Re: [cdr] Re: GPG Sig test
Thus spake Eric Murray ([EMAIL PROTECTED]) [13/09/03 04:32]: If someone knows how, please tell me. Well, according to http://scifi.squawk.com/demime.html, he says that demime is /designed/ to break and remove attachments. So if you modify it, you'll need to maintain it -- he won't accept patches for it. Which is unfortunate. The very fact that he refuses to accept patches for this, and doesn't give you the option of not removing it, makes me think you should use a different MIME cleanser (AlterMIME? Anomy Sanitizer? procmail?). If you stick some code in at the top that checks for $head{'content-type',0} containing application/pgp (see around line 1820 for details on matching), and exit if that condition matches, then you should be able to work around it.
Re: [cdr] Re: GPG Sig test
Thus spake Bill Frantz ([EMAIL PROTECTED]) [10/09/03 22:27]: [demime 0.97c removed an attachment of type application/pgp-signature which had a name of signature.asc] For some reason this mail tickled my sense of humor. Try sending the message without MIME. *Please*, for the sake of all that is good and sane, stick with PGP/MIME signatures. Configure your demime to *not* strip attachments of application/pgp-signature. I know there's two strong camps, but I *hate* inline PGP with a passion. It clutters up the message, and most people (and mail clients) don't have the sense to strip out the PGP cruft when quoting.
Re: GPG Sig test
On Fri, Sep 12, 2003 at 02:08:00PM -0400, Damian Gerow wrote: Configure your demime to *not* strip attachments of application/pgp-signature. If someone knows how, please tell me. Eric
GPG Sig test
Can someone verify this message? Someone told me that my signatures were coming up invalide for some reason. I just created a new key recently (old one expired months ago). I just uploaded it to keyserver.pgp.net Thanks! -- Mark Renouf [EMAIL PROTECTED] signature.asc Description: This is a digitally signed message part
Re: .sig
On Tuesday, March 4, 2003, at 04:57 PM, Eugen Leitl wrote: On Tue, 4 Mar 2003, Tim May wrote: Yeah, I agree. It's time I retired that .sig. PLONK. Move .sig. For great justice. --Tim May The only purpose for which power can be rightfully exercised over any member of a civilized community, against his will, is to prevent harm to others. His own good, either physical or moral, is not a sufficient warrant. --John Stuart Mill
Re: .sig
On Tue, 4 Mar 2003 14:33:59 -0800, you wrote: At 1:08 PM -0800 3/4/03, Tim May quoted: If I'm going to reach out to the the Democrats then I need a third hand.There's no way I'm letting go of my wallet or my gun while they're around. --attribution uncertain, possibly Gunner, on Usenet Would the converse read? If I'm going to reach out to the Republicans then I need a third hand. There's no way I'm letting go of my wallet or my freedom while they're around. It seems to me that right now, my wallet is at risk due to the rise in federal debt, whether by depleting my savings through inflation, or by higher future taxes to pay the debt. The attack on freedom, lead by the Republicans, has been commented on so frequently here I don't need to add more. If you think your wallet is less at risk with Democrats making the tax law, or if you really think we are having inflation now (versus the risk of deflation), or that the Democrats will keep your taxes down in the future, then you need to run out and take voting lessons so you can make yours count. In your spare time, find a Democrat, or anyone else, who will stand up and be counted and fight against Patriot II, also known as the Repeal of the Bill of Rights without State Ratification. Good luck, all of them, Democrat, Republican, and Independent, are busy being panicking cowards right now. Maybe, you can figure it out. Here is a hint. Republicans are like The Rock and Democrats are like Stone Cold Steve Austin, and elections are like WWF Slap Down. It's fixed, get it? The contest is not between Dems and Repubs, it's between government and the governed.
Re: .sig
On Tuesday, March 4, 2003, at 02:33 PM, Bill Frantz wrote: At 1:08 PM -0800 3/4/03, Tim May quoted: If I'm going to reach out to the the Democrats then I need a third hand.There's no way I'm letting go of my wallet or my gun while they're around. --attribution uncertain, possibly Gunner, on Usenet Would the converse read? If I'm going to reach out to the Republicans then I need a third hand. There's no way I'm letting go of my wallet or my freedom while they're around. It seems to me that right now, my wallet is at risk due to the rise in federal debt, whether by depleting my savings through inflation, or by higher future taxes to pay the debt. The attack on freedom, lead by the Republicans, has been commented on so frequently here I don't need to add more. Yeah, I agree. It's time I retired that .sig. PLONK. --Tim May To those who scare peace-loving people with phantoms of lost liberty, my message is this: Your tactics only aid terrorists. --John Ashcroft, U.S. Attorney General
Re: .sig
On Tue, 4 Mar 2003, Tim May wrote: Yeah, I agree. It's time I retired that .sig. PLONK. Move .sig. For great justice.
