PGP on the Palm Pilot.
Hi, Could send me where I can find more explanation about PGP using on a Palm Pilot. Best Regard, Jacques GARSOUS Network Engineering Glavinfo E-mail[EMAIL PROTECTED] Tél + 32 2 658 05 32 Mobile +32 476 40 97 93 Glavinfo E.I.G. Vandammestraat 7, Bus 2 B-1560 Hoeilaart Belgium
One question about pgp-integration
I've read the pgp-integration man page, and tried to implement the sample codes using the system calls. The encryption example was ok, but the decryption sample code I wasn't able to make it work well. Whenever I ran the program I got a core file, when the program try to open the second stream to stdout or stdin. I don't know if you have a tip for me. thanks eduardo _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com.
Re: Cost to break 1024-bit PGP (RSA) in 1997?
- Original Message - From: Anonymous [EMAIL PROTECTED] To: jim bell [EMAIL PROTECTED] Cc: Cypherpunks [EMAIL PROTECTED] Sent: Saturday, October 21, 2000 21:09 PM Subject: Re: Cost to "break" 1024-bit PGP (RSA) in 1997? "jim bell" [EMAIL PROTECTED] wrote: I need an estimate of the cost to break a 1024-bit PGP key in 1997, given then-existing algorithms and hardware, etc. "There are some things that money can't buy." "For those, there are thumbscrews." Would you like an estimate of the cost to break into somebody's house and copy the secret key in 1997? Wouldn't work, at least as stated. The "secret key" in PGP doesn't contain the passphrase, which is also necessary. Besides, "breaking in" would be illegal, wouldn't it? Imagine what would (will?) happen when that incident becomes public? Because it will. Jim Bell
Cost to break 1024-bit PGP (RSA) in 1997?
I need an estimate of the cost to break a 1024-bit PGP key in 1997, given then-existing algorithms and hardware, etc. Jim Bell
PGP keysigning email daemon?
Given the low percentage of "normal user" PGP keys which are anything but self-signed, would people actually use/give-appropriate-trust to a service which signed PGP keys belonging to people based solely on email challenge authentication (like majordomo uses)? It would demonstrate the user has the ability to successfully decrypt email to their key, as well as receive mail at the address in their key id, which is more than can be said of many new users/keys. I personally would trust mail-from authentication to provide me a valid email address for *someone*, if not the particular person I want to contact, which is useful in some cases. -- [EMAIL PROTECTED]+41 1 27 42 491 (corporate, fax) Chief Technical Officer HavenCo, Ltd. ||| Secure Offshore Colocation ||| http://www.havenco.com/ 1024D/4096g 0xD2E0301F B8B8 3D95 F940 9760 C64B DE90 07AD BE07 D2E0 301F
Re: Subject: PGP ADK Bug Fix
It was said: -- begin quote -- Cryptome offers the ADK bug-fix PGP Freeware 6.5.8: http://jya.com/pgpfree/PGPFW658Win32.zip (7.8MB) http://jya.com/pgpfree/PGPFW658Mac_sit.bin (5.6MB) Analyses of the ADK fix and any others most welcome. -- end quote -- As of Friday afternoon, the update offered was PGP657FWWin32.zip. Anyone know what changed between these versions?
Re: PGP: Are you ALL this blind?
PGP ADK Bug Fix
Cryptome offers the ADK bug-fix PGP Freeware 6.5.8: http://jya.com/pgpfree/PGPFW658Win32.zip (7.8MB) http://jya.com/pgpfree/PGPFW658Mac_sit.bin (5.6MB) Analyses of the ADK fix and any others most welcome.
Re: mail list server with PGP
You may want to look at: http://www.agorics.com/cancun.html which seems to have some of the items you mention. Fred Anonymous wrote: Hello, I am looking for the source pointers to mail list server with PGP capabilities. Functionality: posters send e-mail encrypted with the (single) server's key. Server decrypts, then encrypts with each recipient's key as it explodes the mail. If nothing is available as described, what is the best starting point for coding ? Majordomo ?
Re: RSA expiry commemorative version of PGP?
the IDEA patent holders do at least offer free non-commercial use. Ascom officers that enabled this have all been fired thereafter.
Re: RSA expiry commemorative version of PGP?
GnuPG are non-commercial software, using those patents for commercial purposes opens a can of worms I don't want to argue in court. It's amusing to see how fear transforms unenforcable to enforcable. Would you decline a blow job in Alabama (or wherever it's illegal) ?
RSA expiry commemorative version of PGP?
So as the RSA patent is expiring, and the PGP folks are pissed at RSA for various underhand legal shenanigans, can we expect a PGP version with RSA on by default, perhaps released midnight 20 September as a ceromonial event at the party? What about a GnuPG version which includes RSA and IDEA, by default so that once more all PGP users (2.x, 5.x, GnuPG) can all talk to each other. Seems to me that the GPL ought to allow IDEA even though it is patented in the interests of usability; the IDEA patent holders do at least offer free non-commercial use. Adam
Re: Better than pgp
At 12:20 AM 7/30/00 -0700, Matt McDole wrote: I was wondering if there was encrytion software that didnt limit your to 4096 bit key size, I am looking to go higher. - Any suggestions? Let's see - either you're trolling (:-) or you're expecting a semi-major mathematical breakthrough, enough to kill 4096 bits but not major enough to make RSA totally unusable, or you're expecting your application to last substantially longer than the fraction of the age of the universe most of us are expecting to experience? Or you're expecting Moore's Law to keep doubling speeds every 1-2 years for the rest of your life? Key length calculations aren't strictly exponential, but they're close enough that if 1024 bits really isn't enough, 1536 certainly is. The tradeoffs with longer keys are that it reduces the number of people you can communicate with, which is substantially more of a security threat than the length of the keys, and that it pushes you toward homebrew software that's less tested than widely-used software, which means there's a higher risk of bugginess. Thanks! Bill Bill Stewart, [EMAIL PROTECTED] PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Better than pgp
I was wondering if there was encrytion software that didnt limit your to 4096 bit key size, I am looking to go higher. - Any suggestions? -matt +-+ [Name: Matt McDole] [Email: [EMAIL PROTECTED]] [PGP Fingerprint: 5285 B65E EA74 8E0C 1C0B 9D28 6A2A BE54 4590 45A5 ]
McAfee trusts ZixMail over PGP?
