skillz. So please communicate in a way where I don't have to read every other sentence twice to get what you are trying to tell us. Peter. PS: At first I wondered if you had an interesting variant of dyslexia :). Perhaps quite the opposite of your intention. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Including public key
-BEGIN PGP SIGNED MESSAGE- On 2011-07-28 10:08 AM, Melvin Carvalho wrote: (...) It's quite a new system, but supported by the W3C and on it's way to becoming a standard. For more info see the video at: http://webid.info/ (...) paypal and your bank are unlikely subscribers to this potential standard. You will notice that neither one allows your browzer to store a password for them. They also time out; expire logins. That's how concerned they are with authenticity; not even someone else from your home. I do not really see how an open login system can *increase* security. However much you use the math, if you are effectively logged into all of the servers you ever used at once, then the openness of your computer (say if it is on, and you head out for soda without logging out) is an authenticity threat. You do not want to explain someone else's actions to admins on wikipedia: You will be lucky if they believe you. ___ I found JESUS! He was in my trunk when I got back from Tijuana. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQCVAwUBTjHF1x47apzXdID2AQEUNwP/f7/Gwidil0/kuJ+lX4Bc2U9KJe010M+Z NOCWsanisa0D0lzkjZOslnN5t4+UQ+g075RXXpQEQBA/asPhk9gFRiXvn6uA9mRs vTAWWd0xTdHWrR0/hJSyQo7pWqBbREG+n6sDLONh/7qbgbTNXZqjNUvWdAAvuKP9 x+cViAeOWNI= =96R6 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Creating a quickly expiring signature
I wanted to test behavior of an application with an expired signature, but using `--ask-sig-expire` don't seem to be granular enough. The minimum I can specify is either 1 day, or an absolute date (e.g. 2011-07-29), which is still 8+ hours away for me right now. Am I missing something? Decimal values are not accepted, nor seconds, minutes, or hours. -Dan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Creating a quickly expiring signature
On Jul 28, 2011, at 4:49 PM, Dan McGee wrote: I wanted to test behavior of an application with an expired signature, but using `--ask-sig-expire` don't seem to be granular enough. The minimum I can specify is either 1 day, or an absolute date (e.g. 2011-07-29), which is still 8+ hours away for me right now. Am I missing something? Decimal values are not accepted, nor seconds, minutes, or hours. When GPG asks you for the value, enter seconds=X. You can go down to as low as a single second. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Creating a quickly expiring signature
On 7/28/11 4:49 PM, Dan McGee wrote: I wanted to test behavior of an application with an expired signature, but using `--ask-sig-expire` don't seem to be granular enough. Set your system clock back a year, create a sig that expires in a year, reset your system to the normal time. The simplest solution is usually best. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Creating a quickly expiring signature
On Thu, Jul 28, 2011 at 5:04 PM, David Shaw ds...@jabberwocky.com wrote: On Jul 28, 2011, at 4:49 PM, Dan McGee wrote: I wanted to test behavior of an application with an expired signature, but using `--ask-sig-expire` don't seem to be granular enough. The minimum I can specify is either 1 day, or an absolute date (e.g. 2011-07-29), which is still 8+ hours away for me right now. Am I missing something? Decimal values are not accepted, nor seconds, minutes, or hours. When GPG asks you for the value, enter seconds=X. You can go down to as low as a single second. Thanks! This worked. Now why isn't this documented anywhere to be found? What other secret helpful options does gpg not advertise? @Robert: while I appreciate your suggestion, I do not find setting my system clock (controlled by NTP) to an invalid time to be even remarkably a valid solution to this problem, especially if I am writing an automated test suite that generates signatures and keys, for example... -Dan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Including public key
On 7/28/11 3:46 PM, Peter Lebbing wrote: Please communicate in a way where I don't have to read every other sentence twice to get what you are trying to tell us. I wunder if iu've red the Plan for xe Impruvment of Ingliy Speling, popyularly atributed to Mark Twain? http://everything2.com/title/A+Plan+for+the+Improvement+of+English+Spelling (In all seriousness, I share in your general concern: but I'm of the opinion a small bit of good humor is always on-topic.) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
At the moment, my secret key is stored on my hard drive and is encrypted by a long passphrase. When I transfer my subkeys to the smartcard, will they actually be encrypted whilst they're on there? The very purpose of smartcards is to keep secret keys confidential and secure. This is achieved by physical protection, different layers, puzzling structure etc. This makes it very, very difficult to extract the keys. For a state-of-the-art smart card like the OpenPGP Card 2, I guess the price tag would be around 100.000 Euros. The beauty is that this protection can be provided without the burden for the user to remember a long passphrase, since this is not required to encrypt the keys. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
-BEGIN PGP SIGNED MESSAGE- On 2011-07-28 6:05 PM, Crypto Stick wrote: At the moment, my secret key is stored on my hard drive and is encrypted by a long passphrase. When I transfer my subkeys to the smartcard, will they actually be encrypted whilst they're on there? The very purpose of smartcards is to keep secret keys confidential and secure. This is achieved by physical protection, different layers, puzzling structure etc. This makes it very, very difficult to extract the keys. For a state-of-the-art smart card like the OpenPGP Card 2, I guess the price tag would be around 100.000 Euros. The beauty is that this protection can be provided without the burden for the user to remember a long passphrase, since this is not required to encrypt the keys. You could use random symmetric encryption keys and encrypt them with a short passphrase: Decryption would be two steps. Or, you could disable the command for exporting a private key; import only. Iz GPG in ROM on this card, then? ___ Xerox and Wurlitzer will merj to market reproductive organs. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQCVAwUBTjI/Eh47apzXdID2AQGM4wP7BD/N5ki544ekkJGuu20qYpqjJhdKmNn2 tQqxY0JYH82SnevQOrRPNfOI+pqM2EuemppItfYbuAG0iI2KqE/aa2Ax/wUL++EA QLy3xuKU8VzxXrSyBm1hqr0FgbA29uxSp/CwHE+TNdgVDEn6aqmq5lZdn+OSqfpR FXIXoYC/0Dc= =icAi -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users