Re: .sig
At 05:43 PM 03/04/2003 -0800, Tim May wrote: On Tuesday, March 4, 2003, at 04:57 PM, Eugen Leitl wrote: On Tue, 4 Mar 2003, Tim May wrote: Yeah, I agree. It's time I retired that .sig. PLONK. Move .sig. For great justice. It's a Slashdot .signature line parody of a line from ZeroWing, aka All Your Base Are Belong To Us, http://www.planettribes.com/allyourbase/story.shtml#game It's a cultural phenomenon from a couple of years ago. It you missed it, that's, ummm, your bad :-) Take your basic Japanese-made video arcade game with really bad Engrish transration. Have it get quoted and parodied extensively. Pretty short; you may enjoy it.
Re: .sig
At 1:08 PM -0800 3/4/03, Tim May quoted: If I'm going to reach out to the the Democrats then I need a third hand.There's no way I'm letting go of my wallet or my gun while they're around. --attribution uncertain, possibly Gunner, on Usenet But WAIT! *Which* gun should I hold on to? The Glock in the holster? The 38 in the ankle holster? The Derringer in the little inside pocket? The shotgun in the gun rack next to the samurai sword? Decisions, decisions! Would the converse read? If I'm going to reach out to the Republicans then I need a third hand. There's no way I'm letting go of my wallet or my freedom while they're around. But you need your third hand for the spare handcuff key, to undo the other two At 12:43 AM 03/05/2003 +, anonimo arancio wrote: If you think your wallet is less at risk with Democrats making the tax law, or if you really think we are having inflation now (versus the risk of deflation), or that the Democrats will keep your taxes down in the future, then you need to run out and take voting lessons so you can make yours count. He's not saying that - it's just that everybody _knows_ to hang onto their wallets (and their guns, if they've got them) when the Democrats are around, and some people have tended to forget that you also have to hang onto their wallets just as tightly when there are Republicans around.
Re: .sig
Republicans are like The Rock and Democrats are like Stone Cold Steve Austin, and elections are like WWF Slap Down. It's fixed, get it? The contest is not between Dems and Repubs, it's between government and the governed. Nice! GOTTA steal that quote (if only there were another board that gave a crap...) -TD From: anonimo arancio [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: .sig Date: 5 Mar 2003 00:43:51 - On Tue, 4 Mar 2003 14:33:59 -0800, you wrote: At 1:08 PM -0800 3/4/03, Tim May quoted: If I'm going to reach out to the the Democrats then I need a third hand.There's no way I'm letting go of my wallet or my gun while they're around. --attribution uncertain, possibly Gunner, on Usenet Would the converse read? If I'm going to reach out to the Republicans then I need a third hand. There's no way I'm letting go of my wallet or my freedom while they're around. It seems to me that right now, my wallet is at risk due to the rise in federal debt, whether by depleting my savings through inflation, or by higher future taxes to pay the debt. The attack on freedom, lead by the Republicans, has been commented on so frequently here I don't need to add more. If you think your wallet is less at risk with Democrats making the tax law, or if you really think we are having inflation now (versus the risk of deflation), or that the Democrats will keep your taxes down in the future, then you need to run out and take voting lessons so you can make yours count. In your spare time, find a Democrat, or anyone else, who will stand up and be counted and fight against Patriot II, also known as the Repeal of the Bill of Rights without State Ratification. Good luck, all of them, Democrat, Republican, and Independent, are busy being panicking cowards right now. Maybe, you can figure it out. Here is a hint. Republicans are like The Rock and Democrats are like Stone Cold Steve Austin, and elections are like WWF Slap Down. It's fixed, get it? The contest is not between Dems and Repubs, it's between government and the governed. _ MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. http://join.msn.com/?page=features/virus
.sig