-BEGIN PGP SIGNED MESSAGE- - From a press release at: http://www.corporate-ir.net/ireye/ir_site.zhtml?ticker=zixiscript=410layout=7item_id=97301 - -- DALLAS--(BUSINESS WIRE)--June 7, 2000--ZixIt Corporation (Nasdaq:ZIXI) announced today that it has entered into a licensing agreement with McAfee.com Corporation, a leading global Internet Application Service Provider of online PC security and management services. The agreement allows ZixIt to license McAfee.com's "Scan Now" virus-scanning software for use in ZixMail, ZixIt's secure messaging application. McAfee.com's technology will also be used by SecureDelivery.com, ZixIt's new secure messaging portal. SecureDelivery.com will go live in July 2000. As part of the agreement, ZixMail will become the exclusive provider of secure email on the McAfee.com Web site. The agreement takes effect on July 1, 2000. - -- Makes you think, doesn't it? - -MW- -----BEGIN PGP SIGNATURE- Version: GnuPG v1.0.1 (FreeBSD) Comment: No comment. iQEVAwUBOVv6xisFU3q6vVI9AQH4HQgAhXHX3MnBdV3TNZq+12SE8dZ77xsfUveL hijPyvAGnA9oyDRdVXzK5LKZW91BZl8ExDNm1Q+swsiH0OHE8O57ju3TMbgdi9Rk RmjnRC0fOBZr9X1eD/l2G/v2VgLgxSt5nvc/w2/pdewf1rgtxXdgk6vAIbB6ia51 ool27E1qUPKlth5NKg/mWyAB1hSgxUhWFi3IHwp9VcQk6TyxjtxaXW+T+qWcMaiq U0tcyxg0MWEaHQ71HepSGQYVsxfY4CuCk96JeuCqSPqh8o0aUOPjE8S4WEUExTui 4B/55L3HoJ0Dq+BFn/hB4TPq7dINZkvgabRQIZeOO4C28sYItrJp8g== =tsLa -----END PGP SIGNATURE-
PGP-Signed Press Releases
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi there, My employer, DoveBid (www.dovebid.com) has just implemented a policy of digitally signing all press releases. as far as we can tell, no firm has ever done this before. I'm curious as to what you all make of this. The implementation can be seen at http://www.dovebid.com/os/news/press_room.asp Cheers, Bill -BEGIN PGP SIGNATURE- Version: PGP Personal Privacy 6.5.2 iQA/AwUBONkBkfUhQXH5dzNXEQIh1gCdGLz6ROkmtAjCEenOw+xKXweMUvIAnR8Z KhbOyC7rP4TWRSZskfumk6KN =qMnE -END PGP SIGNATURE-
RE: X.BlaBla in PGP??? BWAHAHAHAHAHA!!!!
At 11:17 PM 03/05/2000 -0500, Phillip Hallam-Baker wrote: PGP is in my view popular with people who want to have absolute control over their environment - even if that is at the expense of security. To use PGP securely, one pretty much has to only use keys signed by people you know are meticulous in checking credentials. In my case that means I only use keys signed by Jeff Schiller. Now I have the advantage of actually knowing Jeff, but for the life of me I can't see the scalability in that solution. What do I do if I want to speak to someone who hasn't yet met Jeff - buy them an air ticket to Cambridge MA so they can meet him? ... PGP is unfortunately not scallable to commercial usage. It is therefore only a partial solution for a restricted community. There is absolutely no way that PGP could provide a PKI structure to support applications such as Identrus or ANX. Unfortunately PGP is only about privacy. PGP does not provide any meaningfull or usefull statement about identity. The integrity capabilities of PGP are as a result not usefull if one wishes to provide any degree of assurance with respect to the enforcement of digitally signed contracts. I don't buy your argument - the important scalability differences between "only use PGP keys signed by Jeff Schiller" and "only use X.509 keys signed by Verisign or Thawte" are not that one uses PGP-format sigs while the other uses X.509 - it's that - Jeff Schiller's not in the mass-market business, while VeriThawteNSI are, - Jeff probably only signs for real people, while VeriThawte offers different signatures for people they don't know, optionally based on the quality of government documentation they've got, - Netscape trusts Verisign, Thawte, ATT, and several dozen other CAs, so you have to kill off CAs you don't have a reason to trust, while PGP only starts out trusting the people whose keys you sign. If your argument about scalability was about CRLs vs. other ways to deal with no-longer-trusted individuals, that'd be different. In a business environment, that's important, because people leave jobs or change responsibilities all the time, while in an anti-nuke environment, most people don't get outed as FBI informers very often, or discover that their PCs have been black-bagged by the FBI, and it's not harder revoke somebody's X.509 key on a CRL than to revoke your own key after the Feds have stolen your PC and any backup media they can find. Thanks! Bill Bill Stewart, [EMAIL PROTECTED] PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
RE: X.BlaBla in PGP??? BWAHAHAHAHAHA!!!!
-Original Message- From: Phillip Hallam-Baker [mailto:[EMAIL PROTECTED]] [...] And actually, UK libel law extends to any material published in the UK, so it would be possible to bring an action in the UK against a cypherpunks poster. Not that I would employ such an unfair law. Indeed folk can read my recent letter in the Guardian on the topic www.guardian.co.uk. Folk can also discover the judge's published opinion on the chap who sued me if they grovell round the site. [...] Phill One interesting factor is the differing standards for 'libel' between the US and UK. (Note: IANAL). In the US, truth is an absolute defense against libel. In the UK, as well as many other countries, it is not: it is perfectly possible to be found guilty of libel, and punished, for publishing TRUE information about someone which besmirches their reputation. I'm also curious as to what constitutes 'published in the UK'. A mailing list hosted outside the UK would not, IMHO, constitute 'publication in the UK', regardless if some of the recipients were reading it there, any more than, say, a US printed magazine becomes 'published in the UK' if some of it's subscribers are in that country. Ditto for a web site hosted outside of the country (though the UK has cracked down on Brits running overseas porn web sites from Britain). Peter
RE: X.BlaBla in PGP??? BWAHAHAHAHAHA!!!!
At 21:36 3/6/2000 -1000, Reese wrote: But although Phill has been intentionally obtuse in this debate, most likely for his own amusement, he also has the substantial advantage of knowing what he's talking about on at least this narrow point. "Reese" responded with open-source dogma straight from slashdot, and wasn't prepared to engage on the general principles. Straight from slashdot? Interesting observation, since I don't read that publication. I must have picked up the tenets of that argument somewhere else? Yep. Slashdot.org is just an example of the philosophy, if it can be called that, in its most distilled form. Phill upped the ante with an apparent libel threat, with prompted "Reese" to back down. Yep, I spooked. Shouldn't have, in retrospect. Yep. But apparent libel threats in the course of a technical mailing list discussion is uncalled for. What, he's a brit? That's rather an understatement. -Declan
Re: X.BlaBla in PGP??? BWAHAHAHAHAHA!!!!
Thanks McCullah, This response has nothing to do with what you are discussing- but the pomposity and the way the guys take them selves so serious is aboslutely insane.I have listened in to so many of these arguments, that are sometimes mean spitfeul,and sarcastic and without an iota of humor that it all becomes absurd.I won`t call names but these guys talk more like theologians of the middle ages citing religious edics of a bygone age.These guys are so self-righteous in their technical and political deliberations that there`s no room for doubt, error or amibiguites.Amen let`s lighten up a bit.No issue is too serious that there can be no place for laughter, a little mirth and sometimes just pure silliness.Where there`s no zhumor the spirit perishes, and the withers and then eventually expires permanently, maybe With friendly greetings gil tucker - Original Message - From: Declan McCullagh [EMAIL PROTECTED] To: Reese [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Tuesday, March 07, 2000 5:25 AM Subject: RE: X.BlaBla in PGP??? BWAHAHAHAHAHA This has been an amusing, if for the most part useless, debate. Phill is undeniably pompous, and takes himself far too seriously. "Reese" seems to share these same affectations, and in addition appears (based on the limited sampling of posts I've read) likes to shower the cpunx list with usually-incomprehensible gibberish, inventive grammar, and a snarkily juvenile attitude to match. But although Phill has been intentionally obtuse in this debate, most likely for his own amusement, he also has the substantial advantage of knowing what he's talking about on at least this narrow point. "Reese" responded with open-source dogma straight from slashdot, and wasn't prepared to engage on the general principles. Phill upped the ante with an apparent libel threat, with prompted "Reese" to back down. That's unfortunate on both sides. "Reese" could have challenged Phill on details and used some of the recent Linux collaborative developments to bolster his own argument. Phill didn't need to resort to what appears to be a vacuous legal threat: Calling him "undeniably pompous," for instance, might be actionable in the UK, but not in the US where truth, fortunately, remains an absolute defense against libel. :) Recommendation: "Reese" should pick up judgement-proofing tips from Duncan. Score: "Reese" 3, Phill 5 -Declan At 17:29 3/6/2000 -1000, Reese wrote: Fine, you win, whatever. Now go away - and next time, don't threaten (offlist) a writ of libel, go for it. Put your money where your pompousity is or shut up. Reese At 09:40 PM 3/6/00 -0500, Phillip Hallam-Baker wrote: The speech by Brian Valentine was well reported at the time. If you needed to verify the statement you could have done so yourself at the Microsoft site. The only reason that the statement required confirmation in your view is that you have such a fixed world view that your mind is not capable of processing data that conflicts with it - the appearance of which causes an ABEND and core dump. The definition of 'peer review' has nothing to do with the definition of 'open source'. The two terms are in fact entirely orthogonal, most open source software has not been reviewed, most peer reviews are closed. Just because peer review is good and open souce is good does not mean that peer review = open source. The issue is the quality of the peer review, not the context in which it takes place. I perform peer reviews for real companies, I also design internal processes to ensure that thorough reviews take place. It is a time consuming and very costly process. If nobody with a white hat actually does any peer review on your open source code and tells you the problems you have weakened your security, not strengthened it. With the exception of a handfull of very frequently used programs such as Apache, the mere fact of putting code in the public domain does nothing for security since the number of experts qualified to perform a peer review is vanishingly small (perhaps a few hundred) and they charge significant fees for their services. Most times the review is not of consumer oriented software at all but an installation where there are particular security issues that must be examined. I very much doubt that the average reader of this list is prepared to donate their services for free to a random bank. Ten years ago a bunch of folk were putting out the idea that 'neural nets' and 'genetic algorithms' were a means of solving any problem at all without doing any actual work. The idea that 'open source' is a panacea for security is equally bogus. Revising my ealier statement, security through bogosity is no security at all. Phill Attachment Converted: "C:\Eudora\Attach\smime12.p7s"
Re: X.BlaBla in PGP??? BWAHAHAHAHAHA!!!!