At 1:08 PM -0800 3/4/03, Tim May quoted: If I'm going to reach out to the the Democrats then I need a third hand.There's no way I'm letting go of my wallet or my gun while they're around. --attribution uncertain, possibly Gunner, on Usenet Would the converse read? If I'm going to reach out to the Republicans then I need a third hand. There's no way I'm letting go of my wallet or my freedom while they're around. It seems to me that right now, my wallet is at risk due to the rise in federal debt, whether by depleting my savings through inflation, or by higher future taxes to pay the debt. The attack on freedom, lead by the Republicans, has been commented on so frequently here I don't need to add more. Cheers - Bill - Bill Frantz | Due process for all| Periwinkle -- Consulting (408)356-8506 | used to be the | 16345 Englewood Ave. [EMAIL PROTECTED] | American way. | Los Gatos, CA 95032, USA
Yes, I really did zeroize that key (good sig this time I think)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 (My PGP client botched the signature last time when I used the clipboard method. This time I'm using the plugin button and it should work. Stupid GUI crap.) I have devised what I believe to be a foolproof and completely portable way of setting an array of bytes to all zeroes, a common security operation in cryptography programs. void clear_bytes(char magic, char p[], int n) { int i; p[0] = magic; for (i = 1; i n; i++) p[i] = p[i-1]; for (i = 0; i n; i++) if (p[i] != magic) exit(magic); } In order to guarantee that this works, you must pass in 0 as the value of the 'magic' parameter, and you also must establish that 0 value using a method that is completely undecidable even to the most intelligent compiler optimizer theoretically possible. Here is a simple example of how we can generate this undecidable zero and pass it into the routine. int main(int argc, char *argv[]) { char array[32]; char magic = (argc 1 ? 0 : 255); clear_bytes(magic, array, sizeof(array)); return 0; } If you call this program with no command line arguments, the value of magic will be 0 and the clear_bytes is guaranteed to zero out the array. If you call this program with any command line arguments at all, the value of magic will be 255 and the clear_bytes routine will exit with code 255. So the clear_bytes routine serves a dual purpose as an assertion that the clearing operation actually occurs properly. If it doesn't, your program aborts. It is impossible for a compiler to optimize away any of this code, because you can always find a way from OUTSIDE the program to make magic take on a nonzero value and thus reach the abort condition. Of course, your program will very likely expect command line arguments, but you can use a slightly altered technique for generating the necessary magic undecidable zero. For example, if you know that your program will never be called with more than 5 arguments, just use this line: char magic = (argc 6 ? 0 : 255); In the very worst case the number of arguments to your program will be totally indeterminate, with no theoretical upper bound. This could easily happen if you expect file names with shell expansion, for example. In this case, you could simply require that the very first argument to your program must always be a specific character, for example 't'. char magic = ((argc 1 argv[1][0] == 't') ? 0 : 255); With this line, if the first argument to the program starts with a 't', magic will take on the correct value of 0. I do not recommend using anything in argv[0] because that is the actual name of your program as invoked from the command line. This could change if the executable file is renamed or if you call it with a leading path. You can always find some way to generate a magic undecidable zero. Some variation of the argc/argv technique should serve you well in all reasonable circumstances, but if you absolutely had to you could read a zero byte out of a file somewhere. Note that the clear_bytes function 'ands' each byte of the array with the previous byte, starting with the magic value. Only a magic value of 0 is guaranteed to make all the bytes zero. The second loop then checks the operation, ensuring that each byte is equal to the magic byte. This can only succeed if magic is 0 and all the bytes are 0. (Actually it could succeed with a nonzero magic value, but only if all the bytes were already equal to magic to begin with. Obviously this case is irrelevant.) So folks, this routine will definitely zero out an array, and it doesn't rely on the va_list (vararg) technique described in Welschenbach's book. Personally I rarely use global variables, so I like to pass the magic value around as an explicit parameter wherever it is needed. But you could use a global magic variable if you preferred. - - -- Patrick http://fexl.com -BEGIN PGP SIGNATURE- Version: PGP 8.0 iQA/AwUBPl71Y1A7g7bodUwLEQKoywCgg50VenX0boJAeIxrNIYI9KAmhR0AoOvJ XByLpkEtgt9QhFbmiHokzC3V =ZLC3 -END PGP SIGNATURE-