Probably one for fight-sense-or-ship, my lawyers told me that the chappie who was after me could have got a UK court judgement enforced in the US. Ironically enough the judge that rulled on the only one of his cases to reach court made in open court the exact same allegation alledged to have been made. Phill - Original Message - From: Declan McCullagh [EMAIL PROTECTED] To: Phillip Hallam-Baker [EMAIL PROTECTED]; Reese [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, March 07, 2000 11:06 PM Subject: Re: X.BlaBla in PGP??? BWAHAHAHAHAHA At 22:55 3/7/2000 -0500, Phillip Hallam-Baker wrote: And actually, UK libel law extends to any material published in the UK, so it would be possible to bring an action in the UK against a cypherpunks poster. Yep, but the logical response has to be: Who cares? And: So what? For example, the governments of Burma and Zambia would rather like to lock me up for what I published regarding them on the Net, but pardon me for not being overly worried. One might have to curtail travel plans, sure, but otherwise pissing off foreign states is not just a good idea, cypherpunkly-speaking, it's rather good sport. -Declan
Re: X.BlaBla in PGP??? BWAHAHAHAHAHA!!!!
Oh I could probably flame on open source software quite as well as a slashdot weenie. After all I did share a building with Stallman himself once you know. He was quite keen on the idea of doing particle physics experiments in orbit - lots of vaccum there, save costs. And actually, UK libel law extends to any material published in the UK, so it would be possible to bring an action in the UK against a cypherpunks poster. Not that I would employ such an unfair law. Indeed folk can read my recent letter in the Guardian on the topic www.guardian.co.uk. Folk can also discover the judge's published opinion on the chap who sued me if they grovell round the site. If Reese had taken the most elementary steps to find out who he was flaming he would soon discover much more interesting ammo that anyone on the list who actually works in computer security knows. I do after all have a considerable financial interest in the success of PKIX based infrastructure. Thats not why I was making the argument however. I believe that if people are serious about privacy and using crypto to achieve privacy goals they should be encouraging people to use the tools they already have that are fit for the task, rather than what too many folk are doing - actively discouraging them. Phill
RE: X.BlaBla in PGP??? BWAHAHAHAHAHA!!!!
"Phillip Hallam-Baker" [EMAIL PROTECTED] writes: I think you are probably refering to Ron's paper in FC'98. I presented an alternative and somewhat radical architecture at RSA'99 which demonstrated that it was practical to distribute revocation info in real time for a population of 5 billion certs. There are many good alternatives (actually pretty much everything is better than CRL's, so it's difficult to come up with a bad alternative), but the problem they all have is that they're not CRL's. To paraphrase Bob Jueneman "The market has spoken. The answer is CRL's, although noone can quite remember what the question was". Given that it's going to be very difficult to make any headway against this unless you've got a vertical-market application where you can design things the way you want them, my approach has been to try to turn CRL's into a silk purse through some form of reprocessing (a CRL - OCSP gateway would be an example of this). That way, you can pretend to have CRL's (giving the customer exactly what they asked for) while also having a system which works. The warning from Padlipsky's "Elements of Networking Style" is still appropriate here though for anyone trying to work around the problem of CRL's: "The schoolmen couldn't find how many teeth a horse had in Aristotle; a student suggested they look in some horses mouths. They expelled him". Peter.
RE: X.BlaBla in PGP??? BWAHAHAHAHAHA!!!!
This has been an amusing, if for the most part useless, debate. Phill is undeniably pompous, and takes himself far too seriously. "Reese" seems to share these same affectations, and in addition appears (based on the limited sampling of posts I've read) likes to shower the cpunx list with usually-incomprehensible gibberish, inventive grammar, and a snarkily juvenile attitude to match. But although Phill has been intentionally obtuse in this debate, most likely for his own amusement, he also has the substantial advantage of knowing what he's talking about on at least this narrow point. "Reese" responded with open-source dogma straight from slashdot, and wasn't prepared to engage on the general principles. Phill upped the ante with an apparent libel threat, with prompted "Reese" to back down. That's unfortunate on both sides. "Reese" could have challenged Phill on details and used some of the recent Linux collaborative developments to bolster his own argument. Phill didn't need to resort to what appears to be a vacuous legal threat: Calling him "undeniably pompous," for instance, might be actionable in the UK, but not in the US where truth, fortunately, remains an absolute defense against libel. :) Recommendation: "Reese" should pick up judgement-proofing tips from Duncan. Score: "Reese" 3, Phill 5 -Declan At 17:29 3/6/2000 -1000, Reese wrote: Fine, you win, whatever. Now go away - and next time, don't threaten (offlist) a writ of libel, go for it. Put your money where your pompousity is or shut up. Reese At 09:40 PM 3/6/00 -0500, Phillip Hallam-Baker wrote: The speech by Brian Valentine was well reported at the time. If you needed to verify the statement you could have done so yourself at the Microsoft site. The only reason that the statement required confirmation in your view is that you have such a fixed world view that your mind is not capable of processing data that conflicts with it - the appearance of which causes an ABEND and core dump. The definition of 'peer review' has nothing to do with the definition of 'open source'. The two terms are in fact entirely orthogonal, most open source software has not been reviewed, most peer reviews are closed. Just because peer review is good and open souce is good does not mean that peer review = open source. The issue is the quality of the peer review, not the context in which it takes place. I perform peer reviews for real companies, I also design internal processes to ensure that thorough reviews take place. It is a time consuming and very costly process. If nobody with a white hat actually does any peer review on your open source code and tells you the problems you have weakened your security, not strengthened it. With the exception of a handfull of very frequently used programs such as Apache, the mere fact of putting code in the public domain does nothing for security since the number of experts qualified to perform a peer review is vanishingly small (perhaps a few hundred) and they charge significant fees for their services. Most times the review is not of consumer oriented software at all but an installation where there are particular security issues that must be examined. I very much doubt that the average reader of this list is prepared to donate their services for free to a random bank. Ten years ago a bunch of folk were putting out the idea that 'neural nets' and 'genetic algorithms' were a means of solving any problem at all without doing any actual work. The idea that 'open source' is a panacea for security is equally bogus. Revising my ealier statement, security through bogosity is no security at all. Phill Attachment Converted: "C:\Eudora\Attach\smime12.p7s"
RE: X.BlaBla in PGP??? BWAHAHAHAHAHA!!!!
You have cut up my comment in a way that makes it look like I am saying something different from what I intended. I am not saying S/MIME as implemented in Outlook or Netscape is hard to use in general. On the contrary, I think it is a shame that secure e-mail clients are on most people's desktops and are not being used. Sorry, but I don't see how else I could interpret it in the context of S/MIME vs. PGP. What I am saying is that it is way to hard to initially establish a secure link between two individuals who know each other. That is the most common need for individual users. OK, you need to use a program called MAKECERT.EXE that comes with Office 2000. This creates a self signed cert. The two users can then exchange their certs and authenticate them out of band (by telephone for example) if they really fear a man in the middle attack. The hassle involved is pretty much identical to the hassle of PGP keysigning and all that stuff. I disagree that this is more work than applying for a Thawte cert but then again I would wouldn't I being that I'm the big brother CA and all that. It should not be much harder for two individuals to exchange keys than it is to get on each other's AOL buddy lists. The right tool for key exchange could make it that easy. I agree and have made the same argument. The problem being that bilateral key exchange is a considerably more risky process than routing stuff through a CA. The best solution to the problem would be to persuade ISPs to support key generation and cert issue as a part of the whole sign up process. Then it is quite easy to make the whole process completely transparent to the user. At the moment, Thawte makes getting a cert harder than it needs to be. Go to www.thawte.com and you have to wade through three pages of gobbledygook before you even get to the registration page. OK, try VeriSign :-) The point is that there are now 30 odd companies (including mine) that have made an industry out of X.509v3, PKIX, S/MIME and all the rest. It is not just VeriSign that has based it's product line on X.509v3, it is also Baltimore, Entrust, X-Cert, Valicert and practically all the rest of the security specialists. The PKI world is very different to what it was in 1990. There is now a PKI infrastructure out there that works for non-trivial problems. I was originally reacting to a post that appeared to be entirely unaware of the changes that have taken place since PGP was released. The point about PGP was never the code or the email message format, it was a means of breaking a particular logjam. Phil Z. walked away from the working group and cooked up his own solution that proved that a less heavyweight approach was viable, the Gordian knot was cut. Now I like most others in the industry are happy that Phil Z. cut the knot but that does not mean that the people who stayed AT the table had nothing to contribute, far from it. As I have said before, X.509 was the thesis, PGP the antithesis and PKIX represents the synthesis. The dilectic has lead to considerable improvements in the PKIX design. Simply to dismiss it because its inventors were not harassed by the FBI seems somewhat arbitrary. Phill smime.p7s
RE: X.BlaBla in PGP??? BWAHAHAHAHAHA!!!!
Technically speaking it's not really supported by X.509 either because CRL's don't really work (see for example the FC'99 proceedings for more details on this, along with suggestions on how to fix it). I think you are probably refering to Ron's paper in FC'98. I presented an alternative and somewhat radical architecture at RSA'99 which demonstrated that it was practical to distribute revocation info in real time for a population of 5 billion certs. There is also the IETF work by Mike Myers and myself on OCSP and OCSP-X respectively. This isn't a problem with Outlook or MS (for once :-) but a problem with the whole CRL concept. Agreed, I see CRLs as a draft architecture that was good enough for circa 1990 but not so hot come deployment a decade later. But it is quite possible to provide a workable solution in context. An option which I like (because it's efficient and fast) is to have a BIND-style daemon which snarfs CRL's from wherever[0] every now and then and answers validity check queries very quickly (millisecond response time, so the user won't even notice it's happened). I hope to have a paper on this out RSN. I will send you the paper I wrote for RSA '99. I describe precisely that type of architecture. The argument I make is that we should migrate to that type of architecture in the long term. OCSP provides a very usefull staging ground. Phill smime.p7s
Re: Slick Willy Needs PGP
At 09:06 PM 3/5/00 -0500, Duncan Frissell wrote: NYT - March 4, 2000 Clinton Calls for Stronger Measures to Protect the Privacy of Computer Users SAN JOSE, Calif., March 3 --President Clinton said today that he considered cyberspace too insecure for him to correspond privately by e-mail with his daughter, Chelsea, who is away at college. And that he's been told that, were he to use PGP, he would be trashing National Security, by virtue of the publicity.. Besides, he still worries about the monica tapes they have..
Re: X.BlaBla in PGP??? BWAHAHAHAHAHA!!!!
Reese writes: It was announced at RSA in the Microsoft keynote speach. Was it? I wasn't in attendence. A confirmation is now required. I was too, 128 bit export of W2K was announced there, as it also was at the San Francisco W2K launch. It was also bandied about for a few weeks before RSA. What it really means, I dunno. See also www.microsoft.com/presspass/press/2000/Jan00/encryptionPR.asp
Re: X.BlaBla in PGP??? BWAHAHAHAHAHA!!!!
- Original Message - From: "Phillip Hallam-Baker" [EMAIL PROTECTED] To: "Arnold G. Reinhold" [EMAIL PROTECTED]; "Reese" [EMAIL PROTECTED]; "William H. Geiger III" [EMAIL PROTECTED] Cc: "R. A. Hettinga" [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Sunday, March 05, 2000 11:17 PM Subject: RE: X.BlaBla in PGP??? BWAHAHAHAHAHA I think the problem with S/MIME is that it violates a major principle of software usability: make the most commonly performed tasks the easiest to accomplish. You find clicking on the little icons difficult? This is just more of the same - parotting out some slogan you read in some book in the hope it might be applicable. The fact that you make the accusation tends to imply that you have never used S/MIME. FYI, according to outlook express you a mail message was signed but after clicking the security icon I am told that "You have turned off revocation checking." with no way of turning it on. As far as I'm concerned, the message is cryptographically sound but essentially useless because I don't know you or have any way of verifying that the certificate is still valid. Going to the Thawte server to get a free 12 month cert is hardly a difficult process. actually, it will be as soon as VeriSign finishes purchasing Thawte and VeriSign makes its monopoly on certificates effectively complete. On the other hand, I could go ahead and build my own certification authority which makes my certificates cryptographically correct but still effectively useless because nobody can verify the root CA certificate. --- eric
Re: Slick Willy Needs PGP
Duncan Frissell wrote: Before Christmas last year, Mr. Clinton ordered some gifts over the Internet, an experience he still talks about in his speeches. Incredible that this guy is trying to set technology policy Of course, if he acknowledged using PGP, or even acknowledged that crypto could provide privacy for citizens (as opposed to the military) all hell would break out with Freeh, et. al. In one of the news articles I read (San Jose Mercury??) this point was indeed made. Notice how the government mindset immediately looks to privacy by more laws, rather than the (in this case, at least) much more efficient privacy through (relatively straighforward) technology. jay
Re: Re: Slick Willy Needs PGP
Jay holovacs wrote: Notice how the government mindset immediately looks to privacy by more laws, rather than the (in this case, at least) much more efficient privacy through (relatively straighforward) technology. what did you expect? lawmaking is their business. if all you have is a hammer...
Re: X.BlaBla in PGP??? BWAHAHAHAHAHA!!!!
At 12:02 PM 3/5/00 -0500, Phillip Hallam-Baker wrote: Source, or "a proof" please, since I don't recognize your name as being authoritative regarding what M$ does and/or does not contain. It was announced at RSA in the Microsoft keynote speach. Was it? I wasn't in attendence. A confirmation is now required. To ask for a source is perhaps understandable, to demand confirmation is simply an insult, you arrogant git. This is information you should know if you are going to pontificate on the relative security of software solutions. Then, "peers" is left to the interpretation of who? If it isn't open, then it wasn't a true peer reviewal, was it? You clearly don't understand the term peer review, go ask an academic publisher. The term has been in use for a century. yes, it is arguable - this is not germaine to declarations of what is/is not contained in a commercial product. On the contrary, it is the crux of the matter. Commercial products that ship as assembly code alone must be examined in the same manner. Otherwise you haven't examined the product the customer uses. The biggest threat to security in my view is dogma. An idea that is correct in one circumstance is promoted to the status of holy doctrine and applied in circumstances where it is ridiculous. The biggest threat to security in my view, is sheeple meets big sister. This is just political blather that has nothing to do with security. What you are doing is promoting INSECURITY by applying dogma you read in some Internet email and clearly don't understand. There are very few absolutes in security, and issues such as open source code review are at best secondary, if not tertiary concerns. Yes I would prefer to have code that is open source reviewed over code that has not, ALL OTHER THINGS BEING EQUAL. But on the other hand I would much rather have code that I know has been reviewed by an expert under non disclosure to code that I happen to have the source code for but I don't know has actually been examined. In either case I would prefer code that implements an architecture that can meet the security needs of an application than code which does not. I think we should call this 'Security through dogma' and list it next to 'Security through Obscurity" as another fallacy. Now you've gone off the deep end. We weren't discussing efficacy of S/MIME but rather what is/is not contained in M$ products and whether it has received proper peer review or not. Read the thread, we were actually discussing the security of S/MIME. Phill
Re: X.BlaBla in PGP??? BWAHAHAHAHAHA!!!!
FYI, according to outlook express you a mail message was signed but after clicking the security icon I am told that "You have turned off revocation checking." with no way of turning it on. As far as I'm concerned, the message is cryptographically sound but essentially useless because I don't know you or have any way of verifying that the certificate is still valid. Revocation checking is important, and in point of fact something that is not really supported in the PGP architecture unless one counts the self signed key revocations. If that was one of my VRSN .sigs then you could check revocation status at VeriSign. I do agree that it would be better if there was full revocation checking, this is meant to be a Win2K feature BUT I have not yet examined the final product. Also I would have to get my cert re-issued with a CDP installed. Phill
RE: X.BlaBla in PGP??? BWAHAHAHAHAHA!!!!
You have cut up my comment in a way that makes it look like I am saying something different from what I intended. I am not saying S/MIME as implemented in Outlook or Netscape is hard to use in general. On the contrary, I think it is a shame that secure e-mail clients are on most people's desktops and are not being used. What I am saying is that it is way to hard to initially establish a secure link between two individuals who know each other. That is the most common need for individual users. I write Dummies books (e.g. E-mail for Dummies, Internet for Dummies Quick Reference, ...) so these people, not corporate users, are my customers and my area of interest. Asking two individuals who want to correspond in private to each get a Thawte cert is far too much to ask. It should not be much harder for two individuals to exchange keys than it is to get on each other's AOL buddy lists. The right tool for key exchange could make it that easy. At the moment, Thawte makes getting a cert harder than it needs to be. Go to www.thawte.com and you have to wade through three pages of gobbledygook before you even get to the registration page. I am not talking about the CPS, just the initial pages. Take a look. But even if Thawte got its act together, I have a hard time understanding why people have to give a corporation their date of birth and social security number just so they can correspond in private with a friend. Then there is the question of just what legal obligations you are undertaking when you get a Thawte cert. Most users cannot protect their private keys from theft. What is your liability if it is stolen? There is no need for people to have to deal with that exposure just to have private e-mail. The biggest challenge I face in my work is comprehending just how confusing our world of computers and networks is to people without a technical background. Certs are way over their heads. PGP is far from being simple enough but at least it handles the simple case of two people wanting privacy. I agree that PGP has limitations in verifying identity or enabling digitally signed contracts. I am not even sure that either are in consumers' interests, particularly in the absence of mechanisms to fully protect their private keys. In any case, identity and privacy are two separate problems. Remember what the initial PGP stand for. Arnold Reinhold P.S. I love the Windows interface. It sells my books. Exercise: Write a step by step description of transferring a file from a removable disk to a folder on the hard drive in Windows. Now do the same thing for a Mac. At 11:17 PM -0500 3/5/2000, Phillip Hallam-Baker wrote: I think the problem with S/MIME is that it violates a major principle of software usability: make the most commonly performed tasks the easiest to accomplish. You find clicking on the little icons difficult? This is just more of the same - parotting out some slogan you read in some book in the hope it might be applicable. The fact that you make the accusation tends to imply that you have never used S/MIME. I note that you are not signing your emails with PGP, wheras I sign every one of my messages with S/MIME (except for those I send from the PalmVI or RIM which I don't yet have an S/MIME client for). I sign every one of my messages because S/MIME makes that easy. Anyone who is reading the message with a recent edition of a major email client (except Eudora) can check the signature without downloading the plug-in. Is this about persuading as many people as possible to use strong crypto? Most people who want e-mail security have a one or a few corespondents with whom they wish wish to exchange e-mail in secrecy. Most corporations want to deplopy S/MIME to employees desktops without the employees having to think very much about the process. Going to the Thawte server to get a free 12 month cert is hardly a difficult process. S/MIME, at least as widely implemented, makes doing that hard, That is your personal opinion, not a statement of universal fact. I would regard it in the same category as people who say that 'Macintosh is easy to use', meaning 'it is what I am used to and what I find easiest to use'. I personally think the Mac user interface sucks, especially the mechanism for ejecting disks. Go roung the MIT AI lab and I guarantee you that where you find a Mac, an unwrapped paperclip for popping out disks and CDROMS is not far away. In the same fashion, I find explaining the Web of Trust idea to folks who are not highly computer litterate a challenge to say the least. To claim that there is such a substantial difference in ease of use between S/MIME and PGP that one is unusable is simply ridiculous. PGP is in my view popular with people who want to have absolute control over their environment - even if that is at the expense of security. To use PGP securely, one pretty much has to only use keys signed by people you know are meticulous
RE: X.BlaBla in PGP??? BWAHAHAHAHAHA!!!!
At 12:02 PM -0500 3/5/2000, Phillip Hallam-Baker wrote: ... If you think that the problem with S/MIME is the lack of an open source client then do what the cypherpunks list *used* to be about - write some code to do the job the way *you* think is correct. The standard is published by the IETF and there are probably open source toolkits circulating. I think the problem with S/MIME is that it violates a major principle of software usability: make the most commonly performed tasks the easiest to accomplish. Most people who want e-mail security have a one or a few corespondents with whom they wish wish to exchange e-mail in secrecy. S/MIME, at least as widely implemented, makes doing that hard, at least while we are waiting for the great PKI in the sky. PGP is a lot easier to use in that application. A better hack than an open source S/MIME implementation might be a user friendly tool that made exchanging keys with friends as easy or easier than with PGP. Arnold Reinhold
RE: X.BlaBla in PGP??? BWAHAHAHAHAHA!!!!
Every copy of Windows 2000 and Windows millenium will have full strength 128 bit crypto in the base O/S. Source, or "a proof" please, since I don't recognize your name as being authoritative regarding what M$ does and/or does not contain. It was announced at RSA in the Microsoft keynote speach. None of them have been tested nor peer-reviewed. That is untrue. Unpublished source is not peer-reviewed, by definition. The definition of 'Peer review' is 'review by peers', i.e. equals. It does not have to be an open process. Open source is a better form of peer review but it is not the only form. Netscape Microsoft had no choice on that point on the licensing terms when they bought in the BSafe toolkit from RSA. Nevertheless the RSA toolkit source has been extensively examined by most folk writing code in the industry with a US passport. If you had said 'none of them has been subject to open source review' you would have been correct 'by definition'. As it is your statement had nothing to do with the definition of 'peer review', and was in any case wrong. It is arguable that if one is reviewing the security of a crypto product one should examine the assembly language code and not the source code in any case. How else can you be sure that the shipped code is the code you reviewed? Performing a review of the assembly code is no harder than performing one on the source, it just means that you have to teach your intern assembly language instead of C :-) The biggest threat to security in my view is dogma. An idea that is correct in one circumstance is promoted to the status of holy doctrine and applied in circumstances where it is ridiculous. Take for example Moriss's idea of storing password in a salted, one-way encrypted file and relying upon encryption and not the file system protections for security. Not such a bad idea in 1970, but a terrible one once machines are powerful enough to run dictionary attacks on the password file. There are still lunatics today who will argue to death that 'shadow password files' in UNIX *introduce* insecurity. Seven years ago those lunatics were directly responsible for the password scheme in HTTP sending passwords out in cleartext over the Internet rather than using a MAC challenge approach. This narcisism of the small difference has more to do with folk puffing up their own ego than security. What is easier, to police rigid adherence to some doctrine or to actually *think* for yourself? If you think that the problem with S/MIME is the lack of an open source client then do what the cypherpunks list *used* to be about - write some code to do the job the way *you* think is correct. The standard is published by the IETF and there are probably open source toolkits circulating. Phill smime.p7s
Re: X.BlaBla in PGP??? BWAHAHAHAHAHA!!!!
At 5:29 PM -0500 on 3/1/00, R. A. Hettinga wrote: First XCert (nice guys, and all, but...) do WOT in X.509. Now Sonera does X.509 in PGP. The ganglia twitch... Wait a minute. If I remember correctly, *Thawte* does X.509 in PGP, already, right? Oh, well. I guess it stopped being funny a long time ago... Cheers, RAH -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
RE: X.BlaBla in PGP??? BWAHAHAHAHAHA!!!!
I think the problem with S/MIME is that it violates a major principle of software usability: make the most commonly performed tasks the easiest to accomplish. You find clicking on the little icons difficult? This is just more of the same - parotting out some slogan you read in some book in the hope it might be applicable. The fact that you make the accusation tends to imply that you have never used S/MIME. I note that you are not signing your emails with PGP, wheras I sign every one of my messages with S/MIME (except for those I send from the PalmVI or RIM which I don't yet have an S/MIME client for). I sign every one of my messages because S/MIME makes that easy. Anyone who is reading the message with a recent edition of a major email client (except Eudora) can check the signature without downloading the plug-in. Is this about persuading as many people as possible to use strong crypto? Most people who want e-mail security have a one or a few corespondents with whom they wish wish to exchange e-mail in secrecy. Most corporations want to deplopy S/MIME to employees desktops without the employees having to think very much about the process. Going to the Thawte server to get a free 12 month cert is hardly a difficult process. S/MIME, at least as widely implemented, makes doing that hard, That is your personal opinion, not a statement of universal fact. I would regard it in the same category as people who say that 'Macintosh is easy to use', meaning 'it is what I am used to and what I find easiest to use'. I personally think the Mac user interface sucks, especially the mechanism for ejecting disks. Go roung the MIT AI lab and I guarantee you that where you find a Mac, an unwrapped paperclip for popping out disks and CDROMS is not far away. In the same fashion, I find explaining the Web of Trust idea to folks who are not highly computer litterate a challenge to say the least. To claim that there is such a substantial difference in ease of use between S/MIME and PGP that one is unusable is simply ridiculous. PGP is in my view popular with people who want to have absolute control over their environment - even if that is at the expense of security. To use PGP securely, one pretty much has to only use keys signed by people you know are meticulous in checking credentials. In my case that means I only use keys signed by Jeff Schiller. Now I have the advantage of actually knowing Jeff, but for the life of me I can't see the scalability in that solution. What do I do if I want to speak to someone who hasn't yet met Jeff - buy them an air ticket to Cambridge MA so they can meet him? As you say, it would be quite easy to write an S/MIME key signing tool, CAPI provides all the necessary functionality, it just needs a UI. PGP is unfortunately not scallable to commercial usage. It is therefore only a partial solution for a restricted community. There is absolutely no way that PGP could provide a PKI structure to support applications such as Identrus or ANX. Unfortunately PGP is only about privacy. PGP does not provide any meaningfull or usefull statement about identity. The integrity capabilities of PGP are as a result not usefull if one wishes to provide any degree of assurance with respect to the enforcement of digitally signed contracts. Phill smime.p7s
Re: X.BlaBla in PGP??? BWAHAHAHAHAHA!!!!
In 003701bf84c2$d4fc4e50$[EMAIL PROTECTED], on 03/02/00 at 09:44 PM, "Phillip Hallam-Baker" [EMAIL PROTECTED] said: Wait a minute. If I remember correctly, *Thawte* does X.509 in PGP, already, right? Shure does, the problem with the analysis many have been making is that it is 5 years out of date. X.509v1 had problems, the PEM system based on X.509v1 had worse problems. PGP represented the antithesis of PEM, presenting a usefull criticism. X.509v3 and the PKIX architecture are the synthesis of both sets of ideas. It is time to move on from the state of crypto in 1992 when PGP first surfaced. It is NOT the most widely used email security solution by the way. Lotus Notes has held that position for many years. Today the 60 million S/MIME clients define the standard (Notes R5, Microsoft, Netscape...). This is pure FUD worthy of Sternlight himself (as a matter of fact he has been using this false argument for years). There may we be more than 60 million S/MIME clients out there if you count every copy of OutLook Netscape but of how many are actually being used for e-mail? I would have to say that it is a very small percentage of the entire installation base. Now out of those who are using these clients for e-mail an even smaller percentage are making use of the S/MIME protocols. +60 million installations != 60 million S/MIME users. This does not even address the millions of S/MIME clients out there that only provide a substandard level of encryption to it's users. Export versions of S/MIME clients are BAD (Broken As Designed). Almost every S/MIME client is closed source. The applications are closed source the crypto libs are closed source. None of them have been tested nor peer-reviewed. Both Microsoft Netscape (IMHO) have been criminally negligent when it comes to the security of their products. Even if they have not put in back doors for their own use and the use of others, their sheer incompetence in the field of data security makes the use of their products unrecommended. S/MIME is a standard but it is not *the* standard for e-mail encryption digital signatures. -- --- William H. Geiger IIIhttp://www.openpgp.net Geiger Consulting Data Security Cryptology Consulting Programming, Networking, Analysis PGP for OS/2: http://www.openpgp.net/pgp.html ---
Re: X.BlaBla in PGP??? BWAHAHAHAHAHA!!!!
In p04310102b4e34917c9e4@[38.26.2.8], on 03/01/00 at 04:29 PM, "R. A. Hettinga" [EMAIL PROTECTED] said: First XCert (nice guys, and all, but...) do WOT in X.509. Now Sonera does X.509 in PGP. The ganglia twitch... Actually NAI did X.509 in PGP quite a while ago. Should be interesting to see what Sonera is claiming patents on. -- --- William H. Geiger IIIhttp://www.openpgp.net Geiger Consulting Data Security Cryptology Consulting Programming, Networking, Analysis PGP for OS/2: http://www.openpgp.net/pgp.html ---
Re: PGP?
On Sun, Feb 13, 2000 at 12:14:26AM -0800, Bill Stewart wrote: At 01:55 PM 02/10/2000 -0700, Forrest Halford wrote: I am wondering what the consensus is on the security of the newer versions of PGP vs the 2.x series? What think all ye Cypherpunks? It's all been discussed long ago. The advantage of the 2.x series it was small enough there was some chance of reading the code and finding the bugs, whereas newer versions are out of control, with creeping featuritis, guis, Microsoft-like bloatware, etc. However, there are serious problems in the 2.x versions that are fixed in the later versions, which justify switching. GPG is probably worth considering as well. -- 1024/D9C69DF9 steve mynott [EMAIL PROTECTED] http://www.pineal.com/ gravity cannot be held responsible for people falling in love. -- albert einstein
